We use an SD-WAN that includes both HUB, Spokes and a couple of Onearmed/HUB/Passthrough with EBGP to reach externally.
All Spokes can communicate with anything within the SD-WAN even though it only has dynamic tunnels to a few HUBS.
But it doesn't work if the same spoke tries to communicate beyond its SD-WAN thru Onearmed/EBGP without also adding the One Armed as a HUB under site-to-site.
Without direct tunnel Onearmed shows route/prefix to the Spoke but it´s prefix is not propagated to its EBGP neighbor
Is it a requirement that Onearmed/HUB/Passthrough require that direct tunnels exist for everything that shall be included in EBGP?.
