04-06-2019 08:51 AM
Hello, i am beginer network engineer and this is my first experience with Cisco ACI.
I just create a new interface profile and then associated it into existing switch profile on Cisco ACI for future needs.
I have not even binding this interface to any epg or use it for any L3out.
My question is, when i do this, is there any impact on traffic in ACI? or maybe drop packet or something?
Solved! Go to Solution.
04-06-2019 02:18 PM - edited 04-06-2019 02:19 PM
Hi am.,
Welcome to the wonderful world of software defined networking and dynamic configuration.
One of the great beauties of ACI is that policies are not pushed to a switch until they are needed. So even if you have built a complete Access Policy Chain, none of the embedded configuration of that chain gets applied to a ports that is contained in the chain until a particular port/VLAN combination is applied to an EPG or L3Out/Interface Profile/Port Profile.
So to answer your question:
is there any impact on traffic in ACI?
The answer is "No, building Access Policies (Leaf Profiles/Interface Profiles/Interface Policy Groups/Attachable Access Entity Profiles/Domians and VLAN/VXLAN Pools) has no affect on traffic in ACI."
Note: I will add one small exception: When you configure associate an Interface Selector to an Interface Policy Group, the Interface Policies in that Interface Policy Group are applied - such as enabling LLDP, LACP etc. So a Port Channel or VPC interface will come up before it is used. Note however, that any VLANs defined in the Access Polciy Chain will not be enabled on that Port/PC/VPC until appropriate configuration is applied.
I hope this helps
Don't forget to mark answers as correct if it solves your problem. This helps others find the correct answer if they search for the same problem
04-06-2019 02:18 PM - edited 04-06-2019 02:19 PM
Hi am.,
Welcome to the wonderful world of software defined networking and dynamic configuration.
One of the great beauties of ACI is that policies are not pushed to a switch until they are needed. So even if you have built a complete Access Policy Chain, none of the embedded configuration of that chain gets applied to a ports that is contained in the chain until a particular port/VLAN combination is applied to an EPG or L3Out/Interface Profile/Port Profile.
So to answer your question:
is there any impact on traffic in ACI?
The answer is "No, building Access Policies (Leaf Profiles/Interface Profiles/Interface Policy Groups/Attachable Access Entity Profiles/Domians and VLAN/VXLAN Pools) has no affect on traffic in ACI."
Note: I will add one small exception: When you configure associate an Interface Selector to an Interface Policy Group, the Interface Policies in that Interface Policy Group are applied - such as enabling LLDP, LACP etc. So a Port Channel or VPC interface will come up before it is used. Note however, that any VLANs defined in the Access Polciy Chain will not be enabled on that Port/PC/VPC until appropriate configuration is applied.
I hope this helps
Don't forget to mark answers as correct if it solves your problem. This helps others find the correct answer if they search for the same problem
05-09-2019 07:53 AM
Hi Chris,
Thanks for the Answer.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide