diff --git a/INSTALLATION.md b/INSTALLATION.md index ec7f17fdc..f44b53647 100644 --- a/INSTALLATION.md +++ b/INSTALLATION.md @@ -25,7 +25,7 @@ This document explain how to customize demo information and how to setup this en - A network topology: - Demo is based on a 2 spines / 4 leafs running on GNS3 - Any physical or virtual topology with oob connected to CVP should work. -- A python environmentwith CloudVision access. +- A python environment with CloudVision access. ![Lab Topology](data/lab-topology.png) @@ -77,14 +77,16 @@ $ docker run --rm -it \ # Makefile approach $ make install # Manual installation -$ ansible-galaxy collection install arista.avd:==2.0.0 -$ ansible-galaxy collection install arista.cvp:==2.1.2 +$ ansible-galaxy collection install arista.avd:==4.8.0 +$ ansible-galaxy collection install arista.cvp:==3.10.0 ``` ## Configure DHCP server on CloudVision In this scenario, we use CloudVision (CV) as ZTP server to provision devices and register them onto CV. +>Note: This is useful in a lab setting, but this is not a TAC supported configuration. + Once you get mac-address of your switches, edit file `/etc/dhcp/dhcpd.conf` in CloudVision. In this scenario, CV use following address to connect to devices: `10.255.0.1` If CVP has not been configured to activate ZTP services, it is higly recommended to follow [these steps](https://www.arista.com/en/cg-cv/cv-dhcp-service-for-zero-touch-provisioning-ztp-setup) @@ -288,6 +290,6 @@ You must use same user on CVP and EOS for the demo. ```yaml # Cloud Vision server information -cvp_instance_ip: 10.255.0.1 -cvp_ingestauth_key: '' +cvp_instance_ips: + - 10.255.0.1 ``` diff --git a/Makefile b/Makefile index c739c14d0..0f87ddae8 100644 --- a/Makefile +++ b/Makefile @@ -2,8 +2,15 @@ CONTAINER ?= avdteam/base:3.8-edge VSCODE_CONTAINER ?= avdteam/vscode:latest VSCODE_PORT ?= 8080 HOME_DIR = $(shell pwd) -AVD_COLLECTION_VERSION ?= 3.1.0 -CVP_COLLECTION_VERSION ?= 3.2.0 +AVD_COLLECTION_VERSION ?= 4.8.0 +CVP_COLLECTION_VERSION ?= 3.10.1 +ANSIBLE_ARGS ?= +ANSIBLE_VAULT_PASSWORD_FILE ?= ./.vault_passwd +HTTPS_PROXY ?= +PYTHON ?= python3 + +# This is lazy. Evaluated when used. +ARISTA_AVD_DIR=$(shell ansible-galaxy collection list arista.avd --format yaml | grep $(AVD_COLLECTION_VERSION) -B2 | head -1 | cut -d: -f1) help: ## Display help message @grep -E '^[0-9a-zA-Z_-]+\.*[0-9a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' @@ -14,38 +21,49 @@ help: ## Display help message .PHONY: build build: ## Run ansible playbook to build EVPN Fabric configuration. - ansible-playbook playbooks/dc1-fabric-deploy-cvp.yml --tags build + ansible-playbook playbooks/dc1-fabric-deploy-cvp.yml --tags build $(ANSIBLE_ARGS) .PHONY: provision provision: ## Run ansible playbook to deploy EVPN Fabric. - ansible-playbook playbooks/dc1-fabric-deploy-cvp.yml --tags provision + ansible-playbook playbooks/dc1-fabric-deploy-cvp.yml --tags provision $(ANSIBLE_ARGS) .PHONY: deploy deploy: ## Run ansible playbook to deploy EVPN Fabric. - ansible-playbook playbooks/dc1-fabric-deploy-cvp.yml --extra-vars "execute_tasks=true" --tags "build,provision,apply" + ansible-playbook playbooks/dc1-fabric-deploy-cvp.yml --extra-vars "execute_tasks=true" --tags "build,provision,apply" $(ANSIBLE_ARGS) .PHONY: reset reset: ## Run ansible playbook to reset all devices. - ansible-playbook playbooks/dc1-fabric-reset-cvp.yml + ansible-playbook playbooks/dc1-fabric-reset-cvp.yml $(ANSIBLE_ARGS) .PHONY: ztp ztp: ## Configure ZTP server - ansible-playbook playbooks/dc1-ztp-configuration.yml + ansible-playbook playbooks/dc1-ztp-configuration.yml $(ANSIBLE_ARGS) .PHONY: configlet-upload configlet-upload: ## Upload configlets available in configlets/ to CVP. - ansible-playbook playbooks/dc1-upload-configlets.yml + ansible-playbook playbooks/dc1-upload-configlets.yml $(ANSIBLE_ARGS) .PHONY: install-git install-git: ## Install Ansible collections from git git clone --depth 1 --branch v$(AVD_COLLECTION_VERSION) https://github.com/aristanetworks/ansible-avd.git git clone --depth 1 --branch v$(CVP_COLLECTION_VERSION) https://github.com/aristanetworks/ansible-cvp.git - pip3 install -r ansible-avd/development/requirements.txt + $(PYTHON) -m pip install -r ${ARISTA_AVD_DIR}/arista/avd/requirements.txt .PHONY: install install: ## Install Ansible collections +ifndef HTTPS_PROXY + echo installing requirements from: ${ARISTA_AVD_DIR} + $(PYTHON) -m pip install ansible ansible-galaxy collection install arista.avd:==${AVD_COLLECTION_VERSION} ansible-galaxy collection install arista.cvp:==${CVP_COLLECTION_VERSION} + $(PYTHON) -m pip install -r ${ARISTA_AVD_DIR}/arista/avd/requirements.txt +else + echo installing requirements from: ${ARISTA_AVD_DIR} + HTTPS_PROXY=$(HTTPS_PROXY) $(PYTHON) -m pip install ansible + HTTPS_PROXY=$(HTTPS_PROXY) ansible-galaxy collection install arista.avd:==${AVD_COLLECTION_VERSION} + HTTPS_PROXY=$(HTTPS_PROXY) ansible-galaxy collection install arista.cvp:==${CVP_COLLECTION_VERSION} + HTTPS_PROXY=$(HTTPS_PROXY) $(PYTHON) -m pip install -r ${ARISTA_AVD_DIR}/arista/avd/requirements.txt +endif .PHONY: uninstall uninstall: ## Remove collection from ansible diff --git a/inventory/documentation/devices/DC1-L2LEAF1A.md b/inventory/documentation/devices/DC1-L2LEAF1A.md index 2b2e1c755..adf6bebec 100644 --- a/inventory/documentation/devices/DC1-L2LEAF1A.md +++ b/inventory/documentation/devices/DC1-L2LEAF1A.md @@ -1,10 +1,10 @@ # DC1-L2LEAF1A -# Table of Contents - + +## Table of Contents - [Management](#management) - [Management Interfaces](#management-interfaces) - - [Name Servers](#name-servers) + - [IP Name Servers](#ip-name-servers) - [NTP](#ntp) - [Management API HTTP](#management-api-http) - [Authentication](#authentication) @@ -16,7 +16,7 @@ - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) - - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) + - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) - [VLANs](#vlans) - [VLANs Summary](#vlans-summary) - [VLANs Device Configuration](#vlans-device-configuration) @@ -30,33 +30,29 @@ - [Static Routes](#static-routes) - [Multicast](#multicast) - [IP IGMP Snooping](#ip-igmp-snooping) -- [Filters](#filters) -- [ACL](#acl) - [VRF Instances](#vrf-instances) - [VRF Instances Summary](#vrf-instances-summary) - [VRF Instances Device Configuration](#vrf-instances-device-configuration) -- [Quality Of Service](#quality-of-service) - -# Management +## Management -## Management Interfaces +### Management Interfaces -### Management Interfaces Summary +#### Management Interfaces Summary -#### IPv4 +##### IPv4 -| Management Interface | description | Type | VRF | IP Address | Gateway | +| Management Interface | Description | Type | VRF | IP Address | Gateway | | -------------------- | ----------- | ---- | --- | ---------- | ------- | | Management1 | oob_management | oob | MGMT | 10.255.0.17/24 | 10.255.0.1 | -#### IPv6 +##### IPv6 -| Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | +| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | oob_management | oob | MGMT | - | - | +| Management1 | oob_management | oob | MGMT | - | - | -### Management Interfaces Device Configuration +#### Management Interfaces Device Configuration ```eos ! @@ -67,40 +63,40 @@ interface Management1 ip address 10.255.0.17/24 ``` -## Name Servers +### IP Name Servers -### Name Servers Summary +#### IP Name Servers Summary -| Name Server | Source VRF | -| ----------- | ---------- | -| 192.168.2.1 | MGMT | -| 8.8.8.8 | MGMT | +| Name Server | VRF | Priority | +| ----------- | --- | -------- | +| 192.168.2.1 | MGMT | - | +| 8.8.8.8 | MGMT | - | -### Name Servers Device Configuration +#### IP Name Servers Device Configuration ```eos ip name-server vrf MGMT 8.8.8.8 ip name-server vrf MGMT 192.168.2.1 ``` -## NTP +### NTP -### NTP Summary +#### NTP Summary -#### NTP Local Interface +##### NTP Local Interface | Interface | VRF | | --------- | --- | | Management1 | MGMT | -#### NTP Servers +##### NTP Servers | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | -### NTP Device Configuration +#### NTP Device Configuration ```eos ! @@ -109,22 +105,21 @@ ntp server vrf MGMT 0.fr.pool.ntp.org prefer ntp server vrf MGMT 1.fr.pool.ntp.org ``` -## Management API HTTP +### Management API HTTP -### Management API HTTP Summary +#### Management API HTTP Summary -| HTTP | HTTPS | -| ---------- | ---------- | -| default | true | +| HTTP | HTTPS | Default Services | +| ---- | ----- | ---------------- | +| False | True | - | -### Management API VRF Access +#### Management API VRF Access | VRF Name | IPv4 ACL | IPv6 ACL | | -------- | -------- | -------- | | MGMT | - | - | - -### Management API HTTP Configuration +#### Management API HTTP Device Configuration ```eos ! @@ -136,62 +131,59 @@ management api http-commands no shutdown ``` -# Authentication +## Authentication -## Local Users +### Local Users -### Local Users Summary +#### Local Users Summary -| User | Privilege | Role | -| ---- | --------- | ---- | -| admin | 15 | network-admin | -| ansible | 15 | network-admin | -| cvpadmin | 15 | network-admin | +| User | Privilege | Role | Disabled | Shell | +| ---- | --------- | ---- | -------- | ----- | +| admin | 15 | network-admin | False | - | +| ansible | 15 | network-admin | False | - | +| cvpadmin | 15 | network-admin | False | - | -### Local Users Device Configuration +#### Local Users Device Configuration ```eos ! -username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 -username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +username admin privilege 15 role network-admin secret sha512 +username ansible privilege 15 role network-admin secret sha512 +username cvpadmin privilege 15 role network-admin secret sha512 ``` -# Monitoring +## Monitoring -## TerminAttr Daemon +### TerminAttr Daemon -### TerminAttr Daemon Summary +#### TerminAttr Daemon Summary | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | -| gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | +| gzip | 10.255.0.1:9910 | MGMT | token,/tmp/token | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | -### TerminAttr Daemon Device Configuration +#### TerminAttr Daemon Device Configuration ```eos ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ``` -# Spanning Tree +## Spanning Tree -## Spanning Tree Summary +### Spanning Tree Summary STP mode: **mstp** -### MSTP Instance and Priority +#### MSTP Instance and Priority | Instance(s) | Priority | | -------- | -------- | | 0 | 16384 | -### Global Spanning-Tree Settings - - -## Spanning Tree Device Configuration +### Spanning Tree Device Configuration ```eos ! @@ -199,24 +191,24 @@ spanning-tree mode mstp spanning-tree mst 0 priority 16384 ``` -# Internal VLAN Allocation Policy +## Internal VLAN Allocation Policy -## Internal VLAN Allocation Policy Summary +### Internal VLAN Allocation Policy Summary | Policy Allocation | Range Beginning | Range Ending | | ------------------| --------------- | ------------ | | ascending | 1006 | 1199 | -## Internal VLAN Allocation Policy Configuration +### Internal VLAN Allocation Policy Device Configuration ```eos ! vlan internal order ascending range 1006 1199 ``` -# VLANs +## VLANs -## VLANs Summary +### VLANs Summary | VLAN ID | Name | Trunk Groups | | ------- | ---- | ------------ | @@ -228,7 +220,7 @@ vlan internal order ascending range 1006 1199 | 130 | Tenant_A_APP_Zone_1 | - | | 131 | Tenant_A_APP_Zone_2 | - | -## VLANs Device Configuration +### VLANs Device Configuration ```eos ! @@ -254,13 +246,13 @@ vlan 131 name Tenant_A_APP_Zone_2 ``` -# Interfaces +## Interfaces -## Ethernet Interfaces +### Ethernet Interfaces -### Ethernet Interfaces Summary +#### Ethernet Interfaces Summary -#### L2 +##### L2 | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | @@ -270,7 +262,7 @@ vlan 131 *Inherited from Port-Channel Interface -### Ethernet Interfaces Device Configuration +#### Ethernet Interfaces Device Configuration ```eos ! @@ -287,22 +279,22 @@ interface Ethernet2 interface Ethernet5 description server01_Eth0 no shutdown - switchport switchport access vlan 110 switchport mode access + switchport ``` -## Port-Channel Interfaces +### Port-Channel Interfaces -### Port-Channel Interfaces Summary +#### Port-Channel Interfaces Summary -#### L2 +##### L2 | Interface | Description | Type | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | | --------- | ----------- | ---- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | | Port-Channel1 | DC1_LEAF1_Po5 | switched | trunk | 110-112,120-121,130-131 | - | - | - | - | - | - | -### Port-Channel Interfaces Device Configuration +#### Port-Channel Interfaces Device Configuration ```eos ! @@ -314,8 +306,9 @@ interface Port-Channel1 switchport mode trunk ``` -# Routing -## Service Routing Protocols Model +## Routing + +### Service Routing Protocols Model Multi agent routing protocol model enabled @@ -324,76 +317,71 @@ Multi agent routing protocol model enabled service routing protocols model multi-agent ``` -## IP Routing +### IP Routing -### IP Routing Summary +#### IP Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | true|| MGMT | false | +| default | False | +| MGMT | False | -### IP Routing Device Configuration +#### IP Routing Device Configuration ```eos -! -ip routing no ip routing vrf MGMT ``` -## IPv6 Routing -### IPv6 Routing Summary +### IPv6 Routing + +#### IPv6 Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | false || MGMT | false | +| default | False | +| MGMT | false | +### Static Routes -## Static Routes +#### Static Routes Summary -### Static Routes Summary +| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | +| --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | +| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | -| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | -| --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | -| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | - -### Static Routes Device Configuration +#### Static Routes Device Configuration ```eos ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 ``` -# Multicast - -## IP IGMP Snooping +## Multicast -### IP IGMP Snooping Summary +### IP IGMP Snooping -IGMP snooping is globally enabled. +#### IP IGMP Snooping Summary +| IGMP Snooping | Fast Leave | Interface Restart Query | Proxy | Restart Query Interval | Robustness Variable | +| ------------- | ---------- | ----------------------- | ----- | ---------------------- | ------------------- | +| Enabled | - | - | - | - | - | -### IP IGMP Snooping Device Configuration +#### IP IGMP Snooping Device Configuration ```eos ``` -# Filters +## VRF Instances -# ACL - -# VRF Instances - -## VRF Instances Summary +### VRF Instances Summary | VRF Name | IP Routing | | -------- | ---------- | | MGMT | disabled | -## VRF Instances Device Configuration +### VRF Instances Device Configuration ```eos ! vrf instance MGMT ``` - -# Quality Of Service diff --git a/inventory/documentation/devices/DC1-L2LEAF2A.md b/inventory/documentation/devices/DC1-L2LEAF2A.md index 7b4517642..48f318e07 100644 --- a/inventory/documentation/devices/DC1-L2LEAF2A.md +++ b/inventory/documentation/devices/DC1-L2LEAF2A.md @@ -1,10 +1,10 @@ # DC1-L2LEAF2A -# Table of Contents - + +## Table of Contents - [Management](#management) - [Management Interfaces](#management-interfaces) - - [Name Servers](#name-servers) + - [IP Name Servers](#ip-name-servers) - [NTP](#ntp) - [Management API HTTP](#management-api-http) - [Authentication](#authentication) @@ -16,7 +16,7 @@ - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) - - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) + - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) - [VLANs](#vlans) - [VLANs Summary](#vlans-summary) - [VLANs Device Configuration](#vlans-device-configuration) @@ -30,33 +30,29 @@ - [Static Routes](#static-routes) - [Multicast](#multicast) - [IP IGMP Snooping](#ip-igmp-snooping) -- [Filters](#filters) -- [ACL](#acl) - [VRF Instances](#vrf-instances) - [VRF Instances Summary](#vrf-instances-summary) - [VRF Instances Device Configuration](#vrf-instances-device-configuration) -- [Quality Of Service](#quality-of-service) - -# Management +## Management -## Management Interfaces +### Management Interfaces -### Management Interfaces Summary +#### Management Interfaces Summary -#### IPv4 +##### IPv4 -| Management Interface | description | Type | VRF | IP Address | Gateway | +| Management Interface | Description | Type | VRF | IP Address | Gateway | | -------------------- | ----------- | ---- | --- | ---------- | ------- | | Management1 | oob_management | oob | MGMT | 10.255.0.18/24 | 10.255.0.1 | -#### IPv6 +##### IPv6 -| Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | +| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | oob_management | oob | MGMT | - | - | +| Management1 | oob_management | oob | MGMT | - | - | -### Management Interfaces Device Configuration +#### Management Interfaces Device Configuration ```eos ! @@ -67,40 +63,40 @@ interface Management1 ip address 10.255.0.18/24 ``` -## Name Servers +### IP Name Servers -### Name Servers Summary +#### IP Name Servers Summary -| Name Server | Source VRF | -| ----------- | ---------- | -| 192.168.2.1 | MGMT | -| 8.8.8.8 | MGMT | +| Name Server | VRF | Priority | +| ----------- | --- | -------- | +| 192.168.2.1 | MGMT | - | +| 8.8.8.8 | MGMT | - | -### Name Servers Device Configuration +#### IP Name Servers Device Configuration ```eos ip name-server vrf MGMT 8.8.8.8 ip name-server vrf MGMT 192.168.2.1 ``` -## NTP +### NTP -### NTP Summary +#### NTP Summary -#### NTP Local Interface +##### NTP Local Interface | Interface | VRF | | --------- | --- | | Management1 | MGMT | -#### NTP Servers +##### NTP Servers | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | -### NTP Device Configuration +#### NTP Device Configuration ```eos ! @@ -109,22 +105,21 @@ ntp server vrf MGMT 0.fr.pool.ntp.org prefer ntp server vrf MGMT 1.fr.pool.ntp.org ``` -## Management API HTTP +### Management API HTTP -### Management API HTTP Summary +#### Management API HTTP Summary -| HTTP | HTTPS | -| ---------- | ---------- | -| default | true | +| HTTP | HTTPS | Default Services | +| ---- | ----- | ---------------- | +| False | True | - | -### Management API VRF Access +#### Management API VRF Access | VRF Name | IPv4 ACL | IPv6 ACL | | -------- | -------- | -------- | | MGMT | - | - | - -### Management API HTTP Configuration +#### Management API HTTP Device Configuration ```eos ! @@ -136,62 +131,59 @@ management api http-commands no shutdown ``` -# Authentication +## Authentication -## Local Users +### Local Users -### Local Users Summary +#### Local Users Summary -| User | Privilege | Role | -| ---- | --------- | ---- | -| admin | 15 | network-admin | -| ansible | 15 | network-admin | -| cvpadmin | 15 | network-admin | +| User | Privilege | Role | Disabled | Shell | +| ---- | --------- | ---- | -------- | ----- | +| admin | 15 | network-admin | False | - | +| ansible | 15 | network-admin | False | - | +| cvpadmin | 15 | network-admin | False | - | -### Local Users Device Configuration +#### Local Users Device Configuration ```eos ! -username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 -username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +username admin privilege 15 role network-admin secret sha512 +username ansible privilege 15 role network-admin secret sha512 +username cvpadmin privilege 15 role network-admin secret sha512 ``` -# Monitoring +## Monitoring -## TerminAttr Daemon +### TerminAttr Daemon -### TerminAttr Daemon Summary +#### TerminAttr Daemon Summary | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | -| gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | +| gzip | 10.255.0.1:9910 | MGMT | token,/tmp/token | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | -### TerminAttr Daemon Device Configuration +#### TerminAttr Daemon Device Configuration ```eos ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ``` -# Spanning Tree +## Spanning Tree -## Spanning Tree Summary +### Spanning Tree Summary STP mode: **mstp** -### MSTP Instance and Priority +#### MSTP Instance and Priority | Instance(s) | Priority | | -------- | -------- | | 0 | 16384 | -### Global Spanning-Tree Settings - - -## Spanning Tree Device Configuration +### Spanning Tree Device Configuration ```eos ! @@ -199,24 +191,24 @@ spanning-tree mode mstp spanning-tree mst 0 priority 16384 ``` -# Internal VLAN Allocation Policy +## Internal VLAN Allocation Policy -## Internal VLAN Allocation Policy Summary +### Internal VLAN Allocation Policy Summary | Policy Allocation | Range Beginning | Range Ending | | ------------------| --------------- | ------------ | | ascending | 1006 | 1199 | -## Internal VLAN Allocation Policy Configuration +### Internal VLAN Allocation Policy Device Configuration ```eos ! vlan internal order ascending range 1006 1199 ``` -# VLANs +## VLANs -## VLANs Summary +### VLANs Summary | VLAN ID | Name | Trunk Groups | | ------- | ---- | ------------ | @@ -228,7 +220,7 @@ vlan internal order ascending range 1006 1199 | 130 | Tenant_A_APP_Zone_1 | - | | 131 | Tenant_A_APP_Zone_2 | - | -## VLANs Device Configuration +### VLANs Device Configuration ```eos ! @@ -254,13 +246,13 @@ vlan 131 name Tenant_A_APP_Zone_2 ``` -# Interfaces +## Interfaces -## Ethernet Interfaces +### Ethernet Interfaces -### Ethernet Interfaces Summary +#### Ethernet Interfaces Summary -#### L2 +##### L2 | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | @@ -270,7 +262,7 @@ vlan 131 *Inherited from Port-Channel Interface -### Ethernet Interfaces Device Configuration +#### Ethernet Interfaces Device Configuration ```eos ! @@ -287,22 +279,22 @@ interface Ethernet2 interface Ethernet5 description server02_Eth0 no shutdown - switchport switchport access vlan 110 switchport mode access + switchport ``` -## Port-Channel Interfaces +### Port-Channel Interfaces -### Port-Channel Interfaces Summary +#### Port-Channel Interfaces Summary -#### L2 +##### L2 | Interface | Description | Type | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | | --------- | ----------- | ---- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | | Port-Channel1 | DC1_LEAF2_Po5 | switched | trunk | 110-112,120-121,130-131 | - | - | - | - | - | - | -### Port-Channel Interfaces Device Configuration +#### Port-Channel Interfaces Device Configuration ```eos ! @@ -314,8 +306,9 @@ interface Port-Channel1 switchport mode trunk ``` -# Routing -## Service Routing Protocols Model +## Routing + +### Service Routing Protocols Model Multi agent routing protocol model enabled @@ -324,76 +317,71 @@ Multi agent routing protocol model enabled service routing protocols model multi-agent ``` -## IP Routing +### IP Routing -### IP Routing Summary +#### IP Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | true|| MGMT | false | +| default | False | +| MGMT | False | -### IP Routing Device Configuration +#### IP Routing Device Configuration ```eos -! -ip routing no ip routing vrf MGMT ``` -## IPv6 Routing -### IPv6 Routing Summary +### IPv6 Routing + +#### IPv6 Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | false || MGMT | false | +| default | False | +| MGMT | false | +### Static Routes -## Static Routes +#### Static Routes Summary -### Static Routes Summary +| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | +| --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | +| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | -| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | -| --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | -| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | - -### Static Routes Device Configuration +#### Static Routes Device Configuration ```eos ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 ``` -# Multicast - -## IP IGMP Snooping +## Multicast -### IP IGMP Snooping Summary +### IP IGMP Snooping -IGMP snooping is globally enabled. +#### IP IGMP Snooping Summary +| IGMP Snooping | Fast Leave | Interface Restart Query | Proxy | Restart Query Interval | Robustness Variable | +| ------------- | ---------- | ----------------------- | ----- | ---------------------- | ------------------- | +| Enabled | - | - | - | - | - | -### IP IGMP Snooping Device Configuration +#### IP IGMP Snooping Device Configuration ```eos ``` -# Filters +## VRF Instances -# ACL - -# VRF Instances - -## VRF Instances Summary +### VRF Instances Summary | VRF Name | IP Routing | | -------- | ---------- | | MGMT | disabled | -## VRF Instances Device Configuration +### VRF Instances Device Configuration ```eos ! vrf instance MGMT ``` - -# Quality Of Service diff --git a/inventory/documentation/devices/DC1-LEAF1A.md b/inventory/documentation/devices/DC1-LEAF1A.md index 31882b215..5e367a58d 100644 --- a/inventory/documentation/devices/DC1-LEAF1A.md +++ b/inventory/documentation/devices/DC1-LEAF1A.md @@ -1,10 +1,10 @@ # DC1-LEAF1A -# Table of Contents - + +## Table of Contents - [Management](#management) - [Management Interfaces](#management-interfaces) - - [Name Servers](#name-servers) + - [IP Name Servers](#ip-name-servers) - [NTP](#ntp) - [Management API HTTP](#management-api-http) - [Authentication](#authentication) @@ -19,7 +19,7 @@ - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) - - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) + - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) - [VLANs](#vlans) - [VLANs Summary](#vlans-summary) - [VLANs Device Configuration](#vlans-device-configuration) @@ -43,35 +43,32 @@ - [Filters](#filters) - [Prefix-lists](#prefix-lists) - [Route-maps](#route-maps) -- [ACL](#acl) - [VRF Instances](#vrf-instances) - [VRF Instances Summary](#vrf-instances-summary) - [VRF Instances Device Configuration](#vrf-instances-device-configuration) - [Virtual Source NAT](#virtual-source-nat) - [Virtual Source NAT Summary](#virtual-source-nat-summary) - [Virtual Source NAT Configuration](#virtual-source-nat-configuration) -- [Quality Of Service](#quality-of-service) - -# Management +## Management -## Management Interfaces +### Management Interfaces -### Management Interfaces Summary +#### Management Interfaces Summary -#### IPv4 +##### IPv4 -| Management Interface | description | Type | VRF | IP Address | Gateway | +| Management Interface | Description | Type | VRF | IP Address | Gateway | | -------------------- | ----------- | ---- | --- | ---------- | ------- | | Management1 | oob_management | oob | MGMT | 10.255.0.13/24 | 10.255.0.1 | -#### IPv6 +##### IPv6 -| Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | +| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | oob_management | oob | MGMT | - | - | +| Management1 | oob_management | oob | MGMT | - | - | -### Management Interfaces Device Configuration +#### Management Interfaces Device Configuration ```eos ! @@ -82,40 +79,40 @@ interface Management1 ip address 10.255.0.13/24 ``` -## Name Servers +### IP Name Servers -### Name Servers Summary +#### IP Name Servers Summary -| Name Server | Source VRF | -| ----------- | ---------- | -| 192.168.2.1 | MGMT | -| 8.8.8.8 | MGMT | +| Name Server | VRF | Priority | +| ----------- | --- | -------- | +| 192.168.2.1 | MGMT | - | +| 8.8.8.8 | MGMT | - | -### Name Servers Device Configuration +#### IP Name Servers Device Configuration ```eos ip name-server vrf MGMT 8.8.8.8 ip name-server vrf MGMT 192.168.2.1 ``` -## NTP +### NTP -### NTP Summary +#### NTP Summary -#### NTP Local Interface +##### NTP Local Interface | Interface | VRF | | --------- | --- | | Management1 | MGMT | -#### NTP Servers +##### NTP Servers | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | -### NTP Device Configuration +#### NTP Device Configuration ```eos ! @@ -124,22 +121,21 @@ ntp server vrf MGMT 0.fr.pool.ntp.org prefer ntp server vrf MGMT 1.fr.pool.ntp.org ``` -## Management API HTTP +### Management API HTTP -### Management API HTTP Summary +#### Management API HTTP Summary -| HTTP | HTTPS | -| ---------- | ---------- | -| default | true | +| HTTP | HTTPS | Default Services | +| ---- | ----- | ---------------- | +| False | True | - | -### Management API VRF Access +#### Management API VRF Access | VRF Name | IPv4 ACL | IPv6 ACL | | -------- | -------- | -------- | | MGMT | - | - | - -### Management API HTTP Configuration +#### Management API HTTP Device Configuration ```eos ! @@ -151,49 +147,49 @@ management api http-commands no shutdown ``` -# Authentication +## Authentication -## Local Users +### Local Users -### Local Users Summary +#### Local Users Summary -| User | Privilege | Role | -| ---- | --------- | ---- | -| admin | 15 | network-admin | -| ansible | 15 | network-admin | -| cvpadmin | 15 | network-admin | +| User | Privilege | Role | Disabled | Shell | +| ---- | --------- | ---- | -------- | ----- | +| admin | 15 | network-admin | False | - | +| ansible | 15 | network-admin | False | - | +| cvpadmin | 15 | network-admin | False | - | -### Local Users Device Configuration +#### Local Users Device Configuration ```eos ! -username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 -username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +username admin privilege 15 role network-admin secret sha512 +username ansible privilege 15 role network-admin secret sha512 +username cvpadmin privilege 15 role network-admin secret sha512 ``` -# Monitoring +## Monitoring -## TerminAttr Daemon +### TerminAttr Daemon -### TerminAttr Daemon Summary +#### TerminAttr Daemon Summary | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | -| gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | +| gzip | 10.255.0.1:9910 | MGMT | token,/tmp/token | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | -### TerminAttr Daemon Device Configuration +#### TerminAttr Daemon Device Configuration ```eos ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ``` -# MLAG +## MLAG -## MLAG Summary +### MLAG Summary | Domain-id | Local-interface | Peer-address | Peer-link | | --------- | --------------- | ------------ | --------- | @@ -201,7 +197,7 @@ daemon TerminAttr Dual primary detection is disabled. -## MLAG Device Configuration +### MLAG Device Configuration ```eos ! @@ -214,23 +210,23 @@ mlag configuration reload-delay non-mlag 330 ``` -# Spanning Tree +## Spanning Tree -## Spanning Tree Summary +### Spanning Tree Summary STP mode: **mstp** -### MSTP Instance and Priority +#### MSTP Instance and Priority | Instance(s) | Priority | | -------- | -------- | | 0 | 16384 | -### Global Spanning-Tree Settings +#### Global Spanning-Tree Settings -Spanning Tree disabled for VLANs: **4093-4094** +- Spanning Tree disabled for VLANs: **4093-4094** -## Spanning Tree Device Configuration +### Spanning Tree Device Configuration ```eos ! @@ -239,24 +235,24 @@ no spanning-tree vlan-id 4093-4094 spanning-tree mst 0 priority 16384 ``` -# Internal VLAN Allocation Policy +## Internal VLAN Allocation Policy -## Internal VLAN Allocation Policy Summary +### Internal VLAN Allocation Policy Summary | Policy Allocation | Range Beginning | Range Ending | | ------------------| --------------- | ------------ | | ascending | 1006 | 1199 | -## Internal VLAN Allocation Policy Configuration +### Internal VLAN Allocation Policy Device Configuration ```eos ! vlan internal order ascending range 1006 1199 ``` -# VLANs +## VLANs -## VLANs Summary +### VLANs Summary | VLAN ID | Name | Trunk Groups | | ------- | ---- | ------------ | @@ -290,7 +286,7 @@ vlan internal order ascending range 1006 1199 | 4093 | LEAF_PEER_L3 | LEAF_PEER_L3 | | 4094 | MLAG_PEER | MLAG | -## VLANs Device Configuration +### VLANs Device Configuration ```eos ! @@ -393,44 +389,42 @@ vlan 4094 trunk group MLAG ``` -# Interfaces +## Interfaces -## Ethernet Interfaces +### Ethernet Interfaces -### Ethernet Interfaces Summary +#### Ethernet Interfaces Summary -#### L2 +##### L2 | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | -| Ethernet3 | MLAG_PEER_DC1-LEAF1B_Ethernet3 | *trunk | *2-4094 | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | -| Ethernet4 | MLAG_PEER_DC1-LEAF1B_Ethernet4 | *trunk | *2-4094 | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | +| Ethernet3 | MLAG_PEER_DC1-LEAF1B_Ethernet3 | *trunk | *- | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | +| Ethernet4 | MLAG_PEER_DC1-LEAF1B_Ethernet4 | *trunk | *- | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | | Ethernet5 | DC1-L2LEAF1A_Ethernet1 | *trunk | *110-112,120-121,130-131 | *- | *- | 5 | *Inherited from Port-Channel Interface -#### IPv4 +##### IPv4 | Interface | Description | Type | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | | --------- | ----------- | -----| ------------- | ---------- | ----| ---- | -------- | ------ | ------- | -| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet1 | routed | - | 172.31.255.1/31 | default | 1500 | false | - | - | -| Ethernet2 | P2P_LINK_TO_DC1-SPINE2_Ethernet1 | routed | - | 172.31.255.3/31 | default | 1500 | false | - | - | +| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet1 | routed | - | 172.31.255.1/31 | default | - | False | - | - | +| Ethernet2 | P2P_LINK_TO_DC1-SPINE2_Ethernet1 | routed | - | 172.31.255.3/31 | default | - | False | - | - | -### Ethernet Interfaces Device Configuration +#### Ethernet Interfaces Device Configuration ```eos ! interface Ethernet1 description P2P_LINK_TO_DC1-SPINE1_Ethernet1 no shutdown - mtu 1500 no switchport ip address 172.31.255.1/31 ! interface Ethernet2 description P2P_LINK_TO_DC1-SPINE2_Ethernet1 no shutdown - mtu 1500 no switchport ip address 172.31.255.3/31 ! @@ -450,18 +444,18 @@ interface Ethernet5 channel-group 5 mode active ``` -## Port-Channel Interfaces +### Port-Channel Interfaces -### Port-Channel Interfaces Summary +#### Port-Channel Interfaces Summary -#### L2 +##### L2 | Interface | Description | Type | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | | --------- | ----------- | ---- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | -| Port-Channel3 | MLAG_PEER_DC1-LEAF1B_Po3 | switched | trunk | 2-4094 | - | ['LEAF_PEER_L3', 'MLAG'] | - | - | - | - | +| Port-Channel3 | MLAG_PEER_DC1-LEAF1B_Po3 | switched | trunk | - | - | ['LEAF_PEER_L3', 'MLAG'] | - | - | - | - | | Port-Channel5 | DC1-L2LEAF1A_Po1 | switched | trunk | 110-112,120-121,130-131 | - | - | - | - | 5 | - | -### Port-Channel Interfaces Device Configuration +#### Port-Channel Interfaces Device Configuration ```eos ! @@ -469,7 +463,6 @@ interface Port-Channel3 description MLAG_PEER_DC1-LEAF1B_Po3 no shutdown switchport - switchport trunk allowed vlan 2-4094 switchport mode trunk switchport trunk group LEAF_PEER_L3 switchport trunk group MLAG @@ -483,11 +476,11 @@ interface Port-Channel5 mlag 5 ``` -## Loopback Interfaces +### Loopback Interfaces -### Loopback Interfaces Summary +#### Loopback Interfaces Summary -#### IPv4 +##### IPv4 | Interface | Description | VRF | IP Address | | --------- | ----------- | --- | ---------- | @@ -495,7 +488,7 @@ interface Port-Channel5 | Loopback1 | VTEP_VXLAN_Tunnel_Source | default | 192.168.254.3/32 | | Loopback100 | Tenant_A_OP_Zone_VTEP_DIAGNOSTICS | Tenant_A_OP_Zone | 10.255.1.3/32 | -#### IPv6 +##### IPv6 | Interface | Description | VRF | IPv6 Address | | --------- | ----------- | --- | ------------ | @@ -503,8 +496,7 @@ interface Port-Channel5 | Loopback1 | VTEP_VXLAN_Tunnel_Source | default | - | | Loopback100 | Tenant_A_OP_Zone_VTEP_DIAGNOSTICS | Tenant_A_OP_Zone | - | - -### Loopback Interfaces Device Configuration +#### Loopback Interfaces Device Configuration ```eos ! @@ -525,41 +517,41 @@ interface Loopback100 ip address 10.255.1.3/32 ``` -## VLAN Interfaces +### VLAN Interfaces -### VLAN Interfaces Summary +#### VLAN Interfaces Summary | Interface | Description | VRF | MTU | Shutdown | | --------- | ----------- | --- | ---- | -------- | -| Vlan110 | Tenant_A_OP_Zone_1 | Tenant_A_OP_Zone | - | false | -| Vlan111 | Tenant_A_OP_Zone_2 | Tenant_A_OP_Zone | - | false | -| Vlan112 | Tenant_A_OP_Zone_3 | Tenant_A_OP_Zone | - | false | -| Vlan120 | Tenant_A_WEB_Zone_1 | Tenant_A_WEB_Zone | - | false | -| Vlan121 | Tenant_A_WEBZone_2 | Tenant_A_WEB_Zone | - | false | -| Vlan130 | Tenant_A_APP_Zone_1 | Tenant_A_APP_Zone | - | false | -| Vlan131 | Tenant_A_APP_Zone_2 | Tenant_A_APP_Zone | - | false | -| Vlan140 | Tenant_A_DB_BZone_1 | Tenant_A_DB_Zone | - | false | -| Vlan141 | Tenant_A_DB_Zone_2 | Tenant_A_DB_Zone | - | false | -| Vlan150 | Tenant_A_WAN_Zone_1 | Tenant_A_WAN_Zone | - | false | -| Vlan210 | Tenant_B_OP_Zone_1 | Tenant_B_OP_Zone | - | false | -| Vlan211 | Tenant_B_OP_Zone_2 | Tenant_B_OP_Zone | - | false | -| Vlan250 | Tenant_B_WAN_Zone_1 | Tenant_B_WAN_Zone | - | false | -| Vlan310 | Tenant_C_OP_Zone_1 | Tenant_C_OP_Zone | - | false | -| Vlan311 | Tenant_C_OP_Zone_2 | Tenant_C_OP_Zone | - | false | -| Vlan350 | Tenant_C_WAN_Zone_1 | Tenant_C_WAN_Zone | - | false | -| Vlan3009 | MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone | Tenant_A_OP_Zone | 1500 | false | -| Vlan3010 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone | Tenant_A_WEB_Zone | 1500 | false | -| Vlan3011 | MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone | Tenant_A_APP_Zone | 1500 | false | -| Vlan3012 | MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone | Tenant_A_DB_Zone | 1500 | false | -| Vlan3013 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone | Tenant_A_WAN_Zone | 1500 | false | -| Vlan3019 | MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone | Tenant_B_OP_Zone | 1500 | false | -| Vlan3020 | MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone | Tenant_B_WAN_Zone | 1500 | false | -| Vlan3029 | MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone | Tenant_C_OP_Zone | 1500 | false | -| Vlan3030 | MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone | Tenant_C_WAN_Zone | 1500 | false | -| Vlan4093 | MLAG_PEER_L3_PEERING | default | 1500 | false | -| Vlan4094 | MLAG_PEER | default | 1500 | false | - -#### IPv4 +| Vlan110 | Tenant_A_OP_Zone_1 | Tenant_A_OP_Zone | - | False | +| Vlan111 | Tenant_A_OP_Zone_2 | Tenant_A_OP_Zone | - | False | +| Vlan112 | Tenant_A_OP_Zone_3 | Tenant_A_OP_Zone | - | False | +| Vlan120 | Tenant_A_WEB_Zone_1 | Tenant_A_WEB_Zone | - | False | +| Vlan121 | Tenant_A_WEBZone_2 | Tenant_A_WEB_Zone | - | False | +| Vlan130 | Tenant_A_APP_Zone_1 | Tenant_A_APP_Zone | - | False | +| Vlan131 | Tenant_A_APP_Zone_2 | Tenant_A_APP_Zone | - | False | +| Vlan140 | Tenant_A_DB_BZone_1 | Tenant_A_DB_Zone | - | False | +| Vlan141 | Tenant_A_DB_Zone_2 | Tenant_A_DB_Zone | - | False | +| Vlan150 | Tenant_A_WAN_Zone_1 | Tenant_A_WAN_Zone | - | False | +| Vlan210 | Tenant_B_OP_Zone_1 | Tenant_B_OP_Zone | - | False | +| Vlan211 | Tenant_B_OP_Zone_2 | Tenant_B_OP_Zone | - | False | +| Vlan250 | Tenant_B_WAN_Zone_1 | Tenant_B_WAN_Zone | - | False | +| Vlan310 | Tenant_C_OP_Zone_1 | Tenant_C_OP_Zone | - | False | +| Vlan311 | Tenant_C_OP_Zone_2 | Tenant_C_OP_Zone | - | False | +| Vlan350 | Tenant_C_WAN_Zone_1 | Tenant_C_WAN_Zone | - | False | +| Vlan3009 | MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone | Tenant_A_OP_Zone | - | False | +| Vlan3010 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone | Tenant_A_WEB_Zone | - | False | +| Vlan3011 | MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone | Tenant_A_APP_Zone | - | False | +| Vlan3012 | MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone | Tenant_A_DB_Zone | - | False | +| Vlan3013 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone | Tenant_A_WAN_Zone | - | False | +| Vlan3019 | MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone | Tenant_B_OP_Zone | - | False | +| Vlan3020 | MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone | Tenant_B_WAN_Zone | - | False | +| Vlan3029 | MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone | Tenant_C_OP_Zone | - | False | +| Vlan3030 | MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone | Tenant_C_WAN_Zone | - | False | +| Vlan4093 | MLAG_PEER_L3_PEERING | default | - | False | +| Vlan4094 | MLAG_PEER | default | - | False | + +##### IPv4 | Interface | VRF | IP Address | IP Address Virtual | IP Router Virtual Address | VRRP | ACL In | ACL Out | | --------- | --- | ---------- | ------------------ | ------------------------- | ---- | ------ | ------- | @@ -591,8 +583,7 @@ interface Loopback100 | Vlan4093 | default | 10.255.251.0/31 | - | - | - | - | - | | Vlan4094 | default | 10.255.252.0/31 | - | - | - | - | - | - -### VLAN Interfaces Device Configuration +#### VLAN Interfaces Device Configuration ```eos ! @@ -689,128 +680,117 @@ interface Vlan350 interface Vlan3009 description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone no shutdown - mtu 1500 vrf Tenant_A_OP_Zone ip address 10.255.251.0/31 ! interface Vlan3010 description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone no shutdown - mtu 1500 vrf Tenant_A_WEB_Zone ip address 10.255.251.0/31 ! interface Vlan3011 description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone no shutdown - mtu 1500 vrf Tenant_A_APP_Zone ip address 10.255.251.0/31 ! interface Vlan3012 description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone no shutdown - mtu 1500 vrf Tenant_A_DB_Zone ip address 10.255.251.0/31 ! interface Vlan3013 description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone no shutdown - mtu 1500 vrf Tenant_A_WAN_Zone ip address 10.255.251.0/31 ! interface Vlan3019 description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone no shutdown - mtu 1500 vrf Tenant_B_OP_Zone ip address 10.255.251.0/31 ! interface Vlan3020 description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone no shutdown - mtu 1500 vrf Tenant_B_WAN_Zone ip address 10.255.251.0/31 ! interface Vlan3029 description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone no shutdown - mtu 1500 vrf Tenant_C_OP_Zone ip address 10.255.251.0/31 ! interface Vlan3030 description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone no shutdown - mtu 1500 vrf Tenant_C_WAN_Zone ip address 10.255.251.0/31 ! interface Vlan4093 description MLAG_PEER_L3_PEERING no shutdown - mtu 1500 ip address 10.255.251.0/31 ! interface Vlan4094 description MLAG_PEER no shutdown - mtu 1500 no autostate ip address 10.255.252.0/31 ``` -## VXLAN Interface - -### VXLAN Interface Summary - -#### Source Interface: Loopback1 - -#### UDP port: 4789 - -#### EVPN MLAG Shared Router MAC : mlag-system-id - -#### VLAN to VNI and Flood List Mappings - -| VLAN | VNI | Flood List | -| ---- | --- | ---------- | -| 110 | 10110 | - | -| 111 | 50111 | - | -| 112 | 50112 | - | -| 120 | 10120 | - | -| 121 | 10121 | - | -| 130 | 10130 | - | -| 131 | 10131 | - | -| 140 | 10140 | - | -| 141 | 10141 | - | -| 150 | 10150 | - | -| 160 | 55160 | - | -| 161 | 10161 | - | -| 210 | 20210 | - | -| 211 | 20211 | - | -| 250 | 20250 | - | -| 310 | 30310 | - | -| 311 | 30311 | - | -| 350 | 30350 | - | - -#### VRF to VNI Mappings - -| VLAN | VNI | -| ---- | --- | -| Tenant_A_APP_Zone | 12 | -| Tenant_A_DB_Zone | 13 | -| Tenant_A_OP_Zone | 10 | -| Tenant_A_WAN_Zone | 14 | -| Tenant_A_WEB_Zone | 11 | -| Tenant_B_OP_Zone | 20 | -| Tenant_B_WAN_Zone | 21 | -| Tenant_C_OP_Zone | 30 | -| Tenant_C_WAN_Zone | 31 | - -### VXLAN Interface Device Configuration +### VXLAN Interface + +#### VXLAN Interface Summary + +| Setting | Value | +| ------- | ----- | +| Source Interface | Loopback1 | +| UDP port | 4789 | +| EVPN MLAG Shared Router MAC | mlag-system-id | + +##### VLAN to VNI, Flood List and Multicast Group Mappings + +| VLAN | VNI | Flood List | Multicast Group | +| ---- | --- | ---------- | --------------- | +| 110 | 10110 | - | - | +| 111 | 50111 | - | - | +| 112 | 50112 | - | - | +| 120 | 10120 | - | - | +| 121 | 10121 | - | - | +| 130 | 10130 | - | - | +| 131 | 10131 | - | - | +| 140 | 10140 | - | - | +| 141 | 10141 | - | - | +| 150 | 10150 | - | - | +| 160 | 55160 | - | - | +| 161 | 10161 | - | - | +| 210 | 20210 | - | - | +| 211 | 20211 | - | - | +| 250 | 20250 | - | - | +| 310 | 30310 | - | - | +| 311 | 30311 | - | - | +| 350 | 30350 | - | - | + +##### VRF to VNI and Multicast Group Mappings + +| VRF | VNI | Multicast Group | +| ---- | --- | --------------- | +| Tenant_A_APP_Zone | 12 | - | +| Tenant_A_DB_Zone | 13 | - | +| Tenant_A_OP_Zone | 10 | - | +| Tenant_A_WAN_Zone | 14 | - | +| Tenant_A_WEB_Zone | 11 | - | +| Tenant_B_OP_Zone | 20 | - | +| Tenant_B_WAN_Zone | 21 | - | +| Tenant_C_OP_Zone | 30 | - | +| Tenant_C_WAN_Zone | 31 | - | + +#### VXLAN Interface Device Configuration ```eos ! @@ -848,8 +828,9 @@ interface Vxlan1 vxlan vrf Tenant_C_WAN_Zone vni 31 ``` -# Routing -## Service Routing Protocols Model +## Routing + +### Service Routing Protocols Model Multi agent routing protocol model enabled @@ -858,37 +839,38 @@ Multi agent routing protocol model enabled service routing protocols model multi-agent ``` -## Virtual Router MAC Address +### Virtual Router MAC Address -### Virtual Router MAC Address Summary +#### Virtual Router MAC Address Summary -#### Virtual Router MAC Address: 00:1c:73:00:dc:01 +Virtual Router MAC Address: 00:1c:73:00:dc:01 -### Virtual Router MAC Address Configuration +#### Virtual Router MAC Address Device Configuration ```eos ! ip virtual-router mac-address 00:1c:73:00:dc:01 ``` -## IP Routing +### IP Routing -### IP Routing Summary +#### IP Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | true|| MGMT | false | -| Tenant_A_APP_Zone | true | -| Tenant_A_DB_Zone | true | -| Tenant_A_OP_Zone | true | -| Tenant_A_WAN_Zone | true | -| Tenant_A_WEB_Zone | true | -| Tenant_B_OP_Zone | true | -| Tenant_B_WAN_Zone | true | -| Tenant_C_OP_Zone | true | -| Tenant_C_WAN_Zone | true | - -### IP Routing Device Configuration +| default | True | +| MGMT | False | +| Tenant_A_APP_Zone | True | +| Tenant_A_DB_Zone | True | +| Tenant_A_OP_Zone | True | +| Tenant_A_WAN_Zone | True | +| Tenant_A_WEB_Zone | True | +| Tenant_B_OP_Zone | True | +| Tenant_B_WAN_Zone | True | +| Tenant_C_OP_Zone | True | +| Tenant_C_WAN_Zone | True | + +#### IP Routing Device Configuration ```eos ! @@ -904,13 +886,15 @@ ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_OP_Zone ip routing vrf Tenant_C_WAN_Zone ``` -## IPv6 Routing -### IPv6 Routing Summary +### IPv6 Routing + +#### IPv6 Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | false || MGMT | false | +| default | False | +| MGMT | false | | Tenant_A_APP_Zone | false | | Tenant_A_DB_Zone | false | | Tenant_A_OP_Zone | false | @@ -921,52 +905,53 @@ ip routing vrf Tenant_C_WAN_Zone | Tenant_C_OP_Zone | false | | Tenant_C_WAN_Zone | false | +### Static Routes -## Static Routes - -### Static Routes Summary +#### Static Routes Summary -| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | -| --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | -| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | +| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | +| --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | +| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | -### Static Routes Device Configuration +#### Static Routes Device Configuration ```eos ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 ``` -## Router BGP +### Router BGP -### Router BGP Summary +ASN Notation: asplain + +#### Router BGP Summary | BGP AS | Router ID | | ------ | --------- | -| 65101| 192.168.255.3 | +| 65101 | 192.168.255.3 | | BGP Tuning | | ---------- | -| no bgp default ipv4-unicast | -| distance bgp 20 200 200 | | graceful-restart restart-time 300 | | graceful-restart | +| no bgp default ipv4-unicast | +| distance bgp 20 200 200 | | maximum-paths 4 ecmp 4 | -### Router BGP Peer Groups +#### Router BGP Peer Groups -#### EVPN-OVERLAY-PEERS +##### EVPN-OVERLAY-PEERS | Settings | Value | | -------- | ----- | | Address Family | evpn | | Source | Loopback0 | -| Bfd | true | +| BFD | True | | Ebgp multihop | 3 | | Send community | all | | Maximum routes | 0 (no limit) | -#### IPv4-UNDERLAY-PEERS +##### IPv4-UNDERLAY-PEERS | Settings | Value | | -------- | ----- | @@ -974,7 +959,7 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -#### MLAG-IPv4-UNDERLAY-PEER +##### MLAG-IPv4-UNDERLAY-PEER | Settings | Value | | -------- | ----- | @@ -984,30 +969,34 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -### BGP Neighbors +#### BGP Neighbors -| Neighbor | Remote AS | VRF | -| -------- | --------- | --- | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | default | -| 172.31.255.0 | 65001 | default | -| 172.31.255.2 | 65001 | default | -| 192.168.255.1 | 65001 | default | -| 192.168.255.2 | 65001 | default | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_APP_Zone | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_DB_Zone | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_OP_Zone | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WAN_Zone | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WEB_Zone | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_OP_Zone | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_WAN_Zone | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_OP_Zone | -| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_WAN_Zone | +| Neighbor | Remote AS | VRF | Shutdown | Send-community | Maximum-routes | Allowas-in | BFD | RIB Pre-Policy Retain | Route-Reflector Client | Passive | TTL Max Hops | +| -------- | --------- | --- | -------- | -------------- | -------------- | ---------- | --- | --------------------- | ---------------------- | ------- | ------------ | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | default | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 172.31.255.0 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | +| 172.31.255.2 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | +| 192.168.255.1 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | +| 192.168.255.2 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_APP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_DB_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WEB_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | -### Router BGP EVPN Address Family +#### Router BGP EVPN Address Family -#### Router BGP EVPN MAC-VRFs +##### EVPN Peer Groups -##### VLAN aware bundles +| Peer Group | Activate | Encapsulation | +| ---------- | -------- | ------------- | +| EVPN-OVERLAY-PEERS | True | default | + +#### Router BGP VLAN Aware Bundles | VLAN Aware Bundle | Route-Distinguisher | Both Route-Target | Import Route Target | Export Route-Target | Redistribute | VLANs | | ----------------- | ------------------- | ----------------- | ------------------- | ------------------- | ------------ | ----- | @@ -1023,7 +1012,7 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Tenant_C_OP_Zone | 192.168.255.3:30 | 30:30 | - | - | learned | 310-311 | | Tenant_C_WAN_Zone | 192.168.255.3:31 | 31:31 | - | - | learned | 350 | -#### Router BGP EVPN VRFs +#### Router BGP VRFs | VRF | Route-Distinguisher | Redistribute | | --- | ------------------- | ------------ | @@ -1037,32 +1026,33 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Tenant_C_OP_Zone | 192.168.255.3:30 | connected | | Tenant_C_WAN_Zone | 192.168.255.3:31 | connected | -### Router BGP Device Configuration +#### Router BGP Device Configuration ```eos ! router bgp 65101 router-id 192.168.255.3 - no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart maximum-paths 4 ecmp 4 + no bgp default ipv4-unicast neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 - neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== + neighbor EVPN-OVERLAY-PEERS password 7 neighbor EVPN-OVERLAY-PEERS send-community neighbor EVPN-OVERLAY-PEERS maximum-routes 0 neighbor IPv4-UNDERLAY-PEERS peer group - neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== + neighbor IPv4-UNDERLAY-PEERS password 7 neighbor IPv4-UNDERLAY-PEERS send-community neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 neighbor MLAG-IPv4-UNDERLAY-PEER peer group neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101 neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self - neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== + neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF1B + neighbor MLAG-IPv4-UNDERLAY-PEER password 7 neighbor MLAG-IPv4-UNDERLAY-PEER send-community neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in @@ -1229,17 +1219,17 @@ router bgp 65101 redistribute connected ``` -# BFD +## BFD -## Router BFD +### Router BFD -### Router BFD Multihop Summary +#### Router BFD Multihop Summary | Interval | Minimum RX | Multiplier | | -------- | ---------- | ---------- | | 1200 | 1200 | 3 | -### Router BFD Multihop Device Configuration +#### Router BFD Device Configuration ```eos ! @@ -1247,34 +1237,35 @@ router bfd multihop interval 1200 min-rx 1200 multiplier 3 ``` -# Multicast - -## IP IGMP Snooping +## Multicast -### IP IGMP Snooping Summary +### IP IGMP Snooping -IGMP snooping is globally enabled. +#### IP IGMP Snooping Summary +| IGMP Snooping | Fast Leave | Interface Restart Query | Proxy | Restart Query Interval | Robustness Variable | +| ------------- | ---------- | ----------------------- | ----- | ---------------------- | ------------------- | +| Enabled | - | - | - | - | - | -### IP IGMP Snooping Device Configuration +#### IP IGMP Snooping Device Configuration ```eos ``` -# Filters +## Filters -## Prefix-lists +### Prefix-lists -### Prefix-lists Summary +#### Prefix-lists Summary -#### PL-LOOPBACKS-EVPN-OVERLAY +##### PL-LOOPBACKS-EVPN-OVERLAY | Sequence | Action | | -------- | ------ | | 10 | permit 192.168.255.0/24 eq 32 | | 20 | permit 192.168.254.0/24 eq 32 | -### Prefix-lists Device Configuration +#### Prefix-lists Device Configuration ```eos ! @@ -1283,23 +1274,23 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 20 permit 192.168.254.0/24 eq 32 ``` -## Route-maps +### Route-maps -### Route-maps Summary +#### Route-maps Summary -#### RM-CONN-2-BGP +##### RM-CONN-2-BGP -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - | -#### RM-MLAG-PEER-IN +##### RM-MLAG-PEER-IN -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | set origin incomplete | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | - | origin incomplete | - | - | -### Route-maps Device Configuration +#### Route-maps Device Configuration ```eos ! @@ -1311,11 +1302,9 @@ route-map RM-MLAG-PEER-IN permit 10 set origin incomplete ``` -# ACL +## VRF Instances -# VRF Instances - -## VRF Instances Summary +### VRF Instances Summary | VRF Name | IP Routing | | -------- | ---------- | @@ -1330,7 +1319,7 @@ route-map RM-MLAG-PEER-IN permit 10 | Tenant_C_OP_Zone | enabled | | Tenant_C_WAN_Zone | enabled | -## VRF Instances Device Configuration +### VRF Instances Device Configuration ```eos ! @@ -1355,19 +1344,17 @@ vrf instance Tenant_C_OP_Zone vrf instance Tenant_C_WAN_Zone ``` -# Virtual Source NAT +## Virtual Source NAT -## Virtual Source NAT Summary +### Virtual Source NAT Summary | Source NAT VRF | Source NAT IP Address | | -------------- | --------------------- | | Tenant_A_OP_Zone | 10.255.1.3 | -## Virtual Source NAT Configuration +### Virtual Source NAT Configuration ```eos ! ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.3 ``` - -# Quality Of Service diff --git a/inventory/documentation/devices/DC1-LEAF1B.md b/inventory/documentation/devices/DC1-LEAF1B.md index 6289317dc..652c4f901 100644 --- a/inventory/documentation/devices/DC1-LEAF1B.md +++ b/inventory/documentation/devices/DC1-LEAF1B.md @@ -1,10 +1,10 @@ # DC1-LEAF1B -# Table of Contents - + +## Table of Contents - [Management](#management) - [Management Interfaces](#management-interfaces) - - [Name Servers](#name-servers) + - [IP Name Servers](#ip-name-servers) - [NTP](#ntp) - [Management API HTTP](#management-api-http) - [Authentication](#authentication) @@ -19,7 +19,7 @@ - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) - - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) + - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) - [VLANs](#vlans) - [VLANs Summary](#vlans-summary) - [VLANs Device Configuration](#vlans-device-configuration) @@ -43,35 +43,32 @@ - [Filters](#filters) - [Prefix-lists](#prefix-lists) - [Route-maps](#route-maps) -- [ACL](#acl) - [VRF Instances](#vrf-instances) - [VRF Instances Summary](#vrf-instances-summary) - [VRF Instances Device Configuration](#vrf-instances-device-configuration) - [Virtual Source NAT](#virtual-source-nat) - [Virtual Source NAT Summary](#virtual-source-nat-summary) - [Virtual Source NAT Configuration](#virtual-source-nat-configuration) -- [Quality Of Service](#quality-of-service) - -# Management +## Management -## Management Interfaces +### Management Interfaces -### Management Interfaces Summary +#### Management Interfaces Summary -#### IPv4 +##### IPv4 -| Management Interface | description | Type | VRF | IP Address | Gateway | +| Management Interface | Description | Type | VRF | IP Address | Gateway | | -------------------- | ----------- | ---- | --- | ---------- | ------- | | Management1 | oob_management | oob | MGMT | 10.255.0.14/24 | 10.255.0.1 | -#### IPv6 +##### IPv6 -| Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | +| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | oob_management | oob | MGMT | - | - | +| Management1 | oob_management | oob | MGMT | - | - | -### Management Interfaces Device Configuration +#### Management Interfaces Device Configuration ```eos ! @@ -82,40 +79,40 @@ interface Management1 ip address 10.255.0.14/24 ``` -## Name Servers +### IP Name Servers -### Name Servers Summary +#### IP Name Servers Summary -| Name Server | Source VRF | -| ----------- | ---------- | -| 192.168.2.1 | MGMT | -| 8.8.8.8 | MGMT | +| Name Server | VRF | Priority | +| ----------- | --- | -------- | +| 192.168.2.1 | MGMT | - | +| 8.8.8.8 | MGMT | - | -### Name Servers Device Configuration +#### IP Name Servers Device Configuration ```eos ip name-server vrf MGMT 8.8.8.8 ip name-server vrf MGMT 192.168.2.1 ``` -## NTP +### NTP -### NTP Summary +#### NTP Summary -#### NTP Local Interface +##### NTP Local Interface | Interface | VRF | | --------- | --- | | Management1 | MGMT | -#### NTP Servers +##### NTP Servers | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | -### NTP Device Configuration +#### NTP Device Configuration ```eos ! @@ -124,22 +121,21 @@ ntp server vrf MGMT 0.fr.pool.ntp.org prefer ntp server vrf MGMT 1.fr.pool.ntp.org ``` -## Management API HTTP +### Management API HTTP -### Management API HTTP Summary +#### Management API HTTP Summary -| HTTP | HTTPS | -| ---------- | ---------- | -| default | true | +| HTTP | HTTPS | Default Services | +| ---- | ----- | ---------------- | +| False | True | - | -### Management API VRF Access +#### Management API VRF Access | VRF Name | IPv4 ACL | IPv6 ACL | | -------- | -------- | -------- | | MGMT | - | - | - -### Management API HTTP Configuration +#### Management API HTTP Device Configuration ```eos ! @@ -151,49 +147,49 @@ management api http-commands no shutdown ``` -# Authentication +## Authentication -## Local Users +### Local Users -### Local Users Summary +#### Local Users Summary -| User | Privilege | Role | -| ---- | --------- | ---- | -| admin | 15 | network-admin | -| ansible | 15 | network-admin | -| cvpadmin | 15 | network-admin | +| User | Privilege | Role | Disabled | Shell | +| ---- | --------- | ---- | -------- | ----- | +| admin | 15 | network-admin | False | - | +| ansible | 15 | network-admin | False | - | +| cvpadmin | 15 | network-admin | False | - | -### Local Users Device Configuration +#### Local Users Device Configuration ```eos ! -username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 -username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +username admin privilege 15 role network-admin secret sha512 +username ansible privilege 15 role network-admin secret sha512 +username cvpadmin privilege 15 role network-admin secret sha512 ``` -# Monitoring +## Monitoring -## TerminAttr Daemon +### TerminAttr Daemon -### TerminAttr Daemon Summary +#### TerminAttr Daemon Summary | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | -| gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | +| gzip | 10.255.0.1:9910 | MGMT | token,/tmp/token | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | -### TerminAttr Daemon Device Configuration +#### TerminAttr Daemon Device Configuration ```eos ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ``` -# MLAG +## MLAG -## MLAG Summary +### MLAG Summary | Domain-id | Local-interface | Peer-address | Peer-link | | --------- | --------------- | ------------ | --------- | @@ -201,7 +197,7 @@ daemon TerminAttr Dual primary detection is disabled. -## MLAG Device Configuration +### MLAG Device Configuration ```eos ! @@ -214,23 +210,23 @@ mlag configuration reload-delay non-mlag 330 ``` -# Spanning Tree +## Spanning Tree -## Spanning Tree Summary +### Spanning Tree Summary STP mode: **mstp** -### MSTP Instance and Priority +#### MSTP Instance and Priority | Instance(s) | Priority | | -------- | -------- | | 0 | 16384 | -### Global Spanning-Tree Settings +#### Global Spanning-Tree Settings -Spanning Tree disabled for VLANs: **4093-4094** +- Spanning Tree disabled for VLANs: **4093-4094** -## Spanning Tree Device Configuration +### Spanning Tree Device Configuration ```eos ! @@ -239,24 +235,24 @@ no spanning-tree vlan-id 4093-4094 spanning-tree mst 0 priority 16384 ``` -# Internal VLAN Allocation Policy +## Internal VLAN Allocation Policy -## Internal VLAN Allocation Policy Summary +### Internal VLAN Allocation Policy Summary | Policy Allocation | Range Beginning | Range Ending | | ------------------| --------------- | ------------ | | ascending | 1006 | 1199 | -## Internal VLAN Allocation Policy Configuration +### Internal VLAN Allocation Policy Device Configuration ```eos ! vlan internal order ascending range 1006 1199 ``` -# VLANs +## VLANs -## VLANs Summary +### VLANs Summary | VLAN ID | Name | Trunk Groups | | ------- | ---- | ------------ | @@ -290,7 +286,7 @@ vlan internal order ascending range 1006 1199 | 4093 | LEAF_PEER_L3 | LEAF_PEER_L3 | | 4094 | MLAG_PEER | MLAG | -## VLANs Device Configuration +### VLANs Device Configuration ```eos ! @@ -393,44 +389,42 @@ vlan 4094 trunk group MLAG ``` -# Interfaces +## Interfaces -## Ethernet Interfaces +### Ethernet Interfaces -### Ethernet Interfaces Summary +#### Ethernet Interfaces Summary -#### L2 +##### L2 | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | -| Ethernet3 | MLAG_PEER_DC1-LEAF1A_Ethernet3 | *trunk | *2-4094 | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | -| Ethernet4 | MLAG_PEER_DC1-LEAF1A_Ethernet4 | *trunk | *2-4094 | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | +| Ethernet3 | MLAG_PEER_DC1-LEAF1A_Ethernet3 | *trunk | *- | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | +| Ethernet4 | MLAG_PEER_DC1-LEAF1A_Ethernet4 | *trunk | *- | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | | Ethernet5 | DC1-L2LEAF1A_Ethernet2 | *trunk | *110-112,120-121,130-131 | *- | *- | 5 | *Inherited from Port-Channel Interface -#### IPv4 +##### IPv4 | Interface | Description | Type | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | | --------- | ----------- | -----| ------------- | ---------- | ----| ---- | -------- | ------ | ------- | -| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet2 | routed | - | 172.31.255.5/31 | default | 1500 | false | - | - | -| Ethernet2 | P2P_LINK_TO_DC1-SPINE2_Ethernet2 | routed | - | 172.31.255.7/31 | default | 1500 | false | - | - | +| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet2 | routed | - | 172.31.255.5/31 | default | - | False | - | - | +| Ethernet2 | P2P_LINK_TO_DC1-SPINE2_Ethernet2 | routed | - | 172.31.255.7/31 | default | - | False | - | - | -### Ethernet Interfaces Device Configuration +#### Ethernet Interfaces Device Configuration ```eos ! interface Ethernet1 description P2P_LINK_TO_DC1-SPINE1_Ethernet2 no shutdown - mtu 1500 no switchport ip address 172.31.255.5/31 ! interface Ethernet2 description P2P_LINK_TO_DC1-SPINE2_Ethernet2 no shutdown - mtu 1500 no switchport ip address 172.31.255.7/31 ! @@ -450,18 +444,18 @@ interface Ethernet5 channel-group 5 mode active ``` -## Port-Channel Interfaces +### Port-Channel Interfaces -### Port-Channel Interfaces Summary +#### Port-Channel Interfaces Summary -#### L2 +##### L2 | Interface | Description | Type | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | | --------- | ----------- | ---- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | -| Port-Channel3 | MLAG_PEER_DC1-LEAF1A_Po3 | switched | trunk | 2-4094 | - | ['LEAF_PEER_L3', 'MLAG'] | - | - | - | - | +| Port-Channel3 | MLAG_PEER_DC1-LEAF1A_Po3 | switched | trunk | - | - | ['LEAF_PEER_L3', 'MLAG'] | - | - | - | - | | Port-Channel5 | DC1-L2LEAF1A_Po1 | switched | trunk | 110-112,120-121,130-131 | - | - | - | - | 5 | - | -### Port-Channel Interfaces Device Configuration +#### Port-Channel Interfaces Device Configuration ```eos ! @@ -469,7 +463,6 @@ interface Port-Channel3 description MLAG_PEER_DC1-LEAF1A_Po3 no shutdown switchport - switchport trunk allowed vlan 2-4094 switchport mode trunk switchport trunk group LEAF_PEER_L3 switchport trunk group MLAG @@ -483,11 +476,11 @@ interface Port-Channel5 mlag 5 ``` -## Loopback Interfaces +### Loopback Interfaces -### Loopback Interfaces Summary +#### Loopback Interfaces Summary -#### IPv4 +##### IPv4 | Interface | Description | VRF | IP Address | | --------- | ----------- | --- | ---------- | @@ -495,7 +488,7 @@ interface Port-Channel5 | Loopback1 | VTEP_VXLAN_Tunnel_Source | default | 192.168.254.3/32 | | Loopback100 | Tenant_A_OP_Zone_VTEP_DIAGNOSTICS | Tenant_A_OP_Zone | 10.255.1.4/32 | -#### IPv6 +##### IPv6 | Interface | Description | VRF | IPv6 Address | | --------- | ----------- | --- | ------------ | @@ -503,8 +496,7 @@ interface Port-Channel5 | Loopback1 | VTEP_VXLAN_Tunnel_Source | default | - | | Loopback100 | Tenant_A_OP_Zone_VTEP_DIAGNOSTICS | Tenant_A_OP_Zone | - | - -### Loopback Interfaces Device Configuration +#### Loopback Interfaces Device Configuration ```eos ! @@ -525,41 +517,41 @@ interface Loopback100 ip address 10.255.1.4/32 ``` -## VLAN Interfaces +### VLAN Interfaces -### VLAN Interfaces Summary +#### VLAN Interfaces Summary | Interface | Description | VRF | MTU | Shutdown | | --------- | ----------- | --- | ---- | -------- | -| Vlan110 | Tenant_A_OP_Zone_1 | Tenant_A_OP_Zone | - | false | -| Vlan111 | Tenant_A_OP_Zone_2 | Tenant_A_OP_Zone | - | false | -| Vlan112 | Tenant_A_OP_Zone_3 | Tenant_A_OP_Zone | - | false | -| Vlan120 | Tenant_A_WEB_Zone_1 | Tenant_A_WEB_Zone | - | false | -| Vlan121 | Tenant_A_WEBZone_2 | Tenant_A_WEB_Zone | - | false | -| Vlan130 | Tenant_A_APP_Zone_1 | Tenant_A_APP_Zone | - | false | -| Vlan131 | Tenant_A_APP_Zone_2 | Tenant_A_APP_Zone | - | false | -| Vlan140 | Tenant_A_DB_BZone_1 | Tenant_A_DB_Zone | - | false | -| Vlan141 | Tenant_A_DB_Zone_2 | Tenant_A_DB_Zone | - | false | -| Vlan150 | Tenant_A_WAN_Zone_1 | Tenant_A_WAN_Zone | - | false | -| Vlan210 | Tenant_B_OP_Zone_1 | Tenant_B_OP_Zone | - | false | -| Vlan211 | Tenant_B_OP_Zone_2 | Tenant_B_OP_Zone | - | false | -| Vlan250 | Tenant_B_WAN_Zone_1 | Tenant_B_WAN_Zone | - | false | -| Vlan310 | Tenant_C_OP_Zone_1 | Tenant_C_OP_Zone | - | false | -| Vlan311 | Tenant_C_OP_Zone_2 | Tenant_C_OP_Zone | - | false | -| Vlan350 | Tenant_C_WAN_Zone_1 | Tenant_C_WAN_Zone | - | false | -| Vlan3009 | MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone | Tenant_A_OP_Zone | 1500 | false | -| Vlan3010 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone | Tenant_A_WEB_Zone | 1500 | false | -| Vlan3011 | MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone | Tenant_A_APP_Zone | 1500 | false | -| Vlan3012 | MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone | Tenant_A_DB_Zone | 1500 | false | -| Vlan3013 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone | Tenant_A_WAN_Zone | 1500 | false | -| Vlan3019 | MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone | Tenant_B_OP_Zone | 1500 | false | -| Vlan3020 | MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone | Tenant_B_WAN_Zone | 1500 | false | -| Vlan3029 | MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone | Tenant_C_OP_Zone | 1500 | false | -| Vlan3030 | MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone | Tenant_C_WAN_Zone | 1500 | false | -| Vlan4093 | MLAG_PEER_L3_PEERING | default | 1500 | false | -| Vlan4094 | MLAG_PEER | default | 1500 | false | - -#### IPv4 +| Vlan110 | Tenant_A_OP_Zone_1 | Tenant_A_OP_Zone | - | False | +| Vlan111 | Tenant_A_OP_Zone_2 | Tenant_A_OP_Zone | - | False | +| Vlan112 | Tenant_A_OP_Zone_3 | Tenant_A_OP_Zone | - | False | +| Vlan120 | Tenant_A_WEB_Zone_1 | Tenant_A_WEB_Zone | - | False | +| Vlan121 | Tenant_A_WEBZone_2 | Tenant_A_WEB_Zone | - | False | +| Vlan130 | Tenant_A_APP_Zone_1 | Tenant_A_APP_Zone | - | False | +| Vlan131 | Tenant_A_APP_Zone_2 | Tenant_A_APP_Zone | - | False | +| Vlan140 | Tenant_A_DB_BZone_1 | Tenant_A_DB_Zone | - | False | +| Vlan141 | Tenant_A_DB_Zone_2 | Tenant_A_DB_Zone | - | False | +| Vlan150 | Tenant_A_WAN_Zone_1 | Tenant_A_WAN_Zone | - | False | +| Vlan210 | Tenant_B_OP_Zone_1 | Tenant_B_OP_Zone | - | False | +| Vlan211 | Tenant_B_OP_Zone_2 | Tenant_B_OP_Zone | - | False | +| Vlan250 | Tenant_B_WAN_Zone_1 | Tenant_B_WAN_Zone | - | False | +| Vlan310 | Tenant_C_OP_Zone_1 | Tenant_C_OP_Zone | - | False | +| Vlan311 | Tenant_C_OP_Zone_2 | Tenant_C_OP_Zone | - | False | +| Vlan350 | Tenant_C_WAN_Zone_1 | Tenant_C_WAN_Zone | - | False | +| Vlan3009 | MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone | Tenant_A_OP_Zone | - | False | +| Vlan3010 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone | Tenant_A_WEB_Zone | - | False | +| Vlan3011 | MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone | Tenant_A_APP_Zone | - | False | +| Vlan3012 | MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone | Tenant_A_DB_Zone | - | False | +| Vlan3013 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone | Tenant_A_WAN_Zone | - | False | +| Vlan3019 | MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone | Tenant_B_OP_Zone | - | False | +| Vlan3020 | MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone | Tenant_B_WAN_Zone | - | False | +| Vlan3029 | MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone | Tenant_C_OP_Zone | - | False | +| Vlan3030 | MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone | Tenant_C_WAN_Zone | - | False | +| Vlan4093 | MLAG_PEER_L3_PEERING | default | - | False | +| Vlan4094 | MLAG_PEER | default | - | False | + +##### IPv4 | Interface | VRF | IP Address | IP Address Virtual | IP Router Virtual Address | VRRP | ACL In | ACL Out | | --------- | --- | ---------- | ------------------ | ------------------------- | ---- | ------ | ------- | @@ -591,8 +583,7 @@ interface Loopback100 | Vlan4093 | default | 10.255.251.1/31 | - | - | - | - | - | | Vlan4094 | default | 10.255.252.1/31 | - | - | - | - | - | - -### VLAN Interfaces Device Configuration +#### VLAN Interfaces Device Configuration ```eos ! @@ -689,128 +680,117 @@ interface Vlan350 interface Vlan3009 description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone no shutdown - mtu 1500 vrf Tenant_A_OP_Zone ip address 10.255.251.1/31 ! interface Vlan3010 description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone no shutdown - mtu 1500 vrf Tenant_A_WEB_Zone ip address 10.255.251.1/31 ! interface Vlan3011 description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone no shutdown - mtu 1500 vrf Tenant_A_APP_Zone ip address 10.255.251.1/31 ! interface Vlan3012 description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone no shutdown - mtu 1500 vrf Tenant_A_DB_Zone ip address 10.255.251.1/31 ! interface Vlan3013 description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone no shutdown - mtu 1500 vrf Tenant_A_WAN_Zone ip address 10.255.251.1/31 ! interface Vlan3019 description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone no shutdown - mtu 1500 vrf Tenant_B_OP_Zone ip address 10.255.251.1/31 ! interface Vlan3020 description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone no shutdown - mtu 1500 vrf Tenant_B_WAN_Zone ip address 10.255.251.1/31 ! interface Vlan3029 description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone no shutdown - mtu 1500 vrf Tenant_C_OP_Zone ip address 10.255.251.1/31 ! interface Vlan3030 description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone no shutdown - mtu 1500 vrf Tenant_C_WAN_Zone ip address 10.255.251.1/31 ! interface Vlan4093 description MLAG_PEER_L3_PEERING no shutdown - mtu 1500 ip address 10.255.251.1/31 ! interface Vlan4094 description MLAG_PEER no shutdown - mtu 1500 no autostate ip address 10.255.252.1/31 ``` -## VXLAN Interface - -### VXLAN Interface Summary - -#### Source Interface: Loopback1 - -#### UDP port: 4789 - -#### EVPN MLAG Shared Router MAC : mlag-system-id - -#### VLAN to VNI and Flood List Mappings - -| VLAN | VNI | Flood List | -| ---- | --- | ---------- | -| 110 | 10110 | - | -| 111 | 50111 | - | -| 112 | 50112 | - | -| 120 | 10120 | - | -| 121 | 10121 | - | -| 130 | 10130 | - | -| 131 | 10131 | - | -| 140 | 10140 | - | -| 141 | 10141 | - | -| 150 | 10150 | - | -| 160 | 55160 | - | -| 161 | 10161 | - | -| 210 | 20210 | - | -| 211 | 20211 | - | -| 250 | 20250 | - | -| 310 | 30310 | - | -| 311 | 30311 | - | -| 350 | 30350 | - | - -#### VRF to VNI Mappings - -| VLAN | VNI | -| ---- | --- | -| Tenant_A_APP_Zone | 12 | -| Tenant_A_DB_Zone | 13 | -| Tenant_A_OP_Zone | 10 | -| Tenant_A_WAN_Zone | 14 | -| Tenant_A_WEB_Zone | 11 | -| Tenant_B_OP_Zone | 20 | -| Tenant_B_WAN_Zone | 21 | -| Tenant_C_OP_Zone | 30 | -| Tenant_C_WAN_Zone | 31 | - -### VXLAN Interface Device Configuration +### VXLAN Interface + +#### VXLAN Interface Summary + +| Setting | Value | +| ------- | ----- | +| Source Interface | Loopback1 | +| UDP port | 4789 | +| EVPN MLAG Shared Router MAC | mlag-system-id | + +##### VLAN to VNI, Flood List and Multicast Group Mappings + +| VLAN | VNI | Flood List | Multicast Group | +| ---- | --- | ---------- | --------------- | +| 110 | 10110 | - | - | +| 111 | 50111 | - | - | +| 112 | 50112 | - | - | +| 120 | 10120 | - | - | +| 121 | 10121 | - | - | +| 130 | 10130 | - | - | +| 131 | 10131 | - | - | +| 140 | 10140 | - | - | +| 141 | 10141 | - | - | +| 150 | 10150 | - | - | +| 160 | 55160 | - | - | +| 161 | 10161 | - | - | +| 210 | 20210 | - | - | +| 211 | 20211 | - | - | +| 250 | 20250 | - | - | +| 310 | 30310 | - | - | +| 311 | 30311 | - | - | +| 350 | 30350 | - | - | + +##### VRF to VNI and Multicast Group Mappings + +| VRF | VNI | Multicast Group | +| ---- | --- | --------------- | +| Tenant_A_APP_Zone | 12 | - | +| Tenant_A_DB_Zone | 13 | - | +| Tenant_A_OP_Zone | 10 | - | +| Tenant_A_WAN_Zone | 14 | - | +| Tenant_A_WEB_Zone | 11 | - | +| Tenant_B_OP_Zone | 20 | - | +| Tenant_B_WAN_Zone | 21 | - | +| Tenant_C_OP_Zone | 30 | - | +| Tenant_C_WAN_Zone | 31 | - | + +#### VXLAN Interface Device Configuration ```eos ! @@ -848,8 +828,9 @@ interface Vxlan1 vxlan vrf Tenant_C_WAN_Zone vni 31 ``` -# Routing -## Service Routing Protocols Model +## Routing + +### Service Routing Protocols Model Multi agent routing protocol model enabled @@ -858,37 +839,38 @@ Multi agent routing protocol model enabled service routing protocols model multi-agent ``` -## Virtual Router MAC Address +### Virtual Router MAC Address -### Virtual Router MAC Address Summary +#### Virtual Router MAC Address Summary -#### Virtual Router MAC Address: 00:1c:73:00:dc:01 +Virtual Router MAC Address: 00:1c:73:00:dc:01 -### Virtual Router MAC Address Configuration +#### Virtual Router MAC Address Device Configuration ```eos ! ip virtual-router mac-address 00:1c:73:00:dc:01 ``` -## IP Routing +### IP Routing -### IP Routing Summary +#### IP Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | true|| MGMT | false | -| Tenant_A_APP_Zone | true | -| Tenant_A_DB_Zone | true | -| Tenant_A_OP_Zone | true | -| Tenant_A_WAN_Zone | true | -| Tenant_A_WEB_Zone | true | -| Tenant_B_OP_Zone | true | -| Tenant_B_WAN_Zone | true | -| Tenant_C_OP_Zone | true | -| Tenant_C_WAN_Zone | true | - -### IP Routing Device Configuration +| default | True | +| MGMT | False | +| Tenant_A_APP_Zone | True | +| Tenant_A_DB_Zone | True | +| Tenant_A_OP_Zone | True | +| Tenant_A_WAN_Zone | True | +| Tenant_A_WEB_Zone | True | +| Tenant_B_OP_Zone | True | +| Tenant_B_WAN_Zone | True | +| Tenant_C_OP_Zone | True | +| Tenant_C_WAN_Zone | True | + +#### IP Routing Device Configuration ```eos ! @@ -904,13 +886,15 @@ ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_OP_Zone ip routing vrf Tenant_C_WAN_Zone ``` -## IPv6 Routing -### IPv6 Routing Summary +### IPv6 Routing + +#### IPv6 Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | false || MGMT | false | +| default | False | +| MGMT | false | | Tenant_A_APP_Zone | false | | Tenant_A_DB_Zone | false | | Tenant_A_OP_Zone | false | @@ -921,52 +905,53 @@ ip routing vrf Tenant_C_WAN_Zone | Tenant_C_OP_Zone | false | | Tenant_C_WAN_Zone | false | +### Static Routes -## Static Routes - -### Static Routes Summary +#### Static Routes Summary -| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | -| --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | -| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | +| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | +| --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | +| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | -### Static Routes Device Configuration +#### Static Routes Device Configuration ```eos ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 ``` -## Router BGP +### Router BGP -### Router BGP Summary +ASN Notation: asplain + +#### Router BGP Summary | BGP AS | Router ID | | ------ | --------- | -| 65101| 192.168.255.4 | +| 65101 | 192.168.255.4 | | BGP Tuning | | ---------- | -| no bgp default ipv4-unicast | -| distance bgp 20 200 200 | | graceful-restart restart-time 300 | | graceful-restart | +| no bgp default ipv4-unicast | +| distance bgp 20 200 200 | | maximum-paths 4 ecmp 4 | -### Router BGP Peer Groups +#### Router BGP Peer Groups -#### EVPN-OVERLAY-PEERS +##### EVPN-OVERLAY-PEERS | Settings | Value | | -------- | ----- | | Address Family | evpn | | Source | Loopback0 | -| Bfd | true | +| BFD | True | | Ebgp multihop | 3 | | Send community | all | | Maximum routes | 0 (no limit) | -#### IPv4-UNDERLAY-PEERS +##### IPv4-UNDERLAY-PEERS | Settings | Value | | -------- | ----- | @@ -974,7 +959,7 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -#### MLAG-IPv4-UNDERLAY-PEER +##### MLAG-IPv4-UNDERLAY-PEER | Settings | Value | | -------- | ----- | @@ -984,30 +969,34 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -### BGP Neighbors +#### BGP Neighbors -| Neighbor | Remote AS | VRF | -| -------- | --------- | --- | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | default | -| 172.31.255.4 | 65001 | default | -| 172.31.255.6 | 65001 | default | -| 192.168.255.1 | 65001 | default | -| 192.168.255.2 | 65001 | default | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_APP_Zone | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_DB_Zone | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_OP_Zone | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WAN_Zone | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WEB_Zone | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_OP_Zone | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_WAN_Zone | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_OP_Zone | -| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_WAN_Zone | +| Neighbor | Remote AS | VRF | Shutdown | Send-community | Maximum-routes | Allowas-in | BFD | RIB Pre-Policy Retain | Route-Reflector Client | Passive | TTL Max Hops | +| -------- | --------- | --- | -------- | -------------- | -------------- | ---------- | --- | --------------------- | ---------------------- | ------- | ------------ | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | default | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 172.31.255.4 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | +| 172.31.255.6 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | +| 192.168.255.1 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | +| 192.168.255.2 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_APP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_DB_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WEB_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | -### Router BGP EVPN Address Family +#### Router BGP EVPN Address Family -#### Router BGP EVPN MAC-VRFs +##### EVPN Peer Groups -##### VLAN aware bundles +| Peer Group | Activate | Encapsulation | +| ---------- | -------- | ------------- | +| EVPN-OVERLAY-PEERS | True | default | + +#### Router BGP VLAN Aware Bundles | VLAN Aware Bundle | Route-Distinguisher | Both Route-Target | Import Route Target | Export Route-Target | Redistribute | VLANs | | ----------------- | ------------------- | ----------------- | ------------------- | ------------------- | ------------ | ----- | @@ -1023,7 +1012,7 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Tenant_C_OP_Zone | 192.168.255.4:30 | 30:30 | - | - | learned | 310-311 | | Tenant_C_WAN_Zone | 192.168.255.4:31 | 31:31 | - | - | learned | 350 | -#### Router BGP EVPN VRFs +#### Router BGP VRFs | VRF | Route-Distinguisher | Redistribute | | --- | ------------------- | ------------ | @@ -1037,32 +1026,33 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Tenant_C_OP_Zone | 192.168.255.4:30 | connected | | Tenant_C_WAN_Zone | 192.168.255.4:31 | connected | -### Router BGP Device Configuration +#### Router BGP Device Configuration ```eos ! router bgp 65101 router-id 192.168.255.4 - no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart maximum-paths 4 ecmp 4 + no bgp default ipv4-unicast neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 - neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== + neighbor EVPN-OVERLAY-PEERS password 7 neighbor EVPN-OVERLAY-PEERS send-community neighbor EVPN-OVERLAY-PEERS maximum-routes 0 neighbor IPv4-UNDERLAY-PEERS peer group - neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== + neighbor IPv4-UNDERLAY-PEERS password 7 neighbor IPv4-UNDERLAY-PEERS send-community neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 neighbor MLAG-IPv4-UNDERLAY-PEER peer group neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101 neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self - neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== + neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF1A + neighbor MLAG-IPv4-UNDERLAY-PEER password 7 neighbor MLAG-IPv4-UNDERLAY-PEER send-community neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in @@ -1229,17 +1219,17 @@ router bgp 65101 redistribute connected ``` -# BFD +## BFD -## Router BFD +### Router BFD -### Router BFD Multihop Summary +#### Router BFD Multihop Summary | Interval | Minimum RX | Multiplier | | -------- | ---------- | ---------- | | 1200 | 1200 | 3 | -### Router BFD Multihop Device Configuration +#### Router BFD Device Configuration ```eos ! @@ -1247,34 +1237,35 @@ router bfd multihop interval 1200 min-rx 1200 multiplier 3 ``` -# Multicast - -## IP IGMP Snooping +## Multicast -### IP IGMP Snooping Summary +### IP IGMP Snooping -IGMP snooping is globally enabled. +#### IP IGMP Snooping Summary +| IGMP Snooping | Fast Leave | Interface Restart Query | Proxy | Restart Query Interval | Robustness Variable | +| ------------- | ---------- | ----------------------- | ----- | ---------------------- | ------------------- | +| Enabled | - | - | - | - | - | -### IP IGMP Snooping Device Configuration +#### IP IGMP Snooping Device Configuration ```eos ``` -# Filters +## Filters -## Prefix-lists +### Prefix-lists -### Prefix-lists Summary +#### Prefix-lists Summary -#### PL-LOOPBACKS-EVPN-OVERLAY +##### PL-LOOPBACKS-EVPN-OVERLAY | Sequence | Action | | -------- | ------ | | 10 | permit 192.168.255.0/24 eq 32 | | 20 | permit 192.168.254.0/24 eq 32 | -### Prefix-lists Device Configuration +#### Prefix-lists Device Configuration ```eos ! @@ -1283,23 +1274,23 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 20 permit 192.168.254.0/24 eq 32 ``` -## Route-maps +### Route-maps -### Route-maps Summary +#### Route-maps Summary -#### RM-CONN-2-BGP +##### RM-CONN-2-BGP -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - | -#### RM-MLAG-PEER-IN +##### RM-MLAG-PEER-IN -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | set origin incomplete | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | - | origin incomplete | - | - | -### Route-maps Device Configuration +#### Route-maps Device Configuration ```eos ! @@ -1311,11 +1302,9 @@ route-map RM-MLAG-PEER-IN permit 10 set origin incomplete ``` -# ACL +## VRF Instances -# VRF Instances - -## VRF Instances Summary +### VRF Instances Summary | VRF Name | IP Routing | | -------- | ---------- | @@ -1330,7 +1319,7 @@ route-map RM-MLAG-PEER-IN permit 10 | Tenant_C_OP_Zone | enabled | | Tenant_C_WAN_Zone | enabled | -## VRF Instances Device Configuration +### VRF Instances Device Configuration ```eos ! @@ -1355,19 +1344,17 @@ vrf instance Tenant_C_OP_Zone vrf instance Tenant_C_WAN_Zone ``` -# Virtual Source NAT +## Virtual Source NAT -## Virtual Source NAT Summary +### Virtual Source NAT Summary | Source NAT VRF | Source NAT IP Address | | -------------- | --------------------- | | Tenant_A_OP_Zone | 10.255.1.4 | -## Virtual Source NAT Configuration +### Virtual Source NAT Configuration ```eos ! ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.4 ``` - -# Quality Of Service diff --git a/inventory/documentation/devices/DC1-LEAF2A.md b/inventory/documentation/devices/DC1-LEAF2A.md index 725952831..dbb64c03f 100644 --- a/inventory/documentation/devices/DC1-LEAF2A.md +++ b/inventory/documentation/devices/DC1-LEAF2A.md @@ -1,10 +1,10 @@ # DC1-LEAF2A -# Table of Contents - + +## Table of Contents - [Management](#management) - [Management Interfaces](#management-interfaces) - - [Name Servers](#name-servers) + - [IP Name Servers](#ip-name-servers) - [NTP](#ntp) - [Management API HTTP](#management-api-http) - [Authentication](#authentication) @@ -19,7 +19,7 @@ - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) - - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) + - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) - [VLANs](#vlans) - [VLANs Summary](#vlans-summary) - [VLANs Device Configuration](#vlans-device-configuration) @@ -43,35 +43,32 @@ - [Filters](#filters) - [Prefix-lists](#prefix-lists) - [Route-maps](#route-maps) -- [ACL](#acl) - [VRF Instances](#vrf-instances) - [VRF Instances Summary](#vrf-instances-summary) - [VRF Instances Device Configuration](#vrf-instances-device-configuration) - [Virtual Source NAT](#virtual-source-nat) - [Virtual Source NAT Summary](#virtual-source-nat-summary) - [Virtual Source NAT Configuration](#virtual-source-nat-configuration) -- [Quality Of Service](#quality-of-service) - -# Management +## Management -## Management Interfaces +### Management Interfaces -### Management Interfaces Summary +#### Management Interfaces Summary -#### IPv4 +##### IPv4 -| Management Interface | description | Type | VRF | IP Address | Gateway | +| Management Interface | Description | Type | VRF | IP Address | Gateway | | -------------------- | ----------- | ---- | --- | ---------- | ------- | | Management1 | oob_management | oob | MGMT | 10.255.0.15/24 | 10.255.0.1 | -#### IPv6 +##### IPv6 -| Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | +| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | oob_management | oob | MGMT | - | - | +| Management1 | oob_management | oob | MGMT | - | - | -### Management Interfaces Device Configuration +#### Management Interfaces Device Configuration ```eos ! @@ -82,40 +79,40 @@ interface Management1 ip address 10.255.0.15/24 ``` -## Name Servers +### IP Name Servers -### Name Servers Summary +#### IP Name Servers Summary -| Name Server | Source VRF | -| ----------- | ---------- | -| 192.168.2.1 | MGMT | -| 8.8.8.8 | MGMT | +| Name Server | VRF | Priority | +| ----------- | --- | -------- | +| 192.168.2.1 | MGMT | - | +| 8.8.8.8 | MGMT | - | -### Name Servers Device Configuration +#### IP Name Servers Device Configuration ```eos ip name-server vrf MGMT 8.8.8.8 ip name-server vrf MGMT 192.168.2.1 ``` -## NTP +### NTP -### NTP Summary +#### NTP Summary -#### NTP Local Interface +##### NTP Local Interface | Interface | VRF | | --------- | --- | | Management1 | MGMT | -#### NTP Servers +##### NTP Servers | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | -### NTP Device Configuration +#### NTP Device Configuration ```eos ! @@ -124,22 +121,21 @@ ntp server vrf MGMT 0.fr.pool.ntp.org prefer ntp server vrf MGMT 1.fr.pool.ntp.org ``` -## Management API HTTP +### Management API HTTP -### Management API HTTP Summary +#### Management API HTTP Summary -| HTTP | HTTPS | -| ---------- | ---------- | -| default | true | +| HTTP | HTTPS | Default Services | +| ---- | ----- | ---------------- | +| False | True | - | -### Management API VRF Access +#### Management API VRF Access | VRF Name | IPv4 ACL | IPv6 ACL | | -------- | -------- | -------- | | MGMT | - | - | - -### Management API HTTP Configuration +#### Management API HTTP Device Configuration ```eos ! @@ -151,49 +147,49 @@ management api http-commands no shutdown ``` -# Authentication +## Authentication -## Local Users +### Local Users -### Local Users Summary +#### Local Users Summary -| User | Privilege | Role | -| ---- | --------- | ---- | -| admin | 15 | network-admin | -| ansible | 15 | network-admin | -| cvpadmin | 15 | network-admin | +| User | Privilege | Role | Disabled | Shell | +| ---- | --------- | ---- | -------- | ----- | +| admin | 15 | network-admin | False | - | +| ansible | 15 | network-admin | False | - | +| cvpadmin | 15 | network-admin | False | - | -### Local Users Device Configuration +#### Local Users Device Configuration ```eos ! -username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 -username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +username admin privilege 15 role network-admin secret sha512 +username ansible privilege 15 role network-admin secret sha512 +username cvpadmin privilege 15 role network-admin secret sha512 ``` -# Monitoring +## Monitoring -## TerminAttr Daemon +### TerminAttr Daemon -### TerminAttr Daemon Summary +#### TerminAttr Daemon Summary | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | -| gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | +| gzip | 10.255.0.1:9910 | MGMT | token,/tmp/token | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | -### TerminAttr Daemon Device Configuration +#### TerminAttr Daemon Device Configuration ```eos ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ``` -# MLAG +## MLAG -## MLAG Summary +### MLAG Summary | Domain-id | Local-interface | Peer-address | Peer-link | | --------- | --------------- | ------------ | --------- | @@ -201,7 +197,7 @@ daemon TerminAttr Dual primary detection is disabled. -## MLAG Device Configuration +### MLAG Device Configuration ```eos ! @@ -214,23 +210,23 @@ mlag configuration reload-delay non-mlag 330 ``` -# Spanning Tree +## Spanning Tree -## Spanning Tree Summary +### Spanning Tree Summary STP mode: **mstp** -### MSTP Instance and Priority +#### MSTP Instance and Priority | Instance(s) | Priority | | -------- | -------- | | 0 | 16384 | -### Global Spanning-Tree Settings +#### Global Spanning-Tree Settings -Spanning Tree disabled for VLANs: **4093-4094** +- Spanning Tree disabled for VLANs: **4093-4094** -## Spanning Tree Device Configuration +### Spanning Tree Device Configuration ```eos ! @@ -239,24 +235,24 @@ no spanning-tree vlan-id 4093-4094 spanning-tree mst 0 priority 16384 ``` -# Internal VLAN Allocation Policy +## Internal VLAN Allocation Policy -## Internal VLAN Allocation Policy Summary +### Internal VLAN Allocation Policy Summary | Policy Allocation | Range Beginning | Range Ending | | ------------------| --------------- | ------------ | | ascending | 1006 | 1199 | -## Internal VLAN Allocation Policy Configuration +### Internal VLAN Allocation Policy Device Configuration ```eos ! vlan internal order ascending range 1006 1199 ``` -# VLANs +## VLANs -## VLANs Summary +### VLANs Summary | VLAN ID | Name | Trunk Groups | | ------- | ---- | ------------ | @@ -290,7 +286,7 @@ vlan internal order ascending range 1006 1199 | 4093 | LEAF_PEER_L3 | LEAF_PEER_L3 | | 4094 | MLAG_PEER | MLAG | -## VLANs Device Configuration +### VLANs Device Configuration ```eos ! @@ -393,44 +389,42 @@ vlan 4094 trunk group MLAG ``` -# Interfaces +## Interfaces -## Ethernet Interfaces +### Ethernet Interfaces -### Ethernet Interfaces Summary +#### Ethernet Interfaces Summary -#### L2 +##### L2 | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | -| Ethernet3 | MLAG_PEER_DC1-LEAF2B_Ethernet3 | *trunk | *2-4094 | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | -| Ethernet4 | MLAG_PEER_DC1-LEAF2B_Ethernet4 | *trunk | *2-4094 | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | +| Ethernet3 | MLAG_PEER_DC1-LEAF2B_Ethernet3 | *trunk | *- | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | +| Ethernet4 | MLAG_PEER_DC1-LEAF2B_Ethernet4 | *trunk | *- | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | | Ethernet5 | DC1-L2LEAF2A_Ethernet1 | *trunk | *110-112,120-121,130-131 | *- | *- | 5 | *Inherited from Port-Channel Interface -#### IPv4 +##### IPv4 | Interface | Description | Type | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | | --------- | ----------- | -----| ------------- | ---------- | ----| ---- | -------- | ------ | ------- | -| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet3 | routed | - | 172.31.255.9/31 | default | 1500 | false | - | - | -| Ethernet2 | P2P_LINK_TO_DC1-SPINE2_Ethernet3 | routed | - | 172.31.255.11/31 | default | 1500 | false | - | - | +| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet3 | routed | - | 172.31.255.9/31 | default | - | False | - | - | +| Ethernet2 | P2P_LINK_TO_DC1-SPINE2_Ethernet3 | routed | - | 172.31.255.11/31 | default | - | False | - | - | -### Ethernet Interfaces Device Configuration +#### Ethernet Interfaces Device Configuration ```eos ! interface Ethernet1 description P2P_LINK_TO_DC1-SPINE1_Ethernet3 no shutdown - mtu 1500 no switchport ip address 172.31.255.9/31 ! interface Ethernet2 description P2P_LINK_TO_DC1-SPINE2_Ethernet3 no shutdown - mtu 1500 no switchport ip address 172.31.255.11/31 ! @@ -450,18 +444,18 @@ interface Ethernet5 channel-group 5 mode active ``` -## Port-Channel Interfaces +### Port-Channel Interfaces -### Port-Channel Interfaces Summary +#### Port-Channel Interfaces Summary -#### L2 +##### L2 | Interface | Description | Type | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | | --------- | ----------- | ---- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | -| Port-Channel3 | MLAG_PEER_DC1-LEAF2B_Po3 | switched | trunk | 2-4094 | - | ['LEAF_PEER_L3', 'MLAG'] | - | - | - | - | +| Port-Channel3 | MLAG_PEER_DC1-LEAF2B_Po3 | switched | trunk | - | - | ['LEAF_PEER_L3', 'MLAG'] | - | - | - | - | | Port-Channel5 | DC1-L2LEAF2A_Po1 | switched | trunk | 110-112,120-121,130-131 | - | - | - | - | 5 | - | -### Port-Channel Interfaces Device Configuration +#### Port-Channel Interfaces Device Configuration ```eos ! @@ -469,7 +463,6 @@ interface Port-Channel3 description MLAG_PEER_DC1-LEAF2B_Po3 no shutdown switchport - switchport trunk allowed vlan 2-4094 switchport mode trunk switchport trunk group LEAF_PEER_L3 switchport trunk group MLAG @@ -483,11 +476,11 @@ interface Port-Channel5 mlag 5 ``` -## Loopback Interfaces +### Loopback Interfaces -### Loopback Interfaces Summary +#### Loopback Interfaces Summary -#### IPv4 +##### IPv4 | Interface | Description | VRF | IP Address | | --------- | ----------- | --- | ---------- | @@ -495,7 +488,7 @@ interface Port-Channel5 | Loopback1 | VTEP_VXLAN_Tunnel_Source | default | 192.168.254.5/32 | | Loopback100 | Tenant_A_OP_Zone_VTEP_DIAGNOSTICS | Tenant_A_OP_Zone | 10.255.1.5/32 | -#### IPv6 +##### IPv6 | Interface | Description | VRF | IPv6 Address | | --------- | ----------- | --- | ------------ | @@ -503,8 +496,7 @@ interface Port-Channel5 | Loopback1 | VTEP_VXLAN_Tunnel_Source | default | - | | Loopback100 | Tenant_A_OP_Zone_VTEP_DIAGNOSTICS | Tenant_A_OP_Zone | - | - -### Loopback Interfaces Device Configuration +#### Loopback Interfaces Device Configuration ```eos ! @@ -525,41 +517,41 @@ interface Loopback100 ip address 10.255.1.5/32 ``` -## VLAN Interfaces +### VLAN Interfaces -### VLAN Interfaces Summary +#### VLAN Interfaces Summary | Interface | Description | VRF | MTU | Shutdown | | --------- | ----------- | --- | ---- | -------- | -| Vlan110 | Tenant_A_OP_Zone_1 | Tenant_A_OP_Zone | - | false | -| Vlan111 | Tenant_A_OP_Zone_2 | Tenant_A_OP_Zone | - | false | -| Vlan112 | Tenant_A_OP_Zone_3 | Tenant_A_OP_Zone | - | false | -| Vlan120 | Tenant_A_WEB_Zone_1 | Tenant_A_WEB_Zone | - | false | -| Vlan121 | Tenant_A_WEBZone_2 | Tenant_A_WEB_Zone | - | false | -| Vlan130 | Tenant_A_APP_Zone_1 | Tenant_A_APP_Zone | - | false | -| Vlan131 | Tenant_A_APP_Zone_2 | Tenant_A_APP_Zone | - | false | -| Vlan140 | Tenant_A_DB_BZone_1 | Tenant_A_DB_Zone | - | false | -| Vlan141 | Tenant_A_DB_Zone_2 | Tenant_A_DB_Zone | - | false | -| Vlan150 | Tenant_A_WAN_Zone_1 | Tenant_A_WAN_Zone | - | false | -| Vlan210 | Tenant_B_OP_Zone_1 | Tenant_B_OP_Zone | - | false | -| Vlan211 | Tenant_B_OP_Zone_2 | Tenant_B_OP_Zone | - | false | -| Vlan250 | Tenant_B_WAN_Zone_1 | Tenant_B_WAN_Zone | - | false | -| Vlan310 | Tenant_C_OP_Zone_1 | Tenant_C_OP_Zone | - | false | -| Vlan311 | Tenant_C_OP_Zone_2 | Tenant_C_OP_Zone | - | false | -| Vlan350 | Tenant_C_WAN_Zone_1 | Tenant_C_WAN_Zone | - | false | -| Vlan3009 | MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone | Tenant_A_OP_Zone | 1500 | false | -| Vlan3010 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone | Tenant_A_WEB_Zone | 1500 | false | -| Vlan3011 | MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone | Tenant_A_APP_Zone | 1500 | false | -| Vlan3012 | MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone | Tenant_A_DB_Zone | 1500 | false | -| Vlan3013 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone | Tenant_A_WAN_Zone | 1500 | false | -| Vlan3019 | MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone | Tenant_B_OP_Zone | 1500 | false | -| Vlan3020 | MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone | Tenant_B_WAN_Zone | 1500 | false | -| Vlan3029 | MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone | Tenant_C_OP_Zone | 1500 | false | -| Vlan3030 | MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone | Tenant_C_WAN_Zone | 1500 | false | -| Vlan4093 | MLAG_PEER_L3_PEERING | default | 1500 | false | -| Vlan4094 | MLAG_PEER | default | 1500 | false | - -#### IPv4 +| Vlan110 | Tenant_A_OP_Zone_1 | Tenant_A_OP_Zone | - | False | +| Vlan111 | Tenant_A_OP_Zone_2 | Tenant_A_OP_Zone | - | False | +| Vlan112 | Tenant_A_OP_Zone_3 | Tenant_A_OP_Zone | - | False | +| Vlan120 | Tenant_A_WEB_Zone_1 | Tenant_A_WEB_Zone | - | False | +| Vlan121 | Tenant_A_WEBZone_2 | Tenant_A_WEB_Zone | - | False | +| Vlan130 | Tenant_A_APP_Zone_1 | Tenant_A_APP_Zone | - | False | +| Vlan131 | Tenant_A_APP_Zone_2 | Tenant_A_APP_Zone | - | False | +| Vlan140 | Tenant_A_DB_BZone_1 | Tenant_A_DB_Zone | - | False | +| Vlan141 | Tenant_A_DB_Zone_2 | Tenant_A_DB_Zone | - | False | +| Vlan150 | Tenant_A_WAN_Zone_1 | Tenant_A_WAN_Zone | - | False | +| Vlan210 | Tenant_B_OP_Zone_1 | Tenant_B_OP_Zone | - | False | +| Vlan211 | Tenant_B_OP_Zone_2 | Tenant_B_OP_Zone | - | False | +| Vlan250 | Tenant_B_WAN_Zone_1 | Tenant_B_WAN_Zone | - | False | +| Vlan310 | Tenant_C_OP_Zone_1 | Tenant_C_OP_Zone | - | False | +| Vlan311 | Tenant_C_OP_Zone_2 | Tenant_C_OP_Zone | - | False | +| Vlan350 | Tenant_C_WAN_Zone_1 | Tenant_C_WAN_Zone | - | False | +| Vlan3009 | MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone | Tenant_A_OP_Zone | - | False | +| Vlan3010 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone | Tenant_A_WEB_Zone | - | False | +| Vlan3011 | MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone | Tenant_A_APP_Zone | - | False | +| Vlan3012 | MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone | Tenant_A_DB_Zone | - | False | +| Vlan3013 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone | Tenant_A_WAN_Zone | - | False | +| Vlan3019 | MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone | Tenant_B_OP_Zone | - | False | +| Vlan3020 | MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone | Tenant_B_WAN_Zone | - | False | +| Vlan3029 | MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone | Tenant_C_OP_Zone | - | False | +| Vlan3030 | MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone | Tenant_C_WAN_Zone | - | False | +| Vlan4093 | MLAG_PEER_L3_PEERING | default | - | False | +| Vlan4094 | MLAG_PEER | default | - | False | + +##### IPv4 | Interface | VRF | IP Address | IP Address Virtual | IP Router Virtual Address | VRRP | ACL In | ACL Out | | --------- | --- | ---------- | ------------------ | ------------------------- | ---- | ------ | ------- | @@ -591,8 +583,7 @@ interface Loopback100 | Vlan4093 | default | 10.255.251.4/31 | - | - | - | - | - | | Vlan4094 | default | 10.255.252.4/31 | - | - | - | - | - | - -### VLAN Interfaces Device Configuration +#### VLAN Interfaces Device Configuration ```eos ! @@ -689,128 +680,117 @@ interface Vlan350 interface Vlan3009 description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone no shutdown - mtu 1500 vrf Tenant_A_OP_Zone ip address 10.255.251.4/31 ! interface Vlan3010 description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone no shutdown - mtu 1500 vrf Tenant_A_WEB_Zone ip address 10.255.251.4/31 ! interface Vlan3011 description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone no shutdown - mtu 1500 vrf Tenant_A_APP_Zone ip address 10.255.251.4/31 ! interface Vlan3012 description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone no shutdown - mtu 1500 vrf Tenant_A_DB_Zone ip address 10.255.251.4/31 ! interface Vlan3013 description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone no shutdown - mtu 1500 vrf Tenant_A_WAN_Zone ip address 10.255.251.4/31 ! interface Vlan3019 description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone no shutdown - mtu 1500 vrf Tenant_B_OP_Zone ip address 10.255.251.4/31 ! interface Vlan3020 description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone no shutdown - mtu 1500 vrf Tenant_B_WAN_Zone ip address 10.255.251.4/31 ! interface Vlan3029 description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone no shutdown - mtu 1500 vrf Tenant_C_OP_Zone ip address 10.255.251.4/31 ! interface Vlan3030 description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone no shutdown - mtu 1500 vrf Tenant_C_WAN_Zone ip address 10.255.251.4/31 ! interface Vlan4093 description MLAG_PEER_L3_PEERING no shutdown - mtu 1500 ip address 10.255.251.4/31 ! interface Vlan4094 description MLAG_PEER no shutdown - mtu 1500 no autostate ip address 10.255.252.4/31 ``` -## VXLAN Interface - -### VXLAN Interface Summary - -#### Source Interface: Loopback1 - -#### UDP port: 4789 - -#### EVPN MLAG Shared Router MAC : mlag-system-id - -#### VLAN to VNI and Flood List Mappings - -| VLAN | VNI | Flood List | -| ---- | --- | ---------- | -| 110 | 10110 | - | -| 111 | 50111 | - | -| 112 | 50112 | - | -| 120 | 10120 | - | -| 121 | 10121 | - | -| 130 | 10130 | - | -| 131 | 10131 | - | -| 140 | 10140 | - | -| 141 | 10141 | - | -| 150 | 10150 | - | -| 160 | 55160 | - | -| 161 | 10161 | - | -| 210 | 20210 | - | -| 211 | 20211 | - | -| 250 | 20250 | - | -| 310 | 30310 | - | -| 311 | 30311 | - | -| 350 | 30350 | - | - -#### VRF to VNI Mappings - -| VLAN | VNI | -| ---- | --- | -| Tenant_A_APP_Zone | 12 | -| Tenant_A_DB_Zone | 13 | -| Tenant_A_OP_Zone | 10 | -| Tenant_A_WAN_Zone | 14 | -| Tenant_A_WEB_Zone | 11 | -| Tenant_B_OP_Zone | 20 | -| Tenant_B_WAN_Zone | 21 | -| Tenant_C_OP_Zone | 30 | -| Tenant_C_WAN_Zone | 31 | - -### VXLAN Interface Device Configuration +### VXLAN Interface + +#### VXLAN Interface Summary + +| Setting | Value | +| ------- | ----- | +| Source Interface | Loopback1 | +| UDP port | 4789 | +| EVPN MLAG Shared Router MAC | mlag-system-id | + +##### VLAN to VNI, Flood List and Multicast Group Mappings + +| VLAN | VNI | Flood List | Multicast Group | +| ---- | --- | ---------- | --------------- | +| 110 | 10110 | - | - | +| 111 | 50111 | - | - | +| 112 | 50112 | - | - | +| 120 | 10120 | - | - | +| 121 | 10121 | - | - | +| 130 | 10130 | - | - | +| 131 | 10131 | - | - | +| 140 | 10140 | - | - | +| 141 | 10141 | - | - | +| 150 | 10150 | - | - | +| 160 | 55160 | - | - | +| 161 | 10161 | - | - | +| 210 | 20210 | - | - | +| 211 | 20211 | - | - | +| 250 | 20250 | - | - | +| 310 | 30310 | - | - | +| 311 | 30311 | - | - | +| 350 | 30350 | - | - | + +##### VRF to VNI and Multicast Group Mappings + +| VRF | VNI | Multicast Group | +| ---- | --- | --------------- | +| Tenant_A_APP_Zone | 12 | - | +| Tenant_A_DB_Zone | 13 | - | +| Tenant_A_OP_Zone | 10 | - | +| Tenant_A_WAN_Zone | 14 | - | +| Tenant_A_WEB_Zone | 11 | - | +| Tenant_B_OP_Zone | 20 | - | +| Tenant_B_WAN_Zone | 21 | - | +| Tenant_C_OP_Zone | 30 | - | +| Tenant_C_WAN_Zone | 31 | - | + +#### VXLAN Interface Device Configuration ```eos ! @@ -848,8 +828,9 @@ interface Vxlan1 vxlan vrf Tenant_C_WAN_Zone vni 31 ``` -# Routing -## Service Routing Protocols Model +## Routing + +### Service Routing Protocols Model Multi agent routing protocol model enabled @@ -858,37 +839,38 @@ Multi agent routing protocol model enabled service routing protocols model multi-agent ``` -## Virtual Router MAC Address +### Virtual Router MAC Address -### Virtual Router MAC Address Summary +#### Virtual Router MAC Address Summary -#### Virtual Router MAC Address: 00:1c:73:00:dc:01 +Virtual Router MAC Address: 00:1c:73:00:dc:01 -### Virtual Router MAC Address Configuration +#### Virtual Router MAC Address Device Configuration ```eos ! ip virtual-router mac-address 00:1c:73:00:dc:01 ``` -## IP Routing +### IP Routing -### IP Routing Summary +#### IP Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | true|| MGMT | false | -| Tenant_A_APP_Zone | true | -| Tenant_A_DB_Zone | true | -| Tenant_A_OP_Zone | true | -| Tenant_A_WAN_Zone | true | -| Tenant_A_WEB_Zone | true | -| Tenant_B_OP_Zone | true | -| Tenant_B_WAN_Zone | true | -| Tenant_C_OP_Zone | true | -| Tenant_C_WAN_Zone | true | - -### IP Routing Device Configuration +| default | True | +| MGMT | False | +| Tenant_A_APP_Zone | True | +| Tenant_A_DB_Zone | True | +| Tenant_A_OP_Zone | True | +| Tenant_A_WAN_Zone | True | +| Tenant_A_WEB_Zone | True | +| Tenant_B_OP_Zone | True | +| Tenant_B_WAN_Zone | True | +| Tenant_C_OP_Zone | True | +| Tenant_C_WAN_Zone | True | + +#### IP Routing Device Configuration ```eos ! @@ -904,13 +886,15 @@ ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_OP_Zone ip routing vrf Tenant_C_WAN_Zone ``` -## IPv6 Routing -### IPv6 Routing Summary +### IPv6 Routing + +#### IPv6 Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | false || MGMT | false | +| default | False | +| MGMT | false | | Tenant_A_APP_Zone | false | | Tenant_A_DB_Zone | false | | Tenant_A_OP_Zone | false | @@ -921,52 +905,53 @@ ip routing vrf Tenant_C_WAN_Zone | Tenant_C_OP_Zone | false | | Tenant_C_WAN_Zone | false | +### Static Routes -## Static Routes - -### Static Routes Summary +#### Static Routes Summary -| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | -| --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | -| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | +| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | +| --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | +| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | -### Static Routes Device Configuration +#### Static Routes Device Configuration ```eos ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 ``` -## Router BGP +### Router BGP -### Router BGP Summary +ASN Notation: asplain + +#### Router BGP Summary | BGP AS | Router ID | | ------ | --------- | -| 65102| 192.168.255.5 | +| 65102 | 192.168.255.5 | | BGP Tuning | | ---------- | -| no bgp default ipv4-unicast | -| distance bgp 20 200 200 | | graceful-restart restart-time 300 | | graceful-restart | +| no bgp default ipv4-unicast | +| distance bgp 20 200 200 | | maximum-paths 4 ecmp 4 | -### Router BGP Peer Groups +#### Router BGP Peer Groups -#### EVPN-OVERLAY-PEERS +##### EVPN-OVERLAY-PEERS | Settings | Value | | -------- | ----- | | Address Family | evpn | | Source | Loopback0 | -| Bfd | true | +| BFD | True | | Ebgp multihop | 3 | | Send community | all | | Maximum routes | 0 (no limit) | -#### IPv4-UNDERLAY-PEERS +##### IPv4-UNDERLAY-PEERS | Settings | Value | | -------- | ----- | @@ -974,7 +959,7 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -#### MLAG-IPv4-UNDERLAY-PEER +##### MLAG-IPv4-UNDERLAY-PEER | Settings | Value | | -------- | ----- | @@ -984,30 +969,34 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -### BGP Neighbors +#### BGP Neighbors -| Neighbor | Remote AS | VRF | -| -------- | --------- | --- | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | default | -| 172.31.255.8 | 65001 | default | -| 172.31.255.10 | 65001 | default | -| 192.168.255.1 | 65001 | default | -| 192.168.255.2 | 65001 | default | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_APP_Zone | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_DB_Zone | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_OP_Zone | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WAN_Zone | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WEB_Zone | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_OP_Zone | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_WAN_Zone | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_OP_Zone | -| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_WAN_Zone | +| Neighbor | Remote AS | VRF | Shutdown | Send-community | Maximum-routes | Allowas-in | BFD | RIB Pre-Policy Retain | Route-Reflector Client | Passive | TTL Max Hops | +| -------- | --------- | --- | -------- | -------------- | -------------- | ---------- | --- | --------------------- | ---------------------- | ------- | ------------ | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | default | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 172.31.255.8 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | +| 172.31.255.10 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | +| 192.168.255.1 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | +| 192.168.255.2 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_APP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_DB_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WEB_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.5 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | -### Router BGP EVPN Address Family +#### Router BGP EVPN Address Family -#### Router BGP EVPN MAC-VRFs +##### EVPN Peer Groups -##### VLAN aware bundles +| Peer Group | Activate | Encapsulation | +| ---------- | -------- | ------------- | +| EVPN-OVERLAY-PEERS | True | default | + +#### Router BGP VLAN Aware Bundles | VLAN Aware Bundle | Route-Distinguisher | Both Route-Target | Import Route Target | Export Route-Target | Redistribute | VLANs | | ----------------- | ------------------- | ----------------- | ------------------- | ------------------- | ------------ | ----- | @@ -1023,7 +1012,7 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Tenant_C_OP_Zone | 192.168.255.5:30 | 30:30 | - | - | learned | 310-311 | | Tenant_C_WAN_Zone | 192.168.255.5:31 | 31:31 | - | - | learned | 350 | -#### Router BGP EVPN VRFs +#### Router BGP VRFs | VRF | Route-Distinguisher | Redistribute | | --- | ------------------- | ------------ | @@ -1037,32 +1026,33 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Tenant_C_OP_Zone | 192.168.255.5:30 | connected | | Tenant_C_WAN_Zone | 192.168.255.5:31 | connected | -### Router BGP Device Configuration +#### Router BGP Device Configuration ```eos ! router bgp 65102 router-id 192.168.255.5 - no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart maximum-paths 4 ecmp 4 + no bgp default ipv4-unicast neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 - neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== + neighbor EVPN-OVERLAY-PEERS password 7 neighbor EVPN-OVERLAY-PEERS send-community neighbor EVPN-OVERLAY-PEERS maximum-routes 0 neighbor IPv4-UNDERLAY-PEERS peer group - neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== + neighbor IPv4-UNDERLAY-PEERS password 7 neighbor IPv4-UNDERLAY-PEERS send-community neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 neighbor MLAG-IPv4-UNDERLAY-PEER peer group neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102 neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self - neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== + neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2B + neighbor MLAG-IPv4-UNDERLAY-PEER password 7 neighbor MLAG-IPv4-UNDERLAY-PEER send-community neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in @@ -1229,17 +1219,17 @@ router bgp 65102 redistribute connected ``` -# BFD +## BFD -## Router BFD +### Router BFD -### Router BFD Multihop Summary +#### Router BFD Multihop Summary | Interval | Minimum RX | Multiplier | | -------- | ---------- | ---------- | | 1200 | 1200 | 3 | -### Router BFD Multihop Device Configuration +#### Router BFD Device Configuration ```eos ! @@ -1247,34 +1237,35 @@ router bfd multihop interval 1200 min-rx 1200 multiplier 3 ``` -# Multicast - -## IP IGMP Snooping +## Multicast -### IP IGMP Snooping Summary +### IP IGMP Snooping -IGMP snooping is globally enabled. +#### IP IGMP Snooping Summary +| IGMP Snooping | Fast Leave | Interface Restart Query | Proxy | Restart Query Interval | Robustness Variable | +| ------------- | ---------- | ----------------------- | ----- | ---------------------- | ------------------- | +| Enabled | - | - | - | - | - | -### IP IGMP Snooping Device Configuration +#### IP IGMP Snooping Device Configuration ```eos ``` -# Filters +## Filters -## Prefix-lists +### Prefix-lists -### Prefix-lists Summary +#### Prefix-lists Summary -#### PL-LOOPBACKS-EVPN-OVERLAY +##### PL-LOOPBACKS-EVPN-OVERLAY | Sequence | Action | | -------- | ------ | | 10 | permit 192.168.255.0/24 eq 32 | | 20 | permit 192.168.254.0/24 eq 32 | -### Prefix-lists Device Configuration +#### Prefix-lists Device Configuration ```eos ! @@ -1283,23 +1274,23 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 20 permit 192.168.254.0/24 eq 32 ``` -## Route-maps +### Route-maps -### Route-maps Summary +#### Route-maps Summary -#### RM-CONN-2-BGP +##### RM-CONN-2-BGP -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - | -#### RM-MLAG-PEER-IN +##### RM-MLAG-PEER-IN -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | set origin incomplete | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | - | origin incomplete | - | - | -### Route-maps Device Configuration +#### Route-maps Device Configuration ```eos ! @@ -1311,11 +1302,9 @@ route-map RM-MLAG-PEER-IN permit 10 set origin incomplete ``` -# ACL +## VRF Instances -# VRF Instances - -## VRF Instances Summary +### VRF Instances Summary | VRF Name | IP Routing | | -------- | ---------- | @@ -1330,7 +1319,7 @@ route-map RM-MLAG-PEER-IN permit 10 | Tenant_C_OP_Zone | enabled | | Tenant_C_WAN_Zone | enabled | -## VRF Instances Device Configuration +### VRF Instances Device Configuration ```eos ! @@ -1355,19 +1344,17 @@ vrf instance Tenant_C_OP_Zone vrf instance Tenant_C_WAN_Zone ``` -# Virtual Source NAT +## Virtual Source NAT -## Virtual Source NAT Summary +### Virtual Source NAT Summary | Source NAT VRF | Source NAT IP Address | | -------------- | --------------------- | | Tenant_A_OP_Zone | 10.255.1.5 | -## Virtual Source NAT Configuration +### Virtual Source NAT Configuration ```eos ! ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.5 ``` - -# Quality Of Service diff --git a/inventory/documentation/devices/DC1-LEAF2B.md b/inventory/documentation/devices/DC1-LEAF2B.md index de1857f0a..55a6606b1 100644 --- a/inventory/documentation/devices/DC1-LEAF2B.md +++ b/inventory/documentation/devices/DC1-LEAF2B.md @@ -1,10 +1,10 @@ # DC1-LEAF2B -# Table of Contents - + +## Table of Contents - [Management](#management) - [Management Interfaces](#management-interfaces) - - [Name Servers](#name-servers) + - [IP Name Servers](#ip-name-servers) - [NTP](#ntp) - [Management API HTTP](#management-api-http) - [Authentication](#authentication) @@ -19,7 +19,7 @@ - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) - - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) + - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) - [VLANs](#vlans) - [VLANs Summary](#vlans-summary) - [VLANs Device Configuration](#vlans-device-configuration) @@ -43,35 +43,32 @@ - [Filters](#filters) - [Prefix-lists](#prefix-lists) - [Route-maps](#route-maps) -- [ACL](#acl) - [VRF Instances](#vrf-instances) - [VRF Instances Summary](#vrf-instances-summary) - [VRF Instances Device Configuration](#vrf-instances-device-configuration) - [Virtual Source NAT](#virtual-source-nat) - [Virtual Source NAT Summary](#virtual-source-nat-summary) - [Virtual Source NAT Configuration](#virtual-source-nat-configuration) -- [Quality Of Service](#quality-of-service) - -# Management +## Management -## Management Interfaces +### Management Interfaces -### Management Interfaces Summary +#### Management Interfaces Summary -#### IPv4 +##### IPv4 -| Management Interface | description | Type | VRF | IP Address | Gateway | +| Management Interface | Description | Type | VRF | IP Address | Gateway | | -------------------- | ----------- | ---- | --- | ---------- | ------- | | Management1 | oob_management | oob | MGMT | 10.255.0.16/24 | 10.255.0.1 | -#### IPv6 +##### IPv6 -| Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | +| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | oob_management | oob | MGMT | - | - | +| Management1 | oob_management | oob | MGMT | - | - | -### Management Interfaces Device Configuration +#### Management Interfaces Device Configuration ```eos ! @@ -82,40 +79,40 @@ interface Management1 ip address 10.255.0.16/24 ``` -## Name Servers +### IP Name Servers -### Name Servers Summary +#### IP Name Servers Summary -| Name Server | Source VRF | -| ----------- | ---------- | -| 192.168.2.1 | MGMT | -| 8.8.8.8 | MGMT | +| Name Server | VRF | Priority | +| ----------- | --- | -------- | +| 192.168.2.1 | MGMT | - | +| 8.8.8.8 | MGMT | - | -### Name Servers Device Configuration +#### IP Name Servers Device Configuration ```eos ip name-server vrf MGMT 8.8.8.8 ip name-server vrf MGMT 192.168.2.1 ``` -## NTP +### NTP -### NTP Summary +#### NTP Summary -#### NTP Local Interface +##### NTP Local Interface | Interface | VRF | | --------- | --- | | Management1 | MGMT | -#### NTP Servers +##### NTP Servers | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | -### NTP Device Configuration +#### NTP Device Configuration ```eos ! @@ -124,22 +121,21 @@ ntp server vrf MGMT 0.fr.pool.ntp.org prefer ntp server vrf MGMT 1.fr.pool.ntp.org ``` -## Management API HTTP +### Management API HTTP -### Management API HTTP Summary +#### Management API HTTP Summary -| HTTP | HTTPS | -| ---------- | ---------- | -| default | true | +| HTTP | HTTPS | Default Services | +| ---- | ----- | ---------------- | +| False | True | - | -### Management API VRF Access +#### Management API VRF Access | VRF Name | IPv4 ACL | IPv6 ACL | | -------- | -------- | -------- | | MGMT | - | - | - -### Management API HTTP Configuration +#### Management API HTTP Device Configuration ```eos ! @@ -151,49 +147,49 @@ management api http-commands no shutdown ``` -# Authentication +## Authentication -## Local Users +### Local Users -### Local Users Summary +#### Local Users Summary -| User | Privilege | Role | -| ---- | --------- | ---- | -| admin | 15 | network-admin | -| ansible | 15 | network-admin | -| cvpadmin | 15 | network-admin | +| User | Privilege | Role | Disabled | Shell | +| ---- | --------- | ---- | -------- | ----- | +| admin | 15 | network-admin | False | - | +| ansible | 15 | network-admin | False | - | +| cvpadmin | 15 | network-admin | False | - | -### Local Users Device Configuration +#### Local Users Device Configuration ```eos ! -username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 -username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +username admin privilege 15 role network-admin secret sha512 +username ansible privilege 15 role network-admin secret sha512 +username cvpadmin privilege 15 role network-admin secret sha512 ``` -# Monitoring +## Monitoring -## TerminAttr Daemon +### TerminAttr Daemon -### TerminAttr Daemon Summary +#### TerminAttr Daemon Summary | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | -| gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | +| gzip | 10.255.0.1:9910 | MGMT | token,/tmp/token | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | -### TerminAttr Daemon Device Configuration +#### TerminAttr Daemon Device Configuration ```eos ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ``` -# MLAG +## MLAG -## MLAG Summary +### MLAG Summary | Domain-id | Local-interface | Peer-address | Peer-link | | --------- | --------------- | ------------ | --------- | @@ -201,7 +197,7 @@ daemon TerminAttr Dual primary detection is disabled. -## MLAG Device Configuration +### MLAG Device Configuration ```eos ! @@ -214,23 +210,23 @@ mlag configuration reload-delay non-mlag 330 ``` -# Spanning Tree +## Spanning Tree -## Spanning Tree Summary +### Spanning Tree Summary STP mode: **mstp** -### MSTP Instance and Priority +#### MSTP Instance and Priority | Instance(s) | Priority | | -------- | -------- | | 0 | 16384 | -### Global Spanning-Tree Settings +#### Global Spanning-Tree Settings -Spanning Tree disabled for VLANs: **4093-4094** +- Spanning Tree disabled for VLANs: **4093-4094** -## Spanning Tree Device Configuration +### Spanning Tree Device Configuration ```eos ! @@ -239,24 +235,24 @@ no spanning-tree vlan-id 4093-4094 spanning-tree mst 0 priority 16384 ``` -# Internal VLAN Allocation Policy +## Internal VLAN Allocation Policy -## Internal VLAN Allocation Policy Summary +### Internal VLAN Allocation Policy Summary | Policy Allocation | Range Beginning | Range Ending | | ------------------| --------------- | ------------ | | ascending | 1006 | 1199 | -## Internal VLAN Allocation Policy Configuration +### Internal VLAN Allocation Policy Device Configuration ```eos ! vlan internal order ascending range 1006 1199 ``` -# VLANs +## VLANs -## VLANs Summary +### VLANs Summary | VLAN ID | Name | Trunk Groups | | ------- | ---- | ------------ | @@ -290,7 +286,7 @@ vlan internal order ascending range 1006 1199 | 4093 | LEAF_PEER_L3 | LEAF_PEER_L3 | | 4094 | MLAG_PEER | MLAG | -## VLANs Device Configuration +### VLANs Device Configuration ```eos ! @@ -393,44 +389,42 @@ vlan 4094 trunk group MLAG ``` -# Interfaces +## Interfaces -## Ethernet Interfaces +### Ethernet Interfaces -### Ethernet Interfaces Summary +#### Ethernet Interfaces Summary -#### L2 +##### L2 | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | -| Ethernet3 | MLAG_PEER_DC1-LEAF2A_Ethernet3 | *trunk | *2-4094 | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | -| Ethernet4 | MLAG_PEER_DC1-LEAF2A_Ethernet4 | *trunk | *2-4094 | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | +| Ethernet3 | MLAG_PEER_DC1-LEAF2A_Ethernet3 | *trunk | *- | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | +| Ethernet4 | MLAG_PEER_DC1-LEAF2A_Ethernet4 | *trunk | *- | *- | *['LEAF_PEER_L3', 'MLAG'] | 3 | | Ethernet5 | DC1-L2LEAF2A_Ethernet2 | *trunk | *110-112,120-121,130-131 | *- | *- | 5 | *Inherited from Port-Channel Interface -#### IPv4 +##### IPv4 | Interface | Description | Type | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | | --------- | ----------- | -----| ------------- | ---------- | ----| ---- | -------- | ------ | ------- | -| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet4 | routed | - | 172.31.255.13/31 | default | 1500 | false | - | - | -| Ethernet2 | P2P_LINK_TO_DC1-SPINE2_Ethernet4 | routed | - | 172.31.255.15/31 | default | 1500 | false | - | - | +| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet4 | routed | - | 172.31.255.13/31 | default | - | False | - | - | +| Ethernet2 | P2P_LINK_TO_DC1-SPINE2_Ethernet4 | routed | - | 172.31.255.15/31 | default | - | False | - | - | -### Ethernet Interfaces Device Configuration +#### Ethernet Interfaces Device Configuration ```eos ! interface Ethernet1 description P2P_LINK_TO_DC1-SPINE1_Ethernet4 no shutdown - mtu 1500 no switchport ip address 172.31.255.13/31 ! interface Ethernet2 description P2P_LINK_TO_DC1-SPINE2_Ethernet4 no shutdown - mtu 1500 no switchport ip address 172.31.255.15/31 ! @@ -450,18 +444,18 @@ interface Ethernet5 channel-group 5 mode active ``` -## Port-Channel Interfaces +### Port-Channel Interfaces -### Port-Channel Interfaces Summary +#### Port-Channel Interfaces Summary -#### L2 +##### L2 | Interface | Description | Type | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | | --------- | ----------- | ---- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | -| Port-Channel3 | MLAG_PEER_DC1-LEAF2A_Po3 | switched | trunk | 2-4094 | - | ['LEAF_PEER_L3', 'MLAG'] | - | - | - | - | +| Port-Channel3 | MLAG_PEER_DC1-LEAF2A_Po3 | switched | trunk | - | - | ['LEAF_PEER_L3', 'MLAG'] | - | - | - | - | | Port-Channel5 | DC1-L2LEAF2A_Po1 | switched | trunk | 110-112,120-121,130-131 | - | - | - | - | 5 | - | -### Port-Channel Interfaces Device Configuration +#### Port-Channel Interfaces Device Configuration ```eos ! @@ -469,7 +463,6 @@ interface Port-Channel3 description MLAG_PEER_DC1-LEAF2A_Po3 no shutdown switchport - switchport trunk allowed vlan 2-4094 switchport mode trunk switchport trunk group LEAF_PEER_L3 switchport trunk group MLAG @@ -483,11 +476,11 @@ interface Port-Channel5 mlag 5 ``` -## Loopback Interfaces +### Loopback Interfaces -### Loopback Interfaces Summary +#### Loopback Interfaces Summary -#### IPv4 +##### IPv4 | Interface | Description | VRF | IP Address | | --------- | ----------- | --- | ---------- | @@ -495,7 +488,7 @@ interface Port-Channel5 | Loopback1 | VTEP_VXLAN_Tunnel_Source | default | 192.168.254.5/32 | | Loopback100 | Tenant_A_OP_Zone_VTEP_DIAGNOSTICS | Tenant_A_OP_Zone | 10.255.1.6/32 | -#### IPv6 +##### IPv6 | Interface | Description | VRF | IPv6 Address | | --------- | ----------- | --- | ------------ | @@ -503,8 +496,7 @@ interface Port-Channel5 | Loopback1 | VTEP_VXLAN_Tunnel_Source | default | - | | Loopback100 | Tenant_A_OP_Zone_VTEP_DIAGNOSTICS | Tenant_A_OP_Zone | - | - -### Loopback Interfaces Device Configuration +#### Loopback Interfaces Device Configuration ```eos ! @@ -525,41 +517,41 @@ interface Loopback100 ip address 10.255.1.6/32 ``` -## VLAN Interfaces +### VLAN Interfaces -### VLAN Interfaces Summary +#### VLAN Interfaces Summary | Interface | Description | VRF | MTU | Shutdown | | --------- | ----------- | --- | ---- | -------- | -| Vlan110 | Tenant_A_OP_Zone_1 | Tenant_A_OP_Zone | - | false | -| Vlan111 | Tenant_A_OP_Zone_2 | Tenant_A_OP_Zone | - | false | -| Vlan112 | Tenant_A_OP_Zone_3 | Tenant_A_OP_Zone | - | false | -| Vlan120 | Tenant_A_WEB_Zone_1 | Tenant_A_WEB_Zone | - | false | -| Vlan121 | Tenant_A_WEBZone_2 | Tenant_A_WEB_Zone | - | false | -| Vlan130 | Tenant_A_APP_Zone_1 | Tenant_A_APP_Zone | - | false | -| Vlan131 | Tenant_A_APP_Zone_2 | Tenant_A_APP_Zone | - | false | -| Vlan140 | Tenant_A_DB_BZone_1 | Tenant_A_DB_Zone | - | false | -| Vlan141 | Tenant_A_DB_Zone_2 | Tenant_A_DB_Zone | - | false | -| Vlan150 | Tenant_A_WAN_Zone_1 | Tenant_A_WAN_Zone | - | false | -| Vlan210 | Tenant_B_OP_Zone_1 | Tenant_B_OP_Zone | - | false | -| Vlan211 | Tenant_B_OP_Zone_2 | Tenant_B_OP_Zone | - | false | -| Vlan250 | Tenant_B_WAN_Zone_1 | Tenant_B_WAN_Zone | - | false | -| Vlan310 | Tenant_C_OP_Zone_1 | Tenant_C_OP_Zone | - | false | -| Vlan311 | Tenant_C_OP_Zone_2 | Tenant_C_OP_Zone | - | false | -| Vlan350 | Tenant_C_WAN_Zone_1 | Tenant_C_WAN_Zone | - | false | -| Vlan3009 | MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone | Tenant_A_OP_Zone | 1500 | false | -| Vlan3010 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone | Tenant_A_WEB_Zone | 1500 | false | -| Vlan3011 | MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone | Tenant_A_APP_Zone | 1500 | false | -| Vlan3012 | MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone | Tenant_A_DB_Zone | 1500 | false | -| Vlan3013 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone | Tenant_A_WAN_Zone | 1500 | false | -| Vlan3019 | MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone | Tenant_B_OP_Zone | 1500 | false | -| Vlan3020 | MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone | Tenant_B_WAN_Zone | 1500 | false | -| Vlan3029 | MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone | Tenant_C_OP_Zone | 1500 | false | -| Vlan3030 | MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone | Tenant_C_WAN_Zone | 1500 | false | -| Vlan4093 | MLAG_PEER_L3_PEERING | default | 1500 | false | -| Vlan4094 | MLAG_PEER | default | 1500 | false | - -#### IPv4 +| Vlan110 | Tenant_A_OP_Zone_1 | Tenant_A_OP_Zone | - | False | +| Vlan111 | Tenant_A_OP_Zone_2 | Tenant_A_OP_Zone | - | False | +| Vlan112 | Tenant_A_OP_Zone_3 | Tenant_A_OP_Zone | - | False | +| Vlan120 | Tenant_A_WEB_Zone_1 | Tenant_A_WEB_Zone | - | False | +| Vlan121 | Tenant_A_WEBZone_2 | Tenant_A_WEB_Zone | - | False | +| Vlan130 | Tenant_A_APP_Zone_1 | Tenant_A_APP_Zone | - | False | +| Vlan131 | Tenant_A_APP_Zone_2 | Tenant_A_APP_Zone | - | False | +| Vlan140 | Tenant_A_DB_BZone_1 | Tenant_A_DB_Zone | - | False | +| Vlan141 | Tenant_A_DB_Zone_2 | Tenant_A_DB_Zone | - | False | +| Vlan150 | Tenant_A_WAN_Zone_1 | Tenant_A_WAN_Zone | - | False | +| Vlan210 | Tenant_B_OP_Zone_1 | Tenant_B_OP_Zone | - | False | +| Vlan211 | Tenant_B_OP_Zone_2 | Tenant_B_OP_Zone | - | False | +| Vlan250 | Tenant_B_WAN_Zone_1 | Tenant_B_WAN_Zone | - | False | +| Vlan310 | Tenant_C_OP_Zone_1 | Tenant_C_OP_Zone | - | False | +| Vlan311 | Tenant_C_OP_Zone_2 | Tenant_C_OP_Zone | - | False | +| Vlan350 | Tenant_C_WAN_Zone_1 | Tenant_C_WAN_Zone | - | False | +| Vlan3009 | MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone | Tenant_A_OP_Zone | - | False | +| Vlan3010 