Step 1
|
To create the tenant and VRF, on the menu bar, choose and in the Create Tenant dialog box, perform
the following tasks:
-
In the Name field, enter the tenant name.
-
In the VRF Name field, enter the VRF name.
-
Click Submit.
|
Step 2
|
To create a bridge domain, in the Navigation pane, expand
Tenant and Networking and
perform the following steps:
-
Right-click Bridge Domains and choose
Create Bridge Domain.
-
In the Name field, enter a name for the bridge
domain (BD).
-
(Optional) Click the box for Advertise Host
Routes to enable advertisement to all deployed border
leaf switches.
-
In the VRF field, from the drop-down list,
choose the VRF you created (v1 in this example).
-
Click Next.
-
Click the + icon on
Subnets.
-
In the Gateway IP field, enter the subnet for the
BD.
-
In the Scope field, choose Advertised
Externally.
Add the L3 Out for Route Profile later, after
you create it.
Note
|
If Advertise Host Routes is enabled, the
route-map also matches all host routes.
|
-
Click OK.
-
Click Next and click
Finish.
|
Step 3
|
To create an application EPG, perform the following steps:
-
Right-click Application Profiles and choose
Create Application Profile.
-
Enter a name for the application.
-
Click the + icon for EPGs.
-
Enter a name for the EPG.
-
From the BD drop-down list, choose the bridge domain you previously
created.
-
Click Update.
-
Click Submit.
|
Step 4
|
To start creating the L3Out, on the Navigation pane,
expand Tenant and Networking, then
right-click L3Outs and choose Create
L3Out.
The Create L3Out wizard appears. The following steps
provide the steps for an example L3Out configuration using the
Create L3Out wizard.
|
Step 5
|
Enter the necessary information in the Identity window of
the Create L3Out wizard.
-
In the Name field, enter a name for the
L3Out.
-
From the VRF drop-down list, choose the
VRF.
-
From the L3 Domain drop-down list, choose the
external routed domain that you previously created.
-
In the area with the routing protocol check boxes, check the desired
protocols (BGP, OSPF, or EIGRP).
For the example in this chapter, choose BGP
and OSPF.
Depending on the protocols you choose, enter the properties that must
be set.
-
Enter the OSPF details, if you enabled OSPF.
For the example in this chapter, use the OSPF area
0 and type Regular
area.
-
Click Next to move to the Nodes and
Interfaces window.
|
Step 6
|
Enter the necessary information in the Nodes and
Interfaces window of the Create L3Out
wizard.
-
Determine if you want to use the default naming convention.
In the Use Defaults field, check if you want
to use the default node profile name and interface profile names:
-
The default node profile name is
L3Out-name_nodeProfile,
where L3Out-name is the name that you
entered in the Name field in the
Identity page.
-
The default interface profile name is
L3Out-name_interfaceProfile,
where L3Out-name is the name that you
entered in the Name field in the
Identity page.
-
In the Interface Types area, make the necessary
selections in the Layer 3 and Layer 2 fields.
-
From the Node ID field drop-down menu, choose
the node for the L3Out.
For the topology in these examples, use node
103 .
-
In the Router ID field, enter the router ID
(IPv4 or IPv6 address for the router that is connected to the L3Out).
-
(Optional) You can configure another IP address for a loopback address, if
necessary.
The Loopback Address field is automatically
populated with the same entry that you provide in the
Router ID field. This is the equivalent
of the Use Router ID for Loopback Address
option in previous builds. Enter a different IP address for a
loopback address, if you don't want to use route ID for the loopback
address, or leave this field empty if you do not want to use the
router ID for the loopback address.
-
Enter necessary additional information in the Nodes and
Interfaces window.
The fields shown in this window varies, depending on the options that
you select in the Layer 3 and
Layer 2 areas.
-
When you have entered the remaining additional information in the
Nodes and Interfaces window, click
Next.
The Protocols window appears.
|
Step 7
|
Enter the necessary information in the Protocols window
of the Create L3Out wizard.
Because you chose BGP and OSPF as the protocols for this example, the
following steps provide information for those fields.
-
In the BGP Loopback Policies and BGP
Interface Policies areas, enter the following
information:
-
Peer Address: Enter the peer IP address
-
EBGP Multihop TTL: Enter the connection time to live
(TTL). The range is from 1 to 255 hops; if zero, no TTL is
specified. The default is zero.
-
Remote ASN: Enter a number that uniquely identifies
the neighbor autonomous system. The Autonomous System Number
can be in 4-byte as plain format from 1 to 4294967295.
Note
|
ACI does not support asdot or asdot+ format AS
numbers.
|
-
In the OSPF area, choose the default OSPF
policy, a previously created OSPF policy, or Create OSPF
Interface Policy.
-
Click Next.
The External EPG window appears.
|
Step 8
|
Enter the necessary information in the External EPG
window of the Create L3Out wizard.
-
In the Name field, enter a name for the external
network.
-
In the Provided Contract field, enter the name
of a provided contract.
-
In the Consumed Contract field, enter the name
of a consumed contract.
-
In the Default EPG for all external networks
field, uncheck if you don’t want to advertise all the transit routes out
of this L3Out connection.
The Subnets area appears if you uncheck this box. Specify the desired
subnets and controls as described in the following steps.
