Route Summary Between Tenants or VRF in Cisco ACI

jpl861 · ‎10-08-2024

Hello. I am trying to figure out route summary between Tenant or VRF. Let's say I have Tenant1:VRF1 and Tenant2:VRF2. VRF1, let's say have like 1000 10.x.x.x subnets. Then in VRF2, you have an external vendor that would need to monitor your entire network. So basically, initial implementation is to leak all 1000 VRF1 routes to VRF2 and leak VRF2 subnet into VRF1, to have bidirectional connectivity. However, what if I just want to summarize all of these 1000 subnets into something like 10.0.0.0/8 into VRF2. I can't seem to find the knob on where to configure that. I know there's a knob for L3Out interfaces so that only a summary route can be advertised to an L3Out peer, let's say BGP. But any tweak that can be used to suppress all the 1000 subnets from being injected to VRF2 and just redistribute a 10/8? I have tried to add a static route to null0 for 10.0.0.0/8 and defined it as external route to be redistributed to VRF2. But yes, VRF2 can see the 10/8 route but it's also pointing to null0, unlike the BD subnets that point to the anycast IP of overlay-1 VRF. VRF2 EPG being the contract provider and VRF1 EPG being the consumer. Any idea how this can be done? Thank you.

AshSe · ‎10-14-2024

Dear @jpl861 , from your explanation I have tried to draw what I have understood. Please correct if need:

As part of solution:

VRF > vrf name > Route Control > Route Control Summarization
<expect more solution after providing more clarity>

Would appreciate if you could give more clarity w.r.t. number of EPGs and subnets as defined in them.

Note: Yes, you might need to define subnet gateway inside EPG as this is Inter Tenant communication.