cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
912
Views
0
Helpful
3
Replies

EPGs to Bridge Domain mapping on Single Leaf

Waqar675
Cisco Employee
Cisco Employee

Hello,

 

After reading cisco materails and do some labbing for EPGs to BDs mapping, i came here to know the below queries which actually confused me.

 

1-Two EPGs bind to one BD on single Leaf  (Using same encap vlan)

2-Two EPGs bind to two different BD on single Leaf (Using same encap vlan)

 

-For the first scenario, i know we can't use same encap vlan while associating two EPGs to single BD on single Leaf.My query related to this is needs to know the technical answer for this why we can't use this way.We can say there is limitation but why this limitation.I believe there should be some technical answer for this, like if we use this way my answer is and please correct

(ACI can't segregate where to send packets on single Leaf because fabric encap vlan (EPG VNID) is allocate from vlan pool if the same encap vlan is used then we have same EPG PI VLAN and same fabric encap vlan(EPG VNID), this might be the reason)

 

-For the second scenario, i know we can achieve this while changing the vlan scope to Port Local Scope but needs to know the same answer, How it works?

 

Thanks

 

Regards,

Waqar

 

 

 

3 Replies 3

deepakba
Cisco Employee
Cisco Employee

 

 

Hi Waqar,

 

I have attached one of the Cisco live slide for Vlans clarification in ACI.

 

As you know we have a total of three VLAN in ACI:

 

1) Access encap VLAN(user-configured)

2) PI VLAN (also called as Identifier VLAN to identify the EPG,BD, and its unique per leaf) and

3) VXVLAN VNID VLAN (use for forwarding the traffic).

 

To answer your question - Two EPGs bind to one BD on single Leaf  (Using same encap vlan) whats the need?

 

For two EPG in different VLANs, we have two PI VLAN and these two PI's VLAN mapped to one BD PI VLAN. Why we need one PI BD VLAN, not two for each EPG PI VLAN? PI BD VLAN has two tasks First one is to identify the BD and the second one is to create SVI for routing. We have two EPG PI VLAN correct, ACI will create only one SVI for BD PI VLAN.

 

Look at slide(attached) we have two PI VLAN for EPG but for whom we will create SVI for routing to other VLAN, like in traditional network if we have to do routing from one VLAN to other VLAN we have to create the SVI right , Here the confusion is for which EPG VLAN you will create the SVI on BD ? Instead of creating separate PI BD for each vlan both the PI of EPG mapped to one PI of BD.

 

Thanks,

 

Dear Deepik,

 

Thanks for your feedback.

 

But my question is

"Two EPGs bind to one BD on single Leaf  (Using same encap vlan)"

 

Same Encap.PNG

 

Yes you are right that we can achieve it while having different encap vlans, but here we have one encap vlan (vlan-5)

 

I have read and also tested this scenario through labbing, however we couldn't use the same encap vlan while associating two EPGs to one BD on single leaf neither with Global nor with Port Local Scope, so i am curious why we couldn't use one encap vlan in this scenario.I believe there should be an explainable reason behind it not working this way.

 

Regards,

Waqar

HI Waqar,

 

The only explanation which I can think of its doesn't make any sense two put the same encap VLAN in two Different EPG. If you want that two hosts in the same encap VLAN shouldn't communicates then you can use the concept of microepg. 

 

 

Thanks,

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Save 25% on Day-2 Operations Add-On License