Re: Cisco ACI 5.1 NSX-T integration

Frederik De Muyter · ‎01-15-2021

Hi,

Just read there is new integration available with NSX-T SDN controller from ACI version 5.1.

Cisco ACI and VMware NSX-T Data Center Integration - Cisco

Besides this there is not a lot of information available for this. Is there any good reference architecture for the combination NSX-T and ACI. My personal opinion would be choose one or the other to reduce complexity.

Main purpose at customer site is now micro-segmentation is done via NSX-T.

Any reference articiles info would be good.

Sergiu.Daniluk · ‎01-15-2021

Hi @Frederik De Muyter

There is the one from VMware. Find it attached.

Stay safe,

Sergiu

Frederik De Muyter · ‎01-15-2021

Hi,

thank you already had that one. The new version 5.1 realy integrates the NSX-T controller. If my understating is correct this actually pushes aci objects to NSX-T. For example EPG --> to Segment in NSX-T.

Could it be that this approach uses VLAN backed transport zones on NSX-T.

Approach 1: (i am intrested in this also)

This means ACI handles the networking while NSX provides distributed firewall functionality. Until recently, the single overlay design was the most frequently implemented architecture of NSX on ACI.

Approach 2: (this is what the document from vmware is talking about)

The other method is utilizing a double overlay. ACI would provide an overlay and security for workloads not being managed by NSX-T. NSX-T runs on top of the ACI fabric but has its own overlay for networking while using ACI's overlay as the transport. NSX-T then peers with ACI using BGP or static routes by connecting the NSX Edge to an ACI border leaf. This peering allows the enterprise network to access NSX-T resources through the ACI fabric.

marinfer · ‎08-02-2021

This video should help you as well. It leverages VLAN-based transport zone on NSX-T for the virtual networking integration in ACI.

Mayday05 · ‎08-05-2021

Hi，Just read Cisco ACI and VMware NSX-T Data Center Integration - Cisco

Q1: Is it right that currently the integration only supports vlan based connectivity. Connections based on VXLAN are not suppported?

or is already supports.

Q2: How long is it expected to support, do you know ?

tawa-ndafa · ‎08-14-2021

How we deployed it: We had L3out with BGP peering to NSX-T Tier 1 routers. ACI would act as transit to the Core Routers.

udo.konstantin · ‎03-11-2022

Hi @Sergiu.Daniluk ,

it seems to be to document is only for NSX-V. Maybe there is anything like this for NSX-T.

BR

Udo

Sergiu.Daniluk · ‎03-11-2022

HI,

There are some links and youtube videos referenced above.

Cheers,

Sergiu

Mayday05 · ‎08-05-2021

Hi，Just read Cisco ACI and VMware NSX-T Data Center Integration - Cisco

Q1: Is it right that currently the integration only supports vlan based connectivity. Connections based on VXLAN are not suppported?

or is already supports.

Q2: How long is it expected to support, do you know ?

Gomez · ‎08-06-2021

Hi Mayday,

the integration works the same as normall VMM integration so inside the fabric it will be VXLAN transport. The transport nodes will not use Genève as an underlay and You will have no edge nodes on NSX-T side. So you will only use firewall part off NSX-T but this is the Main raison people buy IT i guess.

ACI network team manages the networks and not the vmware team. Starting from NSX-T 3.0 EVPN is also supporter on edge nodes using vrf lite.

https://nsx.ninja/index.php/NSX-T_EVPN_North/South_routing_with_NX-OS_EVPN-based_Datacenter_fabric

But this is for another use case.

Hope this info can help You and i would say try It out in a lab that is what I did.

Frederik

Mayday05 · ‎08-10-2021

thanks ，what i means is whether the latst apic support create the overlay type transport zone witn nsx-t。 the 5.1 version is not support。

udo.konstantin · ‎03-11-2022

Hello, does anyone know if VCF is supported while integrating NSX-T into ACI?