You are here
DC0032 - ACI Service Graph - PBR FW (Part 2)
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Datacenter
The video shows yet another way to perform device service insertion on Cisco ACI using PBR. We will experiment with various setup while having traffic between EPGs redirected to a FTD device. The goal is to demonstrate the flexibility of PBR option compared to the traditional service insertion we covered in the previous videos.
Part 2 of this video covers PBR configuration with L3Out, intra-BD and uEPG
Topic:
- Policy Based Routing (PBR)
- Firepower Threat Defense (FTD)
- Protocol Policy
- Service Device
- Graph Template
- EPG-to-EPG (Different BD)
- EPG-to-L3Out
- EPG-to-EPG (Same BD)
- EPG-to-uEPG (Same BD)
About Author
Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.
2 comments
Providing internet to WEB EPG.
Hi Metha, Great Video as usual.
in the beginning of the video and To provide internet access. I understand that you should add the contract under WEB EPG as a consumed. and under L3-out as provider.
as per my understanding and correct me please, the Source which is WEB EPG should be consumer. destination which is INTERNET (L3-OUT EPG) should be the provider.
appreciate you explanation.
Providing internet to WEB EPG.
If a contract is permit any, the direction that the contract is applied to irrelavant. If a contract only allows HTTP/HTTPS for Web to access internet, Web EPG would be a consumer and L3OUT be a provider.