Category Archives: ACI

ACI Inband Mangagment Route Leaking Kludge

Posted on 2019/12/01 by

When I was challenged with this: Hi @RedNectar , Right now I have a simple contract that allows SSH only: Scope set to global. TCP dst 22. “Both directions” and “reverse port filters” enabled. This contract is provided by the inband EPG … Continue reading

Posted in ACI, aci inband management, ACI inband management tutorials, ACI Tutorial, Cisco | Tagged , , , | 1 Comment

Resolution Immediacy and Deployment Immediacy – ACI Master Class

Posted on 2018/08/17 by

When configuring ACI, have you ever wondered what those Resolution Immediacy options [Immediate | On Demand | Pre-provision] and the Deployment Immediacy options [Immediate | On Demand] do? Continue reading

Posted in Access Policy Chain, ACI, ACI Tutorial, Cisco, Master Class, Nexus 9000 | Tagged , , ,

ARP Gleaning – ACI Master Class

Posted on 2018/08/13 by

The purpose of these Gleaning ARPs is simply to “tickle” the target station into sending a packet – not because the gateway needs the MAC address of the target! Continue reading

Posted in ACI, ACI Tutorial, Cisco, Master Class | Tagged , , , | 7 Comments

ISIS, COOP, BGP and MP-BGP in Cisco ACI

Posted on 2018/03/01 by

Let me start with a picture.  Imagine a simple 2leaf/2spine topology with HostA attached to to Leaf1 and with HostB attached to to Leaf2. Enter IS-IS. The leaves and spines will exchange IS-IS routing updates with each other so that Leaf1 sees that it has two equally good paths to reach Leaf2, and Leaf2 sees that it has two equally good paths to reach Leaf1. Now think about the hosts. This is where COOP comes in. BGP is not needed until an external router is connected. Continue reading

Posted in ACI, ACI configuration, APIC, Cisco, Data Center, Data Centre, EPG, L3 Out, L3out | Tagged , ,

Non overlapping VTEP IP addresses in Cisco ACI

Posted on 2017/06/13 by

Cisco recommends that “The TEP IP address pool should not overlap with existing IP address pools that may be in use by the servers (in particular, by virtualized servers).”
Let me tell you a reason much closer to reality why you might want to avoid overlapping your Cisco ACI TEP addresses with your locally configured addressing scheme. Continue reading

Posted in ACI, ACI configuration, APIC, Cisco, Data Center, Data Centre | Tagged , , , ,

Cisco ACI Naming Standards

Posted on 2017/05/19 by

Have you ever wondered what a L3 Out object is, when there no facility to create an object called L3 Out? I managed to solve this and many other ambiguities by developing and adopting a consistent naming standard. Continue reading

Posted in Access Policies, ACI, ACI configuration, Cisco, Data Center, Data Centre, Nexus, Nexus 9000, SDN, Software Defined Networking | Tagged , , , , | 1 Comment

A funny thing happened in the ACI lab today…

Posted on 2017/03/02 by

I had a Tenant with a statically configured bare metal hosts attached to interface 1/16 on both leaf 101 and leaf 102, but came up with a “invalid-path;invalid-vlan” error on the faults page for the EPG that was being configured … Continue reading

Posted in Access Policies, ACI, ACI configuration, APIC, Data Center, Data Centre | Tagged , , , , , ,