- TEP address pool should not overlap with internal address space
- /16 address space is default for TEP pool
Switch discovery
- LLDP between switch and APIC
- DHCP request from switch for lo0
- ISIS between leaf and spine
- IFM = inter fabric messaging (secured with x.509 certificates)
- VXLAN tunnels built for connectivity to all other leaf / spine switches
Useful Commands
! Show switches in fabric
#acidiag fnvread
#acidiag verifyapic
#acidiag avread
! NXOS like interface
#vsh
#vsh_lc
#show cli list
#show cli list
! overlay-1 is the "underlay"
#show ip interface vrf overlay-1
#show ip route vrf overlay-1
https://<apic-ip>/visore
#moquery
! query faults - uses http port 777
#icurl
#show system internal epm endpoint mac aaaa.bbbb.cccc
! Leaf command to ping (vrf aware unlike native linux)
#iping
! TCPDUMP can be used for control plane traffic only
#tcpdump -i eth0
ELAM - data plane traffic capture
! See denied packet between EPGs
#show logging ip access-list internal packet-log deny
#show logging ip access-list cache deny
vzAny - contract for an EPG to consume everything in a VRF
! Like BGP debug
#show bgp event-history events
