VMware Domain Definition
Configure VMware Integration
The first step in configuring the integration is setting up the acccess policies of the ACI
fabric for the uplink interfaces of the compute hosts. So what is the purpose of
acccess policies in ACI?
Access Policies in ACI can be explained as the mechanism to define how a port is going to
behave. In access policies you define parameters such as SPEED ( 1GB, 10GB, 25GB, 40GB, 50GB, 100GB, etc),
link aggregration protocol, Spanning Tree Protocol, CDP or LLDP, etc
Under access policies we also create some constructs that are unique to ACI. These
AEP ( Attached Entity Profile ),
VLAN Pools and
Domains. These three are very important to understand for the ACI fabric
A good way of viewing some of this can be explained as follows:
You can think of these as giving the ACI fabric the "how" it needs to
attach a device into the fabric. There are four distinct domains in the
fabric: Physical Domains, External Bridge Domains, External Routed Domains and
Generally used for bare metal servers without any VMM integration
External Bridge Domains
These are used for Layer2 external connectivity that are not very
External Routed Domains
These are used for Layer3 external routed domains and are required
for all ACI Layer3 external connections
These are built by integration tools and provide a linkage between
a external VMM domain and the fabric policies that rule how to
connect to them.
These provide the ACI fabric the knowledge of what VLAN tagged packets will
be arriving on specific ports. VLANs in ACI are used as classifier to EPG and
the fabric needs to know what VLAN it is expected to receive on a port. Think of
switchport trunk allowed vlan [range].
AEP ( Attacheable Entity Profile )
Think of AEP as the connection between what a interface configuration can do and the
role it will take ( physical server, VMM port ) in the ACI fabric. This is important
for various reasons. For example, in a VMM domain endpoints move from port to
due to VM mobility but are static in bare metal physical servers.
In the next steps you will define a series of Access Policies that will connect your
physical server to the ACI fabric. These policies you are going to build are unique
for your POD in this to make sure changes don't affect other students.
For this lab you will have one physical server connected to a real ACI fabric. Each physical
server will be connected as link aggregated BOND interface for redundancy.
Step 1 - Connect to ACI fabric
You will need to point the browser in your VNC session to the APIC in this lab. Using the same
Chrome browser that you are using to read this guide, go to the URL: Your POD APIC at
The credentials for this APIC are:
In this section is very important to follow the naming convention. Can you still follow the copy and paste or type on the APIC.
Step 2 - Create Attacheable Entity Profile
In the ACI fabric you have to go to the Access Policies in the Menu.
The AEP will be named:
Step 3 - Create Interface Policy Group
The interface policy group will be named:
have to select the options for link level, cdp, mcp, lldp, l2 learn policies and AEP.
And click Submit
Step 4 - Create Interface Profile
The Leaf Interface Profile will be named:
- The Port Selector will be named:
- The interface ID will be: