diff --git a/inventory/documentation/devices/DC1-L2LEAF1A.md b/inventory/documentation/devices/DC1-L2LEAF1A.md index 2b2e1c75..37da5277 100644 --- a/inventory/documentation/devices/DC1-L2LEAF1A.md +++ b/inventory/documentation/devices/DC1-L2LEAF1A.md @@ -1,10 +1,10 @@ # DC1-L2LEAF1A -# Table of Contents - + +## Table of Contents - [Management](#management) - [Management Interfaces](#management-interfaces) - - [Name Servers](#name-servers) + - [IP Name Servers](#ip-name-servers) - [NTP](#ntp) - [Management API HTTP](#management-api-http) - [Authentication](#authentication) @@ -16,7 +16,7 @@ - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) - - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) + - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) - [VLANs](#vlans) - [VLANs Summary](#vlans-summary) - [VLANs Device Configuration](#vlans-device-configuration) @@ -30,33 +30,29 @@ - [Static Routes](#static-routes) - [Multicast](#multicast) - [IP IGMP Snooping](#ip-igmp-snooping) -- [Filters](#filters) -- [ACL](#acl) - [VRF Instances](#vrf-instances) - [VRF Instances Summary](#vrf-instances-summary) - [VRF Instances Device Configuration](#vrf-instances-device-configuration) -- [Quality Of Service](#quality-of-service) - -# Management +## Management -## Management Interfaces +### Management Interfaces -### Management Interfaces Summary +#### Management Interfaces Summary -#### IPv4 +##### IPv4 | Management Interface | description | Type | VRF | IP Address | Gateway | | -------------------- | ----------- | ---- | --- | ---------- | ------- | | Management1 | oob_management | oob | MGMT | 10.255.0.17/24 | 10.255.0.1 | -#### IPv6 +##### IPv6 | Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | oob_management | oob | MGMT | - | - | +| Management1 | oob_management | oob | MGMT | - | - | -### Management Interfaces Device Configuration +#### Management Interfaces Device Configuration ```eos ! @@ -67,40 +63,40 @@ interface Management1 ip address 10.255.0.17/24 ``` -## Name Servers +### IP Name Servers -### Name Servers Summary +#### IP Name Servers Summary -| Name Server | Source VRF | -| ----------- | ---------- | -| 192.168.2.1 | MGMT | -| 8.8.8.8 | MGMT | +| Name Server | VRF | Priority | +| ----------- | --- | -------- | +| 192.168.2.1 | MGMT | - | +| 8.8.8.8 | MGMT | - | -### Name Servers Device Configuration +#### IP Name Servers Device Configuration ```eos ip name-server vrf MGMT 8.8.8.8 ip name-server vrf MGMT 192.168.2.1 ``` -## NTP +### NTP -### NTP Summary +#### NTP Summary -#### NTP Local Interface +##### NTP Local Interface | Interface | VRF | | --------- | --- | | Management1 | MGMT | -#### NTP Servers +##### NTP Servers | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | -### NTP Device Configuration +#### NTP Device Configuration ```eos ! @@ -109,22 +105,21 @@ ntp server vrf MGMT 0.fr.pool.ntp.org prefer ntp server vrf MGMT 1.fr.pool.ntp.org ``` -## Management API HTTP +### Management API HTTP -### Management API HTTP Summary +#### Management API HTTP Summary -| HTTP | HTTPS | -| ---------- | ---------- | -| default | true | +| HTTP | HTTPS | Default Services | +| ---- | ----- | ---------------- | +| False | True | - | -### Management API VRF Access +#### Management API VRF Access | VRF Name | IPv4 ACL | IPv6 ACL | | -------- | -------- | -------- | | MGMT | - | - | - -### Management API HTTP Configuration +#### Management API HTTP Device Configuration ```eos ! @@ -136,62 +131,59 @@ management api http-commands no shutdown ``` -# Authentication +## Authentication -## Local Users +### Local Users -### Local Users Summary +#### Local Users Summary -| User | Privilege | Role | -| ---- | --------- | ---- | -| admin | 15 | network-admin | -| ansible | 15 | network-admin | -| cvpadmin | 15 | network-admin | +| User | Privilege | Role | Disabled | Shell | +| ---- | --------- | ---- | -------- | ----- | +| admin | 15 | network-admin | False | - | +| ansible | 15 | network-admin | False | - | +| cvpadmin | 15 | network-admin | False | - | -### Local Users Device Configuration +#### Local Users Device Configuration ```eos ! -username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 -username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +username admin privilege 15 role network-admin secret sha512 +username ansible privilege 15 role network-admin secret sha512 +username cvpadmin privilege 15 role network-admin secret sha512 ``` -# Monitoring +## Monitoring -## TerminAttr Daemon +### TerminAttr Daemon -### TerminAttr Daemon Summary +#### TerminAttr Daemon Summary | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | -| gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | +| gzip | 10.255.0.1:9910 | MGMT | key, | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | -### TerminAttr Daemon Device Configuration +#### TerminAttr Daemon Device Configuration ```eos ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ``` -# Spanning Tree +## Spanning Tree -## Spanning Tree Summary +### Spanning Tree Summary STP mode: **mstp** -### MSTP Instance and Priority +#### MSTP Instance and Priority | Instance(s) | Priority | | -------- | -------- | | 0 | 16384 | -### Global Spanning-Tree Settings - - -## Spanning Tree Device Configuration +### Spanning Tree Device Configuration ```eos ! @@ -199,24 +191,24 @@ spanning-tree mode mstp spanning-tree mst 0 priority 16384 ``` -# Internal VLAN Allocation Policy +## Internal VLAN Allocation Policy -## Internal VLAN Allocation Policy Summary +### Internal VLAN Allocation Policy Summary | Policy Allocation | Range Beginning | Range Ending | | ------------------| --------------- | ------------ | | ascending | 1006 | 1199 | -## Internal VLAN Allocation Policy Configuration +### Internal VLAN Allocation Policy Device Configuration ```eos ! vlan internal order ascending range 1006 1199 ``` -# VLANs +## VLANs -## VLANs Summary +### VLANs Summary | VLAN ID | Name | Trunk Groups | | ------- | ---- | ------------ | @@ -228,7 +220,7 @@ vlan internal order ascending range 1006 1199 | 130 | Tenant_A_APP_Zone_1 | - | | 131 | Tenant_A_APP_Zone_2 | - | -## VLANs Device Configuration +### VLANs Device Configuration ```eos ! @@ -254,13 +246,13 @@ vlan 131 name Tenant_A_APP_Zone_2 ``` -# Interfaces +## Interfaces -## Ethernet Interfaces +### Ethernet Interfaces -### Ethernet Interfaces Summary +#### Ethernet Interfaces Summary -#### L2 +##### L2 | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | @@ -270,7 +262,7 @@ vlan 131 *Inherited from Port-Channel Interface -### Ethernet Interfaces Device Configuration +#### Ethernet Interfaces Device Configuration ```eos ! @@ -287,22 +279,22 @@ interface Ethernet2 interface Ethernet5 description server01_Eth0 no shutdown - switchport switchport access vlan 110 switchport mode access + switchport ``` -## Port-Channel Interfaces +### Port-Channel Interfaces -### Port-Channel Interfaces Summary +#### Port-Channel Interfaces Summary -#### L2 +##### L2 | Interface | Description | Type | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | | --------- | ----------- | ---- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | | Port-Channel1 | DC1_LEAF1_Po5 | switched | trunk | 110-112,120-121,130-131 | - | - | - | - | - | - | -### Port-Channel Interfaces Device Configuration +#### Port-Channel Interfaces Device Configuration ```eos ! @@ -314,8 +306,9 @@ interface Port-Channel1 switchport mode trunk ``` -# Routing -## Service Routing Protocols Model +## Routing + +### Service Routing Protocols Model Multi agent routing protocol model enabled @@ -324,76 +317,71 @@ Multi agent routing protocol model enabled service routing protocols model multi-agent ``` -## IP Routing +### IP Routing -### IP Routing Summary +#### IP Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | true|| MGMT | false | +| default | False | +| MGMT | False | -### IP Routing Device Configuration +#### IP Routing Device Configuration ```eos -! -ip routing no ip routing vrf MGMT ``` -## IPv6 Routing -### IPv6 Routing Summary +### IPv6 Routing + +#### IPv6 Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | false || MGMT | false | +| default | False | +| MGMT | false | +### Static Routes -## Static Routes +#### Static Routes Summary -### Static Routes Summary +| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | +| --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | +| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | -| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | -| --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | -| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | - -### Static Routes Device Configuration +#### Static Routes Device Configuration ```eos ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 ``` -# Multicast - -## IP IGMP Snooping +## Multicast -### IP IGMP Snooping Summary +### IP IGMP Snooping -IGMP snooping is globally enabled. +#### IP IGMP Snooping Summary +| IGMP Snooping | Fast Leave | Interface Restart Query | Proxy | Restart Query Interval | Robustness Variable | +| ------------- | ---------- | ----------------------- | ----- | ---------------------- | ------------------- | +| Enabled | - | - | - | - | - | -### IP IGMP Snooping Device Configuration +#### IP IGMP Snooping Device Configuration ```eos ``` -# Filters +## VRF Instances -# ACL - -# VRF Instances - -## VRF Instances Summary +### VRF Instances Summary | VRF Name | IP Routing | | -------- | ---------- | | MGMT | disabled | -## VRF Instances Device Configuration +### VRF Instances Device Configuration ```eos ! vrf instance MGMT ``` - -# Quality Of Service diff --git a/inventory/documentation/devices/DC1-L2LEAF2A.md b/inventory/documentation/devices/DC1-L2LEAF2A.md index 7b451764..5bf60f3c 100644 --- a/inventory/documentation/devices/DC1-L2LEAF2A.md +++ b/inventory/documentation/devices/DC1-L2LEAF2A.md @@ -1,10 +1,10 @@ # DC1-L2LEAF2A -# Table of Contents - + +## Table of Contents - [Management](#management) - [Management Interfaces](#management-interfaces) - - [Name Servers](#name-servers) + - [IP Name Servers](#ip-name-servers) - [NTP](#ntp) - [Management API HTTP](#management-api-http) - [Authentication](#authentication) @@ -16,7 +16,7 @@ - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) - - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) + - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) - [VLANs](#vlans) - [VLANs Summary](#vlans-summary) - [VLANs Device Configuration](#vlans-device-configuration) @@ -30,33 +30,29 @@ - [Static Routes](#static-routes) - [Multicast](#multicast) - [IP IGMP Snooping](#ip-igmp-snooping) -- [Filters](#filters) -- [ACL](#acl) - [VRF Instances](#vrf-instances) - [VRF Instances Summary](#vrf-instances-summary) - [VRF Instances Device Configuration](#vrf-instances-device-configuration) -- [Quality Of Service](#quality-of-service) - -# Management +## Management -## Management Interfaces +### Management Interfaces -### Management Interfaces Summary +#### Management Interfaces Summary -#### IPv4 +##### IPv4 | Management Interface | description | Type | VRF | IP Address | Gateway | | -------------------- | ----------- | ---- | --- | ---------- | ------- | | Management1 | oob_management | oob | MGMT | 10.255.0.18/24 | 10.255.0.1 | -#### IPv6 +##### IPv6 | Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | oob_management | oob | MGMT | - | - | +| Management1 | oob_management | oob | MGMT | - | - | -### Management Interfaces Device Configuration +#### Management Interfaces Device Configuration ```eos ! @@ -67,40 +63,40 @@ interface Management1 ip address 10.255.0.18/24 ``` -## Name Servers +### IP Name Servers -### Name Servers Summary +#### IP Name Servers Summary -| Name Server | Source VRF | -| ----------- | ---------- | -| 192.168.2.1 | MGMT | -| 8.8.8.8 | MGMT | +| Name Server | VRF | Priority | +| ----------- | --- | -------- | +| 192.168.2.1 | MGMT | - | +| 8.8.8.8 | MGMT | - | -### Name Servers Device Configuration +#### IP Name Servers Device Configuration ```eos ip name-server vrf MGMT 8.8.8.8 ip name-server vrf MGMT 192.168.2.1 ``` -## NTP +### NTP -### NTP Summary +#### NTP Summary -#### NTP Local Interface +##### NTP Local Interface | Interface | VRF | | --------- | --- | | Management1 | MGMT | -#### NTP Servers +##### NTP Servers | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | -### NTP Device Configuration +#### NTP Device Configuration ```eos ! @@ -109,22 +105,21 @@ ntp server vrf MGMT 0.fr.pool.ntp.org prefer ntp server vrf MGMT 1.fr.pool.ntp.org ``` -## Management API HTTP +### Management API HTTP -### Management API HTTP Summary +#### Management API HTTP Summary -| HTTP | HTTPS | -| ---------- | ---------- | -| default | true | +| HTTP | HTTPS | Default Services | +| ---- | ----- | ---------------- | +| False | True | - | -### Management API VRF Access +#### Management API VRF Access | VRF Name | IPv4 ACL | IPv6 ACL | | -------- | -------- | -------- | | MGMT | - | - | - -### Management API HTTP Configuration +#### Management API HTTP Device Configuration ```eos ! @@ -136,62 +131,59 @@ management api http-commands no shutdown ``` -# Authentication +## Authentication -## Local Users +### Local Users -### Local Users Summary +#### Local Users Summary -| User | Privilege | Role | -| ---- | --------- | ---- | -| admin | 15 | network-admin | -| ansible | 15 | network-admin | -| cvpadmin | 15 | network-admin | +| User | Privilege | Role | Disabled | Shell | +| ---- | --------- | ---- | -------- | ----- | +| admin | 15 | network-admin | False | - | +| ansible | 15 | network-admin | False | - | +| cvpadmin | 15 | network-admin | False | - | -### Local Users Device Configuration +#### Local Users Device Configuration ```eos ! -username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 -username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +username admin privilege 15 role network-admin secret sha512 +username ansible privilege 15 role network-admin secret sha512 +username cvpadmin privilege 15 role network-admin secret sha512 ``` -# Monitoring +## Monitoring -## TerminAttr Daemon +### TerminAttr Daemon -### TerminAttr Daemon Summary +#### TerminAttr Daemon Summary | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | -| gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | +| gzip | 10.255.0.1:9910 | MGMT | key, | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | -### TerminAttr Daemon Device Configuration +#### TerminAttr Daemon Device Configuration ```eos ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ``` -# Spanning Tree +## Spanning Tree -## Spanning Tree Summary +### Spanning Tree Summary STP mode: **mstp** -### MSTP Instance and Priority +#### MSTP Instance and Priority | Instance(s) | Priority | | -------- | -------- | | 0 | 16384 | -### Global Spanning-Tree Settings - - -## Spanning Tree Device Configuration +### Spanning Tree Device Configuration ```eos ! @@ -199,24 +191,24 @@ spanning-tree mode mstp spanning-tree mst 0 priority 16384 ``` -# Internal VLAN Allocation Policy +## Internal VLAN Allocation Policy -## Internal VLAN Allocation Policy Summary +### Internal VLAN Allocation Policy Summary | Policy Allocation | Range Beginning | Range Ending | | ------------------| --------------- | ------------ | | ascending | 1006 | 1199 | -## Internal VLAN Allocation Policy Configuration +### Internal VLAN Allocation Policy Device Configuration ```eos ! vlan internal order ascending range 1006 1199 ``` -# VLANs +## VLANs -## VLANs Summary +### VLANs Summary | VLAN ID | Name | Trunk Groups | | ------- | ---- | ------------ | @@ -228,7 +220,7 @@ vlan internal order ascending range 1006 1199 | 130 | Tenant_A_APP_Zone_1 | - | | 131 | Tenant_A_APP_Zone_2 | - | -## VLANs Device Configuration +### VLANs Device Configuration ```eos ! @@ -254,13 +246,13 @@ vlan 131 name Tenant_A_APP_Zone_2 ``` -# Interfaces +## Interfaces -## Ethernet Interfaces +### Ethernet Interfaces -### Ethernet Interfaces Summary +#### Ethernet Interfaces Summary -#### L2 +##### L2 | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | @@ -270,7 +262,7 @@ vlan 131 *Inherited from Port-Channel Interface -### Ethernet Interfaces Device Configuration +#### Ethernet Interfaces Device Configuration ```eos ! @@ -287,22 +279,22 @@ interface Ethernet2 interface Ethernet5 description server02_Eth0 no shutdown - switchport switchport access vlan 110 switchport mode access + switchport ``` -## Port-Channel Interfaces +### Port-Channel Interfaces -### Port-Channel Interfaces Summary +#### Port-Channel Interfaces Summary -#### L2 +##### L2 | Interface | Description | Type | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | | --------- | ----------- | ---- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | | Port-Channel1 | DC1_LEAF2_Po5 | switched | trunk | 110-112,120-121,130-131 | - | - | - | - | - | - | -### Port-Channel Interfaces Device Configuration +#### Port-Channel Interfaces Device Configuration ```eos ! @@ -314,8 +306,9 @@ interface Port-Channel1 switchport mode trunk ``` -# Routing -## Service Routing Protocols Model +## Routing + +### Service Routing Protocols Model Multi agent routing protocol model enabled @@ -324,76 +317,71 @@ Multi agent routing protocol model enabled service routing protocols model multi-agent ``` -## IP Routing +### IP Routing -### IP Routing Summary +#### IP Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | true|| MGMT | false | +| default | False | +| MGMT | False | -### IP Routing Device Configuration +#### IP Routing Device Configuration ```eos -! -ip routing no ip routing vrf MGMT ``` -## IPv6 Routing -### IPv6 Routing Summary +### IPv6 Routing + +#### IPv6 Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | false || MGMT | false | +| default | False | +| MGMT | false | +### Static Routes -## Static Routes +#### Static Routes Summary -### Static Routes Summary +| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | +| --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | +| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | -| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | -| --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | -| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | - -### Static Routes Device Configuration +#### Static Routes Device Configuration ```eos ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 ``` -# Multicast - -## IP IGMP Snooping +## Multicast -### IP IGMP Snooping Summary +### IP IGMP Snooping -IGMP snooping is globally enabled. +#### IP IGMP Snooping Summary +| IGMP Snooping | Fast Leave | Interface Restart Query | Proxy | Restart Query Interval | Robustness Variable | +| ------------- | ---------- | ----------------------- | ----- | ---------------------- | ------------------- | +| Enabled | - | - | - | - | - | -### IP IGMP Snooping Device Configuration +#### IP IGMP Snooping Device Configuration ```eos ``` -# Filters +## VRF Instances -# ACL - -# VRF Instances - -## VRF Instances Summary +### VRF Instances Summary | VRF Name | IP Routing | | -------- | ---------- | | MGMT | disabled | -## VRF Instances Device Configuration +### VRF Instances Device Configuration ```eos ! vrf instance MGMT ``` - -# Quality Of Service diff --git a/inventory/documentation/devices/DC1-LEAF1A.md b/inventory/documentation/devices/DC1-LEAF1A.md index 31882b21..2655a757 100644 --- a/inventory/documentation/devices/DC1-LEAF1A.md +++ b/inventory/documentation/devices/DC1-LEAF1A.md @@ -1,10 +1,10 @@ # DC1-LEAF1A -# Table of Contents - + +## Table of Contents - [Management](#management) - [Management Interfaces](#management-interfaces) - - [Name Servers](#name-servers) + - [IP Name Servers](#ip-name-servers) - [NTP](#ntp) - [Management API HTTP](#management-api-http) - [Authentication](#authentication) @@ -19,7 +19,7 @@ - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) - - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) + - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) - [VLANs](#vlans) - [VLANs Summary](#vlans-summary) - [VLANs Device Configuration](#vlans-device-configuration) @@ -43,35 +43,32 @@ - [Filters](#filters) - [Prefix-lists](#prefix-lists) - [Route-maps](#route-maps) -- [ACL](#acl) - [VRF Instances](#vrf-instances) - [VRF Instances Summary](#vrf-instances-summary) - [VRF Instances Device Configuration](#vrf-instances-device-configuration) - [Virtual Source NAT](#virtual-source-nat) - [Virtual Source NAT Summary](#virtual-source-nat-summary) - [Virtual Source NAT Configuration](#virtual-source-nat-configuration) -- [Quality Of Service](#quality-of-service) - -# Management +## Management -## Management Interfaces +### Management Interfaces -### Management Interfaces Summary +#### Management Interfaces Summary -#### IPv4 +##### IPv4 | Management Interface | description | Type | VRF | IP Address | Gateway | | -------------------- | ----------- | ---- | --- | ---------- | ------- | | Management1 | oob_management | oob | MGMT | 10.255.0.13/24 | 10.255.0.1 | -#### IPv6 +##### IPv6 | Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | oob_management | oob | MGMT | - | - | +| Management1 | oob_management | oob | MGMT | - | - | -### Management Interfaces Device Configuration +#### Management Interfaces Device Configuration ```eos ! @@ -82,40 +79,40 @@ interface Management1 ip address 10.255.0.13/24 ``` -## Name Servers +### IP Name Servers -### Name Servers Summary +#### IP Name Servers Summary -| Name Server | Source VRF | -| ----------- | ---------- | -| 192.168.2.1 | MGMT | -| 8.8.8.8 | MGMT | +| Name Server | VRF | Priority | +| ----------- | --- | -------- | +| 192.168.2.1 | MGMT | - | +| 8.8.8.8 | MGMT | - | -### Name Servers Device Configuration +#### IP Name Servers Device Configuration ```eos ip name-server vrf MGMT 8.8.8.8 ip name-server vrf MGMT 192.168.2.1 ``` -## NTP +### NTP -### NTP Summary +#### NTP Summary -#### NTP Local Interface +##### NTP Local Interface | Interface | VRF | | --------- | --- | | Management1 | MGMT | -#### NTP Servers +##### NTP Servers | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | -### NTP Device Configuration +#### NTP Device Configuration ```eos ! @@ -124,22 +121,21 @@ ntp server vrf MGMT 0.fr.pool.ntp.org prefer ntp server vrf MGMT 1.fr.pool.ntp.org ``` -## Management API HTTP +### Management API HTTP -### Management API HTTP Summary +#### Management API HTTP Summary -| HTTP | HTTPS | -| ---------- | ---------- | -| default | true | +| HTTP | HTTPS | Default Services | +| ---- | ----- | ---------------- | +| False | True | - | -### Management API VRF Access +#### Management API VRF Access | VRF Name | IPv4 ACL | IPv6 ACL | | -------- | -------- | -------- | | MGMT | - | - | - -### Management API HTTP Configuration +#### Management API HTTP Device Configuration ```eos ! @@ -151,49 +147,49 @@ management api http-commands no shutdown ``` -# Authentication +## Authentication -## Local Users +### Local Users -### Local Users Summary +#### Local Users Summary -| User | Privilege | Role | -| ---- | --------- | ---- | -| admin | 15 | network-admin | -| ansible | 15 | network-admin | -| cvpadmin | 15 | network-admin | +| User | Privilege | Role | Disabled | Shell | +| ---- | --------- | ---- | -------- | ----- | +| admin | 15 | network-admin | False | - | +| ansible | 15 | network-admin | False | - | +| cvpadmin | 15 | network-admin | False | - | -### Local Users Device Configuration +#### Local Users Device Configuration ```eos ! -username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 -username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +username admin privilege 15 role network-admin secret sha512 +username ansible privilege 15 role network-admin secret sha512 +username cvpadmin privilege 15 role network-admin secret sha512 ``` -# Monitoring +## Monitoring -## TerminAttr Daemon +### TerminAttr Daemon -### TerminAttr Daemon Summary +#### TerminAttr Daemon Summary | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | -| gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | +| gzip | 10.255.0.1:9910 | MGMT | key, | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | -### TerminAttr Daemon Device Configuration +#### TerminAttr Daemon Device Configuration ```eos ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ``` -# MLAG +## MLAG -## MLAG Summary +### MLAG Summary | Domain-id | Local-interface | Peer-address | Peer-link | | --------- | --------------- | ------------ | --------- | @@ -201,7 +197,7 @@ daemon TerminAttr Dual primary detection is disabled. -## MLAG Device Configuration +### MLAG Device Configuration ```eos ! @@ -214,23 +210,23 @@ mlag configuration reload-delay non-mlag 330 ``` -# Spanning Tree +## Spanning Tree -## Spanning Tree Summary +### Spanning Tree Summary STP mode: **mstp** -### MSTP Instance and Priority +#### MSTP Instance and Priority | Instance(s) | Priority | | -------- | -------- | | 0 | 16384 | -### Global Spanning-Tree Settings +#### Global Spanning-Tree Settings -Spanning Tree disabled for VLANs: **4093-4094** +- Spanning Tree disabled for VLANs: **4093-4094** -## Spanning Tree Device Configuration +### Spanning Tree Device Configuration ```eos ! @@ -239,24 +235,24 @@ no spanning-tree vlan-id 4093-4094 spanning-tree mst 0 priority 16384 ``` -# Internal VLAN Allocation Policy +## Internal VLAN Allocation Policy -## Internal VLAN Allocation Policy Summary +### Internal VLAN Allocation Policy Summary | Policy Allocation | Range Beginning | Range Ending | | ------------------| --------------- | ------------ | | ascending | 1006 | 1199 | -## Internal VLAN Allocation Policy Configuration +### Internal VLAN Allocation Policy Device Configuration ```eos ! vlan internal order ascending range 1006 1199 ``` -# VLANs +## VLANs -## VLANs Summary +### VLANs Summary | VLAN ID | Name | Trunk Groups | | ------- | ---- | ------------ | @@ -290,7 +286,7 @@ vlan internal order ascending range 1006 1199 | 4093 | LEAF_PEER_L3 | LEAF_PEER_L3 | | 4094 | MLAG_PEER | MLAG | -## VLANs Device Configuration +### VLANs Device Configuration ```eos ! @@ -393,30 +389,30 @@ vlan 4094 trunk group MLAG ``` -# Interfaces +## Interfaces -## Ethernet Interfaces +### Ethernet Interfaces -### Ethernet Interfaces Summary +#### Ethernet Interfaces Summary -#### L2 +##### L2 | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | -| Ethernet3 | MLAG_PEER_DC1-LEAF1B_Ethernet3 | *trunk | *2-4094 | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | -| Ethernet4 | MLAG_PEER_DC1-LEAF1B_Ethernet4 | *trunk | *2-4094 | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | +| Ethernet3 | MLAG_PEER_DC1-LEAF1B_Ethernet3 | *trunk | *- | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | +| Ethernet4 | MLAG_PEER_DC1-LEAF1B_Ethernet4 | *trunk | *- | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | | Ethernet5 | DC1-L2LEAF1A_Ethernet1 | *trunk | *110-112,120-121,130-131 | *- | *- | 5 | *Inherited from Port-Channel Interface -#### IPv4 +##### IPv4 | Interface | Description | Type | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | | --------- | ----------- | -----| ------------- | ---------- | ----| ---- | -------- | ------ | ------- | -| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet1 | routed | - | 172.31.255.1/31 | default | 1500 | false | - | - | -| Ethernet2 | P2P_LINK_TO_DC1-SPINE2_Ethernet1 | routed | - | 172.31.255.3/31 | default | 1500 | false | - | - | +| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet1 | routed | - | 172.31.255.1/31 | default | 1500 | False | - | - | +| Ethernet2 | P2P_LINK_TO_DC1-SPINE2_Ethernet1 | routed | - | 172.31.255.3/31 | default | 1500 | False | - | - | -### Ethernet Interfaces Device Configuration +#### Ethernet Interfaces Device Configuration ```eos ! @@ -450,18 +446,18 @@ interface Ethernet5 channel-group 5 mode active ``` -## Port-Channel Interfaces +### Port-Channel Interfaces -### Port-Channel Interfaces Summary +#### Port-Channel Interfaces Summary -#### L2 +##### L2 | Interface | Description | Type | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | | --------- | ----------- | ---- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | -| Port-Channel3 | MLAG_PEER_DC1-LEAF1B_Po3 | switched | trunk | 2-4094 | - | ['LEAF_PEER_L3', 'MLAG'] | - | - | - | - | +| Port-Channel3 | MLAG_PEER_DC1-LEAF1B_Po3 | switched | trunk | - | - | ['LEAF_PEER_L3', 'MLAG'] | - | - | - | - | | Port-Channel5 | DC1-L2LEAF1A_Po1 | switched | trunk | 110-112,120-121,130-131 | - | - | - | - | 5 | - | -### Port-Channel Interfaces Device Configuration +#### Port-Channel Interfaces Device Configuration ```eos ! @@ -469,7 +465,6 @@ interface Port-Channel3 description MLAG_PEER_DC1-LEAF1B_Po3 no shutdown switchport - switchport trunk allowed vlan 2-4094 switchport mode trunk switchport trunk group LEAF_PEER_L3 switchport trunk group MLAG @@ -483,11 +478,11 @@ interface Port-Channel5 mlag 5 ``` -## Loopback Interfaces +### Loopback Interfaces -### Loopback Interfaces Summary +#### Loopback Interfaces Summary -#### IPv4 +##### IPv4 | Interface | Description | VRF | IP Address | | --------- | ----------- | --- | ---------- | @@ -495,7 +490,7 @@ interface Port-Channel5 | Loopback1 | VTEP_VXLAN_Tunnel_Source | default | 192.168.254.3/32 | | Loopback100 | Tenant_A_OP_Zone_VTEP_DIAGNOSTICS | Tenant_A_OP_Zone | 10.255.1.3/32 | -#### IPv6 +##### IPv6 | Interface | Description | VRF | IPv6 Address | | --------- | ----------- | --- | ------------ | @@ -503,8 +498,7 @@ interface Port-Channel5 | Loopback1 | VTEP_VXLAN_Tunnel_Source | default | - | | Loopback100 | Tenant_A_OP_Zone_VTEP_DIAGNOSTICS | Tenant_A_OP_Zone | - | - -### Loopback Interfaces Device Configuration +#### Loopback Interfaces Device Configuration ```eos ! @@ -525,60 +519,60 @@ interface Loopback100 ip address 10.255.1.3/32 ``` -## VLAN Interfaces +### VLAN Interfaces -### VLAN Interfaces Summary +#### VLAN Interfaces Summary | Interface | Description | VRF | MTU | Shutdown | | --------- | ----------- | --- | ---- | -------- | -| Vlan110 | Tenant_A_OP_Zone_1 | Tenant_A_OP_Zone | - | false | -| Vlan111 | Tenant_A_OP_Zone_2 | Tenant_A_OP_Zone | - | false | -| Vlan112 | Tenant_A_OP_Zone_3 | Tenant_A_OP_Zone | - | false | -| Vlan120 | Tenant_A_WEB_Zone_1 | Tenant_A_WEB_Zone | - | false | -| Vlan121 | Tenant_A_WEBZone_2 | Tenant_A_WEB_Zone | - | false | -| Vlan130 | Tenant_A_APP_Zone_1 | Tenant_A_APP_Zone | - | false | -| Vlan131 | Tenant_A_APP_Zone_2 | Tenant_A_APP_Zone | - | false | -| Vlan140 | Tenant_A_DB_BZone_1 | Tenant_A_DB_Zone | - | false | -| Vlan141 | Tenant_A_DB_Zone_2 | Tenant_A_DB_Zone | - | false | -| Vlan150 | Tenant_A_WAN_Zone_1 | Tenant_A_WAN_Zone | - | false | -| Vlan210 | Tenant_B_OP_Zone_1 | Tenant_B_OP_Zone | - | false | -| Vlan211 | Tenant_B_OP_Zone_2 | Tenant_B_OP_Zone | - | false | -| Vlan250 | Tenant_B_WAN_Zone_1 | Tenant_B_WAN_Zone | - | false | -| Vlan310 | Tenant_C_OP_Zone_1 | Tenant_C_OP_Zone | - | false | -| Vlan311 | Tenant_C_OP_Zone_2 | Tenant_C_OP_Zone | - | false | -| Vlan350 | Tenant_C_WAN_Zone_1 | Tenant_C_WAN_Zone | - | false | -| Vlan3009 | MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone | Tenant_A_OP_Zone | 1500 | false | -| Vlan3010 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone | Tenant_A_WEB_Zone | 1500 | false | -| Vlan3011 | MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone | Tenant_A_APP_Zone | 1500 | false | -| Vlan3012 | MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone | Tenant_A_DB_Zone | 1500 | false | -| Vlan3013 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone | Tenant_A_WAN_Zone | 1500 | false | -| Vlan3019 | MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone | Tenant_B_OP_Zone | 1500 | false | -| Vlan3020 | MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone | Tenant_B_WAN_Zone | 1500 | false | -| Vlan3029 | MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone | Tenant_C_OP_Zone | 1500 | false | -| Vlan3030 | MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone | Tenant_C_WAN_Zone | 1500 | false | -| Vlan4093 | MLAG_PEER_L3_PEERING | default | 1500 | false | -| Vlan4094 | MLAG_PEER | default | 1500 | false | - -#### IPv4 +| Vlan110 | Tenant_A_OP_Zone_1 | Tenant_A_OP_Zone | - | False | +| Vlan111 | Tenant_A_OP_Zone_2 | Tenant_A_OP_Zone | - | False | +| Vlan112 | Tenant_A_OP_Zone_3 | Tenant_A_OP_Zone | - | False | +| Vlan120 | Tenant_A_WEB_Zone_1 | Tenant_A_WEB_Zone | - | False | +| Vlan121 | Tenant_A_WEBZone_2 | Tenant_A_WEB_Zone | - | False | +| Vlan130 | Tenant_A_APP_Zone_1 | Tenant_A_APP_Zone | - | False | +| Vlan131 | Tenant_A_APP_Zone_2 | Tenant_A_APP_Zone | - | False | +| Vlan140 | Tenant_A_DB_BZone_1 | Tenant_A_DB_Zone | - | False | +| Vlan141 | Tenant_A_DB_Zone_2 | Tenant_A_DB_Zone | - | False | +| Vlan150 | Tenant_A_WAN_Zone_1 | Tenant_A_WAN_Zone | - | False | +| Vlan210 | Tenant_B_OP_Zone_1 | Tenant_B_OP_Zone | - | False | +| Vlan211 | Tenant_B_OP_Zone_2 | Tenant_B_OP_Zone | - | False | +| Vlan250 | Tenant_B_WAN_Zone_1 | Tenant_B_WAN_Zone | - | False | +| Vlan310 | Tenant_C_OP_Zone_1 | Tenant_C_OP_Zone | - | False | +| Vlan311 | Tenant_C_OP_Zone_2 | Tenant_C_OP_Zone | - | False | +| Vlan350 | Tenant_C_WAN_Zone_1 | Tenant_C_WAN_Zone | - | False | +| Vlan3009 | MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone | Tenant_A_OP_Zone | 1500 | False | +| Vlan3010 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone | Tenant_A_WEB_Zone | 1500 | False | +| Vlan3011 | MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone | Tenant_A_APP_Zone | 1500 | False | +| Vlan3012 | MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone | Tenant_A_DB_Zone | 1500 | False | +| Vlan3013 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone | Tenant_A_WAN_Zone | 1500 | False | +| Vlan3019 | MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone | Tenant_B_OP_Zone | 1500 | False | +| Vlan3020 | MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone | Tenant_B_WAN_Zone | 1500 | False | +| Vlan3029 | MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone | Tenant_C_OP_Zone | 1500 | False | +| Vlan3030 | MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone | Tenant_C_WAN_Zone | 1500 | False | +| Vlan4093 | MLAG_PEER_L3_PEERING | default | 1500 | False | +| Vlan4094 | MLAG_PEER | default | 1500 | False | + +##### IPv4 | Interface | VRF | IP Address | IP Address Virtual | IP Router Virtual Address | VRRP | ACL In | ACL Out | | --------- | --- | ---------- | ------------------ | ------------------------- | ---- | ------ | ------- | | Vlan110 | Tenant_A_OP_Zone | - | 10.1.10.1/24 | - | - | - | - | | Vlan111 | Tenant_A_OP_Zone | - | 10.1.11.1/24 | - | - | - | - | | Vlan112 | Tenant_A_OP_Zone | - | 10.1.12.254/24 | - | - | - | - | -| Vlan120 | Tenant_A_WEB_Zone | - | - | - | - | - | - | +| Vlan120 | Tenant_A_WEB_Zone | - | 10.1.20.1/24 | - | - | - | - | | Vlan121 | Tenant_A_WEB_Zone | - | 10.1.21.1/24 | - | - | - | - | -| Vlan130 | Tenant_A_APP_Zone | - | - | - | - | - | - | +| Vlan130 | Tenant_A_APP_Zone | - | 10.1.30.1/24 | - | - | - | - | | Vlan131 | Tenant_A_APP_Zone | - | 10.1.31.254/24 | - | - | - | - | | Vlan140 | Tenant_A_DB_Zone | - | 10.1.40.1/24 | - | - | - | - | | Vlan141 | Tenant_A_DB_Zone | - | 10.1.41.1/24 | - | - | - | - | | Vlan150 | Tenant_A_WAN_Zone | - | 10.1.40.1/24 | - | - | - | - | -| Vlan210 | Tenant_B_OP_Zone | - | - | - | - | - | - | +| Vlan210 | Tenant_B_OP_Zone | - | 10.2.10.1/24 | - | - | - | - | | Vlan211 | Tenant_B_OP_Zone | - | 10.2.11.1/24 | - | - | - | - | | Vlan250 | Tenant_B_WAN_Zone | - | 10.2.50.1/24 | - | - | - | - | -| Vlan310 | Tenant_C_OP_Zone | - | - | - | - | - | - | -| Vlan311 | Tenant_C_OP_Zone | - | - | - | - | - | - | -| Vlan350 | Tenant_C_WAN_Zone | - | - | - | - | - | - | +| Vlan310 | Tenant_C_OP_Zone | - | 10.3.10.1/24 | - | - | - | - | +| Vlan311 | Tenant_C_OP_Zone | - | 10.3.11.1/24 | - | - | - | - | +| Vlan350 | Tenant_C_WAN_Zone | - | 10.3.50.1/24 | - | - | - | - | | Vlan3009 | Tenant_A_OP_Zone | 10.255.251.0/31 | - | - | - | - | - | | Vlan3010 | Tenant_A_WEB_Zone | 10.255.251.0/31 | - | - | - | - | - | | Vlan3011 | Tenant_A_APP_Zone | 10.255.251.0/31 | - | - | - | - | - | @@ -591,8 +585,7 @@ interface Loopback100 | Vlan4093 | default | 10.255.251.0/31 | - | - | - | - | - | | Vlan4094 | default | 10.255.252.0/31 | - | - | - | - | - | - -### VLAN Interfaces Device Configuration +#### VLAN Interfaces Device Configuration ```eos ! @@ -618,6 +611,7 @@ interface Vlan120 description Tenant_A_WEB_Zone_1 no shutdown vrf Tenant_A_WEB_Zone + ip address virtual 10.1.20.1/24 ! interface Vlan121 description Tenant_A_WEBZone_2 @@ -629,6 +623,7 @@ interface Vlan130 description Tenant_A_APP_Zone_1 no shutdown vrf Tenant_A_APP_Zone + ip address virtual 10.1.30.1/24 ! interface Vlan131 description Tenant_A_APP_Zone_2 @@ -658,6 +653,7 @@ interface Vlan210 description Tenant_B_OP_Zone_1 no shutdown vrf Tenant_B_OP_Zone + ip address virtual 10.2.10.1/24 ! interface Vlan211 description Tenant_B_OP_Zone_2 @@ -675,16 +671,19 @@ interface Vlan310 description Tenant_C_OP_Zone_1 no shutdown vrf Tenant_C_OP_Zone + ip address virtual 10.3.10.1/24 ! interface Vlan311 description Tenant_C_OP_Zone_2 no shutdown vrf Tenant_C_OP_Zone + ip address virtual 10.3.11.1/24 ! interface Vlan350 description Tenant_C_WAN_Zone_1 no shutdown vrf Tenant_C_WAN_Zone + ip address virtual 10.3.50.1/24 ! interface Vlan3009 description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone @@ -763,54 +762,54 @@ interface Vlan4094 ip address 10.255.252.0/31 ``` -## VXLAN Interface - -### VXLAN Interface Summary - -#### Source Interface: Loopback1 - -#### UDP port: 4789 - -#### EVPN MLAG Shared Router MAC : mlag-system-id - -#### VLAN to VNI and Flood List Mappings - -| VLAN | VNI | Flood List | -| ---- | --- | ---------- | -| 110 | 10110 | - | -| 111 | 50111 | - | -| 112 | 50112 | - | -| 120 | 10120 | - | -| 121 | 10121 | - | -| 130 | 10130 | - | -| 131 | 10131 | - | -| 140 | 10140 | - | -| 141 | 10141 | - | -| 150 | 10150 | - | -| 160 | 55160 | - | -| 161 | 10161 | - | -| 210 | 20210 | - | -| 211 | 20211 | - | -| 250 | 20250 | - | -| 310 | 30310 | - | -| 311 | 30311 | - | -| 350 | 30350 | - | - -#### VRF to VNI Mappings - -| VLAN | VNI | -| ---- | --- | -| Tenant_A_APP_Zone | 12 | -| Tenant_A_DB_Zone | 13 | -| Tenant_A_OP_Zone | 10 | -| Tenant_A_WAN_Zone | 14 | -| Tenant_A_WEB_Zone | 11 | -| Tenant_B_OP_Zone | 20 | -| Tenant_B_WAN_Zone | 21 | -| Tenant_C_OP_Zone | 30 | -| Tenant_C_WAN_Zone | 31 | - -### VXLAN Interface Device Configuration +### VXLAN Interface + +#### VXLAN Interface Summary + +| Setting | Value | +| ------- | ----- | +| Source Interface | Loopback1 | +| UDP port | 4789 | +| EVPN MLAG Shared Router MAC | mlag-system-id | + +##### VLAN to VNI, Flood List and Multicast Group Mappings + +| VLAN | VNI | Flood List | Multicast Group | +| ---- | --- | ---------- | --------------- | +| 110 | 10110 | - | - | +| 111 | 50111 | - | - | +| 112 | 50112 | - | - | +| 120 | 10120 | - | - | +| 121 | 10121 | - | - | +| 130 | 10130 | - | - | +| 131 | 10131 | - | - | +| 140 | 10140 | - | - | +| 141 | 10141 | - | - | +| 150 | 10150 | - | - | +| 160 | 55160 | - | - | +| 161 | 10161 | - | - | +| 210 | 20210 | - | - | +| 211 | 20211 | - | - | +| 250 | 20250 | - | - | +| 310 | 30310 | - | - | +| 311 | 30311 | - | - | +| 350 | 30350 | - | - | + +##### VRF to VNI and Multicast Group Mappings + +| VRF | VNI | Multicast Group | +| ---- | --- | --------------- | +| Tenant_A_APP_Zone | 12 | - | +| Tenant_A_DB_Zone | 13 | - | +| Tenant_A_OP_Zone | 10 | - | +| Tenant_A_WAN_Zone | 14 | - | +| Tenant_A_WEB_Zone | 11 | - | +| Tenant_B_OP_Zone | 20 | - | +| Tenant_B_WAN_Zone | 21 | - | +| Tenant_C_OP_Zone | 30 | - | +| Tenant_C_WAN_Zone | 31 | - | + +#### VXLAN Interface Device Configuration ```eos ! @@ -848,8 +847,9 @@ interface Vxlan1 vxlan vrf Tenant_C_WAN_Zone vni 31 ``` -# Routing -## Service Routing Protocols Model +## Routing + +### Service Routing Protocols Model Multi agent routing protocol model enabled @@ -858,37 +858,38 @@ Multi agent routing protocol model enabled service routing protocols model multi-agent ``` -## Virtual Router MAC Address +### Virtual Router MAC Address -### Virtual Router MAC Address Summary +#### Virtual Router MAC Address Summary -#### Virtual Router MAC Address: 00:1c:73:00:dc:01 +Virtual Router MAC Address: 00:1c:73:00:dc:01 -### Virtual Router MAC Address Configuration +#### Virtual Router MAC Address Device Configuration ```eos ! ip virtual-router mac-address 00:1c:73:00:dc:01 ``` -## IP Routing +### IP Routing -### IP Routing Summary +#### IP Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | true|| MGMT | false | -| Tenant_A_APP_Zone | true | -| Tenant_A_DB_Zone | true | -| Tenant_A_OP_Zone | true | -| Tenant_A_WAN_Zone | true | -| Tenant_A_WEB_Zone | true | -| Tenant_B_OP_Zone | true | -| Tenant_B_WAN_Zone | true | -| Tenant_C_OP_Zone | true | -| Tenant_C_WAN_Zone | true | - -### IP Routing Device Configuration +| default | True | +| MGMT | False | +| Tenant_A_APP_Zone | True | +| Tenant_A_DB_Zone | True | +| Tenant_A_OP_Zone | True | +| Tenant_A_WAN_Zone | True | +| Tenant_A_WEB_Zone | True | +| Tenant_B_OP_Zone | True | +| Tenant_B_WAN_Zone | True | +| Tenant_C_OP_Zone | True | +| Tenant_C_WAN_Zone | True | + +#### IP Routing Device Configuration ```eos ! @@ -904,13 +905,15 @@ ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_OP_Zone ip routing vrf Tenant_C_WAN_Zone ``` -## IPv6 Routing -### IPv6 Routing Summary +### IPv6 Routing + +#### IPv6 Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | false || MGMT | false | +| default | False | +| MGMT | false | | Tenant_A_APP_Zone | false | | Tenant_A_DB_Zone | false | | Tenant_A_OP_Zone | false | @@ -921,29 +924,28 @@ ip routing vrf Tenant_C_WAN_Zone | Tenant_C_OP_Zone | false | | Tenant_C_WAN_Zone | false | +### Static Routes -## Static Routes +#### Static Routes Summary -### Static Routes Summary +| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | +| --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | +| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | -| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | -| --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | -| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | - -### Static Routes Device Configuration +#### Static Routes Device Configuration ```eos ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 ``` -## Router BGP +### Router BGP -### Router BGP Summary +#### Router BGP Summary | BGP AS | Router ID | | ------ | --------- | -| 65101| 192.168.255.3 | +| 65101 | 192.168.255.3 | | BGP Tuning | | ---------- | @@ -951,22 +953,24 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | distance bgp 20 200 200 | | graceful-restart restart-time 300 | | graceful-restart | +| update wait-install | +| no bgp default ipv4-unicast | | maximum-paths 4 ecmp 4 | -### Router BGP Peer Groups +#### Router BGP Peer Groups -#### EVPN-OVERLAY-PEERS +##### EVPN-OVERLAY-PEERS | Settings | Value | | -------- | ----- | | Address Family | evpn | | Source | Loopback0 | -| Bfd | true | +| BFD | True | | Ebgp multihop | 3 | | Send community | all | | Maximum routes | 0 (no limit) | -#### IPv4-UNDERLAY-PEERS +##### IPv4-UNDERLAY-PEERS | Settings | Value | | -------- | ----- | @@ -974,7 +978,7 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -#### MLAG-IPv4-UNDERLAY-PEER +##### MLAG-IPv4-UNDERLAY-PEER | Settings | Value | | -------- | ----- | @@ -984,30 +988,34 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -### BGP Neighbors +#### BGP Neighbors -| Neighbor | Remote AS | VRF | -| -------- | --------- | --- | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | default | -| 172.31.255.0 | 65001 | default | -| 172.31.255.2 | 65001 | default | -| 192.168.255.1 | 65001 | default | -| 192.168.255.2 | 65001 | default | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_APP_Zone | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_DB_Zone | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_OP_Zone | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WAN_Zone | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WEB_Zone | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_OP_Zone | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_WAN_Zone | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_OP_Zone | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_WAN_Zone | +| Neighbor | Remote AS | VRF | Shutdown | Send-community | Maximum-routes | Allowas-in | BFD | RIB Pre-Policy Retain | Route-Reflector Client | Passive | +| -------- | --------- | --- | -------- | -------------- | -------------- | ---------- | --- | --------------------- | ---------------------- | ------- | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | default | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 172.31.255.0 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | +| 172.31.255.2 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | +| 192.168.255.1 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | +| 192.168.255.2 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_APP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_DB_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WEB_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | -### Router BGP EVPN Address Family +#### Router BGP EVPN Address Family -#### Router BGP EVPN MAC-VRFs +##### EVPN Peer Groups -##### VLAN aware bundles +| Peer Group | Activate | Encapsulation | +| ---------- | -------- | ------------- | +| EVPN-OVERLAY-PEERS | True | default | + +#### Router BGP VLAN Aware Bundles | VLAN Aware Bundle | Route-Distinguisher | Both Route-Target | Import Route Target | Export Route-Target | Redistribute | VLANs | | ----------------- | ------------------- | ----------------- | ------------------- | ------------------- | ------------ | ----- | @@ -1023,7 +1031,7 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Tenant_C_OP_Zone | 192.168.255.3:30 | 30:30 | - | - | learned | 310-311 | | Tenant_C_WAN_Zone | 192.168.255.3:31 | 31:31 | - | - | learned | 350 | -#### Router BGP EVPN VRFs +#### Router BGP VRFs | VRF | Route-Distinguisher | Redistribute | | --- | ------------------- | ------------ | @@ -1037,32 +1045,35 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Tenant_C_OP_Zone | 192.168.255.3:30 | connected | | Tenant_C_WAN_Zone | 192.168.255.3:31 | connected | -### Router BGP Device Configuration +#### Router BGP Device Configuration ```eos ! router bgp 65101 router-id 192.168.255.3 + maximum-paths 4 ecmp 4 + update wait-install + no bgp default ipv4-unicast no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart - maximum-paths 4 ecmp 4 neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 - neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== + neighbor EVPN-OVERLAY-PEERS password 7 neighbor EVPN-OVERLAY-PEERS send-community neighbor EVPN-OVERLAY-PEERS maximum-routes 0 neighbor IPv4-UNDERLAY-PEERS peer group - neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== + neighbor IPv4-UNDERLAY-PEERS password 7 neighbor IPv4-UNDERLAY-PEERS send-community neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 neighbor MLAG-IPv4-UNDERLAY-PEER peer group neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101 neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self - neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== + neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF1B + neighbor MLAG-IPv4-UNDERLAY-PEER password 7 neighbor MLAG-IPv4-UNDERLAY-PEER send-community neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in @@ -1161,6 +1172,7 @@ router bgp 65101 route-target import evpn 12:12 route-target export evpn 12:12 router-id 192.168.255.3 + update wait-install neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1169,6 +1181,7 @@ router bgp 65101 route-target import evpn 13:13 route-target export evpn 13:13 router-id 192.168.255.3 + update wait-install neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1177,6 +1190,7 @@ router bgp 65101 route-target import evpn 10:10 route-target export evpn 10:10 router-id 192.168.255.3 + update wait-install neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1185,6 +1199,7 @@ router bgp 65101 route-target import evpn 14:14 route-target export evpn 14:14 router-id 192.168.255.3 + update wait-install neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1193,6 +1208,7 @@ router bgp 65101 route-target import evpn 11:11 route-target export evpn 11:11 router-id 192.168.255.3 + update wait-install neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1201,6 +1217,7 @@ router bgp 65101 route-target import evpn 20:20 route-target export evpn 20:20 router-id 192.168.255.3 + update wait-install neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1209,6 +1226,7 @@ router bgp 65101 route-target import evpn 21:21 route-target export evpn 21:21 router-id 192.168.255.3 + update wait-install neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1217,6 +1235,7 @@ router bgp 65101 route-target import evpn 30:30 route-target export evpn 30:30 router-id 192.168.255.3 + update wait-install neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1225,21 +1244,22 @@ router bgp 65101 route-target import evpn 31:31 route-target export evpn 31:31 router-id 192.168.255.3 + update wait-install neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ``` -# BFD +## BFD -## Router BFD +### Router BFD -### Router BFD Multihop Summary +#### Router BFD Multihop Summary | Interval | Minimum RX | Multiplier | | -------- | ---------- | ---------- | | 1200 | 1200 | 3 | -### Router BFD Multihop Device Configuration +#### Router BFD Device Configuration ```eos ! @@ -1247,34 +1267,35 @@ router bfd multihop interval 1200 min-rx 1200 multiplier 3 ``` -# Multicast +## Multicast -## IP IGMP Snooping +### IP IGMP Snooping -### IP IGMP Snooping Summary +#### IP IGMP Snooping Summary -IGMP snooping is globally enabled. +| IGMP Snooping | Fast Leave | Interface Restart Query | Proxy | Restart Query Interval | Robustness Variable | +| ------------- | ---------- | ----------------------- | ----- | ---------------------- | ------------------- | +| Enabled | - | - | - | - | - | - -### IP IGMP Snooping Device Configuration +#### IP IGMP Snooping Device Configuration ```eos ``` -# Filters +## Filters -## Prefix-lists +### Prefix-lists -### Prefix-lists Summary +#### Prefix-lists Summary -#### PL-LOOPBACKS-EVPN-OVERLAY +##### PL-LOOPBACKS-EVPN-OVERLAY | Sequence | Action | | -------- | ------ | | 10 | permit 192.168.255.0/24 eq 32 | | 20 | permit 192.168.254.0/24 eq 32 | -### Prefix-lists Device Configuration +#### Prefix-lists Device Configuration ```eos ! @@ -1283,23 +1304,23 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 20 permit 192.168.254.0/24 eq 32 ``` -## Route-maps +### Route-maps -### Route-maps Summary +#### Route-maps Summary -#### RM-CONN-2-BGP +##### RM-CONN-2-BGP -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - | -#### RM-MLAG-PEER-IN +##### RM-MLAG-PEER-IN -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | set origin incomplete | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | - | origin incomplete | - | - | -### Route-maps Device Configuration +#### Route-maps Device Configuration ```eos ! @@ -1311,11 +1332,9 @@ route-map RM-MLAG-PEER-IN permit 10 set origin incomplete ``` -# ACL - -# VRF Instances +## VRF Instances -## VRF Instances Summary +### VRF Instances Summary | VRF Name | IP Routing | | -------- | ---------- | @@ -1330,7 +1349,7 @@ route-map RM-MLAG-PEER-IN permit 10 | Tenant_C_OP_Zone | enabled | | Tenant_C_WAN_Zone | enabled | -## VRF Instances Device Configuration +### VRF Instances Device Configuration ```eos ! @@ -1355,19 +1374,17 @@ vrf instance Tenant_C_OP_Zone vrf instance Tenant_C_WAN_Zone ``` -# Virtual Source NAT +## Virtual Source NAT -## Virtual Source NAT Summary +### Virtual Source NAT Summary | Source NAT VRF | Source NAT IP Address | | -------------- | --------------------- | | Tenant_A_OP_Zone | 10.255.1.3 | -## Virtual Source NAT Configuration +### Virtual Source NAT Configuration ```eos ! ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.3 ``` - -# Quality Of Service diff --git a/inventory/documentation/devices/DC1-LEAF1B.md b/inventory/documentation/devices/DC1-LEAF1B.md index 6289317d..fcf8e504 100644 --- a/inventory/documentation/devices/DC1-LEAF1B.md +++ b/inventory/documentation/devices/DC1-LEAF1B.md @@ -1,10 +1,10 @@ # DC1-LEAF1B -# Table of Contents - + +## Table of Contents - [Management](#management) - [Management Interfaces](#management-interfaces) - - [Name Servers](#name-servers) + - [IP Name Servers](#ip-name-servers) - [NTP](#ntp) - [Management API HTTP](#management-api-http) - [Authentication](#authentication) @@ -19,7 +19,7 @@ - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) - - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) + - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) - [VLANs](#vlans) - [VLANs Summary](#vlans-summary) - [VLANs Device Configuration](#vlans-device-configuration) @@ -43,35 +43,32 @@ - [Filters](#filters) - [Prefix-lists](#prefix-lists) - [Route-maps](#route-maps) -- [ACL](#acl) - [VRF Instances](#vrf-instances) - [VRF Instances Summary](#vrf-instances-summary) - [VRF Instances Device Configuration](#vrf-instances-device-configuration) - [Virtual Source NAT](#virtual-source-nat) - [Virtual Source NAT Summary](#virtual-source-nat-summary) - [Virtual Source NAT Configuration](#virtual-source-nat-configuration) -- [Quality Of Service](#quality-of-service) - -# Management +## Management -## Management Interfaces +### Management Interfaces -### Management Interfaces Summary +#### Management Interfaces Summary -#### IPv4 +##### IPv4 | Management Interface | description | Type | VRF | IP Address | Gateway | | -------------------- | ----------- | ---- | --- | ---------- | ------- | | Management1 | oob_management | oob | MGMT | 10.255.0.14/24 | 10.255.0.1 | -#### IPv6 +##### IPv6 | Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | oob_management | oob | MGMT | - | - | +| Management1 | oob_management | oob | MGMT | - | - | -### Management Interfaces Device Configuration +#### Management Interfaces Device Configuration ```eos ! @@ -82,40 +79,40 @@ interface Management1 ip address 10.255.0.14/24 ``` -## Name Servers +### IP Name Servers -### Name Servers Summary +#### IP Name Servers Summary -| Name Server | Source VRF | -| ----------- | ---------- | -| 192.168.2.1 | MGMT | -| 8.8.8.8 | MGMT | +| Name Server | VRF | Priority | +| ----------- | --- | -------- | +| 192.168.2.1 | MGMT | - | +| 8.8.8.8 | MGMT | - | -### Name Servers Device Configuration +#### IP Name Servers Device Configuration ```eos ip name-server vrf MGMT 8.8.8.8 ip name-server vrf MGMT 192.168.2.1 ``` -## NTP +### NTP -### NTP Summary +#### NTP Summary -#### NTP Local Interface +##### NTP Local Interface | Interface | VRF | | --------- | --- | | Management1 | MGMT | -#### NTP Servers +##### NTP Servers | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | -### NTP Device Configuration +#### NTP Device Configuration ```eos ! @@ -124,22 +121,21 @@ ntp server vrf MGMT 0.fr.pool.ntp.org prefer ntp server vrf MGMT 1.fr.pool.ntp.org ``` -## Management API HTTP +### Management API HTTP -### Management API HTTP Summary +#### Management API HTTP Summary -| HTTP | HTTPS | -| ---------- | ---------- | -| default | true | +| HTTP | HTTPS | Default Services | +| ---- | ----- | ---------------- | +| False | True | - | -### Management API VRF Access +#### Management API VRF Access | VRF Name | IPv4 ACL | IPv6 ACL | | -------- | -------- | -------- | | MGMT | - | - | - -### Management API HTTP Configuration +#### Management API HTTP Device Configuration ```eos ! @@ -151,49 +147,49 @@ management api http-commands no shutdown ``` -# Authentication +## Authentication -## Local Users +### Local Users -### Local Users Summary +#### Local Users Summary -| User | Privilege | Role | -| ---- | --------- | ---- | -| admin | 15 | network-admin | -| ansible | 15 | network-admin | -| cvpadmin | 15 | network-admin | +| User | Privilege | Role | Disabled | Shell | +| ---- | --------- | ---- | -------- | ----- | +| admin | 15 | network-admin | False | - | +| ansible | 15 | network-admin | False | - | +| cvpadmin | 15 | network-admin | False | - | -### Local Users Device Configuration +#### Local Users Device Configuration ```eos ! -username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 -username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +username admin privilege 15 role network-admin secret sha512 +username ansible privilege 15 role network-admin secret sha512 +username cvpadmin privilege 15 role network-admin secret sha512 ``` -# Monitoring +## Monitoring -## TerminAttr Daemon +### TerminAttr Daemon -### TerminAttr Daemon Summary +#### TerminAttr Daemon Summary | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | -| gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | +| gzip | 10.255.0.1:9910 | MGMT | key, | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | -### TerminAttr Daemon Device Configuration +#### TerminAttr Daemon Device Configuration ```eos ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ``` -# MLAG +## MLAG -## MLAG Summary +### MLAG Summary | Domain-id | Local-interface | Peer-address | Peer-link | | --------- | --------------- | ------------ | --------- | @@ -201,7 +197,7 @@ daemon TerminAttr Dual primary detection is disabled. -## MLAG Device Configuration +### MLAG Device Configuration ```eos ! @@ -214,23 +210,23 @@ mlag configuration reload-delay non-mlag 330 ``` -# Spanning Tree +## Spanning Tree -## Spanning Tree Summary +### Spanning Tree Summary STP mode: **mstp** -### MSTP Instance and Priority +#### MSTP Instance and Priority | Instance(s) | Priority | | -------- | -------- | | 0 | 16384 | -### Global Spanning-Tree Settings +#### Global Spanning-Tree Settings -Spanning Tree disabled for VLANs: **4093-4094** +- Spanning Tree disabled for VLANs: **4093-4094** -## Spanning Tree Device Configuration +### Spanning Tree Device Configuration ```eos ! @@ -239,24 +235,24 @@ no spanning-tree vlan-id 4093-4094 spanning-tree mst 0 priority 16384 ``` -# Internal VLAN Allocation Policy +## Internal VLAN Allocation Policy -## Internal VLAN Allocation Policy Summary +### Internal VLAN Allocation Policy Summary | Policy Allocation | Range Beginning | Range Ending | | ------------------| --------------- | ------------ | | ascending | 1006 | 1199 | -## Internal VLAN Allocation Policy Configuration +### Internal VLAN Allocation Policy Device Configuration ```eos ! vlan internal order ascending range 1006 1199 ``` -# VLANs +## VLANs -## VLANs Summary +### VLANs Summary | VLAN ID | Name | Trunk Groups | | ------- | ---- | ------------ | @@ -290,7 +286,7 @@ vlan internal order ascending range 1006 1199 | 4093 | LEAF_PEER_L3 | LEAF_PEER_L3 | | 4094 | MLAG_PEER | MLAG | -## VLANs Device Configuration +### VLANs Device Configuration ```eos ! @@ -393,30 +389,30 @@ vlan 4094 trunk group MLAG ``` -# Interfaces +## Interfaces -## Ethernet Interfaces +### Ethernet Interfaces -### Ethernet Interfaces Summary +#### Ethernet Interfaces Summary -#### L2 +##### L2 | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | -| Ethernet3 | MLAG_PEER_DC1-LEAF1A_Ethernet3 | *trunk | *2-4094 | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | -| Ethernet4 | MLAG_PEER_DC1-LEAF1A_Ethernet4 | *trunk | *2-4094 | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | +| Ethernet3 | MLAG_PEER_DC1-LEAF1A_Ethernet3 | *trunk | *- | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | +| Ethernet4 | MLAG_PEER_DC1-LEAF1A_Ethernet4 | *trunk | *- | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | | Ethernet5 | DC1-L2LEAF1A_Ethernet2 | *trunk | *110-112,120-121,130-131 | *- | *- | 5 | *Inherited from Port-Channel Interface -#### IPv4 +##### IPv4 | Interface | Description | Type | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | | --------- | ----------- | -----| ------------- | ---------- | ----| ---- | -------- | ------ | ------- | -| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet2 | routed | - | 172.31.255.5/31 | default | 1500 | false | - | - | -| Ethernet2 | P2P_LINK_TO_DC1-SPINE2_Ethernet2 | routed | - | 172.31.255.7/31 | default | 1500 | false | - | - | +| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet2 | routed | - | 172.31.255.5/31 | default | 1500 | False | - | - | +| Ethernet2 | P2P_LINK_TO_DC1-SPINE2_Ethernet2 | routed | - | 172.31.255.7/31 | default | 1500 | False | - | - | -### Ethernet Interfaces Device Configuration +#### Ethernet Interfaces Device Configuration ```eos ! @@ -450,18 +446,18 @@ interface Ethernet5 channel-group 5 mode active ``` -## Port-Channel Interfaces +### Port-Channel Interfaces -### Port-Channel Interfaces Summary +#### Port-Channel Interfaces Summary -#### L2 +##### L2 | Interface | Description | Type | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | | --------- | ----------- | ---- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | -| Port-Channel3 | MLAG_PEER_DC1-LEAF1A_Po3 | switched | trunk | 2-4094 | - | ['LEAF_PEER_L3', 'MLAG'] | - | - | - | - | +| Port-Channel3 | MLAG_PEER_DC1-LEAF1A_Po3 | switched | trunk | - | - | ['LEAF_PEER_L3', 'MLAG'] | - | - | - | - | | Port-Channel5 | DC1-L2LEAF1A_Po1 | switched | trunk | 110-112,120-121,130-131 | - | - | - | - | 5 | - | -### Port-Channel Interfaces Device Configuration +#### Port-Channel Interfaces Device Configuration ```eos ! @@ -469,7 +465,6 @@ interface Port-Channel3 description MLAG_PEER_DC1-LEAF1A_Po3 no shutdown switchport - switchport trunk allowed vlan 2-4094 switchport mode trunk switchport trunk group LEAF_PEER_L3 switchport trunk group MLAG @@ -483,11 +478,11 @@ interface Port-Channel5 mlag 5 ``` -## Loopback Interfaces +### Loopback Interfaces -### Loopback Interfaces Summary +#### Loopback Interfaces Summary -#### IPv4 +##### IPv4 | Interface | Description | VRF | IP Address | | --------- | ----------- | --- | ---------- | @@ -495,7 +490,7 @@ interface Port-Channel5 | Loopback1 | VTEP_VXLAN_Tunnel_Source | default | 192.168.254.3/32 | | Loopback100 | Tenant_A_OP_Zone_VTEP_DIAGNOSTICS | Tenant_A_OP_Zone | 10.255.1.4/32 | -#### IPv6 +##### IPv6 | Interface | Description | VRF | IPv6 Address | | --------- | ----------- | --- | ------------ | @@ -503,8 +498,7 @@ interface Port-Channel5 | Loopback1 | VTEP_VXLAN_Tunnel_Source | default | - | | Loopback100 | Tenant_A_OP_Zone_VTEP_DIAGNOSTICS | Tenant_A_OP_Zone | - | - -### Loopback Interfaces Device Configuration +#### Loopback Interfaces Device Configuration ```eos ! @@ -525,60 +519,60 @@ interface Loopback100 ip address 10.255.1.4/32 ``` -## VLAN Interfaces +### VLAN Interfaces -### VLAN Interfaces Summary +#### VLAN Interfaces Summary | Interface | Description | VRF | MTU | Shutdown | | --------- | ----------- | --- | ---- | -------- | -| Vlan110 | Tenant_A_OP_Zone_1 | Tenant_A_OP_Zone | - | false | -| Vlan111 | Tenant_A_OP_Zone_2 | Tenant_A_OP_Zone | - | false | -| Vlan112 | Tenant_A_OP_Zone_3 | Tenant_A_OP_Zone | - | false | -| Vlan120 | Tenant_A_WEB_Zone_1 | Tenant_A_WEB_Zone | - | false | -| Vlan121 | Tenant_A_WEBZone_2 | Tenant_A_WEB_Zone | - | false | -| Vlan130 | Tenant_A_APP_Zone_1 | Tenant_A_APP_Zone | - | false | -| Vlan131 | Tenant_A_APP_Zone_2 | Tenant_A_APP_Zone | - | false | -| Vlan140 | Tenant_A_DB_BZone_1 | Tenant_A_DB_Zone | - | false | -| Vlan141 | Tenant_A_DB_Zone_2 | Tenant_A_DB_Zone | - | false | -| Vlan150 | Tenant_A_WAN_Zone_1 | Tenant_A_WAN_Zone | - | false | -| Vlan210 | Tenant_B_OP_Zone_1 | Tenant_B_OP_Zone | - | false | -| Vlan211 | Tenant_B_OP_Zone_2 | Tenant_B_OP_Zone | - | false | -| Vlan250 | Tenant_B_WAN_Zone_1 | Tenant_B_WAN_Zone | - | false | -| Vlan310 | Tenant_C_OP_Zone_1 | Tenant_C_OP_Zone | - | false | -| Vlan311 | Tenant_C_OP_Zone_2 | Tenant_C_OP_Zone | - | false | -| Vlan350 | Tenant_C_WAN_Zone_1 | Tenant_C_WAN_Zone | - | false | -| Vlan3009 | MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone | Tenant_A_OP_Zone | 1500 | false | -| Vlan3010 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone | Tenant_A_WEB_Zone | 1500 | false | -| Vlan3011 | MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone | Tenant_A_APP_Zone | 1500 | false | -| Vlan3012 | MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone | Tenant_A_DB_Zone | 1500 | false | -| Vlan3013 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone | Tenant_A_WAN_Zone | 1500 | false | -| Vlan3019 | MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone | Tenant_B_OP_Zone | 1500 | false | -| Vlan3020 | MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone | Tenant_B_WAN_Zone | 1500 | false | -| Vlan3029 | MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone | Tenant_C_OP_Zone | 1500 | false | -| Vlan3030 | MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone | Tenant_C_WAN_Zone | 1500 | false | -| Vlan4093 | MLAG_PEER_L3_PEERING | default | 1500 | false | -| Vlan4094 | MLAG_PEER | default | 1500 | false | - -#### IPv4 +| Vlan110 | Tenant_A_OP_Zone_1 | Tenant_A_OP_Zone | - | False | +| Vlan111 | Tenant_A_OP_Zone_2 | Tenant_A_OP_Zone | - | False | +| Vlan112 | Tenant_A_OP_Zone_3 | Tenant_A_OP_Zone | - | False | +| Vlan120 | Tenant_A_WEB_Zone_1 | Tenant_A_WEB_Zone | - | False | +| Vlan121 | Tenant_A_WEBZone_2 | Tenant_A_WEB_Zone | - | False | +| Vlan130 | Tenant_A_APP_Zone_1 | Tenant_A_APP_Zone | - | False | +| Vlan131 | Tenant_A_APP_Zone_2 | Tenant_A_APP_Zone | - | False | +| Vlan140 | Tenant_A_DB_BZone_1 | Tenant_A_DB_Zone | - | False | +| Vlan141 | Tenant_A_DB_Zone_2 | Tenant_A_DB_Zone | - | False | +| Vlan150 | Tenant_A_WAN_Zone_1 | Tenant_A_WAN_Zone | - | False | +| Vlan210 | Tenant_B_OP_Zone_1 | Tenant_B_OP_Zone | - | False | +| Vlan211 | Tenant_B_OP_Zone_2 | Tenant_B_OP_Zone | - | False | +| Vlan250 | Tenant_B_WAN_Zone_1 | Tenant_B_WAN_Zone | - | False | +| Vlan310 | Tenant_C_OP_Zone_1 | Tenant_C_OP_Zone | - | False | +| Vlan311 | Tenant_C_OP_Zone_2 | Tenant_C_OP_Zone | - | False | +| Vlan350 | Tenant_C_WAN_Zone_1 | Tenant_C_WAN_Zone | - | False | +| Vlan3009 | MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone | Tenant_A_OP_Zone | 1500 | False | +| Vlan3010 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone | Tenant_A_WEB_Zone | 1500 | False | +| Vlan3011 | MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone | Tenant_A_APP_Zone | 1500 | False | +| Vlan3012 | MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone | Tenant_A_DB_Zone | 1500 | False | +| Vlan3013 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone | Tenant_A_WAN_Zone | 1500 | False | +| Vlan3019 | MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone | Tenant_B_OP_Zone | 1500 | False | +| Vlan3020 | MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone | Tenant_B_WAN_Zone | 1500 | False | +| Vlan3029 | MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone | Tenant_C_OP_Zone | 1500 | False | +| Vlan3030 | MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone | Tenant_C_WAN_Zone | 1500 | False | +| Vlan4093 | MLAG_PEER_L3_PEERING | default | 1500 | False | +| Vlan4094 | MLAG_PEER | default | 1500 | False | + +##### IPv4 | Interface | VRF | IP Address | IP Address Virtual | IP Router Virtual Address | VRRP | ACL In | ACL Out | | --------- | --- | ---------- | ------------------ | ------------------------- | ---- | ------ | ------- | | Vlan110 | Tenant_A_OP_Zone | - | 10.1.10.1/24 | - | - | - | - | | Vlan111 | Tenant_A_OP_Zone | - | 10.1.11.1/24 | - | - | - | - | | Vlan112 | Tenant_A_OP_Zone | - | 10.1.12.254/24 | - | - | - | - | -| Vlan120 | Tenant_A_WEB_Zone | - | - | - | - | - | - | +| Vlan120 | Tenant_A_WEB_Zone | - | 10.1.20.1/24 | - | - | - | - | | Vlan121 | Tenant_A_WEB_Zone | - | 10.1.21.1/24 | - | - | - | - | -| Vlan130 | Tenant_A_APP_Zone | - | - | - | - | - | - | +| Vlan130 | Tenant_A_APP_Zone | - | 10.1.30.1/24 | - | - | - | - | | Vlan131 | Tenant_A_APP_Zone | - | 10.1.31.254/24 | - | - | - | - | | Vlan140 | Tenant_A_DB_Zone | - | 10.1.40.1/24 | - | - | - | - | | Vlan141 | Tenant_A_DB_Zone | - | 10.1.41.1/24 | - | - | - | - | | Vlan150 | Tenant_A_WAN_Zone | - | 10.1.40.1/24 | - | - | - | - | -| Vlan210 | Tenant_B_OP_Zone | - | - | - | - | - | - | +| Vlan210 | Tenant_B_OP_Zone | - | 10.2.10.1/24 | - | - | - | - | | Vlan211 | Tenant_B_OP_Zone | - | 10.2.11.1/24 | - | - | - | - | | Vlan250 | Tenant_B_WAN_Zone | - | 10.2.50.1/24 | - | - | - | - | -| Vlan310 | Tenant_C_OP_Zone | - | - | - | - | - | - | -| Vlan311 | Tenant_C_OP_Zone | - | - | - | - | - | - | -| Vlan350 | Tenant_C_WAN_Zone | - | - | - | - | - | - | +| Vlan310 | Tenant_C_OP_Zone | - | 10.3.10.1/24 | - | - | - | - | +| Vlan311 | Tenant_C_OP_Zone | - | 10.3.11.1/24 | - | - | - | - | +| Vlan350 | Tenant_C_WAN_Zone | - | 10.3.50.1/24 | - | - | - | - | | Vlan3009 | Tenant_A_OP_Zone | 10.255.251.1/31 | - | - | - | - | - | | Vlan3010 | Tenant_A_WEB_Zone | 10.255.251.1/31 | - | - | - | - | - | | Vlan3011 | Tenant_A_APP_Zone | 10.255.251.1/31 | - | - | - | - | - | @@ -591,8 +585,7 @@ interface Loopback100 | Vlan4093 | default | 10.255.251.1/31 | - | - | - | - | - | | Vlan4094 | default | 10.255.252.1/31 | - | - | - | - | - | - -### VLAN Interfaces Device Configuration +#### VLAN Interfaces Device Configuration ```eos ! @@ -618,6 +611,7 @@ interface Vlan120 description Tenant_A_WEB_Zone_1 no shutdown vrf Tenant_A_WEB_Zone + ip address virtual 10.1.20.1/24 ! interface Vlan121 description Tenant_A_WEBZone_2 @@ -629,6 +623,7 @@ interface Vlan130 description Tenant_A_APP_Zone_1 no shutdown vrf Tenant_A_APP_Zone + ip address virtual 10.1.30.1/24 ! interface Vlan131 description Tenant_A_APP_Zone_2 @@ -658,6 +653,7 @@ interface Vlan210 description Tenant_B_OP_Zone_1 no shutdown vrf Tenant_B_OP_Zone + ip address virtual 10.2.10.1/24 ! interface Vlan211 description Tenant_B_OP_Zone_2 @@ -675,16 +671,19 @@ interface Vlan310 description Tenant_C_OP_Zone_1 no shutdown vrf Tenant_C_OP_Zone + ip address virtual 10.3.10.1/24 ! interface Vlan311 description Tenant_C_OP_Zone_2 no shutdown vrf Tenant_C_OP_Zone + ip address virtual 10.3.11.1/24 ! interface Vlan350 description Tenant_C_WAN_Zone_1 no shutdown vrf Tenant_C_WAN_Zone + ip address virtual 10.3.50.1/24 ! interface Vlan3009 description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone @@ -763,54 +762,54 @@ interface Vlan4094 ip address 10.255.252.1/31 ``` -## VXLAN Interface - -### VXLAN Interface Summary - -#### Source Interface: Loopback1 - -#### UDP port: 4789 - -#### EVPN MLAG Shared Router MAC : mlag-system-id - -#### VLAN to VNI and Flood List Mappings - -| VLAN | VNI | Flood List | -| ---- | --- | ---------- | -| 110 | 10110 | - | -| 111 | 50111 | - | -| 112 | 50112 | - | -| 120 | 10120 | - | -| 121 | 10121 | - | -| 130 | 10130 | - | -| 131 | 10131 | - | -| 140 | 10140 | - | -| 141 | 10141 | - | -| 150 | 10150 | - | -| 160 | 55160 | - | -| 161 | 10161 | - | -| 210 | 20210 | - | -| 211 | 20211 | - | -| 250 | 20250 | - | -| 310 | 30310 | - | -| 311 | 30311 | - | -| 350 | 30350 | - | - -#### VRF to VNI Mappings - -| VLAN | VNI | -| ---- | --- | -| Tenant_A_APP_Zone | 12 | -| Tenant_A_DB_Zone | 13 | -| Tenant_A_OP_Zone | 10 | -| Tenant_A_WAN_Zone | 14 | -| Tenant_A_WEB_Zone | 11 | -| Tenant_B_OP_Zone | 20 | -| Tenant_B_WAN_Zone | 21 | -| Tenant_C_OP_Zone | 30 | -| Tenant_C_WAN_Zone | 31 | - -### VXLAN Interface Device Configuration +### VXLAN Interface + +#### VXLAN Interface Summary + +| Setting | Value | +| ------- | ----- | +| Source Interface | Loopback1 | +| UDP port | 4789 | +| EVPN MLAG Shared Router MAC | mlag-system-id | + +##### VLAN to VNI, Flood List and Multicast Group Mappings + +| VLAN | VNI | Flood List | Multicast Group | +| ---- | --- | ---------- | --------------- | +| 110 | 10110 | - | - | +| 111 | 50111 | - | - | +| 112 | 50112 | - | - | +| 120 | 10120 | - | - | +| 121 | 10121 | - | - | +| 130 | 10130 | - | - | +| 131 | 10131 | - | - | +| 140 | 10140 | - | - | +| 141 | 10141 | - | - | +| 150 | 10150 | - | - | +| 160 | 55160 | - | - | +| 161 | 10161 | - | - | +| 210 | 20210 | - | - | +| 211 | 20211 | - | - | +| 250 | 20250 | - | - | +| 310 | 30310 | - | - | +| 311 | 30311 | - | - | +| 350 | 30350 | - | - | + +##### VRF to VNI and Multicast Group Mappings + +| VRF | VNI | Multicast Group | +| ---- | --- | --------------- | +| Tenant_A_APP_Zone | 12 | - | +| Tenant_A_DB_Zone | 13 | - | +| Tenant_A_OP_Zone | 10 | - | +| Tenant_A_WAN_Zone | 14 | - | +| Tenant_A_WEB_Zone | 11 | - | +| Tenant_B_OP_Zone | 20 | - | +| Tenant_B_WAN_Zone | 21 | - | +| Tenant_C_OP_Zone | 30 | - | +| Tenant_C_WAN_Zone | 31 | - | + +#### VXLAN