Shared VRF and Router Usecase with Examples

Topology

efa fabric create --name fabric1 --type non-clos

efa fabric setting update --name fabric1 
           --rack-l3-backup-port 0/47 --rack-mct-ports 0/46 --vni-auto-map No --backup-routing-enable Yes

efa fabric device add-bulk --name fabric1 
           --rack rack1 --ip 10.20.246.25-26 --rack rack2 --ip 10.20.246.17-18 
           --border-leaf-rack rack3 --border-leaf-ip 10.20.246.15-16 
           --username admin --password password

efa fabric configure --name fabric1 	

efa fabric show --name fabric1

Fabric Name: fabric1, Fabric Description: , Fabric Type: non-clos
+--------------+-------+--------------+------------+-------------+--------------+-------------+-------------------+-----------------+---------+-------+
|  IP ADDRESS  | RACK  |  HOST NAME   |    ASN     |    ROLE     | DEVICE STATE |  APP STATE  | CONFIG GEN REASON | PENDING CONFIGS | VTLB ID | LB ID |
+--------------+-------+--------------+------------+-------------+--------------+-------------+-------------------+-----------------+---------+-------+
| 10.20.246.25 | rack1 | Orca-1       | 4200000000 | leaf        | provisioned  | cfg in-sync | NA                | NA              | 2       | 1     |
| 10.20.246.26 | rack1 | Orca-2       | 4200000000 | leaf        | provisioned  | cfg in-sync | NA                | NA              | 2       | 1     |
| 10.20.246.17 | rack2 | Freedom-01   | 4200000001 | leaf        | provisioned  | cfg in-sync | NA                | NA              | 2       | 1     |
| 10.20.246.18 | rack2 | Freedom-02   | 4200000001 | leaf        | provisioned  | cfg in-sync | NA                | NA              | 2       | 1     |
| 10.20.246.16 | rack3 | Avalanche-02 | 4200065535 | border-leaf | provisioned  | cfg in-sync | NA                | NA              | 2       | 1     |
| 10.20.246.15 | rack3 | Avalanche-01 | 4200065535 | border-leaf | provisioned  | cfg in-sync | NA                | NA              | 2       | 1     |
+--------------+-------+--------------+------------+-------------+--------------+-------------+-------------------+-----------------+---------+-------+
Click to expand in new window
Shared VRF Configuration Overview

Shared Tenant and Private Tenant Configuration

efa tenant create --name sharedTenant --type shared --port 10.20.246.15[0/31],10.20.246.16[0/31] 
    --vrf-count 10 --l3-vni-range 31001-31020
    --vlan-range 31-40 --l2-vni-range 30011-30020

efa tenant create --name tenant1 --port 10.20.246.17[0/11-20],10.20.246.18[0/11-20],10.20.246.25[0/11-20],10.20.246.26[0/11-20] 
    --vlan-range 11-20 --l2-vni-range 10011-10020 --vrf-count 10 --l3-vni-range 11001-11020

efa tenant create --name tenant2 --port 10.20.246.17[0/21-30],10.20.246.18[0/21-30],10.20.246.25[0/21-30],10.20.246.26[0/21-30] 
    --vlan-range 21-30 --l2-vni-range 20011-20020 --vrf-count 10 --l3-vni-range 21001-21020

