A question regarding the subject line. When deoploying redundant Nexus 1010 hardware appliances (VSM's) on the "inside" and Nexus 1000v's on your ESX hosts in the "DMZ" in Layer 3 mode which is seperated by an ASA, what VLAN's are actually need? Both from the inside and DMZ perspective. Specifically, do you actually need Control and Data/Packet VLAN's configured when using L3 mode. When you configure the SVS domin for L3 Transport you explicitly negate both Control and Data/Packet VLAN's?
Also, when configuring the 1000v in L3 mode is it best practice to have the system vlan the same as your management vlan, and also use the same vlan for the Vmkernal NIC. When setting up the Vmkernal NIC on the ESX host the only option available was to use the management vlan.
The Nexus 1010s only communicate in L2 mode so you'll still need control, management & packet vlans between the two appliances. VSMs deployed in L3 mode collapse the control & packet vlans into the management network. Traffic between the VSM and ESX host will be tunneled over IP. Therefore you need to ensure IP connectivity between the VSM mgmt0 interface and the ESX host management vmk.
Yes, you will want to define the ESX vmk vlan as a system vlan on BOTH the vethernet & ethernet port-profiles.
Topology & Design:
Two ACI fabrics
Stretching VLANs using OTV
Both fabrics are advertising BD subnets into same routing domain
Some BDs(or say VLANs) are stretched, but some are not.
Endpoints can move betwee...
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
Topology &Design:Traffic flow within same fabric:Endpoint moves to Fabric-2Bounce Entry Times OutTraffic Black-holedSummarySolutionAppendix:
In the Previous articles of ACI Automation, we are using Postman/Newman a...