Wassim

Here are my study notes on the topic of ACI tenants. Definitions provide security by isolating what is defined under tenant A from tenant B. With tenants we can run many logical networks on the same physical network. provide a separation of the control and management plane, ie each tenant has its own control plane and management plane. There are default tenants already preconfigured on the APIC: management tenant infrastructure tenant common tenant: here we can define common network policies and services that will be used across tenants. Some of these services could be DHCP, DNS, Active Directory, etc. in ACI, management of tenants can be performed on a per-tenant basis. And we can assign tenant management on a user or group basis. Infrastructure administrator vs tenant administrator Infrastructure administrator manages and controls VLAN namespaces for all tenants. He has access to all tenants. Tenant administrator has access only to his allowed tenant(s) and his/their ressources. S...

In this blog post I am laying my study notes on the topic Cisco ACI Domains. We learn the concept of workloads, bare metal servers and virtualisation servers first. Second, we discover the types of networking domains Cisco ACI offers. Third, we read about how to configure an external L2 connection. And we finish with an example of configuring an L3 external connection. Definitions A Network Engineer can use the following terms interchangeably: ACI domain ACI networking domain ACI domain profile For the rest of the article I’ll refer to it simply by ACI domain. An ACI domain defines where and how to use a VLAN Pool. The answer to the “where” question could be a physical server, a virtualized server, an external switch or an external firewall. The answer to the “how” question is understood through the use of AEP , because the AEP brings the encapsulations (the VLANs defined in the VLAN Pool associated to the Networking Domain) to some or all interfaces of a p...