ACI Remote Leaf Architecture extends Cisco’s Application Centric Infrastructure (ACI) beyond the core data center by connecting remote leaf nodes to the central ACI fabric. Remote Leaf enables geographically dispersed locations to benefit from the centralized policy control and automation offered by the ACI architecture. Below is an overview of the ACI Remote Leaf architecture, accompanied by diagrams and a technical explanation.
Refer the below high-level diagram illustrating ACI Remote Leaf architecture:
Main Data Center (Core ACI Fabric):
Spine switches: Form the backbone of the ACI fabric.
Leaf switches: Local leaf switches connected to spines.
APIC controllers: Manage policies and configurations.
WAN Connectivity:
Layer 3 IP Network (MPLS, VPN, or other Layer 3 networks) connects the central fabric to the remote leaf nodes.
Remote Site:
Remote leaf nodes: Connected to the central spines over a Layer 3 network via VXLAN encapsulation.
Overview of ACI Remote Leaf Architecture
In traditional ACI fabric, leaf switches are directly connected to spine switches within the same location, providing high throughput and low latency. ACI Remote Leaf allows you to extend this model to remote sites, such as branch offices or other data centers, while maintaining centralized control. The architecture consists of:
Main ACI Fabric: Located in the core data center, this includes spine switches, leaf switches, APIC controllers, and the interconnections that form the core ACI fabric.
Remote Leaf Nodes: These are the leaf switches deployed at remote sites. They connect to the core ACI fabric via a Layer 3 WAN link, ensuring they behave as if they were local to the fabric.
WAN Connectivity: This can be MPLS, VPN, or any Layer 3 routed network, providing the physical separation between the central ACI fabric and the remote site.
Technical Details
Remote Leaf to Spine Connection:
Remote leaf switches are connected to spines in the central data center using VXLAN encapsulation over IP.
The VXLAN tunnels carry ACI fabric traffic over a Layer 3 IP network. This allows the remote leaves to be part of the same fabric but physically separated from the spines.
Policy Consistency:
Policies defined in the APIC (Application Policy Infrastructure Controller) in the core data center are extended to the remote leaf nodes, ensuring consistency in network and security policies across all locations.
Latency Considerations:
Since remote leaves are located in a different physical location, the WAN latency must be carefully considered. ACI supports mechanisms to mitigate issues caused by latency, but there are still limitations on how far remote leaves can be from the central fabric without impacting performance.
Multi-Site & Multi-Pod Integration:
Remote Leaf can be integrated with Cisco’s Multi-Site and Multi-Pod architectures, allowing for greater scalability and flexibility in geographically dispersed data center designs.
Overlay & Underlay Network:
Remote leaf architecture utilizes VXLAN in the overlay, while the underlay (WAN) can be any IP network. This flexibility allows organizations to use existing WAN infrastructure to extend ACI to remote locations.
Benefits of ACI Remote Leaf Architecture
Centralized Control: All policy management is handled via the APIC controller in the central data center, ensuring uniform application of network policies across remote locations.
Simplified Management: Remote locations benefit from the same automation and simplified network operations provided by ACI.
Scalability: Remote leaves allow organizations to expand the reach of their ACI fabric without needing a full spine-leaf setup at every location.
Cost-Effectiveness: Organizations can deploy smaller network infrastructures at remote locations, leveraging the existing central ACI fabric for policy control and traffic management.
Reach out to our team to understand how we can work together to provide you the right solution.
mail to : Info@dengridsolutions.com
Related Posts
