Table of Contents: Introduction Theory behind ACI / Cloud Integration 2a. Google ACI Fabric differences from AWS/Azure ACI Fabrics References Introduction It has been possible to integrate Cloud APIC in Google Cloud and create a ACI Fabric in Google Cloud since September of 2021. The latest image avaialable in Google Cloud Marketplace as of today … More ACI Fabric in Google Cloud
Starting from ACI Release 5.0(1) Cisco has started supporting ACI SR-MPLS handoff for L3 Outs. If you are not familiar with Segment Routing concepts do not despair. Once you see the benefits of using Segment Routing you will realize why this is such a good way of doing L3 Outs. If you are familiar with … More ACI SR-MPLS Handoff for L3 Outs
What do you think of when you hear active/active as a requirement for datacenter connectivity? If its not the first thing on your mind, it’s in the top-5, and I’m talking about the need to influence ingress routing (i.e., keeping traffic local to where you endpoints reside). Whenever we have an active/active routing design, routes … More CPOC Series: Using the Host-based routing feature in ACI to optimize ingress routing for MultiPod
Today, we’ll be talking about L3out connectivity to and from ACI. This video will not only walk through the configuration needed to establish Layer-3 connectivity, but we’ll also examine the routing tables for the ACI border leafs as well as the traditional devices on the outside of ACI.
When adding a new ACI Fabric as a DCI Fabric, often times the question comes up whether the new fabric should be added as a MultiPod Fabric or a MultiSite Fabric. Though MultiPod is still a very valid way to add a new fabric, MultiSite has many benefits. To name a few: Totally Separate Fabrics, … More InterSite L3Out with Cisco ACI Multisite Fabrics
In ACI the external Routing Peer to the router is done through border leaves with a object called L3Out. L3Out has an object in it called the L3Out InstP also known as the External EPG. In the External EPG you can put in Prefixes and choose the scope based on your intended goal. Under the … More Understanding Scope Of Prefixes in L3Out External EPG in ACI
Beginning with APIC code 1.1, Cisco introduced the ability to allow routes to “Transit” the fabric. Prior to this release, the ACI Fabric was only seen as a collection of “stub” networks, meaning that the ACI Fabric would only advertise Bridge Domain subnets; it would not advertise routes received from an external routing peer to … More Transit Routing Use case – EIGRP with routed interfaces
At some point, you will need to configure Layer-3 routing from your ACI Fabric to External world. In this article, we will explore using EIGRP as the routing protocol to connect to our ACI Fabric. Assumptions Routed Interfaces will be used from External Devices to ACI Border LEAFs VRF is operating in Enforced Mode (meaning, … More L3OUT – EIGRP using Routed Interfaces
A common use-case for ACI deployments is to attach a pair of firewalls northbound of ACI to filter traffic in and out of the fabric. For this use case, we will be using “UNMANAGED” mode to connect the FW pair, by attaching the firewall via an L3out (External Routed Connection), and pointing static routes (0.0.0.0/0) … More L3out – Connecting to Active/Standby FW
As with most things with ACI, we have a tremendous amount of flexibility in the configuration options to meet different requirements. In this post, we’ll explore options that allow multiple Tenants to use a common, shared L3Out (routing table) for the entire fabric (as opposed to using a L3OUT per VRF). Assumptions: Only non-overlapping IP … More ACI: Configuring a shared external Layer-3 connection for all Tenants