Simulator Topology

Simulated Topology and Connections

The ACI Simulator implements the following topology:

  • Two spine switches (spine1, spine2)

  • Two leaf switches (leaf1, leaf2)

  • Three instances of APIC (apic1, apic2, apic3)

These components are connected as follows:

  • APIC instances apic1 and apic2 are connected to leaf1.

  • APIC instance apic3 is connected to leaf2.

  • Each leaf switch is connected to each spine switch

This diagram shows the components and connections simulated within the simulator server:

This figure shows the connection of several external ESX servers as an example. External servers connected to the simulator server ports shown will be connected to simulated leaf switches as shown. For example, a server connected to port 4 of the simulator server will appear as attached to port 2 of Leaf1.

The vCenter and vShield can be connected through the tenant management network or through the out-of-band management network. The ESX management connectivity to vCenter and vShield is external to the simulator server as shown in the figure.


Note


External servers are not part of the simulator, and need not be ESX servers. External servers may be connected directly to the simulator server ports or through an external switch such as a blade switch.


Simulator Server Physical Connections

The following figure shows the physical port connections to the rear panel of the simulator server.

To access the APIC, you must connect port 1 to your out-of-band management network. Port 2 can be connected to the tenant management network, which connects the leaf switches to the external network devices over layer 2 or layer 3. You can connect external hosts or layer 2 switches to any of the ports 3 through 8.


Note


The simulator server provides no data path switching between external network devices. You must connect the external servers to the tenant management network through additional interfaces on the external servers.


The following table lists ports for management and external server connections:

Port

Speed

Description

1

1G

Out-of-band management

2

1G

Tenant management

3

1G

Leaf1 port 1

4

1G

Leaf1 port 2

5

1G

Leaf2 port 1

6

1G

Leaf2 port 2

7

10G

Leaf2 port 3

8

10G

Leaf1 port 3

Connecting Network Service Appliances

This section describes how to connect physical or virtual network service appliances such as firewalls (Cisco ASA, for example) or ADC (application delivery controllers such as F5 BigIP or Citrix NetScaler).

The APIC network service integration feature automates these functions:

  • Service insertion—Configuring the network for redirecting traffic through network service appliances (nodes)

  • Service configuration—Configuring the network service appliance based on endpoint group and application requirements

To enable the network service integration feature with the simulator server, connect the service appliances (physical or virtual) to the simulator server as shown in the following figure:

The management interface of physical appliances must have a layer 2 (L2) connection to the Eth1 interface port of the simulator server. The management interface of network service appliances must be connected to a port-group providing L2 connectivity to the out-of-band management network. Additionally, the automation of network connectivity for a virtual service appliance requires APIC to have connectivity to the vCenter server managing the virtual service appliance VM.


Note


The simulator server provides only the capability to validate service network configuration and service function configuration. As shown in the figure, data packets do not traverse through the simulator.


Connecting AAA Server and Syslog Server

The following figure shows how to connect the simulator to a AAA server and a syslog server, through either a L2 or L3 connection. Refer to the applicable configuration guides for configuring the external network, configuring the AAA (RADIUS, TACACS+, or LDAP) server, and configuring a syslog (or Cisco Call Home) server.