Posts Tagged: aci

ACI | Network 172.17.0.0/16 unreachable from APIC

Some days ago I had to configure a radius server on an APIC cluster. This server was addressed in the 172.17.0.0/16 range and it worked well for the spines and leaves of the fabric but not for any APIC of the cluster. From the APIC, we had the "unreachable" faults: From the CLI, the problem seemed more clear: APIC1# bashadmin@APIC1:~> ping 172.17.1.50PING 172.17.1.50 (172.17.1.50) 56(84) bytes of data.From 172.17.0.1 icmp_seq=1 Destination Host UnreachableFrom 172.17.0.1 icmp_seq=2 Destination Read more [...]

[Cheat Sheet] ACI – Contracts

This week I detail the Contracts inside ACI, allowing to filter the traffic between endpoints, like an ACL would do in a classic network. In this document, I describe the VRF default behaviors and how we can improve the filtering with the Contracts. How the contracts are working inside ACI, the object model and some example of configurations and their effect (Reverse Filter Ports, Apply Both Directions...). The file is still in progress, but I think the information is already ready to be shared Read more [...]

ACI 05 Contracts

Contracts inside ACI.

In this cheat sheet, you will find summarized information about the contracts inside ACI.
The document is still to be completed with a lot more information in the coming days.

[Cheat Sheet] ACI – L3out

This week I detail the L3out object of ACI, allowing routed connectivity to external networks. In this document, I describe the objects and their relationships, present the most common designs, gateway redundancy and there is also a step by step configuration guide. The file is available here: ACI 04 - L3out. PS: The other files of this series can be found here: ACI 01 - The Basics. ACI 02 - Fabric Access Policies ACI 03 - The Tenants Read more [...]

ACI 04 L3out

Layer 3 Outside (L3out) for Routed Connectivity to External Networks.

In this cheat sheet, you will find summarized information about the routed connectivity to external networks with ACI, the Object model, Design, Gateway redundancy and step-by-step configuration (a simple design as well as Inter-VRF Leaking with Shared L3out in Common tenant).