The ACI Elite Series

The ACI Elite SeriesACIESOTOtherOT-ACIES1.0<ul> <li>Describe ACI components and policy model</li><li>Explain ACI packet forwarding</li><li>Describe ACI fabric configuration</li><li>Describe ACI logical constructs</li><li>Explain how ACI uses contracts to allow for secure communication between endpoints</li><li>Explain how ACI connects to other switched and routed networks</li><li>Explain how to troubleshoot an ACI fabric</li><li>Describe multi-site and multi-pod solutions, and how they fit in a multi-DC/multi-cloud design</li></ul><p>This ACI Elite Series will provide value for anyone deploying or operating an ACI fabric. However, some topics will be more relevant to specific audience: </p> <ul> <li>Sessions 1, 7, 8, 9, 10, 12, 13, and 14 are more focused for Architects or Engineers completing design work</li><li>Sessions 2, 3, 4, 5, 6, and 11 are more focused for operations teams</li></ul><h4>Session 1 - ACI Overview</h4><p> <strong>Lecture</strong> </p> <ul> <li>What is ACI</li><li>ACIs benefits</li><li>Overview of Switch and APIC models APIC Architecture Fabric</li><li>Bring up process</li><li>ACI Object Model</li><li>ACI MGMT<ul> <li>RBAC</li><li>Syslog</li><li>SNMP</li><li>Upgrade Process</li><li>BGP Policy</li></ul></li></ul><p><strong>Labs</strong> </p> <ul> <li>Instructor demo GUI Overview</li><li>Instructor demo Intro to CLI</li><li>Creating Users and assign Permissions Software</li><li>Upgrades</li><li>Syslog, SNMP and config rollbacks</li></ul><h4>Session 2 - Fabric Forwarding</h4><p> <strong>Lecture</strong> </p> <ul> <li>VXLAN refresher</li><li>Understanding Bridge Domains<ul> <li>Bridge Domain as a layer 2 boundary</li><li>Difference between VLANs and Bridge Domains</li><li>Bridge Domain configuration knobs<ul> <li>Limit Learning to IP subnet</li></ul></li><li>Encapsulation and multicast group</li></ul></li><li>COOP<ul> <li>Oracles and Citizens</li><li>Endpoint tables</li><li>Lookup process</li></ul></li><li>Layer2 and Layer3 forwarding<ul> <li>ARP handling packet walk</li><li>L2 packet walk</li><li>L3 packet walk</li><li>BUM traffic packet walk</li><li>VXLAN Encapsulations<ul> <li>Intro to Fd_VLANs and BD_VLANs</li><li>VRF encapsulation</li></ul></li><li>EP move and bounce entries</li><li>Rogue endpoint detection</li><li>Silent hosts</li></ul></li><li>Endpoint table vs Mac and Routing Table</li></ul><p> <strong> Labs:</strong> </p> <ul> <li>Intro to endpoint reachability troubleshooting</li><li>Understanding show endpoint command</li><li>Validate COOP entries (GUI and CLI)</li><li>Using iPing, ELAM and Ftriage (App not CLI)</li></ul><h4>Session 3 - Fabric Configuration Part 1</h4><p> <strong>Lecture:</strong> </p> <ul> <li>Overview of interface configurations<ul> <li>Physical and VMM domains overview<ul> <li>Deployment immediacy (VMM)</li><li>Resolution immediacy (VMM)</li></ul></li><li>VLAN Pools<ul> <li>Static and Dynamic Pools</li><li>Base encap value</li></ul></li><li>AEPs<ul> <li>Used as a way to tie VLANs to an Interface</li><li>Used to define EPG membership</li></ul></li><li>Policy Groups</li><li>Interface Profiles</li></ul></li><li>Overview of switch configurations<ul> <li>VPC in ACI</li><li>Switch Profiles</li></ul></li><li>VLANs in the ACI world<ul> <li>P I, HW, Access Encap, BD and FD</li><li>Physical Domain, AEP and VLAN Pool relationship to FD_VLAN.and VXLAN encap</li></ul></li></ul><p><strong>Labs: </strong> </p> <ul> <li>Create a physical Domain to connect endpoints to the ACI Fabric<ul> <li>Create VLAN Pool and AEP</li></ul></li><li>Create a VMM domain to connect endpoints to the ACI fabric<ul> <li>Create VLAN Pool and AEP</li><li>Create VMM integration</li><li>Create VPCs explicit protection groups</li><li>Create Interface Profiles and Policy Groups</li><li>Create Switch Profiles</li></ul></li><li>Understanding the output<ul> <li>Show VLAN