EfficientIP DDI Brings IP Golden Records for Cisco ACI SDN Solution

Cisco ACI (Application Centric Infrastructure) brings to data centers a new integrated way of building networks and linking applications to users. The EfficientIP SOLIDserver communicates with the API proposed by the Cisco Application Policy Infrastructure Controller (APIC) in order to maintain a coherent view of the network overlay directly inside EfficientIP’s IPAM (IP Address Management) software, thus consolidating the repository of IP golden records.

In an automation process designed to provision everything required for user to application communication, from the server hosting the code to the switch port connecting the user device, we can differentiate two main topics: orchestration and reconciliation.

Orchestration is the sequence that creates all the components required for usage deployment, generally leveraging software defined methods, infrastructure as code, and continuous deployment. For now, orchestration processes are specialized for each technological domain, meaning we are unable to rely on having all the desired information in a single repository. It is therefore mandatory to validate data from time to time and check for inconsistencies –  a process often referred to as data validation and reconciliation (also known as DVR).

EfficientIP SOLIDserver DDI (DNS-DHCP-IPAM) solution plays a major role in both phases. During orchestration it provides IP resources like subnet and addresses, and reserves DNS records for enabling application and service access for the users (see also “Make Cloud Orchestration Simple Through DDI). During reconciliation it gathers information from the network and cloud components in order to guarantee the accuracy of the information stored in the IPAM. The collected information is compared to the provisioned one in order to quickly highlight any discrepancies and provide valuable insight for proactively correcting errors. One could argue that IP resources should be reserved in advance and be accurate before installation takes place, but software defined network (SDN), automation and multi-cloud are mostly based on dynamic resources allocation for which IP provisioning is not always performed in the same way.

Creating the single source of network truth

EfficientIP has developed a specific solution that is able to populate the IPAM with information contained in the Cisco APIC relating to application servers deployed in the fabric. It collects information such as the tenant, the application, the EPG name (End Point Group), the physical interface on the leaf switch to which the server is connected, and the MAC and IP addresses of the deployed resource. Once in the IPAM view – extended with specific class parameters – any device discovered in the Device Manager tool will be automatically mapped. For example, the Device Manager connector for VMware vSphere is able to discover all virtual machines deployed and gather meta-data information that will populate its database. Once a mac address is associated with a discovered device (e.g. a server or container), if it is present in the IPAM, the device is automatically mapped. Thus, the IPAM view is totally accurate and presents the whole connectivity chain from the application linked to its tenant in the ACI ecosystem, hosted on a server and connected to a physical switch port. Furthermore the reconciliation phase is able to be performed using an event driven model if the SDN and cloud components offer such technologies. This enables near real time notifications and an IPAM which is always up to date, making it the single source of network truth.

For cloud deployment strategy, activities should rely on IPAM data repository

SOLIDserver’s complete openness for both providing information through its rich API set and collecting data from the datacenter ecosystem via dynamic process is key in the cloud movement. Resources are more and more spread throughout various environments – linked with network automation with dynamic network (SDN) – and all these elements are volatile because of orchestration and elasticity.

Therefore, its mandatory to keep and use an accurate repository of information regarding IP information, on which all the other components of orchestration and automation should rely, for deployment, auditing or billing activities.


The Importance of DDI Within a SDDC Ecosystem

Download the white paper to learn why DDI is critical when implementing Software Defined Data Centers for more agile service deployment workflows.

23 April 2019 Cisco ACI (Application Centric Infrastructure) brings to data centers a new integrated way of buildi...


EfficientIP DDI for Cisco ACI SDN