Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1759
Views
2
Helpful
2
Replies

Show All VLAN Encaps Used in ACI Fabric

Go to solution
weylin.piegorsch
Level 1
Level 1

‎07-06-2023 10:04 AM

I understand it to be a best practice recommendation to have a unique VLAN encap per EPG, and to always use the same VLAN encap for a given EPG.  Is there a way in the GUI to show if a VLAN encap is/isn't used in the fabric?

I know the APIC will prevent me from clobbering another EPG.  However, if I spin-up a new EPG and static bind it on leaf "A", if I then a year later static bind it on leaf "B," I worry there might be another EPG already using that same encap on leaf "B""

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
RedNectar
VIP
VIP

‎07-10-2023 03:54 AM

Hi @weylin.piegorsch ,

I understand it to be a best practice recommendation to have a unique VLAN encap per EPG, and to always use the same VLAN encap for a given EPG. 

That's more or less correct. Sometimes it is useful to use more than one encap per EPG (mainly when deploying a mix of static hosts and dynamically allocated VLANs for a VMM). But definitely not a good idea to use the same VLAN ID for different EPGs within the same Tenant.

Is there a way in the GUI to show if a VLAN encap is/isn't used in the fabric?

Not easily. FAR FAR easier to use the CLI.  For instance, lets say you have 10 leaf switches numbered 1201-1210, and you want to know if VLAN 202 has been used on any port on any of those switches.

The following command issued at the APIC will tell you which ports on which switches the VLAN 202 has been deployed on. (The | egrep "Node|active" part is purely to reduce the size of the output here)

apic1# fabric 1201-1210 show vlan encap-id 202 | egrep "Node|active"
 Node 1201 (Leaf1201)
 44   mgmt:default:inb_EPG             active    Eth1/1
 Node 1202 (Leaf1202)
 Node 1203 (Leaf1203) 
 Node 1204 (Leaf1204)
 Node 1205 (Leaf1205)
 Node 1206 (Leaf1206)
 Node 1207 (Leaf1207)
 Node 1208 (Leaf1208)
 Node 1209 (Leaf1209) 
 76   mgmt:default:inb_EPG             active    Eth1/1
 Node 1210 (Leaf1210)

This shows that VLAN 202 is active only on ports Eth1/1 on leaf 1201 and 1209.

Sometimes you just have to go back to the good old-fashioned CLI to get the best out of ACI!

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.

View solution in original post

2 Replies 2

Go to solution
RedNectar
VIP
VIP

‎07-10-2023 03:54 AM

Hi @weylin.piegorsch ,

I understand it to be a best practice recommendation to have a unique VLAN encap per EPG, and to always use the same VLAN encap for a given EPG. 

That's more or less correct. Sometimes it is useful to use more than one encap per EPG (mainly when deploying a mix of static hosts and dynamically allocated VLANs for a VMM). But definitely not a good idea to use the same VLAN ID for different EPGs within the same Tenant.

Is there a way in the GUI to show if a VLAN encap is/isn't used in the fabric?

Not easily. FAR FAR easier to use the CLI.  For instance, lets say you have 10 leaf switches numbered 1201-1210, and you want to know if VLAN 202 has been used on any port on any of those switches.

The following command issued at the APIC will tell you which ports on which switches the VLAN 202 has been deployed on. (The | egrep "Node|active" part is purely to reduce the size of the output here)

apic1# fabric 1201-1210 show vlan encap-id 202 | egrep "Node|active"
 Node 1201 (Leaf1201)
 44   mgmt:default:inb_EPG             active    Eth1/1
 Node 1202 (Leaf1202)
 Node 1203 (Leaf1203) 
 Node 1204 (Leaf1204)
 Node 1205 (Leaf1205)
 Node 1206 (Leaf1206)
 Node 1207 (Leaf1207)
 Node 1208 (Leaf1208)
 Node 1209 (Leaf1209) 
 76   mgmt:default:inb_EPG             active    Eth1/1
 Node 1210 (Leaf1210)

This shows that VLAN 202 is active only on ports Eth1/1 on leaf 1201 and 1209.

Sometimes you just have to go back to the good old-fashioned CLI to get the best out of ACI!

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.

Go to solution
weylin.piegorsch
Level 1
Level 1

‎07-17-2023 09:30 AM - edited ‎07-28-2023 08:50 PM

Thanks @RedNectar. This is a fantastic command!  I knew about moquery approaches from https://community.cisco.com/t5/application-centric-infrastructure/command-to-see-all-vlan-encap-s-in-use/td-p/2983912, this is far superior as it's understandable to a nornal person.  I'll update that thread so other that stumble across it are aware, and thank you for your help on this!

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License