らくがきちょう

なんとなく ~所属組織/団体とは無関係であり、個人の見解です~

Cisco ACI でよく設定する Interface Policies (2019/10/06 版)

以前に Cisco ACI でよく設定する Interface Policies というメモを書きました。 このメモ時点で最新の ACI は 4.2(1j) ですが、バージョンが新しくなったことに伴い設定項目も増えましたので、改めて「良く使う Interface Policies」を定義した XML ファイルを更新しておきます。

XML

XML は以下の通りです。 Parent DN は uni/infra/ に対して Post すると、良く使う Interface Policies を設定出来ます。

<?xml version="1.0" encoding="UTF-8"?>
<infraInfra dn="uni/infra" nameAlias="" ownerKey="" ownerTag="">
  <fabricHIfPol autoNeg="off" descr="" dn="uni/infra/hintfpol-100M" fecMode="inherit" linkDebounce="100" name="100M" nameAlias="" ownerKey="" ownerTag="" speed="100M"/>
  <fabricHIfPol autoNeg="off" descr="" dn="uni/infra/hintfpol-1G" fecMode="inherit" linkDebounce="100" name="1G" nameAlias="" ownerKey="" ownerTag="" speed="1G"/>
  <fabricHIfPol autoNeg="off" descr="" dn="uni/infra/hintfpol-10G" fecMode="inherit" linkDebounce="100" name="10G" nameAlias="" ownerKey="" ownerTag="" speed="10G"/>
  <fabricHIfPol autoNeg="on" descr="" dn="uni/infra/hintfpol-Auto" fecMode="inherit" linkDebounce="100" name="Auto" nameAlias="" ownerKey="" ownerTag="" speed="inherit"/>
  <qosPfcIfPol adminSt="auto" annotation="" descr="" dn="uni/infra/pfc-Auto" name="Auto" nameAlias="" ownerKey="" ownerTag=""/>
  <qosPfcIfPol adminSt="off" annotation="" descr="" dn="uni/infra/pfc-Off" name="Off" nameAlias="" ownerKey="" ownerTag=""/>
  <qosPfcIfPol adminSt="on" annotation="" descr="" dn="uni/infra/pfc-On" name="On" nameAlias="" ownerKey="" ownerTag=""/>
  <cdpIfPol adminSt="enabled" descr="" dn="uni/infra/cdpIfP-Enabled" name="Enabled" nameAlias="" ownerKey="" ownerTag=""/>
  <cdpIfPol adminSt="disabled" descr="" dn="uni/infra/cdpIfP-Disabled" name="Disabled" nameAlias="" ownerKey="" ownerTag=""/>
  <lldpIfPol adminRxSt="enabled" adminTxSt="enabled" descr="" dn="uni/infra/lldpIfP-Enabled" name="Enabled" nameAlias="" ownerKey="" ownerTag=""/>
  <lldpIfPol adminRxSt="disabled" adminTxSt="disabled" descr="" dn="uni/infra/lldpIfP-Disabled" name="Disabled" nameAlias="" ownerKey="" ownerTag=""/>
  <lacpLagPol ctrl="fast-sel-hot-stdby,graceful-conv,susp-individual" descr="" dn="uni/infra/lacplagp-LacpActive" maxLinks="16" minLinks="1" mode="active" name="LacpActive" nameAlias="" ownerKey="" ownerTag=""/>
  <lacpLagPol ctrl="fast-sel-hot-stdby,graceful-conv,susp-individual" descr="" dn="uni/infra/lacplagp-LacpPassive" maxLinks="16" minLinks="1" mode="passive" name="LacpPassive" nameAlias="" ownerKey="" ownerTag=""/>
  <lacpLagPol ctrl="fast-sel-hot-stdby,graceful-conv,susp-individual" descr="" dn="uni/infra/lacplagp-Static" maxLinks="16" minLinks="1" mode="off" name="Static" nameAlias="" ownerKey="" ownerTag=""/>
  <lacpLagPol ctrl="fast-sel-hot-stdby,graceful-conv,susp-individual" descr="" dn="uni/infra/lacplagp-MacPinning" maxLinks="16" minLinks="1" mode="mac-pin" name="MacPinning" nameAlias="" ownerKey="" ownerTag=""/>
  <lacpLagPol ctrl="fast-sel-hot-stdby,graceful-conv,susp-individual" descr="" dn="uni/infra/lacplagp-MacPinningPhysicalNicLoad" maxLinks="16" minLinks="1" mode="mac-pin-nicload" name="MacPinningPhysicalNicLoad" nameAlias="" ownerKey="" ownerTag=""/>
  <lacpLagPol ctrl="fast-sel-hot-stdby,graceful-conv,susp-individual" descr="" dn="uni/infra/lacplagp-UseExplicitFailoverOrder" maxLinks="16" minLinks="1" mode="explicit-failover" name="UseExplicitFailoverOrder" nameAlias="" ownerKey="" ownerTag=""/>
  <stpIfPol ctrl="bpdu-guard" descr="" dn="uni/infra/ifPol-BpduGuard" name="BpduGuard" nameAlias="" ownerKey="" ownerTag=""/>
  <stpIfPol ctrl="bpdu-filter" descr="" dn="uni/infra/ifPol-BpduFilter" name="BpduFilter" nameAlias="" ownerKey="" ownerTag=""/>  
  <stormctrlIfPol burstPps="unspecified" burstRate="0.500000" descr="" dn="uni/infra/stormctrlifp-000.5pct" name="000.5pct" nameAlias="" ownerKey="" ownerTag="" rate="0.500000" ratePps="unspecified" type="all"/>
  <stormctrlIfPol burstPps="unspecified" burstRate="1.000000" descr="" dn="uni/infra/stormctrlifp-001.0pct" name="001.0pct" nameAlias="" ownerKey="" ownerTag="" rate="1.000000" ratePps="unspecified" type="all"/>
  <stormctrlIfPol burstPps="unspecified" burstRate="5.000000" descr="" dn="uni/infra/stormctrlifp-005.0pct" name="005.0pct" nameAlias="" ownerKey="" ownerTag="" rate="5.000000" ratePps="unspecified" type="all"/>
  <stormctrlIfPol burstPps="unspecified" burstRate="10.000000" descr="" dn="uni/infra/stormctrlifp-010.0pct" name="010.0pct" nameAlias="" ownerKey="" ownerTag="" rate="10.000000" ratePps="unspecified" type="all"/>
  <mcpIfPol adminSt="enabled" descr="" dn="uni/infra/mcpIfP-Enabled" name="Enabled" nameAlias="" ownerKey="" ownerTag=""/>
  <mcpIfPol adminSt="disabled" descr="" dn="uni/infra/mcpIfP-Disabled" name="Disabled" nameAlias="" ownerKey="" ownerTag=""/>
  <l2IfPol descr="" dn="uni/infra/l2IfP-GlobalScope" name="GlobalScope" nameAlias="" ownerKey="" ownerTag="" qinq="disabled" vepa="disabled" vlanScope="global"/>
  <l2IfPol descr="" dn="uni/infra/l2IfP-PortLocalScope" name="PortLocalScope" nameAlias="" ownerKey="" ownerTag="" qinq="disabled" vepa="disabled" vlanScope="portlocal"/>
  <l2IfPol descr="" dn="uni/infra/l2IfP-QinQ" name="QinQ" nameAlias="" ownerKey="" ownerTag="" qinq="edgePort" vepa="disabled" vlanScope="global"/>
</infraInfra>

