Re: Inter VRF leaking with one arm PBR (Intra Tenant)

andrin-tema · ‎12-04-2024

Hello,

I have the below scenario:

Tenant named SHG contains EPG1 and EPG2

Tenant common has vrf: default defined BD1-EPG1 and vrf: VRF2 -BD2-EPG2.

Under common tenant I have a contract named route_leak_contract with global scope provided by EPG1 and consumed by EPG2

I normally defined the subnet under EPG1 for the route leake purpose and its working fine.Whenever I apply one arm PBR service Graph inserted into the contract the route leaking in the consuming VRF is missing for some reason.Am I hitting some design limitations? Can you please tell me if I am doing something wrong?

AshSe · ‎12-10-2024

Hello @andrin-tema Inserting your diagram and have some questions:

Is this a MultiPod setup?
What are L135-136 & L239-240? Are they EPGs? If yes, then with which BDs they are attached with?
EPG1 in SHG-Tn, Why are you showing it in common tenant
What is the significance of mentioning Encap-3389, 2136 ?
What do you mean to state EPG1 5487?

Please check the below diagram and share your suggestion/concurrence for better understanding and solution.

AshSe

Forum Tips:

1. Insert photos/images inline - don't attach.

2. Always mark helpful and correct answers, it helps others find what they need.

andrin-tema · ‎12-12-2024

Setup is a multipod, L--> leaf ,, EPGs are written,, EPG1 EPG2, please read carefully the image. they have PCtags. EPGs belong to the tenant only SHG and all therest belong to common and VRFs are part of common. Encap is endpoint where EPG1 is defined same for the EPG2. Again its a pctag.

andrin-tema · ‎12-12-2024