ACI vs NX-OS/IOS Take 2

visitor68 · ‎04-24-2020

The first time I posted this question it was marked as spam...have no idea why...reposting

Folks, I have not been able to attend an ACI class yet, but I have been doing some reading. For the purpose of just getting a foundational understanding, I would like to ask a favor.

In IOS or NX-OS, we can do some basic configurations in the manner shown below. Can someone show me how we can do this very simple, basic config with ACI? ACI can map many EPGs to many BDs and they can map to a VRF...bla bla bla...whatever ... can someone show me/explain to me please?

create a VLAN

(conf-t)# vlan 2

Put an access port in a vlan

(conf-t)# int g10/0

(conf-t-int)# switchport mode access

(conf-t-int)# switchport access vlan 2

(conf-t-int)# no shut

Create an SVI for the vlan

(conf-t)# int vlan 2

(conf-t-int)# ip address 10.10.10.2 255.255.255.0

(conf-t-int)# no shut

Sergiu.Daniluk · ‎04-25-2020

Hello @visitor68

There are a couple of things which are different in ACI compared with the classical NX-OS and one of the how bound vlans to interfaces. For this purpose, I will make some assumption:

+ Access Policies are configured properly

+ Vlan 2 is part of the VLAN pool associated to the phy domain associated to the AAEP associated to the interface policy group... If I lost you here, do no worry, I will share a couple of resources which can help you in the learning process.

Now coming back to your questions:

create a VLAN

APIC will provision the VLANs when they are used. You cannot really configure a vlan and that's all.

Put an access port in a vlan

You do that from the Tenant > App Profile > EPG > right click on Static Ports > Deploy Static EPG on... > Mode: Access (untagged)

Create an SVI for the vlan

You mentioned "ACI can map many EPGs to many BDs". Actually, you can map an EPG to only one single BD. So EPG <-> BD is many-to-one. Why is that? Because in ACI the BD represents the layer 2 broadcast boundary, opposed to the VLAN in traditional networking. So naturally, the SVI is configured in the BD:

Tenant > Network > BD > Policy Tab > L3 Operations Subtab > Subnets

Now if you want to learn ACI the easy way, here are a couple of resources I would recommend, and all of them are ciscolive presentations (free to watch): https://www.ciscolive.com/

Beginner level:

1. BRKACI-1000 Introduction to ACI (1h05)

2. BRKACI-1001 Your First Seven Days (1h35)

3. BRKACI-2004 How To Setup An ACI fabric from scratch

Intermediate level:

1. BRKACI-2003 Cisco ACI Multi-Pod Design and Deployment (1h28)

2. BRKACI-2125 ACI Multi Site architecture (2h)

Advanced level

1. BRKACI-3545 Mastering ACI Forwarding (1h31)

This is enough for a full weekend. ^_^ make sure you watch the latest year possible, because you will see more recent supported features etc.

Note: If you watch all of these videos you will have a very good understanding of ACI as a technology, without going into specialized topics (integrations, virtualization, L4L7, automation, cloud etc).

Hope it helps and have fun!

Cheers,

Sergiu