It’s a great pleasure to announce that we are selected as one of the finalists in the IT Blog Awards 2021, hosted by Cisco. Can’t explain how it feels to be in the list among leading IT blogs, for the Third Time (2018,2020 and 2021 now).
We would like to Congratulate all the finalists and wish them the best in the competition.
There are 58 entries in the Blogs category and 17 entries in the Vlogs and Podcasts category. There are only these categories this time, unlike previous times (where awards were given in different categories of contents).
You can vote now for the best blogs and vlogs/podcasts, based on the value they are creating, the quality of contents etc… This is your opportunity to vote for the contents which always help you at work or in your studies. Read more
You can select upto 5 Blogs and 5 Vlogs/Podcasts and rank them 1-5. We would be happy if you are having our site as well in your 5.
Cisco ACI is a part of Software Defined Network (SDN) product portfolio from Cisco . Cisco ACI is an emerging technology on DC build up and disruptive technology for traditional networking .This Question and Answers guide will help you to understand Cisco ACI from basics to advanced level and give confidence to tackling the interviews with positive result . You can download PDF of 50 Q&A from here by contributing small amount of money for our effort.
1.What is Cisco ACI.? Cisco ACI, the industry-leading software-defined networking solution, facilitates application agility and data center automation with two important concepts from SDN solution, overlays and centralized control. ACI is a is a well defined architecture with centralised automation and policy-driven application profiles. ACI uses a centralised controller called the Application Policy Infrastructure Controller (APIC),It is the controller that creates application policies for the data center infrastructure.
2. What are the three components of ACI architecture .? Application Network Profile (ANP)– a collection of end-point groups (EPG), their connections, and the policies that define those connections Application Policy Infrastructure Controller (APIC)– a centralized software controller that manages downstream switches and act as management plane. ACI fabric : This is connection of Spine and Leaf switches. In the ACI world Spine and Leaf are the Cisco Nexus 9000 Series Switches (N9k) , and they are act as Control and the Data plane of the ACI. It is running re written version of NX-OS in ACI mode.
3. Describe about ACI Fabric connection terminology.? • You should use One or more spine switches to be connected to each Leaf, Models supported are Cisco Nexus 9336PQ, 9504, 9508, or 9516 switches • You should use One or more leaf switches to be connected to End Points and APIC cluster , Models supported are Cisco Nexus 93128TX, 9332PQ, 9372PX, 9372PX-E, 9372TX, 9396PX, or 9396TX etc switches • Spin switches can be connected to leaf switches but not each other. • Leaf switches can be connected only to spine switches and endpoint devices including APIC devices , so this means APIC will be connected only to Leaf switches • ACI Switches are not running spanning tree. • Minimum 3 APIC controller should require in ACI fabric • Max APIC can be used are 5 • Max Spine switches can be used are 6 • Max Leaf switches can be used are 200
4. What is the use of Application Policy Infrastructure Controller (APIC) on ACI Fabric.? This is the network controller is responsible for provisioning policies to physical and virtual devices that belong to an ACI fabric. Minimum a cluster of three controllers is used. Following are the main APIC features.
Application and topology monitoring and troubleshooting
APIC shows Physical and logical topology (who is connected to whome)
Implementation on a distributed framework across a cluster of appliances
Health scores for critical managed objects (tenants, application profiles, switches, etc.)
Fault, event, and performance management
Cisco Application Virtual Switch (AVS), which can be used as a virtual leaf switch
5. How Cisco ACI differs from other SDN controllers.? Open SDN architecture separates control plane and data plane . Control plane resides on the central controller and data plane resides on switches. If the switches lost connection to controller, it won’t function for new connections and applying traffic policies. In CIsco ACI architecture , the APIC is not control plane, rather switches still hold control plane and data plane and can function properly if the controller down.
