ACI Bridge Domain Configuration for EPG Connectivity

D.

In ACI, a Bridge Domain (BD) is a layer 2 or layer 3 construct that provides isolation and connectivity between end-hosts or subnets. When extending connectivity to an external network, a bridge domain is used to provide layer 2 connectivity between the EPG and the external network.

In this scenario, the external network houses the layer 3 gateway and other end hosts, meaning that the layer 3 gateway is not within the ACI fabric. Therefore, the ACI fabric must be configured to allow communication with the external network.

To accomplish this, the bridge domain must be configured with the correct forwarding, unknown unicast, multicast, and ARP flooding settings. Let's examine each option in the answer choices to determine the correct configuration.

Option A: Forwarding: Custom L2 Unknown Unicast: Hardware Proxy L3 Unknown Multicast Flooding: Flood Multi Destination Flooding: Flood in BD ARP Flooding: Enabled

In this option, the forwarding is set to custom, which allows for flexibility in configuring forwarding behavior. The L2 unknown unicast is set to hardware proxy, which means that unknown unicast traffic will be sent to the hardware proxy for forwarding. L3 unknown multicast flooding is set to flood, which means that unknown multicast traffic will be flooded to all ports within the bridge domain. Multi destination flooding is set to flood in BD, which means that all multi-destination traffic will be flooded within the bridge domain. ARP flooding is enabled, which means that ARP traffic will be flooded within the bridge domain.

Option B: Forwarding: Custom L2 Unknown Unicast: Flood L3 Unknown Multicast Flooding: Flood Multi Destination Flooding: Flood in BD ARP Flooding: Enabled

In this option, the forwarding is also set to custom. However, the L2 unknown unicast is set to flood, which means that unknown unicast traffic will be flooded to all ports within the bridge domain. L3 unknown multicast flooding and multi destination flooding are set to flood, which means that unknown multicast and multi-destination traffic will be flooded within the bridge domain. ARP flooding is enabled, which means that ARP traffic will be flooded within the bridge domain.

Option C: Forwarding: Custom L2 Unknown Unicast: Hardware Proxy L3 Unknown Multicast Flooding: Flood Multi Destination Flooding: Flood in BD ARP Flooding: Disabled

In this option, the forwarding is set to custom, and the L2 unknown unicast is set to hardware proxy. L3 unknown multicast flooding and multi destination flooding are set to flood, which means that unknown multicast and multi-destination traffic will be flooded within the bridge domain. ARP flooding is disabled, which means that ARP traffic will not be flooded within the bridge domain.

Option D: Forwarding: Custom L2 Unknown Unicast: Flood L3 Unknown Multicast Flooding: Flood Multi Destination Flooding: Flood in BD ARP Flooding: Disabled

In this option, the forwarding is set to custom, and the L2 unknown unicast is set to flood. L3 unknown multicast flooding and multi destination flooding are set to flood, which means that unknown multicast and multi-destination traffic will be flooded within the bridge domain. ARP flooding is disabled, which means that ARP traffic will not be flooded within the bridge domain.

To determine the correct configuration, we need to consider the requirements for extending EPG connectivity to an external network. Since the external network houses the layer 3 gateway and other end hosts, the correct configuration should allow for communication with these devices.

Option A and Option C have the correct setting for L2 unknown unicast (Hardware Proxy), which is the recommended configuration when extending EPG connectivity to an external network. However, ARP flooding