Today we are going to discuss the difference between vzAny & Preferred group in ACI & how we can use them in different scenarios.
vzAny – vzAny is a feature in ACI which you can use in ACI to add contracts which is applicable to all the EPG in the VRF. For ex- If you have 10 EPG in a VRF & you want to allow open communications between all the EPG then you can create a ANY-ANY contract in vzANY & use it as provided as well as consumed contract. As mentioned, vzANY contract apply to all the EPG’s in the VRF which means now that ANY-ANY contract states that all EPG can communicate with each other with any source & destination IP Address. You can also specify a port in ANY-ANY contract which will now allow ANY source & ANY destination can communicate on port specified. There are several other ways you can use vzANY as per your requirement.
vzANY Benefit – As you remember in previous example with 10 EPG in the VRF, if I would have created contract one by one on each EPG then we would have ended up with several contracts which use TCAM on the fabric. If you use vzANY in place of separate contracts , now you only have 2 contract (1 provided & 1 consumed) which will save lot of TCAM resources.
Preferred Group – You can achieve the same result of all 10 EPG in a VRF communication as per previous example with preferred group. You need to add all the EPG in preferred group as below.
Preferred group basically place the EPG in unenforced mode which means EPG allow communication from anyone in preferred group without any restriction. Once you place all desired EPG in preferred group, now all EPG in preferred group can communicate with each other.
Conclusion – If you want to allow no restriction communication between EPG in a VRF, preferred group & vzANY both can perform the same. If you requirement is not ANY-ANY allow between EPG but you want to restrict on certain ports or EPG, then vzANY can be used but preferred group can not be used. Preferred group is allow everything unrestricted but vzANY can be customized to provide specific results.
I hope this article will help you to better understand difference between vzANY & preferred group !!
Good Job
Nicey explained .. Appreciating your work.
Thanks Bala !!