Hey Guys,
Just wanted to know something about ACI contracts. Let's say we have two application profile and each profile is has one EPG and multiple uEPG. Also Application profile == Bridge Domain (EPG vise).
Now if I apply vzAny contract for that VRF and contract is allow all with scope == Application Profile. Will that work. I'm aware that TCAM utilization will go high, butt wondering if it'll work.
what I need is Network Centric how a Firewall should work.
Traffic between EPG inside a BD should not be blocked but between two EPG from diff BD (Diff Subnet) should be.
No comments:
Post a Comment