Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2321
Views
5
Helpful
3
Replies

ACI BD concept - vlan interface with secondaries?

Go to solution
tsmarcyes
Beginner
Beginner

‎02-07-2019 07:45 PM - edited ‎03-01-2019 05:46 AM

In ACI discussions, its always mentioned that BDs are NOT VLANS.   The most common argument are that vlans equated to one subnet and thus since you can have multiple subnets in a bridge domain, they are therefore not the same as vlans.  However, in traditional networking (although typically not recommended), we could have multiple subnets on a vlan (vlan interface) using the secondary command after the ip address.  Thus, you can have multiple subnets per vlan even in traditional networking.  And guess what, all those subnets are subject to the same flood domain since they are all in the same vlan.  Many try to equate BD to PVLANS, but to me the vlan interface with secondary ip addresses seems closer as private vlans are typically used to segregate traffic within the vlan while if Im not mistaken the default behavior in ACI for BD is to allow communication between all subnets, just like a vlan interface with secondaries.  Although there are still other constructs involving EPGs, contracts, etc, that then take the BD beyond this simply concept, if we are simply talking about the BD itself, would it not be logically correct to compare it to a vlan interface that MAY have multiple subnets (secondary ip addresses).

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
RedNectar
VIP Alumni
VIP Alumni

‎02-07-2019 09:50 PM

Hi tsmarcyes,

I have to say I never try to explain BDs in that way.  Here's my standard spiel:

Bridge Domains are not quite the same a VLANs. They are a broadcast container like VLANs, but have no relationship with 802.1Q VLAN tags.  Instead, 802.1Q tags are used to identify EPGs.

As far as IP interfaces go, just like VLANs, a BD can also have multiple IP interfaces - one primary IP address and multiple secondary interfaces, but by applying multiple IP addresses to a BD, you are potentially expanding the size of the Broadcast Domain, just like in a VLAN world.  However, ACI does have asome broadcast reduction mechanisms, such as Directerd ARP Broadcasts and Flooding within Encapsulaton, so you can probably get away with a larger number of End Points in your BD than you would a regular VLAN.

So your sumation that "would it not be logically correct to compare it to a vlan interface that MAY have multiple subnets (secondary ip addresses)" is spot on.

I don't see any relevance in relating BDs to PVLANs either.  It IS possible to simulate PVLAN behaviour within an