brief</li><li>Show VLAN extended</li><li>Show system internal eltmc info VLAN brief (vsh_lc shell)</li></ul></li></ul><h4>Session 4 - Fabric Configuration Part 2</h4><p> <strong>Lectures:</strong> </p> <ul> <li>Overview of interface configurations</li><li>Physical and VMM domains overview<ul> <li>Deployment immediacy (VMM)</li><li>Resolution immediacy (VMM)</li></ul></li><li>VLAN Pools<ul> <li>Static and Dynamic Pools</li><li>Base encap value</li></ul></li><li>AEPs<ul> <li>Used as a way to tie VLANs to an Interface</li><li>Used to define EPG membership Policy Groups, Interface Profiles</li></ul></li><li>Overview of switch configurations<ul> <li>VPC in ACI</li><li>Switch Profiles</li></ul></li><li>VLANs in the ACI world<ul> <li>P I, HW, Access Encap, BD and FD</li></ul></li><li>Physical Domain, AEP and VLAN Pool relationship to FD_VLAN and VXLAN encap</li></ul><p><strong>Labs:</strong> </p> <ul> <li>Create a physical Domain to connect endpoints to the ACI Fabric<ul> <li>Create VLAN Pool and AEP</li></ul></li><li>Create a VMM domain to connect endpoints to the ACI fabric<ul> <li>Create VLAN Pool and AEP</li><li>Create VMM integration</li><li>Create VPCs explicit protection groups</li><li>Create Interface Profiles and Policy Groups</li><li>Create SwitchProfiles</li></ul></li><li>Understanding the output<ul> <li>Show VLAN brief</li><li>Show VLAN extended</li><li>Show system internal eltmc info VLAN brief (vsh_lc shell)</li></ul></li></ul><h4>Session 5 - ACI Logical Constructs Part 1</h4><p> <strong>Lecture:</strong> </p> <ul> <li>Tenants</li><li>VRFs</li><li>Bridge Domains</li><li>Application Profiles</li><li>EPGs and Endpoint Security Groups<ul> <li>VMM and Physical Domains</li></ul></li><li>Intro to Contracts</li></ul><p><strong>Labs:</strong> </p> <ul> <li>Create a tenant</li><li>Create an Application Profile</li><li>Create a set of EPGs and establish L2 and L3 connectivity between endpoints<ul> <li>Create required BDs, EPGs and Contracts</li></ul></li></ul><h4>Session 6 - ACI Logical Constructs Part 2</h4><p> <strong>Lecture:</strong> </p> <ul> <li>Tenants</li><li>VRFs</li><li>Bridge Domains</li><li>Application Profiles</li><li>EPGs and Endpoint Security Groups<ul> <li>VMM and Physical Domains</li></ul></li><li>Intro to Contracts</li></ul><p><strong>Labs:</strong> </p> <ul> <li>Create a tenant</li><li>Create an Application Profile</li><li>Create a set of EPGs and establish L2 and L3 connectivity between endpoints<ul> <li>Create required BDs, EPGs and Contracts</li></ul></li></ul><h4>Session 7 - Contracts</h4><p> <strong>Lecture:</strong> </p> <ul> <li>Contract Scope</li><li>Subjects</li><li>Filters<ul> <li>Directives (Log and Policy Compression)</li></ul></li><li>Verifying L2 and L3 permit and denies from the GUI Subject Labels<ul> <li>Apply both ways and reverse filter ports</li></ul></li><li>EPG Labels Deny</li><li>Contracts<ul> <li>Taboo Contracts</li><li>Regular contracts with Deny Filter</li></ul></li><li>VRF Enforced and Unenforced</li><li>Preferred Group</li><li>VZ_ANY</li><li>Consumed contract interfaces (Intro to leaking)</li></ul><p><strong>Labs:</strong> </p> <ul> <li>Enable EPG to EPG communication using Subject Labels and EPG Labels</li><li>Enable EPG to EPG communication using Preferred Group and VZ_Any VRF options</li><li>Block specific traffic using Taboo contracts and deny filters</li></ul><h4>Session 8 - External Connectivity Part 1</h4><p> <strong>Lecture:</strong> </p> <ul> <li>Layer 2 Connectivity<ul> <li>Understanding L2Outs</li><li>Understanding VLANs on ACI</li><li>Understanding EPG extensions</li><li>Unicast Routing option on Bridge Domain for migration</li><li>Dual homing Layer 2 connectivity</li></ul></li><li>Layer 3 Connectivity<ul> <li>L3Out Building Blocks</li><li>Single L3Outs with Multiple Node Profiles vs Multiple L3Outs with single Node Profile<ul> <li>Traffic