Re: ACI fabric discovery flow

kumarH · ‎03-22-2020

As per Cisco document below is the ACI discovery flow:-

1. LLDP Exchange
2. TEP through DHCP
3. ISIS protocol Adjacency
4. certification validation
5. DME start

When Image will be upgraded in the process flow? Is it before ISIS adjacency or after certificate validation?

Francesco Molino · ‎03-22-2020

Hi

Check this link:
https://www.dclessons.com/aci-fabric-discovery

It occurs before isis adjacencies

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

kumarH · ‎03-22-2020

Thank you very much for your reply.

But I didn't find any cisco document related to it and does anyone have any cisco document explaining it? There are few documents including ciscolive but I couldn't see the full discovery flow.

I want to know, without ISIS neighborship how the remote switch has the reachablility to the APIC and which IP address it uses to reach APIC?

kumarH · ‎03-22-2020

Also how without certification validtion, APIC is providing image to the switch and allowing control plane (ISIS) up?

Sergiu.Daniluk · ‎03-24-2020

Hi,

ACI nodes are not upgraded during ACI Fabric discovery. There is a software validation check which is done, but this is not performing any upgrades/downgrades.

You can trigger an upgrade of ACI leaves/spines only after the nodes are registered with APIC and are in-service state. More details about the upgrade can be find here: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/all/apic-installation-upgrade-downgrade/Cisco-APIC-Installation-Upgrade-Downgrade-Guide/Cisco-APIC-Installation-Upgrade-Downgrade-Guide_chapter_011.html

Cheers,

Sergiu

kumarH · ‎04-13-2020

thank you for your answer and it make sense as well. Can you please tell me what is the complete leaf discovery flow?

Sergiu.Daniluk · ‎04-13-2020

Hello,

The basic steps of fabric discovery process are as follows:

Connect to the KVM console of the first APIC and complete the setup script by inputting values such as fabric name, APIC cluster size, and tunnel endpoint (TEP) address pool.
Once completed, APIC1 will begin sending LLDP via its fabric ports. The LLDP packets contain special TLVs with information such as the infra VLAN and its role as an APIC (also referred to as the controller).
On reception of these LLDP packets from APIC1 the leaf will program the infra VLAN on all ports where an APIC is detected.
The leaf begins sending DHCP Discovers on the now-known infra VLAN.
The user logs into the OOB IP of APIC1 via HTTPS and registers the first leaf node in the Fabric Membership submenu.
Once the leaf is given a Node ID, APIC1 will respond with an IP address from the configured TEP address pool and the DHCP process completes.
The registered leaf relays DHCP Discovers from other directly connected spines which were discovered via LLDP to APIC1.
The user will see those dynamically discovered spines appear in the Fabric Membership submenu and can register them.
Once the spines are registered, APIC1 responds with an IP address from the TEP pool and DHCP completes for those nodes.
The spines relay DHCP Discovers from all other nodes of pod1. (This is assuming there is a full-mesh between spines and leaf switches as is advised and is the typical architecture).
Once the leaf nodes connected to the other APICs are registered, the APIC cluster can be established via TCP communication amongst themselves. Make sure to complete the setup dialog on APIC2 and APIC3.
Confirm all APICs have formed a cluster and are fully fit. If this is the case, fabric discovery is complete.

Reference: https://www.booksprints.net/book/the-second-aci-troubleshooting-guide/

Cheers,

Sergiu