Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
319
Views
1
Helpful
2
Replies

Couple of questions about L3Out in ACI

m1xed0s
Spotlight
Spotlight

‎11-08-2023 06:50 AM

Question#1: ACI supports configuration of Interface delay and bandwidth for EIGRP but it seems like those settings are per L3Out. Anyway to set delay or bandwidth per Interface for EIGRP?

Question#2: What would be the use case(s) of Passive interface in ACI L3Out with either EIGRP or OSPF?

Thanks!

0 Helpful
2 Replies 2

hemohemoh
Level 1
Level 1

‎12-11-2023 06:54 PM

Hi @m1xed0s ,

This is just based on my research:

1. You can set the delay and bandwidth per interface for EIGRP by using the EIGRP Interface Policy. This policy allows you to configure various EIGRP parameters, such as hello interval, hold time, split horizon, and metric weight, for each interface under a L3Out. You can create and apply this policy in the Tenants > Tenant Name > Networking > External Routed Networks > L3Out Name > Logical Node Profile > Node Profile Name > Logical Interface Profile > Interface Profile Name > EIGRP Interface Policy section of the APIC GUI.

2. A passive interface in ACI L3Out is an interface that does not send or receive routing updates, but still participates in the routing process. This can be useful for security or performance reasons, as it prevents unnecessary routing traffic from entering or leaving the ACI fabric. For example, you may want to make an interface passive if it connects to a firewall, a load balancer, or a server that does not need to exchange routing information with the ACI fabric. You can configure an interface as passive by using the OSPF Interface Policy or the EIGRP Interface Policy, depending on the routing protocol you are using. You can find these policies in the same location as mentioned above for the EIGRP Interface Policy.

 

Hope you find this useful

 

m1xed0s
Spotlight
Spotlight
In response to hemohemoh

‎12-12-2023 04:42 AM - edited ‎12-12-2023 04:43 AM

The EIGRP interface policy you referenced is unfrotunately still per L3Out, not per interface. 

"For example, you may want to make an interface passive if it connects to a firewall, a load balancer, or a server that does not need to exchange routing information with the ACI fabric. "

Your example is under an existing EIGRP/OSPF L3out, right? If so, kinda making sense. However, I might actually prefer to do two L3Outs, one with dynamic routing and the other just with static routinig for connecting to firewall, LB etc. 

0 Helpful
Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License