Extending EPGs Outside the ACI Fabric

D.

In the context of Cisco Application Centric Infrastructure (ACI), an End Point Group (EPG) is a logical grouping of endpoints that share common networking requirements, such as security policies, Quality of Service (QoS) policies, and contracts with other EPGs.

To extend an EPG outside of the ACI fabric, you need to connect it to a network outside of the fabric. This can be done in several ways, including:

A. Create an external bridged network that is assigned to a leaf port: This method involves creating a Layer 2 network outside of the ACI fabric and connecting it to a leaf port in the fabric. The external network can be a physical network or a virtual network. The leaf port is configured as a trunk port and assigned to an EPG. The EPG is then configured to bridge traffic to and from the external network.

B. Create an external routed network that is assigned to an EP: This method involves creating a Layer 3 network outside of the ACI fabric and connecting it to an External Proxy (EP) in the fabric. The EP acts as a gateway between the ACI fabric and the external network. The EP is assigned to an EPG, and the EPG is configured with routing policies to forward traffic to and from the external network.

C. Enable unicast routing within an EPG: This method involves configuring the EPG to perform Layer 3 routing within the ACI fabric. The EPG is connected to a Layer 3 switch or router, which is then connected to the external network. The EPG is configured with routing policies to forward traffic to and from the external network.

D. Statically assign a VLAN ID to a leaf port in an EPG: This method involves creating a Layer 2 network outside of the ACI fabric and connecting it to a leaf port in the fabric. The leaf port is configured as an access port and assigned a VLAN ID. The EPG is then configured to bridge traffic to and from the external network using the assigned VLAN.

In summary, to extend an EPG outside of the ACI fabric, you need to connect it to a network outside of the fabric. This can be done using various methods, such as creating an external bridged or routed network, enabling unicast routing within an EPG, or statically assigning a VLAN ID to a leaf port in an EPG. The specific method used will depend on the networking requirements and topology of the external network.