Designing Cisco ACI Fabric Access Policies

VPC Protection Groups

VPC Protection Groups follow a similar suit. The leaf names are utilized and a manual Logical pair ID is assigned.

VPC Group Name Switch IDs Logical Pair ID
<leaf-name>-<node-id1>-<node-id2>_vPCGrp <node-id1>,<node-id2> 1
<leaf-name>-<node-id3>-<node-id4>_vPCGrp <node-id3>,<node-id4> 2
<leaf-name>-<node-id5>-<node-id6>_vPCGrp <node-id5>,<node-id6> 3

Full Cisco ACI Fabric Access Policy Topology View


If you want to do more digging on justification of the above, I suggest you log into the APIC controllers and see the CLI configuration that is generated from your Cisco ACI Fabric Access Policy configurations. This will help with understanding the various associations and what is actually happening behind the scenes for which Cisco is trying their hardest to GUI-tize it.

Good luck with your Cisco ACI deployments!

Leave a Reply