The ACI Simulator packages one APIC, Leaf, and Spine in an OVA package that you can deploy on your hypervisor of choice.

In this walkthrough I’ll be deploying ACI Simulator version 4.2 on macOS 10.15.4 (Catalina) running VMware Fusion Pro 11.5.3.

Getting Started

Because the package is so large, the download is broken up in several smaller packages. Start by downloading all 4 or 5 components of the OVA from Cisco.com.

Once the files are downloaded, use cat (macOS/Linuxs) or type (Windows) to concatenate all of the OVAs into one package.

cat acisim-4.2-4i*.ova > acisim-4.2-4i.ova

The cat job can take several minutes because the files are so large.

Once the cat job is done, we need to tweak the OVA slightly because for whatever reason, the sim was built on a much older hardware version. If you try importing the OVA as-is into VMware Fusion, the import job will fail with the following error:

sha1 digest of file acisim-4.2-4i.vmdk does not match manifest

We need to “trick” Fusion into thinking it is a newer version. Luckily, it’s a very easy and quick fix. To resolve the issue, start by extracting the OVA file. Again, it may take a minute to complete so be patient.

tar -xvf acisim-4.2-4i.ova

A .vmdk, .ovf, and .mf will be extracted. Ignore the massive trail of tar: Damaged tar archive logs.


Now edit the .ovf file using a text editor like vi or nano.

nano acisim-4.2-4i.ovf

Find where it says “vmx-09” and replace it with the appropriate hardware version number. Because I am running Fusion Pro 11, I replace “vmx-09” with “vmx-15

Save and exit. Now simply remove the .mf file. Alternatively, rename the .mf to something else.

mv acisim-4.2-4i.mf acisim-4.2-4i.mf.ignore

That’s it! Import the OVF file into Fusion. It will take 5-10 minutes.

When the import is done, start the VM. After 30 seconds or so, you should see this screen.

I highly recommend that you maintain all default values, except for the IPv4 OOB management subnet. Personally, I like to bridge my sim to my local LAN so other tools like Ansible Tower can interact with it. If you want the ACI nodes to be managed via the local LAN, simply set the OOB subnet in the ACI sim setup to mirror your local subnet. On your local subnet, ensure that the IP is not already in use. (You may need to set a DHCP reservation).

Leave all other values set to default.

Note about bridging the OOB network to the hosts local LAN

During my initial setup, I found that my home network overlapped with the TEP network (10.0.0.0/16). On attempt #1, I changed the TEP network to something other than the default. This rendered the Leaf and Spine incapable of joining the fabric. On attempt #2, I kept the TEP subnet set to default, and instead changed the OOB network to an internal NATd subnet on a vSwitch in VMware. This caused more issues than I found worth dealing with. If you must deal with this, you will need to NAT custom ports on your local host to 443 and 22 on the APIC, Leaf, and Spine. For me it was easier to change my home network to something other than 10.0.0.0/24.

Moral of the story - ensure that the TEP network (10.0.0.0/16) and OOB management network are unique. If you want the OOB management to be bridged onto your local LAN, ensure your local LAN does not overlap with 10.0.0.0/16.

Back to business…

At this point, if everything was setup correctly, you should be able to reach the APIC.

Login and head to the Fabric section to join the Leaf and Spine to the domain.

If you your Leaf and Spine to be reachable on the same LAN, head to the mgmt Tenant > Node Management Addresses > Static Node Management Addresses, then set an OOB static IP for each node.

That’s it! Happy labbing!