Cisco ACI Module 3 - ACI L2/L3 External Connectivity and Micro-Segmentation Lab and Tutorial

155 Launches
Solution Overview

Cisco's ACI Anywhere vision is to allow a single security and connectivity policy with a single pane of glass to manage all multicloud environments. The key to ACI Anywhere is the ACI Multi-Site Orchestrator (MSO), which allows the administrator to create consistent security and connectivity policies across multiple physical, virtual and cloud-based sites.

This series of 4 lab modules will go through all the steps necessary to bring up an ACI Multi-Site environment from scratch and is divided into modules for the student to consume easier. 

Please note that it is one of several parts of the overall deployment of the multi-site environment. The labs are broken into modules; when you get through with the first module, you will deploy the second module, and it will leave off where you finished the module before. You can also continue in the doc as code lab guide if you have the time to go through all the modules or just 2 or 3 modules. This set of labs was designed to be flexible, so as you have more time, you can proceed to a second module.

Module 3

  • Restoring APIC fabric from a backup of lab 2
  • ACI L2/3 Policy Discussion
  • Layer 2 extension discussion
  • Lab 8 Layer-2 Connectivity
  • Layer 3 discussion
  • Lab9 Layer 3 Connectivity
  • Microsegmentation discussion
  • Lab 10 Intra-EPG Isolation and Microsegmentation using uEPGs

Goals & Objectives

The goal of the following series of multi-site labs is to familiarize the student with the concepts of configuring an ACI fabric from scratch, deploying and configuring the MSO and adding the ACI fabrics to the MSO. Basic concepts of ACI Tenants, application profiles, EPGs and bridge domains will be presented, and the student will see how these ACI policy constructs can be managed either in ACI or using the MSO.

ACI policies will be configured on the ACI spine switches for connectivity to the ISN (Inter-Site Network), which allows the ACI fabrics to form one large fabric to be managed by the MSO. Using the MSO, students will be introduced to configuring the ACI infra policy to connect the spines and ISNs, then using the MSO to configure ACI policy using Tenants, schemas and templates.

Hardware & Software

  • 2 ACI simulators running 4.2 code
  • 3 ACI Multi-site Orchestrators running 2.1 code
  • vCenter running 6.5 code