Cisco Aci for Dummies

The Cisco Application Centric Infrastructure (ACI) is a data center infrastructure that enables application agility, policy-based automation and operational simplicity.

The Cisco ACI fabric is a programmable, policy-based network that automates the provisioning and configuration of network resources. The ACI fabric uses the Application Policy Infrastructure Controller (APIC) to manage the network. The APIC provides a centralized point of control and management for the ACI fabric.

The Cisco ACI fabric is designed to support a variety of workloads, including virtual machines, containers and bare-metal servers. The ACI fabric uses the Open vSwitch Database (OVSDB) to manage the virtual switches in the fabric. The OVSDB is a standard database that is used to manage virtual switches.

The Cisco ACI fabric supports multiple tenants. A tenant is a logical isolation of network resources. Each tenant can have its own virtual networks, security policies and application profiles.

The Cisco ACI fabric uses the following technologies to provide network isolation and security:

Virtual Routing and Forwarding (VRF)

VRFs provide logical isolation of network resources. VRFs allow each tenant to have its own virtual router instance. VRFs are used to route traffic between tenants.

Virtual Extensible LAN (VXLAN)

VXLAN is a Layer 2 overlay protocol that is used to create virtual networks on top of a physical network. VXLAN allows each tenant to have its own virtual network. VXLAN uses MAC-in-IP encapsulation to encapsulate Ethernet frames in IP packets.

Generic Routing Encapsulation (GRE)

GRE is a tunneling protocol that is used to encapsulate traffic in IP packets. GRE tunnels can be used to route traffic between tenants.

Security Group Tags (SGTs)

SGTs are used to tag traffic with a security context. SGTs are used to implement security policies. SGTs are used to route traffic between tenants.

Network Address Translation (NAT)

NAT is used to map private IP addresses to public IP addresses. NAT is used to allow devices in a private network to communicate with devices in a public network.

The Cisco ACI fabric supports a variety of network services, including load balancing, firewalls, intrusion detection and prevention (IDP), and VPNs.

The Cisco ACI fabric uses the following technologies to provide network services:

Ethernet Virtual Private Network (EVPN)

EVPN is a Layer 2 overlay protocol that is used to create virtual private networks (VPNs). EVPN allows each tenant to have its own virtual private network. EVPN uses MAC-in-IP encapsulation to encapsulate Ethernet frames in IP packets.

Border Gateway Protocol (BGP)

BGP is a routing protocol that is used to route traffic between different networks. BGP is used to route traffic between tenants.

Virtual Private Network (VPN)

VPN is a tunneling protocol that is used to encapsulate traffic in IP packets. VPN tunnels can be used to route traffic between tenants.

The Cisco ACI fabric supports a variety of storage protocols, including Fibre Channel over Ethernet (FCoE), iSCSI and NFS.

The Cisco ACI fabric uses the following technologies to provide storage connectivity:

Fibre Channel over Ethernet (FCoE)

FCoE is a storage protocol that is used to connect storage devices to the ACI fabric. FCoE uses Ethernet to transport Fibre Channel traffic.

iSCSI

iSCSI is a storage protocol that is used to connect storage devices to the ACI fabric. iSCSI uses TCP/IP to transport SCSI traffic.

NFS

NFS is a storage protocol that is used to connect storage devices to the ACI fabric. NFS uses UDP/IP to transport NFS traffic.