Symptom
A default route that appears in a VPN table (meaning not a default-originate route) may not be propagated to all vpn peers.
This happens only in the VPN address family. It could be either vpnv4 or vpnv6.
Conditions
There are more than 7 VPN BGP neighbors
AND
a default route appears in a VPN table (meaning not a default-originate route)
AND
that default route has an RD that is different to the RD configured in any VRF (so called remote RD)
Workaround
Configure a VRF with an RD and address-family that is equal to the RD of a received default route.
Do this for all default routes received in a vpn address family.
This dummy VRF does not need to import or export any RTs or have any interfaces or BGP neighbors.
It may do so if there are other requirements, but as a workaround for this defect, it is not required.
Further Problem Description
A VPN route is propagated when it is received from a neighbor and must be sent to another neighbor. Examples are route reflector and VPN option B.
When the conditions are met, the software looks up a bit in uninitialized memory, so the result of the lookup is indeterminate. The result of the lookup is used to decide to propagate the route.
Only the default route (0.0.0.0/0 or ::/0) is affected, not other prefixes.
