Scribd
Upload
58 views

Aci Guide Fabric Access Policies For Ccie

This guide provides clarity around ACI fabric access policies, specifically for network engineers and CCIEs new to ACI. It explains that the ACI object model was designed for automation and flexibility. While this makes ACI powerful, it can be confusing for those unfamiliar with the GUI. The guide defines the key ACI fabric access policy objects like switch profiles, interface profiles, and attachable access entity profiles needed to configure VLANs across interfaces. It recommends network engineers new to ACI focus on understanding and building familiarity with these objects.

Uploaded by

ronald_castaneda
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
58 views

Aci Guide Fabric Access Policies For Ccie

This guide provides clarity around ACI fabric access policies, specifically for network engineers and CCIEs new to ACI. It explains that the ACI object model was designed for automation and flexibility. While this makes ACI powerful, it can be confusing for those unfamiliar with the GUI. The guide defines the key ACI fabric access policy objects like switch profiles, interface profiles, and attachable access entity profiles needed to configure VLANs across interfaces. It recommends network engineers new to ACI focus on understanding and building familiarity with these objects.

Uploaded by

ronald_castaneda
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Cisco Application Centric Infrastructure

ACI Fabric Access Policies for


CCIEs
This guide provides clarity around ACI fabric access policies, specifically for CCIEs and Network Engineers. It's distinct
from other APICs with which you might have worked. Review this content to better understand these two points.

1. There is purpose in the unique APIC design (the Object Model design).
2. It can be very confusing to professionals new to ACI, even seasoned CCIEs.

For Point #1 – The ACI Object Model was designed with automation and orchestration in mind. The infinite flexibility you
see today allows ACI Fabrics to be used with great diversity, from a Network-Centric Datacenter fabric used primarily by
Network Engineers, to a fully automated private Cloud, automated and configured by Openstack. You see that it's the
same Fabric, same switches, same Object Model, but for two vastly different purposes.

For Point #2 – Especially to professionals who aren’t used to the GUI, this type of APIC can see confusing. Its
implementation challenged can be overcome by repetition of configuration and building muscle memory.

This guide will help you to better understand the Fabric Access Policy section for CCIEs, Network Engineers, and any
professionals new to ACI.

The picture below gives a graphical “configuration” of a VPC and the ACI Policy Objects you would touch to bring the
VPC to life.

• Switch Profiles allow you to select an ACI Fabric Node (i.e., a Leaf switch).
• Interface Profiles are a folder for Access Port Selectors. For example, a Leaf Interface Profile might be
called “Leaf201_IntProf”, and the child objects of the interface profile would be 48 Access Port Selectors (i.e.,
Eth1_1 through Eth1_48).
• The aforementioned Access Port Selector allows you to select an interface.
• The Policy Group is a collection of configuration to be applied to an interface or range of interfaces.
Configuration parameters such as:
• speed, lacp mode
• bpduguard
• cdp
• lldp
• Policy Groups come in three types: Access Port, Port-Channel, or VPC. The example below shows VPC.
• The Attachable Access Entity Profile (AAEP) is one of the more misunderstood objects in ACI. To keep
things simple, the AAEP is the “glue” that binds switches and interfaces at the top, with Vlans on the bottom.
• The AAEP is analogous to the switchport trunk allowed command.
• The Domain (either Physical, External L3, or Dynamic) and the Vlan Pool act as the L2 Vlan database.
When working in the Fabric > Access section of the GUI to configure your switch interfaces to allow Vlans to go
across, there is a linkage of objects that must be maintained. Failure to do so will result in the Vlan not being available
in your User Tenant. Use the diagram below as a reference of the most important Fabric Access Objects.

Original content written by Jody Davis and published at https://unofficialaciguide.com.

You might also like