Hello, I am having an issue with NDFC. 

When I create a "VXLAN EVPN Multi-Site" fabric, and then nest my "Data Center VXLAN EVPN" fabric underneath it... NDFC pushes out the expected configuration (config needed on the BGWs for Multi-Site to work) .... However, there is one glaring issue I cannot figure out. This template is also trying to manipulate the mgmt0 interface on both BGWs. This is obviously not wanted, and it is also trying to apply configuration which is not actually allowed on mgmt 0. This causes the template deployment to fail, because the switch rejects the commands. 

1) Tries to remove the mgmt0 interface from management VRF (not a valid command) 

2) Tries to remove the hard-coded IP address on the interface (no ip address) - this will cause the switch to become unreachable. 

3) Tries to apply vxlan evpn multi-site fabric tracking command to mgmt 0 (this is an invalid command and is not accepted on this port). 

I've messed around with the policies and interface configuration on an individual switch level... and by using interface configuration (via NDFC) and free form cli configuration I've managed to force NDFC to leave mgmt 0 in the management vrf and to re-apply the static IP address... however the "vxlan evpn multi-site fabric tracking" persists. I cannot do anything to make NDFC not try to apply this. 

The work-arounds I mentioned above seems like a pretty big issue... that I should not need to contend with. 

The template which is doing it is called "evpn_multisite_underlay" - however when I try to remove the template / policy from the mgmt0 interface. I get an error saying the template is coming from the source "MS_UNDERLAY" so I cannot edit it. 

Does anyone know what is going on here? 

NDFC Version 12.1.3b

NSXOS version 10.2(6)

@NDFC