Cisco ACI EPG: Hosts Connectivity

Setting up basic connectivity between two hosts across two Endpoint Groups (EPGs) in a network requires the configuration of a network fabric that includes switches, routers, and Application Policy Infrastructure Controllers (APICs) in a Cisco ACI environment. I'll walk you through a detailed scenario to set up this basic connectivity between two hosts in two EPGs.

Scenario:

Suppose we have the following topology:

Step 1: Create the Application Profile and EPGs in Cisco ACI

1) Log in to the Cisco APIC controller web interface.

2) Navigate to "Tenants" and create a new tenant if you haven't already.

3) Within the tenant, create an "Application Profile" (e.g., "AppProfile1").

4) Inside the "Application Profile," create two EPGs (Endpoint Groups) called "EPG_A" and "EPG_B".

Step 2: Create the Bridge Domain and Subnets

1)  Still in the "Application Profile," create a new "Bridge Domain" (e.g., "BD1").

2) Define the subnet for "BD1" and ensure it does not overlap with any existing networks.

● For EPG_A, you could use "10.0.0.0/24".

● For EPG_B, you could use "20.0.0.0/24".

Step 3: Define Contracts

1) In the "Common" tenant, create a "Contract" (e.g., "Contract_AB").

2) Inside the "Contract_AB," create two "Subjects": "Subject_A" and "Subject_B".

Step 4: Associate EPGs with Bridge Domain and Contracts

1) Go back to the "AppProfile1" in your tenant.

2) Associate "EPG_A" with "BD1" and "Contract_AB" (using "Subject_A").

3) Associate "EPG_B" with "BD1" and "Contract_AB" (using "Subject_B").

Step 5: Attach Hosts to Switch Ports

1) Connect "Host A" to an access port on a switch in the fabric.

2) Connect "Host B" to another access port on a switch in the fabric.

Step 6: Verify and Test Connectivity

1) Ensure that the switches have connectivity to each other within the ACI fabric.

2) Verify that "Host A" and "Host B" are correctly associated with "EPG_A" and "EPG_B," respectively.

3) Check that "Host A" and "Host B" have IP addresses within the defined subnets (10.0.0.0/24 and 20.0.0.0/24, respectively).

4) Verify that "EPG_A" and "EPG_B" are associated with "BD1" and "Contract_AB" correctly.

After completing these steps, "Host A" and "Host B" should now be able to communicate with each other through their respective EPGs and the defined contract. Any traffic originating from "Host A" will be allowed to reach "Host B" based on the contract settings.