Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2212
Views
0
Helpful
3
Replies

isolating overlap of vlans when entering into ACI

Go to solution
albert_coll
Level 1
Level 1

‎01-31-2017 08:02 AM - edited ‎03-01-2019 05:08 AM

Hi,

 

I need to integrate two legacy Fabrics (Brownfields) at L2 to an ACI fabric tenant to migrate bare metal equipment into it.

 

Both legacy fabrics are now running isolatedly, and present some degree of vlan overlapping since in some cases each one uses the same vlan-id for completely different purposes, so that merging both as a single broadcast domain into the ACI is not an option.

 

If using separated physical ACI border leaf ports to connect each Brownfield, can I assign each incoming vlan to a separate pair of BD / EPG so that they will run logically separated with each other inside the ACI fabric?

 

As far as i read, i suppose the answer shoud be yes, but I would really appreciate any answer from anyone with more ACI knowledge than mine.

 

Best regards.

Albert.

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
dpita
Cisco Employee
Cisco Employee

‎01-31-2017 08:36 AM

Hello

this is a good question. ACI actually lets you do this in a simple manner, moreover its actually one of the intended use cases. 

Imagine you have you your two brownfield DCs and your web servers in DC1 are in vlan 100 10.10.10.1/24 and DC2 vlan 200 192.168.10.1/24 

with ACI, you can create a single Bridge domain, static path to your external legacy switch and trunk vlan-100 and another static path to the other external legacy switch and trunk vlan-200. 

to your question, yes you can also keep them separated! you can even reuse the same vlan. here is another example

Imagine you have you your two brownfield DCs and your web servers in DC1 are in vlan 100 10.10.10.1/24 and DC2 vlan 100 192.168.10.1/24 

now, under the same tenant you can create two BDs; DC1-web and DC2-web and two different EPGs. both can be vlan 100 on different leafs as you suggest BUT if needed, they can also be on the same leaf with a feature known as "Per Port VLAN"

Keep in mind, ACI is very flexible but at the end of the day, we are just trunking VLANs on a port. what you need to consider are your applications. do you want both DCs to remain separated? or do you want to use ACI and its Application Centric approach?

hope that helps!

what other questions do you have?

View solution in original post

0 Helpful
3 Replies 3

Go to solution
dpita
Cisco Employee
Cisco Employee

‎01-31-2017 08:36 AM

Hello

this is a good question. ACI actually lets you do this in a simple manner, moreover its actually one of the intended use cases. 

Imagine you have you your two brownfield DCs and your web servers in DC1 are in vlan 100 10.10.10.1/24 and DC2 vlan 200 192.168.10.1/24 

with ACI, you can create a single Bridge domain, static path to your external legacy switch and trunk vlan-100 and another static path to the other external legacy switch and trunk vlan-200. 

to your question, yes you can also keep them separated! you can even reuse the same vlan. here is another example

Imagine you have you your two brownfield DCs and your web servers in DC1 are in vlan 100 10.10.10.1/24 and DC2 vlan 100 192.168.10.1/24 

now, under the same tenant you can create two BDs; DC1-web and DC2-web and two different EPGs. both can be vlan 100 on different leafs as you suggest BUT if needed, they can also be on the same leaf with a feature known as "Per Port VLAN"

Keep in mind, ACI is very flexible but at the end of the day, we are just trunking VLANs on a port. what you need to consider are your applications. do you want both DCs to remain separated? or do you want to use ACI and its Application Centric approach?

hope that helps!

what other questions do you have?

0 Helpful

Go to solution
albert_coll
Level 1
Level 1
In response to dpita

‎01-31-2017 08:52 AM

Many thanks for your valuable aswer.

Just for my information, regardind your second example:  Could i, for instance, terminate the incoming vlan100 of Brownfield #1 as is in a leaf; and remap the incoming vlan 100 of Brownfield #2 to another vlan-id (example 101) in the same or different leaf?

This would allow me to remap overlapped vlans to a set of yet unused ranges.

Best regards.

Bes

0 Helpful

Go to solution
albert_coll
Level 1
Level 1
In response to albert_coll

‎01-31-2017 09:43 AM

Cisco ACI Fundamentals V1.1, section "Per Port VLAN" says: "Starting with the v1.1 release, multiple EPGs with the same VLAN encapsulation can be deployed on a given leaf switch (or FEX), as long as the EPGS are associated with different bridge domains and on different ports."

For that reason, i do not really need to imagine renumbering overlapped vlans at the exiting leaf switches since i will use different EPG / BD for each one and i'll terminate them in different ports. That way, despite of being terminated with the same vlan-id, they are isolated, which is in fact what i need.

Thanks again, Daniel, for your help which made me find the right answers to me.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License