cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
441
Views
1
Helpful
2
Replies

ACI BD Application Teir Logical Design?

KVS7
Level 1
Level 1

Greetings, 

We're trying to get away form our one 1:1 ratio of BD to EPG design and start to have multiple IPs on a single bridge domain to resemble application centric network design. We do have the gateway IPs on the BDs like the application centric design however, we still have that 1:1 ratio like a traditional network centric design. 

I'm still a little confused as to what servers within an application tier should be migrated to a single BD. Take vSphere for example. It includes ESXi hosts, vCenter, Horizon, connection servers and all the vmKernels like mgmt, vMotion, SAN storage etc which currently all have their own BD. So can all these services be put into a single BD with multiple subnets?

And another example is "infrastructure services". Can these also all be under a single BD i.e. AD, DNS, OCSP, CA etc.?

And lastly, is there something against merging all or most BDs into one? For example, we have 70 servers per site and nearly 70 BDs. Can we reduce this to 1 BD or does that increase risk for when you need to make changes to a BD like temperarily enable flooding or something and you don't want to clear your endpoints/arp tables or whatever it was for all your EPGs (if I'm remembering that correctly).

1 Accepted Solution

Accepted Solutions

AshSe
VIP
VIP

Hello @KVS7 

Here is my one cent about your questions:

Q 1) vSphere components in a single BD


I'm still a little confused as to what servers within an application tier should be migrated to a single BD. Take vSphere for example. It includes ESXi hosts, vCenter, Horizon, connection servers and all the vmKernels like mgmt, vMotion, SAN storage etc which currently all have their own BD. So can all these services be put into a single BD with multiple subnets?


Ans 1) Yes, it's generally feasible and often beneficial to consolidate vSphere components into a single BD with multiple subnets.

Q 2) Infrastructure services in a single BD?


And another example is "infrastructure services". Can these also all be under a single BD i.e. AD, DNS, OCSP, CA etc.?

 


Ans 2)  Yes, consolidating infrastructure services (AD, DNS, OCSP, CA) into a single BD is also a valid approach. These services often support multiple applications, so a shared infrastructure BD makes sense.

Q 3) Merging all BDs into one?


And lastly, is there something against merging all or most BDs into one? For example, we have 70 servers per site and nearly 70 BDs. Can we reduce this to 1 BD or does that increase risk for when you need to make changes to a BD like temperarily enable flooding or something and you don't want to clear your endpoints/arp tables or whatever it was for all your EPGs (if I'm remembering that correctly).


Ans 3)  This is generally not recommended. While technically possible, it defeats the purpose of application-centric networking and introduces significant risks.

 

HTH & Stay Curious!

AshSe

 

Community Etiquette: 

  1. Insert photos/images inline - don't attach.
  1. Always mark helpful and correct answers, it helps others find what they need.
  1. For a prompt reply, kindly tag @name. An email will be automatically sent to the member.

 

View solution in original post

2 Replies 2

AshSe
VIP
VIP

Hello @KVS7 

Here is my one cent about your questions:

Q 1) vSphere components in a single BD


I'm still a little confused as to what servers within an application tier should be migrated to a single BD. Take vSphere for example. It includes ESXi hosts, vCenter, Horizon, connection servers and all the vmKernels like mgmt, vMotion, SAN storage etc which currently all have their own BD. So can all these services be put into a single BD with multiple subnets?


Ans 1) Yes, it's generally feasible and often beneficial to consolidate vSphere components into a single BD with multiple subnets.

Q 2) Infrastructure services in a single BD?


And another example is "infrastructure services". Can these also all be under a single BD i.e. AD, DNS, OCSP, CA etc.?

 


Ans 2)  Yes, consolidating infrastructure services (AD, DNS, OCSP, CA) into a single BD is also a valid approach. These services often support multiple applications, so a shared infrastructure BD makes sense.

Q 3) Merging all BDs into one?


And lastly, is there something against merging all or most BDs into one? For example, we have 70 servers per site and nearly 70 BDs. Can we reduce this to 1 BD or does that increase risk for when you need to make changes to a BD like temperarily enable flooding or something and you don't want to clear your endpoints/arp tables or whatever it was for all your EPGs (if I'm remembering that correctly).


Ans 3)  This is generally not recommended. While technically possible, it defeats the purpose of application-centric networking and introduces significant risks.

 

HTH & Stay Curious!

AshSe

 

Community Etiquette: 

  1. Insert photos/images inline - don't attach.
  1. Always mark helpful and correct answers, it helps others find what they need.
  1. For a prompt reply, kindly tag @name. An email will be automatically sent to the member.

 

KVS7
Level 1
Level 1

Thanks again

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License