The scenario involves a tenant configured with a single L3Out and a single-homed link from the ACI fabric (via border leaf BL-1001) to a core router (Core-1). The engineer must add a second link to the L3Out, connecting to Core-2 via BL-1002, ensuring that traffic from Core-2 to BL-1002 has the same connectivity as traffic from Core-1 to BL-1001. The exhibit shows a single-homed setup with BL-1001 and BL-1002 as potential border leaves, with a dashed line indicating a planned second link.
Requirement Analysis
The existing L3Out is single-homed to Core-1 via BL-1001, and the goal is to extend it to a multi-homed configuration with Core-2 via BL-1002.
"Same connectivity" implies that the second link must be integrated into the existing L3Out configuration, sharing the same routing policies, external EPG, and subnet reachability.
The solution must leverage ACI’s L3Out framework to add the new path without creating a separate L3Out or altering the current routing setup unnecessarily.
Option Evaluation
A. Add a second path to the logical interface profile of the existing L3Out:
The logical interface profile in an L3Out defines the interfaces (e.g., routed ports or sub-interfaces) and their associations with nodes (border leaves). Adding a second path to this profile allows the inclusion of the new link from BL-1002 to Core-2, ensuring it operates under the same L3Out configuration (e.g., routing protocol, external EPG). This maintains consistent connectivity and leverages ACI’s multi-homing support.
[: Cisco APIC Layer 3 Configuration Guide, "Configuring Logical Interface Profiles for L3Out" and "Multi-Homing L3Out.", B. Add a second subnet to the external EPG to the existing L3Out: , Adding a subnet to the external EPG defines additional networks advertised or learned via the L3Out, but it does not address the addition of a new physical link or path. This is irrelevant to the connectivity requirement for the second link., Reference: Cisco ACI External EPG Configuration Guide., C. Add a second OSPF interface profile to the logical interface profile: , While the L3Out uses OSPF (implied by the context), adding a second OSPF interface profile would create a separate routing instance, which is unnecessary and could disrupt consistency. The existing OSPF configuration can be extended via the logical interface profile., Reference: Cisco APIC OSPF Configuration Guide., D. Add a second interface to the external domain to the existing L3Out: , The external domain associates VLAN pools, but it does not define paths or interfaces for L3Out connectivity. This option is incorrect as it confuses domain configuration with interface path management., Reference: Cisco ACI Domain Configuration Guide., Final Answer Justification, A is correct because adding a second path to the logical interface profile of the existing L3Out integrates the new link from BL-1002 to Core-2 into the same routing and policy framework, ensuring equivalent connectivity to the Core-1 to BL-1001 link. This aligns with ACI’s support for multi-homed L3Outs., Primary Cisco References: , Cisco APIC Layer 3 Networking Configuration Guide, "L3Out Multi-Homing.", Cisco ACI Best Practices, "Expanding L3Out Connectivity.", , ]
Submit