Exam 300-620 topic 1 question 41 discussion

Correct Answer: C. STP BPDUs from Legacy switches are flooded within the EPG, not the BD. This is a change from most all flooded traffic in ACI. Most of the time when we talk about traffic being flooded inside of ACI, the flooding is occurring at the BD level.

Answer is C The ACI fabric is an IP-based fabric that implements an integrated overlay, allowing any subnet to be placed anywhere in the fabric and supports a fabric-wide mobility domain for virtualized workloads. STP is not required within the ACI fabric and leaf. The spine and APIC don’t run STP instances. When connecting to an outside layer 2 network, the ACI fabric floods the STP BPDU frame within the boundary of the EPG. External switches are expected to break any potential loop upon receiving the flooded BPDU from the ACI fabric. Figure 69 depicts this process.

For instance, if EPG1, port 1/1, is configured to match VLAN 5 from a switch, another port of that switch for that same Layer 2 domain can be connected only to EPG1 using the same encapsulation of VLAN 5. Otherwise, the external switch would receive the BPDU for VLAN 5 tagged with a different VLAN number. ***** Cisco ACI floods BPDUs only between the ports in the bridge domain that have the same encapsulation*****

I come back three years later and the answer is still un changed and it is C

Among the Layer 2 frames that require multidestination forwarding, Cisco ACI handles spanning tree BPDUs in a slightly different way than other frames because to avoid loops and to preserve the access encapsulation VLAN information associated to the BPDU (within the bridge domain), this traffic is assigned the VXLAN VNID that identifies the access encapsulation VLAN (instead of the bridge domain VNID) and flooded to all ports of the bridge domain that carry the same access encapsulation (regardless of the EPG).

References: The same VLAN number can be used by one EPG on one leaf and by another EPG on a different leaf. If the two EPGs are in the same bridge domain, they share the same flood domain VLAN for BPDUs and they share the broadcast domain. (Page 323 - Deploying ACI the complete guide) BPDUs are flooded within the fabric encap of an EPG (allocated based on domain/vlanpool). In order for BDPUs to be flooded properly, all interfaces within the EPG that are connected to external bridges MUSTreside in the same physical or L2 external domain and vlan encapsulation. (BRKACI -3101- Page 76 - Comman mistakes that cause loops) https://learningnetwork.cisco.com/s/question/0D53i00000KsrWnCAJ/aci-flood-domain-for-bpdu-different-physical-domains

Sorry, the answer is C.

The correct answer is A. The answer C is incorrect, because you can have the same vlan encap even in another Tenants.

Based on the text below i think the answer is C: Among the Layer 2 frames that require multidestination forwarding, Cisco ACI handles spanning tree BPDUs in a slightly different way than other frames because to avoid loops and to preserve the access encapsulation VLAN information associated to the BPDU (within the bridge domain), this traffic is assigned the VXLAN VNID that identifies the access encapsulation VLAN (instead of the bridge domain VNID) and flooded to all ports of the bridge domain that carry the same access encapsulation (regardless of the EPG). This behavior also applies more in general to Layer 2 flooding when using the feature called "Flood in Encapsulation". In this document, we refer to this specific encapsulation as the FD_VLAN VXLAN encapsulation or FD_VLAN VNID, or FD VNID for simplicity. The FD_VLAN fabric encapsulation (or FD_VLAN VNID or FD VNID) is different from the bridge domain VNID. Source: https://www.cisco.com/c/en/us/td/docs/dcn/whitepapers/cisco-application-centric-infrastructure-design-guide.html

I think C is the good one. The Cisco ACI fabric does not run Spanning Tree Protocol natively, but it can forward BPDUs within the EPGs. The flooding scope for BPDUs is different from the flooding scope for data traffic. The unknown unicast traffic and broadcast traffic are flooded within the bridge domain. Spanning Tree Protocol BPDUs are flooded within a specific VLAN encapsulation (also known as FD_VLAN), and in many cases, though not necessarily, an EPG corresponds to a VLAN.

https://www.cisco.com/c/en/us/td/docs/dcn/whitepapers/cisco-application-centric-infrastructure-design-guide.html

correct answer is C

Each BPDU frame is flooded within each access encap VLAN ID. No configuration is required for the BPDU flooding. The external switches are in charge of breaking any potential loops.

C is correct

Correct answer is A. From referenced documentation: "The ACI leaf floods the BPDU frame within the EPG by using the VXLAN network identifier (VNID) assigned for the EPG when it encapsulates the BPDU in VXLAN format. The flooding scope of the BPDU is different than the one for data traffic. The unknown unicast traffic and broadcast traffic are flooded within the bridge domain. On the outside layer 2 network, STP instances are aligned with the VLAN boundary. To keep it consistent, the ACI fabric maintains the STP boundary by flooding the BPDU within the scope of the EPG." Answer C mentions the encapsulated VLAN where the documentation mentions VXLAN so this is completely different. With these setups, typically VLAN=EPG=BD so answer A is the best option.

Indeed, C. Correct link: https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c07-732033.html#_Toc395143573

correct answer is C