Configuring Intra-EPG Isolation for Bare Metal Servers

This procedure shows you how to use the Cisco APIC REST API to configure intra-EPG isolation for bare metal servers. This procedure performs the same operation as the GUI procedure of the same name in the Cisco APIC Layer 2 Networking Configuration Guide.

Before you begin

• The port the EPG uses must be associated with a bare metal server interface in the physical domain.

Procedure

To configure intra-EPG isolation, send a POST with XML similar to the following example:

POST https://<apic-ip-address>/api/mo/uni/tn-ExampleCorp.xml

<fvTenant name="Tenant_BareMetal">
    <fvAp name="Web">
        <fvAEPg name="IntraEPGDeny" pcEnfPref="enforced">
            <!-- pcEnfPref="enforced" ENABLES ISOLATION-->
            <fvRsBd tnFvBDName="bd"/>
            <fvRsDomAtt tDn="uni/phys-Dom1"/>
            <!-- PATH ASSOCIATION -->
            <fvRsPathAtt tDn="topology/pod-1/paths-1017/pathep-[eth1/2]" encap="vlan-51" primaryEncap="vlan-100" instrImedcy='immediate'/>
        </fvAEPg>
    </fvAp>
</fvTenant>