Interface Device Configuration ```eos ! @@ -848,8 +847,9 @@ interface Vxlan1 vxlan vrf Tenant_C_WAN_Zone vni 31 ``` -# Routing -## Service Routing Protocols Model +## Routing + +### Service Routing Protocols Model Multi agent routing protocol model enabled @@ -858,37 +858,38 @@ Multi agent routing protocol model enabled service routing protocols model multi-agent ``` -## Virtual Router MAC Address +### Virtual Router MAC Address -### Virtual Router MAC Address Summary +#### Virtual Router MAC Address Summary -#### Virtual Router MAC Address: 00:1c:73:00:dc:01 +Virtual Router MAC Address: 00:1c:73:00:dc:01 -### Virtual Router MAC Address Configuration +#### Virtual Router MAC Address Device Configuration ```eos ! ip virtual-router mac-address 00:1c:73:00:dc:01 ``` -## IP Routing +### IP Routing -### IP Routing Summary +#### IP Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | true|| MGMT | false | -| Tenant_A_APP_Zone | true | -| Tenant_A_DB_Zone | true | -| Tenant_A_OP_Zone | true | -| Tenant_A_WAN_Zone | true | -| Tenant_A_WEB_Zone | true | -| Tenant_B_OP_Zone | true | -| Tenant_B_WAN_Zone | true | -| Tenant_C_OP_Zone | true | -| Tenant_C_WAN_Zone | true | - -### IP Routing Device Configuration +| default | True | +| MGMT | False | +| Tenant_A_APP_Zone | True | +| Tenant_A_DB_Zone | True | +| Tenant_A_OP_Zone | True | +| Tenant_A_WAN_Zone | True | +| Tenant_A_WEB_Zone | True | +| Tenant_B_OP_Zone | True | +| Tenant_B_WAN_Zone | True | +| Tenant_C_OP_Zone | True | +| Tenant_C_WAN_Zone | True | + +#### IP Routing Device Configuration ```eos ! @@ -904,13 +905,15 @@ ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_OP_Zone ip routing vrf Tenant_C_WAN_Zone ``` -## IPv6 Routing -### IPv6 Routing Summary +### IPv6 Routing + +#### IPv6 Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | false || MGMT | false | +| default | False | +| MGMT | false | | Tenant_A_APP_Zone | false | | Tenant_A_DB_Zone | false | | Tenant_A_OP_Zone | false | @@ -921,29 +924,28 @@ ip routing vrf Tenant_C_WAN_Zone | Tenant_C_OP_Zone | false | | Tenant_C_WAN_Zone | false | +### Static Routes -## Static Routes +#### Static Routes Summary -### Static Routes Summary +| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | +| --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | +| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | -| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | -| --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | -| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | - -### Static Routes Device Configuration +#### Static Routes Device Configuration ```eos ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 ``` -## Router BGP +### Router BGP -### Router BGP Summary +#### Router BGP Summary | BGP AS | Router ID | | ------ | --------- | -| 65101| 192.168.255.4 | +| 65101 | 192.168.255.4 | | BGP Tuning | | ---------- | @@ -951,22 +953,24 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | distance bgp 20 200 200 | | graceful-restart restart-time 300 | | graceful-restart | +| update wait-install | +| no bgp default ipv4-unicast | | maximum-paths 4 ecmp 4 | -### Router BGP Peer Groups +#### Router BGP Peer Groups -#### EVPN-OVERLAY-PEERS +##### EVPN-OVERLAY-PEERS | Settings | Value | | -------- | ----- | | Address Family | evpn | | Source | Loopback0 | -| Bfd | true | +| BFD | True | | Ebgp multihop | 3 | | Send community | all | | Maximum routes | 0 (no limit) | -#### IPv4-UNDERLAY-PEERS +##### IPv4-UNDERLAY-PEERS | Settings | Value | | -------- | ----- | @@ -974,7 +978,7 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -#### MLAG-IPv4-UNDERLAY-PEER +##### MLAG-IPv4-UNDERLAY-PEER | Settings | Value | | -------- | ----- | @@ -984,30 +988,34 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -### BGP Neighbors +#### BGP Neighbors -| Neighbor | Remote AS | VRF | -| -------- | --------- | --- | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | default | -| 172.31.255.4 | 65001 | default | -| 172.31.255.6 | 65001 | default | -| 192.168.255.1 | 65001 | default | -| 192.168.255.2 | 65001 | default | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_APP_Zone | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_DB_Zone | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_OP_Zone | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WAN_Zone | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WEB_Zone | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_OP_Zone | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_WAN_Zone | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_OP_Zone | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_WAN_Zone | +| Neighbor | Remote AS | VRF | Shutdown | Send-community | Maximum-routes | Allowas-in | BFD | RIB Pre-Policy Retain | Route-Reflector Client | Passive | +| -------- | --------- | --- | -------- | -------------- | -------------- | ---------- | --- | --------------------- | ---------------------- | ------- | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | default | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 172.31.255.4 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | +| 172.31.255.6 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | +| 192.168.255.1 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | +| 192.168.255.2 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_APP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_DB_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WEB_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | -### Router BGP EVPN Address Family +#### Router BGP EVPN Address Family -#### Router BGP EVPN MAC-VRFs +##### EVPN Peer Groups -##### VLAN aware bundles +| Peer Group | Activate | Encapsulation | +| ---------- | -------- | ------------- | +| EVPN-OVERLAY-PEERS | True | default | + +#### Router BGP VLAN Aware Bundles | VLAN Aware Bundle | Route-Distinguisher | Both Route-Target | Import Route Target | Export Route-Target | Redistribute | VLANs | | ----------------- | ------------------- | ----------------- | ------------------- | ------------------- | ------------ | ----- | @@ -1023,7 +1031,7 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Tenant_C_OP_Zone | 192.168.255.4:30 | 30:30 | - | - | learned | 310-311 | | Tenant_C_WAN_Zone | 192.168.255.4:31 | 31:31 | - | - | learned | 350 | -#### Router BGP EVPN VRFs +#### Router BGP VRFs | VRF | Route-Distinguisher | Redistribute | | --- | ------------------- | ------------ | @@ -1037,32 +1045,35 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Tenant_C_OP_Zone | 192.168.255.4:30 | connected | | Tenant_C_WAN_Zone | 192.168.255.4:31 | connected | -### Router BGP Device Configuration +#### Router BGP Device Configuration ```eos ! router bgp 65101 router-id 192.168.255.4 + maximum-paths 4 ecmp 4 + update wait-install + no bgp default ipv4-unicast no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart - maximum-paths 4 ecmp 4 neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 - neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== + neighbor EVPN-OVERLAY-PEERS password 7 neighbor EVPN-OVERLAY-PEERS send-community neighbor EVPN-OVERLAY-PEERS maximum-routes 0 neighbor IPv4-UNDERLAY-PEERS peer group - neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== + neighbor IPv4-UNDERLAY-PEERS password 7 neighbor IPv4-UNDERLAY-PEERS send-community neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 neighbor MLAG-IPv4-UNDERLAY-PEER peer group neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101 neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self - neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== + neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF1A + neighbor MLAG-IPv4-UNDERLAY-PEER password 7 neighbor MLAG-IPv4-UNDERLAY-PEER send-community neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in @@ -1161,6 +1172,7 @@ router bgp 65101 route-target import evpn 12:12 route-target export evpn 12:12 router-id 192.168.255.4 + update wait-install neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1169,6 +1181,7 @@ router bgp 65101 route-target import evpn 13:13 route-target export evpn 13:13 router-id 192.168.255.4 + update wait-install neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1177,6 +1190,7 @@ router bgp 65101 route-target import evpn 10:10 route-target export evpn 10:10 router-id 192.168.255.4 + update wait-install neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1185,6 +1199,7 @@ router bgp 65101 route-target import evpn 14:14 route-target export evpn 14:14 router-id 192.168.255.4 + update wait-install neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1193,6 +1208,7 @@ router bgp 65101 route-target import evpn 11:11 route-target export evpn 11:11 router-id 192.168.255.4 + update wait-install neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1201,6 +1217,7 @@ router bgp 65101 route-target import evpn 20:20 route-target export evpn 20:20 router-id 192.168.255.4 + update wait-install neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1209,6 +1226,7 @@ router bgp 65101 route-target import evpn 21:21 route-target export evpn 21:21 router-id 192.168.255.4 + update wait-install neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1217,6 +1235,7 @@ router bgp 65101 route-target import evpn 30:30 route-target export evpn 30:30 router-id 192.168.255.4 + update wait-install neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1225,21 +1244,22 @@ router bgp 65101 route-target import evpn 31:31 route-target export evpn 31:31 router-id 192.168.255.4 + update wait-install neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ``` -# BFD +## BFD -## Router BFD +### Router BFD -### Router BFD Multihop Summary +#### Router BFD Multihop Summary | Interval | Minimum RX | Multiplier | | -------- | ---------- | ---------- | | 1200 | 1200 | 3 | -### Router BFD Multihop Device Configuration +#### Router BFD Device Configuration ```eos ! @@ -1247,34 +1267,35 @@ router bfd multihop interval 1200 min-rx 1200 multiplier 3 ``` -# Multicast +## Multicast -## IP IGMP Snooping +### IP IGMP Snooping -### IP IGMP Snooping Summary +#### IP IGMP Snooping Summary -IGMP snooping is globally enabled. +| IGMP Snooping | Fast Leave | Interface Restart Query | Proxy | Restart Query Interval | Robustness Variable | +| ------------- | ---------- | ----------------------- | ----- | ---------------------- | ------------------- | +| Enabled | - | - | - | - | - | - -### IP IGMP Snooping Device Configuration +#### IP IGMP Snooping Device Configuration ```eos ``` -# Filters +## Filters -## Prefix-lists +### Prefix-lists -### Prefix-lists Summary +#### Prefix-lists Summary -#### PL-LOOPBACKS-EVPN-OVERLAY +##### PL-LOOPBACKS-EVPN-OVERLAY | Sequence | Action | | -------- | ------ | | 10 | permit 192.168.255.0/24 eq 32 | | 20 | permit 192.168.254.0/24 eq 32 | -### Prefix-lists Device Configuration +#### Prefix-lists Device Configuration ```eos ! @@ -1283,23 +1304,23 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 20 permit 192.168.254.0/24 eq 32 ``` -## Route-maps +### Route-maps -### Route-maps Summary +#### Route-maps Summary -#### RM-CONN-2-BGP +##### RM-CONN-2-BGP -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - | -#### RM-MLAG-PEER-IN +##### RM-MLAG-PEER-IN -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | set origin incomplete | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | - | origin incomplete | - | - | -### Route-maps Device Configuration +#### Route-maps Device Configuration ```eos ! @@ -1311,11 +1332,9 @@ route-map RM-MLAG-PEER-IN permit 10 set origin incomplete ``` -# ACL - -# VRF Instances +## VRF Instances -## VRF Instances Summary +### VRF Instances Summary | VRF Name | IP Routing | | -------- | ---------- | @@ -1330,7 +1349,7 @@ route-map RM-MLAG-PEER-IN permit 10 | Tenant_C_OP_Zone | enabled | | Tenant_C_WAN_Zone | enabled | -## VRF Instances Device Configuration +### VRF Instances Device Configuration ```eos ! @@ -1355,19 +1374,17 @@ vrf instance Tenant_C_OP_Zone vrf instance Tenant_C_WAN_Zone ``` -# Virtual Source NAT +## Virtual Source NAT -## Virtual Source NAT Summary +### Virtual Source NAT Summary | Source NAT VRF | Source NAT IP Address | | -------------- | --------------------- | | Tenant_A_OP_Zone | 10.255.1.4 | -## Virtual Source NAT Configuration +### Virtual Source NAT Configuration ```eos ! ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.4 ``` - -# Quality Of Service diff --git a/inventory/documentation/devices/DC1-LEAF2A.md b/inventory/documentation/devices/DC1-LEAF2A.md index 72595283..66c8928b 100644 --- a/inventory/documentation/devices/DC1-LEAF2A.md +++ b/inventory/documentation/devices/DC1-LEAF2A.md @@ -1,10 +1,10 @@ # DC1-LEAF2A -# Table of Contents - + +## Table of Contents - [Management](#management) - [Management Interfaces](#management-interfaces) - - [Name Servers](#name-servers) + - [IP Name Servers](#ip-name-servers) - [NTP](#ntp) - [Management API HTTP](#management-api-http) - [Authentication](#authentication) @@ -19,7 +19,7 @@ - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) - - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) + - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) - [VLANs](#vlans) - [VLANs Summary](#vlans-summary) - [VLANs Device Configuration](#vlans-device-configuration) @@ -43,35 +43,32 @@ - [Filters](#filters) - [Prefix-lists](#prefix-lists) - [Route-maps](#route-maps) -- [ACL](#acl) - [VRF Instances](#vrf-instances) - [VRF Instances Summary](#vrf-instances-summary) - [VRF Instances Device Configuration](#vrf-instances-device-configuration) - [Virtual Source NAT](#virtual-source-nat) - [Virtual Source NAT Summary](#virtual-source-nat-summary) - [Virtual Source NAT Configuration](#virtual-source-nat-configuration) -- [Quality Of Service](#quality-of-service) - -# Management +## Management -## Management Interfaces +### Management Interfaces -### Management Interfaces Summary +#### Management Interfaces Summary -#### IPv4 +##### IPv4 | Management Interface | description | Type | VRF | IP Address | Gateway | | -------------------- | ----------- | ---- | --- | ---------- | ------- | | Management1 | oob_management | oob | MGMT | 10.255.0.15/24 | 10.255.0.1 | -#### IPv6 +##### IPv6 | Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | oob_management | oob | MGMT | - | - | +| Management1 | oob_management | oob | MGMT | - | - | -### Management Interfaces Device Configuration +#### Management Interfaces Device Configuration ```eos ! @@ -82,40 +79,40 @@ interface Management1 ip address 10.255.0.15/24 ``` -## Name Servers +### IP Name Servers -### Name Servers Summary +#### IP Name Servers Summary -| Name Server | Source VRF | -| ----------- | ---------- | -| 192.168.2.1 | MGMT | -| 8.8.8.8 | MGMT | +| Name Server | VRF | Priority | +| ----------- | --- | -------- | +| 192.168.2.1 | MGMT | - | +| 8.8.8.8 | MGMT | - | -### Name Servers Device Configuration +#### IP Name Servers Device Configuration ```eos ip name-server vrf MGMT 8.8.8.8 ip name-server vrf MGMT 192.168.2.1 ``` -## NTP +### NTP -### NTP Summary +#### NTP Summary -#### NTP Local Interface +##### NTP Local Interface | Interface | VRF | | --------- | --- | | Management1 | MGMT | -#### NTP Servers +##### NTP Servers | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | -### NTP Device Configuration +#### NTP Device Configuration ```eos ! @@ -124,22 +121,21 @@ ntp server vrf MGMT 0.fr.pool.ntp.org prefer ntp server vrf MGMT 1.fr.pool.ntp.org ``` -## Management API HTTP +### Management API HTTP -### Management API HTTP Summary +#### Management API HTTP Summary -| HTTP | HTTPS | -| ---------- | ---------- | -| default | true | +| HTTP | HTTPS | Default Services | +| ---- | ----- | ---------------- | +| False | True | - | -### Management API VRF Access +#### Management API VRF Access | VRF Name | IPv4 ACL | IPv6 ACL | | -------- | -------- | -------- | | MGMT | - | - | - -### Management API HTTP Configuration +#### Management API HTTP Device Configuration ```eos ! @@ -151,49 +147,49 @@ management api http-commands no shutdown ``` -# Authentication +## Authentication -## Local Users +### Local Users -### Local Users Summary +#### Local Users Summary -| User | Privilege | Role | -| ---- | --------- | ---- | -| admin | 15 | network-admin | -| ansible | 15 | network-admin | -| cvpadmin | 15 | network-admin | +| User | Privilege | Role | Disabled | Shell | +| ---- | --------- | ---- | -------- | ----- | +| admin | 15 | network-admin | False | - | +| ansible | 15 | network-admin | False | - | +| cvpadmin | 15 | network-admin | False | - | -### Local Users Device Configuration +#### Local Users Device Configuration ```eos ! -username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 -username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +username admin privilege 15 role network-admin secret sha512 +username ansible privilege 15 role network-admin secret sha512 +username cvpadmin privilege 15 role network-admin secret sha512 ``` -# Monitoring +## Monitoring -## TerminAttr Daemon +### TerminAttr Daemon -### TerminAttr Daemon Summary +#### TerminAttr Daemon Summary | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | -| gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | +| gzip | 10.255.0.1:9910 | MGMT | key, | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | -### TerminAttr Daemon Device Configuration +#### TerminAttr Daemon Device Configuration ```eos ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ``` -# MLAG +## MLAG -## MLAG Summary +### MLAG Summary | Domain-id | Local-interface | Peer-address | Peer-link | | --------- | --------------- | ------------ | --------- | @@ -201,7 +197,7 @@ daemon TerminAttr Dual primary detection is disabled. -## MLAG Device Configuration +### MLAG Device Configuration ```eos ! @@ -214,23 +210,23 @@ mlag configuration reload-delay non-mlag 330 ``` -# Spanning Tree +## Spanning Tree -## Spanning Tree Summary +### Spanning Tree Summary STP mode: **mstp** -### MSTP Instance and Priority +#### MSTP Instance and Priority | Instance(s) | Priority | | -------- | -------- | | 0 | 16384 | -### Global Spanning-Tree Settings +#### Global Spanning-Tree Settings -Spanning Tree disabled for VLANs: **4093-4094** +- Spanning Tree disabled for VLANs: **4093-4094** -## Spanning Tree Device Configuration +### Spanning Tree Device Configuration ```eos ! @@ -239,24 +235,24 @@ no spanning-tree vlan-id 4093-4094 spanning-tree mst 0 priority 16384 ``` -# Internal VLAN Allocation Policy +## Internal VLAN Allocation Policy -## Internal VLAN Allocation Policy Summary +### Internal VLAN Allocation Policy Summary | Policy Allocation | Range Beginning | Range Ending | | ------------------| --------------- | ------------ | | ascending | 1006 | 1199 | -## Internal VLAN Allocation Policy Configuration +### Internal VLAN Allocation Policy Device Configuration ```eos ! vlan internal order ascending range 1006 1199 ``` -# VLANs +## VLANs -## VLANs Summary +### VLANs Summary | VLAN ID | Name | Trunk Groups | | ------- | ---- | ------------ | @@ -290,7 +286,7 @@ vlan internal order ascending range 1006 1199 | 4093 | LEAF_PEER_L3 | LEAF_PEER_L3 | | 4094 | MLAG_PEER | MLAG | -## VLANs Device Configuration +### VLANs Device Configuration ```eos ! @@ -393,30 +389,30 @@ vlan 4094 trunk group MLAG ``` -# Interfaces +## Interfaces -## Ethernet Interfaces +### Ethernet Interfaces -### Ethernet Interfaces Summary +#### Ethernet Interfaces Summary -#### L2 +##### L2 | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | -| Ethernet3 | MLAG_PEER_DC1-LEAF2B_Ethernet3 | *trunk | *2-4094 | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | -| Ethernet4 | MLAG_PEER_DC1-LEAF2B_Ethernet4 | *trunk | *2-4094 | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | +| Ethernet3 | MLAG_PEER_DC1-LEAF2B_Ethernet3 | *trunk | *- | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | +| Ethernet4 | MLAG_PEER_DC1-LEAF2B_Ethernet4 | *trunk | *- | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | | Ethernet5 | DC1-L2LEAF2A_Ethernet1 | *trunk | *110-112,120-121,130-131 | *- | *- | 5 | *Inherited from Port-Channel Interface -#### IPv4 +##### IPv4 | Interface | Description | Type | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | | --------- | ----------- | -----| ------------- | ---------- | ----| ---- | -------- | ------ | ------- | -| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet3 | routed | - | 172.31.255.9/31 | default | 1500 | false | - | - | -| Ethernet2 | P2P_LINK_TO_DC1-SPINE2_Ethernet3 | routed | - | 172.31.255.11/31 | default | 1500 | false | - | - | +| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet3 | routed | - | 172.31.255.9/31 | default | 1500 | False | - | - | +| Ethernet2 | P2P_LINK_TO_DC1-SPINE2_Ethernet3 | routed | - | 172.31.255.11/31 | default | 1500 | False | - | - | -### Ethernet Interfaces Device Configuration +#### Ethernet Interfaces Device Configuration ```eos ! @@ -450,18 +446,18 @@ interface Ethernet5 channel-group 5 mode active ``` -## Port-Channel Interfaces +### Port-Channel Interfaces -### Port-Channel Interfaces Summary +#### Port-Channel Interfaces Summary -#### L2 +##### L2 | Interface | Description | Type | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | | --------- | ----------- | ---- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | -| Port-Channel3 | MLAG_PEER_DC1-LEAF2B_Po3 | switched | trunk | 2-4094 | - | ['LEAF_PEER_L3', 'MLAG'] | - | - | - | - | +| Port-Channel3 | MLAG_PEER_DC1-LEAF2B_Po3 | switched | trunk | - | - | ['LEAF_PEER_L3', 'MLAG'] | - | - | - | - | | Port-Channel5 | DC1-L2LEAF2A_Po1 | switched | trunk | 110-112,120-121,130-131 | - | - | - | - | 5 | - | -### Port-Channel Interfaces Device Configuration +#### Port-Channel Interfaces Device Configuration ```eos ! @@ -469,7 +465,6 @@ interface Port-Channel3 description MLAG_PEER_DC1-LEAF2B_Po3 no shutdown switchport - switchport trunk allowed vlan 2-4094 switchport mode trunk switchport trunk group LEAF_PEER_L3 switchport trunk group MLAG @@ -483,11 +478,11 @@ interface Port-Channel5 mlag 5 ``` -## Loopback Interfaces +### Loopback Interfaces -### Loopback Interfaces Summary +#### Loopback Interfaces Summary -#### IPv4 +##### IPv4 | Interface | Description | VRF | IP Address | | --------- | ----------- | --- | ---------- | @@ -495,7 +490,7 @@ interface Port-Channel5 | Loopback1 | VTEP_VXLAN_Tunnel_Source | default | 192.168.254.5/32 | | Loopback100 | Tenant_A_OP_Zone_VTEP_DIAGNOSTICS | Tenant_A_OP_Zone | 10.255.1.5/32 | -#### IPv6 +##### IPv6 | Interface | Description | VRF | IPv6 Address | | --------- | ----------- | --- | ------------ | @@ -503,8 +498,7 @@ interface Port-Channel5 | Loopback1 | VTEP_VXLAN_Tunnel_Source | default | - | | Loopback100 | Tenant_A_OP_Zone_VTEP_DIAGNOSTICS | Tenant_A_OP_Zone | - | - -### Loopback Interfaces Device Configuration +#### Loopback Interfaces Device Configuration ```eos ! @@ -525,60 +519,60 @@ interface Loopback100 ip address 10.255.1.5/32 ``` -## VLAN Interfaces +### VLAN Interfaces -### VLAN Interfaces Summary +#### VLAN Interfaces Summary | Interface | Description | VRF | MTU | Shutdown | | --------- | ----------- | --- | ---- | -------- | -| Vlan110 | Tenant_A_OP_Zone_1 | Tenant_A_OP_Zone | - | false | -| Vlan111 | Tenant_A_OP_Zone_2 | Tenant_A_OP_Zone | - | false | -| Vlan112 | Tenant_A_OP_Zone_3 | Tenant_A_OP_Zone | - | false | -| Vlan120 | Tenant_A_WEB_Zone_1 | Tenant_A_WEB_Zone | - | false | -| Vlan121 | Tenant_A_WEBZone_2 | Tenant_A_WEB_Zone | - | false | -| Vlan130 | Tenant_A_APP_Zone_1 | Tenant_A_APP_Zone | - | false | -| Vlan131 | Tenant_A_APP_Zone_2 | Tenant_A_APP_Zone | - | false | -| Vlan140 | Tenant_A_DB_BZone_1 | Tenant_A_DB_Zone | - | false | -| Vlan141 | Tenant_A_DB_Zone_2 | Tenant_A_DB_Zone | - | false | -| Vlan150 | Tenant_A_WAN_Zone_1 | Tenant_A_WAN_Zone | - | false | -| Vlan210 | Tenant_B_OP_Zone_1 | Tenant_B_OP_Zone | - | false | -| Vlan211 | Tenant_B_OP_Zone_2 | Tenant_B_OP_Zone | - | false | -| Vlan250 | Tenant_B_WAN_Zone_1 | Tenant_B_WAN_Zone | - | false | -| Vlan310 | Tenant_C_OP_Zone_1 | Tenant_C_OP_Zone | - | false | -| Vlan311 | Tenant_C_OP_Zone_2 | Tenant_C_OP_Zone | - | false | -| Vlan350 | Tenant_C_WAN_Zone_1 | Tenant_C_WAN_Zone | - | false | -| Vlan3009 | MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone | Tenant_A_OP_Zone | 1500 | false | -| Vlan3010 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone | Tenant_A_WEB_Zone | 1500 | false | -| Vlan3011 | MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone | Tenant_A_APP_Zone | 1500 | false | -| Vlan3012 | MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone | Tenant_A_DB_Zone | 1500 | false | -| Vlan3013 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone | Tenant_A_WAN_Zone | 1500 | false | -| Vlan3019 | MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone | Tenant_B_OP_Zone | 1500 | false | -| Vlan3020 | MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone | Tenant_B_WAN_Zone | 1500 | false | -| Vlan3029 | MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone | Tenant_C_OP_Zone | 1500 | false | -| Vlan3030 | MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone | Tenant_C_WAN_Zone | 1500 | false | -| Vlan4093 | MLAG_PEER_L3_PEERING | default | 1500 | false | -| Vlan4094 | MLAG_PEER | default | 1500 | false | - -#### IPv4 +| Vlan110 | Tenant_A_OP_Zone_1 | Tenant_A_OP_Zone | - | False | +| Vlan111 | Tenant_A_OP_Zone_2 | Tenant_A_OP_Zone | - | False | +| Vlan112 | Tenant_A_OP_Zone_3 | Tenant_A_OP_Zone | - | False | +| Vlan120 | Tenant_A_WEB_Zone_1 | Tenant_A_WEB_Zone | - | False | +| Vlan121 | Tenant_A_WEBZone_2 | Tenant_A_WEB_Zone | - | False | +| Vlan130 | Tenant_A_APP_Zone_1 | Tenant_A_APP_Zone | - | False | +| Vlan131 | Tenant_A_APP_Zone_2 | Tenant_A_APP_Zone | - | False | +| Vlan140 | Tenant_A_DB_BZone_1 | Tenant_A_DB_Zone | - | False | +| Vlan141 | Tenant_A_DB_Zone_2 | Tenant_A_DB_Zone | - | False | +| Vlan150 | Tenant_A_WAN_Zone_1 | Tenant_A_WAN_Zone | - | False | +| Vlan210 | Tenant_B_OP_Zone_1 | Tenant_B_OP_Zone | - | False | +| Vlan211 | Tenant_B_OP_Zone_2 | Tenant_B_OP_Zone | - | False | +| Vlan250 | Tenant_B_WAN_Zone_1 | Tenant_B_WAN_Zone | - | False | +| Vlan310 | Tenant_C_OP_Zone_1 | Tenant_C_OP_Zone | - | False | +| Vlan311 | Tenant_C_OP_Zone_2 | Tenant_C_OP_Zone | - | False | +| Vlan350 | Tenant_C_WAN_Zone_1 | Tenant_C_WAN_Zone | - | False | +| Vlan3009 | MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone | Tenant_A_OP_Zone | 1500 | False | +| Vlan3010 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone | Tenant_A_WEB_Zone | 1500 | False | +| Vlan3011 | MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone | Tenant_A_APP_Zone | 1500 | False | +| Vlan3012 | MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone | Tenant_A_DB_Zone | 1500 | False | +| Vlan3013 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone | Tenant_A_WAN_Zone | 1500 | False | +| Vlan3019 | MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone | Tenant_B_OP_Zone | 1500 | False | +| Vlan3020 | MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone | Tenant_B_WAN_Zone | 1500 | False | +| Vlan3029 | MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone | Tenant_C_OP_Zone | 1500 | False | +| Vlan3030 | MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone | Tenant_C_WAN_Zone | 1500 | False | +| Vlan4093 | MLAG_PEER_L3_PEERING | default | 1500 | False | +| Vlan4094 | MLAG_PEER | default | 1500 | False | + +##### IPv4 | Interface | VRF | IP Address | IP Address Virtual | IP Router Virtual Address | VRRP | ACL In | ACL Out | | --------- | --- | ---------- | ------------------ | ------------------------- | ---- | ------ | ------- | | Vlan110 | Tenant_A_OP_Zone | - | 10.1.10.1/24 | - | - | - | - | | Vlan111 | Tenant_A_OP_Zone | - | 10.1.11.1/24 | - | - | - | - | | Vlan112 | Tenant_A_OP_Zone | - | 10.1.12.254/24 | - | - | - | - | -| Vlan120 | Tenant_A_WEB_Zone | - | - | - | - | - | - | +| Vlan120 | Tenant_A_WEB_Zone | - | 10.1.20.1/24 | - | - | - | - | | Vlan121 | Tenant_A_WEB_Zone | - | 10.1.21.1/24 | - | - | - | - | -| Vlan130 | Tenant_A_APP_Zone | - | - | - | - | - | - | +| Vlan130 | Tenant_A_APP_Zone | - | 10.1.30.1/24 | - | - | - | - | | Vlan131 | Tenant_A_APP_Zone | - | 10.1.31.254/24 | - | - | - | - | | Vlan140 | Tenant_A_DB_Zone | - | 10.1.40.1/24 | - | - | - | - | | Vlan141 | Tenant_A_DB_Zone | - | 10.1.41.1/24 | - | - | - | - | | Vlan150 | Tenant_A_WAN_Zone | - | 10.1.40.1/24 | - | - | - | - | -| Vlan210 | Tenant_B_OP_Zone | - | - | - | - | - | - | +| Vlan210 | Tenant_B_OP_Zone | - | 10.2.10.1/24 | - | - | - | - | | Vlan211 | Tenant_B_OP_Zone | - | 10.2.11.1/24 | - | - | - | - | | Vlan250 | Tenant_B_WAN_Zone | - | 10.2.50.1/24 | - | - | - | - | -| Vlan310 | Tenant_C_OP_Zone | - | - | - | - | - | - | -| Vlan311 | Tenant_C_OP_Zone | - | - | - | - | - | - | -| Vlan350 | Tenant_C_WAN_Zone | - | - | - | - | - | - | +| Vlan310 | Tenant_C_OP_Zone | - | 10.3.10.1/24 | - | - | - | - | +| Vlan311 | Tenant_C_OP_Zone | - | 10.3.11.1/24 | - | - | - | - | +| Vlan350 | Tenant_C_WAN_Zone | - | 10.3.50.1/24 | - | - | - | - | | Vlan3009 | Tenant_A_OP_Zone | 10.255.251.4/31 | - | - | - | - | - | | Vlan3010 | Tenant_A_WEB_Zone | 10.255.251.4/31 | - | - | - | - | - | | Vlan3011 | Tenant_A_APP_Zone | 10.255.251.4/31 | - | - | - | - | - | @@ -591,8 +585,7 @@ interface Loopback100 | Vlan4093 | default | 10.255.251.4/31 | - | - | - | - | - | | Vlan4094 | default | 10.255.252.4/31 | - | - | - | - | - | - -### VLAN Interfaces Device Configuration +#### VLAN Interfaces Device Configuration ```eos ! @@ -618,6 +611,7 @@ interface Vlan120 description Tenant_A_WEB_Zone_1 no shutdown vrf Tenant_A_WEB_Zone + ip address virtual 10.1.20.1/24 ! interface Vlan121 description Tenant_A_WEBZone_2 @@ -629,6 +623,7 @@ interface Vlan130 description Tenant_A_APP_Zone_1 no shutdown vrf Tenant_A_APP_Zone + ip address virtual 10.1.30.1/24 ! interface Vlan131 description Tenant_A_APP_Zone_2 @@ -658,6 +653,7 @@ interface Vlan210 description Tenant_B_OP_Zone_1 no shutdown vrf Tenant_B_OP_Zone + ip address virtual 10.2.10.1/24 ! interface Vlan211 description Tenant_B_OP_Zone_2 @@ -675,16 +671,19 @@ interface Vlan310 description Tenant_C_OP_Zone_1 no shutdown vrf Tenant_C_OP_Zone + ip address virtual 10.3.10.1/24 ! interface Vlan311 description Tenant_C_OP_Zone_2 no shutdown vrf Tenant_C_OP_Zone + ip address virtual 10.3.11.1/24 ! interface Vlan350 description Tenant_C_WAN_Zone_1 no shutdown vrf Tenant_C_WAN_Zone + ip address virtual 10.3.50.1/24 ! interface Vlan3009 description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone @@ -763,54 +762,54 @@ interface Vlan4094 ip address 10.255.252.4/31 ``` -## VXLAN Interface - -### VXLAN Interface Summary - -#### Source Interface: Loopback1 - -#### UDP port: 4789 - -#### EVPN MLAG Shared Router MAC : mlag-system-id - -#### VLAN to VNI and Flood List Mappings - -| VLAN | VNI | Flood List | -| ---- | --- | ---------- | -| 110 | 10110 | - | -| 111 | 50111 | - | -| 112 | 50112 | - | -| 120 | 10120 | - | -| 121 | 10121 | - | -| 130 | 10130 | - | -| 131 | 10131 | - | -| 140 | 10140 | - | -| 141 | 10141 | - | -| 150 | 10150 | - | -| 160 | 55160 | - | -| 161 | 10161 | - | -| 210 | 20210 | - | -| 211 | 20211 | - | -| 250 | 20250 | - | -| 310 | 30310 | - | -| 311 | 30311 | - | -| 350 | 30350 | - | - -#### VRF to VNI Mappings - -| VLAN | VNI | -| ---- | --- | -| Tenant_A_APP_Zone | 12 | -| Tenant_A_DB_Zone | 13 | -| Tenant_A_OP_Zone | 10 | -| Tenant_A_WAN_Zone | 14 | -| Tenant_A_WEB_Zone | 11 | -| Tenant_B_OP_Zone | 20 | -| Tenant_B_WAN_Zone | 21 | -| Tenant_C_OP_Zone | 30 | -| Tenant_C_WAN_Zone | 31 | - -### VXLAN Interface Device Configuration +### VXLAN Interface + +#### VXLAN Interface Summary + +| Setting | Value | +| ------- | ----- | +| Source Interface | Loopback1 | +| UDP port | 4789 | +| EVPN MLAG Shared Router MAC | mlag-system-id | + +##### VLAN to VNI, Flood List and Multicast Group Mappings + +| VLAN | VNI | Flood List | Multicast Group | +| ---- | --- | ---------- | --------------- | +| 110 | 10110 | - | - | +| 111 | 50111 | - | - | +| 112 | 50112 | - | - | +| 120 | 10120 | - | - | +| 121 | 10121 | - | - | +| 130 | 10130 | - | - | +| 131 | 10131 | - | - | +| 140 | 10140 | - | - | +| 141 | 10141 | - | - | +| 150 | 10150 | - | - | +| 160 | 55160 | - | - | +| 161 | 10161 | - | - | +| 210 | 20210 | - | - | +| 211 | 20211 | - | - | +| 250 | 20250 | - | - | +| 310 | 30310 | - | - | +| 311 | 30311 | - | - | +| 350 | 30350 | - | - | + +##### VRF to VNI and Multicast Group Mappings + +| VRF | VNI | Multicast Group | +| ---- | --- | --------------- | +| Tenant_A_APP_Zone | 12 | - | +| Tenant_A_DB_Zone | 13 | - | +| Tenant_A_OP_Zone | 10 | - | +| Tenant_A_WAN_Zone | 14 | - | +| Tenant_A_WEB_Zone | 11 | - | +| Tenant_B_OP_Zone | 20 | - | +| Tenant_B_WAN_Zone | 21 | - | +| Tenant_C_OP_Zone | 30 | - | +| Tenant_C_WAN_Zone | 31 | - | + +#### VXLAN Interface Device Configuration ```eos ! @@ -848,8 +847,9 @@ interface Vxlan1 vxlan vrf Tenant_C_WAN_Zone vni 31 ``` -# Routing -## Service Routing Protocols Model +## Routing + +### Service Routing Protocols Model Multi agent routing protocol model enabled @@ -858,37 +858,38 @@ Multi agent routing protocol model enabled service routing protocols model multi-agent ``` -## Virtual Router MAC Address +### Virtual Router MAC Address -### Virtual Router MAC Address Summary +#### Virtual Router MAC Address Summary -#### Virtual Router MAC Address: 00:1c:73:00:dc:01 +Virtual Router MAC Address: 00:1c:73:00:dc:01 -### Virtual Router MAC Address Configuration +#### Virtual Router MAC Address Device Configuration ```eos ! ip virtual-router mac-address 00:1c:73:00:dc:01 ``` -## IP Routing +### IP Routing -### IP Routing Summary +#### IP Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | true|| MGMT | false | -| Tenant_A_APP_Zone | true | -| Tenant_A_DB_Zone | true | -| Tenant_A_OP_Zone | true | -| Tenant_A_WAN_Zone | true | -| Tenant_A_WEB_Zone | true | -| Tenant_B_OP_Zone | true | -| Tenant_B_WAN_Zone | true | -| Tenant_C_OP_Zone | true | -| Tenant_C_WAN_Zone | true | - -### IP Routing Device Configuration +| default | True | +| MGMT | False | +| Tenant_A_APP_Zone | True | +| Tenant_A_DB_Zone | True | +| Tenant_A_OP_Zone | True | +| Tenant_A_WAN_Zone | True | +| Tenant_A_WEB_Zone | True | +| Tenant_B_OP_Zone | True | +| Tenant_B_WAN_Zone | True | +| Tenant_C_OP_Zone | True | +| Tenant_C_WAN_Zone | True | + +#### IP Routing Device Configuration ```eos ! @@ -904,13 +905,15 @@ ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_OP_Zone ip routing vrf Tenant_C_WAN_Zone ``` -## IPv6 Routing -### IPv6 Routing Summary +### IPv6 Routing + +#### IPv6 Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | false || MGMT | false | +| default | False | +| MGMT | false | | Tenant_A_APP_Zone | false | | Tenant_A_DB_Zone | false | | Tenant_A_OP_Zone | false | @@ -921,29 +924,28 @@ ip routing vrf Tenant_C_WAN_Zone | Tenant_C_OP_Zone | false | | Tenant_C_WAN_Zone | false | +### Static Routes -## Static Routes +#### Static Routes Summary -### Static Routes Summary +| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | +| --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | +| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | -| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | -| --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | -| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | - -### Static Routes Device Configuration +#### Static Routes Device Configuration ```eos ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 ``` -## Router BGP +### Router BGP -### Router BGP Summary +#### Router BGP Summary | BGP AS | Router ID | | ------ | --------- | -| 65102| 192.168.255.5 | +| 65102 | 192.168.255.5 | | BGP Tuning | | ---------- | @@ -951,22 +953,24 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | distance bgp 20 200 200 | | graceful-restart restart-time 300 | | graceful-restart | +| update wait-install | +| no bgp default ipv4-unicast | | maximum-paths 4 ecmp 4 | -### Router BGP Peer Groups +#### Router BGP Peer Groups -#### EVPN-OVERLAY-PEERS +##### EVPN-OVERLAY-PEERS | Settings | Value | | -------- | ----- | | Address Family | evpn | | Source | Loopback0 | -| Bfd | true | +| BFD | True | | Ebgp multihop | 3 | | Send community | all | | Maximum routes | 0 (no limit) | -#### IPv4-UNDERLAY-PEERS +##### IPv4-UNDERLAY-PEERS | Settings | Value | | -------- | ----- | @@ -974,7 +978,7 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -#### MLAG-IPv4-UNDERLAY-PEER +##### MLAG-IPv4-UNDERLAY-PEER | Settings | Value | | -------- | ----- | @@ -984,30 +988,34 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -### BGP Neighbors +#### BGP Neighbors -| Neighbor | Remote AS | VRF | -| -------- | --------- | --- | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | default | -| 172.31.255.8 | 65001 | default | -| 172.31.255.10 | 65001 | default | -| 192.168.255.1 | 65001 | default | -| 192.168.255.2 | 65001 | default | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_APP_Zone | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_DB_Zone | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_OP_Zone | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WAN_Zone | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WEB_Zone | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_OP_Zone | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_WAN_Zone | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_OP_Zone | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_WAN_Zone | +| Neighbor | Remote AS | VRF | Shutdown | Send-community | Maximum-routes | Allowas-in | BFD | RIB Pre-Policy Retain | Route-Reflector Client | Passive | +| -------- | --------- | --- | -------- | -------------- | -------------- | ---------- | --- | --------------------- | ---------------------- | ------- | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | default | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 172.31.255.8 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | +| 172.31.255.10 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | +| 192.168.255.1 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | +| 192.168.255.2 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_APP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_DB_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WEB_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | -### Router BGP EVPN Address Family +#### Router BGP EVPN Address Family -#### Router BGP EVPN MAC-VRFs +##### EVPN Peer Groups -##### VLAN aware bundles +| Peer Group | Activate | Encapsulation | +| ---------- | -------- | ------------- | +| EVPN-OVERLAY-PEERS | True | default | + +#### Router BGP VLAN Aware Bundles | VLAN Aware Bundle | Route-Distinguisher | Both Route-Target | Import Route Target | Export Route-Target | Redistribute | VLANs | | ----------------- | ------------------- | ----------------- | ------------------- | ------------------- | ------------ | ----- | @@ -1023,7 +1031,7 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Tenant_C_OP_Zone | 192.168.255.5:30 | 30:30 | - | - | learned | 310-311 | | Tenant_C_WAN_Zone | 192.168.255.5:31 | 31:31 | - | - | learned | 350 | -#### Router BGP EVPN VRFs +#### Router BGP VRFs | VRF | Route-Distinguisher | Redistribute | | --- | ------------------- | ------------ | @@ -1037,32 +1045,35 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Tenant_C_OP_Zone | 192.168.255.5:30 | connected | | Tenant_C_WAN_Zone | 192.168.255.5:31 | connected | -### Router BGP Device Configuration +#### Router BGP Device Configuration ```eos ! router bgp 65102 router-id 192.168.255.5 + maximum-paths 4 ecmp 4 + update wait-install + no bgp default ipv4-unicast no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart - maximum-paths 4 ecmp 4 neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 - neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== + neighbor EVPN-OVERLAY-PEERS password 7 neighbor EVPN-OVERLAY-PEERS send-community neighbor EVPN-OVERLAY-PEERS maximum-routes 0 neighbor IPv4-UNDERLAY-PEERS peer group - neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== + neighbor IPv4-UNDERLAY-PEERS password 7 neighbor IPv4-UNDERLAY-PEERS send-community neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 neighbor MLAG-IPv4-UNDERLAY-PEER peer group neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102 neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self - neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== + neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2B + neighbor MLAG-IPv4-UNDERLAY-PEER password 7 neighbor MLAG-IPv4-UNDERLAY-PEER send-community neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in @@ -1161,6 +1172,7 @@ router bgp 65102 route-target import evpn 12:12 route-target export evpn 12:12 router-id 192.168.255.5 + update wait-install neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1169,6 +1181,7 @@ router bgp 65102 route-target import evpn 13:13 route-target export evpn 13:13 router-id 192.168.255.5 + update wait-install neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1177,6 +1190,7 @@ router bgp 65102 route-target import evpn 10:10 route-target export evpn 10:10 router-id 192.168.255.5 + update wait-install neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1185,6 +1199,7 @@ router bgp 65102 route-target import evpn 14:14 route-target export evpn 14:14 router-id 192.168.255.5 + update wait-install neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1193,6 +1208,7 @@ router bgp 65102 route-target import evpn 11:11 route-target export evpn 11:11 router-id 192.168.255.5 + update wait-install neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1201,6 +1217,7 @@ router bgp 65102 route-target import evpn 20:20 route-target export evpn 20:20 router-id 192.168.255.5 + update wait-install neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1209,6 +1226,7 @@ router bgp 65102 route-target import evpn 21:21 route-target export evpn 21:21 router-id 192.168.255.5 + update wait-install neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1217,6 +1235,7 @@ router bgp 65102 route-target import evpn 30:30 route-target export evpn 30:30 router-id 192.168.255.5 + update wait-install neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1225,21 +1244,22 @@ router bgp 65102 route-target import evpn 31:31 route-target export evpn 31:31 router-id 192.168.255.5 + update wait-install neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ``` -# BFD +## BFD -## Router BFD +### Router BFD -### Router BFD Multihop Summary +#### Router BFD Multihop Summary | Interval | Minimum RX | Multiplier | | -------- | ---------- | ---------- | | 1200 | 1200 | 3 | -### Router BFD Multihop Device Configuration +#### Router BFD Device Configuration ```eos ! @@ -1247,34 +1267,35 @@ router bfd multihop interval 1200 min-rx 1200 multiplier 3 ``` -# Multicast +## Multicast -## IP IGMP Snooping +### IP IGMP Snooping -### IP IGMP Snooping Summary +#### IP IGMP Snooping Summary -IGMP snooping is globally enabled. +| IGMP Snooping | Fast Leave | Interface Restart Query | Proxy | Restart Query Interval | Robustness Variable | +| ------------- | ---------- | ----------------------- | ----- | ---------------------- | ------------------- | +| Enabled | - | - | - | - | - | - -### IP IGMP Snooping Device Configuration +#### IP IGMP Snooping Device Configuration ```eos ``` -# Filters +## Filters -## Prefix-lists +### Prefix-lists -### Prefix-lists Summary +#### Prefix-lists Summary -#### PL-LOOPBACKS-EVPN-OVERLAY +##### PL-LOOPBACKS-EVPN-OVERLAY | Sequence | Action | | -------- | ------ | | 10 | permit 192.168.255.0/24 eq 32 | | 20 | permit 192.168.254.0/24 eq 32 | -### Prefix-lists Device Configuration +#### Prefix-lists Device Configuration ```eos ! @@ -1283,23 +1304,23 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 20 permit 192.168.254.0/24 eq 32 ``` -## Route-maps +### Route-maps -### Route-maps Summary +#### Route-maps Summary -#### RM-CONN-2-BGP +##### RM-CONN-2-BGP -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - | -#### RM-MLAG-PEER-IN +##### RM-MLAG-PEER-IN -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | set origin incomplete | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | - | origin incomplete | - | - | -### Route-maps Device Configuration +#### Route-maps Device Configuration ```eos ! @@ -1311,11 +1332,9 @@ route-map RM-MLAG-PEER-IN permit 10 set origin incomplete ``` -# ACL - -# VRF Instances +## VRF Instances -## VRF Instances Summary +### VRF Instances Summary | VRF Name | IP Routing | | -------- | ---------- | @@ -1330,7 +1349,7 @@ route-map RM-MLAG-PEER-IN permit 10 | Tenant_C_OP_Zone | enabled | | Tenant_C_WAN_Zone | enabled | -## VRF Instances Device Configuration +### VRF Instances Device Configuration ```eos ! @@ -1355,19 +1374,17 @@ vrf instance Tenant_C_OP_Zone vrf instance Tenant_C_WAN_Zone ``` -# Virtual Source NAT +## Virtual Source NAT -## Virtual Source NAT Summary +### Virtual Source NAT Summary | Source NAT VRF | Source NAT IP Address | | -------------- | --------------------- | | Tenant_A_OP_Zone | 10.255.1.5 | -## Virtual Source NAT Configuration +### Virtual Source NAT Configuration ```eos ! ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.5 ``` - -# Quality Of Service diff --git a/inventory/documentation/devices/DC1-LEAF2B.md b/inventory/documentation/devices/DC1-LEAF2B.md index de1857f0..a0cf8cc0 100644 --- a/inventory/documentation/devices/DC1-LEAF2B.md +++ b/inventory/documentation/devices/DC1-LEAF2B.md @@ -1,10 +1,10 @@ # DC1-LEAF2B -# Table of Contents - + +## Table of Contents - [Management](#management) - [Management Interfaces](#management-interfaces) - - [Name Servers](#name-servers) + - [IP Name Servers](#ip-name-servers) - [NTP](#ntp) - [Management API HTTP](#management-api-http) - [Authentication](#authentication) @@ -19,7 +19,7 @@ - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) - - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) + - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) - [VLANs](#vlans) - [VLANs Summary](#vlans-summary) - [VLANs Device Configuration](#vlans-device-configuration) @@ -43,35 +43,32 @@ - [Filters](#filters) - [Prefix-lists](#prefix-lists) - [Route-maps](#route-maps) -- [ACL](#acl) - [VRF Instances](#vrf-instances) - [VRF Instances Summary](#vrf-instances-summary) - [VRF Instances Device Configuration](#vrf-instances-device-configuration) - [Virtual Source NAT](#virtual-source-nat) - [Virtual Source NAT Summary](#virtual-source-nat-summary) - [Virtual Source NAT Configuration](#virtual-source-nat-configuration) -- [Quality Of Service](#quality-of-service) - -# Management +## Management -## Management Interfaces +### Management Interfaces -### Management Interfaces Summary +#### Management Interfaces Summary -#### IPv4 +##### IPv4 | Management Interface | description | Type | VRF | IP Address | Gateway | | -------------------- | ----------- | ---- | --- | ---------- | ------- | | Management1 | oob_management | oob | MGMT | 10.255.0.16/24 | 10.255.0.1 | -#### IPv6 +##### IPv6 | Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | oob_management | oob | MGMT | - | - | +| Management1 | oob_management | oob | MGMT | - | - | -### Management Interfaces Device Configuration +#### Management Interfaces Device Configuration ```eos ! @@ -82,40 +79,40 @@ interface Management1 ip address 10.255.0.16/24 ``` -## Name Servers +### IP Name Servers -### Name Servers Summary +#### IP Name Servers Summary -| Name Server | Source VRF | -| ----------- | ---------- | -| 192.168.2.1 | MGMT | -| 8.8.8.8 | MGMT | +| Name Server | VRF | Priority | +| ----------- | --- | -------- | +| 192.168.2.1 | MGMT | - | +| 8.8.8.8 | MGMT | - | -### Name Servers Device Configuration +#### IP Name Servers Device Configuration ```eos ip name-server vrf MGMT 8.8.8.8 ip name-server vrf MGMT 192.168.2.1 ``` -## NTP +### NTP -### NTP Summary +#### NTP Summary -#### NTP Local Interface +##### NTP Local Interface | Interface | VRF | | --------- | --- | | Management1 | MGMT | -#### NTP Servers +##### NTP Servers | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | -### NTP Device Configuration +#### NTP Device Configuration ```eos ! @@ -124,22 +121,21 @@ ntp server vrf MGMT 0.fr.pool.ntp.org prefer ntp server vrf MGMT 1.fr.pool.ntp.org ``` -## Management API HTTP +### Management API HTTP -### Management API HTTP Summary +#### Management API HTTP Summary -| HTTP | HTTPS | -| ---------- | ---------- | -| default | true | +| HTTP | HTTPS | Default Services | +| ---- | ----- | ---------------- | +| False | True | - | -### Management API VRF Access +#### Management API VRF Access | VRF Name | IPv4 ACL | IPv6 ACL | | -------- | -------- | -------- | | MGMT | - | - | - -### Management API HTTP Configuration +#### Management API HTTP Device Configuration ```eos ! @@ -151,49 +147,49 @@ management api http-commands no shutdown ``` -# Authentication +## Authentication -## Local Users +### Local Users -### Local Users Summary +#### Local Users Summary -| User | Privilege | Role | -| ---- | --------- | ---- | -| admin | 15 | network-admin | -| ansible | 15 | network-admin | -| cvpadmin | 15 | network-admin | +| User | Privilege | Role | Disabled | Shell | +| ---- | --------- | ---- | -------- | ----- | +| admin | 15 | network-admin | False | - | +| ansible | 15 | network-admin | False | - | +| cvpadmin | 15 | network-admin | False | - | -### Local Users Device Configuration +#### Local Users Device Configuration ```eos ! -username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 -username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +username admin privilege 15 role network-admin secret sha512 +username ansible privilege 15 role network-admin secret sha512 +username cvpadmin privilege 15 role network-admin secret sha512 ``` -# Monitoring +## Monitoring -## TerminAttr Daemon +### TerminAttr Daemon -### TerminAttr Daemon Summary +#### TerminAttr Daemon Summary | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | -| gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | +| gzip | 10.255.0.1:9910 | MGMT | key, | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | -### TerminAttr Daemon Device Configuration +#### TerminAttr Daemon Device Configuration ```eos ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ``` -# MLAG +## MLAG -## MLAG Summary +### MLAG Summary | Domain-id | Local-interface | Peer-address | Peer-link | | --------- | --------------- | ------------ | --------- | @@ -201,7 +197,7 @@ daemon TerminAttr Dual primary detection is disabled. -## MLAG Device Configuration +### MLAG Device Configuration ```eos ! @@ -214,23 +210,23 @@ mlag configuration reload-delay non-mlag 330 ``` -# Spanning Tree +## Spanning Tree -## Spanning Tree Summary +### Spanning Tree Summary STP mode: **mstp** -### MSTP Instance and Priority +#### MSTP Instance and Priority | Instance(s) | Priority | | -------- | -------- | | 0 | 16384 | -### Global Spanning-Tree Settings +#### Global Spanning-Tree Settings -Spanning Tree disabled for VLANs: **4093-4094** +- Spanning Tree disabled for VLANs: **4093-4094** -## Spanning Tree Device Configuration +### Spanning Tree Device Configuration ```eos ! @@ -239,24 +235,24 @@ no spanning-tree vlan-id 4093-4094 spanning-tree mst 0 priority 16384 ``` -# Internal VLAN Allocation Policy +## Internal VLAN Allocation Policy -## Internal VLAN Allocation Policy Summary +### Internal VLAN Allocation Policy Summary | Policy Allocation | Range Beginning | Range Ending | | ------------------| --------------- | ------------ | | ascending | 1006 | 1199 | -## Internal VLAN Allocation Policy Configuration +### Internal VLAN Allocation Policy Device Configuration ```eos ! vlan internal order ascending range 1006 1199 ``` -# VLANs +## VLANs -## VLANs Summary +### VLANs Summary | VLAN ID | Name | Trunk Groups | | ------- | ---- | ------------ | @@ -290,7 +286,7 @@ vlan internal order ascending range 1006 1199 | 4093 | LEAF_PEER_L3 | LEAF_PEER_L3 | | 4094 | MLAG_PEER | MLAG | -## VLANs Device Configuration +### VLANs Device Configuration ```eos ! @@ -393,30 +389,30 @@ vlan 4094 trunk group MLAG ``` -# Interfaces +## Interfaces -## Ethernet Interfaces +### Ethernet Interfaces -### Ethernet Interfaces Summary +#### Ethernet Interfaces Summary -#### L2 +##### L2 | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | -| Ethernet3 | MLAG_PEER_DC1-LEAF2A_Ethernet3 | *trunk | *2-4094 | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | -| Ethernet4 | MLAG_PEER_DC1-LEAF2A_Ethernet4 | *trunk | *2-4094 | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | +| Ethernet3 | MLAG_PEER_DC1-LEAF2A_Ethernet3 | *trunk | *- | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | +| Ethernet4 | MLAG_PEER_DC1-LEAF2A_Ethernet4 | *trunk | *- | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | | Ethernet5 | DC1-L2LEAF2A_Ethernet2 | *trunk | *110-112,120-121,130-131 | *- | *- | 5 | *Inherited from Port-Channel Interface -#### IPv4 +##### IPv4 | Interface | Description | Type | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | | --------- | ----------- | -----| ------------- | ---------- | ----| ---- | -------- | ------ | ------- | -| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet4 | routed | - | 172.31.255.13/31 | default | 1500 | false | - | - | -| Ethernet2 | P2P_LINK_TO_DC1-SPINE2_Ethernet4 | routed | - | 172.31.255.15/31 | default | 1500 | false | - | - | +| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet4 | routed | - | 172.31.255.13/31 | default | 1500 | False | - | - | +| Ethernet2 | P2P_LINK_TO_DC1-SPINE2_Ethernet4 | routed | - | 172.31.255.15/31 | default | 1500 | False | - | - | -### Ethernet Interfaces Device Configuration +#### Ethernet Interfaces Device Configuration ```eos ! @@ -450,18 +446,18 @@ interface Ethernet5 channel-group 5 mode active ``` -## Port-Channel Interfaces +### Port-Channel Interfaces -### Port-Channel Interfaces Summary +#### Port-Channel Interfaces Summary -#### L2 +##### L2 | Interface | Description | Type | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | | --------- | ----------- | ---- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | -| Port-Channel3 | MLAG_PEER_DC1-LEAF2A_Po3 | switched | trunk | 2-4094 | - | ['LEAF_PEER_L3', 'MLAG'] | - | - | - | - | +| Port-Channel3 | MLAG_PEER_DC1-LEAF2A_Po3 | switched | trunk | - | - | ['LEAF_PEER_L3', 'MLAG'] | - | - | - | - | | Port-Channel5 | DC1-L2LEAF2A_Po1 | switched | trunk | 110-112,120-121,130-131 | - | - | - | - | 5 | - | -### Port-Channel Interfaces Device Configuration +#### Port-Channel Interfaces Device Configuration ```eos ! @@ -469,7 +465,6 @@ interface Port-Channel3 description MLAG_PEER_DC1-LEAF2A_Po3 no shutdown switchport - switchport trunk allowed vlan 2-4094 switchport mode trunk switchport trunk group LEAF_PEER_L3 switchport trunk group MLAG @@ -483,11 +478,11 @@ interface Port-Channel5 mlag 5 ``` -## Loopback Interfaces +### Loopback Interfaces -### Loopback Interfaces Summary +#### Loopback Interfaces Summary -#### IPv4 +##### IPv4 | Interface | Description | VRF | IP Address | | --------- | ----------- | --- | ---------- | @@ -495,7 +490,7 @@ interface Port-Channel5 | Loopback1 | VTEP_VXLAN_Tunnel_Source | default | 192.168.254.5/32 | | Loopback100 | Tenant_A_OP_Zone_VTEP_DIAGNOSTICS | Tenant_A_OP_Zone | 10.255.1.6/32 | -#### IPv6 +##### IPv6 | Interface | Description | VRF | IPv6 Address | | --------- | ----------- | --- | ------------ | @@ -503,8 +498,7 @@ interface Port-Channel5 | Loopback1 | VTEP_VXLAN_Tunnel_Source | default | - | | Loopback100 | Tenant_A_OP_Zone_VTEP_DIAGNOSTICS | Tenant_A_OP_Zone | - | - -### Loopback Interfaces Device Configuration +#### Loopback Interfaces Device Configuration ```eos ! @@ -525,60 +519,60 @@ interface Loopback100 ip address 10.255.1.6/32 ``` -## VLAN Interfaces +### VLAN Interfaces -### VLAN Interfaces Summary +#### VLAN Interfaces Summary | Interface | Description | VRF | MTU | Shutdown | | --------- | ----------- | --- | ---- | -------- | -| Vlan110 | Tenant_A_OP_Zone_1 | Tenant_A_OP_Zone | - | false | -| Vlan111 | Tenant_A_OP_Zone_2 | Tenant_A_OP_Zone | - | false | -| Vlan112 | Tenant_A_OP_Zone_3 | Tenant_A_OP_Zone | - | false | -| Vlan120 | Tenant_A_WEB_Zone_1 | Tenant_A_WEB_Zone | - | false | -| Vlan121 | Tenant_A_WEBZone_2 | Tenant_A_WEB_Zone | - | false | -| Vlan130 | Tenant_A_APP_Zone_1 | Tenant_A_APP_Zone | - | false | -| Vlan131 | Tenant_A_APP_Zone_2 | Tenant_A_APP_Zone | - | false | -| Vlan140 | Tenant_A_DB_BZone_1 | Tenant_A_DB_Zone | - | false | -| Vlan141 | Tenant_A_DB_Zone_2 | Tenant_A_DB_Zone | - | false | -| Vlan150 | Tenant_A_WAN_Zone_1 | Tenant_A_WAN_Zone | - | false | -| Vlan210 | Tenant_B_OP_Zone_1 | Tenant_B_OP_Zone | - | false | -| Vlan211 | Tenant_B_OP_Zone_2 | Tenant_B_OP_Zone | - | false | -| Vlan250 | Tenant_B_WAN_Zone_1 | Tenant_B_WAN_Zone | - | false | -| Vlan310 | Tenant_C_OP_Zone_1 | Tenant_C_OP_Zone | - | false | -| Vlan311 | Tenant_C_OP_Zone_2 | Tenant_C_OP_Zone | - | false | -| Vlan350 | Tenant_C_WAN_Zone_1 | Tenant_C_WAN_Zone | - | false | -| Vlan3009 | MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone | Tenant_A_OP_Zone | 1500 | false | -| Vlan3010 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone | Tenant_A_WEB_Zone | 1500 | false | -| Vlan3011 | MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone | Tenant_A_APP_Zone | 1500 | false | -| Vlan3012 | MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone | Tenant_A_DB_Zone | 1500 | false | -| Vlan3013 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone | Tenant_A_WAN_Zone | 1500 | false | -| Vlan3019 | MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone | Tenant_B_OP_Zone | 1500 | false | -| Vlan3020 | MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone | Tenant_B_WAN_Zone | 1500 | false | -| Vlan3029 | MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone | Tenant_C_OP_Zone | 1500 | false | -| Vlan3030 | MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone | Tenant_C_WAN_Zone | 1500 | false | -| Vlan4093 | MLAG_PEER_L3_PEERING | default | 1500 | false | -| Vlan4094 | MLAG_PEER | default | 1500 | false | - -#### IPv4 +| Vlan110 | Tenant_A_OP_Zone_1 | Tenant_A_OP_Zone | - | False | +| Vlan111 | Tenant_A_OP_Zone_2 | Tenant_A_OP_Zone | - | False | +| Vlan112 | Tenant_A_OP_Zone_3 | Tenant_A_OP_Zone | - | False | +| Vlan120 | Tenant_A_WEB_Zone_1 | Tenant_A_WEB_Zone | - | False | +| Vlan121 | Tenant_A_WEBZone_2 | Tenant_A_WEB_Zone | - | False | +| Vlan130 | Tenant_A_APP_Zone_1 | Tenant_A_APP_Zone | - | False | +| Vlan131 | Tenant_A_APP_Zone_2 | Tenant_A_APP_Zone | - | False | +| Vlan140 | Tenant_A_DB_BZone_1 | Tenant_A_DB_Zone | - | False | +| Vlan141 | Tenant_A_DB_Zone_2 | Tenant_A_DB_Zone | - | False | +| Vlan150 | Tenant_A_WAN_Zone_1 | Tenant_A_WAN_Zone | - | False | +| Vlan210 | Tenant_B_OP_Zone_1 | Tenant_B_OP_Zone | - | False | +| Vlan211 | Tenant_B_OP_Zone_2 | Tenant_B_OP_Zone | - | False | +| Vlan250 | Tenant_B_WAN_Zone_1 | Tenant_B_WAN_Zone | - | False | +| Vlan310 | Tenant_C_OP_Zone_1 | Tenant_C_OP_Zone | - | False | +| Vlan311 | Tenant_C_OP_Zone_2 | Tenant_C_OP_Zone | - | False | +| Vlan350 | Tenant_C_WAN_Zone_1 | Tenant_C_WAN_Zone | - | False | +| Vlan3009 | MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone | Tenant_A_OP_Zone | 1500 | False | +| Vlan3010 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone | Tenant_A_WEB_Zone | 1500 | False | +| Vlan3011 | MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone | Tenant_A_APP_Zone | 1500 | False | +| Vlan3012 | MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone | Tenant_A_DB_Zone | 1500 | False | +| Vlan3013 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone | Tenant_A_WAN_Zone | 1500 | False | +| Vlan3019 | MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone | Tenant_B_OP_Zone | 1500 | False | +| Vlan3020 | MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone | Tenant_B_WAN_Zone | 1500 | False | +| Vlan3029 | MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone | Tenant_C_OP_Zone | 1500 | False | +| Vlan3030 | MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone | Tenant_C_WAN_Zone | 1500 | False | +| Vlan4093 | MLAG_PEER_L3_PEERING | default | 1500 | False | +| Vlan4094 | MLAG_PEER | default | 1500 | False | + +##### IPv4 | Interface | VRF | IP Address | IP Address Virtual | IP Router Virtual Address | VRRP | ACL In | ACL Out | | --------- | --- | ---------- | ------------------ | ------------------------- | ---- | ------ | ------- | | Vlan110 | Tenant_A_OP_Zone | - | 10.1.10.1/24 | - | - | - | - | | Vlan111 | Tenant_A_OP_Zone | - | 10.1.11.1/24 | - | - | - | - | | Vlan112 | Tenant_A_OP_Zone | - | 10.1.12.254/24 | - | - | - | - | -| Vlan120 | Tenant_A_WEB_Zone | - | - | - | - | - | - | +| Vlan120 | Tenant_A_WEB_Zone | - | 10.1.20.1/24 | - | - | - | - | | Vlan121 | Tenant_A_WEB_Zone | - | 10.1.21.1/24 | - | - | - | - | -| Vlan130 | Tenant_A_APP_Zone | - | - | - | - | - | - | +| Vlan130 | Tenant_A_APP_Zone | - | 10.1.30.1/24 | - | - | - | - | | Vlan131 | Tenant_A_APP_Zone | - | 10.1.31.254/24 | - | - | - | - | | Vlan140 | Tenant_A_DB_Zone | - | 10.1.40.1/24 | - | - | - | - | | Vlan141 | Tenant_A_DB_Zone | - | 10.1.41.1/24 | - | - | - | - | | Vlan150 | Tenant_A_WAN_Zone | - | 10.1.40.1/24 | - | - | - | - | -| Vlan210 | Tenant_B_OP_Zone | - | - | - | - | - | - | +| Vlan210 | Tenant_B_OP_Zone | - | 10.2.10.1/24 | - | - | - | - | | Vlan211 | Tenant_B_OP_Zone | - | 10.2.11.1/24 | - | - | - | - | | Vlan250 | Tenant_B_WAN_Zone | - | 10.2.50.1/24 | - | - | - | - | -| Vlan310 | Tenant_C_OP_Zone | - | - | - | - | - | - | -| Vlan311 | Tenant_C_OP_Zone | - | - | - | - | - | - | -| Vlan350 | Tenant_C_WAN_Zone | - | - | - | - | - | - | +| Vlan310 | Tenant_C_OP_Zone | - | 10.3.10.1/24 | - | - | - | - | +| Vlan311 | Tenant_C_OP_Zone | - | 10.3.11.1/24 | - | - | - | - | +| Vlan350 | Tenant_C_WAN_Zone | - | 10.3.50.1/24 | - | - | - | - | | Vlan3009 | Tenant_A_OP_Zone | 10.255.251.5/31 | - | - | - | - | - | | Vlan3010 | Tenant_A_WEB_Zone | 10.255.251.5/31 | - | - | - | - | - | | Vlan3011 | Tenant_A_APP_Zone | 10.255.251.5/31 | - | - | - | - | - | @@ -591,8 +585,7 @@ interface Loopback100 | Vlan4093 | default | 10.255.251.5/31 | - | - | - | - | - | | Vlan4094 | default | 10.255.252.5/31 | - | - | - | - | - | - -### VLAN Interfaces Device Configuration +#### VLAN Interfaces Device Configuration ```eos ! @@ -618,6 +611,7 @@ interface Vlan120 description Tenant_A_WEB_Zone_1 no shutdown vrf Tenant_A_WEB_Zone + ip address virtual 10.1.20.1/24 ! interface Vlan121 description Tenant_A_WEBZone_2 @@ -629,6 +623,7 @@ interface Vlan130 description Tenant_A_APP_Zone_1 no shutdown vrf Tenant_A_APP_Zone + ip address virtual 10.1.30.1/24 ! interface Vlan131 description Tenant_A_APP_Zone_2 @@ -658,6 +653,7 @@ interface Vlan210 description Tenant_B_OP_Zone_1 no shutdown vrf Tenant_B_OP_Zone + ip address virtual 10.2.10.1/24 ! interface Vlan211 description Tenant_B_OP_Zone_2 @@ -675,16 +671,19 @@ interface Vlan310 description Tenant_C_OP_Zone_1 no shutdown vrf Tenant_C_OP_Zone + ip address virtual 10.3.10.1/24 ! interface Vlan311 description Tenant_C_OP_Zone_2 no shutdown vrf Tenant_C_OP_Zone + ip address virtual 10.3.11.1/24 ! interface Vlan350 description Tenant_C_WAN_Zone_1 no shutdown vrf Tenant_C_WAN_Zone + ip address virtual 10.3.50.1/24 ! interface Vlan3009 description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone @@ -763,54 +762,54 @@ interface Vlan4094 ip address 10.255.252.5/31 ``` -## VXLAN Interface - -### VXLAN Interface Summary - -#### Source Interface: Loopback1 - -#### UDP port: 4789 - -#### EVPN MLAG Shared Router MAC : mlag-system-id - -#### VLAN to VNI and Flood List Mappings - -| VLAN | VNI | Flood List | -| ---- | --- | ---------- | -| 110 | 10110 | - | -| 111 | 50111 | - | -| 112 | 50112 | - | -| 120 | 10120 | - | -| 121 | 10121 | - | -| 130 | 10130 | - | -| 131 | 10131 | - | -| 140 | 10140 | - | -| 141 | 10141 | - | -| 150 | 10150 | - | -| 160 | 55160 | - | -| 161 | 10161 | - | -| 210 | 20210 | - | -| 211 | 20211 | - | -| 250 | 20250 | - | -| 310 | 30310 | - | -| 311 | 30311 | - | -| 350 | 30350 | - | - -#### VRF to VNI Mappings - -| VLAN | VNI | -| ---- | --- | -| Tenant_A_APP_Zone | 12 | -| Tenant_A_DB_Zone | 13 | -| Tenant_A_OP_Zone | 10 | -| Tenant_A_WAN_Zone | 14 | -| Tenant_A_WEB_Zone | 11 | -| Tenant_B_OP_Zone | 20 | -| Tenant_B_WAN_Zone | 21 | -| Tenant_C_OP_Zone | 30 | -| Tenant_C_WAN_Zone | 31 | - -### VXLAN Interface Device Configuration +### VXLAN Interface + +#### VXLAN Interface Summary + +| Setting | Value | +| ------- | ----- | +| Source Interface | Loopback1 | +| UDP port | 4789 | +| EVPN MLAG Shared Router MAC | mlag-system-id | + +##### VLAN to VNI, Flood List and Multicast Group Mappings + +| VLAN | VNI | Flood List | Multicast Group | +| ---- | --- | ---------- | --------------- | +| 110 | 10110 | - | - | +| 111 | 50111 | - | - | +| 112 | 50112 | - | - | +| 120 | 10120 | - | - | +| 121 | 10121 | - | - | +| 130 | 10130 | - | - | +| 131 | 10131 | - | - | +| 140 | 10140 | - | - | +| 141 | 10141 | - | - | +| 150 | 10150 | - | - | +| 160 | 55160 | - | - | +| 161 | 10161 | - | - | +| 210 | 20210 | - | - | +| 211 | 20211 | - | - | +| 250 | 20250 | - | - | +| 310 | 30310 | - | - | +| 311 | 30311 | - | - | +| 350 | 30350 | - | - | + +##### VRF to VNI and Multicast Group Mappings + +| VRF | VNI | Multicast Group | +| ---- | --- | --------------- | +| Tenant_A_APP_Zone | 12 | - | +| Tenant_A_DB_Zone | 13 | - | +| Tenant_A_OP_Zone | 10 | - | +| Tenant_A_WAN_Zone | 14 | - | +| Tenant_A_WEB_Zone | 11 | - | +| Tenant_B_OP_Zone | 20 | - | +| Tenant_B_WAN_Zone | 21 | - | +| Tenant_C_OP_Zone | 30 | - | +| Tenant_C_WAN_Zone | 31 | - | + +#### VXLAN Interface Device Configuration ```eos ! @@ -848,8 +847,9 @@ interface Vxlan1 vxlan vrf Tenant_C_WAN_Zone vni 31 ``` -# Routing -## Service Routing Protocols Model +## Routing + +### Service Routing Protocols Model Multi agent routing protocol model enabled @@ -858,37 +858,38 @@ Multi agent routing protocol model enabled service routing protocols model multi-agent ``` -## Virtual Router MAC Address +### Virtual Router MAC Address -### Virtual Router MAC Address Summary +#### Virtual Router MAC Address Summary -#### Virtual Router MAC Address: 00:1c:73:00:dc:01 +Virtual Router MAC Address: 00:1c:73:00:dc:01 -### Virtual Router MAC Address Configuration +#### Virtual Router MAC Address Device Configuration ```eos ! ip virtual-router mac-address 00:1c:73:00:dc:01 ``` -## IP Routing +### IP Routing -### IP Routing Summary +#### IP Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | true|| MGMT | false | -| Tenant_A_APP_Zone | true | -| Tenant_A_DB_Zone | true | -| Tenant_A_OP_Zone | true | -| Tenant_A_WAN_Zone | true | -| Tenant_A_WEB_Zone | true | -| Tenant_B_OP_Zone | true | -| Tenant_B_WAN_Zone | true | -| Tenant_C_OP_Zone | true | -| Tenant_C_WAN_Zone | true | - -### IP Routing Device Configuration +| default | True | +| MGMT | False | +| Tenant_A_APP_Zone | True | +| Tenant_A_DB_Zone | True | +| Tenant_A_OP_Zone | True | +| Tenant_A_WAN_Zone | True | +| Tenant_A_WEB_Zone | True | +| Tenant_B_OP_Zone | True | +| Tenant_B_WAN_Zone | True | +| Tenant_C_OP_Zone | True | +| Tenant_C_WAN_Zone | True | + +#### IP Routing Device Configuration ```eos ! @@ -904,13 +905,15 @@ ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_OP_Zone ip routing vrf Tenant_C_WAN_Zone ``` -## IPv6 Routing -### IPv6 Routing Summary +### IPv6 Routing + +#### IPv6 Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | false || MGMT | false | +| default | False | +| MGMT | false | | Tenant_A_APP_Zone | false | | Tenant_A_DB_Zone | false | | Tenant_A_OP_Zone | false | @@ -921,29 +924,28 @@ ip routing vrf Tenant_C_WAN_Zone | Tenant_C_OP_Zone | false | | Tenant_C_WAN_Zone | false | +### Static Routes -## Static Routes +#### Static Routes Summary -### Static Routes Summary +| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | +| --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | +| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | -| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | -| --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | -| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | - -### Static Routes Device Configuration +#### Static Routes Device Configuration ```eos ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 ``` -## Router BGP +### Router BGP -### Router BGP Summary +#### Router BGP Summary | BGP AS | Router ID | | ------ | --------- | -| 65102| 192.168.255.6 | +| 65102 | 192.168.255.6 | | BGP Tuning | | ---------- | @@ -951,22 +953,24 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | distance bgp 20 200 200 | | graceful-restart restart-time 300 | | graceful-restart | +| update wait-install | +| no bgp default ipv4-unicast | | maximum-paths 4 ecmp 4 | -### Router BGP Peer Groups +#### Router BGP Peer Groups -#### EVPN-OVERLAY-PEERS +##### EVPN-OVERLAY-PEERS | Settings | Value | | -------- | ----- | | Address Family | evpn | | Source | Loopback0 | -| Bfd | true | +| BFD | True | | Ebgp multihop | 3 | | Send community | all | | Maximum routes | 0 (no limit) | -#### IPv4-UNDERLAY-PEERS +##### IPv4-UNDERLAY-PEERS | Settings | Value | | -------- | ----- | @@ -974,7 +978,7 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -#### MLAG-IPv4-UNDERLAY-PEER +##### MLAG-IPv4-UNDERLAY-PEER | Settings | Value | | -------- | ----- | @@ -984,30 +988,34 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -### BGP Neighbors +#### BGP Neighbors -| Neighbor | Remote AS | VRF | -| -------- | --------- | --- | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | default | -| 172.31.255.12 | 65001 | default | -| 172.31.255.14 | 65001 | default | -| 192.168.255.1 | 65001 | default | -| 192.168.255.2 | 65001 | default | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_APP_Zone | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_DB_Zone | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_OP_Zone | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WAN_Zone | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WEB_Zone | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_OP_Zone | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_WAN_Zone | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_OP_Zone | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_WAN_Zone | +| Neighbor | Remote AS | VRF | Shutdown | Send-community | Maximum-routes | Allowas-in | BFD | RIB Pre-Policy Retain | Route-Reflector Client | Passive | +| -------- | --------- | --- | -------- | -------------- | -------------- | ---------- | --- | --------------------- | ---------------------- | ------- | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | default | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 172.31.255.12 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | +| 172.31.255.14 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | +| 192.168.255.1 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | +| 192.168.255.2 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_APP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_DB_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WEB_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | -### Router BGP EVPN Address Family +#### Router BGP EVPN Address Family -#### Router BGP EVPN MAC-VRFs +##### EVPN Peer Groups -##### VLAN aware bundles +| Peer Group | Activate | Encapsulation | +| ---------- | -------- | ------------- | +| EVPN-OVERLAY-PEERS | True | default | + +#### Router BGP VLAN Aware Bundles | VLAN Aware Bundle | Route-Distinguisher | Both Route-Target | Import Route Target | Export Route-Target | Redistribute | VLANs | | ----------------- | ------------------- | ----------------- | ------------------- | ------------------- | ------------ | ----- | @@ -1023,7 +1031,7 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Tenant_C_OP_Zone | 192.168.255.6:30 | 30:30 | - | - | learned | 310-311 | | Tenant_C_WAN_Zone | 192.168.255.6:31 | 31:31 | - | - | learned | 350 | -#### Router BGP EVPN VRFs +#### Router BGP VRFs | VRF | Route-Distinguisher | Redistribute | | --- | ------------------- | ------------ | @@ -1037,32 +1045,35 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Tenant_C_OP_Zone | 192.168.255.6:30 | connected | | Tenant_C_WAN_Zone | 192.168.255.6:31 | connected | -### Router BGP Device Configuration +#### Router BGP Device Configuration ```eos ! router bgp 65102 router-id 192.168.255.6 + maximum-paths 4 ecmp 4 + update wait-install + no bgp default ipv4-unicast no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart - maximum-paths 4 ecmp 4 neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 - neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== + neighbor EVPN-OVERLAY-PEERS password 7 neighbor EVPN-OVERLAY-PEERS send-community neighbor EVPN-OVERLAY-PEERS maximum-routes 0 neighbor IPv4-UNDERLAY-PEERS peer group - neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== + neighbor IPv4-UNDERLAY-PEERS password 7 neighbor IPv4-UNDERLAY-PEERS send-community neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 neighbor MLAG-IPv4-UNDERLAY-PEER peer group neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102 neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self - neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== + neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2A + neighbor MLAG-IPv4-UNDERLAY-PEER password 7 neighbor MLAG-IPv4-UNDERLAY-PEER send-community neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in @@ -1161,6 +1172,7 @@ router bgp 65102 route-target import evpn 12:12 route-target export evpn 12:12 router-id 192.168.255.6 + update wait-install neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1169,6 +1181,7 @@ router bgp 65102 route-target import evpn 13:13 route-target export evpn 13:13 router-id 192.168.255.6 + update wait-install neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1177,6 +1190,7 @@ router bgp 65102 route-target import evpn 10:10 route-target export evpn 10:10 router-id 192.168.255.6 + update wait-install neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1185,6 +1199,7 @@ router bgp 65102 route-target import evpn 14:14 route-target export evpn 14:14 router-id 192.168.255.6 + update wait-install neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1193,6 +1208,7 @@ router bgp 65102 route-target import evpn 11:11 route-target export evpn 11:11 router-id 192.168.255.6 + update wait-install neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1201,6 +1217,7 @@ router bgp 65102 route-target import evpn 20:20 route-target export evpn 20:20 router-id 192.168.255.6 + update wait-install neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1209,6 +1226,7 @@ router bgp 65102 route-target import evpn 21:21 route-target export evpn 21:21 router-id 192.168.255.6 + update wait-install neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1217,6 +1235,7 @@ router bgp 65102 route-target import evpn 30:30 route-target export evpn 30:30 router-id 192.168.255.6 + update wait-install neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -1225,21 +1244,22 @@ router bgp 65102 route-target import evpn 31:31 route-target export evpn 31:31 router-id 192.168.255.6 + update wait-install neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ``` -# BFD +## BFD -## Router BFD +### Router BFD -### Router BFD Multihop Summary +#### Router BFD Multihop Summary | Interval | Minimum RX | Multiplier | | -------- | ---------- | ---------- | | 1200 | 1200 | 3 | -### Router BFD Multihop Device Configuration +#### Router BFD Device Configuration ```eos ! @@ -1247,34 +1267,35 @@ router bfd multihop interval 1200 min-rx 1200 multiplier 3 ``` -# Multicast +## Multicast -## IP IGMP Snooping +### IP IGMP Snooping -### IP IGMP Snooping Summary +#### IP IGMP Snooping Summary -IGMP snooping is globally enabled. +| IGMP Snooping | Fast Leave | Interface Restart Query | Proxy | Restart Query Interval | Robustness Variable | +| ------------- | ---------- | ----------------------- | ----- | ---------------------- | ------------------- | +| Enabled | - | - | - | - | - | - -### IP IGMP Snooping Device Configuration +#### IP IGMP Snooping Device Configuration ```eos ``` -# Filters +## Filters -## Prefix-lists +### Prefix-lists -### Prefix-lists Summary +#### Prefix-lists Summary -#### PL-LOOPBACKS-EVPN-OVERLAY +##### PL-LOOPBACKS-EVPN-OVERLAY | Sequence | Action | | -------- | ------ | | 10 | permit 192.168.255.0/24 eq 32 | | 20 | permit 192.168.254.0/24 eq 32 | -### Prefix-lists Device Configuration +#### Prefix-lists Device Configuration ```eos ! @@ -1283,23 +1304,23 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 20 permit 192.168.254.0/24 eq 32 ``` -## Route-maps +### Route-maps -### Route-maps Summary +#### Route-maps Summary -#### RM-CONN-2-BGP +##### RM-CONN-2-BGP -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - | -#### RM-MLAG-PEER-IN +##### RM-MLAG-PEER-IN -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | set origin incomplete | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | - | origin incomplete | - | - | -### Route-maps Device Configuration +#### Route-maps Device Configuration ```eos ! @@ -1311,11 +1332,9 @@ route-map RM-MLAG-PEER-IN permit 10 set origin incomplete ``` -# ACL - -# VRF Instances +## VRF Instances -## VRF Instances Summary +### VRF Instances Summary | VRF Name | IP Routing | | -------- | ---------- | @@ -1330,7 +1349,7 @@ route-map RM-MLAG-PEER-IN permit 10 | Tenant_C_OP_Zone | enabled | | Tenant_C_WAN_Zone | enabled | -## VRF Instances Device Configuration +### VRF Instances Device Configuration ```eos ! @@ -1355,19 +1374,17 @@ vrf instance Tenant_C_OP_Zone vrf instance Tenant_C_WAN_Zone ``` -# Virtual Source NAT +## Virtual Source NAT -## Virtual Source NAT Summary +### Virtual Source NAT Summary | Source NAT VRF | Source NAT IP Address | | -------------- | --------------------- | | Tenant_A_OP_Zone | 10.255.1.6 | -## Virtual Source NAT Configuration +### Virtual Source NAT Configuration ```eos ! ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.6 ``` - -# Quality Of Service diff --git a/inventory/documentation/devices/DC1-SPINE1.md b/inventory/documentation/devices/DC1-SPINE1.md index b7257df1..bde83ba7 100644 --- a/inventory/documentation/devices/DC1-SPINE1.md +++ b/inventory/documentation/devices/DC1-SPINE1.md @@ -1,10 +1,10 @@ # DC1-SPINE1 -# Table of Contents - + +## Table of Contents - [Management](#management) - [Management Interfaces](#management-interfaces) - - [Name Servers](#name-servers) + - [IP Name Servers](#ip-name-servers) - [NTP](#ntp) - [Management API HTTP](#management-api-http) - [Authentication](#authentication) @@ -16,7 +16,7 @@ - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) - - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) + - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) - [Interfaces](#interfaces) - [Ethernet Interfaces](#ethernet-interfaces) - [Loopback Interfaces](#loopback-interfaces) @@ -28,36 +28,32 @@ - [Router BGP](#router-bgp) - [BFD](#bfd) - [Router BFD](#router-bfd) -- [Multicast](#multicast) - [Filters](#filters) - [Prefix-lists](#prefix-lists) - [Route-maps](#route-maps) -- [ACL](#acl) - [VRF Instances](#vrf-instances) - [VRF Instances Summary](#vrf-instances-summary) - [VRF Instances Device Configuration](#vrf-instances-device-configuration) -- [Quality Of Service](#quality-of-service) - -# Management +## Management -## Management Interfaces +### Management Interfaces -### Management Interfaces Summary +#### Management Interfaces Summary -#### IPv4 +##### IPv4 | Management Interface | description | Type | VRF | IP Address | Gateway | | -------------------- | ----------- | ---- | --- | ---------- | ------- | | Management1 | oob_management | oob | MGMT | 10.255.0.11/24 | 10.255.0.1 | -#### IPv6 +##### IPv6 | Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | oob_management | oob | MGMT | - | - | +| Management1 | oob_management | oob | MGMT | - | - | -### Management Interfaces Device Configuration +#### Management Interfaces Device Configuration ```eos ! @@ -68,40 +64,40 @@ interface Management1 ip address 10.255.0.11/24 ``` -## Name Servers +### IP Name Servers -### Name Servers Summary +#### IP Name Servers Summary -| Name Server | Source VRF | -| ----------- | ---------- | -| 192.168.2.1 | MGMT | -| 8.8.8.8 | MGMT | +| Name Server | VRF | Priority | +| ----------- | --- | -------- | +| 192.168.2.1 | MGMT | - | +| 8.8.8.8 | MGMT | - | -### Name Servers Device Configuration +#### IP Name Servers Device Configuration ```eos ip name-server vrf MGMT 8.8.8.8 ip name-server vrf MGMT 192.168.2.1 ``` -## NTP +### NTP -### NTP Summary +#### NTP Summary -#### NTP Local Interface +##### NTP Local Interface | Interface | VRF | | --------- | --- | | Management1 | MGMT | -#### NTP Servers +##### NTP Servers | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | -### NTP Device Configuration +#### NTP Device Configuration ```eos ! @@ -110,22 +106,21 @@ ntp server vrf MGMT 0.fr.pool.ntp.org prefer ntp server vrf MGMT 1.fr.pool.ntp.org ``` -## Management API HTTP +### Management API HTTP -### Management API HTTP Summary +#### Management API HTTP Summary -| HTTP | HTTPS | -| ---------- | ---------- | -| default | true | +| HTTP | HTTPS | Default Services | +| ---- | ----- | ---------------- | +| False | True | - | -### Management API VRF Access +#### Management API VRF Access | VRF Name | IPv4 ACL | IPv6 ACL | | -------- | -------- | -------- | | MGMT | - | - | - -### Management API HTTP Configuration +#### Management API HTTP Device Configuration ```eos ! @@ -137,100 +132,97 @@ management api http-commands no shutdown ``` -# Authentication +## Authentication -## Local Users +### Local Users -### Local Users Summary +#### Local Users Summary -| User | Privilege | Role | -| ---- | --------- | ---- | -| admin | 15 | network-admin | -| ansible | 15 | network-admin | -| cvpadmin | 15 | network-admin | +| User | Privilege | Role | Disabled | Shell | +| ---- | --------- | ---- | -------- | ----- | +| admin | 15 | network-admin | False | - | +| ansible | 15 | network-admin | False | - | +| cvpadmin | 15 | network-admin | False | - | -### Local Users Device Configuration +#### Local Users Device Configuration ```eos ! -username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 -username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +username admin privilege 15 role network-admin secret sha512 +username ansible privilege 15 role network-admin secret sha512 +username cvpadmin privilege 15 role network-admin secret sha512 ``` -# Monitoring +## Monitoring -## TerminAttr Daemon +### TerminAttr Daemon -### TerminAttr Daemon Summary +#### TerminAttr Daemon Summary | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | -| gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | +| gzip | 10.255.0.1:9910 | MGMT | key, | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | -### TerminAttr Daemon Device Configuration +#### TerminAttr Daemon Device Configuration ```eos ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ``` -# Spanning Tree +## Spanning Tree -## Spanning Tree Summary +### Spanning Tree Summary STP mode: **none** -### Global Spanning-Tree Settings - - -## Spanning Tree Device Configuration +### Spanning Tree Device Configuration ```eos ! spanning-tree mode none ``` -# Internal VLAN Allocation Policy +## Internal VLAN Allocation Policy -## Internal VLAN Allocation Policy Summary +### Internal VLAN Allocation Policy Summary | Policy Allocation | Range Beginning | Range Ending | | ------------------| --------------- | ------------ | | ascending | 1006 | 1199 | -## Internal VLAN Allocation Policy Configuration +### Internal VLAN Allocation Policy Device Configuration ```eos ! vlan internal order ascending range 1006 1199 ``` -# Interfaces +## Interfaces -## Ethernet Interfaces +### Ethernet Interfaces -### Ethernet Interfaces Summary +#### Ethernet Interfaces Summary -#### L2 +##### L2 | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | *Inherited from Port-Channel Interface -#### IPv4 +##### IPv4 | Interface | Description | Type | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | | --------- | ----------- | -----| ------------- | ---------- | ----| ---- | -------- | ------ | ------- | -| Ethernet1 | P2P_LINK_TO_DC1-LEAF1A_Ethernet1 | routed | - | 172.31.255.0/31 | default | 1500 | false | - | - | -| Ethernet2 | P2P_LINK_TO_DC1-LEAF1B_Ethernet1 | routed | - | 172.31.255.4/31 | default | 1500 | false | - | - | -| Ethernet3 | P2P_LINK_TO_DC1-LEAF2A_Ethernet1 | routed | - | 172.31.255.8/31 | default | 1500 | false | - | - | -| Ethernet4 | P2P_LINK_TO_DC1-LEAF2B_Ethernet1 | routed | - | 172.31.255.12/31 | default | 1500 | false | - | - | +| Ethernet1 | P2P_LINK_TO_DC1-LEAF1A_Ethernet1 | routed | - | 172.31.255.0/31 | default | 1500 | False | - | - | +| Ethernet2 | P2P_LINK_TO_DC1-LEAF1B_Ethernet1 | routed | - | 172.31.255.4/31 | default | 1500 | False | - | - | +| Ethernet3 | P2P_LINK_TO_DC1-LEAF2A_Ethernet1 | routed | - | 172.31.255.8/31 | default | 1500 | False | - | - | +| Ethernet4 | P2P_LINK_TO_DC1-LEAF2B_Ethernet1 | routed | - | 172.31.255.12/31 | default | 1500 | False | - | - | -### Ethernet Interfaces Device Configuration +#### Ethernet Interfaces Device Configuration ```eos ! @@ -263,24 +255,23 @@ interface Ethernet4 ip address 172.31.255.12/31 ``` -## Loopback Interfaces +### Loopback Interfaces -### Loopback Interfaces Summary +#### Loopback Interfaces Summary -#### IPv4 +##### IPv4 | Interface | Description | VRF | IP Address | | --------- | ----------- | --- | ---------- | | Loopback0 | EVPN_Overlay_Peering | default | 192.168.255.1/32 | -#### IPv6 +##### IPv6 | Interface | Description | VRF | IPv6 Address | | --------- | ----------- | --- | ------------ | | Loopback0 | EVPN_Overlay_Peering | default | - | - -### Loopback Interfaces Device Configuration +#### Loopback Interfaces Device Configuration ```eos ! @@ -290,8 +281,9 @@ interface Loopback0 ip address 192.168.255.1/32 ``` -# Routing -## Service Routing Protocols Model +## Routing + +### Service Routing Protocols Model Multi agent routing protocol model enabled @@ -300,52 +292,54 @@ Multi agent routing protocol model enabled service routing protocols model multi-agent ``` -## IP Routing +### IP Routing -### IP Routing Summary +#### IP Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | true|| MGMT | false | +| default | True | +| MGMT | False | -### IP Routing Device Configuration +#### IP Routing Device Configuration ```eos ! ip routing no ip routing vrf MGMT ``` -## IPv6 Routing -### IPv6 Routing Summary +### IPv6 Routing + +#### IPv6 Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | false || MGMT | false | - +| default | False | +| MGMT | false | -## Static Routes +### Static Routes -### Static Routes Summary +#### Static Routes Summary -| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | -| --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | -| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | +| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | +| --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | +| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | -### Static Routes Device Configuration +#### Static Routes Device Configuration ```eos ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 ``` -## Router BGP +### Router BGP -### Router BGP Summary +#### Router BGP Summary | BGP AS | Router ID | | ------ | --------- | -| 65001| 192.168.255.1 | +| 65001 | 192.168.255.1 | | BGP Tuning | | ---------- | @@ -353,23 +347,25 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | distance bgp 20 200 200 | | graceful-restart restart-time 300 | | graceful-restart | +| update wait-install | +| no bgp default ipv4-unicast | | maximum-paths 4 ecmp 4 | -### Router BGP Peer Groups +#### Router BGP Peer Groups -#### EVPN-OVERLAY-PEERS +##### EVPN-OVERLAY-PEERS | Settings | Value | | -------- | ----- | | Address Family | evpn | | Next-hop unchanged | True | | Source | Loopback0 | -| Bfd | true | +| BFD | True | | Ebgp multihop | 3 | | Send community | all | | Maximum routes | 0 (no limit) | -#### IPv4-UNDERLAY-PEERS +##### IPv4-UNDERLAY-PEERS | Settings | Value | | -------- | ----- | @@ -377,46 +373,50 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -### BGP Neighbors +#### BGP Neighbors -| Neighbor | Remote AS | VRF | -| -------- | --------- | --- | -| 172.31.255.1 | 65101 | default | -| 172.31.255.5 | 65101 | default | -| 172.31.255.9 | 65102 | default | -| 172.31.255.13 | 65102 | default | -| 192.168.255.3 | 65101 | default | -| 192.168.255.4 | 65101 | default | -| 192.168.255.5 | 65102 | default | -| 192.168.255.6 | 65102 | default | +| Neighbor | Remote AS | VRF | Shutdown | Send-community | Maximum-routes | Allowas-in | BFD | RIB Pre-Policy Retain | Route-Reflector Client | Passive | +| -------- | --------- | --- | -------- | -------------- | -------------- | ---------- | --- | --------------------- | ---------------------- | ------- | +| 172.31.255.1 | 65101 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | +| 172.31.255.5 | 65101 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | +| 172.31.255.9 | 65102 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | +| 172.31.255.13 | 65102 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | +| 192.168.255.3 | 65101 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | +| 192.168.255.4 | 65101 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | +| 192.168.255.5 | 65102 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | +| 192.168.255.6 | 65102 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | -### Router BGP EVPN Address Family +#### Router BGP EVPN Address Family -#### Router BGP EVPN MAC-VRFs +##### EVPN Peer Groups -#### Router BGP EVPN VRFs +| Peer Group | Activate | Encapsulation | +| ---------- | -------- | ------------- | +| EVPN-OVERLAY-PEERS | True | default | -### Router BGP Device Configuration +#### Router BGP Device Configuration ```eos ! router bgp 65001 router-id 192.168.255.1 + maximum-paths 4 ecmp 4 + update wait-install + no bgp default ipv4-unicast no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart - maximum-paths 4 ecmp 4 neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS next-hop-unchanged neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 - neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== + neighbor EVPN-OVERLAY-PEERS password 7 neighbor EVPN-OVERLAY-PEERS send-community neighbor EVPN-OVERLAY-PEERS maximum-routes 0 neighbor IPv4-UNDERLAY-PEERS peer group - neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== + neighbor IPv4-UNDERLAY-PEERS password 7 neighbor IPv4-UNDERLAY-PEERS send-community neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 neighbor 172.31.255.1 peer group IPv4-UNDERLAY-PEERS @@ -453,17 +453,17 @@ router bgp 65001 neighbor IPv4-UNDERLAY-PEERS activate ``` -# BFD +## BFD -## Router BFD +### Router BFD -### Router BFD Multihop Summary +#### Router BFD Multihop Summary | Interval | Minimum RX | Multiplier | | -------- | ---------- | ---------- | | 1200 | 1200 | 3 | -### Router BFD Multihop Device Configuration +#### Router BFD Device Configuration ```eos ! @@ -471,21 +471,19 @@ router bfd multihop interval 1200 min-rx 1200 multiplier 3 ``` -# Multicast +## Filters -# Filters +### Prefix-lists -## Prefix-lists +#### Prefix-lists Summary -### Prefix-lists Summary - -#### PL-LOOPBACKS-EVPN-OVERLAY +##### PL-LOOPBACKS-EVPN-OVERLAY | Sequence | Action | | -------- | ------ | | 10 | permit 192.168.255.0/24 eq 32 | -### Prefix-lists Device Configuration +#### Prefix-lists Device Configuration ```eos ! @@ -493,17 +491,17 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 10 permit 192.168.255.0/24 eq 32 ``` -## Route-maps +### Route-maps -### Route-maps Summary +#### Route-maps Summary -#### RM-CONN-2-BGP +##### RM-CONN-2-BGP -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - | -### Route-maps Device Configuration +#### Route-maps Device Configuration ```eos ! @@ -511,21 +509,17 @@ route-map RM-CONN-2-BGP permit 10 match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY ``` -# ACL - -# VRF Instances +## VRF Instances -## VRF Instances Summary +### VRF Instances Summary | VRF Name | IP Routing | | -------- | ---------- | | MGMT | disabled | -## VRF Instances Device Configuration +### VRF Instances Device Configuration ```eos ! vrf instance MGMT ``` - -# Quality Of Service diff --git a/inventory/documentation/devices/DC1-SPINE2.md b/inventory/documentation/devices/DC1-SPINE2.md index 448f8b80..ff4abd9c 100644 --- a/inventory/documentation/devices/DC1-SPINE2.md +++ b/inventory/documentation/devices/DC1-SPINE2.md @@ -1,10 +1,10 @@ # DC1-SPINE2 -# Table of Contents - + +## Table of Contents - [Management](#management) - [Management Interfaces](#management-interfaces) - - [Name Servers](#name-servers) + - [IP Name Servers](#ip-name-servers) - [NTP](#ntp) - [Management API HTTP](#management-api-http) - [Authentication](#authentication) @@ -16,7 +16,7 @@ - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) - - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) + - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) - [Interfaces](#interfaces) - [Ethernet Interfaces](#ethernet-interfaces) - [Loopback Interfaces](#loopback-interfaces) @@ -28,36 +28,32 @@ - [Router BGP](#router-bgp) - [BFD](#bfd) - [Router BFD](#router-bfd) -- [Multicast](#multicast) - [Filters](#filters) - [Prefix-lists](#prefix-lists) - [Route-maps](#route-maps) -- [ACL](#acl) - [VRF Instances](#vrf-instances) - [VRF Instances Summary](#vrf-instances-summary) - [VRF Instances Device Configuration](#vrf-instances-device-configuration) -- [Quality Of Service](#quality-of-service) - -# Management +## Management -## Management Interfaces +### Management Interfaces -### Management Interfaces Summary +#### Management Interfaces Summary -#### IPv4 +##### IPv4 | Management Interface | description | Type | VRF | IP Address | Gateway | | -------------------- | ----------- | ---- | --- | ---------- | ------- | | Management1 | oob_management | oob | MGMT | 10.255.0.12/24 | 10.255.0.1 | -#### IPv6 +##### IPv6 | Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | oob_management | oob | MGMT | - | - | +| Management1 | oob_management | oob | MGMT | - | - | -### Management Interfaces Device Configuration +#### Management Interfaces Device Configuration ```eos ! @@ -68,40 +64,40 @@ interface Management1 ip address 10.255.0.12/24 ``` -## Name Servers +### IP Name Servers -### Name Servers Summary +#### IP Name Servers Summary -| Name Server | Source VRF | -| ----------- | ---------- | -| 192.168.2.1 | MGMT | -| 8.8.8.8 | MGMT | +| Name Server | VRF | Priority | +| ----------- | --- | -------- | +| 192.168.2.1 | MGMT | - | +| 8.8.8.8 | MGMT | - | -### Name Servers Device Configuration +#### IP Name Servers Device Configuration ```eos ip name-server vrf MGMT 8.8.8.8 ip name-server vrf MGMT 192.168.2.1 ``` -## NTP +### NTP -### NTP Summary +#### NTP Summary -#### NTP Local Interface +##### NTP Local Interface | Interface | VRF | | --------- | --- | | Management1 | MGMT | -#### NTP Servers +##### NTP Servers | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | -### NTP Device Configuration +#### NTP Device Configuration ```eos ! @@ -110,22 +106,21 @@ ntp server vrf MGMT 0.fr.pool.ntp.org prefer ntp server vrf MGMT 1.fr.pool.ntp.org ``` -## Management API HTTP +### Management API HTTP -### Management API HTTP Summary +#### Management API HTTP Summary -| HTTP | HTTPS | -| ---------- | ---------- | -| default | true | +| HTTP | HTTPS | Default Services | +| ---- | ----- | ---------------- | +| False | True | - | -### Management API VRF Access +#### Management API VRF Access | VRF Name | IPv4 ACL | IPv6 ACL | | -------- | -------- | -------- | | MGMT | - | - | - -### Management API HTTP Configuration +#### Management API HTTP Device Configuration ```eos ! @@ -137,100 +132,97 @@ management api http-commands no shutdown ``` -# Authentication +## Authentication -## Local Users +### Local Users -### Local Users Summary +#### Local Users Summary -| User | Privilege | Role | -| ---- | --------- | ---- | -| admin | 15 | network-admin | -| ansible | 15 | network-admin | -| cvpadmin | 15 | network-admin | +| User | Privilege | Role | Disabled | Shell | +| ---- | --------- | ---- | -------- | ----- | +| admin | 15 | network-admin | False | - | +| ansible | 15 | network-admin | False | - | +| cvpadmin | 15 | network-admin | False | - | -### Local Users Device Configuration +#### Local Users Device Configuration ```eos ! -username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 -username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +username admin privilege 15 role network-admin secret sha512 +username ansible privilege 15 role network-admin secret sha512 +username cvpadmin privilege 15 role network-admin secret sha512 ``` -# Monitoring +## Monitoring -## TerminAttr Daemon +### TerminAttr Daemon -### TerminAttr Daemon Summary +#### TerminAttr Daemon Summary | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | -| gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | +| gzip | 10.255.0.1:9910 | MGMT | key, | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | -### TerminAttr Daemon Device Configuration +#### TerminAttr Daemon Device Configuration ```eos ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ``` -# Spanning Tree +## Spanning Tree -## Spanning Tree Summary +### Spanning Tree Summary STP mode: **none** -### Global Spanning-Tree Settings - - -## Spanning Tree Device Configuration +### Spanning Tree Device Configuration ```eos ! spanning-tree mode none ``` -# Internal VLAN Allocation Policy +## Internal VLAN Allocation Policy -## Internal VLAN Allocation Policy Summary +### Internal VLAN Allocation Policy Summary | Policy Allocation | Range Beginning | Range Ending | | ------------------| --------------- | ------------ | | ascending | 1006 | 1199 | -## Internal VLAN Allocation Policy Configuration +### Internal VLAN Allocation Policy Device Configuration ```eos ! vlan internal order ascending range 1006 1199 ``` -# Interfaces +## Interfaces -## Ethernet Interfaces +### Ethernet Interfaces -### Ethernet Interfaces Summary +#### Ethernet Interfaces Summary -#### L2 +##### L2 | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | *Inherited from Port-Channel Interface -#### IPv4 +##### IPv4 | Interface | Description | Type | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | | --------- | ----------- | -----| ------------- | ---------- | ----| ---- | -------- | ------ | ------- | -| Ethernet1 | P2P_LINK_TO_DC1-LEAF1A_Ethernet2 | routed | - | 172.31.255.2/31 | default | 1500 | false | - | - | -| Ethernet2 | P2P_LINK_TO_DC1-LEAF1B_Ethernet2 | routed | - | 172.31.255.6/31 | default | 1500 | false | - | - | -| Ethernet3 | P2P_LINK_TO_DC1-LEAF2A_Ethernet2 | routed | - | 172.31.255.10/31 | default | 1500 | false | - | - | -| Ethernet4 | P2P_LINK_TO_DC1-LEAF2B_Ethernet2 | routed | - | 172.31.255.14/31 | default | 1500 | false | - | - | +| Ethernet1 | P2P_LINK_TO_DC1-LEAF1A_Ethernet2 | routed | - | 172.31.255.2/31 | default | 1500 | False | - | - | +| Ethernet2 | P2P_LINK_TO_DC1-LEAF1B_Ethernet2 | routed | - | 172.31.255.6/31 | default | 1500 | False | - | - | +| Ethernet3 | P2P_LINK_TO_DC1-LEAF2A_Ethernet2 | routed | - | 172.31.255.10/31 | default | 1500 | False | - | - | +| Ethernet4 | P2P_LINK_TO_DC1-LEAF2B_Ethernet2 | routed | - | 172.31.255.14/31 | default | 1500 | False | - | - | -### Ethernet Interfaces Device Configuration +#### Ethernet Interfaces Device Configuration ```eos ! @@ -263,24 +255,23 @@ interface Ethernet4 ip address 172.31.255.14/31 ``` -## Loopback Interfaces +### Loopback Interfaces -### Loopback Interfaces Summary +#### Loopback Interfaces Summary -#### IPv4 +##### IPv4 | Interface | Description | VRF | IP Address | | --------- | ----------- | --- | ---------- | | Loopback0 | EVPN_Overlay_Peering | default | 192.168.255.2/32 | -#### IPv6 +##### IPv6 | Interface | Description | VRF | IPv6 Address | | --------- | ----------- | --- | ------------ | | Loopback0 | EVPN_Overlay_Peering | default | - | - -### Loopback Interfaces Device Configuration +#### Loopback Interfaces Device Configuration ```eos ! @@ -290,8 +281,9 @@ interface Loopback0 ip address 192.168.255.2/32 ``` -# Routing -## Service Routing Protocols Model +## Routing + +### Service Routing Protocols Model Multi agent routing protocol model enabled @@ -300,52 +292,54 @@ Multi agent routing protocol model enabled service routing protocols model multi-agent ``` -## IP Routing +### IP Routing -### IP Routing Summary +#### IP Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | true|| MGMT | false | +| default | True | +| MGMT | False | -### IP Routing Device Configuration +#### IP Routing Device Configuration ```eos ! ip routing no ip routing vrf MGMT ``` -## IPv6 Routing -### IPv6 Routing Summary +### IPv6 Routing + +#### IPv6 Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | false || MGMT | false | - +| default | False | +| MGMT | false | -## Static Routes +### Static Routes -### Static Routes Summary +#### Static Routes Summary -| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | -| --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | -| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | +| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | +| --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | +| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | -### Static Routes Device Configuration +#### Static Routes Device Configuration ```eos ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 ``` -## Router BGP +### Router BGP -### Router BGP Summary +#### Router BGP Summary | BGP AS | Router ID | | ------ | --------- | -| 65001| 192.168.255.2 | +| 65001 | 192.168.255.2 | | BGP Tuning | | ---------- | @@ -353,23 +347,25 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | distance bgp 20 200 200 | | graceful-restart restart-time 300 | | graceful-restart | +| update wait-install | +| no bgp default ipv4-unicast | | maximum-paths 4 ecmp 4 | -### Router BGP Peer Groups +#### Router BGP Peer Groups -#### EVPN-OVERLAY-PEERS +##### EVPN-OVERLAY-PEERS | Settings | Value | | -------- | ----- | | Address Family | evpn | | Next-hop unchanged | True | | Source | Loopback0 | -| Bfd | true | +| BFD | True | | Ebgp multihop | 3 | | Send community | all | | Maximum routes | 0 (no limit) | -#### IPv4-UNDERLAY-PEERS +##### IPv4-UNDERLAY-PEERS | Settings | Value | | -------- | ----- | @@ -377,46 +373,50 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -### BGP Neighbors +#### BGP Neighbors -| Neighbor | Remote AS | VRF | -| -------- | --------- | --- | -| 172.31.255.3 | 65101 | default | -| 172.31.255.7 | 65101 | default | -| 172.31.255.11 | 65102 | default | -| 172.31.255.15 | 65102 | default | -| 192.168.255.3 | 65101 | default | -| 192.168.255.4 | 65101 | default | -| 192.168.255.5 | 65102 | default | -| 192.168.255.6 | 65102 | default | +| Neighbor | Remote AS | VRF | Shutdown | Send-community | Maximum-routes | Allowas-in | BFD | RIB Pre-Policy Retain | Route-Reflector Client | Passive | +| -------- | --------- | --- | -------- | -------------- | -------------- | ---------- | --- | --------------------- | ---------------------- | ------- | +| 172.31.255.3 | 65101 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | +| 172.31.255.7 | 65101 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | +| 172.31.255.11 | 65102 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | +| 172.31.255.15 | 65102 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | +| 192.168.255.3 | 65101 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | +| 192.168.255.4 | 65101 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | +| 192.168.255.5 | 65102 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | +| 192.168.255.6 | 65102 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | -### Router BGP EVPN Address Family +#### Router BGP EVPN Address Family -#### Router BGP EVPN MAC-VRFs +##### EVPN Peer Groups -#### Router BGP EVPN VRFs +| Peer Group | Activate | Encapsulation | +| ---------- | -------- | ------------- | +| EVPN-OVERLAY-PEERS | True | default | -### Router BGP Device Configuration +#### Router BGP Device Configuration ```eos ! router bgp 65001 router-id 192.168.255.2 + maximum-paths 4 ecmp 4 + update wait-install + no bgp default ipv4-unicast no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart - maximum-paths 4 ecmp 4 neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS next-hop-unchanged neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 - neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== + neighbor EVPN-OVERLAY-PEERS password 7 neighbor EVPN-OVERLAY-PEERS send-community neighbor EVPN-OVERLAY-PEERS maximum-routes 0 neighbor IPv4-UNDERLAY-PEERS peer group - neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== + neighbor IPv4-UNDERLAY-PEERS password 7 neighbor IPv4-UNDERLAY-PEERS send-community neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 neighbor 172.31.255.3 peer group IPv4-UNDERLAY-PEERS @@ -453,17 +453,17 @@ router bgp 65001 neighbor IPv4-UNDERLAY-PEERS activate ``` -# BFD +## BFD -## Router BFD +### Router BFD -### Router BFD Multihop Summary +#### Router BFD Multihop Summary | Interval | Minimum RX | Multiplier | | -------- | ---------- | ---------- | | 1200 | 1200 | 3 | -### Router BFD Multihop Device Configuration +#### Router BFD Device Configuration ```eos ! @@ -471,21 +471,19 @@ router bfd multihop interval 1200 min-rx 1200 multiplier 3 ``` -# Multicast +## Filters -# Filters +### Prefix-lists -## Prefix-lists +#### Prefix-lists Summary -### Prefix-lists Summary - -#### PL-LOOPBACKS-EVPN-OVERLAY +##### PL-LOOPBACKS-EVPN-OVERLAY | Sequence | Action | | -------- | ------ | | 10 | permit 192.168.255.0/24 eq 32 | -### Prefix-lists Device Configuration +#### Prefix-lists Device Configuration ```eos ! @@ -493,17 +491,17 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 10 permit 192.168.255.0/24 eq 32 ``` -## Route-maps +### Route-maps -### Route-maps Summary +#### Route-maps Summary -#### RM-CONN-2-BGP +##### RM-CONN-2-BGP -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - | -### Route-maps Device Configuration +#### Route-maps Device Configuration ```eos ! @@ -511,21 +509,17 @@ route-map RM-CONN-2-BGP permit 10 match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY ``` -# ACL - -# VRF Instances +## VRF Instances -## VRF Instances Summary +### VRF Instances Summary | VRF Name | IP Routing | | -------- | ---------- | | MGMT | disabled | -## VRF Instances Device Configuration +### VRF Instances Device Configuration ```eos ! vrf instance MGMT ``` - -# Quality Of Service diff --git a/inventory/documentation/fabric/DC1_FABRIC-documentation.md b/inventory/documentation/fabric/DC1_FABRIC-documentation.md index 8f431d93..73b9f3e9 100644 --- a/inventory/documentation/fabric/DC1_FABRIC-documentation.md +++ b/inventory/documentation/fabric/DC1_FABRIC-documentation.md @@ -1,7 +1,6 @@ # DC1_FABRIC -# Table of Contents - +## Table of Contents - [Fabric Switches and Management IP](#fabric-switches-and-management-ip) - [Fabric Switches with inband Management IP](#fabric-switches-with-inband-management-ip) @@ -14,27 +13,27 @@ - [VTEP Loopback VXLAN Tunnel Source Interfaces (VTEPs Only)](#vtep-loopback-vxlan-tunnel-source-interfaces-vteps-only) - [VTEP Loopback Node allocation](#vtep-loopback-node-allocation) - -# Fabric Switches and Management IP +## Fabric Switches and Management IP -| POD | Type | Node | Management IP | Platform | Provisioned in CloudVision | -| --- | ---- | ---- | ------------- | -------- | -------------------------- | -| DC1_FABRIC | l2leaf | DC1-L2LEAF1A | 10.255.0.17/24 | vEOS-LAB | Provisioned | -| DC1_FABRIC | l2leaf | DC1-L2LEAF2A | 10.255.0.18/24 | vEOS-LAB | Provisioned | -| DC1_FABRIC | l3leaf | DC1-LEAF1A | 10.255.0.13/24 | vEOS-LAB | Provisioned | -| DC1_FABRIC | l3leaf | DC1-LEAF1B | 10.255.0.14/24 | vEOS-LAB | Provisioned | -| DC1_FABRIC | l3leaf | DC1-LEAF2A | 10.255.0.15/24 | vEOS-LAB | Provisioned | -| DC1_FABRIC | l3leaf | DC1-LEAF2B | 10.255.0.16/24 | vEOS-LAB | Provisioned | -| DC1_FABRIC | spine | DC1-SPINE1 | 10.255.0.11/24 | vEOS-LAB | Provisioned | -| DC1_FABRIC | spine | DC1-SPINE2 | 10.255.0.12/24 | vEOS-LAB | Provisioned | +| POD | Type | Node | Management IP | Platform | Provisioned in CloudVision | Serial Number | +| --- | ---- | ---- | ------------- | -------- | -------------------------- | ------------- | +| DC1_FABRIC | l2leaf | DC1-L2LEAF1A | 10.255.0.17/24 | vEOS-LAB | Provisioned | - | +| DC1_FABRIC | l2leaf | DC1-L2LEAF2A | 10.255.0.18/24 | vEOS-LAB | Provisioned | - | +| DC1_FABRIC | l3leaf | DC1-LEAF1A | 10.255.0.13/24 | vEOS-LAB | Provisioned | - | +| DC1_FABRIC | l3leaf | DC1-LEAF1B | 10.255.0.14/24 | vEOS-LAB | Provisioned | - | +| DC1_FABRIC | l3leaf | DC1-LEAF2A | 10.255.0.15/24 | vEOS-LAB | Provisioned | - | +| DC1_FABRIC | l3leaf | DC1-LEAF2B | 10.255.0.16/24 | vEOS-LAB | Provisioned | - | +| DC1_FABRIC | spine | DC1-SPINE1 | 10.255.0.11/24 | vEOS-LAB | Provisioned | - | +| DC1_FABRIC | spine | DC1-SPINE2 | 10.255.0.12/24 | vEOS-LAB | Provisioned | - | > Provision status is based on Ansible inventory declaration and do not represent real status from CloudVision. -## Fabric Switches with inband Management IP +### Fabric Switches with inband Management IP + | POD | Type | Node | Management IP | Inband Interface | | --- | ---- | ---- | ------------- | ---------------- | -# Fabric Topology +## Fabric Topology | Type | Node | Node Interface | Peer Type | Peer Node | Peer Interface | | ---- | ---- | -------------- | --------- | ----------| -------------- | @@ -55,15 +54,15 @@ | l3leaf | DC1-LEAF2B | Ethernet1 | spine | DC1-SPINE1 | Ethernet4 | | l3leaf | DC1-LEAF2B | Ethernet2 | spine | DC1-SPINE2 | Ethernet4 | -# Fabric IP Allocation +## Fabric IP Allocation -## Fabric Point-To-Point Links +### Fabric Point-To-Point Links | Uplink IPv4 Pool | Available Addresses | Assigned addresses | Assigned Address % | | ---------------- | ------------------- | ------------------ | ------------------ | | 172.31.255.0/24 | 256 | 16 | 6.25 % | -## Point-To-Point Links Node Allocation +### Point-To-Point Links Node Allocation | Node | Node Interface | Node IP Address | Peer Node | Peer Interface | Peer IP Address | | ---- | -------------- | --------------- | --------- | -------------- | --------------- | @@ -76,13 +75,13 @@ | DC1-LEAF2B | Ethernet1 | 172.31.255.13/31 | DC1-SPINE1 | Ethernet4 | 172.31.255.12/31 | | DC1-LEAF2B | Ethernet2 | 172.31.255.15/31 | DC1-SPINE2 | Ethernet4 | 172.31.255.14/31 | -## Loopback Interfaces (BGP EVPN Peering) +### Loopback Interfaces (BGP EVPN Peering) | Loopback Pool | Available Addresses | Assigned addresses | Assigned Address % | | ------------- | ------------------- | ------------------ | ------------------ | | 192.168.255.0/24 | 256 | 6 | 2.35 % | -## Loopback0 Interfaces Node Allocation +### Loopback0 Interfaces Node Allocation | POD | Node | Loopback0 | | --- | ---- | --------- | @@ -93,13 +92,13 @@ | DC1_FABRIC | DC1-SPINE1 | 192.168.255.1/32 | | DC1_FABRIC | DC1-SPINE2 | 192.168.255.2/32 | -## VTEP Loopback VXLAN Tunnel Source Interfaces (VTEPs Only) +### VTEP Loopback VXLAN Tunnel Source Interfaces (VTEPs Only) | VTEP Loopback Pool | Available Addresses | Assigned addresses | Assigned Address % | | --------------------- | ------------------- | ------------------ | ------------------ | | 192.168.254.0/24 | 256 | 4 | 1.57 % | -## VTEP Loopback Node allocation +### VTEP Loopback Node allocation | POD | Node | Loopback1 | | --- | ---- | --------- | diff --git a/inventory/documentation/fabric/DC1_FABRIC-p2p-links.csv b/inventory/documentation/fabric/DC1_FABRIC-p2p-links.csv index fad6fbcf..8968f0c4 100644 --- a/inventory/documentation/fabric/DC1_FABRIC-p2p-links.csv +++ b/inventory/documentation/fabric/DC1_FABRIC-p2p-links.csv @@ -1,4 +1,4 @@ -Type, Node,Node Interface,Leaf IP Address,Peer Type,Peer Node,Peer Interface,Peer IP Address +Type,Node,Node Interface,Leaf IP Address,Peer Type,Peer Node,Peer Interface,Peer IP Address l3leaf,DC1-LEAF1A,Ethernet1,172.31.255.1/31,spine,DC1-SPINE1,Ethernet1,172.31.255.0/31 l3leaf,DC1-LEAF1A,Ethernet2,172.31.255.3/31,spine,DC1-SPINE2,Ethernet1,172.31.255.2/31 l3leaf,DC1-LEAF1B,Ethernet1,172.31.255.5/31,spine,DC1-SPINE1,Ethernet2,172.31.255.4/31 diff --git a/inventory/documentation/fabric/DC1_FABRIC-topology.csv b/inventory/documentation/fabric/DC1_FABRIC-topology.csv index 16244c49..b9c35c5b 100644 --- a/inventory/documentation/fabric/DC1_FABRIC-topology.csv +++ b/inventory/documentation/fabric/DC1_FABRIC-topology.csv @@ -1,35 +1,35 @@ -Node Type,Node,Node Interface,Peer Type,Peer,Peer Interface -l2leaf,DC1-L2LEAF1A,Ethernet1,l3leaf,DC1-LEAF1A,Ethernet5 -l2leaf,DC1-L2LEAF1A,Ethernet2,l3leaf,DC1-LEAF1B,Ethernet5 -l2leaf,DC1-L2LEAF1A,Ethernet5,server,server01,Eth0 -l2leaf,DC1-L2LEAF2A,Ethernet1,l3leaf,DC1-LEAF2A,Ethernet5 -l2leaf,DC1-L2LEAF2A,Ethernet2,l3leaf,DC1-LEAF2B,Ethernet5 -l2leaf,DC1-L2LEAF2A,Ethernet5,server,server02,Eth0 -l3leaf,DC1-LEAF1A,Ethernet1,spine,DC1-SPINE1,Ethernet1 -l3leaf,DC1-LEAF1A,Ethernet2,spine,DC1-SPINE2,Ethernet1 -l3leaf,DC1-LEAF1A,Ethernet3,mlag_peer,DC1-LEAF1B,Ethernet3 -l3leaf,DC1-LEAF1A,Ethernet4,mlag_peer,DC1-LEAF1B,Ethernet4 -l3leaf,DC1-LEAF1A,Ethernet5,l2leaf,DC1-L2LEAF1A,Ethernet1 -l3leaf,DC1-LEAF1B,Ethernet1,spine,DC1-SPINE1,Ethernet2 -l3leaf,DC1-LEAF1B,Ethernet2,spine,DC1-SPINE2,Ethernet2 -l3leaf,DC1-LEAF1B,Ethernet3,mlag_peer,DC1-LEAF1A,Ethernet3 -l3leaf,DC1-LEAF1B,Ethernet4,mlag_peer,DC1-LEAF1A,Ethernet4 -l3leaf,DC1-LEAF1B,Ethernet5,l2leaf,DC1-L2LEAF1A,Ethernet2 -l3leaf,DC1-LEAF2A,Ethernet1,spine,DC1-SPINE1,Ethernet3 -l3leaf,DC1-LEAF2A,Ethernet2,spine,DC1-SPINE2,Ethernet3 -l3leaf,DC1-LEAF2A,Ethernet3,mlag_peer,DC1-LEAF2B,Ethernet3 -l3leaf,DC1-LEAF2A,Ethernet4,mlag_peer,DC1-LEAF2B,Ethernet4 -l3leaf,DC1-LEAF2A,Ethernet5,l2leaf,DC1-L2LEAF2A,Ethernet1 -l3leaf,DC1-LEAF2B,Ethernet1,spine,DC1-SPINE1,Ethernet4 -l3leaf,DC1-LEAF2B,Ethernet2,spine,DC1-SPINE2,Ethernet4 -l3leaf,DC1-LEAF2B,Ethernet3,mlag_peer,DC1-LEAF2A,Ethernet3 -l3leaf,DC1-LEAF2B,Ethernet4,mlag_peer,DC1-LEAF2A,Ethernet4 -l3leaf,DC1-LEAF2B,Ethernet5,l2leaf,DC1-L2LEAF2A,Ethernet2 -spine,DC1-SPINE1,Ethernet1,l3leaf,DC1-LEAF1A,Ethernet1 -spine,DC1-SPINE1,Ethernet2,l3leaf,DC1-LEAF1B,Ethernet1 -spine,DC1-SPINE1,Ethernet3,l3leaf,DC1-LEAF2A,Ethernet1 -spine,DC1-SPINE1,Ethernet4,l3leaf,DC1-LEAF2B,Ethernet1 -spine,DC1-SPINE2,Ethernet1,l3leaf,DC1-LEAF1A,Ethernet2 -spine,DC1-SPINE2,Ethernet2,l3leaf,DC1-LEAF1B,Ethernet2 -spine,DC1-SPINE2,Ethernet3,l3leaf,DC1-LEAF2A,Ethernet2 -spine,DC1-SPINE2,Ethernet4,l3leaf,DC1-LEAF2B,Ethernet2 +Node Type,Node,Node Interface,Peer Type,Peer Node,Peer Interface,Node Interface Enabled +l2leaf,DC1-L2LEAF1A,Ethernet1,l3leaf,DC1-LEAF1A,Ethernet5,True +l2leaf,DC1-L2LEAF1A,Ethernet2,l3leaf,DC1-LEAF1B,Ethernet5,True +l2leaf,DC1-L2LEAF1A,Ethernet5,server,server01,Eth0,True +l2leaf,DC1-L2LEAF2A,Ethernet1,l3leaf,DC1-LEAF2A,Ethernet5,True +l2leaf,DC1-L2LEAF2A,Ethernet2,l3leaf,DC1-LEAF2B,Ethernet5,True +l2leaf,DC1-L2LEAF2A,Ethernet5,server,server02,Eth0,True +l3leaf,DC1-LEAF1A,Ethernet1,spine,DC1-SPINE1,Ethernet1,True +l3leaf,DC1-LEAF1A,Ethernet2,spine,DC1-SPINE2,Ethernet1,True +l3leaf,DC1-LEAF1A,Ethernet3,mlag_peer,DC1-LEAF1B,Ethernet3,True +l3leaf,DC1-LEAF1A,Ethernet4,mlag_peer,DC1-LEAF1B,Ethernet4,True +l3leaf,DC1-LEAF1A,Ethernet5,l2leaf,DC1-L2LEAF1A,Ethernet1,True +l3leaf,DC1-LEAF1B,Ethernet1,spine,DC1-SPINE1,Ethernet2,True +l3leaf,DC1-LEAF1B,Ethernet2,spine,DC1-SPINE2,Ethernet2,True +l3leaf,DC1-LEAF1B,Ethernet3,mlag_peer,DC1-LEAF1A,Ethernet3,True +l3leaf,DC1-LEAF1B,Ethernet4,mlag_peer,DC1-LEAF1A,Ethernet4,True +l3leaf,DC1-LEAF1B,Ethernet5,l2leaf,DC1-L2LEAF1A,Ethernet2,True +l3leaf,DC1-LEAF2A,Ethernet1,spine,DC1-SPINE1,Ethernet3,True +l3leaf,DC1-LEAF2A,Ethernet2,spine,DC1-SPINE2,Ethernet3,True +l3leaf,DC1-LEAF2A,Ethernet3,mlag_peer,DC1-LEAF2B,Ethernet3,True +l3leaf,DC1-LEAF2A,Ethernet4,mlag_peer,DC1-LEAF2B,Ethernet4,True +l3leaf,DC1-LEAF2A,Ethernet5,l2leaf,DC1-L2LEAF2A,Ethernet1,True +l3leaf,DC1-LEAF2B,Ethernet1,spine,DC1-SPINE1,Ethernet4,True +l3leaf,DC1-LEAF2B,Ethernet2,spine,DC1-SPINE2,Ethernet4,True +l3leaf,DC1-LEAF2B,Ethernet3,mlag_peer,DC1-LEAF2A,Ethernet3,True +l3leaf,DC1-LEAF2B,Ethernet4,mlag_peer,DC1-LEAF2A,Ethernet4,True +l3leaf,DC1-LEAF2B,Ethernet5,l2leaf,DC1-L2LEAF2A,Ethernet2,True +spine,DC1-SPINE1,Ethernet1,l3leaf,DC1-LEAF1A,Ethernet1,True +spine,DC1-SPINE1,Ethernet2,l3leaf,DC1-LEAF1B,Ethernet1,True +spine,DC1-SPINE1,Ethernet3,l3leaf,DC1-LEAF2A,Ethernet1,True +spine,DC1-SPINE1,Ethernet4,l3leaf,DC1-LEAF2B,Ethernet1,True +spine,DC1-SPINE2,Ethernet1,l3leaf,DC1-LEAF1A,Ethernet2,True +spine,DC1-SPINE2,Ethernet2,l3leaf,DC1-LEAF1B,Ethernet2,True +spine,DC1-SPINE2,Ethernet3,l3leaf,DC1-LEAF2A,Ethernet2,True +spine,DC1-SPINE2,Ethernet4,l3leaf,DC1-LEAF2B,Ethernet2,True diff --git a/inventory/group_vars/DC1.yml b/inventory/group_vars/DC1.yml index 0220f906..08f072c7 100644 --- a/inventory/group_vars/DC1.yml +++ b/inventory/group_vars/DC1.yml @@ -18,7 +18,8 @@ local_users: sha512_password: "$6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/" # Cloud Vision server information -cvp_instance_ip: 10.255.0.1 +cvp_instance_ips: + - 10.255.0.1 cvp_ingestauth_key: '' # cvp_ingestauth_key: telarista diff --git a/inventory/group_vars/DC1_FABRIC.yml b/inventory/group_vars/DC1_FABRIC.yml index 5e9f128f..13a3871d 100644 --- a/inventory/group_vars/DC1_FABRIC.yml +++ b/inventory/group_vars/DC1_FABRIC.yml @@ -5,15 +5,15 @@ fabric_name: DC1_FABRIC # Enable vlan aware bundles -vxlan_vlan_aware_bundles: true +evpn_vlan_aware_bundles: true # bgp peer groups passwords bgp_peer_groups: - IPv4_UNDERLAY_PEERS: + ipv4_underlay_peers: password: "AQQvKeimxJu+uGQ/yYvv9w==" - EVPN_OVERLAY_PEERS: + evpn_overlay_peers: password: "q+VNViP5i4rVjW1cxFv2wA==" - MLAG_IPv4_UNDERLAY_PEER: + mlag_ipv4_underlay_peer: password: "vnEaG8gMeQf3d3cN6PktXQ==" # Spine Switches diff --git a/inventory/group_vars/DC1_SERVERS.yml b/inventory/group_vars/DC1_SERVERS.yml index a7993ab4..8cc72d92 100644 --- a/inventory/group_vars/DC1_SERVERS.yml +++ b/inventory/group_vars/DC1_SERVERS.yml @@ -14,16 +14,14 @@ servers: server01: rack: RackA adapters: - - type: nic - server_ports: [Eth0] + - endpoint_ports: [Eth0] switch_ports: [Ethernet5] switches: [DC1-L2LEAF1A] profile: TENANT_A server02: rack: RackA adapters: - - type: nic - server_ports: [Eth0] + - endpoint_ports: [Eth0] switch_ports: [Ethernet5] switches: [DC1-L2LEAF2A] profile: TENANT_A diff --git a/inventory/group_vars/DC1_TENANTS_NETWORKS.yml b/inventory/group_vars/DC1_TENANTS_NETWORKS.yml index adbcc36f..e7646e04 100644 --- a/inventory/group_vars/DC1_TENANTS_NETWORKS.yml +++ b/inventory/group_vars/DC1_TENANTS_NETWORKS.yml @@ -36,7 +36,7 @@ tenants: name: Tenant_A_WEB_Zone_1 tags: [web, erp1] enabled: true - ip_subnet: 10.1.20.0/24 + ip_address_virtual: 10.1.20.1/24 121: name: Tenant_A_WEBZone_2 tags: [web] @@ -49,7 +49,7 @@ tenants: name: Tenant_A_APP_Zone_1 tags: [app, erp1] enabled: true - ip_subnet: 10.1.30.0/24 + ip_address_virtual: 10.1.30.1/24 131: name: Tenant_A_APP_Zone_2 tags: [app] @@ -96,7 +96,7 @@ tenants: name: Tenant_B_OP_Zone_1 tags: [opzone] enabled: true - ip_subnet: 10.2.10.0/24 + ip_address_virtual: 10.2.10.1/24 211: name: Tenant_B_OP_Zone_2 tags: [opzone] @@ -122,12 +122,12 @@ tenants: name: Tenant_C_OP_Zone_1 tags: [opzone] enabled: true - ip_subnet: 10.3.10.0/24 + ip_address_virtual: 10.3.10.1/24 311: name: Tenant_C_OP_Zone_2 tags: [opzone] enabled: true - ip_subnet: 10.3.11.1/24 + ip_address_virtual: 10.3.11.1/24 Tenant_C_WAN_Zone: vrf_vni: 31 svis: @@ -135,4 +135,4 @@ tenants: name: Tenant_C_WAN_Zone_1 tags: [wan] enabled: true - ip_subnet: 10.3.50.1/24 + ip_address_virtual: 10.3.50.1/24 diff --git a/inventory/intended/configs/DC1-L2LEAF1A.cfg b/inventory/intended/configs/DC1-L2LEAF1A.cfg index 465a3146..c4bae45a 100644 --- a/inventory/intended/configs/DC1-L2LEAF1A.cfg +++ b/inventory/intended/configs/DC1-L2LEAF1A.cfg @@ -1,7 +1,7 @@ !RANCID-CONTENT-TYPE: arista ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ! vlan internal order ascending range 1006 1199 @@ -21,8 +21,8 @@ ntp server vrf MGMT 1.fr.pool.ntp.org spanning-tree mode mstp spanning-tree mst 0 priority 16384 ! -no aaa root no enable password +no aaa root ! username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ @@ -71,17 +71,15 @@ interface Ethernet2 interface Ethernet5 description server01_Eth0 no shutdown - switchport switchport access vlan 110 switchport mode access + switchport ! interface Management1 description oob_management no shutdown vrf MGMT ip address 10.255.0.17/24 -! -ip routing no ip routing vrf MGMT ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 diff --git a/inventory/intended/configs/DC1-L2LEAF2A.cfg b/inventory/intended/configs/DC1-L2LEAF2A.cfg index 52a85eb8..57971bff 100644 --- a/inventory/intended/configs/DC1-L2LEAF2A.cfg +++ b/inventory/intended/configs/DC1-L2LEAF2A.cfg @@ -1,7 +1,7 @@ !RANCID-CONTENT-TYPE: arista ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ! vlan internal order ascending range 1006 1199 @@ -21,8 +21,8 @@ ntp server vrf MGMT 1.fr.pool.ntp.org spanning-tree mode mstp spanning-tree mst 0 priority 16384 ! -no aaa root no enable password +no aaa root ! username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ @@ -71,17 +71,15 @@ interface Ethernet2 interface Ethernet5 description server02_Eth0 no shutdown - switchport switchport access vlan 110 switchport mode access + switchport ! interface Management1 description oob_management no shutdown vrf MGMT ip address 10.255.0.18/24 -! -ip routing no ip routing vrf MGMT ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 diff --git a/inventory/intended/configs/DC1-LEAF1A.cfg b/inventory/intended/configs/DC1-LEAF1A.cfg index 9b265171..4b8ec77f 100644 --- a/inventory/intended/configs/DC1-LEAF1A.cfg +++ b/inventory/intended/configs/DC1-LEAF1A.cfg @@ -1,7 +1,7 @@ !RANCID-CONTENT-TYPE: arista ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ! vlan internal order ascending range 1006 1199 @@ -22,8 +22,8 @@ spanning-tree mode mstp no spanning-tree vlan-id 4093-4094 spanning-tree mst 0 priority 16384 ! -no aaa root no enable password +no aaa root ! username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ @@ -151,7 +151,6 @@ interface Port-Channel3 description MLAG_PEER_DC1-LEAF1B_Po3 no shutdown switchport - switchport trunk allowed vlan 2-4094 switchport mode trunk switchport trunk group LEAF_PEER_L3 switchport trunk group MLAG @@ -237,6 +236,7 @@ interface Vlan120 description Tenant_A_WEB_Zone_1 no shutdown vrf Tenant_A_WEB_Zone + ip address virtual 10.1.20.1/24 ! interface Vlan121 description Tenant_A_WEBZone_2 @@ -248,6 +248,7 @@ interface Vlan130 description Tenant_A_APP_Zone_1 no shutdown vrf Tenant_A_APP_Zone + ip address virtual 10.1.30.1/24 ! interface Vlan131 description Tenant_A_APP_Zone_2 @@ -277,6 +278,7 @@ interface Vlan210 description Tenant_B_OP_Zone_1 no shutdown vrf Tenant_B_OP_Zone + ip address virtual 10.2.10.1/24 ! interface Vlan211 description Tenant_B_OP_Zone_2 @@ -294,16 +296,19 @@ interface Vlan310 description Tenant_C_OP_Zone_1 no shutdown vrf Tenant_C_OP_Zone + ip address virtual 10.3.10.1/24 ! interface Vlan311 description Tenant_C_OP_Zone_2 no shutdown vrf Tenant_C_OP_Zone + ip address virtual 10.3.11.1/24 ! interface Vlan350 description Tenant_C_WAN_Zone_1 no shutdown vrf Tenant_C_WAN_Zone + ip address virtual 10.3.50.1/24 ! interface Vlan3009 description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone @@ -456,11 +461,13 @@ router bfd ! router bgp 65101 router-id 192.168.255.3 + maximum-paths 4 ecmp 4 + update wait-install + no bgp default ipv4-unicast no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart - maximum-paths 4 ecmp 4 neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd @@ -475,6 +482,7 @@ router bgp 65101 neighbor MLAG-IPv4-UNDERLAY-PEER peer group neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101 neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self + neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF1B neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== neighbor MLAG-IPv4-UNDERLAY-PEER send-community neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 @@ -574,6 +582,7 @@ router bgp 65101 route-target import evpn 12:12 route-target export evpn 12:12 router-id 192.168.255.3 + update wait-install neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -582,6 +591,7 @@ router bgp 65101 route-target import evpn 13:13 route-target export evpn 13:13 router-id 192.168.255.3 + update wait-install neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -590,6 +600,7 @@ router bgp 65101 route-target import evpn 10:10 route-target export evpn 10:10 router-id 192.168.255.3 + update wait-install neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -598,6 +609,7 @@ router bgp 65101 route-target import evpn 14:14 route-target export evpn 14:14 router-id 192.168.255.3 + update wait-install neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -606,6 +618,7 @@ router bgp 65101 route-target import evpn 11:11 route-target export evpn 11:11 router-id 192.168.255.3 + update wait-install neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -614,6 +627,7 @@ router bgp 65101 route-target import evpn 20:20 route-target export evpn 20:20 router-id 192.168.255.3 + update wait-install neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -622,6 +636,7 @@ router bgp 65101 route-target import evpn 21:21 route-target export evpn 21:21 router-id 192.168.255.3 + update wait-install neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -630,6 +645,7 @@ router bgp 65101 route-target import evpn 30:30 route-target export evpn 30:30 router-id 192.168.255.3 + update wait-install neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -638,6 +654,7 @@ router bgp 65101 route-target import evpn 31:31 route-target export evpn 31:31 router-id 192.168.255.3 + update wait-install neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! diff --git a/inventory/intended/configs/DC1-LEAF1B.cfg b/inventory/intended/configs/DC1-LEAF1B.cfg index ced0b9a8..05d9ce33 100644 --- a/inventory/intended/configs/DC1-LEAF1B.cfg +++ b/inventory/intended/configs/DC1-LEAF1B.cfg @@ -1,7 +1,7 @@ !RANCID-CONTENT-TYPE: arista ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ! vlan internal order ascending range 1006 1199 @@ -22,8 +22,8 @@ spanning-tree mode mstp no spanning-tree vlan-id 4093-4094 spanning-tree mst 0 priority 16384 ! -no aaa root no enable password +no aaa root ! username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ @@ -151,7 +151,6 @@ interface Port-Channel3 description MLAG_PEER_DC1-LEAF1A_Po3 no shutdown switchport - switchport trunk allowed vlan 2-4094 switchport mode trunk switchport trunk group LEAF_PEER_L3 switchport trunk group MLAG @@ -237,6 +236,7 @@ interface Vlan120 description Tenant_A_WEB_Zone_1 no shutdown vrf Tenant_A_WEB_Zone + ip address virtual 10.1.20.1/24 ! interface Vlan121 description Tenant_A_WEBZone_2 @@ -248,6 +248,7 @@ interface Vlan130 description Tenant_A_APP_Zone_1 no shutdown vrf Tenant_A_APP_Zone + ip address virtual 10.1.30.1/24 ! interface Vlan131 description Tenant_A_APP_Zone_2 @@ -277,6 +278,7 @@ interface Vlan210 description Tenant_B_OP_Zone_1 no shutdown vrf Tenant_B_OP_Zone + ip address virtual 10.2.10.1/24 ! interface Vlan211 description Tenant_B_OP_Zone_2 @@ -294,16 +296,19 @@ interface Vlan310 description Tenant_C_OP_Zone_1 no shutdown vrf Tenant_C_OP_Zone + ip address virtual 10.3.10.1/24 ! interface Vlan311 description Tenant_C_OP_Zone_2 no shutdown vrf Tenant_C_OP_Zone + ip address virtual 10.3.11.1/24 ! interface Vlan350 description Tenant_C_WAN_Zone_1 no shutdown vrf Tenant_C_WAN_Zone + ip address virtual 10.3.50.1/24 ! interface Vlan3009 description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone @@ -456,11 +461,13 @@ router bfd ! router bgp 65101 router-id 192.168.255.4 + maximum-paths 4 ecmp 4 + update wait-install + no bgp default ipv4-unicast no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart - maximum-paths 4 ecmp 4 neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd @@ -475,6 +482,7 @@ router bgp 65101 neighbor MLAG-IPv4-UNDERLAY-PEER peer group neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101 neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self + neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF1A neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== neighbor MLAG-IPv4-UNDERLAY-PEER send-community neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 @@ -574,6 +582,7 @@ router bgp 65101 route-target import evpn 12:12 route-target export evpn 12:12 router-id 192.168.255.4 + update wait-install neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -582,6 +591,7 @@ router bgp 65101 route-target import evpn 13:13 route-target export evpn 13:13 router-id 192.168.255.4 + update wait-install neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -590,6 +600,7 @@ router bgp 65101 route-target import evpn 10:10 route-target export evpn 10:10 router-id 192.168.255.4 + update wait-install neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -598,6 +609,7 @@ router bgp 65101 route-target import evpn 14:14 route-target export evpn 14:14 router-id 192.168.255.4 + update wait-install neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -606,6 +618,7 @@ router bgp 65101 route-target import evpn 11:11 route-target export evpn 11:11 router-id 192.168.255.4 + update wait-install neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -614,6 +627,7 @@ router bgp 65101 route-target import evpn 20:20 route-target export evpn 20:20 router-id 192.168.255.4 + update wait-install neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -622,6 +636,7 @@ router bgp 65101 route-target import evpn 21:21 route-target export evpn 21:21 router-id 192.168.255.4 + update wait-install neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -630,6 +645,7 @@ router bgp 65101 route-target import evpn 30:30 route-target export evpn 30:30 router-id 192.168.255.4 + update wait-install neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -638,6 +654,7 @@ router bgp 65101 route-target import evpn 31:31 route-target export evpn 31:31 router-id 192.168.255.4 + update wait-install neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! diff --git a/inventory/intended/configs/DC1-LEAF2A.cfg b/inventory/intended/configs/DC1-LEAF2A.cfg index ada0dd79..a2b6ae70 100644 --- a/inventory/intended/configs/DC1-LEAF2A.cfg +++ b/inventory/intended/configs/DC1-LEAF2A.cfg @@ -1,7 +1,7 @@ !RANCID-CONTENT-TYPE: arista ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ! vlan internal order ascending range 1006 1199 @@ -22,8 +22,8 @@ spanning-tree mode mstp no spanning-tree vlan-id 4093-4094 spanning-tree mst 0 priority 16384 ! -no aaa root no enable password +no aaa root ! username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ @@ -151,7 +151,6 @@ interface Port-Channel3 description MLAG_PEER_DC1-LEAF2B_Po3 no shutdown switchport - switchport trunk allowed vlan 2-4094 switchport mode trunk switchport trunk group LEAF_PEER_L3 switchport trunk group MLAG @@ -237,6 +236,7 @@ interface Vlan120 description Tenant_A_WEB_Zone_1 no shutdown vrf Tenant_A_WEB_Zone + ip address virtual 10.1.20.1/24 ! interface Vlan121 description Tenant_A_WEBZone_2 @@ -248,6 +248,7 @@ interface Vlan130 description Tenant_A_APP_Zone_1 no shutdown vrf Tenant_A_APP_Zone + ip address virtual 10.1.30.1/24 ! interface Vlan131 description Tenant_A_APP_Zone_2 @@ -277,6 +278,7 @@ interface Vlan210 description Tenant_B_OP_Zone_1 no shutdown vrf Tenant_B_OP_Zone + ip address virtual 10.2.10.1/24 ! interface Vlan211 description Tenant_B_OP_Zone_2 @@ -294,16 +296,19 @@ interface Vlan310 description Tenant_C_OP_Zone_1 no shutdown vrf Tenant_C_OP_Zone + ip address virtual 10.3.10.1/24 ! interface Vlan311 description Tenant_C_OP_Zone_2 no shutdown vrf Tenant_C_OP_Zone + ip address virtual 10.3.11.1/24 ! interface Vlan350 description Tenant_C_WAN_Zone_1 no shutdown vrf Tenant_C_WAN_Zone + ip address virtual 10.3.50.1/24 ! interface Vlan3009 description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone @@ -456,11 +461,13 @@ router bfd ! router bgp 65102 router-id 192.168.255.5 + maximum-paths 4 ecmp 4 + update wait-install + no bgp default ipv4-unicast no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart - maximum-paths 4 ecmp 4 neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd @@ -475,6 +482,7 @@ router bgp 65102 neighbor MLAG-IPv4-UNDERLAY-PEER peer group neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102 neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self + neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2B neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== neighbor MLAG-IPv4-UNDERLAY-PEER send-community neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 @@ -574,6 +582,7 @@ router bgp 65102 route-target import evpn 12:12 route-target export evpn 12:12 router-id 192.168.255.5 + update wait-install neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -582,6 +591,7 @@ router bgp 65102 route-target import evpn 13:13 route-target export evpn 13:13 router-id 192.168.255.5 + update wait-install neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -590,6 +600,7 @@ router bgp 65102 route-target import evpn 10:10 route-target export evpn 10:10 router-id 192.168.255.5 + update wait-install neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -598,6 +609,7 @@ router bgp 65102 route-target import evpn 14:14 route-target export evpn 14:14 router-id 192.168.255.5 + update wait-install neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -606,6 +618,7 @@ router bgp 65102 route-target import evpn 11:11 route-target export evpn 11:11 router-id 192.168.255.5 + update wait-install neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -614,6 +627,7 @@ router bgp 65102 route-target import evpn 20:20 route-target export evpn 20:20 router-id 192.168.255.5 + update wait-install neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -622,6 +636,7 @@ router bgp 65102 route-target import evpn 21:21 route-target export evpn 21:21 router-id 192.168.255.5 + update wait-install neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -630,6 +645,7 @@ router bgp 65102 route-target import evpn 30:30 route-target export evpn 30:30 router-id 192.168.255.5 + update wait-install neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -638,6 +654,7 @@ router bgp 65102 route-target import evpn 31:31 route-target export evpn 31:31 router-id 192.168.255.5 + update wait-install neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! diff --git a/inventory/intended/configs/DC1-LEAF2B.cfg b/inventory/intended/configs/DC1-LEAF2B.cfg index 178d1df4..82ed474c 100644 --- a/inventory/intended/configs/DC1-LEAF2B.cfg +++ b/inventory/intended/configs/DC1-LEAF2B.cfg @@ -1,7 +1,7 @@ !RANCID-CONTENT-TYPE: arista ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ! vlan internal order ascending range 1006 1199 @@ -22,8 +22,8 @@ spanning-tree mode mstp no spanning-tree vlan-id 4093-4094 spanning-tree mst 0 priority 16384 ! -no aaa root no enable password +no aaa root ! username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ @@ -151,7 +151,6 @@ interface Port-Channel3 description MLAG_PEER_DC1-LEAF2A_Po3 no shutdown switchport - switchport trunk allowed vlan 2-4094 switchport mode trunk switchport trunk group LEAF_PEER_L3 switchport trunk group MLAG @@ -237,6 +236,7 @@ interface Vlan120 description Tenant_A_WEB_Zone_1 no shutdown vrf Tenant_A_WEB_Zone + ip address virtual 10.1.20.1/24 ! interface Vlan121 description Tenant_A_WEBZone_2 @@ -248,6 +248,7 @@ interface Vlan130 description Tenant_A_APP_Zone_1 no shutdown vrf Tenant_A_APP_Zone + ip address virtual 10.1.30.1/24 ! interface Vlan131 description Tenant_A_APP_Zone_2 @@ -277,6 +278,7 @@ interface Vlan210 description Tenant_B_OP_Zone_1 no shutdown vrf Tenant_B_OP_Zone + ip address virtual 10.2.10.1/24 ! interface Vlan211 description Tenant_B_OP_Zone_2 @@ -294,16 +296,19 @@ interface Vlan310 description Tenant_C_OP_Zone_1 no shutdown vrf Tenant_C_OP_Zone + ip address virtual 10.3.10.1/24 ! interface Vlan311 description Tenant_C_OP_Zone_2 no shutdown vrf Tenant_C_OP_Zone + ip address virtual 10.3.11.1/24 ! interface Vlan350 description Tenant_C_WAN_Zone_1 no shutdown vrf Tenant_C_WAN_Zone + ip address virtual 10.3.50.1/24 ! interface Vlan3009 description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone @@ -456,11 +461,13 @@ router bfd ! router bgp 65102 router-id 192.168.255.6 + maximum-paths 4 ecmp 4 + update wait-install + no bgp default ipv4-unicast no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart - maximum-paths 4 ecmp 4 neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd @@ -475,6 +482,7 @@ router bgp 65102 neighbor MLAG-IPv4-UNDERLAY-PEER peer group neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102 neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self + neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2A neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== neighbor MLAG-IPv4-UNDERLAY-PEER send-community neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 @@ -574,6 +582,7 @@ router bgp 65102 route-target import evpn 12:12 route-target export evpn 12:12 router-id 192.168.255.6 + update wait-install neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -582,6 +591,7 @@ router bgp 65102 route-target import evpn 13:13 route-target export evpn 13:13 router-id 192.168.255.6 + update wait-install neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -590,6 +600,7 @@ router bgp 65102 route-target import evpn 10:10 route-target export evpn 10:10 router-id 192.168.255.6 + update wait-install neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -598,6 +609,7 @@ router bgp 65102 route-target import evpn 14:14 route-target export evpn 14:14 router-id 192.168.255.6 + update wait-install neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -606,6 +618,7 @@ router bgp 65102 route-target import evpn 11:11 route-target export evpn 11:11 router-id 192.168.255.6 + update wait-install neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -614,6 +627,7 @@ router bgp 65102 route-target import evpn 20:20 route-target export evpn 20:20 router-id 192.168.255.6 + update wait-install neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -622,6 +636,7 @@ router bgp 65102 route-target import evpn 21:21 route-target export evpn 21:21 router-id 192.168.255.6 + update wait-install neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -630,6 +645,7 @@ router bgp 65102 route-target import evpn 30:30 route-target export evpn 30:30 router-id 192.168.255.6 + update wait-install neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! @@ -638,6 +654,7 @@ router bgp 65102 route-target import evpn 31:31 route-target export evpn 31:31 router-id 192.168.255.6 + update wait-install neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected ! diff --git a/inventory/intended/configs/DC1-SPINE1.cfg b/inventory/intended/configs/DC1-SPINE1.cfg index f76715fe..19140603 100644 --- a/inventory/intended/configs/DC1-SPINE1.cfg +++ b/inventory/intended/configs/DC1-SPINE1.cfg @@ -1,7 +1,7 @@ !RANCID-CONTENT-TYPE: arista ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ! vlan internal order ascending range 1006 1199 @@ -20,8 +20,8 @@ ntp server vrf MGMT 1.fr.pool.ntp.org ! spanning-tree mode none ! -no aaa root no enable password +no aaa root ! username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ @@ -84,11 +84,13 @@ router bfd ! router bgp 65001 router-id 192.168.255.1 + maximum-paths 4 ecmp 4 + update wait-install + no bgp default ipv4-unicast no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart - maximum-paths 4 ecmp 4 neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS next-hop-unchanged neighbor EVPN-OVERLAY-PEERS update-source Loopback0 diff --git a/inventory/intended/configs/DC1-SPINE2.cfg b/inventory/intended/configs/DC1-SPINE2.cfg index d8a47a98..a261122e 100644 --- a/inventory/intended/configs/DC1-SPINE2.cfg +++ b/inventory/intended/configs/DC1-SPINE2.cfg @@ -1,7 +1,7 @@ !RANCID-CONTENT-TYPE: arista ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ! vlan internal order ascending range 1006 1199 @@ -20,8 +20,8 @@ ntp server vrf MGMT 1.fr.pool.ntp.org ! spanning-tree mode none ! -no aaa root no enable password +no aaa root ! username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ @@ -84,11 +84,13 @@ router bfd ! router bgp 65001 router-id 192.168.255.2 + maximum-paths 4 ecmp 4 + update wait-install + no bgp default ipv4-unicast no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart - maximum-paths 4 ecmp 4 neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS next-hop-unchanged neighbor EVPN-OVERLAY-PEERS update-source Loopback0 diff --git a/inventory/intended/structured_configs/DC1-L2LEAF1A-debug-vars.yml b/inventory/intended/structured_configs/DC1-L2LEAF1A-debug-vars.yml index 9752ea51..71fb12e6 100644 --- a/inventory/intended/structured_configs/DC1-L2LEAF1A-debug-vars.yml +++ b/inventory/intended/structured_configs/DC1-L2LEAF1A-debug-vars.yml @@ -20,7 +20,8 @@ local_users: privilege: 15 role: network-admin sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -cvp_instance_ip: 10.255.0.1 +cvp_instance_ips: +- 10.255.0.1 cvp_ingestauth_key: '' mgmt_interface: Management1 mgmt_interface_vrf: MGMT @@ -39,13 +40,13 @@ custom_structured_configuration_ntp: - name: 1.fr.pool.ntp.org vrf: MGMT fabric_name: DC1_FABRIC -vxlan_vlan_aware_bundles: true +evpn_vlan_aware_bundles: true bgp_peer_groups: - IPv4_UNDERLAY_PEERS: + ipv4_underlay_peers: password: AQQvKeimxJu+uGQ/yYvv9w== - EVPN_OVERLAY_PEERS: + evpn_overlay_peers: password: q+VNViP5i4rVjW1cxFv2wA== - MLAG_IPv4_UNDERLAY_PEER: + mlag_ipv4_underlay_peer: password: vnEaG8gMeQf3d3cN6PktXQ== spine: defaults: @@ -197,8 +198,7 @@ servers: server01: rack: RackA adapters: - - type: nic - server_ports: + - endpoint_ports: - Eth0 switch_ports: - Ethernet5 @@ -208,8 +208,7 @@ servers: server02: rack: RackA adapters: - - type: nic - server_ports: + - endpoint_ports: - Eth0 switch_ports: - Ethernet5 @@ -255,7 +254,7 @@ tenants: - web - erp1 enabled: true - ip_subnet: 10.1.20.0/24 + ip_address_virtual: 10.1.20.1/24 121: name: Tenant_A_WEBZone_2 tags: @@ -271,7 +270,7 @@ tenants: - app - erp1 enabled: true - ip_subnet: 10.1.30.0/24 + ip_address_virtual: 10.1.30.1/24 131: name: Tenant_A_APP_Zone_2 tags: @@ -324,7 +323,7 @@ tenants: tags: - opzone enabled: true - ip_subnet: 10.2.10.0/24 + ip_address_virtual: 10.2.10.1/24 211: name: Tenant_B_OP_Zone_2 tags: @@ -351,13 +350,13 @@ tenants: tags: - opzone enabled: true - ip_subnet: 10.3.10.0/24 + ip_address_virtual: 10.3.10.1/24 311: name: Tenant_C_OP_Zone_2 tags: - opzone enabled: true - ip_subnet: 10.3.11.1/24 + ip_address_virtual: 10.3.11.1/24 Tenant_C_WAN_Zone: vrf_vni: 31 svis: @@ -366,9 +365,9 @@ tenants: tags: - wan enabled: true - ip_subnet: 10.3.50.1/24 -inventory_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml -inventory_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory + ip_address_virtual: 10.3.50.1/24 +inventory_file: /home/colin/temp/ansible-avd-cloudvision-demo/inventory/inventory.yml +inventory_dir: /home/colin/temp/ansible-avd-cloudvision-demo/inventory ansible_host: 10.255.0.17 inventory_hostname: DC1-L2LEAF1A inventory_hostname_short: DC1-L2LEAF1A @@ -380,287 +379,846 @@ group_names: - DC1_SERVERS - DC1_TENANTS_NETWORKS ansible_facts: - switch: - type: l2leaf - node_type_key: l2leaf - connected_endpoints: true - default_evpn_role: none - mlag_support: true - network_services_l2: true - network_services_l3: false - underlay_router: false - uplink_type: port-channel - vtep: false - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_L2LEAF1 - id: 5 - mgmt_ip: 10.255.0.17/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - Tenant_A - filter_tags: - - opzone - - web - - app - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: + avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF1A + - DC1-LEAF1B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF2A + - DC1-LEAF2B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + avd_overlay_peers: + DC1-SPINE1: - DC1-LEAF1A - DC1-LEAF1B - uplink_switch_interfaces: - - Ethernet5 - - Ethernet5 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - mlag: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: [] - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - topology: - links: - Ethernet1: + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + avd_topology_peers: + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF2A: + - DC1-L2LEAF2A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 peer: DC1-LEAF1A peer_interface: Ethernet5 peer_type: l3leaf + peer_is_deployed: true type: underlay_l2 channel_description: DC1_LEAF1 - channel_group_id: 1 - peer_channel_group_id: 5 - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - Ethernet2: + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 peer: DC1-LEAF1B peer_interface: Ethernet5 peer_type: l3leaf + peer_is_deployed: true type: underlay_l2 channel_description: DC1_LEAF1 - channel_group_id: 1 - peer_channel_group_id: 5 - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - peers: - - DC1-LEAF1A - - DC1-LEAF1B - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 -switch: - type: l2leaf - node_type_key: l2leaf - connected_endpoints: true - default_evpn_role: none - mlag_support: true - network_services_l2: true - network_services_l3: false - underlay_router: false - uplink_type: port-channel - vtep: false - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_L2LEAF1 - id: 5 - mgmt_ip: 10.255.0.17/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - Tenant_A - filter_tags: - - opzone - - web - - app - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF1A + - DC1-LEAF1B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF2A + - DC1-LEAF2B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] +avd_overlay_peers: + DC1-SPINE1: - DC1-LEAF1A - DC1-LEAF1B - uplink_switch_interfaces: - - Ethernet5 - - Ethernet5 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - mlag: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: [] - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 -topology: - links: - Ethernet1: - peer: DC1-LEAF1A - peer_interface: Ethernet5 - peer_type: l3leaf - type: underlay_l2 - channel_description: DC1_LEAF1 - channel_group_id: 1 - peer_channel_group_id: 5 - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - Ethernet2: - peer: DC1-LEAF1B - peer_interface: Ethernet5 - peer_type: l3leaf - type: underlay_l2 - channel_description: DC1_LEAF1 - channel_group_id: 1 - peer_channel_group_id: 5 - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - peers: + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_topology_peers: + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF2A: + - DC1-L2LEAF2A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: - DC1-LEAF1A - DC1-LEAF1B - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 -playbook_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/playbooks -ansible_playbook_python: /Users/tgrimonet/.pyenv/versions/3.9.7/envs/arista-avd-demo/bin/python3.9 -ansible_config_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/ansible.cfg + - DC1-LEAF2A + - DC1-LEAF2B +avd_requirements: + failed: false + changed: false +playbook_dir: /home/colin/temp/ansible-avd-cloudvision-demo/playbooks +ansible_playbook_python: /home/colin/act-single-dc/.venv/bin/python3 +ansible_config_file: /home/colin/temp/ansible-avd-cloudvision-demo/ansible.cfg groups: all: - cv_ztp - cv_server - DC1-SPINE1 - DC1-SPINE2 + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A ungrouped: [] CVP: - cv_ztp @@ -677,12 +1235,12 @@ groups: DC1_FABRIC: - DC1-SPINE1 - DC1-SPINE2 + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A DC1_SPINES: - DC1-SPINE1 - DC1-SPINE2 @@ -705,31 +1263,31 @@ groups: DC1_L2LEAF2: - DC1-L2LEAF2A DC1_TENANTS_NETWORKS: + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B + DC1_SERVERS: - DC1-L2LEAF1A - DC1-L2LEAF2A - DC1_SERVERS: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A -omit: __omit_place_holder__977da4f00604c643da39a9f2175c10b09f0b2380 +omit: __omit_place_holder__ab9c18ca0c75d03d3972f5ad58a93aebf5c2084c ansible_version: - string: 2.10.14 - full: 2.10.14 + string: 2.16.3 + full: 2.16.3 major: 2 - minor: 10 - revision: 14 + minor: 16 + revision: 3 ansible_check_mode: false ansible_diff_mode: false ansible_forks: 5 ansible_inventory_sources: -- /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml +- /home/colin/temp/ansible-avd-cloudvision-demo/inventory/inventory.yml ansible_skip_tags: [] ansible_run_tags: - build diff --git a/inventory/intended/structured_configs/DC1-L2LEAF1A.yml b/inventory/intended/structured_configs/DC1-L2LEAF1A.yml index a4079755..92f91f2a 100644 --- a/inventory/intended/structured_configs/DC1-L2LEAF1A.yml +++ b/inventory/intended/structured_configs/DC1-L2LEAF1A.yml @@ -1,14 +1,18 @@ +hostname: DC1-L2LEAF1A +metadata: + platform: vEOS-LAB +is_deployed: true static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 gateway: 10.255.0.1 service_routing_protocols_model: multi-agent -ip_routing: true daemon_terminattr: cvaddrs: - 10.255.0.1:9910 cvauth: method: key + key: '' cvvrf: MGMT smashexcludes: ale,flexCounter,hardware,kni,pulse,strata ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent @@ -18,104 +22,104 @@ vlan_internal_order: range: beginning: 1006 ending: 1199 -name_server: - source: - vrf: MGMT - nodes: - - 192.168.2.1 - - 8.8.8.8 +ip_name_servers: +- ip_address: 192.168.2.1 + vrf: MGMT +- ip_address: 8.8.8.8 + vrf: MGMT spanning_tree: mode: mstp mst_instances: - '0': - priority: 16384 + - id: '0' + priority: 16384 local_users: - admin: - privilege: 15 - role: network-admin - sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 - ansible: - privilege: 15 - role: network-admin - sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ - cvpadmin: - privilege: 15 - role: network-admin - sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +- name: admin + privilege: 15 + role: network-admin + sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 +- name: ansible + privilege: 15 + role: network-admin + sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ +- name: cvpadmin + privilege: 15 + role: network-admin + sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. vrfs: - MGMT: - ip_routing: false +- name: MGMT + ip_routing: false management_interfaces: - Management1: - description: oob_management - shutdown: false - vrf: MGMT - ip_address: 10.255.0.17/24 - gateway: 10.255.0.1 - type: oob +- name: Management1 + description: oob_management + shutdown: false + vrf: MGMT + ip_address: 10.255.0.17/24 + gateway: 10.255.0.1 + type: oob management_api_http: enable_vrfs: - MGMT: {} + - name: MGMT enable_https: true ethernet_interfaces: - Ethernet1: - peer: DC1-LEAF1A - peer_interface: Ethernet5 - peer_type: l3leaf - description: DC1-LEAF1A_Ethernet5 - type: switched - shutdown: false - channel_group: - id: 1 - mode: active - Ethernet2: - peer: DC1-LEAF1B - peer_interface: Ethernet5 - peer_type: l3leaf - description: DC1-LEAF1B_Ethernet5 - type: switched - shutdown: false - channel_group: - id: 1 - mode: active - Ethernet5: - peer: server01 - peer_interface: Eth0 - peer_type: server - description: server01_Eth0 - type: switched - shutdown: false - mode: access - vlans: 110 +- name: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + description: DC1-LEAF1A_Ethernet5 + shutdown: false + type: port-channel-member + channel_group: + id: 1 + mode: active +- name: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + description: DC1-LEAF1B_Ethernet5 + shutdown: false + type: port-channel-member + channel_group: + id: 1 + mode: active +- name: Ethernet5 + peer: server01 + peer_interface: Eth0 + peer_type: server + port_profile: TENANT_A + description: server01_Eth0 + shutdown: false + type: switched + mode: access + vlans: '110' port_channel_interfaces: - Port-Channel1: - description: DC1_LEAF1_Po5 - type: switched - shutdown: false - vlans: 110-112,120-121,130-131 - mode: trunk +- name: Port-Channel1 + description: DC1_LEAF1_Po5 + type: switched + shutdown: false + mode: trunk + vlans: 110-112,120-121,130-131 vlans: - 130: - tenant: Tenant_A - name: Tenant_A_APP_Zone_1 - 131: - tenant: Tenant_A - name: Tenant_A_APP_Zone_2 - 110: - tenant: Tenant_A - name: Tenant_A_OP_Zone_1 - 111: - tenant: Tenant_A - name: Tenant_A_OP_Zone_2 - 112: - tenant: Tenant_A - name: Tenant_A_OP_Zone_3 - 120: - tenant: Tenant_A - name: Tenant_A_WEB_Zone_1 - 121: - tenant: Tenant_A - name: Tenant_A_WEBZone_2 +- id: 130 + name: Tenant_A_APP_Zone_1 + tenant: Tenant_A +- id: 131 + name: Tenant_A_APP_Zone_2 + tenant: Tenant_A +- id: 110 + name: Tenant_A_OP_Zone_1 + tenant: Tenant_A +- id: 111 + name: Tenant_A_OP_Zone_2 + tenant: Tenant_A +- id: 112 + name: Tenant_A_OP_Zone_3 + tenant: Tenant_A +- id: 120 + name: Tenant_A_WEB_Zone_1 + tenant: Tenant_A +- id: 121 + name: Tenant_A_WEBZone_2 + tenant: Tenant_A ip_igmp_snooping: globally_enabled: true ntp: diff --git a/inventory/intended/structured_configs/DC1-L2LEAF2A-debug-vars.yml b/inventory/intended/structured_configs/DC1-L2LEAF2A-debug-vars.yml index c9c4dc98..c6e6a7ed 100644 --- a/inventory/intended/structured_configs/DC1-L2LEAF2A-debug-vars.yml +++ b/inventory/intended/structured_configs/DC1-L2LEAF2A-debug-vars.yml @@ -20,7 +20,8 @@ local_users: privilege: 15 role: network-admin sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -cvp_instance_ip: 10.255.0.1 +cvp_instance_ips: +- 10.255.0.1 cvp_ingestauth_key: '' mgmt_interface: Management1 mgmt_interface_vrf: MGMT @@ -39,13 +40,13 @@ custom_structured_configuration_ntp: - name: 1.fr.pool.ntp.org vrf: MGMT fabric_name: DC1_FABRIC -vxlan_vlan_aware_bundles: true +evpn_vlan_aware_bundles: true bgp_peer_groups: - IPv4_UNDERLAY_PEERS: + ipv4_underlay_peers: password: AQQvKeimxJu+uGQ/yYvv9w== - EVPN_OVERLAY_PEERS: + evpn_overlay_peers: password: q+VNViP5i4rVjW1cxFv2wA== - MLAG_IPv4_UNDERLAY_PEER: + mlag_ipv4_underlay_peer: password: vnEaG8gMeQf3d3cN6PktXQ== spine: defaults: @@ -197,8 +198,7 @@ servers: server01: rack: RackA adapters: - - type: nic - server_ports: + - endpoint_ports: - Eth0 switch_ports: - Ethernet5 @@ -208,8 +208,7 @@ servers: server02: rack: RackA adapters: - - type: nic - server_ports: + - endpoint_ports: - Eth0 switch_ports: - Ethernet5 @@ -255,7 +254,7 @@ tenants: - web - erp1 enabled: true - ip_subnet: 10.1.20.0/24 + ip_address_virtual: 10.1.20.1/24 121: name: Tenant_A_WEBZone_2 tags: @@ -271,7 +270,7 @@ tenants: - app - erp1 enabled: true - ip_subnet: 10.1.30.0/24 + ip_address_virtual: 10.1.30.1/24 131: name: Tenant_A_APP_Zone_2 tags: @@ -324,7 +323,7 @@ tenants: tags: - opzone enabled: true - ip_subnet: 10.2.10.0/24 + ip_address_virtual: 10.2.10.1/24 211: name: Tenant_B_OP_Zone_2 tags: @@ -351,13 +350,13 @@ tenants: tags: - opzone enabled: true - ip_subnet: 10.3.10.0/24 + ip_address_virtual: 10.3.10.1/24 311: name: Tenant_C_OP_Zone_2 tags: - opzone enabled: true - ip_subnet: 10.3.11.1/24 + ip_address_virtual: 10.3.11.1/24 Tenant_C_WAN_Zone: vrf_vni: 31 svis: @@ -366,9 +365,9 @@ tenants: tags: - wan enabled: true - ip_subnet: 10.3.50.1/24 -inventory_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml -inventory_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory + ip_address_virtual: 10.3.50.1/24 +inventory_file: /home/colin/temp/ansible-avd-cloudvision-demo/inventory/inventory.yml +inventory_dir: /home/colin/temp/ansible-avd-cloudvision-demo/inventory ansible_host: 10.255.0.18 inventory_hostname: DC1-L2LEAF2A inventory_hostname_short: DC1-L2LEAF2A @@ -380,287 +379,846 @@ group_names: - DC1_SERVERS - DC1_TENANTS_NETWORKS ansible_facts: - switch: - type: l2leaf - node_type_key: l2leaf - connected_endpoints: true - default_evpn_role: none - mlag_support: true - network_services_l2: true - network_services_l3: false - underlay_router: false - uplink_type: port-channel - vtep: false - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_L2LEAF2 - id: 7 - mgmt_ip: 10.255.0.18/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - Tenant_A - filter_tags: - - opzone - - web - - app - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: + avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF1A + - DC1-LEAF1B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF2A + - DC1-LEAF2B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - uplink_switch_interfaces: - - Ethernet5 - - Ethernet5 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - mlag: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: [] - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - topology: - links: - Ethernet1: + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + avd_topology_peers: + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF2A: + - DC1-L2LEAF2A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF1A + - DC1-LEAF1B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 peer: DC1-LEAF2A peer_interface: Ethernet5 peer_type: l3leaf + peer_is_deployed: true type: underlay_l2 channel_description: DC1_LEAF2 - channel_group_id: 1 - peer_channel_group_id: 5 - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - Ethernet2: + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 peer: DC1-LEAF2B peer_interface: Ethernet5 peer_type: l3leaf + peer_is_deployed: true type: underlay_l2 channel_description: DC1_LEAF2 - channel_group_id: 1 - peer_channel_group_id: 5 - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - peers: - - DC1-LEAF2A - - DC1-LEAF2B - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 -switch: - type: l2leaf - node_type_key: l2leaf - connected_endpoints: true - default_evpn_role: none - mlag_support: true - network_services_l2: true - network_services_l3: false - underlay_router: false - uplink_type: port-channel - vtep: false - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_L2LEAF2 - id: 7 - mgmt_ip: 10.255.0.18/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - Tenant_A - filter_tags: - - opzone - - web - - app - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF2A + - DC1-LEAF2B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] +avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_topology_peers: + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF2A: + - DC1-L2LEAF2A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - uplink_switch_interfaces: - - Ethernet5 - - Ethernet5 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - mlag: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: [] - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 -topology: - links: - Ethernet1: - peer: DC1-LEAF2A - peer_interface: Ethernet5 - peer_type: l3leaf - type: underlay_l2 - channel_description: DC1_LEAF2 - channel_group_id: 1 - peer_channel_group_id: 5 - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - Ethernet2: - peer: DC1-LEAF2B - peer_interface: Ethernet5 - peer_type: l3leaf - type: underlay_l2 - channel_description: DC1_LEAF2 - channel_group_id: 1 - peer_channel_group_id: 5 - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - peers: + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 -playbook_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/playbooks -ansible_playbook_python: /Users/tgrimonet/.pyenv/versions/3.9.7/envs/arista-avd-demo/bin/python3.9 -ansible_config_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/ansible.cfg +avd_requirements: + failed: false + changed: false +playbook_dir: /home/colin/temp/ansible-avd-cloudvision-demo/playbooks +ansible_playbook_python: /home/colin/act-single-dc/.venv/bin/python3 +ansible_config_file: /home/colin/temp/ansible-avd-cloudvision-demo/ansible.cfg groups: all: - cv_ztp - cv_server - DC1-SPINE1 - DC1-SPINE2 + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A ungrouped: [] CVP: - cv_ztp @@ -677,12 +1235,12 @@ groups: DC1_FABRIC: - DC1-SPINE1 - DC1-SPINE2 + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A DC1_SPINES: - DC1-SPINE1 - DC1-SPINE2 @@ -705,31 +1263,31 @@ groups: DC1_L2LEAF2: - DC1-L2LEAF2A DC1_TENANTS_NETWORKS: + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B + DC1_SERVERS: - DC1-L2LEAF1A - DC1-L2LEAF2A - DC1_SERVERS: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A -omit: __omit_place_holder__977da4f00604c643da39a9f2175c10b09f0b2380 +omit: __omit_place_holder__ab9c18ca0c75d03d3972f5ad58a93aebf5c2084c ansible_version: - string: 2.10.14 - full: 2.10.14 + string: 2.16.3 + full: 2.16.3 major: 2 - minor: 10 - revision: 14 + minor: 16 + revision: 3 ansible_check_mode: false ansible_diff_mode: false ansible_forks: 5 ansible_inventory_sources: -- /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml +- /home/colin/temp/ansible-avd-cloudvision-demo/inventory/inventory.yml ansible_skip_tags: [] ansible_run_tags: - build diff --git a/inventory/intended/structured_configs/DC1-L2LEAF2A.yml b/inventory/intended/structured_configs/DC1-L2LEAF2A.yml index 4140ad92..1ff5ca91 100644 --- a/inventory/intended/structured_configs/DC1-L2LEAF2A.yml +++ b/inventory/intended/structured_configs/DC1-L2LEAF2A.yml @@ -1,14 +1,18 @@ +hostname: DC1-L2LEAF2A +metadata: + platform: vEOS-LAB +is_deployed: true static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 gateway: 10.255.0.1 service_routing_protocols_model: multi-agent -ip_routing: true daemon_terminattr: cvaddrs: - 10.255.0.1:9910 cvauth: method: key + key: '' cvvrf: MGMT smashexcludes: ale,flexCounter,hardware,kni,pulse,strata ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent @@ -18,104 +22,104 @@ vlan_internal_order: range: beginning: 1006 ending: 1199 -name_server: - source: - vrf: MGMT - nodes: - - 192.168.2.1 - - 8.8.8.8 +ip_name_servers: +- ip_address: 192.168.2.1 + vrf: MGMT +- ip_address: 8.8.8.8 + vrf: MGMT spanning_tree: mode: mstp mst_instances: - '0': - priority: 16384 + - id: '0' + priority: 16384 local_users: - admin: - privilege: 15 - role: network-admin - sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 - ansible: - privilege: 15 - role: network-admin - sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ - cvpadmin: - privilege: 15 - role: network-admin - sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +- name: admin + privilege: 15 + role: network-admin + sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 +- name: ansible + privilege: 15 + role: network-admin + sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ +- name: cvpadmin + privilege: 15 + role: network-admin + sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. vrfs: - MGMT: - ip_routing: false +- name: MGMT + ip_routing: false management_interfaces: - Management1: - description: oob_management - shutdown: false - vrf: MGMT - ip_address: 10.255.0.18/24 - gateway: 10.255.0.1 - type: oob +- name: Management1 + description: oob_management + shutdown: false + vrf: MGMT + ip_address: 10.255.0.18/24 + gateway: 10.255.0.1 + type: oob management_api_http: enable_vrfs: - MGMT: {} + - name: MGMT enable_https: true ethernet_interfaces: - Ethernet1: - peer: DC1-LEAF2A - peer_interface: Ethernet5 - peer_type: l3leaf - description: DC1-LEAF2A_Ethernet5 - type: switched - shutdown: false - channel_group: - id: 1 - mode: active - Ethernet2: - peer: DC1-LEAF2B - peer_interface: Ethernet5 - peer_type: l3leaf - description: DC1-LEAF2B_Ethernet5 - type: switched - shutdown: false - channel_group: - id: 1 - mode: active - Ethernet5: - peer: server02 - peer_interface: Eth0 - peer_type: server - description: server02_Eth0 - type: switched - shutdown: false - mode: access - vlans: 110 +- name: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + description: DC1-LEAF2A_Ethernet5 + shutdown: false + type: port-channel-member + channel_group: + id: 1 + mode: active +- name: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + description: DC1-LEAF2B_Ethernet5 + shutdown: false + type: port-channel-member + channel_group: + id: 1 + mode: active +- name: Ethernet5 + peer: server02 + peer_interface: Eth0 + peer_type: server + port_profile: TENANT_A + description: server02_Eth0 + shutdown: false + type: switched + mode: access + vlans: '110' port_channel_interfaces: - Port-Channel1: - description: DC1_LEAF2_Po5 - type: switched - shutdown: false - vlans: 110-112,120-121,130-131 - mode: trunk +- name: Port-Channel1 + description: DC1_LEAF2_Po5 + type: switched + shutdown: false + mode: trunk + vlans: 110-112,120-121,130-131 vlans: - 130: - tenant: Tenant_A - name: Tenant_A_APP_Zone_1 - 131: - tenant: Tenant_A - name: Tenant_A_APP_Zone_2 - 110: - tenant: Tenant_A - name: Tenant_A_OP_Zone_1 - 111: - tenant: Tenant_A - name: Tenant_A_OP_Zone_2 - 112: - tenant: Tenant_A - name: Tenant_A_OP_Zone_3 - 120: - tenant: Tenant_A - name: Tenant_A_WEB_Zone_1 - 121: - tenant: Tenant_A - name: Tenant_A_WEBZone_2 +- id: 130 + name: Tenant_A_APP_Zone_1 + tenant: Tenant_A +- id: 131 + name: Tenant_A_APP_Zone_2 + tenant: Tenant_A +- id: 110 + name: Tenant_A_OP_Zone_1 + tenant: Tenant_A +- id: 111 + name: Tenant_A_OP_Zone_2 + tenant: Tenant_A +- id: 112 + name: Tenant_A_OP_Zone_3 + tenant: Tenant_A +- id: 120 + name: Tenant_A_WEB_Zone_1 + tenant: Tenant_A +- id: 121 + name: Tenant_A_WEBZone_2 + tenant: Tenant_A ip_igmp_snooping: globally_enabled: true ntp: diff --git a/inventory/intended/structured_configs/DC1-LEAF1A-debug-vars.yml b/inventory/intended/structured_configs/DC1-LEAF1A-debug-vars.yml index e7330892..81c96bd7 100644 --- a/inventory/intended/structured_configs/DC1-LEAF1A-debug-vars.yml +++ b/inventory/intended/structured_configs/DC1-LEAF1A-debug-vars.yml @@ -20,7 +20,8 @@ local_users: privilege: 15 role: network-admin sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -cvp_instance_ip: 10.255.0.1 +cvp_instance_ips: +- 10.255.0.1 cvp_ingestauth_key: '' mgmt_interface: Management1 mgmt_interface_vrf: MGMT @@ -39,13 +40,13 @@ custom_structured_configuration_ntp: - name: 1.fr.pool.ntp.org vrf: MGMT fabric_name: DC1_FABRIC -vxlan_vlan_aware_bundles: true +evpn_vlan_aware_bundles: true bgp_peer_groups: - IPv4_UNDERLAY_PEERS: + ipv4_underlay_peers: password: AQQvKeimxJu+uGQ/yYvv9w== - EVPN_OVERLAY_PEERS: + evpn_overlay_peers: password: q+VNViP5i4rVjW1cxFv2wA== - MLAG_IPv4_UNDERLAY_PEER: + mlag_ipv4_underlay_peer: password: vnEaG8gMeQf3d3cN6PktXQ== spine: defaults: @@ -197,8 +198,7 @@ servers: server01: rack: RackA adapters: - - type: nic - server_ports: + - endpoint_ports: - Eth0 switch_ports: - Ethernet5 @@ -208,8 +208,7 @@ servers: server02: rack: RackA adapters: - - type: nic - server_ports: + - endpoint_ports: - Eth0 switch_ports: - Ethernet5 @@ -255,7 +254,7 @@ tenants: - web - erp1 enabled: true - ip_subnet: 10.1.20.0/24 + ip_address_virtual: 10.1.20.1/24 121: name: Tenant_A_WEBZone_2 tags: @@ -271,7 +270,7 @@ tenants: - app - erp1 enabled: true - ip_subnet: 10.1.30.0/24 + ip_address_virtual: 10.1.30.1/24 131: name: Tenant_A_APP_Zone_2 tags: @@ -324,7 +323,7 @@ tenants: tags: - opzone enabled: true - ip_subnet: 10.2.10.0/24 + ip_address_virtual: 10.2.10.1/24 211: name: Tenant_B_OP_Zone_2 tags: @@ -351,13 +350,13 @@ tenants: tags: - opzone enabled: true - ip_subnet: 10.3.10.0/24 + ip_address_virtual: 10.3.10.1/24 311: name: Tenant_C_OP_Zone_2 tags: - opzone enabled: true - ip_subnet: 10.3.11.1/24 + ip_address_virtual: 10.3.11.1/24 Tenant_C_WAN_Zone: vrf_vni: 31 svis: @@ -366,9 +365,9 @@ tenants: tags: - wan enabled: true - ip_subnet: 10.3.50.1/24 -inventory_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml -inventory_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory + ip_address_virtual: 10.3.50.1/24 +inventory_file: /home/colin/temp/ansible-avd-cloudvision-demo/inventory/inventory.yml +inventory_dir: /home/colin/temp/ansible-avd-cloudvision-demo/inventory ansible_host: 10.255.0.13 inventory_hostname: DC1-LEAF1A inventory_hostname_short: DC1-LEAF1A @@ -380,423 +379,846 @@ group_names: - DC1_SERVERS - DC1_TENANTS_NETWORKS ansible_facts: - switch: - type: l3leaf - node_type_key: l3leaf - connected_endpoints: true - default_evpn_role: client - mlag_support: true - network_services_l2: true - network_services_l3: true - underlay_router: true - uplink_type: p2p - vtep: true - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_LEAF1 - id: 1 - mgmt_ip: 10.255.0.13/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - all - filter_tags: - - all - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - virtual_router_mac_address: 00:1c:73:00:dc:01 - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: - - DC1-SPINE1 - - DC1-SPINE2 - uplink_switch_interfaces: - - Ethernet1 - - Ethernet1 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 2 - uplink_ipv4_pool: 172.31.255.0/24 - router_id: 192.168.255.3 - bgp_as: '65101' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: client - evpn_route_servers: - - DC1-SPINE1 - - DC1-SPINE2 - mlag: true - mlag_group: DC1_LEAF1 - mlag_ibgp_origin_incomplete: true - mlag_peer_vlan: 4094 - mlag_dual_primary_detection: false - mlag_interfaces: - - Ethernet3 - - Ethernet4 - mlag_l3: true - mlag_peer_l3_vlan: 4093 - mlag_role: primary - mlag_peer: DC1-LEAF1B - mlag_peer_mgmt_ip: 10.255.0.14 - mlag_ip: 10.255.252.0 - mlag_peer_ip: 10.255.252.1 - mlag_l3_ip: 10.255.251.0 - mlag_peer_l3_ip: 10.255.251.1 - vtep_loopback_ipv4_pool: 192.168.254.0/24 - vtep_loopback: Loopback1 - vtep_ip: 192.168.254.3 - evpn_services_l2_only: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_DB_Zone: - svis: - - 140 - - 141 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WAN_Zone: - svis: - - 150 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: - - 160 - - 161 - Tenant_B: - vrfs: - Tenant_B_OP_Zone: - svis: - - 210 - - 211 - Tenant_B_WAN_Zone: - svis: - - 250 - l2vlans: [] - Tenant_C: - vrfs: - Tenant_C_OP_Zone: - svis: - - 310 - - 311 - Tenant_C_WAN_Zone: - svis: - - 350 - l2vlans: [] - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 - topology: - links: - Ethernet1: + avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF1A + - DC1-LEAF1B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF2A + - DC1-LEAF2B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + avd_topology_peers: + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF2A: + - DC1-L2LEAF2A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF1A + - DC1-LEAF1B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF2A + - DC1-LEAF2B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 peer: DC1-SPINE1 peer_interface: Ethernet1 peer_type: spine + peer_is_deployed: true peer_bgp_as: '65001' type: underlay_p2p ip_address: 172.31.255.1 peer_ip_address: 172.31.255.0 - Ethernet2: + - interface: Ethernet2 peer: DC1-SPINE2 peer_interface: Ethernet1 peer_type: spine + peer_is_deployed: true peer_bgp_as: '65001' type: underlay_p2p ip_address: 172.31.255.3 peer_ip_address: 172.31.255.2 - peers: - - DC1-SPINE1 - - DC1-SPINE2 - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -switch: - type: l3leaf - node_type_key: l3leaf - connected_endpoints: true - default_evpn_role: client - mlag_support: true - network_services_l2: true - network_services_l3: true - underlay_router: true - uplink_type: p2p - vtep: true - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_LEAF1 - id: 1 - mgmt_ip: 10.255.0.13/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - all - filter_tags: - - all - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - virtual_router_mac_address: 00:1c:73:00:dc:01 - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: - - DC1-SPINE1 - - DC1-SPINE2 - uplink_switch_interfaces: - - Ethernet1 - - Ethernet1 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 2 - uplink_ipv4_pool: 172.31.255.0/24 - router_id: 192.168.255.3 - bgp_as: '65101' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: client - evpn_route_servers: - - DC1-SPINE1 - - DC1-SPINE2 - mlag: true - mlag_group: DC1_LEAF1 - mlag_ibgp_origin_incomplete: true - mlag_peer_vlan: 4094 - mlag_dual_primary_detection: false - mlag_interfaces: - - Ethernet3 - - Ethernet4 - mlag_l3: true - mlag_peer_l3_vlan: 4093 - mlag_role: primary - mlag_peer: DC1-LEAF1B - mlag_peer_mgmt_ip: 10.255.0.14 - mlag_ip: 10.255.252.0 - mlag_peer_ip: 10.255.252.1 - mlag_l3_ip: 10.255.251.0 - mlag_peer_l3_ip: 10.255.251.1 - vtep_loopback_ipv4_pool: 192.168.254.0/24 - vtep_loopback: Loopback1 - vtep_ip: 192.168.254.3 - evpn_services_l2_only: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_DB_Zone: - svis: - - 140 - - 141 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WAN_Zone: - svis: - - 150 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: - - 160 - - 161 - Tenant_B: - vrfs: - Tenant_B_OP_Zone: - svis: - - 210 - - 211 - Tenant_B_WAN_Zone: - svis: - - 250 - l2vlans: [] - Tenant_C: - vrfs: - Tenant_C_OP_Zone: - svis: - - 310 - - 311 - Tenant_C_WAN_Zone: - svis: - - 350 - l2vlans: [] - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -topology: - links: - Ethernet1: - peer: DC1-SPINE1 - peer_interface: Ethernet1 - peer_type: spine - peer_bgp_as: '65001' - type: underlay_p2p - ip_address: 172.31.255.1 - peer_ip_address: 172.31.255.0 - Ethernet2: - peer: DC1-SPINE2 - peer_interface: Ethernet1 - peer_type: spine - peer_bgp_as: '65001' - type: underlay_p2p - ip_address: 172.31.255.3 - peer_ip_address: 172.31.255.2 - peers: - - DC1-SPINE1 - - DC1-SPINE2 - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -playbook_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/playbooks -ansible_playbook_python: /Users/tgrimonet/.pyenv/versions/3.9.7/envs/arista-avd-demo/bin/python3.9 -ansible_config_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/ansible.cfg + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] +avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_topology_peers: + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF2A: + - DC1-L2LEAF2A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_requirements: + failed: false + changed: false +playbook_dir: /home/colin/temp/ansible-avd-cloudvision-demo/playbooks +ansible_playbook_python: /home/colin/act-single-dc/.venv/bin/python3 +ansible_config_file: /home/colin/temp/ansible-avd-cloudvision-demo/ansible.cfg groups: all: - cv_ztp - cv_server - DC1-SPINE1 - DC1-SPINE2 + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A ungrouped: [] CVP: - cv_ztp @@ -813,12 +1235,12 @@ groups: DC1_FABRIC: - DC1-SPINE1 - DC1-SPINE2 + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A DC1_SPINES: - DC1-SPINE1 - DC1-SPINE2 @@ -841,31 +1263,31 @@ groups: DC1_L2LEAF2: - DC1-L2LEAF2A DC1_TENANTS_NETWORKS: + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B + DC1_SERVERS: - DC1-L2LEAF1A - DC1-L2LEAF2A - DC1_SERVERS: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A -omit: __omit_place_holder__977da4f00604c643da39a9f2175c10b09f0b2380 +omit: __omit_place_holder__ab9c18ca0c75d03d3972f5ad58a93aebf5c2084c ansible_version: - string: 2.10.14 - full: 2.10.14 + string: 2.16.3 + full: 2.16.3 major: 2 - minor: 10 - revision: 14 + minor: 16 + revision: 3 ansible_check_mode: false ansible_diff_mode: false ansible_forks: 5 ansible_inventory_sources: -- /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml +- /home/colin/temp/ansible-avd-cloudvision-demo/inventory/inventory.yml ansible_skip_tags: [] ansible_run_tags: - build diff --git a/inventory/intended/structured_configs/DC1-LEAF1A.yml b/inventory/intended/structured_configs/DC1-LEAF1A.yml index f75c5c94..36458a12 100644 --- a/inventory/intended/structured_configs/DC1-LEAF1A.yml +++ b/inventory/intended/structured_configs/DC1-LEAF1A.yml @@ -1,3 +1,7 @@ +hostname: DC1-LEAF1A +metadata: + platform: vEOS-LAB +is_deployed: true router_bgp: as: '65101' router_id: 192.168.255.3 @@ -6,291 +10,340 @@ router_bgp: - distance bgp 20 200 200 - graceful-restart restart-time 300 - graceful-restart - - maximum-paths 4 ecmp 4 + bgp: + default: + ipv4_unicast: false + maximum_paths: + paths: 4 + ecmp: 4 + updates: + wait_install: true peer_groups: - MLAG-IPv4-UNDERLAY-PEER: - type: ipv4 - remote_as: '65101' - next_hop_self: true - password: vnEaG8gMeQf3d3cN6PktXQ== - maximum_routes: 12000 - send_community: all - route_map_in: RM-MLAG-PEER-IN - IPv4-UNDERLAY-PEERS: - type: ipv4 - password: AQQvKeimxJu+uGQ/yYvv9w== - maximum_routes: 12000 - send_community: all - EVPN-OVERLAY-PEERS: - type: evpn - update_source: Loopback0 - bfd: true - ebgp_multihop: '3' - password: q+VNViP5i4rVjW1cxFv2wA== - send_community: all - maximum_routes: 0 + - name: MLAG-IPv4-UNDERLAY-PEER + type: ipv4 + remote_as: '65101' + next_hop_self: true + description: DC1-LEAF1B + password: vnEaG8gMeQf3d3cN6PktXQ== + maximum_routes: 12000 + send_community: all + route_map_in: RM-MLAG-PEER-IN + - name: IPv4-UNDERLAY-PEERS + type: ipv4 + password: AQQvKeimxJu+uGQ/yYvv9w== + maximum_routes: 12000 + send_community: all + - name: EVPN-OVERLAY-PEERS + type: evpn + update_source: Loopback0 + bfd: true + password: q+VNViP5i4rVjW1cxFv2wA== + send_community: all + maximum_routes: 0 + ebgp_multihop: 3 address_family_ipv4: peer_groups: - MLAG-IPv4-UNDERLAY-PEER: - activate: true - IPv4-UNDERLAY-PEERS: - activate: true - EVPN-OVERLAY-PEERS: - activate: false + - name: MLAG-IPv4-UNDERLAY-PEER + activate: true + - name: IPv4-UNDERLAY-PEERS + activate: true + - name: EVPN-OVERLAY-PEERS + activate: false neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - description: DC1-LEAF1B - 172.31.255.0: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65001' - description: DC1-SPINE1_Ethernet1 - 172.31.255.2: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65001' - description: DC1-SPINE2_Ethernet1 - 192.168.255.1: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-SPINE1 - remote_as: '65001' - 192.168.255.2: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-SPINE2 - remote_as: '65001' + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + peer: DC1-LEAF1B + description: DC1-LEAF1B + - ip_address: 172.31.255.0 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65001' + peer: DC1-SPINE1 + description: DC1-SPINE1_Ethernet1 + - ip_address: 172.31.255.2 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65001' + peer: DC1-SPINE2 + description: DC1-SPINE2_Ethernet1 + - ip_address: 192.168.255.1 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-SPINE1 + description: DC1-SPINE1 + remote_as: '65001' + - ip_address: 192.168.255.2 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-SPINE2 + description: DC1-SPINE2 + remote_as: '65001' redistribute_routes: - connected: - route_map: RM-CONN-2-BGP + - source_protocol: connected + route_map: RM-CONN-2-BGP address_family_evpn: peer_groups: - EVPN-OVERLAY-PEERS: - activate: true + - name: EVPN-OVERLAY-PEERS + activate: true vrfs: - Tenant_A_APP_Zone: - router_id: 192.168.255.3 - rd: 192.168.255.3:12 - route_targets: - import: - evpn: - - '12:12' - export: - evpn: - - '12:12' - neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_DB_Zone: - router_id: 192.168.255.3 - rd: 192.168.255.3:13 - route_targets: - import: - evpn: - - '13:13' - export: - evpn: - - '13:13' - neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_OP_Zone: - router_id: 192.168.255.3 - rd: 192.168.255.3:10 - route_targets: - import: - evpn: - - '10:10' - export: - evpn: - - '10:10' - neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_WAN_Zone: - router_id: 192.168.255.3 - rd: 192.168.255.3:14 - route_targets: - import: - evpn: - - '14:14' - export: - evpn: - - '14:14' - neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_WEB_Zone: - router_id: 192.168.255.3 - rd: 192.168.255.3:11 - route_targets: - import: - evpn: - - '11:11' - export: - evpn: - - '11:11' - neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_B_OP_Zone: - router_id: 192.168.255.3 - rd: 192.168.255.3:20 - route_targets: - import: - evpn: - - '20:20' - export: - evpn: - - '20:20' - neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_B_WAN_Zone: - router_id: 192.168.255.3 - rd: 192.168.255.3:21 - route_targets: - import: - evpn: - - '21:21' - export: - evpn: - - '21:21' - neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_C_OP_Zone: - router_id: 192.168.255.3 - rd: 192.168.255.3:30 - route_targets: - import: - evpn: - - '30:30' - export: - evpn: - - '30:30' - neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_C_WAN_Zone: - router_id: 192.168.255.3 - rd: 192.168.255.3:31 - route_targets: - import: - evpn: - - '31:31' - export: - evpn: - - '31:31' - neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - vlan_aware_bundles: - Tenant_A_APP_Zone: - rd: 192.168.255.3:12 - route_targets: - both: + - name: Tenant_A_APP_Zone + router_id: 192.168.255.3 + rd: 192.168.255.3:12 + route_targets: + import: + - address_family: evpn + route_targets: + - '12:12' + export: + - address_family: evpn + route_targets: - '12:12' - redistribute_routes: - - learned - vlan: 130-131 - Tenant_A_DB_Zone: - rd: 192.168.255.3:13 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_A_DB_Zone + router_id: 192.168.255.3 + rd: 192.168.255.3:13 + route_targets: + import: + - address_family: evpn + route_targets: + - '13:13' + export: + - address_family: evpn + route_targets: - '13:13' - redistribute_routes: - - learned - vlan: 140-141 - Tenant_A_OP_Zone: - rd: 192.168.255.3:10 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_A_OP_Zone + router_id: 192.168.255.3 + rd: 192.168.255.3:10 + route_targets: + import: + - address_family: evpn + route_targets: + - '10:10' + export: + - address_family: evpn + route_targets: - '10:10' - redistribute_routes: - - learned - vlan: 110-112 - Tenant_A_WAN_Zone: - rd: 192.168.255.3:14 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_A_WAN_Zone + router_id: 192.168.255.3 + rd: 192.168.255.3:14 + route_targets: + import: + - address_family: evpn + route_targets: - '14:14' - redistribute_routes: - - learned - vlan: 150 - Tenant_A_WEB_Zone: - rd: 192.168.255.3:11 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '14:14' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_A_WEB_Zone + router_id: 192.168.255.3 + rd: 192.168.255.3:11 + route_targets: + import: + - address_family: evpn + route_targets: - '11:11' - redistribute_routes: - - learned - vlan: 120-121 - Tenant_A_VMOTION: - tenant: Tenant_A - rd: 192.168.255.3:55160 - route_targets: - both: - - 55160:55160 - redistribute_routes: - - learned - vlan: 160 - Tenant_A_NFS: - tenant: Tenant_A - rd: 192.168.255.3:10161 - route_targets: - both: - - 10161:10161 - redistribute_routes: - - learned - vlan: 161 - Tenant_B_OP_Zone: - rd: 192.168.255.3:20 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '11:11' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_B_OP_Zone + router_id: 192.168.255.3 + rd: 192.168.255.3:20 + route_targets: + import: + - address_family: evpn + route_targets: - '20:20' - redistribute_routes: - - learned - vlan: 210-211 - Tenant_B_WAN_Zone: - rd: 192.168.255.3:21 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '20:20' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_B_WAN_Zone + router_id: 192.168.255.3 + rd: 192.168.255.3:21 + route_targets: + import: + - address_family: evpn + route_targets: - '21:21' - redistribute_routes: - - learned - vlan: 250 - Tenant_C_OP_Zone: - rd: 192.168.255.3:30 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '21:21' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_C_OP_Zone + router_id: 192.168.255.3 + rd: 192.168.255.3:30 + route_targets: + import: + - address_family: evpn + route_targets: + - '30:30' + export: + - address_family: evpn + route_targets: - '30:30' - redistribute_routes: - - learned - vlan: 310-311 - Tenant_C_WAN_Zone: - rd: 192.168.255.3:31 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_C_WAN_Zone + router_id: 192.168.255.3 + rd: 192.168.255.3:31 + route_targets: + import: + - address_family: evpn + route_targets: + - '31:31' + export: + - address_family: evpn + route_targets: - '31:31' - redistribute_routes: - - learned - vlan: 350 + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + vlan_aware_bundles: + - name: Tenant_A_APP_Zone + rd: 192.168.255.3:12 + route_targets: + both: + - '12:12' + redistribute_routes: + - learned + vlan: 130-131 + - name: Tenant_A_DB_Zone + rd: 192.168.255.3:13 + route_targets: + both: + - '13:13' + redistribute_routes: + - learned + vlan: 140-141 + - name: Tenant_A_OP_Zone + rd: 192.168.255.3:10 + route_targets: + both: + - '10:10' + redistribute_routes: + - learned + vlan: 110-112 + - name: Tenant_A_WAN_Zone + rd: 192.168.255.3:14 + route_targets: + both: + - '14:14' + redistribute_routes: + - learned + vlan: '150' + - name: Tenant_A_WEB_Zone + rd: 192.168.255.3:11 + route_targets: + both: + - '11:11' + redistribute_routes: + - learned + vlan: 120-121 + - name: Tenant_A_NFS + tenant: Tenant_A + rd: 192.168.255.3:10161 + route_targets: + both: + - 10161:10161 + redistribute_routes: + - learned + vlan: '161' + - name: Tenant_A_VMOTION + tenant: Tenant_A + rd: 192.168.255.3:55160 + route_targets: + both: + - 55160:55160 + redistribute_routes: + - learned + vlan: '160' + - name: Tenant_B_OP_Zone + rd: 192.168.255.3:20 + route_targets: + both: + - '20:20' + redistribute_routes: + - learned + vlan: 210-211 + - name: Tenant_B_WAN_Zone + rd: 192.168.255.3:21 + route_targets: + both: + - '21:21' + redistribute_routes: + - learned + vlan: '250' + - name: Tenant_C_OP_Zone + rd: 192.168.255.3:30 + route_targets: + both: + - '30:30' + redistribute_routes: + - learned + vlan: 310-311 + - name: Tenant_C_WAN_Zone + rd: 192.168.255.3:31 + route_targets: + both: + - '31:31' + redistribute_routes: + - learned + vlan: '350' static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 @@ -302,6 +355,7 @@ daemon_terminattr: - 10.255.0.1:9910 cvauth: method: key + key: '' cvvrf: MGMT smashexcludes: ale,flexCounter,hardware,kni,pulse,strata ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent @@ -311,501 +365,504 @@ vlan_internal_order: range: beginning: 1006 ending: 1199 -name_server: - source: - vrf: MGMT - nodes: - - 192.168.2.1 - - 8.8.8.8 +ip_name_servers: +- ip_address: 192.168.2.1 + vrf: MGMT +- ip_address: 8.8.8.8 + vrf: MGMT spanning_tree: mode: mstp mst_instances: - '0': - priority: 16384 + - id: '0' + priority: 16384 no_spanning_tree_vlan: 4093-4094 local_users: - admin: - privilege: 15 - role: network-admin - sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 - ansible: - privilege: 15 - role: network-admin - sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ - cvpadmin: - privilege: 15 - role: network-admin - sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +- name: admin + privilege: 15 + role: network-admin + sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 +- name: ansible + privilege: 15 + role: network-admin + sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ +- name: cvpadmin + privilege: 15 + role: network-admin + sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. vrfs: - MGMT: - ip_routing: false - Tenant_A_APP_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_DB_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_OP_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_WAN_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_WEB_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_B_OP_Zone: - tenant: Tenant_B - ip_routing: true - Tenant_B_WAN_Zone: - tenant: Tenant_B - ip_routing: true - Tenant_C_OP_Zone: - tenant: Tenant_C - ip_routing: true - Tenant_C_WAN_Zone: - tenant: Tenant_C - ip_routing: true +- name: MGMT + ip_routing: false +- name: Tenant_A_APP_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_DB_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_OP_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_WAN_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_WEB_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_B_OP_Zone + tenant: Tenant_B + ip_routing: true +- name: Tenant_B_WAN_Zone + tenant: Tenant_B + ip_routing: true +- name: Tenant_C_OP_Zone + tenant: Tenant_C + ip_routing: true +- name: Tenant_C_WAN_Zone + tenant: Tenant_C + ip_routing: true management_interfaces: - Management1: - description: oob_management - shutdown: false - vrf: MGMT - ip_address: 10.255.0.13/24 - gateway: 10.255.0.1 - type: oob +- name: Management1 + description: oob_management + shutdown: false + vrf: MGMT + ip_address: 10.255.0.13/24 + gateway: 10.255.0.1 + type: oob management_api_http: enable_vrfs: - MGMT: {} + - name: MGMT enable_https: true vlans: - 4093: - tenant: system - name: LEAF_PEER_L3 - trunk_groups: - - LEAF_PEER_L3 - 4094: - tenant: system - name: MLAG_PEER - trunk_groups: - - MLAG - 130: - tenant: Tenant_A - name: Tenant_A_APP_Zone_1 - 131: - tenant: Tenant_A - name: Tenant_A_APP_Zone_2 - 3011: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_APP_Zone - trunk_groups: - - LEAF_PEER_L3 - 140: - tenant: Tenant_A - name: Tenant_A_DB_BZone_1 - 141: - tenant: Tenant_A - name: Tenant_A_DB_Zone_2 - 3012: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_DB_Zone - trunk_groups: - - LEAF_PEER_L3 - 110: - tenant: Tenant_A - name: Tenant_A_OP_Zone_1 - 111: - tenant: Tenant_A - name: Tenant_A_OP_Zone_2 - 112: - tenant: Tenant_A - name: Tenant_A_OP_Zone_3 - 3009: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 150: - tenant: Tenant_A - name: Tenant_A_WAN_Zone_1 - 3013: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 - 120: - tenant: Tenant_A - name: Tenant_A_WEB_Zone_1 - 121: - tenant: Tenant_A - name: Tenant_A_WEBZone_2 - 3010: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_WEB_Zone - trunk_groups: - - LEAF_PEER_L3 - 160: - tenant: Tenant_A - name: Tenant_A_VMOTION - 161: - tenant: Tenant_A - name: Tenant_A_NFS - 210: - tenant: Tenant_B - name: Tenant_B_OP_Zone_1 - 211: - tenant: Tenant_B - name: Tenant_B_OP_Zone_2 - 3019: - tenant: Tenant_B - name: MLAG_iBGP_Tenant_B_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 250: - tenant: Tenant_B - name: Tenant_B_WAN_Zone_1 - 3020: - tenant: Tenant_B - name: MLAG_iBGP_Tenant_B_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 - 310: - tenant: Tenant_C - name: Tenant_C_OP_Zone_1 - 311: - tenant: Tenant_C - name: Tenant_C_OP_Zone_2 - 3029: - tenant: Tenant_C - name: MLAG_iBGP_Tenant_C_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 350: - tenant: Tenant_C - name: Tenant_C_WAN_Zone_1 - 3030: - tenant: Tenant_C - name: MLAG_iBGP_Tenant_C_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 +- id: 4093 + tenant: system + name: LEAF_PEER_L3 + trunk_groups: + - LEAF_PEER_L3 +- id: 4094 + tenant: system + name: MLAG_PEER + trunk_groups: + - MLAG +- id: 130 + name: Tenant_A_APP_Zone_1 + tenant: Tenant_A +- id: 131 + name: Tenant_A_APP_Zone_2 + tenant: Tenant_A +- id: 3011 + name: MLAG_iBGP_Tenant_A_APP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 140 + name: Tenant_A_DB_BZone_1 + tenant: Tenant_A +- id: 141 + name: Tenant_A_DB_Zone_2 + tenant: Tenant_A +- id: 3012 + name: MLAG_iBGP_Tenant_A_DB_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 110 + name: Tenant_A_OP_Zone_1 + tenant: Tenant_A +- id: 111 + name: Tenant_A_OP_Zone_2 + tenant: Tenant_A +- id: 112 + name: Tenant_A_OP_Zone_3 + tenant: Tenant_A +- id: 3009 + name: MLAG_iBGP_Tenant_A_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 150 + name: Tenant_A_WAN_Zone_1 + tenant: Tenant_A +- id: 3013 + name: MLAG_iBGP_Tenant_A_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 120 + name: Tenant_A_WEB_Zone_1 + tenant: Tenant_A +- id: 121 + name: Tenant_A_WEBZone_2 + tenant: Tenant_A +- id: 3010 + name: MLAG_iBGP_Tenant_A_WEB_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 160 + name: Tenant_A_VMOTION + tenant: Tenant_A +- id: 161 + name: Tenant_A_NFS + tenant: Tenant_A +- id: 210 + name: Tenant_B_OP_Zone_1 + tenant: Tenant_B +- id: 211 + name: Tenant_B_OP_Zone_2 + tenant: Tenant_B +- id: 3019 + name: MLAG_iBGP_Tenant_B_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_B +- id: 250 + name: Tenant_B_WAN_Zone_1 + tenant: Tenant_B +- id: 3020 + name: MLAG_iBGP_Tenant_B_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_B +- id: 310 + name: Tenant_C_OP_Zone_1 + tenant: Tenant_C +- id: 311 + name: Tenant_C_OP_Zone_2 + tenant: Tenant_C +- id: 3029 + name: MLAG_iBGP_Tenant_C_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_C +- id: 350 + name: Tenant_C_WAN_Zone_1 + tenant: Tenant_C +- id: 3030 + name: MLAG_iBGP_Tenant_C_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_C vlan_interfaces: - Vlan4093: - description: MLAG_PEER_L3_PEERING - shutdown: false - ip_address: 10.255.251.0/31 - mtu: 1500 - Vlan4094: - description: MLAG_PEER - shutdown: false - ip_address: 10.255.252.0/31 - no_autostate: true - mtu: 1500 - Vlan130: - tenant: Tenant_A - tags: - - app - - erp1 - description: Tenant_A_APP_Zone_1 - shutdown: false - vrf: Tenant_A_APP_Zone - Vlan131: - tenant: Tenant_A - tags: - - app - description: Tenant_A_APP_Zone_2 - shutdown: false - vrf: Tenant_A_APP_Zone - ip_address_virtual: 10.1.31.254/24 - Vlan3011: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone' - vrf: Tenant_A_APP_Zone - ip_address: 10.255.251.0/31 - mtu: 1500 - Vlan140: - tenant: Tenant_A - tags: - - db - - erp1 - description: Tenant_A_DB_BZone_1 - shutdown: false - vrf: Tenant_A_DB_Zone - ip_address_virtual: 10.1.40.1/24 - Vlan141: - tenant: Tenant_A - tags: - - db - description: Tenant_A_DB_Zone_2 - shutdown: false - vrf: Tenant_A_DB_Zone - ip_address_virtual: 10.1.41.1/24 - Vlan3012: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone' - vrf: Tenant_A_DB_Zone - ip_address: 10.255.251.0/31 - mtu: 1500 - Vlan110: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_1 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.10.1/24 - Vlan111: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_2 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.11.1/24 - Vlan112: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_3 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.12.254/24 - Vlan3009: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone' - vrf: Tenant_A_OP_Zone - ip_address: 10.255.251.0/31 - mtu: 1500 - Vlan150: - tenant: Tenant_A - tags: - - wan - description: Tenant_A_WAN_Zone_1 - shutdown: false - vrf: Tenant_A_WAN_Zone - ip_address_virtual: 10.1.40.1/24 - Vlan3013: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone' - vrf: Tenant_A_WAN_Zone - ip_address: 10.255.251.0/31 - mtu: 1500 - Vlan120: - tenant: Tenant_A - tags: - - web - - erp1 - description: Tenant_A_WEB_Zone_1 - shutdown: false - vrf: Tenant_A_WEB_Zone - Vlan121: - tenant: Tenant_A - tags: - - web - description: Tenant_A_WEBZone_2 - shutdown: false - vrf: Tenant_A_WEB_Zone - ip_address_virtual: 10.1.21.1/24 - Vlan3010: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone' - vrf: Tenant_A_WEB_Zone - ip_address: 10.255.251.0/31 - mtu: 1500 - Vlan210: - tenant: Tenant_B - tags: - - opzone - description: Tenant_B_OP_Zone_1 - shutdown: false - vrf: Tenant_B_OP_Zone - Vlan211: - tenant: Tenant_B - tags: - - opzone - description: Tenant_B_OP_Zone_2 - shutdown: false - vrf: Tenant_B_OP_Zone - ip_address_virtual: 10.2.11.1/24 - Vlan3019: - tenant: Tenant_B - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone' - vrf: Tenant_B_OP_Zone - ip_address: 10.255.251.0/31 - mtu: 1500 - Vlan250: - tenant: Tenant_B - tags: - - wan - description: Tenant_B_WAN_Zone_1 - shutdown: false - vrf: Tenant_B_WAN_Zone - ip_address_virtual: 10.2.50.1/24 - Vlan3020: - tenant: Tenant_B - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone' - vrf: Tenant_B_WAN_Zone - ip_address: 10.255.251.0/31 - mtu: 1500 - Vlan310: - tenant: Tenant_C - tags: - - opzone - description: Tenant_C_OP_Zone_1 - shutdown: false - vrf: Tenant_C_OP_Zone - Vlan311: - tenant: Tenant_C - tags: - - opzone - description: Tenant_C_OP_Zone_2 - shutdown: false - vrf: Tenant_C_OP_Zone - Vlan3029: - tenant: Tenant_C - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone' - vrf: Tenant_C_OP_Zone - ip_address: 10.255.251.0/31 - mtu: 1500 - Vlan350: - tenant: Tenant_C - tags: - - wan - description: Tenant_C_WAN_Zone_1 - shutdown: false - vrf: Tenant_C_WAN_Zone - Vlan3030: - tenant: Tenant_C - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone' - vrf: Tenant_C_WAN_Zone - ip_address: 10.255.251.0/31 - mtu: 1500 +- name: Vlan4093 + description: MLAG_PEER_L3_PEERING + shutdown: false + mtu: 1500 + ip_address: 10.255.251.0/31 +- name: Vlan4094 + description: MLAG_PEER + shutdown: false + ip_address: 10.255.252.0/31 + no_autostate: true + mtu: 1500 +- name: Vlan130 + tenant: Tenant_A + tags: + - app + - erp1 + description: Tenant_A_APP_Zone_1 + shutdown: false + ip_address_virtual: 10.1.30.1/24 + vrf: Tenant_A_APP_Zone +- name: Vlan131 + tenant: Tenant_A + tags: + - app + description: Tenant_A_APP_Zone_2 + shutdown: false + ip_address_virtual: 10.1.31.254/24 + vrf: Tenant_A_APP_Zone +- name: Vlan3011 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone' + vrf: Tenant_A_APP_Zone + mtu: 1500 + ip_address: 10.255.251.0/31 +- name: Vlan140 + tenant: Tenant_A + tags: + - db + - erp1 + description: Tenant_A_DB_BZone_1 + shutdown: false + ip_address_virtual: 10.1.40.1/24 + vrf: Tenant_A_DB_Zone +- name: Vlan141 + tenant: Tenant_A + tags: + - db + description: Tenant_A_DB_Zone_2 + shutdown: false + ip_address_virtual: 10.1.41.1/24 + vrf: Tenant_A_DB_Zone +- name: Vlan3012 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone' + vrf: Tenant_A_DB_Zone + mtu: 1500 + ip_address: 10.255.251.0/31 +- name: Vlan110 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_1 + shutdown: false + ip_address_virtual: 10.1.10.1/24 + vrf: Tenant_A_OP_Zone +- name: Vlan111 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.1.11.1/24 + vrf: Tenant_A_OP_Zone +- name: Vlan112 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_3 + shutdown: false + ip_address_virtual: 10.1.12.254/24 + vrf: Tenant_A_OP_Zone +- name: Vlan3009 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone' + vrf: Tenant_A_OP_Zone + mtu: 1500 + ip_address: 10.255.251.0/31 +- name: Vlan150 + tenant: Tenant_A + tags: + - wan + description: Tenant_A_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.1.40.1/24 + vrf: Tenant_A_WAN_Zone +- name: Vlan3013 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone' + vrf: Tenant_A_WAN_Zone + mtu: 1500 + ip_address: 10.255.251.0/31 +- name: Vlan120 + tenant: Tenant_A + tags: + - web + - erp1 + description: Tenant_A_WEB_Zone_1 + shutdown: false + ip_address_virtual: 10.1.20.1/24 + vrf: Tenant_A_WEB_Zone +- name: Vlan121 + tenant: Tenant_A + tags: + - web + description: Tenant_A_WEBZone_2 + shutdown: false + ip_address_virtual: 10.1.21.1/24 + vrf: Tenant_A_WEB_Zone +- name: Vlan3010 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone' + vrf: Tenant_A_WEB_Zone + mtu: 1500 + ip_address: 10.255.251.0/31 +- name: Vlan210 + tenant: Tenant_B + tags: + - opzone + description: Tenant_B_OP_Zone_1 + shutdown: false + ip_address_virtual: 10.2.10.1/24 + vrf: Tenant_B_OP_Zone +- name: Vlan211 + tenant: Tenant_B + tags: + - opzone + description: Tenant_B_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.2.11.1/24 + vrf: Tenant_B_OP_Zone +- name: Vlan3019 + tenant: Tenant_B + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone' + vrf: Tenant_B_OP_Zone + mtu: 1500 + ip_address: 10.255.251.0/31 +- name: Vlan250 + tenant: Tenant_B + tags: + - wan + description: Tenant_B_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.2.50.1/24 + vrf: Tenant_B_WAN_Zone +- name: Vlan3020 + tenant: Tenant_B + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone' + vrf: Tenant_B_WAN_Zone + mtu: 1500 + ip_address: 10.255.251.0/31 +- name: Vlan310 + tenant: Tenant_C + tags: + - opzone + description: Tenant_C_OP_Zone_1 + shutdown: false + ip_address_virtual: 10.3.10.1/24 + vrf: Tenant_C_OP_Zone +- name: Vlan311 + tenant: Tenant_C + tags: + - opzone + description: Tenant_C_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.3.11.1/24 + vrf: Tenant_C_OP_Zone +- name: Vlan3029 + tenant: Tenant_C + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone' + vrf: Tenant_C_OP_Zone + mtu: 1500 + ip_address: 10.255.251.0/31 +- name: Vlan350 + tenant: Tenant_C + tags: + - wan + description: Tenant_C_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.3.50.1/24 + vrf: Tenant_C_WAN_Zone +- name: Vlan3030 + tenant: Tenant_C + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone' + vrf: Tenant_C_WAN_Zone + mtu: 1500 + ip_address: 10.255.251.0/31 port_channel_interfaces: - Port-Channel3: - description: MLAG_PEER_DC1-LEAF1B_Po3 - type: switched - shutdown: false - vlans: 2-4094 - mode: trunk - trunk_groups: - - LEAF_PEER_L3 - - MLAG - Port-Channel5: - description: DC1-L2LEAF1A_Po1 - type: switched - shutdown: false - vlans: 110-112,120-121,130-131 - mode: trunk - mlag: 5 +- name: Port-Channel3 + description: MLAG_PEER_DC1-LEAF1B_Po3 + type: switched + shutdown: false + mode: trunk + trunk_groups: + - LEAF_PEER_L3 + - MLAG +- name: Port-Channel5 + description: DC1-L2LEAF1A_Po1 + type: switched + shutdown: false + mode: trunk + vlans: 110-112,120-121,130-131 + mlag: 5 ethernet_interfaces: - Ethernet3: - peer: DC1-LEAF1B - peer_interface: Ethernet3 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF1B_Ethernet3 - type: switched - shutdown: false - channel_group: - id: 3 - mode: active - Ethernet4: - peer: DC1-LEAF1B - peer_interface: Ethernet4 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF1B_Ethernet4 - type: switched - shutdown: false - channel_group: - id: 3 - mode: active - Ethernet1: - peer: DC1-SPINE1 - peer_interface: Ethernet1 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE1_Ethernet1 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.1/31 - Ethernet2: - peer: DC1-SPINE2 - peer_interface: Ethernet1 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE2_Ethernet1 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.3/31 - Ethernet5: - peer: DC1-L2LEAF1A - peer_interface: Ethernet1 - peer_type: l2leaf - description: DC1-L2LEAF1A_Ethernet1 - type: switched - shutdown: false - channel_group: - id: 5 - mode: active +- name: Ethernet3 + peer: DC1-LEAF1B + peer_interface: Ethernet3 + peer_type: mlag_peer + description: MLAG_PEER_DC1-LEAF1B_Ethernet3 + type: port-channel-member + shutdown: false + channel_group: + id: 3 + mode: active +- name: Ethernet4 + peer: DC1-LEAF1B + peer_interface: Ethernet4 + peer_type: mlag_peer + description: MLAG_PEER_DC1-LEAF1B_Ethernet4 + type: port-channel-member + shutdown: false + channel_group: + id: 3 + mode: active +- name: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + description: P2P_LINK_TO_DC1-SPINE1_Ethernet1 + shutdown: false + mtu: 1500 + type: routed + ip_address: 172.31.255.1/31 +- name: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + description: P2P_LINK_TO_DC1-SPINE2_Ethernet1 + shutdown: false + mtu: 1500 + type: routed + ip_address: 172.31.255.3/31 +- name: Ethernet5 + peer: DC1-L2LEAF1A + peer_interface: Ethernet1 + peer_type: l2leaf + description: DC1-L2LEAF1A_Ethernet1 + shutdown: false + type: port-channel-member + channel_group: + id: 5 + mode: active mlag_configuration: domain_id: DC1_LEAF1 local_interface: Vlan4094 peer_address: 10.255.252.1 peer_link: Port-Channel3 - reload_delay_mlag: 300 - reload_delay_non_mlag: 330 + reload_delay_mlag: '300' + reload_delay_non_mlag: '330' route_maps: - RM-MLAG-PEER-IN: - sequence_numbers: - 10: - type: permit - set: - - origin incomplete - description: Make routes learned over MLAG Peer-link less preferred on spines - to ensure optimal routing - RM-CONN-2-BGP: - sequence_numbers: - 10: - type: permit - match: - - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +- name: RM-MLAG-PEER-IN + sequence_numbers: + - sequence: 10 + type: permit + set: + - origin incomplete + description: Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing +- name: RM-CONN-2-BGP + sequence_numbers: + - sequence: 10 + type: permit + match: + - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY loopback_interfaces: - Loopback0: - description: EVPN_Overlay_Peering - shutdown: false - ip_address: 192.168.255.3/32 - Loopback1: - description: VTEP_VXLAN_Tunnel_Source - shutdown: false - ip_address: 192.168.254.3/32 - Loopback100: - description: Tenant_A_OP_Zone_VTEP_DIAGNOSTICS - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address: 10.255.1.3/32 +- name: Loopback0 + description: EVPN_Overlay_Peering + shutdown: false + ip_address: 192.168.255.3/32 +- name: Loopback1 + description: VTEP_VXLAN_Tunnel_Source + shutdown: false + ip_address: 192.168.254.3/32 +- name: Loopback100 + description: Tenant_A_OP_Zone_VTEP_DIAGNOSTICS + shutdown: false + vrf: Tenant_A_OP_Zone + ip_address: 10.255.1.3/32 prefix_lists: - PL-LOOPBACKS-EVPN-OVERLAY: - sequence_numbers: - 10: - action: permit 192.168.255.0/24 eq 32 - 20: - action: permit 192.168.254.0/24 eq 32 +- name: PL-LOOPBACKS-EVPN-OVERLAY + sequence_numbers: + - sequence: 10 + action: permit 192.168.255.0/24 eq 32 + - sequence: 20 + action: permit 192.168.254.0/24 eq 32 router_bfd: multihop: interval: 1200 @@ -813,73 +870,73 @@ router_bfd: multiplier: 3 ip_igmp_snooping: globally_enabled: true +ip_virtual_router_mac_address: 00:1c:73:00:dc:01 vxlan_interface: Vxlan1: description: DC1-LEAF1A_VTEP vxlan: + udp_port: 4789 source_interface: Loopback1 virtual_router_encapsulation_mac_address: mlag-system-id - udp_port: 4789 vlans: - 130: - vni: 10130 - 131: - vni: 10131 - 140: - vni: 10140 - 141: - vni: 10141 - 110: - vni: 10110 - 111: - vni: 50111 - 112: - vni: 50112 - 150: - vni: 10150 - 120: - vni: 10120 - 121: - vni: 10121 - 160: - vni: 55160 - 161: - vni: 10161 - 210: - vni: 20210 - 211: - vni: 20211 - 250: - vni: 20250 - 310: - vni: 30310 - 311: - vni: 30311 - 350: - vni: 30350 + - id: 130 + vni: 10130 + - id: 131 + vni: 10131 + - id: 140 + vni: 10140 + - id: 141 + vni: 10141 + - id: 110 + vni: 10110 + - id: 111 + vni: 50111 + - id: 112 + vni: 50112 + - id: 150 + vni: 10150 + - id: 120 + vni: 10120 + - id: 121 + vni: 10121 + - id: 160 + vni: 55160 + - id: 161 + vni: 10161 + - id: 210 + vni: 20210 + - id: 211 + vni: 20211 + - id: 250 + vni: 20250 + - id: 310 + vni: 30310 + - id: 311 + vni: 30311 + - id: 350 + vni: 30350 vrfs: - Tenant_A_APP_Zone: - vni: 12 - Tenant_A_DB_Zone: - vni: 13 - Tenant_A_OP_Zone: - vni: 10 - Tenant_A_WAN_Zone: - vni: 14 - Tenant_A_WEB_Zone: - vni: 11 - Tenant_B_OP_Zone: - vni: 20 - Tenant_B_WAN_Zone: - vni: 21 - Tenant_C_OP_Zone: - vni: 30 - Tenant_C_WAN_Zone: - vni: 31 + - name: Tenant_A_APP_Zone + vni: 12 + - name: Tenant_A_DB_Zone + vni: 13 + - name: Tenant_A_OP_Zone + vni: 10 + - name: Tenant_A_WAN_Zone + vni: 14 + - name: Tenant_A_WEB_Zone + vni: 11 + - name: Tenant_B_OP_Zone + vni: 20 + - name: Tenant_B_WAN_Zone + vni: 21 + - name: Tenant_C_OP_Zone + vni: 30 + - name: Tenant_C_WAN_Zone + vni: 31 virtual_source_nat_vrfs: - Tenant_A_OP_Zone: - ip_address: 10.255.1.3 -ip_virtual_router_mac_address: 00:1c:73:00:dc:01 +- name: Tenant_A_OP_Zone + ip_address: 10.255.1.3 ntp: local_interface: name: Management1 diff --git a/inventory/intended/structured_configs/DC1-LEAF1B-debug-vars.yml b/inventory/intended/structured_configs/DC1-LEAF1B-debug-vars.yml index e93e5dba..7938d3f1 100644 --- a/inventory/intended/structured_configs/DC1-LEAF1B-debug-vars.yml +++ b/inventory/intended/structured_configs/DC1-LEAF1B-debug-vars.yml @@ -20,7 +20,8 @@ local_users: privilege: 15 role: network-admin sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -cvp_instance_ip: 10.255.0.1 +cvp_instance_ips: +- 10.255.0.1 cvp_ingestauth_key: '' mgmt_interface: Management1 mgmt_interface_vrf: MGMT @@ -39,13 +40,13 @@ custom_structured_configuration_ntp: - name: 1.fr.pool.ntp.org vrf: MGMT fabric_name: DC1_FABRIC -vxlan_vlan_aware_bundles: true +evpn_vlan_aware_bundles: true bgp_peer_groups: - IPv4_UNDERLAY_PEERS: + ipv4_underlay_peers: password: AQQvKeimxJu+uGQ/yYvv9w== - EVPN_OVERLAY_PEERS: + evpn_overlay_peers: password: q+VNViP5i4rVjW1cxFv2wA== - MLAG_IPv4_UNDERLAY_PEER: + mlag_ipv4_underlay_peer: password: vnEaG8gMeQf3d3cN6PktXQ== spine: defaults: @@ -197,8 +198,7 @@ servers: server01: rack: RackA adapters: - - type: nic - server_ports: + - endpoint_ports: - Eth0 switch_ports: - Ethernet5 @@ -208,8 +208,7 @@ servers: server02: rack: RackA adapters: - - type: nic - server_ports: + - endpoint_ports: - Eth0 switch_ports: - Ethernet5 @@ -255,7 +254,7 @@ tenants: - web - erp1 enabled: true - ip_subnet: 10.1.20.0/24 + ip_address_virtual: 10.1.20.1/24 121: name: Tenant_A_WEBZone_2 tags: @@ -271,7 +270,7 @@ tenants: - app - erp1 enabled: true - ip_subnet: 10.1.30.0/24 + ip_address_virtual: 10.1.30.1/24 131: name: Tenant_A_APP_Zone_2 tags: @@ -324,7 +323,7 @@ tenants: tags: - opzone enabled: true - ip_subnet: 10.2.10.0/24 + ip_address_virtual: 10.2.10.1/24 211: name: Tenant_B_OP_Zone_2 tags: @@ -351,13 +350,13 @@ tenants: tags: - opzone enabled: true - ip_subnet: 10.3.10.0/24 + ip_address_virtual: 10.3.10.1/24 311: name: Tenant_C_OP_Zone_2 tags: - opzone enabled: true - ip_subnet: 10.3.11.1/24 + ip_address_virtual: 10.3.11.1/24 Tenant_C_WAN_Zone: vrf_vni: 31 svis: @@ -366,9 +365,9 @@ tenants: tags: - wan enabled: true - ip_subnet: 10.3.50.1/24 -inventory_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml -inventory_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory + ip_address_virtual: 10.3.50.1/24 +inventory_file: /home/colin/temp/ansible-avd-cloudvision-demo/inventory/inventory.yml +inventory_dir: /home/colin/temp/ansible-avd-cloudvision-demo/inventory ansible_host: 10.255.0.14 inventory_hostname: DC1-LEAF1B inventory_hostname_short: DC1-LEAF1B @@ -380,423 +379,846 @@ group_names: - DC1_SERVERS - DC1_TENANTS_NETWORKS ansible_facts: - switch: - type: l3leaf - node_type_key: l3leaf - connected_endpoints: true - default_evpn_role: client - mlag_support: true - network_services_l2: true - network_services_l3: true - underlay_router: true - uplink_type: p2p - vtep: true - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_LEAF1 - id: 2 - mgmt_ip: 10.255.0.14/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - all - filter_tags: - - all - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - virtual_router_mac_address: 00:1c:73:00:dc:01 - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: - - DC1-SPINE1 - - DC1-SPINE2 - uplink_switch_interfaces: - - Ethernet2 - - Ethernet2 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 2 - uplink_ipv4_pool: 172.31.255.0/24 - router_id: 192.168.255.4 - bgp_as: '65101' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: client - evpn_route_servers: - - DC1-SPINE1 - - DC1-SPINE2 - mlag: true - mlag_group: DC1_LEAF1 - mlag_ibgp_origin_incomplete: true - mlag_peer_vlan: 4094 - mlag_dual_primary_detection: false - mlag_interfaces: - - Ethernet3 - - Ethernet4 - mlag_l3: true - mlag_peer_l3_vlan: 4093 - mlag_role: secondary - mlag_peer: DC1-LEAF1A - mlag_peer_mgmt_ip: 10.255.0.13 - mlag_ip: 10.255.252.1 - mlag_peer_ip: 10.255.252.0 - mlag_l3_ip: 10.255.251.1 - mlag_peer_l3_ip: 10.255.251.0 - vtep_loopback_ipv4_pool: 192.168.254.0/24 - vtep_loopback: Loopback1 - vtep_ip: 192.168.254.3 - evpn_services_l2_only: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_DB_Zone: - svis: - - 140 - - 141 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WAN_Zone: - svis: - - 150 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: - - 160 - - 161 - Tenant_B: - vrfs: - Tenant_B_OP_Zone: - svis: - - 210 - - 211 - Tenant_B_WAN_Zone: - svis: - - 250 - l2vlans: [] - Tenant_C: - vrfs: - Tenant_C_OP_Zone: - svis: - - 310 - - 311 - Tenant_C_WAN_Zone: - svis: - - 350 - l2vlans: [] - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 - topology: - links: - Ethernet1: + avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF1A + - DC1-LEAF1B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF2A + - DC1-LEAF2B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + avd_topology_peers: + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF2A: + - DC1-L2LEAF2A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF1A + - DC1-LEAF1B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF2A + - DC1-LEAF2B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 peer: DC1-SPINE1 peer_interface: Ethernet2 peer_type: spine + peer_is_deployed: true peer_bgp_as: '65001' type: underlay_p2p ip_address: 172.31.255.5 peer_ip_address: 172.31.255.4 - Ethernet2: + - interface: Ethernet2 peer: DC1-SPINE2 peer_interface: Ethernet2 peer_type: spine + peer_is_deployed: true peer_bgp_as: '65001' type: underlay_p2p ip_address: 172.31.255.7 peer_ip_address: 172.31.255.6 - peers: - - DC1-SPINE1 - - DC1-SPINE2 - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -switch: - type: l3leaf - node_type_key: l3leaf - connected_endpoints: true - default_evpn_role: client - mlag_support: true - network_services_l2: true - network_services_l3: true - underlay_router: true - uplink_type: p2p - vtep: true - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_LEAF1 - id: 2 - mgmt_ip: 10.255.0.14/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - all - filter_tags: - - all - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - virtual_router_mac_address: 00:1c:73:00:dc:01 - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: - - DC1-SPINE1 - - DC1-SPINE2 - uplink_switch_interfaces: - - Ethernet2 - - Ethernet2 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 2 - uplink_ipv4_pool: 172.31.255.0/24 - router_id: 192.168.255.4 - bgp_as: '65101' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: client - evpn_route_servers: - - DC1-SPINE1 - - DC1-SPINE2 - mlag: true - mlag_group: DC1_LEAF1 - mlag_ibgp_origin_incomplete: true - mlag_peer_vlan: 4094 - mlag_dual_primary_detection: false - mlag_interfaces: - - Ethernet3 - - Ethernet4 - mlag_l3: true - mlag_peer_l3_vlan: 4093 - mlag_role: secondary - mlag_peer: DC1-LEAF1A - mlag_peer_mgmt_ip: 10.255.0.13 - mlag_ip: 10.255.252.1 - mlag_peer_ip: 10.255.252.0 - mlag_l3_ip: 10.255.251.1 - mlag_peer_l3_ip: 10.255.251.0 - vtep_loopback_ipv4_pool: 192.168.254.0/24 - vtep_loopback: Loopback1 - vtep_ip: 192.168.254.3 - evpn_services_l2_only: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_DB_Zone: - svis: - - 140 - - 141 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WAN_Zone: - svis: - - 150 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: - - 160 - - 161 - Tenant_B: - vrfs: - Tenant_B_OP_Zone: - svis: - - 210 - - 211 - Tenant_B_WAN_Zone: - svis: - - 250 - l2vlans: [] - Tenant_C: - vrfs: - Tenant_C_OP_Zone: - svis: - - 310 - - 311 - Tenant_C_WAN_Zone: - svis: - - 350 - l2vlans: [] - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -topology: - links: - Ethernet1: - peer: DC1-SPINE1 - peer_interface: Ethernet2 - peer_type: spine - peer_bgp_as: '65001' - type: underlay_p2p - ip_address: 172.31.255.5 - peer_ip_address: 172.31.255.4 - Ethernet2: - peer: DC1-SPINE2 - peer_interface: Ethernet2 - peer_type: spine - peer_bgp_as: '65001' - type: underlay_p2p - ip_address: 172.31.255.7 - peer_ip_address: 172.31.255.6 - peers: - - DC1-SPINE1 - - DC1-SPINE2 - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -playbook_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/playbooks -ansible_playbook_python: /Users/tgrimonet/.pyenv/versions/3.9.7/envs/arista-avd-demo/bin/python3.9 -ansible_config_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/ansible.cfg + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] +avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_topology_peers: + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF2A: + - DC1-L2LEAF2A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_requirements: + failed: false + changed: false +playbook_dir: /home/colin/temp/ansible-avd-cloudvision-demo/playbooks +ansible_playbook_python: /home/colin/act-single-dc/.venv/bin/python3 +ansible_config_file: /home/colin/temp/ansible-avd-cloudvision-demo/ansible.cfg groups: all: - cv_ztp - cv_server - DC1-SPINE1 - DC1-SPINE2 + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A ungrouped: [] CVP: - cv_ztp @@ -813,12 +1235,12 @@ groups: DC1_FABRIC: - DC1-SPINE1 - DC1-SPINE2 + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A DC1_SPINES: - DC1-SPINE1 - DC1-SPINE2 @@ -841,31 +1263,31 @@ groups: DC1_L2LEAF2: - DC1-L2LEAF2A DC1_TENANTS_NETWORKS: + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B + DC1_SERVERS: - DC1-L2LEAF1A - DC1-L2LEAF2A - DC1_SERVERS: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A -omit: __omit_place_holder__977da4f00604c643da39a9f2175c10b09f0b2380 +omit: __omit_place_holder__ab9c18ca0c75d03d3972f5ad58a93aebf5c2084c ansible_version: - string: 2.10.14 - full: 2.10.14 + string: 2.16.3 + full: 2.16.3 major: 2 - minor: 10 - revision: 14 + minor: 16 + revision: 3 ansible_check_mode: false ansible_diff_mode: false ansible_forks: 5 ansible_inventory_sources: -- /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml +- /home/colin/temp/ansible-avd-cloudvision-demo/inventory/inventory.yml ansible_skip_tags: [] ansible_run_tags: - build diff --git a/inventory/intended/structured_configs/DC1-LEAF1B.yml b/inventory/intended/structured_configs/DC1-LEAF1B.yml index e8bfc2f6..e222d5c8 100644 --- a/inventory/intended/structured_configs/DC1-LEAF1B.yml +++ b/inventory/intended/structured_configs/DC1-LEAF1B.yml @@ -1,3 +1,7 @@ +hostname: DC1-LEAF1B +metadata: + platform: vEOS-LAB +is_deployed: true router_bgp: as: '65101' router_id: 192.168.255.4 @@ -6,291 +10,340 @@ router_bgp: - distance bgp 20 200 200 - graceful-restart restart-time 300 - graceful-restart - - maximum-paths 4 ecmp 4 + bgp: + default: + ipv4_unicast: false + maximum_paths: + paths: 4 + ecmp: 4 + updates: + wait_install: true peer_groups: - MLAG-IPv4-UNDERLAY-PEER: - type: ipv4 - remote_as: '65101' - next_hop_self: true - password: vnEaG8gMeQf3d3cN6PktXQ== - maximum_routes: 12000 - send_community: all - route_map_in: RM-MLAG-PEER-IN - IPv4-UNDERLAY-PEERS: - type: ipv4 - password: AQQvKeimxJu+uGQ/yYvv9w== - maximum_routes: 12000 - send_community: all - EVPN-OVERLAY-PEERS: - type: evpn - update_source: Loopback0 - bfd: true - ebgp_multihop: '3' - password: q+VNViP5i4rVjW1cxFv2wA== - send_community: all - maximum_routes: 0 + - name: MLAG-IPv4-UNDERLAY-PEER + type: ipv4 + remote_as: '65101' + next_hop_self: true + description: DC1-LEAF1A + password: vnEaG8gMeQf3d3cN6PktXQ== + maximum_routes: 12000 + send_community: all + route_map_in: RM-MLAG-PEER-IN + - name: IPv4-UNDERLAY-PEERS + type: ipv4 + password: AQQvKeimxJu+uGQ/yYvv9w== + maximum_routes: 12000 + send_community: all + - name: EVPN-OVERLAY-PEERS + type: evpn + update_source: Loopback0 + bfd: true + password: q+VNViP5i4rVjW1cxFv2wA== + send_community: all + maximum_routes: 0 + ebgp_multihop: 3 address_family_ipv4: peer_groups: - MLAG-IPv4-UNDERLAY-PEER: - activate: true - IPv4-UNDERLAY-PEERS: - activate: true - EVPN-OVERLAY-PEERS: - activate: false + - name: MLAG-IPv4-UNDERLAY-PEER + activate: true + - name: IPv4-UNDERLAY-PEERS + activate: true + - name: EVPN-OVERLAY-PEERS + activate: false neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - description: DC1-LEAF1A - 172.31.255.4: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65001' - description: DC1-SPINE1_Ethernet2 - 172.31.255.6: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65001' - description: DC1-SPINE2_Ethernet2 - 192.168.255.1: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-SPINE1 - remote_as: '65001' - 192.168.255.2: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-SPINE2 - remote_as: '65001' + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + peer: DC1-LEAF1A + description: DC1-LEAF1A + - ip_address: 172.31.255.4 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65001' + peer: DC1-SPINE1 + description: DC1-SPINE1_Ethernet2 + - ip_address: 172.31.255.6 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65001' + peer: DC1-SPINE2 + description: DC1-SPINE2_Ethernet2 + - ip_address: 192.168.255.1 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-SPINE1 + description: DC1-SPINE1 + remote_as: '65001' + - ip_address: 192.168.255.2 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-SPINE2 + description: DC1-SPINE2 + remote_as: '65001' redistribute_routes: - connected: - route_map: RM-CONN-2-BGP + - source_protocol: connected + route_map: RM-CONN-2-BGP address_family_evpn: peer_groups: - EVPN-OVERLAY-PEERS: - activate: true + - name: EVPN-OVERLAY-PEERS + activate: true vrfs: - Tenant_A_APP_Zone: - router_id: 192.168.255.4 - rd: 192.168.255.4:12 - route_targets: - import: - evpn: - - '12:12' - export: - evpn: - - '12:12' - neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_DB_Zone: - router_id: 192.168.255.4 - rd: 192.168.255.4:13 - route_targets: - import: - evpn: - - '13:13' - export: - evpn: - - '13:13' - neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_OP_Zone: - router_id: 192.168.255.4 - rd: 192.168.255.4:10 - route_targets: - import: - evpn: - - '10:10' - export: - evpn: - - '10:10' - neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_WAN_Zone: - router_id: 192.168.255.4 - rd: 192.168.255.4:14 - route_targets: - import: - evpn: - - '14:14' - export: - evpn: - - '14:14' - neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_WEB_Zone: - router_id: 192.168.255.4 - rd: 192.168.255.4:11 - route_targets: - import: - evpn: - - '11:11' - export: - evpn: - - '11:11' - neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_B_OP_Zone: - router_id: 192.168.255.4 - rd: 192.168.255.4:20 - route_targets: - import: - evpn: - - '20:20' - export: - evpn: - - '20:20' - neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_B_WAN_Zone: - router_id: 192.168.255.4 - rd: 192.168.255.4:21 - route_targets: - import: - evpn: - - '21:21' - export: - evpn: - - '21:21' - neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_C_OP_Zone: - router_id: 192.168.255.4 - rd: 192.168.255.4:30 - route_targets: - import: - evpn: - - '30:30' - export: - evpn: - - '30:30' - neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_C_WAN_Zone: - router_id: 192.168.255.4 - rd: 192.168.255.4:31 - route_targets: - import: - evpn: - - '31:31' - export: - evpn: - - '31:31' - neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - vlan_aware_bundles: - Tenant_A_APP_Zone: - rd: 192.168.255.4:12 - route_targets: - both: + - name: Tenant_A_APP_Zone + router_id: 192.168.255.4 + rd: 192.168.255.4:12 + route_targets: + import: + - address_family: evpn + route_targets: + - '12:12' + export: + - address_family: evpn + route_targets: - '12:12' - redistribute_routes: - - learned - vlan: 130-131 - Tenant_A_DB_Zone: - rd: 192.168.255.4:13 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_A_DB_Zone + router_id: 192.168.255.4 + rd: 192.168.255.4:13 + route_targets: + import: + - address_family: evpn + route_targets: + - '13:13' + export: + - address_family: evpn + route_targets: - '13:13' - redistribute_routes: - - learned - vlan: 140-141 - Tenant_A_OP_Zone: - rd: 192.168.255.4:10 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_A_OP_Zone + router_id: 192.168.255.4 + rd: 192.168.255.4:10 + route_targets: + import: + - address_family: evpn + route_targets: + - '10:10' + export: + - address_family: evpn + route_targets: - '10:10' - redistribute_routes: - - learned - vlan: 110-112 - Tenant_A_WAN_Zone: - rd: 192.168.255.4:14 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_A_WAN_Zone + router_id: 192.168.255.4 + rd: 192.168.255.4:14 + route_targets: + import: + - address_family: evpn + route_targets: - '14:14' - redistribute_routes: - - learned - vlan: 150 - Tenant_A_WEB_Zone: - rd: 192.168.255.4:11 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '14:14' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_A_WEB_Zone + router_id: 192.168.255.4 + rd: 192.168.255.4:11 + route_targets: + import: + - address_family: evpn + route_targets: - '11:11' - redistribute_routes: - - learned - vlan: 120-121 - Tenant_A_VMOTION: - tenant: Tenant_A - rd: 192.168.255.4:55160 - route_targets: - both: - - 55160:55160 - redistribute_routes: - - learned - vlan: 160 - Tenant_A_NFS: - tenant: Tenant_A - rd: 192.168.255.4:10161 - route_targets: - both: - - 10161:10161 - redistribute_routes: - - learned - vlan: 161 - Tenant_B_OP_Zone: - rd: 192.168.255.4:20 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '11:11' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_B_OP_Zone + router_id: 192.168.255.4 + rd: 192.168.255.4:20 + route_targets: + import: + - address_family: evpn + route_targets: - '20:20' - redistribute_routes: - - learned - vlan: 210-211 - Tenant_B_WAN_Zone: - rd: 192.168.255.4:21 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '20:20' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_B_WAN_Zone + router_id: 192.168.255.4 + rd: 192.168.255.4:21 + route_targets: + import: + - address_family: evpn + route_targets: - '21:21' - redistribute_routes: - - learned - vlan: 250 - Tenant_C_OP_Zone: - rd: 192.168.255.4:30 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '21:21' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_C_OP_Zone + router_id: 192.168.255.4 + rd: 192.168.255.4:30 + route_targets: + import: + - address_family: evpn + route_targets: + - '30:30' + export: + - address_family: evpn + route_targets: - '30:30' - redistribute_routes: - - learned - vlan: 310-311 - Tenant_C_WAN_Zone: - rd: 192.168.255.4:31 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_C_WAN_Zone + router_id: 192.168.255.4 + rd: 192.168.255.4:31 + route_targets: + import: + - address_family: evpn + route_targets: + - '31:31' + export: + - address_family: evpn + route_targets: - '31:31' - redistribute_routes: - - learned - vlan: 350 + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + vlan_aware_bundles: + - name: Tenant_A_APP_Zone + rd: 192.168.255.4:12 + route_targets: + both: + - '12:12' + redistribute_routes: + - learned + vlan: 130-131 + - name: Tenant_A_DB_Zone + rd: 192.168.255.4:13 + route_targets: + both: + - '13:13' + redistribute_routes: + - learned + vlan: 140-141 + - name: Tenant_A_OP_Zone + rd: 192.168.255.4:10 + route_targets: + both: + - '10:10' + redistribute_routes: + - learned + vlan: 110-112 + - name: Tenant_A_WAN_Zone + rd: 192.168.255.4:14 + route_targets: + both: + - '14:14' + redistribute_routes: + - learned + vlan: '150' + - name: Tenant_A_WEB_Zone + rd: 192.168.255.4:11 + route_targets: + both: + - '11:11' + redistribute_routes: + - learned + vlan: 120-121 + - name: Tenant_A_NFS + tenant: Tenant_A + rd: 192.168.255.4:10161 + route_targets: + both: + - 10161:10161 + redistribute_routes: + - learned + vlan: '161' + - name: Tenant_A_VMOTION + tenant: Tenant_A + rd: 192.168.255.4:55160 + route_targets: + both: + - 55160:55160 + redistribute_routes: + - learned + vlan: '160' + - name: Tenant_B_OP_Zone + rd: 192.168.255.4:20 + route_targets: + both: + - '20:20' + redistribute_routes: + - learned + vlan: 210-211 + - name: Tenant_B_WAN_Zone + rd: 192.168.255.4:21 + route_targets: + both: + - '21:21' + redistribute_routes: + - learned + vlan: '250' + - name: Tenant_C_OP_Zone + rd: 192.168.255.4:30 + route_targets: + both: + - '30:30' + redistribute_routes: + - learned + vlan: 310-311 + - name: Tenant_C_WAN_Zone + rd: 192.168.255.4:31 + route_targets: + both: + - '31:31' + redistribute_routes: + - learned + vlan: '350' static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 @@ -302,6 +355,7 @@ daemon_terminattr: - 10.255.0.1:9910 cvauth: method: key + key: '' cvvrf: MGMT smashexcludes: ale,flexCounter,hardware,kni,pulse,strata ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent @@ -311,501 +365,504 @@ vlan_internal_order: range: beginning: 1006 ending: 1199 -name_server: - source: - vrf: MGMT - nodes: - - 192.168.2.1 - - 8.8.8.8 +ip_name_servers: +- ip_address: 192.168.2.1 + vrf: MGMT +- ip_address: 8.8.8.8 + vrf: MGMT spanning_tree: mode: mstp mst_instances: - '0': - priority: 16384 + - id: '0' + priority: 16384 no_spanning_tree_vlan: 4093-4094 local_users: - admin: - privilege: 15 - role: network-admin - sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 - ansible: - privilege: 15 - role: network-admin - sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ - cvpadmin: - privilege: 15 - role: network-admin - sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +- name: admin + privilege: 15 + role: network-admin + sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 +- name: ansible + privilege: 15 + role: network-admin + sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ +- name: cvpadmin + privilege: 15 + role: network-admin + sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. vrfs: - MGMT: - ip_routing: false - Tenant_A_APP_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_DB_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_OP_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_WAN_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_WEB_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_B_OP_Zone: - tenant: Tenant_B - ip_routing: true - Tenant_B_WAN_Zone: - tenant: Tenant_B - ip_routing: true - Tenant_C_OP_Zone: - tenant: Tenant_C - ip_routing: true - Tenant_C_WAN_Zone: - tenant: Tenant_C - ip_routing: true +- name: MGMT + ip_routing: false +- name: Tenant_A_APP_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_DB_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_OP_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_WAN_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_WEB_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_B_OP_Zone + tenant: Tenant_B + ip_routing: true +- name: Tenant_B_WAN_Zone + tenant: Tenant_B + ip_routing: true +- name: Tenant_C_OP_Zone + tenant: Tenant_C + ip_routing: true +- name: Tenant_C_WAN_Zone + tenant: Tenant_C + ip_routing: true management_interfaces: - Management1: - description: oob_management - shutdown: false - vrf: MGMT - ip_address: 10.255.0.14/24 - gateway: 10.255.0.1 - type: oob +- name: Management1 + description: oob_management + shutdown: false + vrf: MGMT + ip_address: 10.255.0.14/24 + gateway: 10.255.0.1 + type: oob management_api_http: enable_vrfs: - MGMT: {} + - name: MGMT enable_https: true vlans: - 4093: - tenant: system - name: LEAF_PEER_L3 - trunk_groups: - - LEAF_PEER_L3 - 4094: - tenant: system - name: MLAG_PEER - trunk_groups: - - MLAG - 130: - tenant: Tenant_A - name: Tenant_A_APP_Zone_1 - 131: - tenant: Tenant_A - name: Tenant_A_APP_Zone_2 - 3011: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_APP_Zone - trunk_groups: - - LEAF_PEER_L3 - 140: - tenant: Tenant_A - name: Tenant_A_DB_BZone_1 - 141: - tenant: Tenant_A - name: Tenant_A_DB_Zone_2 - 3012: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_DB_Zone - trunk_groups: - - LEAF_PEER_L3 - 110: - tenant: Tenant_A - name: Tenant_A_OP_Zone_1 - 111: - tenant: Tenant_A - name: Tenant_A_OP_Zone_2 - 112: - tenant: Tenant_A - name: Tenant_A_OP_Zone_3 - 3009: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 150: - tenant: Tenant_A - name: Tenant_A_WAN_Zone_1 - 3013: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 - 120: - tenant: Tenant_A - name: Tenant_A_WEB_Zone_1 - 121: - tenant: Tenant_A - name: Tenant_A_WEBZone_2 - 3010: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_WEB_Zone - trunk_groups: - - LEAF_PEER_L3 - 160: - tenant: Tenant_A - name: Tenant_A_VMOTION - 161: - tenant: Tenant_A - name: Tenant_A_NFS - 210: - tenant: Tenant_B - name: Tenant_B_OP_Zone_1 - 211: - tenant: Tenant_B - name: Tenant_B_OP_Zone_2 - 3019: - tenant: Tenant_B - name: MLAG_iBGP_Tenant_B_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 250: - tenant: Tenant_B - name: Tenant_B_WAN_Zone_1 - 3020: - tenant: Tenant_B - name: MLAG_iBGP_Tenant_B_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 - 310: - tenant: Tenant_C - name: Tenant_C_OP_Zone_1 - 311: - tenant: Tenant_C - name: Tenant_C_OP_Zone_2 - 3029: - tenant: Tenant_C - name: MLAG_iBGP_Tenant_C_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 350: - tenant: Tenant_C - name: Tenant_C_WAN_Zone_1 - 3030: - tenant: Tenant_C - name: MLAG_iBGP_Tenant_C_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 +- id: 4093 + tenant: system + name: LEAF_PEER_L3 + trunk_groups: + - LEAF_PEER_L3 +- id: 4094 + tenant: system + name: MLAG_PEER + trunk_groups: + - MLAG +- id: 130 + name: Tenant_A_APP_Zone_1 + tenant: Tenant_A +- id: 131 + name: Tenant_A_APP_Zone_2 + tenant: Tenant_A +- id: 3011 + name: MLAG_iBGP_Tenant_A_APP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 140 + name: Tenant_A_DB_BZone_1 + tenant: Tenant_A +- id: 141 + name: Tenant_A_DB_Zone_2 + tenant: Tenant_A +- id: 3012 + name: MLAG_iBGP_Tenant_A_DB_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 110 + name: Tenant_A_OP_Zone_1 + tenant: Tenant_A +- id: 111 + name: Tenant_A_OP_Zone_2 + tenant: Tenant_A +- id: 112 + name: Tenant_A_OP_Zone_3 + tenant: Tenant_A +- id: 3009 + name: MLAG_iBGP_Tenant_A_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 150 + name: Tenant_A_WAN_Zone_1 + tenant: Tenant_A +- id: 3013 + name: MLAG_iBGP_Tenant_A_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 120 + name: Tenant_A_WEB_Zone_1 + tenant: Tenant_A +- id: 121 + name: Tenant_A_WEBZone_2 + tenant: Tenant_A +- id: 3010 + name: MLAG_iBGP_Tenant_A_WEB_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 160 + name: Tenant_A_VMOTION + tenant: Tenant_A +- id: 161 + name: Tenant_A_NFS + tenant: Tenant_A +- id: 210 + name: Tenant_B_OP_Zone_1 + tenant: Tenant_B +- id: 211 + name: Tenant_B_OP_Zone_2 + tenant: Tenant_B +- id: 3019 + name: MLAG_iBGP_Tenant_B_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_B +- id: 250 + name: Tenant_B_WAN_Zone_1 + tenant: Tenant_B +- id: 3020 + name: MLAG_iBGP_Tenant_B_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_B +- id: 310 + name: Tenant_C_OP_Zone_1 + tenant: Tenant_C +- id: 311 + name: Tenant_C_OP_Zone_2 + tenant: Tenant_C +- id: 3029 + name: MLAG_iBGP_Tenant_C_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_C +- id: 350 + name: Tenant_C_WAN_Zone_1 + tenant: Tenant_C +- id: 3030 + name: MLAG_iBGP_Tenant_C_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_C vlan_interfaces: - Vlan4093: - description: MLAG_PEER_L3_PEERING - shutdown: false - ip_address: 10.255.251.1/31 - mtu: 1500 - Vlan4094: - description: MLAG_PEER - shutdown: false - ip_address: 10.255.252.1/31 - no_autostate: true - mtu: 1500 - Vlan130: - tenant: Tenant_A - tags: - - app - - erp1 - description: Tenant_A_APP_Zone_1 - shutdown: false - vrf: Tenant_A_APP_Zone - Vlan131: - tenant: Tenant_A - tags: - - app - description: Tenant_A_APP_Zone_2 - shutdown: false - vrf: Tenant_A_APP_Zone - ip_address_virtual: 10.1.31.254/24 - Vlan3011: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone' - vrf: Tenant_A_APP_Zone - ip_address: 10.255.251.1/31 - mtu: 1500 - Vlan140: - tenant: Tenant_A - tags: - - db - - erp1 - description: Tenant_A_DB_BZone_1 - shutdown: false - vrf: Tenant_A_DB_Zone - ip_address_virtual: 10.1.40.1/24 - Vlan141: - tenant: Tenant_A - tags: - - db - description: Tenant_A_DB_Zone_2 - shutdown: false - vrf: Tenant_A_DB_Zone - ip_address_virtual: 10.1.41.1/24 - Vlan3012: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone' - vrf: Tenant_A_DB_Zone - ip_address: 10.255.251.1/31 - mtu: 1500 - Vlan110: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_1 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.10.1/24 - Vlan111: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_2 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.11.1/24 - Vlan112: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_3 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.12.254/24 - Vlan3009: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone' - vrf: Tenant_A_OP_Zone - ip_address: 10.255.251.1/31 - mtu: 1500 - Vlan150: - tenant: Tenant_A - tags: - - wan - description: Tenant_A_WAN_Zone_1 - shutdown: false - vrf: Tenant_A_WAN_Zone - ip_address_virtual: 10.1.40.1/24 - Vlan3013: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone' - vrf: Tenant_A_WAN_Zone - ip_address: 10.255.251.1/31 - mtu: 1500 - Vlan120: - tenant: Tenant_A - tags: - - web - - erp1 - description: Tenant_A_WEB_Zone_1 - shutdown: false - vrf: Tenant_A_WEB_Zone - Vlan121: - tenant: Tenant_A - tags: - - web - description: Tenant_A_WEBZone_2 - shutdown: false - vrf: Tenant_A_WEB_Zone - ip_address_virtual: 10.1.21.1/24 - Vlan3010: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone' - vrf: Tenant_A_WEB_Zone - ip_address: 10.255.251.1/31 - mtu: 1500 - Vlan210: - tenant: Tenant_B - tags: - - opzone - description: Tenant_B_OP_Zone_1 - shutdown: false - vrf: Tenant_B_OP_Zone - Vlan211: - tenant: Tenant_B - tags: - - opzone - description: Tenant_B_OP_Zone_2 - shutdown: false - vrf: Tenant_B_OP_Zone - ip_address_virtual: 10.2.11.1/24 - Vlan3019: - tenant: Tenant_B - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone' - vrf: Tenant_B_OP_Zone - ip_address: 10.255.251.1/31 - mtu: 1500 - Vlan250: - tenant: Tenant_B - tags: - - wan - description: Tenant_B_WAN_Zone_1 - shutdown: false - vrf: Tenant_B_WAN_Zone - ip_address_virtual: 10.2.50.1/24 - Vlan3020: - tenant: Tenant_B - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone' - vrf: Tenant_B_WAN_Zone - ip_address: 10.255.251.1/31 - mtu: 1500 - Vlan310: - tenant: Tenant_C - tags: - - opzone - description: Tenant_C_OP_Zone_1 - shutdown: false - vrf: Tenant_C_OP_Zone - Vlan311: - tenant: Tenant_C - tags: - - opzone - description: Tenant_C_OP_Zone_2 - shutdown: false - vrf: Tenant_C_OP_Zone - Vlan3029: - tenant: Tenant_C - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone' - vrf: Tenant_C_OP_Zone - ip_address: 10.255.251.1/31 - mtu: 1500 - Vlan350: - tenant: Tenant_C - tags: - - wan - description: Tenant_C_WAN_Zone_1 - shutdown: false - vrf: Tenant_C_WAN_Zone - Vlan3030: - tenant: Tenant_C - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone' - vrf: Tenant_C_WAN_Zone - ip_address: 10.255.251.1/31 - mtu: 1500 +- name: Vlan4093 + description: MLAG_PEER_L3_PEERING + shutdown: false + mtu: 1500 + ip_address: 10.255.251.1/31 +- name: Vlan4094 + description: MLAG_PEER + shutdown: false + ip_address: 10.255.252.1/31 + no_autostate: true + mtu: 1500 +- name: Vlan130 + tenant: Tenant_A + tags: + - app + - erp1 + description: Tenant_A_APP_Zone_1 + shutdown: false + ip_address_virtual: 10.1.30.1/24 + vrf: Tenant_A_APP_Zone +- name: Vlan131 + tenant: Tenant_A + tags: + - app + description: Tenant_A_APP_Zone_2 + shutdown: false + ip_address_virtual: 10.1.31.254/24 + vrf: Tenant_A_APP_Zone +- name: Vlan3011 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone' + vrf: Tenant_A_APP_Zone + mtu: 1500 + ip_address: 10.255.251.1/31 +- name: Vlan140 + tenant: Tenant_A + tags: + - db + - erp1 + description: Tenant_A_DB_BZone_1 + shutdown: false + ip_address_virtual: 10.1.40.1/24 + vrf: Tenant_A_DB_Zone +- name: Vlan141 + tenant: Tenant_A + tags: + - db + description: Tenant_A_DB_Zone_2 + shutdown: false + ip_address_virtual: 10.1.41.1/24 + vrf: Tenant_A_DB_Zone +- name: Vlan3012 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone' + vrf: Tenant_A_DB_Zone + mtu: 1500 + ip_address: 10.255.251.1/31 +- name: Vlan110 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_1 + shutdown: false + ip_address_virtual: 10.1.10.1/24 + vrf: Tenant_A_OP_Zone +- name: Vlan111 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.1.11.1/24 + vrf: Tenant_A_OP_Zone +- name: Vlan112 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_3 + shutdown: false + ip_address_virtual: 10.1.12.254/24 + vrf: Tenant_A_OP_Zone +- name: Vlan3009 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone' + vrf: Tenant_A_OP_Zone + mtu: 1500 + ip_address: 10.255.251.1/31 +- name: Vlan150 + tenant: Tenant_A + tags: + - wan + description: Tenant_A_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.1.40.1/24 + vrf: Tenant_A_WAN_Zone +- name: Vlan3013 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone' + vrf: Tenant_A_WAN_Zone + mtu: 1500 + ip_address: 10.255.251.1/31 +- name: Vlan120 + tenant: Tenant_A + tags: + - web + - erp1 + description: Tenant_A_WEB_Zone_1 + shutdown: false + ip_address_virtual: 10.1.20.1/24 + vrf: Tenant_A_WEB_Zone +- name: Vlan121 + tenant: Tenant_A + tags: + - web + description: Tenant_A_WEBZone_2 + shutdown: false + ip_address_virtual: 10.1.21.1/24 + vrf: Tenant_A_WEB_Zone +- name: Vlan3010 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone' + vrf: Tenant_A_WEB_Zone + mtu: 1500 + ip_address: 10.255.251.1/31 +- name: Vlan210 + tenant: Tenant_B + tags: + - opzone + description: Tenant_B_OP_Zone_1 + shutdown: false + ip_address_virtual: 10.2.10.1/24 + vrf: Tenant_B_OP_Zone +- name: Vlan211 + tenant: Tenant_B + tags: + - opzone + description: Tenant_B_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.2.11.1/24 + vrf: Tenant_B_OP_Zone +- name: Vlan3019 + tenant: Tenant_B + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone' + vrf: Tenant_B_OP_Zone + mtu: 1500 + ip_address: 10.255.251.1/31 +- name: Vlan250 + tenant: Tenant_B + tags: + - wan + description: Tenant_B_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.2.50.1/24 + vrf: Tenant_B_WAN_Zone +- name: Vlan3020 + tenant: Tenant_B + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone' + vrf: Tenant_B_WAN_Zone + mtu: 1500 + ip_address: 10.255.251.1/31 +- name: Vlan310 + tenant: Tenant_C + tags: + - opzone + description: Tenant_C_OP_Zone_1 + shutdown: false + ip_address_virtual: 10.3.10.1/24 + vrf: Tenant_C_OP_Zone +- name: Vlan311 + tenant: Tenant_C + tags: + - opzone + description: Tenant_C_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.3.11.1/24 + vrf: Tenant_C_OP_Zone +- name: Vlan3029 + tenant: Tenant_C + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone' + vrf: Tenant_C_OP_Zone + mtu: 1500 + ip_address: 10.255.251.1/31 +- name: Vlan350 + tenant: Tenant_C + tags: + - wan + description: Tenant_C_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.3.50.1/24 + vrf: Tenant_C_WAN_Zone +- name: Vlan3030 + tenant: Tenant_C + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone' + vrf: Tenant_C_WAN_Zone + mtu: 1500 + ip_address: 10.255.251.1/31 port_channel_interfaces: - Port-Channel3: - description: MLAG_PEER_DC1-LEAF1A_Po3 - type: switched - shutdown: false - vlans: 2-4094 - mode: trunk - trunk_groups: - - LEAF_PEER_L3 - - MLAG - Port-Channel5: - description: DC1-L2LEAF1A_Po1 - type: switched - shutdown: false - vlans: 110-112,120-121,130-131 - mode: trunk - mlag: 5 +- name: Port-Channel3 + description: MLAG_PEER_DC1-LEAF1A_Po3 + type: switched + shutdown: false + mode: trunk + trunk_groups: + - LEAF_PEER_L3 + - MLAG +- name: Port-Channel5 + description: DC1-L2LEAF1A_Po1 + type: switched + shutdown: false + mode: trunk + vlans: 110-112,120-121,130-131 + mlag: 5 ethernet_interfaces: - Ethernet3: - peer: DC1-LEAF1A - peer_interface: Ethernet3 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF1A_Ethernet3 - type: switched - shutdown: false - channel_group: - id: 3 - mode: active - Ethernet4: - peer: DC1-LEAF1A - peer_interface: Ethernet4 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF1A_Ethernet4 - type: switched - shutdown: false - channel_group: - id: 3 - mode: active - Ethernet1: - peer: DC1-SPINE1 - peer_interface: Ethernet2 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE1_Ethernet2 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.5/31 - Ethernet2: - peer: DC1-SPINE2 - peer_interface: Ethernet2 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE2_Ethernet2 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.7/31 - Ethernet5: - peer: DC1-L2LEAF1A - peer_interface: Ethernet2 - peer_type: l2leaf - description: DC1-L2LEAF1A_Ethernet2 - type: switched - shutdown: false - channel_group: - id: 5 - mode: active +- name: Ethernet3 + peer: DC1-LEAF1A + peer_interface: Ethernet3 + peer_type: mlag_peer + description: MLAG_PEER_DC1-LEAF1A_Ethernet3 + type: port-channel-member + shutdown: false + channel_group: + id: 3 + mode: active +- name: Ethernet4 + peer: DC1-LEAF1A + peer_interface: Ethernet4 + peer_type: mlag_peer + description: MLAG_PEER_DC1-LEAF1A_Ethernet4 + type: port-channel-member + shutdown: false + channel_group: + id: 3 + mode: active +- name: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + description: P2P_LINK_TO_DC1-SPINE1_Ethernet2 + shutdown: false + mtu: 1500 + type: routed + ip_address: 172.31.255.5/31 +- name: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + description: P2P_LINK_TO_DC1-SPINE2_Ethernet2 + shutdown: false + mtu: 1500 + type: routed + ip_address: 172.31.255.7/31 +- name: Ethernet5 + peer: DC1-L2LEAF1A + peer_interface: Ethernet2 + peer_type: l2leaf + description: DC1-L2LEAF1A_Ethernet2 + shutdown: false + type: port-channel-member + channel_group: + id: 5 + mode: active mlag_configuration: domain_id: DC1_LEAF1 local_interface: Vlan4094 peer_address: 10.255.252.0 peer_link: Port-Channel3 - reload_delay_mlag: 300 - reload_delay_non_mlag: 330 + reload_delay_mlag: '300' + reload_delay_non_mlag: '330' route_maps: - RM-MLAG-PEER-IN: - sequence_numbers: - 10: - type: permit - set: - - origin incomplete - description: Make routes learned over MLAG Peer-link less preferred on spines - to ensure optimal routing - RM-CONN-2-BGP: - sequence_numbers: - 10: - type: permit - match: - - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +- name: RM-MLAG-PEER-IN + sequence_numbers: + - sequence: 10 + type: permit + set: + - origin incomplete + description: Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing +- name: RM-CONN-2-BGP + sequence_numbers: + - sequence: 10 + type: permit + match: + - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY loopback_interfaces: - Loopback0: - description: EVPN_Overlay_Peering - shutdown: false - ip_address: 192.168.255.4/32 - Loopback1: - description: VTEP_VXLAN_Tunnel_Source - shutdown: false - ip_address: 192.168.254.3/32 - Loopback100: - description: Tenant_A_OP_Zone_VTEP_DIAGNOSTICS - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address: 10.255.1.4/32 +- name: Loopback0 + description: EVPN_Overlay_Peering + shutdown: false + ip_address: 192.168.255.4/32 +- name: Loopback1 + description: VTEP_VXLAN_Tunnel_Source + shutdown: false + ip_address: 192.168.254.3/32 +- name: Loopback100 + description: Tenant_A_OP_Zone_VTEP_DIAGNOSTICS + shutdown: false + vrf: Tenant_A_OP_Zone + ip_address: 10.255.1.4/32 prefix_lists: - PL-LOOPBACKS-EVPN-OVERLAY: - sequence_numbers: - 10: - action: permit 192.168.255.0/24 eq 32 - 20: - action: permit 192.168.254.0/24 eq 32 +- name: PL-LOOPBACKS-EVPN-OVERLAY + sequence_numbers: + - sequence: 10 + action: permit 192.168.255.0/24 eq 32 + - sequence: 20 + action: permit 192.168.254.0/24 eq 32 router_bfd: multihop: interval: 1200 @@ -813,73 +870,73 @@ router_bfd: multiplier: 3 ip_igmp_snooping: globally_enabled: true +ip_virtual_router_mac_address: 00:1c:73:00:dc:01 vxlan_interface: Vxlan1: description: DC1-LEAF1B_VTEP vxlan: + udp_port: 4789 source_interface: Loopback1 virtual_router_encapsulation_mac_address: mlag-system-id - udp_port: 4789 vlans: - 130: - vni: 10130 - 131: - vni: 10131 - 140: - vni: 10140 - 141: - vni: 10141 - 110: - vni: 10110 - 111: - vni: 50111 - 112: - vni: 50112 - 150: - vni: 10150 - 120: - vni: 10120 - 121: - vni: 10121 - 160: - vni: 55160 - 161: - vni: 10161 - 210: - vni: 20210 - 211: - vni: 20211 - 250: - vni: 20250 - 310: - vni: 30310 - 311: - vni: 30311 - 350: - vni: 30350 + - id: 130 + vni: 10130 + - id: 131 + vni: 10131 + - id: 140 + vni: 10140 + - id: 141 + vni: 10141 + - id: 110 + vni: 10110 + - id: 111 + vni: 50111 + - id: 112 + vni: 50112 + - id: 150 + vni: 10150 + - id: 120 + vni: 10120 + - id: 121 + vni: 10121 + - id: 160 + vni: 55160 + - id: 161 + vni: 10161 + - id: 210 + vni: 20210 + - id: 211 + vni: 20211 + - id: 250 + vni: 20250 + - id: 310 + vni: 30310 + - id: 311 + vni: 30311 + - id: 350 + vni: 30350 vrfs: - Tenant_A_APP_Zone: - vni: 12 - Tenant_A_DB_Zone: - vni: 13 - Tenant_A_OP_Zone: - vni: 10 - Tenant_A_WAN_Zone: - vni: 14 - Tenant_A_WEB_Zone: - vni: 11 - Tenant_B_OP_Zone: - vni: 20 - Tenant_B_WAN_Zone: - vni: 21 - Tenant_C_OP_Zone: - vni: 30 - Tenant_C_WAN_Zone: - vni: 31 + - name: Tenant_A_APP_Zone + vni: 12 + - name: Tenant_A_DB_Zone + vni: 13 + - name: Tenant_A_OP_Zone + vni: 10 + - name: Tenant_A_WAN_Zone + vni: 14 + - name: Tenant_A_WEB_Zone + vni: 11 + - name: Tenant_B_OP_Zone + vni: 20 + - name: Tenant_B_WAN_Zone + vni: 21 + - name: Tenant_C_OP_Zone + vni: 30 + - name: Tenant_C_WAN_Zone + vni: 31 virtual_source_nat_vrfs: - Tenant_A_OP_Zone: - ip_address: 10.255.1.4 -ip_virtual_router_mac_address: 00:1c:73:00:dc:01 +- name: Tenant_A_OP_Zone + ip_address: 10.255.1.4 ntp: local_interface: name: Management1 diff --git a/inventory/intended/structured_configs/DC1-LEAF2A-debug-vars.yml b/inventory/intended/structured_configs/DC1-LEAF2A-debug-vars.yml index f265a25d..eaa70eaa 100644 --- a/inventory/intended/structured_configs/DC1-LEAF2A-debug-vars.yml +++ b/inventory/intended/structured_configs/DC1-LEAF2A-debug-vars.yml @@ -20,7 +20,8 @@ local_users: privilege: 15 role: network-admin sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -cvp_instance_ip: 10.255.0.1 +cvp_instance_ips: +- 10.255.0.1 cvp_ingestauth_key: '' mgmt_interface: Management1 mgmt_interface_vrf: MGMT @@ -39,13 +40,13 @@ custom_structured_configuration_ntp: - name: 1.fr.pool.ntp.org vrf: MGMT fabric_name: DC1_FABRIC -vxlan_vlan_aware_bundles: true +evpn_vlan_aware_bundles: true bgp_peer_groups: - IPv4_UNDERLAY_PEERS: + ipv4_underlay_peers: password: AQQvKeimxJu+uGQ/yYvv9w== - EVPN_OVERLAY_PEERS: + evpn_overlay_peers: password: q+VNViP5i4rVjW1cxFv2wA== - MLAG_IPv4_UNDERLAY_PEER: + mlag_ipv4_underlay_peer: password: vnEaG8gMeQf3d3cN6PktXQ== spine: defaults: @@ -197,8 +198,7 @@ servers: server01: rack: RackA adapters: - - type: nic - server_ports: + - endpoint_ports: - Eth0 switch_ports: - Ethernet5 @@ -208,8 +208,7 @@ servers: server02: rack: RackA adapters: - - type: nic - server_ports: + - endpoint_ports: - Eth0 switch_ports: - Ethernet5 @@ -255,7 +254,7 @@ tenants: - web - erp1 enabled: true - ip_subnet: 10.1.20.0/24 + ip_address_virtual: 10.1.20.1/24 121: name: Tenant_A_WEBZone_2 tags: @@ -271,7 +270,7 @@ tenants: - app - erp1 enabled: true - ip_subnet: 10.1.30.0/24 + ip_address_virtual: 10.1.30.1/24 131: name: Tenant_A_APP_Zone_2 tags: @@ -324,7 +323,7 @@ tenants: tags: - opzone enabled: true - ip_subnet: 10.2.10.0/24 + ip_address_virtual: 10.2.10.1/24 211: name: Tenant_B_OP_Zone_2 tags: @@ -351,13 +350,13 @@ tenants: tags: - opzone enabled: true - ip_subnet: 10.3.10.0/24 + ip_address_virtual: 10.3.10.1/24 311: name: Tenant_C_OP_Zone_2 tags: - opzone enabled: true - ip_subnet: 10.3.11.1/24 + ip_address_virtual: 10.3.11.1/24 Tenant_C_WAN_Zone: vrf_vni: 31 svis: @@ -366,9 +365,9 @@ tenants: tags: - wan enabled: true - ip_subnet: 10.3.50.1/24 -inventory_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml -inventory_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory + ip_address_virtual: 10.3.50.1/24 +inventory_file: /home/colin/temp/ansible-avd-cloudvision-demo/inventory/inventory.yml +inventory_dir: /home/colin/temp/ansible-avd-cloudvision-demo/inventory ansible_host: 10.255.0.15 inventory_hostname: DC1-LEAF2A inventory_hostname_short: DC1-LEAF2A @@ -380,423 +379,846 @@ group_names: - DC1_SERVERS - DC1_TENANTS_NETWORKS ansible_facts: - switch: - type: l3leaf - node_type_key: l3leaf - connected_endpoints: true - default_evpn_role: client - mlag_support: true - network_services_l2: true - network_services_l3: true - underlay_router: true - uplink_type: p2p - vtep: true - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_LEAF2 - id: 3 - mgmt_ip: 10.255.0.15/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - all - filter_tags: - - all - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - virtual_router_mac_address: 00:1c:73:00:dc:01 - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: - - DC1-SPINE1 - - DC1-SPINE2 - uplink_switch_interfaces: - - Ethernet3 - - Ethernet3 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 2 - uplink_ipv4_pool: 172.31.255.0/24 - router_id: 192.168.255.5 - bgp_as: '65102' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: client - evpn_route_servers: - - DC1-SPINE1 - - DC1-SPINE2 - mlag: true - mlag_group: DC1_LEAF2 - mlag_ibgp_origin_incomplete: true - mlag_peer_vlan: 4094 - mlag_dual_primary_detection: false - mlag_interfaces: - - Ethernet3 - - Ethernet4 - mlag_l3: true - mlag_peer_l3_vlan: 4093 - mlag_role: primary - mlag_peer: DC1-LEAF2B - mlag_peer_mgmt_ip: 10.255.0.16 - mlag_ip: 10.255.252.4 - mlag_peer_ip: 10.255.252.5 - mlag_l3_ip: 10.255.251.4 - mlag_peer_l3_ip: 10.255.251.5 - vtep_loopback_ipv4_pool: 192.168.254.0/24 - vtep_loopback: Loopback1 - vtep_ip: 192.168.254.5 - evpn_services_l2_only: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_DB_Zone: - svis: - - 140 - - 141 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WAN_Zone: - svis: - - 150 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: - - 160 - - 161 - Tenant_B: - vrfs: - Tenant_B_OP_Zone: - svis: - - 210 - - 211 - Tenant_B_WAN_Zone: - svis: - - 250 - l2vlans: [] - Tenant_C: - vrfs: - Tenant_C_OP_Zone: - svis: - - 310 - - 311 - Tenant_C_WAN_Zone: - svis: - - 350 - l2vlans: [] - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 - topology: - links: - Ethernet1: + avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF1A + - DC1-LEAF1B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF2A + - DC1-LEAF2B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + avd_topology_peers: + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF2A: + - DC1-L2LEAF2A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF1A + - DC1-LEAF1B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF2A + - DC1-LEAF2B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 peer: DC1-SPINE1 peer_interface: Ethernet3 peer_type: spine + peer_is_deployed: true peer_bgp_as: '65001' type: underlay_p2p ip_address: 172.31.255.9 peer_ip_address: 172.31.255.8 - Ethernet2: + - interface: Ethernet2 peer: DC1-SPINE2 peer_interface: Ethernet3 peer_type: spine + peer_is_deployed: true peer_bgp_as: '65001' type: underlay_p2p ip_address: 172.31.255.11 peer_ip_address: 172.31.255.10 - peers: - - DC1-SPINE1 - - DC1-SPINE2 - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -switch: - type: l3leaf - node_type_key: l3leaf - connected_endpoints: true - default_evpn_role: client - mlag_support: true - network_services_l2: true - network_services_l3: true - underlay_router: true - uplink_type: p2p - vtep: true - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_LEAF2 - id: 3 - mgmt_ip: 10.255.0.15/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - all - filter_tags: - - all - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - virtual_router_mac_address: 00:1c:73:00:dc:01 - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: - - DC1-SPINE1 - - DC1-SPINE2 - uplink_switch_interfaces: - - Ethernet3 - - Ethernet3 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 2 - uplink_ipv4_pool: 172.31.255.0/24 - router_id: 192.168.255.5 - bgp_as: '65102' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: client - evpn_route_servers: - - DC1-SPINE1 - - DC1-SPINE2 - mlag: true - mlag_group: DC1_LEAF2 - mlag_ibgp_origin_incomplete: true - mlag_peer_vlan: 4094 - mlag_dual_primary_detection: false - mlag_interfaces: - - Ethernet3 - - Ethernet4 - mlag_l3: true - mlag_peer_l3_vlan: 4093 - mlag_role: primary - mlag_peer: DC1-LEAF2B - mlag_peer_mgmt_ip: 10.255.0.16 - mlag_ip: 10.255.252.4 - mlag_peer_ip: 10.255.252.5 - mlag_l3_ip: 10.255.251.4 - mlag_peer_l3_ip: 10.255.251.5 - vtep_loopback_ipv4_pool: 192.168.254.0/24 - vtep_loopback: Loopback1 - vtep_ip: 192.168.254.5 - evpn_services_l2_only: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_DB_Zone: - svis: - - 140 - - 141 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WAN_Zone: - svis: - - 150 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: - - 160 - - 161 - Tenant_B: - vrfs: - Tenant_B_OP_Zone: - svis: - - 210 - - 211 - Tenant_B_WAN_Zone: - svis: - - 250 - l2vlans: [] - Tenant_C: - vrfs: - Tenant_C_OP_Zone: - svis: - - 310 - - 311 - Tenant_C_WAN_Zone: - svis: - - 350 - l2vlans: [] - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -topology: - links: - Ethernet1: - peer: DC1-SPINE1 - peer_interface: Ethernet3 - peer_type: spine - peer_bgp_as: '65001' - type: underlay_p2p - ip_address: 172.31.255.9 - peer_ip_address: 172.31.255.8 - Ethernet2: - peer: DC1-SPINE2 - peer_interface: Ethernet3 - peer_type: spine - peer_bgp_as: '65001' - type: underlay_p2p - ip_address: 172.31.255.11 - peer_ip_address: 172.31.255.10 - peers: - - DC1-SPINE1 - - DC1-SPINE2 - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -playbook_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/playbooks -ansible_playbook_python: /Users/tgrimonet/.pyenv/versions/3.9.7/envs/arista-avd-demo/bin/python3.9 -ansible_config_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/ansible.cfg + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] +avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_topology_peers: + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF2A: + - DC1-L2LEAF2A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_requirements: + failed: false + changed: false +playbook_dir: /home/colin/temp/ansible-avd-cloudvision-demo/playbooks +ansible_playbook_python: /home/colin/act-single-dc/.venv/bin/python3 +ansible_config_file: /home/colin/temp/ansible-avd-cloudvision-demo/ansible.cfg groups: all: - cv_ztp - cv_server - DC1-SPINE1 - DC1-SPINE2 + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A ungrouped: [] CVP: - cv_ztp @@ -813,12 +1235,12 @@ groups: DC1_FABRIC: - DC1-SPINE1 - DC1-SPINE2 + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A DC1_SPINES: - DC1-SPINE1 - DC1-SPINE2 @@ -841,31 +1263,31 @@ groups: DC1_L2LEAF2: - DC1-L2LEAF2A DC1_TENANTS_NETWORKS: + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B + DC1_SERVERS: - DC1-L2LEAF1A - DC1-L2LEAF2A - DC1_SERVERS: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A -omit: __omit_place_holder__977da4f00604c643da39a9f2175c10b09f0b2380 +omit: __omit_place_holder__ab9c18ca0c75d03d3972f5ad58a93aebf5c2084c ansible_version: - string: 2.10.14 - full: 2.10.14 + string: 2.16.3 + full: 2.16.3 major: 2 - minor: 10 - revision: 14 + minor: 16 + revision: 3 ansible_check_mode: false ansible_diff_mode: false ansible_forks: 5 ansible_inventory_sources: -- /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml +- /home/colin/temp/ansible-avd-cloudvision-demo/inventory/inventory.yml ansible_skip_tags: [] ansible_run_tags: - build diff --git a/inventory/intended/structured_configs/DC1-LEAF2A.yml b/inventory/intended/structured_configs/DC1-LEAF2A.yml index ea0e2ceb..b691c19e 100644 --- a/inventory/intended/structured_configs/DC1-LEAF2A.yml +++ b/inventory/intended/structured_configs/DC1-LEAF2A.yml @@ -1,3 +1,7 @@ +hostname: DC1-LEAF2A +metadata: + platform: vEOS-LAB +is_deployed: true router_bgp: as: '65102' router_id: 192.168.255.5 @@ -6,291 +10,340 @@ router_bgp: - distance bgp 20 200 200 - graceful-restart restart-time 300 - graceful-restart - - maximum-paths 4 ecmp 4 + bgp: + default: + ipv4_unicast: false + maximum_paths: + paths: 4 + ecmp: 4 + updates: + wait_install: true peer_groups: - MLAG-IPv4-UNDERLAY-PEER: - type: ipv4 - remote_as: '65102' - next_hop_self: true - password: vnEaG8gMeQf3d3cN6PktXQ== - maximum_routes: 12000 - send_community: all - route_map_in: RM-MLAG-PEER-IN - IPv4-UNDERLAY-PEERS: - type: ipv4 - password: AQQvKeimxJu+uGQ/yYvv9w== - maximum_routes: 12000 - send_community: all - EVPN-OVERLAY-PEERS: - type: evpn - update_source: Loopback0 - bfd: true - ebgp_multihop: '3' - password: q+VNViP5i4rVjW1cxFv2wA== - send_community: all - maximum_routes: 0 + - name: MLAG-IPv4-UNDERLAY-PEER + type: ipv4 + remote_as: '65102' + next_hop_self: true + description: DC1-LEAF2B + password: vnEaG8gMeQf3d3cN6PktXQ== + maximum_routes: 12000 + send_community: all + route_map_in: RM-MLAG-PEER-IN + - name: IPv4-UNDERLAY-PEERS + type: ipv4 + password: AQQvKeimxJu+uGQ/yYvv9w== + maximum_routes: 12000 + send_community: all + - name: EVPN-OVERLAY-PEERS + type: evpn + update_source: Loopback0 + bfd: true + password: q+VNViP5i4rVjW1cxFv2wA== + send_community: all + maximum_routes: 0 + ebgp_multihop: 3 address_family_ipv4: peer_groups: - MLAG-IPv4-UNDERLAY-PEER: - activate: true - IPv4-UNDERLAY-PEERS: - activate: true - EVPN-OVERLAY-PEERS: - activate: false + - name: MLAG-IPv4-UNDERLAY-PEER + activate: true + - name: IPv4-UNDERLAY-PEERS + activate: true + - name: EVPN-OVERLAY-PEERS + activate: false neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - description: DC1-LEAF2B - 172.31.255.8: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65001' - description: DC1-SPINE1_Ethernet3 - 172.31.255.10: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65001' - description: DC1-SPINE2_Ethernet3 - 192.168.255.1: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-SPINE1 - remote_as: '65001' - 192.168.255.2: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-SPINE2 - remote_as: '65001' + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + peer: DC1-LEAF2B + description: DC1-LEAF2B + - ip_address: 172.31.255.8 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65001' + peer: DC1-SPINE1 + description: DC1-SPINE1_Ethernet3 + - ip_address: 172.31.255.10 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65001' + peer: DC1-SPINE2 + description: DC1-SPINE2_Ethernet3 + - ip_address: 192.168.255.1 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-SPINE1 + description: DC1-SPINE1 + remote_as: '65001' + - ip_address: 192.168.255.2 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-SPINE2 + description: DC1-SPINE2 + remote_as: '65001' redistribute_routes: - connected: - route_map: RM-CONN-2-BGP + - source_protocol: connected + route_map: RM-CONN-2-BGP address_family_evpn: peer_groups: - EVPN-OVERLAY-PEERS: - activate: true + - name: EVPN-OVERLAY-PEERS + activate: true vrfs: - Tenant_A_APP_Zone: - router_id: 192.168.255.5 - rd: 192.168.255.5:12 - route_targets: - import: - evpn: - - '12:12' - export: - evpn: - - '12:12' - neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_DB_Zone: - router_id: 192.168.255.5 - rd: 192.168.255.5:13 - route_targets: - import: - evpn: - - '13:13' - export: - evpn: - - '13:13' - neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_OP_Zone: - router_id: 192.168.255.5 - rd: 192.168.255.5:10 - route_targets: - import: - evpn: - - '10:10' - export: - evpn: - - '10:10' - neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_WAN_Zone: - router_id: 192.168.255.5 - rd: 192.168.255.5:14 - route_targets: - import: - evpn: - - '14:14' - export: - evpn: - - '14:14' - neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_WEB_Zone: - router_id: 192.168.255.5 - rd: 192.168.255.5:11 - route_targets: - import: - evpn: - - '11:11' - export: - evpn: - - '11:11' - neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_B_OP_Zone: - router_id: 192.168.255.5 - rd: 192.168.255.5:20 - route_targets: - import: - evpn: - - '20:20' - export: - evpn: - - '20:20' - neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_B_WAN_Zone: - router_id: 192.168.255.5 - rd: 192.168.255.5:21 - route_targets: - import: - evpn: - - '21:21' - export: - evpn: - - '21:21' - neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_C_OP_Zone: - router_id: 192.168.255.5 - rd: 192.168.255.5:30 - route_targets: - import: - evpn: - - '30:30' - export: - evpn: - - '30:30' - neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_C_WAN_Zone: - router_id: 192.168.255.5 - rd: 192.168.255.5:31 - route_targets: - import: - evpn: - - '31:31' - export: - evpn: - - '31:31' - neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - vlan_aware_bundles: - Tenant_A_APP_Zone: - rd: 192.168.255.5:12 - route_targets: - both: + - name: Tenant_A_APP_Zone + router_id: 192.168.255.5 + rd: 192.168.255.5:12 + route_targets: + import: + - address_family: evpn + route_targets: + - '12:12' + export: + - address_family: evpn + route_targets: - '12:12' - redistribute_routes: - - learned - vlan: 130-131 - Tenant_A_DB_Zone: - rd: 192.168.255.5:13 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_A_DB_Zone + router_id: 192.168.255.5 + rd: 192.168.255.5:13 + route_targets: + import: + - address_family: evpn + route_targets: + - '13:13' + export: + - address_family: evpn + route_targets: - '13:13' - redistribute_routes: - - learned - vlan: 140-141 - Tenant_A_OP_Zone: - rd: 192.168.255.5:10 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_A_OP_Zone + router_id: 192.168.255.5 + rd: 192.168.255.5:10 + route_targets: + import: + - address_family: evpn + route_targets: + - '10:10' + export: + - address_family: evpn + route_targets: - '10:10' - redistribute_routes: - - learned - vlan: 110-112 - Tenant_A_WAN_Zone: - rd: 192.168.255.5:14 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_A_WAN_Zone + router_id: 192.168.255.5 + rd: 192.168.255.5:14 + route_targets: + import: + - address_family: evpn + route_targets: - '14:14' - redistribute_routes: - - learned - vlan: 150 - Tenant_A_WEB_Zone: - rd: 192.168.255.5:11 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '14:14' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_A_WEB_Zone + router_id: 192.168.255.5 + rd: 192.168.255.5:11 + route_targets: + import: + - address_family: evpn + route_targets: - '11:11' - redistribute_routes: - - learned - vlan: 120-121 - Tenant_A_VMOTION: - tenant: Tenant_A - rd: 192.168.255.5:55160 - route_targets: - both: - - 55160:55160 - redistribute_routes: - - learned - vlan: 160 - Tenant_A_NFS: - tenant: Tenant_A - rd: 192.168.255.5:10161 - route_targets: - both: - - 10161:10161 - redistribute_routes: - - learned - vlan: 161 - Tenant_B_OP_Zone: - rd: 192.168.255.5:20 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '11:11' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_B_OP_Zone + router_id: 192.168.255.5 + rd: 192.168.255.5:20 + route_targets: + import: + - address_family: evpn + route_targets: - '20:20' - redistribute_routes: - - learned - vlan: 210-211 - Tenant_B_WAN_Zone: - rd: 192.168.255.5:21 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '20:20' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_B_WAN_Zone + router_id: 192.168.255.5 + rd: 192.168.255.5:21 + route_targets: + import: + - address_family: evpn + route_targets: - '21:21' - redistribute_routes: - - learned - vlan: 250 - Tenant_C_OP_Zone: - rd: 192.168.255.5:30 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '21:21' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_C_OP_Zone + router_id: 192.168.255.5 + rd: 192.168.255.5:30 + route_targets: + import: + - address_family: evpn + route_targets: + - '30:30' + export: + - address_family: evpn + route_targets: - '30:30' - redistribute_routes: - - learned - vlan: 310-311 - Tenant_C_WAN_Zone: - rd: 192.168.255.5:31 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_C_WAN_Zone + router_id: 192.168.255.5 + rd: 192.168.255.5:31 + route_targets: + import: + - address_family: evpn + route_targets: + - '31:31' + export: + - address_family: evpn + route_targets: - '31:31' - redistribute_routes: - - learned - vlan: 350 + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + vlan_aware_bundles: + - name: Tenant_A_APP_Zone + rd: 192.168.255.5:12 + route_targets: + both: + - '12:12' + redistribute_routes: + - learned + vlan: 130-131 + - name: Tenant_A_DB_Zone + rd: 192.168.255.5:13 + route_targets: + both: + - '13:13' + redistribute_routes: + - learned + vlan: 140-141 + - name: Tenant_A_OP_Zone + rd: 192.168.255.5:10 + route_targets: + both: + - '10:10' + redistribute_routes: + - learned + vlan: 110-112 + - name: Tenant_A_WAN_Zone + rd: 192.168.255.5:14 + route_targets: + both: + - '14:14' + redistribute_routes: + - learned + vlan: '150' + - name: Tenant_A_WEB_Zone + rd: 192.168.255.5:11 + route_targets: + both: + - '11:11' + redistribute_routes: + - learned + vlan: 120-121 + - name: Tenant_A_NFS + tenant: Tenant_A + rd: 192.168.255.5:10161 + route_targets: + both: + - 10161:10161 + redistribute_routes: + - learned + vlan: '161' + - name: Tenant_A_VMOTION + tenant: Tenant_A + rd: 192.168.255.5:55160 + route_targets: + both: + - 55160:55160 + redistribute_routes: + - learned + vlan: '160' + - name: Tenant_B_OP_Zone + rd: 192.168.255.5:20 + route_targets: + both: + - '20:20' + redistribute_routes: + - learned + vlan: 210-211 + - name: Tenant_B_WAN_Zone + rd: 192.168.255.5:21 + route_targets: + both: + - '21:21' + redistribute_routes: + - learned + vlan: '250' + - name: Tenant_C_OP_Zone + rd: 192.168.255.5:30 + route_targets: + both: + - '30:30' + redistribute_routes: + - learned + vlan: 310-311 + - name: Tenant_C_WAN_Zone + rd: 192.168.255.5:31 + route_targets: + both: + - '31:31' + redistribute_routes: + - learned + vlan: '350' static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 @@ -302,6 +355,7 @@ daemon_terminattr: - 10.255.0.1:9910 cvauth: method: key + key: '' cvvrf: MGMT smashexcludes: ale,flexCounter,hardware,kni,pulse,strata ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent @@ -311,501 +365,504 @@ vlan_internal_order: range: beginning: 1006 ending: 1199 -name_server: - source: - vrf: MGMT - nodes: - - 192.168.2.1 - - 8.8.8.8 +ip_name_servers: +- ip_address: 192.168.2.1 + vrf: MGMT +- ip_address: 8.8.8.8 + vrf: MGMT spanning_tree: mode: mstp mst_instances: - '0': - priority: 16384 + - id: '0' + priority: 16384 no_spanning_tree_vlan: 4093-4094 local_users: - admin: - privilege: 15 - role: network-admin - sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 - ansible: - privilege: 15 - role: network-admin - sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ - cvpadmin: - privilege: 15 - role: network-admin - sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +- name: admin + privilege: 15 + role: network-admin + sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 +- name: ansible + privilege: 15 + role: network-admin + sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ +- name: cvpadmin + privilege: 15 + role: network-admin + sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. vrfs: - MGMT: - ip_routing: false - Tenant_A_APP_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_DB_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_OP_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_WAN_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_WEB_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_B_OP_Zone: - tenant: Tenant_B - ip_routing: true - Tenant_B_WAN_Zone: - tenant: Tenant_B - ip_routing: true - Tenant_C_OP_Zone: - tenant: Tenant_C - ip_routing: true - Tenant_C_WAN_Zone: - tenant: Tenant_C - ip_routing: true +- name: MGMT + ip_routing: false +- name: Tenant_A_APP_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_DB_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_OP_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_WAN_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_WEB_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_B_OP_Zone + tenant: Tenant_B + ip_routing: true +- name: Tenant_B_WAN_Zone + tenant: Tenant_B + ip_routing: true +- name: Tenant_C_OP_Zone + tenant: Tenant_C + ip_routing: true +- name: Tenant_C_WAN_Zone + tenant: Tenant_C + ip_routing: true management_interfaces: - Management1: - description: oob_management - shutdown: false - vrf: MGMT - ip_address: 10.255.0.15/24 - gateway: 10.255.0.1 - type: oob +- name: Management1 + description: oob_management + shutdown: false + vrf: MGMT + ip_address: 10.255.0.15/24 + gateway: 10.255.0.1 + type: oob management_api_http: enable_vrfs: - MGMT: {} + - name: MGMT enable_https: true vlans: - 4093: - tenant: system - name: LEAF_PEER_L3 - trunk_groups: - - LEAF_PEER_L3 - 4094: - tenant: system - name: MLAG_PEER - trunk_groups: - - MLAG - 130: - tenant: Tenant_A - name: Tenant_A_APP_Zone_1 - 131: - tenant: Tenant_A - name: Tenant_A_APP_Zone_2 - 3011: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_APP_Zone - trunk_groups: - - LEAF_PEER_L3 - 140: - tenant: Tenant_A - name: Tenant_A_DB_BZone_1 - 141: - tenant: Tenant_A - name: Tenant_A_DB_Zone_2 - 3012: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_DB_Zone - trunk_groups: - - LEAF_PEER_L3 - 110: - tenant: Tenant_A - name: Tenant_A_OP_Zone_1 - 111: - tenant: Tenant_A - name: Tenant_A_OP_Zone_2 - 112: - tenant: Tenant_A - name: Tenant_A_OP_Zone_3 - 3009: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 150: - tenant: Tenant_A - name: Tenant_A_WAN_Zone_1 - 3013: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 - 120: - tenant: Tenant_A - name: Tenant_A_WEB_Zone_1 - 121: - tenant: Tenant_A - name: Tenant_A_WEBZone_2 - 3010: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_WEB_Zone - trunk_groups: - - LEAF_PEER_L3 - 160: - tenant: Tenant_A - name: Tenant_A_VMOTION - 161: - tenant: Tenant_A - name: Tenant_A_NFS - 210: - tenant: Tenant_B - name: Tenant_B_OP_Zone_1 - 211: - tenant: Tenant_B - name: Tenant_B_OP_Zone_2 - 3019: - tenant: Tenant_B - name: MLAG_iBGP_Tenant_B_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 250: - tenant: Tenant_B - name: Tenant_B_WAN_Zone_1 - 3020: - tenant: Tenant_B - name: MLAG_iBGP_Tenant_B_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 - 310: - tenant: Tenant_C - name: Tenant_C_OP_Zone_1 - 311: - tenant: Tenant_C - name: Tenant_C_OP_Zone_2 - 3029: - tenant: Tenant_C - name: MLAG_iBGP_Tenant_C_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 350: - tenant: Tenant_C - name: Tenant_C_WAN_Zone_1 - 3030: - tenant: Tenant_C - name: MLAG_iBGP_Tenant_C_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 +- id: 4093 + tenant: system + name: LEAF_PEER_L3 + trunk_groups: + - LEAF_PEER_L3 +- id: 4094 + tenant: system + name: MLAG_PEER + trunk_groups: + - MLAG +- id: 130 + name: Tenant_A_APP_Zone_1 + tenant: Tenant_A +- id: 131 + name: Tenant_A_APP_Zone_2 + tenant: Tenant_A +- id: 3011 + name: MLAG_iBGP_Tenant_A_APP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 140 + name: Tenant_A_DB_BZone_1 + tenant: Tenant_A +- id: 141 + name: Tenant_A_DB_Zone_2 + tenant: Tenant_A +- id: 3012 + name: MLAG_iBGP_Tenant_A_DB_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 110 + name: Tenant_A_OP_Zone_1 + tenant: Tenant_A +- id: 111 + name: Tenant_A_OP_Zone_2 + tenant: Tenant_A +- id: 112 + name: Tenant_A_OP_Zone_3 + tenant: Tenant_A +- id: 3009 + name: MLAG_iBGP_Tenant_A_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 150 + name: Tenant_A_WAN_Zone_1 + tenant: Tenant_A +- id: 3013 + name: MLAG_iBGP_Tenant_A_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 120 + name: Tenant_A_WEB_Zone_1 + tenant: Tenant_A +- id: 121 + name: Tenant_A_WEBZone_2 + tenant: Tenant_A +- id: 3010 + name: MLAG_iBGP_Tenant_A_WEB_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 160 + name: Tenant_A_VMOTION + tenant: Tenant_A +- id: 161 + name: Tenant_A_NFS + tenant: Tenant_A +- id: 210 + name: Tenant_B_OP_Zone_1 + tenant: Tenant_B +- id: 211 + name: Tenant_B_OP_Zone_2 + tenant: Tenant_B +- id: 3019 + name: MLAG_iBGP_Tenant_B_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_B +- id: 250 + name: Tenant_B_WAN_Zone_1 + tenant: Tenant_B +- id: 3020 + name: MLAG_iBGP_Tenant_B_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_B +- id: 310 + name: Tenant_C_OP_Zone_1 + tenant: Tenant_C +- id: 311 + name: Tenant_C_OP_Zone_2 + tenant: Tenant_C +- id: 3029 + name: MLAG_iBGP_Tenant_C_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_C +- id: 350 + name: Tenant_C_WAN_Zone_1 + tenant: Tenant_C +- id: 3030 + name: MLAG_iBGP_Tenant_C_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_C vlan_interfaces: - Vlan4093: - description: MLAG_PEER_L3_PEERING - shutdown: false - ip_address: 10.255.251.4/31 - mtu: 1500 - Vlan4094: - description: MLAG_PEER - shutdown: false - ip_address: 10.255.252.4/31 - no_autostate: true - mtu: 1500 - Vlan130: - tenant: Tenant_A - tags: - - app - - erp1 - description: Tenant_A_APP_Zone_1 - shutdown: false - vrf: Tenant_A_APP_Zone - Vlan131: - tenant: Tenant_A - tags: - - app - description: Tenant_A_APP_Zone_2 - shutdown: false - vrf: Tenant_A_APP_Zone - ip_address_virtual: 10.1.31.254/24 - Vlan3011: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone' - vrf: Tenant_A_APP_Zone - ip_address: 10.255.251.4/31 - mtu: 1500 - Vlan140: - tenant: Tenant_A - tags: - - db - - erp1 - description: Tenant_A_DB_BZone_1 - shutdown: false - vrf: Tenant_A_DB_Zone - ip_address_virtual: 10.1.40.1/24 - Vlan141: - tenant: Tenant_A - tags: - - db - description: Tenant_A_DB_Zone_2 - shutdown: false - vrf: Tenant_A_DB_Zone - ip_address_virtual: 10.1.41.1/24 - Vlan3012: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone' - vrf: Tenant_A_DB_Zone - ip_address: 10.255.251.4/31 - mtu: 1500 - Vlan110: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_1 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.10.1/24 - Vlan111: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_2 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.11.1/24 - Vlan112: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_3 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.12.254/24 - Vlan3009: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone' - vrf: Tenant_A_OP_Zone - ip_address: 10.255.251.4/31 - mtu: 1500 - Vlan150: - tenant: Tenant_A - tags: - - wan - description: Tenant_A_WAN_Zone_1 - shutdown: false - vrf: Tenant_A_WAN_Zone - ip_address_virtual: 10.1.40.1/24 - Vlan3013: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone' - vrf: Tenant_A_WAN_Zone - ip_address: 10.255.251.4/31 - mtu: 1500 - Vlan120: - tenant: Tenant_A - tags: - - web - - erp1 - description: Tenant_A_WEB_Zone_1 - shutdown: false - vrf: Tenant_A_WEB_Zone - Vlan121: - tenant: Tenant_A - tags: - - web - description: Tenant_A_WEBZone_2 - shutdown: false - vrf: Tenant_A_WEB_Zone - ip_address_virtual: 10.1.21.1/24 - Vlan3010: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone' - vrf: Tenant_A_WEB_Zone - ip_address: 10.255.251.4/31 - mtu: 1500 - Vlan210: - tenant: Tenant_B - tags: - - opzone - description: Tenant_B_OP_Zone_1 - shutdown: false - vrf: Tenant_B_OP_Zone - Vlan211: - tenant: Tenant_B - tags: - - opzone - description: Tenant_B_OP_Zone_2 - shutdown: false - vrf: Tenant_B_OP_Zone - ip_address_virtual: 10.2.11.1/24 - Vlan3019: - tenant: Tenant_B - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone' - vrf: Tenant_B_OP_Zone - ip_address: 10.255.251.4/31 - mtu: 1500 - Vlan250: - tenant: Tenant_B - tags: - - wan - description: Tenant_B_WAN_Zone_1 - shutdown: false - vrf: Tenant_B_WAN_Zone - ip_address_virtual: 10.2.50.1/24 - Vlan3020: - tenant: Tenant_B - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone' - vrf: Tenant_B_WAN_Zone - ip_address: 10.255.251.4/31 - mtu: 1500 - Vlan310: - tenant: Tenant_C - tags: - - opzone - description: Tenant_C_OP_Zone_1 - shutdown: false - vrf: Tenant_C_OP_Zone - Vlan311: - tenant: Tenant_C - tags: - - opzone - description: Tenant_C_OP_Zone_2 - shutdown: false - vrf: Tenant_C_OP_Zone - Vlan3029: - tenant: Tenant_C - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone' - vrf: Tenant_C_OP_Zone - ip_address: 10.255.251.4/31 - mtu: 1500 - Vlan350: - tenant: Tenant_C - tags: - - wan - description: Tenant_C_WAN_Zone_1 - shutdown: false - vrf: Tenant_C_WAN_Zone - Vlan3030: - tenant: Tenant_C - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone' - vrf: Tenant_C_WAN_Zone - ip_address: 10.255.251.4/31 - mtu: 1500 +- name: Vlan4093 + description: MLAG_PEER_L3_PEERING + shutdown: false + mtu: 1500 + ip_address: 10.255.251.4/31 +- name: Vlan4094 + description: MLAG_PEER + shutdown: false + ip_address: 10.255.252.4/31 + no_autostate: true + mtu: 1500 +- name: Vlan130 + tenant: Tenant_A + tags: + - app + - erp1 + description: Tenant_A_APP_Zone_1 + shutdown: false + ip_address_virtual: 10.1.30.1/24 + vrf: Tenant_A_APP_Zone +- name: Vlan131 + tenant: Tenant_A + tags: + - app + description: Tenant_A_APP_Zone_2 + shutdown: false + ip_address_virtual: 10.1.31.254/24 + vrf: Tenant_A_APP_Zone +- name: Vlan3011 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone' + vrf: Tenant_A_APP_Zone + mtu: 1500 + ip_address: 10.255.251.4/31 +- name: Vlan140 + tenant: Tenant_A + tags: + - db + - erp1 + description: Tenant_A_DB_BZone_1 + shutdown: false + ip_address_virtual: 10.1.40.1/24 + vrf: Tenant_A_DB_Zone +- name: Vlan141 + tenant: Tenant_A + tags: + - db + description: Tenant_A_DB_Zone_2 + shutdown: false + ip_address_virtual: 10.1.41.1/24 + vrf: Tenant_A_DB_Zone +- name: Vlan3012 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone' + vrf: Tenant_A_DB_Zone + mtu: 1500 + ip_address: 10.255.251.4/31 +- name: Vlan110 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_1 + shutdown: false + ip_address_virtual: 10.1.10.1/24 + vrf: Tenant_A_OP_Zone +- name: Vlan111 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.1.11.1/24 + vrf: Tenant_A_OP_Zone +- name: Vlan112 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_3 + shutdown: false + ip_address_virtual: 10.1.12.254/24 + vrf: Tenant_A_OP_Zone +- name: Vlan3009 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone' + vrf: Tenant_A_OP_Zone + mtu: 1500 + ip_address: 10.255.251.4/31 +- name: Vlan150 + tenant: Tenant_A + tags: + - wan + description: Tenant_A_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.1.40.1/24 + vrf: Tenant_A_WAN_Zone +- name: Vlan3013 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone' + vrf: Tenant_A_WAN_Zone + mtu: 1500 + ip_address: 10.255.251.4/31 +- name: Vlan120 + tenant: Tenant_A + tags: + - web + - erp1 + description: Tenant_A_WEB_Zone_1 + shutdown: false + ip_address_virtual: 10.1.20.1/24 + vrf: Tenant_A_WEB_Zone +- name: Vlan121 + tenant: Tenant_A + tags: + - web + description: Tenant_A_WEBZone_2 + shutdown: false + ip_address_virtual: 10.1.21.1/24 + vrf: Tenant_A_WEB_Zone +- name: Vlan3010 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone' + vrf: Tenant_A_WEB_Zone + mtu: 1500 + ip_address: 10.255.251.4/31 +- name: Vlan210 + tenant: Tenant_B + tags: + - opzone + description: Tenant_B_OP_Zone_1 + shutdown: false + ip_address_virtual: 10.2.10.1/24 + vrf: Tenant_B_OP_Zone +- name: Vlan211 + tenant: Tenant_B + tags: + - opzone + description: Tenant_B_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.2.11.1/24 + vrf: Tenant_B_OP_Zone +- name: Vlan3019 + tenant: Tenant_B + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone' + vrf: Tenant_B_OP_Zone + mtu: 1500 + ip_address: 10.255.251.4/31 +- name: Vlan250 + tenant: Tenant_B + tags: + - wan + description: Tenant_B_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.2.50.1/24 + vrf: Tenant_B_WAN_Zone +- name: Vlan3020 + tenant: Tenant_B + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone' + vrf: Tenant_B_WAN_Zone + mtu: 1500 + ip_address: 10.255.251.4/31 +- name: Vlan310 + tenant: Tenant_C + tags: + - opzone + description: Tenant_C_OP_Zone_1 + shutdown: false + ip_address_virtual: 10.3.10.1/24 + vrf: Tenant_C_OP_Zone +- name: Vlan311 + tenant: Tenant_C + tags: + - opzone + description: Tenant_C_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.3.11.1/24 + vrf: Tenant_C_OP_Zone +- name: Vlan3029 + tenant: Tenant_C + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone' + vrf: Tenant_C_OP_Zone + mtu: 1500 + ip_address: 10.255.251.4/31 +- name: Vlan350 + tenant: Tenant_C + tags: + - wan + description: Tenant_C_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.3.50.1/24 + vrf: Tenant_C_WAN_Zone +- name: Vlan3030 + tenant: Tenant_C + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone' + vrf: Tenant_C_WAN_Zone + mtu: 1500 + ip_address: 10.255.251.4/31 port_channel_interfaces: - Port-Channel3: - description: MLAG_PEER_DC1-LEAF2B_Po3 - type: switched - shutdown: false - vlans: 2-4094 - mode: trunk - trunk_groups: - - LEAF_PEER_L3 - - MLAG - Port-Channel5: - description: DC1-L2LEAF2A_Po1 - type: switched - shutdown: false - vlans: 110-112,120-121,130-131 - mode: trunk - mlag: 5 +- name: Port-Channel3 + description: MLAG_PEER_DC1-LEAF2B_Po3 + type: switched + shutdown: false + mode: trunk + trunk_groups: + - LEAF_PEER_L3 + - MLAG +- name: Port-Channel5 + description: DC1-L2LEAF2A_Po1 + type: switched + shutdown: false + mode: trunk + vlans: 110-112,120-121,130-131 + mlag: 5 ethernet_interfaces: - Ethernet3: - peer: DC1-LEAF2B - peer_interface: Ethernet3 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF2B_Ethernet3 - type: switched - shutdown: false - channel_group: - id: 3 - mode: active - Ethernet4: - peer: DC1-LEAF2B - peer_interface: Ethernet4 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF2B_Ethernet4 - type: switched - shutdown: false - channel_group: - id: 3 - mode: active - Ethernet1: - peer: DC1-SPINE1 - peer_interface: Ethernet3 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE1_Ethernet3 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.9/31 - Ethernet2: - peer: DC1-SPINE2 - peer_interface: Ethernet3 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE2_Ethernet3 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.11/31 - Ethernet5: - peer: DC1-L2LEAF2A - peer_interface: Ethernet1 - peer_type: l2leaf - description: DC1-L2LEAF2A_Ethernet1 - type: switched - shutdown: false - channel_group: - id: 5 - mode: active +- name: Ethernet3 + peer: DC1-LEAF2B + peer_interface: Ethernet3 + peer_type: mlag_peer + description: MLAG_PEER_DC1-LEAF2B_Ethernet3 + type: port-channel-member + shutdown: false + channel_group: + id: 3 + mode: active +- name: Ethernet4 + peer: DC1-LEAF2B + peer_interface: Ethernet4 + peer_type: mlag_peer + description: MLAG_PEER_DC1-LEAF2B_Ethernet4 + type: port-channel-member + shutdown: false + channel_group: + id: 3 + mode: active +- name: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + description: P2P_LINK_TO_DC1-SPINE1_Ethernet3 + shutdown: false + mtu: 1500 + type: routed + ip_address: 172.31.255.9/31 +- name: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + description: P2P_LINK_TO_DC1-SPINE2_Ethernet3 + shutdown: false + mtu: 1500 + type: routed + ip_address: 172.31.255.11/31 +- name: Ethernet5 + peer: DC1-L2LEAF2A + peer_interface: Ethernet1 + peer_type: l2leaf + description: DC1-L2LEAF2A_Ethernet1 + shutdown: false + type: port-channel-member + channel_group: + id: 5 + mode: active mlag_configuration: domain_id: DC1_LEAF2 local_interface: Vlan4094 peer_address: 10.255.252.5 peer_link: Port-Channel3 - reload_delay_mlag: 300 - reload_delay_non_mlag: 330 + reload_delay_mlag: '300' + reload_delay_non_mlag: '330' route_maps: - RM-MLAG-PEER-IN: - sequence_numbers: - 10: - type: permit - set: - - origin incomplete - description: Make routes learned over MLAG Peer-link less preferred on spines - to ensure optimal routing - RM-CONN-2-BGP: - sequence_numbers: - 10: - type: permit - match: - - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +- name: RM-MLAG-PEER-IN + sequence_numbers: + - sequence: 10 + type: permit + set: + - origin incomplete + description: Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing +- name: RM-CONN-2-BGP + sequence_numbers: + - sequence: 10 + type: permit + match: + - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY loopback_interfaces: - Loopback0: - description: EVPN_Overlay_Peering - shutdown: false - ip_address: 192.168.255.5/32 - Loopback1: - description: VTEP_VXLAN_Tunnel_Source - shutdown: false - ip_address: 192.168.254.5/32 - Loopback100: - description: Tenant_A_OP_Zone_VTEP_DIAGNOSTICS - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address: 10.255.1.5/32 +- name: Loopback0 + description: EVPN_Overlay_Peering + shutdown: false + ip_address: 192.168.255.5/32 +- name: Loopback1 + description: VTEP_VXLAN_Tunnel_Source + shutdown: false + ip_address: 192.168.254.5/32 +- name: Loopback100 + description: Tenant_A_OP_Zone_VTEP_DIAGNOSTICS + shutdown: false + vrf: Tenant_A_OP_Zone + ip_address: 10.255.1.5/32 prefix_lists: - PL-LOOPBACKS-EVPN-OVERLAY: - sequence_numbers: - 10: - action: permit 192.168.255.0/24 eq 32 - 20: - action: permit 192.168.254.0/24 eq 32 +- name: PL-LOOPBACKS-EVPN-OVERLAY + sequence_numbers: + - sequence: 10 + action: permit 192.168.255.0/24 eq 32 + - sequence: 20 + action: permit 192.168.254.0/24 eq 32 router_bfd: multihop: interval: 1200 @@ -813,73 +870,73 @@ router_bfd: multiplier: 3 ip_igmp_snooping: globally_enabled: true +ip_virtual_router_mac_address: 00:1c:73:00:dc:01 vxlan_interface: Vxlan1: description: DC1-LEAF2A_VTEP vxlan: + udp_port: 4789 source_interface: Loopback1 virtual_router_encapsulation_mac_address: mlag-system-id - udp_port: 4789 vlans: - 130: - vni: 10130 - 131: - vni: 10131 - 140: - vni: 10140 - 141: - vni: 10141 - 110: - vni: 10110 - 111: - vni: 50111 - 112: - vni: 50112 - 150: - vni: 10150 - 120: - vni: 10120 - 121: - vni: 10121 - 160: - vni: 55160 - 161: - vni: 10161 - 210: - vni: 20210 - 211: - vni: 20211 - 250: - vni: 20250 - 310: - vni: 30310 - 311: - vni: 30311 - 350: - vni: 30350 + - id: 130 + vni: 10130 + - id: 131 + vni: 10131 + - id: 140 + vni: 10140 + - id: 141 + vni: 10141 + - id: 110 + vni: 10110 + - id: 111 + vni: 50111 + - id: 112 + vni: 50112 + - id: 150 + vni: 10150 + - id: 120 + vni: 10120 + - id: 121 + vni: 10121 + - id: 160 + vni: 55160 + - id: 161 + vni: 10161 + - id: 210 + vni: 20210 + - id: 211 + vni: 20211 + - id: 250 + vni: 20250 + - id: 310 + vni: 30310 + - id: 311 + vni: 30311 + - id: 350 + vni: 30350 vrfs: - Tenant_A_APP_Zone: - vni: 12 - Tenant_A_DB_Zone: - vni: 13 - Tenant_A_OP_Zone: - vni: 10 - Tenant_A_WAN_Zone: - vni: 14 - Tenant_A_WEB_Zone: - vni: 11 - Tenant_B_OP_Zone: - vni: 20 - Tenant_B_WAN_Zone: - vni: 21 - Tenant_C_OP_Zone: - vni: 30 - Tenant_C_WAN_Zone: - vni: 31 + - name: Tenant_A_APP_Zone + vni: 12 + - name: Tenant_A_DB_Zone + vni: 13 + - name: Tenant_A_OP_Zone + vni: 10 + - name: Tenant_A_WAN_Zone + vni: 14 + - name: Tenant_A_WEB_Zone + vni: 11 + - name: Tenant_B_OP_Zone + vni: 20 + - name: Tenant_B_WAN_Zone + vni: 21 + - name: Tenant_C_OP_Zone + vni: 30 + - name: Tenant_C_WAN_Zone + vni: 31 virtual_source_nat_vrfs: - Tenant_A_OP_Zone: - ip_address: 10.255.1.5 -ip_virtual_router_mac_address: 00:1c:73:00:dc:01 +- name: Tenant_A_OP_Zone + ip_address: 10.255.1.5 ntp: local_interface: name: Management1 diff --git a/inventory/intended/structured_configs/DC1-LEAF2B-debug-vars.yml b/inventory/intended/structured_configs/DC1-LEAF2B-debug-vars.yml index ad26eebe..b64a260d 100644 --- a/inventory/intended/structured_configs/DC1-LEAF2B-debug-vars.yml +++ b/inventory/intended/structured_configs/DC1-LEAF2B-debug-vars.yml @@ -20,7 +20,8 @@ local_users: privilege: 15 role: network-admin sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -cvp_instance_ip: 10.255.0.1 +cvp_instance_ips: +- 10.255.0.1 cvp_ingestauth_key: '' mgmt_interface: Management1 mgmt_interface_vrf: MGMT @@ -39,13 +40,13 @@ custom_structured_configuration_ntp: - name: 1.fr.pool.ntp.org vrf: MGMT fabric_name: DC1_FABRIC -vxlan_vlan_aware_bundles: true +evpn_vlan_aware_bundles: true bgp_peer_groups: - IPv4_UNDERLAY_PEERS: + ipv4_underlay_peers: password: AQQvKeimxJu+uGQ/yYvv9w== - EVPN_OVERLAY_PEERS: + evpn_overlay_peers: password: q+VNViP5i4rVjW1cxFv2wA== - MLAG_IPv4_UNDERLAY_PEER: + mlag_ipv4_underlay_peer: password: vnEaG8gMeQf3d3cN6PktXQ== spine: defaults: @@ -197,8 +198,7 @@ servers: server01: rack: RackA adapters: - - type: nic - server_ports: + - endpoint_ports: - Eth0 switch_ports: - Ethernet5 @@ -208,8 +208,7 @@ servers: server02: rack: RackA adapters: - - type: nic - server_ports: + - endpoint_ports: - Eth0 switch_ports: - Ethernet5 @@ -255,7 +254,7 @@ tenants: - web - erp1 enabled: true - ip_subnet: 10.1.20.0/24 + ip_address_virtual: 10.1.20.1/24 121: name: Tenant_A_WEBZone_2 tags: @@ -271,7 +270,7 @@ tenants: - app - erp1 enabled: true - ip_subnet: 10.1.30.0/24 + ip_address_virtual: 10.1.30.1/24 131: name: Tenant_A_APP_Zone_2 tags: @@ -324,7 +323,7 @@ tenants: tags: - opzone enabled: true - ip_subnet: 10.2.10.0/24 + ip_address_virtual: 10.2.10.1/24 211: name: Tenant_B_OP_Zone_2 tags: @@ -351,13 +350,13 @@ tenants: tags: - opzone enabled: true - ip_subnet: 10.3.10.0/24 + ip_address_virtual: 10.3.10.1/24 311: name: Tenant_C_OP_Zone_2 tags: - opzone enabled: true - ip_subnet: 10.3.11.1/24 + ip_address_virtual: 10.3.11.1/24 Tenant_C_WAN_Zone: vrf_vni: 31 svis: @@ -366,9 +365,9 @@ tenants: tags: - wan enabled: true - ip_subnet: 10.3.50.1/24 -inventory_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml -inventory_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory + ip_address_virtual: 10.3.50.1/24 +inventory_file: /home/colin/temp/ansible-avd-cloudvision-demo/inventory/inventory.yml +inventory_dir: /home/colin/temp/ansible-avd-cloudvision-demo/inventory ansible_host: 10.255.0.16 inventory_hostname: DC1-LEAF2B inventory_hostname_short: DC1-LEAF2B @@ -380,423 +379,846 @@ group_names: - DC1_SERVERS - DC1_TENANTS_NETWORKS ansible_facts: - switch: - type: l3leaf - node_type_key: l3leaf - connected_endpoints: true - default_evpn_role: client - mlag_support: true - network_services_l2: true - network_services_l3: true - underlay_router: true - uplink_type: p2p - vtep: true - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_LEAF2 - id: 4 - mgmt_ip: 10.255.0.16/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - all - filter_tags: - - all - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - virtual_router_mac_address: 00:1c:73:00:dc:01 - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: - - DC1-SPINE1 - - DC1-SPINE2 - uplink_switch_interfaces: - - Ethernet4 - - Ethernet4 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 2 - uplink_ipv4_pool: 172.31.255.0/24 - router_id: 192.168.255.6 - bgp_as: '65102' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: client - evpn_route_servers: - - DC1-SPINE1 - - DC1-SPINE2 - mlag: true - mlag_group: DC1_LEAF2 - mlag_ibgp_origin_incomplete: true - mlag_peer_vlan: 4094 - mlag_dual_primary_detection: false - mlag_interfaces: - - Ethernet3 - - Ethernet4 - mlag_l3: true - mlag_peer_l3_vlan: 4093 - mlag_role: secondary - mlag_peer: DC1-LEAF2A - mlag_peer_mgmt_ip: 10.255.0.15 - mlag_ip: 10.255.252.5 - mlag_peer_ip: 10.255.252.4 - mlag_l3_ip: 10.255.251.5 - mlag_peer_l3_ip: 10.255.251.4 - vtep_loopback_ipv4_pool: 192.168.254.0/24 - vtep_loopback: Loopback1 - vtep_ip: 192.168.254.5 - evpn_services_l2_only: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_DB_Zone: - svis: - - 140 - - 141 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WAN_Zone: - svis: - - 150 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: - - 160 - - 161 - Tenant_B: - vrfs: - Tenant_B_OP_Zone: - svis: - - 210 - - 211 - Tenant_B_WAN_Zone: - svis: - - 250 - l2vlans: [] - Tenant_C: - vrfs: - Tenant_C_OP_Zone: - svis: - - 310 - - 311 - Tenant_C_WAN_Zone: - svis: - - 350 - l2vlans: [] - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 - topology: - links: - Ethernet1: + avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF1A + - DC1-LEAF1B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF2A + - DC1-LEAF2B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + avd_topology_peers: + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF2A: + - DC1-L2LEAF2A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF1A + - DC1-LEAF1B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF2A + - DC1-LEAF2B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 peer: DC1-SPINE1 peer_interface: Ethernet4 peer_type: spine + peer_is_deployed: true peer_bgp_as: '65001' type: underlay_p2p ip_address: 172.31.255.13 peer_ip_address: 172.31.255.12 - Ethernet2: + - interface: Ethernet2 peer: DC1-SPINE2 peer_interface: Ethernet4 peer_type: spine + peer_is_deployed: true peer_bgp_as: '65001' type: underlay_p2p ip_address: 172.31.255.15 peer_ip_address: 172.31.255.14 - peers: - - DC1-SPINE1 - - DC1-SPINE2 - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -switch: - type: l3leaf - node_type_key: l3leaf - connected_endpoints: true - default_evpn_role: client - mlag_support: true - network_services_l2: true - network_services_l3: true - underlay_router: true - uplink_type: p2p - vtep: true - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_LEAF2 - id: 4 - mgmt_ip: 10.255.0.16/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - all - filter_tags: - - all - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - virtual_router_mac_address: 00:1c:73:00:dc:01 - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: - - DC1-SPINE1 - - DC1-SPINE2 - uplink_switch_interfaces: - - Ethernet4 - - Ethernet4 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 2 - uplink_ipv4_pool: 172.31.255.0/24 - router_id: 192.168.255.6 - bgp_as: '65102' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: client - evpn_route_servers: - - DC1-SPINE1 - - DC1-SPINE2 - mlag: true - mlag_group: DC1_LEAF2 - mlag_ibgp_origin_incomplete: true - mlag_peer_vlan: 4094 - mlag_dual_primary_detection: false - mlag_interfaces: - - Ethernet3 - - Ethernet4 - mlag_l3: true - mlag_peer_l3_vlan: 4093 - mlag_role: secondary - mlag_peer: DC1-LEAF2A - mlag_peer_mgmt_ip: 10.255.0.15 - mlag_ip: 10.255.252.5 - mlag_peer_ip: 10.255.252.4 - mlag_l3_ip: 10.255.251.5 - mlag_peer_l3_ip: 10.255.251.4 - vtep_loopback_ipv4_pool: 192.168.254.0/24 - vtep_loopback: Loopback1 - vtep_ip: 192.168.254.5 - evpn_services_l2_only: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_DB_Zone: - svis: - - 140 - - 141 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WAN_Zone: - svis: - - 150 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: - - 160 - - 161 - Tenant_B: - vrfs: - Tenant_B_OP_Zone: - svis: - - 210 - - 211 - Tenant_B_WAN_Zone: - svis: - - 250 - l2vlans: [] - Tenant_C: - vrfs: - Tenant_C_OP_Zone: - svis: - - 310 - - 311 - Tenant_C_WAN_Zone: - svis: - - 350 - l2vlans: [] - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -topology: - links: - Ethernet1: - peer: DC1-SPINE1 - peer_interface: Ethernet4 - peer_type: spine - peer_bgp_as: '65001' - type: underlay_p2p - ip_address: 172.31.255.13 - peer_ip_address: 172.31.255.12 - Ethernet2: - peer: DC1-SPINE2 - peer_interface: Ethernet4 - peer_type: spine - peer_bgp_as: '65001' - type: underlay_p2p - ip_address: 172.31.255.15 - peer_ip_address: 172.31.255.14 - peers: - - DC1-SPINE1 - - DC1-SPINE2 - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -playbook_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/playbooks -ansible_playbook_python: /Users/tgrimonet/.pyenv/versions/3.9.7/envs/arista-avd-demo/bin/python3.9 -ansible_config_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/ansible.cfg + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] +avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_topology_peers: + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF2A: + - DC1-L2LEAF2A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_requirements: + failed: false + changed: false +playbook_dir: /home/colin/temp/ansible-avd-cloudvision-demo/playbooks +ansible_playbook_python: /home/colin/act-single-dc/.venv/bin/python3 +ansible_config_file: /home/colin/temp/ansible-avd-cloudvision-demo/ansible.cfg groups: all: - cv_ztp - cv_server - DC1-SPINE1 - DC1-SPINE2 + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A ungrouped: [] CVP: - cv_ztp @@ -813,12 +1235,12 @@ groups: DC1_FABRIC: - DC1-SPINE1 - DC1-SPINE2 + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A DC1_SPINES: - DC1-SPINE1 - DC1-SPINE2 @@ -841,31 +1263,31 @@ groups: DC1_L2LEAF2: - DC1-L2LEAF2A DC1_TENANTS_NETWORKS: + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B + DC1_SERVERS: - DC1-L2LEAF1A - DC1-L2LEAF2A - DC1_SERVERS: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A -omit: __omit_place_holder__977da4f00604c643da39a9f2175c10b09f0b2380 +omit: __omit_place_holder__ab9c18ca0c75d03d3972f5ad58a93aebf5c2084c ansible_version: - string: 2.10.14 - full: 2.10.14 + string: 2.16.3 + full: 2.16.3 major: 2 - minor: 10 - revision: 14 + minor: 16 + revision: 3 ansible_check_mode: false ansible_diff_mode: false ansible_forks: 5 ansible_inventory_sources: -- /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml +- /home/colin/temp/ansible-avd-cloudvision-demo/inventory/inventory.yml ansible_skip_tags: [] ansible_run_tags: - build diff --git a/inventory/intended/structured_configs/DC1-LEAF2B.yml b/inventory/intended/structured_configs/DC1-LEAF2B.yml index b9644c7e..2b35bfac 100644 --- a/inventory/intended/structured_configs/DC1-LEAF2B.yml +++ b/inventory/intended/structured_configs/DC1-LEAF2B.yml @@ -1,3 +1,7 @@ +hostname: DC1-LEAF2B +metadata: + platform: vEOS-LAB +is_deployed: true router_bgp: as: '65102' router_id: 192.168.255.6 @@ -6,291 +10,340 @@ router_bgp: - distance bgp 20 200 200 - graceful-restart restart-time 300 - graceful-restart - - maximum-paths 4 ecmp 4 + bgp: + default: + ipv4_unicast: false + maximum_paths: + paths: 4 + ecmp: 4 + updates: + wait_install: true peer_groups: - MLAG-IPv4-UNDERLAY-PEER: - type: ipv4 - remote_as: '65102' - next_hop_self: true - password: vnEaG8gMeQf3d3cN6PktXQ== - maximum_routes: 12000 - send_community: all - route_map_in: RM-MLAG-PEER-IN - IPv4-UNDERLAY-PEERS: - type: ipv4 - password: AQQvKeimxJu+uGQ/yYvv9w== - maximum_routes: 12000 - send_community: all - EVPN-OVERLAY-PEERS: - type: evpn - update_source: Loopback0 - bfd: true - ebgp_multihop: '3' - password: q+VNViP5i4rVjW1cxFv2wA== - send_community: all - maximum_routes: 0 + - name: MLAG-IPv4-UNDERLAY-PEER + type: ipv4 + remote_as: '65102' + next_hop_self: true + description: DC1-LEAF2A + password: vnEaG8gMeQf3d3cN6PktXQ== + maximum_routes: 12000 + send_community: all + route_map_in: RM-MLAG-PEER-IN + - name: IPv4-UNDERLAY-PEERS + type: ipv4 + password: AQQvKeimxJu+uGQ/yYvv9w== + maximum_routes: 12000 + send_community: all + - name: EVPN-OVERLAY-PEERS + type: evpn + update_source: Loopback0 + bfd: true + password: q+VNViP5i4rVjW1cxFv2wA== + send_community: all + maximum_routes: 0 + ebgp_multihop: 3 address_family_ipv4: peer_groups: - MLAG-IPv4-UNDERLAY-PEER: - activate: true - IPv4-UNDERLAY-PEERS: - activate: true - EVPN-OVERLAY-PEERS: - activate: false + - name: MLAG-IPv4-UNDERLAY-PEER + activate: true + - name: IPv4-UNDERLAY-PEERS + activate: true + - name: EVPN-OVERLAY-PEERS + activate: false neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - description: DC1-LEAF2A - 172.31.255.12: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65001' - description: DC1-SPINE1_Ethernet4 - 172.31.255.14: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65001' - description: DC1-SPINE2_Ethernet4 - 192.168.255.1: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-SPINE1 - remote_as: '65001' - 192.168.255.2: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-SPINE2 - remote_as: '65001' + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + peer: DC1-LEAF2A + description: DC1-LEAF2A + - ip_address: 172.31.255.12 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65001' + peer: DC1-SPINE1 + description: DC1-SPINE1_Ethernet4 + - ip_address: 172.31.255.14 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65001' + peer: DC1-SPINE2 + description: DC1-SPINE2_Ethernet4 + - ip_address: 192.168.255.1 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-SPINE1 + description: DC1-SPINE1 + remote_as: '65001' + - ip_address: 192.168.255.2 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-SPINE2 + description: DC1-SPINE2 + remote_as: '65001' redistribute_routes: - connected: - route_map: RM-CONN-2-BGP + - source_protocol: connected + route_map: RM-CONN-2-BGP address_family_evpn: peer_groups: - EVPN-OVERLAY-PEERS: - activate: true + - name: EVPN-OVERLAY-PEERS + activate: true vrfs: - Tenant_A_APP_Zone: - router_id: 192.168.255.6 - rd: 192.168.255.6:12 - route_targets: - import: - evpn: - - '12:12' - export: - evpn: - - '12:12' - neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_DB_Zone: - router_id: 192.168.255.6 - rd: 192.168.255.6:13 - route_targets: - import: - evpn: - - '13:13' - export: - evpn: - - '13:13' - neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_OP_Zone: - router_id: 192.168.255.6 - rd: 192.168.255.6:10 - route_targets: - import: - evpn: - - '10:10' - export: - evpn: - - '10:10' - neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_WAN_Zone: - router_id: 192.168.255.6 - rd: 192.168.255.6:14 - route_targets: - import: - evpn: - - '14:14' - export: - evpn: - - '14:14' - neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_WEB_Zone: - router_id: 192.168.255.6 - rd: 192.168.255.6:11 - route_targets: - import: - evpn: - - '11:11' - export: - evpn: - - '11:11' - neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_B_OP_Zone: - router_id: 192.168.255.6 - rd: 192.168.255.6:20 - route_targets: - import: - evpn: - - '20:20' - export: - evpn: - - '20:20' - neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_B_WAN_Zone: - router_id: 192.168.255.6 - rd: 192.168.255.6:21 - route_targets: - import: - evpn: - - '21:21' - export: - evpn: - - '21:21' - neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_C_OP_Zone: - router_id: 192.168.255.6 - rd: 192.168.255.6:30 - route_targets: - import: - evpn: - - '30:30' - export: - evpn: - - '30:30' - neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_C_WAN_Zone: - router_id: 192.168.255.6 - rd: 192.168.255.6:31 - route_targets: - import: - evpn: - - '31:31' - export: - evpn: - - '31:31' - neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - vlan_aware_bundles: - Tenant_A_APP_Zone: - rd: 192.168.255.6:12 - route_targets: - both: + - name: Tenant_A_APP_Zone + router_id: 192.168.255.6 + rd: 192.168.255.6:12 + route_targets: + import: + - address_family: evpn + route_targets: + - '12:12' + export: + - address_family: evpn + route_targets: - '12:12' - redistribute_routes: - - learned - vlan: 130-131 - Tenant_A_DB_Zone: - rd: 192.168.255.6:13 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_A_DB_Zone + router_id: 192.168.255.6 + rd: 192.168.255.6:13 + route_targets: + import: + - address_family: evpn + route_targets: + - '13:13' + export: + - address_family: evpn + route_targets: - '13:13' - redistribute_routes: - - learned - vlan: 140-141 - Tenant_A_OP_Zone: - rd: 192.168.255.6:10 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_A_OP_Zone + router_id: 192.168.255.6 + rd: 192.168.255.6:10 + route_targets: + import: + - address_family: evpn + route_targets: + - '10:10' + export: + - address_family: evpn + route_targets: - '10:10' - redistribute_routes: - - learned - vlan: 110-112 - Tenant_A_WAN_Zone: - rd: 192.168.255.6:14 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_A_WAN_Zone + router_id: 192.168.255.6 + rd: 192.168.255.6:14 + route_targets: + import: + - address_family: evpn + route_targets: - '14:14' - redistribute_routes: - - learned - vlan: 150 - Tenant_A_WEB_Zone: - rd: 192.168.255.6:11 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '14:14' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_A_WEB_Zone + router_id: 192.168.255.6 + rd: 192.168.255.6:11 + route_targets: + import: + - address_family: evpn + route_targets: - '11:11' - redistribute_routes: - - learned - vlan: 120-121 - Tenant_A_VMOTION: - tenant: Tenant_A - rd: 192.168.255.6:55160 - route_targets: - both: - - 55160:55160 - redistribute_routes: - - learned - vlan: 160 - Tenant_A_NFS: - tenant: Tenant_A - rd: 192.168.255.6:10161 - route_targets: - both: - - 10161:10161 - redistribute_routes: - - learned - vlan: 161 - Tenant_B_OP_Zone: - rd: 192.168.255.6:20 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '11:11' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_B_OP_Zone + router_id: 192.168.255.6 + rd: 192.168.255.6:20 + route_targets: + import: + - address_family: evpn + route_targets: - '20:20' - redistribute_routes: - - learned - vlan: 210-211 - Tenant_B_WAN_Zone: - rd: 192.168.255.6:21 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '20:20' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_B_WAN_Zone + router_id: 192.168.255.6 + rd: 192.168.255.6:21 + route_targets: + import: + - address_family: evpn + route_targets: - '21:21' - redistribute_routes: - - learned - vlan: 250 - Tenant_C_OP_Zone: - rd: 192.168.255.6:30 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '21:21' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_C_OP_Zone + router_id: 192.168.255.6 + rd: 192.168.255.6:30 + route_targets: + import: + - address_family: evpn + route_targets: + - '30:30' + export: + - address_family: evpn + route_targets: - '30:30' - redistribute_routes: - - learned - vlan: 310-311 - Tenant_C_WAN_Zone: - rd: 192.168.255.6:31 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + - name: Tenant_C_WAN_Zone + router_id: 192.168.255.6 + rd: 192.168.255.6:31 + route_targets: + import: + - address_family: evpn + route_targets: + - '31:31' + export: + - address_family: evpn + route_targets: - '31:31' - redistribute_routes: - - learned - vlan: 350 + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + updates: + wait_install: true + vlan_aware_bundles: + - name: Tenant_A_APP_Zone + rd: 192.168.255.6:12 + route_targets: + both: + - '12:12' + redistribute_routes: + - learned + vlan: 130-131 + - name: Tenant_A_DB_Zone + rd: 192.168.255.6:13 + route_targets: + both: + - '13:13' + redistribute_routes: + - learned + vlan: 140-141 + - name: Tenant_A_OP_Zone + rd: 192.168.255.6:10 + route_targets: + both: + - '10:10' + redistribute_routes: + - learned + vlan: 110-112 + - name: Tenant_A_WAN_Zone + rd: 192.168.255.6:14 + route_targets: + both: + - '14:14' + redistribute_routes: + - learned + vlan: '150' + - name: Tenant_A_WEB_Zone + rd: 192.168.255.6:11 + route_targets: + both: + - '11:11' + redistribute_routes: + - learned + vlan: 120-121 + - name: Tenant_A_NFS + tenant: Tenant_A + rd: 192.168.255.6:10161 + route_targets: + both: + - 10161:10161 + redistribute_routes: + - learned + vlan: '161' + - name: Tenant_A_VMOTION + tenant: Tenant_A + rd: 192.168.255.6:55160 + route_targets: + both: + - 55160:55160 + redistribute_routes: + - learned + vlan: '160' + - name: Tenant_B_OP_Zone + rd: 192.168.255.6:20 + route_targets: + both: + - '20:20' + redistribute_routes: + - learned + vlan: 210-211 + - name: Tenant_B_WAN_Zone + rd: 192.168.255.6:21 + route_targets: + both: + - '21:21' + redistribute_routes: + - learned + vlan: '250' + - name: Tenant_C_OP_Zone + rd: 192.168.255.6:30 + route_targets: + both: + - '30:30' + redistribute_routes: + - learned + vlan: 310-311 + - name: Tenant_C_WAN_Zone + rd: 192.168.255.6:31 + route_targets: + both: + - '31:31' + redistribute_routes: + - learned + vlan: '350' static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 @@ -302,6 +355,7 @@ daemon_terminattr: - 10.255.0.1:9910 cvauth: method: key + key: '' cvvrf: MGMT smashexcludes: ale,flexCounter,hardware,kni,pulse,strata ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent @@ -311,501 +365,504 @@ vlan_internal_order: range: beginning: 1006 ending: 1199 -name_server: - source: - vrf: MGMT - nodes: - - 192.168.2.1 - - 8.8.8.8 +ip_name_servers: +- ip_address: 192.168.2.1 + vrf: MGMT +- ip_address: 8.8.8.8 + vrf: MGMT spanning_tree: mode: mstp mst_instances: - '0': - priority: 16384 + - id: '0' + priority: 16384 no_spanning_tree_vlan: 4093-4094 local_users: - admin: - privilege: 15 - role: network-admin - sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 - ansible: - privilege: 15 - role: network-admin - sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ - cvpadmin: - privilege: 15 - role: network-admin - sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +- name: admin + privilege: 15 + role: network-admin + sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 +- name: ansible + privilege: 15 + role: network-admin + sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ +- name: cvpadmin + privilege: 15 + role: network-admin + sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. vrfs: - MGMT: - ip_routing: false - Tenant_A_APP_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_DB_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_OP_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_WAN_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_WEB_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_B_OP_Zone: - tenant: Tenant_B - ip_routing: true - Tenant_B_WAN_Zone: - tenant: Tenant_B - ip_routing: true - Tenant_C_OP_Zone: - tenant: Tenant_C - ip_routing: true - Tenant_C_WAN_Zone: - tenant: Tenant_C - ip_routing: true +- name: MGMT + ip_routing: false +- name: Tenant_A_APP_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_DB_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_OP_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_WAN_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_WEB_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_B_OP_Zone + tenant: Tenant_B + ip_routing: true +- name: Tenant_B_WAN_Zone + tenant: Tenant_B + ip_routing: true +- name: Tenant_C_OP_Zone + tenant: Tenant_C + ip_routing: true +- name: Tenant_C_WAN_Zone + tenant: Tenant_C + ip_routing: true management_interfaces: - Management1: - description: oob_management - shutdown: false - vrf: MGMT - ip_address: 10.255.0.16/24 - gateway: 10.255.0.1 - type: oob +- name: Management1 + description: oob_management + shutdown: false + vrf: MGMT + ip_address: 10.255.0.16/24 + gateway: 10.255.0.1 + type: oob management_api_http: enable_vrfs: - MGMT: {} + - name: MGMT enable_https: true vlans: - 4093: - tenant: system - name: LEAF_PEER_L3 - trunk_groups: - - LEAF_PEER_L3 - 4094: - tenant: system - name: MLAG_PEER - trunk_groups: - - MLAG - 130: - tenant: Tenant_A - name: Tenant_A_APP_Zone_1 - 131: - tenant: Tenant_A - name: Tenant_A_APP_Zone_2 - 3011: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_APP_Zone - trunk_groups: - - LEAF_PEER_L3 - 140: - tenant: Tenant_A - name: Tenant_A_DB_BZone_1 - 141: - tenant: Tenant_A - name: Tenant_A_DB_Zone_2 - 3012: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_DB_Zone - trunk_groups: - - LEAF_PEER_L3 - 110: - tenant: Tenant_A - name: Tenant_A_OP_Zone_1 - 111: - tenant: Tenant_A - name: Tenant_A_OP_Zone_2 - 112: - tenant: Tenant_A - name: Tenant_A_OP_Zone_3 - 3009: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 150: - tenant: Tenant_A - name: Tenant_A_WAN_Zone_1 - 3013: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 - 120: - tenant: Tenant_A - name: Tenant_A_WEB_Zone_1 - 121: - tenant: Tenant_A - name: Tenant_A_WEBZone_2 - 3010: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_WEB_Zone - trunk_groups: - - LEAF_PEER_L3 - 160: - tenant: Tenant_A - name: Tenant_A_VMOTION - 161: - tenant: Tenant_A - name: Tenant_A_NFS - 210: - tenant: Tenant_B - name: Tenant_B_OP_Zone_1 - 211: - tenant: Tenant_B - name: Tenant_B_OP_Zone_2 - 3019: - tenant: Tenant_B - name: MLAG_iBGP_Tenant_B_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 250: - tenant: Tenant_B - name: Tenant_B_WAN_Zone_1 - 3020: - tenant: Tenant_B - name: MLAG_iBGP_Tenant_B_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 - 310: - tenant: Tenant_C - name: Tenant_C_OP_Zone_1 - 311: - tenant: Tenant_C - name: Tenant_C_OP_Zone_2 - 3029: - tenant: Tenant_C - name: MLAG_iBGP_Tenant_C_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 350: - tenant: Tenant_C - name: Tenant_C_WAN_Zone_1 - 3030: - tenant: Tenant_C - name: MLAG_iBGP_Tenant_C_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 +- id: 4093 + tenant: system + name: LEAF_PEER_L3 + trunk_groups: + - LEAF_PEER_L3 +- id: 4094 + tenant: system + name: MLAG_PEER + trunk_groups: + - MLAG +- id: 130 + name: Tenant_A_APP_Zone_1 + tenant: Tenant_A +- id: 131 + name: Tenant_A_APP_Zone_2 + tenant: Tenant_A +- id: 3011 + name: MLAG_iBGP_Tenant_A_APP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 140 + name: Tenant_A_DB_BZone_1 + tenant: Tenant_A +- id: 141 + name: Tenant_A_DB_Zone_2 + tenant: Tenant_A +- id: 3012 + name: MLAG_iBGP_Tenant_A_DB_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 110 + name: Tenant_A_OP_Zone_1 + tenant: Tenant_A +- id: 111 + name: Tenant_A_OP_Zone_2 + tenant: Tenant_A +- id: 112 + name: Tenant_A_OP_Zone_3 + tenant: Tenant_A +- id: 3009 + name: MLAG_iBGP_Tenant_A_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 150 + name: Tenant_A_WAN_Zone_1 + tenant: Tenant_A +- id: 3013 + name: MLAG_iBGP_Tenant_A_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 120 + name: Tenant_A_WEB_Zone_1 + tenant: Tenant_A +- id: 121 + name: Tenant_A_WEBZone_2 + tenant: Tenant_A +- id: 3010 + name: MLAG_iBGP_Tenant_A_WEB_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 160 + name: Tenant_A_VMOTION + tenant: Tenant_A +- id: 161 + name: Tenant_A_NFS + tenant: Tenant_A +- id: 210 + name: Tenant_B_OP_Zone_1 + tenant: Tenant_B +- id: 211 + name: Tenant_B_OP_Zone_2 + tenant: Tenant_B +- id: 3019 + name: MLAG_iBGP_Tenant_B_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_B +- id: 250 + name: Tenant_B_WAN_Zone_1 + tenant: Tenant_B +- id: 3020 + name: MLAG_iBGP_Tenant_B_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_B +- id: 310 + name: Tenant_C_OP_Zone_1 + tenant: Tenant_C +- id: 311 + name: Tenant_C_OP_Zone_2 + tenant: Tenant_C +- id: 3029 + name: MLAG_iBGP_Tenant_C_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_C +- id: 350 + name: Tenant_C_WAN_Zone_1 + tenant: Tenant_C +- id: 3030 + name: MLAG_iBGP_Tenant_C_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_C vlan_interfaces: - Vlan4093: - description: MLAG_PEER_L3_PEERING - shutdown: false - ip_address: 10.255.251.5/31 - mtu: 1500 - Vlan4094: - description: MLAG_PEER - shutdown: false - ip_address: 10.255.252.5/31 - no_autostate: true - mtu: 1500 - Vlan130: - tenant: Tenant_A - tags: - - app - - erp1 - description: Tenant_A_APP_Zone_1 - shutdown: false - vrf: Tenant_A_APP_Zone - Vlan131: - tenant: Tenant_A - tags: - - app - description: Tenant_A_APP_Zone_2 - shutdown: false - vrf: Tenant_A_APP_Zone - ip_address_virtual: 10.1.31.254/24 - Vlan3011: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone' - vrf: Tenant_A_APP_Zone - ip_address: 10.255.251.5/31 - mtu: 1500 - Vlan140: - tenant: Tenant_A - tags: - - db - - erp1 - description: Tenant_A_DB_BZone_1 - shutdown: false - vrf: Tenant_A_DB_Zone - ip_address_virtual: 10.1.40.1/24 - Vlan141: - tenant: Tenant_A - tags: - - db - description: Tenant_A_DB_Zone_2 - shutdown: false - vrf: Tenant_A_DB_Zone - ip_address_virtual: 10.1.41.1/24 - Vlan3012: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone' - vrf: Tenant_A_DB_Zone - ip_address: 10.255.251.5/31 - mtu: 1500 - Vlan110: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_1 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.10.1/24 - Vlan111: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_2 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.11.1/24 - Vlan112: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_3 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.12.254/24 - Vlan3009: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone' - vrf: Tenant_A_OP_Zone - ip_address: 10.255.251.5/31 - mtu: 1500 - Vlan150: - tenant: Tenant_A - tags: - - wan - description: Tenant_A_WAN_Zone_1 - shutdown: false - vrf: Tenant_A_WAN_Zone - ip_address_virtual: 10.1.40.1/24 - Vlan3013: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone' - vrf: Tenant_A_WAN_Zone - ip_address: 10.255.251.5/31 - mtu: 1500 - Vlan120: - tenant: Tenant_A - tags: - - web - - erp1 - description: Tenant_A_WEB_Zone_1 - shutdown: false - vrf: Tenant_A_WEB_Zone - Vlan121: - tenant: Tenant_A - tags: - - web - description: Tenant_A_WEBZone_2 - shutdown: false - vrf: Tenant_A_WEB_Zone - ip_address_virtual: 10.1.21.1/24 - Vlan3010: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone' - vrf: Tenant_A_WEB_Zone - ip_address: 10.255.251.5/31 - mtu: 1500 - Vlan210: - tenant: Tenant_B - tags: - - opzone - description: Tenant_B_OP_Zone_1 - shutdown: false - vrf: Tenant_B_OP_Zone - Vlan211: - tenant: Tenant_B - tags: - - opzone - description: Tenant_B_OP_Zone_2 - shutdown: false - vrf: Tenant_B_OP_Zone - ip_address_virtual: 10.2.11.1/24 - Vlan3019: - tenant: Tenant_B - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone' - vrf: Tenant_B_OP_Zone - ip_address: 10.255.251.5/31 - mtu: 1500 - Vlan250: - tenant: Tenant_B - tags: - - wan - description: Tenant_B_WAN_Zone_1 - shutdown: false - vrf: Tenant_B_WAN_Zone - ip_address_virtual: 10.2.50.1/24 - Vlan3020: - tenant: Tenant_B - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone' - vrf: Tenant_B_WAN_Zone - ip_address: 10.255.251.5/31 - mtu: 1500 - Vlan310: - tenant: Tenant_C - tags: - - opzone - description: Tenant_C_OP_Zone_1 - shutdown: false - vrf: Tenant_C_OP_Zone - Vlan311: - tenant: Tenant_C - tags: - - opzone - description: Tenant_C_OP_Zone_2 - shutdown: false - vrf: Tenant_C_OP_Zone - Vlan3029: - tenant: Tenant_C - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone' - vrf: Tenant_C_OP_Zone - ip_address: 10.255.251.5/31 - mtu: 1500 - Vlan350: - tenant: Tenant_C - tags: - - wan - description: Tenant_C_WAN_Zone_1 - shutdown: false - vrf: Tenant_C_WAN_Zone - Vlan3030: - tenant: Tenant_C - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone' - vrf: Tenant_C_WAN_Zone - ip_address: 10.255.251.5/31 - mtu: 1500 +- name: Vlan4093 + description: MLAG_PEER_L3_PEERING + shutdown: false + mtu: 1500 + ip_address: 10.255.251.5/31 +- name: Vlan4094 + description: MLAG_PEER + shutdown: false + ip_address: 10.255.252.5/31 + no_autostate: true + mtu: 1500 +- name: Vlan130 + tenant: Tenant_A + tags: + - app + - erp1 + description: Tenant_A_APP_Zone_1 + shutdown: false + ip_address_virtual: 10.1.30.1/24 + vrf: Tenant_A_APP_Zone +- name: Vlan131 + tenant: Tenant_A + tags: + - app + description: Tenant_A_APP_Zone_2 + shutdown: false + ip_address_virtual: 10.1.31.254/24 + vrf: Tenant_A_APP_Zone +- name: Vlan3011 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone' + vrf: Tenant_A_APP_Zone + mtu: 1500 + ip_address: 10.255.251.5/31 +- name: Vlan140 + tenant: Tenant_A + tags: + - db + - erp1 + description: Tenant_A_DB_BZone_1 + shutdown: false + ip_address_virtual: 10.1.40.1/24 + vrf: Tenant_A_DB_Zone +- name: Vlan141 + tenant: Tenant_A + tags: + - db + description: Tenant_A_DB_Zone_2 + shutdown: false + ip_address_virtual: 10.1.41.1/24 + vrf: Tenant_A_DB_Zone +- name: Vlan3012 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone' + vrf: Tenant_A_DB_Zone + mtu: 1500 + ip_address: 10.255.251.5/31 +- name: Vlan110 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_1 + shutdown: false + ip_address_virtual: 10.1.10.1/24 + vrf: Tenant_A_OP_Zone +- name: Vlan111 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.1.11.1/24 + vrf: Tenant_A_OP_Zone +- name: Vlan112 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_3 + shutdown: false + ip_address_virtual: 10.1.12.254/24 + vrf: Tenant_A_OP_Zone +- name: Vlan3009 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone' + vrf: Tenant_A_OP_Zone + mtu: 1500 + ip_address: 10.255.251.5/31 +- name: Vlan150 + tenant: Tenant_A + tags: + - wan + description: Tenant_A_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.1.40.1/24 + vrf: Tenant_A_WAN_Zone +- name: Vlan3013 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone' + vrf: Tenant_A_WAN_Zone + mtu: 1500 + ip_address: 10.255.251.5/31 +- name: Vlan120 + tenant: Tenant_A + tags: + - web + - erp1 + description: Tenant_A_WEB_Zone_1 + shutdown: false + ip_address_virtual: 10.1.20.1/24 + vrf: Tenant_A_WEB_Zone +- name: Vlan121 + tenant: Tenant_A + tags: + - web + description: Tenant_A_WEBZone_2 + shutdown: false + ip_address_virtual: 10.1.21.1/24 + vrf: Tenant_A_WEB_Zone +- name: Vlan3010 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone' + vrf: Tenant_A_WEB_Zone + mtu: 1500 + ip_address: 10.255.251.5/31 +- name: Vlan210 + tenant: Tenant_B + tags: + - opzone + description: Tenant_B_OP_Zone_1 + shutdown: false + ip_address_virtual: 10.2.10.1/24 + vrf: Tenant_B_OP_Zone +- name: Vlan211 + tenant: Tenant_B + tags: + - opzone + description: Tenant_B_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.2.11.1/24 + vrf: Tenant_B_OP_Zone +- name: Vlan3019 + tenant: Tenant_B + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone' + vrf: Tenant_B_OP_Zone + mtu: 1500 + ip_address: 10.255.251.5/31 +- name: Vlan250 + tenant: Tenant_B + tags: + - wan + description: Tenant_B_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.2.50.1/24 + vrf: Tenant_B_WAN_Zone +- name: Vlan3020 + tenant: Tenant_B + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone' + vrf: Tenant_B_WAN_Zone + mtu: 1500 + ip_address: 10.255.251.5/31 +- name: Vlan310 + tenant: Tenant_C + tags: + - opzone + description: Tenant_C_OP_Zone_1 + shutdown: false + ip_address_virtual: 10.3.10.1/24 + vrf: Tenant_C_OP_Zone +- name: Vlan311 + tenant: Tenant_C + tags: + - opzone + description: Tenant_C_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.3.11.1/24 + vrf: Tenant_C_OP_Zone +- name: Vlan3029 + tenant: Tenant_C + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone' + vrf: Tenant_C_OP_Zone + mtu: 1500 + ip_address: 10.255.251.5/31 +- name: Vlan350 + tenant: Tenant_C + tags: + - wan + description: Tenant_C_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.3.50.1/24 + vrf: Tenant_C_WAN_Zone +- name: Vlan3030 + tenant: Tenant_C + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone' + vrf: Tenant_C_WAN_Zone + mtu: 1500 + ip_address: 10.255.251.5/31 port_channel_interfaces: - Port-Channel3: - description: MLAG_PEER_DC1-LEAF2A_Po3 - type: switched - shutdown: false - vlans: 2-4094 - mode: trunk - trunk_groups: - - LEAF_PEER_L3 - - MLAG - Port-Channel5: - description: DC1-L2LEAF2A_Po1 - type: switched - shutdown: false - vlans: 110-112,120-121,130-131 - mode: trunk - mlag: 5 +- name: Port-Channel3 + description: MLAG_PEER_DC1-LEAF2A_Po3 + type: switched + shutdown: false + mode: trunk + trunk_groups: + - LEAF_PEER_L3 + - MLAG +- name: Port-Channel5 + description: DC1-L2LEAF2A_Po1 + type: switched + shutdown: false + mode: trunk + vlans: 110-112,120-121,130-131 + mlag: 5 ethernet_interfaces: - Ethernet3: - peer: DC1-LEAF2A - peer_interface: Ethernet3 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF2A_Ethernet3 - type: switched - shutdown: false - channel_group: - id: 3 - mode: active - Ethernet4: - peer: DC1-LEAF2A - peer_interface: Ethernet4 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF2A_Ethernet4 - type: switched - shutdown: false - channel_group: - id: 3 - mode: active - Ethernet1: - peer: DC1-SPINE1 - peer_interface: Ethernet4 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE1_Ethernet4 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.13/31 - Ethernet2: - peer: DC1-SPINE2 - peer_interface: Ethernet4 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE2_Ethernet4 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.15/31 - Ethernet5: - peer: DC1-L2LEAF2A - peer_interface: Ethernet2 - peer_type: l2leaf - description: DC1-L2LEAF2A_Ethernet2 - type: switched - shutdown: false - channel_group: - id: 5 - mode: active +- name: Ethernet3 + peer: DC1-LEAF2A + peer_interface: Ethernet3 + peer_type: mlag_peer + description: MLAG_PEER_DC1-LEAF2A_Ethernet3 + type: port-channel-member + shutdown: false + channel_group: + id: 3 + mode: active +- name: Ethernet4 + peer: DC1-LEAF2A + peer_interface: Ethernet4 + peer_type: mlag_peer + description: MLAG_PEER_DC1-LEAF2A_Ethernet4 + type: port-channel-member + shutdown: false + channel_group: + id: 3 + mode: active +- name: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + description: P2P_LINK_TO_DC1-SPINE1_Ethernet4 + shutdown: false + mtu: 1500 + type: routed + ip_address: 172.31.255.13/31 +- name: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + description: P2P_LINK_TO_DC1-SPINE2_Ethernet4 + shutdown: false + mtu: 1500 + type: routed + ip_address: 172.31.255.15/31 +- name: Ethernet5 + peer: DC1-L2LEAF2A + peer_interface: Ethernet2 + peer_type: l2leaf + description: DC1-L2LEAF2A_Ethernet2 + shutdown: false + type: port-channel-member + channel_group: + id: 5 + mode: active mlag_configuration: domain_id: DC1_LEAF2 local_interface: Vlan4094 peer_address: 10.255.252.4 peer_link: Port-Channel3 - reload_delay_mlag: 300 - reload_delay_non_mlag: 330 + reload_delay_mlag: '300' + reload_delay_non_mlag: '330' route_maps: - RM-MLAG-PEER-IN: - sequence_numbers: - 10: - type: permit - set: - - origin incomplete - description: Make routes learned over MLAG Peer-link less preferred on spines - to ensure optimal routing - RM-CONN-2-BGP: - sequence_numbers: - 10: - type: permit - match: - - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +- name: RM-MLAG-PEER-IN + sequence_numbers: + - sequence: 10 + type: permit + set: + - origin incomplete + description: Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing +- name: RM-CONN-2-BGP + sequence_numbers: + - sequence: 10 + type: permit + match: + - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY loopback_interfaces: - Loopback0: - description: EVPN_Overlay_Peering - shutdown: false - ip_address: 192.168.255.6/32 - Loopback1: - description: VTEP_VXLAN_Tunnel_Source - shutdown: false - ip_address: 192.168.254.5/32 - Loopback100: - description: Tenant_A_OP_Zone_VTEP_DIAGNOSTICS - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address: 10.255.1.6/32 +- name: Loopback0 + description: EVPN_Overlay_Peering + shutdown: false + ip_address: 192.168.255.6/32 +- name: Loopback1 + description: VTEP_VXLAN_Tunnel_Source + shutdown: false + ip_address: 192.168.254.5/32 +- name: Loopback100 + description: Tenant_A_OP_Zone_VTEP_DIAGNOSTICS + shutdown: false + vrf: Tenant_A_OP_Zone + ip_address: 10.255.1.6/32 prefix_lists: - PL-LOOPBACKS-EVPN-OVERLAY: - sequence_numbers: - 10: - action: permit 192.168.255.0/24 eq 32 - 20: - action: permit 192.168.254.0/24 eq 32 +- name: PL-LOOPBACKS-EVPN-OVERLAY + sequence_numbers: + - sequence: 10 + action: permit 192.168.255.0/24 eq 32 + - sequence: 20 + action: permit 192.168.254.0/24 eq 32 router_bfd: multihop: interval: 1200 @@ -813,73 +870,73 @@ router_bfd: multiplier: 3 ip_igmp_snooping: globally_enabled: true +ip_virtual_router_mac_address: 00:1c:73:00:dc:01 vxlan_interface: Vxlan1: description: DC1-LEAF2B_VTEP vxlan: + udp_port: 4789 source_interface: Loopback1 virtual_router_encapsulation_mac_address: mlag-system-id - udp_port: 4789 vlans: - 130: - vni: 10130 - 131: - vni: 10131 - 140: - vni: 10140 - 141: - vni: 10141 - 110: - vni: 10110 - 111: - vni: 50111 - 112: - vni: 50112 - 150: - vni: 10150 - 120: - vni: 10120 - 121: - vni: 10121 - 160: - vni: 55160 - 161: - vni: 10161 - 210: - vni: 20210 - 211: - vni: 20211 - 250: - vni: 20250 - 310: - vni: 30310 - 311: - vni: 30311 - 350: - vni: 30350 + - id: 130 + vni: 10130 + - id: 131 + vni: 10131 + - id: 140 + vni: 10140 + - id: 141 + vni: 10141 + - id: 110 + vni: 10110 + - id: 111 + vni: 50111 + - id: 112 + vni: 50112 + - id: 150 + vni: 10150 + - id: 120 + vni: 10120 + - id: 121 + vni: 10121 + - id: 160 + vni: 55160 + - id: 161 + vni: 10161 + - id: 210 + vni: 20210 + - id: 211 + vni: 20211 + - id: 250 + vni: 20250 + - id: 310 + vni: 30310 + - id: 311 + vni: 30311 + - id: 350 + vni: 30350 vrfs: - Tenant_A_APP_Zone: - vni: 12 - Tenant_A_DB_Zone: - vni: 13 - Tenant_A_OP_Zone: - vni: 10 - Tenant_A_WAN_Zone: - vni: 14 - Tenant_A_WEB_Zone: - vni: 11 - Tenant_B_OP_Zone: - vni: 20 - Tenant_B_WAN_Zone: - vni: 21 - Tenant_C_OP_Zone: - vni: 30 - Tenant_C_WAN_Zone: - vni: 31 + - name: Tenant_A_APP_Zone + vni: 12 + - name: Tenant_A_DB_Zone + vni: 13 + - name: Tenant_A_OP_Zone + vni: 10 + - name: Tenant_A_WAN_Zone + vni: 14 + - name: Tenant_A_WEB_Zone + vni: 11 + - name: Tenant_B_OP_Zone + vni: 20 + - name: Tenant_B_WAN_Zone + vni: 21 + - name: Tenant_C_OP_Zone + vni: 30 + - name: Tenant_C_WAN_Zone + vni: 31 virtual_source_nat_vrfs: - Tenant_A_OP_Zone: - ip_address: 10.255.1.6 -ip_virtual_router_mac_address: 00:1c:73:00:dc:01 +- name: Tenant_A_OP_Zone + ip_address: 10.255.1.6 ntp: local_interface: name: Management1 diff --git a/inventory/intended/structured_configs/DC1-SPINE1-debug-vars.yml b/inventory/intended/structured_configs/DC1-SPINE1-debug-vars.yml index 3730b254..adbc1ac0 100644 --- a/inventory/intended/structured_configs/DC1-SPINE1-debug-vars.yml +++ b/inventory/intended/structured_configs/DC1-SPINE1-debug-vars.yml @@ -20,7 +20,8 @@ local_users: privilege: 15 role: network-admin sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -cvp_instance_ip: 10.255.0.1 +cvp_instance_ips: +- 10.255.0.1 cvp_ingestauth_key: '' mgmt_interface: Management1 mgmt_interface_vrf: MGMT @@ -39,13 +40,13 @@ custom_structured_configuration_ntp: - name: 1.fr.pool.ntp.org vrf: MGMT fabric_name: DC1_FABRIC -vxlan_vlan_aware_bundles: true +evpn_vlan_aware_bundles: true bgp_peer_groups: - IPv4_UNDERLAY_PEERS: + ipv4_underlay_peers: password: AQQvKeimxJu+uGQ/yYvv9w== - EVPN_OVERLAY_PEERS: + evpn_overlay_peers: password: q+VNViP5i4rVjW1cxFv2wA== - MLAG_IPv4_UNDERLAY_PEER: + mlag_ipv4_underlay_peer: password: vnEaG8gMeQf3d3cN6PktXQ== spine: defaults: @@ -183,8 +184,8 @@ bfd_multihop: interval: 1200 min_rx: 1200 multiplier: 3 -inventory_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml -inventory_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory +inventory_file: /home/colin/temp/ansible-avd-cloudvision-demo/inventory/inventory.yml +inventory_dir: /home/colin/temp/ansible-avd-cloudvision-demo/inventory ansible_host: 10.255.0.11 inventory_hostname: DC1-SPINE1 inventory_hostname_short: DC1-SPINE1 @@ -193,137 +194,846 @@ group_names: - DC1_FABRIC - DC1_SPINES ansible_facts: - switch: - type: spine - node_type_key: spine - connected_endpoints: false - default_evpn_role: server - mlag_support: false - network_services_l2: false - network_services_l3: false - underlay_router: true - uplink_type: p2p - vtep: false - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - id: 1 - mgmt_ip: 10.255.0.11/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - spanning_tree_mode: none - max_uplink_switches: 0 - max_parallel_uplinks: 1 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 0 - router_id: 192.168.255.1 - bgp_as: '65001' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: server - mlag: false - topology: - peers: [] - vlans: [] -switch: - type: spine - node_type_key: spine - connected_endpoints: false - default_evpn_role: server - mlag_support: false - network_services_l2: false - network_services_l3: false - underlay_router: true - uplink_type: p2p - vtep: false - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - id: 1 - mgmt_ip: 10.255.0.11/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - spanning_tree_mode: none - max_uplink_switches: 0 - max_parallel_uplinks: 1 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 0 - router_id: 192.168.255.1 - bgp_as: '65001' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: server - mlag: false -topology: - peers: [] - vlans: [] -playbook_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/playbooks -ansible_playbook_python: /Users/tgrimonet/.pyenv/versions/3.9.7/envs/arista-avd-demo/bin/python3.9 -ansible_config_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/ansible.cfg + avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF1A + - DC1-LEAF1B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF2A + - DC1-LEAF2B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + avd_topology_peers: + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF2A: + - DC1-L2LEAF2A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF1A + - DC1-LEAF1B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF2A + - DC1-LEAF2B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] +avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_topology_peers: + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF2A: + - DC1-L2LEAF2A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_requirements: + failed: false + changed: false +playbook_dir: /home/colin/temp/ansible-avd-cloudvision-demo/playbooks +ansible_playbook_python: /home/colin/act-single-dc/.venv/bin/python3 +ansible_config_file: /home/colin/temp/ansible-avd-cloudvision-demo/ansible.cfg groups: all: - cv_ztp - cv_server - DC1-SPINE1 - DC1-SPINE2 + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A ungrouped: [] CVP: - cv_ztp @@ -340,12 +1050,12 @@ groups: DC1_FABRIC: - DC1-SPINE1 - DC1-SPINE2 + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A DC1_SPINES: - DC1-SPINE1 - DC1-SPINE2 @@ -368,31 +1078,31 @@ groups: DC1_L2LEAF2: - DC1-L2LEAF2A DC1_TENANTS_NETWORKS: + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B + DC1_SERVERS: - DC1-L2LEAF1A - DC1-L2LEAF2A - DC1_SERVERS: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A -omit: __omit_place_holder__977da4f00604c643da39a9f2175c10b09f0b2380 +omit: __omit_place_holder__ab9c18ca0c75d03d3972f5ad58a93aebf5c2084c ansible_version: - string: 2.10.14 - full: 2.10.14 + string: 2.16.3 + full: 2.16.3 major: 2 - minor: 10 - revision: 14 + minor: 16 + revision: 3 ansible_check_mode: false ansible_diff_mode: false ansible_forks: 5 ansible_inventory_sources: -- /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml +- /home/colin/temp/ansible-avd-cloudvision-demo/inventory/inventory.yml ansible_skip_tags: [] ansible_run_tags: - build diff --git a/inventory/intended/structured_configs/DC1-SPINE1.yml b/inventory/intended/structured_configs/DC1-SPINE1.yml index 9a98fa01..7c9d3412 100644 --- a/inventory/intended/structured_configs/DC1-SPINE1.yml +++ b/inventory/intended/structured_configs/DC1-SPINE1.yml @@ -1,3 +1,7 @@ +hostname: DC1-SPINE1 +metadata: + platform: vEOS-LAB +is_deployed: true router_bgp: as: '65001' router_id: 192.168.255.1 @@ -6,68 +10,83 @@ router_bgp: - distance bgp 20 200 200 - graceful-restart restart-time 300 - graceful-restart - - maximum-paths 4 ecmp 4 + bgp: + default: + ipv4_unicast: false + maximum_paths: + paths: 4 + ecmp: 4 + updates: + wait_install: true peer_groups: - IPv4-UNDERLAY-PEERS: - type: ipv4 - password: AQQvKeimxJu+uGQ/yYvv9w== - maximum_routes: 12000 - send_community: all - EVPN-OVERLAY-PEERS: - type: evpn - update_source: Loopback0 - bfd: true - ebgp_multihop: '3' - password: q+VNViP5i4rVjW1cxFv2wA== - send_community: all - maximum_routes: 0 - next_hop_unchanged: true + - name: IPv4-UNDERLAY-PEERS + type: ipv4 + password: AQQvKeimxJu+uGQ/yYvv9w== + maximum_routes: 12000 + send_community: all + - name: EVPN-OVERLAY-PEERS + type: evpn + update_source: Loopback0 + bfd: true + password: q+VNViP5i4rVjW1cxFv2wA== + send_community: all + maximum_routes: 0 + ebgp_multihop: 3 + next_hop_unchanged: true address_family_ipv4: peer_groups: - IPv4-UNDERLAY-PEERS: - activate: true - EVPN-OVERLAY-PEERS: - activate: false + - name: IPv4-UNDERLAY-PEERS + activate: true + - name: EVPN-OVERLAY-PEERS + activate: false redistribute_routes: - connected: - route_map: RM-CONN-2-BGP + - source_protocol: connected + route_map: RM-CONN-2-BGP neighbors: - 172.31.255.1: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65101' - description: DC1-LEAF1A_Ethernet1 - 172.31.255.5: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65101' - description: DC1-LEAF1B_Ethernet1 - 172.31.255.9: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65102' - description: DC1-LEAF2A_Ethernet1 - 172.31.255.13: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65102' - description: DC1-LEAF2B_Ethernet1 - 192.168.255.3: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-LEAF1A - remote_as: '65101' - 192.168.255.4: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-LEAF1B - remote_as: '65101' - 192.168.255.5: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-LEAF2A - remote_as: '65102' - 192.168.255.6: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-LEAF2B - remote_as: '65102' + - ip_address: 172.31.255.1 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65101' + peer: DC1-LEAF1A + description: DC1-LEAF1A_Ethernet1 + - ip_address: 172.31.255.5 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65101' + peer: DC1-LEAF1B + description: DC1-LEAF1B_Ethernet1 + - ip_address: 172.31.255.9 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65102' + peer: DC1-LEAF2A + description: DC1-LEAF2A_Ethernet1 + - ip_address: 172.31.255.13 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65102' + peer: DC1-LEAF2B + description: DC1-LEAF2B_Ethernet1 + - ip_address: 192.168.255.3 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-LEAF1A + description: DC1-LEAF1A + remote_as: '65101' + - ip_address: 192.168.255.4 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-LEAF1B + description: DC1-LEAF1B + remote_as: '65101' + - ip_address: 192.168.255.5 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-LEAF2A + description: DC1-LEAF2A + remote_as: '65102' + - ip_address: 192.168.255.6 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-LEAF2B + description: DC1-LEAF2B + remote_as: '65102' address_family_evpn: peer_groups: - EVPN-OVERLAY-PEERS: - activate: true + - name: EVPN-OVERLAY-PEERS + activate: true static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 @@ -79,6 +98,7 @@ daemon_terminattr: - 10.255.0.1:9910 cvauth: method: key + key: '' cvvrf: MGMT smashexcludes: ale,flexCounter,hardware,kni,pulse,strata ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent @@ -88,96 +108,95 @@ vlan_internal_order: range: beginning: 1006 ending: 1199 -name_server: - source: - vrf: MGMT - nodes: - - 192.168.2.1 - - 8.8.8.8 +ip_name_servers: +- ip_address: 192.168.2.1 + vrf: MGMT +- ip_address: 8.8.8.8 + vrf: MGMT spanning_tree: mode: none local_users: - admin: - privilege: 15 - role: network-admin - sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 - ansible: - privilege: 15 - role: network-admin - sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ - cvpadmin: - privilege: 15 - role: network-admin - sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +- name: admin + privilege: 15 + role: network-admin + sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 +- name: ansible + privilege: 15 + role: network-admin + sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ +- name: cvpadmin + privilege: 15 + role: network-admin + sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. vrfs: - MGMT: - ip_routing: false +- name: MGMT + ip_routing: false management_interfaces: - Management1: - description: oob_management - shutdown: false - vrf: MGMT - ip_address: 10.255.0.11/24 - gateway: 10.255.0.1 - type: oob +- name: Management1 + description: oob_management + shutdown: false + vrf: MGMT + ip_address: 10.255.0.11/24 + gateway: 10.255.0.1 + type: oob management_api_http: enable_vrfs: - MGMT: {} + - name: MGMT enable_https: true ethernet_interfaces: - Ethernet1: - peer: DC1-LEAF1A - peer_interface: Ethernet1 - peer_type: l3leaf - description: P2P_LINK_TO_DC1-LEAF1A_Ethernet1 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.0/31 - Ethernet2: - peer: DC1-LEAF1B - peer_interface: Ethernet1 - peer_type: l3leaf - description: P2P_LINK_TO_DC1-LEAF1B_Ethernet1 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.4/31 - Ethernet3: - peer: DC1-LEAF2A - peer_interface: Ethernet1 - peer_type: l3leaf - description: P2P_LINK_TO_DC1-LEAF2A_Ethernet1 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.8/31 - Ethernet4: - peer: DC1-LEAF2B - peer_interface: Ethernet1 - peer_type: l3leaf - description: P2P_LINK_TO_DC1-LEAF2B_Ethernet1 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.12/31 +- name: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet1 + peer_type: l3leaf + description: P2P_LINK_TO_DC1-LEAF1A_Ethernet1 + shutdown: false + mtu: 1500 + type: routed + ip_address: 172.31.255.0/31 +- name: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet1 + peer_type: l3leaf + description: P2P_LINK_TO_DC1-LEAF1B_Ethernet1 + shutdown: false + mtu: 1500 + type: routed + ip_address: 172.31.255.4/31 +- name: Ethernet3 + peer: DC1-LEAF2A + peer_interface: Ethernet1 + peer_type: l3leaf + description: P2P_LINK_TO_DC1-LEAF2A_Ethernet1 + shutdown: false + mtu: 1500 + type: routed + ip_address: 172.31.255.8/31 +- name: Ethernet4 + peer: DC1-LEAF2B + peer_interface: Ethernet1 + peer_type: l3leaf + description: P2P_LINK_TO_DC1-LEAF2B_Ethernet1 + shutdown: false + mtu: 1500 + type: routed + ip_address: 172.31.255.12/31 loopback_interfaces: - Loopback0: - description: EVPN_Overlay_Peering - shutdown: false - ip_address: 192.168.255.1/32 +- name: Loopback0 + description: EVPN_Overlay_Peering + shutdown: false + ip_address: 192.168.255.1/32 prefix_lists: - PL-LOOPBACKS-EVPN-OVERLAY: - sequence_numbers: - 10: - action: permit 192.168.255.0/24 eq 32 +- name: PL-LOOPBACKS-EVPN-OVERLAY + sequence_numbers: + - sequence: 10 + action: permit 192.168.255.0/24 eq 32 route_maps: - RM-CONN-2-BGP: - sequence_numbers: - 10: - type: permit - match: - - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +- name: RM-CONN-2-BGP + sequence_numbers: + - sequence: 10 + type: permit + match: + - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY router_bfd: multihop: interval: 1200 diff --git a/inventory/intended/structured_configs/DC1-SPINE2-debug-vars.yml b/inventory/intended/structured_configs/DC1-SPINE2-debug-vars.yml index ea9a96c1..5db237f8 100644 --- a/inventory/intended/structured_configs/DC1-SPINE2-debug-vars.yml +++ b/inventory/intended/structured_configs/DC1-SPINE2-debug-vars.yml @@ -20,7 +20,8 @@ local_users: privilege: 15 role: network-admin sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -cvp_instance_ip: 10.255.0.1 +cvp_instance_ips: +- 10.255.0.1 cvp_ingestauth_key: '' mgmt_interface: Management1 mgmt_interface_vrf: MGMT @@ -39,13 +40,13 @@ custom_structured_configuration_ntp: - name: 1.fr.pool.ntp.org vrf: MGMT fabric_name: DC1_FABRIC -vxlan_vlan_aware_bundles: true +evpn_vlan_aware_bundles: true bgp_peer_groups: - IPv4_UNDERLAY_PEERS: + ipv4_underlay_peers: password: AQQvKeimxJu+uGQ/yYvv9w== - EVPN_OVERLAY_PEERS: + evpn_overlay_peers: password: q+VNViP5i4rVjW1cxFv2wA== - MLAG_IPv4_UNDERLAY_PEER: + mlag_ipv4_underlay_peer: password: vnEaG8gMeQf3d3cN6PktXQ== spine: defaults: @@ -183,8 +184,8 @@ bfd_multihop: interval: 1200 min_rx: 1200 multiplier: 3 -inventory_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml -inventory_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory +inventory_file: /home/colin/temp/ansible-avd-cloudvision-demo/inventory/inventory.yml +inventory_dir: /home/colin/temp/ansible-avd-cloudvision-demo/inventory ansible_host: 10.255.0.12 inventory_hostname: DC1-SPINE2 inventory_hostname_short: DC1-SPINE2 @@ -193,137 +194,846 @@ group_names: - DC1_FABRIC - DC1_SPINES ansible_facts: - switch: - type: spine - node_type_key: spine - connected_endpoints: false - default_evpn_role: server - mlag_support: false - network_services_l2: false - network_services_l3: false - underlay_router: true - uplink_type: p2p - vtep: false - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - id: 2 - mgmt_ip: 10.255.0.12/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - spanning_tree_mode: none - max_uplink_switches: 0 - max_parallel_uplinks: 1 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 0 - router_id: 192.168.255.2 - bgp_as: '65001' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: server - mlag: false - topology: - peers: [] - vlans: [] -switch: - type: spine - node_type_key: spine - connected_endpoints: false - default_evpn_role: server - mlag_support: false - network_services_l2: false - network_services_l3: false - underlay_router: true - uplink_type: p2p - vtep: false - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - id: 2 - mgmt_ip: 10.255.0.12/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - spanning_tree_mode: none - max_uplink_switches: 0 - max_parallel_uplinks: 1 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 0 - router_id: 192.168.255.2 - bgp_as: '65001' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: server - mlag: false -topology: - peers: [] - vlans: [] -playbook_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/playbooks -ansible_playbook_python: /Users/tgrimonet/.pyenv/versions/3.9.7/envs/arista-avd-demo/bin/python3.9 -ansible_config_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/ansible.cfg + avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF1A + - DC1-LEAF1B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF2A + - DC1-LEAF2B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + avd_topology_peers: + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF2A: + - DC1-L2LEAF2A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF1 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF1A + - DC1-LEAF1B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + channel_description: DC1_LEAF2 + channel_group_id: '1' + peer_channel_group_id: '5' + vlans: 110-112,120-121,130-131 + uplink_peers: + - DC1-LEAF2A + - DC1-LEAF2B + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] +avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_topology_peers: + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF2A: + - DC1-L2LEAF2A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_requirements: + failed: false + changed: false +playbook_dir: /home/colin/temp/ansible-avd-cloudvision-demo/playbooks +ansible_playbook_python: /home/colin/act-single-dc/.venv/bin/python3 +ansible_config_file: /home/colin/temp/ansible-avd-cloudvision-demo/ansible.cfg groups: all: - cv_ztp - cv_server - DC1-SPINE1 - DC1-SPINE2 + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A ungrouped: [] CVP: - cv_ztp @@ -340,12 +1050,12 @@ groups: DC1_FABRIC: - DC1-SPINE1 - DC1-SPINE2 + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A DC1_SPINES: - DC1-SPINE1 - DC1-SPINE2 @@ -368,31 +1078,31 @@ groups: DC1_L2LEAF2: - DC1-L2LEAF2A DC1_TENANTS_NETWORKS: + - DC1-L2LEAF1A + - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B + DC1_SERVERS: - DC1-L2LEAF1A - DC1-L2LEAF2A - DC1_SERVERS: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - - DC1-L2LEAF1A - - DC1-L2LEAF2A -omit: __omit_place_holder__977da4f00604c643da39a9f2175c10b09f0b2380 +omit: __omit_place_holder__ab9c18ca0c75d03d3972f5ad58a93aebf5c2084c ansible_version: - string: 2.10.14 - full: 2.10.14 + string: 2.16.3 + full: 2.16.3 major: 2 - minor: 10 - revision: 14 + minor: 16 + revision: 3 ansible_check_mode: false ansible_diff_mode: false ansible_forks: 5 ansible_inventory_sources: -- /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml +- /home/colin/temp/ansible-avd-cloudvision-demo/inventory/inventory.yml ansible_skip_tags: [] ansible_run_tags: - build diff --git a/inventory/intended/structured_configs/DC1-SPINE2.yml b/inventory/intended/structured_configs/DC1-SPINE2.yml index a922d8ac..53af3653 100644 --- a/inventory/intended/structured_configs/DC1-SPINE2.yml +++ b/inventory/intended/structured_configs/DC1-SPINE2.yml @@ -1,3 +1,7 @@ +hostname: DC1-SPINE2 +metadata: + platform: vEOS-LAB +is_deployed: true router_bgp: as: '65001' router_id: 192.168.255.2 @@ -6,68 +10,83 @@ router_bgp: - distance bgp 20 200 200 - graceful-restart restart-time 300 - graceful-restart - - maximum-paths 4 ecmp 4 + bgp: + default: + ipv4_unicast: false + maximum_paths: + paths: 4 + ecmp: 4 + updates: + wait_install: true peer_groups: - IPv4-UNDERLAY-PEERS: - type: ipv4 - password: AQQvKeimxJu+uGQ/yYvv9w== - maximum_routes: 12000 - send_community: all - EVPN-OVERLAY-PEERS: - type: evpn - update_source: Loopback0 - bfd: true - ebgp_multihop: '3' - password: q+VNViP5i4rVjW1cxFv2wA== - send_community: all - maximum_routes: 0 - next_hop_unchanged: true + - name: IPv4-UNDERLAY-PEERS + type: ipv4 + password: AQQvKeimxJu+uGQ/yYvv9w== + maximum_routes: 12000 + send_community: all + - name: EVPN-OVERLAY-PEERS + type: evpn + update_source: Loopback0 + bfd: true + password: q+VNViP5i4rVjW1cxFv2wA== + send_community: all + maximum_routes: 0 + ebgp_multihop: 3 + next_hop_unchanged: true address_family_ipv4: peer_groups: - IPv4-UNDERLAY-PEERS: - activate: true - EVPN-OVERLAY-PEERS: - activate: false + - name: IPv4-UNDERLAY-PEERS + activate: true + - name: EVPN-OVERLAY-PEERS + activate: false redistribute_routes: - connected: - route_map: RM-CONN-2-BGP + - source_protocol: connected + route_map: RM-CONN-2-BGP neighbors: - 172.31.255.3: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65101' - description: DC1-LEAF1A_Ethernet2 - 172.31.255.7: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65101' - description: DC1-LEAF1B_Ethernet2 - 172.31.255.11: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65102' - description: DC1-LEAF2A_Ethernet2 - 172.31.255.15: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65102' - description: DC1-LEAF2B_Ethernet2 - 192.168.255.3: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-LEAF1A - remote_as: '65101' - 192.168.255.4: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-LEAF1B - remote_as: '65101' - 192.168.255.5: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-LEAF2A - remote_as: '65102' - 192.168.255.6: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-LEAF2B - remote_as: '65102' + - ip_address: 172.31.255.3 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65101' + peer: DC1-LEAF1A + description: DC1-LEAF1A_Ethernet2 + - ip_address: 172.31.255.7 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65101' + peer: DC1-LEAF1B + description: DC1-LEAF1B_Ethernet2 + - ip_address: 172.31.255.11 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65102' + peer: DC1-LEAF2A + description: DC1-LEAF2A_Ethernet2 + - ip_address: 172.31.255.15 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65102' + peer: DC1-LEAF2B + description: DC1-LEAF2B_Ethernet2 + - ip_address: 192.168.255.3 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-LEAF1A + description: DC1-LEAF1A + remote_as: '65101' + - ip_address: 192.168.255.4 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-LEAF1B + description: DC1-LEAF1B + remote_as: '65101' + - ip_address: 192.168.255.5 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-LEAF2A + description: DC1-LEAF2A + remote_as: '65102' + - ip_address: 192.168.255.6 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-LEAF2B + description: DC1-LEAF2B + remote_as: '65102' address_family_evpn: peer_groups: - EVPN-OVERLAY-PEERS: - activate: true + - name: EVPN-OVERLAY-PEERS + activate: true static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 @@ -79,6 +98,7 @@ daemon_terminattr: - 10.255.0.1:9910 cvauth: method: key + key: '' cvvrf: MGMT smashexcludes: ale,flexCounter,hardware,kni,pulse,strata ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent @@ -88,96 +108,95 @@ vlan_internal_order: range: beginning: 1006 ending: 1199 -name_server: - source: - vrf: MGMT - nodes: - - 192.168.2.1 - - 8.8.8.8 +ip_name_servers: +- ip_address: 192.168.2.1 + vrf: MGMT +- ip_address: 8.8.8.8 + vrf: MGMT spanning_tree: mode: none local_users: - admin: - privilege: 15 - role: network-admin - sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 - ansible: - privilege: 15 - role: network-admin - sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ - cvpadmin: - privilege: 15 - role: network-admin - sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +- name: admin + privilege: 15 + role: network-admin + sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 +- name: ansible + privilege: 15 + role: network-admin + sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ +- name: cvpadmin + privilege: 15 + role: network-admin + sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. vrfs: - MGMT: - ip_routing: false +- name: MGMT + ip_routing: false management_interfaces: - Management1: - description: oob_management - shutdown: false - vrf: MGMT - ip_address: 10.255.0.12/24 - gateway: 10.255.0.1 - type: oob +- name: Management1 + description: oob_management + shutdown: false + vrf: MGMT + ip_address: 10.255.0.12/24 + gateway: 10.255.0.1 + type: oob management_api_http: enable_vrfs: - MGMT: {} + - name: MGMT enable_https: true ethernet_interfaces: - Ethernet1: - peer: DC1-LEAF1A - peer_interface: Ethernet2 - peer_type: l3leaf - description: P2P_LINK_TO_DC1-LEAF1A_Ethernet2 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.2/31 - Ethernet2: - peer: DC1-LEAF1B - peer_interface: Ethernet2 - peer_type: l3leaf - description: P2P_LINK_TO_DC1-LEAF1B_Ethernet2 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.6/31 - Ethernet3: - peer: DC1-LEAF2A - peer_interface: Ethernet2 - peer_type: l3leaf - description: P2P_LINK_TO_DC1-LEAF2A_Ethernet2 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.10/31 - Ethernet4: - peer: DC1-LEAF2B - peer_interface: Ethernet2 - peer_type: l3leaf - description: P2P_LINK_TO_DC1-LEAF2B_Ethernet2 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.14/31 +- name: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet2 + peer_type: l3leaf + description: P2P_LINK_TO_DC1-LEAF1A_Ethernet2 + shutdown: false + mtu: 1500 + type: routed + ip_address: 172.31.255.2/31 +- name: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet2 + peer_type: l3leaf + description: P2P_LINK_TO_DC1-LEAF1B_Ethernet2 + shutdown: false + mtu: 1500 + type: routed + ip_address: 172.31.255.6/31 +- name: Ethernet3 + peer: DC1-LEAF2A + peer_interface: Ethernet2 + peer_type: l3leaf + description: P2P_LINK_TO_DC1-LEAF2A_Ethernet2 + shutdown: false + mtu: 1500 + type: routed + ip_address: 172.31.255.10/31 +- name: Ethernet4 + peer: DC1-LEAF2B + peer_interface: Ethernet2 + peer_type: l3leaf + description: P2P_LINK_TO_DC1-LEAF2B_Ethernet2 + shutdown: false + mtu: 1500 + type: routed + ip_address: 172.31.255.14/31 loopback_interfaces: - Loopback0: - description: EVPN_Overlay_Peering - shutdown: false - ip_address: 192.168.255.2/32 +- name: Loopback0 + description: EVPN_Overlay_Peering + shutdown: false + ip_address: 192.168.255.2/32 prefix_lists: - PL-LOOPBACKS-EVPN-OVERLAY: - sequence_numbers: - 10: - action: permit 192.168.255.0/24 eq 32 +- name: PL-LOOPBACKS-EVPN-OVERLAY + sequence_numbers: + - sequence: 10 + action: permit 192.168.255.0/24 eq 32 route_maps: - RM-CONN-2-BGP: - sequence_numbers: - 10: - type: permit - match: - - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +- name: RM-CONN-2-BGP + sequence_numbers: + - sequence: 10 + type: permit + match: + - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY router_bfd: multihop: interval: 1200 diff --git a/inventory/intended/structured_configs/cvp/cv_server.yml b/inventory/intended/structured_configs/cvp/cv_server.yml index ef3e2de4..7294ad40 100644 --- a/inventory/intended/structured_configs/cvp/cv_server.yml +++ b/inventory/intended/structured_configs/cvp/cv_server.yml @@ -1,67 +1,51 @@ --- -CVP_DEVICES: - DC1-L2LEAF1A: - name: DC1-L2LEAF1A +cvp_devices: + - fqdn: DC1-L2LEAF1A parentContainerName: DC1_L2LEAF1 configlets: - DC1-AVD_DC1-L2LEAF1A - imageBundle: [] - DC1-L2LEAF2A: - name: DC1-L2LEAF2A + - fqdn: DC1-L2LEAF2A parentContainerName: DC1_L2LEAF2 configlets: - DC1-AVD_DC1-L2LEAF2A - imageBundle: [] - DC1-LEAF1A: - name: DC1-LEAF1A + - fqdn: DC1-LEAF1A parentContainerName: DC1_LEAF1 configlets: - DC1-AVD_DC1-LEAF1A - imageBundle: [] - DC1-LEAF1B: - name: DC1-LEAF1B + - fqdn: DC1-LEAF1B parentContainerName: DC1_LEAF1 configlets: - DC1-AVD_DC1-LEAF1B - imageBundle: [] - DC1-LEAF2A: - name: DC1-LEAF2A + - fqdn: DC1-LEAF2A parentContainerName: DC1_LEAF2 configlets: - DC1-AVD_DC1-LEAF2A - imageBundle: [] - DC1-LEAF2B: - name: DC1-LEAF2B + - fqdn: DC1-LEAF2B parentContainerName: DC1_LEAF2 configlets: - DC1-AVD_DC1-LEAF2B - imageBundle: [] - DC1-SPINE1: - name: DC1-SPINE1 + - fqdn: DC1-SPINE1 parentContainerName: DC1_SPINES configlets: - DC1-AVD_DC1-SPINE1 - imageBundle: [] - DC1-SPINE2: - name: DC1-SPINE2 + - fqdn: DC1-SPINE2 parentContainerName: DC1_SPINES configlets: - DC1-AVD_DC1-SPINE2 - imageBundle: [] -CVP_CONTAINERS: +cvp_containers: DC1_FABRIC: - parent_container: Tenant + parentContainerName: Tenant DC1_L2LEAF1: - parent_container: DC1_L2LEAFS + parentContainerName: DC1_L2LEAFS DC1_L2LEAF2: - parent_container: DC1_L2LEAFS + parentContainerName: DC1_L2LEAFS DC1_L2LEAFS: - parent_container: DC1_FABRIC + parentContainerName: DC1_FABRIC DC1_L3LEAFS: - parent_container: DC1_FABRIC + parentContainerName: DC1_FABRIC DC1_LEAF1: - parent_container: DC1_L3LEAFS + parentContainerName: DC1_L3LEAFS DC1_LEAF2: - parent_container: DC1_L3LEAFS + parentContainerName: DC1_L3LEAFS DC1_SPINES: - parent_container: DC1_FABRIC + parentContainerName: DC1_FABRIC diff --git a/inventory/intended/structured_configs/cvp/cv_server_configlets.yml b/inventory/intended/structured_configs/cvp/cv_server_configlets.yml index 1be3d944..85eae56f 100644 --- a/inventory/intended/structured_configs/cvp/cv_server_configlets.yml +++ b/inventory/intended/structured_configs/cvp/cv_server_configlets.yml @@ -1,980 +1,981 @@ -CVP_CONFIGLETS: - DC1-AVD_DC1-L2LEAF1A: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec\ - \ /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata\ - \ -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n\ - !\nvlan internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode\ - \ 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname DC1-L2LEAF1A\n\ - ip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface\ - \ vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server\ - \ vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nspanning-tree mst 0\ - \ priority 16384\n!\nno aaa root\nno enable password\n!\nusername admin privilege\ - \ 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\n\ - username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\n\ - username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n\ - !\nvlan 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n\ - !\nvlan 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n\ - !\nvlan 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n\ - !\nvlan 131\n name Tenant_A_APP_Zone_2\n!\nvrf instance MGMT\n!\ninterface Port-Channel1\n\ - \ description DC1_LEAF1_Po5\n no shutdown\n switchport\n switchport trunk\ - \ allowed vlan 110-112,120-121,130-131\n switchport mode trunk\n!\ninterface\ - \ Ethernet1\n description DC1-LEAF1A_Ethernet5\n no shutdown\n channel-group\ - \ 1 mode active\n!\ninterface Ethernet2\n description DC1-LEAF1B_Ethernet5\n\ - \ no shutdown\n channel-group 1 mode active\n!\ninterface Ethernet5\n description\ - \ server01_Eth0\n no shutdown\n switchport\n switchport access vlan 110\n\ - \ switchport mode access\n!\ninterface Management1\n description oob_management\n\ - \ no shutdown\n vrf MGMT\n ip address 10.255.0.17/24\n!\nip routing\nno\ - \ ip routing vrf MGMT\n!\nip route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nmanagement\ - \ api http-commands\n protocol https\n no shutdown\n !