ACI BGP L3Out to VMs on vCenter

udo.konstantin · ‎03-10-2025

Hello,

in a given Multi-Pod fabric we had the following requirement:

Create a L3Out to two VMs which are on two different ESXi hosts. The ESXi hosts are on different Pods. The L3Out is created with SVI. And the encapsulation VLAN for SVI is used for tagging on vCenter / ESXi the distributed port-group.

Currently the two VMs on the VDS can't reach each other.

Q: is this a valid design option?

Udo

AshSe · ‎03-10-2025

Hey @udo.konstantin

Before validating your design; I would like to make sure that your design is understood clearly. Please check the diagram below, correct where ever required and label the diagram with respect to VLAN, SVI, tagging etc.:

PFA, slide to make changes.

BR-

AshSe

udo.konstantin · ‎03-31-2025

Hello @AshSe ,

sorry for the late response.
Your schema is nearly the same as our design except the switch symbol between router and vmware ESXi symbol. Because the VM (AVI Loadbalancer is connected to VDS). And also this LB is redunant and share n* VIPs.
But everything is working as excepecte. BGP Neighbor to VMs (Loadbalancer) and these propagate the VIPs into the fabric.

Thanks you for your diagram and help!

Best, Udo

AshSe · ‎04-01-2025

Hello @udo.konstantin

Your schema is nearly the same as our design except the switch symbol between router and vmware ESXi symbol. Because the VM (AVI Loadbalancer is connected to VDS). And also this LB is redunant and share n* VIPs.

Could you please explain this.

Also,

Do you have a single DPG (Distributed Port Group) or separate for each VM?

AshSe