Re: ACI Fabric Routing

fatalXerror · ‎11-15-2022

Hi Guys,

New here in ACI, I am getting confused about the routing happening inside he ACI fabric. I believed once we initialized each switches and the APIC, it will automatically setup the VTEP, IS-IS, VXLAN, etc. The question now is,

Will the BGP between leaf and spine be automatically configured as well?
What is the purpose of the BGP between the leaf and spine if there is already an IS-IS to reach the VTEP IPs?

Thank you so much.

Sergiu.Daniluk · ‎11-15-2022

Hi @fatalXerror

I believed once we initialized each switches and the APIC, it will automatically setup the VTEP, IS-IS, VXLAN, etc.

That is correct, APIC will automatically configure automatically the fabric VTEPs, IS-IS and VXLAN related config

Will the BGP between leaf and spine be automatically configured as well?

It will be automatically configured, but you have to manually configure the BGP Route Reflectors.

What is the purpose of the BGP between the leaf and spine if there is already an IS-IS to reach the VTEP IPs?

The ACI fabric uses multi-protocol BGP (MP-BGP) and, more specifically, iBGP VPNv4 between leaf and spine nodes to exchange tenant routes received from external routers (connected on L3Outs). To avoid a full mesh iBGP peer topology, that's why you have to configure the RRs.

Additionally, if you have a multi-pod setup, BGP EVPN is used to synchronize EPs information between spines in different pods.

Hope it helps,

Sergiu

fatalXerror · ‎11-15-2022

Hi @Sergiu.Daniluk , thank you for your feedback, it is really helpful.

Just a follow up question though,

What is the purpose of the Route Reflectors for ACI?
So the BGP in ACI is for communication between one tenant to another because each tenants have its own VRF? Am I correct?
Related to item number 2, if I have only one tenant, the use of BGP is only for my L3out link?
For the inter-site communication, since it uses BGP EVPN, where does the BGP terminates? Spine-to-Spine of each sites?

Thank you so much for the help. Really appreciated it.

RedNectar · ‎11-15-2022

Hi @fatalXerror ,

In addition to @Sergiu.Daniluk 's excellent explanation, try reading this response I gave to a similar question a few years back. It's my most popular answer to date

https://community.cisco.com/t5/application-centric-infrastructure/mp-bgp-is-is-coop/m-p/3063789#M3075

As for the other points you ask about:

1. What is the purpose of the Route Reflectors for ACI?

The Route Reflectors (RRs) are for BGP. If you understand how iBGP works, you'll understand how RRs simplify iBGP connecivity because each iBGP router (=Leaf Switch in ACI) needs only to know how to communicate with the RRs. Without RRs, each iBGP router (=Leaf Switch in ACI) needs to know how to communicate with EVERY OTHER iBGP ROUTER

In ACI, the only configuration of the RRs you need to do is tell ACI which of your spine switches will be RRs, and what Autonomous SYstem number you want to use. Since most ACI installs have only 2 spines, and you configure 2 RRs, the choice of which spines to use is a no-brainer.

2. So the BGP in ACI is for communication between one tenant to another because each tenants have its own VRF? Am I correct?

No. See the link I posted above

3. Related to item number 2, if I have only one tenant, the use of BGP is only for my L3out link?

Correct. The use of BGP is ONLY required if you have a L3Out

4. For the inter-site communication, since it uses BGP EVPN, where does the BGP terminates? Spine-to-Spine of each sites?

Yes. Each site runs its own BPG topology with its own ASN (Autonomous System Number)

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.