Cisco Data Center and Cloud Made Easy
Cisco Data Center and Cloud Made Easy
Are Data Center and Cloud technologies too complicated? Have you looked for a simple way to understand Cisco Data Center technologies and even see them working through demos? Trying to implement Cisco Data Center and Cloud Technologies yourself? Here's a channel created and maintained by Cisco engineers that will help you do all that in both English and Spanish
Piensas que las soluciones de Data Center y Cloud son muy complicadas? Estás buscando una manera fácil de entender las tecnologías de Cisco y verlas funcionar en demos? Estás buscando implementar tecnologías de Data Center y Cloud de Cisco por ti mismo? Este canal fue creado por ingenieros de Cisco para ayudarte a entender mejor estas tecnologías de manera fácil tanto en Inglés como en Español
This is not a Cisco official/sponsored channel, therefore must not be taken as such. Este no es un canal oficial de Cisco.
Пікірлер
Cisco has outsourced their entire operations overseas. They cannot even find a single native English speaker to do promos anymore.
Hi Lee, do you work at Cisco? Because I do and what you are pointing out is not true. Furthermore, this is not an official Cisco channel and we are not doing promos, just helping explain technical concepts to those interested in learning.
@@CiscoDataCenterMadeEasy I guess you have never eaten lunch in the Cisco lunchroom on the San Jose campus. It looks like H1B heaven.
@@leeoswald9799 that's right, it is called diversity Lee. We definitely have people from all around the world in Cisco and every Silicon-Valley-based company
@@CiscoDataCenterMadeEasy It is less about diversity as it is Cisco hiring those who will work for the least amount of money. I will leave it to Cisco customers to respond--How was your last Cisco TAC experience? Did you get connected to some guy in a third world country who knew less about your issue than you did?
Will the last video be posted?
Thanks for asking, Pablo Urcid is already working on it. We hope we can publish it soon
Amazing series I learned alot from these videos. Is there any plan to develop mode videos for example on Multisite topology and multisite orchestrator..some introduction to nexus dashboard
Thank you! Yes, we are just waiting for Nexus Dashboard 3.2 to come out so that we can show the new installation model and the latest changes. There's some behavioral adjustments that are happening on ND as we speak, simplifying some things and accelerating others, so, we want to make sure that the video stays relevant for as long as possible
@@CiscoDataCenterMadeEasy Thanks for quick reply mate. Much appreciated.
why do we configure a static default route when we are using OSPF. Cant we inject a default route from ISR through ospf (default information originate) inside ACI and not use static route
This is just based on my setup (where I was not redistributing static on OSPF through my ISR) and I also wanted to show how to configure static routes on ACI :)
Great explanation.
Pls enhance picture quality of this video , I am hardly see anything , 360 pixel
All videos are recorded at 4K, please adjust the resolution, it is likely that your bandwidth was slow and the video automatically was set to 360. Can you please try again?
I have checked on high bandwidth internet link , all video plays on good quality except this one.
@@AmitSingh-qf3th that is extremely weird, I am seeing the video right now on my computer and it has a 4K option available to be selected, not sure why this is happening to you Amit, wish I could be able to help
Finally got the issue it was downloaded 2 year back in KZread application with lower picture quality, ecerytime I am playing it is playing the same picture quality now I have removed the downloaded video and now I can change picture quality, very good explanation
no problem, glad to read it worked! Thank you@@AmitSingh-qf3th !
such an amazing series thank you so much. Just a quick question which platform you are using to lab these up. I know that ACI simulator is available for practice but data plane doesn't work. Any idea where to rack some cheaper rack rentals to practice these things
Hi, we have a lab ourselves. You are right, unfortunately the simulator has no data plane. You can also play a bit with dcloud.cisco.com, they have some good ACI labs there, have you tried them?
Great product, but their subsrciption model is simply out of scope for the most companies.
Thanks for your comment! Can you please let me know what would work better instead? We made some improvements to make it accessible to anybody whether through subscription or perpetual models. Always looking for feedback to make it better. Thanks again!
Hi , Why 1 extra aaep named multipod and 1 extra multipod policy group is created as we are not using it anywhere
hello bro pls share the powerpoint slide , i like ur animation when will you release the ACI Multi-Site Video? thanks
Está excelente, lo voy a tropicalizar para Andino!
Excelente Serginho!!! Muchas gracias y un abrazo!!!
