Overview
What Cisco ACI Simulator is, what it is not, and how to use it as a safe APIC policy classroom.
Cisco ACI Simulator is a safe place to learn the APIC policy model before touching a production ACI fabric. You use the same APIC web UI and REST API style, but the fabric is simulated. That makes it excellent for learning tenants, VRFs, bridge domains, EPGs, contracts, access policies, faults, and the object tree.
It is not a full packet-forwarding lab. You should treat it as the control-plane and policy classroom, then use EVE-NG with Nexus, IOS XR, FTDv, or Linux endpoints when you need real traffic, routing adjacencies, captures, and failure behavior.
Where it fits
The simulator teaches the APIC side:
- How ACI objects relate to each other.
- How policy is built in the GUI and API.
- How tenants, VRFs, bridge domains, EPGs, contracts, and access policies fit together.
- How APIC represents inventory, health, faults, and object dependencies.
The EVE-NG side teaches the packet side:
- Router and switch CLI behavior.
- BGP, OSPF, VXLAN, firewall policy, NAT, and traffic captures.
- Real endpoint connectivity and troubleshooting.
- Data center edge and interconnect behavior.
Use both. Do not expect one to replace the other.
What this track covers
| # | Module | Goal |
|---|---|---|
| 00 | Overview | Understand what the simulator is good for |
| 01 | APIC orientation | Learn the dashboard, menus, object tree, faults, and inventory |
| 02 | Tenant, VRF, BD, EPG | Build the core ACI policy model in your head |
| 03 | Contracts and filters | Control communication between application tiers |
| 04 | Access policies and static paths | Understand how VLANs, domains, AEPs, interfaces, and EPG bindings connect |
| 05 | L3Out | Learn the external routing policy model |
| 06 | Automation and GitOps | Read and manage APIC policy through repeatable automation |
| 07 | Limitations and next labs | Know when to move from simulator to EVE-NG or physical gear |
| 08 | Lab 1: Three-tier tenant | Create the first APIC tenant model and verify it cleanly |
| 09 | Lab 2: Access policies + static path binding | Attach the Lab 1 EPGs to physical-domain policy and prepare static VLAN path bindings |
First mental model
Traditional networking starts with boxes and interfaces. ACI starts with intent:
- This application belongs to this tenant.
- This endpoint group lives in this bridge domain.
- This bridge domain belongs to this VRF.
- These endpoint groups can talk through this contract.
- This external network is reachable through this L3Out.
APIC turns that intent into device configuration. The simulator lets you practice that modeling without risking production.