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone | Tenant_A_WEB_Zone | - | False | +| Vlan3011 | MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone | Tenant_A_APP_Zone | - | False | +| Vlan3012 | MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone | Tenant_A_DB_Zone | - | False | +| Vlan3013 | MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone | Tenant_A_WAN_Zone | - | False | +| Vlan3019 | MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone | Tenant_B_OP_Zone | - | False | +| Vlan3020 | MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone | Tenant_B_WAN_Zone | - | False | +| Vlan3029 | MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone | Tenant_C_OP_Zone | - | False | +| Vlan3030 | MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone | Tenant_C_WAN_Zone | - | False | +| Vlan4093 | MLAG_PEER_L3_PEERING | default | - | False | +| Vlan4094 | MLAG_PEER | default | - | False | + +##### IPv4 | Interface | VRF | IP Address | IP Address Virtual | IP Router Virtual Address | VRRP | ACL In | ACL Out | | --------- | --- | ---------- | ------------------ | ------------------------- | ---- | ------ | ------- | @@ -591,8 +583,7 @@ interface Loopback100 | Vlan4093 | default | 10.255.251.5/31 | - | - | - | - | - | | Vlan4094 | default | 10.255.252.5/31 | - | - | - | - | - | - -### VLAN Interfaces Device Configuration +#### VLAN Interfaces Device Configuration ```eos ! @@ -689,128 +680,117 @@ interface Vlan350 interface Vlan3009 description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone no shutdown - mtu 1500 vrf Tenant_A_OP_Zone ip address 10.255.251.5/31 ! interface Vlan3010 description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone no shutdown - mtu 1500 vrf Tenant_A_WEB_Zone ip address 10.255.251.5/31 ! interface Vlan3011 description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone no shutdown - mtu 1500 vrf Tenant_A_APP_Zone ip address 10.255.251.5/31 ! interface Vlan3012 description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone no shutdown - mtu 1500 vrf Tenant_A_DB_Zone ip address 10.255.251.5/31 ! interface Vlan3013 description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone no shutdown - mtu 1500 vrf Tenant_A_WAN_Zone ip address 10.255.251.5/31 ! interface Vlan3019 description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone no shutdown - mtu 1500 vrf Tenant_B_OP_Zone ip address 10.255.251.5/31 ! interface Vlan3020 description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone no shutdown - mtu 1500 vrf Tenant_B_WAN_Zone ip address 10.255.251.5/31 ! interface Vlan3029 description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone no shutdown - mtu 1500 vrf Tenant_C_OP_Zone ip address 10.255.251.5/31 ! interface Vlan3030 description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone no shutdown - mtu 1500 vrf Tenant_C_WAN_Zone ip address 10.255.251.5/31 ! interface Vlan4093 description MLAG_PEER_L3_PEERING no shutdown - mtu 1500 ip address 10.255.251.5/31 ! interface Vlan4094 description MLAG_PEER no shutdown - mtu 1500 no autostate ip address 10.255.252.5/31 ``` -## VXLAN Interface - -### VXLAN Interface Summary - -#### Source Interface: Loopback1 - -#### UDP port: 4789 - -#### EVPN MLAG Shared Router MAC : mlag-system-id - -#### VLAN to VNI and Flood List Mappings - -| VLAN | VNI | Flood List | -| ---- | --- | ---------- | -| 110 | 10110 | - | -| 111 | 50111 | - | -| 112 | 50112 | - | -| 120 | 10120 | - | -| 121 | 10121 | - | -| 130 | 10130 | - | -| 131 | 10131 | - | -| 140 | 10140 | - | -| 141 | 10141 | - | -| 150 | 10150 | - | -| 160 | 55160 | - | -| 161 | 10161 | - | -| 210 | 20210 | - | -| 211 | 20211 | - | -| 250 | 20250 | - | -| 310 | 30310 | - | -| 311 | 30311 | - | -| 350 | 30350 | - | - -#### VRF to VNI Mappings - -| VLAN | VNI | -| ---- | --- | -| Tenant_A_APP_Zone | 12 | -| Tenant_A_DB_Zone | 13 | -| Tenant_A_OP_Zone | 10 | -| Tenant_A_WAN_Zone | 14 | -| Tenant_A_WEB_Zone | 11 | -| Tenant_B_OP_Zone | 20 | -| Tenant_B_WAN_Zone | 21 | -| Tenant_C_OP_Zone | 30 | -| Tenant_C_WAN_Zone | 31 | - -### VXLAN Interface Device Configuration +### VXLAN Interface + +#### VXLAN Interface Summary + +| Setting | Value | +| ------- | ----- | +| Source Interface | Loopback1 | +| UDP port | 4789 | +| EVPN MLAG Shared Router MAC | mlag-system-id | + +##### VLAN to VNI, Flood List and Multicast Group Mappings + +| VLAN | VNI | Flood List | Multicast Group | +| ---- | --- | ---------- | --------------- | +| 110 | 10110 | - | - | +| 111 | 50111 | - | - | +| 112 | 50112 | - | - | +| 120 | 10120 | - | - | +| 121 | 10121 | - | - | +| 130 | 10130 | - | - | +| 131 | 10131 | - | - | +| 140 | 10140 | - | - | +| 141 | 10141 | - | - | +| 150 | 10150 | - | - | +| 160 | 55160 | - | - | +| 161 | 10161 | - | - | +| 210 | 20210 | - | - | +| 211 | 20211 | - | - | +| 250 | 20250 | - | - | +| 310 | 30310 | - | - | +| 311 | 30311 | - | - | +| 350 | 30350 | - | - | + +##### VRF to VNI and Multicast Group Mappings + +| VRF | VNI | Multicast Group | +| ---- | --- | --------------- | +| Tenant_A_APP_Zone | 12 | - | +| Tenant_A_DB_Zone | 13 | - | +| Tenant_A_OP_Zone | 10 | - | +| Tenant_A_WAN_Zone | 14 | - | +| Tenant_A_WEB_Zone | 11 | - | +| Tenant_B_OP_Zone | 20 | - | +| Tenant_B_WAN_Zone | 21 | - | +| Tenant_C_OP_Zone | 30 | - | +| Tenant_C_WAN_Zone | 31 | - | + +#### VXLAN Interface Device Configuration ```eos ! @@ -848,8 +828,9 @@ interface Vxlan1 vxlan vrf Tenant_C_WAN_Zone vni 31 ``` -# Routing -## Service Routing Protocols Model +## Routing + +### Service Routing Protocols Model Multi agent routing protocol model enabled @@ -858,37 +839,38 @@ Multi agent routing protocol model enabled service routing protocols model multi-agent ``` -## Virtual Router MAC Address +### Virtual Router MAC Address -### Virtual Router MAC Address Summary +#### Virtual Router MAC Address Summary -#### Virtual Router MAC Address: 00:1c:73:00:dc:01 +Virtual Router MAC Address: 00:1c:73:00:dc:01 -### Virtual Router MAC Address Configuration +#### Virtual Router MAC Address Device Configuration ```eos ! ip virtual-router mac-address 00:1c:73:00:dc:01 ``` -## IP Routing +### IP Routing -### IP Routing Summary +#### IP Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | true|| MGMT | false | -| Tenant_A_APP_Zone | true | -| Tenant_A_DB_Zone | true | -| Tenant_A_OP_Zone | true | -| Tenant_A_WAN_Zone | true | -| Tenant_A_WEB_Zone | true | -| Tenant_B_OP_Zone | true | -| Tenant_B_WAN_Zone | true | -| Tenant_C_OP_Zone | true | -| Tenant_C_WAN_Zone | true | - -### IP Routing Device Configuration +| default | True | +| MGMT | False | +| Tenant_A_APP_Zone | True | +| Tenant_A_DB_Zone | True | +| Tenant_A_OP_Zone | True | +| Tenant_A_WAN_Zone | True | +| Tenant_A_WEB_Zone | True | +| Tenant_B_OP_Zone | True | +| Tenant_B_WAN_Zone | True | +| Tenant_C_OP_Zone | True | +| Tenant_C_WAN_Zone | True | + +#### IP Routing Device Configuration ```eos ! @@ -904,13 +886,15 @@ ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_OP_Zone ip routing vrf Tenant_C_WAN_Zone ``` -## IPv6 Routing -### IPv6 Routing Summary +### IPv6 Routing + +#### IPv6 Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | false || MGMT | false | +| default | False | +| MGMT | false | | Tenant_A_APP_Zone | false | | Tenant_A_DB_Zone | false | | Tenant_A_OP_Zone | false | @@ -921,52 +905,53 @@ ip routing vrf Tenant_C_WAN_Zone | Tenant_C_OP_Zone | false | | Tenant_C_WAN_Zone | false | +### Static Routes -## Static Routes - -### Static Routes Summary +#### Static Routes Summary -| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | -| --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | -| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | +| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | +| --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | +| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | -### Static Routes Device Configuration +#### Static Routes Device Configuration ```eos ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 ``` -## Router BGP +### Router BGP -### Router BGP Summary +ASN Notation: asplain + +#### Router BGP Summary | BGP AS | Router ID | | ------ | --------- | -| 65102| 192.168.255.6 | +| 65102 | 192.168.255.6 | | BGP Tuning | | ---------- | -| no bgp default ipv4-unicast | -| distance bgp 20 200 200 | | graceful-restart restart-time 300 | | graceful-restart | +| no bgp default ipv4-unicast | +| distance bgp 20 200 200 | | maximum-paths 4 ecmp 4 | -### Router BGP Peer Groups +#### Router BGP Peer Groups -#### EVPN-OVERLAY-PEERS +##### EVPN-OVERLAY-PEERS | Settings | Value | | -------- | ----- | | Address Family | evpn | | Source | Loopback0 | -| Bfd | true | +| BFD | True | | Ebgp multihop | 3 | | Send community | all | | Maximum routes | 0 (no limit) | -#### IPv4-UNDERLAY-PEERS +##### IPv4-UNDERLAY-PEERS | Settings | Value | | -------- | ----- | @@ -974,7 +959,7 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -#### MLAG-IPv4-UNDERLAY-PEER +##### MLAG-IPv4-UNDERLAY-PEER | Settings | Value | | -------- | ----- | @@ -984,30 +969,34 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -### BGP Neighbors +#### BGP Neighbors -| Neighbor | Remote AS | VRF | -| -------- | --------- | --- | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | default | -| 172.31.255.12 | 65001 | default | -| 172.31.255.14 | 65001 | default | -| 192.168.255.1 | 65001 | default | -| 192.168.255.2 | 65001 | default | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_APP_Zone | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_DB_Zone | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_OP_Zone | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WAN_Zone | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WEB_Zone | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_OP_Zone | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_WAN_Zone | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_OP_Zone | -| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_WAN_Zone | +| Neighbor | Remote AS | VRF | Shutdown | Send-community | Maximum-routes | Allowas-in | BFD | RIB Pre-Policy Retain | Route-Reflector Client | Passive | TTL Max Hops | +| -------- | --------- | --- | -------- | -------------- | -------------- | ---------- | --- | --------------------- | ---------------------- | ------- | ------------ | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | default | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 172.31.255.12 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | +| 172.31.255.14 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | +| 192.168.255.1 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | +| 192.168.255.2 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_APP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_DB_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_WEB_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_B_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | +| 10.255.251.4 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_C_WAN_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | -### Router BGP EVPN Address Family +#### Router BGP EVPN Address Family -#### Router BGP EVPN MAC-VRFs +##### EVPN Peer Groups -##### VLAN aware bundles +| Peer Group | Activate | Encapsulation | +| ---------- | -------- | ------------- | +| EVPN-OVERLAY-PEERS | True | default | + +#### Router BGP VLAN Aware Bundles | VLAN Aware Bundle | Route-Distinguisher | Both Route-Target | Import Route Target | Export Route-Target | Redistribute | VLANs | | ----------------- | ------------------- | ----------------- | ------------------- | ------------------- | ------------ | ----- | @@ -1023,7 +1012,7 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Tenant_C_OP_Zone | 192.168.255.6:30 | 30:30 | - | - | learned | 310-311 | | Tenant_C_WAN_Zone | 192.168.255.6:31 | 31:31 | - | - | learned | 350 | -#### Router BGP EVPN VRFs +#### Router BGP VRFs | VRF | Route-Distinguisher | Redistribute | | --- | ------------------- | ------------ | @@ -1037,32 +1026,33 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Tenant_C_OP_Zone | 192.168.255.6:30 | connected | | Tenant_C_WAN_Zone | 192.168.255.6:31 | connected | -### Router BGP Device Configuration +#### Router BGP Device Configuration ```eos ! router bgp 65102 router-id 192.168.255.6 - no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart maximum-paths 4 ecmp 4 + no bgp default ipv4-unicast neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 - neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== + neighbor EVPN-OVERLAY-PEERS password 7 neighbor EVPN-OVERLAY-PEERS send-community neighbor EVPN-OVERLAY-PEERS maximum-routes 0 neighbor IPv4-UNDERLAY-PEERS peer group - neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== + neighbor IPv4-UNDERLAY-PEERS password 7 neighbor IPv4-UNDERLAY-PEERS send-community neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 neighbor MLAG-IPv4-UNDERLAY-PEER peer group neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102 neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self - neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== + neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2A + neighbor MLAG-IPv4-UNDERLAY-PEER password 7 neighbor MLAG-IPv4-UNDERLAY-PEER send-community neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in @@ -1229,17 +1219,17 @@ router bgp 65102 redistribute connected ``` -# BFD +## BFD -## Router BFD +### Router BFD -### Router BFD Multihop Summary +#### Router BFD Multihop Summary | Interval | Minimum RX | Multiplier | | -------- | ---------- | ---------- | | 1200 | 1200 | 3 | -### Router BFD Multihop Device Configuration +#### Router BFD Device Configuration ```eos ! @@ -1247,34 +1237,35 @@ router bfd multihop interval 1200 min-rx 1200 multiplier 3 ``` -# Multicast - -## IP IGMP Snooping +## Multicast -### IP IGMP Snooping Summary +### IP IGMP Snooping -IGMP snooping is globally enabled. +#### IP IGMP Snooping Summary +| IGMP Snooping | Fast Leave | Interface Restart Query | Proxy | Restart Query Interval | Robustness Variable | +| ------------- | ---------- | ----------------------- | ----- | ---------------------- | ------------------- | +| Enabled | - | - | - | - | - | -### IP IGMP Snooping Device Configuration +#### IP IGMP Snooping Device Configuration ```eos ``` -# Filters +## Filters -## Prefix-lists +### Prefix-lists -### Prefix-lists Summary +#### Prefix-lists Summary -#### PL-LOOPBACKS-EVPN-OVERLAY +##### PL-LOOPBACKS-EVPN-OVERLAY | Sequence | Action | | -------- | ------ | | 10 | permit 192.168.255.0/24 eq 32 | | 20 | permit 192.168.254.0/24 eq 32 | -### Prefix-lists Device Configuration +#### Prefix-lists Device Configuration ```eos ! @@ -1283,23 +1274,23 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 20 permit 192.168.254.0/24 eq 32 ``` -## Route-maps +### Route-maps -### Route-maps Summary +#### Route-maps Summary -#### RM-CONN-2-BGP +##### RM-CONN-2-BGP -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - | -#### RM-MLAG-PEER-IN +##### RM-MLAG-PEER-IN -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | set origin incomplete | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | - | origin incomplete | - | - | -### Route-maps Device Configuration +#### Route-maps Device Configuration ```eos ! @@ -1311,11 +1302,9 @@ route-map RM-MLAG-PEER-IN permit 10 set origin incomplete ``` -# ACL +## VRF Instances -# VRF Instances - -## VRF Instances Summary +### VRF Instances Summary | VRF Name | IP Routing | | -------- | ---------- | @@ -1330,7 +1319,7 @@ route-map RM-MLAG-PEER-IN permit 10 | Tenant_C_OP_Zone | enabled | | Tenant_C_WAN_Zone | enabled | -## VRF Instances Device Configuration +### VRF Instances Device Configuration ```eos ! @@ -1355,19 +1344,17 @@ vrf instance Tenant_C_OP_Zone vrf instance Tenant_C_WAN_Zone ``` -# Virtual Source NAT +## Virtual Source NAT -## Virtual Source NAT Summary +### Virtual Source NAT Summary | Source NAT VRF | Source NAT IP Address | | -------------- | --------------------- | | Tenant_A_OP_Zone | 10.255.1.6 | -## Virtual Source NAT Configuration +### Virtual Source NAT Configuration ```eos ! ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.6 ``` - -# Quality Of Service diff --git a/inventory/documentation/devices/DC1-SPINE1.md b/inventory/documentation/devices/DC1-SPINE1.md index b7257df1f..41b11af5d 100644 --- a/inventory/documentation/devices/DC1-SPINE1.md +++ b/inventory/documentation/devices/DC1-SPINE1.md @@ -1,10 +1,10 @@ # DC1-SPINE1 -# Table of Contents - + +## Table of Contents - [Management](#management) - [Management Interfaces](#management-interfaces) - - [Name Servers](#name-servers) + - [IP Name Servers](#ip-name-servers) - [NTP](#ntp) - [Management API HTTP](#management-api-http) - [Authentication](#authentication) @@ -16,7 +16,7 @@ - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) - - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) + - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) - [Interfaces](#interfaces) - [Ethernet Interfaces](#ethernet-interfaces) - [Loopback Interfaces](#loopback-interfaces) @@ -28,36 +28,32 @@ - [Router BGP](#router-bgp) - [BFD](#bfd) - [Router BFD](#router-bfd) -- [Multicast](#multicast) - [Filters](#filters) - [Prefix-lists](#prefix-lists) - [Route-maps](#route-maps) -- [ACL](#acl) - [VRF Instances](#vrf-instances) - [VRF Instances Summary](#vrf-instances-summary) - [VRF Instances Device Configuration](#vrf-instances-device-configuration) -- [Quality Of Service](#quality-of-service) - -# Management +## Management -## Management Interfaces +### Management Interfaces -### Management Interfaces Summary +#### Management Interfaces Summary -#### IPv4 +##### IPv4 -| Management Interface | description | Type | VRF | IP Address | Gateway | +| Management Interface | Description | Type | VRF | IP Address | Gateway | | -------------------- | ----------- | ---- | --- | ---------- | ------- | | Management1 | oob_management | oob | MGMT | 10.255.0.11/24 | 10.255.0.1 | -#### IPv6 +##### IPv6 -| Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | +| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | oob_management | oob | MGMT | - | - | +| Management1 | oob_management | oob | MGMT | - | - | -### Management Interfaces Device Configuration +#### Management Interfaces Device Configuration ```eos ! @@ -68,40 +64,40 @@ interface Management1 ip address 10.255.0.11/24 ``` -## Name Servers +### IP Name Servers -### Name Servers Summary +#### IP Name Servers Summary -| Name Server | Source VRF | -| ----------- | ---------- | -| 192.168.2.1 | MGMT | -| 8.8.8.8 | MGMT | +| Name Server | VRF | Priority | +| ----------- | --- | -------- | +| 192.168.2.1 | MGMT | - | +| 8.8.8.8 | MGMT | - | -### Name Servers Device Configuration +#### IP Name Servers Device Configuration ```eos ip name-server vrf MGMT 8.8.8.8 ip name-server vrf MGMT 192.168.2.1 ``` -## NTP +### NTP -### NTP Summary +#### NTP Summary -#### NTP Local Interface +##### NTP Local Interface | Interface | VRF | | --------- | --- | | Management1 | MGMT | -#### NTP Servers +##### NTP Servers | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | -### NTP Device Configuration +#### NTP Device Configuration ```eos ! @@ -110,22 +106,21 @@ ntp server vrf MGMT 0.fr.pool.ntp.org prefer ntp server vrf MGMT 1.fr.pool.ntp.org ``` -## Management API HTTP +### Management API HTTP -### Management API HTTP Summary +#### Management API HTTP Summary -| HTTP | HTTPS | -| ---------- | ---------- | -| default | true | +| HTTP | HTTPS | Default Services | +| ---- | ----- | ---------------- | +| False | True | - | -### Management API VRF Access +#### Management API VRF Access | VRF Name | IPv4 ACL | IPv6 ACL | | -------- | -------- | -------- | | MGMT | - | - | - -### Management API HTTP Configuration +#### Management API HTTP Device Configuration ```eos ! @@ -137,150 +132,142 @@ management api http-commands no shutdown ``` -# Authentication +## Authentication -## Local Users +### Local Users -### Local Users Summary +#### Local Users Summary -| User | Privilege | Role | -| ---- | --------- | ---- | -| admin | 15 | network-admin | -| ansible | 15 | network-admin | -| cvpadmin | 15 | network-admin | +| User | Privilege | Role | Disabled | Shell | +| ---- | --------- | ---- | -------- | ----- | +| admin | 15 | network-admin | False | - | +| ansible | 15 | network-admin | False | - | +| cvpadmin | 15 | network-admin | False | - | -### Local Users Device Configuration +#### Local Users Device Configuration ```eos ! -username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 -username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +username admin privilege 15 role network-admin secret sha512 +username ansible privilege 15 role network-admin secret sha512 +username cvpadmin privilege 15 role network-admin secret sha512 ``` -# Monitoring +## Monitoring -## TerminAttr Daemon +### TerminAttr Daemon -### TerminAttr Daemon Summary +#### TerminAttr Daemon Summary | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | -| gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | +| gzip | 10.255.0.1:9910 | MGMT | token,/tmp/token | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | -### TerminAttr Daemon Device Configuration +#### TerminAttr Daemon Device Configuration ```eos ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ``` -# Spanning Tree +## Spanning Tree -## Spanning Tree Summary +### Spanning Tree Summary STP mode: **none** -### Global Spanning-Tree Settings - - -## Spanning Tree Device Configuration +### Spanning Tree Device Configuration ```eos ! spanning-tree mode none ``` -# Internal VLAN Allocation Policy +## Internal VLAN Allocation Policy -## Internal VLAN Allocation Policy Summary +### Internal VLAN Allocation Policy Summary | Policy Allocation | Range Beginning | Range Ending | | ------------------| --------------- | ------------ | | ascending | 1006 | 1199 | -## Internal VLAN Allocation Policy Configuration +### Internal VLAN Allocation Policy Device Configuration ```eos ! vlan internal order ascending range 1006 1199 ``` -# Interfaces +## Interfaces -## Ethernet Interfaces +### Ethernet Interfaces -### Ethernet Interfaces Summary +#### Ethernet Interfaces Summary -#### L2 +##### L2 | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | *Inherited from Port-Channel Interface -#### IPv4 +##### IPv4 | Interface | Description | Type | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | | --------- | ----------- | -----| ------------- | ---------- | ----| ---- | -------- | ------ | ------- | -| Ethernet1 | P2P_LINK_TO_DC1-LEAF1A_Ethernet1 | routed | - | 172.31.255.0/31 | default | 1500 | false | - | - | -| Ethernet2 | P2P_LINK_TO_DC1-LEAF1B_Ethernet1 | routed | - | 172.31.255.4/31 | default | 1500 | false | - | - | -| Ethernet3 | P2P_LINK_TO_DC1-LEAF2A_Ethernet1 | routed | - | 172.31.255.8/31 | default | 1500 | false | - | - | -| Ethernet4 | P2P_LINK_TO_DC1-LEAF2B_Ethernet1 | routed | - | 172.31.255.12/31 | default | 1500 | false | - | - | +| Ethernet1 | P2P_LINK_TO_DC1-LEAF1A_Ethernet1 | routed | - | 172.31.255.0/31 | default | - | False | - | - | +| Ethernet2 | P2P_LINK_TO_DC1-LEAF1B_Ethernet1 | routed | - | 172.31.255.4/31 | default | - | False | - | - | +| Ethernet3 | P2P_LINK_TO_DC1-LEAF2A_Ethernet1 | routed | - | 172.31.255.8/31 | default | - | False | - | - | +| Ethernet4 | P2P_LINK_TO_DC1-LEAF2B_Ethernet1 | routed | - | 172.31.255.12/31 | default | - | False | - | - | -### Ethernet Interfaces Device Configuration +#### Ethernet Interfaces Device Configuration ```eos ! interface Ethernet1 description P2P_LINK_TO_DC1-LEAF1A_Ethernet1 no shutdown - mtu 1500 no switchport ip address 172.31.255.0/31 ! interface Ethernet2 description P2P_LINK_TO_DC1-LEAF1B_Ethernet1 no shutdown - mtu 1500 no switchport ip address 172.31.255.4/31 ! interface Ethernet3 description P2P_LINK_TO_DC1-LEAF2A_Ethernet1 no shutdown - mtu 1500 no switchport ip address 172.31.255.8/31 ! interface Ethernet4 description P2P_LINK_TO_DC1-LEAF2B_Ethernet1 no shutdown - mtu 1500 no switchport ip address 172.31.255.12/31 ``` -## Loopback Interfaces +### Loopback Interfaces -### Loopback Interfaces Summary +#### Loopback Interfaces Summary -#### IPv4 +##### IPv4 | Interface | Description | VRF | IP Address | | --------- | ----------- | --- | ---------- | | Loopback0 | EVPN_Overlay_Peering | default | 192.168.255.1/32 | -#### IPv6 +##### IPv6 | Interface | Description | VRF | IPv6 Address | | --------- | ----------- | --- | ------------ | | Loopback0 | EVPN_Overlay_Peering | default | - | - -### Loopback Interfaces Device Configuration +#### Loopback Interfaces Device Configuration ```eos ! @@ -290,8 +277,9 @@ interface Loopback0 ip address 192.168.255.1/32 ``` -# Routing -## Service Routing Protocols Model +## Routing + +### Service Routing Protocols Model Multi agent routing protocol model enabled @@ -300,76 +288,80 @@ Multi agent routing protocol model enabled service routing protocols model multi-agent ``` -## IP Routing +### IP Routing -### IP Routing Summary +#### IP Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | true|| MGMT | false | +| default | True | +| MGMT | False | -### IP Routing Device Configuration +#### IP Routing Device Configuration ```eos ! ip routing no ip routing vrf MGMT ``` -## IPv6 Routing -### IPv6 Routing Summary +### IPv6 Routing + +#### IPv6 Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | false || MGMT | false | +| default | False | +| MGMT | false | +### Static Routes -## Static Routes +#### Static Routes Summary -### Static Routes Summary +| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | +| --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | +| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | -| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | -| --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | -| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | - -### Static Routes Device Configuration +#### Static Routes Device Configuration ```eos ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 ``` -## Router BGP +### Router BGP + +ASN Notation: asplain -### Router BGP Summary +#### Router BGP Summary | BGP AS | Router ID | | ------ | --------- | -| 65001| 192.168.255.1 | +| 65001 | 192.168.255.1 | | BGP Tuning | | ---------- | -| no bgp default ipv4-unicast | -| distance bgp 20 200 200 | | graceful-restart restart-time 300 | | graceful-restart | +| no bgp default ipv4-unicast | +| distance bgp 20 200 200 | | maximum-paths 4 ecmp 4 | -### Router BGP Peer Groups +#### Router BGP Peer Groups -#### EVPN-OVERLAY-PEERS +##### EVPN-OVERLAY-PEERS | Settings | Value | | -------- | ----- | | Address Family | evpn | | Next-hop unchanged | True | | Source | Loopback0 | -| Bfd | true | +| BFD | True | | Ebgp multihop | 3 | | Send community | all | | Maximum routes | 0 (no limit) | -#### IPv4-UNDERLAY-PEERS +##### IPv4-UNDERLAY-PEERS | Settings | Value | | -------- | ----- | @@ -377,46 +369,48 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -### BGP Neighbors +#### BGP Neighbors -| Neighbor | Remote AS | VRF | -| -------- | --------- | --- | -| 172.31.255.1 | 65101 | default | -| 172.31.255.5 | 65101 | default | -| 172.31.255.9 | 65102 | default | -| 172.31.255.13 | 65102 | default | -| 192.168.255.3 | 65101 | default | -| 192.168.255.4 | 65101 | default | -| 192.168.255.5 | 65102 | default | -| 192.168.255.6 | 65102 | default | +| Neighbor | Remote AS | VRF | Shutdown | Send-community | Maximum-routes | Allowas-in | BFD | RIB Pre-Policy Retain | Route-Reflector Client | Passive | TTL Max Hops | +| -------- | --------- | --- | -------- | -------------- | -------------- | ---------- | --- | --------------------- | ---------------------- | ------- | ------------ | +| 172.31.255.1 | 65101 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | +| 172.31.255.5 | 65101 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | +| 172.31.255.9 | 65102 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | +| 172.31.255.13 | 65102 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | +| 192.168.255.3 | 65101 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | +| 192.168.255.4 | 65101 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | +| 192.168.255.5 | 65102 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | +| 192.168.255.6 | 65102 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | -### Router BGP EVPN Address Family +#### Router BGP EVPN Address Family -#### Router BGP EVPN MAC-VRFs +##### EVPN Peer Groups -#### Router BGP EVPN VRFs +| Peer Group | Activate | Encapsulation | +| ---------- | -------- | ------------- | +| EVPN-OVERLAY-PEERS | True | default | -### Router BGP Device Configuration +#### Router BGP Device Configuration ```eos ! router bgp 65001 router-id 192.168.255.1 - no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart maximum-paths 4 ecmp 4 + no bgp default ipv4-unicast neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS next-hop-unchanged neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 - neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== + neighbor EVPN-OVERLAY-PEERS password 7 neighbor EVPN-OVERLAY-PEERS send-community neighbor EVPN-OVERLAY-PEERS maximum-routes 0 neighbor IPv4-UNDERLAY-PEERS peer group - neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== + neighbor IPv4-UNDERLAY-PEERS password 7 neighbor IPv4-UNDERLAY-PEERS send-community neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 neighbor 172.31.255.1 peer group IPv4-UNDERLAY-PEERS @@ -453,17 +447,17 @@ router bgp 65001 neighbor IPv4-UNDERLAY-PEERS activate ``` -# BFD +## BFD -## Router BFD +### Router BFD -### Router BFD Multihop Summary +#### Router BFD Multihop Summary | Interval | Minimum RX | Multiplier | | -------- | ---------- | ---------- | | 1200 | 1200 | 3 | -### Router BFD Multihop Device Configuration +#### Router BFD Device Configuration ```eos ! @@ -471,21 +465,19 @@ router bfd multihop interval 1200 min-rx 1200 multiplier 3 ``` -# Multicast - -# Filters +## Filters -## Prefix-lists +### Prefix-lists -### Prefix-lists Summary +#### Prefix-lists Summary -#### PL-LOOPBACKS-EVPN-OVERLAY +##### PL-LOOPBACKS-EVPN-OVERLAY | Sequence | Action | | -------- | ------ | | 10 | permit 192.168.255.0/24 eq 32 | -### Prefix-lists Device Configuration +#### Prefix-lists Device Configuration ```eos ! @@ -493,17 +485,17 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 10 permit 192.168.255.0/24 eq 32 ``` -## Route-maps +### Route-maps -### Route-maps Summary +#### Route-maps Summary -#### RM-CONN-2-BGP +##### RM-CONN-2-BGP -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - | -### Route-maps Device Configuration +#### Route-maps Device Configuration ```eos ! @@ -511,21 +503,17 @@ route-map RM-CONN-2-BGP permit 10 match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY ``` -# ACL +## VRF Instances -# VRF Instances - -## VRF Instances Summary +### VRF Instances Summary | VRF Name | IP Routing | | -------- | ---------- | | MGMT | disabled | -## VRF Instances Device Configuration +### VRF Instances Device Configuration ```eos ! vrf instance MGMT ``` - -# Quality Of Service diff --git a/inventory/documentation/devices/DC1-SPINE2.md b/inventory/documentation/devices/DC1-SPINE2.md index 448f8b806..c4f3ef030 100644 --- a/inventory/documentation/devices/DC1-SPINE2.md +++ b/inventory/documentation/devices/DC1-SPINE2.md @@ -1,10 +1,10 @@ # DC1-SPINE2 -# Table of Contents - + +## Table of Contents - [Management](#management) - [Management Interfaces](#management-interfaces) - - [Name Servers](#name-servers) + - [IP Name Servers](#ip-name-servers) - [NTP](#ntp) - [Management API HTTP](#management-api-http) - [Authentication](#authentication) @@ -16,7 +16,7 @@ - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) - - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) + - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) - [Interfaces](#interfaces) - [Ethernet Interfaces](#ethernet-interfaces) - [Loopback Interfaces](#loopback-interfaces) @@ -28,36 +28,32 @@ - [Router BGP](#router-bgp) - [BFD](#bfd) - [Router BFD](#router-bfd) -- [Multicast](#multicast) - [Filters](#filters) - [Prefix-lists](#prefix-lists) - [Route-maps](#route-maps) -- [ACL](#acl) - [VRF Instances](#vrf-instances) - [VRF Instances Summary](#vrf-instances-summary) - [VRF Instances Device Configuration](#vrf-instances-device-configuration) -- [Quality Of Service](#quality-of-service) - -# Management +## Management -## Management Interfaces +### Management Interfaces -### Management Interfaces Summary +#### Management Interfaces Summary -#### IPv4 +##### IPv4 -| Management Interface | description | Type | VRF | IP Address | Gateway | +| Management Interface | Description | Type | VRF | IP Address | Gateway | | -------------------- | ----------- | ---- | --- | ---------- | ------- | | Management1 | oob_management | oob | MGMT | 10.255.0.12/24 | 10.255.0.1 | -#### IPv6 +##### IPv6 -| Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | +| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | oob_management | oob | MGMT | - | - | +| Management1 | oob_management | oob | MGMT | - | - | -### Management Interfaces Device Configuration +#### Management Interfaces Device Configuration ```eos ! @@ -68,40 +64,40 @@ interface Management1 ip address 10.255.0.12/24 ``` -## Name Servers +### IP Name Servers -### Name Servers Summary +#### IP Name Servers Summary -| Name Server | Source VRF | -| ----------- | ---------- | -| 192.168.2.1 | MGMT | -| 8.8.8.8 | MGMT | +| Name Server | VRF | Priority | +| ----------- | --- | -------- | +| 192.168.2.1 | MGMT | - | +| 8.8.8.8 | MGMT | - | -### Name Servers Device Configuration +#### IP Name Servers Device Configuration ```eos ip name-server vrf MGMT 8.8.8.8 ip name-server vrf MGMT 192.168.2.1 ``` -## NTP +### NTP -### NTP Summary +#### NTP Summary -#### NTP Local Interface +##### NTP Local Interface | Interface | VRF | | --------- | --- | | Management1 | MGMT | -#### NTP Servers +##### NTP Servers | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | -### NTP Device Configuration +#### NTP Device Configuration ```eos ! @@ -110,22 +106,21 @@ ntp server vrf MGMT 0.fr.pool.ntp.org prefer ntp server vrf MGMT 1.fr.pool.ntp.org ``` -## Management API HTTP +### Management API HTTP -### Management API HTTP Summary +#### Management API HTTP Summary -| HTTP | HTTPS | -| ---------- | ---------- | -| default | true | +| HTTP | HTTPS | Default Services | +| ---- | ----- | ---------------- | +| False | True | - | -### Management API VRF Access +#### Management API VRF Access | VRF Name | IPv4 ACL | IPv6 ACL | | -------- | -------- | -------- | | MGMT | - | - | - -### Management API HTTP Configuration +#### Management API HTTP Device Configuration ```eos ! @@ -137,150 +132,142 @@ management api http-commands no shutdown ``` -# Authentication +## Authentication -## Local Users +### Local Users -### Local Users Summary +#### Local Users Summary -| User | Privilege | Role | -| ---- | --------- | ---- | -| admin | 15 | network-admin | -| ansible | 15 | network-admin | -| cvpadmin | 15 | network-admin | +| User | Privilege | Role | Disabled | Shell | +| ---- | --------- | ---- | -------- | ----- | +| admin | 15 | network-admin | False | - | +| ansible | 15 | network-admin | False | - | +| cvpadmin | 15 | network-admin | False | - | -### Local Users Device Configuration +#### Local Users Device Configuration ```eos ! -username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 -username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +username admin privilege 15 role network-admin secret sha512 +username ansible privilege 15 role network-admin secret sha512 +username cvpadmin privilege 15 role network-admin secret sha512 ``` -# Monitoring +## Monitoring -## TerminAttr Daemon +### TerminAttr Daemon -### TerminAttr Daemon Summary +#### TerminAttr Daemon Summary | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | -| gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | +| gzip | 10.255.0.1:9910 | MGMT | token,/tmp/token | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | -### TerminAttr Daemon Device Configuration +#### TerminAttr Daemon Device Configuration ```eos ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ``` -# Spanning Tree +## Spanning Tree -## Spanning Tree Summary +### Spanning Tree Summary STP mode: **none** -### Global Spanning-Tree Settings - - -## Spanning Tree Device Configuration +### Spanning Tree Device Configuration ```eos ! spanning-tree mode none ``` -# Internal VLAN Allocation Policy +## Internal VLAN Allocation Policy -## Internal VLAN Allocation Policy Summary +### Internal VLAN Allocation Policy Summary | Policy Allocation | Range Beginning | Range Ending | | ------------------| --------------- | ------------ | | ascending | 1006 | 1199 | -## Internal VLAN Allocation Policy Configuration +### Internal VLAN Allocation Policy Device Configuration ```eos ! vlan internal order ascending range 1006 1199 ``` -# Interfaces +## Interfaces -## Ethernet Interfaces +### Ethernet Interfaces -### Ethernet Interfaces Summary +#### Ethernet Interfaces Summary -#### L2 +##### L2 | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | *Inherited from Port-Channel Interface -#### IPv4 +##### IPv4 | Interface | Description | Type | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | | --------- | ----------- | -----| ------------- | ---------- | ----| ---- | -------- | ------ | ------- | -| Ethernet1 | P2P_LINK_TO_DC1-LEAF1A_Ethernet2 | routed | - | 172.31.255.2/31 | default | 1500 | false | - | - | -| Ethernet2 | P2P_LINK_TO_DC1-LEAF1B_Ethernet2 | routed | - | 172.31.255.6/31 | default | 1500 | false | - | - | -| Ethernet3 | P2P_LINK_TO_DC1-LEAF2A_Ethernet2 | routed | - | 172.31.255.10/31 | default | 1500 | false | - | - | -| Ethernet4 | P2P_LINK_TO_DC1-LEAF2B_Ethernet2 | routed | - | 172.31.255.14/31 | default | 1500 | false | - | - | +| Ethernet1 | P2P_LINK_TO_DC1-LEAF1A_Ethernet2 | routed | - | 172.31.255.2/31 | default | - | False | - | - | +| Ethernet2 | P2P_LINK_TO_DC1-LEAF1B_Ethernet2 | routed | - | 172.31.255.6/31 | default | - | False | - | - | +| Ethernet3 | P2P_LINK_TO_DC1-LEAF2A_Ethernet2 | routed | - | 172.31.255.10/31 | default | - | False | - | - | +| Ethernet4 | P2P_LINK_TO_DC1-LEAF2B_Ethernet2 | routed | - | 172.31.255.14/31 | default | - | False | - | - | -### Ethernet Interfaces Device Configuration +#### Ethernet Interfaces Device Configuration ```eos ! interface Ethernet1 description P2P_LINK_TO_DC1-LEAF1A_Ethernet2 no shutdown - mtu 1500 no switchport ip address 172.31.255.2/31 ! interface Ethernet2 description P2P_LINK_TO_DC1-LEAF1B_Ethernet2 no shutdown - mtu 1500 no switchport ip address 172.31.255.6/31 ! interface Ethernet3 description P2P_LINK_TO_DC1-LEAF2A_Ethernet2 no shutdown - mtu 1500 no switchport ip address 172.31.255.10/31 ! interface Ethernet4 description P2P_LINK_TO_DC1-LEAF2B_Ethernet2 no shutdown - mtu 1500 no switchport ip address 172.31.255.14/31 ``` -## Loopback Interfaces +### Loopback Interfaces -### Loopback Interfaces Summary +#### Loopback Interfaces Summary -#### IPv4 +##### IPv4 | Interface | Description | VRF | IP Address | | --------- | ----------- | --- | ---------- | | Loopback0 | EVPN_Overlay_Peering | default | 192.168.255.2/32 | -#### IPv6 +##### IPv6 | Interface | Description | VRF | IPv6 Address | | --------- | ----------- | --- | ------------ | | Loopback0 | EVPN_Overlay_Peering | default | - | - -### Loopback Interfaces Device Configuration +#### Loopback Interfaces Device Configuration ```eos ! @@ -290,8 +277,9 @@ interface Loopback0 ip address 192.168.255.2/32 ``` -# Routing -## Service Routing Protocols Model +## Routing + +### Service Routing Protocols Model Multi agent routing protocol model enabled @@ -300,76 +288,80 @@ Multi agent routing protocol model enabled service routing protocols model multi-agent ``` -## IP Routing +### IP Routing -### IP Routing Summary +#### IP Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | true|| MGMT | false | +| default | True | +| MGMT | False | -### IP Routing Device Configuration +#### IP Routing Device Configuration ```eos ! ip routing no ip routing vrf MGMT ``` -## IPv6 Routing -### IPv6 Routing Summary +### IPv6 Routing + +#### IPv6 Routing Summary | VRF | Routing Enabled | | --- | --------------- | -| default | false || MGMT | false | +| default | False | +| MGMT | false | +### Static Routes -## Static Routes +#### Static Routes Summary -### Static Routes Summary +| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | +| --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | +| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | -| VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | -| --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | -| MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | - -### Static Routes Device Configuration +#### Static Routes Device Configuration ```eos ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 ``` -## Router BGP +### Router BGP + +ASN Notation: asplain -### Router BGP Summary +#### Router BGP Summary | BGP AS | Router ID | | ------ | --------- | -| 65001| 192.168.255.2 | +| 65001 | 192.168.255.2 | | BGP Tuning | | ---------- | -| no bgp default ipv4-unicast | -| distance bgp 20 200 200 | | graceful-restart restart-time 300 | | graceful-restart | +| no bgp default ipv4-unicast | +| distance bgp 20 200 200 | | maximum-paths 4 ecmp 4 | -### Router BGP Peer Groups +#### Router BGP Peer Groups -#### EVPN-OVERLAY-PEERS +##### EVPN-OVERLAY-PEERS | Settings | Value | | -------- | ----- | | Address Family | evpn | | Next-hop unchanged | True | | Source | Loopback0 | -| Bfd | true | +| BFD | True | | Ebgp multihop | 3 | | Send community | all | | Maximum routes | 0 (no limit) | -#### IPv4-UNDERLAY-PEERS +##### IPv4-UNDERLAY-PEERS | Settings | Value | | -------- | ----- | @@ -377,46 +369,48 @@ ip route vrf MGMT 0.0.0.0/0 10.255.0.1 | Send community | all | | Maximum routes | 12000 | -### BGP Neighbors +#### BGP Neighbors -| Neighbor | Remote AS | VRF | -| -------- | --------- | --- | -| 172.31.255.3 | 65101 | default | -| 172.31.255.7 | 65101 | default | -| 172.31.255.11 | 65102 | default | -| 172.31.255.15 | 65102 | default | -| 192.168.255.3 | 65101 | default | -| 192.168.255.4 | 65101 | default | -| 192.168.255.5 | 65102 | default | -| 192.168.255.6 | 65102 | default | +| Neighbor | Remote AS | VRF | Shutdown | Send-community | Maximum-routes | Allowas-in | BFD | RIB Pre-Policy Retain | Route-Reflector Client | Passive | TTL Max Hops | +| -------- | --------- | --- | -------- | -------------- | -------------- | ---------- | --- | --------------------- | ---------------------- | ------- | ------------ | +| 172.31.255.3 | 65101 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | +| 172.31.255.7 | 65101 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | +| 172.31.255.11 | 65102 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | +| 172.31.255.15 | 65102 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | +| 192.168.255.3 | 65101 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | +| 192.168.255.4 | 65101 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | +| 192.168.255.5 | 65102 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | +| 192.168.255.6 | 65102 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | -### Router BGP EVPN Address Family +#### Router BGP EVPN Address Family -#### Router BGP EVPN MAC-VRFs +##### EVPN Peer Groups -#### Router BGP EVPN VRFs +| Peer Group | Activate | Encapsulation | +| ---------- | -------- | ------------- | +| EVPN-OVERLAY-PEERS | True | default | -### Router BGP Device Configuration +#### Router BGP Device Configuration ```eos ! router bgp 65001 router-id 192.168.255.2 - no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart maximum-paths 4 ecmp 4 + no bgp default ipv4-unicast neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS next-hop-unchanged neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 - neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== + neighbor EVPN-OVERLAY-PEERS password 7 neighbor EVPN-OVERLAY-PEERS send-community neighbor EVPN-OVERLAY-PEERS maximum-routes 0 neighbor IPv4-UNDERLAY-PEERS peer group - neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== + neighbor IPv4-UNDERLAY-PEERS password 7 neighbor IPv4-UNDERLAY-PEERS send-community neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 neighbor 172.31.255.3 peer group IPv4-UNDERLAY-PEERS @@ -453,17 +447,17 @@ router bgp 65001 neighbor IPv4-UNDERLAY-PEERS activate ``` -# BFD +## BFD -## Router BFD +### Router BFD -### Router BFD Multihop Summary +#### Router BFD Multihop Summary | Interval | Minimum RX | Multiplier | | -------- | ---------- | ---------- | | 1200 | 1200 | 3 | -### Router BFD Multihop Device Configuration +#### Router BFD Device Configuration ```eos ! @@ -471,21 +465,19 @@ router bfd multihop interval 1200 min-rx 1200 multiplier 3 ``` -# Multicast - -# Filters +## Filters -## Prefix-lists +### Prefix-lists -### Prefix-lists Summary +#### Prefix-lists Summary -#### PL-LOOPBACKS-EVPN-OVERLAY +##### PL-LOOPBACKS-EVPN-OVERLAY | Sequence | Action | | -------- | ------ | | 10 | permit 192.168.255.0/24 eq 32 | -### Prefix-lists Device Configuration +#### Prefix-lists Device Configuration ```eos ! @@ -493,17 +485,17 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 10 permit 192.168.255.0/24 eq 32 ``` -## Route-maps +### Route-maps -### Route-maps Summary +#### Route-maps Summary -#### RM-CONN-2-BGP +##### RM-CONN-2-BGP -| Sequence | Type | Match and/or Set | -| -------- | ---- | ---------------- | -| 10 | permit | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | +| Sequence | Type | Match | Set | Sub-Route-Map | Continue | +| -------- | ---- | ----- | --- | ------------- | -------- | +| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - | -### Route-maps Device Configuration +#### Route-maps Device Configuration ```eos ! @@ -511,21 +503,17 @@ route-map RM-CONN-2-BGP permit 10 match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY ``` -# ACL +## VRF Instances -# VRF Instances - -## VRF Instances Summary +### VRF Instances Summary | VRF Name | IP Routing | | -------- | ---------- | | MGMT | disabled | -## VRF Instances Device Configuration +### VRF Instances Device Configuration ```eos ! vrf instance MGMT ``` - -# Quality Of Service diff --git a/inventory/documentation/fabric/DC1_FABRIC-documentation.md b/inventory/documentation/fabric/DC1_FABRIC-documentation.md index 8f431d930..73b9f3e91 100644 --- a/inventory/documentation/fabric/DC1_FABRIC-documentation.md +++ b/inventory/documentation/fabric/DC1_FABRIC-documentation.md @@ -1,7 +1,6 @@ # DC1_FABRIC -# Table of Contents - +## Table of Contents - [Fabric Switches and Management IP](#fabric-switches-and-management-ip) - [Fabric Switches with inband Management IP](#fabric-switches-with-inband-management-ip) @@ -14,27 +13,27 @@ - [VTEP Loopback VXLAN Tunnel Source Interfaces (VTEPs Only)](#vtep-loopback-vxlan-tunnel-source-interfaces-vteps-only) - [VTEP Loopback Node allocation](#vtep-loopback-node-allocation) - -# Fabric Switches and Management IP +## Fabric Switches and Management IP -| POD | Type | Node | Management IP | Platform | Provisioned in CloudVision | -| --- | ---- | ---- | ------------- | -------- | -------------------------- | -| DC1_FABRIC | l2leaf | DC1-L2LEAF1A | 10.255.0.17/24 | vEOS-LAB | Provisioned | -| DC1_FABRIC | l2leaf | DC1-L2LEAF2A | 10.255.0.18/24 | vEOS-LAB | Provisioned | -| DC1_FABRIC | l3leaf | DC1-LEAF1A | 10.255.0.13/24 | vEOS-LAB | Provisioned | -| DC1_FABRIC | l3leaf | DC1-LEAF1B | 10.255.0.14/24 | vEOS-LAB | Provisioned | -| DC1_FABRIC | l3leaf | DC1-LEAF2A | 10.255.0.15/24 | vEOS-LAB | Provisioned | -| DC1_FABRIC | l3leaf | DC1-LEAF2B | 10.255.0.16/24 | vEOS-LAB | Provisioned | -| DC1_FABRIC | spine | DC1-SPINE1 | 10.255.0.11/24 | vEOS-LAB | Provisioned | -| DC1_FABRIC | spine | DC1-SPINE2 | 10.255.0.12/24 | vEOS-LAB | Provisioned | +| POD | Type | Node | Management IP | Platform | Provisioned in CloudVision | Serial Number | +| --- | ---- | ---- | ------------- | -------- | -------------------------- | ------------- | +| DC1_FABRIC | l2leaf | DC1-L2LEAF1A | 10.255.0.17/24 | vEOS-LAB | Provisioned | - | +| DC1_FABRIC | l2leaf | DC1-L2LEAF2A | 10.255.0.18/24 | vEOS-LAB | Provisioned | - | +| DC1_FABRIC | l3leaf | DC1-LEAF1A | 10.255.0.13/24 | vEOS-LAB | Provisioned | - | +| DC1_FABRIC | l3leaf | DC1-LEAF1B | 10.255.0.14/24 | vEOS-LAB | Provisioned | - | +| DC1_FABRIC | l3leaf | DC1-LEAF2A | 10.255.0.15/24 | vEOS-LAB | Provisioned | - | +| DC1_FABRIC | l3leaf | DC1-LEAF2B | 10.255.0.16/24 | vEOS-LAB | Provisioned | - | +| DC1_FABRIC | spine | DC1-SPINE1 | 10.255.0.11/24 | vEOS-LAB | Provisioned | - | +| DC1_FABRIC | spine | DC1-SPINE2 | 10.255.0.12/24 | vEOS-LAB | Provisioned | - | > Provision status is based on Ansible inventory declaration and do not represent real status from CloudVision. -## Fabric Switches with inband Management IP +### Fabric Switches with inband Management IP + | POD | Type | Node | Management IP | Inband Interface | | --- | ---- | ---- | ------------- | ---------------- | -# Fabric Topology +## Fabric Topology | Type | Node | Node Interface | Peer Type | Peer Node | Peer Interface | | ---- | ---- | -------------- | --------- | ----------| -------------- | @@ -55,15 +54,15 @@ | l3leaf | DC1-LEAF2B | Ethernet1 | spine | DC1-SPINE1 | Ethernet4 | | l3leaf | DC1-LEAF2B | Ethernet2 | spine | DC1-SPINE2 | Ethernet4 | -# Fabric IP Allocation +## Fabric IP Allocation -## Fabric Point-To-Point Links +### Fabric Point-To-Point Links | Uplink IPv4 Pool | Available Addresses | Assigned addresses | Assigned Address % | | ---------------- | ------------------- | ------------------ | ------------------ | | 172.31.255.0/24 | 256 | 16 | 6.25 % | -## Point-To-Point Links Node Allocation +### Point-To-Point Links Node Allocation | Node | Node Interface | Node IP Address | Peer Node | Peer Interface | Peer IP Address | | ---- | -------------- | --------------- | --------- | -------------- | --------------- | @@ -76,13 +75,13 @@ | DC1-LEAF2B | Ethernet1 | 172.31.255.13/31 | DC1-SPINE1 | Ethernet4 | 172.31.255.12/31 | | DC1-LEAF2B | Ethernet2 | 172.31.255.15/31 | DC1-SPINE2 | Ethernet4 | 172.31.255.14/31 | -## Loopback Interfaces (BGP EVPN Peering) +### Loopback Interfaces (BGP EVPN Peering) | Loopback Pool | Available Addresses | Assigned addresses | Assigned Address % | | ------------- | ------------------- | ------------------ | ------------------ | | 192.168.255.0/24 | 256 | 6 | 2.35 % | -## Loopback0 Interfaces Node Allocation +### Loopback0 Interfaces Node Allocation | POD | Node | Loopback0 | | --- | ---- | --------- | @@ -93,13 +92,13 @@ | DC1_FABRIC | DC1-SPINE1 | 192.168.255.1/32 | | DC1_FABRIC | DC1-SPINE2 | 192.168.255.2/32 | -## VTEP Loopback VXLAN Tunnel Source Interfaces (VTEPs Only) +### VTEP Loopback VXLAN Tunnel Source Interfaces (VTEPs Only) | VTEP Loopback Pool | Available Addresses | Assigned addresses | Assigned Address % | | --------------------- | ------------------- | ------------------ | ------------------ | | 192.168.254.0/24 | 256 | 4 | 1.57 % | -## VTEP Loopback Node allocation +### VTEP Loopback Node allocation | POD | Node | Loopback1 | | --- | ---- | --------- | diff --git a/inventory/documentation/fabric/DC1_FABRIC-p2p-links.csv b/inventory/documentation/fabric/DC1_FABRIC-p2p-links.csv index fad6fbcf5..8968f0c44 100644 --- a/inventory/documentation/fabric/DC1_FABRIC-p2p-links.csv +++ b/inventory/documentation/fabric/DC1_FABRIC-p2p-links.csv @@ -1,4 +1,4 @@ -Type, Node,Node Interface,Leaf IP Address,Peer Type,Peer Node,Peer Interface,Peer IP Address +Type,Node,Node Interface,Leaf IP Address,Peer Type,Peer Node,Peer Interface,Peer IP Address l3leaf,DC1-LEAF1A,Ethernet1,172.31.255.1/31,spine,DC1-SPINE1,Ethernet1,172.31.255.0/31 l3leaf,DC1-LEAF1A,Ethernet2,172.31.255.3/31,spine,DC1-SPINE2,Ethernet1,172.31.255.2/31 l3leaf,DC1-LEAF1B,Ethernet1,172.31.255.5/31,spine,DC1-SPINE1,Ethernet2,172.31.255.4/31 diff --git a/inventory/documentation/fabric/DC1_FABRIC-topology.csv b/inventory/documentation/fabric/DC1_FABRIC-topology.csv index 16244c496..b9c35c5ba 100644 --- a/inventory/documentation/fabric/DC1_FABRIC-topology.csv +++ b/inventory/documentation/fabric/DC1_FABRIC-topology.csv @@ -1,35 +1,35 @@ -Node Type,Node,Node Interface,Peer Type,Peer,Peer Interface -l2leaf,DC1-L2LEAF1A,Ethernet1,l3leaf,DC1-LEAF1A,Ethernet5 -l2leaf,DC1-L2LEAF1A,Ethernet2,l3leaf,DC1-LEAF1B,Ethernet5 -l2leaf,DC1-L2LEAF1A,Ethernet5,server,server01,Eth0 -l2leaf,DC1-L2LEAF2A,Ethernet1,l3leaf,DC1-LEAF2A,Ethernet5 -l2leaf,DC1-L2LEAF2A,Ethernet2,l3leaf,DC1-LEAF2B,Ethernet5 -l2leaf,DC1-L2LEAF2A,Ethernet5,server,server02,Eth0 -l3leaf,DC1-LEAF1A,Ethernet1,spine,DC1-SPINE1,Ethernet1 -l3leaf,DC1-LEAF1A,Ethernet2,spine,DC1-SPINE2,Ethernet1 -l3leaf,DC1-LEAF1A,Ethernet3,mlag_peer,DC1-LEAF1B,Ethernet3 -l3leaf,DC1-LEAF1A,Ethernet4,mlag_peer,DC1-LEAF1B,Ethernet4 -l3leaf,DC1-LEAF1A,Ethernet5,l2leaf,DC1-L2LEAF1A,Ethernet1 -l3leaf,DC1-LEAF1B,Ethernet1,spine,DC1-SPINE1,Ethernet2 -l3leaf,DC1-LEAF1B,Ethernet2,spine,DC1-SPINE2,Ethernet2 -l3leaf,DC1-LEAF1B,Ethernet3,mlag_peer,DC1-LEAF1A,Ethernet3 -l3leaf,DC1-LEAF1B,Ethernet4,mlag_peer,DC1-LEAF1A,Ethernet4 -l3leaf,DC1-LEAF1B,Ethernet5,l2leaf,DC1-L2LEAF1A,Ethernet2 -l3leaf,DC1-LEAF2A,Ethernet1,spine,DC1-SPINE1,Ethernet3 -l3leaf,DC1-LEAF2A,Ethernet2,spine,DC1-SPINE2,Ethernet3 -l3leaf,DC1-LEAF2A,Ethernet3,mlag_peer,DC1-LEAF2B,Ethernet3 -l3leaf,DC1-LEAF2A,Ethernet4,mlag_peer,DC1-LEAF2B,Ethernet4 -l3leaf,DC1-LEAF2A,Ethernet5,l2leaf,DC1-L2LEAF2A,Ethernet1 -l3leaf,DC1-LEAF2B,Ethernet1,spine,DC1-SPINE1,Ethernet4 -l3leaf,DC1-LEAF2B,Ethernet2,spine,DC1-SPINE2,Ethernet4 -l3leaf,DC1-LEAF2B,Ethernet3,mlag_peer,DC1-LEAF2A,Ethernet3 -l3leaf,DC1-LEAF2B,Ethernet4,mlag_peer,DC1-LEAF2A,Ethernet4 -l3leaf,DC1-LEAF2B,Ethernet5,l2leaf,DC1-L2LEAF2A,Ethernet2 -spine,DC1-SPINE1,Ethernet1,l3leaf,DC1-LEAF1A,Ethernet1 -spine,DC1-SPINE1,Ethernet2,l3leaf,DC1-LEAF1B,Ethernet1 -spine,DC1-SPINE1,Ethernet3,l3leaf,DC1-LEAF2A,Ethernet1 -spine,DC1-SPINE1,Ethernet4,l3leaf,DC1-LEAF2B,Ethernet1 -spine,DC1-SPINE2,Ethernet1,l3leaf,DC1-LEAF1A,Ethernet2 -spine,DC1-SPINE2,Ethernet2,l3leaf,DC1-LEAF1B,Ethernet2 -spine,DC1-SPINE2,Ethernet3,l3leaf,DC1-LEAF2A,Ethernet2 -spine,DC1-SPINE2,Ethernet4,l3leaf,DC1-LEAF2B,Ethernet2 +Node Type,Node,Node Interface,Peer Type,Peer Node,Peer Interface,Node Interface Enabled +l2leaf,DC1-L2LEAF1A,Ethernet1,l3leaf,DC1-LEAF1A,Ethernet5,True +l2leaf,DC1-L2LEAF1A,Ethernet2,l3leaf,DC1-LEAF1B,Ethernet5,True +l2leaf,DC1-L2LEAF1A,Ethernet5,server,server01,Eth0,True +l2leaf,DC1-L2LEAF2A,Ethernet1,l3leaf,DC1-LEAF2A,Ethernet5,True +l2leaf,DC1-L2LEAF2A,Ethernet2,l3leaf,DC1-LEAF2B,Ethernet5,True +l2leaf,DC1-L2LEAF2A,Ethernet5,server,server02,Eth0,True +l3leaf,DC1-LEAF1A,Ethernet1,spine,DC1-SPINE1,Ethernet1,True +l3leaf,DC1-LEAF1A,Ethernet2,spine,DC1-SPINE2,Ethernet1,True +l3leaf,DC1-LEAF1A,Ethernet3,mlag_peer,DC1-LEAF1B,Ethernet3,True +l3leaf,DC1-LEAF1A,Ethernet4,mlag_peer,DC1-LEAF1B,Ethernet4,True +l3leaf,DC1-LEAF1A,Ethernet5,l2leaf,DC1-L2LEAF1A,Ethernet1,True +l3leaf,DC1-LEAF1B,Ethernet1,spine,DC1-SPINE1,Ethernet2,True +l3leaf,DC1-LEAF1B,Ethernet2,spine,DC1-SPINE2,Ethernet2,True +l3leaf,DC1-LEAF1B,Ethernet3,mlag_peer,DC1-LEAF1A,Ethernet3,True +l3leaf,DC1-LEAF1B,Ethernet4,mlag_peer,DC1-LEAF1A,Ethernet4,True +l3leaf,DC1-LEAF1B,Ethernet5,l2leaf,DC1-L2LEAF1A,Ethernet2,True +l3leaf,DC1-LEAF2A,Ethernet1,spine,DC1-SPINE1,Ethernet3,True +l3leaf,DC1-LEAF2A,Ethernet2,spine,DC1-SPINE2,Ethernet3,True +l3leaf,DC1-LEAF2A,Ethernet3,mlag_peer,DC1-LEAF2B,Ethernet3,True +l3leaf,DC1-LEAF2A,Ethernet4,mlag_peer,DC1-LEAF2B,Ethernet4,True +l3leaf,DC1-LEAF2A,Ethernet5,l2leaf,DC1-L2LEAF2A,Ethernet1,True +l3leaf,DC1-LEAF2B,Ethernet1,spine,DC1-SPINE1,Ethernet4,True +l3leaf,DC1-LEAF2B,Ethernet2,spine,DC1-SPINE2,Ethernet4,True +l3leaf,DC1-LEAF2B,Ethernet3,mlag_peer,DC1-LEAF2A,Ethernet3,True +l3leaf,DC1-LEAF2B,Ethernet4,mlag_peer,DC1-LEAF2A,Ethernet4,True +l3leaf,DC1-LEAF2B,Ethernet5,l2leaf,DC1-L2LEAF2A,Ethernet2,True +spine,DC1-SPINE1,Ethernet1,l3leaf,DC1-LEAF1A,Ethernet1,True +spine,DC1-SPINE1,Ethernet2,l3leaf,DC1-LEAF1B,Ethernet1,True +spine,DC1-SPINE1,Ethernet3,l3leaf,DC1-LEAF2A,Ethernet1,True +spine,DC1-SPINE1,Ethernet4,l3leaf,DC1-LEAF2B,Ethernet1,True +spine,DC1-SPINE2,Ethernet1,l3leaf,DC1-LEAF1A,Ethernet2,True +spine,DC1-SPINE2,Ethernet2,l3leaf,DC1-LEAF1B,Ethernet2,True +spine,DC1-SPINE2,Ethernet3,l3leaf,DC1-LEAF2A,Ethernet2,True +spine,DC1-SPINE2,Ethernet4,l3leaf,DC1-LEAF2B,Ethernet2,True diff --git a/inventory/group_vars/CVP.yml b/inventory/group_vars/CVP.yml index 706f92830..ecab005c2 100644 --- a/inventory/group_vars/CVP.yml +++ b/inventory/group_vars/CVP.yml @@ -16,11 +16,11 @@ ztp: end: 10.255.0.250 lease_time: 300 clients: - # GNS3 VM Request + # GNS3 VM Request - name: gns3 mac: '00:50:56:86:8b:2f' ip4: 10.255.0.2 - # AVD/CVP Integration + # AVD/CVP Integration - name: DC1-SPINE1 mac: '0c:1d:c0:1d:62:01' ip4: 10.255.0.11 diff --git a/inventory/group_vars/DC1.yml b/inventory/group_vars/DC1.yml index 0220f906f..7e71e6125 100644 --- a/inventory/group_vars/DC1.yml +++ b/inventory/group_vars/DC1.yml @@ -18,8 +18,14 @@ local_users: sha512_password: "$6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/" # Cloud Vision server information -cvp_instance_ip: 10.255.0.1 -cvp_ingestauth_key: '' +cvp_instance_ips: + - 10.255.0.1 + +# use token based auth instead + +# If not set, TerminAttr will be configured with certificate based authentication: +# - On-premise using token onboarding. Default token path is '/tmp/token'. +# - CVaaS using token-secure onboarding. Default token path is '/tmp/cv-onboarding-token'. # cvp_ingestauth_key: telarista # OOB Management network default gateway. @@ -28,9 +34,11 @@ mgmt_interface_vrf: MGMT mgmt_gateway: 10.255.0.1 # dns servers. -name_servers: - - 192.168.2.1 - - 8.8.8.8 +ip_name_servers: + - ip_address: 192.168.2.1 + vrf: MGMT + - ip_address: 8.8.8.8 + vrf: MGMT # NTP Servers IP or DNS name, first NTP server will be prefered, and sourced from Managment VRF custom_structured_configuration_ntp: @@ -38,8 +46,8 @@ custom_structured_configuration_ntp: name: Management1 vrf: MGMT servers: - - name: 0.fr.pool.ntp.org - preferred: true - vrf: MGMT - - name: 1.fr.pool.ntp.org - vrf: MGMT \ No newline at end of file + - name: 0.fr.pool.ntp.org + preferred: true + vrf: MGMT + - name: 1.fr.pool.ntp.org + vrf: MGMT diff --git a/inventory/group_vars/DC1_SERVERS.yml b/inventory/group_vars/DC1_CONNECTED_ENDPOINTS.yml similarity index 82% rename from inventory/group_vars/DC1_SERVERS.yml rename to inventory/group_vars/DC1_CONNECTED_ENDPOINTS.yml index a7993ab43..8cc72d923 100644 --- a/inventory/group_vars/DC1_SERVERS.yml +++ b/inventory/group_vars/DC1_CONNECTED_ENDPOINTS.yml @@ -14,16 +14,14 @@ servers: server01: rack: RackA adapters: - - type: nic - server_ports: [Eth0] + - endpoint_ports: [Eth0] switch_ports: [Ethernet5] switches: [DC1-L2LEAF1A] profile: TENANT_A server02: rack: RackA adapters: - - type: nic - server_ports: [Eth0] + - endpoint_ports: [Eth0] switch_ports: [Ethernet5] switches: [DC1-L2LEAF2A] profile: TENANT_A diff --git a/inventory/group_vars/DC1_FABRIC.yml b/inventory/group_vars/DC1_FABRIC.yml index 5e9f128fd..3c00a034c 100644 --- a/inventory/group_vars/DC1_FABRIC.yml +++ b/inventory/group_vars/DC1_FABRIC.yml @@ -5,15 +5,15 @@ fabric_name: DC1_FABRIC # Enable vlan aware bundles -vxlan_vlan_aware_bundles: true +evpn_vlan_aware_bundles: true # bgp peer groups passwords bgp_peer_groups: - IPv4_UNDERLAY_PEERS: + ipv4_underlay_peers: password: "AQQvKeimxJu+uGQ/yYvv9w==" - EVPN_OVERLAY_PEERS: + evpn_overlay_peers: password: "q+VNViP5i4rVjW1cxFv2wA==" - MLAG_IPv4_UNDERLAY_PEER: + mlag_ipv4_underlay_peer: password: "vnEaG8gMeQf3d3cN6PktXQ==" # Spine Switches @@ -22,13 +22,20 @@ spine: platform: vEOS-LAB bgp_as: 65001 loopback_ipv4_pool: 192.168.255.0/24 - bgp_defaults: - - 'no bgp default ipv4-unicast' - - 'distance bgp 20 200 200' - - 'graceful-restart restart-time 300' - - 'graceful-restart' mlag_peer_ipv4_pool: 10.255.252.0/24 mlag_peer_l3_ipv4_pool: 10.255.251.0/24 + structured_config: + router_bgp: + bgp: + default: + ipv4_unicast: false + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 nodes: DC1-SPINE1: id: 1 @@ -54,11 +61,18 @@ l3leaf: mlag_peer_ipv4_pool: 10.255.252.0/24 mlag_peer_l3_ipv4_pool: 10.255.251.0/24 virtual_router_mac_address: 00:1c:73:00:dc:01 - bgp_defaults: - - 'no bgp default ipv4-unicast' - - 'distance bgp 20 200 200' - - 'graceful-restart restart-time 300' - - 'graceful-restart' + structured_config: + router_bgp: + bgp: + default: + ipv4_unicast: false + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 spanning_tree_mode: mstp spanning_tree_priority: 16384 node_groups: @@ -103,7 +117,10 @@ l2leaf: uplink_switches: [ DC1-LEAF1A, DC1-LEAF1B ] filter: tenants: [ Tenant_A ] - tags: [ opzone, web, app ] + tags: + - app + - opzone + - web nodes: DC1-L2LEAF1A: id: 5 @@ -113,21 +130,17 @@ l2leaf: uplink_switches: [ DC1-LEAF2A, DC1-LEAF2B ] filter: tenants: [ Tenant_A ] - tags: [ opzone, web, app ] + tags: + - app + - opzone + - web nodes: DC1-L2LEAF2A: id: 7 mgmt_ip: 10.255.0.18/24 uplink_switch_interfaces: [ Ethernet5, Ethernet5 ] -#### Override for vEOS Lab Caveats #### - -# Disable update wait-for-convergence and update wait-for-install, -# which is not supported in vEOS-LAB. -# Refer to design guide - -# Update p2p mtu 9000 -> 1500 -p2p_uplinks_mtu: 1500 +p2p_uplinks_mtu: 9000 # Adjust default bfd values bfd_multihop: @@ -142,3 +155,36 @@ bfd_multihop: # containers: # DC1_L3LEAFS: # - ASE_GLOBAL-ALIASES + + +#### Override for vEOS Lab Caveats #### +# Refer to design guide + +platform_settings: + - platforms: + - default + - platforms: + - vEOS-LAB + reload_delay: + # In seconds. + mlag: 300 + # In seconds. + non_mlag: 330 + feature_support: + queue_monitor_length_notify: false + interface_storm_control: false + poe: false + + # Support for configuration of per interface MTU for p2p links, MLAG SVIs and Network Services. + # Effectively this means that all settings regarding interface MTU will be ignored if this is false. + # Platforms without support for per interface MTU can use a single default interface MTU setting. Set this via "default_interface_mtu" + per_interface_mtu: false + + # Disables FIB updates and route advertisement when the BGP instance is initiated until the BGP convergence state is reached. + # Can be overridden by setting "bgp_update_wait_install" host/group_vars. + bgp_update_wait_install: false + + # Do not advertise reachability to a prefix until that prefix has been installed in hardware. + # This will eliminate any temporary black holes due to a BGP speaker advertising reachability to a prefix that may not yet be installed into the forwarding plane. + # Can be overridden by setting "bgp_update_wait_for_convergence" host/group_vars. + bgp_update_wait_for_convergence: false diff --git a/inventory/group_vars/DC1_TENANTS_NETWORKS.yml b/inventory/group_vars/DC1_TENANTS_NETWORKS.yml deleted file mode 100644 index adbcc36f3..000000000 --- a/inventory/group_vars/DC1_TENANTS_NETWORKS.yml +++ /dev/null @@ -1,138 +0,0 @@ ---- -# DC1 Tenants Networks -# Documentation of Tenant specific information - Vlans/VRFs -tenants: - # Tenant A Specific Information - VRFs / VLANs - Tenant_A: - mac_vrf_vni_base: 10000 - vrfs: - Tenant_A_OP_Zone: - vrf_vni: 10 - vtep_diagnostic: - loopback: 100 - loopback_ip_range: 10.255.1.0/24 - svis: - 110: - name: Tenant_A_OP_Zone_1 - tags: [opzone] - enabled: true - ip_address_virtual: 10.1.10.1/24 - 111: - vni_override: 50111 - name: Tenant_A_OP_Zone_2 - tags: [opzone] - enabled: true - ip_address_virtual: 10.1.11.1/24 - 112: - vni_override: 50112 - name: Tenant_A_OP_Zone_3 - tags: [opzone] - enabled: true - ip_address_virtual: 10.1.12.254/24 - Tenant_A_WEB_Zone: - vrf_vni: 11 - svis: - 120: - name: Tenant_A_WEB_Zone_1 - tags: [web, erp1] - enabled: true - ip_subnet: 10.1.20.0/24 - 121: - name: Tenant_A_WEBZone_2 - tags: [web] - enabled: true - ip_address_virtual: 10.1.21.1/24 - Tenant_A_APP_Zone: - vrf_vni: 12 - svis: - 130: - name: Tenant_A_APP_Zone_1 - tags: [app, erp1] - enabled: true - ip_subnet: 10.1.30.0/24 - 131: - name: Tenant_A_APP_Zone_2 - tags: [app] - enabled: true - ip_address_virtual: 10.1.31.254/24 - Tenant_A_DB_Zone: - vrf_vni: 13 - svis: - 140: - name: Tenant_A_DB_BZone_1 - tags: [db, erp1] - enabled: true - ip_address_virtual: 10.1.40.1/24 - 141: - name: Tenant_A_DB_Zone_2 - tags: [db] - enabled: true - ip_address_virtual: 10.1.41.1/24 - Tenant_A_WAN_Zone: - vrf_vni: 14 - svis: - 150: - name: Tenant_A_WAN_Zone_1 - tags: [wan] - enabled: true - ip_address_virtual: 10.1.40.1/24 - l2vlans: - 160: - vni_override: 55160 - name: Tenant_A_VMOTION - tags: [vmotion] - 161: - name: Tenant_A_NFS - tags: [nfs] - - # Tenant B Specific Information - VRFs / VLANs - Tenant_B: - mac_vrf_vni_base: 20000 - vrfs: - Tenant_B_OP_Zone: - vrf_vni: 20 - svis: - 210: - name: Tenant_B_OP_Zone_1 - tags: [opzone] - enabled: true - ip_subnet: 10.2.10.0/24 - 211: - name: Tenant_B_OP_Zone_2 - tags: [opzone] - enabled: true - ip_address_virtual: 10.2.11.1/24 - Tenant_B_WAN_Zone: - vrf_vni: 21 - svis: - 250: - name: Tenant_B_WAN_Zone_1 - tags: [wan] - enabled: true - ip_address_virtual: 10.2.50.1/24 - - # Tenant C Specific Information - VRFs / VLANs - Tenant_C: - mac_vrf_vni_base: 30000 - vrfs: - Tenant_C_OP_Zone: - vrf_vni: 30 - svis: - 310: - name: Tenant_C_OP_Zone_1 - tags: [opzone] - enabled: true - ip_subnet: 10.3.10.0/24 - 311: - name: Tenant_C_OP_Zone_2 - tags: [opzone] - enabled: true - ip_subnet: 10.3.11.1/24 - Tenant_C_WAN_Zone: - vrf_vni: 31 - svis: - 350: - name: Tenant_C_WAN_Zone_1 - tags: [wan] - enabled: true - ip_subnet: 10.3.50.1/24 diff --git a/inventory/group_vars/NETWORK_SERVICES/Tenant_A.yml b/inventory/group_vars/NETWORK_SERVICES/Tenant_A.yml new file mode 100644 index 000000000..0b428e57a --- /dev/null +++ b/inventory/group_vars/NETWORK_SERVICES/Tenant_A.yml @@ -0,0 +1,82 @@ +--- +# Tenant A Specific Information - VRFs / VLANs +Tenant_A: + - name: "Tenant_A" + mac_vrf_vni_base: 10000 + vrfs: + - name: Tenant_A_OP_Zone + vrf_vni: 10 + vtep_diagnostic: + loopback: 100 + loopback_ip_range: 10.255.1.0/24 + svis: + - id: 110 + name: Tenant_A_OP_Zone_1 + tags: [opzone] + enabled: true + ip_address_virtual: 10.1.10.1/24 + - id: 111 + vni_override: 50111 + name: Tenant_A_OP_Zone_2 + tags: [opzone] + enabled: true + ip_address_virtual: 10.1.11.1/24 + - id: 112 + vni_override: 50112 + name: Tenant_A_OP_Zone_3 + tags: [opzone] + enabled: true + ip_address_virtual: 10.1.12.254/24 + - name: Tenant_A_WEB_Zone + vrf_vni: 11 + svis: + - id: 120 + name: Tenant_A_WEB_Zone_1 + tags: [web, erp1] + enabled: true + - id: 121 + name: Tenant_A_WEBZone_2 + tags: [web] + enabled: true + ip_address_virtual: 10.1.21.1/24 + - name: Tenant_A_APP_Zone + vrf_vni: 12 + svis: + - id: 130 + name: Tenant_A_APP_Zone_1 + tags: [app, erp1] + enabled: true + - id: 131 + name: Tenant_A_APP_Zone_2 + tags: [app] + enabled: true + ip_address_virtual: 10.1.31.254/24 + - name: Tenant_A_DB_Zone + vrf_vni: 13 + svis: + - id: 140 + name: Tenant_A_DB_BZone_1 + tags: [db, erp1] + enabled: true + ip_address_virtual: 10.1.40.1/24 + - id: 141 + name: Tenant_A_DB_Zone_2 + tags: [db] + enabled: true + ip_address_virtual: 10.1.41.1/24 + - name: Tenant_A_WAN_Zone + vrf_vni: 14 + svis: + - id: 150 + name: Tenant_A_WAN_Zone_1 + tags: [wan] + enabled: true + ip_address_virtual: 10.1.40.1/24 + l2vlans: + - id: 160 + vni_override: 55160 + name: Tenant_A_VMOTION + tags: [vmotion] + - id: 161 + name: Tenant_A_NFS + tags: [nfs] diff --git a/inventory/group_vars/NETWORK_SERVICES/Tenant_B.yml b/inventory/group_vars/NETWORK_SERVICES/Tenant_B.yml new file mode 100644 index 000000000..f023ea181 --- /dev/null +++ b/inventory/group_vars/NETWORK_SERVICES/Tenant_B.yml @@ -0,0 +1,26 @@ +--- +# Tenant B Specific Information - VRFs / VLANs +Tenant_B: + - name: Tenant_B + mac_vrf_vni_base: 20000 + vrfs: + - name: Tenant_B_OP_Zone + vrf_vni: 20 + svis: + - id: 210 + name: Tenant_B_OP_Zone_1 + tags: [opzone] + enabled: true + - id: 211 + name: Tenant_B_OP_Zone_2 + tags: [opzone] + enabled: true + ip_address_virtual: 10.2.11.1/24 + - name: Tenant_B_WAN_Zone + vrf_vni: 21 + svis: + - id: 250 + name: Tenant_B_WAN_Zone_1 + tags: [wan] + enabled: true + ip_address_virtual: 10.2.50.1/24 diff --git a/inventory/group_vars/NETWORK_SERVICES/Tenant_C.yml b/inventory/group_vars/NETWORK_SERVICES/Tenant_C.yml new file mode 100644 index 000000000..589f92869 --- /dev/null +++ b/inventory/group_vars/NETWORK_SERVICES/Tenant_C.yml @@ -0,0 +1,24 @@ +--- +# Tenant C Specific Information - VRFs / VLANs +Tenant_C: + - name: Tenant_C + mac_vrf_vni_base: 30000 + vrfs: + - name: Tenant_C_OP_Zone + vrf_vni: 30 + svis: + - id: 310 + name: Tenant_C_OP_Zone_1 + tags: [opzone] + enabled: true + - id: 311 + name: Tenant_C_OP_Zone_2 + tags: [opzone] + enabled: true + - name: Tenant_C_WAN_Zone + vrf_vni: 31 + svis: + - id: 350 + name: Tenant_C_WAN_Zone_1 + tags: [wan] + enabled: true diff --git a/inventory/group_vars/NETWORK_SERVICES/tenants.yml b/inventory/group_vars/NETWORK_SERVICES/tenants.yml new file mode 100644 index 000000000..abb011546 --- /dev/null +++ b/inventory/group_vars/NETWORK_SERVICES/tenants.yml @@ -0,0 +1,5 @@ +--- +network_services_keys: + - name: Tenant_A + - name: Tenant_B + - name: Tenant_C diff --git a/inventory/intended/configs/DC1-L2LEAF1A.cfg b/inventory/intended/configs/DC1-L2LEAF1A.cfg index 465a31462..5e685b040 100644 --- a/inventory/intended/configs/DC1-L2LEAF1A.cfg +++ b/inventory/intended/configs/DC1-L2LEAF1A.cfg @@ -1,7 +1,7 @@ !RANCID-CONTENT-TYPE: arista ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ! vlan internal order ascending range 1006 1199 @@ -21,8 +21,8 @@ ntp server vrf MGMT 1.fr.pool.ntp.org spanning-tree mode mstp spanning-tree mst 0 priority 16384 ! -no aaa root no enable password +no aaa root ! username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ @@ -71,17 +71,15 @@ interface Ethernet2 interface Ethernet5 description server01_Eth0 no shutdown - switchport switchport access vlan 110 switchport mode access + switchport ! interface Management1 description oob_management no shutdown vrf MGMT ip address 10.255.0.17/24 -! -ip routing no ip routing vrf MGMT ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 diff --git a/inventory/intended/configs/DC1-L2LEAF2A.cfg b/inventory/intended/configs/DC1-L2LEAF2A.cfg index 52a85eb80..5beb9daea 100644 --- a/inventory/intended/configs/DC1-L2LEAF2A.cfg +++ b/inventory/intended/configs/DC1-L2LEAF2A.cfg @@ -1,7 +1,7 @@ !RANCID-CONTENT-TYPE: arista ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ! vlan internal order ascending range 1006 1199 @@ -21,8 +21,8 @@ ntp server vrf MGMT 1.fr.pool.ntp.org spanning-tree mode mstp spanning-tree mst 0 priority 16384 ! -no aaa root no enable password +no aaa root ! username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ @@ -71,17 +71,15 @@ interface Ethernet2 interface Ethernet5 description server02_Eth0 no shutdown - switchport switchport access vlan 110 switchport mode access + switchport ! interface Management1 description oob_management no shutdown vrf MGMT ip address 10.255.0.18/24 -! -ip routing no ip routing vrf MGMT ! ip route vrf MGMT 0.0.0.0/0 10.255.0.1 diff --git a/inventory/intended/configs/DC1-LEAF1A.cfg b/inventory/intended/configs/DC1-LEAF1A.cfg index 9b2651712..2710ee1d1 100644 --- a/inventory/intended/configs/DC1-LEAF1A.cfg +++ b/inventory/intended/configs/DC1-LEAF1A.cfg @@ -1,7 +1,7 @@ !RANCID-CONTENT-TYPE: arista ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ! vlan internal order ascending range 1006 1199 @@ -22,8 +22,8 @@ spanning-tree mode mstp no spanning-tree vlan-id 4093-4094 spanning-tree mst 0 priority 16384 ! -no aaa root no enable password +no aaa root ! username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ @@ -151,7 +151,6 @@ interface Port-Channel3 description MLAG_PEER_DC1-LEAF1B_Po3 no shutdown switchport - switchport trunk allowed vlan 2-4094 switchport mode trunk switchport trunk group LEAF_PEER_L3 switchport trunk group MLAG @@ -167,14 +166,12 @@ interface Port-Channel5 interface Ethernet1 description P2P_LINK_TO_DC1-SPINE1_Ethernet1 no shutdown - mtu 1500 no switchport ip address 172.31.255.1/31 ! interface Ethernet2 description P2P_LINK_TO_DC1-SPINE2_Ethernet1 no shutdown - mtu 1500 no switchport ip address 172.31.255.3/31 ! @@ -308,76 +305,65 @@ interface Vlan350 interface Vlan3009 description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone no shutdown - mtu 1500 vrf Tenant_A_OP_Zone ip address 10.255.251.0/31 ! interface Vlan3010 description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone no shutdown - mtu 1500 vrf Tenant_A_WEB_Zone ip address 10.255.251.0/31 ! interface Vlan3011 description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone no shutdown - mtu 1500 vrf Tenant_A_APP_Zone ip address 10.255.251.0/31 ! interface Vlan3012 description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone no shutdown - mtu 1500 vrf Tenant_A_DB_Zone ip address 10.255.251.0/31 ! interface Vlan3013 description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone no shutdown - mtu 1500 vrf Tenant_A_WAN_Zone ip address 10.255.251.0/31 ! interface Vlan3019 description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone no shutdown - mtu 1500 vrf Tenant_B_OP_Zone ip address 10.255.251.0/31 ! interface Vlan3020 description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone no shutdown - mtu 1500 vrf Tenant_B_WAN_Zone ip address 10.255.251.0/31 ! interface Vlan3029 description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone no shutdown - mtu 1500 vrf Tenant_C_OP_Zone ip address 10.255.251.0/31 ! interface Vlan3030 description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone no shutdown - mtu 1500 vrf Tenant_C_WAN_Zone ip address 10.255.251.0/31 ! interface Vlan4093 description MLAG_PEER_L3_PEERING no shutdown - mtu 1500 ip address 10.255.251.0/31 ! interface Vlan4094 description MLAG_PEER no shutdown - mtu 1500 no autostate ip address 10.255.252.0/31 ! @@ -456,11 +442,11 @@ router bfd ! router bgp 65101 router-id 192.168.255.3 - no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart maximum-paths 4 ecmp 4 + no bgp default ipv4-unicast neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd @@ -475,6 +461,7 @@ router bgp 65101 neighbor MLAG-IPv4-UNDERLAY-PEER peer group neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101 neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self + neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF1B neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== neighbor MLAG-IPv4-UNDERLAY-PEER send-community neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 diff --git a/inventory/intended/configs/DC1-LEAF1B.cfg b/inventory/intended/configs/DC1-LEAF1B.cfg index ced0b9a8e..09426c098 100644 --- a/inventory/intended/configs/DC1-LEAF1B.cfg +++ b/inventory/intended/configs/DC1-LEAF1B.cfg @@ -1,7 +1,7 @@ !RANCID-CONTENT-TYPE: arista ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ! vlan internal order ascending range 1006 1199 @@ -22,8 +22,8 @@ spanning-tree mode mstp no spanning-tree vlan-id 4093-4094 spanning-tree mst 0 priority 16384 ! -no aaa root no enable password +no aaa root ! username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ @@ -151,7 +151,6 @@ interface Port-Channel3 description MLAG_PEER_DC1-LEAF1A_Po3 no shutdown switchport - switchport trunk allowed vlan 2-4094 switchport mode trunk switchport trunk group LEAF_PEER_L3 switchport trunk group MLAG @@ -167,14 +166,12 @@ interface Port-Channel5 interface Ethernet1 description P2P_LINK_TO_DC1-SPINE1_Ethernet2 no shutdown - mtu 1500 no switchport ip address 172.31.255.5/31 ! interface Ethernet2 description P2P_LINK_TO_DC1-SPINE2_Ethernet2 no shutdown - mtu 1500 no switchport ip address 172.31.255.7/31 ! @@ -308,76 +305,65 @@ interface Vlan350 interface Vlan3009 description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone no shutdown - mtu 1500 vrf Tenant_A_OP_Zone ip address 10.255.251.1/31 ! interface Vlan3010 description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone no shutdown - mtu 1500 vrf Tenant_A_WEB_Zone ip address 10.255.251.1/31 ! interface Vlan3011 description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone no shutdown - mtu 1500 vrf Tenant_A_APP_Zone ip address 10.255.251.1/31 ! interface Vlan3012 description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone no shutdown - mtu 1500 vrf Tenant_A_DB_Zone ip address 10.255.251.1/31 ! interface Vlan3013 description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone no shutdown - mtu 1500 vrf Tenant_A_WAN_Zone ip address 10.255.251.1/31 ! interface Vlan3019 description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone no shutdown - mtu 1500 vrf Tenant_B_OP_Zone ip address 10.255.251.1/31 ! interface Vlan3020 description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone no shutdown - mtu 1500 vrf Tenant_B_WAN_Zone ip address 10.255.251.1/31 ! interface Vlan3029 description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone no shutdown - mtu 1500 vrf Tenant_C_OP_Zone ip address 10.255.251.1/31 ! interface Vlan3030 description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone no shutdown - mtu 1500 vrf Tenant_C_WAN_Zone ip address 10.255.251.1/31 ! interface Vlan4093 description MLAG_PEER_L3_PEERING no shutdown - mtu 1500 ip address 10.255.251.1/31 ! interface Vlan4094 description MLAG_PEER no shutdown - mtu 1500 no autostate ip address 10.255.252.1/31 ! @@ -456,11 +442,11 @@ router bfd ! router bgp 65101 router-id 192.168.255.4 - no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart maximum-paths 4 ecmp 4 + no bgp default ipv4-unicast neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd @@ -475,6 +461,7 @@ router bgp 65101 neighbor MLAG-IPv4-UNDERLAY-PEER peer group neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101 neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self + neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF1A neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== neighbor MLAG-IPv4-UNDERLAY-PEER send-community neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 diff --git a/inventory/intended/configs/DC1-LEAF2A.cfg b/inventory/intended/configs/DC1-LEAF2A.cfg index ada0dd791..2d6b22ea4 100644 --- a/inventory/intended/configs/DC1-LEAF2A.cfg +++ b/inventory/intended/configs/DC1-LEAF2A.cfg @@ -1,7 +1,7 @@ !RANCID-CONTENT-TYPE: arista ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ! vlan internal order ascending range 1006 1199 @@ -22,8 +22,8 @@ spanning-tree mode mstp no spanning-tree vlan-id 4093-4094 spanning-tree mst 0 priority 16384 ! -no aaa root no enable password +no aaa root ! username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ @@ -151,7 +151,6 @@ interface Port-Channel3 description MLAG_PEER_DC1-LEAF2B_Po3 no shutdown switchport - switchport trunk allowed vlan 2-4094 switchport mode trunk switchport trunk group LEAF_PEER_L3 switchport trunk group MLAG @@ -167,14 +166,12 @@ interface Port-Channel5 interface Ethernet1 description P2P_LINK_TO_DC1-SPINE1_Ethernet3 no shutdown - mtu 1500 no switchport ip address 172.31.255.9/31 ! interface Ethernet2 description P2P_LINK_TO_DC1-SPINE2_Ethernet3 no shutdown - mtu 1500 no switchport ip address 172.31.255.11/31 ! @@ -308,76 +305,65 @@ interface Vlan350 interface Vlan3009 description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone no shutdown - mtu 1500 vrf Tenant_A_OP_Zone ip address 10.255.251.4/31 ! interface Vlan3010 description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone no shutdown - mtu 1500 vrf Tenant_A_WEB_Zone ip address 10.255.251.4/31 ! interface Vlan3011 description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone no shutdown - mtu 1500 vrf Tenant_A_APP_Zone ip address 10.255.251.4/31 ! interface Vlan3012 description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone no shutdown - mtu 1500 vrf Tenant_A_DB_Zone ip address 10.255.251.4/31 ! interface Vlan3013 description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone no shutdown - mtu 1500 vrf Tenant_A_WAN_Zone ip address 10.255.251.4/31 ! interface Vlan3019 description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone no shutdown - mtu 1500 vrf Tenant_B_OP_Zone ip address 10.255.251.4/31 ! interface Vlan3020 description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone no shutdown - mtu 1500 vrf Tenant_B_WAN_Zone ip address 10.255.251.4/31 ! interface Vlan3029 description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone no shutdown - mtu 1500 vrf Tenant_C_OP_Zone ip address 10.255.251.4/31 ! interface Vlan3030 description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone no shutdown - mtu 1500 vrf Tenant_C_WAN_Zone ip address 10.255.251.4/31 ! interface Vlan4093 description MLAG_PEER_L3_PEERING no shutdown - mtu 1500 ip address 10.255.251.4/31 ! interface Vlan4094 description MLAG_PEER no shutdown - mtu 1500 no autostate ip address 10.255.252.4/31 ! @@ -456,11 +442,11 @@ router bfd ! router bgp 65102 router-id 192.168.255.5 - no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart maximum-paths 4 ecmp 4 + no bgp default ipv4-unicast neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd @@ -475,6 +461,7 @@ router bgp 65102 neighbor MLAG-IPv4-UNDERLAY-PEER peer group neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102 neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self + neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2B neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== neighbor MLAG-IPv4-UNDERLAY-PEER send-community neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 diff --git a/inventory/intended/configs/DC1-LEAF2B.cfg b/inventory/intended/configs/DC1-LEAF2B.cfg index 178d1df49..d825ce5ed 100644 --- a/inventory/intended/configs/DC1-LEAF2B.cfg +++ b/inventory/intended/configs/DC1-LEAF2B.cfg @@ -1,7 +1,7 @@ !RANCID-CONTENT-TYPE: arista ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ! vlan internal order ascending range 1006 1199 @@ -22,8 +22,8 @@ spanning-tree mode mstp no spanning-tree vlan-id 4093-4094 spanning-tree mst 0 priority 16384 ! -no aaa root no enable password +no aaa root ! username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ @@ -151,7 +151,6 @@ interface Port-Channel3 description MLAG_PEER_DC1-LEAF2A_Po3 no shutdown switchport - switchport trunk allowed vlan 2-4094 switchport mode trunk switchport trunk group LEAF_PEER_L3 switchport trunk group MLAG @@ -167,14 +166,12 @@ interface Port-Channel5 interface Ethernet1 description P2P_LINK_TO_DC1-SPINE1_Ethernet4 no shutdown - mtu 1500 no switchport ip address 172.31.255.13/31 ! interface Ethernet2 description P2P_LINK_TO_DC1-SPINE2_Ethernet4 no shutdown - mtu 1500 no switchport ip address 172.31.255.15/31 ! @@ -308,76 +305,65 @@ interface Vlan350 interface Vlan3009 description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone no shutdown - mtu 1500 vrf Tenant_A_OP_Zone ip address 10.255.251.5/31 ! interface Vlan3010 description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone no shutdown - mtu 1500 vrf Tenant_A_WEB_Zone ip address 10.255.251.5/31 ! interface Vlan3011 description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone no shutdown - mtu 1500 vrf Tenant_A_APP_Zone ip address 10.255.251.5/31 ! interface Vlan3012 description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone no shutdown - mtu 1500 vrf Tenant_A_DB_Zone ip address 10.255.251.5/31 ! interface Vlan3013 description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone no shutdown - mtu 1500 vrf Tenant_A_WAN_Zone ip address 10.255.251.5/31 ! interface Vlan3019 description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone no shutdown - mtu 1500 vrf Tenant_B_OP_Zone ip address 10.255.251.5/31 ! interface Vlan3020 description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone no shutdown - mtu 1500 vrf Tenant_B_WAN_Zone ip address 10.255.251.5/31 ! interface Vlan3029 description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone no shutdown - mtu 1500 vrf Tenant_C_OP_Zone ip address 10.255.251.5/31 ! interface Vlan3030 description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone no shutdown - mtu 1500 vrf Tenant_C_WAN_Zone ip address 10.255.251.5/31 ! interface Vlan4093 description MLAG_PEER_L3_PEERING no shutdown - mtu 1500 ip address 10.255.251.5/31 ! interface Vlan4094 description MLAG_PEER no shutdown - mtu 1500 no autostate ip address 10.255.252.5/31 ! @@ -456,11 +442,11 @@ router bfd ! router bgp 65102 router-id 192.168.255.6 - no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart maximum-paths 4 ecmp 4 + no bgp default ipv4-unicast neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS update-source Loopback0 neighbor EVPN-OVERLAY-PEERS bfd @@ -475,6 +461,7 @@ router bgp 65102 neighbor MLAG-IPv4-UNDERLAY-PEER peer group neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102 neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self + neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2A neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== neighbor MLAG-IPv4-UNDERLAY-PEER send-community neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 diff --git a/inventory/intended/configs/DC1-SPINE1.cfg b/inventory/intended/configs/DC1-SPINE1.cfg index f76715fe2..777a31edf 100644 --- a/inventory/intended/configs/DC1-SPINE1.cfg +++ b/inventory/intended/configs/DC1-SPINE1.cfg @@ -1,7 +1,7 @@ !RANCID-CONTENT-TYPE: arista ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ! vlan internal order ascending range 1006 1199 @@ -20,8 +20,8 @@ ntp server vrf MGMT 1.fr.pool.ntp.org ! spanning-tree mode none ! -no aaa root no enable password +no aaa root ! username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ @@ -32,28 +32,24 @@ vrf instance MGMT interface Ethernet1 description P2P_LINK_TO_DC1-LEAF1A_Ethernet1 no shutdown - mtu 1500 no switchport ip address 172.31.255.0/31 ! interface Ethernet2 description P2P_LINK_TO_DC1-LEAF1B_Ethernet1 no shutdown - mtu 1500 no switchport ip address 172.31.255.4/31 ! interface Ethernet3 description P2P_LINK_TO_DC1-LEAF2A_Ethernet1 no shutdown - mtu 1500 no switchport ip address 172.31.255.8/31 ! interface Ethernet4 description P2P_LINK_TO_DC1-LEAF2B_Ethernet1 no shutdown - mtu 1500 no switchport ip address 172.31.255.12/31 ! @@ -84,11 +80,11 @@ router bfd ! router bgp 65001 router-id 192.168.255.1 - no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart maximum-paths 4 ecmp 4 + no bgp default ipv4-unicast neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS next-hop-unchanged neighbor EVPN-OVERLAY-PEERS update-source Loopback0 diff --git a/inventory/intended/configs/DC1-SPINE2.cfg b/inventory/intended/configs/DC1-SPINE2.cfg index d8a47a98c..a40b46872 100644 --- a/inventory/intended/configs/DC1-SPINE2.cfg +++ b/inventory/intended/configs/DC1-SPINE2.cfg @@ -1,7 +1,7 @@ !RANCID-CONTENT-TYPE: arista ! daemon TerminAttr - exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs + exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs no shutdown ! vlan internal order ascending range 1006 1199 @@ -20,8 +20,8 @@ ntp server vrf MGMT 1.fr.pool.ntp.org ! spanning-tree mode none ! -no aaa root no enable password +no aaa root ! username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ @@ -32,28 +32,24 @@ vrf instance MGMT interface Ethernet1 description P2P_LINK_TO_DC1-LEAF1A_Ethernet2 no shutdown - mtu 1500 no switchport ip address 172.31.255.2/31 ! interface Ethernet2 description P2P_LINK_TO_DC1-LEAF1B_Ethernet2 no shutdown - mtu 1500 no switchport ip address 172.31.255.6/31 ! interface Ethernet3 description P2P_LINK_TO_DC1-LEAF2A_Ethernet2 no shutdown - mtu 1500 no switchport ip address 172.31.255.10/31 ! interface Ethernet4 description P2P_LINK_TO_DC1-LEAF2B_Ethernet2 no shutdown - mtu 1500 no switchport ip address 172.31.255.14/31 ! @@ -84,11 +80,11 @@ router bfd ! router bgp 65001 router-id 192.168.255.2 - no bgp default ipv4-unicast distance bgp 20 200 200 graceful-restart restart-time 300 graceful-restart maximum-paths 4 ecmp 4 + no bgp default ipv4-unicast neighbor EVPN-OVERLAY-PEERS peer group neighbor EVPN-OVERLAY-PEERS next-hop-unchanged neighbor EVPN-OVERLAY-PEERS update-source Loopback0 diff --git a/inventory/intended/structured_configs/DC1-L2LEAF1A-debug-vars.yml b/inventory/intended/structured_configs/DC1-L2LEAF1A-debug-vars.yml index 9752ea512..655c9c7e6 100644 --- a/inventory/intended/structured_configs/DC1-L2LEAF1A-debug-vars.yml +++ b/inventory/intended/structured_configs/DC1-L2LEAF1A-debug-vars.yml @@ -20,14 +20,16 @@ local_users: privilege: 15 role: network-admin sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -cvp_instance_ip: 10.255.0.1 -cvp_ingestauth_key: '' +cvp_instance_ips: +- 10.255.0.1 mgmt_interface: Management1 mgmt_interface_vrf: MGMT mgmt_gateway: 10.255.0.1 -name_servers: -- 192.168.2.1 -- 8.8.8.8 +ip_name_servers: +- ip_address: 192.168.2.1 + vrf: MGMT +- ip_address: 8.8.8.8 + vrf: MGMT custom_structured_configuration_ntp: local_interface: name: Management1 @@ -38,27 +40,65 @@ custom_structured_configuration_ntp: vrf: MGMT - name: 1.fr.pool.ntp.org vrf: MGMT +port_profiles: + TENANT_A_B: + mode: trunk + vlans: 110-111,210-211 + TENANT_A: + mode: access + vlans: '110' + TENANT_B: + mode: trunk + vlans: 210-211 +servers: + server01: + rack: RackA + adapters: + - endpoint_ports: + - Eth0 + switch_ports: + - Ethernet5 + switches: + - DC1-L2LEAF1A + profile: TENANT_A + server02: + rack: RackA + adapters: + - endpoint_ports: + - Eth0 + switch_ports: + - Ethernet5 + switches: + - DC1-L2LEAF2A + profile: TENANT_A fabric_name: DC1_FABRIC -vxlan_vlan_aware_bundles: true +evpn_vlan_aware_bundles: true bgp_peer_groups: - IPv4_UNDERLAY_PEERS: + ipv4_underlay_peers: password: AQQvKeimxJu+uGQ/yYvv9w== - EVPN_OVERLAY_PEERS: + evpn_overlay_peers: password: q+VNViP5i4rVjW1cxFv2wA== - MLAG_IPv4_UNDERLAY_PEER: + mlag_ipv4_underlay_peer: password: vnEaG8gMeQf3d3cN6PktXQ== spine: defaults: platform: vEOS-LAB bgp_as: 65001 loopback_ipv4_pool: 192.168.255.0/24 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart mlag_peer_ipv4_pool: 10.255.252.0/24 mlag_peer_l3_ipv4_pool: 10.255.251.0/24 + structured_config: + router_bgp: + bgp: + default: + ipv4_unicast: false + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 nodes: DC1-SPINE1: id: 1 @@ -85,11 +125,18 @@ l3leaf: mlag_peer_ipv4_pool: 10.255.252.0/24 mlag_peer_l3_ipv4_pool: 10.255.251.0/24 virtual_router_mac_address: 00:1c:73:00:dc:01 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart + structured_config: + router_bgp: + bgp: + default: + ipv4_unicast: false + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 spanning_tree_mode: mstp spanning_tree_priority: 16384 node_groups: @@ -150,9 +197,9 @@ l2leaf: tenants: - Tenant_A tags: + - app - opzone - web - - app nodes: DC1-L2LEAF1A: id: 5 @@ -168,9 +215,9 @@ l2leaf: tenants: - Tenant_A tags: + - app - opzone - web - - app nodes: DC1-L2LEAF2A: id: 7 @@ -178,477 +225,1058 @@ l2leaf: uplink_switch_interfaces: - Ethernet5 - Ethernet5 -p2p_uplinks_mtu: 1500 +p2p_uplinks_mtu: 9000 bfd_multihop: interval: 1200 min_rx: 1200 multiplier: 3 -port_profiles: - TENANT_A_B: - mode: trunk - vlans: 110-111,210-211 - TENANT_A: - mode: access - vlans: '110' - TENANT_B: - mode: trunk - vlans: 210-211 -servers: - server01: - rack: RackA - adapters: - - type: nic - server_ports: - - Eth0 - switch_ports: - - Ethernet5 - switches: - - DC1-L2LEAF1A - profile: TENANT_A - server02: - rack: RackA - adapters: - - type: nic - server_ports: - - Eth0 - switch_ports: - - Ethernet5 - switches: - - DC1-L2LEAF2A - profile: TENANT_A -tenants: - Tenant_A: - mac_vrf_vni_base: 10000 - vrfs: - Tenant_A_OP_Zone: - vrf_vni: 10 - vtep_diagnostic: - loopback: 100 - loopback_ip_range: 10.255.1.0/24 - svis: - 110: - name: Tenant_A_OP_Zone_1 - tags: - - opzone - enabled: true - ip_address_virtual: 10.1.10.1/24 - 111: - vni_override: 50111 - name: Tenant_A_OP_Zone_2 - tags: - - opzone - enabled: true - ip_address_virtual: 10.1.11.1/24 - 112: - vni_override: 50112 - name: Tenant_A_OP_Zone_3 - tags: - - opzone - enabled: true - ip_address_virtual: 10.1.12.254/24 - Tenant_A_WEB_Zone: - vrf_vni: 11 - svis: - 120: - name: Tenant_A_WEB_Zone_1 - tags: - - web - - erp1 - enabled: true - ip_subnet: 10.1.20.0/24 - 121: - name: Tenant_A_WEBZone_2 - tags: - - web - enabled: true - ip_address_virtual: 10.1.21.1/24 - Tenant_A_APP_Zone: - vrf_vni: 12 - svis: - 130: - name: Tenant_A_APP_Zone_1 - tags: - - app - - erp1 - enabled: true - ip_subnet: 10.1.30.0/24 - 131: - name: Tenant_A_APP_Zone_2 - tags: - - app - enabled: true - ip_address_virtual: 10.1.31.254/24 - Tenant_A_DB_Zone: - vrf_vni: 13 - svis: - 140: - name: Tenant_A_DB_BZone_1 - tags: - - db - - erp1 - enabled: true - ip_address_virtual: 10.1.40.1/24 - 141: - name: Tenant_A_DB_Zone_2 - tags: - - db - enabled: true - ip_address_virtual: 10.1.41.1/24 - Tenant_A_WAN_Zone: - vrf_vni: 14 - svis: - 150: - name: Tenant_A_WAN_Zone_1 - tags: - - wan - enabled: true - ip_address_virtual: 10.1.40.1/24 - l2vlans: - 160: - vni_override: 55160 - name: Tenant_A_VMOTION - tags: - - vmotion - 161: - name: Tenant_A_NFS - tags: - - nfs - Tenant_B: - mac_vrf_vni_base: 20000 - vrfs: - Tenant_B_OP_Zone: - vrf_vni: 20 - svis: - 210: - name: Tenant_B_OP_Zone_1 - tags: - - opzone - enabled: true - ip_subnet: 10.2.10.0/24 - 211: - name: Tenant_B_OP_Zone_2 - tags: - - opzone - enabled: true - ip_address_virtual: 10.2.11.1/24 - Tenant_B_WAN_Zone: - vrf_vni: 21 - svis: - 250: - name: Tenant_B_WAN_Zone_1 - tags: - - wan - enabled: true - ip_address_virtual: 10.2.50.1/24 - Tenant_C: - mac_vrf_vni_base: 30000 - vrfs: - Tenant_C_OP_Zone: - vrf_vni: 30 - svis: - 310: - name: Tenant_C_OP_Zone_1 - tags: - - opzone - enabled: true - ip_subnet: 10.3.10.0/24 - 311: - name: Tenant_C_OP_Zone_2 - tags: - - opzone - enabled: true - ip_subnet: 10.3.11.1/24 - Tenant_C_WAN_Zone: - vrf_vni: 31 - svis: - 350: - name: Tenant_C_WAN_Zone_1 - tags: - - wan - enabled: true - ip_subnet: 10.3.50.1/24 -inventory_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml -inventory_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory +platform_settings: +- platforms: + - default +- platforms: + - vEOS-LAB + reload_delay: + mlag: 300 + non_mlag: 330 + feature_support: + queue_monitor_length_notify: false + interface_storm_control: false + poe: false + per_interface_mtu: false + bgp_update_wait_install: false + bgp_update_wait_for_convergence: false +Tenant_A: +- name: Tenant_A + mac_vrf_vni_base: 10000 + vrfs: + - name: Tenant_A_OP_Zone + vrf_vni: 10 + vtep_diagnostic: + loopback: 100 + loopback_ip_range: 10.255.1.0/24 + svis: + - id: 110 + name: Tenant_A_OP_Zone_1 + tags: + - opzone + enabled: true + ip_address_virtual: 10.1.10.1/24 + - id: 111 + vni_override: 50111 + name: Tenant_A_OP_Zone_2 + tags: + - opzone + enabled: true + ip_address_virtual: 10.1.11.1/24 + - id: 112 + vni_override: 50112 + name: Tenant_A_OP_Zone_3 + tags: + - opzone + enabled: true + ip_address_virtual: 10.1.12.254/24 + - name: Tenant_A_WEB_Zone + vrf_vni: 11 + svis: + - id: 120 + name: Tenant_A_WEB_Zone_1 + tags: + - web + - erp1 + enabled: true + - id: 121 + name: Tenant_A_WEBZone_2 + tags: + - web + enabled: true + ip_address_virtual: 10.1.21.1/24 + - name: Tenant_A_APP_Zone + vrf_vni: 12 + svis: + - id: 130 + name: Tenant_A_APP_Zone_1 + tags: + - app + - erp1 + enabled: true + - id: 131 + name: Tenant_A_APP_Zone_2 + tags: + - app + enabled: true + ip_address_virtual: 10.1.31.254/24 + - name: Tenant_A_DB_Zone + vrf_vni: 13 + svis: + - id: 140 + name: Tenant_A_DB_BZone_1 + tags: + - db + - erp1 + enabled: true + ip_address_virtual: 10.1.40.1/24 + - id: 141 + name: Tenant_A_DB_Zone_2 + tags: + - db + enabled: true + ip_address_virtual: 10.1.41.1/24 + - name: Tenant_A_WAN_Zone + vrf_vni: 14 + svis: + - id: 150 + name: Tenant_A_WAN_Zone_1 + tags: + - wan + enabled: true + ip_address_virtual: 10.1.40.1/24 + l2vlans: + - id: 160 + vni_override: 55160 + name: Tenant_A_VMOTION + tags: + - vmotion + - id: 161 + name: Tenant_A_NFS + tags: + - nfs +Tenant_B: +- name: Tenant_B + mac_vrf_vni_base: 20000 + vrfs: + - name: Tenant_B_OP_Zone + vrf_vni: 20 + svis: + - id: 210 + name: Tenant_B_OP_Zone_1 + tags: + - opzone + enabled: true + - id: 211 + name: Tenant_B_OP_Zone_2 + tags: + - opzone + enabled: true + ip_address_virtual: 10.2.11.1/24 + - name: Tenant_B_WAN_Zone + vrf_vni: 21 + svis: + - id: 250 + name: Tenant_B_WAN_Zone_1 + tags: + - wan + enabled: true + ip_address_virtual: 10.2.50.1/24 +Tenant_C: +- name: Tenant_C + mac_vrf_vni_base: 30000 + vrfs: + - name: Tenant_C_OP_Zone + vrf_vni: 30 + svis: + - id: 310 + name: Tenant_C_OP_Zone_1 + tags: + - opzone + enabled: true + - id: 311 + name: Tenant_C_OP_Zone_2 + tags: + - opzone + enabled: true + - name: Tenant_C_WAN_Zone + vrf_vni: 31 + svis: + - id: 350 + name: Tenant_C_WAN_Zone_1 + tags: + - wan + enabled: true +network_services_keys: +- name: Tenant_A +- name: Tenant_B +- name: Tenant_C +inventory_file: /Users/pvinci/ansible-avd-cloudvision-demo/inventory/inventory.yml +inventory_dir: /Users/pvinci/ansible-avd-cloudvision-demo/inventory ansible_host: 10.255.0.17 inventory_hostname: DC1-L2LEAF1A inventory_hostname_short: DC1-L2LEAF1A group_names: - DC1 +- DC1_CONNECTED_ENDPOINTS - DC1_FABRIC - DC1_L2LEAF1 - DC1_L2LEAFS -- DC1_SERVERS -- DC1_TENANTS_NETWORKS +- NETWORK_SERVICES ansible_facts: - switch: - type: l2leaf - node_type_key: l2leaf - connected_endpoints: true - default_evpn_role: none - mlag_support: true - network_services_l2: true - network_services_l3: false - underlay_router: false - uplink_type: port-channel - vtep: false - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_L2LEAF1 - id: 5 - mgmt_ip: 10.255.0.17/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - Tenant_A - filter_tags: - - opzone - - web - - app - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: + avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF1B + - DC1-LEAF1A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF2B + - DC1-LEAF2A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + avd_overlay_peers: + DC1-SPINE1: - DC1-LEAF1A - DC1-LEAF1B - uplink_switch_interfaces: - - Ethernet5 - - Ethernet5 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - mlag: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: [] - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - topology: - links: - Ethernet1: + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + avd_topology_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-LEAF2A: + - DC1-L2LEAF2A +avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 peer: DC1-LEAF1A peer_interface: Ethernet5 peer_type: l3leaf + peer_is_deployed: true type: underlay_l2 + vlans: 110-112,120-121,130-131 channel_description: DC1_LEAF1 - channel_group_id: 1 - peer_channel_group_id: 5 - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - Ethernet2: + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 peer: DC1-LEAF1B peer_interface: Ethernet5 peer_type: l3leaf + peer_is_deployed: true type: underlay_l2 + vlans: 110-112,120-121,130-131 channel_description: DC1_LEAF1 - channel_group_id: 1 - peer_channel_group_id: 5 - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - peers: - - DC1-LEAF1A - - DC1-LEAF1B - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 -switch: - type: l2leaf - node_type_key: l2leaf - connected_endpoints: true - default_evpn_role: none - mlag_support: true - network_services_l2: true - network_services_l3: false - underlay_router: false - uplink_type: port-channel - vtep: false - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_L2LEAF1 - id: 5 - mgmt_ip: 10.255.0.17/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - Tenant_A - filter_tags: - - opzone - - web - - app - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF1B + - DC1-LEAF1A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF2B + - DC1-LEAF2A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] +avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_topology_peers: + DC1-SPINE1: - DC1-LEAF1A - DC1-LEAF1B - uplink_switch_interfaces: - - Ethernet5 - - Ethernet5 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - mlag: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: [] - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 -topology: - links: - Ethernet1: - peer: DC1-LEAF1A - peer_interface: Ethernet5 - peer_type: l3leaf - type: underlay_l2 - channel_description: DC1_LEAF1 - channel_group_id: 1 - peer_channel_group_id: 5 - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - Ethernet2: - peer: DC1-LEAF1B - peer_interface: Ethernet5 - peer_type: l3leaf - type: underlay_l2 - channel_description: DC1_LEAF1 - channel_group_id: 1 - peer_channel_group_id: 5 - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - peers: + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: - DC1-LEAF1A - DC1-LEAF1B - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 -playbook_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/playbooks -ansible_playbook_python: /Users/tgrimonet/.pyenv/versions/3.9.7/envs/arista-avd-demo/bin/python3.9 -ansible_config_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/ansible.cfg + - DC1-LEAF2A + - DC1-LEAF2B + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-LEAF2A: + - DC1-L2LEAF2A +avd_requirements: + failed: false + changed: false +playbook_dir: /Users/pvinci/ansible-avd-cloudvision-demo/playbooks +ansible_playbook_python: /Users/pvinci/.pyenv/versions/3.11.9/bin/python3 +ansible_config_file: /Users/pvinci/ansible-avd-cloudvision-demo/ansible.cfg groups: all: - cv_ztp @@ -668,12 +1296,12 @@ groups: DC1: - DC1-SPINE1 - DC1-SPINE2 - - DC1-L2LEAF1A - - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B + - DC1-L2LEAF1A + - DC1-L2LEAF2A DC1_FABRIC: - DC1-SPINE1 - DC1-SPINE2 @@ -704,32 +1332,32 @@ groups: - DC1-L2LEAF1A DC1_L2LEAF2: - DC1-L2LEAF2A - DC1_TENANTS_NETWORKS: + NETWORK_SERVICES: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - DC1-L2LEAF1A - DC1-L2LEAF2A - DC1_SERVERS: + DC1_CONNECTED_ENDPOINTS: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - DC1-L2LEAF1A - DC1-L2LEAF2A -omit: __omit_place_holder__977da4f00604c643da39a9f2175c10b09f0b2380 +omit: __omit_place_holder__9e0ee8fc9716456e882c32fe1aa1621f8d1d8ab2 ansible_version: - string: 2.10.14 - full: 2.10.14 + string: 2.16.7 + full: 2.16.7 major: 2 - minor: 10 - revision: 14 + minor: 16 + revision: 7 ansible_check_mode: false ansible_diff_mode: false ansible_forks: 5 ansible_inventory_sources: -- /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml +- /Users/pvinci/ansible-avd-cloudvision-demo/inventory/inventory.yml ansible_skip_tags: [] ansible_run_tags: - build diff --git a/inventory/intended/structured_configs/DC1-L2LEAF1A.yml b/inventory/intended/structured_configs/DC1-L2LEAF1A.yml index a4079755c..4a9741ff9 100644 --- a/inventory/intended/structured_configs/DC1-L2LEAF1A.yml +++ b/inventory/intended/structured_configs/DC1-L2LEAF1A.yml @@ -1,14 +1,16 @@ +hostname: DC1-L2LEAF1A +is_deployed: true static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 gateway: 10.255.0.1 service_routing_protocols_model: multi-agent -ip_routing: true daemon_terminattr: cvaddrs: - 10.255.0.1:9910 cvauth: - method: key + method: token + token_file: /tmp/token cvvrf: MGMT smashexcludes: ale,flexCounter,hardware,kni,pulse,strata ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent @@ -18,106 +20,103 @@ vlan_internal_order: range: beginning: 1006 ending: 1199 -name_server: - source: - vrf: MGMT - nodes: - - 192.168.2.1 - - 8.8.8.8 spanning_tree: mode: mstp mst_instances: - '0': - priority: 16384 + - id: '0' + priority: 16384 local_users: - admin: - privilege: 15 - role: network-admin - sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 - ansible: - privilege: 15 - role: network-admin - sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ - cvpadmin: - privilege: 15 - role: network-admin - sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +- name: admin + privilege: 15 + role: network-admin + sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 +- name: ansible + privilege: 15 + role: network-admin + sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ +- name: cvpadmin + privilege: 15 + role: network-admin + sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. vrfs: - MGMT: - ip_routing: false +- name: MGMT + ip_routing: false management_interfaces: - Management1: - description: oob_management - shutdown: false - vrf: MGMT - ip_address: 10.255.0.17/24 - gateway: 10.255.0.1 - type: oob +- name: Management1 + description: oob_management + shutdown: false + vrf: MGMT + ip_address: 10.255.0.17/24 + gateway: 10.255.0.1 + type: oob management_api_http: enable_vrfs: - MGMT: {} + - name: MGMT enable_https: true ethernet_interfaces: - Ethernet1: - peer: DC1-LEAF1A - peer_interface: Ethernet5 - peer_type: l3leaf - description: DC1-LEAF1A_Ethernet5 - type: switched - shutdown: false - channel_group: - id: 1 - mode: active - Ethernet2: - peer: DC1-LEAF1B - peer_interface: Ethernet5 - peer_type: l3leaf - description: DC1-LEAF1B_Ethernet5 - type: switched - shutdown: false - channel_group: - id: 1 - mode: active - Ethernet5: - peer: server01 - peer_interface: Eth0 - peer_type: server - description: server01_Eth0 - type: switched - shutdown: false - mode: access - vlans: 110 +- name: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + description: DC1-LEAF1A_Ethernet5 + shutdown: false + type: port-channel-member + channel_group: + id: 1 + mode: active +- name: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + description: DC1-LEAF1B_Ethernet5 + shutdown: false + type: port-channel-member + channel_group: + id: 1 + mode: active +- name: Ethernet5 + peer: server01 + peer_interface: Eth0 + peer_type: server + port_profile: TENANT_A + description: server01_Eth0 + shutdown: false + type: switched + mode: access + vlans: '110' port_channel_interfaces: - Port-Channel1: - description: DC1_LEAF1_Po5 - type: switched - shutdown: false - vlans: 110-112,120-121,130-131 - mode: trunk +- name: Port-Channel1 + description: DC1_LEAF1_Po5 + type: switched + shutdown: false + mode: trunk + vlans: 110-112,120-121,130-131 vlans: - 130: - tenant: Tenant_A - name: Tenant_A_APP_Zone_1 - 131: - tenant: Tenant_A - name: Tenant_A_APP_Zone_2 - 110: - tenant: Tenant_A - name: Tenant_A_OP_Zone_1 - 111: - tenant: Tenant_A - name: Tenant_A_OP_Zone_2 - 112: - tenant: Tenant_A - name: Tenant_A_OP_Zone_3 - 120: - tenant: Tenant_A - name: Tenant_A_WEB_Zone_1 - 121: - tenant: Tenant_A - name: Tenant_A_WEBZone_2 +- id: 130 + name: Tenant_A_APP_Zone_1 + tenant: Tenant_A +- id: 131 + name: Tenant_A_APP_Zone_2 + tenant: Tenant_A +- id: 110 + name: Tenant_A_OP_Zone_1 + tenant: Tenant_A +- id: 111 + name: Tenant_A_OP_Zone_2 + tenant: Tenant_A +- id: 112 + name: Tenant_A_OP_Zone_3 + tenant: Tenant_A +- id: 120 + name: Tenant_A_WEB_Zone_1 + tenant: Tenant_A +- id: 121 + name: Tenant_A_WEBZone_2 + tenant: Tenant_A ip_igmp_snooping: globally_enabled: true +metadata: + platform: vEOS-LAB ntp: local_interface: name: Management1 diff --git a/inventory/intended/structured_configs/DC1-L2LEAF2A-debug-vars.yml b/inventory/intended/structured_configs/DC1-L2LEAF2A-debug-vars.yml index c9c4dc984..68ea2f097 100644 --- a/inventory/intended/structured_configs/DC1-L2LEAF2A-debug-vars.yml +++ b/inventory/intended/structured_configs/DC1-L2LEAF2A-debug-vars.yml @@ -20,14 +20,16 @@ local_users: privilege: 15 role: network-admin sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -cvp_instance_ip: 10.255.0.1 -cvp_ingestauth_key: '' +cvp_instance_ips: +- 10.255.0.1 mgmt_interface: Management1 mgmt_interface_vrf: MGMT mgmt_gateway: 10.255.0.1 -name_servers: -- 192.168.2.1 -- 8.8.8.8 +ip_name_servers: +- ip_address: 192.168.2.1 + vrf: MGMT +- ip_address: 8.8.8.8 + vrf: MGMT custom_structured_configuration_ntp: local_interface: name: Management1 @@ -38,27 +40,65 @@ custom_structured_configuration_ntp: vrf: MGMT - name: 1.fr.pool.ntp.org vrf: MGMT +port_profiles: + TENANT_A_B: + mode: trunk + vlans: 110-111,210-211 + TENANT_A: + mode: access + vlans: '110' + TENANT_B: + mode: trunk + vlans: 210-211 +servers: + server01: + rack: RackA + adapters: + - endpoint_ports: + - Eth0 + switch_ports: + - Ethernet5 + switches: + - DC1-L2LEAF1A + profile: TENANT_A + server02: + rack: RackA + adapters: + - endpoint_ports: + - Eth0 + switch_ports: + - Ethernet5 + switches: + - DC1-L2LEAF2A + profile: TENANT_A fabric_name: DC1_FABRIC -vxlan_vlan_aware_bundles: true +evpn_vlan_aware_bundles: true bgp_peer_groups: - IPv4_UNDERLAY_PEERS: + ipv4_underlay_peers: password: AQQvKeimxJu+uGQ/yYvv9w== - EVPN_OVERLAY_PEERS: + evpn_overlay_peers: password: q+VNViP5i4rVjW1cxFv2wA== - MLAG_IPv4_UNDERLAY_PEER: + mlag_ipv4_underlay_peer: password: vnEaG8gMeQf3d3cN6PktXQ== spine: defaults: platform: vEOS-LAB bgp_as: 65001 loopback_ipv4_pool: 192.168.255.0/24 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart mlag_peer_ipv4_pool: 10.255.252.0/24 mlag_peer_l3_ipv4_pool: 10.255.251.0/24 + structured_config: + router_bgp: + bgp: + default: + ipv4_unicast: false + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 nodes: DC1-SPINE1: id: 1 @@ -85,11 +125,18 @@ l3leaf: mlag_peer_ipv4_pool: 10.255.252.0/24 mlag_peer_l3_ipv4_pool: 10.255.251.0/24 virtual_router_mac_address: 00:1c:73:00:dc:01 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart + structured_config: + router_bgp: + bgp: + default: + ipv4_unicast: false + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 spanning_tree_mode: mstp spanning_tree_priority: 16384 node_groups: @@ -150,9 +197,9 @@ l2leaf: tenants: - Tenant_A tags: + - app - opzone - web - - app nodes: DC1-L2LEAF1A: id: 5 @@ -168,9 +215,9 @@ l2leaf: tenants: - Tenant_A tags: + - app - opzone - web - - app nodes: DC1-L2LEAF2A: id: 7 @@ -178,477 +225,1058 @@ l2leaf: uplink_switch_interfaces: - Ethernet5 - Ethernet5 -p2p_uplinks_mtu: 1500 +p2p_uplinks_mtu: 9000 bfd_multihop: interval: 1200 min_rx: 1200 multiplier: 3 -port_profiles: - TENANT_A_B: - mode: trunk - vlans: 110-111,210-211 - TENANT_A: - mode: access - vlans: '110' - TENANT_B: - mode: trunk - vlans: 210-211 -servers: - server01: - rack: RackA - adapters: - - type: nic - server_ports: - - Eth0 - switch_ports: - - Ethernet5 - switches: - - DC1-L2LEAF1A - profile: TENANT_A - server02: - rack: RackA - adapters: - - type: nic - server_ports: - - Eth0 - switch_ports: - - Ethernet5 - switches: - - DC1-L2LEAF2A - profile: TENANT_A -tenants: - Tenant_A: - mac_vrf_vni_base: 10000 - vrfs: - Tenant_A_OP_Zone: - vrf_vni: 10 - vtep_diagnostic: - loopback: 100 - loopback_ip_range: 10.255.1.0/24 - svis: - 110: - name: Tenant_A_OP_Zone_1 - tags: - - opzone - enabled: true - ip_address_virtual: 10.1.10.1/24 - 111: - vni_override: 50111 - name: Tenant_A_OP_Zone_2 - tags: - - opzone - enabled: true - ip_address_virtual: 10.1.11.1/24 - 112: - vni_override: 50112 - name: Tenant_A_OP_Zone_3 - tags: - - opzone - enabled: true - ip_address_virtual: 10.1.12.254/24 - Tenant_A_WEB_Zone: - vrf_vni: 11 - svis: - 120: - name: Tenant_A_WEB_Zone_1 - tags: - - web - - erp1 - enabled: true - ip_subnet: 10.1.20.0/24 - 121: - name: Tenant_A_WEBZone_2 - tags: - - web - enabled: true - ip_address_virtual: 10.1.21.1/24 - Tenant_A_APP_Zone: - vrf_vni: 12 - svis: - 130: - name: Tenant_A_APP_Zone_1 - tags: - - app - - erp1 - enabled: true - ip_subnet: 10.1.30.0/24 - 131: - name: Tenant_A_APP_Zone_2 - tags: - - app - enabled: true - ip_address_virtual: 10.1.31.254/24 - Tenant_A_DB_Zone: - vrf_vni: 13 - svis: - 140: - name: Tenant_A_DB_BZone_1 - tags: - - db - - erp1 - enabled: true - ip_address_virtual: 10.1.40.1/24 - 141: - name: Tenant_A_DB_Zone_2 - tags: - - db - enabled: true - ip_address_virtual: 10.1.41.1/24 - Tenant_A_WAN_Zone: - vrf_vni: 14 - svis: - 150: - name: Tenant_A_WAN_Zone_1 - tags: - - wan - enabled: true - ip_address_virtual: 10.1.40.1/24 - l2vlans: - 160: - vni_override: 55160 - name: Tenant_A_VMOTION - tags: - - vmotion - 161: - name: Tenant_A_NFS - tags: - - nfs - Tenant_B: - mac_vrf_vni_base: 20000 - vrfs: - Tenant_B_OP_Zone: - vrf_vni: 20 - svis: - 210: - name: Tenant_B_OP_Zone_1 - tags: - - opzone - enabled: true - ip_subnet: 10.2.10.0/24 - 211: - name: Tenant_B_OP_Zone_2 - tags: - - opzone - enabled: true - ip_address_virtual: 10.2.11.1/24 - Tenant_B_WAN_Zone: - vrf_vni: 21 - svis: - 250: - name: Tenant_B_WAN_Zone_1 - tags: - - wan - enabled: true - ip_address_virtual: 10.2.50.1/24 - Tenant_C: - mac_vrf_vni_base: 30000 - vrfs: - Tenant_C_OP_Zone: - vrf_vni: 30 - svis: - 310: - name: Tenant_C_OP_Zone_1 - tags: - - opzone - enabled: true - ip_subnet: 10.3.10.0/24 - 311: - name: Tenant_C_OP_Zone_2 - tags: - - opzone - enabled: true - ip_subnet: 10.3.11.1/24 - Tenant_C_WAN_Zone: - vrf_vni: 31 - svis: - 350: - name: Tenant_C_WAN_Zone_1 - tags: - - wan - enabled: true - ip_subnet: 10.3.50.1/24 -inventory_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml -inventory_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory +platform_settings: +- platforms: + - default +- platforms: + - vEOS-LAB + reload_delay: + mlag: 300 + non_mlag: 330 + feature_support: + queue_monitor_length_notify: false + interface_storm_control: false + poe: false + per_interface_mtu: false + bgp_update_wait_install: false + bgp_update_wait_for_convergence: false +Tenant_A: +- name: Tenant_A + mac_vrf_vni_base: 10000 + vrfs: + - name: Tenant_A_OP_Zone + vrf_vni: 10 + vtep_diagnostic: + loopback: 100 + loopback_ip_range: 10.255.1.0/24 + svis: + - id: 110 + name: Tenant_A_OP_Zone_1 + tags: + - opzone + enabled: true + ip_address_virtual: 10.1.10.1/24 + - id: 111 + vni_override: 50111 + name: Tenant_A_OP_Zone_2 + tags: + - opzone + enabled: true + ip_address_virtual: 10.1.11.1/24 + - id: 112 + vni_override: 50112 + name: Tenant_A_OP_Zone_3 + tags: + - opzone + enabled: true + ip_address_virtual: 10.1.12.254/24 + - name: Tenant_A_WEB_Zone + vrf_vni: 11 + svis: + - id: 120 + name: Tenant_A_WEB_Zone_1 + tags: + - web + - erp1 + enabled: true + - id: 121 + name: Tenant_A_WEBZone_2 + tags: + - web + enabled: true + ip_address_virtual: 10.1.21.1/24 + - name: Tenant_A_APP_Zone + vrf_vni: 12 + svis: + - id: 130 + name: Tenant_A_APP_Zone_1 + tags: + - app + - erp1 + enabled: true + - id: 131 + name: Tenant_A_APP_Zone_2 + tags: + - app + enabled: true + ip_address_virtual: 10.1.31.254/24 + - name: Tenant_A_DB_Zone + vrf_vni: 13 + svis: + - id: 140 + name: Tenant_A_DB_BZone_1 + tags: + - db + - erp1 + enabled: true + ip_address_virtual: 10.1.40.1/24 + - id: 141 + name: Tenant_A_DB_Zone_2 + tags: + - db + enabled: true + ip_address_virtual: 10.1.41.1/24 + - name: Tenant_A_WAN_Zone + vrf_vni: 14 + svis: + - id: 150 + name: Tenant_A_WAN_Zone_1 + tags: + - wan + enabled: true + ip_address_virtual: 10.1.40.1/24 + l2vlans: + - id: 160 + vni_override: 55160 + name: Tenant_A_VMOTION + tags: + - vmotion + - id: 161 + name: Tenant_A_NFS + tags: + - nfs +Tenant_B: +- name: Tenant_B + mac_vrf_vni_base: 20000 + vrfs: + - name: Tenant_B_OP_Zone + vrf_vni: 20 + svis: + - id: 210 + name: Tenant_B_OP_Zone_1 + tags: + - opzone + enabled: true + - id: 211 + name: Tenant_B_OP_Zone_2 + tags: + - opzone + enabled: true + ip_address_virtual: 10.2.11.1/24 + - name: Tenant_B_WAN_Zone + vrf_vni: 21 + svis: + - id: 250 + name: Tenant_B_WAN_Zone_1 + tags: + - wan + enabled: true + ip_address_virtual: 10.2.50.1/24 +Tenant_C: +- name: Tenant_C + mac_vrf_vni_base: 30000 + vrfs: + - name: Tenant_C_OP_Zone + vrf_vni: 30 + svis: + - id: 310 + name: Tenant_C_OP_Zone_1 + tags: + - opzone + enabled: true + - id: 311 + name: Tenant_C_OP_Zone_2 + tags: + - opzone + enabled: true + - name: Tenant_C_WAN_Zone + vrf_vni: 31 + svis: + - id: 350 + name: Tenant_C_WAN_Zone_1 + tags: + - wan + enabled: true +network_services_keys: +- name: Tenant_A +- name: Tenant_B +- name: Tenant_C +inventory_file: /Users/pvinci/ansible-avd-cloudvision-demo/inventory/inventory.yml +inventory_dir: /Users/pvinci/ansible-avd-cloudvision-demo/inventory ansible_host: 10.255.0.18 inventory_hostname: DC1-L2LEAF2A inventory_hostname_short: DC1-L2LEAF2A group_names: - DC1 +- DC1_CONNECTED_ENDPOINTS - DC1_FABRIC - DC1_L2LEAF2 - DC1_L2LEAFS -- DC1_SERVERS -- DC1_TENANTS_NETWORKS +- NETWORK_SERVICES ansible_facts: - switch: - type: l2leaf - node_type_key: l2leaf - connected_endpoints: true - default_evpn_role: none - mlag_support: true - network_services_l2: true - network_services_l3: false - underlay_router: false - uplink_type: port-channel - vtep: false - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_L2LEAF2 - id: 7 - mgmt_ip: 10.255.0.18/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - Tenant_A - filter_tags: - - opzone - - web - - app - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: + avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF1B + - DC1-LEAF1A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF2B + - DC1-LEAF2A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - uplink_switch_interfaces: - - Ethernet5 - - Ethernet5 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - mlag: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: [] - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - topology: - links: - Ethernet1: + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + avd_topology_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-LEAF2A: + - DC1-L2LEAF2A +avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF1B + - DC1-LEAF1A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 peer: DC1-LEAF2A peer_interface: Ethernet5 peer_type: l3leaf + peer_is_deployed: true type: underlay_l2 + vlans: 110-112,120-121,130-131 channel_description: DC1_LEAF2 - channel_group_id: 1 - peer_channel_group_id: 5 - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - Ethernet2: + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 peer: DC1-LEAF2B peer_interface: Ethernet5 peer_type: l3leaf + peer_is_deployed: true type: underlay_l2 + vlans: 110-112,120-121,130-131 channel_description: DC1_LEAF2 - channel_group_id: 1 - peer_channel_group_id: 5 - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - peers: - - DC1-LEAF2A - - DC1-LEAF2B - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 -switch: - type: l2leaf - node_type_key: l2leaf - connected_endpoints: true - default_evpn_role: none - mlag_support: true - network_services_l2: true - network_services_l3: false - underlay_router: false - uplink_type: port-channel - vtep: false - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_L2LEAF2 - id: 7 - mgmt_ip: 10.255.0.18/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - Tenant_A - filter_tags: - - opzone - - web - - app - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF2B + - DC1-LEAF2A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] +avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_topology_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - uplink_switch_interfaces: - - Ethernet5 - - Ethernet5 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - mlag: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: [] - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 -topology: - links: - Ethernet1: - peer: DC1-LEAF2A - peer_interface: Ethernet5 - peer_type: l3leaf - type: underlay_l2 - channel_description: DC1_LEAF2 - channel_group_id: 1 - peer_channel_group_id: 5 - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - Ethernet2: - peer: DC1-LEAF2B - peer_interface: Ethernet5 - peer_type: l3leaf - type: underlay_l2 - channel_description: DC1_LEAF2 - channel_group_id: 1 - peer_channel_group_id: 5 - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 - peers: + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - vlans: - - 130 - - 131 - - 110 - - 111 - - 112 - - 120 - - 121 -playbook_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/playbooks -ansible_playbook_python: /Users/tgrimonet/.pyenv/versions/3.9.7/envs/arista-avd-demo/bin/python3.9 -ansible_config_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/ansible.cfg + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-LEAF2A: + - DC1-L2LEAF2A +avd_requirements: + failed: false + changed: false +playbook_dir: /Users/pvinci/ansible-avd-cloudvision-demo/playbooks +ansible_playbook_python: /Users/pvinci/.pyenv/versions/3.11.9/bin/python3 +ansible_config_file: /Users/pvinci/ansible-avd-cloudvision-demo/ansible.cfg groups: all: - cv_ztp @@ -668,12 +1296,12 @@ groups: DC1: - DC1-SPINE1 - DC1-SPINE2 - - DC1-L2LEAF1A - - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B + - DC1-L2LEAF1A + - DC1-L2LEAF2A DC1_FABRIC: - DC1-SPINE1 - DC1-SPINE2 @@ -704,32 +1332,32 @@ groups: - DC1-L2LEAF1A DC1_L2LEAF2: - DC1-L2LEAF2A - DC1_TENANTS_NETWORKS: + NETWORK_SERVICES: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - DC1-L2LEAF1A - DC1-L2LEAF2A - DC1_SERVERS: + DC1_CONNECTED_ENDPOINTS: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - DC1-L2LEAF1A - DC1-L2LEAF2A -omit: __omit_place_holder__977da4f00604c643da39a9f2175c10b09f0b2380 +omit: __omit_place_holder__9e0ee8fc9716456e882c32fe1aa1621f8d1d8ab2 ansible_version: - string: 2.10.14 - full: 2.10.14 + string: 2.16.7 + full: 2.16.7 major: 2 - minor: 10 - revision: 14 + minor: 16 + revision: 7 ansible_check_mode: false ansible_diff_mode: false ansible_forks: 5 ansible_inventory_sources: -- /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml +- /Users/pvinci/ansible-avd-cloudvision-demo/inventory/inventory.yml ansible_skip_tags: [] ansible_run_tags: - build diff --git a/inventory/intended/structured_configs/DC1-L2LEAF2A.yml b/inventory/intended/structured_configs/DC1-L2LEAF2A.yml index 4140ad92f..b9d4c3184 100644 --- a/inventory/intended/structured_configs/DC1-L2LEAF2A.yml +++ b/inventory/intended/structured_configs/DC1-L2LEAF2A.yml @@ -1,14 +1,16 @@ +hostname: DC1-L2LEAF2A +is_deployed: true static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 gateway: 10.255.0.1 service_routing_protocols_model: multi-agent -ip_routing: true daemon_terminattr: cvaddrs: - 10.255.0.1:9910 cvauth: - method: key + method: token + token_file: /tmp/token cvvrf: MGMT smashexcludes: ale,flexCounter,hardware,kni,pulse,strata ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent @@ -18,106 +20,103 @@ vlan_internal_order: range: beginning: 1006 ending: 1199 -name_server: - source: - vrf: MGMT - nodes: - - 192.168.2.1 - - 8.8.8.8 spanning_tree: mode: mstp mst_instances: - '0': - priority: 16384 + - id: '0' + priority: 16384 local_users: - admin: - privilege: 15 - role: network-admin - sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 - ansible: - privilege: 15 - role: network-admin - sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ - cvpadmin: - privilege: 15 - role: network-admin - sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +- name: admin + privilege: 15 + role: network-admin + sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 +- name: ansible + privilege: 15 + role: network-admin + sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ +- name: cvpadmin + privilege: 15 + role: network-admin + sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. vrfs: - MGMT: - ip_routing: false +- name: MGMT + ip_routing: false management_interfaces: - Management1: - description: oob_management - shutdown: false - vrf: MGMT - ip_address: 10.255.0.18/24 - gateway: 10.255.0.1 - type: oob +- name: Management1 + description: oob_management + shutdown: false + vrf: MGMT + ip_address: 10.255.0.18/24 + gateway: 10.255.0.1 + type: oob management_api_http: enable_vrfs: - MGMT: {} + - name: MGMT enable_https: true ethernet_interfaces: - Ethernet1: - peer: DC1-LEAF2A - peer_interface: Ethernet5 - peer_type: l3leaf - description: DC1-LEAF2A_Ethernet5 - type: switched - shutdown: false - channel_group: - id: 1 - mode: active - Ethernet2: - peer: DC1-LEAF2B - peer_interface: Ethernet5 - peer_type: l3leaf - description: DC1-LEAF2B_Ethernet5 - type: switched - shutdown: false - channel_group: - id: 1 - mode: active - Ethernet5: - peer: server02 - peer_interface: Eth0 - peer_type: server - description: server02_Eth0 - type: switched - shutdown: false - mode: access - vlans: 110 +- name: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + description: DC1-LEAF2A_Ethernet5 + shutdown: false + type: port-channel-member + channel_group: + id: 1 + mode: active +- name: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + description: DC1-LEAF2B_Ethernet5 + shutdown: false + type: port-channel-member + channel_group: + id: 1 + mode: active +- name: Ethernet5 + peer: server02 + peer_interface: Eth0 + peer_type: server + port_profile: TENANT_A + description: server02_Eth0 + shutdown: false + type: switched + mode: access + vlans: '110' port_channel_interfaces: - Port-Channel1: - description: DC1_LEAF2_Po5 - type: switched - shutdown: false - vlans: 110-112,120-121,130-131 - mode: trunk +- name: Port-Channel1 + description: DC1_LEAF2_Po5 + type: switched + shutdown: false + mode: trunk + vlans: 110-112,120-121,130-131 vlans: - 130: - tenant: Tenant_A - name: Tenant_A_APP_Zone_1 - 131: - tenant: Tenant_A - name: Tenant_A_APP_Zone_2 - 110: - tenant: Tenant_A - name: Tenant_A_OP_Zone_1 - 111: - tenant: Tenant_A - name: Tenant_A_OP_Zone_2 - 112: - tenant: Tenant_A - name: Tenant_A_OP_Zone_3 - 120: - tenant: Tenant_A - name: Tenant_A_WEB_Zone_1 - 121: - tenant: Tenant_A - name: Tenant_A_WEBZone_2 +- id: 130 + name: Tenant_A_APP_Zone_1 + tenant: Tenant_A +- id: 131 + name: Tenant_A_APP_Zone_2 + tenant: Tenant_A +- id: 110 + name: Tenant_A_OP_Zone_1 + tenant: Tenant_A +- id: 111 + name: Tenant_A_OP_Zone_2 + tenant: Tenant_A +- id: 112 + name: Tenant_A_OP_Zone_3 + tenant: Tenant_A +- id: 120 + name: Tenant_A_WEB_Zone_1 + tenant: Tenant_A +- id: 121 + name: Tenant_A_WEBZone_2 + tenant: Tenant_A ip_igmp_snooping: globally_enabled: true +metadata: + platform: vEOS-LAB ntp: local_interface: name: Management1 diff --git a/inventory/intended/structured_configs/DC1-LEAF1A-debug-vars.yml b/inventory/intended/structured_configs/DC1-LEAF1A-debug-vars.yml index e73308926..6156c7617 100644 --- a/inventory/intended/structured_configs/DC1-LEAF1A-debug-vars.yml +++ b/inventory/intended/structured_configs/DC1-LEAF1A-debug-vars.yml @@ -20,14 +20,16 @@ local_users: privilege: 15 role: network-admin sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -cvp_instance_ip: 10.255.0.1 -cvp_ingestauth_key: '' +cvp_instance_ips: +- 10.255.0.1 mgmt_interface: Management1 mgmt_interface_vrf: MGMT mgmt_gateway: 10.255.0.1 -name_servers: -- 192.168.2.1 -- 8.8.8.8 +ip_name_servers: +- ip_address: 192.168.2.1 + vrf: MGMT +- ip_address: 8.8.8.8 + vrf: MGMT custom_structured_configuration_ntp: local_interface: name: Management1 @@ -38,27 +40,65 @@ custom_structured_configuration_ntp: vrf: MGMT - name: 1.fr.pool.ntp.org vrf: MGMT +port_profiles: + TENANT_A_B: + mode: trunk + vlans: 110-111,210-211 + TENANT_A: + mode: access + vlans: '110' + TENANT_B: + mode: trunk + vlans: 210-211 +servers: + server01: + rack: RackA + adapters: + - endpoint_ports: + - Eth0 + switch_ports: + - Ethernet5 + switches: + - DC1-L2LEAF1A + profile: TENANT_A + server02: + rack: RackA + adapters: + - endpoint_ports: + - Eth0 + switch_ports: + - Ethernet5 + switches: + - DC1-L2LEAF2A + profile: TENANT_A fabric_name: DC1_FABRIC -vxlan_vlan_aware_bundles: true +evpn_vlan_aware_bundles: true bgp_peer_groups: - IPv4_UNDERLAY_PEERS: + ipv4_underlay_peers: password: AQQvKeimxJu+uGQ/yYvv9w== - EVPN_OVERLAY_PEERS: + evpn_overlay_peers: password: q+VNViP5i4rVjW1cxFv2wA== - MLAG_IPv4_UNDERLAY_PEER: + mlag_ipv4_underlay_peer: password: vnEaG8gMeQf3d3cN6PktXQ== spine: defaults: platform: vEOS-LAB bgp_as: 65001 loopback_ipv4_pool: 192.168.255.0/24 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart mlag_peer_ipv4_pool: 10.255.252.0/24 mlag_peer_l3_ipv4_pool: 10.255.251.0/24 + structured_config: + router_bgp: + bgp: + default: + ipv4_unicast: false + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 nodes: DC1-SPINE1: id: 1 @@ -85,11 +125,18 @@ l3leaf: mlag_peer_ipv4_pool: 10.255.252.0/24 mlag_peer_l3_ipv4_pool: 10.255.251.0/24 virtual_router_mac_address: 00:1c:73:00:dc:01 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart + structured_config: + router_bgp: + bgp: + default: + ipv4_unicast: false + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 spanning_tree_mode: mstp spanning_tree_priority: 16384 node_groups: @@ -150,9 +197,9 @@ l2leaf: tenants: - Tenant_A tags: + - app - opzone - web - - app nodes: DC1-L2LEAF1A: id: 5 @@ -168,9 +215,9 @@ l2leaf: tenants: - Tenant_A tags: + - app - opzone - web - - app nodes: DC1-L2LEAF2A: id: 7 @@ -178,613 +225,1058 @@ l2leaf: uplink_switch_interfaces: - Ethernet5 - Ethernet5 -p2p_uplinks_mtu: 1500 +p2p_uplinks_mtu: 9000 bfd_multihop: interval: 1200 min_rx: 1200 multiplier: 3 -port_profiles: - TENANT_A_B: - mode: trunk - vlans: 110-111,210-211 - TENANT_A: - mode: access - vlans: '110' - TENANT_B: - mode: trunk - vlans: 210-211 -servers: - server01: - rack: RackA - adapters: - - type: nic - server_ports: - - Eth0 - switch_ports: - - Ethernet5 - switches: - - DC1-L2LEAF1A - profile: TENANT_A - server02: - rack: RackA - adapters: - - type: nic - server_ports: - - Eth0 - switch_ports: - - Ethernet5 - switches: - - DC1-L2LEAF2A - profile: TENANT_A -tenants: - Tenant_A: - mac_vrf_vni_base: 10000 - vrfs: - Tenant_A_OP_Zone: - vrf_vni: 10 - vtep_diagnostic: - loopback: 100 - loopback_ip_range: 10.255.1.0/24 - svis: - 110: - name: Tenant_A_OP_Zone_1 - tags: - - opzone - enabled: true - ip_address_virtual: 10.1.10.1/24 - 111: - vni_override: 50111 - name: Tenant_A_OP_Zone_2 - tags: - - opzone - enabled: true - ip_address_virtual: 10.1.11.1/24 - 112: - vni_override: 50112 - name: Tenant_A_OP_Zone_3 - tags: - - opzone - enabled: true - ip_address_virtual: 10.1.12.254/24 - Tenant_A_WEB_Zone: - vrf_vni: 11 - svis: - 120: - name: Tenant_A_WEB_Zone_1 - tags: - - web - - erp1 - enabled: true - ip_subnet: 10.1.20.0/24 - 121: - name: Tenant_A_WEBZone_2 - tags: - - web - enabled: true - ip_address_virtual: 10.1.21.1/24 - Tenant_A_APP_Zone: - vrf_vni: 12 - svis: - 130: - name: Tenant_A_APP_Zone_1 - tags: - - app - - erp1 - enabled: true - ip_subnet: 10.1.30.0/24 - 131: - name: Tenant_A_APP_Zone_2 - tags: - - app - enabled: true - ip_address_virtual: 10.1.31.254/24 - Tenant_A_DB_Zone: - vrf_vni: 13 - svis: - 140: - name: Tenant_A_DB_BZone_1 - tags: - - db - - erp1 - enabled: true - ip_address_virtual: 