Symptoms:

• VRFs are in use and service interfaces are configured on the VRFs.
• When selecting "Service Interface Subnet" in route re-distribution on the VRF the service interface subnets are not advertised.
• When selecting "External Interfaces Subnet" in route re-distribution on the VRF the service interface subnets are advertised.
• When selecting "Service Interface Subnet" in route re-distribution on the Tier-0 Gateway the service interface subnets are advertised.
• See below example of route re-distribution options with the service interface subnets selected for reference:

VMware NSX-T Data Center

Under route re-distribution the option for "Service Interface Subnet" refers to service interfaces on Tier-0 Gateways only, and not VRFs.

• The Tier-0 Gateway service interface or previously known as CSP (Centralized Service Port) does not have an Edge path configured.
• The VRF (peer node) service interface requires an edge path. This is similar to an external interface.

"Service Interface Subnets" refers to the CSP subnets configured on the Tier-0 Gateway. The VRF is a peer node to the Tier-0 Gateway. The per node service interface is considered the same as an external interface. Using "External Interface Subnet" re-distribution applies to both external interface and per node service interface.

This is intended workflow and is working as expected.

Workaround:

If there is a requirement NOT to advertise the VRF service interface subnets the workaround is as follows:

1. Create a separate user prefix list with DENY subnets i.e Service Interface Subnets.
2. Create route map with PERMIT with that prefix list.
3. Use the route map created in redistribution rule for the VRF.

If there is a requirement NOT to advertise the VRF external subnets, follow the same steps as above but create prefix list with external interface subnets.