cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2386
Views
0
Helpful
3
Replies

VMM Integration to ACI

Daps
Level 1
Level 1

Hi,

 

I have some queries regarding VMM Integration to aci.

 

My ACI topology is like 1 BD = 1 EPG = 1 VLAN  type.  All vlan gateways are on firewall, outside the ACI. Using dot1q , i am flowing traffic from endpoint to firewall Gateway. As Simple it is.

 

I am trying to  create DVS on ACI for VMM Integration of  VMWARE. For that i have created VLAN POOLs, Interface profile and mapped EPG to VMM domain. 

 

1)Physical  domain ---- VLAN POOL 1-1500( STATIC) ----- AEP-TEST

2) Vmm  domain ----- VLAN POOL 2500-2700 (Dynamic) ---- AEP-TEST (same AEP used)

 

I have configured DVS, i am able to see VMware ESXI and other things on ACI. NOW, I have mapped EPG 3 (which is already part of physical domain / vlan pool) to VMM domain. 

 

VMs IPs are belongs to VLAN 3 ( EPG 3), Whose gateway is on Firewall. My concern is as below:

 

1. When i mapped  EPG 3 to VMM domain, it took dynamic vlan 2501. So, all the VMs , which has port group EPG3 automatically tagged 2501,  Which is not available on my firewall. So, gateway is not reachable. Is there any point to use dynamic vlan in this case? 

 

2. May i stretch EPG3 to vmm domain?  means same EPG 3 to both physical and virtual domain using same AEP. Vlan pool different but vlan id 3 is common in both pool. I am not seeing any advantage if i am statically tagged everything inside the vmm. Please brief me.

 

There are multiple documents available on this, read some of them and  now confused.

 

Please guide me on this and what's the advantage of integration?

 

Thanks in advance.

 

 

1 Accepted Solution

Accepted Solutions

Gaurav Gambhir
Cisco Employee
Cisco Employee

ACI will do vlan normalization, till the time your FW and VMs are learned under same BD, they should be able to talk to each other regardless of the vlan tag being used for each device is different, since L2 boundary in ACI is not Vlan, its BD which has both vlans under it (some exceptions like STP BPDU flooding is done in vlan)

 

 

 

 

View solution in original post

3 Replies 3

Gaurav Gambhir
Cisco Employee
Cisco Employee

ACI will do vlan normalization, till the time your FW and VMs are learned under same BD, they should be able to talk to each other regardless of the vlan tag being used for each device is different, since L2 boundary in ACI is not Vlan, its BD which has both vlans under it (some exceptions like STP BPDU flooding is done in vlan)

 

 

 

 

 THANKS. Testing DONE.  I thought it will take time. But it is easy. Under BD, MUST  use FLOOD IN BD, rest will do ACI.

 

 

 

 

Please brief me about the advantage of VMM integration to aci .
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Save 25% on Day-2 Operations Add-On License