Interface Policies

設定される内容は以下の通りです。

Name Auto Negotiation Speed Link debounce interval (msec) Forwarding Error Correction
100M off 100Mbps 100 Inherit
1G off 1Gbps 100 Inherit
10G off 10Gbps 100 Inherit
Auto on inherit 100 Inherit

Priority Flow Control

Name State
Auto Auto
Off Off
On On

CDP Interface

Name Admin State
Disabled Disabled
Enabled Enabled

LLDP Interface

Name Receive State Transmit State
Disabled Disabled Disabled
Enabled Enabled Enabled

Port Channel

Name Mode Control Minimum Number of Links Maximum Number of Links
LacpActive LACP Active Fast Select Hot Standby Ports, Graceful Convergence, Suspend Individual Port 1 16
LacpPassive LACP Passive Fast Select Hot Standby Ports, Graceful Convergence, Suspend Individual Port 1 16
MacPinning MAC Pinning (N/A) 1 16
MacPinningPhysicalNicLoad MAC Pinning-Physical-NIC-load (N/A) 1 16
Static Static Channel - Mode On Fast Select Hot Standby Ports, Graceful Convergence, Suspend Individual Port 1 16
UseExplicitFailoverOrder Use Explicit Failover Order (N/A) 1 16

Spanning Tree Interface

Name BPDU filter enabled BPDU Guard enabled
BpduFilter Check
BpduGuard Check

Storm Control

Name Configure Storm Control Specify Policy In Rate (percentage of bandwidth) Max Burst Rate (percentage of bandwidth) Storm Control Action
000.5pct All Types Percentage 0.500000 0.500000 drop
001.0pct All Types Percentage 1.000000 1.000000 drop
005.0pct All Types Percentage 5.000000 5.000000 drop
010.0pct All Types Percentage 10.000000 10.000000 drop

MCP Interface

Name Admin State
Disabled Disabled
Enabled Enabled

L2 Interface

Name QinQ Reflective Relay (802.1Qbg) VLAN Scope
GlobalScope disabled disabled Global scope
PortLocalScope disabled disabled Port Local scope
QinQ edgePort disabled (N/A)