ACI | Network 172.17.0.0/16 unreachable from APIC
On 27 mars 2020 by Benoit With 0 Comments - ACI, CISCO, Data Center
Some days ago I had to configure a radius server on an APIC cluster. This server was addressed in the 172.17.0.0/16 range and it worked well for the spines and leaves of the fabric but not for any APIC of the cluster. From the APIC, we had the "unreachable" faults: From the CLI, the problem seemed more clear: APIC1# bashadmin@APIC1:~> ping 172.17.1.50PING 172.17.1.50 (172.17.1.50) 56(84) bytes of data.From 172.17.0.1 icmp_seq=1 Destination Host UnreachableFrom 172.17.0.1 icmp_seq=2 Destination Read more [...]
[Cheat Sheet] ACI – Contracts
On 4 mars 2020 by Benoit With 0 Comments - CISCO, Data Center
This week I detail the Contracts inside ACI, allowing to filter the traffic between endpoints, like an ACL would do in a classic network. In this document, I describe the VRF default behaviors and how we can improve the filtering with the Contracts. How the contracts are working inside ACI, the object model and some example of configurations and their effect (Reverse Filter Ports, Apply Both Directions...). The file is still in progress, but I think the information is already ready to be shared Read more [...]
[Cheat Sheet] ACI – L3out
On 12 février 2020 by Benoit With 0 Comments - CISCO, Data Center
This week I detail the L3out object of ACI, allowing routed connectivity to external networks. In this document, I describe the objects and their relationships, present the most common designs, gateway redundancy and there is also a step by step configuration guide. The file is available here: ACI 04 - L3out. PS: The other files of this series can be found here: ACI 01 - The Basics. ACI 02 - Fabric Access Policies ACI 03 - The Tenants Read more [...]
[Cheat Sheet] ACI – The Tenants
On 30 janvier 2020 by Benoit With 0 Comments - CISCO, Data Center
The third part of these Cheat Sheets series continues to develop the different objects of the Cisco ACI Fabric. After reviewing the Fabric tab last week which can be seen as the "underlay", now it's time to take a look at the Tenant tab, the "overlay" where the EPGs are located. The "Tenant" tab of the APIC is as confusing as the Fabric tab, there is a multitude of objects to take care of, from the Application profile to the EPG and from the VRF to the Subnets, this cheat sheet will help you to Read more [...]
[Cheat Sheet] ACI – Fabric Access Policies
On 24 janvier 2020 by Benoit With 0 Comments - CISCO, Data Center
The second part of these Cheat Sheets series develops the relationship between the Access Policies and the EPGs of ACI.
The first look at this "Fabric" tab of the APIC can be confusing and it's normal, there is a multitude of objects to take care of, from the VLAN Pool to the Leaf interface profile, this cheat sheet will help you to better understand the big picture.
I included a step by step to help you configure your first access port and vPC.
The file is available here: ACI 02 - Fabric Access Read more [...]