Cisco ACI - Debugging Network Connectivity

Table of Contents

We run Cisco ACI on a large-ish platform hosting Openstack VM’s and a number of external network connections. Recently we encountered an issue where one of our internal teams reported that they had stopped seeing data from a specific external network. The traffic had just mysteriously dropped off one day.

Unfortunately for us, there was little documentation on how this link was configured, and everyone who had originally set up the environment was long gone.

Identifying root cause

We (re)deployed the EPG onto the interface on both leaves (eth1/31) and bobs your uncle! Traffic flows recovered immediately.

Now to discover who deleted this component in the first place!

Investigating who performed the change and when

Now in the old days of manual config changes - you would have to manually compare differences in the current config to a historic version from a specific date to see what has changed. And unless you have soecific users set up on the switches, auditing is a nightmare.

ACI makes this very easy. You can very easily see all events and audit logs relating to a specific component by navigating to it in the ACI UI.

In our case, the component that was changed was:

Clicking on this component will give you an option of viewing: - Audit Logs - Events - Faults

Even if this component is removed and re-added, all historical events/audit logs will be preserved, and displayed when it is re-added.

Documentation / References