Using VRF

We found a eligant for instead option for ifupdown. Which is ifupdown-ng.
Try this out.

In the service

+++
ExecStart=/usr/sbin/ip vrf exec $[Your VRF Interface]

#Add Capabilities if using no root user.

AmbientCapabilities=CAP_SYS_ADMIN CAP_NET_ADMIN CAP_DAC_OVERRIDE

Credit

Net bind capability with systemd
# ip-vrf(8) — Linux manual page