Shaping and traffic flow</li></ul></li></ul></li><li>Layer 3 VPC<ul> <li>Special configuration for HA L4-L7 Devices</li></ul></li><li>Understanding Subnet options for Ext-EPG</li><li>Advertising routes<ul> <li>Mapping L3Out to Bridge Domain</li><li>Using Route Maps</li></ul></li><li>Shared L3Outs<ul> <li>VRF Leaking overview and verification</li><li>Shared L3Out on Common Tenant</li><li>Shared L3Out on different tenants</li></ul></li><li>Transit Routing</li></ul><p><strong>Labs:</strong> </p> <ul> <li>Create a L2Out and consume a GW outside of ACI</li><li>Replicate the config using an EPG extension</li><li>Create a local L3Out</li><li>Create a Shared L3Out</li><li>Advertise routes not owned by ACI</li><li>Configure an L3out to be preferred over other L3Outs</li></ul><h4>Session 9 - External Connectivity Part 2</h4><p> <strong>Lecture:</strong> </p> <ul> <li>Layer 2 Connectivity<ul> <li>Understanding L2Outs</li><li>Understanding VLANs on ACI</li><li>Understanding EPG extensions</li><li>Unicast Routing option on Bridge Domain for migration</li><li>Dual homing Layer 2 connectivity</li></ul></li><li>Layer 3 Connectivity<ul> <li>L3Out Building Blocks</li><li>Single L3Outs with Multiple Node Profiles vs Multiple L3Outs with single Node Profile<ul> <li>Traffic Shaping and traffic flow</li></ul></li></ul></li><li>Layer 3 VPC<ul> <li>Special configuration for HA L4-L7 Devices</li></ul></li><li>Understanding Subnet options for Ext-EPG</li><li>Advertising routes<ul> <li>Mapping L3Out to Bridge Domain</li><li>Using Route Maps</li></ul></li><li>Shared L3Outs<ul> <li>VRF Leaking overview and verification</li><li>Shared L3Out on Common Tenant</li><li>Shared L3Out on different tenants</li></ul></li><li>Transit Routing</li></ul><p><strong>Labs:</strong> </p> <ul> <li>Create a L2Out and consume a GW outside of ACI</li><li>Replicate the config using an EPG extension</li><li>Create a local L3Out</li><li>Create a Shared L3Out</li><li>Advertise routes not owned by ACI</li><li>Configure an L3out to be preferred over other L3Outs</li></ul><h4>Session 10 - Deployment Models and DevOps</h4><p> <strong>Lecture:</strong> </p> <ul> <li>Naming Convention</li><li>App Centric and Network Centric<ul> <li>EPG to Bridge Domain to VLAN and Subnet relationship</li><li>Generic VLAN/Subnet to App Driven VLAN/Subnet</li></ul></li><li>Whitelisting, Blacklisting, and Graylisting</li><li>Benefits and Drawbacks</li><li>Intro to Automation<ul> <li>Moquery</li><li>API inspector and postman</li><li>Python</li></ul></li><li>Cobra SDK</li></ul><p><strong>Labs:</strong> </p> <ul> <li>Recreating our lab topology thru Python and Postman</li></ul><h4>Session 11 - Troubleshooting</h4><p> <strong>Lecture:</strong> </p> <ul> <li>Different CLI shells</li><li>Common troubleshooting commands Structure to</li><li>ACI troubleshooting</li><li>Elam and fTriage CLI</li><li>Understanding how to use show zoning rule</li><li>Common faults and mistakes</li><li>L3Out debugging in the ACI world</li></ul><p><strong>Labs:</strong> </p> <ul> <li>Use the discussed tools to troubleshoot connectivity issues between endpoints connected to the ACI fabric and end-points connected via L3Out</li></ul><h4>Session 12 - Multi-Site and Multi-Pod Part 1</h4><p> <strong>Lecture:</strong> </p> <ul> <li>Active/Active, HA, Metro, and DR<ul> <li>What it means</li><li>How to choose the correct fit based on business requirements</li></ul></li><li>Multi-pod<ul> <li>Components</li><li>Requirements</li><li>Fabric forwarding between Pods</li></ul></li><li>Multi-site<ul> <li>Components</li><li>Requirements</li><li>Fabric forwarding between sites</li><li>Stretched vs non-stretched</li><li>Understanding Schema</li><li>Intersite L3Outs</li></ul></li><li>Azure and AWS</li></ul><p><strong>Labs:</strong> </p> <ul> <li>Verifying a multi-pod deployment</li><li>Deploying Tenants using