The ACI fabric
provides multiple attachment points that connect through leaf ports to various
external entities such as bare metal servers, virtual machine hypervisors,
Layer 2 switches (for example, the Cisco UCS fabric interconnect), or Layer 3
routers (for example Cisco Nexus 7000 Series switches). These attachment points
can be physical ports, FEX ports, port channels, or a virtual port channel
(vPC) on leaf switches.
When creating a VPC domain between two leaf switches, both switches must be in the same switch generation, one of the following:
Switches such as these two are not compatible VPC peers. Instead, use switches of the same generation
- Generation 1 - Cisco Nexus N9K switches without “EX” on the end of the switch name; for example, N9K-9312TX
- Generation 2 – Cisco Nexus N9K switches with “EX” on the end of the switch model name; for example, N9K-93108TC-EX
An Attachable Entity Profile (AEP) represents a group of external entities with similar infrastructure policy requirements. The infrastructure policies consist of physical interface policies that configure various protocol options, such as Cisco Discovery Protocol (CDP), Link Layer Discovery Protocol (LLDP), or Link Aggregation Control Protocol (LACP).
An AEP is required to
deploy VLAN pools on leaf switches. Encapsulation blocks (and associated VLANs)
are reusable across leaf switches. An AEP implicitly provides the scope of the
VLAN pool to the physical infrastructure.
The following AEP requirements and dependencies must be accounted for in various configuration scenarios, including network connectivity, VMM domains, and multipod configuration:
The AEP defines
the range of allowed VLANS but it does not provision them. No traffic flows
unless an EPG is deployed on the port. Without defining a VLAN pool in an AEP,
a VLAN is not enabled on the leaf port even if an EPG is provisioned.
A particular VLAN
is provisioned or enabled on the leaf port that is based on EPG events either
statically binding on a leaf port or based on VM events from external
controllers such as VMware vCenter or Microsoft Azure Service Center Virtual
Machine Manager (SCVMM).
Attached entity profiles can be associated directly with application EPGs, which deploy the associated application EPGs to all those ports associated with the attached entity profile. The AEP has a configurable generic function (infraGeneric), which contains a relation to an EPG (infraRsFuncToEpg) that is deployed on all interfaces that are part of the selectors that are associated with the attachable entity profile.
A virtual machine
manager (VMM) domain automatically derives physical interface policies from the
interface policy groups of an AEP.
An override policy at
the AEP can be used to specify a different physical interface policy for a VMM
domain. This policy is useful in scenarios where a VM controller is connected
to the leaf switch through an intermediate Layer 2 node, and a different policy
is desired at the leaf switch and VM controller physical ports. For example,
you can configure LACP between a leaf switch and a Layer 2 node. At the same
time, you can disable LACP between the VM controller and the Layer 2 switch by
disabling LACP under the AEP override policy.