Scenario: My Customer is an ISP who has deployed an ACI fabric as a backbone for their different customer interconnects. They want to re-use the same VLAN IDs across leaf switches. They want these different connections to be different EPGs even though they are using the same VLAN ID.
There is an L2 setting within ACI that changes the VLAN scope from global to local. Utilizing this setting, we can have overlapping VLAN IDs associated with static bindings on different EPGs.
However, it is not as simple as just changing this one setting. There are some order-of-operations or design caveats. Here is how I have configured this per-port VLAN functionality.
- VLAN Pools – You must have different VLAN pools for each instance. Even though the same VLAN IDs will be in the pools. The pools must be unique.
- Physical Domains – You must have different physical domains for each instance where you will deploy the overlapping VLANs in EPGs.
- Create the AEP associated with the previously created physical domain.
- Create the interface policy for the per-port VLAN characteristic. Interface Policies > Policies > L2 Interface. Create a policy user the port-local option.
- Create the policy group for include the previously created attributes.
- Create the leaf profiles and include the interface selectors.
- Create the switch policy profile.
- You can then create the ANP and EPGs using the static binding to associate to the same VLAN and interface on the leaf switch.
In summary, the two factors that I ran into during testing this is that you have to configure unique VLAN pools and physical domains for the per-port VLAN to work.