efa tenant show
+--------------+---------+------------+-------------+-------------+-----------+-----------+-----------------------+
|     Name     |  Type   | VLAN Range | L2VNI Range | L3VNI Range | VRF Count | Enable BD |         Ports         |
+--------------+---------+------------+-------------+-------------+-----------+-----------+-----------------------+
| sharedTenant | shared  |   31-40    | 30011-30020 | 31001-31020 |    10     |   false   |  10.20.246.15[0/31]   |
|              |         |            |             |             |           |           |  10.20.246.16[0/31]   |
+--------------+---------+------------+-------------+-------------+-----------+-----------+-----------------------+
|   tenant1    | private |   11-20    | 10011-10020 | 11001-11020 |    10     |   false   | 10.20.246.18[0/11-20] |
|              |         |            |             |             |           |           | 10.20.246.17[0/11-20] |
|              |         |            |             |             |           |           | 10.20.246.25[0/11-20] |
|              |         |            |             |             |           |           | 10.20.246.26[0/11-20] |
+--------------+---------+------------+-------------+-------------+-----------+-----------+-----------------------+
|   tenant2    | private |   21-30    | 20011-20020 | 21001-21020 |    10     |   false   | 10.20.246.26[0/21-30] |
|              |         |            |             |             |           |           | 10.20.246.18[0/21-30] |
|              |         |            |             |             |           |           | 10.20.246.17[0/21-30] |
|              |         |            |             |             |           |           | 10.20.246.25[0/21-30] |
+--------------+---------+------------+-------------+-------------+-----------+-----------+-----------------------+

Shared PO and Private PO Configuration

efa tenant po create --name sharedPO --tenant sharedTenant 
                   --port 10.20.246.15[0/31],10.20.246.16[0/31] --speed 10Gbps --negotiation active

efa tenant po create --name ten1po1 --tenant tenant1 
                   --port 10.20.246.17[0/11],10.20.246.18[0/11] --speed 10Gbps --negotiation active

efa tenant po create --name ten1po2 --tenant tenant1 
                   --port 10.20.246.25[0/11],10.20.246.26[0/11] --speed 10Gbps --negotiation active
efa tenant po create --name ten2po1 --tenant tenant2 
                   --port 10.20.246.17[0/21],10.20.246.18[0/21] --speed 10Gbps --negotiation active
efa tenant po create --name ten2po2 --tenant tenant2 
                   --port 10.20.246.25[0/21],10.20.246.26[0/21] --speed 10Gbps --negotiation active
efa tenant po show
+----------+--------------+----+--------+-------------+----------+---------+--------------------+------------+-------------+-------------+
|   Name   |    Tenant    | ID | Speed  | Negotiation | Min Link |  Lacp   |       Ports        |   State    |  Dev State  |  App State  |
|          |              |    |        |             |  Count   | Timeout |                    |            |             |             |
+----------+--------------+----+--------+-------------+----------+---------+--------------------+------------+-------------+-------------+
| sharedPO | sharedTenant | 1  | 10Gbps |   active    |    1     |  long   | 10.20.246.16[0/31] | po-created | provisioned | cfg-in-sync |
|          |              |    |        |             |          |         | 10.20.246.15[0/31] |            |             |             |
+----------+--------------+----+--------+-------------+----------+---------+--------------------+------------+-------------+-------------+
| ten1po1  |   tenant1    | 1  | 10Gbps |   active    |    1     |  long   | 10.20.246.18[0/11] | po-created | provisioned | cfg-in-sync |
|          |              |    |        |             |          |         | 10.20.246.17[0/11] |            |             |             |
+----------+--------------+----+--------+-------------+----------+---------+--------------------+------------+-------------+-------------+
| ten1po2  |   tenant1    | 1  | 10Gbps |   active    |    1     |  long   | 10.20.246.25[0/11] | po-created | provisioned | cfg-in-sync |
|          |              |    |        |             |          |         | 10.20.246.26[0/11] |            |             |             |
+----------+--------------+----+--------+-------------+----------+---------+--------------------+------------+-------------+-------------+
| ten2po1  |   tenant2    | 2  | 10Gbps |   active    |    1     |  long   | 10.20.246.18[0/21] | po-created | provisioned | cfg-in-sync |
|          |              |    |        |             |          |         | 10.20.246.17[0/21] |            |             |             |
+----------+--------------+----+--------+-------------+----------+---------+--------------------+------------+-------------+-------------+
| ten2po2  |   tenant2    | 2  | 10Gbps |   active    |    1     |  long   | 10.20.246.25[0/21] | po-created | provisioned | cfg-in-sync |
|          |              |    |        |             |          |         | 10.20.246.26[0/21] |            |             |             |
+----------+--------------+----+--------+-------------+----------+---------+--------------------+------------+-------------+-------------+

