Good ACI References Worth Bookmarking

Last Updated: 9/7/2022

I’m bringing up this page to keep a running list of ACI bookmarks that are really worth reading. If you are working with ACI these are a must read. My colleagues and I will add to this list over the course of time. So, please visit frequently.

Table of Contents:

  1. Security
  2. SR-MPLS
  3. Troubleshooting & Stuff
  4. Multisite/Multipod
  5. Upgrades/Downgrades
  6. Everything ACI
  7. API/Progammability
  8. Nexus Dashboard Related
  9. Cisco ACI Hybrid Cloud Related
    1. From Unofficial
    2. From Ricardo’s Blog
  10. VMM Related
  11. Miscellaneous


  • Everything you want to know about ACI Contracts
  • Cisco APIC Security Configuration Guide
  • All about Cisco ESGs, (Endpoint Security Groups) – Great for moving from netcentric to appcentric mode
  • Understanding Scope Of Prefixes in L3Out External EPG in ACI
  • Configuring LDAP Authentication with Cisco APIC Controller
  • Understanding Roles in ACI & MSO and integrating with FreeRadius.
  • Logging ACL/Contract Permits and Denies with ACI
  • Operationalizing ACI: Contracts Viewer
  • ACI Multisite Cloud Sec Encryption
  • Cisco APIC  TACACS+, Radius LDAP, RSA & SAML configuration Guide
  • ACI Endpoint Update app 2.1 – Enhancing FTD and ASA policies
  • Nexus Dashboard – Certificate Install

  • ACI SR-MPLS Handoff for L3 Outs       🦠Proof Of Concept
  • Cisco ACI SR/MPLS Handoff Architecture White Paper
  • SR-MPLS Handoff explanation and Packet Walk
  • SR-MPLS Handoff Configuration
  • Validated Design for Cisco ACI to SR-MPLS Handoff
  • Troubleshooting & Stuff

  • Troubleshooting Cisco Application Centric Infrastructure, Second Edition
  • Cisco
    APIC Troubleshooting Guide
  • Troubleshooting Unexpected Route Leaking in ACI
  • Cisco ACI Endpoint learing WhitePaper
  • Overlap VLAN Pool Lead Intermittent Packet Drop to VPC Endpoints and Spaning-tree Loop.   ⚠️ Each EPG/AEP could associate multiple domains, but each domain must associate with a vlan-pool containing unique vlan-block that is not overlapped with any other vlan-pool. This is to ensure the global consistent vlan-to-vxlan mapping
  • Multisite/Multipod

  • Cisco ACI Multi-Site Architecture White Paper        ⚠️Sites should be added in Maintenance Window only, since BGP RID on spines will reset causing disruption
  • Cisco ACI Multi-Site and Service Node Integration White Paper
  • Extending Your datacenter policies into the cloud with Cisco ACI Anywhere
  • Cisco ACI Multi-Site Configuration Guide, Release 3.1(x)        📗 Pay attention to the new avpair format for MSO from 3.1.x
  • A basic question about VMM domains, Multipod and Multisite
  • Upgrades/Downgrades

  • Cloud APIC Install/Upgrades/Downgrades
  • ACI Upgrade Checklists
  • APIC Software Upgrade/Downgrade Support Matrix
  • Cisco APIC Installation and ACI Upgrade and Downgrade Guide
  • Search for Pre-Upgrade Validator App at
  • ACI -Pre-Upgrade-Validation-Script – Python        🦠Use This !
  • Moving from MSO 3.1.1 (running on Case) to NDO 3.3.1 or directly to NDO 3.5.x (running on ND)
  • short Video on migration from MSO 3.1.1 to NDO 3.3.1
  • Upgrading ACI Fabric and MSO, Please Read This first
  • ACI / APIC Software Guidance
  • Upgrading ACI Fabric: The 4.0 Way
  • APIC Upgrade Tool
  • ACI Switches: Password Recovery
  • Wiping an ACI Fabric
  • Upgrading your ACI Fabric
  • Upgrading the CIMC for your APICs
  • Using Standby APIC to move APIC or Replace APIC
  • Cisco Data Center Network Applications Compatibility Matrix        Shows you what Apic/cApic goes with what ND/NDO/NDI
  • Everything ACI

