Lab1.

1 Fabric Setup

1. Fabric discovery

Step 1

Access to console of APIC VM via Esxi host web. Then input all the parameter to initial the fabric setup.

Keep all the default value.

Team Fabric Name OOB management IPv4 address

1 Fabric1 192.168.88.151/24
2 Fabric2 192.168.88.152/24
3 Fabric3 192.168.88.153/24
4 Fabric4 192.168.88.154/24

Press any key to continue... Enter

Starting Setup Utility

This setup utility will guide you through the basic configuration of the system. Setup configures
only enough connectivity for management of the system.

*Note: setup is mainly used for configuring the system initially, when no configuration is present.
So setup always assumes system defaults and not the current system configuration values.

Press Enter at anytime to assume the default values. Use ctrl-d at anytime to restart from the
beginning.

Cluster configuration ...

Enter the fabric name [ACI Fabric1]: Fabric
Enter the fabric ID (1-128) [1]: 1
Enter the number of active controllers in the fabric (1-9) [3]: 1
Enter the POD ID (1-12) [1]: 1
Is this a standby controller? [NO]: NO
Is this an APIC-X? [NO]: NO
Enter the controller ID (1-1) [1]: 1
Enter the controller name [apic1]: apic1
Enter address pool for TEP addresses [10.0.0.0/16]: 10.0.0.0/16
Note: The infra VLAN ID should not be used elsewhere in your environment
and should not overlap with any other reserved VLANs on other platforms.
Enter the VLAN ID for infra network (1-4094): 3967
Enter address pool for BD multicast addresses (GIPO) [225.0.0.0/15]: 225.0.0.0/15
 Out-of-band management configuration ...
Enable IPv6 for Out of Band Mgmt Interface? [N]: N
Enter the IPv4 address [192.168.10.1/24]: 192.168.11.1/24
Enter the IPv4 address of the default gateway [None]: 192.168.11.254
Enter the interface speed/duplex mode [auto]: auto

admin user configuration ...

Enable strong passwords? [Y]: N
Enter the password for admin: 1234QWer
Reenter the password for admin: 1234QWer

….

Would you like to edit the configuration? (y/n) [n]: n

Application Policy Infrastructure Controller

Version 4.1(1l)

apic1 login:

Step 2

Login to APIC UI via https://<OOB IP address>

Step 3

On the setup wizard, Fabric membership, register the first leaf which direct attach to APIC.

Step 4

Create Fabric node member by enter node ID and Switch name.

Example: Switch name could be LEAF101, LEAF102, SPINE103

Repeat step 4 for all the fabric node. ACI SIM have 1 Spine and 2 Leaves switchs
Step 5

Discover the APIC UI

Examine the top-most portion of the UI interface, also referred to as the menu bar (System, Tenants,
Fabric, Virtual Networking, L4–L7 Services, Admin, Operations, Apps, Integrations).

Step 6

Select the Tenants menu and choose a predefined tenant, common. A submenu bar will appear below
the menu bar. The Navigation pane displays on the left side of the Cisco APIC UI below the submenu bar.
This pane provides centralized navigation to all elements of the submenu category. If you choose a
component in the Navigation pane, its objects will display in the work pane on the right side of the Cisco
APIC UI. The work pane displays details about the component that is selected in the Navigation pane.
 Note

A tenant is a logical container for application policies that enable an administrator to exercise
domain-based access control. A tenant represents a unit of isolation from a policy perspective,
such as a customer in a service provider setting, an organization or domain in an enterprise
setting, or just a convenient grouping of policies. By default, there are three preconfigured tenants
in ACI: common, mgmt and infra.

Step 7

Briefly browse the remaining menus:

 System: The menu for APIC information, system-wide setting, fabric-wide view for fault, event
and audit log, etc.
 Fabric: Cisco ACI inventory and configuration point for leaf and spine nodes - includes but is not
limited to port channel and vPC configurations.
 Virtual Networking: Configuration menu for VM Manager integration, such as VMware vCenter,
Microsoft System Center Virtual Machine Manager (SCVMM) or KVM.
 L4-L7 Services: Package repository for upper-layer service elements, such as firewalls or load
balancers, that can be inserted into the fabric with Service Graph.
 Admin: Menu for controlling the operation, administration, and maintenance (OAM) aspects,
such as AAA, Syslog, SNMP, software upgrade, configuration backup, techsupport.
 Operations: Menu for visibility, troubleshooting, and capacity profiling.
 Apps: Menu for AppCenter applications provided by Cisco or a third-party vendor to run on Cisco
APIC that provide useful features for visibility, troubleshooting etc.
 Integrations: Menu for managing integrations with external device managers, such as Cisco UCS
Manager and Viptela vManage NMS.
2. Examine the Discovered Fabric

Step 8

Go to Fabric > Inventory > Topology and choose the Topology tab in the work pane to view your
environment.

