• Telecommunications Consulting

    Telecommunications Consulting

    Consulting Services from Network Design to Project Management Read More
  • Internetworking Training Experts

    Internetworking Training Experts

    Click on Training and then Courses. Read More
  • Wireshark Experts

    Wireshark Experts

    Packet analysis expertise is critical in today's networks, and being able to use the best packet analyzer application is a skill we can help you and your team attain. Read More
  • Are you a Network Scientist?

    Are you a Network Scientist?

    Online Learning, Instructor Led in person or Web-based delivery. Check out our online school. Read More
  • Online Certification Training

    Online Certification Training

    Find out about our Network Self Certification Program for Rural Service Providers here! Read More
  • IPv6 Experts

    IPv6 Experts

    Along with other Internet regions, ARIN is out of IPv4 Addresses. Are you IPv6 fluent? Are you IPv6 ready? Read More
  • Enabling the IoT with Wireless

    Enabling the IoT with Wireless

    Without wireless, we cannot have the Internet of Things. Read More
  • MPLS Book for iPad and iPhone

    MPLS Book for iPad and iPhone

    Get Mr. Walding's book here! Read More
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8

Welcome to CellStream, Inc. - Telecom Consulting and Training!

Welcome to our home on the Internet, where we can not only share information, but also interact with each other. If you are a visitor to the site, there are a number of things to view: our FAQ'sNetworking and Computing Tips, our CellStream Blog, and other fun reading can all be found in the drop down menus above.  The Training menu provides access to our courses, our course calendar, and learning services.  The Consulting Menu provides information on our consulting services and a place to meet our consulting and teaching team.  Registered CellStream folks and our clients will log in using their private credentials to access projects, calendars and discussions.

Thanks for visiting! We always welcome comments and suggestions.

Great question!  One I have received many queries on lately.

Let's get some terms out of the way first:

ACI = This stands for Cisco Application Centric Infrastructure, so it is not one thing, but rather a collection of things.  From the Cisco ACI web page: Cisco ACI consists of:

  • The new Cisco Nexus 9000 Series Switches
  • A centralized policy management and Cisco Application Policy Infrastructure Controller (APIC)
  • A Cisco Application Virtual Switch (AVS) for the virtual network edge
  • Software and hardware innovations
  • Integrated physical and virtual infrastructure
  • An open ecosystem of network, storage, management, and orchestration vendors

APIC = This is a thing.  It stands for Cisco Application Policy Infrastructure Controller.  I will discuss this more below.

Now I can get to answering the question.  Cisco and SDN have had a bit of a rough start.  Cisco missed acquiring Nicira, which was acquired by their frienemy VMware.  What followed was some mixed messaging and marketing on SDN in general.  Let's face it, Virtualization has been a wild fire of innovation, and network virtualization is a hot bed within the wild fire.  Many companies that have been traditional hardware/software vendors are struggling as products within their portfolios are competing against each other.  If I can take a bare metal server and convert it into my top of rack switch/router, why do I need to buy hardware?  I am not saying that is entirely possible, nor am I saying that data center operators do not need to buy switches and routers.  What I am strongly suggesting is that this is one of those interesting areas that many of us are watching carefully.  

What the ACI and APIC are at the time of this writing is Cisco's giant step forward in term of the network virtualization and network function virtualization that are rapidly developing.  If you are an old school person, you could simply say that the APIC is a network management platform, and stop the discussion at that.  The APIC is about organizing data and designing work flows across a network infrastructure.  While it has the word "Controller" in its name, it is not like a typical SDN Controller.  SDN Controllers are part of the data plane in that they receive the first packet of an application flow and then send the corresponding policies to the network of switches, including path.  The APIC does not do this.  

Here is a summary comparison:

 Generic SDN Controller  Cisco APIC Controller
 See's Packets  Never See's Packets
 Controls Paths  Does not control path/routes (leaves this to the routing protocols)
 Defines Policy  Defines Policies via Network Profiles 


Screen Shot 2014-12-05 at 11.00.29 AMThe way that the APIC sees the world begins with End Point Groups.  

The slide shows three Web Servers that will be providing a similar set of applications to outside a certain enterprise.  These web servers will be treated similarly, so we can add them into an EPG. 

Via simple on screen click and group process, these network devices are easily grouped together and named.

If you think about the three tier model of Web Servers <> Applications Servers <> Data Bases, we could do the same process of grouping the applications servers and the database servers in this manner.

The next part is extremely important in the APIC.  Once your EPG's are specified you can then add what Cisco calls a "contract" between the EPG's to define what communications can occur.  Everything else is blocked by default.  For example the Web Server cannot talk directly to the Database Server.

Screen Shot 2014-12-05 at 11.12.01 AMPolicies are reminiscent of ACL's in router and switches, but of course much more powerful.  What the APIC system does it it then communicates the appropriate command line or protocol commands (the system supports OpenFlow as well as Cisco's home grown protocol) to then implement the policies onto the network infrastructure.

Next is where things get interesting.  Imagine for a moment that these policies all exists within a collection of Virtual Machines (VM's) at a data center for a particular customer and that customer decides they want to move servers to a different data center due to an impeding typhoon.  The APIC system allows the abstraction of the functions, policies/contracts and configuration to be transported to another APIC in the second data center.  This move can be accomplished in comparably minute time frames using this orchestration.

