Simple script to check the global settings described in https://unofficialaciguide.com/2021/07/16/aci-best-practice-configurations/.
The script has been tested against ACI Simulator versions 4.2 and 5.1, and 6.0 on the Devnet Always On sandbox.
Clone the project to your system and run the following:
python3 -m pip install -r requirements.txt
After cloning and installing the requirements, simply run the script using:
python3 aci-bpa.py -i <apic ip address> -u <username>
or:
python3 aci-bpa.py -a <apic hostname> -u <username>
You can optionally pass the password as a command line argument using -p <password>.
NOTE: If your password has special characters you should encase it in single quotes
-p '<password>'
Example:
python3 aci-bpa.py -a sandboxapicdc.cisco.com -u admin -p '!v3G@!4@Y'
The script checks a number of global settings and prints a table with the current status of the features, and recommendations based on the ACI Best Practice documentation. After running the script, you should see an output similar to:
| Feature | Status |
|---|---|
| mcp | enabled |
| mcp_pdu_per_vlan | disabled |
| remote_ep_learn | enabled |
| ep_loop_detection | disabled |
| ip_aging | enabled |
| rogue_ep_detection | disabled |
| strict_coop_gp | strict |
MCP PDU per VLAN should be enabled. This feature enables MCP to send packets on a per-EPG basis, otherwise, these packets will only be sent on untagged EPGs.MCP PDU per VLAN can be enabled by going to Fabric -> Access Policies -> Policies -> Global -> MCP Instance Policy Default, and checking the 'Enable MCP PDU per VLAN' box.
Unofficial ACI Guide: https://unofficialaciguide.com/2021/07/16/aci-best-practice-configurations/
ACI Fabric Endpoint Learning White Paper: https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-739989.html
Cisco ACI Best Practices Summary: https://www.cisco.com/c/en/us/td/docs/dcn/whitepapers/cisco-aci-best-practices-quick-summary.html