MSO<ul> <li>Configure App Profile and EPGs from MSO</li><li>Create Local and Stretched Bridge Domains</li></ul></li></ul><h4>Session 13 - Multi-Site and Multi-Pod Part 2</h4><p> <strong>Lecture:</strong> </p> <ul> <li>Active/Active, HA, Metro, and DR<ul> <li>What it means</li><li>How to choose the correct fit based on business requirements</li></ul></li><li>Multi-pod<ul> <li>Components</li><li>Requirements</li><li>Fabric forwarding between Pods</li></ul></li><li>Multi-site<ul> <li>Components</li><li>Requirements</li><li>Fabric forwarding between sites</li><li>Stretched vs non-stretched</li><li>Understanding Schema</li><li>Intersite L3Outs</li></ul></li><li>Azure and AWS</li></ul><p><strong>Labs:</strong> </p> <ul> <li>Verifying a Multi-pod deployment</li><li>Deploying Tenants using MSO<ul> <li>Configure App Profile and EPGs from MSO</li><li>Create Local and Stretched Bridge Domains</li></ul></li></ul><h4>Session 14 - Design and Migration Considerations</h4><p> <strong>Lecture:</strong> </p> <ul> <li>Integrating ACI to legacy environments Migration Steps</li><li>Migration considerations</li><li>FW Considerations<ul> <li>Where do we place the GWs?</li><li>Designing based on Zones</li><li>To Service Graph or not to Service Graph</li><li>DMZ inside of ACI vs DMZ outside</li><li>Understanding inbound and outbound traffic flow for multi-DC solutions</li><li>Multi-cloud considerations</li></ul></li><li>LB considerations<ul> <li>Single or Multi-hop</li></ul></li><li>GSLB/GTM requirements for multi-DC solutions</li></ul><p><strong>Labs:</strong> </p> <ul> <li>Create a DMZ structure inside of ACI connecting to FWs and LBs</li><li>Test Connectivity from the outside world</li></ul>- Describe ACI components and policy model - Explain ACI packet forwarding - Describe ACI fabric configuration - Describe ACI logical constructs - Explain how ACI uses contracts to allow for secure communication between endpoints - Explain how ACI connects to other switched and routed networks - Explain how to troubleshoot an ACI fabric - Describe multi-site and multi-pod solutions, and how they fit in a multi-DC/multi-cloud designThis ACI Elite Series will provide value for anyone deploying or operating an ACI fabric. However, some topics will be more relevant to specific audience: - Sessions 1, 7, 8, 9, 10, 12, 13, and 14 are more focused for Architects or Engineers completing design work - Sessions 2, 3, 4, 5, 6, and 11 are more focused for operations teamsSession 1 - ACI Overview Lecture - What is ACI - ACIs benefits - Overview of Switch and APIC models APIC Architecture Fabric - Bring up process - ACI Object Model - ACI MGMT - RBAC - Syslog - SNMP - Upgrade Process - BGP Policy Labs - Instructor demo GUI Overview - Instructor demo Intro to CLI - Creating Users and assign Permissions Software - Upgrades - Syslog, SNMP and config rollbacks Session 2 - Fabric Forwarding Lecture - VXLAN refresher - Understanding Bridge Domains - Bridge Domain as a layer 2 boundary - Difference between VLANs and Bridge Domains - Bridge Domain configuration knobs - Limit Learning to IP subnet - Encapsulation and multicast group - COOP - Oracles and Citizens - Endpoint tables - Lookup process - Layer2 and Layer3 forwarding - ARP handling packet walk - L2 packet walk - L3 packet walk - BUM traffic packet walk - VXLAN Encapsulations - Intro to Fd_VLANs and BD_VLANs - VRF encapsulation - EP move and bounce entries - Rogue endpoint detection - Silent hosts - Endpoint table vs Mac and Routing Table Labs: - Intro to endpoint reachability troubleshooting - Understanding show endpoint command - Validate COOP entries (GUI and CLI) - Using iPing, ELAM and Ftriage (App not CLI) Session 3 - Fabric Configuration Part 1 Lecture: - Overview of interface configurations - Physical and VMM domains overview - Deployment immediacy (VMM) - Resolution immediacy (VMM) - VLAN