Skip to main content

Posts

Cisco ACI - Forwarding L3 Inside and Outside connection

First post of the several ones to follow where I will attempt to decipher the inner workings of the packet forwarding in Application Centric Infrastructure (ACI). To the uninitiated, of the other tables that a leaf switch maintains, we will be focussing on the "Global Station table" If a leaf receives a packet with a destination IP, the host route (/32) for which already exists in its global station table, it would imply that the leaf switch is aware of that IP's existence in the ACI fabric and the it knows where to forward the packet. If the leaf receives a packet with a destination IP, the host route (/32) for which doesn't exist in its global station table, it would check if the IP belongs to the IP address range of the tenant. If the IP address range exists in the ACI fabric but the leaf doesn't know how to reach the destination IP (obviously since it doesn't have the entry in its global station table), it would encapsulate the packet with the VXLAN hea...

Microsoft Azure - Naming Restrictions

One of the greatest issues that I have faced so far with Azure, is lack of an option to rename a resource, once it has been created. The only way to fix a typo or update the naming convention of the Azure resources seems to be deleting that resource and creating a new one.. The resources I couldn't rename so far are: VNET Subnet Resource Group Network Security Group Load Balancer etc. Note: Please correct me if I am wrong.. I would really love to be wrong on this one..!!

Microsoft Azure - Create Load balancer

Refer this article before starting the configuration Login to your Azure subscription using  portal.azure.com Click the Portal menu (hamburger icon on the top left of the screen) and locate Virtual Network 3. Click on Create load balancer button and configure the parameters as below: Select the correct subscription (if like me, you have more than one) Select the Resource group (Create new, if you don't already have one created) Name of the LB Region (Azure region where the LB would be created, physically) Type : Public OR Internal. (Azure states: You can use internal load balancers to balance traffic from private IP addresses. Public load balancers can balance traffic originating from public IP addresses.) I am going to use this LB, to access the backend resources via public Internet and hence I am selecting "Public". If I select "Internal", you just have to select the Virtual Network, in which the LB would exist. SKU : Basic or Standard (There are key differe...

Microsoft Azure - Create a Virtual Network

Refer this article before starting the configuration Login to your Azure subscription using portal.azure.com Click the Portal menu (hamburger icon on the top left of the screen) and locate Virtual Network 3. Click on Create Virtual Network button and configure the parameters as below: VNET Name Address space ( The virtual network's address range in CIDR notation. ) Select the correct subscription (if you have more than one) Resource group (I didn't configure mine earlier, so I "Created New" Location (If you create resource group while creating VNET, both would belong to this location, which should be the case) Subnet Name Address range (Ensure that it belongs to the address space, defined earlier) Keep the other fields to their default values (for now) 4. Click Create, once you have entered all the values and refresh the "Virtual Networks" page. And.. that's it!

AWS Workspaces - Unhide C drive

AWS Workspaces Windows 10 has C:\ drive hidden by default.. To unhide it, locate the following directory in Windows Registry (regedit), HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\ Explorer Dword Value - NoDrives. By default it is set to Hexidecimal value of 4.. Change it to Hexidecimal value of 0 Restart the Workspace and C:\ drive should be visible.

Cisco ACI - CDP Configuration

Yes.. CDP still very much exists (though LLDP is doing a fairly decent job).. and most probably, would continue to, so long as Cisco is in the big game! And if you are an old Cisco techie, like me, you would be disappointed to know that it is not as simple as "cdp run" or "cdp enable" etc. Since you would be enabling CDP on the leaf interfaces which connect to the devices that are not the part of the fabric, you would find this configuration under Fabric >> Access Policies. Here are the steps for the configuration: Fabric >> Access Policies >> Interface policies Policies >> CDP Interface >> Right click on CDP interface and select "Create CDP Interface Policy" Name it and select the Admin state. 4. Next create Leaf Policy Group from Interface Policies and reference the above CDP policy in it as shown below: 5. Time to stitch the Leaf policy group with the actual Leaf Interface. 6. Go to Interface Policies >> Interface Ove...

Cisco ACI - NTP Configuration

Time and tide wait for none.. definitely not for your Application Centric Infrastructure (ACI)!! NTP configuration should always be at the top of your list of configuration items, after you un-box your appliance. I won't delve into the reasons for doing this (imagine carrying your cell phone with wrong time). Disclaimer: The NTP configuration for ACI(just like other configuration in ACI), is not a simple affair, as you would see it below: Login to APIC (obviously) Under Fabric >> Select Fabric Policies >> Quickstart >> Configure an NTP policy. Name the policy and click Next Under NTP Servers, click on the "+" icon and select the NTP server.. can be FQDN or an IP address.. Here I am using pool.ntp.org Use "Management EPG" only if the NTP server is outside the fabric. Click OK and then finish. The NTP policy should now be visible under "Pod Policies". It's not over yet.. There is more work to be done! The ACI policy configuration re...