So far in this series, everything we have discussed has been concerned with what happens inside the ACI fabric. At some point however, you will want to connect your fabric to the outside world, either at layer 2 or layer 3. In this part, we’ll take a look at how to set up layer 3 connectivity from ACI to an external router, using a construct called the Layer 3 Outside.

Let’s first take a look at the topology I’m going to discuss in this post:

L3-Outside Read the rest of this entry »

Welcome to part 8 – let’s quickly recap what we have covered so far in this series:

  • Part 1 introduced this series and discussed what topics would be covered, as well as a very brief overview of ACI.
  • In part 2, I took a look at the fabric bring up process
  • Next, we took a tour through the APIC GUI to get us familiar with the interface.
  • Part 4 looked at some of the most important ACI constructs – app profiles, EPGs, contracts and filters.
  • We had a look at networking concepts in ACI in part 5.
  • In part 6, we discussed access policies and how they are used to provision ports.
  • Last time out in part 7, I walked through setting up basic connectivity between two bare metal hosts.

OK, so what’s next? In this part, we’ll discuss VMM Integration. What does this mean exactly? Firstly, VMM stands for Virtual Machine Manager – in other words, we are talking about integration with a VM management system such as VMware vCenter, Microsoft SCVMM and so on. At the time of writing this post, ACI supports integration with vCenter (others will be supported later), so this is what we’ll concentrate on here. I should also point out that we could also use the Cisco Application Virtual Switch (AVS) to achieve this integration, but I’m going to focus on using the regular VMware distributed virtual switch in this post. Read the rest of this entry »

Welcome back! In this instalment, I’ll look at how to get two bare metal hosts talking to each other in the fabric. In the last post, we talked about access policies. At the end of that post, we had created a number of policies and applied them to our switching nodes. If you recall, by doing that we had provisioned a range of VLANs on one or more ports on a leaf node, but we had not actually enabled any VLANs on a port. In order to do that, we need to create at least one EPG and associate it with a port.

Read the rest of this entry »

Just a quick note to say that both my ACI sessions from Cisco Live Milan in January are available now for viewing online:

BRKACI-2345 – ACI: What We Have Learnt From Early Deployments

BRKACI-1789 – How To Perform Common Tasks In ACI

You’ll need a login to access both the slides and the videos.



So far in this series, we’ve covered some basic concepts in ACI, including fabric bringup, APIC familiarisation, application profiles / EPGs / contracts as well as some of the networking concepts in ACI. At some point though, you’ll want to actually start attaching hosts and other devices to the fabric – in order to do this, you’ll need to get familiar with the concept of access policies.

Access Policies

Read the rest of this entry »

Welcome to part 5 of this blog series – so far I have covered the following topics:

  • Part 1 contained a very brief overview of ACI and what the series would cover.
  • In part 2, I talked through the fabric bring-up process.
  • Part 3 was all about getting familiar with the APIC controller GUI.
  • In the last blog, part 4, we took a look at some of the most important policy constructs within ACI – application profiles, EPGs, contracts and filters.

Next on the list, we’ll have a look at some networking concepts within ACI – namely private networks, bridge domains and subnets. Some of these are terms that you might not recognise, so what are they for? Read the rest of this entry »

In this post, we’ll take a closer look at some of the most important constructs within the ACI solution – application profiles, End Point Groups (EPGs), contracts and filters. Hopefully you’ve taken a look at the other parts in this series – in part 1, I gave a brief overview of ACI and what I would be covering in the series. Part 2 discussed the fabric bring-up process, with part 3 giving a short tour of the APIC. Read the rest of this entry »

Hello again! Hopefully you’re back after reading parts one and two of this series – in the first post, I covered a basic introduction to ACI and then in the last post, we looked at how the fabric initialisation and discovery process works. After the incredible excitement of building an ACI fabric, what do we do with it? Well, if you’ve never seen what an APIC looks like before, in this post we’ll have a look around the APIC and start to find our way around the GUI.

Read the rest of this entry »

Welcome to the second part of my blog series on ACI. Before we start to delve into policies, contracts, filters and all the other goodness to be found in ACI, we need to actually provision a fabric and bring it online. As it turns out, this is a really easy process and one which should take only a short amount of time. Obviously before we begin, we need to make sure everything is cabled correctly (leaf nodes to spine nodes, APIC controllers to leaf nodes, APIC out of band connectivity, etc). Read the rest of this entry »

This post is the first in a series in which I’m going to describe various aspects of Cisco’s Application Centric Infrastructure (ACI). ACI, if you aren’t already aware, is a new DC network architecture from Cisco which uses a policy based approach to abstract traditional network constructs (e.g. VLANs, VRFs, IP subnets, and many more). What I’m not going to do in these posts is cover too many of the basic concepts of ACI – for that, I recommend you read the ACI Fundamentals book on, available here. Instead, my intention is to cover the practical aspects of building and running an ACI fabric, including how to bring up a fabric, basic physical connectivity and integration with virtualisation systems. Read the rest of this entry »