Cisco's Multi-pod whitepaper says pods will always use pod1's internal TEP Pool... but doesn't seem like it. 🤷♂
@GamjaField APICs always use Pod 1s internal TEP Pool (even if they are connected to switches on different Pods), but each Pod's switch will use a different TEP Pool. e.g. TEP 1: 10.0.0.0/16 TEP 2: 10.1.0.0/16 APIC 1 and 2 in Pod 1 and APIC 3 in Pod 2 will always use the same TEP 10.0.0.0/16 Switches in Pod 1 will use 10.0.0.0/16 Switches in Pod 2 will use 10.1.0.0/16 Hope this helps
I love this one
Great Series ! quick question - Is there a difference between Nexus Dashboard Orchestrator (NDO) and NDFC ?
Yes, Nexus Dashboard is a "platform" that may run multiple services. Currently, the supported services are Orchestrator, Fabric Controller and Insights. Orchestrator - Focuses on Data Center (ACI, NDFC) and Cloud (AWS, Azure, Google) interconnection as well as policy centralization through templates. It is more often used for ACI than NDFC environments since NDFC can also automate multi-fabric configuration natively. Fabric Controller - Manages on-prem switches (Nexus, Catalyst, ASRs, 3rd party) and automates their connections through templates (whether EVPN VXLAN or Classic). It may run as a LAN Controller or SAN Controller. Insights: Processes telemetry from switches and then transform data into actionable insights to minimize downtime, report risk, sustainability and status of the network with a historical approach. Hope this helps!
Great Video, Can I get the Slides? Thank you.
Great stuff, thanks!
Abrazo Sergio!!!
Can I get the next video soon?
Sure, it will be posted next week! Pablo is finalizing editing it :)
Already published :)
There´s a misleading information in the video. Contracts are NOT bidirectional by default because filters are unidirectional by default. There are two options to make a contract bidirectional and both are manually configured: 1- Create a provider-consumer and a consumer-provider relationship between two EPGs for the same contract, or; 2- Enable the control "Apply in Both Directions" for the required filters under a contract (preferred). The second option is preferred because it preserves the "initiator" function of the Consumer EPG to start the communication session (client side).
Thanks for the clarification Luiz, you are right. I guess what the video is trying to explain is the following: If you allow traffic with contract A from a source EPG1/ESG1 to a destination EPG2/ESG2, returning traffic is allowed by default (uni-dir ignore flag is enabled by default), however, if traffic is sourced by EPG2/ESG2 to EPG1/ESG1, traffic will not be allowed and you need to have any of the options you mention above. Again, thanks for your comment!
Hi@@CiscoDataCenterMadeEasy, it´s exactly this statement that is not correct: "If you allow traffic with contract A from a source EPG1/ESG1 to a destination EPG2/ESG2, returning traffic is allowed by default (uni-dir ignore flag is enabled by default)". No, it´s not enabled by default. Maybe the confusion is that the checkbox "Apply Both Directions" for the contract subjects comes checked (enabled) in the latest APIC versions, but that´s a manual control. It´s a common mistake to assume that the simple association of a contract in a provider-consumer relationship between two EPGs will allow bidirectional traffic. Filters are unidir by default, so you must implement the bidir behaviour or the return traffic will be denied regardless of the protocols specified in the filter. Again, you either check the "Apply Both Directions" box in the Subject configuration pane (and also "Reverse Filter Ports" for TCP-based traffic), or you configure two provider-consumer relationships, one in each direction (both EPGs as provider and consumer of the same contract). This is well explained in the Cisco ACI Contract Guide White Paper: www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-743951.html Under "Contract subject configurations" we can see these configurations in detail. The DCACI course has also a good explanation with diagrams about this requirement to implement manually the bidirectional traffic. So I think this simple statement "aci contracts are bi-directionally by default" in the video should be updated to avoid confusion for the new learners. Luiz
@@luizldalmeida thanks! Yes, the argument comes from the fact that any newly created subject comes with Apply Both Directions and Reverse Port Filters option checked by default. It is certainly a manual knob you can enable or disable at the Subject Level. Is what you are referring to shown at 10:43 (regarding policy compression where we say we "reduce the default two-entries for bi-directional traffic into a single one")? In genera as part of the series, we are not saying they will always behave like that, but for practical purposes, those options are checked by default. I don't believe either we are saying that any provider-consumer relationship between two EPGs will allow bidirectional traffic, but if that's what is understood (especially in the policy compression section we can certainly adjust). I am well aware of the DCACI course since I collaborated in the creation of it :) Thanks for your feedback Luiz!
