All,
I'm looking to stretch my DC using VXLAN/EVPN, and want to utilize all possible entry points into the DC's. My 2 sites are 7 miles apart, and use DWDM that we manage to get between sites. I don't think I need to really examine that portion too much, I'm fairly confident in my design there, but I do want to know how many of you guys are using active/active Palo HA pairs split across 2 sites. Latency is less than 4ms in both regular and protect path, so that shouldn't be a concern. We're able to spin up to 40G to connect HA2 for session sync and all that, so I don't see that being an issue. Other than troubleshooting what flow is where, are there and other really prominent issues with this? What would I lose by doing active/passive other than another entryway into the DC? Palo is recommending against it saying they don't have as many customers doing it, but if it weren't a supported design, it shouldn't be an option, right? If anybody can tell me their experiences with it, and any of the gotchas, I'd love to hear them. Thanks a ton.
No comments:
Post a Comment