Policy Based Routing on ACI

tawa-ndafa · ‎11-19-2021

I have a SVI configured as below on the Nexus 7K, client want the VLAN to be migrated to ACI. How do I setup policy based routing in ACI?.

interface Vlan403
description ##### PABX #####
no shutdown
vrf member SNL
no ip redirects
ip address 10.18.1.2/24
no ipv6 redirects
ip router eigrp SNL
no ip passive-interface eigrp SNL
ip policy route-map APSIP

NEXUS-7K# sh route-map APSIP
route-map APSIP, permit, sequence 10
Match clauses:
ip address (access-lists): 161
Set clauses:
ip next-hop 10.36.1.10
NEXUS-7K# sh ip access-lists 161

IP access list 161
10 permit ip 10.18.1.0/24 10.6.0.0/16

balaji.bandi · ‎11-20-2021

Not sure about your environment - how these nexus are connected to the ACI environment - but the below document help, you migrate to ACI and use PBR.

https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-739971.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Jose Maroto Grande · ‎11-21-2021

Hello ACIGURU,

PBR (policy based redirect) in ACI is not the same as PBR in nxos (Policy based routing). nxos PBR is based on ip, ACI PBR is based in contract and EPGs, you have to consider these things.

- You have to migrate vlan 403 - BD_403, EPG_403.

- your "ip next-hop 10.36.1.10" has to be migrated to CISCO ACI fabric, BD, EPG (subnet + vlan).

- Destination must to be an EPG (10.6.0.0/16), in your case, I think for several EPGs.

Then you have to apply ACI PBR to follow the guide that balaji.bandi gave to you. You have to locate several cases and read carefully the guide because you will have to adjust ACI PBR to your case for North-South, East-West traffic and if your PBR next-hop is firewall, you will have to consider location, vrf, etc.