cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6553
Views
10
Helpful
7
Replies

[ASK] Forwading Packet in ACI

williammanurung
Level 1
Level 1

Hi,

 

I am newbie on ACI , is there any document about forwarding packet in ACI?

The basic workflow in ACI, like traffic between EPG to another EPG including Encapsulation on the packet.

 

or

anyone can explain in deep how the traffic flow in ACI with the circumstance below:

 

1.The traffic two endpoint with One BD, One EPG and attach on same Leaf

 

2.The traffic two endpoint with One BD, One EPG and attach on different Leaf

 

3.The traffic two endpoint with One BD, Two EPG, and attach on same Leaf

 

4.The traffic two endpoint with One BD, Two EPG, and attach on different Leaf

 

5.The traffic two endpoint with Two BD, Two EPG, and attach on same Leaf

 

6.The traffic two endpoint with Two BD, Two EPG, and attach on different Leaf

 

 

7 Replies 7

Jayesh Singh
Cisco Employee
Cisco Employee

Hi @williammanurung,

There is an amazing Cisco live session explaining the ACI packet forwarding in depth.

Mastering ACI Forwarding Behaviour – A Day in the Life of a Packet

 

If you want to go too deep there is a troubleshooting technote, however, I would suggest going through that Cisco Live session, it will answer most of your question on ACI forwarding.

EX Hardware: ACI Packet Forwarding Deep Dive

 

Regards,

Jayesh

***Rate all posts that are helpful. Mark it as a solution if it solves your problem, it might help other users who have the same query.***

Hi,

 

I would also recommend the ACI Fabric Endpoint Learning White Paper

 

Regards.

Hi @HelenaC 

 

Thanks for your reply, but I have been read it and still don't get it what i want.

Hi @Jayesh Singh  

 

Thanks for your information.

Hi @Jayesh Singh  

 

I have some question on  your advice before (Mastering ACI Forwarding Behaviour – A Day in the Life of a Packet),

 

 

Let take a look on Page 16,  on the field VxLAN.

What the information on VxLAN Field? is it VxLAN has VRF? Or BD VNID?
When we using VxLAN VRF and when we using BD VNID?
Page 16.PNG

 

 

 

Based on this capture.

The scenario 3 exist, If the ARP Flooding set to Disable and Unicast Routing Set to Enable on BD Configuration.

The Scenario 4 Exist, If the ARP Flooding set to Enable.

Am I Wrong? Please correct me.
Page 18.PNG

 

RedNectar
VIP
VIP

Hi williammanurung,
I thought about replying, but I really could not do a better job then the Cisco Live presentation that Jayesh mentioned (Mastering ACI Forwarding Behaviour – A Day in the Life of a Packet) but let me know if you can't access the presentation and I'll see what I can do.

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.

Dear,

 

I thought this link will consistent with your requirements: https://www.cisco.com/c/en/us/support/docs/cloud-systems-management/application-policy-infrastructure-controller-apic/213346-ex-hardware-aci-packet-forwarding-deep.html

 

In theory, the main concepts of ACI using VXLAN to forward packet within fabric are:

1. All spines, leaves in ACI have its own VTEP address (just like a Loopback address) => This information will be used to leaves can connect together.

2. The routing information to one leaf reach VTEP will be distributed through IS-IS.

3. Packet from Endpoint go to Leaf => Leaf will classify the packet into EPG based on configured at APIC (VLAN, interface, IP address...) and look up its database (ie. Local Enpoint, Global/Remote Endpoint, learned from Endpoint Learning process). The lookup result also help leaf decide the packet is local forwarding (EPG on the same leaf) or forwarding throught fabric (EPG on different leaf). In case of forwarding thought fabric, leaf decides which remote leaf will be used to reach remote endpoint. In addition, the contract will be applied if the result showing up the different EPGs forwarding.

4. Ingress leaf do encapsulation:

- VXLAN that contain the information describing about EPG, BD that packet belong to (this information is useful for egress leaf can classify packet to EPG)

- UDP header, contaning an information to describe upper layer is using => this case, we're talking abt VXLAN => UDP port = 4789.

- VTEP address - Layer 3 header, containing the information to leaf can send traffic directly to egress leaf

- MAC address - Layer 2 header, just like an traditional network.

5. Egress leaf do decapsulation:

- Based on VXLAN ID (VNID), egress leaf can classifying packet into EPG, BD, and look up the local database to decide whether or not the bounce entry or local endpoint => The behaviour will be processed based on the lookup result: forwarding to another leaf if bounce entry has been determined or remove VXLAN header + forwarding to local endpoint if local endpoint determined.

 

About details processes for each cases, you can refer the above link I pasted.

 

Please correct me if have any problems.

 

Thanks & Brgs,

 

Thinh Cao Minh

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License