Skip to content
Network as Code

Bridge Domain

Location in GUI: Tenants » XXX » Networking » Bridge Domains

In Cisco ACI, a Bridge Domain (BD) is a logical construct that defines a layer-2 forwarding domain. It is the equivalent of a VLAN or a broadcast domain in traditional networking. A BD is created as a component of a tenant and must be associated with one VRF instance.

Diagram

Section titled “Diagram”
Diagram

Classes

Section titled “Classes”

tenants (apic)

Section titled “tenants (apic)”
NameTypeConstraintMandatoryDefault Value
bridge_domainsList[bridge_domains]No

bridge_domains (apic.tenants)

Section titled “bridge_domains (apic.tenants)”
NameTypeConstraintMandatoryDefault Value
nameStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$Yes
ndo_managedBooleantrue, falseNofalse
aliasStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
descriptionStringRegex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$No
arp_floodingBooleantrue, falseNotrue
advertise_host_routesBooleantrue, falseNofalse
ip_dataplane_learningBooleantrue, falseNotrue
clear_remote_mac_entriesBooleantrue, falseNofalse
limit_ip_learn_to_subnetsBooleantrue, falseNotrue
macMACNo00:22:BD:F8:19:FF
virtual_macAnyMAC or Choice[not-applicable]Nonot-applicable
ep_move_detectionBooleantrue, falseNofalse
l3_multicastBooleantrue, falseNofalse
multicast_arp_dropBooleantrue, falseNofalse
pim_source_filterStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
pim_destination_filterStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
multi_destination_floodingChoicebd-flood, encap-flood, dropNobd-flood
unicast_routingBooleantrue, falseNotrue
unknown_unicastChoiceflood, proxyNoflood
unknown_ipv4_multicastChoiceflood, opt-floodNoflood
unknown_ipv6_multicastChoiceflood, opt-floodNoflood
vrfStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$Yes
subnetsList[subnets]No
l3outsListString[Regex: ^[a-zA-Z0-9_.:-]{1,64}$]No
dhcp_labelsList[dhcp_labels]No
igmp_interface_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
igmp_snooping_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
nd_interface_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
endpoint_retention_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
netflow_monitor_policiesList[netflow_monitor_policies]No

subnets (apic.tenants.bridge_domains)

Section titled “subnets (apic.tenants.bridge_domains)”
NameTypeConstraintMandatoryDefault Value
descriptionStringRegex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$No
ipIPYes
primary_ipBooleantrue, falseNofalse
publicBooleantrue, falseNofalse
sharedBooleantrue, falseNofalse
virtualBooleantrue, falseNofalse
igmp_querierBooleantrue, falseNofalse
nd_ra_prefixBooleantrue, falseNotrue
no_default_gatewayBooleantrue, falseNofalse
nd_ra_prefix_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
ip_dataplane_learningBooleantrue, falseNo

dhcp_labels (apic.tenants.bridge_domains)

Section titled “dhcp_labels (apic.tenants.bridge_domains)”
NameTypeConstraintMandatoryDefault Value
dhcp_relay_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$Yes
dhcp_option_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
scopeChoiceinfra, tenantNotenant

netflow_monitor_policies (apic.tenants.bridge_domains)

Section titled “netflow_monitor_policies (apic.tenants.bridge_domains)”
NameTypeConstraintMandatoryDefault Value
nameStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
ip_filter_typeChoiceipv4, ipv6, ce, unspecifiedNoipv4

Examples

Section titled “Examples”

Example-1: This is a single example of a layer-3 bridge-domain where the bridge-domain BD1 is configured under tenant ABC and associated with vrf VRF1. As this is a layer-3 bridge-domain is it configured with IP subnet 1.1.1.1/24. The rest of the bridge-domain settings uses default values.

apic:
  tenants:
    - name: ABC
      bridge_domains:
        - name: BD1
          vrf: VRF1
          subnets:
            - ip: 1.1.1.1/24

