Remote Leaf – VMM Domain Integration & vMotion
In remote Leaf Solution, a single VMM domain can be created and is integrated to both Main ACI DC and Remote leaf Site. When this integration is done, and when VM is moved from remote leaf to Main leaf or vice versa, APIC controller detects the leaf switch, on which VM is finally moved, and then pushes the associated policies to new leaf.
Let’s understand the traffic flow while doing vMotion.
- The VM has IP address “10.10.10.10” and a default gateway of 10.10.10.1 in VLAN 10. When the VM comes up, ACI fabric configures the VLAN and the default gateway of the Leaf switches where the VM is connected. The APIC controller also pushes the contract and other associated policies based on the location of the VM.
- When the VM moves from a Remote leaf to a Local Leaf, the ACI detects the location of VM through VMM integration.
- Depending on the EPG specific configuration, the APIC controller may need to pushes the ACI policy on the Leaf for successful VM mobility or policy may already be existing on destination leaf.
External Connectivity from remote Leaf
With the help of Local L3Out on remote Leaf, It is possible to provide external connectivity to remote DC. Remote Leaf has local L3Out connection to external router, which is connected to Remote leaf via vPC over SVI, as shown in below figure
When Remote Router receives the external prefixes, it advertises these prefix to Spines via MP-BGP VPNv4 session between RL and Spine. Spines on main DC, is a RR for both Local Leafs and Remote Leafs, so it will advertise the external Prefix to all Local Leafs as well as remote Leafs via intra-Pod MP-BGP VPNv4 session.
ACI on main DC will also have a local L3Out connection, to connect the external layer 3 domain. Server Leaves in ACI main DC learns the external prefixes with the next-hop of local Border Leaf TEP addresses. ACI Main Pod prefers BL1-TEP and BL-2-TEP compared to RL1-DP-TEP and RL2-DP-TEP due to better is metric.