\n vrf MGMT\n \ - \ no shutdown\n!\nend\n" - DC1-AVD_DC1-L2LEAF2A: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec\ - \ /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata\ - \ -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n\ - !\nvlan internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode\ - \ 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname DC1-L2LEAF2A\n\ - ip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface\ - \ vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server\ - \ vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nspanning-tree mst 0\ - \ priority 16384\n!\nno aaa root\nno enable password\n!\nusername admin privilege\ - \ 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\n\ - username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\n\ - username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n\ - !\nvlan 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n\ - !\nvlan 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n\ - !\nvlan 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n\ - !\nvlan 131\n name Tenant_A_APP_Zone_2\n!\nvrf instance MGMT\n!\ninterface Port-Channel1\n\ - \ description DC1_LEAF2_Po5\n no shutdown\n switchport\n switchport trunk\ - \ allowed vlan 110-112,120-121,130-131\n switchport mode trunk\n!\ninterface\ - \ Ethernet1\n description DC1-LEAF2A_Ethernet5\n no shutdown\n channel-group\ - \ 1 mode active\n!\ninterface Ethernet2\n description DC1-LEAF2B_Ethernet5\n\ - \ no shutdown\n channel-group 1 mode active\n!\ninterface Ethernet5\n description\ - \ server02_Eth0\n no shutdown\n switchport\n switchport access vlan 110\n\ - \ switchport mode access\n!\ninterface Management1\n description oob_management\n\ - \ no shutdown\n vrf MGMT\n ip address 10.255.0.18/24\n!\nip routing\nno\ - \ ip routing vrf MGMT\n!\nip route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nmanagement\ - \ api http-commands\n protocol https\n no shutdown\n !\n vrf MGMT\n \ - \ no shutdown\n!\nend\n" - DC1-AVD_DC1-LEAF1A: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec\ - \ /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata\ - \ -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n\ - !\nvlan internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode\ - \ 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname DC1-LEAF1A\n\ - ip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface\ - \ vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server\ - \ vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nno spanning-tree vlan-id\ - \ 4093-4094\nspanning-tree mst 0 priority 16384\n!\nno aaa root\nno enable password\n\ - !\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\n\ - username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\n\ - username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n\ - !\nvlan 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n\ - !\nvlan 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n\ - !\nvlan 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n\ - !\nvlan 131\n name Tenant_A_APP_Zone_2\n!\nvlan 140\n name Tenant_A_DB_BZone_1\n\ - !\nvlan 141\n name Tenant_A_DB_Zone_2\n!\nvlan 150\n name Tenant_A_WAN_Zone_1\n\ - !\nvlan 160\n name Tenant_A_VMOTION\n!\nvlan 161\n name Tenant_A_NFS\n!\n\ - vlan 210\n name Tenant_B_OP_Zone_1\n!\nvlan 211\n name Tenant_B_OP_Zone_2\n\ - !\nvlan 250\n name Tenant_B_WAN_Zone_1\n!\nvlan 310\n name Tenant_C_OP_Zone_1\n\ - !\nvlan 311\n name Tenant_C_OP_Zone_2\n!\nvlan 350\n name Tenant_C_WAN_Zone_1\n\ - !\nvlan 3009\n name MLAG_iBGP_Tenant_A_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3010\n name MLAG_iBGP_Tenant_A_WEB_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3011\n name MLAG_iBGP_Tenant_A_APP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3012\n name MLAG_iBGP_Tenant_A_DB_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3013\n name MLAG_iBGP_Tenant_A_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3019\n name MLAG_iBGP_Tenant_B_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3020\n name MLAG_iBGP_Tenant_B_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3029\n name MLAG_iBGP_Tenant_C_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3030\n name MLAG_iBGP_Tenant_C_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 4093\n name LEAF_PEER_L3\n trunk group LEAF_PEER_L3\n!\nvlan 4094\n\ - \ name MLAG_PEER\n trunk group MLAG\n!\nvrf instance MGMT\n!\nvrf instance\ - \ Tenant_A_APP_Zone\n!\nvrf instance Tenant_A_DB_Zone\n!\nvrf instance Tenant_A_OP_Zone\n\ - !\nvrf instance Tenant_A_WAN_Zone\n!\nvrf instance Tenant_A_WEB_Zone\n!\nvrf instance\ - \ Tenant_B_OP_Zone\n!\nvrf instance Tenant_B_WAN_Zone\n!\nvrf instance Tenant_C_OP_Zone\n\ - !\nvrf instance Tenant_C_WAN_Zone\n!\ninterface Port-Channel3\n description\ - \ MLAG_PEER_DC1-LEAF1B_Po3\n no shutdown\n switchport\n switchport trunk\ - \ allowed vlan 2-4094\n switchport mode trunk\n switchport trunk group LEAF_PEER_L3\n\ - \ switchport trunk group MLAG\n!\ninterface Port-Channel5\n description DC1-L2LEAF1A_Po1\n\ - \ no shutdown\n switchport\n switchport trunk allowed vlan 110-112,120-121,130-131\n\ - \ switchport mode trunk\n mlag 5\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-SPINE1_Ethernet1\n\ - \ no shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.1/31\n\ - !\ninterface Ethernet2\n description P2P_LINK_TO_DC1-SPINE2_Ethernet1\n no\ - \ shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.3/31\n!\n\ - interface Ethernet3\n description MLAG_PEER_DC1-LEAF1B_Ethernet3\n no shutdown\n\ - \ channel-group 3 mode active\n!\ninterface Ethernet4\n description MLAG_PEER_DC1-LEAF1B_Ethernet4\n\ - \ no shutdown\n channel-group 3 mode active\n!\ninterface Ethernet5\n description\ - \ DC1-L2LEAF1A_Ethernet1\n no shutdown\n channel-group 5 mode active\n!\n\ - interface Loopback0\n description EVPN_Overlay_Peering\n no shutdown\n ip\ - \ address 192.168.255.3/32\n!\ninterface Loopback1\n description VTEP_VXLAN_Tunnel_Source\n\ - \ no shutdown\n ip address 192.168.254.3/32\n!\ninterface Loopback100\n \ - \ description Tenant_A_OP_Zone_VTEP_DIAGNOSTICS\n no shutdown\n vrf Tenant_A_OP_Zone\n\ - \ ip address 10.255.1.3/32\n!\ninterface Management1\n description oob_management\n\ - \ no shutdown\n vrf MGMT\n ip address 10.255.0.13/24\n!\ninterface Vlan110\n\ - \ description Tenant_A_OP_Zone_1\n no shutdown\n vrf Tenant_A_OP_Zone\n\ - \ ip address virtual 10.1.10.1/24\n!\ninterface Vlan111\n description Tenant_A_OP_Zone_2\n\ - \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.11.1/24\n\ - !\ninterface Vlan112\n description Tenant_A_OP_Zone_3\n no shutdown\n vrf\ - \ Tenant_A_OP_Zone\n ip address virtual 10.1.12.254/24\n!\ninterface Vlan120\n\ - \ description Tenant_A_WEB_Zone_1\n no shutdown\n vrf Tenant_A_WEB_Zone\n\ - !\ninterface Vlan121\n description Tenant_A_WEBZone_2\n no shutdown\n vrf\ - \ Tenant_A_WEB_Zone\n ip address virtual 10.1.21.1/24\n!\ninterface Vlan130\n\ - \ description Tenant_A_APP_Zone_1\n no shutdown\n vrf Tenant_A_APP_Zone\n\ - !\ninterface Vlan131\n description Tenant_A_APP_Zone_2\n no shutdown\n vrf\ - \ Tenant_A_APP_Zone\n ip address virtual 10.1.31.254/24\n!\ninterface Vlan140\n\ - \ description Tenant_A_DB_BZone_1\n no shutdown\n vrf Tenant_A_DB_Zone\n\ - \ ip address virtual 10.1.40.1/24\n!\ninterface Vlan141\n description Tenant_A_DB_Zone_2\n\ - \ no shutdown\n vrf Tenant_A_DB_Zone\n ip address virtual 10.1.41.1/24\n\ - !\ninterface Vlan150\n description Tenant_A_WAN_Zone_1\n no shutdown\n vrf\ - \ Tenant_A_WAN_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface Vlan210\n\ - \ description Tenant_B_OP_Zone_1\n no shutdown\n vrf Tenant_B_OP_Zone\n\ - !\ninterface Vlan211\n description Tenant_B_OP_Zone_2\n no shutdown\n vrf\ - \ Tenant_B_OP_Zone\n ip address virtual 10.2.11.1/24\n!\ninterface Vlan250\n\ - \ description Tenant_B_WAN_Zone_1\n no shutdown\n vrf Tenant_B_WAN_Zone\n\ - \ ip address virtual 10.2.50.1/24\n!\ninterface Vlan310\n description Tenant_C_OP_Zone_1\n\ - \ no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface Vlan311\n description\ - \ Tenant_C_OP_Zone_2\n no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface Vlan350\n\ - \ description Tenant_C_WAN_Zone_1\n no shutdown\n vrf Tenant_C_WAN_Zone\n\ - !\ninterface Vlan3009\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_OP_Zone\n ip address 10.255.251.0/31\n\ - !\ninterface Vlan3010\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_WEB_Zone\n ip address 10.255.251.0/31\n\ - !\ninterface Vlan3011\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_APP_Zone\n ip address 10.255.251.0/31\n\ - !\ninterface Vlan3012\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_DB_Zone\n ip address 10.255.251.0/31\n\ - !\ninterface Vlan3013\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_WAN_Zone\n ip address 10.255.251.0/31\n\ - !\ninterface Vlan3019\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_B_OP_Zone\n ip address 10.255.251.0/31\n\ - !\ninterface Vlan3020\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_B_WAN_Zone\n ip address 10.255.251.0/31\n\ - !\ninterface Vlan3029\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_C_OP_Zone\n ip address 10.255.251.0/31\n\ - !\ninterface Vlan3030\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_C_WAN_Zone\n ip address 10.255.251.0/31\n\ - !\ninterface Vlan4093\n description MLAG_PEER_L3_PEERING\n no shutdown\n \ - \ mtu 1500\n ip address 10.255.251.0/31\n!\ninterface Vlan4094\n description\ - \ MLAG_PEER\n no shutdown\n mtu 1500\n no autostate\n ip address 10.255.252.0/31\n\ - !\ninterface Vxlan1\n description DC1-LEAF1A_VTEP\n vxlan source-interface\ - \ Loopback1\n vxlan virtual-router encapsulation mac-address mlag-system-id\n\ - \ vxlan udp-port 4789\n vxlan vlan 110 vni 10110\n vxlan vlan 111 vni 50111\n\ - \ vxlan vlan 112 vni 50112\n vxlan vlan 120 vni 10120\n vxlan vlan 121 vni\ - \ 10121\n vxlan vlan 130 vni 10130\n vxlan vlan 131 vni 10131\n vxlan vlan\ - \ 140 vni 10140\n vxlan vlan 141 vni 10141\n vxlan vlan 150 vni 10150\n \ - \ vxlan vlan 160 vni 55160\n vxlan vlan 161 vni 10161\n vxlan vlan 210 vni\ - \ 20210\n vxlan vlan 211 vni 20211\n vxlan vlan 250 vni 20250\n vxlan vlan\ - \ 310 vni 30310\n vxlan vlan 311 vni 30311\n vxlan vlan 350 vni 30350\n \ - \ vxlan vrf Tenant_A_APP_Zone vni 12\n vxlan vrf Tenant_A_DB_Zone vni 13\n \ - \ vxlan vrf Tenant_A_OP_Zone vni 10\n vxlan vrf Tenant_A_WAN_Zone vni 14\n\ - \ vxlan vrf Tenant_A_WEB_Zone vni 11\n vxlan vrf Tenant_B_OP_Zone vni 20\n\ - \ vxlan vrf Tenant_B_WAN_Zone vni 21\n vxlan vrf Tenant_C_OP_Zone vni 30\n\ - \ vxlan vrf Tenant_C_WAN_Zone vni 31\n!\nip virtual-router mac-address 00:1c:73:00:dc:01\n\ - !\nip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.3\n!\n\ - ip routing\nno ip routing vrf MGMT\nip routing vrf Tenant_A_APP_Zone\nip routing\ - \ vrf Tenant_A_DB_Zone\nip routing vrf Tenant_A_OP_Zone\nip routing vrf Tenant_A_WAN_Zone\n\ - ip routing vrf Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing\ - \ vrf Tenant_B_WAN_Zone\nip routing vrf Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n\ - !\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24\ - \ eq 32\n seq 20 permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id\ - \ DC1_LEAF1\n local-interface Vlan4094\n peer-address 10.255.252.1\n peer-link\ - \ Port-Channel3\n reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip\ - \ route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map RM-CONN-2-BGP permit 10\n\ - \ match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN\ - \ permit 10\n description Make routes learned over MLAG Peer-link less preferred\ - \ on spines to ensure optimal routing\n set origin incomplete\n!\nrouter bfd\n\ - \ multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65101\n router-id\ - \ 192.168.255.3\n no bgp default ipv4-unicast\n distance bgp 20 200 200\n\ - \ graceful-restart restart-time 300\n graceful-restart\n maximum-paths 4\ - \ ecmp 4\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS\ - \ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS\ - \ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n\ - \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS\ - \ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS\ - \ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n\ - \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101\n neighbor\ - \ MLAG-IPv4-UNDERLAY-PEER next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER password\ - \ 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n\ - \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ neighbor 10.255.251.1 description DC1-LEAF1B\n neighbor 172.31.255.0 peer\ - \ group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.0 remote-as 65001\n neighbor\ - \ 172.31.255.0 description DC1-SPINE1_Ethernet1\n neighbor 172.31.255.2 peer\ - \ group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.2 remote-as 65001\n neighbor\ - \ 172.31.255.2 description DC1-SPINE2_Ethernet1\n neighbor 192.168.255.1 peer\ - \ group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor\ - \ 192.168.255.1 description DC1-SPINE1\n neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n\ - \ neighbor 192.168.255.2 remote-as 65001\n neighbor 192.168.255.2 description\ - \ DC1-SPINE2\n redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle\ - \ Tenant_A_APP_Zone\n rd 192.168.255.3:12\n route-target both 12:12\n\ - \ redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n\ - \ rd 192.168.255.3:13\n route-target both 13:13\n redistribute\ - \ learned\n vlan 140-141\n !\n vlan-aware-bundle Tenant_A_NFS\n \ - \ rd 192.168.255.3:10161\n route-target both 10161:10161\n redistribute\ - \ learned\n vlan 161\n !\n vlan-aware-bundle Tenant_A_OP_Zone\n \ - \ rd 192.168.255.3:10\n route-target both 10:10\n redistribute learned\n\ - \ vlan 110-112\n !\n vlan-aware-bundle Tenant_A_VMOTION\n rd 192.168.255.3:55160\n\ - \ route-target both 55160:55160\n redistribute learned\n vlan 160\n\ - \ !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd 192.168.255.3:14\n \ - \ route-target both 14:14\n redistribute learned\n vlan 150\n !\n\ - \ vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.3:11\n route-target\ - \ both 11:11\n redistribute learned\n vlan 120-121\n !\n vlan-aware-bundle\ - \ Tenant_B_OP_Zone\n rd 192.168.255.3:20\n route-target both 20:20\n\ - \ redistribute learned\n vlan 210-211\n !\n vlan-aware-bundle Tenant_B_WAN_Zone\n\ - \ rd 192.168.255.3:21\n route-target both 21:21\n redistribute\ - \ learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n \ - \ rd 192.168.255.3:30\n route-target both 30:30\n redistribute learned\n\ - \ vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd 192.168.255.3:31\n\ - \ route-target both 31:31\n redistribute learned\n vlan 350\n \ - \ !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n\ - \ address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n \ - \ neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ activate\n !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.3:12\n route-target\ - \ import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.3\n\ - \ neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_DB_Zone\n rd 192.168.255.3:13\n route-target\ - \ import evpn 13:13\n route-target export evpn 13:13\n router-id 192.168.255.3\n\ - \ neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.3:10\n route-target\ - \ import evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.3\n\ - \ neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.3:14\n \ - \ route-target import evpn 14:14\n route-target export evpn 14:14\n \ - \ router-id 192.168.255.3\n neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.3:11\n\ - \ route-target import evpn 11:11\n route-target export evpn 11:11\n\ - \ router-id 192.168.255.3\n neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.3:20\n\ - \ route-target import evpn 20:20\n route-target export evpn 20:20\n\ - \ router-id 192.168.255.3\n neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.3:21\n\ - \ route-target import evpn 21:21\n route-target export evpn 21:21\n\ - \ router-id 192.168.255.3\n neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.3:30\n\ - \ route-target import evpn 30:30\n route-target export evpn 30:30\n\ - \ router-id 192.168.255.3\n neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.3:31\n\ - \ route-target import evpn 31:31\n route-target export evpn 31:31\n\ - \ router-id 192.168.255.3\n neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n!\nmanagement api http-commands\n protocol https\n\ - \ no shutdown\n !\n vrf MGMT\n no shutdown\n!\nend\n" - DC1-AVD_DC1-LEAF1B: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec\ - \ /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata\ - \ -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n\ - !\nvlan internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode\ - \ 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname DC1-LEAF1B\n\ - ip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface\ - \ vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server\ - \ vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nno spanning-tree vlan-id\ - \ 4093-4094\nspanning-tree mst 0 priority 16384\n!\nno aaa root\nno enable password\n\ - !\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\n\ - username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\n\ - username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n\ - !\nvlan 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n\ - !\nvlan 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n\ - !\nvlan 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n\ - !\nvlan 131\n name Tenant_A_APP_Zone_2\n!\nvlan 140\n name Tenant_A_DB_BZone_1\n\ - !\nvlan 141\n name Tenant_A_DB_Zone_2\n!\nvlan 150\n name Tenant_A_WAN_Zone_1\n\ - !\nvlan 160\n name Tenant_A_VMOTION\n!\nvlan 161\n name Tenant_A_NFS\n!\n\ - vlan 210\n name Tenant_B_OP_Zone_1\n!\nvlan 211\n name Tenant_B_OP_Zone_2\n\ - !\nvlan 250\n name Tenant_B_WAN_Zone_1\n!\nvlan 310\n name Tenant_C_OP_Zone_1\n\ - !\nvlan 311\n name Tenant_C_OP_Zone_2\n!\nvlan 350\n name Tenant_C_WAN_Zone_1\n\ - !\nvlan 3009\n name MLAG_iBGP_Tenant_A_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3010\n name MLAG_iBGP_Tenant_A_WEB_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3011\n name MLAG_iBGP_Tenant_A_APP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3012\n name MLAG_iBGP_Tenant_A_DB_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3013\n name MLAG_iBGP_Tenant_A_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3019\n name MLAG_iBGP_Tenant_B_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3020\n name MLAG_iBGP_Tenant_B_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3029\n name MLAG_iBGP_Tenant_C_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3030\n name MLAG_iBGP_Tenant_C_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 4093\n name LEAF_PEER_L3\n trunk group LEAF_PEER_L3\n!\nvlan 4094\n\ - \ name MLAG_PEER\n trunk group MLAG\n!\nvrf instance MGMT\n!\nvrf instance\ - \ Tenant_A_APP_Zone\n!\nvrf instance Tenant_A_DB_Zone\n!\nvrf instance Tenant_A_OP_Zone\n\ - !\nvrf instance Tenant_A_WAN_Zone\n!\nvrf instance Tenant_A_WEB_Zone\n!\nvrf instance\ - \ Tenant_B_OP_Zone\n!\nvrf instance Tenant_B_WAN_Zone\n!\nvrf instance Tenant_C_OP_Zone\n\ - !\nvrf instance Tenant_C_WAN_Zone\n!\ninterface Port-Channel3\n description\ - \ MLAG_PEER_DC1-LEAF1A_Po3\n no shutdown\n switchport\n switchport trunk\ - \ allowed vlan 2-4094\n switchport mode trunk\n switchport trunk group LEAF_PEER_L3\n\ - \ switchport trunk group MLAG\n!\ninterface Port-Channel5\n description DC1-L2LEAF1A_Po1\n\ - \ no shutdown\n switchport\n switchport trunk allowed vlan 110-112,120-121,130-131\n\ - \ switchport mode trunk\n mlag 5\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-SPINE1_Ethernet2\n\ - \ no shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.5/31\n\ - !\ninterface Ethernet2\n description P2P_LINK_TO_DC1-SPINE2_Ethernet2\n no\ - \ shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.7/31\n!\n\ - interface Ethernet3\n description MLAG_PEER_DC1-LEAF1A_Ethernet3\n no shutdown\n\ - \ channel-group 3 mode active\n!\ninterface Ethernet4\n description MLAG_PEER_DC1-LEAF1A_Ethernet4\n\ - \ no shutdown\n channel-group 3 mode active\n!\ninterface Ethernet5\n description\ - \ DC1-L2LEAF1A_Ethernet2\n no shutdown\n channel-group 5 mode active\n!\n\ - interface Loopback0\n description EVPN_Overlay_Peering\n no shutdown\n ip\ - \ address 192.168.255.4/32\n!\ninterface Loopback1\n description VTEP_VXLAN_Tunnel_Source\n\ - \ no shutdown\n ip address 192.168.254.3/32\n!\ninterface Loopback100\n \ - \ description Tenant_A_OP_Zone_VTEP_DIAGNOSTICS\n no shutdown\n vrf Tenant_A_OP_Zone\n\ - \ ip address 10.255.1.4/32\n!\ninterface Management1\n description oob_management\n\ - \ no shutdown\n vrf MGMT\n ip address 10.255.0.14/24\n!\ninterface Vlan110\n\ - \ description Tenant_A_OP_Zone_1\n no shutdown\n vrf Tenant_A_OP_Zone\n\ - \ ip address virtual 10.1.10.1/24\n!\ninterface Vlan111\n description Tenant_A_OP_Zone_2\n\ - \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.11.1/24\n\ - !\ninterface Vlan112\n description Tenant_A_OP_Zone_3\n no shutdown\n vrf\ - \ Tenant_A_OP_Zone\n ip address virtual 10.1.12.254/24\n!\ninterface Vlan120\n\ - \ description Tenant_A_WEB_Zone_1\n no shutdown\n vrf Tenant_A_WEB_Zone\n\ - !\ninterface Vlan121\n description Tenant_A_WEBZone_2\n no shutdown\n vrf\ - \ Tenant_A_WEB_Zone\n ip address virtual 10.1.21.1/24\n!\ninterface Vlan130\n\ - \ description Tenant_A_APP_Zone_1\n no shutdown\n vrf Tenant_A_APP_Zone\n\ - !\ninterface Vlan131\n description Tenant_A_APP_Zone_2\n no shutdown\n vrf\ - \ Tenant_A_APP_Zone\n ip address virtual 10.1.31.254/24\n!\ninterface Vlan140\n\ - \ description Tenant_A_DB_BZone_1\n no shutdown\n vrf Tenant_A_DB_Zone\n\ - \ ip address virtual 10.1.40.1/24\n!\ninterface Vlan141\n description Tenant_A_DB_Zone_2\n\ - \ no shutdown\n vrf Tenant_A_DB_Zone\n ip address virtual 10.1.41.1/24\n\ - !\ninterface Vlan150\n description Tenant_A_WAN_Zone_1\n no shutdown\n vrf\ - \ Tenant_A_WAN_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface Vlan210\n\ - \ description Tenant_B_OP_Zone_1\n no shutdown\n vrf Tenant_B_OP_Zone\n\ - !\ninterface Vlan211\n description Tenant_B_OP_Zone_2\n no shutdown\n vrf\ - \ Tenant_B_OP_Zone\n ip address virtual 10.2.11.1/24\n!\ninterface Vlan250\n\ - \ description Tenant_B_WAN_Zone_1\n no shutdown\n vrf Tenant_B_WAN_Zone\n\ - \ ip address virtual 10.2.50.1/24\n!\ninterface Vlan310\n description Tenant_C_OP_Zone_1\n\ - \ no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface Vlan311\n description\ - \ Tenant_C_OP_Zone_2\n no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface Vlan350\n\ - \ description Tenant_C_WAN_Zone_1\n no shutdown\n vrf Tenant_C_WAN_Zone\n\ - !\ninterface Vlan3009\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_OP_Zone\n ip address 10.255.251.1/31\n\ - !\ninterface Vlan3010\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_WEB_Zone\n ip address 10.255.251.1/31\n\ - !\ninterface Vlan3011\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_APP_Zone\n ip address 10.255.251.1/31\n\ - !\ninterface Vlan3012\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_DB_Zone\n ip address 10.255.251.1/31\n\ - !\ninterface Vlan3013\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_WAN_Zone\n ip address 10.255.251.1/31\n\ - !\ninterface Vlan3019\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_B_OP_Zone\n ip address 10.255.251.1/31\n\ - !\ninterface Vlan3020\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_B_WAN_Zone\n ip address 10.255.251.1/31\n\ - !\ninterface Vlan3029\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_C_OP_Zone\n ip address 10.255.251.1/31\n\ - !\ninterface Vlan3030\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_C_WAN_Zone\n ip address 10.255.251.1/31\n\ - !\ninterface Vlan4093\n description MLAG_PEER_L3_PEERING\n no shutdown\n \ - \ mtu 1500\n ip address 10.255.251.1/31\n!\ninterface Vlan4094\n description\ - \ MLAG_PEER\n no shutdown\n mtu 1500\n no autostate\n ip address 10.255.252.1/31\n\ - !\ninterface Vxlan1\n description DC1-LEAF1B_VTEP\n vxlan source-interface\ - \ Loopback1\n vxlan virtual-router encapsulation mac-address mlag-system-id\n\ - \ vxlan udp-port 4789\n vxlan vlan 110 vni 10110\n vxlan vlan 111 vni 50111\n\ - \ vxlan vlan 112 vni 50112\n vxlan vlan 120 vni 10120\n vxlan vlan 121 vni\ - \ 10121\n vxlan vlan 130 vni 10130\n vxlan vlan 131 vni 10131\n vxlan vlan\ - \ 140 vni 10140\n vxlan vlan 141 vni 10141\n vxlan vlan 150 vni 10150\n \ - \ vxlan vlan 160 vni 55160\n vxlan vlan 161 vni 10161\n vxlan vlan 210 vni\ - \ 20210\n vxlan vlan 211 vni 20211\n vxlan vlan 250 vni 20250\n vxlan vlan\ - \ 310 vni 30310\n vxlan vlan 311 vni 30311\n vxlan vlan 350 vni 30350\n \ - \ vxlan vrf Tenant_A_APP_Zone vni 12\n vxlan vrf Tenant_A_DB_Zone vni 13\n \ - \ vxlan vrf Tenant_A_OP_Zone vni 10\n vxlan vrf Tenant_A_WAN_Zone vni 14\n\ - \ vxlan vrf Tenant_A_WEB_Zone vni 11\n vxlan vrf Tenant_B_OP_Zone vni 20\n\ - \ vxlan vrf Tenant_B_WAN_Zone vni 21\n vxlan vrf Tenant_C_OP_Zone vni 30\n\ - \ vxlan vrf Tenant_C_WAN_Zone vni 31\n!\nip virtual-router mac-address 00:1c:73:00:dc:01\n\ - !\nip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.4\n!\n\ - ip routing\nno ip routing vrf MGMT\nip routing vrf Tenant_A_APP_Zone\nip routing\ - \ vrf Tenant_A_DB_Zone\nip routing vrf Tenant_A_OP_Zone\nip routing vrf Tenant_A_WAN_Zone\n\ - ip routing vrf Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing\ - \ vrf Tenant_B_WAN_Zone\nip routing vrf Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n\ - !\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24\ - \ eq 32\n seq 20 permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id\ - \ DC1_LEAF1\n local-interface Vlan4094\n peer-address 10.255.252.0\n peer-link\ - \ Port-Channel3\n reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip\ - \ route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map RM-CONN-2-BGP permit 10\n\ - \ match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN\ - \ permit 10\n description Make routes learned over MLAG Peer-link less preferred\ - \ on spines to ensure optimal routing\n set origin incomplete\n!\nrouter bfd\n\ - \ multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65101\n router-id\ - \ 192.168.255.4\n no bgp default ipv4-unicast\n distance bgp 20 200 200\n\ - \ graceful-restart restart-time 300\n graceful-restart\n maximum-paths 4\ - \ ecmp 4\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS\ - \ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS\ - \ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n\ - \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS\ - \ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS\ - \ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n\ - \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101\n neighbor\ - \ MLAG-IPv4-UNDERLAY-PEER next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER password\ - \ 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n\ - \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ neighbor 10.255.251.0 description DC1-LEAF1A\n neighbor 172.31.255.4 peer\ - \ group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.4 remote-as 65001\n neighbor\ - \ 172.31.255.4 description DC1-SPINE1_Ethernet2\n neighbor 172.31.255.6 peer\ - \ group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.6 remote-as 65001\n neighbor\ - \ 172.31.255.6 description DC1-SPINE2_Ethernet2\n neighbor 192.168.255.1 peer\ - \ group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor\ - \ 192.168.255.1 description DC1-SPINE1\n neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n\ - \ neighbor 192.168.255.2 remote-as 65001\n neighbor 192.168.255.2 description\ - \ DC1-SPINE2\n redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle\ - \ Tenant_A_APP_Zone\n rd 192.168.255.4:12\n route-target both 12:12\n\ - \ redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n\ - \ rd 192.168.255.4:13\n route-target both 13:13\n redistribute\ - \ learned\n vlan 140-141\n !\n vlan-aware-bundle Tenant_A_NFS\n \ - \ rd 192.168.255.4:10161\n route-target both 10161:10161\n redistribute\ - \ learned\n vlan 161\n !\n vlan-aware-bundle Tenant_A_OP_Zone\n \ - \ rd 192.168.255.4:10\n route-target both 10:10\n redistribute learned\n\ - \ vlan 110-112\n !\n vlan-aware-bundle Tenant_A_VMOTION\n rd 192.168.255.4:55160\n\ - \ route-target both 55160:55160\n redistribute learned\n vlan 160\n\ - \ !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd 192.168.255.4:14\n \ - \ route-target both 14:14\n redistribute learned\n vlan 150\n !\n\ - \ vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.4:11\n route-target\ - \ both 11:11\n redistribute learned\n vlan 120-121\n !\n vlan-aware-bundle\ - \ Tenant_B_OP_Zone\n rd 192.168.255.4:20\n route-target both 20:20\n\ - \ redistribute learned\n vlan 210-211\n !\n vlan-aware-bundle Tenant_B_WAN_Zone\n\ - \ rd 192.168.255.4:21\n route-target both 21:21\n redistribute\ - \ learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n \ - \ rd 192.168.255.4:30\n route-target both 30:30\n redistribute learned\n\ - \ vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd 192.168.255.4:31\n\ - \ route-target both 31:31\n redistribute learned\n vlan 350\n \ - \ !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n\ - \ address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n \ - \ neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ activate\n !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.4:12\n route-target\ - \ import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.4\n\ - \ neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_DB_Zone\n rd 192.168.255.4:13\n route-target\ - \ import evpn 13:13\n route-target export evpn 13:13\n router-id 192.168.255.4\n\ - \ neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.4:10\n route-target\ - \ import evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.4\n\ - \ neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.4:14\n \ - \ route-target import evpn 14:14\n route-target export evpn 14:14\n \ - \ router-id 192.168.255.4\n neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.4:11\n\ - \ route-target import evpn 11:11\n route-target export evpn 11:11\n\ - \ router-id 192.168.255.4\n neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.4:20\n\ - \ route-target import evpn 20:20\n route-target export evpn 20:20\n\ - \ router-id 192.168.255.4\n neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.4:21\n\ - \ route-target import evpn 21:21\n route-target export evpn 21:21\n\ - \ router-id 192.168.255.4\n neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.4:30\n\ - \ route-target import evpn 30:30\n route-target export evpn 30:30\n\ - \ router-id 192.168.255.4\n neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.4:31\n\ - \ route-target import evpn 31:31\n route-target export evpn 31:31\n\ - \ router-id 192.168.255.4\n neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n!\nmanagement api http-commands\n protocol https\n\ - \ no shutdown\n !\n vrf MGMT\n no shutdown\n!\nend\n" - DC1-AVD_DC1-LEAF2A: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec\ - \ /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata\ - \ -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n\ - !\nvlan internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode\ - \ 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname DC1-LEAF2A\n\ - ip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface\ - \ vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server\ - \ vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nno spanning-tree vlan-id\ - \ 4093-4094\nspanning-tree mst 0 priority 16384\n!\nno aaa root\nno enable password\n\ - !\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\n\ - username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\n\ - username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n\ - !\nvlan 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n\ - !\nvlan 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n\ - !\nvlan 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n\ - !\nvlan 131\n name Tenant_A_APP_Zone_2\n!\nvlan 140\n name Tenant_A_DB_BZone_1\n\ - !\nvlan 141\n name Tenant_A_DB_Zone_2\n!\nvlan 150\n name Tenant_A_WAN_Zone_1\n\ - !\nvlan 160\n name Tenant_A_VMOTION\n!\nvlan 161\n name Tenant_A_NFS\n!\n\ - vlan 210\n name Tenant_B_OP_Zone_1\n!\nvlan 211\n name Tenant_B_OP_Zone_2\n\ - !\nvlan 250\n name Tenant_B_WAN_Zone_1\n!\nvlan 310\n name Tenant_C_OP_Zone_1\n\ - !\nvlan 311\n name Tenant_C_OP_Zone_2\n!\nvlan 350\n name Tenant_C_WAN_Zone_1\n\ - !\nvlan 3009\n name MLAG_iBGP_Tenant_A_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3010\n name MLAG_iBGP_Tenant_A_WEB_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3011\n name MLAG_iBGP_Tenant_A_APP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3012\n name MLAG_iBGP_Tenant_A_DB_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3013\n name MLAG_iBGP_Tenant_A_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3019\n name MLAG_iBGP_Tenant_B_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3020\n name MLAG_iBGP_Tenant_B_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3029\n name MLAG_iBGP_Tenant_C_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3030\n name MLAG_iBGP_Tenant_C_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 4093\n name LEAF_PEER_L3\n trunk group LEAF_PEER_L3\n!\nvlan 4094\n\ - \ name MLAG_PEER\n trunk group MLAG\n!\nvrf instance MGMT\n!\nvrf instance\ - \ Tenant_A_APP_Zone\n!\nvrf instance Tenant_A_DB_Zone\n!\nvrf instance Tenant_A_OP_Zone\n\ - !\nvrf instance Tenant_A_WAN_Zone\n!\nvrf instance Tenant_A_WEB_Zone\n!\nvrf instance\ - \ Tenant_B_OP_Zone\n!\nvrf instance Tenant_B_WAN_Zone\n!\nvrf instance Tenant_C_OP_Zone\n\ - !\nvrf instance Tenant_C_WAN_Zone\n!\ninterface Port-Channel3\n description\ - \ MLAG_PEER_DC1-LEAF2B_Po3\n no shutdown\n switchport\n switchport trunk\ - \ allowed vlan 2-4094\n switchport mode trunk\n switchport trunk group LEAF_PEER_L3\n\ - \ switchport trunk group MLAG\n!\ninterface Port-Channel5\n description DC1-L2LEAF2A_Po1\n\ - \ no shutdown\n switchport\n switchport trunk allowed vlan 110-112,120-121,130-131\n\ - \ switchport mode trunk\n mlag 5\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-SPINE1_Ethernet3\n\ - \ no shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.9/31\n\ - !\ninterface Ethernet2\n description P2P_LINK_TO_DC1-SPINE2_Ethernet3\n no\ - \ shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.11/31\n!\n\ - interface Ethernet3\n description MLAG_PEER_DC1-LEAF2B_Ethernet3\n no shutdown\n\ - \ channel-group 3 mode active\n!\ninterface Ethernet4\n description MLAG_PEER_DC1-LEAF2B_Ethernet4\n\ - \ no shutdown\n channel-group 3 mode active\n!\ninterface Ethernet5\n description\ - \ DC1-L2LEAF2A_Ethernet1\n no shutdown\n channel-group 5 mode active\n!\n\ - interface Loopback0\n description EVPN_Overlay_Peering\n no shutdown\n ip\ - \ address 192.168.255.5/32\n!\ninterface Loopback1\n description VTEP_VXLAN_Tunnel_Source\n\ - \ no shutdown\n ip address 192.168.254.5/32\n!\ninterface Loopback100\n \ - \ description Tenant_A_OP_Zone_VTEP_DIAGNOSTICS\n no shutdown\n vrf Tenant_A_OP_Zone\n\ - \ ip address 10.255.1.5/32\n!\ninterface Management1\n description oob_management\n\ - \ no shutdown\n vrf MGMT\n ip address 10.255.0.15/24\n!\ninterface Vlan110\n\ - \ description Tenant_A_OP_Zone_1\n no shutdown\n vrf Tenant_A_OP_Zone\n\ - \ ip address virtual 10.1.10.1/24\n!\ninterface Vlan111\n description Tenant_A_OP_Zone_2\n\ - \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.11.1/24\n\ - !\ninterface Vlan112\n description Tenant_A_OP_Zone_3\n no shutdown\n vrf\ - \ Tenant_A_OP_Zone\n ip address virtual 10.1.12.254/24\n!\ninterface Vlan120\n\ - \ description Tenant_A_WEB_Zone_1\n no shutdown\n vrf Tenant_A_WEB_Zone\n\ - !\ninterface Vlan121\n description Tenant_A_WEBZone_2\n no shutdown\n vrf\ - \ Tenant_A_WEB_Zone\n ip address virtual 10.1.21.1/24\n!\ninterface Vlan130\n\ - \ description Tenant_A_APP_Zone_1\n no shutdown\n vrf Tenant_A_APP_Zone\n\ - !\ninterface Vlan131\n description Tenant_A_APP_Zone_2\n no shutdown\n vrf\ - \ Tenant_A_APP_Zone\n ip address virtual 10.1.31.254/24\n!\ninterface Vlan140\n\ - \ description Tenant_A_DB_BZone_1\n no shutdown\n vrf Tenant_A_DB_Zone\n\ - \ ip address virtual 10.1.40.1/24\n!\ninterface Vlan141\n description Tenant_A_DB_Zone_2\n\ - \ no shutdown\n vrf Tenant_A_DB_Zone\n ip address virtual 10.1.41.1/24\n\ - !\ninterface Vlan150\n description Tenant_A_WAN_Zone_1\n no shutdown\n vrf\ - \ Tenant_A_WAN_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface Vlan210\n\ - \ description Tenant_B_OP_Zone_1\n no shutdown\n vrf Tenant_B_OP_Zone\n\ - !\ninterface Vlan211\n description Tenant_B_OP_Zone_2\n no shutdown\n vrf\ - \ Tenant_B_OP_Zone\n ip address virtual 10.2.11.1/24\n!\ninterface Vlan250\n\ - \ description Tenant_B_WAN_Zone_1\n no shutdown\n vrf Tenant_B_WAN_Zone\n\ - \ ip address virtual 10.2.50.1/24\n!\ninterface Vlan310\n description Tenant_C_OP_Zone_1\n\ - \ no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface Vlan311\n description\ - \ Tenant_C_OP_Zone_2\n no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface Vlan350\n\ - \ description Tenant_C_WAN_Zone_1\n no shutdown\n vrf Tenant_C_WAN_Zone\n\ - !\ninterface Vlan3009\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_OP_Zone\n ip address 10.255.251.4/31\n\ - !\ninterface Vlan3010\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_WEB_Zone\n ip address 10.255.251.4/31\n\ - !\ninterface Vlan3011\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_APP_Zone\n ip address 10.255.251.4/31\n\ - !\ninterface Vlan3012\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_DB_Zone\n ip address 10.255.251.4/31\n\ - !\ninterface Vlan3013\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_WAN_Zone\n ip address 10.255.251.4/31\n\ - !\ninterface Vlan3019\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_B_OP_Zone\n ip address 10.255.251.4/31\n\ - !\ninterface Vlan3020\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_B_WAN_Zone\n ip address 10.255.251.4/31\n\ - !\ninterface Vlan3029\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_C_OP_Zone\n ip address 10.255.251.4/31\n\ - !\ninterface Vlan3030\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_C_WAN_Zone\n ip address 10.255.251.4/31\n\ - !\ninterface Vlan4093\n description MLAG_PEER_L3_PEERING\n no shutdown\n \ - \ mtu 1500\n ip address 10.255.251.4/31\n!\ninterface Vlan4094\n description\ - \ MLAG_PEER\n no shutdown\n mtu 1500\n no autostate\n ip address 10.255.252.4/31\n\ - !\ninterface Vxlan1\n description DC1-LEAF2A_VTEP\n vxlan source-interface\ - \ Loopback1\n vxlan virtual-router encapsulation mac-address mlag-system-id\n\ - \ vxlan udp-port 4789\n vxlan vlan 110 vni 10110\n vxlan vlan 111 vni 50111\n\ - \ vxlan vlan 112 vni 50112\n vxlan vlan 120 vni 10120\n vxlan vlan 121 vni\ - \ 10121\n vxlan vlan 130 vni 10130\n vxlan vlan 131 vni 10131\n vxlan vlan\ - \ 140 vni 10140\n vxlan vlan 141 vni 10141\n vxlan vlan 150 vni 10150\n \ - \ vxlan vlan 160 vni 55160\n vxlan vlan 161 vni 10161\n vxlan vlan 210 vni\ - \ 20210\n vxlan vlan 211 vni 20211\n vxlan vlan 250 vni 20250\n vxlan vlan\ - \ 310 vni 30310\n vxlan vlan 311 vni 30311\n vxlan vlan 350 vni 30350\n \ - \ vxlan vrf Tenant_A_APP_Zone vni 12\n vxlan vrf Tenant_A_DB_Zone vni 13\n \ - \ vxlan vrf Tenant_A_OP_Zone vni 10\n vxlan vrf Tenant_A_WAN_Zone vni 14\n\ - \ vxlan vrf Tenant_A_WEB_Zone vni 11\n vxlan vrf Tenant_B_OP_Zone vni 20\n\ - \ vxlan vrf Tenant_B_WAN_Zone vni 21\n vxlan vrf Tenant_C_OP_Zone vni 30\n\ - \ vxlan vrf Tenant_C_WAN_Zone vni 31\n!\nip virtual-router mac-address 00:1c:73:00:dc:01\n\ - !\nip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.5\n!\n\ - ip routing\nno ip routing vrf MGMT\nip routing vrf Tenant_A_APP_Zone\nip routing\ - \ vrf Tenant_A_DB_Zone\nip routing vrf Tenant_A_OP_Zone\nip routing vrf Tenant_A_WAN_Zone\n\ - ip routing vrf Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing\ - \ vrf Tenant_B_WAN_Zone\nip routing vrf Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n\ - !\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24\ - \ eq 32\n seq 20 permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id\ - \ DC1_LEAF2\n local-interface Vlan4094\n peer-address 10.255.252.5\n peer-link\ - \ Port-Channel3\n reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip\ - \ route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map RM-CONN-2-BGP permit 10\n\ - \ match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN\ - \ permit 10\n description Make routes learned over MLAG Peer-link less preferred\ - \ on spines to ensure optimal routing\n set origin incomplete\n!\nrouter bfd\n\ - \ multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65102\n router-id\ - \ 192.168.255.5\n no bgp default ipv4-unicast\n distance bgp 20 200 200\n\ - \ graceful-restart restart-time 300\n graceful-restart\n maximum-paths 4\ - \ ecmp 4\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS\ - \ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS\ - \ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n\ - \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS\ - \ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS\ - \ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n\ - \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102\n neighbor\ - \ MLAG-IPv4-UNDERLAY-PEER next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER password\ - \ 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n\ - \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ neighbor 10.255.251.5 description DC1-LEAF2B\n neighbor 172.31.255.8 peer\ - \ group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.8 remote-as 65001\n neighbor\ - \ 172.31.255.8 description DC1-SPINE1_Ethernet3\n neighbor 172.31.255.10 peer\ - \ group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.10 remote-as 65001\n neighbor\ - \ 172.31.255.10 description DC1-SPINE2_Ethernet3\n neighbor 192.168.255.1 peer\ - \ group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor\ - \ 192.168.255.1 description DC1-SPINE1\n neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n\ - \ neighbor 192.168.255.2 remote-as 65001\n neighbor 192.168.255.2 description\ - \ DC1-SPINE2\n redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle\ - \ Tenant_A_APP_Zone\n rd 192.168.255.5:12\n route-target both 12:12\n\ - \ redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n\ - \ rd 192.168.255.5:13\n route-target both 13:13\n redistribute\ - \ learned\n vlan 140-141\n !\n vlan-aware-bundle Tenant_A_NFS\n \ - \ rd 192.168.255.5:10161\n route-target both 10161:10161\n redistribute\ - \ learned\n vlan 161\n !\n vlan-aware-bundle Tenant_A_OP_Zone\n \ - \ rd 192.168.255.5:10\n route-target both 10:10\n redistribute learned\n\ - \ vlan 110-112\n !\n vlan-aware-bundle Tenant_A_VMOTION\n rd 192.168.255.5:55160\n\ - \ route-target both 55160:55160\n redistribute learned\n vlan 160\n\ - \ !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd 192.168.255.5:14\n \ - \ route-target both 14:14\n redistribute learned\n vlan 150\n !\n\ - \ vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.5:11\n route-target\ - \ both 11:11\n redistribute learned\n vlan 120-121\n !\n vlan-aware-bundle\ - \ Tenant_B_OP_Zone\n rd 192.168.255.5:20\n route-target both 20:20\n\ - \ redistribute learned\n vlan 210-211\n !\n vlan-aware-bundle Tenant_B_WAN_Zone\n\ - \ rd 192.168.255.5:21\n route-target both 21:21\n redistribute\ - \ learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n \ - \ rd 192.168.255.5:30\n route-target both 30:30\n redistribute learned\n\ - \ vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd 192.168.255.5:31\n\ - \ route-target both 31:31\n redistribute learned\n vlan 350\n \ - \ !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n\ - \ address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n \ - \ neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ activate\n !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.5:12\n route-target\ - \ import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.5\n\ - \ neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_DB_Zone\n rd 192.168.255.5:13\n route-target\ - \ import evpn 13:13\n route-target export evpn 13:13\n router-id 192.168.255.5\n\ - \ neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.5:10\n route-target\ - \ import evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.5\n\ - \ neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.5:14\n \ - \ route-target import evpn 14:14\n route-target export evpn 14:14\n \ - \ router-id 192.168.255.5\n neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.5:11\n\ - \ route-target import evpn 11:11\n route-target export evpn 11:11\n\ - \ router-id 192.168.255.5\n neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.5:20\n\ - \ route-target import evpn 20:20\n route-target export evpn 20:20\n\ - \ router-id 192.168.255.5\n neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.5:21\n\ - \ route-target import evpn 21:21\n route-target export evpn 21:21\n\ - \ router-id 192.168.255.5\n neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.5:30\n\ - \ route-target import evpn 30:30\n route-target export evpn 30:30\n\ - \ router-id 192.168.255.5\n neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.5:31\n\ - \ route-target import evpn 31:31\n route-target export evpn 31:31\n\ - \ router-id 192.168.255.5\n neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n!\nmanagement api http-commands\n protocol https\n\ - \ no shutdown\n !\n vrf MGMT\n no shutdown\n!\nend\n" - DC1-AVD_DC1-LEAF2B: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec\ - \ /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata\ - \ -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n\ - !\nvlan internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode\ - \ 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname DC1-LEAF2B\n\ - ip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface\ - \ vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server\ - \ vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nno spanning-tree vlan-id\ - \ 4093-4094\nspanning-tree mst 0 priority 16384\n!\nno aaa root\nno enable password\n\ - !\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\n\ - username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\n\ - username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n\ - !\nvlan 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n\ - !\nvlan 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n\ - !\nvlan 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n\ - !\nvlan 131\n name Tenant_A_APP_Zone_2\n!\nvlan 140\n name Tenant_A_DB_BZone_1\n\ - !\nvlan 141\n name Tenant_A_DB_Zone_2\n!\nvlan 150\n name Tenant_A_WAN_Zone_1\n\ - !\nvlan 160\n name Tenant_A_VMOTION\n!\nvlan 161\n name Tenant_A_NFS\n!\n\ - vlan 210\n name Tenant_B_OP_Zone_1\n!\nvlan 211\n name Tenant_B_OP_Zone_2\n\ - !\nvlan 250\n name Tenant_B_WAN_Zone_1\n!\nvlan 310\n name Tenant_C_OP_Zone_1\n\ - !\nvlan 311\n name Tenant_C_OP_Zone_2\n!\nvlan 350\n name Tenant_C_WAN_Zone_1\n\ - !\nvlan 3009\n name MLAG_iBGP_Tenant_A_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3010\n name MLAG_iBGP_Tenant_A_WEB_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3011\n name MLAG_iBGP_Tenant_A_APP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3012\n name MLAG_iBGP_Tenant_A_DB_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3013\n name MLAG_iBGP_Tenant_A_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3019\n name MLAG_iBGP_Tenant_B_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3020\n name MLAG_iBGP_Tenant_B_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3029\n name MLAG_iBGP_Tenant_C_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3030\n name MLAG_iBGP_Tenant_C_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 4093\n name LEAF_PEER_L3\n trunk group LEAF_PEER_L3\n!\nvlan 4094\n\ - \ name MLAG_PEER\n trunk group MLAG\n!\nvrf instance MGMT\n!\nvrf instance\ - \ Tenant_A_APP_Zone\n!\nvrf instance Tenant_A_DB_Zone\n!\nvrf instance Tenant_A_OP_Zone\n\ - !\nvrf instance Tenant_A_WAN_Zone\n!\nvrf instance Tenant_A_WEB_Zone\n!\nvrf instance\ - \ Tenant_B_OP_Zone\n!\nvrf instance Tenant_B_WAN_Zone\n!\nvrf instance Tenant_C_OP_Zone\n\ - !\nvrf instance Tenant_C_WAN_Zone\n!\ninterface Port-Channel3\n description\ - \ MLAG_PEER_DC1-LEAF2A_Po3\n no shutdown\n switchport\n switchport trunk\ - \ allowed vlan 2-4094\n switchport mode trunk\n switchport trunk group LEAF_PEER_L3\n\ - \ switchport trunk group MLAG\n!\ninterface Port-Channel5\n description DC1-L2LEAF2A_Po1\n\ - \ no shutdown\n switchport\n switchport trunk allowed vlan 110-112,120-121,130-131\n\ - \ switchport mode trunk\n mlag 5\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-SPINE1_Ethernet4\n\ - \ no shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.13/31\n\ - !\ninterface Ethernet2\n description P2P_LINK_TO_DC1-SPINE2_Ethernet4\n no\ - \ shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.15/31\n!\n\ - interface Ethernet3\n description MLAG_PEER_DC1-LEAF2A_Ethernet3\n no shutdown\n\ - \ channel-group 3 mode active\n!\ninterface Ethernet4\n description MLAG_PEER_DC1-LEAF2A_Ethernet4\n\ - \ no shutdown\n channel-group 3 mode active\n!\ninterface Ethernet5\n description\ - \ DC1-L2LEAF2A_Ethernet2\n no shutdown\n channel-group 5 mode active\n!\n\ - interface Loopback0\n description EVPN_Overlay_Peering\n no shutdown\n ip\ - \ address 192.168.255.6/32\n!\ninterface Loopback1\n description VTEP_VXLAN_Tunnel_Source\n\ - \ no shutdown\n ip address 192.168.254.5/32\n!\ninterface Loopback100\n \ - \ description Tenant_A_OP_Zone_VTEP_DIAGNOSTICS\n no shutdown\n vrf Tenant_A_OP_Zone\n\ - \ ip address 10.255.1.6/32\n!\ninterface Management1\n description oob_management\n\ - \ no shutdown\n vrf MGMT\n ip address 10.255.0.16/24\n!\ninterface Vlan110\n\ - \ description Tenant_A_OP_Zone_1\n no shutdown\n vrf Tenant_A_OP_Zone\n\ - \ ip address virtual 10.1.10.1/24\n!\ninterface Vlan111\n description Tenant_A_OP_Zone_2\n\ - \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.11.1/24\n\ - !\ninterface Vlan112\n description Tenant_A_OP_Zone_3\n no shutdown\n vrf\ - \ Tenant_A_OP_Zone\n ip address virtual 10.1.12.254/24\n!\ninterface Vlan120\n\ - \ description Tenant_A_WEB_Zone_1\n no shutdown\n vrf Tenant_A_WEB_Zone\n\ - !\ninterface Vlan121\n description Tenant_A_WEBZone_2\n no shutdown\n vrf\ - \ Tenant_A_WEB_Zone\n ip address virtual 10.1.21.1/24\n!\ninterface Vlan130\n\ - \ description Tenant_A_APP_Zone_1\n no shutdown\n vrf Tenant_A_APP_Zone\n\ - !\ninterface Vlan131\n description Tenant_A_APP_Zone_2\n no shutdown\n vrf\ - \ Tenant_A_APP_Zone\n ip address virtual 10.1.31.254/24\n!\ninterface Vlan140\n\ - \ description Tenant_A_DB_BZone_1\n no shutdown\n vrf Tenant_A_DB_Zone\n\ - \ ip address virtual 10.1.40.1/24\n!\ninterface Vlan141\n description Tenant_A_DB_Zone_2\n\ - \ no shutdown\n vrf Tenant_A_DB_Zone\n ip address virtual 10.1.41.1/24\n\ - !\ninterface Vlan150\n description Tenant_A_WAN_Zone_1\n no shutdown\n vrf\ - \ Tenant_A_WAN_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface Vlan210\n\ - \ description Tenant_B_OP_Zone_1\n no shutdown\n vrf Tenant_B_OP_Zone\n\ - !\ninterface Vlan211\n description Tenant_B_OP_Zone_2\n no shutdown\n vrf\ - \ Tenant_B_OP_Zone\n ip address virtual 10.2.11.1/24\n!\ninterface Vlan250\n\ - \ description Tenant_B_WAN_Zone_1\n no shutdown\n vrf Tenant_B_WAN_Zone\n\ - \ ip address virtual 10.2.50.1/24\n!\ninterface Vlan310\n description Tenant_C_OP_Zone_1\n\ - \ no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface Vlan311\n description\ - \ Tenant_C_OP_Zone_2\n no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface Vlan350\n\ - \ description Tenant_C_WAN_Zone_1\n no shutdown\n vrf Tenant_C_WAN_Zone\n\ - !\ninterface Vlan3009\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_OP_Zone\n ip address 10.255.251.5/31\n\ - !\ninterface Vlan3010\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_WEB_Zone\n ip address 10.255.251.5/31\n\ - !\ninterface Vlan3011\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_APP_Zone\n ip address 10.255.251.5/31\n\ - !\ninterface Vlan3012\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_DB_Zone\n ip address 10.255.251.5/31\n\ - !\ninterface Vlan3013\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_WAN_Zone\n ip address 10.255.251.5/31\n\ - !\ninterface Vlan3019\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_B_OP_Zone\n ip address 10.255.251.5/31\n\ - !\ninterface Vlan3020\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_B_WAN_Zone\n ip address 10.255.251.5/31\n\ - !\ninterface Vlan3029\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_C_OP_Zone\n ip address 10.255.251.5/31\n\ - !\ninterface Vlan3030\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_C_WAN_Zone\n ip address 10.255.251.5/31\n\ - !\ninterface Vlan4093\n description MLAG_PEER_L3_PEERING\n no shutdown\n \ - \ mtu 1500\n ip address 10.255.251.5/31\n!\ninterface Vlan4094\n description\ - \ MLAG_PEER\n no shutdown\n mtu 1500\n no autostate\n ip address 10.255.252.5/31\n\ - !\ninterface Vxlan1\n description DC1-LEAF2B_VTEP\n vxlan source-interface\ - \ Loopback1\n vxlan virtual-router encapsulation mac-address mlag-system-id\n\ - \ vxlan udp-port 4789\n vxlan vlan 110 vni 10110\n vxlan vlan 111 vni 50111\n\ - \ vxlan vlan 112 vni 50112\n vxlan vlan 120 vni 10120\n vxlan vlan 121 vni\ - \ 10121\n vxlan vlan 130 vni 10130\n vxlan vlan 131 vni 10131\n vxlan vlan\ - \ 140 vni 10140\n vxlan vlan 141 vni 10141\n vxlan vlan 150 vni 10150\n \ - \ vxlan vlan 160 vni 55160\n vxlan vlan 161 vni 10161\n vxlan vlan 210 vni\ - \ 20210\n vxlan vlan 211 vni 20211\n vxlan vlan 250 vni 20250\n vxlan vlan\ - \ 310 vni 30310\n vxlan vlan 311 vni 30311\n vxlan vlan 350 vni 30350\n \ - \ vxlan vrf Tenant_A_APP_Zone vni 12\n vxlan vrf Tenant_A_DB_Zone vni 13\n \ - \ vxlan vrf Tenant_A_OP_Zone vni 10\n vxlan vrf Tenant_A_WAN_Zone vni 14\n\ - \ vxlan vrf Tenant_A_WEB_Zone vni 11\n vxlan vrf Tenant_B_OP_Zone vni 20\n\ - \ vxlan vrf Tenant_B_WAN_Zone vni 21\n vxlan vrf Tenant_C_OP_Zone vni 30\n\ - \ vxlan vrf Tenant_C_WAN_Zone vni 31\n!\nip virtual-router mac-address 00:1c:73:00:dc:01\n\ - !\nip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.6\n!\n\ - ip routing\nno ip routing vrf MGMT\nip routing vrf Tenant_A_APP_Zone\nip routing\ - \ vrf Tenant_A_DB_Zone\nip routing vrf Tenant_A_OP_Zone\nip routing vrf Tenant_A_WAN_Zone\n\ - ip routing vrf Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing\ - \ vrf Tenant_B_WAN_Zone\nip routing vrf Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n\ - !\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24\ - \ eq 32\n seq 20 permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id\ - \ DC1_LEAF2\n local-interface Vlan4094\n peer-address 10.255.252.4\n peer-link\ - \ Port-Channel3\n reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip\ - \ route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map RM-CONN-2-BGP permit 10\n\ - \ match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN\ - \ permit 10\n description Make routes learned over MLAG Peer-link less preferred\ - \ on spines to ensure optimal routing\n set origin incomplete\n!\nrouter bfd\n\ - \ multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65102\n router-id\ - \ 192.168.255.6\n no bgp default ipv4-unicast\n distance bgp 20 200 200\n\ - \ graceful-restart restart-time 300\n graceful-restart\n maximum-paths 4\ - \ ecmp 4\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS\ - \ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS\ - \ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n\ - \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS\ - \ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS\ - \ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n\ - \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102\n neighbor\ - \ MLAG-IPv4-UNDERLAY-PEER next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER password\ - \ 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n\ - \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ neighbor 10.255.251.4 description DC1-LEAF2A\n neighbor 172.31.255.12 peer\ - \ group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.12 remote-as 65001\n neighbor\ - \ 172.31.255.12 description DC1-SPINE1_Ethernet4\n neighbor 172.31.255.14 peer\ - \ group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.14 remote-as 65001\n neighbor\ - \ 172.31.255.14 description DC1-SPINE2_Ethernet4\n neighbor 192.168.255.1 peer\ - \ group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor\ - \ 192.168.255.1 description DC1-SPINE1\n neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n\ - \ neighbor 192.168.255.2 remote-as 65001\n neighbor 192.168.255.2 description\ - \ DC1-SPINE2\n redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle\ - \ Tenant_A_APP_Zone\n rd 192.168.255.6:12\n route-target both 12:12\n\ - \ redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n\ - \ rd 192.168.255.6:13\n route-target both 13:13\n redistribute\ - \ learned\n vlan 140-141\n !\n vlan-aware-bundle Tenant_A_NFS\n \ - \ rd 192.168.255.6:10161\n route-target both 10161:10161\n redistribute\ - \ learned\n vlan 161\n !\n vlan-aware-bundle Tenant_A_OP_Zone\n \ - \ rd 192.168.255.6:10\n route-target both 10:10\n redistribute learned\n\ - \ vlan 110-112\n !\n vlan-aware-bundle Tenant_A_VMOTION\n rd 192.168.255.6:55160\n\ - \ route-target both 55160:55160\n redistribute learned\n vlan 160\n\ - \ !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd 192.168.255.6:14\n \ - \ route-target both 14:14\n redistribute learned\n vlan 150\n !\n\ - \ vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.6:11\n route-target\ - \ both 11:11\n redistribute learned\n vlan 120-121\n !\n vlan-aware-bundle\ - \ Tenant_B_OP_Zone\n rd 192.168.255.6:20\n route-target both 20:20\n\ - \ redistribute learned\n vlan 210-211\n !\n vlan-aware-bundle Tenant_B_WAN_Zone\n\ - \ rd 192.168.255.6:21\n route-target both 21:21\n redistribute\ - \ learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n \ - \ rd 192.168.255.6:30\n route-target both 30:30\n redistribute learned\n\ - \ vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd 192.168.255.6:31\n\ - \ route-target both 31:31\n redistribute learned\n vlan 350\n \ - \ !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n\ - \ address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n \ - \ neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ activate\n !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.6:12\n route-target\ - \ import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.6\n\ - \ neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_DB_Zone\n rd 192.168.255.6:13\n route-target\ - \ import evpn 13:13\n route-target export evpn 13:13\n router-id 192.168.255.6\n\ - \ neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.6:10\n route-target\ - \ import evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.6\n\ - \ neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.6:14\n \ - \ route-target import evpn 14:14\n route-target export evpn 14:14\n \ - \ router-id 192.168.255.6\n neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.6:11\n\ - \ route-target import evpn 11:11\n route-target export evpn 11:11\n\ - \ router-id 192.168.255.6\n neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.6:20\n\ - \ route-target import evpn 20:20\n route-target export evpn 20:20\n\ - \ router-id 192.168.255.6\n neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.6:21\n\ - \ route-target import evpn 21:21\n route-target export evpn 21:21\n\ - \ router-id 192.168.255.6\n neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.6:30\n\ - \ route-target import evpn 30:30\n route-target export evpn 30:30\n\ - \ router-id 192.168.255.6\n neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.6:31\n\ - \ route-target import evpn 31:31\n route-target export evpn 31:31\n\ - \ router-id 192.168.255.6\n neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n!\nmanagement api http-commands\n protocol https\n\ - \ no shutdown\n !\n vrf MGMT\n no shutdown\n!\nend\n" - DC1-AVD_DC1-SPINE1: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec\ - \ /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata\ - \ -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n\ - !\nvlan internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode\ - \ 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname DC1-SPINE1\n\ - ip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface\ - \ vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server\ - \ vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode none\n!\nno aaa root\nno enable\ - \ password\n!\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\n\ - username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\n\ - username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n\ - !\nvrf instance MGMT\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-LEAF1A_Ethernet1\n\ - \ no shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.0/31\n\ - !\ninterface Ethernet2\n description P2P_LINK_TO_DC1-LEAF1B_Ethernet1\n no\ - \ shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.4/31\n!\n\ - interface Ethernet3\n description P2P_LINK_TO_DC1-LEAF2A_Ethernet1\n no shutdown\n\ - \ mtu 1500\n no switchport\n ip address 172.31.255.8/31\n!\ninterface Ethernet4\n\ - \ description P2P_LINK_TO_DC1-LEAF2B_Ethernet1\n no shutdown\n mtu 1500\n\ - \ no switchport\n ip address 172.31.255.12/31\n!\ninterface Loopback0\n \ - \ description EVPN_Overlay_Peering\n no shutdown\n ip address 192.168.255.1/32\n\ - !\ninterface Management1\n description oob_management\n no shutdown\n vrf\ - \ MGMT\n ip address 10.255.0.11/24\n!\nip routing\nno ip routing vrf MGMT\n\ - !\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24\ - \ eq 32\n!\nip route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map RM-CONN-2-BGP\ - \ permit 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nrouter\ - \ bfd\n multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65001\n\ - \ router-id 192.168.255.1\n no bgp default ipv4-unicast\n distance bgp 20\ - \ 200 200\n graceful-restart restart-time 300\n graceful-restart\n maximum-paths\ - \ 4 ecmp 4\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS\ - \ next-hop-unchanged\n neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n\ - \ neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop\ - \ 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor\ - \ EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS maximum-routes\ - \ 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS\ - \ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n\ - \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor 172.31.255.1\ - \ peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.1 remote-as 65101\n \ - \ neighbor 172.31.255.1 description DC1-LEAF1A_Ethernet1\n neighbor 172.31.255.5\ - \ peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.5 remote-as 65101\n \ - \ neighbor 172.31.255.5 description DC1-LEAF1B_Ethernet1\n neighbor 172.31.255.9\ - \ peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.9 remote-as 65102\n \ - \ neighbor 172.31.255.9 description DC1-LEAF2A_Ethernet1\n neighbor 172.31.255.13\ - \ peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.13 remote-as 65102\n\ - \ neighbor 172.31.255.13 description DC1-LEAF2B_Ethernet1\n neighbor 192.168.255.3\ - \ peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3 remote-as 65101\n \ - \ neighbor 192.168.255.3 description DC1-LEAF1A\n neighbor 192.168.255.4 peer\ - \ group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4 remote-as 65101\n neighbor\ - \ 192.168.255.4 description DC1-LEAF1B\n neighbor 192.168.255.5 peer group EVPN-OVERLAY-PEERS\n\ - \ neighbor 192.168.255.5 remote-as 65102\n neighbor 192.168.255.5 description\ - \ DC1-LEAF2A\n neighbor 192.168.255.6 peer group EVPN-OVERLAY-PEERS\n neighbor\ - \ 192.168.255.6 remote-as 65102\n neighbor 192.168.255.6 description DC1-LEAF2B\n\ - \ redistribute connected route-map RM-CONN-2-BGP\n !\n address-family evpn\n\ - \ neighbor EVPN-OVERLAY-PEERS activate\n !\n address-family ipv4\n \ - \ no neighbor EVPN-OVERLAY-PEERS activate\n neighbor IPv4-UNDERLAY-PEERS\ - \ activate\n!\nmanagement api http-commands\n protocol https\n no shutdown\n\ - \ !\n vrf MGMT\n no shutdown\n!\nend\n" - DC1-AVD_DC1-SPINE2: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec\ - \ /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata\ - \ -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n\ - !\nvlan internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode\ - \ 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname DC1-SPINE2\n\ - ip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface\ - \ vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server\ - \ vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode none\n!\nno aaa root\nno enable\ - \ password\n!\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\n\ - username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\n\ - username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n\ - !\nvrf instance MGMT\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-LEAF1A_Ethernet2\n\ - \ no shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.2/31\n\ - !\ninterface Ethernet2\n description P2P_LINK_TO_DC1-LEAF1B_Ethernet2\n no\ - \ shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.6/31\n!\n\ - interface Ethernet3\n description P2P_LINK_TO_DC1-LEAF2A_Ethernet2\n no shutdown\n\ - \ mtu 1500\n no switchport\n ip address 172.31.255.10/31\n!\ninterface Ethernet4\n\ - \ description P2P_LINK_TO_DC1-LEAF2B_Ethernet2\n no shutdown\n mtu 1500\n\ - \ no switchport\n ip address 172.31.255.14/31\n!\ninterface Loopback0\n \ - \ description EVPN_Overlay_Peering\n no shutdown\n ip address 192.168.255.2/32\n\ - !\ninterface Management1\n description oob_management\n no shutdown\n vrf\ - \ MGMT\n ip address 10.255.0.12/24\n!\nip routing\nno ip routing vrf MGMT\n\ - !\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24\ - \ eq 32\n!\nip route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map RM-CONN-2-BGP\ - \ permit 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nrouter\ - \ bfd\n multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65001\n\ - \ router-id 192.168.255.2\n no bgp default ipv4-unicast\n distance bgp 20\ - \ 200 200\n graceful-restart restart-time 300\n graceful-restart\n maximum-paths\ - \ 4 ecmp 4\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS\ - \ next-hop-unchanged\n neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n\ - \ neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop\ - \ 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor\ - \ EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS maximum-routes\ - \ 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS\ - \ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n\ - \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor 172.31.255.3\ - \ peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.3 remote-as 65101\n \ - \ neighbor 172.31.255.3 description DC1-LEAF1A_Ethernet2\n neighbor 172.31.255.7\ - \ peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.7 remote-as 65101\n \ - \ neighbor 172.31.255.7 description DC1-LEAF1B_Ethernet2\n neighbor 172.31.255.11\ - \ peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.11 remote-as 65102\n\ - \ neighbor 172.31.255.11 description DC1-LEAF2A_Ethernet2\n neighbor 172.31.255.15\ - \ peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.15 remote-as 65102\n\ - \ neighbor 172.31.255.15 description DC1-LEAF2B_Ethernet2\n neighbor 192.168.255.3\ - \ peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3 remote-as 65101\n \ - \ neighbor 192.168.255.3 description DC1-LEAF1A\n neighbor 192.168.255.4 peer\ - \ group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4 remote-as 65101\n neighbor\ - \ 192.168.255.4 description DC1-LEAF1B\n neighbor 192.168.255.5 peer group EVPN-OVERLAY-PEERS\n\ - \ neighbor 192.168.255.5 remote-as 65102\n neighbor 192.168.255.5 description\ - \ DC1-LEAF2A\n neighbor 192.168.255.6 peer group EVPN-OVERLAY-PEERS\n neighbor\ - \ 192.168.255.6 remote-as 65102\n neighbor 192.168.255.6 description DC1-LEAF2B\n\ - \ redistribute connected route-map RM-CONN-2-BGP\n !\n address-family evpn\n\ - \ neighbor EVPN-OVERLAY-PEERS activate\n !\n address-family ipv4\n \ - \ no neighbor EVPN-OVERLAY-PEERS activate\n neighbor IPv4-UNDERLAY-PEERS\ - \ activate\n!\nmanagement api http-commands\n protocol https\n no shutdown\n\ - \ !\n vrf MGMT\n no shutdown\n!\nend\n" -CVP_TOPOLOGY: +cvp_configlets: + DC1-AVD_DC1-L2LEAF1A: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec + /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata + -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n!\nvlan + internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode 4x10G\n!\nservice + routing protocols model multi-agent\n!\nhostname DC1-L2LEAF1A\nip name-server + vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface + vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server + vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nspanning-tree mst 0 priority + 16384\n!\nno enable password\nno aaa root\n!\nusername admin privilege 15 role + network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\nusername + ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\nusername + cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nvlan + 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n!\nvlan + 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n!\nvlan + 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n!\nvlan + 131\n name Tenant_A_APP_Zone_2\n!\nvrf instance MGMT\n!\ninterface Port-Channel1\n + \ description DC1_LEAF1_Po5\n no shutdown\n switchport\n switchport trunk + allowed vlan 110-112,120-121,130-131\n switchport mode trunk\n!\ninterface Ethernet1\n + \ description DC1-LEAF1A_Ethernet5\n no shutdown\n channel-group 1 mode active\n!\ninterface + Ethernet2\n description DC1-LEAF1B_Ethernet5\n no shutdown\n channel-group + 1 mode active\n!\ninterface Ethernet5\n description server01_Eth0\n no shutdown\n + \ switchport access vlan 110\n switchport mode access\n switchport\n!\ninterface + Management1\n description oob_management\n no shutdown\n vrf MGMT\n ip + address 10.255.0.17/24\nno ip routing vrf MGMT\n!\nip route vrf MGMT 0.0.0.0/0 + 10.255.0.1\n!\nmanagement api http-commands\n protocol https\n no shutdown\n + \ !\n vrf MGMT\n no shutdown\n!\nend\n" + DC1-AVD_DC1-L2LEAF2A: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec + /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata + -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n!\nvlan + internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode 4x10G\n!\nservice + routing protocols model multi-agent\n!\nhostname DC1-L2LEAF2A\nip name-server + vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface + vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server + vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nspanning-tree mst 0 priority + 16384\n!\nno enable password\nno aaa root\n!\nusername admin privilege 15 role + network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\nusername + ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\nusername + cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nvlan + 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n!\nvlan + 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n!\nvlan + 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n!\nvlan + 131\n name Tenant_A_APP_Zone_2\n!\nvrf instance MGMT\n!\ninterface Port-Channel1\n + \ description DC1_LEAF2_Po5\n no shutdown\n switchport\n switchport trunk + allowed vlan 110-112,120-121,130-131\n switchport mode trunk\n!