Definition of a Physical Domain
A Physical Domain is a policy construct configured in the APIC under:
Fabric → Access Policies → Physical and External Domains → Physical Domains.
It associates a specific VLAN pool with an AEP, thereby controlling which VLAN encapsulations are permitted on physical interfaces connected to the fabric.
Primary Use Cases
Directly connecting bare-metal servers, network appliances such as firewalls, load balancers, and storage systems, or other non-virtualized devices to leaf switch ports.
Extending Layer 2 VLANs from the ACI fabric to external switches for purposes such as data center migration or integration with an existing network infrastructure.
Role in the Access Policy Model
Within the ACI access policy framework, the Physical Domain establishes the relationship between:
VLAN Pool → AEP → Interface Policy Group → Leaf/Port.
This relationship allows EPGs associated with the Physical Domain to use VLANs from the defined pool on specific physical interfaces.
When an EPG is bound to a Physical Domain, the APIC enables static path binding, mapping the EPG to selected leaf interfaces or port channels with a specific VLAN encapsulation drawn from the domain’s VLAN pool.
Scenarios for Multiple Physical Domains
Multiple Physical Domains are typically created to:
Isolate VLAN pools across different environments, such as production and non-production, while using separate AEPs and interface assignments.
Enforce clear segmentation between different categories of physical devices (for example, firewall clusters versus bare-metal compute nodes) that must not share the same VLAN namespace.
No comments:
Post a Comment