06-25-2016 05:56 AM - edited 03-01-2019 04:59 AM
Hi All,
I am in process of evaluating Nexus 9k for my Data Center. Need expert opinion from my friends on considerations for ACI w.r.t network and Infrastructure as we have IBM chassis, Hyper V and VMware in our DC.
Cheers
06-26-2016 07:08 AM
Hi All,
Please assist
Cheers
06-26-2016 07:41 AM
Hello
what exactly are you looking for. Do you have any specific questions?
06-26-2016 10:06 AM
Hi,
I am in process of evaluating Nexus 9k for my DC. I have come across 2 flavours of Nexus i.e. Nexus OS and ACI. I need to know what are basis network or infrastructure needs that must be fulfilled before selecting ACI.
Cheers
06-26-2016 10:11 AM
I can direct you towards the ACI Fundamentals guide for information on ACI. It's a software define network solution based on the n9k.
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals.html
06-29-2016 04:09 PM
are you going to use it to restrict network access between subnets? It's not possible to map traditional network access-lists or firewalls security policies to cisco aci security model, so test it before making decision.
For example if you want to open access from some subnet to any external network (0.0.0.0/0), you can't just connect 0.0.0.0/0 external epg to your contract, you need connect all nested external epgs. So it's need to use some automation tool to link all nested epgs to contracts and then to track all created and deleted epgs to link and unlink after any changes. But you can imagine how it will affect tcam usage: if you have 100 nested consumers epg in some source subnet, and 10 nested provider epgs in some destination network, and you have contract with 4 filters then it will consume 10 * 100 * 4 = 4k from TCAM. And the total TCAM is 32k :)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide