Scribd Logo
Upload

Welcome to Scribd!

  • 98 views

    Connecting An External Entity To Cisco ACI (External L3Out) - Andrea Dainese

    Uploaded by

    acehussain
    The document discusses different types of communication within a Cisco ACI network and the steps required to configure each type. It addresses intra-VRF communication between VMs within the same bridge domain, intra-bridge domain communication between VMs in different EPGs but the same bridge domain, and inter-VRF communication between VMs in different bridge domains. For each scenario, it outlines defining necessary contracts and configuring route leaking or VRF enforcement as needed.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Connecting An External Entity To Cisco ACI (External L3Out) - Andrea Dainese

    Uploaded by

    acehussain
    98 views1 page
    The document discusses different types of communication within a Cisco ACI network and the steps required to configure each type. It addresses intra-VRF communication between VMs within the same bridge domain, intra-bridge domain communication between VMs in different EPGs but the same bridge domain, and inter-VRF communication between VMs in different bridge domains. For each scenario, it outlines defining necessary contracts and configuring route leaking or VRF enforcement as needed.

    Original Description:

    External Cisco ACI

    Original Title

    Connecting an External Entity to Cisco ACI (External L3Out) _ Andrea Dainese

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document discusses different types of communication within a Cisco ACI network and the steps required to configure each type. It addresses intra-VRF communication between VMs within the same bridge domain, intra-bridge domain communication between VMs in different EPGs but the same bridge domain, and inter-VRF communication between VMs in different bridge domains. For each scenario, it outlines defining necessary contracts and configuring route leaking or VRF enforcement as needed.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    98 views1 page

    Connecting An External Entity To Cisco ACI (External L3Out) - Andrea Dainese

    Uploaded by

    acehussain
    The document discusses different types of communication within a Cisco ACI network and the steps required to configure each type. It addresses intra-VRF communication between VMs within the same bridge domain, intra-bridge domain communication between VMs in different EPGs but the same bridge domain, and inter-VRF communication between VMs in different bridge domains. For each scenario, it outlines defining necessary contracts and configuring route leaking or VRF enforcement as needed.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    You are on page 1of 1

    06/04/2018 Connecting an external entity to Cisco ACI (external L3Out) | Andrea Dainese

    INTRA VRF COMMUNICATION (VM3 TO VM1 AND VM2)


    Always remember the Cisco ACI Workflow (/2018/03/cisco-aci-workflow/).

    Because each bridge domain is associated to a dedicated EPG, to allow communication between VM3
    and VM1/VM2, we have two paths:

    define a contract between EPG_181 and EPG_181;


    configure VRFA as unenforced.

    INTRA BRIDGE DOMAIN COMMUNICATION FROM


    DIFFERENT EPGS (VM4 TO VM5)
    Always remember the Cisco ACI Workflow (/2018/03/cisco-aci-workflow/).

    VM4 and VM5 are in different VLANs, attached to different EPGs, but both EPGs are attached to the
    same bridge domain. Because of that, both VM are in the same L2 broadcast domain, but communication
    is now controlled by contracts. Again, communication between VM4 and VM5 can allowed:

    defining a contract between EPG_182 and EPG_183;


    configuring VRFB as unenforced.

    INTER VRF COMMUNICATION (VM1 AND VM2 TO VM4 AND


    VM5)
    Always remember the Cisco ACI Workflow (/2018/03/cisco-aci-workflow/).

    In this case we have EPGs from different VRF that should communicate, in other words we must
    configure route leaking between VRFA and VRFB. To do that we must:

    configure subnets (under each bridge domain) to be shared (“Shared between VRFs”);
    configure contracts between EPGs which are under different VRFs (it’s not a full mesh, in
    our case). Contracts are needed even if VRFs are set as unenforced because contracts
    defines the mutual redistribution.

    Contracts should be mono-directional, because both directions must be explicit (I suspect a bug, because
    it does not make sense). In other words, configure the following mono-directional contracts:

    from EPG_180 to EPG_182;


    from EPG_180 to EPG_183;
    from EPG_181 to EPG_182;
    from EPG_181 to EPG_183;
    from EPG_182 to EPG_180;
    from EPG_182 to EPG_181;
    from EPG_183 to EPG_180;
    from EPG_183 to EPG_181.

    A full mesh requires n(n-1)/2=6 for each direction. In this case we have “only” 4*2 contracts.

    On each leaf we can see inter VRF routes and leaked (pervasive) routes:

    L f 101# h i t f AD VRFA

    http://www.routereflector.com/2018/03/routing-in-a-cisco-aci-fabric/ 1/1

    You might also like