I have EVPN+VxLAN (Including vPC for VTEP) network without Anycast Gateway. My all VLAN/VNI are pure L2VNI because of legacy design. my all VLAN hosts gateway is Centralized Cisco ASA firewall (for security reason). Now i am planning to enable suppress-arp feature but Cisco Document saying you need to have L3VNI/Anycast gateway otherwise it will create unknown issues. for testing i have enabled arp-suppression and found very strange issues with DHCP packet it created broadcast storm. (so cisco was right)
For more experiment i have create Anycast Gateway with foo ip address like 10.0.0.4/24 to just satisfied cisco L3VNI requirement for arp-suppression. (My all VLAN host gateway is still Cisco ASA).
Look like it works, i am not seeing any flooding in network which i have noticed earlier.
Question: is it ok to have anycast gateway on any foo ip address and host still pointing to Cisco ASA.
No comments:
Post a Comment