Border Device

Location in GUI: Provision » SD-Access » Fabric Sites » Fabric Infrastructure

Diagram

Classes

fabric (catalyst_center)

Name	Type	Constraint	Mandatory	Default Value
border_devices	List	`[border_devices]`	No

border_devices (catalyst_center.fabric)

Name	Type	Constraint	Mandatory
name	String		Yes
border_types	List	Choice[`LAYER_2`, `LAYER_3`]	Yes
sda_transit	String		No
affinity_id_prime	Integer	min: `0`, max: `2147483647`	No
affinity_id_decider	Integer	min: `0`, max: `2147483647`	No
connected_to_internet	Boolean	`true`, `false`	No
multicast_over_transit	Boolean	`true`, `false`	No
import_external_routes	Boolean	`true`, `false`	No
default_exit	Boolean	`true`, `false`	No
border_priority	Integer	min: `1`, max: `10`	No
prepend_autonomous_system_count	Integer	min: `1`, max: `10`	No
local_autonomous_system_number	Integer	min: `1`, max: `4294967295`	No
external_handoff_pool	String		No
l2_handoffs	Class	`[l2_handoffs]`	No
l3_handoffs	List	`[l3_handoffs]`	No

l2_handoffs (catalyst_center.fabric.border_devices)

Name	Type	Constraint	Mandatory	Default Value
l2_without_anycast_gateway	Class	`[l2_without_anycast_gateway]`	No
l2_with_anycast_gateway	List	`[l2_with_anycast_gateway]`	No

l3_handoffs (catalyst_center.fabric.border_devices)

Name	Type	Constraint	Mandatory	Default Value
name	String		Yes
interfaces	List	`[interfaces]`	Yes

l2_without_anycast_gateway (catalyst_center.fabric.border_devices.l2_handoffs)

Name	Type	Constraint	Mandatory	Default Value
vlans	List	`[vlans]`	No
interfaces	List	String	No

l2_with_anycast_gateway (catalyst_center.fabric.border_devices.l2_handoffs)

Name	Type	Constraint	Mandatory
l3_virtual_network	String		Yes
ip_pool_name	String		Yes
external_vlan	Integer	min: `2`, max: `4094`	No
interfaces	List	String	No

interfaces (catalyst_center.fabric.border_devices.l3_handoffs)

Name	Type	Constraint	Mandatory	Default Value
name	String		Yes
virtual_networks	List	`[virtual_networks]`	Yes

vlans (catalyst_center.fabric.border_devices.l2_handoffs.l2_without_anycast_gateway)

Name	Type	Constraint	Mandatory	Default Value
name	String		Yes
external_vlan	Integer	min: `2`, max: `4094`	No

virtual_networks (catalyst_center.fabric.border_devices.l3_handoffs.interfaces)

Name	Type	Constraint	Mandatory
name	String		Yes
local_ip_address	IP		No
peer_ip_address	IP		No
peer_ipv6_address	IP		No
local_ipv6_address	IP		No
tcp_mss_adjustment	Integer	min: `500`, max: `1440`	No
vlan	Integer	min: `2`, max: `4093`	Yes

Border Devices connect the SD-Access fabric to external networks. They are provisioned within a Fabric Site and support Layer 3 Handoffs (IP transit, SDA transit) and Layer 2 Handoffs for routing between fabric virtual networks and external infrastructure. The device must first be defined in the Inventory data model with the appropriate fabric role. This resource is SDA fabric only.

Examples

Prerequisite: To provision a border device, it must be specified under Inventory » Devices data model with fabric-role element values assigned link

The border_devices name must match the name specified in the inventory data model for the specific device (inventory.devices.name)

Example-1: Layer 3 Border Device with BGP External Connectivity - LISP External Border Role

This example demonstrates how to configure a Layer 3 border device in SD-Access fabric for external network connectivity. Border devices serve as critical infrastructure components that connect the SD-Access fabric to external networks, providing routing, policy enforcement, and traffic ingress/egress capabilities.

