Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1163
Views
3
Helpful
7
Replies

How to modify vlan pool range in ACI

Go to solution
AirBorn
Level 1
Level 1

‎07-05-2023 12:08 AM

Hello,

I'm looking for a procedure to modify VLAN pool range in ACI fabric

Regards

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Robert Burns
Cisco Employee
Cisco Employee
In response to AirBorn

‎07-06-2023 06:25 AM - edited ‎07-06-2023 06:26 AM

1.  If you add/remove Blocks to an in-use VLAN Pool, then there's going to be impact.  Deleting Encap blocks are the equivelant of a "no vlan x" on any legacy switch temporarily removing the VLAN.  A better option is to create a new VLAN pool and re-associate the domains to it. (See below).

2a.  First thing - take a Config Snapshot of the config (in case you need to quickly revert your upcoming changes) Admin > Config Rollbacks.

2b. Next, find out all policies that are referencing the VLAN Pool.  You can use the "Show Usage" button at the bottom of the VLAN pool panel.

RobertBurns_0-1688649435599.png

 2c.  Create a new VLAN Pool with the correct name and add all the corresponding VLAN Encap Blocks.

2d.  For each Domain used by the old VLAN Pool, you'll need to update the Domain and point it at the "new" VLAN Pool.  Should be minimal impact since the VLAN IDs shouldn't change.  If there is impact, should be sub-second at worst.  Would need to confirm this in the lab to be 100% sure though.

2e. Once all Domains have been bound to the new VLAN Pool, check the "show usage" on the original VLAN pool to ensure its no longer in use.   Once its not being used by any other policy, its safe to remove it.

**Note: Above applies more to static VLAN pools for non-VMM domains.  If your VLAN pool in question involves dynamic VLAN pool range, let me know.  That's a different story.

Robert

View solution in original post

7 Replies 7

Go to solution
Robert Burns
Cisco Employee
Cisco Employee

‎07-05-2023 05:07 AM

You can add/remove blocks to a VLAN Pool if thats what you're asking, but you can't modify an existing block (in case to remove some of the VLANs defined in a block range).  If this is what you're trying to do, you'd need to remove the block, and re-add it back corrected.  This is disruptive, just as deleting/adding VLANs would be on any device.

Robert

0 Helpful

Go to solution
r.heitmann
Level 1
Level 1
In response to Robert Burns

‎07-05-2023 10:17 AM

The only solution therefore lies in design and preparation:

  • do not add a few large blocks to the VLAN pool, but many small blocks - which you can then remove from the pool individually.

Go to solution
AirBorn
Level 1
Level 1
In response to Robert Burns

‎07-06-2023 01:24 AM

So if i have to delete (and recreate) the VLAN Pool, i guess i have also to delete all the objects referencing that pool. is that correct?

Is there a more safer way to do ?

Regards

 

 

0 Helpful

Go to solution
Robert Burns
Cisco Employee
Cisco Employee
In response to AirBorn

‎07-06-2023 05:31 AM

Not necessarily.  You only need to remove & re-add the VLAN Encap Blocks (ranges) within the VLAN Pool - not delete the VLAN pool itself (which is what's referenced by other policies in the fabric).

RobertBurns_0-1688646653691.png

 

Robert

Go to solution
AirBorn
Level 1
Level 1
In response to Robert Burns

‎07-06-2023 05:40 AM

Thanks for the update. more 2 questions if i may

1/ Is there any impact on production fabric ?

2/ If i have to change ,not only the range but also the VLAN Pool name, what is the safest way to do ?

Regards

0 Helpful

Go to solution
Robert Burns
Cisco Employee
Cisco Employee
In response to AirBorn

‎07-06-2023 06:25 AM - edited ‎07-06-2023 06:26 AM

1.  If you add/remove Blocks to an in-use VLAN Pool, then there's going to be impact.  Deleting Encap blocks are the equivelant of a "no vlan x" on any legacy switch temporarily removing the VLAN.  A better option is to create a new VLAN pool and re-associate the domains to it. (See below).

2a.  First thing - take a Config Snapshot of the config (in case you need to quickly revert your upcoming changes) Admin > Config Rollbacks.

2b. Next, find out all policies that are referencing the VLAN Pool.  You can use the "Show Usage" button at the bottom of the VLAN pool panel.

RobertBurns_0-1688649435599.png

 2c.  Create a new VLAN Pool with the correct name and add all the corresponding VLAN Encap Blocks.

2d.  For each Domain used by the old VLAN Pool, you'll need to update the Domain and point it at the "new" VLAN Pool.  Should be minimal impact since the VLAN IDs shouldn't change.  If there is impact, should be sub-second at worst.  Would need to confirm this in the lab to be 100% sure though.

2e. Once all Domains have been bound to the new VLAN Pool, check the "show usage" on the original VLAN pool to ensure its no longer in use.   Once its not being used by any other policy, its safe to remove it.

**Note: Above applies more to static VLAN pools for non-VMM domains.  If your VLAN pool in question involves dynamic VLAN pool range, let me know.  That's a different story.

Robert

Go to solution
AirBorn
Level 1
Level 1
In response to Robert Burns

‎07-06-2023 07:03 AM

Great explanation, Thank you

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License