Cisco ACI Contracts

Cisco ACI Contracts

Contracts are used to enable communication between the EP components of various EPGs. The kind of connection between the EPGs will be specified in each contract. The contract will be provided by one EPG, and the other EPGs will use it.

Subjects inside the contract which we refer to as filters make up the contract. The actual entries that specify the kind of communication that must be permitted between the EPG are called filters. A single topic that is generated inside the contract might have several filters applied to it. The contract will not let any traffic if filters are absent.

Cisco ACI Contracts
Fig 1.1- Cisco ACI Contracts

Types of Contract

  • We may specify various filters for traffic flowing from supplier to customer and vice versa in a unidirectional contract.
  • In a bidirectional contract, we will employ the same filter for both consumer-to-provider and provider-to-consumer communication.

According to the network segment that the EPG is a part of, the contract's scope has to be specified.

There are four types of scope which can be configured for the contract:

  • Global: When EPGs are part of different tenants.
  • Tenant: When EPGs are part of different vrf and AP but belong to the same tenant.
  • VRF: When EPGs are part of different APs but the same VRF.
  • AP: When EPGs are part of the same AP and same VRF as

Communication through Contracts
EPGs and either the same tenant or many tenants may enter into a contract. The user can directly offer and consume the contract between the needed EPG if it is utilized between EPGs that are a part of the same tenancy.

But we must export and import the contract if the EPG uses it as a component of several user-defined tenancies. The tenant that creates the contract will develop an export policy and give information about the distant tenant that needs to import it.

The export policy that was previously developed will appear as an import contract policy for the remote tenant. The user won't be allowed to use the EPG contract or establish consumer/provider interactions until the aforementioned export-import policy has been created.

When a contract is defined in a common tenant, it can be utilized without violating any export or import regulations between the common tenant EPG and a user-defined EPG. The agreement between the user-defined EPG and the common tenant EPG can be directly provided and consumed.

Continue Reading..
Cisco ACI Default Tenants - The Network DNA
Cisco ACI: Backup and Restore in Nexus Dashboard (MSO) - The Network DNA
Part 1: 10 Basic interview questions on Cisco ACI - The Network DNA
Cisco ACI: RMA procedure for one node in APIC cluster - The Network DNA