How do endpoints inside an SD-Access network reach resources outside the fabric?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
SD-Access (Software-Defined Access) is a solution that enables policy-based automation of network provisioning and management using a centralized controller. It provides a simplified approach to network design by leveraging virtualization and segmentation to create a fabric that separates user traffic from network infrastructure traffic.
In an SD-Access network, endpoints such as workstations, servers, and other network devices are connected to edge devices such as access switches that are part of the fabric. The fabric is composed of several virtual networks (VN) that are mapped to physical or virtual switches, and each VN represents a unique user group with its own policies.
When endpoints inside the SD-Access network need to access resources outside the fabric, there are several ways to accomplish this:
A. VRF fusion router is used to map resources in one VN to another VN: This method uses a VRF (Virtual Routing and Forwarding) fusion router to map the resources in one VN to another VN. The fusion router is responsible for routing traffic between VNs, and it maintains a table of mappings between the VNs. When an endpoint in one VN needs to access resources in another VN, the fusion router maps the source VN to the destination VN and forwards the traffic accordingly.
B. Fabric borders use VRFs to map VNs to VRFs: This method uses VRFs to map VNs to VRFs at the fabric border. The fabric border is the edge of the fabric where it connects to other networks or services. The VRFs are used to separate the traffic between different VNs, and they are used to route the traffic between the fabric and the outside networks.
C. SD-Access transit links are used to transport encapsulated traffic from one fabric to another: This method uses SD-Access transit links to transport encapsulated traffic from one fabric to another. The transit links are used to connect different fabrics together, and they encapsulate the traffic with VXLAN (Virtual Extensible LAN) headers. The encapsulated traffic is then transported over the outside network to the destination fabric, where it is de-encapsulated and forwarded to the destination VN.
D. A fabric edge is used to de-encapsulate VXLAN traffic to normal IP traffic then transported over the outside network: This method uses a fabric edge device to de-encapsulate the VXLAN traffic to normal IP traffic, which is then transported over the outside network. The fabric edge device is responsible for connecting the fabric to the outside network, and it is responsible for de-encapsulating the VXLAN traffic from the fabric. Once the VXLAN traffic is de-encapsulated, the fabric edge device forwards it over the outside network to the destination.
In summary, endpoints inside an SD-Access network can reach resources outside the fabric using various methods such as VRF fusion router, VRFs at the fabric border, SD-Access transit links, or fabric edge devices. The choice of method depends on the specific requirements of the network and the design considerations.