Accepted Solutions
Hi
you can’t do that using contracts.
You will need to configure useg EPG with attributes that will be your IP to classify your endpoints and then apply a contract.
A screenshot showing a test useg EPG:
Also a link of a CLUS presentation: https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2017/pdf/LTRACI-2800.pdf
Hi @sqambera
As @Francesco Molino mentioned, the contracts do not have IP filter. If you want to apply a contract between specific IP addresses, you can try to use normal EPGs, but is quite tedious to design and maintain the design of your EPGs to meet the requirements. However, if you want to group your endpoints based on IP or subnet, you have two alternatives: uEPG and ESG.
ESG starts to be supported in version 5.0 and has the flexibility to group EPs across the VRF, compared with the uEPG which only permits microsegmentation inside the BD.
Comparison:
- ESG (right):
- uEPG:
Reference to uEPG and ESG documentation:
Stay safe,
Sergiu
Hi
you can’t do that using contracts.
You will need to configure useg EPG with attributes that will be your IP to classify your endpoints and then apply a contract.
A screenshot showing a test useg EPG:
Also a link of a CLUS presentation: https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2017/pdf/LTRACI-2800.pdf
Hi @sqambera
As @Francesco Molino mentioned, the contracts do not have IP filter. If you want to apply a contract between specific IP addresses, you can try to use normal EPGs, but is quite tedious to design and maintain the design of your EPGs to meet the requirements. However, if you want to group your endpoints based on IP or subnet, you have two alternatives: uEPG and ESG.
ESG starts to be supported in version 5.0 and has the flexibility to group EPs across the VRF, compared with the uEPG which only permits microsegmentation inside the BD.
Comparison:
- ESG (right):
- uEPG:
Reference to uEPG and ESG documentation:
Stay safe,
Sergiu
