BD (Bridge domain) & VRF
BD (Bridge domain) & VRF
Lets discuss VRF and BD together side by side to understand the concept in depth. Starting from VRF (Virtual Routing Forwarding) followed by BD (Bridge domain).
⚡ What is VRF (Virtual Routing Forwarding) ? 📜
VRF stands for Virtual Routing Forwarding and is a separate routing table within a router. VRFs are to a router what VLANs are to a switch.
Using VRFs, it is possible to virtualize a single router into several instances, each of them being (relatively) independent of each other, allowing for overlapping subnets, separate instances of routing protocols, separate set of interfaces assigned to each VRF.
 |
| Fig 1.1- Virtual Routing Forwarding (VRF) |
In other words you can say that VRF stands for virtual routing and forwarding. When you create a vrf, you tell it what routes to import/export.
Then you assign that vrf to an interface. Once the vrf is attached to an interface, the switch/router creates a separate routing table to hold those routes.
VRF also increases network security and can eliminate the need for encryption and authentication. Internet service providers (ISPs) often take advantage of VRF to create separate virtual private networks (VPNs) for customers; thus the technology is also referred to as VPN routing and forwarding.
VRF based network design uses 802.1q trunks protocol, GRE tunnels, or MPLS tags to extend and tie the VRFs together.
⭐Related: Introduction to VRF(Virtual Routing forwarding)
⚡ What is BD (Bridge Domain) ? 📜
A group of logical ports that are part of the same Layer 2 broadcast domain is referred to as a bridge domain. Bridge domain interfaces are logical interfaces that allow traffic to flow bidirectionally between bridged networks (layer 2) and routed networks (layer 3).
 |
| Fig 1.2- BD (Bridge Domain) |
Bridge domain interfaces are identified using the same index that bridge domains use for identification. Each bridge domain has a single bridge domain interface.
it’s a way to define a broadcast domain on a switch or router that operates at Layer 2, similar to a VLAN but often with more features like support for Layer 3 interfaces and advanced services
⭐Related: Cisco ACI: Understanding Bridge Domain (BD)
⚡ BD and VRF comparison
Comparing VRF (Virtual Routing Forwarding) & BD (Bridge domain) as below
| Feature | Virtual Routing Forwarding (VRF) | Bridge Domain (BD) |
|---|---|---|
| Purpose | Layer 3 segmentation | Layer 2 segmentation |
| Scope | Can span across multiple devices | Local to a switch |
| Routing | Enables independent routing tables | No routing |
| IP Addressing | Multiple IP subnets per VRF | Single IP subnet per BD |
| Forwarding | Packets are forwarded based on IP address and routing table | Frames are forwarded based on MAC address |
| ARP | Requires independent ARP tables per VRF | Uses a single ARP table |
| Learning | Does not learn MAC addresses | Learns MAC addresses of devices |
| Communication | Devices in different VRFs need routing to communicate | Devices within the same BD can communicate directly |
| Use Case | Implementing multiple routing policies or VPNs | Isolating traffic within a single Layer 2 network |
| Scale | Scalable to a large network | Limited to a single switch |
- Cisco ACI Fabric APIC Discovery - The Network DNA
- Leveraging Cisco ACI APIC and MSO for Data Center Transformation
- Understanding the Physical Requirements of a Cisco ACI Solution
- Cisco ACI: DHCP Relay Support - The Network DNA
- Cisco ACI: Multi-Site Stretched Layer 2 (No-Flooding)
- Cisco ACI: Multi-Site Stretched Layer 2 (Flooding)
- Cisco ACI: Multi-Site Stretched Layer 3
- Cisco ACI: Control Plane components
- Cisco ACI : VMM (Virtual Machine Manager)
- Cisco ACI Infra: ASAv (Adaptive Security Virtual Appliance)
