Assume a use case that involves routes in a nondefault VRF that recurse over other routes in the same VRF before recursing over routes in the default VRF. In addition, these routes are signaled over BGP as EVPN Type-5 routes, where the Gateway IP field (GW-IP) in the route specifies the next hop. To support SR traffic engineering for these types of routes, the SRTE for Recursive VPN Routes feature allows the BGP to recursively resolve the route, iteratively find the next route that resolves the next-hop of the current route, until it reaches a route where the next hop is in the default VRF. This route must have the VPN label that is needed for routing, and the next hop being in the default VRF can now be used to select the endpoint for an SRTE policy to steer the traffic.

Thus, the SRTE for Recursive VPN Routes feature allows BGP to request policy from SRTE with GW-IP as the endpoint, wherein, SRTE returns the BSID for the matching policy. However, in default VRF, the BSID may change later if the CO policy is replaced with a better match.

Beginning with Cisco NX-OS Release 10.3(2)F, the SRTE for Recursive VPN Routes feature is supported.

The guidelines and limitations for this feature are as follows:

• This feature is supported on Cisco Nexus 9300-EX, 9300-FX, 9300-FX2, 9300-GX, and N9K-C9332D-GX2B platform switches.

• This feature is only supported for Type 5 EVPN routes that have a Gateway IP as the next-hop. It is not supported for recursive routes in the default VRF.

• Only IPv4 routes are supported.

• The routes in the VRF whose next-hop is another route in the same VRF must have a prefix length of 32 bits (a host route).

• Route leaking or importation of EVPN recursive VPN routes into more than a single IPv4 unicast nondefault VRF is not allowed.

• Color-only routes are not supported.

• It is not recommended to have the route injector integrated with one of the traffic bearing leafs in the network.