Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2986
Views
10
Helpful
3
Replies

Leaf switch does not support overlapping VLAN pools.

Go to solution
rik.herlaar
Level 1
Level 1

‎10-29-2015 12:41 AM - edited ‎03-01-2019 04:53 AM

Hi all ,

As per http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals/b_ACI_Fundamentals_BigBook_chapter_0111.html we need to exercise caution when dealing with overlapping vlan pools insofar they ware applied to EPG's at the same Leaf switch. 

The documntation does spell it out explicitely but we ran into a similar problem with a single vlan-pool when referred to for both an external-bridge domain <and> an applocation EPG (static binding to same leaf).

The use-case may be relatively specific to migration where customer needs to trunk vlan's over the L2_Out to extend their current broadcast domain into the ACI - and if they want to redeploy the same vlan-id at the application profile EPG itself (it's not uncommon to be forced to use the same leaf pairs for smaller environments either).

What happened in our case was that we could not use the same vlan-id to be deployd on the External-Bridge network EPG <and> the afiliated (via BD affiliation) the normal application EPG. Only when we changed the value at the latter (the former is impossible because that would break their migration startegy) - it started to work in the sense that a direct connected server (forced on a different vlan-id) could send broadcast traffic across the L2_Out (External Bridge entity) - to an end node in their legacy L2 environment (Cat6K with SUP2T).

I could only find such restrictions related to VMM specifically - but in out setup there's no VMM in place yet - so I suspect we hit the same limitation in some other form. The issue is not hyper problematic as we can indeed set aside "corresponding" mapping vlan-id's at the EPG inside the fabric (where vlan-id's have little meaning anyhow) - but it is extra work and with 100 vlans to migrate not very handy w/o scripting our way around it.

Any thoughts on the general status of this limitation and is there a sw fix (for the original overlap on Leaf issue) in the pipeline for a foreseeable future ?

Many thanks (i can add more details if needed / on demand)

/Rik

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
dpita
Cisco Employee
Cisco Employee

‎10-29-2015 04:49 AM

Hello

That is a very good point, thank you for posting. 

In general, overlapping VLAN pools are not a problem, as you said. One particular solution could be to implement the per-port-vlan feature. Another solution for your case might be to extend the EPG instead of the BD via a static path under the EPG instead of an External Bridged Network. 

Here is some information on PPV (per-port-vlan)

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals/networking_and___management_connectivity.html#concept_BC396E1CBB7D4687A9CBBECDDD43DE11

The most important piece of advice i can give is to make sure you do not have overlapping VLAN pools associated to different domains, that are then associated to the same EPG. 

View solution in original post

3 Replies 3

Go to solution
dpita
Cisco Employee
Cisco Employee

‎10-29-2015 04:49 AM

Hello

That is a very good point, thank you for posting. 

In general, overlapping VLAN pools are not a problem, as you said. One particular solution could be to implement the per-port-vlan feature. Another solution for your case might be to extend the EPG instead of the BD via a static path under the EPG instead of an External Bridged Network. 

Here is some information on PPV (per-port-vlan)

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals/networking_and___management_connectivity.html#concept_BC396E1CBB7D4687A9CBBECDDD43DE11

The most important piece of advice i can give is to make sure you do not have overlapping VLAN pools associated to different domains, that are then associated to the same EPG. 

Go to solution
rik.herlaar
Level 1
Level 1
In response to dpita

‎10-29-2015 12:09 PM

Thanks a lot for your suggestions - I will certainly look into the per-port-vla feature indeed. Do you happen to know which release this is supported ?

Thanks again - 

/Rik

0 Helpful

Go to solution
rik.herlaar
Level 1
Level 1
In response to rik.herlaar

‎10-29-2015 12:23 PM

Found it should be there as of 1.1 - sorry for that - thx again

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License