Local user databases are great, until you have a few dozen of them. Your lab environment probably has a few users (such as yourself), and some of you might even be sharing the “admin” account, at least until Kyle breaks the fabric again and doesn’t tell anyone and all you see is an audit trail … More Configuring LDAP Authentication with Cisco APIC Controller
For network guys configuring LDAP Authentication on the Cisco APIC Controller, it can be useful to query an LDAP server when configuring or troubleshooting LDAP Authentication. This page shows how ldapsearch(1) can be used to query a directory for information. Basic Terms LDAP – Lightweight Directory Access Protocol. LDAP Schema – organization of information stored … More An ldapsearch(1) Quick-Reference for ACI Admins
RFC2307 was written in 1998 to define a schema for representing NIS information (such as Unix account attributes such as UID, home directory, etc) in an LDAP-based directory. A later draft called RFC2307bis was introduced and adopted by some major Unix vendors, but never left draft stage. Microsoft’s Active Directory adopted RFC2307 attributes for Unix … More LDAP Schemas: RFC2307 vs RFC2307bis
One of the most frequent topics that comes up when I am discussing ACI with customers, is, “How can we better operationalize ACI?”. In other words, how can we take what we have with ACI, and make it simpler to consume for not only ourselves, but for our Ops staff? For those new to ACI … More Operationalizing ACI: Enhanced Endpoint Tracker
DISCLAIMER – This post is not meant to take the place of a software recommendation process. Customers should still perform their own due diligence before selecting a software version for their own ACI Fabric. This post is meant to summarize the available ACI Software features, by release, and be used as a quick reference guide. … More ACI / APIC Software Guidance
Do you have a need to migrate a Policy Based Routing policy to ACI? Have a need to redirect a subset of traffic to a specific route? The ACI way of ‘Policy Based Routing’ is to use a service graph. Service graphs have had a varied history with regard to ACI, and some have written … More Policy Routing with Service Graphs
The mere mention of that word starts an immediate flurry of word association. Things like “broadcast storm”, “loops”, and “outage” spring to mind, all the while palms get sweaty reminiscing the memories of bridge calls with angry and impatient end users. To be honest, the Spanning-tree protocol gets a bad wrap. Its whole purpose is … More Spanning-tree (STP) and ACI
One issue that can arise when we connect ACI and Legacy STP environments is intermittent packet loss to ACI endpoints due to Spanning-tree TCNs. TCNs will trigger ACI to flush endpoints in the EPG on which the TCN was received. ACI does re-learn the endpoints based on normal data-plane learning, but if the TCNs are … More STP and ACI: Intermittent packet loss due to TCNs
We covered authenticating against the Cisco ACI APIC controller using cURL a while back… and that’s pretty useful when you need to integrate with some quick-and-dirty shell scripts. However, many people like Python for systems programming these days as it provides more advanced data structures and a wealth of libraries to enhance your code. We’re … More APIC Authentication with Python
You’ve probably read through our ACI Best Practices Configuration post. If you haven’t , please do so now. Go ahead, I’ll wait. (Are you done clicking those buttons in the GUI yet? Take your time. I won’t leave you, but I may nip out for a quick coffee while I wait). All done? Welcome back! If you’re … More ACI Best Practices Configurations for Curling