Re: Is it possible to have multiple L3 Bridge Domains with same vlan I

ThinMan · ‎03-28-2025

Is it possible to have two different L3 BDs with devices connecting the same vlan ID ? see example below.

VRF: Same
Domain : Same physical domain
Vlan pool : same pool

EPG 1 :
BD 1 :
L3 : 10.10.10.0/24
End device vlan ID : 100

EPG 2 :
BD 2 :
L3 : 20.20.20.0/24
End device vlan ID : 100

EPG 1 and EPG 2 devices will not be connected on the same switch or even on the same POD.
EPG 1 is meant for POD1
EPG 2 is meant for POD2

The reason we wanted to keep it as it is due to their legacy 7k config, where Pod 1 was DC1 and Pod 2, where they were configured as local vlan (same ID) but different SVIs. This causing a bit of problem with the smooth migration of end devices

andreas.blum · ‎03-30-2025

Hi
It's not the BD you configure a VLAN tag on, but every static binding to an EPG is configured with an encap VLAN.
The pervasive gateway (aka SVI) you configure on a BD doesn't care about the encap/s used on the statically bound interfaces.
If I understand right, you're dealing with 2x legacy VLAN domains (DC1 and DC2) and intend to merge those into one ACI VLAN pool, and you wonder about overlapping VLANs.
The right solution (there are of course multiple) depends on your migration strategy and how your legacy endpoints (connections you have to migrate) are configured.
A simple solution for instance could see ONE BD (as you suggest) with multiple pervasive gateways (aka secondary subnet) configured and all endpoints (from both DCs) in the same or different EPGs (depending on what policy you require between them) using that BD.
I'm not sure it'd be a good idea to extend VL100 between ACI and both legacy domains at the same time. I'd probably first try to fully migrate DC1 VL100 L2 and L3, before extending VL100 into DC2 and start the migration there.
If 'all' endpoints in one of your legacy DC are configured as access/untagged ports, there's also the possibility to translate the VLAN tag between legacy and the ACI during L2 migration.
If you want to keep broadcast traffic apart (recommended if there's lots of endpoints), you'd use two BDs with two EPGs.
There's of course also a complex solution keeping the VLAN domains separate (i.e. using multiple VLAN pools) on the ACI, but that could only become necessary (and adds other constrains) when migrating multiple large legacy domains.
Hope this helps a bit.

ThinMan · ‎03-31-2025

thanks @andreas.blum for your answer, I am not sure fully understand your answer here.

- Multiple L3 subnets in a BD is a good shout - but DHCP helper can only be enabled on the primary subnet aka pervasive gateway

- I have already migrated the network to one pod/site. i.e. BD1 and EPG 1 and it is working fine. The problem is when I configured BD2 and EPG 2 and bring up devices on EPG2 - they are not being recognized, they dont IP etc.

Not sure if you had a chance to look at my example I have in my post. that is exactly what I am trying to do.

Thanks,

andreas.blum · ‎03-31-2025

Hello ThinMan

Sorry, I haven't used DHCP relay on an ACI fabric, so am not familiar with the intricates. However, having two BDs with different subnets and DHCP relay configured should be fine, even when the same DHCP server handles both subnets.

I'm not sure I see your problem. The static bindings should tell which EPG (and policy) to be used for each port.
Maybe you want to use a static IP on a test host you put in EPG2 and confirm you contracts work as expected?

Remi-Astruc · ‎04-04-2025

Hi @ThinMan ,

The case you describe is not recommended. You need to use 2 different Domains/Vlan Pools, both containing Vlan-100.

Assuming that, your example would be supported and should work fine.

Regards

Remi Astruc

Is it possible to have multiple L3 Bridge Domains with same vlan ID ?