Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Moosa
Contributor

Testing Maestro Active/Active Gateways for BGP configuration in Eve-NG Lab

Hello Eveyrone,

I want to create POC in Eve-ng Lab for a Maestro envriornmetn where at least two Gateways will have redundant BGP connections to routers. 

Since we Maestro is not supported in Eve-NG, I need some guidance on how can I create somthing close to this at least from Layer-3 preseptvie to test out the BGP parts with 2 R81 Gateways wihtout Maestro.

Since Maestro will have Gateways in Active/Active configurations, to have something close to that without Maestro, shall I set up a ClusterXL in active/active configuraiton to simulate the layer3 conenctivity for BGP? 

Will that behave as Maestro in terms of BGP and Layer 3 connectivity at least? or if there is a better way to go about this entire setup. 


0 Kudos
4 Replies
Chris_Atkinson
Employee Employee
Employee

From a BGP perspective a single gateway is how Maestro appears to the network.

CCSM R77/R80/ELITE
0 Kudos
Moosa
Contributor

Hello Chris,

Thanks for quick reply and that makes sense. I can simulate that in Lab by using just one secuirty gateway.

However I am also udnerstanding the real scenarion bit by bit as I move forward with the test. 

There will be 2 Maestros chassis both connecting redundantly to a single Nexus swithces (as an example) and have BGP on peer relation on both links. 

To simulate that do I still need a single Secuirty Gateway in lab? or do I need 2 Secuirty Gateways in lab to simulate 2 seperate maestro Chassis? and how the redundant connections to the Nexus will be made in either case?

0 Kudos
Chris_Atkinson
Employee Employee
Employee

What your describing from a BGP/peering perspective sounds like a single gateway with ECMP (sk100504).

Typically Maestro would connect using link aggregation / bonds. 

When you say two chassis do you mean two orchestrators (MHO) or a dual-site deployment?

https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_Maestro_GettingStartedGuide/Topics...

CCSM R77/R80/ELITE
0 Kudos
Moosa
Contributor

Yes setup is MHO, not dual-site.

The connections to nexus are bonds, you are correct.

Althoguh I am not sure about ECMP at this point. 

 

 

0 Kudos