Are Interface Descriptions in ACI using magic?

Posted on 2021/12/07 by RedNectar Chris Welsh

When you add a description to an interface in ACI, the eye of Sauron blinks and unexpected things happen. But is this magic?

I fell into this rabbit hole (or should I say hobbit hold?) when answering this question on the Cisco Community forum, and now I’ll give you the short(er) story.

In a nutshell

There are three ways to put a Description on and Interface in ACI

  1. You enter directly it under the Fabric > Inventory path
  2. You create an Interface Override for the interface and add it there – it automagically appears on the Physical Interface description under the Fabric > Inventory path
  3. You add a description to the Access Port Block for the Interface Selector for the relevant Interface Profile, where again it mysteriously appears in the Physical Interface description under the Fabric > Inventory path

It turns out

  • 1. and 2. are closely related. Change one, and you change the other.
    • If you delete the override object, the description on the interface is deleted also
    • If you EDIT the override object, the description on the interface is edited also
    • If you create your own override object with a Description, the description also appears on the interface
  • IF a Description is assigned to an Access Port Block for the Interface Selector for the relevant Interface Profile 
    • AND there is no relevant Interface Override for that port
    • AND the Interface Selector is linked to an Interface (Access Port) Policy Group
  • THEN the description is copied to the Physical Interface description

If you want more detail, read on.

To Begin…

If a user adds a description to an Interface when viewing it from Fabric > Inventory >> Podn > Leafn > Interfaces > Physical Interfaces > eth1/n then it appears as you view that screen, as you would expect.

But something else unexpected happens too. A NEW object is created and buried under  Fabric > Access Policies >> Interfaces > Leaf Interfaces > Overrides > nnn_eth_1_n

Wow. What’s going on here?

The crux of the matter

The Overrides configuration is really just the beginning of the weird background stirrings that go on, but to get to the root of the problem, you need to look more closely at the original screen. In particular, the Distinguished Name (DN) of the interface, which in my case was 

topology/pod-1/node-1201/sys/phys-[eth1/2]

Right-clicking on the interface to view the interface in the object-store browser (visore) reveals that the object belongs to the l1PhyIf class…

…and if you examine the inbuilt documentation for that class, you’ll find…

…that objects of this type are NOT configurable!

So what happens behind the scenes is that when you edit this non-configurable object, ACI hides it away in a place that is configurable – namely (in my example) uni/infra/hpaths-1201_eth1_2/rsHPathAtt-[topology/pod-1/paths-1201/pathep-[eth1/2]] which, as you can guess is the DN of the Override I illustrated earlier. 

It turns out that:

  • If you delete the override object, the description on the interface is deleted also
  • If you EDIT the override object, the description on the interface is edited also
  • If you create your own override object with a Description, the description also appears on the interface

But this is only HALF the story. And here is where the real weird stuff happens.

The real weird stuff

If the interface has NO override, and therefore no description appearing on the Physical Interface, then a description added to the Access Port Block for the Interface Selector for the relevant Interface Profile can also appear as the description on the physical interface – BUT NOT SO FAST.

The description DOESN’T appear on the Physical Interface until an Interface Policy Group is assigned.  Once an Access Policy Group has been allocated to the interface, the description then magically appears on the Physical Interface Description.

Duel to the death!

Now if there are TWO ways of getting a description into the Physical Interface Description, which one wins?

The only way to find out is to set up a duel!  Perhaps not quite Éowyn vs Witch King proportions, but let’s find out.

LOTR Éowyn vs Witch King of Angmar

Image from Lord of the Rings: The Return of the King. GIF image from Streamerclips.com

Round 1:

  1. Create an Interface Description via the Access Port Block 
  2. Edit the description via the Physical Interface page under the Inventory

Result:

  1. A NEW Override object is created to hold the edited description
  2. The Interface Description under the Access Port Block remains unaltered

Round 2:

  1. Delete the new Override object created in Round 1,
  2. and observe the results

Result:

  1. The Physical Interface description under Inventory is deleted
  2. The Interface Description under the Access Port Block remains unaltered

Round 3:

  1. Disassociate the Interface (Access Port) Policy Group from the Interface Selector
  2. Re-associate the Interface (Access Port) Policy Group with the Interface Selector
  3. and observe the results

Result:

  1. The Physical Interface description under Inventory is updated with the Access Port Block description
  2. The Interface Description under the Access Port Block remains unaltered

It appears that the Override object is playing Éowyn’s part for this duel, while the Access Port Block represents the hapless king.

But the good new is that even if the duel is lost, the description in the Access Port Block remains even if the other description is changed or removed.

Or more simply:

  • IF a Description is assigned to an Access Port Block for the Interface Selector for the relevant Interface Profile 
    • AND there is no relevant Interface Override for that port
    • AND the Interface Selector is linked to an Interface (Access Port) Policy Group
  • THEN the description is copied to the Physical Interface description

Summary

There are three ways to put a Description on and Interface in ACI

  1. You enter directly it under the Fabric > Inventory path
  2. You create an Interface Override for the interface and add it there – it automagically appears on the Physical Interface description under the Fabric > Inventory path
  3. You add a description to the Access Port Block for the Interface Selector for the relevant Interface Profile, where again it mysteriously appears in the Physical Interface description under the Fabric > Inventory path

It turns out

  • 1. and 2. are closely related. Change one, and you change the other.
    • If you delete the override object, the description on the interface is deleted also
    • If you EDIT the override object, the description on the interface is edited also
    • If you create your own override object with a Description, the Description also appears on the interface
  • IF a Description is assigned to an Access Port Block for the Interface Selector for the relevant Interface Profile 
    • AND there is no relevant Interface Override for that port
    • AND the Interface Selector is linked to an Interface (Access Port) Policy Group
  • THEN the description is copied to the Physical Interface description

RedNectar

About RedNectar Chris Welsh

Professional IT Instructor. All things TCP/IP, Cisco or Data Centre
This entry was posted in Access Policies, ACI, ACI API, Cisco and tagged . Bookmark the permalink.