  • APIC Landing Page (all aci docs) including Cloud APIC        🛬 Landing Page
  • White Papers including Cloud ACI
  • White Papers Nexus 9K
  • API/Progammability

  • Cisco ACI System Messages Reference Guide
  • Cisco APIC Faults, Events, and System Messages Management Guide
  • APIC Management Information Model Reference
  • Intersight niatelemetry
  • APIC System Faults/Events Message Reference        🗝 Search Fault & Event Code by ID
  • Cloud APIC & APIC Object Model Documentation
  • Cisco ACI Policy Model Guide
  • Cisco APIC REST API Configuration Guide
  • Cisco Application Centric Infrastructure MIB Quick Reference
  • This doc has instructions on creating cAPIC Tenant with Azure using REST API
  • Short Previous Article on ACI Automation
  • Look in ND Federated Cluster article        Look at this blog for API Calls to ND, Curl to ND, Postman Interceptor to figure out API calls needed
  • CiscoDevNet/ansible-mso
  • CiscoDevNet/ansible-nd
  • Ansible Automation for Nexus Dashboard/Nexus Dashboard Orchestrator
  • Ansible Collection Index » Collections in the Cisco Namespace » Cisco.Mso
  • Ansible Galaxy Collection ACI
  • Ansible Galaxy Collection ND
  • Ansible Galaxy Collection NDO
  • Getting Started: Cisco MSO With Ansible
  • Configuring Cisco ACI with Ansible AWX running in Docker
  • Terraform ACI Provider
  • Terraform NDO Provider
  • Terraform with Cisco Nexus Dashboard Orchestrator for building Hybrid Cloud and end to end services
  • Deploying cAPIC on Azure With Terraform
  • Nexus Dashboard Related

  • ND Deployment Guides, Data Sheets, Release Notes, Compatibilty Guides, Install and Upgrade        💡ND Documentation
  • ND, NDO, NDI Remote Authentication Configuration        💡AV Pairs Needed and scope results in ND, NDO, NDI. Also, Multi-Factor Authentication
  • Understanding RBAC for Nexus Dashboard Orchestrator        💡 Shows you AVPairs and also Approver/Deployer Roles for NDO
  • Cisco Nexus Dashboard User Guide 211        💡 Must Read – Also has information on how to replace failed Master from Standby ND
  • Cisco Nexus Dashboard Insights User Guide, Release 6.0.2 – For Cisco Application Centric Infrastructure       
  • Cisco Nexus Dashboard Deployment Guide, Release 2.1.x       
  • Cisco Nexus Dashboard Hardware Setup Guide
  • Cisco Nexus Dashboard Deployment Guide
  • Cisco Intersight Overview
  • ND Sizing Tool        Based on Physical/Virtual/Cloud ND and what apps you will run on ND + size of Fabric, this will calculate the ND size needed
  • Moving from MSO 3.1.1 (running on Case) to NDO 3.3.1 or directly to NDO 3.5.x (running on ND)
  • short Video on migration from MSO 3.1.1 to NDO 3.3.1
  • Cisco Data Center Network Applications Compatibility Matrix        Shows you what Apic/cApic goes with what ND/NDO/NDI
  • Licensing Guide
  • ND Ordering Site
  • NDI Users Guide
  • NDI Users Guide dcnm
  • Nexus Dashboard 2.1 – New Features – Federated Clusters
  • Introduction To Cisco Nexus Dashboard And Installation, Integrating With Radius, Configuring Intersight And Site Onboarding 🗝 Install details & Licensing Simplified/Explained
  • Deploying MSO on Cisco Application Service Engine ( AWS AMI Based SE) ⚠️OLD – Dont Use SE/MSO – Use ND/NDO !!!
  • Deploying MSO on Cisco Application Service Engine (OVA based SE) ⚠️OLD – Dont Use SE/MSO- Use ND/NDO !!!
  • Installing Cisco Nexus Dashboard in AWS
  • A Guide To: Nexus Dashboard Insights Kafka Exporter to Elasticsearch/Kibana for Data Analysis & Visualization
  • Jenkins /Ansible for ACI Orchestration and for Automated Configuration Sanity Check / Pre-verification with NAE/ND and Git integration
  • Cisco Nexus Dashboard Demo – Unlock new value from your hybrid cloud network
  • Cisco Nexus Dashboard Insights and Splunk Integration
  • Part 1 – Installing AppDynamics and Integrating with Cisco Nexus Dashboard Insights
  • Part 2 – Installing AppDynamics APM Agents to report application data to AppD Controller
  • Part 3 – Monitoring Apps deployed on K8s cluster on ACI Fabric Using AppDynamics/NDI
  • Nexus Dashboard – Certificate Install
  • Cisco ACI Hybrid Cloud Related

