Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
402
Views
1
Helpful
10
Replies

ACI APIC VMware VMM domain integration details for dynamic VLAN pool

Go to solution
alex_kross
Level 1
Level 1

‎12-23-2024 02:46 AM - edited ‎12-25-2024 10:51 PM

Hello,

Can anybody explain how an APIC deploys a VLAN configuration for existing port-groups from dynamic VLAN pool?

The question is for particular case when a vCenter already have:
- folder and VDS/DVS that exactly matches what APIC is going to deploy;
- port-group names matches corresponding tenant-application-EPG;
- VLAN ID for port-groups are in dynamic VLAN pool block ranges.

Case 1

An APIC cluster boots up from complete shutdown (all three nodes), while there are not any other APIC connected to a vCenter.
Does APIC take into account existing VLAN ID assignments or, conversely, it could randomly overwrite different VLAN ID for port-groups?
If it does overwrite, what possible reason for such behavior could be?

Please, do not elaborate on consequences of running a fabric without controlling APIC cluster, it's well documented.

If to overwrite is intendent behavior, then please explain following.

Case 2

One APIC cluster 1 is connected to the vCenter and is operating. At the same time another standalone APIC 2, having exactly the same configuration cloned from cluster 1, connects to the vCenter over in-band interface, but with different source IP address (no common infra for overlay-1 VRF).
Whether should the APIC 1 keep the connection, watch and fix any discrepancy reported from vCenter (event-driven by installed web hook).
If the APIC 1 falls into failed state, keeping connection or not, will it try to recover that state eventually?
What timings are for these FSMs?

Is there any way to force APIC fix connections and VLAN ID mismatches in one or few steps, without need to remove and add back VMM domain for every EPG?

Than you in advance.

1 person had this problem
Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Remi-Astruc
Cisco Employee
Cisco Employee

‎01-07-2025 09:34 AM

Hi @alex_kross ,

You are talking about a full APIC Cluster shutdown/network failure, not about a full APIC Cluster crash/reconfiguration, right?

Then, when the first APIC comes back up, it should re-synchronize itself with the Fabric and vCenter. The VLAN-IDs are kept as they stayed during the APICs failure and there is no re-deployment (otherwise an APIC cluster failure would be very harmful).

Regards

Remi Astruc

View solution in original post

0 Helpful
10 Replies 10

Go to solution
AshSe
Level 4
Level 4

‎01-02-2025 03:06 AM

Hello @alex_kross 

@alex_kross wrote:

 

The question is for particular case when a vCenter already have:
- folder and VDS/DVS that exactly matches what APIC is going to deploy;
- port-group names matches corresponding tenant-application-EPG;
- VLAN ID for port-groups are in dynamic VLAN pool block ranges.

I would advice VMM Integration first and no independant configuration (DVS, Port-groups, etc.) on vCenter Server prior to VMM Integration.

 

0 Helpful

Go to solution
alex_kross
Level 1
Level 1
In response to AshSe

‎01-02-2025 03:54 AM

@AshSe Thanks, but I've aroused these questions because of an incident, not a plan or design.

0 Helpful

Go to solution
AshSe
Level 4
Level 4
In response to alex_kross

‎01-07-2025 01:49 AM

@alex_kross  so I understand that you already have the VMM setup. Could you please tell me:

if VMM Integration was previously done or "APIC" and "VMM controller" were two separate entities?

 

0 Helpful

Go to solution
alex_kross
Level 1
Level 1

‎01-07-2025 02:22 AM

@AshSe "VMM controller" was an APIC, not any non-ACI controller, if I understand your question right.

0 Helpful

Go to solution
AshSe
Level 4
Level 4
In response to alex_kross

‎01-07-2025 02:31 AM

@alex_kross  VMM Controller =~ vCenter Server

0 Helpful

Go to solution
alex_kross
Level 1
Level 1

‎01-07-2025 02:52 AM - edited ‎01-07-2025 02:53 AM

@AshSe You are right, my misnomer in the previous post. Anyway I cannot get what do you mean by the question. 

0 Helpful

Go to solution
Remi-Astruc
Cisco Employee
Cisco Employee

‎01-07-2025 09:34 AM

Hi @alex_kross ,

You are talking about a full APIC Cluster shutdown/network failure, not about a full APIC Cluster crash/reconfiguration, right?

Then, when the first APIC comes back up, it should re-synchronize itself with the Fabric and vCenter. The VLAN-IDs are kept as they stayed during the APICs failure and there is no re-deployment (otherwise an APIC cluster failure would be very harmful).

Regards

Remi Astruc
0 Helpful

Go to solution
alex_kross
Level 1
Level 1

‎01-07-2025 11:23 PM - edited ‎01-07-2025 11:38 PM

@Remi-Astruc Pretty clear, thanks. Can you please share your knowledge "about a full APIC Cluster crash/reconfiguration". If I set up a new cluster, then load a configuration from crashed one using Import Type "replace" option, assuming that in-band works and APIC can connect to the vCenter properly, will this new APIC cluster (VMM domain) keeps previous VLAN ID to port-group mappings?

0 Helpful

Go to solution
Remi-Astruc
Cisco Employee
Cisco Employee

‎01-08-2025 09:08 AM

@alex_kross , assuming that the crashed cluster has no connection to vCenter, and that there has been no configuration change since the last config snapshot, I tend to think that the new APIC will retrieve inventory synchronization from the vCenter (or by triggering it manually from the VMM Controller object), and no impact would occur.

But that would need to be verified. On the other hand, keep in mind that you may have some other problems in your Fabric doing so (VXLAN IDs re-deployments, etc...).

Regards

 

Remi Astruc
0 Helpful

Go to solution
alex_kross
Level 1
Level 1

‎01-08-2025 11:09 PM

Thank you very much.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License