Layer2 Flooding
Cisco SD-Access fabric provides many optimizations to improve unicast traffic flow, and to reduce the unnecessary flooding of data such as broadcasts. But, for some traffic and applications, it may be desirable to enable broadcast forwarding within the fabric.
By default, this is disabled in the Cisco SD-Access architecture. If broadcast, Link local multicast and Arp flooding is required, it must be specifically enabled on a per-subnet basis using Layer 2 flooding feature.
Layer 2 flooding can be used to forward broadcasts for certain traffic and
application types which may require leveraging of Layer 2 connectivity, such as silent hosts, card readers, door locks, etc.
Configuration
This is how to enable L2 flooding for this Virtual Network/Subnet under Provision > Fabric > <Fabric Domain/Site > Host Onboarding > Virtual Networks
This is how we check that L2 flooding is enabled
Verification
Here is a Fabric site with two edge devices and hosts are connected to a single virtual network.
From the above topology, a ping is running from 172.16.8.4 to broadcast ip address of 172.16.8.255.
Below is the packet capture on 172.16.8.2 host which shows no broadcast packets
After we enable the Layer 2 flooding using the above steps for this virtual network, the same ping will see packets on host 172.16.8.2
Same goes with link local multicast address of 224.0.0.252 for which we do not see packets when Layer 2 flooding is disabled, and we see packets when it is