Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2343
Views
0
Helpful
3
Replies

promiscuous mode for virtual switch when deploying aci simulator

JefferySung53210
Visitor

‎08-16-2021 10:20 PM

Why is promiscuous mode needed for virtual switch when deploying aci simulator? Can I do away with it?

Labels:
0 Helpful
3 Replies 3

Robert Burns
Cisco Employee
Cisco Employee

‎08-17-2021 05:07 AM

Not if you want it to work 🙂  Because the Simulator is running on an mininet instance, the MACs are nested and therefore will not be able to receive traffic intended for the APICs virtual MAC.  It's the same reason when you run a nested VM instances of a hypervisor like ESX, you also need promisc. mode enabled.

Robert

0 Helpful

JefferySung53210
Visitor
In response to Robert Burns

‎08-17-2021 07:54 PM

Hi Robert,
Thanks for your prompt reply. My main concern here is security with promicious mode enabled, is there a way to create in a isolated VMware environment?

0 Helpful

Robert Burns
Cisco Employee
Cisco Employee
In response to JefferySung53210

‎08-18-2021 07:44 AM

One option is to connect the APIC Sim to a dedicated vSwitch without any physical uplinks.  Then add a VM/Jumpbox with one Interface in the same vSwitch/Port Group as the Sim, and a second interface attached to your external/routed network vSwitch/portgroup.  This would limit the exposure of the Sim to only the jumpbox which could be running a FW to prevent external access.  

Robert

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License