Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1455
Views
15
Helpful
2
Replies

How the communication works in ACI

Network_Sarovani
Level 3
Level 3

‎10-07-2021 11:55 AM - edited ‎10-07-2021 11:57 AM

Hi Team , 

 

How the communication between source 10.10.10.49 and destination 10.10.10.52 works if they are configured on the ESXI host and are behind the same interface of ACI LEAF-3 & LEAF-4 switches and on the same vlan . 

 

Source : 10.10.10.49 

Destination : 10.10.10.52 

 

From the EP tracker we can see both source and destination are behind the same interface of ACI LEAF-3 & LEAF-4 switches. In this case , when source sends traffic to destination will it come to ACI ? or it will be switched within ESXI ? ACI 2.png

 

2 Replies 2

RedNectar
VIP
VIP

‎10-07-2021 01:36 PM - edited ‎10-07-2021 05:14 PM

Hi @Network_Sarovani ,

Firstly, thanks for the great diagram: (Tip to other readers - put your diagrams pictures inline like CK)

In the case you describe, where BOTH endpoints are...

  1. in the same EPG (i.e. the same VLAN on the same vSwitch)
  2. in the same subnet

...traffic between the hosts will never leave the vSwitch and therefore never leave the ESXi host.

Now. IF you WANT to control traffic between these two hosts, you have a couple of choices.

  1. Put one of the hosts in a different EPG - create a new one just for it if you like
  2. Use micro-segmentation (aka uSeg) - which is essentially the same thing, where you create EPGs within EPGs

In both these cases, you will need to create contracts and apply them to allow any communication between them (and probably to other hosts as well)

I hope this helps.

Don't forget to mark answers as correct if it solves your problem. This helps others find the correct answer if they search for the same problem

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.

a12288
Level 3
Level 3

‎10-07-2021 02:48 PM

I believe they will be locally switched at VMware DVS level.

 

Cisco "used" to have AVS solution to allow us control VM communications inside VMware then VMware offers its own solution to compete with Cisco, so AVS is no longer supported by VMware. But Cisco quite nicely solve this by allowing us to leverage Intra-EPG isolation and uSeg EPG w/ PVLans. They meet our business needs in my ACI environment, and I know some customers are having both ACI and NSX.

 

Leo

Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License