how to find epg name based on vlan id or subnet ip

Herman2018 · ‎01-25-2024

Hi, how to find all the EPGs associated with the vlan id or subnet IP? Is there any command on APIC or leaf switch to find the result? anyone please advise ,thanks in advance.

klnnnnng · ‎01-26-2024

Try with the moquery commands.

ACI object moquery Cheat Sheet - Cisco Community

RedNectar · ‎01-27-2024

Hi @Herman2018 ,

To find the EPGs for a given VLAN (normally you'd expect only one, unless multiple tenants are using the same VLAN ID) you could use the following command to find the EPG, substituting your VLAN ID at the appropriate place

apic1# bash
admin@apic1:~> icurl -k -s 'https://localhost/api/node/class/fvRsPathAtt.json?query-target-filter=eq(fvRsPathAtt.encap,"vlan-2032")' | jq '.imdata[].fvRsPathAtt.attributes | .dn, .encap'
"uni/tn-Tenant03/ap-2Tier_AP/epg-WebServers_EPG/rspathAtt-[topology/pod-1/paths-2202/extpaths-192/pathep-[eth1/13]]"
"vlan-2032"

To find the EPGs for a given IP subnet is a bit trickier. Firstly, the subnet may be linked to the EPG or the BD. If it's linked to the EPG then it's not too hard. The following shows that the EPG called SharedServices_EPG in the common tenant has IP 10.200.0.5/32 assigned.

admin@apic1:~> icurl -k -s 'https://localhost/api/node/class/fvAEPg.json?rsp-subtree=children' | jq '.imdata[].fvAEPg | .attributes.dn, .children[].fvSubnet.attributes.ip | select( . != null ) '
"uni/tn-infra/ap-ave-ctrl/epg-ave-ctrl"
"uni/tn-infra/ap-access/epg-default"
"uni/tn-common/ap-SharedServices_AP/epg-SharedServices_EPG"
"10.200.0.5/32"
<output omitted>

It's not perfect - it prints the dn of every EPG, and there has been no filter applied for any given IP address, so could be tweaked a bit more.

But the really hard one is to find the EPGs for a given IP subnet when the subnet is linked to a BD. This is tricky to do in one step, but the following would list the BDs and the subnets defined for each and the EPGs linked to that BD (and therefore the corresponding IP) - again, I haven't refined it with a filter, but hopefully will give you the idea

admin@apic1:~> icurl -k -s 'https://localhost/api/node/class/fvBD.json?rsp-subtree=full' | jq '.imdata[].fvBD |.attributes.dn, .children[].fvSubnet.attributes.ip, .children[].fvRtBd.attributes.tDn | select( . != null )'
<snip>
"uni/tn-common/BD-SharedServices_BD"
"10.200.0.1/24"
"uni/tn-common/ap-SharedServices_AP/epg-SharedServices_EPG"
"uni/tn-Tenant18/BD-App_BD"
"10.218.11.1/24"
"uni/tn-Tenant18/ap-2Tier/epg-DB_EPG"
"uni/tn-Tenant18/ap-2Tier/epg-App_EPG"
"uni/tn-Tenant18/BD-Web_BD"
"10.218.12.1/24"
"uni/tn-Tenant18/ap-2Tier/epg-Web_EPG"
<output omitted>

So from the output you can see that two EPGs (DB_EPG and App_EPG) are using 10.218.11.1/24 from the App_BD in the Tenant18 tenant

As I said earlier, these would need refinement to filter out everything except the BDs and EPGs for a particular subnet. To convince me to do that for you, you'll have to wait till I get another rainy Sunday with nothing to do.

I hope this helps.

Don't forget to mark answers as correct if it solves your problem. This helps others find the correct answer if they search for the same problem.

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.