6. What are the different object model implementation in ACI.? Within the ACI object model, there are essentially three stages of implementation of the model, the Logical Model, the Resolved Model, and the Concrete Model. Logical Model: The logical model is the interface for the system. Administrators are interacting with the logical model through the API, CLI, or GUI. This is a Policy layer which include endpoint configuration on the controller .Changes to the logical model are then pushed down to the concrete model, which becomes the hardware and software configuration. Resolved Model : The Resolved Model is the abstract model expression that the APIC resolves from the logical model. This is essentially the elemental configuration components that would be delivered to the physical infrastructure when the policy must be executed (such as when an endpoint connects to a leaf) Concrete Model : The Concrete Model is the actual in-state configuration delivered to each individual fabric member based on the resolved model and the Endpoints attached to the fabric.This is include actual configuration of device and resides on fabric (spines and leafes )
7.What is Policy layer and Concrete Layer in ACI model.? Concrete layer is the ACI fabric and policy layer is controllers
8.What you mean by Tenant .? Basically a Tenant (fvTenant) is logical container for application policies to isolate switching and routing function. A tenant represents a unit of isolation from a policy perspective, but it does not represent a private network. Tenants can represent a customer in a service provider setting, an organisation or domain in an enterprise setting, or just a convenient grouping of policies. Four types of Tenant available
9 . Difference between management tenant and infrastructure tenant.? Management Tenant : Used for infrastructure discovery and also used for all communication/integration with virtual machine controllers. It has separate Out Of Band (OOB) address space for APIC to Fabric communication, it is using to connect all fabric management interfaces Infrastructure Tenant : It governs operation of fabric resources like allocating VXLAN overlays and allows fabric administrator to deploy selective shared services to tenants
10.What you mean by Context/VRF on ACI .? The top level network construct within an ACI tenant is the VRF or Context . It is called as tenant network and available as ‘private network’ in the ACI GUI .Following are the important point about VRF’s • A VRF defines Layer 3 address domain • One or more bridge domain can associated with VRF • All of the endpoints within the Layer 3 domain (VRF) must have unique IP addresses because it is possible to forward packets directly between these devices if the policy allows it. • A tenant can contain multiple VRFs How ARP handled by ACI.?
Below are some of the additional questions available on PDF
How ARP and broadcast handled by ACI.?
Why and when you require contract in ACI Fabric.?
How to perform unicast routing on ACI.?
In Fabric, which switch will act as default gateway for pertucler subnet.?
How Cisco ACI differentiate Layer 2 traffic and Layer 3 traffic.?
How VLAN working in Cisco ACI.?
How can you configure trunk and access port on ACI.?
What is micro segmentation and how to configure.?
How to configure inter-VRF and Inter-tenant communication.?
How can you integrate Cisco ACI with VmWare.?
Explain about ACI fabric discovery process .?
Explain about traffic flow lookup on ACI fabric.?
Interested to know about the detailed answers of above questions along with other exclusive commonly asked 30 interview questions.? You can download PDF copy of 50 interview Q&A from here by contributing small perks to support our efforts. Please send email to ‘email@example.com‘ for PayPal payment option.
Hope you have enjoyed reading. Kindly share your feedback/suggestions in the comments section. For Q&A posts on other topics, please click here.
Hurry, vote now for the best IT Blogs in the IT Blogs awards hosted by Cisco..!
About the program:
This is the first ever IT Blogs awards from Cisco for recognizing the contribution by the blogger community, in various categories.
(about the program) from the Cisco website :
The first-ever IT Blog Awards, hosted by Cisco, is our way of recognizing the great community of independent tech bloggers for the passion, creativity, and expertise shared throughout the year. We appreciate your impact on the tech community.
Voting is now open through January 4, 2019. Winners will receive a Cisco Live US pass.
You can vote for the blogs in different categories and the voting ends on 4th Jan, 2019. Make sure to consider the value, credibility and the consistency of the content while you select a blog as the best in that category.
It is your opportunity now to recognize the bloggers/blogs who are helping the community by providing excellent contents. Do not wait, Vote Now.
We are proud to announce that, we have been chosen as one of the finalists in the Best Group Effort Category. If you feel our contents were of quality, helping the community and at the same time meeting the program guidelines, you can select our blog in best group effort category.
This post details about an all-in-one script which will helps you to execute series of commands in multiple switches. This script can be utilized by peoples who does not have much idea in scripting. We have made this task in three file to simplify the operation so that you don’t have to change the script every time .
Please read part 1 and part 2 for details about installing python and running your first program. Please read part 4 if you want to know how to take SSH of a switch.
Configuration file-> This file include all the configuration commands need to be executed on remote switches. The name of the file is ‘configfile.txt’
IP File -> This file contains IP address of all the devices, file named ‘ipfile.txt’
Script file -> This files contains python script to execute commands specified on configuration file on all devices. (filename here is ‘configcommand.py’)
For example , if i need to update ACL 101 which is applied to outside interface of all routers, follow the below steps.
——————- advertisements ——————-
Step 1. Open your ‘configfile.txt’ and add following commands
access-list 101 permit ip 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255
Step 2. Open ‘iplist.txt’ and add all your router IP address
Step 3. Open command prompt and give following command to execute
The script will login to the first device whose IP address mentioned in ‘ipfile.txt’ and execute all the commands given in ‘configfile.txt’ file. Once it is done, the script will login to the next IP address and execute all the commands. The process will continue until the last IP address on the ‘ipfile.txt’ fetch and execute.
——————- advertisements ——————-
You can use the same script to execute any kind of command like SNMP modification, interface configuration etc. All you just want to edit ‘configfile.txt’ and no need to edit the script file.
Complete Script – Download
Click below links to download script (to SSH to a device and run multiple commands) and other file Please change the file extension from .txt to .py for executing directly.