Posts Tagged: aci

HowTo Parse log records of ACI APIC

Every time I have to search for something inside the Event menu of the Cisco APIC, I'm complaining about the lack of search options... That's why I developed this Python script to parse everything easily and quickly. Read more [...]

What are the Endpoint Security Groups (ESGs) of ACI ?

You should have noticed the release 5.0(1) of Cisco ACI last week, it introduces a few new features among which we can find the Endpoint Security Groups (ESGs). Read more [...]

ACI | APIC unreachable after PCIe NIC card replacement

Following a hardware issue on a Cisco APIC, we had to replace the PCIe NIC card of the server (based on Cisco UCS). And as you may also encounter if you are reading this, it wasn't straight forward :) The initial problem was that the Eth2-1 and Eth2-2 ports went down after a few hours after each reboot, and that's a problem in an active APIC cluster... we decided to replace this APIC by the standby one in order to maintain a stable cluster of 3x APICs, before replacing the card. How to replace Read more [...]

ACI | Network unreachable from APIC

Some days ago I had to configure a radius server on an APIC cluster. This server was addressed in the range and it worked well for the spines and leaves of the fabric but not for any APIC of the cluster. From the APIC, we had the "unreachable" faults: From the CLI, the problem seemed more clear: APIC1# bashadmin@APIC1:~> ping ( 56(84) bytes of data.From icmp_seq=1 Destination Host UnreachableFrom icmp_seq=2 Destination Read more [...]

[Cheat Sheet] ACI – Contracts

This week I detail the Contracts inside ACI, allowing to filter the traffic between endpoints, like an ACL would do in a classic network. In this document, I describe the VRF default behaviors and how we can improve the filtering with the Contracts. How the contracts are working inside ACI, the object model and some example of configurations and their effect (Reverse Filter Ports, Apply Both Directions...). The file is still in progress, but I think the information is already ready to be shared Read more [...]