The ACI configuration for inter tenant contract is complicated.
A contract provides two functions:
- Provide filter.
- Provide route leak.
A tenant is considered a VRF itself. In this example there are two tenants T05 and T06.
T05 exports the contract to T06, and T05 provide the contract. T06 consumed the contract exported by T06.
T06 will need to consume the contract exported from T05. T06 also follows the same steps as above. Now T05 will need to consume the exported contract from T06.
Now T05 and T06 can ping to each other.
There is a common tenant which is a built-in in APIC, common tenant to another tenant communication does not need to do export, common tenant’s contract is visible by all tenants, but a contract created by a tenant is only visible by its own creator. Which is why tenant T05 need to export the contract to T06, and T06 did vice versa.