New and Changed Information for this Release
The following table provides an overview of the significant changes to this guide for this current release. The table does not provide an exhaustive list of all changes made to this guide or of all new features in this release.
Feature |
Description |
Where Documented |
---|---|---|
Introduction of Interface Policies |
Provision to add the following interface policies at fabric level:
|
|
Introduction of Port Policies |
Provision to add the following port policies at fabric level:
|
|
Enhancements to MACsec |
Provision to define and associate MACsec KeyChain policy and MACsec access parameters policy to MACsec interface policy. MACsec KeyChain policy consists of configuration specific to keychain definition, and MACsec access parameters policy consists of configuration related to MACsec functionality. |
|
Support for Virtual Switched Port Analyzer (VSPAN) |
Provision to start or stop VSPAN sessions on demand to copy relevant traffic from a virtual switch to a destination group. Also, you can perform the following tssks in a VSPAN session:
|
|
Support for Flow Record |
Provides support for define NetFlow record at fabric and tenant levels. |
|
Introduction of NetFlow Monitor Policy |
Provision to create a NetFlow monitor policy at fabric level and associate it with a flow record. You can also perform the following tasks:
|
|
Support for Flow Control Policy |
Provision to create Flow Control Policy at fabric level. |
|
Support for Slow Drain Policy |
Provision to create a slow drain policy at fabric level for handling FCoE packets that are causing traffic congestion on ACI Fabric. |
|
Support for Data Plane Policing |
Provision to create a data plane policing (DPP) policy at fabric level to manage bandwidth consumption on ACI fabric access interfaces. DPP policies can apply to egress traffic, ingress traffic, or both. |
|
Enhancements to the Interface Policy |
Provision to create alias for the following interface policies:
|
|
Support for APIC Monitoring Policy |
Provides support to define a monitoring policy as a default policy to be applied to all the tenants in an APIC account to monitor EPGs, application profiles, services, and so on. |
|
Enhancements to VRF |
Provides support to create BGP context per address family, OSPF context per address family, SNMP context, community profile, and BGP route target profile to VRFs. Also, provides support to add BGP route target to the BGP route target profile. |
|
Introduction of BGP Timers Policy |
Provision to define a BGP timers policy at tenant level. |
|
Enhancements to First-Hop Security (FHS) |
Provides support for associating an FHS policy to a tenant while adding a bridge domain to VRF. |
|
Support for DHCP Policy |
Provides support to add DHCP option policy to a tenant. |
|
Enhancements to Enhanced Interior Gateway Routing Protocol (EIGRP) |
Provision to define an eigrpCtxAfPol policy under tenant protocol policies and apply the policy to one or more VRFs under the tenant. |
|
Support for Snoop Policy |
Provides support to define Internet Group Management Protocol (IGMP) Snoop policy and Multicast Listener Discovery (MLD) Snoop policy at tenant level. |
Feature |
Description |
Where Documented |
---|---|---|
Support for PC/vPC Leaf Policy |
Provision to create a port channel (PC) and virtual port channel (vPC) leaf policy and associate it with:
|
|
Support for Access Port Selector |
Provision to add an access port selector to a fabric interface profile. |
|
Support for VMM Domain |
Provides support for creating a virtual machine manager (VMM) domain to integrate APIC with a third-party VMM (for example, VMware vCenter) to extend the benefits of ACI to the virtualized infrastructure. |
|
Support for Creating VRF in APIC |
Provision to define IPv4 unicast address family or IPv6 unicast address family as the EIGRP address family type, to configure an EIGRP routing instance. |
|
Enhancements to add Domain to an EPG |
Provision to configure a default port binding type for all new vEthernet port profiles. |
|
Support for Route Tag Policy | Provides support for creating a route tag policy with a tag value which is used to prevent routing loops. |
Feature |
Description |
Where Documented |
---|---|---|
Enhancements to tenant management |
Provision to define globally unique identifier (GUID) for SCVMM provider, and define an alias name for the tenant. While the tenant name cannot be changed after creation, the alias name of the tenant can be changed as required. |
|
Support for Neighbor Discovery Router Advertisement (ND RA) prefixes |
You can create ND RA prefixes for Layer 3 interfaces. |
|
Extension of support for APIC account |
You can perform the following tasks in APIC account:
|
|
Enhancements to EPG |
Extended the support for EPG to define data plane policy, forwarding control, preferred group member, flood on encapsulation, and FHS trust control policy during creation of EPG |
|
Support for EPG Contract Master |
Provision to define an EPG as a contract master for another EPG in the same tenant. To streamline associating contracts to new EPGs, you can enable EPG to inherit all the (provided and consumed) contracts from master EPG. |
|
Enhancements to APIC Contracts |
Cisco UCS Director introduces fields to define alias name, DSCP target, and tag for a contract subject during creation. When a contract is applied to both inbound and outbound traffic while creating a contract subject, the user gets the additional fields to define the service graph, QoS priority, and target DSCP for the in term and out term properties. If the selected contract does not apply to both directions, then the filter chain must be configured for consumer to provider and provider to consumer separately. Cisco UCS Director has the provision to define the filter chain for consumer to provider and provider to consumer. |
|
Support for data plane policing (DPP) |
You can use DPP to manage bandwidth consumption on ACI fabric access interfaces. |
|
Support for First-Hop Security (FHS) feature |
You can use FHS feature to achieve a better IPv4 and IPv6 link security and management over the layer 2 links. |
|
Enhancements to Routed Outside |
To support protocol and QoS in an external routed network, this release introduces additional fields in the following actions:
|
|
Extension of support for APIC L3out tasks changes |
New fields have been added to the following tasks to extend the support of L3out in APIC account:
|
|
Introduction of Logical NetFlow Monitoring Policy |
Provision to deploy and enable NetFlow policies on a per-interface basis, depending on the traffic-type or address family to be monitored (IPv4, IPv6, or Layer 2 (CE type)). |
|
Support for IGMP interface policy and route map |
Provision to add an IGMP interface policy and create route map policy for route redistribution or policy-based routing. |
|
Support for route control context |
Provision to define match action rules and set action rules for a route map. Also, you can create an action rule profile which is used to define the route-map set clauses for the L3out. |
|
Support for static route and route control profile |
Provision to add a next hop address to a static route and to add a route control profile to a subnet and external network. |
|
Support for vzAny |
Provision to define labels that determine which EPG consumers and EPG providers can communicate with one another. Label matching determines which subjects of a contract are used with a given EPG provider or EPG consumer of that contract. |