Configuring Connectivity to Devices

About In-Band Management for Devices

The Cisco Application Policy Infrastructure Controller (Cisco APIC) provides a mechanism for managing devices within each tenant in-band through the Cisco Application Centric Infrastructure (ACI) fabric. This configuration option provides device management connectivity without requiring the management IP addresses used on devices to be routable within the infra tenant and mgmt tenant.


Note

This feature is separate from in-band management for the Cisco APICs and fabric nodes. In-band management for the fabric is not required for you to manage devices in-band.

In-band management communication between the Cisco APICs and devices is enabled by configuring unique IP addresses on the Cisco APICs. The IP addresses are known as controller endpoints. These IP addresses are not actually configured on the Cisco APIC interfaces, but instead are used in conjunction with Network Address Translation (NAT) to establish management communication with the devices. The NAT addresses that are used by the Cisco APICs are automatically selected by the Cisco APIC and fall within the 169.254.0.0/16 address range.

In addition, each device management IP address is presented to the Cisco APICs as a translated IP address. This translated address is referred to as the mapped host address.

The following figure depicts the address translation between the Cisco APIC and the devices:

Figure 1. Network Address Translation Between the Cisco APIC and the Devices

Configuring In-Band Management for Devices Using the GUI

You can configure in-band management for devices using the GUI.

Procedure

Step 1

On the menu bar, choose Tenants > All Tenants.

Step 2

In the Work pane, double click the tenant's name.

Step 3

In the Navigation pane, choose Tenant tenant_name > Services > L4-L7 > Devices.

Step 4

In the Work pane, choose Actions > Create L4-L7 Devices

Step 5

In the Create L4-L7 Devices dialog box, fill in the fields as required, except as specified below:

  1. For the APIC to Device Management Connectivity radio buttons, choose In-Band.

  2. In the EPG drop-down list, choose Create Management EPG.

Step 6

In the Create Management EPG dialog box, fill in the fields as required, except as specified below:

  1. In the Application Profile drop-down list, choose an existing application profile where the EPG will reside. Optionally, create a new application profile by choosing Create Application Profile.

    If you create a new application profile, leave the EPG section and Contracts section blank.

  2. In the Name field, enter a name for the management EPG.

  3. In the Bridge Domain drop-down list, choose a domain.

  4. In the Domains section, add a domain profile.

  5. In the Reserved IP addresses for APICs section, click + to create a new IP address pool.

Step 7

In the Create IP Address Pool dialog box, fill in all of the fields and click OK.

The IP address pool defines the controller endpoint addresses. The IP addresses in the pool are the IP addresses that the devices will see as the Application Policy Infrastructure Controller (APIC) IP addresses.

If the address range that you defined for the controller endpoints is not part of the same subnet as the management IP addresses that you defined for the devices, you must define a subnet under the management EPG bridge domain that provides a next-hop gateway for the devices to reach the controller endpoints.

Step 8

In the Create Management EPG dialog box, click Submit.

The domain name for the management EPG should now be populated.

Step 9

In the Create L4-L7 Devices dialog box, complete the device setup. Be sure to include the management interface in the configuration of the interfaces.

Troubleshooting In-Band Management for Devices Using the GUI

If you chose an existing endpoint group (EPG) as the management EPG for the devices, you must manually add the management IP address pools and controller management policies. You can add these using the GUI.

Procedure

Step 1

On the menu bar, choose Tenants > All Tenants.

Step 2

In the Work pane, double click the tenant's name.

Step 3

In the Navigation pane, choose tenant_name > Application Profiles > application_profile_name > Application EPGs > EPG_name > L4/L7 IP Address Pool.

Step 4

In the Work pane, choose Actions > Create Address Pool.

Step 5

In the Create IP Address Pool dialog box, fill in the fields as required.

This adds the management IP address pool.

Step 6

In the Navigation pane, choose Tenant tenant_name > Services > L4-L7 > Inband Management Configuration for L4-L7 devices.

Step 7

In the Work pane, in the Controller Management Policies section, click + and fill in the fields as follows:

  1. In the Private Networks drop-down list, choose a private network.

  2. In the Address Pool drop-down list, choose the pool that you just created.

Step 8

Click Update.

This adds the controller management policy.