Domains and VLAN Pools
With AEPs defined, Domains and VLAN Pools are next. There is a one to one mapping between Domains and VLAN Pools so its best to keep the naming consistent to ensure mistakes with associating pools to domains are minimized. These domains and VLAN pools are used for any hybrid or application-centric operating modes. For example, if a new 3-tier application is deployed, I would make sure these domains are used for new tenant policies.
Baremetal servers would map to their respective physical domain while virtualized hosts would map to either the physical domain or a VMM profile such as VDS-PROD (Virtual Distributed Switch for Production). Any name for VMM would suffice as long as the virtualization administration team agrees. They will be the ones that have to stare at it all day long as it would be presented as a VDS in vSphere. All other Infrastructure devices such as firewalls, load-balancers, switches, wireless controllers, misc. appliances, etc. would map to the Infra physical domain unless OSPF/EIGRP/BGP or static routing is required with specific infrastructure devices such as routers, switches and firewalls, then these would map to the Infra_l3dom under the L3OUT.
But note that it is entirely possible and popular to have infrastructure virtual machines such as CSRv routers and virtual firewalls and load-balancers. This is a use-case that needs additional planning and consideration. If routing won’t be necessary with the VM infrastructure device, then map the Infra_aep to a VMM-Compute_phydom and consume one of those VLANs. If routing will be required, an L3dom would be needed so the VMM-Compute_aep can be mapped to the Infra_l3dom so that VLANs can be assigned accordingly. Additional considerations would include if separate uplinks on the Virtualized Compute systems are allocated for routing. If they are then it would be easier to create separate interface policy groups which would map to the Infra_aep instead of the VMM-Compute.
|Domain Name||VLAN Pool Name||Association|