    From CCO
  • Cloud APIC Documentation
  • (Azure) – Cisco Cloud APIC for Azure User Guide, Release 5.2(x)I        💡 Lookup what Cloud Service Endpoint types are, — Cloud Native, Cloud Native Managed, Third Party
  • Cisco Cloud ACI Hybrid Multi-Cloud Deployment Guide        💡 The Definitive Desingn Guide!!!
  • NDO Schema Design Considerations
  • Shared On-Premises L3Out for Cisco Cloud APIC Workloads
  • From Unofficial
  • (AWS) – Cloud Tenant Only (deploying Application Load Balancer with Service Graph on AWS)       🗝 Also Explains the values of EPG Selectors “equals”, “not equals”, “in”, “not”
  • (AWS) – Stretched Tenant / EPG between OnPrem ACI Fabric and Cloud Native ACI Fabric with Shared L3Out
  • (AWS) — When to use Shared Template and When to use Site Only Template
  • (AWS) – Deploying from Scratch- Physical ACI Fabric With ACI Cloud Fabric
  • AACI/Cloud Extension Primer: Adding Trusted/Untrusted AWS Accounts and Shared/Managed/Unmanaged Identities for Azure to Cloud ACI Fabric
  • (Azure) – Adding in Azure Site to ACI Cloud Fabric – Step by Step
  • (AWS) – A Practical Guide to using AWS Transit Gateway (TGW) with Cloud ACI
  • (Azure) – ACI 5.0.2 cAPIC Feature Listing and First Time Setup differences
  • (Azure) – A Practical Guide to using Azure vNET Peering with Cloud ACI        🗝 Debugging CSR Tips here
  • (Azure) – Simple Service Graph with Azure Application Gateway & vNET Peering
  • (Azure) – Simple Service Graph with Azure Network Load Balancer & vNET Peering
  • (Azure) – Multi-Node Service Graph with Horizontal Firewall Scaling using vNET peering and hosting service devices in HUB vNET (overlay-2)
  • (Azure) – Multi-Node Service Graph with North South Firewall Scaling using vNET peering and hosting service devices in HUB vNET (overlay-2)
  • Cisco cAPIC / Azure Kubernetes Service Integration with Azure File Share Services for Apps
  • Cisco cAPIC / Native Azure API Management for serverless Architecture integration
  • Cloud ACI 5.2: A compelling case for Cisco ACI Hybrid/Multicloud Data Centers
  • Cloud ACI 5.2: Interconnecting ACI Fabrics Over Cloud Provider’s Backbone at High Speed for both AWS and Azure
  • Cloud ACI 5.2: Azure Brownfield Integration with ACI Fabric
  • Cloud ACI 5.2: ACI/Azure Tenant vNET Peering across Azure Acitive Directories
  • Cloud ACI 5.2: AWS Enhancements in TGW with TGW Connect Attachments
  • (AWS/Azure) – Cisco Cloud ACI Generic External Connectivity        🗝 Tips on how to put static route on EC2 is here
  • Cloud ACI 25.0.2: AWS Cloud ACI 25.0.2 AWS Brownfield Integration to Cloud ACI Fabric on AWS (with Proof Of Concept)
  • Cloud Network Controller (previously cAPIC) Access Policies
  • Cloud ACI 25.0.2: Connecting ACI/AWS Cloud Fabric to External DC/Branch Site via TGW (with Proof Of Concept)
  • Upgrading Cloud Routers from CSR1KV to Catalyst 8KV
  • Deploying cAPIC on Azure With Terraform
  • ACI Fabric in Google Cloud
  • AWS Direct Connect for connecting AWS/ACI Fabric to onPrem ACI Fabric
  • Simple Troubleshooting Steps for Cloud ACI/AWS To OnPrem ACI For End Point Reachability Issues
  • Fully Managed AWS Brownfield Integration to Cloud ACI
  • NDO/CNC Fabric Integration with AWS GWLB for protected apps
  • Shared VPC Subnets across AWS accounts with ACI/CNC Fabric
  • Consuming AWS Native Services from applications running on onPrem ACI Fabric
  • From Ricardo’s Blog
  • Ricardo’s ACI Blogs       📬 Excellent Blogs written by my colleague Ricardo Trentin focused on Cloud ACI
  • Cisco Cloud ACI Tenancy Design Guide
  • How to Install Custom SSL Certificates on Cloud ACI managed Application Load Balancer on AWS
  • Deploying AWS ECS with Fargate on Cloud ACI managed network
  • Using AWS VPC End Points with Cisco Cloud ACI
  • Integrating F5 with Azure using Cloud APIC
  • Network to App Centric Migration on Cloud ACI
  • Cisco ACI Multi-Site Multi-Cloud Connectivity Scalability and Availability using Multiple Routers
  • Staging Cloud ACI Configurations on Azure
  • Naming resources made easy
  • Inspecting On-Prem Traffic using 3rd Party Firewalls
  • VMM Related

