Does the Import Route Control Subnet work with EPG Subnet in an OSPF NSSA L3Out?
Please refer to my use case in the attached photo. Basically, my ACI Leaf is connected to a router managed by a different partner. I would just default-information originate always to them, and want to prevent them (proactively) from accidentally redistribute a default route into the area.
As I mentioned in the diagram, I did configure NSSA between my border leaf and the remote router. There are no other areas on this border leaf (the backbone is on other leaves). While I expected 10.1.1.0/24 to be added into the RIB with Import Route Control Subnet, it wasn't. I tried checking the mentioned border leaf's LSDB, and I could see both 0.0.0.0/0 and 10.1.1.0/24 as Type-7 LSAs, advertised by the remote router (which was correct)
I changed this into a Regular area and checked the LSDB - the mentioned LSAs changed into Type-5 as expected. Only difference though, in this case 10.1.1.0/24 was added into my RIB.
Just want to bump this topic up, since this seems like very unexpected behaviour to me. I also don't think it's mentioned anything special (about NSSA and Import Route Control) in the L3Out White Paper