Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Main objects:
- - A tenant: is a container for policies
- - user: tenants for applications
- - common: policies available to all tenants such as: firewalls, load balancers, L4-L7 services, intrusion detection
- - infrastructure: fabric management ( resource allocation )
- - management: for ib and oob management of the fabric; enables discovery and automation of communications with virtual machine controllers
- - Access policies: switch ports with connectivity to storage, compute, L2/L3 external connectivity, VM hypervisors, L4-L7 devices
- - interface configurations: CDP, LACP, LLDP, STP
- - Fabric policies: govern the operation of the switch fabric ports
- - functions: NTP, IS-IS, BGP, DNS
- - hardware: power supp, fans, chassis
- - Virtual Machine (VM) domains: VM controllers with similar networking policy requirements
- - L4-L7 services: automation framework enables the system to dynamically respond when a service comes online or goes offline
- - AAA: Access, authentication, and accounting
- Primary tenant elements:
- - filters:
- - contracts:
- - outside networks:
- - bridge domains:
- - subnets:
- - public: can be exported to a routed connection
- - private: subnet only applies withn the tenant
- - shared: between VRFs and tenants
- - vrf: tenant network (called a private network in the APIC GUI)
- - a tenant can gave multiple vrfs
- - also known as contexts; each vrf can be associated with multiple bridge domains
- - app profiles: policies, services and relationships between endpoint groups (EPGs)
- - 4 epg types: app, l2ext, l3ext, mgmt
- - policies apply to epg, never to endpoints
- - epg static binding => use VLAN from pool
- Attachable entity profile: external n7k connectivity
- The AEP defines the range of allowed VLANS but it does not provision them. No traffic flows unless an EPG is deployed on the port. Without defining a VLAN pool in an AEP, a VLAN is not enabled on the leaf port even if an EPG is provisioned.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement