Integration question: Cisco ACI with f5 in unmanaged mode

Question

(knowledge level : rudimentary :: first aci &lt;-&gt; f5 integeration project of my life:: reaching out to the community since everyone seems to be baffled) &nbsp;
Need help in getting a stalled project through. trying to reach out the community to identify any direct Cisco ACI + f5 technical material to understand and configure f5 in unmanaged mode. There are quite a few links dealing in more complex vcmp/virtual and other issues. The work done so far: &nbsp;
expected target architecture : Use f5 in unmanaged mode with ACI. With ACI expected to act like a regular switch and not be bothered with l4-7 et al. &nbsp;
f5 configs: 
single physical f5 device : 
Port 2.1 and 2.2 : portchanneled to ACI 9K leaf switches : trunk is green/up!&nbsp;
When you talk to Cisco as soon as they here f5 - the immediate jump is to configure l4-7. Q: When f5 is treating ACI as a switch how do i configure so that is it not bothered with l4-7 et al.&nbsp;
Any discussion around this to further expand will be highly appreciated. &nbsp;
Thanks,&nbsp;

niels_van_sluis · Answer

From the perspective of the BIG-IP no specific configuration is needed. But you probably want to disable 'Auto Last Hop'. Check the document below at: Guidelines and Limitations for Common Pervasive Gateway&nbsp;
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/ACI_Best_Practices/b_ACI_Best_Practices/b_ACI_Best_Practices_chapter_010.html&nbsp;
I'm not a Cisco ACI expert, but configuration of these items seem to be relevant:&nbsp;
ACI Access Policy for configuration of the physical ports (VPC, LACP, Speed, VLAN, Domain).&nbsp;
Logical Network Constructs for the network configuration (Bridge Domain, Subnets, Access Policy, EPG, Contracts.&nbsp;
Also see this post:&nbsp;
https://devcentral.f5.com/articles/unmanaged-mode-what-it-means-for-aci-and-big-ip-integration&nbsp;

payal_s · Answer

The F5 and Cisco APIC integration based on the device package and iWorkflow is End Of Life.

The latest integration is based on the Cisco AppCenter named ‘F5 ACI ServiceCenter’.

Click here to view the Cisco ACI and F5 BIG-IP design guide which discusses the following topics:

SNAT or no SNAT
BIG-IP redundancy
Multi-tenancy
Tighter integration using F5 ACI ServiceCenter

Visit https://devcentral.f5.com/s/articles/F5-and-Cisco-ACI-Essentials-Design-guide-for-a-single-POD-APIC-cluster to learn how to access a lab for hands on experience using the F5 ACI ServiceCenter

https://f5.com/cisco for updated information on the integration.

Forum Discussion

Integration question: Cisco ACI with f5 in unmanaged mode

Recent Discussions

Client SSL Profile set to Require Client Certificate breaks RDP in APM

TS Declarations for DNS

APM file and registry key date check 8 days old

SSL bridging without SSL proxy forward

Should config via cli rather than gui?

Related Content

Access Troubleshooting: BIG-IP APM OIDC integration

Integrating SSL Orchestrator with McAfee Web Gateway-Transparent Proxy

Unmanaged Mode - what it means for ACI and BIG-IP integration [End of Life]

Making Mobile SDK Integration Ridiculously Easy with F5 XC Mobile SDK Integrator

Integrate BIG-IP with AWS CloudWAN Service Insertion

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS