ACI Route Leaking :how to prevent default route to be imported ?

tlequertier · ‎02-22-2017

I use route leaking between sources EPGs in VRF_A and destination EPGs in VRF_B.

VRF_A has a L3OUT connected to and the default route 0.0.0.0/0 of VRF_A is to the L3OUT network.

The bad result of hat for me is that the default route to VRF_A L3OUT is imported in the target VRF_B which ....had already another default so the conflict.

my question: is it possible to prevent the default route of VRF_A to be imported in the VRF_B?

Marcel Zehnder · ‎02-22-2017

Hi

Do you need acccess from the external networks behind L3-OUT in VRF_A to VRF_B?

If not, disable the "Shared Route Control Subnet" Option from the external network under the L3OUT-Configuration in VRF_A. This should prevent the routes learned via L3OUT VRF_A to be imported in VRF_B.

HTH

Marcel

tlequertier · ‎02-22-2017

Hi Marcel,

thanks for your answer,

but yes I need access from the external networks behind L3-OUT in VRF_A to VRF_B. From a specific subnet only (OOB Subnet in fact 10.227.94.0/24 behind the L3OUT). So if I could import in VRF_B only the OOB_Subnet I will get my solution.

Marcel Zehnder · ‎02-22-2017

Could you please post the configuration of the external network(s) in VRF-A under the L3-Out?

Marcel Zehnder · ‎02-22-2017

And please also post the routes you receive on the L3out in VRF-A.

tlequertier · ‎02-23-2017

Hi Marcel,

I uploaded the L3OUT "XML" definition of the VRF_A (IBM_INFRA_MGMT:IBM_INFRA_MGMT)

I uploaded also the interested parts ( 0.0.0.0/0 and 10.227.94.0/24 subnets) of routing table for VRF_A and VRF_B

Marcel Zehnder · ‎02-23-2017

Hi

Try to configure two subnets under the external network, the config should look like in the attached picture.

Marcel

tlequertier · ‎03-09-2017

Thanks lot Marcel for your advice.

Can't do the test right now , but i understand the meaning.