LEARN WORK IT

INFORMATION TECHNOLO GY (NE T WORK )

C I S C O ACI BLO GS VMWARE N SX BLO G S CISCO ROUT ING B LO G

C I S CO SW ITCHIN G BLO G IT INS TITU TES CONTACT US

TERMS & CONDIT ION

21.ACI Tenant,
Bridge Domain &
Vrf
 APRIL 18, 2021  LEAVE A COMMENT

ACI Tenant, Bridge

 Domain & Vrf
Tenant, Bridge Domain & Vrf
Tenant is the logical Container for Application Network
Pro�les (Customers, Internal Business Groups,
etc.)Tenants can be isolated from one another or can
share resources. The primary elements that the tenant
contains are �lters, contracts, outside networks, bridge
domains, contexts, and application pro�les that contain
endpoint groups (EPGs). Entities in the tenant inherit its
policies. A tenant can contain one or more virtual
routing and forwarding (VRF) instances or contexts;
each context can be associated with multiple bridge
domains. Tenants are logical containers for application
policies. The fabric can contain multiple tenants

Step 1:- Go to Tenant tab in APIC

GUI

Step 2 :- Click on Add tenant tab

Step 3: Fill all the required �elds
and click on Submit

Bridge domains (BD)

Bridge domains (BD) provide layer 2 forwardings within
the fabric, as well as a layer 2 boundary. A BD must be
linked to VRF (also known as a context) and must have
at least one subnet associated with it. BDs de�ne the
unique layer 2 MAC address space and also the �ooding
domain (if �ooding is enabled).

BDs are bound to a VRF

. De�nes L2 forwarding characteristics and boundaries.
. Flood > Hardware Proxy
. ARP Flooding (On | Off)
. Similar to a VLAN that can span multiple switches.

Subnet under the BD creates an SVI

.This SVI can be advertised externally through a routing
protocol.

We start by going into the

tenant we created and click
on Networking and then
Bridge Domains.

Step 1 :- Click on Actions, then on

Create Bridge Domain.
Step 2 :- This launches a new
window. Here we name our bridge
domain and assign a VRF to it if we
have already created one, or create
a new VRF.

Step 3:- If we choose Create VRF,

this brings up another window.
Step 4:- Once Vrf is created click on
next, it takes us to the L3
Con�gurations window.

Following below where we enable Unicast Routing, ARP

�ooding (if we want to), specify a MAC address and
create a subnet. A R P f l o o d i n g i s d i s a b l e d b y
d e f a u l t . The fabric will convert any ARP broadcast
traf�c into unicast traf�c and push it to the destination
leaf node. If we want to enable traditional ARP �ooding
behavior, this is where we would enable it.
Step 5 :- To create a subnet click on
the plus sign, which brings up
another window

Here we specify the subnet and subnet mask for the

network and set the scope to be private, public
(“Advertised Externally”), or shared.
Private to VRF means that the subnet will not be
advertised externally (outside of the VRF). Advertised
Externally means just that, and will be �agged for
advertising through a routing protocol to an external
device. Shared between VRFs is similar to advertising
externally, but is kept within the fabric.
Click OK which will take us back to the L3
Con�gurations window.

Step 6:- Click next to take us to the

�nal window, where we can select
a monitoring policy.

Step 7:- Click Finish.