-
Click the + icon to expand
Subnet, then perform the following actions in
the Create Subnet dialog box.
-
In the IP address field, enter the IP address and
network mask for the external network.
-
In the Name field, enter the name of the
subnet.
-
In the Scope field, check the appropriate check
boxes to control the import and export of prefixes for the L3Out.
Note
|
For more information about the scope options, see the online help
for this Create Subnet panel.
|
-
(Optional) Click the check box for Export Route Control
Subnet.
The BGP Route Summarization Policy field now
becomes available.
-
In the BGP Route Summarization Policy field,
from the drop-down list, choose an existing route summarization policy
or create a new one as desired.
The type of route summarization policy depends on the routing
protocols that are enabled for the L3Out.
-
Click OK when you have completed the necessary
configurations in the Create Subnet window.
-
(Optional) Repeat to add more subnets.
-
Click Finish to complete the necessary
configurations in the Create L3Out wizard.
|
Step 9
|
Navigate to the L3Out that you just created, then right-click on the L3Out and
select Create Route map for import and export route
control.
|
Step 10
|
In the Create Route map for import and export route
control window, perform the following actions:
-
In the Name field, enter the route map name.
-
Choose the Type.
For this example, leave the default, Match Prefix AND
Routing Policy.
-
Click the + icon to expand
Contexts and create a route context for the
route map.
-
Enter the order and name of the profile context.
-
Choose Deny or Permit for
the action to be performed in this context.
-
(Optional) In the Set Rule field, choose Create
Set Rules for a Route Map.
Enter the name for the set rules, click the objects to be used in the
rules, and click Finish.
-
In the Match Rule field, choose Create
Match Rule for a Route Map.
-
Enter the name for the match rule and enter the Match Regex
Community Terms, Match Community
Terms, or Match Prefix to match in
the rule.
-
When you have finished filling in the fields in the Create
Match Rule window, click Submit.
-
In the Create Route Control Context dialog box,
click OK.
-
In the Create Route map for import and export route
control dialog box, click
Submit.
|
Step 11
|
In the Navigation pane, expand , and perform the following actions:
-
Click the + icon to expand Route
Control Profile.
-
In the Name field, choose the route control
profile that you previously created from the drop-down list.
-
In the Direction field, choose Route
Export Policy.
-
Click Update.
|
Step 12
|
In the Navigation pane, under expand Bridge Domains.
Note
|
If the L3Out is static, you are not required to choose any bridge domain
settings.
|
|
Step 13
|
Choose the bridge domain that you created.
-
In the Work pane, click the
Policy tab and L3
Configurations.
-
Click the + icon to expand the
Associated L3 Outs field, choose the previously
configured L3Out, and click Update.
-
In the L3Out for Route Profile field, choose the
L3Out again.
-
Click Submit and Submit
Changes.
|
Step 14
|
Navigate to the L3Out that you just created, then right-click on the L3Out and
select Create Route map for import and export route
control.
|
Step 15
|
In the Create Route map for import and export route
control window, perform the following actions.
Note
|
To set attributes for BGP, OSPF, or EIGRP for received routes, create a
default-import route control profile, with the appropriate set actions
and no match actions.
|
-
In the Name field, choose
default-import.
-
In the Type field, you must select
Match Routing Policy Only
-
In the Create Route map for import and export route
control dialog box, click
Submit.
|
Step 16
|
To enable communications between the EPGs consuming the L3Out, create at least
one filter and contract, using the following steps:
-
In the Navigation pane, under the tenant consuming the L3Out, expand
Contracts.
-
Right-click Filters and choose Create
Filter.
-
In the Name field, enter a filter name.
A filter is essentially an Access Control List (ACL).
-
Click the + icon to expand
Entries, and add a filter entry.
-
Add the Entry details.
For example, for a simple web filter, set criteria such as the
following:
-
Click Update.
-
In the Create Filter dialog box, click
Submit.
|
Step 17
|
To add a contract, use the following steps:
-
Under Contracts, right-click
Standard and choose Create
Contract.
-
Enter the name of the contract.
-
Click the + icon to expand
Subjects to add a subject to the
contract.
-
Enter a name for the subject.
-
Click the + icon to expand
Filters and choose the filter that you
previously created from the drop-down list.
-
Click Update.
-
In the Create Contract Subject dialog box, click
OK.
-
In the Create Contract dialog box, click
Submit.
|
Step 18
|
Associate the EPGs for the L3Out with the contract, with the following
steps:
In this example, the L3 external EPG (extnw1 ) is the
provider and the application EPG (epg1 ) is the
consumer.
-
To associate the contract to the L3 external EPG, as the provider,
under the tenant, click Networking, expand
L3Outs, and expand the L3Out.
-
Expand External EPGs, click the L3 external EPG,
and click the Contracts tab.
-
Click the the + icon to expand
Provided Contracts.
-
In the Name field, choose the contract that you
previously created from the list.
-
Click Update.
-
To associate the contract to an application EPG, as a consumer, under
the tenant, navigate to and expand the app-epg-name.
-
Right-click Contracts, and choose Add
Consumed Contract.
-
On the Contract field, choose the contract that
you previously created.
-
Click Submit.
|