Hello,
Thanks for another awesome lesson!
I have a doubt. I wanted to know how the following situation is handled: let’s say I have a company that provides IaaS to any global customer. I own a DC and I decide to use VXLAN because of all its benefits. Customer’s VMs are in servers connected to switches that are trunked to the LEAF Switches (or LEAF is the actual vSwitch if it supports VXLAN).
So far I can get the multi-tenancy working good. Isolation between customer works, and L2 and L3 between VNIs of the same customer is working too. I am using VXLAN with eBGP Multi-AS on the underlay.
Now I want to offer customers the possibility to connect their VMs to the public Internet. Some customers might want this for their own reason. Therefore, I need to advertise a default route from the Spine switches to the LEAF switches. But I need such default route to be imported on the desired customer VRF on the LEAF.
So I thought one possibility is to configure all VRFs on the BORDER-GW router and on the SPINE switches, and then have to advertise over each BGP VRF Address family the default route, expecting that the SPINES readvertise it to the LEAF switches keeping Extended Community RT and therefore successfully importing it on the desired customer VRF Routing Table. Any thought on this? Is this recommended? I don’t like the fact of having to configure BGP VRF AF on the SPINE for every desired customer VRFs.
I wanted to see if Laz or Rene could provide some guidance based on their experience.
Is there any other solutions? Do you know a solution that is actually used or “common” for this scenario?
Thanks,
Jose