Cisco ACI Remote Leaf Requirements
What is a Remote Leaf
The ACI remote leaf switch deployment helps the customers to extend ACI fabric (ACI services and APIC management) to remote data centers where there is no local spine switch or APIC attached. The remote leaf switches are added to an existing pod in the fabric over the Wide Area Network (WAN). All policies deployed in the main data center are deployed in the remote switches, which behave like local leaf switches that belong to the fabric.
Note: The following Requirements are based on the Remote Leaf white paper.
I – Hardware and Software Requirements
- The remote leaf solution is supported by ACI 3.1(1) version and later.
- The following table has the list of hardware that supports Remote leaf:
II- VXLAN Overhead
- It’s important to increase at least 50B MTU in the IPN network to allow data plane communication between endpoints in the main DC and at the remote location.
– If the endpoints source traffic of the default 1500B MTU size then the IPN should be configured with at least a 1600-byte MTU value.
– If the endpoints source traffic with 9000B MTU then the IPN should be configured with at least a 9100-byte MTU value, recommended 9150.
- The MTU for control plane traffic between the spines in the main DC and the Remote leaf nodes should also be tuned (by default it tries to use up to 9000B MTU).
- The control plane MTU can be tuned from the APIC if the IPN doesn’t support Jumbo frames.
III- Latency and Bandwidth
- Up to 300 msec latency between ACI main DC and Remote Location.
- Minimum 100 Mbps bandwidth in IP Network.
IV- Dedicated Fabric links between RL and IPN
- Dedicated links between the RL nodes and the Uplink routers for RL discovery and VXLAN traffic destined to other RL nodes or the main fabric.
- In simple words, L3Out links must be separate from the fabric discovery link.
V- Reachability requirements
- Before 4.1(2) release:
The remote leaf is logically associated with one of the Pods of the ACI main DC. As previously mentioned, the Remote leaf nodes should have reachability to the VTEP pool of its logically associated Pod. This could be achieved via the backbone if the TEP pool is enterprise routable.
- Before 4.1(2) release:
Routable TEP Pool: To solve the challenge of advertising the VTEP pool of the Pod to remote locations, the support of a routable subnet for the Pod is added, in addition to the private VTEP pool subnet. This allows customers to advertise only the routable subnet to remote locations from the ACI main DC.
The minimum supported number for a routable subnet is /27. Also, there is no requirement for the various routable TEP pools to be adjacent.
- Routable TEP subnet configuration:
VI- Remote Leaf IPN Requirements
- OSPF with VLAN-4 sub-interface at the upstream router connected to Remote leaf.
- DHCP relay to the APIC controller’s IP address. This will be the routable IP address of the APIC if the
routable subnet is configured.