The border device configuration includes:

Device name (BR01) referencing a device previously configured in the inventory
Layer 3 border type enabling IP routing and external connectivity functions
Default exit configuration making this border the primary path for external traffic
External route import disabled for controlled routing policy and security
Local ASN (65013) for BGP peering and autonomous system identification
BGP external domain routing protocol for dynamic route exchange with external networks
ASN prepending (count: 1) for traffic engineering and path preference control
Border priority (5) for load balancing and redundancy across multiple border devices

catalyst_center:
  fabric:
    border_devices:
      - name: BR01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: false
        local_autonomous_system_number: 65013
        external_domain_routing_protocol_name: BGP
        prepend_autonomous_system_count: 1
        border_priority: 5

Example-2: Layer 3 Border Device with BGP External Connectivity - LISP (External + Internal) Border Role

This example shows how to configure a border device with external route import capabilities for scenarios requiring dynamic route propagation from external networks into the SD-Access fabric.

catalyst_center:
  fabric:
    border_devices:
      - name: BORDER-CORE-01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: true
        local_autonomous_system_number: 65100
        prepend_autonomous_system_count: 1
        border_priority: 5

Example-3: Layer 3 Border Device with Route Import - LISP (Internal) only Border Role

This example shows how to configure a border device with external route import capabilities for scenarios requiring dynamic route propagation from external networks into the SD-Access fabric.

catalyst_center:
  fabric:
    border_devices:
      - name: BORDER-CORE-01
        border_types:
          - LAYER_3
        default_exit: false
        import_external_routes: true
        local_autonomous_system_number: 65100
        prepend_autonomous_system_count: 1
        border_priority: 5

Example-4: Layer 2 Border Device for Campus Integration

This example demonstrates how to configure a Layer-2 only border device for campus environments where Layer 2 extension and VLAN bridging are required between the fabric and external networks. Ensure the Fabric has an Existing Control-Plane device, before adding a LAYER_2 only Border

catalyst_center:
  fabric:
    border_devices:
      - name: L2-BORDER-SW01
        l2_handoffs:
          l2_without_anycast_gateway:
            vlans:
              - name: L2_VLAN_USERS
                external_vlan: 550
            interfaces:
              - GigabitEthernet1/0/10
          l2_with_anycast_gateway:
            - l3_virtual_network: SDA_VN_USERS
              ip_pool_name: USERS
              external_vlan: 470
              interfaces:
                - GigabitEthernet1/0/8

Example-5: Multi-Border Device Configuration for High Availability

This example shows how to configure multiple Layer-3 only border devices for high availability and load distribution in large enterprise SD-Access deployments with redundant external connectivity.

catalyst_center:
  fabric:
    border_devices:
      - name: PRIMARY-BORDER-01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: false
        local_autonomous_system_number: 65200
        prepend_autonomous_system_count: 1
        border_priority: 5

      - name: SECONDARY-BORDER-01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: false
        local_autonomous_system_number: 65200
        prepend_autonomous_system_count: 1
        border_priority: 5

Example-6: Hybrid Border Device with Layer 2 and Layer 3 Functions

This example demonstrates how to configure a border device supporting both Layer 2 and Layer 3 border functions for complex network scenarios requiring multiple connectivity types and traffic handling capabilities.

catalyst_center:
  fabric:
    border_devices:
      - name: HYBRID-BORDER-01
        border_types:
          - LAYER_3
          - LAYER_2
        default_exit: true
        import_external_routes: false
        local_autonomous_system_number: 65300
        prepend_autonomous_system_count: 1
        affinity_id_prime: 100
        affinity_id_decider: 100
        connected_to_internet: true
        border_priority: 9
        sda_transit: TRANSIT_CONTROL_PLANE_GROUP1

Example-7: Border Device with SDA Transit and Multicast Over Transit

This example demonstrates how to configure a border device connected to an SDA transit network with native multicast enabled across multiple sites.

catalyst_center:
  fabric:
    border_devices:
      - name: MULTISITE-BORDER-01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: true
        local_autonomous_system_number: 65400
        prepend_autonomous_system_count: 1
        border_priority: 5
        affinity_id_prime: 50
        affinity_id_decider: 50
        connected_to_internet: false
        sda_transit: SDA_MULTISITE_TRANSIT
        multicast_over_transit: true

Location in GUI: Provision » SD-Access » Fabric Sites » Fabric Infrastructure

Diagram

Classes

fabric (catalyst_center)

