New and Changed Information
The following table provides an overview of the significant changes to this guide for this release. The table does not provide an exhaustive list of all changes made to the guide or of the new features up to this release.
|
Feature |
Decription |
Where Documented |
|---|---|---|
|
Support in flood for encapsulation for domains with VXLAN encapsulation |
You can configure flood in encapsulation for endpoint groups (EPGs) attached to virtual domains with VXLAN encapsulation. Previously, only VLANs were supported for flood in encapsulation for virtual domains. Flood in encapsulation is used to limit flooding traffic inside a bridge domain to a single encapsulation. You configure flood in encapsulation when you create or modify a bridge domain or an EPG. |
Bridging |
|
Feature |
Description |
Where Documented |
|---|---|---|
|
Enhanced Breakout Support on Profiled QSFP Ports on N9K-C93180YC-FX Switches |
Support is added for 100 Gigabit (Gb) (4X25Gb) and 40Gb (4X10Gb) dynamic breakouts on profiled QSFP ports on the N9K-C93180YC-FX switch (in ACI mode). |
Dynamic Breakout Ports |
|
Enhanced Port Profile Support on N9K-C93180YC-FX Switches |
Support is added on the N9K-C93180YC-FX switch for port profiles to change ports from uplink to downlink or downlink to uplink. |
Configuring Port Profiles to Change Ports from Uplink to Downlink or Downlink to Uplink |
|
Fibre Channel NPV |
Support for FC traffic over the Fabric |
Fibre Channel Connectivity |
|
Cloning Port Configurations |
Support for cloning port configurations is added. After you configure a leaf switch port, you can copy the configuration and apply it to other ports. |
Access Interfaces |
|
Flood in encapsulation enhancements |
Information is added about protocols supporting the Flood in Encapsulation option for bridge domains or EPGs. |
Bridging |
|
Feature |
Description |
Where Documented |
|---|---|---|
|
Enhanced Breakout Support on Profiled QSFP Ports on N9K-C9336C-FX2 Switches |
Support is added for 100Gb (4X25Gb) and 40Gb(4X10Gb) dynamic breakouts on profiled QSFP ports on the N9K-C9336C-FX2 switch (in ACI mode). |
Dynamic Breakout Ports |
|
Feature or Change |
Description |
Where Documented |
|---|---|---|
|
Disabling IP Learning per Bridge Domain |
IP learning per bridge domain is disabled when two hosts are connected as active and standby hosts to the Cisco ACI switches. The MAC learning still occurs in the hardware but the IP learning only occurs from the ARP/GARP/ND processes. This enhancement allows for flexible deployments, for example, firewalls or local gateways. |
Bridge Domain Options |
|
MACsec |
MACsec provides MAC-layer encryption over wired networks by using out-of-band methods for encryption keying. The MACsec Key Agreement (MKA) Protocol provides the required session keys and manages the required encryption keys. |
MACsec |
|
Flood in Encapsulation |
Beginning with Cisco ACI Release 3.1(1) on the Cisco ACI switches with the next generation ASICs and onwards, all protocols are flooded in encapsulation. Multiple EPGs are now supported under one bridge domain with an external switch. When two EPGs share the same BD and the Flood in Encapsulation option is turned on, the EPG flooding traffic does not reach the other EPG. It overcomes the challenges of using the Cisco ACI switches with the Virtual Connect (VC) tunnel network. |
Flood in Encapsulation |
|
Basic GUI topics removed |
Basic GUI procedures are no longer supported |
The following topics have been removed:
|
|
Breakout Support for 100Gb (4X25Gb) Ports on N9K-C93180LC-EX Switches |
Support is added for 100Gb (4X25Gb) dynamic breakouts on the N9K-C93180LC-EX switch (in ACI mode). |
Dynamic Breakout Ports |
|
Feature or Change |
Description |
Where Documented |
|---|---|---|
|
Q-in-Q Encapsulation Mapping for EPGs |
With this release, you can map double-tagged VLAN traffic ingressing on a regular interface, PC, or VPC to an EPG. |
Q-in-Q Encapsulation Mapping for EPGs |