\ninterface Ethernet1\n + \ description DC1-LEAF2A_Ethernet5\n no shutdown\n channel-group 1 mode active\n!\ninterface + Ethernet2\n description DC1-LEAF2B_Ethernet5\n no shutdown\n channel-group + 1 mode active\n!\ninterface Ethernet5\n description server02_Eth0\n no shutdown\n + \ switchport access vlan 110\n switchport mode access\n switchport\n!\ninterface + Management1\n description oob_management\n no shutdown\n vrf MGMT\n ip + address 10.255.0.18/24\nno ip routing vrf MGMT\n!\nip route vrf MGMT 0.0.0.0/0 + 10.255.0.1\n!\nmanagement api http-commands\n protocol https\n no shutdown\n + \ !\n vrf MGMT\n no shutdown\n!\nend\n" + DC1-AVD_DC1-LEAF1A: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec + /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata + -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n!\nvlan + internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode 4x10G\n!\nservice + routing protocols model multi-agent\n!\nhostname DC1-LEAF1A\nip name-server vrf + MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface vrf + MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server vrf + MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nno spanning-tree vlan-id 4093-4094\nspanning-tree + mst 0 priority 16384\n!\nno enable password\nno aaa root\n!\nusername admin privilege + 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\nusername + ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\nusername + cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nvlan + 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n!\nvlan + 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n!\nvlan + 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n!\nvlan + 131\n name Tenant_A_APP_Zone_2\n!\nvlan 140\n name Tenant_A_DB_BZone_1\n!\nvlan + 141\n name Tenant_A_DB_Zone_2\n!\nvlan 150\n name Tenant_A_WAN_Zone_1\n!\nvlan + 160\n name Tenant_A_VMOTION\n!\nvlan 161\n name Tenant_A_NFS\n!\nvlan 210\n + \ name Tenant_B_OP_Zone_1\n!\nvlan 211\n name Tenant_B_OP_Zone_2\n!\nvlan 250\n + \ name Tenant_B_WAN_Zone_1\n!\nvlan 310\n name Tenant_C_OP_Zone_1\n!\nvlan + 311\n name Tenant_C_OP_Zone_2\n!\nvlan 350\n name Tenant_C_WAN_Zone_1\n!\nvlan + 3009\n name MLAG_iBGP_Tenant_A_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3010\n name MLAG_iBGP_Tenant_A_WEB_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3011\n name MLAG_iBGP_Tenant_A_APP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3012\n name MLAG_iBGP_Tenant_A_DB_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3013\n name MLAG_iBGP_Tenant_A_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3019\n name MLAG_iBGP_Tenant_B_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3020\n name MLAG_iBGP_Tenant_B_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3029\n name MLAG_iBGP_Tenant_C_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3030\n name MLAG_iBGP_Tenant_C_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 4093\n name LEAF_PEER_L3\n trunk group LEAF_PEER_L3\n!\nvlan 4094\n name + MLAG_PEER\n trunk group MLAG\n!\nvrf instance MGMT\n!\nvrf instance Tenant_A_APP_Zone\n!\nvrf + instance Tenant_A_DB_Zone\n!\nvrf instance Tenant_A_OP_Zone\n!\nvrf instance Tenant_A_WAN_Zone\n!\nvrf + instance Tenant_A_WEB_Zone\n!\nvrf instance Tenant_B_OP_Zone\n!\nvrf instance + Tenant_B_WAN_Zone\n!\nvrf instance Tenant_C_OP_Zone\n!\nvrf instance Tenant_C_WAN_Zone\n!\ninterface + Port-Channel3\n description MLAG_PEER_DC1-LEAF1B_Po3\n no shutdown\n switchport\n + \ switchport mode trunk\n switchport trunk group LEAF_PEER_L3\n switchport + trunk group MLAG\n!\ninterface Port-Channel5\n description DC1-L2LEAF1A_Po1\n + \ no shutdown\n switchport\n switchport trunk allowed vlan 110-112,120-121,130-131\n + \ switchport mode trunk\n mlag 5\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-SPINE1_Ethernet1\n + \ no shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.1/31\n!\ninterface + Ethernet2\n description P2P_LINK_TO_DC1-SPINE2_Ethernet1\n no shutdown\n mtu + 1500\n no switchport\n ip address 172.31.255.3/31\n!\ninterface Ethernet3\n + \ description MLAG_PEER_DC1-LEAF1B_Ethernet3\n no shutdown\n channel-group + 3 mode active\n!\ninterface Ethernet4\n description MLAG_PEER_DC1-LEAF1B_Ethernet4\n + \ no shutdown\n channel-group 3 mode active\n!\ninterface Ethernet5\n description + DC1-L2LEAF1A_Ethernet1\n no shutdown\n channel-group 5 mode active\n!\ninterface + Loopback0\n description EVPN_Overlay_Peering\n no shutdown\n ip address + 192.168.255.3/32\n!\ninterface Loopback1\n description VTEP_VXLAN_Tunnel_Source\n + \ no shutdown\n ip address 192.168.254.3/32\n!\ninterface Loopback100\n description + Tenant_A_OP_Zone_VTEP_DIAGNOSTICS\n no shutdown\n vrf Tenant_A_OP_Zone\n ip + address 10.255.1.3/32\n!\ninterface Management1\n description oob_management\n + \ no shutdown\n vrf MGMT\n ip address 10.255.0.13/24\n!\ninterface Vlan110\n + \ description Tenant_A_OP_Zone_1\n no shutdown\n vrf Tenant_A_OP_Zone\n ip + address virtual 10.1.10.1/24\n!\ninterface Vlan111\n description Tenant_A_OP_Zone_2\n + \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.11.1/24\n!\ninterface + Vlan112\n description Tenant_A_OP_Zone_3\n no shutdown\n vrf Tenant_A_OP_Zone\n + \ ip address virtual 10.1.12.254/24\n!\ninterface Vlan120\n description Tenant_A_WEB_Zone_1\n + \ no shutdown\n vrf Tenant_A_WEB_Zone\n ip address virtual 10.1.20.1/24\n!\ninterface + Vlan121\n description Tenant_A_WEBZone_2\n no shutdown\n vrf Tenant_A_WEB_Zone\n + \ ip address virtual 10.1.21.1/24\n!\ninterface Vlan130\n description Tenant_A_APP_Zone_1\n + \ no shutdown\n vrf Tenant_A_APP_Zone\n ip address virtual 10.1.30.1/24\n!\ninterface + Vlan131\n description Tenant_A_APP_Zone_2\n no shutdown\n vrf Tenant_A_APP_Zone\n + \ ip address virtual 10.1.31.254/24\n!\ninterface Vlan140\n description Tenant_A_DB_BZone_1\n + \ no shutdown\n vrf Tenant_A_DB_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface + Vlan141\n description Tenant_A_DB_Zone_2\n no shutdown\n vrf Tenant_A_DB_Zone\n + \ ip address virtual 10.1.41.1/24\n!\ninterface Vlan150\n description Tenant_A_WAN_Zone_1\n + \ no shutdown\n vrf Tenant_A_WAN_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface + Vlan210\n description Tenant_B_OP_Zone_1\n no shutdown\n vrf Tenant_B_OP_Zone\n + \ ip address virtual 10.2.10.1/24\n!\ninterface Vlan211\n description Tenant_B_OP_Zone_2\n + \ no shutdown\n vrf Tenant_B_OP_Zone\n ip address virtual 10.2.11.1/24\n!\ninterface + Vlan250\n description Tenant_B_WAN_Zone_1\n no shutdown\n vrf Tenant_B_WAN_Zone\n + \ ip address virtual 10.2.50.1/24\n!\ninterface Vlan310\n description Tenant_C_OP_Zone_1\n + \ no shutdown\n vrf Tenant_C_OP_Zone\n ip address virtual 10.3.10.1/24\n!\ninterface + Vlan311\n description Tenant_C_OP_Zone_2\n no shutdown\n vrf Tenant_C_OP_Zone\n + \ ip address virtual 10.3.11.1/24\n!\ninterface Vlan350\n description Tenant_C_WAN_Zone_1\n + \ no shutdown\n vrf Tenant_C_WAN_Zone\n ip address virtual 10.3.50.1/24\n!\ninterface + Vlan3009\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_OP_Zone\n ip address 10.255.251.0/31\n!\ninterface + Vlan3010\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_WEB_Zone\n ip address 10.255.251.0/31\n!\ninterface + Vlan3011\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_APP_Zone\n ip address 10.255.251.0/31\n!\ninterface + Vlan3012\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_DB_Zone\n ip address 10.255.251.0/31\n!\ninterface + Vlan3013\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_WAN_Zone\n ip address 10.255.251.0/31\n!\ninterface + Vlan3019\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_B_OP_Zone\n ip address 10.255.251.0/31\n!\ninterface + Vlan3020\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_B_WAN_Zone\n ip address 10.255.251.0/31\n!\ninterface + Vlan3029\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_C_OP_Zone\n ip address 10.255.251.0/31\n!\ninterface + Vlan3030\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_C_WAN_Zone\n ip address 10.255.251.0/31\n!\ninterface + Vlan4093\n description MLAG_PEER_L3_PEERING\n no shutdown\n mtu 1500\n ip + address 10.255.251.0/31\n!\ninterface Vlan4094\n description MLAG_PEER\n no + shutdown\n mtu 1500\n no autostate\n ip address 10.255.252.0/31\n!\ninterface + Vxlan1\n description DC1-LEAF1A_VTEP\n vxlan source-interface Loopback1\n + \ vxlan virtual-router encapsulation mac-address mlag-system-id\n vxlan udp-port + 4789\n vxlan vlan 110 vni 10110\n vxlan vlan 111 vni 50111\n vxlan vlan + 112 vni 50112\n vxlan vlan 120 vni 10120\n vxlan vlan 121 vni 10121\n vxlan + vlan 130 vni 10130\n vxlan vlan 131 vni 10131\n vxlan vlan 140 vni 10140\n + \ vxlan vlan 141 vni 10141\n vxlan vlan 150 vni 10150\n vxlan vlan 160 vni + 55160\n vxlan vlan 161 vni 10161\n vxlan vlan 210 vni 20210\n vxlan vlan + 211 vni 20211\n vxlan vlan 250 vni 20250\n vxlan vlan 310 vni 30310\n vxlan + vlan 311 vni 30311\n vxlan vlan 350 vni 30350\n vxlan vrf Tenant_A_APP_Zone + vni 12\n vxlan vrf Tenant_A_DB_Zone vni 13\n vxlan vrf Tenant_A_OP_Zone vni + 10\n vxlan vrf Tenant_A_WAN_Zone vni 14\n vxlan vrf Tenant_A_WEB_Zone vni + 11\n vxlan vrf Tenant_B_OP_Zone vni 20\n vxlan vrf Tenant_B_WAN_Zone vni 21\n + \ vxlan vrf Tenant_C_OP_Zone vni 30\n vxlan vrf Tenant_C_WAN_Zone vni 31\n!\nip + virtual-router mac-address 00:1c:73:00:dc:01\n!\nip address virtual source-nat + vrf Tenant_A_OP_Zone address 10.255.1.3\n!\nip routing\nno ip routing vrf MGMT\nip + routing vrf Tenant_A_APP_Zone\nip routing vrf Tenant_A_DB_Zone\nip routing vrf + Tenant_A_OP_Zone\nip routing vrf Tenant_A_WAN_Zone\nip routing vrf Tenant_A_WEB_Zone\nip + routing vrf Tenant_B_OP_Zone\nip routing vrf Tenant_B_WAN_Zone\nip routing vrf + Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n!\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n + \ seq 10 permit 192.168.255.0/24 eq 32\n seq 20 permit 192.168.254.0/24 eq + 32\n!\nmlag configuration\n domain-id DC1_LEAF1\n local-interface Vlan4094\n + \ peer-address 10.255.252.1\n peer-link Port-Channel3\n reload-delay mlag + 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map + RM-CONN-2-BGP permit 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map + RM-MLAG-PEER-IN permit 10\n description Make routes learned over MLAG Peer-link + less preferred on spines to ensure optimal routing\n set origin incomplete\n!\nrouter + bfd\n multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65101\n + \ router-id 192.168.255.3\n maximum-paths 4 ecmp 4\n update wait-install\n + \ no bgp default ipv4-unicast\n no bgp default ipv4-unicast\n distance bgp + 20 200 200\n graceful-restart restart-time 300\n graceful-restart\n neighbor + EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n + \ neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop + 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor + EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS maximum-routes + 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS + password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n + \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER + peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101\n neighbor MLAG-IPv4-UNDERLAY-PEER + next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF1B\n neighbor + MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER + send-community\n neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor + MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.1 + peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.1 description DC1-LEAF1B\n + \ neighbor 172.31.255.0 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.0 + remote-as 65001\n neighbor 172.31.255.0 description DC1-SPINE1_Ethernet1\n neighbor + 172.31.255.2 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.2 remote-as + 65001\n neighbor 172.31.255.2 description DC1-SPINE2_Ethernet1\n neighbor + 192.168.255.1 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as + 65001\n neighbor 192.168.255.1 description DC1-SPINE1\n neighbor 192.168.255.2 + peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2 remote-as 65001\n neighbor + 192.168.255.2 description DC1-SPINE2\n redistribute connected route-map RM-CONN-2-BGP\n + \ !\n vlan-aware-bundle Tenant_A_APP_Zone\n rd 192.168.255.3:12\n route-target + both 12:12\n redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle + Tenant_A_DB_Zone\n rd 192.168.255.3:13\n route-target both 13:13\n redistribute + learned\n vlan 140-141\n !\n vlan-aware-bundle Tenant_A_NFS\n rd + 192.168.255.3:10161\n route-target both 10161:10161\n redistribute learned\n + \ vlan 161\n !\n vlan-aware-bundle Tenant_A_OP_Zone\n rd 192.168.255.3:10\n + \ route-target both 10:10\n redistribute learned\n vlan 110-112\n + \ !\n vlan-aware-bundle Tenant_A_VMOTION\n rd 192.168.255.3:55160\n route-target + both 55160:55160\n redistribute learned\n vlan 160\n !\n vlan-aware-bundle + Tenant_A_WAN_Zone\n rd 192.168.255.3:14\n route-target both 14:14\n + \ redistribute learned\n vlan 150\n !\n vlan-aware-bundle Tenant_A_WEB_Zone\n + \ rd 192.168.255.3:11\n route-target both 11:11\n redistribute learned\n + \ vlan 120-121\n !\n vlan-aware-bundle Tenant_B_OP_Zone\n rd 192.168.255.3:20\n + \ route-target both 20:20\n redistribute learned\n vlan 210-211\n + \ !\n vlan-aware-bundle Tenant_B_WAN_Zone\n rd 192.168.255.3:21\n route-target + both 21:21\n redistribute learned\n vlan 250\n !\n vlan-aware-bundle + Tenant_C_OP_Zone\n rd 192.168.255.3:30\n route-target both 30:30\n redistribute + learned\n vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd + 192.168.255.3:31\n route-target both 31:31\n redistribute learned\n + \ vlan 350\n !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS + activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n + \ neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER + activate\n !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.3:12\n route-target + import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.3\n + \ update wait-install\n neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n + \ redistribute connected\n !\n vrf Tenant_A_DB_Zone\n rd 192.168.255.3:13\n + \ route-target import evpn 13:13\n route-target export evpn 13:13\n router-id + 192.168.255.3\n update wait-install\n neighbor 10.255.251.1 peer group + MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n !\n vrf Tenant_A_OP_Zone\n + \ rd 192.168.255.3:10\n route-target import evpn 10:10\n route-target + export evpn 10:10\n router-id 192.168.255.3\n update wait-install\n + \ neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.3:14\n route-target + import evpn 14:14\n route-target export evpn 14:14\n router-id 192.168.255.3\n + \ update wait-install\n neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n + \ redistribute connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.3:11\n + \ route-target import evpn 11:11\n route-target export evpn 11:11\n router-id + 192.168.255.3\n update wait-install\n neighbor 10.255.251.1 peer group + MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n !\n vrf Tenant_B_OP_Zone\n + \ rd 192.168.255.3:20\n route-target import evpn 20:20\n route-target + export evpn 20:20\n router-id 192.168.255.3\n update wait-install\n + \ neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.3:21\n route-target + import evpn 21:21\n route-target export evpn 21:21\n router-id 192.168.255.3\n + \ update wait-install\n neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n + \ redistribute connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.3:30\n + \ route-target import evpn 30:30\n route-target export evpn 30:30\n router-id + 192.168.255.3\n update wait-install\n neighbor 10.255.251.1 peer group + MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n !\n vrf Tenant_C_WAN_Zone\n + \ rd 192.168.255.3:31\n route-target import evpn 31:31\n route-target + export evpn 31:31\n router-id 192.168.255.3\n update wait-install\n + \ neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n!\nmanagement api http-commands\n protocol https\n no shutdown\n + \ !\n vrf MGMT\n no shutdown\n!\nend\n" + DC1-AVD_DC1-LEAF1B: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec + /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata + -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n!\nvlan + internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode 4x10G\n!\nservice + routing protocols model multi-agent\n!\nhostname DC1-LEAF1B\nip name-server vrf + MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface vrf + MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server vrf + MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nno spanning-tree vlan-id 4093-4094\nspanning-tree + mst 0 priority 16384\n!\nno enable password\nno aaa root\n!\nusername admin privilege + 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\nusername + ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\nusername + cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nvlan + 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n!\nvlan + 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n!\nvlan + 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n!\nvlan + 131\n name Tenant_A_APP_Zone_2\n!\nvlan 140\n name Tenant_A_DB_BZone_1\n!\nvlan + 141\n name Tenant_A_DB_Zone_2\n!\nvlan 150\n name Tenant_A_WAN_Zone_1\n!\nvlan + 160\n name Tenant_A_VMOTION\n!\nvlan 161\n name Tenant_A_NFS\n!\nvlan 210\n + \ name Tenant_B_OP_Zone_1\n!\nvlan 211\n name Tenant_B_OP_Zone_2\n!\nvlan 250\n + \ name Tenant_B_WAN_Zone_1\n!\nvlan 310\n name Tenant_C_OP_Zone_1\n!\nvlan + 311\n name Tenant_C_OP_Zone_2\n!\nvlan 350\n name Tenant_C_WAN_Zone_1\n!\nvlan + 3009\n name MLAG_iBGP_Tenant_A_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3010\n name MLAG_iBGP_Tenant_A_WEB_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3011\n name MLAG_iBGP_Tenant_A_APP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3012\n name MLAG_iBGP_Tenant_A_DB_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3013\n name MLAG_iBGP_Tenant_A_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3019\n name MLAG_iBGP_Tenant_B_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3020\n name MLAG_iBGP_Tenant_B_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3029\n name MLAG_iBGP_Tenant_C_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3030\n name MLAG_iBGP_Tenant_C_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 4093\n name LEAF_PEER_L3\n trunk group LEAF_PEER_L3\n!\nvlan 4094\n name + MLAG_PEER\n trunk group MLAG\n!\nvrf instance MGMT\n!\nvrf instance Tenant_A_APP_Zone\n!\nvrf + instance Tenant_A_DB_Zone\n!\nvrf instance Tenant_A_OP_Zone\n!\nvrf instance Tenant_A_WAN_Zone\n!\nvrf + instance Tenant_A_WEB_Zone\n!\nvrf instance Tenant_B_OP_Zone\n!\nvrf instance + Tenant_B_WAN_Zone\n!\nvrf instance Tenant_C_OP_Zone\n!\nvrf instance Tenant_C_WAN_Zone\n!\ninterface + Port-Channel3\n description MLAG_PEER_DC1-LEAF1A_Po3\n no shutdown\n switchport\n + \ switchport mode trunk\n switchport trunk group LEAF_PEER_L3\n switchport + trunk group MLAG\n!\ninterface Port-Channel5\n description DC1-L2LEAF1A_Po1\n + \ no shutdown\n switchport\n switchport trunk allowed vlan 110-112,120-121,130-131\n + \ switchport mode trunk\n mlag 5\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-SPINE1_Ethernet2\n + \ no shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.5/31\n!\ninterface + Ethernet2\n description P2P_LINK_TO_DC1-SPINE2_Ethernet2\n no shutdown\n mtu + 1500\n no switchport\n ip address 172.31.255.7/31\n!\ninterface Ethernet3\n + \ description MLAG_PEER_DC1-LEAF1A_Ethernet3\n no shutdown\n channel-group + 3 mode active\n!\ninterface Ethernet4\n description MLAG_PEER_DC1-LEAF1A_Ethernet4\n + \ no shutdown\n channel-group 3 mode active\n!\ninterface Ethernet5\n description + DC1-L2LEAF1A_Ethernet2\n no shutdown\n channel-group 5 mode active\n!\ninterface + Loopback0\n description EVPN_Overlay_Peering\n no shutdown\n ip address + 192.168.255.4/32\n!\ninterface Loopback1\n description VTEP_VXLAN_Tunnel_Source\n + \ no shutdown\n ip address 192.168.254.3/32\n!\ninterface Loopback100\n description + Tenant_A_OP_Zone_VTEP_DIAGNOSTICS\n no shutdown\n vrf Tenant_A_OP_Zone\n ip + address 10.255.1.4/32\n!\ninterface Management1\n description oob_management\n + \ no shutdown\n vrf MGMT\n ip address 10.255.0.14/24\n!\ninterface Vlan110\n + \ description Tenant_A_OP_Zone_1\n no shutdown\n vrf Tenant_A_OP_Zone\n ip + address virtual 10.1.10.1/24\n!\ninterface Vlan111\n description Tenant_A_OP_Zone_2\n + \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.11.1/24\n!\ninterface + Vlan112\n description Tenant_A_OP_Zone_3\n no shutdown\n vrf Tenant_A_OP_Zone\n + \ ip address virtual 10.1.12.254/24\n!\ninterface Vlan120\n description Tenant_A_WEB_Zone_1\n + \ no shutdown\n vrf Tenant_A_WEB_Zone\n ip address virtual 10.1.20.1/24\n!\ninterface + Vlan121\n description Tenant_A_WEBZone_2\n no shutdown\n vrf Tenant_A_WEB_Zone\n + \ ip address virtual 10.1.21.1/24\n!\ninterface Vlan130\n description Tenant_A_APP_Zone_1\n + \ no shutdown\n vrf Tenant_A_APP_Zone\n ip address virtual 10.1.30.1/24\n!\ninterface + Vlan131\n description Tenant_A_APP_Zone_2\n no shutdown\n vrf Tenant_A_APP_Zone\n + \ ip address virtual 10.1.31.254/24\n!\ninterface Vlan140\n description Tenant_A_DB_BZone_1\n + \ no shutdown\n vrf Tenant_A_DB_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface + Vlan141\n description Tenant_A_DB_Zone_2\n no shutdown\n vrf Tenant_A_DB_Zone\n + \ ip address virtual 10.1.41.1/24\n!\ninterface Vlan150\n description Tenant_A_WAN_Zone_1\n + \ no shutdown\n vrf Tenant_A_WAN_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface + Vlan210\n description Tenant_B_OP_Zone_1\n no shutdown\n vrf Tenant_B_OP_Zone\n + \ ip address virtual 10.2.10.1/24\n!\ninterface Vlan211\n description Tenant_B_OP_Zone_2\n + \ no shutdown\n vrf Tenant_B_OP_Zone\n ip address virtual 10.2.11.1/24\n!\ninterface + Vlan250\n description Tenant_B_WAN_Zone_1\n no shutdown\n vrf Tenant_B_WAN_Zone\n + \ ip address virtual 10.2.50.1/24\n!\ninterface Vlan310\n description Tenant_C_OP_Zone_1\n + \ no shutdown\n vrf Tenant_C_OP_Zone\n ip address virtual 10.3.10.1/24\n!\ninterface + Vlan311\n description Tenant_C_OP_Zone_2\n no shutdown\n vrf Tenant_C_OP_Zone\n + \ ip address virtual 10.3.11.1/24\n!\ninterface Vlan350\n description Tenant_C_WAN_Zone_1\n + \ no shutdown\n vrf Tenant_C_WAN_Zone\n ip address virtual 10.3.50.1/24\n!\ninterface + Vlan3009\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_OP_Zone\n ip address 10.255.251.1/31\n!\ninterface + Vlan3010\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_WEB_Zone\n ip address 10.255.251.1/31\n!\ninterface + Vlan3011\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_APP_Zone\n ip address 10.255.251.1/31\n!\ninterface + Vlan3012\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_DB_Zone\n ip address 10.255.251.1/31\n!\ninterface + Vlan3013\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_WAN_Zone\n ip address 10.255.251.1/31\n!\ninterface + Vlan3019\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_B_OP_Zone\n ip address 10.255.251.1/31\n!\ninterface + Vlan3020\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_B_WAN_Zone\n ip address 10.255.251.1/31\n!\ninterface + Vlan3029\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_C_OP_Zone\n ip address 10.255.251.1/31\n!\ninterface + Vlan3030\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_C_WAN_Zone\n ip address 10.255.251.1/31\n!\ninterface + Vlan4093\n description MLAG_PEER_L3_PEERING\n no shutdown\n mtu 1500\n ip + address 10.255.251.1/31\n!\ninterface Vlan4094\n description MLAG_PEER\n no + shutdown\n mtu 1500\n no autostate\n ip address 10.255.252.1/31\n!\ninterface + Vxlan1\n description DC1-LEAF1B_VTEP\n vxlan source-interface Loopback1\n + \ vxlan virtual-router encapsulation mac-address mlag-system-id\n vxlan udp-port + 4789\n vxlan vlan 110 vni 10110\n vxlan vlan 111 vni 50111\n vxlan vlan + 112 vni 50112\n vxlan vlan 120 vni 10120\n vxlan vlan 121 vni 10121\n vxlan + vlan 130 vni 10130\n vxlan vlan 131 vni 10131\n vxlan vlan 140 vni 10140\n + \ vxlan vlan 141 vni 10141\n vxlan vlan 150 vni 10150\n vxlan vlan 160 vni + 55160\n vxlan vlan 161 vni 10161\n vxlan vlan 210 vni 20210\n vxlan vlan + 211 vni 20211\n vxlan vlan 250 vni 20250\n vxlan vlan 310 vni 30310\n vxlan + vlan 311 vni 30311\n vxlan vlan 350 vni 30350\n vxlan vrf Tenant_A_APP_Zone + vni 12\n vxlan vrf Tenant_A_DB_Zone vni 13\n vxlan vrf Tenant_A_OP_Zone vni + 10\n vxlan vrf Tenant_A_WAN_Zone vni 14\n vxlan vrf Tenant_A_WEB_Zone vni + 11\n vxlan vrf Tenant_B_OP_Zone vni 20\n vxlan vrf Tenant_B_WAN_Zone vni 21\n + \ vxlan vrf Tenant_C_OP_Zone vni 30\n vxlan vrf Tenant_C_WAN_Zone vni 31\n!\nip + virtual-router mac-address 00:1c:73:00:dc:01\n!\nip address virtual source-nat + vrf Tenant_A_OP_Zone address 10.255.1.4\n!\nip routing\nno ip routing vrf MGMT\nip + routing vrf Tenant_A_APP_Zone\nip routing vrf Tenant_A_DB_Zone\nip routing vrf + Tenant_A_OP_Zone\nip routing vrf Tenant_A_WAN_Zone\nip routing vrf Tenant_A_WEB_Zone\nip + routing vrf Tenant_B_OP_Zone\nip routing vrf Tenant_B_WAN_Zone\nip routing vrf + Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n!\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n + \ seq 10 permit 192.168.255.0/24 eq 32\n seq 20 permit 192.168.254.0/24 eq + 32\n!\nmlag configuration\n domain-id DC1_LEAF1\n local-interface Vlan4094\n + \ peer-address 10.255.252.0\n peer-link Port-Channel3\n reload-delay mlag + 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map + RM-CONN-2-BGP permit 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map + RM-MLAG-PEER-IN permit 10\n description Make routes learned over MLAG Peer-link + less preferred on spines to ensure optimal routing\n set origin incomplete\n!\nrouter + bfd\n multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65101\n + \ router-id 192.168.255.4\n maximum-paths 4 ecmp 4\n update wait-install\n + \ no bgp default ipv4-unicast\n no bgp default ipv4-unicast\n distance bgp + 20 200 200\n graceful-restart restart-time 300\n graceful-restart\n neighbor + EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n + \ neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop + 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor + EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS maximum-routes + 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS + password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n + \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER + peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101\n neighbor MLAG-IPv4-UNDERLAY-PEER + next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF1A\n neighbor + MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER + send-community\n neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor + MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.0 + peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.0 description DC1-LEAF1A\n + \ neighbor 172.31.255.4 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.4 + remote-as 65001\n neighbor 172.31.255.4 description DC1-SPINE1_Ethernet2\n neighbor + 172.31.255.6 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.6 remote-as + 65001\n neighbor 172.31.255.6 description DC1-SPINE2_Ethernet2\n neighbor + 192.168.255.1 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as + 65001\n neighbor 192.168.255.1 description DC1-SPINE1\n neighbor 192.168.255.2 + peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2 remote-as 65001\n neighbor + 192.168.255.2 description DC1-SPINE2\n redistribute connected route-map RM-CONN-2-BGP\n + \ !\n vlan-aware-bundle Tenant_A_APP_Zone\n rd 192.168.255.4:12\n route-target + both 12:12\n redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle + Tenant_A_DB_Zone\n rd 192.168.255.4:13\n route-target both 13:13\n redistribute + learned\n vlan 140-141\n !\n vlan-aware-bundle Tenant_A_NFS\n rd + 192.168.255.4:10161\n route-target both 10161:10161\n redistribute learned\n + \ vlan 161\n !\n vlan-aware-bundle Tenant_A_OP_Zone\n rd 192.168.255.4:10\n + \ route-target both 10:10\n redistribute learned\n vlan 110-112\n + \ !\n vlan-aware-bundle Tenant_A_VMOTION\n rd 192.168.255.4:55160\n route-target + both 55160:55160\n redistribute learned\n vlan 160\n !\n vlan-aware-bundle + Tenant_A_WAN_Zone\n rd 192.168.255.4:14\n route-target both 14:14\n + \ redistribute learned\n vlan 150\n !\n vlan-aware-bundle Tenant_A_WEB_Zone\n + \ rd 192.168.255.4:11\n route-target both 11:11\n redistribute learned\n + \ vlan 120-121\n !\n vlan-aware-bundle Tenant_B_OP_Zone\n rd 192.168.255.4:20\n + \ route-target both 20:20\n redistribute learned\n vlan 210-211\n + \ !\n vlan-aware-bundle Tenant_B_WAN_Zone\n rd 192.168.255.4:21\n route-target + both 21:21\n redistribute learned\n vlan 250\n !\n vlan-aware-bundle + Tenant_C_OP_Zone\n rd 192.168.255.4:30\n route-target both 30:30\n redistribute + learned\n vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd + 192.168.255.4:31\n route-target both 31:31\n redistribute learned\n + \ vlan 350\n !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS + activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n + \ neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER + activate\n !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.4:12\n route-target + import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.4\n + \ update wait-install\n neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n + \ redistribute connected\n !\n vrf Tenant_A_DB_Zone\n rd 192.168.255.4:13\n + \ route-target import evpn 13:13\n route-target export evpn 13:13\n router-id + 192.168.255.4\n update wait-install\n neighbor 10.255.251.0 peer group + MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n !\n vrf Tenant_A_OP_Zone\n + \ rd 192.168.255.4:10\n route-target import evpn 10:10\n route-target + export evpn 10:10\n router-id 192.168.255.4\n update wait-install\n + \ neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.4:14\n route-target + import evpn 14:14\n route-target export evpn 14:14\n router-id 192.168.255.4\n + \ update wait-install\n neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n + \ redistribute connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.4:11\n + \ route-target import evpn 11:11\n route-target export evpn 11:11\n router-id + 192.168.255.4\n update wait-install\n neighbor 10.255.251.0 peer group + MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n !\n vrf Tenant_B_OP_Zone\n + \ rd 192.168.255.4:20\n route-target import evpn 20:20\n route-target + export evpn 20:20\n router-id 192.168.255.4\n update wait-install\n + \ neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.4:21\n route-target + import evpn 21:21\n route-target export evpn 21:21\n router-id 192.168.255.4\n + \ update wait-install\n neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n + \ redistribute connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.4:30\n + \ route-target import evpn 30:30\n route-target export evpn 30:30\n router-id + 192.168.255.4\n update wait-install\n neighbor 10.255.251.0 peer group + MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n !\n vrf Tenant_C_WAN_Zone\n + \ rd 192.168.255.4:31\n route-target import evpn 31:31\n route-target + export evpn 31:31\n router-id 192.168.255.4\n update wait-install\n + \ neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n!\nmanagement api http-commands\n protocol https\n no shutdown\n + \ !\n vrf MGMT\n no shutdown\n!\nend\n" + DC1-AVD_DC1-LEAF2A: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec + /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata + -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n!\nvlan + internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode 4x10G\n!\nservice + routing protocols model multi-agent\n!\nhostname DC1-LEAF2A\nip name-server vrf + MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface vrf + MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server vrf + MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nno spanning-tree vlan-id 4093-4094\nspanning-tree + mst 0 priority 16384\n!\nno enable password\nno aaa root\n!\nusername admin privilege + 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\nusername + ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\nusername + cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nvlan + 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n!\nvlan + 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n!\nvlan + 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n!\nvlan + 131\n name Tenant_A_APP_Zone_2\n!\nvlan 140\n name Tenant_A_DB_BZone_1\n!\nvlan + 141\n name Tenant_A_DB_Zone_2\n!\nvlan 150\n name Tenant_A_WAN_Zone_1\n!\nvlan + 160\n name Tenant_A_VMOTION\n!\nvlan 161\n name Tenant_A_NFS\n!\nvlan 210\n + \ name Tenant_B_OP_Zone_1\n!\nvlan 211\n name Tenant_B_OP_Zone_2\n!\nvlan 250\n + \ name Tenant_B_WAN_Zone_1\n!\nvlan 310\n name Tenant_C_OP_Zone_1\n!\nvlan + 311\n name Tenant_C_OP_Zone_2\n!\nvlan 350\n name Tenant_C_WAN_Zone_1\n!\nvlan + 3009\n name MLAG_iBGP_Tenant_A_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3010\n name MLAG_iBGP_Tenant_A_WEB_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3011\n name MLAG_iBGP_Tenant_A_APP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3012\n name MLAG_iBGP_Tenant_A_DB_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3013\n name MLAG_iBGP_Tenant_A_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3019\n name MLAG_iBGP_Tenant_B_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3020\n name MLAG_iBGP_Tenant_B_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3029\n name MLAG_iBGP_Tenant_C_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3030\n name MLAG_iBGP_Tenant_C_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 4093\n name LEAF_PEER_L3\n trunk group LEAF_PEER_L3\n!\nvlan 4094\n name + MLAG_PEER\n trunk group MLAG\n!\nvrf instance MGMT\n!\nvrf instance Tenant_A_APP_Zone\n!\nvrf + instance Tenant_A_DB_Zone\n!\nvrf instance Tenant_A_OP_Zone\n!\nvrf instance Tenant_A_WAN_Zone\n!\nvrf + instance Tenant_A_WEB_Zone\n!\nvrf instance Tenant_B_OP_Zone\n!\nvrf instance + Tenant_B_WAN_Zone\n!\nvrf instance Tenant_C_OP_Zone\n!\nvrf instance Tenant_C_WAN_Zone\n!\ninterface + Port-Channel3\n description MLAG_PEER_DC1-LEAF2B_Po3\n no shutdown\n switchport\n + \ switchport mode trunk\n switchport trunk group LEAF_PEER_L3\n switchport + trunk group MLAG\n!\ninterface Port-Channel5\n description DC1-L2LEAF2A_Po1\n + \ no shutdown\n switchport\n switchport trunk allowed vlan 110-112,120-121,130-131\n + \ switchport mode trunk\n mlag 5\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-SPINE1_Ethernet3\n + \ no shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.9/31\n!\ninterface + Ethernet2\n description P2P_LINK_TO_DC1-SPINE2_Ethernet3\n no shutdown\n mtu + 1500\n no switchport\n ip address 172.31.255.11/31\n!\ninterface Ethernet3\n + \ description MLAG_PEER_DC1-LEAF2B_Ethernet3\n no shutdown\n channel-group + 3 mode active\n!\ninterface Ethernet4\n description MLAG_PEER_DC1-LEAF2B_Ethernet4\n + \ no shutdown\n channel-group 3 mode active\n!\ninterface Ethernet5\n description + DC1-L2LEAF2A_Ethernet1\n no shutdown\n channel-group 5 mode active\n!\ninterface + Loopback0\n description EVPN_Overlay_Peering\n no shutdown\n ip address + 192.168.255.5/32\n!\ninterface Loopback1\n description VTEP_VXLAN_Tunnel_Source\n + \ no shutdown\n ip address 192.168.254.5/32\n!\ninterface Loopback100\n description + Tenant_A_OP_Zone_VTEP_DIAGNOSTICS\n no shutdown\n vrf Tenant_A_OP_Zone\n ip + address 10.255.1.5/32\n!\ninterface Management1\n description oob_management\n + \ no shutdown\n vrf MGMT\n ip address 10.255.0.15/24\n!\ninterface Vlan110\n + \ description Tenant_A_OP_Zone_1\n no shutdown\n vrf Tenant_A_OP_Zone\n ip + address virtual 10.1.10.1/24\n!\ninterface Vlan111\n description Tenant_A_OP_Zone_2\n + \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.11.1/24\n!\ninterface + Vlan112\n description Tenant_A_OP_Zone_3\n no shutdown\n vrf Tenant_A_OP_Zone\n + \ ip address virtual 10.1.12.254/24\n!\ninterface Vlan120\n description Tenant_A_WEB_Zone_1\n + \ no shutdown\n vrf Tenant_A_WEB_Zone\n ip address virtual 10.1.20.1/24\n!\ninterface + Vlan121\n description Tenant_A_WEBZone_2\n no shutdown\n vrf Tenant_A_WEB_Zone\n + \ ip address virtual 10.1.21.1/24\n!\ninterface Vlan130\n description Tenant_A_APP_Zone_1\n + \ no shutdown\n vrf Tenant_A_APP_Zone\n ip address virtual 10.1.30.1/24\n!\ninterface + Vlan131\n description Tenant_A_APP_Zone_2\n no shutdown\n vrf Tenant_A_APP_Zone\n + \ ip address virtual 10.1.31.254/24\n!\ninterface Vlan140\n description Tenant_A_DB_BZone_1\n + \ no shutdown\n vrf Tenant_A_DB_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface + Vlan141\n description Tenant_A_DB_Zone_2\n no shutdown\n vrf Tenant_A_DB_Zone\n + \ ip address virtual 10.1.41.1/24\n!\ninterface Vlan150\n description Tenant_A_WAN_Zone_1\n + \ no shutdown\n vrf Tenant_A_WAN_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface + Vlan210\n description Tenant_B_OP_Zone_1\n no shutdown\n vrf Tenant_B_OP_Zone\n + \ ip address virtual 10.2.10.1/24\n!\ninterface Vlan211\n description Tenant_B_OP_Zone_2\n + \ no shutdown\n vrf Tenant_B_OP_Zone\n ip address virtual 10.2.11.1/24\n!\ninterface + Vlan250\n description Tenant_B_WAN_Zone_1\n no shutdown\n vrf Tenant_B_WAN_Zone\n + \ ip address virtual 10.2.50.1/24\n!\ninterface Vlan310\n description Tenant_C_OP_Zone_1\n + \ no shutdown\n vrf Tenant_C_OP_Zone\n ip address virtual 10.3.10.1/24\n!\ninterface + Vlan311\n description Tenant_C_OP_Zone_2\n no shutdown\n vrf Tenant_C_OP_Zone\n + \ ip address virtual 10.3.11.1/24\n!\ninterface Vlan350\n description Tenant_C_WAN_Zone_1\n + \ no shutdown\n vrf Tenant_C_WAN_Zone\n ip address virtual 10.3.50.1/24\n!\ninterface + Vlan3009\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_OP_Zone\n ip address 10.255.251.4/31\n!\ninterface + Vlan3010\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_WEB_Zone\n ip address 10.255.251.4/31\n!\ninterface + Vlan3011\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_APP_Zone\n ip address 10.255.251.4/31\n!\ninterface + Vlan3012\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_DB_Zone\n ip address 10.255.251.4/31\n!\ninterface + Vlan3013\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_WAN_Zone\n ip address 10.255.251.4/31\n!\ninterface + Vlan3019\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_B_OP_Zone\n ip address 10.255.251.4/31\n!\ninterface + Vlan3020\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_B_WAN_Zone\n ip address 10.255.251.4/31\n!\ninterface + Vlan3029\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_C_OP_Zone\n ip address 10.255.251.4/31\n!\ninterface + Vlan3030\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_C_WAN_Zone\n ip address 10.255.251.4/31\n!\ninterface + Vlan4093\n description MLAG_PEER_L3_PEERING\n no shutdown\n mtu 1500\n ip + address 10.255.251.4/31\n!\ninterface Vlan4094\n description MLAG_PEER\n no + shutdown\n mtu 1500\n no autostate\n ip address 10.255.252.4/31\n!\ninterface + Vxlan1\n description DC1-LEAF2A_VTEP\n vxlan source-interface Loopback1\n + \ vxlan virtual-router encapsulation mac-address mlag-system-id\n vxlan udp-port + 4789\n vxlan vlan 110 vni 10110\n vxlan vlan 111 vni 50111\n vxlan vlan + 112 vni 50112\n vxlan vlan 120 vni 10120\n vxlan vlan 121 vni 10121\n vxlan + vlan 130 vni 10130\n vxlan vlan 131 vni 10131\n vxlan vlan 140 vni 10140\n + \ vxlan vlan 141 vni 10141\n vxlan vlan 150 vni 10150\n vxlan vlan 160 vni + 55160\n vxlan vlan 161 vni 10161\n vxlan vlan 210 vni 20210\n vxlan vlan + 211 vni 20211\n vxlan vlan 250 vni 20250\n vxlan vlan 310 vni 30310\n vxlan + vlan 311 vni 30311\n vxlan vlan 350 vni 30350\n vxlan vrf Tenant_A_APP_Zone + vni 12\n vxlan vrf Tenant_A_DB_Zone vni 13\n vxlan vrf Tenant_A_OP_Zone vni + 10\n vxlan vrf Tenant_A_WAN_Zone vni 14\n vxlan vrf Tenant_A_WEB_Zone vni + 11\n vxlan vrf Tenant_B_OP_Zone vni 20\n vxlan vrf Tenant_B_WAN_Zone vni 21\n + \ vxlan vrf Tenant_C_OP_Zone vni 30\n vxlan vrf Tenant_C_WAN_Zone vni 31\n!\nip + virtual-router mac-address 00:1c:73:00:dc:01\n!\nip address virtual source-nat + vrf Tenant_A_OP_Zone address 10.255.1.5\n!\nip routing\nno ip routing vrf MGMT\nip + routing vrf Tenant_A_APP_Zone\nip routing vrf Tenant_A_DB_Zone\nip routing vrf + Tenant_A_OP_Zone\nip routing vrf Tenant_A_WAN_Zone\nip routing vrf Tenant_A_WEB_Zone\nip + routing vrf Tenant_B_OP_Zone\nip routing vrf Tenant_B_WAN_Zone\nip routing vrf + Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n!\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n + \ seq 10 permit 192.168.255.0/24 eq 32\n seq 20 permit 192.168.254.0/24 eq + 32\n!\nmlag configuration\n domain-id DC1_LEAF2\n local-interface Vlan4094\n + \ peer-address 10.255.252.5\n peer-link Port-Channel3\n reload-delay mlag + 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map + RM-CONN-2-BGP permit 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map + RM-MLAG-PEER-IN permit 10\n description Make routes learned over MLAG Peer-link + less preferred on spines to ensure optimal routing\n set origin incomplete\n!\nrouter + bfd\n multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65102\n + \ router-id 192.168.255.5\n maximum-paths 4 ecmp 4\n update wait-install\n + \ no bgp default ipv4-unicast\n no bgp default ipv4-unicast\n distance bgp + 20 200 200\n graceful-restart restart-time 300\n graceful-restart\n neighbor + EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n + \ neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop + 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor + EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS maximum-routes + 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS + password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n + \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER + peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102\n neighbor MLAG-IPv4-UNDERLAY-PEER + next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2B\n neighbor + MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER + send-community\n neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor + MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.5 + peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.5 description DC1-LEAF2B\n + \ neighbor 172.31.255.8 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.8 + remote-as 65001\n neighbor 172.31.255.8 description DC1-SPINE1_Ethernet3\n neighbor + 172.31.255.10 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.10 remote-as + 65001\n neighbor 172.31.255.10 description DC1-SPINE2_Ethernet3\n neighbor + 192.168.255.1 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as + 65001\n neighbor 192.168.255.1 description DC1-SPINE1\n neighbor 192.168.255.2 + peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2 remote-as 65001\n neighbor + 192.168.255.2 description DC1-SPINE2\n redistribute connected route-map RM-CONN-2-BGP\n + \ !\n vlan-aware-bundle Tenant_A_APP_Zone\n rd 192.168.255.5:12\n route-target + both 12:12\n redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle + Tenant_A_DB_Zone\n rd 192.168.255.5:13\n route-target both 13:13\n redistribute + learned\n vlan 140-141\n !\n vlan-aware-bundle Tenant_A_NFS\n rd + 192.168.255.5:10161\n route-target both 10161:10161\n redistribute learned\n + \ vlan 161\n !\n vlan-aware-bundle Tenant_A_OP_Zone\n rd 192.168.255.5:10\n + \ route-target both 10:10\n redistribute learned\n vlan 110-112\n + \ !\n vlan-aware-bundle Tenant_A_VMOTION\n rd 192.168.255.5:55160\n route-target + both 55160:55160\n redistribute learned\n vlan 160\n !\n vlan-aware-bundle + Tenant_A_WAN_Zone\n rd 192.168.255.5:14\n route-target both 14:14\n + \ redistribute learned\n vlan 150\n !\n vlan-aware-bundle Tenant_A_WEB_Zone\n + \ rd 192.168.255.5:11\n route-target both 11:11\n redistribute learned\n + \ vlan 120-121\n !\n vlan-aware-bundle Tenant_B_OP_Zone\n rd 192.168.255.5:20\n + \ route-target both 20:20\n redistribute learned\n vlan 210-211\n + \ !\n vlan-aware-bundle Tenant_B_WAN_Zone\n rd 192.168.255.5:21\n route-target + both 21:21\n redistribute learned\n vlan 250\n !\n vlan-aware-bundle + Tenant_C_OP_Zone\n rd 192.168.255.5:30\n route-target both 30:30\n redistribute + learned\n vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd + 192.168.255.5:31\n route-target both 31:31\n redistribute learned\n + \ vlan 350\n !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS + activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n + \ neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER + activate\n !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.5:12\n route-target + import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.5\n + \ update wait-install\n neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n + \ redistribute connected\n !\n vrf Tenant_A_DB_Zone\n rd 192.168.255.5:13\n + \ route-target import evpn 13:13\n route-target export evpn 13:13\n router-id + 192.168.255.5\n update wait-install\n neighbor 10.255.251.5 peer group + MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n !\n vrf Tenant_A_OP_Zone\n + \ rd 192.168.255.5:10\n route-target import evpn 10:10\n route-target + export evpn 10:10\n router-id 192.168.255.5\n update wait-install\n + \ neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.5:14\n route-target + import evpn 14:14\n route-target export evpn 14:14\n router-id 192.168.255.5\n + \ update wait-install\n neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n + \ redistribute connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.5:11\n + \ route-target import evpn 11:11\n route-target export evpn 11:11\n router-id + 192.168.255.5\n update wait-install\n neighbor 10.255.251.5 peer group + MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n !\n vrf Tenant_B_OP_Zone\n + \ rd 192.168.255.5:20\n route-target import evpn 20:20\n route-target + export evpn 20:20\n router-id 192.168.255.5\n update wait-install\n + \ neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.5:21\n route-target + import evpn 21:21\n route-target export evpn 21:21\n router-id 192.168.255.5\n + \ update wait-install\n neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n + \ redistribute connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.5:30\n + \ route-target import evpn 30:30\n route-target export evpn 30:30\n router-id + 192.168.255.5\n update wait-install\n neighbor 10.255.251.5 peer group + MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n !\n vrf Tenant_C_WAN_Zone\n + \ rd 192.168.255.5:31\n route-target import evpn 31:31\n route-target + export evpn 31:31\n router-id 192.168.255.5\n update wait-install\n + \ neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n!\nmanagement api http-commands\n protocol https\n no shutdown\n + \ !\n vrf MGMT\n no shutdown\n!\nend\n" + DC1-AVD_DC1-LEAF2B: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec + /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata + -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n!\nvlan + internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode 4x10G\n!\nservice + routing protocols model multi-agent\n!\nhostname DC1-LEAF2B\nip name-server vrf + MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface vrf + MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server vrf + MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nno spanning-tree vlan-id 4093-4094\nspanning-tree + mst 0 priority 16384\n!\nno enable password\nno aaa root\n!\nusername admin privilege + 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\nusername + ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\nusername + cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nvlan + 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n!\nvlan + 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n!\nvlan + 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n!\nvlan + 131\n name Tenant_A_APP_Zone_2\n!\nvlan 140\n name Tenant_A_DB_BZone_1\n!\nvlan + 141\n name Tenant_A_DB_Zone_2\n!\nvlan 150\n name Tenant_A_WAN_Zone_1\n!\nvlan + 160\n name Tenant_A_VMOTION\n!\nvlan 161\n name Tenant_A_NFS\n!\nvlan 210\n + \ name Tenant_B_OP_Zone_1\n!\nvlan 211\n name Tenant_B_OP_Zone_2\n!\nvlan 250\n + \ name Tenant_B_WAN_Zone_1\n!\nvlan 310\n name Tenant_C_OP_Zone_1\n!\nvlan + 311\n name Tenant_C_OP_Zone_2\n!\nvlan 350\n name Tenant_C_WAN_Zone_1\n!\nvlan + 3009\n name MLAG_iBGP_Tenant_A_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3010\n name MLAG_iBGP_Tenant_A_WEB_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3011\n name MLAG_iBGP_Tenant_A_APP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3012\n name MLAG_iBGP_Tenant_A_DB_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3013\n name MLAG_iBGP_Tenant_A_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3019\n name MLAG_iBGP_Tenant_B_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3020\n name MLAG_iBGP_Tenant_B_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3029\n name MLAG_iBGP_Tenant_C_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3030\n name MLAG_iBGP_Tenant_C_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 4093\n name LEAF_PEER_L3\n trunk group LEAF_PEER_L3\n!\nvlan 4094\n name + MLAG_PEER\n trunk group MLAG\n!\nvrf instance MGMT\n!\nvrf instance Tenant_A_APP_Zone\n!\nvrf + instance Tenant_A_DB_Zone\n!\nvrf instance Tenant_A_OP_Zone\n!\nvrf instance Tenant_A_WAN_Zone\n!\nvrf + instance Tenant_A_WEB_Zone\n!\nvrf instance Tenant_B_OP_Zone\n!\nvrf instance + Tenant_B_WAN_Zone\n!\nvrf instance Tenant_C_OP_Zone\n!\nvrf instance Tenant_C_WAN_Zone\n!\ninterface + Port-Channel3\n description MLAG_PEER_DC1-LEAF2A_Po3\n no shutdown\n switchport\n + \ switchport mode trunk\n switchport trunk group LEAF_PEER_L3\n switchport + trunk group MLAG\n!\ninterface Port-Channel5\n description DC1-L2LEAF2A_Po1\n + \ no shutdown\n switchport\n switchport trunk allowed vlan 110-112,120-121,130-131\n + \ switchport mode trunk\n mlag 5\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-SPINE1_Ethernet4\n + \ no shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.13/31\n!\ninterface + Ethernet2\n description P2P_LINK_TO_DC1-SPINE2_Ethernet4\n no shutdown\n mtu + 1500\n no switchport\n ip address 172.31.255.15/31\n!\ninterface Ethernet3\n + \ description MLAG_PEER_DC1-LEAF2A_Ethernet3\n no shutdown\n channel-group + 3 mode active\n!\ninterface Ethernet4\n description MLAG_PEER_DC1-LEAF2A_Ethernet4\n + \ no shutdown\n channel-group 3 mode active\n!\ninterface Ethernet5\n description + DC1-L2LEAF2A_Ethernet2\n no shutdown\n channel-group 5 mode active\n!\ninterface + Loopback0\n description EVPN_Overlay_Peering\n no shutdown\n ip address + 192.168.255.6/32\n!\ninterface Loopback1\n description VTEP_VXLAN_Tunnel_Source\n + \ no shutdown\n ip address 192.168.254.5/32\n!\ninterface Loopback100\n description + Tenant_A_OP_Zone_VTEP_DIAGNOSTICS\n no shutdown\n vrf Tenant_A_OP_Zone\n ip + address 10.255.1.6/32\n!\ninterface Management1\n description oob_management\n + \ no shutdown\n vrf MGMT\n ip address 10.255.0.16/24\n!\ninterface Vlan110\n + \ description Tenant_A_OP_Zone_1\n no shutdown\n vrf Tenant_A_OP_Zone\n ip + address virtual 10.1.10.1/24\n!\ninterface Vlan111\n description Tenant_A_OP_Zone_2\n + \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.11.1/24\n!\ninterface + Vlan112\n description Tenant_A_OP_Zone_3\n no shutdown\n vrf Tenant_A_OP_Zone\n + \ ip address virtual 10.1.12.254/24\n!\ninterface Vlan120\n description Tenant_A_WEB_Zone_1\n + \ no shutdown\n vrf Tenant_A_WEB_Zone\n ip address virtual 10.1.20.1/24\n!\ninterface + Vlan121\n description Tenant_A_WEBZone_2\n no shutdown\n vrf Tenant_A_WEB_Zone\n + \ ip address virtual 10.1.21.1/24\n!\ninterface Vlan130\n description Tenant_A_APP_Zone_1\n + \ no shutdown\n vrf Tenant_A_APP_Zone\n ip address virtual 10.1.30.1/24\n!\ninterface + Vlan131\n description Tenant_A_APP_Zone_2\n no shutdown\n vrf Tenant_A_APP_Zone\n + \ ip address virtual 10.1.31.254/24\n!\ninterface Vlan140\n description Tenant_A_DB_BZone_1\n + \ no shutdown\n vrf Tenant_A_DB_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface + Vlan141\n description Tenant_A_DB_Zone_2\n no shutdown\n vrf Tenant_A_DB_Zone\n + \ ip address virtual 10.1.41.1/24\n!\ninterface Vlan150\n description Tenant_A_WAN_Zone_1\n + \ no shutdown\n vrf Tenant_A_WAN_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface + Vlan210\n description Tenant_B_OP_Zone_1\n no shutdown\n vrf Tenant_B_OP_Zone\n + \ ip address virtual 10.2.10.1/24\n!\ninterface Vlan211\n description Tenant_B_OP_Zone_2\n + \ no shutdown\n vrf Tenant_B_OP_Zone\n ip address virtual 10.2.11.1/24\n!\ninterface + Vlan250\n description Tenant_B_WAN_Zone_1\n no shutdown\n vrf Tenant_B_WAN_Zone\n + \ ip address virtual 10.2.50.1/24\n!\ninterface Vlan310\n description Tenant_C_OP_Zone_1\n + \ no shutdown\n vrf Tenant_C_OP_Zone\n ip address virtual 10.3.10.1/24\n!\ninterface + Vlan311\n description Tenant_C_OP_Zone_2\n no shutdown\n vrf Tenant_C_OP_Zone\n + \ ip address virtual 10.3.11.1/24\n!\ninterface Vlan350\n description Tenant_C_WAN_Zone_1\n + \ no shutdown\n vrf Tenant_C_WAN_Zone\n ip address virtual 10.3.50.1/24\n!\ninterface + Vlan3009\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_OP_Zone\n ip address 10.255.251.5/31\n!\ninterface + Vlan3010\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_WEB_Zone\n ip address 10.255.251.5/31\n!\ninterface + Vlan3011\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_APP_Zone\n ip address 10.255.251.5/31\n!\ninterface + Vlan3012\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_DB_Zone\n ip address 10.255.251.5/31\n!\ninterface + Vlan3013\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_A_WAN_Zone\n ip address 10.255.251.5/31\n!\ninterface + Vlan3019\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_B_OP_Zone\n ip address 10.255.251.5/31\n!\ninterface + Vlan3020\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_B_WAN_Zone\n ip address 10.255.251.5/31\n!\ninterface + Vlan3029\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_C_OP_Zone\n ip address 10.255.251.5/31\n!\ninterface + Vlan3030\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone\n no shutdown\n + \ mtu 1500\n vrf Tenant_C_WAN_Zone\n ip address 10.255.251.5/31\n!\ninterface + Vlan4093\n description MLAG_PEER_L3_PEERING\n no shutdown\n mtu 1500\n ip + address 10.255.251.5/31\n!\ninterface Vlan4094\n description MLAG_PEER\n no + shutdown\n mtu 1500\n no autostate\n ip address 10.255.252.5/31\n!\ninterface + Vxlan1\n description DC1-LEAF2B_VTEP\n vxlan source-interface Loopback1\n + \ vxlan virtual-router encapsulation mac-address mlag-system-id\n vxlan udp-port + 4789\n vxlan vlan 110 vni 10110\n vxlan vlan 111 vni 50111\n vxlan vlan + 112 vni 50112\n vxlan vlan 120 vni 10120\n vxlan vlan 121 vni 10121\n vxlan + vlan 130 vni 10130\n vxlan vlan 131 vni 10131\n vxlan vlan 140 vni 10140\n + \ vxlan vlan 141 vni 10141\n vxlan vlan 150 vni 10150\n vxlan vlan 160 vni + 55160\n vxlan vlan 161 vni 10161\n vxlan vlan 210 vni 20210\n vxlan vlan + 211 vni 20211\n vxlan vlan 250 vni 20250\n vxlan vlan 310 vni 30310\n vxlan + vlan 311 vni 30311\n vxlan vlan 350 vni 30350\n vxlan vrf Tenant_A_APP_Zone + vni 12\n vxlan vrf Tenant_A_DB_Zone vni 13\n vxlan vrf Tenant_A_OP_Zone vni + 10\n vxlan vrf Tenant_A_WAN_Zone vni 14\n vxlan vrf Tenant_A_WEB_Zone vni + 11\n vxlan vrf Tenant_B_OP_Zone vni 20\n vxlan vrf Tenant_B_WAN_Zone vni 21\n + \ vxlan vrf Tenant_C_OP_Zone vni 30\n vxlan vrf Tenant_C_WAN_Zone vni 31\n!\nip + virtual-router mac-address 00:1c:73:00:dc:01\n!\nip address virtual source-nat + vrf Tenant_A_OP_Zone address 10.255.1.6\n!\nip routing\nno ip routing vrf MGMT\nip + routing vrf Tenant_A_APP_Zone\nip routing vrf Tenant_A_DB_Zone\nip routing vrf + Tenant_A_OP_Zone\nip routing vrf Tenant_A_WAN_Zone\nip routing vrf Tenant_A_WEB_Zone\nip + routing vrf Tenant_B_OP_Zone\nip routing vrf Tenant_B_WAN_Zone\nip routing vrf + Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n!\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n + \ seq 10 permit 192.168.255.0/24 eq 32\n seq 20 permit 192.168.254.0/24 eq + 32\n!\nmlag configuration\n domain-id DC1_LEAF2\n local-interface Vlan4094\n + \ peer-address 10.255.252.4\n peer-link Port-Channel3\n reload-delay mlag + 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map + RM-CONN-2-BGP permit 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map + RM-MLAG-PEER-IN permit 10\n description Make routes learned over MLAG Peer-link + less preferred on spines to ensure optimal routing\n set origin incomplete\n!\nrouter + bfd\n multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65102\n + \ router-id 192.168.255.6\n maximum-paths 4 ecmp 4\n update wait-install\n + \ no bgp default ipv4-unicast\n no bgp default ipv4-unicast\n distance bgp + 20 200 200\n graceful-restart restart-time 300\n graceful-restart\n neighbor + EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n + \ neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop + 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor + EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS maximum-routes + 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS + password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n + \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER + peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102\n neighbor MLAG-IPv4-UNDERLAY-PEER + next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2A\n neighbor + MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER + send-community\n neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor + MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.4 + peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.4 description DC1-LEAF2A\n + \ neighbor 172.31.255.12 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.12 + remote-as 65001\n neighbor 172.31.255.12 description DC1-SPINE1_Ethernet4\n + \ neighbor 172.31.255.14 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.14 + remote-as 65001\n neighbor 172.31.255.14 description DC1-SPINE2_Ethernet4\n + \ neighbor 192.168.255.1 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 + remote-as 65001\n neighbor 192.168.255.1 description DC1-SPINE1\n neighbor + 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2 remote-as + 65001\n neighbor 192.168.255.2 description DC1-SPINE2\n redistribute connected + route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle Tenant_A_APP_Zone\n rd + 192.168.255.6:12\n route-target both 12:12\n redistribute learned\n + \ vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n rd 192.168.255.6:13\n + \ route-target both 13:13\n redistribute learned\n vlan 140-141\n + \ !\n vlan-aware-bundle Tenant_A_NFS\n rd 192.168.255.6:10161\n route-target + both 10161:10161\n redistribute learned\n vlan 161\n !\n vlan-aware-bundle + Tenant_A_OP_Zone\n rd 192.168.255.6:10\n route-target both 10:10\n redistribute + learned\n vlan 110-112\n !\n vlan-aware-bundle Tenant_A_VMOTION\n rd + 192.168.255.6:55160\n route-target both 55160:55160\n redistribute learned\n + \ vlan 160\n !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd 192.168.255.6:14\n + \ route-target both 14:14\n redistribute learned\n vlan 150\n !\n + \ vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.6:11\n route-target + both 11:11\n redistribute learned\n vlan 120-121\n !\n vlan-aware-bundle + Tenant_B_OP_Zone\n rd 192.168.255.6:20\n route-target both 20:20\n redistribute + learned\n vlan 210-211\n !\n vlan-aware-bundle Tenant_B_WAN_Zone\n rd + 192.168.255.6:21\n route-target both 21:21\n redistribute learned\n + \ vlan 250\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n rd 192.168.255.6:30\n + \ route-target both 30:30\n redistribute learned\n vlan 310-311\n + \ !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd 192.168.255.6:31\n route-target + both 31:31\n redistribute learned\n vlan 350\n !\n address-family + evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n address-family ipv4\n + \ no neighbor EVPN-OVERLAY-PEERS activate\n neighbor IPv4-UNDERLAY-PEERS + activate\n neighbor MLAG-IPv4-UNDERLAY-PEER activate\n !\n vrf Tenant_A_APP_Zone\n + \ rd 192.168.255.6:12\n route-target import evpn 12:12\n route-target + export evpn 12:12\n router-id 192.168.255.6\n update wait-install\n + \ neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_A_DB_Zone\n rd 192.168.255.6:13\n route-target + import evpn 13:13\n route-target export evpn 13:13\n router-id 192.168.255.6\n + \ update wait-install\n neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n + \ redistribute connected\n !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.6:10\n + \ route-target import evpn 10:10\n route-target export evpn 10:10\n router-id + 192.168.255.6\n update wait-install\n neighbor 10.255.251.4 peer group + MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n !\n vrf Tenant_A_WAN_Zone\n + \ rd 192.168.255.6:14\n route-target import evpn 14:14\n route-target + export evpn 14:14\n router-id 192.168.255.6\n update wait-install\n + \ neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.6:11\n route-target + import evpn 11:11\n route-target export evpn 11:11\n router-id 192.168.255.6\n + \ update wait-install\n neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n + \ redistribute connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.6:20\n + \ route-target import evpn 20:20\n route-target export evpn 20:20\n router-id + 192.168.255.6\n update wait-install\n neighbor 10.255.251.4 peer group + MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n !\n vrf Tenant_B_WAN_Zone\n + \ rd 192.168.255.6:21\n route-target import evpn 21:21\n route-target + export evpn 21:21\n router-id 192.168.255.6\n update wait-install\n + \ neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.6:30\n route-target + import evpn 30:30\n route-target export evpn 30:30\n router-id 192.168.255.6\n + \ update wait-install\n neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n + \ redistribute connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.6:31\n + \ route-target import evpn 31:31\n route-target export evpn 31:31\n router-id + 192.168.255.6\n update wait-install\n neighbor 10.255.251.4 peer group + MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n!\nmanagement api http-commands\n + \ protocol https\n no shutdown\n !\n vrf MGMT\n no shutdown\n!\nend\n" + DC1-AVD_DC1-SPINE1: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec + /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata + -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n!\nvlan + internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode 4x10G\n!\nservice + routing protocols model multi-agent\n!\nhostname DC1-SPINE1\nip name-server vrf + MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface vrf + MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server vrf + MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode none\n!\nno enable password\nno + aaa root\n!\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\nusername + ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\nusername + cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nvrf + instance MGMT\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-LEAF1A_Ethernet1\n + \ no shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.0/31\n!\ninterface + Ethernet2\n description P2P_LINK_TO_DC1-LEAF1B_Ethernet1\n no shutdown\n mtu + 1500\n no switchport\n ip address 172.31.255.4/31\n!\ninterface Ethernet3\n + \ description P2P_LINK_TO_DC1-LEAF2A_Ethernet1\n no shutdown\n mtu 1500\n + \ no switchport\n ip address 172.31.255.8/31\n!\ninterface Ethernet4\n description + P2P_LINK_TO_DC1-LEAF2B_Ethernet1\n no shutdown\n mtu 1500\n no switchport\n + \ ip address 172.31.255.12/31\n!\ninterface Loopback0\n description EVPN_Overlay_Peering\n + \ no shutdown\n ip address 192.168.255.1/32\n!\ninterface Management1\n description + oob_management\n no shutdown\n vrf MGMT\n ip address 10.255.0.11/24\n!\nip + routing\nno ip routing vrf MGMT\n!\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n + \ seq 10 permit 192.168.255.0/24 eq 32\n!\nip route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map + RM-CONN-2-BGP permit 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nrouter + bfd\n multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65001\n + \ router-id 192.168.255.1\n maximum-paths 4 ecmp 4\n update wait-install\n + \ no bgp default ipv4-unicast\n no bgp default ipv4-unicast\n distance bgp + 20 200 200\n graceful-restart restart-time 300\n graceful-restart\n neighbor + EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS next-hop-unchanged\n + \ neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS + bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS + password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS send-community\n + \ neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS + peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n + \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS + maximum-routes 12000\n neighbor 172.31.255.1 peer group IPv4-UNDERLAY-PEERS\n + \ neighbor 172.31.255.1 remote-as 65101\n neighbor 172.31.255.1 description + DC1-LEAF1A_Ethernet1\n neighbor 172.31.255.5 peer group IPv4-UNDERLAY-PEERS\n + \ neighbor 172.31.255.5 remote-as 65101\n neighbor 172.31.255.5 description + DC1-LEAF1B_Ethernet1\n neighbor 172.31.255.9 peer group IPv4-UNDERLAY-PEERS\n + \ neighbor 172.31.255.9 remote-as 65102\n neighbor 172.31.255.9 description + DC1-LEAF2A_Ethernet1\n neighbor 172.31.255.13 peer group IPv4-UNDERLAY-PEERS\n + \ neighbor 172.31.255.13 remote-as 65102\n neighbor 172.31.255.13 description + DC1-LEAF2B_Ethernet1\n neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS\n + \ neighbor 192.168.255.3 remote-as 65101\n neighbor 192.168.255.3 description + DC1-LEAF1A\n neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS\n neighbor + 192.168.255.4 remote-as 65101\n neighbor 192.168.255.4 description DC1-LEAF1B\n + \ neighbor 192.168.255.5 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.5 + remote-as 65102\n neighbor 192.168.255.5 description DC1-LEAF2A\n neighbor + 192.168.255.6 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.6 remote-as + 65102\n neighbor 192.168.255.6 description DC1-LEAF2B\n redistribute connected + route-map RM-CONN-2-BGP\n !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS + activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n + \ neighbor IPv4-UNDERLAY-PEERS activate\n!\nmanagement api http-commands\n + \ protocol https\n no shutdown\n !\n vrf MGMT\n no shutdown\n!\nend\n" + DC1-AVD_DC1-SPINE2: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec + /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=key, -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata + -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n!\nvlan + internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode 4x10G\n!\nservice + routing protocols model multi-agent\n!\nhostname DC1-SPINE2\nip name-server vrf + MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface vrf + MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server vrf + MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode none\n!\nno enable password\nno + aaa root\n!\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\nusername + ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\nusername + cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nvrf + instance MGMT\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-LEAF1A_Ethernet2\n + \ no shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.2/31\n!\ninterface + Ethernet2\n description P2P_LINK_TO_DC1-LEAF1B_Ethernet2\n no shutdown\n mtu + 1500\n no switchport\n ip address 172.31.255.6/31\n!\ninterface Ethernet3\n + \ description P2P_LINK_TO_DC1-LEAF2A_Ethernet2\n no shutdown\n mtu 1500\n + \ no switchport\n ip address 172.31.255.10/31\n!\ninterface Ethernet4\n description + P2P_LINK_TO_DC1-LEAF2B_Ethernet2\n no shutdown\n mtu 1500\n no switchport\n + \ ip address 172.31.255.14/31\n!\ninterface Loopback0\n description EVPN_Overlay_Peering\n + \ no shutdown\n ip address 192.168.255.2/32\n!\ninterface Management1\n description + oob_management\n no shutdown\n vrf MGMT\n ip address 10.255.0.12/24\n!\nip + routing\nno ip routing vrf MGMT\n!\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n + \ seq 10 permit 192.168.255.0/24 eq 32\n!\nip route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map + RM-CONN-2-BGP permit 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nrouter + bfd\n multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65001\n + \ router-id 192.168.255.2\n maximum-paths 4 ecmp 4\n update wait-install\n + \ no bgp default ipv4-unicast\n no bgp default ipv4-unicast\n distance bgp + 20 200 200\n graceful-restart restart-time 300\n graceful-restart\n neighbor + EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS next-hop-unchanged\n + \ neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS + bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS + password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS send-community\n + \ neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS + peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n + \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS + maximum-routes 12000\n neighbor 172.31.255.3 peer group IPv4-UNDERLAY-PEERS\n + \ neighbor 172.31.255.3 remote-as 65101\n neighbor 172.31.255.3 description + DC1-LEAF1A_Ethernet2\n neighbor 172.31.255.7 peer group IPv4-UNDERLAY-PEERS\n + \ neighbor 172.31.255.7 remote-as 65101\n neighbor 172.31.255.7 description + DC1-LEAF1B_Ethernet2\n neighbor 172.31.255.11 peer group IPv4-UNDERLAY-PEERS\n + \ neighbor 172.31.255.11 remote-as 65102\n neighbor 172.31.255.11 description + DC1-LEAF2A_Ethernet2\n neighbor 172.31.255.15 peer group IPv4-UNDERLAY-PEERS\n + \ neighbor 172.31.255.15 remote-as 65102\n neighbor 172.31.255.15 description + DC1-LEAF2B_Ethernet2\n neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS\n + \ neighbor 192.168.255.3 remote-as 65101\n neighbor 192.168.255.3 description + DC1-LEAF1A\n neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS\n neighbor + 192.168.255.4 remote-as 65101\n neighbor 192.168.255.4 description DC1-LEAF1B\n + \ neighbor 192.168.255.5 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.5 + remote-as 65102\n neighbor 192.168.255.5 description DC1-LEAF2A\n neighbor + 192.168.255.6 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.6 remote-as + 65102\n neighbor 192.168.255.6 description DC1-LEAF2B\n redistribute connected + route-map RM-CONN-2-BGP\n !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS + activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n + \ neighbor IPv4-UNDERLAY-PEERS activate\n!\nmanagement api http-commands\n + \ protocol https\n no shutdown\n !\n vrf MGMT\n no shutdown\n!\nend\n" +cvp_topology: DC1_FABRIC: + devices: [] parent_container: Tenant DC1_L2LEAF1: devices: @@ -985,8 +986,10 @@ CVP_TOPOLOGY: - DC1-L2LEAF2A parent_container: DC1_L2LEAFS DC1_L2LEAFS: + devices: [] parent_container: DC1_FABRIC DC1_L3LEAFS: + devices: [] parent_container: DC1_FABRIC DC1_LEAF1: devices: @@ -1003,4 +1006,3 @@ CVP_TOPOLOGY: - DC1-SPINE1 - DC1-SPINE2 parent_container: DC1_FABRIC -changed: false diff --git a/requirements.txt b/requirements.txt index 25c3b986..90376e37 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,11 +1,25 @@ -ansible==4.2.0 -netaddr==0.7.19 -Jinja2==2.11.3 -treelib==1.5.5 -cvprac==1.0.7 -paramiko==2.10.1 -jsonschema==3.2.0 -requests==2.25.1 -PyYAML==5.4.1 -md-toc==7.1.0 -markupsafe==2.0.1 +ansible-core==2.16.2 +attrs==23.2.0 +certifi==2023.11.17 +cffi==1.16.0 +charset-normalizer==3.3.2 +cryptography==41.0.7 +cvprac==1.3.2 +deepmerge==1.1.1 +fpyutils==4.0.1 +idna==3.6 +Jinja2==3.1.3 +jsonschema==4.17.3 +MarkupSafe==2.1.3 +md-toc==8.2.2 +netaddr==0.10.1 +packaging==23.2 +pycparser==2.21 +pyrsistent==0.20.0 +PySocks==1.7.1 +PyYAML==6.0.1 +requests==2.31.0 +resolvelib==1.0.1 +six==1.16.0 +treelib==1.7.0 +urllib3==2.1.0 \ No newline at end of file