Name	Type	Constraint	Mandatory	Default Value
border_devices	List	`[border_devices]`	No

border_devices (catalyst_center.fabric)

Name	Type	Constraint	Mandatory
name	String		Yes
border_types	List	Choice[`LAYER_2`, `LAYER_3`]	Yes
sda_transit	String		No
affinity_id_prime	Integer	min: `0`, max: `2147483647`	No
affinity_id_decider	Integer	min: `0`, max: `2147483647`	No
connected_to_internet	Boolean	`true`, `false`	No
multicast_over_transit	Boolean	`true`, `false`	No
import_external_routes	Boolean	`true`, `false`	Yes
default_exit	Boolean	`true`, `false`	Yes
border_priority	Integer	min: `1`, max: `9`	No
prepend_autonomous_system_count	Integer	min: `1`, max: `10`	No
local_autonomous_system_number	Integer	min: `1`, max: `4294967295`	Yes
external_handoff_pool	String		No
l2_handoffs	Class	`[l2_handoffs]`	No
l3_handoffs	List	`[l3_handoffs]`	No

l2_handoffs (catalyst_center.fabric.border_devices)

Name	Type	Constraint	Mandatory	Default Value
l2_without_anycast_gateway	Class	`[l2_without_anycast_gateway]`	No
l2_with_anycast_gateway	List	`[l2_with_anycast_gateway]`	No

l3_handoffs (catalyst_center.fabric.border_devices)

Name	Type	Constraint	Mandatory	Default Value
name	String		Yes
interfaces	List	`[interfaces]`	Yes

l2_without_anycast_gateway (catalyst_center.fabric.border_devices.l2_handoffs)

Name	Type	Constraint	Mandatory	Default Value
vlans	List	`[vlans]`	No
interfaces	List	String	No

l2_with_anycast_gateway (catalyst_center.fabric.border_devices.l2_handoffs)

Name	Type	Constraint	Mandatory
l3_virtual_network	String		Yes
ip_pool_name	String		Yes
external_vlan	Integer	min: `2`, max: `4094`	No
interfaces	List	String	No

interfaces (catalyst_center.fabric.border_devices.l3_handoffs)

Name	Type	Constraint	Mandatory	Default Value
name	String		Yes
virtual_networks	List	`[virtual_networks]`	Yes

vlans (catalyst_center.fabric.border_devices.l2_handoffs.l2_without_anycast_gateway)

Name	Type	Constraint	Mandatory	Default Value
name	String		Yes
external_vlan	Integer	min: `2`, max: `4094`	No

virtual_networks (catalyst_center.fabric.border_devices.l3_handoffs.interfaces)

Name	Type	Constraint	Mandatory
name	String		Yes
local_ip_address	IP		No
peer_ip_address	IP		No
peer_ipv6_address	IP		No
local_ipv6_address	IP		No
tcp_mss_adjustment	Integer	min: `500`, max: `1440`	No
vlan	Integer	min: `2`, max: `4093`	Yes

Examples

Prerequisite: To provision a border device, it must be specified under Inventory » Devices data model with fabric-role element values assigned link

The border_devices name must match the name specified in the inventory data model for the specific device (inventory.devices.name)

Example-1: Layer 3 Border Device with BGP External Connectivity - LISP External Border Role

The border device configuration includes:

Device name (BR01) referencing a device previously configured in the inventory
Layer 3 border type enabling IP routing and external connectivity functions
Default exit configuration making this border the primary path for external traffic
External route import disabled for controlled routing policy and security
Local ASN (65013) for BGP peering and autonomous system identification
BGP external domain routing protocol for dynamic route exchange with external networks
ASN prepending (count: 1) for traffic engineering and path preference control
Border priority (5) for load balancing and redundancy across multiple border devices

catalyst_center:
  fabric:
    border_devices:
      - name: BR01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: false
        local_autonomous_system_number: 65013
        external_domain_routing_protocol_name: BGP
        prepend_autonomous_system_count: 1
        border_priority: 5

Example-2: Layer 3 Border Device with BGP External Connectivity - LISP (External + Internal) Border Role

This example shows how to configure a border device with external route import capabilities for scenarios requiring dynamic route propagation from external networks into the SD-Access fabric.

