Hi Bing,
See inline.
1. L3 Unknown Multicast Flooding Setting: (Flood ? Optimized Flood)
- What is the use case / design considerations to choose between flood and Optimized flood?
It all depends on if you want to limit flood traffic within the bridge domain. Enabling 'optimized flood' (OMF) will reduce unknown multicast traffic which has an IP header.
- Why default is flood?
It is unknown why this is the default behavior. Keep in mind that default configuraiton does not necessarily mean "best" configuration. It's all user preference.
- If I would like to test the difference, can anyone provide me the application of test tool to test / see myself?
I do not have tool to recommend, but I will cover the difference in behavior below.
First, we must understand what ACI identifies as unknown L3 multicast. L3 unknown multicast must meet all requirements below:
- Multicast packet with a multicast IP header
- Packet either doesn't fall into an IGMP group or IGMP group has no members
Next, will cover behavior the difference between OMF and Flood behavior using 3 types of leaf nodes:
Ingress leaf - Leaf which receives multicast traffic from locally attached endpoint
Egress leaf w/ r-port - Leaf which receives multicast traffic via spine port and has a router port*
Egress leaf w/ out r-port - Leaf which receives multicast traffic via spine port and does not have a router port*
*Port on leaf becomes router port if it receives either IGMP query or PIM hello message.
OMF Behavior:
Ingress leaf: Packet will be flooded to spine interfaces so that it can be sent to other leaf nodes. Packet can also be forwarded to a front panel port which is a router port. Packet is not forwarded out of any other local interface which allows the BD.
Egress leaf w/ r-port: Packet is sent only to the r-port. Packet is not forwarded out of any other local interface which is part of the BD.
Egress leaf w/ out r-port: Packet is dropped
Flood Behavior:
Ingress leaf: Packet will be flooded to all local interfaces which are part of the BD and spine interfaces so that the packet can be sent to other leaf nodes
Egress leaf w/ r-port: Packet flooded to all local interfaces which are part of the BD
Egress leaf w/ out r-port: Behavior is different depending on 1st or 2nd generation leaf (2nd generation has either -EX or -FX at the end of its model name: Example N9K-C93180YC-EX is 2nd gen)
- 1st gen: Packet is dropped
- 2nd gen: Packet is flooded to all local interfaces which are part of the BD
2. Multi Destination Flooding: (Flood in BD | Drop Flood in Encapsulation)
- What is the difference between Flood in BD vs. Flood in Encapsulation?
Encapsulation = Encap VLAN = VLAN tagged on the wire. Assuming you have 1 VLAN : 1 EPG, and you have multiple EPGs in 1 BD, then multi-destination packets (which fall into this setting's category) are only flooded within the EPG. Setting this to "Flood in BD" will flood traffic through out the BD.
- Why default setting is set to Flood in BD?
It is unknown why this is the default behavior. Keep in mind that default configuraiton does not necessarily mean "best" configuration. It's all user preference. I would assume this is default due to the BD being the L2 domain.
- What types of protocols will flood in BD and what types of protocols are flood in Encapsulation?
Multi Destination Flooding is any BUM traffic which is not mentioned in the other BD settings (Unknown L2 unicast and Unknown L3 multicast not included in this setting). The following protocols are also exempt from this configuration:
ARP/GARP
BGP
EIGRP
IGMP
IS-IS
OSPF/OSPFv6
ND
PIM
L2 multicast (no multicast IP header :: only multicast ethernet address), broadcast, and other link-layer multi-dest traffic is impacted by this setting.
-JW
