USD ($)
$
United States Dollar
India Rupee

Cisco ACI VPC Configuration Task Steps

Created by Shailendra Yadav in Articles 25 Oct 2024
Share
«How does Cisco Application Centric ...

Configuring Cisco ACI VPC (Virtual Port Channel) enhances network reliability and redundancy in Cisco Data Center environments.

In this article, I demonstrate how to create interface policies, policy groups and configuring VPC on an APIC with step by step configuration. I performed this scenario on a remote Cisco ACI virtual lab. The mentioned lab includes some good practical scenarios for hands-on practice. In case you want to try out this example, please make sure to create similar topology.  

Whether you're taking Cisco Data Center courses or looking to bolster your network security, these steps are crucial for maintaining a robust infrastructure.


CCNP Data Center Live Training!Regitster today! Enjoy course Benefits & offers.Explore course
custom banner static image

Cisco ACI VPC Configuration and Interface Policies

Task #1 Create Interface Policies with CDP enable, LACP Enable, Port Speed 10 G

Task #2 Create Interface Policies Groups and Interface Profiles with Port 1/31 and 1/32 on Both Leaf

Task #3 Configure VPC so that Both ESXI can be connected to Leaf and ACI

Image description

Create Interface Policies on APIC 

  - CDP enable

  - LACP Enable

  - Set Port Speed 10 G

Complete the following steps:

Step 1 Open Chrome Browser and login to APIC.

Step 2 Choose Fabric “Access Policies “select Access Policies.

banner image

There are two types of policies under fabric.

Fabric policies configure interfaces that connect spine and leaf switches. Fabric policies can enable features such as monitoring (statistics collection and statistics export), troubleshooting (on-demand diagnostics and SPAN), or NTP.

Access policies configure external-facing interfaces that do not connect to a spine switch.

External-facing interfaces connect to external devices such as virtual machine controllers and hypervisors, hosts, routers, or fabric extenders (FEX). Access policies enable configuring port channels and virtual port channels, protocols such as LLDP, CDP orLACP, and features like monitoring or diagnostics.

Step 3: Select Interface Policies “expand Policies.

Interface policies are used for single or multiple interfaces, port-channels, and virtual port-channels (vPC). Each will create unique policies for your respective tenant.

Step 4: Right-click CDP Interface “Create CDP Interface Policy. Name: Txx-CDP-Enable Admin State: Enabled “Submit

banner image

banner image

Step 5: Create a policy to enable LLDP (Link Layer Discovery Protocol). Right-click LLDP Interface “Create LLDP Interface Policy

banner image

Step 6: To create a policy for Link Aggregation Control Protocol (LACP), right-click Port-Channel > Create Port-Channel Policy

Name: LACP-PolicyMode: Active

banner image

Please note that I cover this all in much more detail in my live Cisco ACI training sessions. These lectures will help you in expedite your understanding the concepts with hands-on practical knowledge. However I strongly recommend lab practice if you are looking to become an expert. 

Create Interface Policies Groups and Interface Profiles

  - Port 1/31 and 1/32 on Both Leaf

In this task, you will create vPC Interface Policy Group for your assigned connection to the ESXi. Each tenant will create a vPC from the ACI fabric to ESXi-Aand then a second vPC to ESXi-B. Use the interfaces assigned to your tenant in topology

Step 1: Choose Fabric > Access Policies > Interface Policies.Right-click Policy Group > Create VPC Interface Policy Group

banner image

Step 2 In the dialog, enter the information as follows:

Name: vPC_to_ESXI-A (from table at beginning of the task)

CDP Policy: CDP-enable (created in previous task)

LLDP Policy: LLDP-enable (created in previous task)

LACP Policy: LACP-Policy (created in previous task)

banner image

Step 3: Repeat the process to create a VPC Interface Policy Group to connect to ESXi-B

Name: vPC_to_ESXi-B (from table at beginning of the task)

CDP Policy: CDP-enable (created in previous task)

LLDP Policy: LLDP-disable (created in previous task)

LACP Policy: LACP-Policy (created in previous task)

banner image

Step 4: Create an Interface Policy Profile to specify the specific Ethernet interfaces assigned to your Tenant’s connection to Both Esxi

.Fabric > Access Policies > Interface Policies| Right-click Profiles > Create Interface Profile

banner image

Step 5: Enter name ESXi-A-if-profile and select the [+] adjacent Interface Selectors.