Example-2: This is a single example of a layer-2 bridge-domain where the bridge-domain BD1 is configured under tenant ABC and associated with vrf VRF1. Unlike a layer-3 bridge-domain, no IP subnet is configured. Instead,, L2 unknown unicast is set to flooding, unicast routing is disabled, and ARP flooding is enabled. The rest of the settings use default values.

apic:
  tenants:
    - name: ABC
      bridge_domains:
        - name: BD1
          vrf: VRF1
          unknown_unicast: flood
          arp_flooding: true
          unicast_routing: false

Example-3: This is a single example of a configuration where all parameters are explicitly specified.

apic:
  tenants:
    - name: ABC
      bridge_domains:
        - name: BD1
          alias: ABC_BD1
          mac: 00:22:BD:F8:19:FE
          virtual_mac: 00:23:BD:F8:19:12
          ep_move_detection: true
          arp_flooding: false
          ip_dataplane_learning: false
          limit_ip_learn_to_subnets: false
          multi_destination_flooding: encap-flood
          unknown_unicast: proxy
          unknown_ipv4_multicast: flood
          unknown_ipv6_multicast: flood
          unicast_routing: true
          clear_remote_mac_entries: true
          advertise_host_routes: true
          l3_multicast: false
          multicast_arp_drop: false
          vrf: VRF1
          nd_interface_policy: "ND_INTF_POL1"
          endpoint_retention_policy: ERP1
          netflow_monitor_policies:
            - name: MONITOR1
            - ip_filter_type: ipv4
          subnets:
            - ip: 1.1.1.1/24
              description: My Desc
              primary_ip: true
              public: true
              shared: true
              virtual: false
              igmp_querier: true
              nd_ra_prefix: true
              no_default_gateway: false
            - ip: fd00:0:abcd:1::1/64
              description: My IPv6 Desc
              primary_ip: true
              public: true
              shared: false
              virtual: false
              igmp_querier: true
              nd_ra_prefix: true
              no_default_gateway: false
              nd_ra_prefix_policy: ND-RA-PREFIX1
              ip_dataplane_learning: false
          l3outs:
            - L3OUT1
          dhcp_labels:
            - dhcp_relay_policy: DHCP-RELAY1
              dhcp_option_policy: DHCP-OPTION1

Location in GUI: Tenants » XXX » Networking » Bridge Domains

Diagram

Section titled “Diagram”
Diagram

Classes

Section titled “Classes”

tenants (apic)

Section titled “tenants (apic)”
NameTypeConstraintMandatoryDefault Value
bridge_domainsList[bridge_domains]No

bridge_domains (apic.tenants)

Section titled “bridge_domains (apic.tenants)”
NameTypeConstraintMandatoryDefault Value
nameStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$Yes
ndo_managedBooleantrue, falseNofalse
aliasStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
descriptionStringRegex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$No
arp_floodingBooleantrue, falseNotrue
advertise_host_routesBooleantrue, falseNofalse
ip_dataplane_learningBooleantrue, falseNotrue
clear_remote_mac_entriesBooleantrue, falseNofalse
limit_ip_learn_to_subnetsBooleantrue, falseNotrue
macMACNo00:22:BD:F8:19:FF
virtual_macMACNo
ep_move_detectionBooleantrue, falseNofalse
l3_multicastBooleantrue, falseNofalse
multicast_arp_dropBooleantrue, falseNofalse
pim_source_filterStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
pim_destination_filterStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
multi_destination_floodingChoicebd-flood, encap-flood, dropNobd-flood
unicast_routingBooleantrue, falseNotrue
unknown_unicastChoiceflood, proxyNoflood
unknown_ipv4_multicastChoiceflood, opt-floodNoflood
unknown_ipv6_multicastChoiceflood, opt-floodNoflood
vrfStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$Yes
subnetsList[subnets]No
l3outsListString[Regex: ^[a-zA-Z0-9_.:-]{1,64}$]No
dhcp_labelsList[dhcp_labels]No
igmp_interface_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
igmp_snooping_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
nd_interface_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
endpoint_retention_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No

subnets (apic.tenants.bridge_domains)