  • Openstack with ACI Integration – Part 1 (General Discussions of Openstack with ACI)
  • Openstack with ACI Integration – Part 2 ( installing with packstack)
  • Openstack with ACI Integration – Part 3 (installing using Red Hat Director)
  • Openstack with ACI Integration – Part 4 (using Openstack Integrated ACI)
  • CPOC Series: ACI MultiPod with Live vMotion from one Pod to another
  • CPOC Series: VMM integration from ACI to VMware vSphere
  • CPOC Series: vMotion and vKernel configuration considerations between ACI and vSphere
  • A basic question about VMM domains, Multipod and Multisite
  • Part 1 – Cisco ACI 5.2 and Kubernetes 1.21 CNI Integration
  • Part 2 – Cisco ACI 5.2 and Kubernetes 1.21 CNI Feature Highlights
  • Miscellaneous

  • Collection of ACI White Papers (including migration, SRMPLS etc, etc)
  • Using OpenShift with Cisco Cloud APIC
  • Red Hat OpenShift Container Platform on AWS Cloud
  • Cisco ACI APIC and cAPIC monitoring using Prometheus/Grafana
  • Spanning-tree (STP) and ACI
  • ACI TEP Pool Discussion        🗝 Tips on how to look at APIC Setup Parameters from ssh
  • STP and ACI: Intermittent packet loss due to TCNs
  • Understanding ACI TCAM Utilization & Optimization
  • ACI with IPv6
  • Configuring an APIC Banner (GUI Alias)
  • Configuring Syslog for ACI
  • ACI Fabric L3Out Guide
  • Floating L3Out
  • Youtube Video on Floating L3Out Enhancements
  • Meaning of L3Out SVI Scopes: Local Scope and VRF Scope (remember default behavior is local scope)
  • Understanding Scope Of Prefixes in L3Out External EPG in ACI)
  • K8s Lens IDE on AWS/ACI EKS infrastructure
  • Nexus Switch Intersight Device Connector Documentation
  • Cisco ACI Policy-Based Redirect Service Graph White Paper
  • Cisco ACI Multi-Pod and Service Node Integration White Paper
  • Cisco ACI and F5 BIG-IP Design Guide White Paper
  • Design Guide to Run VMware NSX-T with Cisco ACI White Paper
  • Go To Top

    Posted in All

    Leave a Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.