Showing results for 
Search instead for 
Did you mean: 

Cisco SD-Access Layer2 flooding




Layer2 Flooding

Cisco SD-Access fabric provides many optimizations to improve unicast traffic flow, and to reduce the unnecessary flooding of data such as broadcasts. But, for some traffic and applications, it may be desirable to enable broadcast forwarding within the fabric.

By default, this is disabled in the Cisco SD-Access architecture. If broadcast, Link local multicast and Arp flooding is required, it must be specifically enabled on a per-subnet basis using Layer 2 flooding feature.

Layer 2 flooding can be used to forward broadcasts for certain traffic and

application types which may require leveraging of Layer 2 connectivity, such as silent hosts, card readers, door locks, etc.


This is how to enable L2 flooding for this Virtual Network/Subnet under Provision > Fabric > <Fabric Domain/Site > Host Onboarding > Virtual Networks

Screen Shot 2019-10-17 at 5.28.00 PM.png

This is how we check that L2 flooding is enabled

Screen Shot 2019-10-17 at 5.28.11 PM.png


Here is a Fabric site with two edge devices and hosts are connected to a single virtual network.

Screen Shot 2019-10-18 at 11.03.19 PM.png

From the above topology, a ping is running from to broadcast ip address of

Below is the packet capture on host which shows no broadcast packets

Screen Shot 2019-10-18 at 3.19.20 PM.png

After we enable the Layer 2 flooding using the above steps for this virtual network, the same ping will see packets on host

Screen Shot 2019-10-18 at 3.17.52 PM.png

Same goes with link local multicast address of for which we do not see packets when Layer 2 flooding is disabled, and we see packets when it is

Screen Shot 2019-10-18 at 3.22.44 PM.png