Static Route on a Bridge Domain

This chapter contains the following sections:

About Static Routes in Bridge Domains

With Cisco APIC Release 3.0(2), support is added to configure a static route in a pervasive bridge domain (BD) to enable routes to virtual services behind firewalls.

This feature enables endpoint (EP) reachability to IP addresses that are not directly connected to the pervasive bridge domain, using regular EPGs.

When a static route is configured, the APIC deploys it to all the leaf switches that use the bridge domain and all the leaf switches that have contracts associated to the bridge domain.

You can configure endpoint reachability using the APIC GUI, the NX-OS Style CLI, and the REST API.

Guidelines and Limitations

  • The subnet mask must be /32 (/128 for IPv6) pointing to one IP address out of the fabric. Do not add routes within bridge domain subnets that are already defined.

  • The next hop must be inside the same bridge domain that this EPG is associated with.

  • The feature is supported on Cisco Nexus 9000 series switches with names that end in EX, and later (for example, N9K-C93180LC-EX).

Configuring a Static Route on a Bridge Domain Using the GUI

  • When creating the subnet for the static route, it is configured under the EPG (fvSubnet object under fvAEPg), associated with the pervasive BD (fvBD), not the BD itself.

  • The subnet mask must be /32 (/128 for IPv6) pointing to one IP address or one endpoint. It is contained in the EPG associated with the pervasive BD.

Before you begin

Create the tenant, VRF, BD, and EPG.

Procedure

Step 1

On the menu bar, click Tenants > tenant-name .

Step 2

In the Navigation pane, expand Application Profiles and click the application profile name.

Step 3

Click Application EPGs and expand the EPG for the static route.

Step 4

Expand Subnets, right-click the subnet for the static route, and choose Create Endpoints Behind EPG Subnet.

Step 5

Enter the NextHop IP Address for the endpoint and click Update.

Step 6

Click Submit.