05-18-2025 03:35 AM - edited 05-18-2025 04:46 AM
Greetings,
We're trying to get away form our one 1:1 ratio of BD to EPG design and start to have multiple IPs on a single bridge domain to resemble application centric network design. We do have the gateway IPs on the BDs like the application centric design however, we still have that 1:1 ratio like a traditional network centric design.
I'm still a little confused as to what servers within an application tier should be migrated to a single BD. Take vSphere for example. It includes ESXi hosts, vCenter, Horizon, connection servers and all the vmKernels like mgmt, vMotion, SAN storage etc which currently all have their own BD. So can all these services be put into a single BD with multiple subnets?
And another example is "infrastructure services". Can these also all be under a single BD i.e. AD, DNS, OCSP, CA etc.?
And lastly, is there something against merging all or most BDs into one? For example, we have 70 servers per site and nearly 70 BDs. Can we reduce this to 1 BD or does that increase risk for when you need to make changes to a BD like temperarily enable flooding or something and you don't want to clear your endpoints/arp tables or whatever it was for all your EPGs (if I'm remembering that correctly).
Solved! Go to Solution.
05-18-2025 10:47 PM
Hello @KVS7
Here is my one cent about your questions:
Q 1) vSphere components in a single BD
I'm still a little confused as to what servers within an application tier should be migrated to a single BD. Take vSphere for example. It includes ESXi hosts, vCenter, Horizon, connection servers and all the vmKernels like mgmt, vMotion, SAN storage etc which currently all have their own BD. So can all these services be put into a single BD with multiple subnets?
Ans 1) Yes, it's generally feasible and often beneficial to consolidate vSphere components into a single BD with multiple subnets.
Q 2) Infrastructure services in a single BD?
And another example is "infrastructure services". Can these also all be under a single BD i.e. AD, DNS, OCSP, CA etc.?
Ans 2) Yes, consolidating infrastructure services (AD, DNS, OCSP, CA) into a single BD is also a valid approach. These services often support multiple applications, so a shared infrastructure BD makes sense.
Q 3) Merging all BDs into one?
And lastly, is there something against merging all or most BDs into one? For example, we have 70 servers per site and nearly 70 BDs. Can we reduce this to 1 BD or does that increase risk for when you need to make changes to a BD like temperarily enable flooding or something and you don't want to clear your endpoints/arp tables or whatever it was for all your EPGs (if I'm remembering that correctly).
Ans 3) This is generally not recommended. While technically possible, it defeats the purpose of application-centric networking and introduces significant risks.
HTH & Stay Curious!
AshSe
Community Etiquette:
05-18-2025 10:47 PM
Hello @KVS7
Here is my one cent about your questions:
Q 1) vSphere components in a single BD
I'm still a little confused as to what servers within an application tier should be migrated to a single BD. Take vSphere for example. It includes ESXi hosts, vCenter, Horizon, connection servers and all the vmKernels like mgmt, vMotion, SAN storage etc which currently all have their own BD. So can all these services be put into a single BD with multiple subnets?
Ans 1) Yes, it's generally feasible and often beneficial to consolidate vSphere components into a single BD with multiple subnets.
Q 2) Infrastructure services in a single BD?
And another example is "infrastructure services". Can these also all be under a single BD i.e. AD, DNS, OCSP, CA etc.?
Ans 2) Yes, consolidating infrastructure services (AD, DNS, OCSP, CA) into a single BD is also a valid approach. These services often support multiple applications, so a shared infrastructure BD makes sense.
Q 3) Merging all BDs into one?
And lastly, is there something against merging all or most BDs into one? For example, we have 70 servers per site and nearly 70 BDs. Can we reduce this to 1 BD or does that increase risk for when you need to make changes to a BD like temperarily enable flooding or something and you don't want to clear your endpoints/arp tables or whatever it was for all your EPGs (if I'm remembering that correctly).
Ans 3) This is generally not recommended. While technically possible, it defeats the purpose of application-centric networking and introduces significant risks.
HTH & Stay Curious!
AshSe
Community Etiquette:
05-19-2025 04:40 AM
Thanks again
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide