Wassim

Here are my study notes on the topic of Cisco ACI VRF. We start by defining some terms then see how VRF is configured. ACI VRF: Definitions A VRF, aka private network, is pronounced V-R-F or “Vurf”. It is the equivalent to the legacy VRF concept, in the sense that it scopes an IP namespace, or subnets. So “IP addresses” in an ACI VRF_A are different from those in an ACI VRF_B, even if they were numerically identical. A network engineer can design his IP scheme in that way. But this situation will present challenges if he one day wanted to expose the subnets of both VRFs to the external network. In fact, any given subnet in an ACI tenant addressing space must be unique only VRF-wide. So you can have the same subnet ID on two bridge domains. But they have to belong to two separate VRFs. A Cisco ACI VRF is attachable to one or more bridge domains. APIC can be instructed to confine the subnets within a given VRF, to propagate them to other VRFs, or to allow redistri...

Here are my study notes about Cisco AEP in ACI. Attachable Access Entity Profile AEP: Definitions The Attachable Access Entity Profile binds the logical tenant configuration to the physical fabric access policies. It can be vaguely compared to the CLI command “switchport trunk allowed vlan” in traditional switching. It is required for attaching external devices and servers to the ACI fabric. The ACI AEP links the following ACI constructs together: Interface Policy Group : one-to-many relationship, which means that one AEP can be attached to more than one Interface Policy Groups) ACI Networking Domains : remember when I wrote that a Domain is associated to a VLAN Pool ? The ACI Domain grouped the VLANs in a single location, and AEP brings them to the fabric access interfaces, so that the interfaces accept traffic from those VLANs. There is one-to-many relationship between AEP and Networking Domains, which means that a network engineer has the possibility: to link one AEP to o...