catalyst_center:
  fabric:
    border_devices:
      - name: BORDER-CORE-01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: true
        local_autonomous_system_number: 65100
        prepend_autonomous_system_count: 1
        border_priority: 5

Example-3: Layer 3 Border Device with Route Import - LISP (Internal) only Border Role

This example shows how to configure a border device with external route import capabilities for scenarios requiring dynamic route propagation from external networks into the SD-Access fabric.

catalyst_center:
  fabric:
    border_devices:
      - name: BORDER-CORE-01
        border_types:
          - LAYER_3
        default_exit: false
        import_external_routes: true
        local_autonomous_system_number: 65100
        prepend_autonomous_system_count: 1
        border_priority: 5

Example-4: Layer 2 Border Device for Campus Integration

catalyst_center:
  fabric:
    border_devices:
      - name: L2-BORDER-SW01
        l2_handoffs:
          l2_without_anycast_gateway:
            vlans:
              - name: L2_VLAN_USERS
                external_vlan: 550
            interfaces:
              - GigabitEthernet1/0/10
          l2_with_anycast_gateway:
            - l3_virtual_network: SDA_VN_USERS
              ip_pool_name: USERS
              external_vlan: 470
              interfaces:
                - GigabitEthernet1/0/8

Example-5: Multi-Border Device Configuration for High Availability

This example shows how to configure multiple Layer-3 only border devices for high availability and load distribution in large enterprise SD-Access deployments with redundant external connectivity.

catalyst_center:
  fabric:
    border_devices:
      - name: PRIMARY-BORDER-01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: false
        local_autonomous_system_number: 65200
        prepend_autonomous_system_count: 1
        border_priority: 5

      - name: SECONDARY-BORDER-01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: false
        local_autonomous_system_number: 65200
        prepend_autonomous_system_count: 1
        border_priority: 5

Example-6: Hybrid Border Device with Layer 2 and Layer 3 Functions

catalyst_center:
  fabric:
    border_devices:
      - name: HYBRID-BORDER-01
        border_types:
          - LAYER_3
          - LAYER_2
        default_exit: true
        import_external_routes: false
        local_autonomous_system_number: 65300
        prepend_autonomous_system_count: 1
        affinity_id_prime: 100
        affinity_id_decider: 100
        connected_to_internet: true
        border_priority: 9
        sda_transit: TRANSIT_CONTROL_PLANE_GROUP1

Example-7: Border Device with SDA Transit and Multicast Over Transit

This example demonstrates how to configure a border device connected to an SDA transit network with native multicast enabled across multiple sites.

catalyst_center:
  fabric:
    border_devices:
      - name: MULTISITE-BORDER-01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: true
        local_autonomous_system_number: 65400
        prepend_autonomous_system_count: 1
        border_priority: 5
        affinity_id_prime: 50
        affinity_id_decider: 50
        connected_to_internet: false
        sda_transit: SDA_MULTISITE_TRANSIT
        multicast_over_transit: true

Location in GUI: Provision » SD-Access » Fabric Sites » Fabric Infrastructure

Diagram

Classes

fabric (catalyst_center)

Name	Type	Constraint	Mandatory	Default Value
border_devices	List	`[border_devices]`	No

border_devices (catalyst_center.fabric)

Name	Type	Constraint	Mandatory
name	String		Yes
border_types	List	Choice[`LAYER_2`, `LAYER_3`]	Yes
sda_transit	String		No
affinity_id_prime	Integer	min: `0`, max: `2147483647`	No
affinity_id_decider	Integer	min: `0`, max: `2147483647`	No
connected_to_internet	Boolean	`true`, `false`	No
multicast_over_transit	Boolean	`true`, `false`	No
import_external_routes	Boolean	`true`, `false`	Yes
default_exit	Boolean	`true`, `false`	Yes
border_priority	Integer	min: `1`, max: `9`	No
prepend_autonomous_system_count	Integer	min: `1`, max: `10`	No
local_autonomous_system_number	Integer	min: `1`, max: `4294967295`	Yes
external_handoff_pool	String		No
l2_handoffs	Class	`[l2_handoffs]`	No
l3_handoffs	List	`[l3_handoffs]`	No

l2_handoffs (catalyst_center.fabric.border_devices)