Shared VRF and Private VRF

efa tenant vrf create --name sharedVrf --tenant sharedTenant

efa tenant vrf create --name ten1vrf1 --tenant tenant1

efa tenant vrf create --name ten2vrf1 --tenant tenant2

efa tenant vrf show

+-----------+--------------+--------------+---------------------+--------------+----------+-----------+-----------+------------+-----------------+-----------+
|   Name    |    Tenant    | Routing Type | Centralized Routers | Redistribute | Max Path | Local Asn | Enable GR |   State    |    Dev State    | App State |
+-----------+--------------+--------------+---------------------+--------------+----------+-----------+-----------+------------+-----------------+-----------+
| sharedVrf | sharedTenant | distributed  |                     |  connected   |    8     |           |   false   | vrf-create | not-provisioned | cfg-ready |
+-----------+--------------+--------------+---------------------+--------------+----------+-----------+-----------+------------+-----------------+-----------+
| ten1vrf1  |   tenant1    | distributed  |                     |  connected   |    8     |           |   false   | vrf-create | not-provisioned | cfg-ready |
+-----------+--------------+--------------+---------------------+--------------+----------+-----------+-----------+------------+-----------------+-----------+
| ten2vrf1  |   tenant2    | distributed  |                     |  connected   |    8     |           |   false   | vrf-create | not-provisioned | cfg-ready |
+-----------+--------------+--------------+---------------------+--------------+----------+-----------+-----------+------------+-----------------+-----------+

Shared VRF: Inter POD Routing

efa tenant epg show
+----------+---------+-----------+-------+---------+------------+-------------+------------+-----------+-------+-------+
|   Name   | Tenant  |   Type    | Ports |   PO    | SwitchPort | Native Vlan | Ctag Range |    Vrf    | L3Vni | State |
|          |         |           |       |         |    Mode    |   Tagging   |            |           |       |       |
+----------+---------+-----------+-------+---------+------------+-------------+------------+-----------+-------+-------+
| ten1epg1 | tenant1 | extension |       | ten1po2 |   trunk    |    false    |     11     | sharedVrf | 31001 |       |
|          |         |           |       | ten1po1 |            |             |            |           |       |       |
+----------+---------+-----------+-------+---------+------------+-------------+------------+-----------+-------+-------+
| ten1epg2 | tenant1 | extension |       | ten1po1 |   trunk    |    false    |     13     | ten1vrf1  | 11001 |       |
|          |         |           |       | ten1po2 |            |             |            |           |       |       |
+----------+---------+-----------+-------+---------+------------+-------------+------------+-----------+-------+-------+
| ten2epg1 | tenant2 | extension |       | ten2po1 |   trunk    |    false    |     21     | sharedVrf | 31001 |       |
|          |         |           |       | ten2po2 |            |             |            |           |       |       |
|          |         |           |       |         |            |             |            |           |       |       |
+----------+---------+-----------+-------+---------+------------+-------------+------------+-----------+-------+-------+
| ten2epg2 | tenant2 | extension |       | ten2po2 |   trunk    |    false    |     23     | ten2vrf1  | 21001 |       |
|          |         |           |       | ten2po1 |            |             |            |           |       |       |
|          |         |           |       |         |            |             |            |           |       |       |
+----------+---------+-----------+-------+---------+------------+-------------+------------+-----------+-------+-------+