|
Enforced Bridge Domain |
Enforced bridge domain is supported, in which an endpoint in a subject endpoint group (EPG) can only ping subnet gateways within the associated bridge domain. With this configuration enabled, you can create a global exception list of IP addresses which can ping any subnet gateway. |
Enforced Bridge Domain in Bridging |
|
Configuring Leaf Switch Using Port Association |
Using these GUI steps, you can now choose the port and then apply a policy to it. |
Configuring Leaf Switch Physical Ports Using Port Association |
|
Feature or Change |
Description |
Where Documented |
|---|---|---|
|
802.1Q Tunnel enhancements |
Now you can configure ports on core-switches for use in Dot1q Tunnels for multiple customers. You can also define access VLANs to distinguish between customers consuming the corePorts. You can also disable MAC learning on Dot1q Tunnels. |
802.1Q Tunnels |
|
Symmetric hashing |
Symmetric hashing is now supported on port channels. |
Port Channels |
|
Reflective relay (802.1Qbg) |
Reflective relay transfers switching for virtual machines out of the host server to an external network switch. It provides connectivity between VMs on the same physical server and the rest of the network. It allows policies that you configure on the Cisco APIC to apply to traffic between the VMs on the same server. |
Access Interfaces |
|
Traffic Storm control Unicast/Multicast differentiation |
Allows you to configure Storm Control on each traffic type separately. |
Traffic Storm Control |
|
Feature or Change |
Description |
Where Documented |
|---|---|---|
|
Document Reorganization |
The topics in this guide were collected from Cisco APIC Basic Configuration Guide and the following APIC articles:
|
Cisco APIC Layer 2 Configuration Guide |
|
Feature |
Description |
Where Documented |
|---|---|---|
|
FCoE over FEX |
You can now configure FCoE over FEX ports. |
FCoE Connections |
|
CDP supported in policies on interfaces to FEX devices |
In this release, support is added for CDP on interfaces to FEX devices. |
Access Interfaces |
|
802.1Q Tunnels |
You can now configure 802.1Q tunnels on edge ports to enable point-to-multi-point tunneling of Ethernet frames in the fabric, with Quality of Service (QoS) priority settings. |
802.1Q Tunnels |
|
Dynamic Breakout Ports |
To enable a 40 Gigabit Ethernet (GE) leaf switch port to be connected to 4-10GE capable (downlink) devices (connected with Cisco 40-Gigabit to 4X10-Gigabit breakout cables), you configure the 40GE port to breakout (split) to 4-10GE ports. |
Dynamic Breakout Ports. |
|
Revision to topic Configuring a Traffic Storm Control Policy Using the CLI |
The topic was replaced with a new topic that uses the NX-OS Style CLI. |
See Configuring a Traffic Storm Control Policy Using the NX-OS Style CLI in Traffic Storm Control. |
|
Feature or Change |
Description |
Where Documented |
|---|---|---|
|
Revision to topic Configuring a Traffic Storm Control Policy Using the Advanced GUI. |
Advanced GUI revisions have changed the navigation path to the Storm Control Interface Policy work pane. |
Traffic Storm Control |
|
Proxy ARP |
Proxy ARP in Cisco ACI enables endpoints within a network or subnet to communicate with other endpoints without knowing the real MAC address of the endpoints. Proxy ARP is aware of the location of the traffic destination, and offers its own MAC address as the final destination instead. |
Proxy ARP |
|
Feature or Change |
Description |
Where Documented |
|---|---|---|
|
Fibre Channel over Ethernet (FCoE) support |
An overview and configuration topics for implementing FCoE connectivity over the ACI fabric. |
FCoE Connections |
|
Feature or Change |
Description |
Where Documented |
|---|---|---|
|
- |
Removed object model CLI procedure and replaced with NX-OS-Style CLI procedures. |
Creating AEP, Domains, and VLANs to Deploy an EPG on a Specific Port Using the NX-OS CLI Deploying and EPG on a Specific Port with APIC Using the NX-OS Style CLI |
Feedback