Configuring Floating L3Out Using the REST API

Configuring a VLAN Pool for Floating L3Out Using the REST API

This section demonstrates how to configure a VLAN pool specifically to use with the floating Layer 3 outside network connection (L3Out).

Procedure

To configure a VLAN pool for floating L3Out

Example:

<fvnsVlanInstP name="vlanPool1" allocMode="dynamic">

What to do next

Configure a VMM Domain Profile for VMware VDS. See procedure Configuring a VMM Domain Profile for VMware VDS Using the REST API.

Configuring a VMM Domain Profile for VMware VDS Using the REST API

Use this procedure to create a Virtual Machine Manager (VMM) profile for the VMware vSphere Distributed Switch (VDS) if you have not already done so and want to use floating Layer 3 Out network communication (L3Out).


Note

To use a floating Layer 3 outside network connection (L3Out), you must configure a VLAN pool that has a static VLAN range for the VMM domain. Also, the VLAN pool must be the same as the VLAN pool of the L3Out domain. For example, both the range for the L3Out domain and the Virtual Machine Manager (VMM) domain must be 200-209.

Procedure

To configure a VMM domain profile for VMware VDS:

Example:


<polUni>
	<vmmProvP vendor="VMware">
		<vmmDomP name="FTD">
			<infraRsVlanNs tDn="uni/infra/vlanns-[vlanPool1]-dynamic" />
			<vmmUsrAccP name="creds" usr="administrator@vsphere.local" pwd="N1k@12345" />
			<vmmCtrlrP name="vcenter" rootContName="Datacenter" hostOrIp="10.197.145.212" status="created,modified">
				<vmmRsAcc tDn="uni/vmmp-VMware/dom-FTD/usracc-creds" />
			</vmmCtrlrP>
		</vmmDomP>
	</vmmProvP>
</polUni>

What to do next

Configure a Layer 3 Domain. See procedure Configuring a Layer 3 Domain Using the REST API.

Configuring a Layer 3 Domain Using the REST API

Create a Layer 3 domain before you create the Layer 3 outside network connection (L3Out).

Procedure

To configure a Layer 3 domain:

Example:


<l3extDomP name="L3Dom">
	<infraRsVlanNs tDn="uni/infra/vlanns-[vlanPool1]-dynamic"  status=""/>
</l3extDomP>

What to do next

Configure a floating L3Out. See the procedure Configuring a Floating L3Out Using the REST API.

Configuring a Floating L3Out Using the REST API

This section demonstrates how to configure a floating L3Out using the REST API.

Procedure

To configure a floating L3Out:

Example:

<fvTenant name="t1" status="">
<fvCtx name="inb"/>
<l3extOut name="l3out" status="">
<l3extRsL3DomAtt tDn="uni/l3dom-L3Dom"/>
<l3extInstP name="instPP">
<fvRsCons tnVzBrCPName="inb-mgmt-allow-all-contract"/>
</l3extInstP>
<l3extLNodeP name="borderLeaf">
<l3extRsNodeL3OutAtt tDn="topology/pod-1/node-101" rtrId="10.10.10.11" status=""/>
<l3extRsNodeL3OutAtt tDn="topology/pod-1/node-102" rtrId="10.10.10.12" status=""/>
<l3extRsNodeL3OutAtt tDn="topology/pod-1/node-103" rtrId="10.10.10.13" status=""/>
<l3extLIfP name="phyDom">
<l3extVirtualLIfP descr="" encap="vlan-638" nodeDn="topology/pod-1/node-101" mode="regular"
addr="11.11.11.11/24" ifInstT='ext-svi' status="">
<l3extRsDynPathAtt tDn="uni/phys-Floating-L3out" floatingAddr="11.11.11.12/24" status="">
<l3extIp addr="12.12.12.100/24" status=""/>
 </l3extRsDynPathAtt>
<l3extIp addr="12.12.12.14/24" status=""/>
</l3extVirtualLIfP>
</l3extLIfP>
</l3extLNodeP>
<l3extRsEctx tnFvCtxName="inb"/>
</l3extOut>
</fvTenant>

What to do next

Verify the floating L3Out configuration.

Configuring a Secondary IP Using the REST API

This section demonstrates how to configure a secondary and floating secondary IP using the REST API.

Procedure

To configure a secondary and floating secondary IP: 

<l3extVirtualLIfP mtu="9000" addr="20.20.20.21/24" encap="vlan-1030" nodeDn="topology/pod-1/node-101" ifInstT="ext-svi" status="">
                       <l3extIp addr=”11.11.11.1/24”/>
                  <l3extRsDynPathAtt tDn="uni/phys-physDom1" floatingAddr ="20.20.20.1/24">
                    <l3extIp addr=”11.11.11.2/24”/>
                  </l3extRsDynPathAtt>
                </l3extVirtualLIfP>.

Configuring Same VLAN Encapsulation for IPv4 and IPv6 Using the REST API

This section demonstrates how to configure the same VLAN encap for both IPv4 and IPv6 address families using the same VMM domain.

Procedure

To configure the same VLAN encap for IPv4 and IPv6: 


<l3extOut enforceRtctrl="export" mplsEnabled="no" name="l3out1"> 
    <l3extLNodeP name="l3out1_nodeProfile"> 
    <l3extLIfP name="l3out1_interfaceProfile"> 
        <l3extVirtualLIfP addr="60.60.60.1/24" encap="vlan-100" nodeDn="topology/pod-1/node-101"> 
            <l3extRsDynPathAtt floatingAddr="60.60.60.100/24" tDn="uni/vmmp-VMware/dom-vmmDom1"/> 
        </l3extVirtualLIfP> 
    </l3extLIfP> 
 
    <l3extLIfP name="l3out1_interfaceProfile2"> 
        <l3extVirtualLIfP addr="2021::1/64" encap="vlan-100" nodeDn="topology/pod-1/node-101"> 
            <l3extRsDynPathAtt floatingAddr="2021::100/64" tDn="uni/vmmp-VMware/dom-vmmDom1"/> 
        </l3extVirtualLIfP> 
    </l3extLIfP> 
    </l3extLNodeP> 
</l3extOut>

In the above configuration, the example addresses used are: 60.60.60.1 for IPv4 and 2021::1 for IPv6. VLAN encap is 100 for both.

Configuring the Avoidance of Suboptimal Traffic From an ACI Internal Endpoint to a Floating L3Out Using the REST API

This section demonstrate how to configure next hop propagation and direct-attached host route advertising using the REST API.

Before you begin

The following must be configured:

  • For Next Hop Propagation, the floating L3Out must be in a physical domain, not in a VMM domain.

  • A BD, EPG, and a contract between the EPG and L3Out EPG

Procedure

Step 1

To configure next hop propagation:

Example:


<rtctrlSetNhUnchanged annotation="" childAction="" descr="" extMngdBy="" lcOwn="local"modTs="never" name="" nameAlias="" rn="nhunchanged" status="created" type="nh-unchanged" uid="0"/>

Step 2

Configuring direct-attached host route advertising:

Example:


<l3extRsRedistributePol annotation="" childAction="" dn="uni/tn-neo/out-neoL3Out/rsredistributePol-[sap-rtmap]-am" extMngdBy="" forceResolve="yes" lcOwn="local" modTs="never"monPolDn="" rType="mo" rn="" src="am" state="unformed" stateQual="none" status="created"tCl="rtctrlProfile" tContextDn="" tDn="" tRn="" tType="name" tnRtctrlProfileName="sap-rtmap" uid="0"/>

Configuring Maximum Number of Paths for Redistribution of Routes in Fabric Using the REST API

The two properties that enable you to configure more paths are maxEcmp and maxEcmpIbgp in the bgpCtxAfPol object. After you configure these two properties, they are propagated to the rest of your implementation. The ECMP policy is applied at the VRF level.

The following example provides information on how to configure the BGP Max Path feature using the REST API:

Before you begin

Refer to the Verified Scalability Guide for Cisco APIC on the Cisco APIC documentation page for the acceptable values for the following fields.

Procedure

Post the following to configure the maximum number of paths for redistribution of routes in the fabric:


    <fvTenant descr="" dn="uni/tn-t1" name="t1">
        <fvCtx name="v1">
            <fvRsCtxToBgpCtxAfPol af="ipv4-ucast" tnBgpCtxAfPolName="bgpCtxPol1"/>
        </fvCtx>
        <bgpCtxAfPol name="bgpCtxPol1" maxLocalEcmp="16"/>
    </fvTenant>

Configuring Multiple Next-Hops Using the REST API

Procedure

To configure multiple next-hops, post the following: 


<fvTenant dn="uni/tn-t1">
    <rtctrlAttrP name="s1">
        <rtctrlSetRedistMultipath/>
    </rtctrlAttrP>
</fvTenant>