Section titled “subnets (apic.tenants.bridge_domains)”
NameTypeConstraintMandatoryDefault Value
descriptionStringRegex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$No
ipIPYes
primary_ipBooleantrue, falseNofalse
publicBooleantrue, falseNofalse
sharedBooleantrue, falseNofalse
virtualBooleantrue, falseNofalse
igmp_querierBooleantrue, falseNofalse
nd_ra_prefixBooleantrue, falseNotrue
no_default_gatewayBooleantrue, falseNofalse
nd_ra_prefix_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
ip_dataplane_learningBooleantrue, falseNo

dhcp_labels (apic.tenants.bridge_domains)

Section titled “dhcp_labels (apic.tenants.bridge_domains)”
NameTypeConstraintMandatoryDefault Value
dhcp_relay_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$Yes
dhcp_option_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
scopeChoiceinfra, tenantNotenant

Examples

Section titled “Examples”

Simple example:

apic:
  tenants:
    - name: ABC
      bridge_domains:
        - name: BD1
          vrf: VRF1
          subnets:
            - ip: 1.1.1.1/24

Full example:

apic:
  tenants:
    - name: ABC
      bridge_domains:
        - name: BD1
          alias: ABC_BD1
          mac: 00:22:BD:F8:19:FE
          virtual_mac: 00:23:BD:F8:19:12
          ep_move_detection: true
          arp_flooding: false
          ip_dataplane_learning: false
          limit_ip_learn_to_subnets: false
          multi_destination_flooding: encap-flood
          unknown_unicast: proxy
          unknown_ipv4_multicast: flood
          unknown_ipv6_multicast: flood
          unicast_routing: true
          clear_remote_mac_entries: true
          advertise_host_routes: true
          l3_multicast: false
          multicast_arp_drop: false
          vrf: VRF1
          nd_interface_policy: "ND_INTF_POL1"
          endpoint_retention_policy: ERP1
          subnets:
            - ip: 1.1.1.1/24
              description: My Desc
              primary_ip: true
              public: true
              shared: true
              virtual: false
              igmp_querier: true
              nd_ra_prefix: true
              no_default_gateway: false
            - ip: fd00:0:abcd:1::1/64
              description: My IPv6 Desc
              primary_ip: true
              public: true
              shared: false
              virtual: false
              igmp_querier: true
              nd_ra_prefix: true
              no_default_gateway: false
              nd_ra_prefix_policy: ND-RA-PREFIX1
              ip_dataplane_learning: false
          l3outs:
            - L3OUT1
          dhcp_labels:
            - dhcp_relay_policy: DHCP-RELAY1
              dhcp_option_policy: DHCP-OPTION1

Location in GUI: Tenants » XXX » Networking » Bridge Domains

Diagram

Section titled “Diagram”
Diagram

Classes

Section titled “Classes”

tenants (apic)

Section titled “tenants (apic)”
NameTypeConstraintMandatoryDefault Value
bridge_domainsList[bridge_domains]No

bridge_domains (apic.tenants)

