Had a discussion about the suitability of spine/leaf for enterprise networks and I was surprised to see there being actual vendors with products for wall-to-wall spine/leaf. Others tend to emphasize traditional switching for environments outside the data center, so I'm wondering... does spine/leaf make sense outside the data center?
And there are security concerns for all the products that need to do full packet capture and deep packet inspection... how would they accomplish that in a full mesh environment?
I like it. That was what I was planning for my old gig before I moved to the dark side. If they end up hiring my new company it will still be what I suggest. The goal was to use the same technologies for both access and data center. The same team is managing both parts of the network so making them match helps with operations.
Using spine/leaf does not really change much for monitoring. If you have a requirement for FPC or DPI you probably already have everything in place already. Depending on the details of where the existing capture points are it may just mean making sure the monitoring tools understand the new vxlan headers, and how to parse/strip/inspect them.
-Otanx
Cool, that's the ticket, looks like. Understanding the new vxlan headers. Thanks!