Of course I know that aaep doesn't have vlan pool directly

Hi @dijix1990 ,

Question: Does the VPC still work, even with the error message appearing?

First thing. It MIGHT be related to this bug: https://quickview.cloudapps.cisco.com/quickview/bug/CSCvt02685

Next thing - double check that the the VPC is linked only to a single pair if switches - i.e when you click Show Usage from the VPC, you see only two switches, and for each node only one port (or ONLY ports that go to the SAME destination switch (or switch pair if double-sided VPC)) - like this

Next, you should also issue this command from the APIC to determine exactly what on-the-wire encapsulation vlan-62 is (that is mentioned in the error message)

fabric 201 show vlan id 62 extended

That MAY help point you in the right direction.

And my last thought - IF you are mapping EPGs from the AAEP, then remember you are including EVERY port that that AAEP maps back to in that EPG for a particular encapsulation.  IF ONE of those ports is "blacklisted by the user" like the error message says, then that MAY have caused the problem.  (Remember blacklisted=manually disabled).  To check this, go to the VLAN pool and click Show Usage (as shown above) and make a note of every interface that shows up for each leaf, then check that none has been disabled.

Past that - I'd need even more information. 

Firstly:

Your picture:
 
shows aaep-trunk_1-999 linked to pdom-vlans_1-999 -
but the picture of pdom-vlans_1-999 

is not showing as being linked to aaep-trunk_1-999 - so something is not quite making sense there.

Secondly

You said in your first post "I made new aaep with new vlan pool 1-999" - but I don't see any new VLAN Pool.

Your qestion - Question: Does the VPC still work, even with the error message appearing?

No, because config isn't applied

Next thing - double check that the the VPC is linked only to a single pair if switches - i.e when you click Show Usage from the VPC, you see only two switches, and for each node only one port (or ONLY ports that go to the SAME destination switch (or switch pair if double-sided VPC)) - like this

Can't because config isn't applied

Next, you should also issue this command from the APIC to determine exactly what on-the-wire encapsulation vlan-62 is (that is mentioned in the error message)

Not only for vlan-62, errors for every vlan from pool

Firstly:

Your picture:

 
shows aaep-trunk_1-999 linked to pdom-vlans_1-999 -
but the picture of pdom-vlans_1-999 

It has aaep-trunk_1-999, because pdom-vlans_1-999 has not only aaep for trunk it has a lot of aaep for access vlans

Secondly

You said in your first post "I made new aaep with new vlan pool 1-999" - but I don't see any new VLAN Pool.

I made new vlan pool, new phys domain new aaep to apply it for Nexus 93180YC-EX and it works perfectly, but I don't know why I can't apply my general config for every of Nexus 93180YC-EX (maybe it's something bug which is affected to EX version only)

I instaled new 93180YC-FX3 and my config was applied, I tried to applied my config for new 93180YX-EX (haven't been in fabric before) and I had the same errors, so strange

Hi @dijix1990 ,

This is starting to sound like a bug to me. But whether you are prepared to spend the time working with TAC to establish that (especially since you've found a work-around) is another question. You don't get paid for helping Cisco fix their bugs!

But of course you have sparked my interest, and I'm still curious as to why your config didn't work, but I've run out of ideas.

Out of curiosity though -

1. are you running ACI 5.2(7f) or later? (Because the whole leaf port-to-IPG process changed in that version)
2. are you mapping EPGs "up" - by going to the AAEP and selecting the EPG/VLAN association or "down" by going to the EPG and statically the vPC to the EPG?

I think if I was working on it, what I'd try next is creating a new VPC Interface Policy Group (a clone of c7000-10_VC1-IPG) called say c7000-10_VC1-IPG_old_path and linking it to your original AAEP (which of course is linked to your original Physical Domain and original VLAN Pool), then see if you still get the problem when you swap the association at the Interface Profile at the relevant interface selector from c7000-10_VC1-IPG to c7000-10_VC1-IPG_old_path

Having said that, if that fixes it, I'm not sure of why it would have fixed it. Other than being a slightly different work-around to the one you found, and creating another bit of evidence that there is indeed a bug.

Hi

My version is Version 5.2(3g)

1. are you mapping EPGs "up" - by going to the AAEP and selecting the EPG/VLAN association or "down" by going to the EPG and statically the vPC to the EPG? - YES

we opened case

Hi @dijix1990 ,

Make sure you report back to let us know the outcome!