@@CiscoDataCenterMadeEasy, no , I´m referring to the part at 3:16 where he clearly states "aci contracts are bi-directionally by default" and the associated displayed image. The explanation about policy/TACM compression is correct, as it is all the rest of the video. Good to know you are one of the DCACI developers. I have taught the ACI course since 2016 (old DCAC9K) and contributed with a lot of feedback to improve the course contents. I also teach all other advanced ACI trainings (A/T/O/D) and provide consultancy for ACI implementations in Brazil. Thank you for the great discussion here.
can we establish the IPN connectivity with an existing production pod-1 without any impact in a brownfield scenario?
If pod-1 is production-grade and it is part of a critical operation, I would not risk it. Having a maintenance window for any changes is a generic recommendation. Local traffic should not be impacted, but it is possible that a few packets could be lost while the network re-converges (GiPO/BD assignment extension through multicast based IPN, route exchange across EVPN VXLAN spines over BGP/OSPF, etc.) If that's acceptable, I would recommend you take a snapshot of your ACI environment the way it is (at the fabric level and/or at the infra tenant, where your Multi-Pod configuration will be automatically deployed once you complete the wizard) and then proceed with the changes. Hope this helps
shouldn't the IPN MTU be the Spine MTU + 50B?
Not really. The fragmentation is based on the source endpoint transmission MTU. You can read more about it here: www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-737855.html "This essentially implies that the MTU support required in the IPN becomes solely dependent on the maximum size of frames generated by the endpoints connected to the ACI leaf nodes (that is, it must be 50B higher than that value)." Thanks for the comment though :)
@@CiscoDataCenterMadeEasy ah, I see I was wrong; I was actually thinking +50B MTU on the IPN side to accomodate the VXLAN header. You've already set that in the other video to 9150B so it's all good. Thanks a lot by the way for these series, they look very very good and I'm sure you've put a lot of effort in doing the animations.
@@ping-factory Sure! Thank you for your kind words!!!
where can i get the rest of the modules for ACI? is there any link please.
What is the topic you are looking for?
@@CiscoDataCenterMadeEasy Thank you for coming back to me, I want to learn these Tenants, BD, L2out, VXLAN (most importantly) and troubleshooting ACI environment. Would you be able to help in theses. Thank you
@@mohdikram322 did you take a look at this playlist? kzread.info/head/PL_RJ3HclrYc5oRUi0_iYeIl9yKN4Mwl3b Tenants, BDs: Module 3. L2 Out I would not recommend you use, instead extend an EPG statically, this is covered in the same Module 3. VXLAN is automatically built, therefore, there's not much for you to understand, however we go behind the scenes of what is happening in Module 3 Episode 2 Part 1 and 2. All the episodes have troubleshooting techniques and recommendations. Hope this helps!
@@CiscoDataCenterMadeEasy Great Thank you , i was looking after this series of modules but couldn't find them. Now i can see all the required information I am after. Thank you so much for helping me out with this.
Very good explanation however a bit fast speaking....by the time i was grasping the typing done by operator , the operator would have jumped to other section.
Thanks for your feedback! Will try to improve upon it!
great
Thanks for great videos, but where are other modules of nexus dashboard,only 1 module
That's right, we put a hold on Nexus Dashboard as it is undergoing an important UI transformation and we wanted to wait until it is released to make sure videos are relevant for a longer period of time :)
Agree with you , thanks for response and waiting for the updates
very useful, is this serial will continue? , thanks a lot
Any topic in particular you are looking for? We mostly covered every fundamental topic already :)
amazing , thanks alot
Exactly what we needed, excellent overview
Glad to know! Thank you!!
ah much clearer here, why on salesconnnect the video quality really damn good that I can not see it properly.
I am guessing they are trying to reduce the file size :)
Los videos son claros y precisos. Ayudan muchisimo a entender la nueva Infraestructura de ACI y APIC.
Gracias!!!
I put the password and when I go to gui the password doesnt work. tried fresh install and same problem,
Hi Aaron, would you be so kind in letting us know what ND version you are running so that we can look into it?
Hi carlos, thanks for providing ths video.could you please share the ppt link to download. it is more helpful to me..
I have not posted the PPT of these externally, I just made them available for Cisco Partners and Employees. If you are one of them, please contact me via e-mail/LinkedIn and I'll be more than happy to share with you
CCIE or Aws advanced networking ?
Why not both? :) Both exams have different approaches. It really depends what your focus is. If you have not passed the AWS Cloud Architect Associate Exam, I would start there, then do the CCIE Data Center (which will cover both underlays and overlays including VXLAN) and then complement that with the Advanced Networking exam (which will focus more on IPSec, VPNs, TGWs and networking scenarios in AWS), but just a suggestion :)
great Videos thanks a lot !