Port Selector name: Port1/31, Interface IDs: 1/31

Interface policy group: vPC_to_ESXi-A (created earlier)

banner image

banner image

Step 6: Click OK > Submit

Step 7: Enter name ESXi-B-if-profile and select the [+] adjacent Interface Selectors.

Port Selector name: Port1/32, Interface IDs: 1/32

Interface policy group: vPC_to_ESXi-B (created earlier)

banner image

banner image

Step 8: Create a profile to select the leaf switches where the ESXi-A and ESXi-B are connected.

Select Fabric > Access Policies > Switch Policies | Right-click Profiles > Create Switch Profile

banner image

Step 9: In the dialog, enter name L101-L102-SwitchProfile and Select the [+] adjacent Switch Selectors:

Name: L101-L102-SwitchSelector

Blocks: select both Leaf101 and Leaf102

banner image

Step 10: Click Update > Next.

Step 11: Locate and check your Tenant’s Interfaces Selector Profiles created earlier.

Selct the both Profil

ESXi-A-if-profile

ESXi_B-if-profile

banner image

Configure VPC

  - Both ESxi can be connected to Leaf and ACI

Use the following steps for Cisco ACI VPC configuration.

Creating VPC Explicit Protection Group

In the previous sections, we have created all the elements needed to build a VPC – or in this case 2 VPCs. One towards ESXi-A and another towards ESXi-B. We will now create the actual VPC and tie the elements together.

We will start by creating a “VPC Explicit Protection Group”. It’s basically the ACI way of saying “VPC Domain ID”.

Click “Fabric”

Click “Access Policies”

Expand “Switch Policies”

Expand “Policies”, select “Virtual Port Channel default” then right-click and choose “Create Explicit Protection Group”

A pop-up window will appear to create an Explicit Protection Group

banner image

In the “Name:” field, type “VPC-101-102”

In the “ID:” field, type “101”

In the “VPC Domain Policy” field, click the drop-down and choose “default”

In the “Switch 1:” field, click the drop-down and choose “101”

In the “Switch 2:” field, click the drop-down and choose “102”

Click “Submit"

banner image


Cisco ACI EPG: Hosts Connectivity»
Shailendra Yadav

Shailendra Yadav is Network Solution Architect with an expertise on Cisco Wireless, Cisco ACI and F5 & Citrix Load Balancers. Currently he is working with an IT company in India. He has been associated with different organizations since last more than 16 years such as TCS, Wipro, HCL, BT, KPMG etc. If we talk about certifications, he has done ...

More... | Author`s Bog | Book a Meeting

Related Articles

#Explore latest news and articles

Cisco Nexus Port Channel: Configuring LACP 7 Dec 2024

Cisco Nexus Port Channel: Configuring LACP

Configure Cisco Nexus port channels with LACP for improving performance. Learn to set up etherchannel on Nexus 9000 switches. Read More!
Cisco ACI Vs Cisco DNA Center: Comparison 4 Nov 2024

Cisco ACI Vs Cisco DNA Center: Comparison

Discover several differences between Cisco ACI and DNA to help you choose the right network solution for your requirements. Dive in now!
Comparing Cisco ACI vs VMware NSX 6 Nov 2024

Comparing Cisco ACI vs VMware NSX

Difference between Cisco ACI vs VMware NSX are explained. They are the leading solution providers in Software Defined Networking leading solutions. Read More!

FAQ

Cisco ACI VPC (Virtual Port Channel) is a technology that allows the creation of a single logical port channel across two ACI leaf switches for enhanced redundancy and load balancing.
VPC provides increased network reliability and redundancy by allowing devices to connect to two switches as if they were a single switch, reducing potential points of failure.
The basic steps include: creating VPC domain, configuring VPC interfaces, establishing VPC peer link, and verifying the configuration.
Yes, you need a working Cisco ACI environment with leaf switches, VPC domain configuration, and proper understanding of ACI concepts.
VPC enhances network security by providing a resilient and redundant path for data traffic, reducing the risk of single points of failure and ensuring continuous network availability.

Comments (0)

Share

Share this post with others

Contact learning advisor

Captcha image