Here are some commonly asked questions and answers to help you with the operations and component integration for Cisco Application Centric Infrastructure (ACI). Subscribe(how-to) to this post to stay up-to-date with the latest Q&A and recommended Ask the Experts (ATXs) sessions to attend.
How does ACI optimize flooding?
A. In our topology, host 1 sends a packet to host 3. Leaf1 receives the packet but the destination MAC is not known in its endpoint table. Packet will be treated as a L2 unknown unicast.Instead of flooding, Leaf1 will send the packet only to the spine because we have hardware proxy enabled and optimizing the Flood behavior in comparison to traditional networks.The spine does a lookup in COOP database and forwards the frame. Hardware Proxy is recommended because it makes the Fabric scale better and reduces the amount of flooded traffic. Follow below references for ACI implementation and Deployment Best Practices:
What is the difference between Cisco ACI Long and Short lived releases?
A. About Long-Lived Releases: Cisco ACI long-lived releases are software releases intended to help you stay on a given release on a long-term basis (up to approximately 18 months), while benefiting from frequent maintenance drops to ensure quality and stability. Cisco may support two long-lived releases at any given point of time.
Long-Lived Cisco APIC Release Version
Long-Lived Cisco Switch Release Version
About Short-Lived Releases: Cisco ACI short-lived releases are stable, quality releases delivered for new feature functionalities. These releases have limited maintenance support for a duration of six months after the initial release, after which there will be no active maintenance. In addition, these releases will not have an EOS announcement. Refer to Cisco APIC Installation and ACI Upgrade and Downgrade Guide for further details in ACI upgrade mechanism.
What are Cisco ACI options to implement DevOps Model?
A. Cisco introduced a slew of cloud-native network automation solutions jointly with HashiCorp Terraform and RedHat Ansible. These solutions help customers embrace a DevOps software model and leverage the infrastructure platform in a self-service manner by automating their networks with declarative abstractions.
Cisco ACI – HashiCorp Consul integration:
Achieve service-driven network infrastructure automation with visibility and insights. Cisco ACI, HashiCorp Consul, Terraform, and Consul-Terraform-Sync (CTS) work together to provide end-to-end application infrastructure orchestration. The Consul ACI App provides real-time visibility across the network and application services and makes it easy to diagnose application issues and resolve network outages. The integration allows operators to see which services are running on each ACI endpoint by mapping service-mesh abstractions to intent-based networking abstractions.
How Cisco ACI supports ITSM/ITOM scenarios for modern IT Business?
A. Cisco ACI integration with ServiceNow automates the discovery, application to business service mapping, firmware management, and provisioning of the Cisco ACI fabric from the ServiceNow instance.Integrating Cisco ACI with ServiceNow delivers visibility and automation from the application tier down to the physical infrastructure, improving the speed and efficiency of IT provisioning, management, and troubleshooting, including
A. Cisco Nexus Dashboard provides a single automation platform to access operational services and tools for the data center and network. Using the Cisco Nexus Dashboard platform, customers can deploy Cisco Nexus Dashboard Orchestrator (NDO), Cisco Nexus Dashboard Insights, and Cisco Nexus Dashboard Data Broker. Reference: Cisco Nexus Dashboard Data Sheet
Cisco Nexus Dashboard Orchestrator (formerly Cisco Multi-Site Orchestrator) allows operators to push policies and templates and set up intersite connectivity at scale. Besides delivering high-level policies to the local data center controller — also referred to as the domain controller — it enables separation of fault domains, federation of data-center and cloud networks, and business resiliency at a global scale.
Cisco Nexus Dashboard Insights (formerly Nexus Insights) allows operators to consume the entire insights and assurance stack as a unified offering but also to take advantage of the integrated services to set up automated workflows such as upgrade assist and automated Splunk SIEM integration.
Cisco Nexus Dashboard Data Broker (formerly Nexus Data Broker) is now a part of Cisco Nexus Dashboard, which provides pervasive packet and network visibility for NetOps and SecOps to programmatically manage aggregating, filtering, and forwarding complete workflows to custom analytics tools..
Third-party applications: Cisco Nexus Dashboard offers a rich suite of services for third-party developers to build applications. REST APIs allow third-party tools to authenticate and integrate with key services such as Nexus Dashboard Insights and Nexus Dashboard Orchestrator. Currently supported third-party integrations in the Nexus Dashboard ecosystem include ServiceNow ITSM/ITOM, Splunk SIEM, HashiCorp Terraform, and RedHat Ansible.
Cisco Nexus Dashboard Fabric Controller: Cisco Nexus Dashboard can also host Cisco NDFC similar to the hosting of operational services. This unified capability gives customers a single touch point on their journey from installation to operations.
How does a bad Leaf or Spine impact the overall System health Score of the ACI Fabric?
A. The health score is applied on many different objects in the ACI model. Higher level objects scores depend on the score of objects that higher level depend on. So the overall System health score is calculated from the score of the leaf and spines with respect to below formula:
If we have a faulty part on a Leaf which is having planned replacement, how can we reduce the its impact to overall System Health to avoid false positive?
A. Each health score category is assigned an impact level. The five health score impact levels are Maximum, High, Medium, Low, and None.
The following factors are the various impact levels:
As you already have a planned maintenance for the PSU or any other component, in APIC GUI Got to Fabric >> Inventory >> Impacted Device >> Health >> Right Click the child component and “Update Health Score Impact Policy”.
What are the SNMP functions supported by Cisco Application Centric Infrastructure (ACI)?
A. The Cisco Application Centric Infrastructure (ACI) supports the following SNMP functions:
SNMP read queries (Get, Next, Bulk, Walk) are supported by leaf and spine switches and by APIC.
SNMP write commands (Set) are not supported by leaf and spine switches or by APIC.
SNMP traps (v1, v2c, and v3) are supported by leaf and spine switches and by APIC. NOTE: ACI supports a maximum of 10 trap receivers.
SNMPv3 is supported by leaf and spine switches and by APIC.
Want to learn more and get real-time Cisco expert advice? Register for the upcoming Ask the Experts (ATXs) sessions.
Simply click on the preferred session time to reserveyour spot today! Through live Q&A and solution demos, Ask the Experts (ATXs) real-time sessions help you tackle deployment hurdles and learn advanced tips to maximize your use of Cisco technology.
Level (Lifecycle Pit Stop)
Installation/ Implementation Best Practices: Cisco ACI
Hi,For some specific reasons, my client wants to implement inter-VRF routing with a loopback cable.The idea is:- use a cable to connect the port Eh1/47 to Eth1/48 of the Border Leaf- disable LLDP, MCP ... on these ports- Eth1/47 : L3Out 1 in VRF 1 with IP...
Hi guys, I hope I can get help here.To expand my knowledge in ACI I wanted to install an APIC on a c220 m3. The PID is the normal Cisco UCS c220 m3 PID and no APIC-Server-Mx.The Server includes an TPM but the installation didn‘t work. As far as I und...
We have multiple L3OUTs making using of sub-interfaces bound to one physical interface. We're currently not using these sub-interfaces and have therefore performed an admin shut of the parent interface. It turns out that the 'routed interfaces' and '...
I found "event Unknown" in show tech-support details outputs.What does "Unknown" mean?I think switch can't receive connected devices RSCN information, right? show rscn internal sent-log 2021 Nov 17 17:14:06.234568: E_DEBUG  rscn : vsan ...