L3 Handoff Using EPG and BGP Peer Owned by Shared Tenant Using Shared VRF

efa tenant epg show
+---------------+--------------+-------------+-------+----------+------------+-------------+------------+-----------+-------+-------+
|     Name      |    Tenant    |    Type     | Ports |    PO    | SwitchPort | Native Vlan | Ctag Range |    Vrf    | L3Vni | State |
|               |              |             |       |          |    Mode    |   Tagging   |            |           |       |       |
+---------------+--------------+-------------+-------+----------+------------+-------------+------------+-----------+-------+-------+
| sharedTenepg1 | sharedTenant | l3-hand-off |       | sharedPO |   trunk    |    false    |     31     | sharedVrf | 31001 |       |
|               |              |             |       |          |            |             |            |           |       |       |
+---------------+--------------+-------------+-------+----------+------------+-------------+------------+-----------+-------+-------+
|   ten1epg2    |   tenant1    |  extension  |       | ten1po2  |   trunk    |    false    |     13     | ten1vrf1  | 11001 |       |
|               |              |             |       | ten1po1  |            |             |            |           |       |       |
+---------------+--------------+-------------+-------+----------+------------+-------------+------------+-----------+-------+-------+
|   ten1epg3    |   tenant1    | l3-hand-off |       | sharedPO |   trunk    |    false    |     20     | ten1vrf1  | 11001 |       |
|               |              |             |       |          |            |             |            |           |       |       |
+---------------+--------------+-------------+-------+----------+------------+-------------+------------+-----------+-------+-------+
|   ten1epg4    |   tenant1    | l3-hand-off |       | sharedPO |   trunk    |    false    |     19     | sharedVrf | 31001 |       |
|               |              |             |       |          |            |             |            |           |       |       |
+---------------+--------------+-------------+-------+----------+------------+-------------+------------+-----------+-------+-------+
|   ten1epg1    |   tenant1    |  extension  |       | ten1po2  |   trunk    |    false    |     11     | sharedVrf | 31001 |       |
|               |              |             |       | ten1po1  |            |             |            |           |       |       |
|               |              |             |       |          |            |             |            |           |       |       |
+---------------+--------------+-------------+-------+----------+------------+-------------+------------+-----------+-------+-------+
|   ten2epg3    |   tenant2    | l3-hand-off |       | sharedPO |   trunk    |    false    |     30     | ten2vrf1  | 21001 |       |
|               |              |             |       |          |            |             |            |           |       |       |
+---------------+--------------+-------------+-------+----------+------------+-------------+------------+-----------+-------+-------+
|   ten2epg1    |   tenant2    |  extension  |       | ten2po2  |   trunk    |    false    |     21     | sharedVrf | 31001 |       |
|               |              |             |       | ten2po1  |            |             |            |           |       |       |
|               |              |             |       |          |            |             |            |           |       |       |
+---------------+--------------+-------------+-------+----------+------------+-------------+------------+-----------+-------+-------+
|   ten2epg2    |   tenant2    |  extension  |       | ten2po1  |   trunk    |    false    |     23     | ten2vrf1  | 21001 |       |
|               |              |             |       | ten2po2  |            |             |            |           |       |       |
+---------------+--------------+-------------+-------+----------+------------+-------------+------------+-----------+-------+-------+
efa tenant service bgp peer show --detail
===========================================
Name             : sharedTenbgppeer1
Tenant           : sharedTenant
State            : bs-state-created
Description      :

Static Peer
-----------
        Device IP        : 10.20.246.15
        VRF              : sharedVrf
        AFI              : ipv4
        SAFI             : unicast
        Remote IP        : 10.0.31.3
        Remote ASN       : 50000
        Next Hop Self    : false
        Update Source IP :
        BFD Enabled      : false
        BFD Interval     : 0
        BFD Rx           : 0
        BFD Multiplier   : 0
        MD5 Password     :
        Dev State        : provisioned
        App State        : cfg-in-sync

        Device IP        : 10.20.246.16
        VRF              : sharedVrf
        AFI              : ipv4
        SAFI             : unicast
        Remote IP        : 10.0.31.3
        Remote ASN       : 50000
        Next Hop Self    : false
        Update Source IP :
        BFD Enabled      : false
        BFD Interval     : 0
        BFD Rx           : 0
        BFD Multiplier   : 0
        MD5 Password     :
        Dev State        : provisioned
        App State        : cfg-in-sync

Dynamic Peer
-----------
        0 Records
===========================================