Which of the following primary elements of a tenant defines the MAC address space?
- a contract
- a filter
- a bridge domain
- an EPG
A bridge domain is the primary element of a tenant that defines the Media Access Control (MAC) address space. Bridge domains are logical Layer 2 forwarding configurations within a Cisco Application Centric Infrastructure (ACI) fabric that use switched virtual interfaces (SVIs) for gateways and can be configured to span multiple physical devices. In this respect, bridge domains are similar to virtual local area networks (VLANs). However, the purpose of a bridge domain is to define the MAC address space and flood domain.
Tenants are containers that can be used to represent organizations, domains, or specific groupings of information. Typically, tenants are configured to ensure that different policy types are isolated from each other, similar to user groups or roles in a role-based access control (RBAC) environment.
An endpoint group (EPG) is a primary element of a tenant; however, an EPG does not define the MAC address space. EPGs are logical groupings of endpoints that provide the same application or components of an application. For example, a collection of Hypertext Transfer Protocol Secure (HTTPS) servers could be logically grouped into an EPG labeled WEB. EPGs are typically collected within application profiles. EPGs can communicate with other EPGs by using contracts.
A contract is a primary element of a tenant; however, a contract does not define the MAC address space. Contracts are policy objects that define how EPGs communicate with each other. There are three types of contracts that can be applied in an ACI fabric:
– Regular — applies filters to matching traffic and typically follows taboo contracts
– Taboo — denies and logs matching traffic
– Out-of-Band (OOB) – applies to OOB traffic from the management tenant
A filter is a primary element of a tenant; however, a filter does not define the MAC address space. Filters are low-level ACI objects that help define EPG contracts. Filters operate at Layer 2, Layer 3, and Layer 4 of the Open Systems Interconnection (OSI) networking model.