04-06-2018 10:45 AM - edited 03-01-2019 05:30 AM
I have a question on ACI VLAN usage pertaining to physical domains
I know the vlan is one of the means to associate traffic to an EPG. When a VLAN is used on a switch to associate traffic to an EPG, the vlan cannot be used elsewhere on the switch to associated traffic to a second EPG (where per port VLANs is not enabled).
Can the same vlan be used on a second switch for a second EPG. Where the port is part of the same physical domain / vlan group where the vlan is associated? Or does the vlan reuse have to be part of second vlan group and physical domain?
Thank You,
Dan Laden
Solved! Go to Solution.
04-06-2018 05:35 PM - edited 04-06-2018 05:36 PM
Hi Dan,
To answer your question:
Can the same vlan be used on a second switch for a second EPG. Where the port is part of the same physical domain / vlan group where the vlan is associated? Or does the vlan reuse have to be part of second vlan group and physical domain?
The simple answer is: Yes, it is perfectly possible to use the same VLAN ID to represent different EPGs so long as the EPs are attached to different leaf switches, even if the EPGs are associated with the same Physical Domain and same VLAN Pool.
In fact, I run one of my lab exercises precisely like this to illustrate the point. VLAN 1011 is used to identify a WebServer EPG when connected to Switch101, and VLAN 1011 is used to identify an AppServer EPG when connected to Switch102. I generally explain that you would probably never do this is real life, but now I'll have to add your story as the exception!
I hope this helps
Don't forget to mark answers as correct if it solves your problem. This helps others find the correct answer if they search for the same problem
04-06-2018 05:35 PM - edited 04-06-2018 05:36 PM
Hi Dan,
To answer your question:
Can the same vlan be used on a second switch for a second EPG. Where the port is part of the same physical domain / vlan group where the vlan is associated? Or does the vlan reuse have to be part of second vlan group and physical domain?
The simple answer is: Yes, it is perfectly possible to use the same VLAN ID to represent different EPGs so long as the EPs are attached to different leaf switches, even if the EPGs are associated with the same Physical Domain and same VLAN Pool.
In fact, I run one of my lab exercises precisely like this to illustrate the point. VLAN 1011 is used to identify a WebServer EPG when connected to Switch101, and VLAN 1011 is used to identify an AppServer EPG when connected to Switch102. I generally explain that you would probably never do this is real life, but now I'll have to add your story as the exception!
I hope this helps
Don't forget to mark answers as correct if it solves your problem. This helps others find the correct answer if they search for the same problem
04-20-2018 04:02 AM
Interesting... official cisco course DCVAI says otherwise, and I was wondering if it was wrong when I found this thread.
From the guide:
In the example, the bare-metal server is connected to the leaf and must be associated with a VLAN that has local significance. It is used to associate the traffic with an EPG. If the bare-metal server A on Leaf 101, port Ethl/10 needs to be plugged into EPG-WEB, you need to specify a binding to port Eth1 /10, VLAN A, with the native mode. The mode keyword "native" indicates that the port is an access port and not a trunk.
The VLAN A number has local significance on the leaf. A VLAN number is valid as long as it is different from the number for VLAN B that is used to associate Leaf 102, port Ethl/10 with EPG-APP. It also has to be different from VLAN C that is used to associate Leaf 103, port Ethl/10 with EPG-DB.
04-20-2018 08:01 PM
I don't know the DCAVI course, but the wording you quoted
The mode keyword "native" indicates that the port is an access port and not a trunk.
suggests that it is based on a VERY old vesion of ACI. Possibly older than v1.0, where the reference to "native" VLAN access was changed to "802.1P" access.
04-21-2018 03:33 AM
Even if the words say "native", the screen captures along it show Tagged/Untagged/802.1p mode options. Course is based on 2.x AFAIK.
04-30-2018 03:38 PM
"Yes, it is perfectly possible to use the same VLAN ID to represent different EPGs so long as the EPs are attached to different leaf switches, even if the EPGs are associated with the same Physical Domain and same VLAN Pool."
I have had this confirmed.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide