Implementing Cisco ACI: Limiting Endpoint Learning in Bridge Domain Subnet

Limiting Endpoint Learning in Cisco ACI

Question

An engineer must limit local and remote endpoint learning to the bridge domain subnet.

Which action should be taken inside the Cisco APIC?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

B.

https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-739989.html

To limit local and remote endpoint learning to the bridge domain subnet in Cisco APIC, the following action should be taken:

B. Enable Enforce Subnet Check

Enabling the "Enforce Subnet Check" feature in the Cisco APIC allows the system to verify that endpoints learned are within the subnet associated with the bridge domain. This feature ensures that endpoints are not learned outside the designated subnet and helps prevent unnecessary traffic and potential security breaches.

Option A, "Disable Remote EP Learn," disables the learning of remote endpoints altogether, which is not the requirement in this scenario. Option C, "Disable Endpoint Dataplane Learning," disables endpoint learning entirely, which is not the desired outcome in this case. Option D, "Enable Limit IP Learning to Subnet," limits learning based on IP addresses, but it does not guarantee that the learned endpoints are within the designated subnet.

Therefore, option B is the most appropriate action to take in this scenario.