: Create an External Routed Network
Focus
Focus

Create an External Routed Network

Table of Contents

Create an External Routed Network

The firewalls pass IP routing information to the ACI ovar a Layer 3 OSPF network. ACI uses a switch virtual interface (SVI) on the leaf switches with an IP address on each switch for connection resilience. Create a Layer 3 routed network to peer with the firewall using OSPF.
  1. On the Tenants tab, double-click on the name of your tenant.
  2. Select NetworkingExternal Routed Networks.
  3. Right-click External Routed Networks and select Create Routed Outside.
  4. Enter a descriptive Name for your External Routed Network.
  5. Select your VRF with external connectivity from the VRF drop-down.
  6. Select the external routed domain you created previously form the External Routed Domain drop-down.
  7. Select OSPF.
  8. Enter an OSPF Area ID. The Area ID can be expressed in decimal number or dotted decimal form. For example, Area 1 is the same as Area 0.0.0.1 or Area 271 is the same as Area 0.0.1.15. The Area ID range is 0 (0.0.0.0) to 4294967295 (255.255.255.255).
  9. Select Regular Area for the OSPF Area Type.
  10. Click the plus (+) button to the right of Nodes and Interface Profiles to create a Node Profile with a node that for the border-leaf switches that connect to the firewall.
  11. Enter a descriptive Name for your Node Profile.
  12. Attach nodes to your Node Profile.
    1. Click the plus (+) button to the right of Nodes. This opens the Select Node window.
    2. Select the node that your firewall is connected to from the Node ID drop-down.
    3. Enter the IP address of the router attached to the leaf switch in Router ID.
    4. Click OK.
    5. Click the plus (+) button to the right of Nodes and Interface Profiles.
    6. Enter a descriptive Name for your Node Profile.
    7. Click the plus (+) button to the right of Nodes. This opens the Select Node window.
    8. Select the node that your secondary HA firewall is connected to from the Node ID drop-down.
    9. Enter the IP address of the router attached to the second leaf switch in Router ID.
    10. Click OK.
  13. Attach an OSPF Interface Profile for your Node Profile.
    1. Enter a descriptive Name for your OSPF Interface Profile.
    2. Click Next.
    3. Select Create OSPF Interface Policy from the OSPF Policy drop-down.
    4. Enter a descriptive Name for your OSPF Interface Policy.
    5. Select MTU Ignore.
    6. Click Submit.
    7. Click Next.
    8. Click SVI.
    9. Click the plus (+) button to the right of SVI Interfaces. This opens the Select SVI window.
    10. Click Virtual Port Channel.
    11. Select the Path to the port and port channel interface where the firewall connects to the leaf switch.
    12. In Encap, enter the VLAN encapsulation used for your layer 3 outside profile.
    13. Select Trunk for Mode.
    14. In the Side A IPv4 Primary Address field, enter the primary IP address of the path attached to the layer 3 outside profile.
    15. In the Side B IPv4 Primary Address field, enter the secondary IP address of the path attached to the layer 3 outside profile.
    16. Click OK.
  14. Click OK to close the Create Interface Profile window.
  15. Click OK to close the Create Node Profile window.
  16. Click Next.
  17. Click the plus (+) button to the right of External EPG Networks. This opens the Create Routed Outside window.
  18. Enter a descriptive Name for you External Network.
  19. Add a subnet to you External Network.
    1. Click the plus (+) button to the right of Subnets.
    2. Enter the IP address and mask of the subnet’s default gateway.
    3. Select Export Route Control Subnet.
    4. Select External Subnets for External EPG.
    5. Click OK.
  20. Click Finish.