Skip to main content

Posts

Cisco ACI Node states

During the fabric registration process, an ACI node usually transitions across different states. These states are usually recorded in the Fabric Node Vector (FNV) table, which can be checked using the below command on the APIC acidiag fnvread States and descriptions: Unknown – Node has been discovered but no Node ID policy has been configured Undiscovered – Node ID has been configured but the node is yet to be discovered Discovering – Node has been discovered but VTEP IP has not yet been assigned Unsupported – Node is not a supported model Disabled – Node has been decommissioned Inactive – There is no IP connectivity Active – Node is active

How to create a subnet in AWS

If you haven't created the VPC in which you are going to create a new subnet, then check the article here . A subnet is simply the subset of the IPv4 CIDR block which you defined while creating a VPC. It provides a demarcation for the broadcast domains. Requirements: An AWS account Virtual Private Cloud (VPC) - A subnet always resides in a VPC and hence a VPC should be present prior to creating it The subnet must be the wholly contained within the IPv4 CIDR block that you defined in the VPC Steps: Sign in to your AWS account. Under Services >> Networking >> VPC VPC Dashboard >> Your VPCs >> Click on your VPC Select Subnets >> Click on "Create Subnet" Details: Name tag: Name of the subnet (self evident) VPC: Select the VPC that you want this subnet to be the part of VPC CIDRs would be automatically populated (since it was defined at the time of VPC creation) Availability Zone: You get an option to select the AZ (in the same region as that of t...

AWS Elastic IP address Billing

An Elastic IP address doesn’t incur charges as long as the following conditions are true: The Elastic IP address is associated with an EC2 instance. The instance associated with the Elastic IP address is running. The instance has only one Elastic IP address attached to it. AWS does provide you an option to import your own IP pool (if you already bought it) for which you would never incur any additional expense. Amazon would penalize you for breaching the above conditions on an hourly basis. So, best utilize your elastic IPs efficiently. Release them if you no longer need them.

AWS - Create VPC

A virtual private cloud (VPC) is a virtual network dedicated to your AWS account. It is an isolated network where you can spin your resources in. Requirements: An AWS account (of course!) Region - A VPC resides in a particular region (the same cannot be said about the Availability zone (AZ).. in fact a VPC spans across all the Availability Zones in the region in which it is defined. Steps: Sign in to your AWS account. Under Services >> Networking >> VPC VPC Dashboard >> Your VPCs (You should find one VPC created by default with a subnet 172.31.0.0/16) Let's create a new one. Click on "Create VPC" button Details; Name tag : Name of the VPC (self evident) IPv4 CIDR block : Specify your supernet from which smaller subnets would be created and allocated to the resources We are not using IPv6 here Tenancy : Dedicated tenancy ensures all EC2 instances that are launched in a VPC run on hardware that's dedicated to a single customer.  The default is shared...

Cisco ACI - Forwarding L3 Inside and Outside connection

First post of the several ones to follow where I will attempt to decipher the inner workings of the packet forwarding in Application Centric Infrastructure (ACI). To the uninitiated, of the other tables that a leaf switch maintains, we will be focussing on the "Global Station table" If a leaf receives a packet with a destination IP, the host route (/32) for which already exists in its global station table, it would imply that the leaf switch is aware of that IP's existence in the ACI fabric and the it knows where to forward the packet. If the leaf receives a packet with a destination IP, the host route (/32) for which doesn't exist in its global station table, it would check if the IP belongs to the IP address range of the tenant. If the IP address range exists in the ACI fabric but the leaf doesn't know how to reach the destination IP (obviously since it doesn't have the entry in its global station table), it would encapsulate the packet with the VXLAN hea...

Microsoft Azure - Naming Restrictions

One of the greatest issues that I have faced so far with Azure, is lack of an option to rename a resource, once it has been created. The only way to fix a typo or update the naming convention of the Azure resources seems to be deleting that resource and creating a new one.. The resources I couldn't rename so far are: VNET Subnet Resource Group Network Security Group Load Balancer etc. Note: Please correct me if I am wrong.. I would really love to be wrong on this one..!!

Microsoft Azure - Create Load balancer

Refer this article before starting the configuration Login to your Azure subscription using  portal.azure.com Click the Portal menu (hamburger icon on the top left of the screen) and locate Virtual Network 3. Click on Create load balancer button and configure the parameters as below: Select the correct subscription (if like me, you have more than one) Select the Resource group (Create new, if you don't already have one created) Name of the LB Region (Azure region where the LB would be created, physically) Type : Public OR Internal. (Azure states: You can use internal load balancers to balance traffic from private IP addresses. Public load balancers can balance traffic originating from public IP addresses.) I am going to use this LB, to access the backend resources via public Internet and hence I am selecting "Public". If I select "Internal", you just have to select the Virtual Network, in which the LB would exist. SKU : Basic or Standard (There are key differe...