cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

2449
Views
40
Helpful
10
Replies
schnkumar331
Beginner

how can i find that an interface is statically bound with how many EPGs in Cisco ACI.

Help me to find out the answers.

10 REPLIES 10
Waruna Rasanga
Beginner

Hi,

 

There are 2 ways to check this,

 

1. From the APIC GUI

 

Use this navigation to go the switch interface which you want to check.

Fabric --> <pod Name> --> Node --> Interfaces --> Physical Interfaces --> <Interface (Eth1/1)

in there go to the Deployed EPG tab. In there you can see the statistically allowed VLANs for that interface

 

2. From the APIC CLI

 

In the APIC CLI, g to the respective leaf switch interface and enter show run command. in there you can see what are the EPGs which are allowed.

 

APIC-1# conf t
APIC-1(config)# leaf 201
APIC-1(config-leaf)# interface ethernet 1/1
APIC-1(config-leaf-if)# show run

 

If that interface is a Port-Channel use bellow command

 

APIC-1# conf t
APIC-1(config)# leaf 201
APIC-1(config-leaf)# interface port-channel <port-channel name>
APIC-1(config-leaf-if)# show run

 

if the interface is a VPC use bellow command

 

APIC-1# conf t
APIC-1(config)# vpc context leaf <leaf node1> <leaf node2>
APIC-1(config-vpc)# interface vpc <vpc name>
APIC-1(config-leaf-if)# show run

 

Hope this is helpful to answer your question

 

Thanks

Waruna

Thanks @Waruna Rasanga 

ecsnnsls
Beginner

Hi,

If you know the interface that you want to examine, you can use the following REST GET request,

/api/node/mo/topology/pod-1/node-XX/sys/phys-[eth1/1].json?rsp-subtree-include=full-deployment&target-node=all&target-path=l1EthIfToEPg

 

julian.bendix
Participant

Hey,

you can use the moquery tool on the APIC CLI, like this:

For example, Port 15 on the Leaf with ID 2232..

moquery -c fvStPathAtt | grep dn | grep 'eth1/15' | grep 'node-2232'

Best way I found for this

Let me know if it helps.

BR
Juls

Hi @julian.bendix ,

I thought you may have found something - but for the life of me I can't see the EPG information with the moquery you suggested.

Also, it seems to miss VPCs.

But let us know if you come up with a better solution

Remember: the question is:

"How can i find that an interface is statically bound with how many EPGs in Cisco ACI?"

The answer @schnkumar331 is looking for is a NUMBER, although I think if we found a command that listed the EPGs for an interface (like suggestion #1 from @Waruna Rasanga above) would be close enough (even better perhaps)

 

RedNectar
aka Chris Welsh


Don't forget to mark answers as correct if it solves your problem. This helps others find the correct answer if they search for the same problem

vv0bbLeS
Beginner

I will add on to @julian.bendix 's post about moquery, in that I have found that the fvStPathAtt class does not return FEX ports. You could also use the fvRsCEpToPathEp class, but that class will only report the interface if the interface is in the "up" state.

 

The best class I have found for this is to use the fvIfConn class (Interface Connectivity class), which reports the interface regardless of whether it is "up" or not, and whether it is a FEX port or not:

 

For example, to return the EPG's for node 291, port 1/3 :

moquery -c fvIfConn | grep dn | grep node-291 | grep eth1/3]

 

To return the EPG's for node 291, but on FEX 131, port 1/3:

moquery -c fvIfConn | grep dn | grep node-291 | grep extchid-131 | grep eth1/3]

 

Think of the extchid part as referring to "external chassis id" or "extra chassis id" :- D

 

 

0xD2A6762E

@vv0bbLeS ,

Using class fvIfConn is definitely on the right track, but keeping in mind that the question is:

"How can i find that an interface is statically bound with how many EPGs in Cisco ACI?"

So the answer needs to be a number!

 

So - now  standing on the shoulders of giants - I'd like to offer @schnkumar331 the following solution:

 

moquery -c fvIfConn | grep epg- | grep node-291 | egrep -c eth1/3] 

You'll see it is the same as @vv0bbLeS ' answer but since the focus is "EPGs", I've replaced dn with epg- and added the -c flag to the last grep to make it count rather than print!

Note that the last ] character on the port number is to prevent the grep finding port 30 as well as port 3

 

RedNectar
aka Chris Welsh


Don't forget to mark answers as correct if it solves your problem. This helps others find the correct answer if they search for the same problem

@RedNectar ah yes, good catch! I didn't notice the OP was asking about "how many" :- D  Excellent solution using the -c in egrep!

I will add for the OP's benefit that they can also use the word boundary character in egrep, "\b" to designate the end of a search string. So the end of the above moquery command could also be constructed as egrep -c "eth1/3\b" which will force extended grep (egrep) to stop matching characters after the 3. I mention this as the word boundary character \b in egrep is very useful in many other searching tasks that the OP may run across.


0xD2A6762E

@RedNectar & @vv0bbLeS .. thank you guys for your super nice additions!! That's awesome.

I'll look into that again too and let you know if I can come up with anything else

BR
Jules

This is an amazing solution. I have seen multiple questions regarding this across the forum.

Thank you.

Content for Community-Ad