Please enable JavaScript.

Coggle requires JavaScript to display documents.

M1 Policy - Coggle Diagram

- - - - specify vlan and multicast
    - - Domain to Map AAEP (set of interfaces) to vlan pool
      - A physical domain is a collection of physical resources, where a certain EPG can be deployed
    - - threshold, log , fault
        
        Stats Collection Policies
        
        For example, to have it poll a component every 5 minutes, but be retained for 2 hours, just click on the policy that specifies a 5 minute granularity and change the retention period to 2 hours.
        
        Apply to tenant level
        
        2.fault lifecycle policy
        
        To change the soaking interval
        
        fault severty assignment
        
        set certain object not to affect health score
        
        stats export policy
        
        JSON or XML
    - - spine switch module policy
  - - - The ports on the leaf switches default to 10GE, and a 1GE link level policy must be created for devices connected at that spee
    - - Reflective Relay (802.1Qbg)
        
        Nexus N9K-C93180YC-EX and N9K-C93180TC-EX switches support the switching option, reflective relay. This feature is a tagless approach of IEEE standard 802.1Qbg.
        
        It forwards all traffic to an external switch that applies policy and sends the traffic back to the destination or target VM on the server as needed. There is no local switching. For broadcast or multicast traffic, reflective relay provides packet replication to each VM locally on the server.
    - - diagram
    - - Monitoring policies define the following:
        
        ■ How long and how often statistics are collected and retained
        
        ■ Upon which threshold crossing faults are triggered
        
        ■ Which statistics are exported
    - - IS-IS, and MP-BGP and For per interface per protocol the supported protocols are; ARP, ICMP, CDP, LLDP, LACP, STP, BFD, and.
      - ecommend that you use the default CoPP policy initially and then later modify the CoPP policies based on the data center and application requiremen
      - Anotehr example : to prevent DDOS attack
    - - etFlow Exporter Policy: Indicates whether NetFlow should be configured in the
        virtual switch.
  - - - https://www.cisco.com/c/en/us/support/docs/cloud-systems-management/application-policy-infrastructure-controller-apic/200529-Configure-a-Fabric-Extender-with-Applica.html
    - - A single AAEP for static path
      - Another AAEP for VMM domain
      - EPG is map to AAEP
    - - Specify static vlan to contain legacy vlan
        
        to trunk ACI bridge domain and EPG
        
        ACI will encapsulate BPDU with VXLAN ID based on the pool
        
        VXLAN ID allow VPC switches to synchornize VPC MAC and IP address
    - - is a VPC
    - - based on diagram
      - Both SW use port 1/9
    - - default is mostly disable
      - You should not modify the Interface Policy for “LLDP Interface” named “default”
        
        because this policy is used by spines and leaf nodes for bootup and to look for an image to
        
        run. If you need to create a different default configuration for the servers, you can create
        
        a new LLDP policy and give it a name, and then use this one instead of the policy called
        
        “default.”
      - refer to diagram " VPC interface Group"
    - - This is normally the recommended option for most deployments. If
        
        the hypervisor is connected to two different physical leaf switches, a virtual port
        
        channel (VPC) must be enabled for them.
        
        ■ LACP Passive: LACP in passive mode is only recommended when there is an intermediate switch (such as a blade switch) between the hypervisors and the ACI leaf
        
        switches, and this blade switch requires LACP Passive
- - - - When possible, create one AAEP for physical bare-metal compute and another AAEP for virtualized compute
      - If a single interface needs access to both virtual and physical domains, multiple domains can be associated with a single AAEP.
      - A good use would be if you had a blade switch connected to the ACI fabric.
      - On a given leaf switch port, there might be several hosts connected, offering different functions and trunking different VLAN ranges
      - . In such a case, the AAEP associated with
      - the interfaces connecting to the blade switch would need access to multiple domains.
- - - - Build one physical domain per tenant for bare-metal servers or servers without hypervisor integraiton
      - ■ Build one physical domain per tenant for external connectivity.
        
        ■ If a VMM domain needs to be leveraged across multiple tenants, a single VMMdomain can be created and associated with all leaf ports where VMware ESXi servers are connected.
      - Refer to EPG to Vlan mapping rule Diagram
  - - - for bare metal server AND VIrtualzed environemnttext
        
        mainframes or big databases. Even if these servers represent a small percentage of
        
        the overall server number, they should be carefully included in the network strategy.
        
        Typically, the few hosts running on bare metal are the most critical ones, such as
        
        How to assign to EPG
        
        Assign using static path
        
        and reference the interface policy group
- - - - Switch Profile
      - Specify from which ACI leaf your interface profiles will be selecting interfaces. As with interface profiles, it is a best practice to define a switch profile for each
      - individual leaf and VPC pair in your fabric