Automatic route filtering in VRFs is provided through the route-target import command. By placing this command in the VRF configuration, routes can be filtered from being imported into a given VRF. Routes with extended community route targets matching the VRF‘s import route-targets are permitted into a VRF. Otherwise, the routes are rejected.
The cooperative route filtering feature requires that the user sets a send command on the device that is sending the ORF, and a receive command on the device that is installing the ORF. To configure the sending device, use the following command in the VPNv4 address family or VPNv6 address family.
device(config-bgp-vpnv4u)# neighbor 10.3.3.1 capability orf extended-community send-vrf-filter
Syntax: [no] neighbor neighbor_IPaddress capability orf extended-community send-vrf-filter
To configure the peering device use the following command in the VPNv4 address family or VPNv6 address family.
(config-bgp-vpnv4u)# neighbor 10.3.3.2 capability orf extended-community receive