Session 1ACI Overview

Lecture

• What is ACI

• ACI’s benefits

• Overview of Switch and APIC models

• APIC Architecture Fabric bring up

process

• ACI Object Model

• ACI MGMT

• RBAC

• Syslog

• SNMP

• Upgrade

Process

• BGP Policy

Labs

• Instructor demo GUI Overview

• Instructor demo Intro to cli

• Creating Users and assign

Permissions

• Software Upgrades

Syslog, SNMP and config

rollbacks

Audience

Architects or Engineers doing design

work

Duration

4 hours

Session 2 Fabric Forwarding

Lecture

• VxLan refresher

• Understanding Bridge Domains

> B ridge Domain as a layer 2 boundary

> Difference between Vlans and Bridge Domains

> Bridge Domain configuration knobs

     + Limit Learning to IP subnet

> Encapsulation and multicast group

• Coop

> O racles and Citizens

> Endpoint tables

> Lookup process

• Layer2 and Layer3 forwarding

> A RP handling packet walk

> L2 packet walk

> L3 packet walk

> BUM traffic packet walk

> VxLan Encapsulations

+ Intro to Fd_Vlans and BD_Vlans

+ VRF encapsulation

> EP move and bounce entries

> Rogue endpoint detection

> Silent hosts

> Endpoint table vs Mac and Routing Table

Labs

• Intro to endpoint reachability troubleshooting

> Understanding show endpoint command

> Validate coop entries (GUI and CLI)

> Using Iping, Elam and Ftriage

(App not CLI)

Audience

Operations teams

Duration

4 hours

Session 3 Fabric Configuration Part 1

Lecture

Overview of interface configurations

> Physical and VMM domains overview

+ Deployment immediacy (VMM)

+ Resolution immediacy (VMM)

> VLAN Pools

+ Static and Dynamic Pools

+ Base encap value

> AEPs

+ Used as a way to tie VLANs to an Interface

+ Used to define EPG membership

> Policy Groups

> Interface Profiles

Overview of switch configurations

> VPC in ACI

> Switch

Profiles

VLANs in the ACI world

> PI, HW, Access Encap, BD and FD

> Physical Domain, AEP and VLAN Pool relationship to FD_VLAN and VxLAN encap

Labs

• Create a physical Domain to connect endpoints to the ACI Fabric

> Create VLAN Pool and AEP

• Create a VMM domain to connect endpoints to the ACI fabric

> Create VLAN Pool and AEP

> Create VMM integration

• Create VPCs explicit protection groups

• Create Interface Profiles and Policy Groups

• Create Switch Profiles

• Understanding the output

> Show VLAN brief

> Show VLAN extended

> Show system internal eltmc info VLAN brief (vsh_lc shell)

Audience

Operations teams

Duration

4 hours

Session 4 Fabric Configuration Part 2

Lecture

• Overview of interface configurations

> Physical and VMM domains overview

+ Deployment immediacy (VMM)

+ Resolution immediacy (VMM)

> VLAN Pools

+ Static and Dynamic Pools

+ Base encap value

> AEPs

+ Used as a way to tie VLANs to an Interface

+ Used to define EPG membership

> Policy Groups

> Interface Profiles

• Overview of switch configurations

> VPC in ACI

> Switch Profiles

• VLANs in the ACI world

> PI, HW, Access Encap, BD and FD

> Physical Domain, AEP and VLAN Pool relationship to FD_VLAN and VxLAN encap

Labs

• Create a physical Domain to connect endpoints to the ACI Fabric

> Create VLAN Pool and AEP

• Create a VMM domain to connect endpoints to the ACI fabric

> Create VLAN Pool and AEP

> Create VMM integration

• Create VPCs explicit protection groups

• Create Interface Profiles and Policy Groups

• Create Switch Profiles

• Understanding the output

> Show VLAN brief

> Show VLAN extended

> Show system internal eltmc info VLAN brief (vsh_lc shell)

Audience

Operations teams

Duration

4 hours

Session 5 ACI Logical Constructs Part 1

Lecture

• Tenants

• VRFs

• Bridge Domains

• Application Profiles

• EPGs and Endpoint

• Security Groups

> VMM and Physical Domains

• Intro to Contracts

Labs

• Create a tenant

• Create an Application Profile

• Create a set of EPGs and establish L2 and L3 connectivity between endpoints

> Create required BDs, EPGs and Contracts

Audience

Operations teams

Duration

4 hours

Session 6 ACI Logical Constructs Part 2

Lecture

Tenants

VRFs

Bridge Domains

Application Profiles

EPGs and Endpoint

Security Groups

> VMM and Physical Domains

Intro to Contracts

Labs

Create a tenant

Create an Application Profile

Create a set of EPGs and establish L2 and L3 connectivity between endpoints

> Create required BDs, EPGs and Contracts

Audience

Operations teams

Duration

4 hours

Session 7 Contracts

Lecture

• Contract Scope

• Subjects

• Filters
> Directives (Log and Policy Compression)

• Verifying L2 and L3 permit and denies from the GUI Subject Labels

> Apply both ways and reverse filter ports

• EPG Labels

• Deny Contracts

> Taboo Contracts

> Regular contracts with Deny Filter

• VRF Enforced and Unenforced

• Preferred Group VZ_ANY

• Consumed contractinterfaces (Intro to leaking)

Labs

> Enable EPG to EPG communication using Subject Labels and EPG Labels

> Enable EPG to EPG communication using Preferred Group and VZ_Any VRF options

> Block specific traffic using Taboo contracts and deny filters

Audience

Architects or Engineers doing design work

Duration

4 hours

This ACI Elite Series will provide value for anyone deploying or operating an ACI fabric. However some topics will be more relevant to specific audiences

• Sessions 1, 7, 8, 9, 10, 12, 13, and 14 are more focused for Architects or Engineers doing design work

• Sessions 2, 3, 4, 5, 6, and 11 are more focused for operations teams