Pools - Static and Dynamic Pools - Base encap value - AEPs - Used as a way to tie VLANs to an Interface - Used to define EPG membership - Policy Groups - Interface Profiles - Overview of switch configurations - VPC in ACI - Switch Profiles - VLANs in the ACI world - P I, HW, Access Encap, BD and FD - Physical Domain, AEP and VLAN Pool relationship to FD_VLAN.and VXLAN encap Labs: - Create a physical Domain to connect endpoints to the ACI Fabric - Create VLAN Pool and AEP - Create a VMM domain to connect endpoints to the ACI fabric - Create VLAN Pool and AEP - Create VMM integration - Create VPCs explicit protection groups - Create Interface Profiles and Policy Groups - Create Switch Profiles - Understanding the output - Show VLAN brief - Show VLAN extended - Show system internal eltmc info VLAN brief (vsh_lc shell) Session 4 - Fabric Configuration Part 2 Lectures: - Overview of interface configurations - Physical and VMM domains overview - Deployment immediacy (VMM) - Resolution immediacy (VMM) - VLAN Pools - Static and Dynamic Pools - Base encap value - AEPs - Used as a way to tie VLANs to an Interface - Used to define EPG membership Policy Groups, Interface Profiles - Overview of switch configurations - VPC in ACI - Switch Profiles - VLANs in the ACI world - P I, HW, Access Encap, BD and FD - Physical Domain, AEP and VLAN Pool relationship to FD_VLAN and VXLAN encap Labs: - Create a physical Domain to connect endpoints to the ACI Fabric - Create VLAN Pool and AEP - Create a VMM domain to connect endpoints to the ACI fabric - Create VLAN Pool and AEP - Create VMM integration - Create VPCs explicit protection groups - Create Interface Profiles and Policy Groups - Create SwitchProfiles - Understanding the output - Show VLAN brief - Show VLAN extended - Show system internal eltmc info VLAN brief (vsh_lc shell) Session 5 - ACI Logical Constructs Part 1 Lecture: - Tenants - VRFs - Bridge Domains - Application Profiles - EPGs and Endpoint Security Groups - VMM and Physical Domains - Intro to Contracts Labs: - Create a tenant - Create an Application Profile - Create a set of EPGs and establish L2 and L3 connectivity between endpoints - Create required BDs, EPGs and Contracts Session 6 - ACI Logical Constructs Part 2 Lecture: - Tenants - VRFs - Bridge Domains - Application Profiles - EPGs and Endpoint Security Groups - VMM and Physical Domains - Intro to Contracts Labs: - Create a tenant - Create an Application Profile - Create a set of EPGs and establish L2 and L3 connectivity between endpoints - Create required BDs, EPGs and Contracts Session 7 - Contracts Lecture: - Contract Scope - Subjects - Filters - Directives (Log and Policy Compression) - Verifying L2 and L3 permit and denies from the GUI Subject Labels - Apply both ways and reverse filter ports - EPG Labels Deny - Contracts - Taboo Contracts - Regular contracts with Deny Filter - VRF Enforced and Unenforced - Preferred Group - VZ_ANY - Consumed contract interfaces (Intro to leaking) Labs: - Enable EPG to EPG communication using Subject Labels and EPG Labels - Enable EPG to EPG communication using Preferred Group and VZ_Any VRF options - Block specific traffic using Taboo contracts and deny filters Session 8 - External Connectivity Part 1 Lecture: - Layer 2 Connectivity - Understanding L2Outs - Understanding VLANs on ACI - Understanding EPG extensions - Unicast Routing option on Bridge Domain for migration - Dual homing Layer 2 connectivity - Layer 3 Connectivity - L3Out Building Blocks - Single L3Outs with Multiple Node Profiles vs Multiple L3Outs with single Node Profile - Traffic Shaping and traffic flow - Layer 3 VPC - Special configuration for HA L4-L7 Devices - Understanding Subnet options for Ext-EPG - Advertising routes - Mapping L3Out to Bridge Domain - Using Route Maps - Shared L3Outs - VRF Leaking overview and verification - Shared L3Out on Common Tenant - Shared L3Out on different tenants - Transit Routing Labs: - Create a L2Out and consume a GW outside of ACI - Replicate the config using an EPG extension - Create a local L3Out - Create a Shared L3Out - Advertise routes not owned by ACI - Configure an L3out to be preferred over other L3Outs Session 9 - External Connectivity Part 2 Lecture: - Layer 2 Connectivity - Understanding L2Outs - Understanding VLANs on ACI - Understanding EPG extensions - Unicast Routing option on Bridge Domain for migration - Dual homing Layer 2 connectivity - Layer 3 Connectivity - L3Out Building Blocks - Single L3Outs with Multiple Node Profiles vs Multiple L3Outs with single Node Profile - Traffic Shaping and traffic flow - Layer 3 VPC - Special configuration for HA L4-L7 Devices - Understanding Subnet options for Ext-EPG - Advertising routes - Mapping L3Out to Bridge Domain - Using Route Maps - Shared L3Outs - VRF Leaking overview and verification - Shared L3Out on Common Tenant - Shared L3Out on different tenants - Transit Routing Labs: - Create a L2Out and consume a GW outside of ACI - Replicate the config using an EPG extension - Create a local L3Out - Create a Shared L3Out - Advertise routes not owned by ACI - Configure an L3out to be preferred over other L3Outs Session 10 - Deployment Models and DevOps Lecture: - Naming Convention - App Centric and Network Centric - EPG to Bridge Domain to VLAN and Subnet relationship - Generic VLAN/Subnet to App Driven VLAN/Subnet - Whitelisting, Blacklisting, and Graylisting - Benefits and Drawbacks - Intro to Automation - Moquery - API inspector and postman - Python - Cobra SDK Labs: - Recreating our lab topology thru Python and Postman Session 11 - Troubleshooting Lecture: - Different CLI shells - Common troubleshooting commands Structure to - ACI troubleshooting - Elam and fTriage CLI - Understanding how to use show zoning rule - Common faults and mistakes - L3Out debugging in the ACI world Labs: - Use the discussed tools to troubleshoot connectivity issues between endpoints connected to the ACI fabric and end-points connected via L3Out Session 12 - Multi-Site and Multi-Pod Part 1 Lecture: - Active/Active, HA, Metro, and DR - What it means - How to choose the correct fit based on business requirements - Multi-pod - Components - Requirements - Fabric forwarding between Pods - Multi-site - Components - Requirements - Fabric forwarding between sites - Stretched vs non-stretched - Understanding Schema - Intersite L3Outs - Azure and AWS Labs: - Verifying a multi-pod deployment - Deploying Tenants using MSO - Configure App Profile and EPGs from MSO - Create Local and Stretched Bridge Domains Session 13 - Multi-Site and Multi-Pod Part 2 Lecture: - Active/Active, HA, Metro, and DR - What it means - How to choose the correct fit based on business requirements - Multi-pod - Components - Requirements - Fabric forwarding between Pods - Multi-site - Components - Requirements - Fabric forwarding between sites - Stretched vs non-stretched - Understanding Schema - Intersite L3Outs - Azure and AWS Labs: - Verifying a Multi-pod deployment - Deploying Tenants using MSO - Configure App Profile and EPGs from MSO - Create Local and Stretched Bridge Domains Session 14 - Design and Migration Considerations Lecture: - Integrating ACI to legacy environments Migration Steps - Migration considerations - FW Considerations - Where do we place the GWs? - Designing based on Zones - To Service Graph or not to Service Graph - DMZ inside of ACI vs DMZ outside - Understanding inbound and outbound traffic flow for multi-DC solutions - Multi-cloud considerations - LB considerations - Single or Multi-hop - GSLB/GTM requirements for multi-DC solutions Labs: - Create a DMZ structure inside of ACI connecting to FWs and LBs - Test Connectivity from the outside world14 days6000.008280.00