Hi experts, We have noticed some issues in our ACI contracts. All contracts are at the default setting, which is apply both directions and reverse filter ports. So the src-egg (provider) is providing icmp and ssh and the destination-epg (consumer) is consuming it. The contract being both directions under the GUI, this should work! BUT its not working.
On checking the show zoning-rule command in the leaf SW between the src-epg and dst-epg, the contract`s direction is "uni-dir-ignore" instead of "bi-dir". I am wondering where did this come from?? Please advise?
Hello. Under normal contract deployment, when you have the "Apply Both Directions" and "Reverse Filter Ports" boxes ticked in the Contract Subject, you should see two entries when you use the 'show zoning-rule' command from a leaf where that contract exists. One should be marked as 'bi-dir' and one marked as 'uni-dir-ignore'. If you don't see those, it likely means that your contract was not correctly programmed into the TCAM. You might try removing the contract from the EPGs and re-adding, making sure you have properly chosen the consumer and provider EPGs.
Think of the 'uni-dir-ignore' entry as a short cut to tell ACI that you simply want return traffic to be allowed. If you don't tick "Reverse Filter Ports" you would need to manually make a 2nd entry in the filter to allow the return traffic, which is more work.
To give an example that is working, see my contract called TEST-C.
Cisco® Nexus® Dashboard revolutionizes operations in today’s modern data-center environments. Join us to learn about the operational efficiencies realized from the seamless user experience of the dashboard and the powerful capabilities of Cisco Nexus Insi...
The HTML5 plug installation is successful. But I get the following error while I click on AVE. The other icons are showing up the results except AVE. Please let me know your SME thoughts on this error.
No VmmDomains Found
This session will help administrators and architects leverage SAN Insights Discovery to help understand the current status of their SAN fabric and help identify areas of opportunity for improvement. The attendees will learn the process, architecture, and ...
Join us to learn about the operational efficiencies realized from the seamless user experience of the dashboard and the powerful capabilities of Cisco Nexus Insights (NI), Cisco Network Assurance Engine (NAE), and Cisco Multi-Site Orchestrator (MSO). The ...
Cisco Intersight's Terraform Provider is now available in the Terraform Registry at https://registry.terraform.io/providers/CiscoDevNet/intersight/latest. The provider has Terraform resource and data source support for the wide range of Inters...