TROUBLESHOOT# TROUBLESHOOT FOR TEIR THREE APPLICATION : Cisco Application Centric Infrastructure (ACI) is a software-defined networking (SDN) solution designed for data centers. Here, We will troubleshoot the issue in Tier three application for APIC between two Spine switches, Six Leaf switches and three APIC controller connected to each other.Let's shown as per below mentioned diagram
# This example shows the VRF configuration specific to a leaf and leaf-interface :
Troubleshoot
apic1# configure
apic1(config)# leaf 101
apic1(config-leaf)# vrf context exampleCorp_v1 tenant exampleCorp
apic1(config-leaf-vrf)# ip route 1.2.3.4 5.6.7.8
apic1# configure
apic1(config)# leaf 101
apic1(config-leaf)# int eth 1/1
apic1(config-leaf-if)# vrf member exampleCorp_v1 tenant exampleCorp
# This example shows to create and enable the tenant:
Troubleshoot
apic1(config-tenant)# vrf context DCORG
apic1(config-tenant-vrf)# bd-enforce enable
apic1(config-tenant-vrf)# exit
apic1(config-tenant)# exit
# This example shows to Add the subnet to the exception list :
Troubleshoot
apic1(config)# bd-enf-exp-ip add1.2.3.4/24
apic1(config)# exit
Note: You can confirm if the enforced bridge domain is operational using the following type of command, then you can use above command
apic1# show running-config all | grep bd-enf
# This example shows to removes the subnet from the exception list :
Troubleshoot
apic1(config)# no bd-enf-exp-ip 1.2.3.4/24
apic1(config)#tenant coke
apic1(config-tenant)#vrf context cokeVrf
apic1(config-tenant)#exit
Note: To disable the enforced bridge domain run the following command
apic1(config-tenant-vrf)# no bd-enforce enable
# This example shows how to deploy the EPG to a leaf interface :
Troubleshoot
apic1(config)# leaf 101
apic1(config-leaf)# interface eth 1/1
apic1(config-leaf-if)# switchport
apic1(config-leaf-if)# vlan-domain member dom1
apic1(config-leaf-if)# switchport trunk allowed vlan 102 tenant DCORG application DCORG-Application-WebSrv epg DCORG-webserver-egp
apic1(config-leaf-if)# exit
# This example shows how to deploy the EPG to a port channel :
Troubleshoot
apic1(config)# leaf 101
apic1(config-leaf)# interface port-channel poo1
apic1(config-leaf-if)# switchport
apic1(config-leaf-if)# vlan-domain member dom1
apic1(config-leaf-if)# switchport trunk allowed vlan 102 tenant DCORG application DCORG-Application-WebSrv epg DCORG-webserver-egp
apic1(config-leaf-if)# exit
Note : Map a VLAN on a port to the EPG.
# Configuring Legacy Forwarding Mode in the Bridge Domain : It is defined as to allows switching and routing without the use of contracts or EPGs and also the VLAN on a port directly maps to a bridge domain. The legacy forwarding vlan command automatically creates all necessary objects so that no EPG-related configuration is required.
# This example shows how to configure legacy forwarding mode for forwarding between bridge domains : Troubleshootapic1# configure
apic1(config)# tenant DCORG
apic1(config-tenant)# bridge-domain DCORG-DB1
apic1(config-tenant-bd)# legacy-forwarding vlan 50 vlan-domain dom1
apic1(config-tenant-bd)# exit
apic1(config-tenant)# bridge-domain DCORG_BD2
apic1(config-tenant-bd)# legacy-forwarding vlan 60 vlan-domain dom1
apic1(config-tenant-bd)# exit
apic1(config-tenant)# exit
apic1(config)# leaf 101
apic1(config-leaf)# interface eth 1/1
apic1(config-leaf-if)# vlan-domain member dom1
apic1(config-leaf-if)# switchport trunk allowed vlan 50 tenant DCORG legacy-forwarding
apic1(config-leaf-if)# exit
apic1(config-leaf)# interface eth 1/2
apic1(config-leaf-if)# vlan-domain member dom1
apic1(config-leaf-if)# switchport trunk allowed vlan 60 tenant exampleCorp legacy-forwarding
# This example shows a simpler method for defining a contract by declaring the filters inline in the contract itself. :
Troubleshoot
apic1# configure
apic1(config)# tenant DCORG
apic1(config-tenant)# contract web80
apic1(config-tenant-contract)# match tcp 80
apic1(config-tenant-contract)# match tcp 443
# This example shows how to configure the interface eth1/2 in leaf 101 for the following properties: speed, cdp, and admin state. :
Troubleshoot
apic1# configure
apic1(config)# leaf 101
apic1(config-leaf)# interface ethernet 1/2
apic1(config-leaf-if)# speed 10G
apic1(config-leaf-if)# cdp enable
apic1(config-leaf-if)# no shut
apic1(config-leaf-if)# exit
And this example shows how to attach a FEX module to a leaf node.
apic1(config)# leaf 102
apic1(config-leaf)# interface eth 1/5
apic1(config-leaf-if)# fex associate 101
apic1(config-leaf-if)# speed 10G
apic1(config-leaf-if)# no shut
apic1(config-leaf-if)# exit
# This example shows how to configuring Port Channels in Leaf Nodes and FEX Devices:
Note : N+1 instances per leaf of port-channel foo are possible when each leaf is connected to N FEX nodes. Leaf ports and FEX ports cannot be part of the same port-channel instance. Each FEX node can have only one instance of port-channel foo.
Troubleshoot
apic1# configure
apic1(config)# template port-channel foo
apic1(config-po-ch-if)# switchport access vlan 4 tenant DCOrg application Web epg webEpg
apic1(config-po-ch-if)# speed 10G
apic1(config-po-ch-if)# channel-mode active
apic1(config-po-ch-if)# lacp symmetric-hash
apic1(config-po-ch-if)# exit
apic1(config)# leaf 101
apic1(config-leaf)# interface ethernet 1/1-2
apic1(config-leaf-if)# channel-group foo
apic1(config-leaf-if)# lacp port-priority 1000
apic1(config-leaf-if)# lacp rate fast
apic1(config-po-ch-if)# exit
# This example shows how to registering for Smart Licensing Using the CLI:
Troubleshoot
apic1# configure
apic1(config)# license smart transport-mode
smart-licensing
satellite url http(s)://10.0.0.0:8080/Transportgateway/services/DeviceRequestHandler
proxy ip-address 10.0.0.248 port 4440
apic1(config)# license smart register idtoken
# This example shows how to se this procedure to switch over an active APIC with a standby APIC:
Troubleshoot
apic1# replace-controller replace 2 FCH1804V27L
Do you want to replace APIC 2 with a backup? (Y/n): Y
apic1# replace-controller reset 2
Do you want to reset failover status of APIC 2? (Y/n): Y
Be updated into yourself and improve lives through DDZ.
0 Comments