Configure Aggregate Address on Tenant VRF

You can configure “aggregate-address” (to be advertised by BGP) per tenant VRF (and device) when you create or update a VRF. EFA provisions the “aggregate-address” on switches when VRF is instantiated or updated on the switches.

Procedure

To configure “aggregate-address” when you create a tenant VRF, run the following commands:

When you trigger L3 EPG create or L2 EPG transition to L3 EPG, VRF is instantiated on the switches based on the endpoints present in the EPG.

efa tenant vrf create --name <vrf-name> --tenant <tenant-name> 

                 --ipv4-aggregate-address <device-ip,aggregate-address> 
                 --ipv4-aggregate-summary-only <device-ip,aggregate-address,true|false>
                 --ipv4-aggregate-as-set <device-ip,aggregate-address,true|false> 
                 --ipv4-aggregate-advertise-map <device-ip,aggregate-address,route-map>
                 --ipv4-aggregate-suppress-map <device-ip,aggregate-address,route-map>

To configure “aggregate-address” when you update a tenant VRF, run the following commands:

When you trigger VRF update operation, VRF is updated on the switches based on the endpoints present in the EPGs using the VRF.

efa tenant vrf update --name <vrf-name> --tenant <tenant-name> 

                 --operation aggregate-address-add| aggregate-address-delete

                 --ipv4-aggregate-address <device-ip,aggregate-address> 
                 --ipv4-aggregate-summary-only <device-ip,aggregate-address,true|false>
                 --ipv4-aggregate-as-set <device-ip,aggregate-address,true|false> 
                 --ipv4-aggregate-advertise-map <device-ip,aggregate-address,route-map>
                 --ipv4-aggregate-suppress-map <device-ip,aggregate-address,route-map>

Example

efa tenant vrf create --name vrf1 --tenant tenant1

           --ipv4-aggregate-address 10.24.80.134,10.20.21.40/30
           --ipv4-aggregate-summary-only 10.24.80.134,10.20.21.40/30,true
           --ipv4-aggregate-as-set 10.24.80.134,10.20.21.40/30,true 
           --ipv4-aggregate-advertise-map 10.24.80.134,10.20.21.40/30,some
           --ipv4-aggregate-suppress-map 10.24.80.134,10.20.21.40/30,some

           --ipv6-aggregate-address 10.24.80.135,10::20/126
           --ipv6-aggregate-summary-only 10.24.80.135,10::20/126,true
           --ipv6-aggregate-as-set 10.24.80.135,10::20/126,true 
           --ipv6-aggregate-advertise-map 10.24.80.135,10::20/126,some
           --ipv6-aggregate-suppress-map 10.24.80.135,10::20/126,some

efa tenant epg create --name ten1epg1 --tenant tenant1
           --port 10.24.80.134[0/11],10.24.80.135[0/11]
           --switchport-mode trunk –ctag-range 11 --vrf vrf1 –anycast-ip 11:10.10.11.1/24

efa tenant vrf update –-name vrf1 –-tenant tenant1
           --operation aggregate-address-add

           --ipv4-aggregate-address 10.24.80.134,10.21.21.40/30
           --ipv4-aggregate-summary-only 10.24.80.134,10.21.21.40/30,true
           --ipv4-aggregate-as-set 10.24.80.134,10.21.21.40/30,true 
           --ipv4-aggregate-advertise-map 10.24.80.134,10.21.21.40/30,some
           --ipv4-aggregate-suppress-map 10.24.80.134,10.21.21.40/30,some

           --ipv6-aggregate-address 10.24.80.135,11::20/126
           --ipv6-aggregate-summary-only 10.24.80.135,11::20/126,true
           --ipv6-aggregate-as-set 10.24.80.135,11::20/126,true 
           --ipv6-aggregate-advertise-map 10.24.80.135,11::20/126,some
           --ipv6-aggregate-suppress-map 10.24.80.135,11::20/126,some

Verify the switch configuration on the SLX device.

Rack1-Device1# sh run router bgp address-family ipv4 unicast vrf vrf1

router bgp
  address-family ipv4 unicast vrf vrf1
    redistribute connected
    aggregate-address 10.20.21.40/30 advertise-map some
    aggregate-address 10.20.21.40/30 as-set
    aggregate-address 10.20.21.40/30 summary-only
    aggregate-address 10.20.21.40/30 suppress-map some
    aggregate-address 10.21.21.40/30 advertise-map some
    aggregate-address 10.21.21.40/30 as-set
    aggregate-address 10.21.21.40/30 summary-only
    aggregate-address 10.21.21.40/30 suppress-map some
  !
  address-family ipv6 unicast vrf vrf1
    redistribute connected
  !
!

Rack1-Device2# sh run router bgp address-family ipv4 unicast vrf vrf1

router bgp
  address-family ipv4 unicast vrf vrf1
    redistribute connected
  !
  address-family ipv6 unicast vrf vrf1
    redistribute connected
    aggregate-address 10::20/126 advertise-map some
    aggregate-address 10::20/126 as-set
    aggregate-address 10::20/126 summary-only
    aggregate-address 10::20/126 suppress-map some
    aggregate-address 11::20/126 advertise-map some
    aggregate-address 11::20/126 as-set
    aggregate-address 11::20/126 summary-only
    aggregate-address 11::20/126 suppress-map some
  !
!

Switching

Routing

Wireless

Management & Automation

Analytics & Visibility

Security & Access Control

Remote

Cloud

Security

Machine Learning

Campus Fabric

Data Center Fabric

Internet of Things

Wi-Fi 6

Primary & Secondary Education (K-12)

Retail

Service Providers

Federal Government

Manufacturing

Higher Education

Healthcare

Hospitality

State & Local Government

Sports & Public Venues

Support Portal

Knowledge Base

Documentation

End of Sale

Policies & Warranties

Training & Courses

Maintenance Services

Premier Services

Professional Services

Managed Services

Configure Aggregate Address on Tenant VRF

Procedure