Create
Bridge Domains

A Bridge Domain (BD) is a Layer 2 representation inside the ACI fabric. The BD is where users will define their Anycast Gateway/subnet which would provide the default gateway for their host attached to the fabric. A subnet under the BD can have multiple options:

  • Public : This means that ACI will automatically advertise this subnet outside the fabric. Users are not longer required to create route-maps or distributing routes. ACI will automate this for you
  • Private: This means this subnet will stay within the Tenant. This is the default setting for subnets within a BD.
  • Shared: This means that the subnet can be shared with other VRF within the same Tenant. It is important to note if you enable this knob to users different subnets.

In this section you will be creating two Bridge Domains called:

  1. aci_p04_bd_web
  2. aci_p04_bd_app

Step 1 - Navigate to Bridge Domains in the Tenants Tab under Networking

Navigate to Networking to create a Bridge Domain by clicking:

  1. Click on Tenant
  2. Expand Networking
  3. Right-click on Bridge Domains
  4. Click on Create Bridge Domains

Step 2 - Create WEB Bridge Domain (BD)

  1. Name: aci_p04_bd_web
  2. VRF: aci_p04_vrf
  3. Click Next

Step 3 - Create WEB Subnet

In this step, you will be creating the Gateway (Anycast Gateway).

  1. Click the plus sign (+) button to add Subnet.

Step 4 - Add WEB Subnet

During this lab, the WEB subnet is where users will be connecting to from the outside of the fabric. Therefore you need to modify this subnet from the default ACI values:

  1. Gateway IP: 10.0.144.25/29
  2. Check - Advertised Externally - You need to make sure to advertise this subnet to the rest of the network. By checking this knob, ACI will do the back-end configuration for you.
  3. Click OK

Step 5 - Associate L3 Out

In this step you will be associating the previously created External Network aci_p04_L3out to the aci_p04_bd_web. This is done in order for ACI to create the necessary policies between the External Network and the WEB Bridge Domain.

  1. Click the plus sign (+) button to Associate L3 Outs.
  2. L3Out: aci_p04_L3out
  3. After selecting aci_p04_L3out, Click Update
  4. Verify that you have the correct Gateway Address (10.0.144.25/29) and L3Out (aci_p04_L3out)
  5. Click Next
  6. Click Finish

Step 6 - Create the second Bridge Domain

Navigate to Networking to create a Bridge Domain by clicking:

  1. Click on Tenant
  2. Expand Networking
  3. Right-click on Bridge Domains
  4. Click Create Bridge Domains

Step 7 - Create APP Bridge Domain

  1. Name: aci_p04_bd_app
  2. VRF: aci_p04_vrf
  3. Click Next

Step 8 - Create APP Subnet

In this step, you will be creating the Gateway (Anycast Gateway).

  1. Click the plus sign (+) button to add Subnet.

Step 9 - Add APP Subnet

In contrast to the WEB subnet, the APP subnet will not be advertised outside the fabric. This is to showcase during this lab the functionality of both options that users may be able to use. Therefore, users from the outside the ACI fabric will not be able to reach the any host that it is in the APP subnet. This provides a level of security in your application.

  1. Gateway IP: 172.16.1.1/24
  2. Click OK
  3. Click Next
  4. Click Finish

Verify your work and then click continue

Verify your work