Category: MultiSite

CNC Fabric Brownfield Import With Overlapping Subnets

March 7, 2023

Introduction Dealing with overlapping Subnets Verification References Introduction When importing a brownfield infrastructure from cloud (AWS/Azure/GCP), it is not a given that the brownfield infrastructure has a unique IP subnet compared to what you already have in your existing CNC Fabric Tenants (onCloud/onPrem). In this short writeup I will go through how to import a … More CNC Fabric Brownfield Import With Overlapping Subnets

Consuming AWS Native Services from applications running on onPrem ACI Fabric

January 26, 2023

Table of Contents: Introduction Native Service examples on AWS shown in this writeup Overall Example Topology & Explanation Route53 Private Hosted Zone setup for oncloud.com CoreDns Install and setup for onprem.com Route53 Resolver Inbound Endpoint Route53 Resolver Outbound Endpoint S3 VPC Interface Endpoint EC2 VPC Interface Endpoint SQS VPC Interface Endpoint References Introduction Customers using … More Consuming AWS Native Services from applications running on onPrem ACI Fabric

NDO/CNC Fabric Integration with AWS GWLB for protected apps

October 10, 2022

Table of Contents: Introduction High Level Architecture for GWLB 2.a.Routing Table Discussion 2.b. Packet Flow from Internet to Protected APP 2.c. Packet Flow: East/West to Protected APP Integration of GWLB topology with NDO/CNC Fabric 3.a. Discussion on Importing App VPC into CNC 3.b. Packet Flow from outside VPC to Protected APP 3.c. Routing across TGW … More NDO/CNC Fabric Integration with AWS GWLB for protected apps

Understanding RBAC for Nexus Dashboard Orchestrator

September 14, 2022

Table of Contents: Introduction Quick Refresher for RBAC rules for APIC 2.a.Defining the Provider 2.b.Creating Login Domain 2.c.Defining a role 2.d.Defining a Security Domain 2.e.Tie in Tenant to Security Domain 2.f. Configure AV Pairs in Radius Server 2.g. Testing out the configuration RBAC for NDO 3.a. Create Login Domain and tie to Radius Server 3.b. … More Understanding RBAC for Nexus Dashboard Orchestrator

Cloud Network Controller (previously cAPIC) Access Policies

September 12, 2022

Table of Contents: Introduction Access Policy Details 2.a.Global Level Access Policies 2.b.Account/Tenant Level Access Policies 2.c.VPC Level Access Policies 2.d.Subnet Level Access Policies References Introduction This writeup will explain the purpose for Access Policies from cAPIC release 25.0.4. If you recall, I had written an article previously on Cloud ACI 25.0.2 AWS Brownfield Integration to … More Cloud Network Controller (previously cAPIC) Access Policies

Installing Cisco Nexus Dashboard in AWS

September 7, 2022

Table of Contents: Introduction Pre-work on AWS for ND Install 2.a.Details of Pre-Work Install ND from Marketplace Some basic housekeeping stuff Configuring and joining the cluster References Introduction This writeup with show step by step how to install Nexus Dashboard on AWS. 📙⚠️ Previously I had written an article on Deploying MSO on Cisco Application … More Installing Cisco Nexus Dashboard in AWS

AWS Direct Connect for connecting AWS/ACI Fabric to onPrem ACI Fabric

June 3, 2022

Table of Contents: Introduction Quick Introduction to AWS Direct Connect Azure and GCP equivanet for AWS Direct Connect and ACI support ACI/AWS Fabric Implementation with Direct Connect 4a. Implemenation 4b. Hosted VIF Method 4c. Second Method: associating VGW with DXGW in Master Account NDO: Connecting onPrem/AWS ACI Fabric References Introduction Recently, I had the opportunity … More AWS Direct Connect for connecting AWS/ACI Fabric to onPrem ACI Fabric

Upgrading Cloud Routers from CSR1KV to Catalyst 8KV

March 14, 2022

Table of Contents: Introduction What happens when you upgrade to cAPIC 25.0.3 AWS: Upgrading CSRs to CCRs 3.a AWS: Subscribe to Cisco Catalyst 8000V Edge Software – BYOL 3.b AWS: Start The Upgrade 3.c AWS: Will need to change role/permissions for ApicAdmin/ApicAdminFullAccess in AWS 3.d AWS: Verify Upgrade Azure: Upgrading CSRs to CCRs 4.a Azure: … More Upgrading Cloud Routers from CSR1KV to Catalyst 8KV

Nexus Dashboard – Certificate Install

March 8, 2022

` Table of Contents: Introduction Requirements Populating the information Getting the required information 4.a Generate Private Key 4.b Self Signed only: Generate CA Key 4.c Self Signed Only: Generate CSR for CA 4.d Self Signed Only: Create the Self CA signed rootCertificate 4.e Generate your csr (signed with your private key) 4.f Obtain your signed … More Nexus Dashboard – Certificate Install

Cloud ACI 25.0.2 AWS Brownfield Integration to Cloud ACI Fabric on AWS (with Proof Of Concept)

February 11, 2022

Table of Contents: Credits Introduction Considerations Cloud APIC relationship to Brownfield VPC Implementation Steps overview Ensure that Contract Based Routing Is Turned on ⚠️ Proof of Concept a. POC Topology     a.1. Explanation of POC Topology     a.2. Releases used in this POC b. Terraform: Spin up ACI Tenant using Terraform c. Terraform: … More Cloud ACI 25.0.2 AWS Brownfield Integration to Cloud ACI Fabric on AWS (with Proof Of Concept)