Bridge Domain
Location in GUI: Application Management » Schemas
Diagram
Section titled “Diagram”
Classes
Section titled “Classes”templates (ndo.schemas)
Section titled “templates (ndo.schemas)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| bridge_domains | List | [bridge_domains] | No |
bridge_domains (ndo.schemas.templates)
Section titled “bridge_domains (ndo.schemas.templates)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[a-zA-Z0-9_.:-]{1,64}$ | Yes | |
| description | String | Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ | No | |
| l2_unknown_unicast | Choice | proxy, flood | No | proxy |
| intersite_bum_traffic | Boolean | true, false | No | false |
| optimize_wan_bandwidth | Boolean | true, false | No | false |
| l2_stretch | Boolean | true, false | No | true |
| unicast_routing | Boolean | true, false | No | true |
| arp_flooding | Boolean | true, false | No | false |
| l3_multicast | Boolean | true, false | No | false |
| virtual_mac | MAC | No | ||
| multi_destination_flooding | Choice | bd-flood, encap-flood, drop | No | bd-flood |
| unknown_ipv4_multicast | Choice | flood, opt-flood | No | flood |
| unknown_ipv6_multicast | Choice | flood, opt-flood | No | flood |
| ep_move_detection_mode | Choice | garp, none | No | none |
| vrf | Class | [vrf] | Yes | |
| subnets | List | [subnets] | No | |
| sites | List | [sites] | No | |
| dhcp_policies | List | [dhcp_policies] | No | |
| dhcp_relay_policy | String | Regex: ^[a-zA-Z0-9_.:-]{1,64}$ | No | |
| dhcp_option_policy | String | Regex: ^[a-zA-Z0-9_.:-]{1,64}$ | No |
vrf (ndo.schemas.templates.bridge_domains)
Section titled “vrf (ndo.schemas.templates.bridge_domains)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[a-zA-Z0-9_.:-]{1,64}$ | Yes | |
| schema | String | No | ||
| template | String | No |
subnets (ndo.schemas.templates.bridge_domains)
Section titled “subnets (ndo.schemas.templates.bridge_domains)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| ip | IP | Yes | ||
| scope | Choice | private, public | No | private |
| shared | Boolean | true, false | No | false |
| no_default_gateway | Boolean | true, false | No | false |
| querier | Boolean | true, false | No | false |
| primary | Boolean | true, false | No | false |
sites (ndo.schemas.templates.bridge_domains)
Section titled “sites (ndo.schemas.templates.bridge_domains)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Yes | ||
| advertise_host_routes | Boolean | true, false | No | false |
| subnets | List | [subnets] | No | |
| l3outs | List | String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] | No | |
| mac | MAC | No | 00:22:BD:F8:19:FF |
dhcp_policies (ndo.schemas.templates.bridge_domains)
Section titled “dhcp_policies (ndo.schemas.templates.bridge_domains)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| dhcp_relay_policy | String | Regex: ^[a-zA-Z0-9_.:-]{1,64}$ | Yes | |
| dhcp_option_policy | String | Regex: ^[a-zA-Z0-9_.:-]{1,64}$ | No |
Examples
Section titled “Examples”Example-1: This illustrates a configuration example for a Layer 2 bridge domain named Layer2_BD under Azure Schema/Tenant and Site_A fabric . The unicast_routing flag is set to false, indicating that subnets within this bridge domain are not propagated to the leaf switches, and no routing occurs within the fabric. The l2_unknown_unicast flag is configured to flood, ensuring that unknown unicast traffic is flooded within the bridge domain. The bridge domain is not stretched, as shown by the l2_stretch flag being set to false.
The subnet configuration allows the fabric to manage IP addresses and ARP within the Layer 2 domain without providing routing or default gateway services.
The VRF Prod in this example is defined in a stretched template Site_AB which is further detailed under the vrf section.
ndo: schemas: - name: Azure templates: - name: Site_A bridge_domains: - name: Layer2_BD l2_unknown_unicast: flood l2_stretch: false unicast_routing: false arp_flooding: true vrf: name: PROD schema: Azure template: Site_AB sites: - name: Site_A subnets: - ip: 1.1.1.1/24 scope: publicExample-2: This example illustrates a configuration for a Layer 3 bridge domain named Layer3_BD under Azure Schema/Tenant and Site_A fabric. The default setting for unicast routing is true, so it does not need to be explicitly specified in the YAML. The l2_unknown_unicast flag is set to proxy in this example, which is used to optimize traffic by sending unknown unicast frames to the spine for a proxy lookup in the COOP database. The bridge domain is not stretched, as indicated by the l2_stretch flag set to false.
The EP detection mode is configured as garp, enabling the fabric to detect an endpoint IP move from one MAC address to another when the new MAC is on the same interface and within the same EPG. This mode is often used with VMware ESXi hosts connected to ACI.
The VRF Prod in this example is defined in a stretched template named Site_AB, which is further detailed under the vrf section. To advertise routes externally, an L3Out named Prod_L3out is attached to the bridge domain. Details of the L3Out configuration can be found under the l3out section
ndo: schemas: - name: Azure templates: - name: Site_A bridge_domains: - name: Layer3_BD l2_unknown_unicast: proxy l2_stretch: false arp_flooding: true ep_move_detection_mode: garp vrf: name: PROD schema: Azure template: Site_AB sites: - name: Site_A subnets: - ip: 2.2.2.2/24 scope: public l3outs: - Prod_L3OUT