Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2312
Views
0
Helpful
3
Replies

ACI-Access list and Multicast configuration

rajib.das1
Level 1
Level 1

‎10-09-2017 12:21 PM - last edited on ‎03-25-2019 01:21 PM by Community Manager

Hello Friend,

 

I have following queries related to the ACI, Can you please help me out by answering those queries.

 

1. If access list are configured in the vlan interface with permit/deny statement in the legacy network how those can be replicated in the form of contarct  as no source and destination IP can be mentioned in the filters.

 


2. If I need to configure multicast for some set of subnets in the aci for those working in PIM-Sparse mode with DHCP relay and HSRP in VLAN interfaces  in the legacy network. How can we configure by step by step.

 

I can find two options : Enabling multicast in BD or in the VRF level. Which one should I go for and what is the difference?

 

Thanks,

Rd

 

Labels:
0 Helpful
3 Replies 3

nvermand
Cisco Employee
Cisco Employee

‎10-11-2017 01:34 PM

Hi,
1. You'll to do a bit of re-design since contracts cannot be mapped 1:1 to ACL. It's much more subtile than that. As you've already notices, contracts are applied to EPG, which is a group of endpoints, abstracting IP and VLAN constructs
2. If you're using the fabric as a multicast transit only, then you don't have to configure the fabric to act as a PIM router, but just as a transport network. Can you elaborate a little bit?

Regards,

Nicolas
0 Helpful

rajib.das1
Level 1
Level 1
In response to nvermand

‎12-28-2017 06:03 AM

Hello Nicolas,

 

Thanks for your reply.

 

In the legacy environment we have some svi with multicast enabled. Below there is one example of one of the SVI. access list is configured in svi interface. We will configure BD & epg corresponding to each vlan (network centric migration) in ACI environment.

 

My query is how to replicate the access list configured for multicast in legacy to the ACI environment. ========================================================================

 

RP address is configured in legacy.

 

interface Vlan90
ip access-group ACL-90
no ip redirects
ip address 192.168.90.1/24
ip pim sparse-mode

 

 

IP access list ACL-90
10 deny ip 192.168.10.0/24 226.0.0.0/4
20 deny ip 192.168.20.0/24 226.0.0.0/4
30 deny ip 192.168.30.0/24 226.0.0.0/4
40 deny ip 192.168.40.0/24 226.0.0.0/4
50 permit ip any any

 

========================================================================

0 Helpful

rajib.das1
Level 1
Level 1
In response to rajib.das1

‎12-29-2017 04:25 PM

Anyone can advise any solution for the above ?

 

Thanks..Rd

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License