Glad you like them!!
Hello team, thank you very much for making this series of videos, they are very useful, easy to understand and with good English pronunciation (I'm from Argentina). I'm learning by watching all the episodes and putting them into practice with ACI Simulator. I have a question about it, is it possible with ACI Simulator do a "ping" between two virtual machines? I've configured as shown in the videos but the "ping" from one VM to the bridge domain gateway or to the other VM doesn't work, I guess it is a limitation of the simulator, but I would like your confirmation. Thanks a lots.
Hi David! Unfortunately it is not possible to perform a ping with the simulator since there is no actual data plane in it. The simulator is mainly to test configuration but there is no actual data flowing. There are some demo environments in dcloud.cisco.com that you could use to test communication if you'd like. Saludos!
great presentation !
These are the best videos on ACI I've found. Thank you very much!
Glad to see they are useful @nomoreospf
Great presentation! Question, if I just need run the NDFC only for now, which image should I download between App and Data nodes?
Hi! You need to first download Nexus Dashboard 2.1(1e) or later (we recommend going with the latest) using the app node image. Then you will be able to enable NDFC. Here's a link that may help you further: www.cisco.com/c/en/us/td/docs/dcn/ndfc/1201/installation/cisco-ndfc-install-and-upgrade-guide-1201/system-requirements.html Hope this is clear! Regards!
I appreciate your response, thanks.
What is avrf?
Hi John! A VRF (Virtual Routing and Forwarding) is basically a routing instance within a router. IP Addresses must be unique in a single routing instance/VRF (otherwise you will get duplicate IPs), however if you have 2 VRFs, you could technically have the same IPs on each one of them as long as they don't talk between them. This is useful for example if you want to logically segment your addressing and routing, or if you have Production and Development environments for a given app and you don't want to assign different IP Address spaces to make the transition in the app lifecycle seamless. Please let me know if you have any additional questions! Referenced Use-case: VRF PROD: Subnet: 1.1.1.0/24 --> Production subnet VRF DEV Subnet 1.1.1.0/24 --> Development Subnet When machines in the development subnet are promoted to production, they won't require any IP address change
It was very helpful
Great to read! thanks Manoj!
Very Informative and easy to understand. Thank You for creating this great content.
Quick and straight to the point.Awesome!!
Thank you!!!
Excelente Carlos !! Super sencillo !!
Gracias Juseph!!!
Good video
Does vcenter locally stores apic username and password?
Correct Ankur, the plugin will store your credentials securely
@@CiscoDataCenterMadeEasy isn't that a security risk? How does cisco makes sure that VMware is storing apic password securely?
@@CiscoDataCenterMadeEasy and Thanks for the video. Very nicely done.
We only keep them in memory, if the VC/vsphere-client restart, the user has the re-enter the credentials
1/53.4 you have used /30 subnet and Spine end you are configuring /24 , is it still working ?
Good catch! I realized this as I was editing the video. I used to have /30s in my lab before but then adjusted it to /24 to make it easier to follow, I think I left this from that version :)
I am cisco employee and I watched your almost 40 videos and every video information is more than expected. So I can say if anyone want to learn he/she go through your videos and learn any topic in less time. I have lab option so I have tested everything in Lab whatever you have shown in your videos. Anyone can grab more knowledge in less time.
@@alokmisra248 Thank you Alok for your kind words! Definitely encouraging!
Hi, This video is very useful. i'm kinda new to ACI and still learning about it. this video helped me to understand how to do initial APIC installation and it was very helpful. but i have a little problem, i forgot the default login for api after i installed. can you help me reset or recover my password? I would be very helpful if you know how to do it. thank you very much
Sure, here's a website that explains it fairly clearly unofficialaciguide.com/2018/04/09/apic-controller-password-recovery/ Please let me know if it works! Regards
Great videos, would like to see more in this series like - multi-site configuration and use cases.
Those are coming Sandev, Max is already in the process of recording them for the Nexus Dashboard series. Please stay tuned :)
Good overview, would be more interested in the multi-site setup like ISN setup, BD extensions, PBRs service-graphs from the NDO. Hope that you post them soon. Appreciated!
For ISN setup, you can re-use the Multi-Pod video for now... it is basically the same configuration (without the multicast part and DHCP Relay). Max is working on the Multi-site videos and hopefully they make it out soon!
Great video, thanks for sharing Carlos!
My pleasure Ming P!
Very useful!
Glad you think so!