05-02-2024 07:10 AM
Hi, we have replaced a Core switch (6500-VSS) that was connected to the ACI Border leafs. The new core SW is 9500 virtual-stack wise that connects to the same border leafs but on different ports/vpc. We have several EPG extensions that use static port-mappings pointing to the NewCores. Now I have a task to delete all the static port mappings on the EPGs that pointed to the Old Cores.
If I straight-away delete the OldCore physical-domain, that should automatically delete all those static port mappings also IMO. I wanted to check if this is the correct way and anything that I should be aware off?
Solved! Go to Solution.
05-02-2024 02:03 PM
Hi @SandevChopra07800 ,
@SandevChopra07800 wrote:
If I straight-away delete the OldCore physical-domain, that should automatically delete all those static port mappings also IMO. I wanted to check if this is the correct way and anything that I should be aware off?
Sorry - it doesn't work like that. If you "delete the OldCore physical-domain" then any EPG with a static port mapping under the EPG will remain. You'll need to remove those static mappings manually.
In fact, when you delete the OldCore physical-domain, the EPGs that require that physical domain will show "Invalid VLAN" errors.
Actually, that statement above is not quite true, the the whole truth is complicated - but here it is
IF the access-policy-chain containing the ports/VPCs for the static mappings you want to remove AND this access-policy-chain does not have any other Physical Domain in the chain (i.e. another Physical domain linked to the OldCore AAEP - let's call it NewCore Physical Domain for illustration) AND the EPGs don't have physical domain associations to both OldCore and NewCore physical domains THEN the EPGs that require that physical domain will show "Invalid VLAN" errors ENDIF |
You can probably safely ignore that box above!!
But at the end of the day, you are going to have to remove the static mapping manually, BUT after you've removed the OldCore physical-domain, you'll PROBABLY be able to find which EPGs need the static mappings because they will be showing "Invalid VLAN" errors
05-02-2024 02:03 PM
Hi @SandevChopra07800 ,
@SandevChopra07800 wrote:
If I straight-away delete the OldCore physical-domain, that should automatically delete all those static port mappings also IMO. I wanted to check if this is the correct way and anything that I should be aware off?
Sorry - it doesn't work like that. If you "delete the OldCore physical-domain" then any EPG with a static port mapping under the EPG will remain. You'll need to remove those static mappings manually.
In fact, when you delete the OldCore physical-domain, the EPGs that require that physical domain will show "Invalid VLAN" errors.
Actually, that statement above is not quite true, the the whole truth is complicated - but here it is
IF the access-policy-chain containing the ports/VPCs for the static mappings you want to remove AND this access-policy-chain does not have any other Physical Domain in the chain (i.e. another Physical domain linked to the OldCore AAEP - let's call it NewCore Physical Domain for illustration) AND the EPGs don't have physical domain associations to both OldCore and NewCore physical domains THEN the EPGs that require that physical domain will show "Invalid VLAN" errors ENDIF |
You can probably safely ignore that box above!!
But at the end of the day, you are going to have to remove the static mapping manually, BUT after you've removed the OldCore physical-domain, you'll PROBABLY be able to find which EPGs need the static mappings because they will be showing "Invalid VLAN" errors
05-02-2024 02:26 PM
Not an ideal situation Chris Welsh, but looks like will have to take the longer route. I wish there was some sort of error thrown when you try to delete the physical domain, that it is tied to these many EPGs and wont let you delete it. You sometimes get stumped with ACI when you encounter such kind of things. Will let you delete the phy-domain but now now you need to go figure out yourself and fix the errors. It should not let you delete it in the 1st place then.
05-03-2024 02:26 AM
Hi @SandevChopra07800 ,
The idea that something shouldn't be able to be deleted while there are things associated with it can bite you sometimes, but I appreciate your frustration.
Perhaps the following may help. It will list all of the EPGs that have a particular physical domain associated with it. Well, at least include the dn of the EPG, which will point you to the EPG.
apic1# bash
user@apic1:~> PhysDom="OldCore_PhysDom" ;#substitute the actual name of your Physical Domain if it is NOT OldCore_PhysDom
user@apic1:~> icurl -s http://localhost/api/node/class/fvRsDomAtt.json | jq .imdata[].fvRsDomAtt.attributes.dn | egrep ${PhysDom}
"uni/tn-Tenant17/ap-3Tier_AP/epg-AppServers_EPG/rsdomAtt-[uni/phys-OldCore_PhysDom]"
"uni/tn-Tenant17/ap-3Tier_AP/epg-DBServers_EPG/rsdomAtt-[uni/phys-OldCore_PhysDom]"
"uni/tn-Tenant17/ap-3Tier_AP/epg-WebServers_EPG/rsdomAtt-[uni/phys-OldCore_PhysDom]"
"uni/tn-Tenant17/ap-2Tier_AP/epg-AppServers_EPG/rsdomAtt-[uni/phys-OldCore_PhysDom]"
"uni/tn-Tenant17/ap-2Tier_AP/epg-WebServers_EPG/rsdomAtt-[uni/phys-OldCore_PhysDom]"
"uni/tn-Tenant18/ap-2Tier_AP/epg-AppServers_EPG/rsdomAtt-[uni/phys-OldCore_PhysDom]"
"uni/tn-Tenant18/ap-2Tier_AP/epg-WebServers_EPG/rsdomAtt-[uni/phys-OldCore_PhysDom]"
As you can see, in my lab, I have the OldCore_PhysDom linked to & EPGs across two tenants and three Application Profiles.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide