APPs force the Network Design, NOT the opposite

I came across a post of Ivan Pepelnjak about a madness of streched firewalls across DCI:

http://blog.ipspace.net/2015/11/stretched-firewalls-across-layer-3-dci.html

Ivan calls such an idea a stupidity and states:

“For those who still don’t get it: if you lose the communication between cluster members (which would happen after DCI link failure), the firewalls in one data center shut down and cut that data center off the net.”

[…]