Name	Type	Constraint	Mandatory	Default Value
l2_without_anycast_gateway	Class	`[l2_without_anycast_gateway]`	No
l2_with_anycast_gateway	List	`[l2_with_anycast_gateway]`	No

l3_handoffs (catalyst_center.fabric.border_devices)

Name	Type	Constraint	Mandatory	Default Value
name	String		Yes
interfaces	List	`[interfaces]`	Yes

l2_without_anycast_gateway (catalyst_center.fabric.border_devices.l2_handoffs)

Name	Type	Constraint	Mandatory	Default Value
vlans	List	`[vlans]`	No
interfaces	List	String	No

l2_with_anycast_gateway (catalyst_center.fabric.border_devices.l2_handoffs)

Name	Type	Constraint	Mandatory
l3_virtual_network	String		Yes
ip_pool_name	String		Yes
external_vlan	Integer	min: `2`, max: `4094`	No
interfaces	List	String	No

interfaces (catalyst_center.fabric.border_devices.l3_handoffs)

Name	Type	Constraint	Mandatory	Default Value
name	String		Yes
virtual_networks	List	`[virtual_networks]`	Yes

vlans (catalyst_center.fabric.border_devices.l2_handoffs.l2_without_anycast_gateway)

Name	Type	Constraint	Mandatory	Default Value
name	String		Yes
external_vlan	Integer	min: `2`, max: `4094`	No

virtual_networks (catalyst_center.fabric.border_devices.l3_handoffs.interfaces)

Name	Type	Constraint	Mandatory
name	String		Yes
local_ip_address	IP		No
peer_ip_address	IP		No
peer_ipv6_address	IP		No
local_ipv6_address	IP		No
tcp_mss_adjustment	Integer	min: `500`, max: `1440`	No
vlan	Integer	min: `2`, max: `4093`	Yes

Examples

Prerequisite: To provision a border device, it must be specified under Inventory » Devices data model with fabric-role element values assigned link

The border_devices name must match the name specified in the inventory data model for the specific device (inventory.devices.name)

Example-1: Layer 3 Border Device with BGP External Connectivity - LISP External Border Role

The border device configuration includes:

Device name (BR01) referencing a device previously configured in the inventory
Layer 3 border type enabling IP routing and external connectivity functions
Default exit configuration making this border the primary path for external traffic
External route import disabled for controlled routing policy and security
Local ASN (65013) for BGP peering and autonomous system identification
BGP external domain routing protocol for dynamic route exchange with external networks
ASN prepending (count: 1) for traffic engineering and path preference control
Border priority (5) for load balancing and redundancy across multiple border devices

catalyst_center:
  fabric:
    border_devices:
      - name: BR01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: false
        local_autonomous_system_number: 65013
        external_domain_routing_protocol_name: BGP
        prepend_autonomous_system_count: 1
        border_priority: 5

Example-2: Layer 3 Border Device with BGP External Connectivity - LISP (External + Internal) Border Role

This example shows how to configure a border device with external route import capabilities for scenarios requiring dynamic route propagation from external networks into the SD-Access fabric.

catalyst_center:
  fabric:
    border_devices:
      - name: BORDER-CORE-01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: true
        local_autonomous_system_number: 65100
        prepend_autonomous_system_count: 1
        border_priority: 5

Example-3: Layer 3 Border Device with Route Import - LISP (Internal) only Border Role

This example shows how to configure a border device with external route import capabilities for scenarios requiring dynamic route propagation from external networks into the SD-Access fabric.

catalyst_center:
  fabric:
    border_devices:
      - name: BORDER-CORE-01
        border_types:
          - LAYER_3
        default_exit: false
        import_external_routes: true
        local_autonomous_system_number: 65100
        prepend_autonomous_system_count: 1
        border_priority: 5

Example-4: Layer 2 Border Device for Campus Integration

catalyst_center:
  fabric:
    border_devices:
      - name: L2-BORDER-SW01
        l2_handoffs:
          l2_without_anycast_gateway:
            vlans:
              - name: L2_VLAN_USERS
                external_vlan: 550
            interfaces:
              - GigabitEthernet1/0/10
          l2_with_anycast_gateway:
            - l3_virtual_network: SDA_VN_USERS
              ip_pool_name: USERS
              external_vlan: 470
              interfaces:
                - GigabitEthernet1/0/8

Example-5: Multi-Border Device Configuration for High Availability

This example shows how to configure multiple Layer-3 only border devices for high availability and load distribution in large enterprise SD-Access deployments with redundant external connectivity.

catalyst_center:
  fabric:
    border_devices:
      - name: PRIMARY-BORDER-01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: false
        local_autonomous_system_number: 65200
        prepend_autonomous_system_count: 1
        border_priority: 5

      - name: SECONDARY-BORDER-01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: false
        local_autonomous_system_number: 65200
        prepend_autonomous_system_count: 1
        border_priority: 5

Example-6: Hybrid Border Device with Layer 2 and Layer 3 Functions

catalyst_center:
  fabric:
    border_devices:
      - name: HYBRID-BORDER-01
        border_types:
          - LAYER_3
          - LAYER_2
        default_exit: true
        import_external_routes: false
        local_autonomous_system_number: 65300
        prepend_autonomous_system_count: 1
        affinity_id_prime: 100
        affinity_id_decider: 100
        connected_to_internet: true
        border_priority: 9
        sda_transit: TRANSIT_CONTROL_PLANE_GROUP1

Example-7: Border Device with SDA Transit and Multicast Over Transit

This example demonstrates how to configure a border device connected to an SDA transit network with native multicast enabled across multiple sites.

catalyst_center:
  fabric:
    border_devices:
      - name: MULTISITE-BORDER-01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: true
        local_autonomous_system_number: 65400
        prepend_autonomous_system_count: 1
        border_priority: 5
        affinity_id_prime: 50
        affinity_id_decider: 50
        connected_to_internet: false
        sda_transit: SDA_MULTISITE_TRANSIT
        multicast_over_transit: true

Location in GUI: Provision » SD-Access » Fabric Sites » Fabric Infrastructure

Diagram

Classes

fabric (catalyst_center)

Name	Type	Constraint	Mandatory	Default Value
border_devices	List	`[border_devices]`	No

border_devices (catalyst_center.fabric)

Name	Type	Constraint	Mandatory
name	String		Yes
border_types	List	Choice[`LAYER_2`, `LAYER_3`]	Yes
sda_transit	String		No
connected_to_internet	Boolean	`true`, `false`	No
import_external_routes	Boolean	`true`, `false`	Yes
default_exit	Boolean	`true`, `false`	Yes
border_priority	Integer	min: `1`, max: `9`	No
prepend_autonomous_system_count	Integer	min: `1`, max: `10`	No
local_autonomous_system_number	Integer	min: `1`, max: `4294967295`	Yes
external_handoff_pool	String		No
l2_handoffs	Class	`[l2_handoffs]`	No
l3_handoffs	List	`[l3_handoffs]`	No

l2_handoffs (catalyst_center.fabric.border_devices)

Name	Type	Constraint	Mandatory	Default Value
l2_without_anycast_gateway	Class	`[l2_without_anycast_gateway]`	No
l2_with_anycast_gateway	List	`[l2_with_anycast_gateway]`	No

l3_handoffs (catalyst_center.fabric.border_devices)

Name	Type	Constraint	Mandatory	Default Value
name	String		Yes
interfaces	List	`[interfaces]`	Yes

l2_without_anycast_gateway (catalyst_center.fabric.border_devices.l2_handoffs)

Name	Type	Constraint	Mandatory	Default Value
vlans	List	`[vlans]`	No
interfaces	List	String	No

l2_with_anycast_gateway (catalyst_center.fabric.border_devices.l2_handoffs)

Name	Type	Constraint	Mandatory
l3_virtual_network	String		Yes
ip_pool_name	String		Yes
external_vlan	Integer	min: `2`, max: `4094`	No
interfaces	List	String	No

interfaces (catalyst_center.fabric.border_devices.l3_handoffs)

Name	Type	Constraint	Mandatory	Default Value
name	String		Yes
virtual_networks	List	`[virtual_networks]`	Yes

vlans (catalyst_center.fabric.border_devices.l2_handoffs.l2_without_anycast_gateway)

Name	Type	Constraint	Mandatory	Default Value
name	String		Yes
external_vlan	Integer	min: `2`, max: `4094`	No

virtual_networks (catalyst_center.fabric.border_devices.l3_handoffs.interfaces)

Name	Type	Constraint	Mandatory
name	String		Yes
local_ip_address	IP		No
peer_ip_address	IP		No
peer_ipv6_address	IP		No
local_ipv6_address	IP		No
tcp_mss_adjustment	Integer	min: `500`, max: `1440`	No
vlan	Integer	min: `2`, max: `4093`	Yes

Examples

Prerequisite: To provision a border device, it must be specified under Inventory » Devices data model with fabric-role element values assigned link

The border_devices name must match the name specificied in the inventory data model for the specific device (inventory.devices.name)

Example-1: Layer 3 Border Device with BGP External Connectivity - LISP External Border Role

The border device configuration includes:

Device name (BR01) referencing a device previously configured in the inventory
Layer 3 border type enabling IP routing and external connectivity functions
Default exit configuration making this border the primary path for external traffic
External route import disabled for controlled routing policy and security
Local ASN (65013) for BGP peering and autonomous system identification
BGP external domain routing protocol for dynamic route exchange with external networks
ASN prepending (count: 1) for traffic engineering and path preference control
Border priority (5) for load balancing and redundancy across multiple border devices

catalyst_center:
  fabric:
    border_devices:
      - name: BR01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: false
        local_autonomous_system_number: 65013
        external_domain_routing_protocol_name: BGP
        prepend_autonomous_system_count: 1
        border_priority: 5

Example-2: Layer 3 Border Device with BGP External Connectivity - LISP (External + Internal) Border Role

This example shows how to configure a border device with external route import capabilities for scenarios requiring dynamic route propagation from external networks into the SD-Access fabric.

catalyst_center:
  fabric:
    border_devices:
      - name: BORDER-CORE-01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: true
        local_autonomous_system_number: 65100
        prepend_autonomous_system_count: 1
        border_priority: 5

Example-3: Layer 3 Border Device with Route Import - LISP (Internal) only Border Role

This example shows how to configure a border device with external route import capabilities for scenarios requiring dynamic route propagation from external networks into the SD-Access fabric.

catalyst_center:
  fabric:
    border_devices:
      - name: BORDER-CORE-01
        border_types:
          - LAYER_3
        default_exit: false
        import_external_routes: true
        local_autonomous_system_number: 65100
        prepend_autonomous_system_count: 1
        border_priority: 5

Example-4: Layer 2 Border Device for Campus Integration

catalyst_center:
  fabric:
    border_devices:
      - name: L2-BORDER-SW01
        l2_handoffs:
          l2_without_anycast_gateway:
            vlans:
              - name: L2_VLAN_USERS
                external_vlan: 550
            interfaces:
              - GigabitEthernet1/0/10
          l2_with_anycast_gateway:
            - l3_virtual_network: SDA_VN_USERS
              ip_pool_name: USERS
              external_vlan: 470
              interfaces:
                - GigabitEthernet1/0/8

Example-5: Multi-Border Device Configuration for High Availability

This example shows how to configure multiple Layer-3 only border devices for high availability and load distribution in large enterprise SD-Access deployments with redundant external connectivity.

catalyst_center:
  fabric:
    border_devices:
      - name: PRIMARY-BORDER-01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: false
        local_autonomous_system_number: 65200
        prepend_autonomous_system_count: 1
        border_priority: 5

        - name: SECONDARY-BORDER-01
        border_types:
          - LAYER_3
        default_exit: true
        import_external_routes: false
        local_autonomous_system_number: 65200
        prepend_autonomous_system_count: 1
        border_priority: 5

Example-6: Hybrid Border Device with Layer 2 and Layer 3 Functions

catalyst_center:
  fabric:
    border_devices:
      - name: HYBRID-BORDER-01
        border_types:
          - LAYER_3
          - LAYER_2
        default_exit: true
        import_external_routes: false
        local_autonomous_system_number: 65300
        prepend_autonomous_system_count: 1
        affinity_id_prime: 100
        affinity_id_decider: 100
        connected_to_internet: true
        border_priority: 9
        sda_transit: TRANSIT_CONTROL_PLANE_GROUP1