This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to route to management CLIP from outside the fabric?

How to route to management CLIP from outside the fabric?

trusterholz_wf
New Contributor II

‎10-12-2023 09:42 AM

I am experimenting with a greenfield fabric and I think the best solution for device management interfaces will be to configure them on a CLIP.  However I am getting stuck figuring out how I can route to those interfaces from outside the fabric.  In our environment we use firewalls as our L3 routers.  In the traditional network that this fabric will replace, the device management interfaces are configured on VLANs in the switching environment.  I am unsure how I need to configure the fabric edge interfaces that connect to the firewalls such that I will be able to access the management CLIPs in the fabric.  Am I missing something obvious?

0 Kudos
1 REPLY 1

trusterholz_wf
New Contributor II

‎10-24-2023 10:44 AM

With some help from our Extreme SE, we solved this.  The fabric edge devices need to share a VLAN & subnet with the exo-fabric L3 router.  We called this a "transit" subnet. The L3 router needs a static route that sends traffic destined for the switch management IPs to an address on an edge switch in the transit subnet.  And the edge switches need a static default route pointing to the L3 router IP, and to redistribute that static route into the grt.  Lastly, it was recommended to enable ip rsmlt on the fabric edge switches -- in case the static route on the L3 router is directing to the IP address on switch A, and switch A goes down, switch B can respond to traffic meant for the IP on switch A.

GTM-P2G8KFN