October 2022

This blog post will focus on ACI contract priority. Contract is applied in a provider / consumer relationship and a leaf program a security policy (zoning rules) on TCAM (Ternary Content Addressable Memory). Zoning rule entry defines an action (permit, deny, redirect, log) based on the source EPG, the destination EPG, and filter. The source EPG and destination EPG are represented by a unique class ID ( pcTag ). Zoning rules are per VRF, defined with a unique scope and has a priority. The lower the number of the priority, the higher the priority. Zoning rule with the lower value (higher priority) win over zoning rule with a higher value (lower priority). When a traffic between EPGs match more than one zoning rules, the zoning rule priority with some higher level rules is used to decide the action applied on the traffic flow.