Section titled “bridge_domains (apic.tenants)”
NameTypeConstraintMandatoryDefault Value
nameStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$Yes
ndo_managedBooleantrue, falseNofalse
aliasStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
descriptionStringRegex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$No
arp_floodingBooleantrue, falseNotrue
advertise_host_routesBooleantrue, falseNofalse
ip_dataplane_learningBooleantrue, falseNotrue
clear_remote_mac_entriesBooleantrue, falseNofalse
limit_ip_learn_to_subnetsBooleantrue, falseNotrue
macMACNo00:22:BD:F8:19:FF
virtual_macMACNo
ep_move_detectionBooleantrue, falseNofalse
l3_multicastBooleantrue, falseNofalse
multicast_arp_dropBooleantrue, falseNofalse
pim_source_filterStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
pim_destination_filterStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
multi_destination_floodingChoicebd-flood, encap-flood, dropNobd-flood
unicast_routingBooleantrue, falseNotrue
unknown_unicastChoiceflood, proxyNoflood
unknown_ipv4_multicastChoiceflood, opt-floodNoflood
unknown_ipv6_multicastChoiceflood, opt-floodNoflood
vrfStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$Yes
subnetsList[subnets]No
l3outsListString[Regex: ^[a-zA-Z0-9_.:-]{1,64}$]No
dhcp_labelsList[dhcp_labels]No
igmp_interface_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
igmp_snooping_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
nd_interface_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
endpoint_retention_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No

subnets (apic.tenants.bridge_domains)

Section titled “subnets (apic.tenants.bridge_domains)”
NameTypeConstraintMandatoryDefault Value
descriptionStringRegex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$No
ipIPYes
primary_ipBooleantrue, falseNofalse
publicBooleantrue, falseNofalse
sharedBooleantrue, falseNofalse
virtualBooleantrue, falseNofalse
igmp_querierBooleantrue, falseNofalse
nd_ra_prefixBooleantrue, falseNotrue
no_default_gatewayBooleantrue, falseNofalse
nd_ra_prefix_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
ip_dataplane_learningBooleantrue, falseNo

dhcp_labels (apic.tenants.bridge_domains)

Section titled “dhcp_labels (apic.tenants.bridge_domains)”
NameTypeConstraintMandatoryDefault Value
dhcp_relay_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$Yes
dhcp_option_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
scopeChoiceinfra, tenantNotenant

Examples

Section titled “Examples”

Simple example:

apic:
  tenants:
    - name: ABC
      bridge_domains:
        - name: BD1
          vrf: VRF1
          subnets:
            - ip: 1.1.1.1/24

Full example:

apic:
  tenants:
    - name: ABC
      bridge_domains:
        - name: BD1
          alias: ABC_BD1
          mac: 00:22:BD:F8:19:FE
          virtual_mac: 00:23:BD:F8:19:12
          ep_move_detection: true
          arp_flooding: false
          ip_dataplane_learning: false
          limit_ip_learn_to_subnets: false
          multi_destination_flooding: encap-flood
          unknown_unicast: proxy
          unknown_ipv4_multicast: flood
          unknown_ipv6_multicast: flood
          unicast_routing: true
          clear_remote_mac_entries: true
          advertise_host_routes: true
          l3_multicast: false
          multicast_arp_drop: false
          vrf: VRF1
          nd_interface_policy: "ND_INTF_POL1"
          subnets:
            - ip: 1.1.1.1/24
              description: My Desc
              primary_ip: true
              public: true
              shared: true
              virtual: false
              igmp_querier: true
              nd_ra_prefix: true
              no_default_gateway: false
            - ip: fd00:0:abcd:1::1/64
              description: My IPv6 Desc
              primary_ip: true
              public: true
              shared: false
              virtual: false
              igmp_querier: true
              nd_ra_prefix: true
              no_default_gateway: false
              nd_ra_prefix_policy: ND-RA-PREFIX1
              ip_dataplane_learning: false
          l3outs:
            - L3OUT1
          dhcp_labels:
            - dhcp_relay_policy: DHCP-RELAY1
              dhcp_option_policy: DHCP-OPTION1

Location in GUI: Tenants » XXX » Networking » Bridge Domains

Diagram

Section titled “Diagram”
Diagram

Classes

Section titled “Classes”

tenants (apic)

Section titled “tenants (apic)”
NameTypeConstraintMandatoryDefault Value
bridge_domainsList[bridge_domains]No

bridge_domains (apic.tenants)