The answer then to the original question is that Cisco has developed an architecture called ACI that includes their APIC that can control network nodes and SDN controllers, dissimilar to the generic SDN controller which is in the data path.  I have heard and read some descriptions that Cisco is anti-SDN with their solution, and I would disagree because the APIC is not a replacement for the generic SDN controller.

I hope this explain and clarifies, albeit at a high level, and provides an answer to the question.  If you would like to look a little deeper into SDN you can look here.  Also, there are some details in our OpenFlow explanation you can find here.

I hope you find this article and its content helpful.  Comments are welcomed below.  If you would like to see more articles like this, please support us by clicking the patron link where you will receive free bonus access to courses and more, or simply buying us a cup of coffee!, and all comments are welcome!



Comments powered by CComment

Our Latest Content

  • IPv4 Subnetting Illustrated

    Yes yes, you can always use an IPv4 calculator to determine the IPv4 subnet addresses, and most of these are

    Read More
  • How do I install /upgrade Wireshark in Ubuntu Linux?

    First things first - the Wireshark downloads page is here: https://www.wireshark.org/download.html I know I have put the answer to this in

    Read More
  • Adding Packet Comments in Wireshark

    Just a quick tip on how to add packet comments to your packet captures. The usecases are fairly straight forward: 

    Read More
  • Packet Diagram feature in Wireshark

    In Wireshark 3.3.0 development release, and 3.4.0 stable release and later, you are going to find a hidden gem.  Wireshark

    Read More
  • Nested Display Filter Buttons feature in Wireshark

    In Wireshark 3.4.0 stable release and later, you are going to find a display button feature that we have already

    Read More
  • 1
  • 2
  • 3
  • 4

Our Most Popular Articles

  • What is the 'arp' command, and how can I use it?

    Let's answer the question, but before I do, you can watch my ARP lesson on Youtube here: https://youtu.be/aD_caJxD7nY and look at the

    Read More
  • A Great Toolkit for Presenters - Zoomit!

    ZoomIt is a utility for the public speaker in all of us. When presenting information, sometimes it is helpful to

    Read More
  • 3 Ways to put your Wi-Fi Interface in Monitor Mode in Linux

    Check out these great references as well:   Our Wireless custom profile for Wireshark  Our Udemy course on Wireless Packet capture

    Read More
  • Neighbor Discovery (ND) Table in IPv6 Windows, Linux and MAC Machines

    Check out these additional IPv6 Resources: Our IPv6 overview course at Udemy Our IPv6 Custom Profiles for Wireshark Our IPv6

    Read More
  • T-Shark Usage Examples

    Check out these great references as well:   Our custom profiles repository for Wireshark  Our Udemy course on Wireshark   Our Udemy

    Read More
  • 1
  • 2
  • 3
  • 4

Did you learn something?
Did I save you time? 

Buy me a coffeeBuy me a coffee!

Subscribe to our Newsletter!

Subscribe to our newsletter to learn about upcoming classes, new networking how to's and much more.

Find by Tag

4G Networks 5G Networks 6LoWLAN 6LoWPAN 802.11 802.11ah 802.11ax 802.11ay 802.11az ACL Addressing Analysis Ansible Architecture ARP AToM Backup Bandwidth BGP Biography Bloom's Taxonomy Cable CBRS CellStream Cellular Central Office Cheat Sheet Chrome Cisco Clock Cloud Computer Consulting CPI Data Center Data Networking Decryption DHCPv4 DHCPv6 Display Filter DNS Documentation dumpcap ECMP EIGRP Ethernet Ethics Flipping the Certification Model Follow Me Fragmentation G-MPLS Git GNS3 Google GQUIC Hands-On History Home Network HTTPS ICMP ICMPv6 IEEE 802.11p IEEE 802.15.4 In A Day Internet IOS Classic IoT IPsec IPv4 IPv6 IS-IS L2 Switch L2VPN L3VPN LDP Linux LLN Logging LoL M-BGP MAC Macro Microsoft mininet Monitoring Monitor Mode MPLS Multicast Name Resolution Netcat Netflow NetMon netsh Networking Network Science nmap Npcap nslookup Online Learning Online School OpenFlow OSPF OSPFv2 OSPFv3 OSX OTT Parrot PIM Ping Policy POTS POTS to Pipes PPP Profile Profiles Programming Project Management PW3E Python QoS QUIC Remote Desktop Requirements RIP Routing RPL RSVP Rural SAS SDN Security Self Certification Service Provider Small Business Smartport SONET Speed SSH SSL Subnetting T-Shark TCP TCP/IP Telco Telecom 101 Telecommunications Telephone Telnet TLS Tools Traceroute Traffic Analysis Traffic Engineering Training Travel Tunnel Ubuntu Utility Video Virtualbox Virtualization VoIP VRF VXLAN Webex Wi-Fi Wi-Fi 6 Windows Wireless Wireless 5G Wireshark Wireshark Tip WLAN ZigBee Zoom

Twitter Feed