ACI Backup PBR Node Configuration

Why Backup PBR Policy was introduced

With Resilient Hash, because all of the traffic that went through a failed node will be redirected to one of the available nodes, the capacity overload of the node could be a concern:

Starting from Cisco ACI Release 4.2, Backup PBR policy is introduced. It enables you to set backup PBR destinations. Instead of using one of the available primary PBR nodes, the traffic that went through a failed node will be redirected to a backup PBR node; other traffic will still be redirected to the same PBR node:


Guideline and limitation:

  • The PBR backup policy option is supported only on new generation leaf switches, which are switch models with “-EX”, “-FX” or “-FX2” at the end of the switch name.
  • Resilient hashing must be enabled.
  • A destination can be used as a PBR destination or backup PBR destination, not both (a primary PBR destination can’t be used as a backup PBR destination in the same or different PBR policy).
  • One backup PBR policy can be used by only one PBR policy. If you attempt to add a second backup policy to a PBR policy, the configuration will be rejected.

    If you want to use same backup PBR destination for multiple PBR policies, create two different backup PBR policies using the same backup PBR destination. The destinations in both these policies must have the same health group configured.

Full guidelines and Limitation can be found in white paper.


ACI Backup PBR Policy Configuration

Step-1: Create a PBR Backup Policy and configure the Backup Node (L3 Destination):


Specify the Destination IP and MAC and HG:


Step-2: Apply the PBR Backup policy in a PBR Redirect Policy:

  • Check the “Resilient Hashing Enabled” box and select the backup policy which include the PBR backup nodes.
  • In the IP SLA Monitoring Policy field, select an existing policy or create a new IP SLA monitoring policy.
  • Make sure at least one active PBR destination appears in the L3 Destinations table and is configured with a redirect health group.


Reference: White paper

Bilel

Related articles

ACI Route Redistribution

Q in Q Dot1Q Tunnel Configuration in ACI

ACI Configuration Drifts Reconciliation on Nexus Dashboard Orchestrator

ACI NDO Nexus Dashboard Orchestrator 4.x Design Best Practice

Cisco UCS Network Policies Explained & Configuration

ACI PBR Resilient Hashing Overview and Configuration

ACI QoS Dot1p Preserve Explained

Cisco ACI Bridge Domain Legacy Mode

IGMP Snooping in Cisco ACI [Explained and configuration]

Cisco ACI SAN FC (Fiber Channel) and FCoE Configuration

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x