06-30-2024 11:09 PM
Why starting from APIC ver 5.x L4-L7 Services Tab removed?
What is the impact of this on Services Graph configuration?
Solved! Go to Solution.
07-02-2024 12:19 AM
Yes, any network service device (FW, LB, IPS, L1/2/3, ...) can be inserted in a Service Graph. Read the Service Graph Design document for more information.
Previously, Device Packages aimed to additionally configure the L4-L7 device from ACI, but that was complex, non-exhaustive and benefit was limited.
Today, if you still want a tight management interaction between ACI and your L4-L7 device, you can find some tools supporting such integration. However many Service Graph deployments don't rely on such integration.
Regards
07-01-2024 05:43 AM - edited 07-01-2024 05:44 AM
Hi @AshSe ,
The L4-L7 Services Tab was used in pre-5.x versions for Managed Mode integration. That mode has been deprecated and is not available since then.
The Service Graph configuration is now fully implemented into the Tenant subtree.
Regards
07-01-2024 05:22 PM
Hi Remi,
So installing Device package option is now removed starting v5.x and is integrated in Services, could you tell me:
07-02-2024 12:19 AM
Yes, any network service device (FW, LB, IPS, L1/2/3, ...) can be inserted in a Service Graph. Read the Service Graph Design document for more information.
Previously, Device Packages aimed to additionally configure the L4-L7 device from ACI, but that was complex, non-exhaustive and benefit was limited.
Today, if you still want a tight management interaction between ACI and your L4-L7 device, you can find some tools supporting such integration. However many Service Graph deployments don't rely on such integration.
Regards
07-05-2024 04:28 AM
What I understand is:
Please correct/support my above understanding.
PFA, APIC v4.2 and v5.2 screenshot for Services folder.
07-07-2024 11:23 PM
In addition to my above understanding,
The "Managed" option is removed from the Device creation in APIC starting with version 5. Hence, now we need to configure ASAv, etc. separately and cannot manage or configure them from APIC.
If I am correct, then this change in the APIC version looks absurd to me, and I would appreciate if someone could justify this stand of the Cisco ACI development team.
07-07-2024 11:29 PM
07-08-2024 12:19 AM
Correct.
Regarding the reasons, I stated them above in the thread.
Regards
07-08-2024 03:39 AM
In APIC v3.x and ASAv Goto Mode; I have witnessed failure in auto associating ASAv interfaces with the shadow EPG. Do you foresee any such issue with respect to APICv5.x and vCenter 7.0.0?
Would appreciate a response from your practical experience.
07-08-2024 05:11 AM
I cannot formerly answer, but I strongly recommend upgrading your Fabric v3.x which is very old and being obsolete. You can expect many behavior enhancements.
Mark the topic as solved if your initial question was answered.
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide