Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3791
Views
0
Helpful
9
Replies

DVS to ACI Connectivity

Go to solution
Yacine BS
Level 1
Level 1

‎05-25-2018 02:56 AM - edited ‎03-01-2019 05:33 AM

I have integrated the vCenter with the APIC successfully. The DVS is created on the vCenter and the VLANs have been allocated dynamically.

However, the blade is physically connected through a vPC with the Leafs. The vPC is only allowing the infrastructure VLAN only. All the VLANs created dynamically are not going through the link. If I add to the AAEP an Application EPG and tag it with a VLAN then it is added to the vPC link allowed VLANs.

 

This is making connectivity from the DVS to the ACI non existant.

 

For now , if I use the vSwitch and tag every EPG in the AAEP, everything works fine. But, I need the DVS to be working with the ACI.

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Ahmed Al jawad
Level 1
Level 1

‎05-28-2018 12:36 PM

I would just statically add the VPC under the EPG. and keep the VMM under the EPG as well.

Regards

View solution in original post

0 Helpful
9 Replies 9

Go to solution
Nik Noltenius
Spotlight
Spotlight

‎05-25-2018 03:43 AM

Hi,

 

depending on what you try to achieve you should probably not add the EPGs under the AAEP but rather add the VMM domain to the EPGs under the Tenant configuration. Your way might work, too (I actually have never used that piece of configuration), but since you are having trouble I guess it's better to follow these steps:

 

Go under Tenant > Application Profiles > [AP of your choice] > Application EPGs > [EPG of your choice] > Domains (VMs and Bare-Metal) and add a VMM Domain Association. Select your VMM Domain. Now two things happen (at least):

1. A port-group is created on the DVS resembling the EPG and picking a VLAN at random from the VLAN pool associated

2. The VLAN (or rather it's internal representative) is added to the VLAN allowed list on the vPC trunk

 

I hope that helps.

0 Helpful

Go to solution
Yacine BS
Level 1
Level 1
In response to Nik Noltenius

‎05-25-2018 03:46 AM

@Nik Noltenius wrote:

Hi,

 

depending on what you try to achieve you should probably not add the EPGs under the AAEP but rather add the VMM domain to the EPGs under the Tenant configuration. Your way might work, too (I actually have never used that piece of configuration), but since you are having trouble I guess it's better to follow these steps:

 

Go under Tenant > Application Profiles > [AP of your choice] > Application EPGs > [EPG of your choice] > Domains (VMs and Bare-Metal) and add a VMM Domain Association. Select your VMM Domain. Now two things happen (at least):

1. A port-group is created on the DVS resembling the EPG and picking a VLAN at random from the VLAN pool associated

2. The VLAN (or rather it's internal representative) is added to the VLAN allowed list on the vPC trunk

 

I hope that helps.

Thanks Nik,

 

The VMM Domain has been associated to the EPGs, yet no VLAN has been created.

0 Helpful

Go to solution
Nik Noltenius
Spotlight
Spotlight
In response to Yacine BS

‎05-25-2018 03:48 AM

Okay, but do you see a port-group on the DVS being created? If not you probably have an issue in the communication between APIC and vCenter.

0 Helpful

Go to solution
Yacine BS
Level 1
Level 1
In response to Nik Noltenius

‎05-25-2018 03:55 AM

Port groups have been created in the vCenter and tagged with dynamically created VLANs that I can see in the APIC. I believe everything is created as needed, but the vPC tag is not allowing the VLANs.

 

0 Helpful

Go to solution
Nik Noltenius
Spotlight
Spotlight
In response to Yacine BS

‎05-25-2018 04:14 AM

Hmm okay...

Let's go through the list:

- You have an AAEP associated with the VMM domain and a dynamic VLAN pool linked to the domain.

- You have a vPC-Interface Policy Group associated with the AAEP mentioned above and the interfaces connected to the host are linked to it. Do you have either CDP and / or LLDP enabled in the policy group?

- Is it possible that your host is not directly attached to the fabric but has some switch in between? Since you're talking about a blade that might be the case. I'm not 100 % sure but I believe leaf and host need to be LLDP or CDP neighbors. So if something in between is eating up LLDP / CDP that could be an issue. Check the Neighbor-info on the Uplink of the DVS (I think it's a small i-icon on the uplink-Portgroup...) to see what the host is reporting.

- I assume you don't have any faults related to the problem, right?

 

0 Helpful

Go to solution
Yacine BS
Level 1
Level 1
In response to Nik Noltenius

‎05-25-2018 05:20 AM

Nik, I think you're kind of right. I had LLDP activated on the blade switch and still I have the same issue.

 

I say you're kind of right because for me it's hard to believe that you lose this DVS in the case you have a blade. I think that there should be a solution thought of by Cisco. Everybody has blades in their DC.

0 Helpful

Go to solution
Robert Burns
Cisco Employee
Cisco Employee

‎05-25-2018 06:10 AM

Are you using the Vmware vDS, or Cisco AVS/AVE?

 

The VMware vDS doesn't support VXLAN mode which would leverage the Infra VLAN for transport.  If you're using VMware vDS, you need to allow ALL VLANs in your dynamic VLAN pool for the VMM domain from Leaf down to the Blade's NICs.   The VLANs get programmed/pushed by the APIC > vCenter using the Management VLAN, but when the port Groups are instantiated on the vDS, the appropriate VLAN tag is applied to it.  If that VLAN isn't allowed from Src to Dst-  you're not going to see any VM traffic.

 

Robert

0 Helpful

Go to solution
Ahmed Al jawad
Level 1
Level 1

‎05-28-2018 12:36 PM

I would just statically add the VPC under the EPG. and keep the VMM under the EPG as well.

Regards

0 Helpful

Go to solution
Yacine BS
Level 1
Level 1
In response to Ahmed Al jawad

‎07-03-2018 01:09 AM

Thanks all,

 

The problem is solved as follows:

 

you add the VPC to the blade under the EPG with encap auto,

 

you don't add any encapsulation under the AAEP associated to the VPC to the Blade,

 

Thank again,

0 Helpful
Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License