Your APIC cluster consists of a single APIC server, dual-homed to both leaf switches. Each leaf is connected
to a spine switch. You would see the same topology view if you go to Fabric > Inventory > Pod 1 and select
the Topology tab from the work pane.
Step 9

Expand the Fabric > Inventory > Fabric Membership and examine the switches listed in the Registered
Nodes tab. If necessary, scroll to the right to see all information.

Your topology consists of three physical nodes (two leaves and one spine) and no virtual nodes. The node
names and node IDs have been assigned to the switches during registration. The node IDs and IP addresses
shown in the outputs will differ from the ones you will see in your fabric.

Step 10

Go back to the fabric topology page Fabric > Inventory > Topology > Topology and double-click each
device to verify its connections to other fabric elements.

Note

The Link Layer Discovery Protocol (LLDP) is responsible for discovering directly adjacent neighbors.
Once a switch node is discovered via LLDP and registration (node id and name assignment) is
performed, APIC assigns a TEP IP via DHCP and APIC communicates with the switch over the TEP
IP using a messaging system called Intra-Fabric Messaging (IFM).
Step 11

Go to Fabric > Inventory > Pod 1, select leaf-a, and examine the information shown in the General tab.

The information available in this page includes model type, serial number, management IP addresses
(missing at this point), and other chassis information.

Step 12

Click the Interface tab and hover the cursor over some interfaces to investigate their properties.
Step 13

Expand the menu of a switch in the navigation pane, and skim through the available inventory
information, such as the various interface types.
Step 14

Use PuTTY to connect via SSH to the Cisco APIC. Enter apic as the hostname. Log in as admin with password
from previous step. Run the show firmware upgrade status command to verify the software versions on
the fabric switches.

apic1# show firmware upgrade status

Pod Node Current-Firmware Target-Firmware Status Upgrade-Progress(%)

---------- ---------- -------------------- -------------------- ------------------------- --------------------

1 1 apic-4.1(1l) success 100

1 101 n9000-14.1(1l) not scheduled 0

1 102 n9000-14.1(1l) not scheduled 0

1 201 n9000-14.1(1l) not scheduled 0

The switch software versions must be identical and consistent with the APIC software release, as shown
above. You can use other options of the show firmware command to examine other firmware-related
information. To obtain context-sensitive help and command auto-completion, hit the Tab key twice or
type “?” like on NX-OS standalone devices.

Note

Most of the information discovered through the CLI can also be obtained in the APIC UI. For
example, to collect the firmware information, go to Admin > Firmware.

Step 15

On the APIC, run the acidiag -h command to view the available ACI diagnostics options.

apic1# acidiag -h

usage: acidiag [-h] [-v]

Step 16

View the fabric node vector using the acidiag fnvread command. View the TEP IP addresses assigned to
the switches over DHCP through the Infra VLAN.

apic1# acidiag fnvread

ID Pod ID Name Serial Number IP Address Role State LastUpdMsgId

--------------------------------------------------------------------------------------------------------------

101 1 leaf-a FDO23161CZ0 10.0.88.96/32 leaf active 0

102 1 leaf-b FDO23161MNG 10.0.88.98/32 leaf active 0

201 1 spine FDO231113UJ 10.0.88.97/32 spine active 0

Total 3 nodes

The IP addresses in your fabric will be different from the example below. The state of each node should
be active.

Step 17

On the APIC, view the appliance vector using the acidiag avread command. Cross-check the chassis ID with
the APIC UUID obtained from the leaves in the Cisco appliance vector TLV.

Step 18

On the APIC, view the interfaces using the ifconfig command.

apic1# ifconfig

bond0: flags=5187<UP,BROADCAST,RUNNING,MASTER,MULTICAST> mtu 1500

inet6 fe80::3a90:a5ff:fe40:76ea prefixlen 64 scopeid 0x20<link>

<...output omitted...>
bond1: flags=5187<UP,BROADCAST,RUNNING,MASTER,MULTICAST> mtu 1500

inet6 fe80::520f:80ff:fe2b:cda8 prefixlen 64 scopeid 0x20<link>

<...output omitted...>

bond0.3967: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1496

inet 10.0.0.1 netmask 255.255.255.255 broadcast 10.0.0.1

<...output omitted...>

….

The most relevant interfaces are explained below:

 bond0: A logical bond that bundles the physical interfaces attached to the fabric.
 bond1: A logical bond that provides out-of-band (OOB) connectivity
 bond0.3967: Subinterface of the bond0 interface that carries Infra traffic, such as packets
encapsulated with Infra VLAN (3967) 802.1Q header. The IP address of this subinterface is …... It
belongs to the TEP address pool (10.0.0.0/16) that was configured in the setup utility.
 oobmgmt: Logical interface for OOB management configured during the initial setup
Step 19

On the APIC, examine the bond0 configuration, defined in the file /proc/net/bonding/bond0. Identify the
active link.