Section titled “bridge_domains (apic.tenants)”
NameTypeConstraintMandatoryDefault Value
nameStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$Yes
ndo_managedBooleantrue, falseNofalse
aliasStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
descriptionStringRegex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$No
arp_floodingBooleanNotrue
advertise_host_routesBooleanNofalse
ip_dataplane_learningBooleanNotrue
clear_remote_mac_entriesBooleanNofalse
limit_ip_learn_to_subnetsBooleanNotrue
macMACNo00:22:BD:F8:19:FF
virtual_macMACNo
ep_move_detectionBooleanNofalse
l3_multicastBooleanNofalse
multicast_arp_dropBooleantrue, falseNofalse
pim_source_filterStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
pim_destination_filterStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
multi_destination_floodingChoicebd-flood, encap-flood, dropNobd-flood
unicast_routingBooleanNotrue
unknown_unicastChoiceflood, proxyNoflood
unknown_ipv4_multicastChoiceflood, opt-floodNoflood
unknown_ipv6_multicastChoiceflood, opt-floodNoflood
vrfStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$Yes
subnetsList[subnets]No
l3outsListString[Regex: ^[a-zA-Z0-9_.:-]{1,64}$]No
dhcp_labelsList[dhcp_labels]No
igmp_interface_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
igmp_snooping_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
nd_interface_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No

subnets (apic.tenants.bridge_domains)

Section titled “subnets (apic.tenants.bridge_domains)”
NameTypeConstraintMandatoryDefault Value
descriptionStringRegex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$No
ipIPYes
primary_ipBooleanNofalse
publicBooleanNofalse
sharedBooleanNofalse
virtualBooleanNofalse
igmp_querierBooleanNofalse
nd_ra_prefixBooleanNotrue
no_default_gatewayBooleanNofalse
nd_ra_prefix_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
ip_dataplane_learningBooleantrue, falseNo

dhcp_labels (apic.tenants.bridge_domains)

Section titled “dhcp_labels (apic.tenants.bridge_domains)”
NameTypeConstraintMandatoryDefault Value
dhcp_relay_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$Yes
dhcp_option_policyStringRegex: ^[a-zA-Z0-9_.:-]{1,64}$No
scopeChoiceinfra, tenantNotenant

Examples

Section titled “Examples”

Simple example:

apic:
  tenants:
    - name: ABC
      bridge_domains:
        - name: BD1
          vrf: VRF1
          subnets:
            - ip: 1.1.1.1/24

Full example:

apic:
  tenants:
    - name: ABC
      bridge_domains:
        - name: BD1
          alias: ABC_BD1
          mac: 00:22:BD:F8:19:FE
          virtual_mac: 00:23:BD:F8:19:12
          ep_move_detection: true
          arp_flooding: false
          ip_dataplane_learning: false
          limit_ip_learn_to_subnets: false
          multi_destination_flooding: encap-flood
          unknown_unicast: proxy
          unknown_ipv4_multicast: flood
          unknown_ipv6_multicast: flood
          unicast_routing: true
          clear_remote_mac_entries: true
          advertise_host_routes: true
          l3_multicast: false
          multicast_arp_drop: false
          vrf: VRF1
          nd_interface_policy: "ND_INTF_POL1"
          subnets:
            - ip: 1.1.1.1/24
              description: My Desc
              primary_ip: true
              public: true
              shared: true
              virtual: false
              igmp_querier: true
              nd_ra_prefix: true
              no_default_gateway: false
            - ip: fd00:0:abcd:1::1/64
              description: My IPv6 Desc
              primary_ip: true
              public: true
              shared: false
              virtual: false
              igmp_querier: true
              nd_ra_prefix: true
              no_default_gateway: false
              nd_ra_prefix_policy: ND-RA-PREFIX1
              ip_dataplane_learning: false
          l3outs:
            - L3OUT1
          dhcp_labels:
            - dhcp_relay_policy: DHCP-RELAY1
              dhcp_option_policy: DHCP-OPTION1