I am trying to recollect some more points on ACI which is continues to my previous post.
ACI is a simple modular switch, below depicted diagram suppose to be in part -1 🙂
AVS -> Application Virtual Switching supported only on VMWARE (VEM)
- Essentially a modified N1K VEM with an Opflex agent (port-groups backed by VxLANs)
- APIC will also talk to AVS/VEM over OPFLEX and assign it IP address just like any other f Fabric component
AVS switching modes:
- Local switching: Intra-EPGs traffic switched on the same host
- FEX mode: All traffic sent to Leaf for switching
- Full switching : : Full APIC policy enforcement on server
- X9700 only supported ACI supported line card
- NXOS line cards are different that ACI line cards
- Leaf and Spine communicate over IS-IS (by default) and IBGP (configurable for route leaking)
- Traffic is normalized into eVXLAN (ACI VXLAN) at the spine and communication happens based on source and destination EPG
- If leaf does not know dest mac, traffic is sent to spine
- If even spine does not know, then the frame is dropped by default, however we can configure it to flood such frames
- Leaf identifies a new host as it comes up with any snooping technology and reports the Spine through a communication protocol called COOP
- Old entries on leaf switch will be removed after 5 minutes
- APIC is configurable through CIM-C and KVM
- APIC will further configure the spine and leaf switches starting with IP assignment
- Management IP offered by APIC to fabric are only for management communication and not for any outside access
- APIC will communicate with fabric over a dedicated VRF called Overlay-1
- VM kernel IP address subnet should be different than APIC IP assignment subnet
- VLAN ID is required for infrastructure network 4093
- Kernel of APIC is CENT OS
- Cannot conf t to leaf switches