Solved: How to setup ACI initially using OOB and In-Band management network

eahmed007 · ‎07-23-2017

Dear All ,

I going to deploy ACI with 3 APIC Controller, 2 Spine and 8 leaf and create a ACI fabric . In this scenario , Please assist me how to configure the ACI using OOB and In-Band Management Network .

If I use OOB management , should I need to connect APIC , Spine and Leaf in separate physical connectivity or I can connect all components using same physical connectivity for OOB and as well as for In Band Management .

In addition , what is the best practice to connect APIC contoller( CMIC or console .) .Please assist me , how I can proceed for Initial configuration .

Your valuable comments is highly appreciated .

With regards

Erfan

RedNectar · ‎07-24-2017

[Update: This topic is discussed further in another question regarding connecting vCenter to ACI OOB. You may wish to read my mini-tutorial response I wrote to that as well. RedNectar]

Hi Erfan,

Let me go through your questions one at a time:

If I use OOB management, should I need to connect APIC, Spine and Leaf in separate physical connectivity or I can connect all components using same physical connectivity for OOB and as well as for In Band Management .

There are special ports on your APIC and switches marked OOB for "Out of Band" - in fact the APIC has two of them. These ports should be connected to a common management network (dedicated switch or VLAN)

The OOB network CAN NOT be used or OOB as well as for Inband Management. Setting up inband management is quite a task - I suggest you do google search for Cisco ACI inband management tutorial- you might find the one I wrote!

In addition, what is the best practice to connect APIC contoller (CMIC or console). Please assist me, how I can proceed for Initial configuration.

It does not matter if you access the APIC controller via the console or via the KVM facility of the CIMC - both are equally good, but you would have to set up the CIMC IP address before being able to access it in this way, so I normally use the console.

Keep in mind that you would normally only ever need to connect to the console/CIMConce - during the initial configuration. Once the initial configuration is complete, you would normally use HTTPS or SSH to access the APIC.

I would suggest you connect the CIMC to the same management network that you use for OOB management. This will give you remote access to the console via the KVM utility within the CIMC.

Do I need separate in physical connectivity for OOB and In Band Management for APIC Controller, Spine and Leaf.

As I mentioned earlier, I would recommend connecting all OOB interfaces to a management network where your management PC can get direct access to the devices. However, once your ACI Fabric has completed the discovery process, you won't normally ever need to access the OOB management of the Leaf and Spines ever again - you can access the leaf and spine switches directly from an SSH session to the APIC.

I hope this helps

RedNectar
aka Chris Welsh

Don't forget to mark answers as correct if it solves your problem. This helps others find the correct answer if they search for the same problem

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.

View solution in original post

eahmed007 · ‎07-23-2017

Dear All ,

Do I need separate in physical connectivity for OOB and In Band Management for APIC Controller , Spine and Leaf .

Please assist me how I can proceed with initial configuration .

With regards

Erfan

RedNectar · ‎07-24-2017

[Update: This topic is discussed further in another question regarding connecting vCenter to ACI OOB. You may wish to read my mini-tutorial response I wrote to that as well. RedNectar]

Hi Erfan,

Let me go through your questions one at a time:

If I use OOB management, should I need to connect APIC, Spine and Leaf in separate physical connectivity or I can connect all components using same physical connectivity for OOB and as well as for In Band Management .

There are special ports on your APIC and switches marked OOB for "Out of Band" - in fact the APIC has two of them. These ports should be connected to a common management network (dedicated switch or VLAN)

The OOB network CAN NOT be used or OOB as well as for Inband Management. Setting up inband management is quite a task - I suggest you do google search for Cisco ACI inband management tutorial- you might find the one I wrote!

In addition, what is the best practice to connect APIC contoller (CMIC or console). Please assist me, how I can proceed for Initial configuration.

It does not matter if you access the APIC controller via the console or via the KVM facility of the CIMC - both are equally good, but you would have to set up the CIMC IP address before being able to access it in this way, so I normally use the console.

Keep in mind that you would normally only ever need to connect to the console/CIMConce - during the initial configuration. Once the initial configuration is complete, you would normally use HTTPS or SSH to access the APIC.

I would suggest you connect the CIMC to the same management network that you use for OOB management. This will give you remote access to the console via the KVM utility within the CIMC.

Do I need separate in physical connectivity for OOB and In Band Management for APIC Controller, Spine and Leaf.

As I mentioned earlier, I would recommend connecting all OOB interfaces to a management network where your management PC can get direct access to the devices. However, once your ACI Fabric has completed the discovery process, you won't normally ever need to access the OOB management of the Leaf and Spines ever again - you can access the leaf and spine switches directly from an SSH session to the APIC.

I hope this helps

RedNectar
aka Chris Welsh

Don't forget to mark answers as correct if it solves your problem. This helps others find the correct answer if they search for the same problem

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.

eahmed007 · ‎07-24-2017

Hi Welsh ,

Thanks for your valuable comments and suggestion . I will let you know the update after configuring the initial configuration and discovering the fabric .

With regards

Erfan

eahmed007 · ‎07-29-2017

Hi Welsh ,

Thanks for your previous suggestion and assistance .

Please can you tell me how can I connect Vcenter which is residing one of VM in UCS blade system .

I going to connect each and every components (spine, Leaf, APIC controller ) with OOB Management Switch and put different IP block a part from TEP address .

However , I am little bit confuse to connect Vcenter as it does not have management port separately .

So please assist me how can I connect ACI with Vcenter which is VM in UCS blade using Fabric Interconnect for management purpose only .

What would be the initial appose to connect Vcenter using OOB management using Fabric interconnect with static tagging.

I am looking forward to your valuable comments .

With regards

Erfan

RedNectar · ‎07-29-2017

Hi Erfan,

Would you mind asking this as a new question? - perhaps with the title "How to connect vCenter to ACI Out of Band Management network"

This makes it easier for people to find the answer if they have he same problem in the future.

In the meantime, I'll think about your problem.

CW

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.

eahmed007 · ‎07-29-2017

Hi Welsh ,

Thanks for your suggestion . I will open separate post for this problem .

With regards

Erfan