Solved: Re: AVE VLAN Range Role

NDP · ‎04-01-2018

currently migrating Network to AVE

while creating VLAN Pools required for AVE, created one pool with dynamic allocation. but, Cisco advised us to create two different VLAN ranges in the pool

(i) Vlan Internal

(ii) External or on Wire encapsulation

If AVE is configured in VxLAN mode, Do we really require two different VLAN ranges.

I believe We need : External VLAN range when We deploy AVE in VLAN Mode

Thanks in advance

micgarc2 · ‎04-09-2018

If AVE is deployed in VXLAN mode only the internal VLAN pool is necessary.

See here:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/aci_virtual_edge/installation_upgrade/1-x/b_Virtual_Edge_Installation_Guide_1_1_1/b_AVE_Installation_Guide_X_chapter_011.html

-Michael G.

View solution in original post

micgarc2 · ‎04-09-2018

If AVE is deployed in VXLAN mode only the internal VLAN pool is necessary.

See here:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/aci_virtual_edge/installation_upgrade/1-x/b_Virtual_Edge_Installation_Guide_1_1_1/b_AVE_Installation_Guide_X_chapter_011.html

-Michael G.

drozic · ‎08-21-2018

Hi,

how big should the internal VLAN pool be? What does it depend on and how is it used?

Would be nice if you could explain it or point me towards the documentation where it is explained.

Thanks in advance.

Best regards

micgarc2 · ‎08-22-2018

The internal VLAN pool is used for private VLAN allocations in the internal vSwitch by the AVE. These VLANs are not seen outside the ESX host or on the wire. As far as how big I would make the pool size, that would be depending on how big your environment is. That pool is only for internal switching. It will never leave the ESX host. They belong to the inside leg of the AVE.

AVE is a VM that is running on the native distributed virtual switch. It has an inside leg for isolated PVLAN port groups (these would be used for EPGs, web,app,db port-groups for ex.). The outside leg is a trunk interface that connects through the physical NIC of the ESXI host and to the ACI leaf.

We will use the outside interface when we need to talk outside of the AVE. This is where you either define VLAN Mode or VXLAN Mode.

So for VXLAN mode there will be a VTEP and VXLAN tunnel that goes to the ACI fabric. The advantage of this is that it would prevent you from having to trunk every single VLAN to every single host, you would just use the infra VLAN in ACI to accomplish this.

drozic · ‎08-22-2018

> As far as how big I would make the pool size, that would be depending on how big your environment is.

> It has an inside leg for isolated PVLAN port groups (these would be used for EPGs, web,app,db port-groups for ex.)

Those are the points I'm trying to figure out.

The size of the environment, by that, do you mean the number of tenants or the number of EPGs? I want to know how'll those vlans be "consumed".

micgarc2 · ‎08-22-2018

So the EPG is equal to a port-group when you are doing VMM integration. It does not make a difference which tenant it is in as far as how we push the port-group. Each EPG will map to a port-group which is pushed onto the distributed switch when you tie the VMM domain to the EPG. The internal VLAN pool on for the AVE config maps to the isolated PVLAN port-groups. A good practice would be to make a range that equals the amount of EPGs you have and account for each port-groups getting two VLANs (primary and secondary). For example, if you use an internal pool of VLANs 360-400, one port-group will get a set of two VLANs (VLAN 375 for primary and VLAN 376 for secondary) from that range.

Screen Shot 2018-08-22 at 7.00.04 PM.png

If you use VLAN mode then you would need an extra external pool (External or On wire traffic encapsulation) for traffic destined to the leaf since you will not be using the infra VLAN/VXLAN option. For VXLAN mode only the internal VLAN pool is needed.

Hope this helps,

Michael G.

drozic · ‎08-22-2018

Yes that makes it clear. Thank you very much.

Best regards