How to block traffic between different VNIs？

[ziudu]

Dear,

I'm new to frr. I would like to know if it is possible to block traffic between different VNI.

I've a VRF(vrf_Test), with several VNIs, each has a subnet:

VRF vrf_TEST:
C>* 10.10.20.0/24 is directly connected, TEST, 00:46:06
C>* 10.10.40.0/24 is directly connected, TEST1, 00:30:22
C>* 10.10.50.0/24 is directly connected, TEST2, 00:46:06
B>* 10.10.50.10/32 [200/0] via 10.30.2.36, vrfbr_TEST onlink, weight 1, 00:06:48
C>* 172.16.1.0/24 is directly connected, TEST, 00:46:06
B>* 172.16.1.10/32 [200/0] via 10.30.2.36, vrfbr_TEST onlink, weight 1, 00:06:12

I want VMs in 10.10.20.0/24 could only ping VMs in the same subnet. They shouldn't be able to ping other subnets (ex. 10.10.40.0/24)

How to configure this?

Thanks.

[ton31337]

FRR is nothing to do here. It's a firewall question.