10.1.40.1/24 - 141: - name: Tenant_A_DB_Zone_2 - tags: - - db - enabled: true - ip_address_virtual: 10.1.41.1/24 - Tenant_A_WAN_Zone: - vrf_vni: 14 - svis: - 150: - name: Tenant_A_WAN_Zone_1 - tags: - - wan - enabled: true - ip_address_virtual: 10.1.40.1/24 - l2vlans: - 160: - vni_override: 55160 - name: Tenant_A_VMOTION - tags: - - vmotion - 161: - name: Tenant_A_NFS - tags: - - nfs - Tenant_B: - mac_vrf_vni_base: 20000 - vrfs: - Tenant_B_OP_Zone: - vrf_vni: 20 - svis: - 210: - name: Tenant_B_OP_Zone_1 - tags: - - opzone - enabled: true - ip_subnet: 10.2.10.0/24 - 211: - name: Tenant_B_OP_Zone_2 - tags: - - opzone - enabled: true - ip_address_virtual: 10.2.11.1/24 - Tenant_B_WAN_Zone: - vrf_vni: 21 - svis: - 250: - name: Tenant_B_WAN_Zone_1 - tags: - - wan - enabled: true - ip_address_virtual: 10.2.50.1/24 - Tenant_C: - mac_vrf_vni_base: 30000 - vrfs: - Tenant_C_OP_Zone: - vrf_vni: 30 - svis: - 310: - name: Tenant_C_OP_Zone_1 - tags: - - opzone - enabled: true - ip_subnet: 10.3.10.0/24 - 311: - name: Tenant_C_OP_Zone_2 - tags: - - opzone - enabled: true - ip_subnet: 10.3.11.1/24 - Tenant_C_WAN_Zone: - vrf_vni: 31 - svis: - 350: - name: Tenant_C_WAN_Zone_1 - tags: - - wan - enabled: true - ip_subnet: 10.3.50.1/24 -inventory_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml -inventory_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory +platform_settings: +- platforms: + - default +- platforms: + - vEOS-LAB + reload_delay: + mlag: 300 + non_mlag: 330 + feature_support: + queue_monitor_length_notify: false + interface_storm_control: false + poe: false + per_interface_mtu: false + bgp_update_wait_install: false + bgp_update_wait_for_convergence: false +Tenant_A: +- name: Tenant_A + mac_vrf_vni_base: 10000 + vrfs: + - name: Tenant_A_OP_Zone + vrf_vni: 10 + vtep_diagnostic: + loopback: 100 + loopback_ip_range: 10.255.1.0/24 + svis: + - id: 110 + name: Tenant_A_OP_Zone_1 + tags: + - opzone + enabled: true + ip_address_virtual: 10.1.10.1/24 + - id: 111 + vni_override: 50111 + name: Tenant_A_OP_Zone_2 + tags: + - opzone + enabled: true + ip_address_virtual: 10.1.11.1/24 + - id: 112 + vni_override: 50112 + name: Tenant_A_OP_Zone_3 + tags: + - opzone + enabled: true + ip_address_virtual: 10.1.12.254/24 + - name: Tenant_A_WEB_Zone + vrf_vni: 11 + svis: + - id: 120 + name: Tenant_A_WEB_Zone_1 + tags: + - web + - erp1 + enabled: true + - id: 121 + name: Tenant_A_WEBZone_2 + tags: + - web + enabled: true + ip_address_virtual: 10.1.21.1/24 + - name: Tenant_A_APP_Zone + vrf_vni: 12 + svis: + - id: 130 + name: Tenant_A_APP_Zone_1 + tags: + - app + - erp1 + enabled: true + - id: 131 + name: Tenant_A_APP_Zone_2 + tags: + - app + enabled: true + ip_address_virtual: 10.1.31.254/24 + - name: Tenant_A_DB_Zone + vrf_vni: 13 + svis: + - id: 140 + name: Tenant_A_DB_BZone_1 + tags: + - db + - erp1 + enabled: true + ip_address_virtual: 10.1.40.1/24 + - id: 141 + name: Tenant_A_DB_Zone_2 + tags: + - db + enabled: true + ip_address_virtual: 10.1.41.1/24 + - name: Tenant_A_WAN_Zone + vrf_vni: 14 + svis: + - id: 150 + name: Tenant_A_WAN_Zone_1 + tags: + - wan + enabled: true + ip_address_virtual: 10.1.40.1/24 + l2vlans: + - id: 160 + vni_override: 55160 + name: Tenant_A_VMOTION + tags: + - vmotion + - id: 161 + name: Tenant_A_NFS + tags: + - nfs +Tenant_B: +- name: Tenant_B + mac_vrf_vni_base: 20000 + vrfs: + - name: Tenant_B_OP_Zone + vrf_vni: 20 + svis: + - id: 210 + name: Tenant_B_OP_Zone_1 + tags: + - opzone + enabled: true + - id: 211 + name: Tenant_B_OP_Zone_2 + tags: + - opzone + enabled: true + ip_address_virtual: 10.2.11.1/24 + - name: Tenant_B_WAN_Zone + vrf_vni: 21 + svis: + - id: 250 + name: Tenant_B_WAN_Zone_1 + tags: + - wan + enabled: true + ip_address_virtual: 10.2.50.1/24 +Tenant_C: +- name: Tenant_C + mac_vrf_vni_base: 30000 + vrfs: + - name: Tenant_C_OP_Zone + vrf_vni: 30 + svis: + - id: 310 + name: Tenant_C_OP_Zone_1 + tags: + - opzone + enabled: true + - id: 311 + name: Tenant_C_OP_Zone_2 + tags: + - opzone + enabled: true + - name: Tenant_C_WAN_Zone + vrf_vni: 31 + svis: + - id: 350 + name: Tenant_C_WAN_Zone_1 + tags: + - wan + enabled: true +network_services_keys: +- name: Tenant_A +- name: Tenant_B +- name: Tenant_C +inventory_file: /Users/pvinci/ansible-avd-cloudvision-demo/inventory/inventory.yml +inventory_dir: /Users/pvinci/ansible-avd-cloudvision-demo/inventory ansible_host: 10.255.0.13 inventory_hostname: DC1-LEAF1A inventory_hostname_short: DC1-LEAF1A group_names: - DC1 +- DC1_CONNECTED_ENDPOINTS - DC1_FABRIC - DC1_L3LEAFS - DC1_LEAF1 -- DC1_SERVERS -- DC1_TENANTS_NETWORKS +- NETWORK_SERVICES ansible_facts: - switch: - type: l3leaf - node_type_key: l3leaf - connected_endpoints: true - default_evpn_role: client - mlag_support: true - network_services_l2: true - network_services_l3: true - underlay_router: true - uplink_type: p2p - vtep: true - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_LEAF1 - id: 1 - mgmt_ip: 10.255.0.13/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - all - filter_tags: - - all - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - virtual_router_mac_address: 00:1c:73:00:dc:01 - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: - - DC1-SPINE1 - - DC1-SPINE2 - uplink_switch_interfaces: - - Ethernet1 - - Ethernet1 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 2 - uplink_ipv4_pool: 172.31.255.0/24 - router_id: 192.168.255.3 - bgp_as: '65101' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: client - evpn_route_servers: - - DC1-SPINE1 - - DC1-SPINE2 - mlag: true - mlag_group: DC1_LEAF1 - mlag_ibgp_origin_incomplete: true - mlag_peer_vlan: 4094 - mlag_dual_primary_detection: false - mlag_interfaces: - - Ethernet3 - - Ethernet4 - mlag_l3: true - mlag_peer_l3_vlan: 4093 - mlag_role: primary - mlag_peer: DC1-LEAF1B - mlag_peer_mgmt_ip: 10.255.0.14 - mlag_ip: 10.255.252.0 - mlag_peer_ip: 10.255.252.1 - mlag_l3_ip: 10.255.251.0 - mlag_peer_l3_ip: 10.255.251.1 - vtep_loopback_ipv4_pool: 192.168.254.0/24 - vtep_loopback: Loopback1 - vtep_ip: 192.168.254.3 - evpn_services_l2_only: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_DB_Zone: - svis: - - 140 - - 141 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WAN_Zone: - svis: - - 150 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: - - 160 - - 161 - Tenant_B: - vrfs: - Tenant_B_OP_Zone: - svis: - - 210 - - 211 - Tenant_B_WAN_Zone: - svis: - - 250 - l2vlans: [] - Tenant_C: - vrfs: - Tenant_C_OP_Zone: - svis: - - 310 - - 311 - Tenant_C_WAN_Zone: - svis: - - 350 - l2vlans: [] - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 - topology: - links: - Ethernet1: + avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF1B + - DC1-LEAF1A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF2B + - DC1-LEAF2A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + avd_topology_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-LEAF2A: + - DC1-L2LEAF2A +avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 peer: DC1-SPINE1 peer_interface: Ethernet1 peer_type: spine + peer_is_deployed: true peer_bgp_as: '65001' type: underlay_p2p + prefix_length: 31 ip_address: 172.31.255.1 peer_ip_address: 172.31.255.0 - Ethernet2: + - interface: Ethernet2 peer: DC1-SPINE2 peer_interface: Ethernet1 peer_type: spine + peer_is_deployed: true peer_bgp_as: '65001' type: underlay_p2p + prefix_length: 31 ip_address: 172.31.255.3 peer_ip_address: 172.31.255.2 - peers: - - DC1-SPINE1 - - DC1-SPINE2 - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -switch: - type: l3leaf - node_type_key: l3leaf - connected_endpoints: true - default_evpn_role: client - mlag_support: true - network_services_l2: true - network_services_l3: true - underlay_router: true - uplink_type: p2p - vtep: true - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_LEAF1 - id: 1 - mgmt_ip: 10.255.0.13/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - all - filter_tags: - - all - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - virtual_router_mac_address: 00:1c:73:00:dc:01 - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: - - DC1-SPINE1 - - DC1-SPINE2 - uplink_switch_interfaces: - - Ethernet1 - - Ethernet1 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 2 - uplink_ipv4_pool: 172.31.255.0/24 - router_id: 192.168.255.3 - bgp_as: '65101' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: client - evpn_route_servers: - - DC1-SPINE1 - - DC1-SPINE2 - mlag: true - mlag_group: DC1_LEAF1 - mlag_ibgp_origin_incomplete: true - mlag_peer_vlan: 4094 - mlag_dual_primary_detection: false - mlag_interfaces: - - Ethernet3 - - Ethernet4 - mlag_l3: true - mlag_peer_l3_vlan: 4093 - mlag_role: primary - mlag_peer: DC1-LEAF1B - mlag_peer_mgmt_ip: 10.255.0.14 - mlag_ip: 10.255.252.0 - mlag_peer_ip: 10.255.252.1 - mlag_l3_ip: 10.255.251.0 - mlag_peer_l3_ip: 10.255.251.1 - vtep_loopback_ipv4_pool: 192.168.254.0/24 - vtep_loopback: Loopback1 - vtep_ip: 192.168.254.3 - evpn_services_l2_only: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_DB_Zone: - svis: - - 140 - - 141 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WAN_Zone: - svis: - - 150 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: - - 160 - - 161 - Tenant_B: - vrfs: - Tenant_B_OP_Zone: - svis: - - 210 - - 211 - Tenant_B_WAN_Zone: - svis: - - 250 - l2vlans: [] - Tenant_C: - vrfs: - Tenant_C_OP_Zone: - svis: - - 310 - - 311 - Tenant_C_WAN_Zone: - svis: - - 350 - l2vlans: [] - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -topology: - links: - Ethernet1: - peer: DC1-SPINE1 - peer_interface: Ethernet1 - peer_type: spine - peer_bgp_as: '65001' - type: underlay_p2p - ip_address: 172.31.255.1 - peer_ip_address: 172.31.255.0 - Ethernet2: - peer: DC1-SPINE2 - peer_interface: Ethernet1 - peer_type: spine - peer_bgp_as: '65001' - type: underlay_p2p - ip_address: 172.31.255.3 - peer_ip_address: 172.31.255.2 - peers: - - DC1-SPINE1 - - DC1-SPINE2 - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -playbook_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/playbooks -ansible_playbook_python: /Users/tgrimonet/.pyenv/versions/3.9.7/envs/arista-avd-demo/bin/python3.9 -ansible_config_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/ansible.cfg + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF1B + - DC1-LEAF1A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF2B + - DC1-LEAF2A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] +avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_topology_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-LEAF2A: + - DC1-L2LEAF2A +avd_requirements: + failed: false + changed: false +playbook_dir: /Users/pvinci/ansible-avd-cloudvision-demo/playbooks +ansible_playbook_python: /Users/pvinci/.pyenv/versions/3.11.9/bin/python3 +ansible_config_file: /Users/pvinci/ansible-avd-cloudvision-demo/ansible.cfg groups: all: - cv_ztp @@ -804,12 +1296,12 @@ groups: DC1: - DC1-SPINE1 - DC1-SPINE2 - - DC1-L2LEAF1A - - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B + - DC1-L2LEAF1A + - DC1-L2LEAF2A DC1_FABRIC: - DC1-SPINE1 - DC1-SPINE2 @@ -840,32 +1332,32 @@ groups: - DC1-L2LEAF1A DC1_L2LEAF2: - DC1-L2LEAF2A - DC1_TENANTS_NETWORKS: + NETWORK_SERVICES: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - DC1-L2LEAF1A - DC1-L2LEAF2A - DC1_SERVERS: + DC1_CONNECTED_ENDPOINTS: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - DC1-L2LEAF1A - DC1-L2LEAF2A -omit: __omit_place_holder__977da4f00604c643da39a9f2175c10b09f0b2380 +omit: __omit_place_holder__9e0ee8fc9716456e882c32fe1aa1621f8d1d8ab2 ansible_version: - string: 2.10.14 - full: 2.10.14 + string: 2.16.7 + full: 2.16.7 major: 2 - minor: 10 - revision: 14 + minor: 16 + revision: 7 ansible_check_mode: false ansible_diff_mode: false ansible_forks: 5 ansible_inventory_sources: -- /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml +- /Users/pvinci/ansible-avd-cloudvision-demo/inventory/inventory.yml ansible_skip_tags: [] ansible_run_tags: - build diff --git a/inventory/intended/structured_configs/DC1-LEAF1A.yml b/inventory/intended/structured_configs/DC1-LEAF1A.yml index f75c5c943..0bfbc8cf3 100644 --- a/inventory/intended/structured_configs/DC1-LEAF1A.yml +++ b/inventory/intended/structured_configs/DC1-LEAF1A.yml @@ -1,296 +1,329 @@ +hostname: DC1-LEAF1A +is_deployed: true router_bgp: as: '65101' router_id: 192.168.255.3 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - - maximum-paths 4 ecmp 4 + bgp: + default: + ipv4_unicast: false + maximum_paths: + paths: 4 + ecmp: 4 peer_groups: - MLAG-IPv4-UNDERLAY-PEER: - type: ipv4 - remote_as: '65101' - next_hop_self: true - password: vnEaG8gMeQf3d3cN6PktXQ== - maximum_routes: 12000 - send_community: all - route_map_in: RM-MLAG-PEER-IN - IPv4-UNDERLAY-PEERS: - type: ipv4 - password: AQQvKeimxJu+uGQ/yYvv9w== - maximum_routes: 12000 - send_community: all - EVPN-OVERLAY-PEERS: - type: evpn - update_source: Loopback0 - bfd: true - ebgp_multihop: '3' - password: q+VNViP5i4rVjW1cxFv2wA== - send_community: all - maximum_routes: 0 + - name: MLAG-IPv4-UNDERLAY-PEER + type: ipv4 + remote_as: '65101' + next_hop_self: true + description: DC1-LEAF1B + password: vnEaG8gMeQf3d3cN6PktXQ== + maximum_routes: 12000 + send_community: all + route_map_in: RM-MLAG-PEER-IN + - name: IPv4-UNDERLAY-PEERS + type: ipv4 + password: AQQvKeimxJu+uGQ/yYvv9w== + maximum_routes: 12000 + send_community: all + - name: EVPN-OVERLAY-PEERS + type: evpn + update_source: Loopback0 + bfd: true + password: q+VNViP5i4rVjW1cxFv2wA== + send_community: all + maximum_routes: 0 + ebgp_multihop: 3 address_family_ipv4: peer_groups: - MLAG-IPv4-UNDERLAY-PEER: - activate: true - IPv4-UNDERLAY-PEERS: - activate: true - EVPN-OVERLAY-PEERS: - activate: false + - name: MLAG-IPv4-UNDERLAY-PEER + activate: true + - name: IPv4-UNDERLAY-PEERS + activate: true + - name: EVPN-OVERLAY-PEERS + activate: false neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - description: DC1-LEAF1B - 172.31.255.0: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65001' - description: DC1-SPINE1_Ethernet1 - 172.31.255.2: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65001' - description: DC1-SPINE2_Ethernet1 - 192.168.255.1: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-SPINE1 - remote_as: '65001' - 192.168.255.2: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-SPINE2 - remote_as: '65001' + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + peer: DC1-LEAF1B + description: DC1-LEAF1B + - ip_address: 172.31.255.0 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65001' + peer: DC1-SPINE1 + description: DC1-SPINE1_Ethernet1 + - ip_address: 172.31.255.2 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65001' + peer: DC1-SPINE2 + description: DC1-SPINE2_Ethernet1 + - ip_address: 192.168.255.1 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-SPINE1 + description: DC1-SPINE1 + remote_as: '65001' + - ip_address: 192.168.255.2 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-SPINE2 + description: DC1-SPINE2 + remote_as: '65001' redistribute_routes: - connected: - route_map: RM-CONN-2-BGP + - source_protocol: connected + route_map: RM-CONN-2-BGP address_family_evpn: peer_groups: - EVPN-OVERLAY-PEERS: - activate: true + - name: EVPN-OVERLAY-PEERS + activate: true vrfs: - Tenant_A_APP_Zone: - router_id: 192.168.255.3 - rd: 192.168.255.3:12 - route_targets: - import: - evpn: - - '12:12' - export: - evpn: - - '12:12' - neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_DB_Zone: - router_id: 192.168.255.3 - rd: 192.168.255.3:13 - route_targets: - import: - evpn: - - '13:13' - export: - evpn: - - '13:13' - neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_OP_Zone: - router_id: 192.168.255.3 - rd: 192.168.255.3:10 - route_targets: - import: - evpn: - - '10:10' - export: - evpn: - - '10:10' - neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_WAN_Zone: - router_id: 192.168.255.3 - rd: 192.168.255.3:14 - route_targets: - import: - evpn: - - '14:14' - export: - evpn: - - '14:14' - neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_WEB_Zone: - router_id: 192.168.255.3 - rd: 192.168.255.3:11 - route_targets: - import: - evpn: - - '11:11' - export: - evpn: - - '11:11' - neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_B_OP_Zone: - router_id: 192.168.255.3 - rd: 192.168.255.3:20 - route_targets: - import: - evpn: - - '20:20' - export: - evpn: - - '20:20' - neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_B_WAN_Zone: - router_id: 192.168.255.3 - rd: 192.168.255.3:21 - route_targets: - import: - evpn: - - '21:21' - export: - evpn: - - '21:21' - neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_C_OP_Zone: - router_id: 192.168.255.3 - rd: 192.168.255.3:30 - route_targets: - import: - evpn: - - '30:30' - export: - evpn: - - '30:30' - neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_C_WAN_Zone: - router_id: 192.168.255.3 - rd: 192.168.255.3:31 - route_targets: - import: - evpn: - - '31:31' - export: - evpn: - - '31:31' - neighbors: - 10.255.251.1: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - vlan_aware_bundles: - Tenant_A_APP_Zone: - rd: 192.168.255.3:12 - route_targets: - both: + - name: Tenant_A_APP_Zone + router_id: 192.168.255.3 + rd: 192.168.255.3:12 + route_targets: + import: + - address_family: evpn + route_targets: + - '12:12' + export: + - address_family: evpn + route_targets: - '12:12' - redistribute_routes: - - learned - vlan: 130-131 - Tenant_A_DB_Zone: - rd: 192.168.255.3:13 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_A_DB_Zone + router_id: 192.168.255.3 + rd: 192.168.255.3:13 + route_targets: + import: + - address_family: evpn + route_targets: + - '13:13' + export: + - address_family: evpn + route_targets: - '13:13' - redistribute_routes: - - learned - vlan: 140-141 - Tenant_A_OP_Zone: - rd: 192.168.255.3:10 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_A_OP_Zone + router_id: 192.168.255.3 + rd: 192.168.255.3:10 + route_targets: + import: + - address_family: evpn + route_targets: + - '10:10' + export: + - address_family: evpn + route_targets: - '10:10' - redistribute_routes: - - learned - vlan: 110-112 - Tenant_A_WAN_Zone: - rd: 192.168.255.3:14 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_A_WAN_Zone + router_id: 192.168.255.3 + rd: 192.168.255.3:14 + route_targets: + import: + - address_family: evpn + route_targets: - '14:14' - redistribute_routes: - - learned - vlan: 150 - Tenant_A_WEB_Zone: - rd: 192.168.255.3:11 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '14:14' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_A_WEB_Zone + router_id: 192.168.255.3 + rd: 192.168.255.3:11 + route_targets: + import: + - address_family: evpn + route_targets: - '11:11' - redistribute_routes: - - learned - vlan: 120-121 - Tenant_A_VMOTION: - tenant: Tenant_A - rd: 192.168.255.3:55160 - route_targets: - both: - - 55160:55160 - redistribute_routes: - - learned - vlan: 160 - Tenant_A_NFS: - tenant: Tenant_A - rd: 192.168.255.3:10161 - route_targets: - both: - - 10161:10161 - redistribute_routes: - - learned - vlan: 161 - Tenant_B_OP_Zone: - rd: 192.168.255.3:20 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '11:11' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_B_OP_Zone + router_id: 192.168.255.3 + rd: 192.168.255.3:20 + route_targets: + import: + - address_family: evpn + route_targets: - '20:20' - redistribute_routes: - - learned - vlan: 210-211 - Tenant_B_WAN_Zone: - rd: 192.168.255.3:21 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '20:20' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_B_WAN_Zone + router_id: 192.168.255.3 + rd: 192.168.255.3:21 + route_targets: + import: + - address_family: evpn + route_targets: - '21:21' - redistribute_routes: - - learned - vlan: 250 - Tenant_C_OP_Zone: - rd: 192.168.255.3:30 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '21:21' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_C_OP_Zone + router_id: 192.168.255.3 + rd: 192.168.255.3:30 + route_targets: + import: + - address_family: evpn + route_targets: + - '30:30' + export: + - address_family: evpn + route_targets: - '30:30' - redistribute_routes: - - learned - vlan: 310-311 - Tenant_C_WAN_Zone: - rd: 192.168.255.3:31 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_C_WAN_Zone + router_id: 192.168.255.3 + rd: 192.168.255.3:31 + route_targets: + import: + - address_family: evpn + route_targets: + - '31:31' + export: + - address_family: evpn + route_targets: - '31:31' - redistribute_routes: - - learned - vlan: 350 + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.1 + peer_group: MLAG-IPv4-UNDERLAY-PEER + vlan_aware_bundles: + - name: Tenant_A_APP_Zone + rd: 192.168.255.3:12 + route_targets: + both: + - '12:12' + redistribute_routes: + - learned + vlan: 130-131 + - name: Tenant_A_DB_Zone + rd: 192.168.255.3:13 + route_targets: + both: + - '13:13' + redistribute_routes: + - learned + vlan: 140-141 + - name: Tenant_A_OP_Zone + rd: 192.168.255.3:10 + route_targets: + both: + - '10:10' + redistribute_routes: + - learned + vlan: 110-112 + - name: Tenant_A_WAN_Zone + rd: 192.168.255.3:14 + route_targets: + both: + - '14:14' + redistribute_routes: + - learned + vlan: '150' + - name: Tenant_A_WEB_Zone + rd: 192.168.255.3:11 + route_targets: + both: + - '11:11' + redistribute_routes: + - learned + vlan: 120-121 + - name: Tenant_A_NFS + tenant: Tenant_A + rd: 192.168.255.3:10161 + route_targets: + both: + - 10161:10161 + redistribute_routes: + - learned + vlan: '161' + - name: Tenant_A_VMOTION + tenant: Tenant_A + rd: 192.168.255.3:55160 + route_targets: + both: + - 55160:55160 + redistribute_routes: + - learned + vlan: '160' + - name: Tenant_B_OP_Zone + rd: 192.168.255.3:20 + route_targets: + both: + - '20:20' + redistribute_routes: + - learned + vlan: 210-211 + - name: Tenant_B_WAN_Zone + rd: 192.168.255.3:21 + route_targets: + both: + - '21:21' + redistribute_routes: + - learned + vlan: '250' + - name: Tenant_C_OP_Zone + rd: 192.168.255.3:30 + route_targets: + both: + - '30:30' + redistribute_routes: + - learned + vlan: 310-311 + - name: Tenant_C_WAN_Zone + rd: 192.168.255.3:31 + route_targets: + both: + - '31:31' + redistribute_routes: + - learned + vlan: '350' + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 @@ -301,7 +334,8 @@ daemon_terminattr: cvaddrs: - 10.255.0.1:9910 cvauth: - method: key + method: token + token_file: /tmp/token cvvrf: MGMT smashexcludes: ale,flexCounter,hardware,kni,pulse,strata ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent @@ -311,501 +345,489 @@ vlan_internal_order: range: beginning: 1006 ending: 1199 -name_server: - source: - vrf: MGMT - nodes: - - 192.168.2.1 - - 8.8.8.8 spanning_tree: mode: mstp mst_instances: - '0': - priority: 16384 + - id: '0' + priority: 16384 no_spanning_tree_vlan: 4093-4094 local_users: - admin: - privilege: 15 - role: network-admin - sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 - ansible: - privilege: 15 - role: network-admin - sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ - cvpadmin: - privilege: 15 - role: network-admin - sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +- name: admin + privilege: 15 + role: network-admin + sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 +- name: ansible + privilege: 15 + role: network-admin + sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ +- name: cvpadmin + privilege: 15 + role: network-admin + sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. vrfs: - MGMT: - ip_routing: false - Tenant_A_APP_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_DB_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_OP_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_WAN_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_WEB_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_B_OP_Zone: - tenant: Tenant_B - ip_routing: true - Tenant_B_WAN_Zone: - tenant: Tenant_B - ip_routing: true - Tenant_C_OP_Zone: - tenant: Tenant_C - ip_routing: true - Tenant_C_WAN_Zone: - tenant: Tenant_C - ip_routing: true +- name: MGMT + ip_routing: false +- name: Tenant_A_APP_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_DB_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_OP_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_WAN_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_WEB_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_B_OP_Zone + tenant: Tenant_B + ip_routing: true +- name: Tenant_B_WAN_Zone + tenant: Tenant_B + ip_routing: true +- name: Tenant_C_OP_Zone + tenant: Tenant_C + ip_routing: true +- name: Tenant_C_WAN_Zone + tenant: Tenant_C + ip_routing: true management_interfaces: - Management1: - description: oob_management - shutdown: false - vrf: MGMT - ip_address: 10.255.0.13/24 - gateway: 10.255.0.1 - type: oob +- name: Management1 + description: oob_management + shutdown: false + vrf: MGMT + ip_address: 10.255.0.13/24 + gateway: 10.255.0.1 + type: oob management_api_http: enable_vrfs: - MGMT: {} + - name: MGMT enable_https: true vlans: - 4093: - tenant: system - name: LEAF_PEER_L3 - trunk_groups: - - LEAF_PEER_L3 - 4094: - tenant: system - name: MLAG_PEER - trunk_groups: - - MLAG - 130: - tenant: Tenant_A - name: Tenant_A_APP_Zone_1 - 131: - tenant: Tenant_A - name: Tenant_A_APP_Zone_2 - 3011: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_APP_Zone - trunk_groups: - - LEAF_PEER_L3 - 140: - tenant: Tenant_A - name: Tenant_A_DB_BZone_1 - 141: - tenant: Tenant_A - name: Tenant_A_DB_Zone_2 - 3012: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_DB_Zone - trunk_groups: - - LEAF_PEER_L3 - 110: - tenant: Tenant_A - name: Tenant_A_OP_Zone_1 - 111: - tenant: Tenant_A - name: Tenant_A_OP_Zone_2 - 112: - tenant: Tenant_A - name: Tenant_A_OP_Zone_3 - 3009: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 150: - tenant: Tenant_A - name: Tenant_A_WAN_Zone_1 - 3013: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 - 120: - tenant: Tenant_A - name: Tenant_A_WEB_Zone_1 - 121: - tenant: Tenant_A - name: Tenant_A_WEBZone_2 - 3010: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_WEB_Zone - trunk_groups: - - LEAF_PEER_L3 - 160: - tenant: Tenant_A - name: Tenant_A_VMOTION - 161: - tenant: Tenant_A - name: Tenant_A_NFS - 210: - tenant: Tenant_B - name: Tenant_B_OP_Zone_1 - 211: - tenant: Tenant_B - name: Tenant_B_OP_Zone_2 - 3019: - tenant: Tenant_B - name: MLAG_iBGP_Tenant_B_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 250: - tenant: Tenant_B - name: Tenant_B_WAN_Zone_1 - 3020: - tenant: Tenant_B - name: MLAG_iBGP_Tenant_B_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 - 310: - tenant: Tenant_C - name: Tenant_C_OP_Zone_1 - 311: - tenant: Tenant_C - name: Tenant_C_OP_Zone_2 - 3029: - tenant: Tenant_C - name: MLAG_iBGP_Tenant_C_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 350: - tenant: Tenant_C - name: Tenant_C_WAN_Zone_1 - 3030: - tenant: Tenant_C - name: MLAG_iBGP_Tenant_C_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 +- id: 4093 + tenant: system + name: LEAF_PEER_L3 + trunk_groups: + - LEAF_PEER_L3 +- id: 4094 + tenant: system + name: MLAG_PEER + trunk_groups: + - MLAG +- id: 130 + name: Tenant_A_APP_Zone_1 + tenant: Tenant_A +- id: 131 + name: Tenant_A_APP_Zone_2 + tenant: Tenant_A +- id: 3011 + name: MLAG_iBGP_Tenant_A_APP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 140 + name: Tenant_A_DB_BZone_1 + tenant: Tenant_A +- id: 141 + name: Tenant_A_DB_Zone_2 + tenant: Tenant_A +- id: 3012 + name: MLAG_iBGP_Tenant_A_DB_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 110 + name: Tenant_A_OP_Zone_1 + tenant: Tenant_A +- id: 111 + name: Tenant_A_OP_Zone_2 + tenant: Tenant_A +- id: 112 + name: Tenant_A_OP_Zone_3 + tenant: Tenant_A +- id: 3009 + name: MLAG_iBGP_Tenant_A_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 150 + name: Tenant_A_WAN_Zone_1 + tenant: Tenant_A +- id: 3013 + name: MLAG_iBGP_Tenant_A_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 120 + name: Tenant_A_WEB_Zone_1 + tenant: Tenant_A +- id: 121 + name: Tenant_A_WEBZone_2 + tenant: Tenant_A +- id: 3010 + name: MLAG_iBGP_Tenant_A_WEB_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 160 + name: Tenant_A_VMOTION + tenant: Tenant_A +- id: 161 + name: Tenant_A_NFS + tenant: Tenant_A +- id: 210 + name: Tenant_B_OP_Zone_1 + tenant: Tenant_B +- id: 211 + name: Tenant_B_OP_Zone_2 + tenant: Tenant_B +- id: 3019 + name: MLAG_iBGP_Tenant_B_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_B +- id: 250 + name: Tenant_B_WAN_Zone_1 + tenant: Tenant_B +- id: 3020 + name: MLAG_iBGP_Tenant_B_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_B +- id: 310 + name: Tenant_C_OP_Zone_1 + tenant: Tenant_C +- id: 311 + name: Tenant_C_OP_Zone_2 + tenant: Tenant_C +- id: 3029 + name: MLAG_iBGP_Tenant_C_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_C +- id: 350 + name: Tenant_C_WAN_Zone_1 + tenant: Tenant_C +- id: 3030 + name: MLAG_iBGP_Tenant_C_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_C vlan_interfaces: - Vlan4093: - description: MLAG_PEER_L3_PEERING - shutdown: false - ip_address: 10.255.251.0/31 - mtu: 1500 - Vlan4094: - description: MLAG_PEER - shutdown: false - ip_address: 10.255.252.0/31 - no_autostate: true - mtu: 1500 - Vlan130: - tenant: Tenant_A - tags: - - app - - erp1 - description: Tenant_A_APP_Zone_1 - shutdown: false - vrf: Tenant_A_APP_Zone - Vlan131: - tenant: Tenant_A - tags: - - app - description: Tenant_A_APP_Zone_2 - shutdown: false - vrf: Tenant_A_APP_Zone - ip_address_virtual: 10.1.31.254/24 - Vlan3011: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone' - vrf: Tenant_A_APP_Zone - ip_address: 10.255.251.0/31 - mtu: 1500 - Vlan140: - tenant: Tenant_A - tags: - - db - - erp1 - description: Tenant_A_DB_BZone_1 - shutdown: false - vrf: Tenant_A_DB_Zone - ip_address_virtual: 10.1.40.1/24 - Vlan141: - tenant: Tenant_A - tags: - - db - description: Tenant_A_DB_Zone_2 - shutdown: false - vrf: Tenant_A_DB_Zone - ip_address_virtual: 10.1.41.1/24 - Vlan3012: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone' - vrf: Tenant_A_DB_Zone - ip_address: 10.255.251.0/31 - mtu: 1500 - Vlan110: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_1 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.10.1/24 - Vlan111: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_2 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.11.1/24 - Vlan112: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_3 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.12.254/24 - Vlan3009: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone' - vrf: Tenant_A_OP_Zone - ip_address: 10.255.251.0/31 - mtu: 1500 - Vlan150: - tenant: Tenant_A - tags: - - wan - description: Tenant_A_WAN_Zone_1 - shutdown: false - vrf: Tenant_A_WAN_Zone - ip_address_virtual: 10.1.40.1/24 - Vlan3013: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone' - vrf: Tenant_A_WAN_Zone - ip_address: 10.255.251.0/31 - mtu: 1500 - Vlan120: - tenant: Tenant_A - tags: - - web - - erp1 - description: Tenant_A_WEB_Zone_1 - shutdown: false - vrf: Tenant_A_WEB_Zone - Vlan121: - tenant: Tenant_A - tags: - - web - description: Tenant_A_WEBZone_2 - shutdown: false - vrf: Tenant_A_WEB_Zone - ip_address_virtual: 10.1.21.1/24 - Vlan3010: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone' - vrf: Tenant_A_WEB_Zone - ip_address: 10.255.251.0/31 - mtu: 1500 - Vlan210: - tenant: Tenant_B - tags: - - opzone - description: Tenant_B_OP_Zone_1 - shutdown: false - vrf: Tenant_B_OP_Zone - Vlan211: - tenant: Tenant_B - tags: - - opzone - description: Tenant_B_OP_Zone_2 - shutdown: false - vrf: Tenant_B_OP_Zone - ip_address_virtual: 10.2.11.1/24 - Vlan3019: - tenant: Tenant_B - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone' - vrf: Tenant_B_OP_Zone - ip_address: 10.255.251.0/31 - mtu: 1500 - Vlan250: - tenant: Tenant_B - tags: - - wan - description: Tenant_B_WAN_Zone_1 - shutdown: false - vrf: Tenant_B_WAN_Zone - ip_address_virtual: 10.2.50.1/24 - Vlan3020: - tenant: Tenant_B - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone' - vrf: Tenant_B_WAN_Zone - ip_address: 10.255.251.0/31 - mtu: 1500 - Vlan310: - tenant: Tenant_C - tags: - - opzone - description: Tenant_C_OP_Zone_1 - shutdown: false - vrf: Tenant_C_OP_Zone - Vlan311: - tenant: Tenant_C - tags: - - opzone - description: Tenant_C_OP_Zone_2 - shutdown: false - vrf: Tenant_C_OP_Zone - Vlan3029: - tenant: Tenant_C - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone' - vrf: Tenant_C_OP_Zone - ip_address: 10.255.251.0/31 - mtu: 1500 - Vlan350: - tenant: Tenant_C - tags: - - wan - description: Tenant_C_WAN_Zone_1 - shutdown: false - vrf: Tenant_C_WAN_Zone - Vlan3030: - tenant: Tenant_C - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone' - vrf: Tenant_C_WAN_Zone - ip_address: 10.255.251.0/31 - mtu: 1500 +- name: Vlan4093 + description: MLAG_PEER_L3_PEERING + shutdown: false + ip_address: 10.255.251.0/31 +- name: Vlan4094 + description: MLAG_PEER + shutdown: false + no_autostate: true + ip_address: 10.255.252.0/31 +- name: Vlan130 + tenant: Tenant_A + tags: + - app + - erp1 + description: Tenant_A_APP_Zone_1 + shutdown: false + vrf: Tenant_A_APP_Zone +- name: Vlan131 + tenant: Tenant_A + tags: + - app + description: Tenant_A_APP_Zone_2 + shutdown: false + ip_address_virtual: 10.1.31.254/24 + vrf: Tenant_A_APP_Zone +- name: Vlan3011 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone' + vrf: Tenant_A_APP_Zone + mtu: null + ip_address: 10.255.251.0/31 +- name: Vlan140 + tenant: Tenant_A + tags: + - db + - erp1 + description: Tenant_A_DB_BZone_1 + shutdown: false + ip_address_virtual: 10.1.40.1/24 + vrf: Tenant_A_DB_Zone +- name: Vlan141 + tenant: Tenant_A + tags: + - db + description: Tenant_A_DB_Zone_2 + shutdown: false + ip_address_virtual: 10.1.41.1/24 + vrf: Tenant_A_DB_Zone +- name: Vlan3012 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone' + vrf: Tenant_A_DB_Zone + mtu: null + ip_address: 10.255.251.0/31 +- name: Vlan110 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_1 + shutdown: false + ip_address_virtual: 10.1.10.1/24 + vrf: Tenant_A_OP_Zone +- name: Vlan111 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.1.11.1/24 + vrf: Tenant_A_OP_Zone +- name: Vlan112 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_3 + shutdown: false + ip_address_virtual: 10.1.12.254/24 + vrf: Tenant_A_OP_Zone +- name: Vlan3009 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone' + vrf: Tenant_A_OP_Zone + mtu: null + ip_address: 10.255.251.0/31 +- name: Vlan150 + tenant: Tenant_A + tags: + - wan + description: Tenant_A_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.1.40.1/24 + vrf: Tenant_A_WAN_Zone +- name: Vlan3013 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone' + vrf: Tenant_A_WAN_Zone + mtu: null + ip_address: 10.255.251.0/31 +- name: Vlan120 + tenant: Tenant_A + tags: + - web + - erp1 + description: Tenant_A_WEB_Zone_1 + shutdown: false + vrf: Tenant_A_WEB_Zone +- name: Vlan121 + tenant: Tenant_A + tags: + - web + description: Tenant_A_WEBZone_2 + shutdown: false + ip_address_virtual: 10.1.21.1/24 + vrf: Tenant_A_WEB_Zone +- name: Vlan3010 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone' + vrf: Tenant_A_WEB_Zone + mtu: null + ip_address: 10.255.251.0/31 +- name: Vlan210 + tenant: Tenant_B + tags: + - opzone + description: Tenant_B_OP_Zone_1 + shutdown: false + vrf: Tenant_B_OP_Zone +- name: Vlan211 + tenant: Tenant_B + tags: + - opzone + description: Tenant_B_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.2.11.1/24 + vrf: Tenant_B_OP_Zone +- name: Vlan3019 + tenant: Tenant_B + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone' + vrf: Tenant_B_OP_Zone + mtu: null + ip_address: 10.255.251.0/31 +- name: Vlan250 + tenant: Tenant_B + tags: + - wan + description: Tenant_B_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.2.50.1/24 + vrf: Tenant_B_WAN_Zone +- name: Vlan3020 + tenant: Tenant_B + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone' + vrf: Tenant_B_WAN_Zone + mtu: null + ip_address: 10.255.251.0/31 +- name: Vlan310 + tenant: Tenant_C + tags: + - opzone + description: Tenant_C_OP_Zone_1 + shutdown: false + vrf: Tenant_C_OP_Zone +- name: Vlan311 + tenant: Tenant_C + tags: + - opzone + description: Tenant_C_OP_Zone_2 + shutdown: false + vrf: Tenant_C_OP_Zone +- name: Vlan3029 + tenant: Tenant_C + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone' + vrf: Tenant_C_OP_Zone + mtu: null + ip_address: 10.255.251.0/31 +- name: Vlan350 + tenant: Tenant_C + tags: + - wan + description: Tenant_C_WAN_Zone_1 + shutdown: false + vrf: Tenant_C_WAN_Zone +- name: Vlan3030 + tenant: Tenant_C + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone' + vrf: Tenant_C_WAN_Zone + mtu: null + ip_address: 10.255.251.0/31 port_channel_interfaces: - Port-Channel3: - description: MLAG_PEER_DC1-LEAF1B_Po3 - type: switched - shutdown: false - vlans: 2-4094 - mode: trunk - trunk_groups: - - LEAF_PEER_L3 - - MLAG - Port-Channel5: - description: DC1-L2LEAF1A_Po1 - type: switched - shutdown: false - vlans: 110-112,120-121,130-131 - mode: trunk - mlag: 5 +- name: Port-Channel3 + description: MLAG_PEER_DC1-LEAF1B_Po3 + type: switched + shutdown: false + mode: trunk + trunk_groups: + - LEAF_PEER_L3 + - MLAG +- name: Port-Channel5 + description: DC1-L2LEAF1A_Po1 + type: switched + shutdown: false + mode: trunk + vlans: 110-112,120-121,130-131 + mlag: 5 ethernet_interfaces: - Ethernet3: - peer: DC1-LEAF1B - peer_interface: Ethernet3 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF1B_Ethernet3 - type: switched - shutdown: false - channel_group: - id: 3 - mode: active - Ethernet4: - peer: DC1-LEAF1B - peer_interface: Ethernet4 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF1B_Ethernet4 - type: switched - shutdown: false - channel_group: - id: 3 - mode: active - Ethernet1: - peer: DC1-SPINE1 - peer_interface: Ethernet1 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE1_Ethernet1 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.1/31 - Ethernet2: - peer: DC1-SPINE2 - peer_interface: Ethernet1 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE2_Ethernet1 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.3/31 - Ethernet5: - peer: DC1-L2LEAF1A - peer_interface: Ethernet1 - peer_type: l2leaf - description: DC1-L2LEAF1A_Ethernet1 - type: switched - shutdown: false - channel_group: - id: 5 - mode: active +- name: Ethernet3 + peer: DC1-LEAF1B + peer_interface: Ethernet3 + peer_type: mlag_peer + description: MLAG_PEER_DC1-LEAF1B_Ethernet3 + type: port-channel-member + shutdown: false + channel_group: + id: 3 + mode: active +- name: Ethernet4 + peer: DC1-LEAF1B + peer_interface: Ethernet4 + peer_type: mlag_peer + description: MLAG_PEER_DC1-LEAF1B_Ethernet4 + type: port-channel-member + shutdown: false + channel_group: + id: 3 + mode: active +- name: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + description: P2P_LINK_TO_DC1-SPINE1_Ethernet1 + shutdown: false + type: routed + ip_address: 172.31.255.1/31 +- name: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + description: P2P_LINK_TO_DC1-SPINE2_Ethernet1 + shutdown: false + type: routed + ip_address: 172.31.255.3/31 +- name: Ethernet5 + peer: DC1-L2LEAF1A + peer_interface: Ethernet1 + peer_type: l2leaf + description: DC1-L2LEAF1A_Ethernet1 + shutdown: false + type: port-channel-member + channel_group: + id: 5 + mode: active mlag_configuration: domain_id: DC1_LEAF1 local_interface: Vlan4094 peer_address: 10.255.252.1 peer_link: Port-Channel3 - reload_delay_mlag: 300 - reload_delay_non_mlag: 330 + reload_delay_mlag: '300' + reload_delay_non_mlag: '330' route_maps: - RM-MLAG-PEER-IN: - sequence_numbers: - 10: - type: permit - set: - - origin incomplete - description: Make routes learned over MLAG Peer-link less preferred on spines - to ensure optimal routing - RM-CONN-2-BGP: - sequence_numbers: - 10: - type: permit - match: - - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +- name: RM-MLAG-PEER-IN + sequence_numbers: + - sequence: 10 + type: permit + set: + - origin incomplete + description: Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing +- name: RM-CONN-2-BGP + sequence_numbers: + - sequence: 10 + type: permit + match: + - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY loopback_interfaces: - Loopback0: - description: EVPN_Overlay_Peering - shutdown: false - ip_address: 192.168.255.3/32 - Loopback1: - description: VTEP_VXLAN_Tunnel_Source - shutdown: false - ip_address: 192.168.254.3/32 - Loopback100: - description: Tenant_A_OP_Zone_VTEP_DIAGNOSTICS - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address: 10.255.1.3/32 +- name: Loopback0 + description: EVPN_Overlay_Peering + shutdown: false + ip_address: 192.168.255.3/32 +- name: Loopback1 + description: VTEP_VXLAN_Tunnel_Source + shutdown: false + ip_address: 192.168.254.3/32 +- name: Loopback100 + description: Tenant_A_OP_Zone_VTEP_DIAGNOSTICS + shutdown: false + vrf: Tenant_A_OP_Zone + ip_address: 10.255.1.3/32 prefix_lists: - PL-LOOPBACKS-EVPN-OVERLAY: - sequence_numbers: - 10: - action: permit 192.168.255.0/24 eq 32 - 20: - action: permit 192.168.254.0/24 eq 32 +- name: PL-LOOPBACKS-EVPN-OVERLAY + sequence_numbers: + - sequence: 10 + action: permit 192.168.255.0/24 eq 32 + - sequence: 20 + action: permit 192.168.254.0/24 eq 32 router_bfd: multihop: interval: 1200 @@ -813,73 +835,75 @@ router_bfd: multiplier: 3 ip_igmp_snooping: globally_enabled: true +ip_virtual_router_mac_address: 00:1c:73:00:dc:01 vxlan_interface: Vxlan1: description: DC1-LEAF1A_VTEP vxlan: + udp_port: 4789 source_interface: Loopback1 virtual_router_encapsulation_mac_address: mlag-system-id - udp_port: 4789 vlans: - 130: - vni: 10130 - 131: - vni: 10131 - 140: - vni: 10140 - 141: - vni: 10141 - 110: - vni: 10110 - 111: - vni: 50111 - 112: - vni: 50112 - 150: - vni: 10150 - 120: - vni: 10120 - 121: - vni: 10121 - 160: - vni: 55160 - 161: - vni: 10161 - 210: - vni: 20210 - 211: - vni: 20211 - 250: - vni: 20250 - 310: - vni: 30310 - 311: - vni: 30311 - 350: - vni: 30350 + - id: 130 + vni: 10130 + - id: 131 + vni: 10131 + - id: 140 + vni: 10140 + - id: 141 + vni: 10141 + - id: 110 + vni: 10110 + - id: 111 + vni: 50111 + - id: 112 + vni: 50112 + - id: 150 + vni: 10150 + - id: 120 + vni: 10120 + - id: 121 + vni: 10121 + - id: 160 + vni: 55160 + - id: 161 + vni: 10161 + - id: 210 + vni: 20210 + - id: 211 + vni: 20211 + - id: 250 + vni: 20250 + - id: 310 + vni: 30310 + - id: 311 + vni: 30311 + - id: 350 + vni: 30350 vrfs: - Tenant_A_APP_Zone: - vni: 12 - Tenant_A_DB_Zone: - vni: 13 - Tenant_A_OP_Zone: - vni: 10 - Tenant_A_WAN_Zone: - vni: 14 - Tenant_A_WEB_Zone: - vni: 11 - Tenant_B_OP_Zone: - vni: 20 - Tenant_B_WAN_Zone: - vni: 21 - Tenant_C_OP_Zone: - vni: 30 - Tenant_C_WAN_Zone: - vni: 31 + - name: Tenant_A_APP_Zone + vni: 12 + - name: Tenant_A_DB_Zone + vni: 13 + - name: Tenant_A_OP_Zone + vni: 10 + - name: Tenant_A_WAN_Zone + vni: 14 + - name: Tenant_A_WEB_Zone + vni: 11 + - name: Tenant_B_OP_Zone + vni: 20 + - name: Tenant_B_WAN_Zone + vni: 21 + - name: Tenant_C_OP_Zone + vni: 30 + - name: Tenant_C_WAN_Zone + vni: 31 virtual_source_nat_vrfs: - Tenant_A_OP_Zone: - ip_address: 10.255.1.3 -ip_virtual_router_mac_address: 00:1c:73:00:dc:01 +- name: Tenant_A_OP_Zone + ip_address: 10.255.1.3 +metadata: + platform: vEOS-LAB ntp: local_interface: name: Management1 diff --git a/inventory/intended/structured_configs/DC1-LEAF1B-debug-vars.yml b/inventory/intended/structured_configs/DC1-LEAF1B-debug-vars.yml index e93e5dbaa..64189d970 100644 --- a/inventory/intended/structured_configs/DC1-LEAF1B-debug-vars.yml +++ b/inventory/intended/structured_configs/DC1-LEAF1B-debug-vars.yml @@ -20,14 +20,16 @@ local_users: privilege: 15 role: network-admin sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -cvp_instance_ip: 10.255.0.1 -cvp_ingestauth_key: '' +cvp_instance_ips: +- 10.255.0.1 mgmt_interface: Management1 mgmt_interface_vrf: MGMT mgmt_gateway: 10.255.0.1 -name_servers: -- 192.168.2.1 -- 8.8.8.8 +ip_name_servers: +- ip_address: 192.168.2.1 + vrf: MGMT +- ip_address: 8.8.8.8 + vrf: MGMT custom_structured_configuration_ntp: local_interface: name: Management1 @@ -38,27 +40,65 @@ custom_structured_configuration_ntp: vrf: MGMT - name: 1.fr.pool.ntp.org vrf: MGMT +port_profiles: + TENANT_A_B: + mode: trunk + vlans: 110-111,210-211 + TENANT_A: + mode: access + vlans: '110' + TENANT_B: + mode: trunk + vlans: 210-211 +servers: + server01: + rack: RackA + adapters: + - endpoint_ports: + - Eth0 + switch_ports: + - Ethernet5 + switches: + - DC1-L2LEAF1A + profile: TENANT_A + server02: + rack: RackA + adapters: + - endpoint_ports: + - Eth0 + switch_ports: + - Ethernet5 + switches: + - DC1-L2LEAF2A + profile: TENANT_A fabric_name: DC1_FABRIC -vxlan_vlan_aware_bundles: true +evpn_vlan_aware_bundles: true bgp_peer_groups: - IPv4_UNDERLAY_PEERS: + ipv4_underlay_peers: password: AQQvKeimxJu+uGQ/yYvv9w== - EVPN_OVERLAY_PEERS: + evpn_overlay_peers: password: q+VNViP5i4rVjW1cxFv2wA== - MLAG_IPv4_UNDERLAY_PEER: + mlag_ipv4_underlay_peer: password: vnEaG8gMeQf3d3cN6PktXQ== spine: defaults: platform: vEOS-LAB bgp_as: 65001 loopback_ipv4_pool: 192.168.255.0/24 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart mlag_peer_ipv4_pool: 10.255.252.0/24 mlag_peer_l3_ipv4_pool: 10.255.251.0/24 + structured_config: + router_bgp: + bgp: + default: + ipv4_unicast: false + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 nodes: DC1-SPINE1: id: 1 @@ -85,11 +125,18 @@ l3leaf: mlag_peer_ipv4_pool: 10.255.252.0/24 mlag_peer_l3_ipv4_pool: 10.255.251.0/24 virtual_router_mac_address: 00:1c:73:00:dc:01 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart + structured_config: + router_bgp: + bgp: + default: + ipv4_unicast: false + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 spanning_tree_mode: mstp spanning_tree_priority: 16384 node_groups: @@ -150,9 +197,9 @@ l2leaf: tenants: - Tenant_A tags: + - app - opzone - web - - app nodes: DC1-L2LEAF1A: id: 5 @@ -168,9 +215,9 @@ l2leaf: tenants: - Tenant_A tags: + - app - opzone - web - - app nodes: DC1-L2LEAF2A: id: 7 @@ -178,613 +225,1058 @@ l2leaf: uplink_switch_interfaces: - Ethernet5 - Ethernet5 -p2p_uplinks_mtu: 1500 +p2p_uplinks_mtu: 9000 bfd_multihop: interval: 1200 min_rx: 1200 multiplier: 3 -port_profiles: - TENANT_A_B: - mode: trunk - vlans: 110-111,210-211 - TENANT_A: - mode: access - vlans: '110' - TENANT_B: - mode: trunk - vlans: 210-211 -servers: - server01: - rack: RackA - adapters: - - type: nic - server_ports: - - Eth0 - switch_ports: - - Ethernet5 - switches: - - DC1-L2LEAF1A - profile: TENANT_A - server02: - rack: RackA - adapters: - - type: nic - server_ports: - - Eth0 - switch_ports: - - Ethernet5 - switches: - - DC1-L2LEAF2A - profile: TENANT_A -tenants: - Tenant_A: - mac_vrf_vni_base: 10000 - vrfs: - Tenant_A_OP_Zone: - vrf_vni: 10 - vtep_diagnostic: - loopback: 100 - loopback_ip_range: 10.255.1.0/24 - svis: - 110: - name: Tenant_A_OP_Zone_1 - tags: - - opzone - enabled: true - ip_address_virtual: 10.1.10.1/24 - 111: - vni_override: 50111 - name: Tenant_A_OP_Zone_2 - tags: - - opzone - enabled: true - ip_address_virtual: 10.1.11.1/24 - 112: - vni_override: 50112 - name: Tenant_A_OP_Zone_3 - tags: - - opzone - enabled: true - ip_address_virtual: 10.1.12.254/24 - Tenant_A_WEB_Zone: - vrf_vni: 11 - svis: - 120: - name: Tenant_A_WEB_Zone_1 - tags: - - web - - erp1 - enabled: true - ip_subnet: 10.1.20.0/24 - 121: - name: Tenant_A_WEBZone_2 - tags: - - web - enabled: true - ip_address_virtual: 10.1.21.1/24 - Tenant_A_APP_Zone: - vrf_vni: 12 - svis: - 130: - name: Tenant_A_APP_Zone_1 - tags: - - app - - erp1 - enabled: true - ip_subnet: 10.1.30.0/24 - 131: - name: Tenant_A_APP_Zone_2 - tags: - - app - enabled: true - ip_address_virtual: 10.1.31.254/24 - Tenant_A_DB_Zone: - vrf_vni: 13 - svis: - 140: - name: Tenant_A_DB_BZone_1 - tags: - - db - - erp1 - enabled: true - ip_address_virtual: 10.1.40.1/24 - 141: - name: Tenant_A_DB_Zone_2 - tags: - - db - enabled: true - ip_address_virtual: 10.1.41.1/24 - Tenant_A_WAN_Zone: - vrf_vni: 14 - svis: - 150: - name: Tenant_A_WAN_Zone_1 - tags: - - wan - enabled: true - ip_address_virtual: 10.1.40.1/24 - l2vlans: - 160: - vni_override: 55160 - name: Tenant_A_VMOTION - tags: - - vmotion - 161: - name: Tenant_A_NFS - tags: - - nfs - Tenant_B: - mac_vrf_vni_base: 20000 - vrfs: - Tenant_B_OP_Zone: - vrf_vni: 20 - svis: - 210: - name: Tenant_B_OP_Zone_1 - tags: - - opzone - enabled: true - ip_subnet: 10.2.10.0/24 - 211: - name: Tenant_B_OP_Zone_2 - tags: - - opzone - enabled: true - ip_address_virtual: 10.2.11.1/24 - Tenant_B_WAN_Zone: - vrf_vni: 21 - svis: - 250: - name: Tenant_B_WAN_Zone_1 - tags: - - wan - enabled: true - ip_address_virtual: 10.2.50.1/24 - Tenant_C: - mac_vrf_vni_base: 30000 - vrfs: - Tenant_C_OP_Zone: - vrf_vni: 30 - svis: - 310: - name: Tenant_C_OP_Zone_1 - tags: - - opzone - enabled: true - ip_subnet: 10.3.10.0/24 - 311: - name: Tenant_C_OP_Zone_2 - tags: - - opzone - enabled: true - ip_subnet: 10.3.11.1/24 - Tenant_C_WAN_Zone: - vrf_vni: 31 - svis: - 350: - name: Tenant_C_WAN_Zone_1 - tags: - - wan - enabled: true - ip_subnet: 10.3.50.1/24 -inventory_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml -inventory_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory +platform_settings: +- platforms: + - default +- platforms: + - vEOS-LAB + reload_delay: + mlag: 300 + non_mlag: 330 + feature_support: + queue_monitor_length_notify: false + interface_storm_control: false + poe: false + per_interface_mtu: false + bgp_update_wait_install: false + bgp_update_wait_for_convergence: false +Tenant_A: +- name: Tenant_A + mac_vrf_vni_base: 10000 + vrfs: + - name: Tenant_A_OP_Zone + vrf_vni: 10 + vtep_diagnostic: + loopback: 100 + loopback_ip_range: 10.255.1.0/24 + svis: + - id: 110 + name: Tenant_A_OP_Zone_1 + tags: + - opzone + enabled: true + ip_address_virtual: 10.1.10.1/24 + - id: 111 + vni_override: 50111 + name: Tenant_A_OP_Zone_2 + tags: + - opzone + enabled: true + ip_address_virtual: 10.1.11.1/24 + - id: 112 + vni_override: 50112 + name: Tenant_A_OP_Zone_3 + tags: + - opzone + enabled: true + ip_address_virtual: 10.1.12.254/24 + - name: Tenant_A_WEB_Zone + vrf_vni: 11 + svis: + - id: 120 + name: Tenant_A_WEB_Zone_1 + tags: + - web + - erp1 + enabled: true + - id: 121 + name: Tenant_A_WEBZone_2 + tags: + - web + enabled: true + ip_address_virtual: 10.1.21.1/24 + - name: Tenant_A_APP_Zone + vrf_vni: 12 + svis: + - id: 130 + name: Tenant_A_APP_Zone_1 + tags: + - app + - erp1 + enabled: true + - id: 131 + name: Tenant_A_APP_Zone_2 + tags: + - app + enabled: true + ip_address_virtual: 10.1.31.254/24 + - name: Tenant_A_DB_Zone + vrf_vni: 13 + svis: + - id: 140 + name: Tenant_A_DB_BZone_1 + tags: + - db + - erp1 + enabled: true + ip_address_virtual: 10.1.40.1/24 + - id: 141 + name: Tenant_A_DB_Zone_2 + tags: + - db + enabled: true + ip_address_virtual: 10.1.41.1/24 + - name: Tenant_A_WAN_Zone + vrf_vni: 14 + svis: + - id: 150 + name: Tenant_A_WAN_Zone_1 + tags: + - wan + enabled: true + ip_address_virtual: 10.1.40.1/24 + l2vlans: + - id: 160 + vni_override: 55160 + name: Tenant_A_VMOTION + tags: + - vmotion + - id: 161 + name: Tenant_A_NFS + tags: + - nfs +Tenant_B: +- name: Tenant_B + mac_vrf_vni_base: 20000 + vrfs: + - name: Tenant_B_OP_Zone + vrf_vni: 20 + svis: + - id: 210 + name: Tenant_B_OP_Zone_1 + tags: + - opzone + enabled: true + - id: 211 + name: Tenant_B_OP_Zone_2 + tags: + - opzone + enabled: true + ip_address_virtual: 10.2.11.1/24 + - name: Tenant_B_WAN_Zone + vrf_vni: 21 + svis: + - id: 250 + name: Tenant_B_WAN_Zone_1 + tags: + - wan + enabled: true + ip_address_virtual: 10.2.50.1/24 +Tenant_C: +- name: Tenant_C + mac_vrf_vni_base: 30000 + vrfs: + - name: Tenant_C_OP_Zone + vrf_vni: 30 + svis: + - id: 310 + name: Tenant_C_OP_Zone_1 + tags: + - opzone + enabled: true + - id: 311 + name: Tenant_C_OP_Zone_2 + tags: + - opzone + enabled: true + - name: Tenant_C_WAN_Zone + vrf_vni: 31 + svis: + - id: 350 + name: Tenant_C_WAN_Zone_1 + tags: + - wan + enabled: true +network_services_keys: +- name: Tenant_A +- name: Tenant_B +- name: Tenant_C +inventory_file: /Users/pvinci/ansible-avd-cloudvision-demo/inventory/inventory.yml +inventory_dir: /Users/pvinci/ansible-avd-cloudvision-demo/inventory ansible_host: 10.255.0.14 inventory_hostname: DC1-LEAF1B inventory_hostname_short: DC1-LEAF1B group_names: - DC1 +- DC1_CONNECTED_ENDPOINTS - DC1_FABRIC - DC1_L3LEAFS - DC1_LEAF1 -- DC1_SERVERS -- DC1_TENANTS_NETWORKS +- NETWORK_SERVICES ansible_facts: - switch: - type: l3leaf - node_type_key: l3leaf - connected_endpoints: true - default_evpn_role: client - mlag_support: true - network_services_l2: true - network_services_l3: true - underlay_router: true - uplink_type: p2p - vtep: true - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_LEAF1 - id: 2 - mgmt_ip: 10.255.0.14/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - all - filter_tags: - - all - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - virtual_router_mac_address: 00:1c:73:00:dc:01 - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: - - DC1-SPINE1 - - DC1-SPINE2 - uplink_switch_interfaces: - - Ethernet2 - - Ethernet2 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 2 - uplink_ipv4_pool: 172.31.255.0/24 - router_id: 192.168.255.4 - bgp_as: '65101' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: client - evpn_route_servers: - - DC1-SPINE1 - - DC1-SPINE2 - mlag: true - mlag_group: DC1_LEAF1 - mlag_ibgp_origin_incomplete: true - mlag_peer_vlan: 4094 - mlag_dual_primary_detection: false - mlag_interfaces: - - Ethernet3 - - Ethernet4 - mlag_l3: true - mlag_peer_l3_vlan: 4093 - mlag_role: secondary - mlag_peer: DC1-LEAF1A - mlag_peer_mgmt_ip: 10.255.0.13 - mlag_ip: 10.255.252.1 - mlag_peer_ip: 10.255.252.0 - mlag_l3_ip: 10.255.251.1 - mlag_peer_l3_ip: 10.255.251.0 - vtep_loopback_ipv4_pool: 192.168.254.0/24 - vtep_loopback: Loopback1 - vtep_ip: 192.168.254.3 - evpn_services_l2_only: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_DB_Zone: - svis: - - 140 - - 141 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WAN_Zone: - svis: - - 150 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: - - 160 - - 161 - Tenant_B: - vrfs: - Tenant_B_OP_Zone: - svis: - - 210 - - 211 - Tenant_B_WAN_Zone: - svis: - - 250 - l2vlans: [] - Tenant_C: - vrfs: - Tenant_C_OP_Zone: - svis: - - 310 - - 311 - Tenant_C_WAN_Zone: - svis: - - 350 - l2vlans: [] - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 - topology: - links: - Ethernet1: + avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF1B + - DC1-LEAF1A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF2B + - DC1-LEAF2A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + avd_topology_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-LEAF2A: + - DC1-L2LEAF2A +avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 peer: DC1-SPINE1 peer_interface: Ethernet2 peer_type: spine + peer_is_deployed: true peer_bgp_as: '65001' type: underlay_p2p + prefix_length: 31 ip_address: 172.31.255.5 peer_ip_address: 172.31.255.4 - Ethernet2: + - interface: Ethernet2 peer: DC1-SPINE2 peer_interface: Ethernet2 peer_type: spine + peer_is_deployed: true peer_bgp_as: '65001' type: underlay_p2p + prefix_length: 31 ip_address: 172.31.255.7 peer_ip_address: 172.31.255.6 - peers: - - DC1-SPINE1 - - DC1-SPINE2 - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -switch: - type: l3leaf - node_type_key: l3leaf - connected_endpoints: true - default_evpn_role: client - mlag_support: true - network_services_l2: true - network_services_l3: true - underlay_router: true - uplink_type: p2p - vtep: true - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_LEAF1 - id: 2 - mgmt_ip: 10.255.0.14/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - all - filter_tags: - - all - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - virtual_router_mac_address: 00:1c:73:00:dc:01 - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: - - DC1-SPINE1 - - DC1-SPINE2 - uplink_switch_interfaces: - - Ethernet2 - - Ethernet2 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 2 - uplink_ipv4_pool: 172.31.255.0/24 - router_id: 192.168.255.4 - bgp_as: '65101' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: client - evpn_route_servers: - - DC1-SPINE1 - - DC1-SPINE2 - mlag: true - mlag_group: DC1_LEAF1 - mlag_ibgp_origin_incomplete: true - mlag_peer_vlan: 4094 - mlag_dual_primary_detection: false - mlag_interfaces: - - Ethernet3 - - Ethernet4 - mlag_l3: true - mlag_peer_l3_vlan: 4093 - mlag_role: secondary - mlag_peer: DC1-LEAF1A - mlag_peer_mgmt_ip: 10.255.0.13 - mlag_ip: 10.255.252.1 - mlag_peer_ip: 10.255.252.0 - mlag_l3_ip: 10.255.251.1 - mlag_peer_l3_ip: 10.255.251.0 - vtep_loopback_ipv4_pool: 192.168.254.0/24 - vtep_loopback: Loopback1 - vtep_ip: 192.168.254.3 - evpn_services_l2_only: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_DB_Zone: - svis: - - 140 - - 141 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WAN_Zone: - svis: - - 150 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: - - 160 - - 161 - Tenant_B: - vrfs: - Tenant_B_OP_Zone: - svis: - - 210 - - 211 - Tenant_B_WAN_Zone: - svis: - - 250 - l2vlans: [] - Tenant_C: - vrfs: - Tenant_C_OP_Zone: - svis: - - 310 - - 311 - Tenant_C_WAN_Zone: - svis: - - 350 - l2vlans: [] - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -topology: - links: - Ethernet1: - peer: DC1-SPINE1 - peer_interface: Ethernet2 - peer_type: spine - peer_bgp_as: '65001' - type: underlay_p2p - ip_address: 172.31.255.5 - peer_ip_address: 172.31.255.4 - Ethernet2: - peer: DC1-SPINE2 - peer_interface: Ethernet2 - peer_type: spine - peer_bgp_as: '65001' - type: underlay_p2p - ip_address: 172.31.255.7 - peer_ip_address: 172.31.255.6 - peers: - - DC1-SPINE1 - - DC1-SPINE2 - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -playbook_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/playbooks -ansible_playbook_python: /Users/tgrimonet/.pyenv/versions/3.9.7/envs/arista-avd-demo/bin/python3.9 -ansible_config_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/ansible.cfg + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF1B + - DC1-LEAF1A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF2B + - DC1-LEAF2A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] +avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_topology_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-LEAF2A: + - DC1-L2LEAF2A +avd_requirements: + failed: false + changed: false +playbook_dir: /Users/pvinci/ansible-avd-cloudvision-demo/playbooks +ansible_playbook_python: /Users/pvinci/.pyenv/versions/3.11.9/bin/python3 +ansible_config_file: /Users/pvinci/ansible-avd-cloudvision-demo/ansible.cfg groups: all: - cv_ztp @@ -804,12 +1296,12 @@ groups: DC1: - DC1-SPINE1 - DC1-SPINE2 - - DC1-L2LEAF1A - - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B + - DC1-L2LEAF1A + - DC1-L2LEAF2A DC1_FABRIC: - DC1-SPINE1 - DC1-SPINE2 @@ -840,32 +1332,32 @@ groups: - DC1-L2LEAF1A DC1_L2LEAF2: - DC1-L2LEAF2A - DC1_TENANTS_NETWORKS: + NETWORK_SERVICES: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - DC1-L2LEAF1A - DC1-L2LEAF2A - DC1_SERVERS: + DC1_CONNECTED_ENDPOINTS: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - DC1-L2LEAF1A - DC1-L2LEAF2A -omit: __omit_place_holder__977da4f00604c643da39a9f2175c10b09f0b2380 +omit: __omit_place_holder__9e0ee8fc9716456e882c32fe1aa1621f8d1d8ab2 ansible_version: - string: 2.10.14 - full: 2.10.14 + string: 2.16.7 + full: 2.16.7 major: 2 - minor: 10 - revision: 14 + minor: 16 + revision: 7 ansible_check_mode: false ansible_diff_mode: false ansible_forks: 5 ansible_inventory_sources: -- /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml +- /Users/pvinci/ansible-avd-cloudvision-demo/inventory/inventory.yml ansible_skip_tags: [] ansible_run_tags: - build diff --git a/inventory/intended/structured_configs/DC1-LEAF1B.yml b/inventory/intended/structured_configs/DC1-LEAF1B.yml index e8bfc2f63..19465ab63 100644 --- a/inventory/intended/structured_configs/DC1-LEAF1B.yml +++ b/inventory/intended/structured_configs/DC1-LEAF1B.yml @@ -1,296 +1,329 @@ +hostname: DC1-LEAF1B +is_deployed: true router_bgp: as: '65101' router_id: 192.168.255.4 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - - maximum-paths 4 ecmp 4 + bgp: + default: + ipv4_unicast: false + maximum_paths: + paths: 4 + ecmp: 4 peer_groups: - MLAG-IPv4-UNDERLAY-PEER: - type: ipv4 - remote_as: '65101' - next_hop_self: true - password: vnEaG8gMeQf3d3cN6PktXQ== - maximum_routes: 12000 - send_community: all - route_map_in: RM-MLAG-PEER-IN - IPv4-UNDERLAY-PEERS: - type: ipv4 - password: AQQvKeimxJu+uGQ/yYvv9w== - maximum_routes: 12000 - send_community: all - EVPN-OVERLAY-PEERS: - type: evpn - update_source: Loopback0 - bfd: true - ebgp_multihop: '3' - password: q+VNViP5i4rVjW1cxFv2wA== - send_community: all - maximum_routes: 0 + - name: MLAG-IPv4-UNDERLAY-PEER + type: ipv4 + remote_as: '65101' + next_hop_self: true + description: DC1-LEAF1A + password: vnEaG8gMeQf3d3cN6PktXQ== + maximum_routes: 12000 + send_community: all + route_map_in: RM-MLAG-PEER-IN + - name: IPv4-UNDERLAY-PEERS + type: ipv4 + password: AQQvKeimxJu+uGQ/yYvv9w== + maximum_routes: 12000 + send_community: all + - name: EVPN-OVERLAY-PEERS + type: evpn + update_source: Loopback0 + bfd: true + password: q+VNViP5i4rVjW1cxFv2wA== + send_community: all + maximum_routes: 0 + ebgp_multihop: 3 address_family_ipv4: peer_groups: - MLAG-IPv4-UNDERLAY-PEER: - activate: true - IPv4-UNDERLAY-PEERS: - activate: true - EVPN-OVERLAY-PEERS: - activate: false + - name: MLAG-IPv4-UNDERLAY-PEER + activate: true + - name: IPv4-UNDERLAY-PEERS + activate: true + - name: EVPN-OVERLAY-PEERS + activate: false neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - description: DC1-LEAF1A - 172.31.255.4: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65001' - description: DC1-SPINE1_Ethernet2 - 172.31.255.6: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65001' - description: DC1-SPINE2_Ethernet2 - 192.168.255.1: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-SPINE1 - remote_as: '65001' - 192.168.255.2: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-SPINE2 - remote_as: '65001' + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + peer: DC1-LEAF1A + description: DC1-LEAF1A + - ip_address: 172.31.255.4 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65001' + peer: DC1-SPINE1 + description: DC1-SPINE1_Ethernet2 + - ip_address: 172.31.255.6 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65001' + peer: DC1-SPINE2 + description: DC1-SPINE2_Ethernet2 + - ip_address: 192.168.255.1 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-SPINE1 + description: DC1-SPINE1 + remote_as: '65001' + - ip_address: 192.168.255.2 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-SPINE2 + description: DC1-SPINE2 + remote_as: '65001' redistribute_routes: - connected: - route_map: RM-CONN-2-BGP + - source_protocol: connected + route_map: RM-CONN-2-BGP address_family_evpn: peer_groups: - EVPN-OVERLAY-PEERS: - activate: true + - name: EVPN-OVERLAY-PEERS + activate: true vrfs: - Tenant_A_APP_Zone: - router_id: 192.168.255.4 - rd: 192.168.255.4:12 - route_targets: - import: - evpn: - - '12:12' - export: - evpn: - - '12:12' - neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_DB_Zone: - router_id: 192.168.255.4 - rd: 192.168.255.4:13 - route_targets: - import: - evpn: - - '13:13' - export: - evpn: - - '13:13' - neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_OP_Zone: - router_id: 192.168.255.4 - rd: 192.168.255.4:10 - route_targets: - import: - evpn: - - '10:10' - export: - evpn: - - '10:10' - neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_WAN_Zone: - router_id: 192.168.255.4 - rd: 192.168.255.4:14 - route_targets: - import: - evpn: - - '14:14' - export: - evpn: - - '14:14' - neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_WEB_Zone: - router_id: 192.168.255.4 - rd: 192.168.255.4:11 - route_targets: - import: - evpn: - - '11:11' - export: - evpn: - - '11:11' - neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_B_OP_Zone: - router_id: 192.168.255.4 - rd: 192.168.255.4:20 - route_targets: - import: - evpn: - - '20:20' - export: - evpn: - - '20:20' - neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_B_WAN_Zone: - router_id: 192.168.255.4 - rd: 192.168.255.4:21 - route_targets: - import: - evpn: - - '21:21' - export: - evpn: - - '21:21' - neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_C_OP_Zone: - router_id: 192.168.255.4 - rd: 192.168.255.4:30 - route_targets: - import: - evpn: - - '30:30' - export: - evpn: - - '30:30' - neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_C_WAN_Zone: - router_id: 192.168.255.4 - rd: 192.168.255.4:31 - route_targets: - import: - evpn: - - '31:31' - export: - evpn: - - '31:31' - neighbors: - 10.255.251.0: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - vlan_aware_bundles: - Tenant_A_APP_Zone: - rd: 192.168.255.4:12 - route_targets: - both: + - name: Tenant_A_APP_Zone + router_id: 192.168.255.4 + rd: 192.168.255.4:12 + route_targets: + import: + - address_family: evpn + route_targets: + - '12:12' + export: + - address_family: evpn + route_targets: - '12:12' - redistribute_routes: - - learned - vlan: 130-131 - Tenant_A_DB_Zone: - rd: 192.168.255.4:13 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_A_DB_Zone + router_id: 192.168.255.4 + rd: 192.168.255.4:13 + route_targets: + import: + - address_family: evpn + route_targets: + - '13:13' + export: + - address_family: evpn + route_targets: - '13:13' - redistribute_routes: - - learned - vlan: 140-141 - Tenant_A_OP_Zone: - rd: 192.168.255.4:10 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_A_OP_Zone + router_id: 192.168.255.4 + rd: 192.168.255.4:10 + route_targets: + import: + - address_family: evpn + route_targets: + - '10:10' + export: + - address_family: evpn + route_targets: - '10:10' - redistribute_routes: - - learned - vlan: 110-112 - Tenant_A_WAN_Zone: - rd: 192.168.255.4:14 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_A_WAN_Zone + router_id: 192.168.255.4 + rd: 192.168.255.4:14 + route_targets: + import: + - address_family: evpn + route_targets: - '14:14' - redistribute_routes: - - learned - vlan: 150 - Tenant_A_WEB_Zone: - rd: 192.168.255.4:11 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '14:14' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_A_WEB_Zone + router_id: 192.168.255.4 + rd: 192.168.255.4:11 + route_targets: + import: + - address_family: evpn + route_targets: - '11:11' - redistribute_routes: - - learned - vlan: 120-121 - Tenant_A_VMOTION: - tenant: Tenant_A - rd: 192.168.255.4:55160 - route_targets: - both: - - 55160:55160 - redistribute_routes: - - learned - vlan: 160 - Tenant_A_NFS: - tenant: Tenant_A - rd: 192.168.255.4:10161 - route_targets: - both: - - 10161:10161 - redistribute_routes: - - learned - vlan: 161 - Tenant_B_OP_Zone: - rd: 192.168.255.4:20 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '11:11' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_B_OP_Zone + router_id: 192.168.255.4 + rd: 192.168.255.4:20 + route_targets: + import: + - address_family: evpn + route_targets: - '20:20' - redistribute_routes: - - learned - vlan: 210-211 - Tenant_B_WAN_Zone: - rd: 192.168.255.4:21 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '20:20' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_B_WAN_Zone + router_id: 192.168.255.4 + rd: 192.168.255.4:21 + route_targets: + import: + - address_family: evpn + route_targets: - '21:21' - redistribute_routes: - - learned - vlan: 250 - Tenant_C_OP_Zone: - rd: 192.168.255.4:30 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '21:21' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_C_OP_Zone + router_id: 192.168.255.4 + rd: 192.168.255.4:30 + route_targets: + import: + - address_family: evpn + route_targets: + - '30:30' + export: + - address_family: evpn + route_targets: - '30:30' - redistribute_routes: - - learned - vlan: 310-311 - Tenant_C_WAN_Zone: - rd: 192.168.255.4:31 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_C_WAN_Zone + router_id: 192.168.255.4 + rd: 192.168.255.4:31 + route_targets: + import: + - address_family: evpn + route_targets: + - '31:31' + export: + - address_family: evpn + route_targets: - '31:31' - redistribute_routes: - - learned - vlan: 350 + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.0 + peer_group: MLAG-IPv4-UNDERLAY-PEER + vlan_aware_bundles: + - name: Tenant_A_APP_Zone + rd: 192.168.255.4:12 + route_targets: + both: + - '12:12' + redistribute_routes: + - learned + vlan: 130-131 + - name: Tenant_A_DB_Zone + rd: 192.168.255.4:13 + route_targets: + both: + - '13:13' + redistribute_routes: + - learned + vlan: 140-141 + - name: Tenant_A_OP_Zone + rd: 192.168.255.4:10 + route_targets: + both: + - '10:10' + redistribute_routes: + - learned + vlan: 110-112 + - name: Tenant_A_WAN_Zone + rd: 192.168.255.4:14 + route_targets: + both: + - '14:14' + redistribute_routes: + - learned + vlan: '150' + - name: Tenant_A_WEB_Zone + rd: 192.168.255.4:11 + route_targets: + both: + - '11:11' + redistribute_routes: + - learned + vlan: 120-121 + - name: Tenant_A_NFS + tenant: Tenant_A + rd: 192.168.255.4:10161 + route_targets: + both: + - 10161:10161 + redistribute_routes: + - learned + vlan: '161' + - name: Tenant_A_VMOTION + tenant: Tenant_A + rd: 192.168.255.4:55160 + route_targets: + both: + - 55160:55160 + redistribute_routes: + - learned + vlan: '160' + - name: Tenant_B_OP_Zone + rd: 192.168.255.4:20 + route_targets: + both: + - '20:20' + redistribute_routes: + - learned + vlan: 210-211 + - name: Tenant_B_WAN_Zone + rd: 192.168.255.4:21 + route_targets: + both: + - '21:21' + redistribute_routes: + - learned + vlan: '250' + - name: Tenant_C_OP_Zone + rd: 192.168.255.4:30 + route_targets: + both: + - '30:30' + redistribute_routes: + - learned + vlan: 310-311 + - name: Tenant_C_WAN_Zone + rd: 192.168.255.4:31 + route_targets: + both: + - '31:31' + redistribute_routes: + - learned + vlan: '350' + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 @@ -301,7 +334,8 @@ daemon_terminattr: cvaddrs: - 10.255.0.1:9910 cvauth: - method: key + method: token + token_file: /tmp/token cvvrf: MGMT smashexcludes: ale,flexCounter,hardware,kni,pulse,strata ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent @@ -311,501 +345,489 @@ vlan_internal_order: range: beginning: 1006 ending: 1199 -name_server: - source: - vrf: MGMT - nodes: - - 192.168.2.1 - - 8.8.8.8 spanning_tree: mode: mstp mst_instances: - '0': - priority: 16384 + - id: '0' + priority: 16384 no_spanning_tree_vlan: 4093-4094 local_users: - admin: - privilege: 15 - role: network-admin - sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 - ansible: - privilege: 15 - role: network-admin - sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ - cvpadmin: - privilege: 15 - role: network-admin - sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +- name: admin + privilege: 15 + role: network-admin + sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 +- name: ansible + privilege: 15 + role: network-admin + sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ +- name: cvpadmin + privilege: 15 + role: network-admin + sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. vrfs: - MGMT: - ip_routing: false - Tenant_A_APP_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_DB_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_OP_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_WAN_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_WEB_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_B_OP_Zone: - tenant: Tenant_B - ip_routing: true - Tenant_B_WAN_Zone: - tenant: Tenant_B - ip_routing: true - Tenant_C_OP_Zone: - tenant: Tenant_C - ip_routing: true - Tenant_C_WAN_Zone: - tenant: Tenant_C - ip_routing: true +- name: MGMT + ip_routing: false +- name: Tenant_A_APP_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_DB_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_OP_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_WAN_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_WEB_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_B_OP_Zone + tenant: Tenant_B + ip_routing: true +- name: Tenant_B_WAN_Zone + tenant: Tenant_B + ip_routing: true +- name: Tenant_C_OP_Zone + tenant: Tenant_C + ip_routing: true +- name: Tenant_C_WAN_Zone + tenant: Tenant_C + ip_routing: true management_interfaces: - Management1: - description: oob_management - shutdown: false - vrf: MGMT - ip_address: 10.255.0.14/24 - gateway: 10.255.0.1 - type: oob +- name: Management1 + description: oob_management + shutdown: false + vrf: MGMT + ip_address: 10.255.0.14/24 + gateway: 10.255.0.1 + type: oob management_api_http: enable_vrfs: - MGMT: {} + - name: MGMT enable_https: true vlans: - 4093: - tenant: system - name: LEAF_PEER_L3 - trunk_groups: - - LEAF_PEER_L3 - 4094: - tenant: system - name: MLAG_PEER - trunk_groups: - - MLAG - 130: - tenant: Tenant_A - name: Tenant_A_APP_Zone_1 - 131: - tenant: Tenant_A - name: Tenant_A_APP_Zone_2 - 3011: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_APP_Zone - trunk_groups: - - LEAF_PEER_L3 - 140: - tenant: Tenant_A - name: Tenant_A_DB_BZone_1 - 141: - tenant: Tenant_A - name: Tenant_A_DB_Zone_2 - 3012: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_DB_Zone - trunk_groups: - - LEAF_PEER_L3 - 110: - tenant: Tenant_A - name: Tenant_A_OP_Zone_1 - 111: - tenant: Tenant_A - name: Tenant_A_OP_Zone_2 - 112: - tenant: Tenant_A - name: Tenant_A_OP_Zone_3 - 3009: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 150: - tenant: Tenant_A - name: Tenant_A_WAN_Zone_1 - 3013: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 - 120: - tenant: Tenant_A - name: Tenant_A_WEB_Zone_1 - 121: - tenant: Tenant_A - name: Tenant_A_WEBZone_2 - 3010: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_WEB_Zone - trunk_groups: - - LEAF_PEER_L3 - 160: - tenant: Tenant_A - name: Tenant_A_VMOTION - 161: - tenant: Tenant_A - name: Tenant_A_NFS - 210: - tenant: Tenant_B - name: Tenant_B_OP_Zone_1 - 211: - tenant: Tenant_B - name: Tenant_B_OP_Zone_2 - 3019: - tenant: Tenant_B - name: MLAG_iBGP_Tenant_B_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 250: - tenant: Tenant_B - name: Tenant_B_WAN_Zone_1 - 3020: - tenant: Tenant_B - name: MLAG_iBGP_Tenant_B_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 - 310: - tenant: Tenant_C - name: Tenant_C_OP_Zone_1 - 311: - tenant: Tenant_C - name: Tenant_C_OP_Zone_2 - 3029: - tenant: Tenant_C - name: MLAG_iBGP_Tenant_C_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 350: - tenant: Tenant_C - name: Tenant_C_WAN_Zone_1 - 3030: - tenant: Tenant_C - name: MLAG_iBGP_Tenant_C_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 +- id: 4093 + tenant: system + name: LEAF_PEER_L3 + trunk_groups: + - LEAF_PEER_L3 +- id: 4094 + tenant: system + name: MLAG_PEER + trunk_groups: + - MLAG +- id: 130 + name: Tenant_A_APP_Zone_1 + tenant: Tenant_A +- id: 131 + name: Tenant_A_APP_Zone_2 + tenant: Tenant_A +- id: 3011 + name: MLAG_iBGP_Tenant_A_APP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 140 + name: Tenant_A_DB_BZone_1 + tenant: Tenant_A +- id: 141 + name: Tenant_A_DB_Zone_2 + tenant: Tenant_A +- id: 3012 + name: MLAG_iBGP_Tenant_A_DB_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 110 + name: Tenant_A_OP_Zone_1 + tenant: Tenant_A +- id: 111 + name: Tenant_A_OP_Zone_2 + tenant: Tenant_A +- id: 112 + name: Tenant_A_OP_Zone_3 + tenant: Tenant_A +- id: 3009 + name: MLAG_iBGP_Tenant_A_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 150 + name: Tenant_A_WAN_Zone_1 + tenant: Tenant_A +- id: 3013 + name: MLAG_iBGP_Tenant_A_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 120 + name: Tenant_A_WEB_Zone_1 + tenant: Tenant_A +- id: 121 + name: Tenant_A_WEBZone_2 + tenant: Tenant_A +- id: 3010 + name: MLAG_iBGP_Tenant_A_WEB_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 160 + name: Tenant_A_VMOTION + tenant: Tenant_A +- id: 161 + name: Tenant_A_NFS + tenant: Tenant_A +- id: 210 + name: Tenant_B_OP_Zone_1 + tenant: Tenant_B +- id: 211 + name: Tenant_B_OP_Zone_2 + tenant: Tenant_B +- id: 3019 + name: MLAG_iBGP_Tenant_B_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_B +- id: 250 + name: Tenant_B_WAN_Zone_1 + tenant: Tenant_B +- id: 3020 + name: MLAG_iBGP_Tenant_B_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_B +- id: 310 + name: Tenant_C_OP_Zone_1 + tenant: Tenant_C +- id: 311 + name: Tenant_C_OP_Zone_2 + tenant: Tenant_C +- id: 3029 + name: MLAG_iBGP_Tenant_C_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_C +- id: 350 + name: Tenant_C_WAN_Zone_1 + tenant: Tenant_C +- id: 3030 + name: MLAG_iBGP_Tenant_C_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_C vlan_interfaces: - Vlan4093: - description: MLAG_PEER_L3_PEERING - shutdown: false - ip_address: 10.255.251.1/31 - mtu: 1500 - Vlan4094: - description: MLAG_PEER - shutdown: false - ip_address: 10.255.252.1/31 - no_autostate: true - mtu: 1500 - Vlan130: - tenant: Tenant_A - tags: - - app - - erp1 - description: Tenant_A_APP_Zone_1 - shutdown: false - vrf: Tenant_A_APP_Zone - Vlan131: - tenant: Tenant_A - tags: - - app - description: Tenant_A_APP_Zone_2 - shutdown: false - vrf: Tenant_A_APP_Zone - ip_address_virtual: 10.1.31.254/24 - Vlan3011: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone' - vrf: Tenant_A_APP_Zone - ip_address: 10.255.251.1/31 - mtu: 1500 - Vlan140: - tenant: Tenant_A - tags: - - db - - erp1 - description: Tenant_A_DB_BZone_1 - shutdown: false - vrf: Tenant_A_DB_Zone - ip_address_virtual: 10.1.40.1/24 - Vlan141: - tenant: Tenant_A - tags: - - db - description: Tenant_A_DB_Zone_2 - shutdown: false - vrf: Tenant_A_DB_Zone - ip_address_virtual: 10.1.41.1/24 - Vlan3012: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone' - vrf: Tenant_A_DB_Zone - ip_address: 10.255.251.1/31 - mtu: 1500 - Vlan110: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_1 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.10.1/24 - Vlan111: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_2 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.11.1/24 - Vlan112: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_3 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.12.254/24 - Vlan3009: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone' - vrf: Tenant_A_OP_Zone - ip_address: 10.255.251.1/31 - mtu: 1500 - Vlan150: - tenant: Tenant_A - tags: - - wan - description: Tenant_A_WAN_Zone_1 - shutdown: false - vrf: Tenant_A_WAN_Zone - ip_address_virtual: 10.1.40.1/24 - Vlan3013: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone' - vrf: Tenant_A_WAN_Zone - ip_address: 10.255.251.1/31 - mtu: 1500 - Vlan120: - tenant: Tenant_A - tags: - - web - - erp1 - description: Tenant_A_WEB_Zone_1 - shutdown: false - vrf: Tenant_A_WEB_Zone - Vlan121: - tenant: Tenant_A - tags: - - web - description: Tenant_A_WEBZone_2 - shutdown: false - vrf: Tenant_A_WEB_Zone - ip_address_virtual: 10.1.21.1/24 - Vlan3010: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone' - vrf: Tenant_A_WEB_Zone - ip_address: 10.255.251.1/31 - mtu: 1500 - Vlan210: - tenant: Tenant_B - tags: - - opzone - description: Tenant_B_OP_Zone_1 - shutdown: false - vrf: Tenant_B_OP_Zone - Vlan211: - tenant: Tenant_B - tags: - - opzone - description: Tenant_B_OP_Zone_2 - shutdown: false - vrf: Tenant_B_OP_Zone - ip_address_virtual: 10.2.11.1/24 - Vlan3019: - tenant: Tenant_B - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone' - vrf: Tenant_B_OP_Zone - ip_address: 10.255.251.1/31 - mtu: 1500 - Vlan250: - tenant: Tenant_B - tags: - - wan - description: Tenant_B_WAN_Zone_1 - shutdown: false - vrf: Tenant_B_WAN_Zone - ip_address_virtual: 10.2.50.1/24 - Vlan3020: - tenant: Tenant_B - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone' - vrf: Tenant_B_WAN_Zone - ip_address: 10.255.251.1/31 - mtu: 1500 - Vlan310: - tenant: Tenant_C - tags: - - opzone - description: Tenant_C_OP_Zone_1 - shutdown: false - vrf: Tenant_C_OP_Zone - Vlan311: - tenant: Tenant_C - tags: - - opzone - description: Tenant_C_OP_Zone_2 - shutdown: false - vrf: Tenant_C_OP_Zone - Vlan3029: - tenant: Tenant_C - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone' - vrf: Tenant_C_OP_Zone - ip_address: 10.255.251.1/31 - mtu: 1500 - Vlan350: - tenant: Tenant_C - tags: - - wan - description: Tenant_C_WAN_Zone_1 - shutdown: false - vrf: Tenant_C_WAN_Zone - Vlan3030: - tenant: Tenant_C - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone' - vrf: Tenant_C_WAN_Zone - ip_address: 10.255.251.1/31 - mtu: 1500 +- name: Vlan4093 + description: MLAG_PEER_L3_PEERING + shutdown: false + ip_address: 10.255.251.1/31 +- name: Vlan4094 + description: MLAG_PEER + shutdown: false + no_autostate: true + ip_address: 10.255.252.1/31 +- name: Vlan130 + tenant: Tenant_A + tags: + - app + - erp1 + description: Tenant_A_APP_Zone_1 + shutdown: false + vrf: Tenant_A_APP_Zone +- name: Vlan131 + tenant: Tenant_A + tags: + - app + description: Tenant_A_APP_Zone_2 + shutdown: false + ip_address_virtual: 10.1.31.254/24 + vrf: Tenant_A_APP_Zone +- name: Vlan3011 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone' + vrf: Tenant_A_APP_Zone + mtu: null + ip_address: 10.255.251.1/31 +- name: Vlan140 + tenant: Tenant_A + tags: + - db + - erp1 + description: Tenant_A_DB_BZone_1 + shutdown: false + ip_address_virtual: 10.1.40.1/24 + vrf: Tenant_A_DB_Zone +- name: Vlan141 + tenant: Tenant_A + tags: + - db + description: Tenant_A_DB_Zone_2 + shutdown: false + ip_address_virtual: 10.1.41.1/24 + vrf: Tenant_A_DB_Zone +- name: Vlan3012 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone' + vrf: Tenant_A_DB_Zone + mtu: null + ip_address: 10.255.251.1/31 +- name: Vlan110 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_1 + shutdown: false + ip_address_virtual: 10.1.10.1/24 + vrf: Tenant_A_OP_Zone +- name: Vlan111 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.1.11.1/24 + vrf: Tenant_A_OP_Zone +- name: Vlan112 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_3 + shutdown: false + ip_address_virtual: 10.1.12.254/24 + vrf: Tenant_A_OP_Zone +- name: Vlan3009 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone' + vrf: Tenant_A_OP_Zone + mtu: null + ip_address: 10.255.251.1/31 +- name: Vlan150 + tenant: Tenant_A + tags: + - wan + description: Tenant_A_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.1.40.1/24 + vrf: Tenant_A_WAN_Zone +- name: Vlan3013 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone' + vrf: Tenant_A_WAN_Zone + mtu: null + ip_address: 10.255.251.1/31 +- name: Vlan120 + tenant: Tenant_A + tags: + - web + - erp1 + description: Tenant_A_WEB_Zone_1 + shutdown: false + vrf: Tenant_A_WEB_Zone +- name: Vlan121 + tenant: Tenant_A + tags: + - web + description: Tenant_A_WEBZone_2 + shutdown: false + ip_address_virtual: 10.1.21.1/24 + vrf: Tenant_A_WEB_Zone +- name: Vlan3010 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone' + vrf: Tenant_A_WEB_Zone + mtu: null + ip_address: 10.255.251.1/31 +- name: Vlan210 + tenant: Tenant_B + tags: + - opzone + description: Tenant_B_OP_Zone_1 + shutdown: false + vrf: Tenant_B_OP_Zone +- name: Vlan211 + tenant: Tenant_B + tags: + - opzone + description: Tenant_B_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.2.11.1/24 + vrf: Tenant_B_OP_Zone +- name: Vlan3019 + tenant: Tenant_B + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone' + vrf: Tenant_B_OP_Zone + mtu: null + ip_address: 10.255.251.1/31 +- name: Vlan250 + tenant: Tenant_B + tags: + - wan + description: Tenant_B_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.2.50.1/24 + vrf: Tenant_B_WAN_Zone +- name: Vlan3020 + tenant: Tenant_B + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone' + vrf: Tenant_B_WAN_Zone + mtu: null + ip_address: 10.255.251.1/31 +- name: Vlan310 + tenant: Tenant_C + tags: + - opzone + description: Tenant_C_OP_Zone_1 + shutdown: false + vrf: Tenant_C_OP_Zone +- name: Vlan311 + tenant: Tenant_C + tags: + - opzone + description: Tenant_C_OP_Zone_2 + shutdown: false + vrf: Tenant_C_OP_Zone +- name: Vlan3029 + tenant: Tenant_C + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone' + vrf: Tenant_C_OP_Zone + mtu: null + ip_address: 10.255.251.1/31 +- name: Vlan350 + tenant: Tenant_C + tags: + - wan + description: Tenant_C_WAN_Zone_1 + shutdown: false + vrf: Tenant_C_WAN_Zone +- name: Vlan3030 + tenant: Tenant_C + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone' + vrf: Tenant_C_WAN_Zone + mtu: null + ip_address: 10.255.251.1/31 port_channel_interfaces: - Port-Channel3: - description: MLAG_PEER_DC1-LEAF1A_Po3 - type: switched - shutdown: false - vlans: 2-4094 - mode: trunk - trunk_groups: - - LEAF_PEER_L3 - - MLAG - Port-Channel5: - description: DC1-L2LEAF1A_Po1 - type: switched - shutdown: false - vlans: 110-112,120-121,130-131 - mode: trunk - mlag: 5 +- name: Port-Channel3 + description: MLAG_PEER_DC1-LEAF1A_Po3 + type: switched + shutdown: false + mode: trunk + trunk_groups: + - LEAF_PEER_L3 + - MLAG +- name: Port-Channel5 + description: DC1-L2LEAF1A_Po1 + type: switched + shutdown: false + mode: trunk + vlans: 110-112,120-121,130-131 + mlag: 5 ethernet_interfaces: - Ethernet3: - peer: DC1-LEAF1A - peer_interface: Ethernet3 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF1A_Ethernet3 - type: switched - shutdown: false - channel_group: - id: 3 - mode: active - Ethernet4: - peer: DC1-LEAF1A - peer_interface: Ethernet4 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF1A_Ethernet4 - type: switched - shutdown: false - channel_group: - id: 3 - mode: active - Ethernet1: - peer: DC1-SPINE1 - peer_interface: Ethernet2 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE1_Ethernet2 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.5/31 - Ethernet2: - peer: DC1-SPINE2 - peer_interface: Ethernet2 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE2_Ethernet2 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.7/31 - Ethernet5: - peer: DC1-L2LEAF1A - peer_interface: Ethernet2 - peer_type: l2leaf - description: DC1-L2LEAF1A_Ethernet2 - type: switched - shutdown: false - channel_group: - id: 5 - mode: active +- name: Ethernet3 + peer: DC1-LEAF1A + peer_interface: Ethernet3 + peer_type: mlag_peer + description: MLAG_PEER_DC1-LEAF1A_Ethernet3 + type: port-channel-member + shutdown: false + channel_group: + id: 3 + mode: active +- name: Ethernet4 + peer: DC1-LEAF1A + peer_interface: Ethernet4 + peer_type: mlag_peer + description: MLAG_PEER_DC1-LEAF1A_Ethernet4 + type: port-channel-member + shutdown: false + channel_group: + id: 3 + mode: active +- name: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + description: P2P_LINK_TO_DC1-SPINE1_Ethernet2 + shutdown: false + type: routed + ip_address: 172.31.255.5/31 +- name: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + description: P2P_LINK_TO_DC1-SPINE2_Ethernet2 + shutdown: false + type: routed + ip_address: 172.31.255.7/31 +- name: Ethernet5 + peer: DC1-L2LEAF1A + peer_interface: Ethernet2 + peer_type: l2leaf + description: DC1-L2LEAF1A_Ethernet2 + shutdown: false + type: port-channel-member + channel_group: + id: 5 + mode: active mlag_configuration: domain_id: DC1_LEAF1 local_interface: Vlan4094 peer_address: 10.255.252.0 peer_link: Port-Channel3 - reload_delay_mlag: 300 - reload_delay_non_mlag: 330 + reload_delay_mlag: '300' + reload_delay_non_mlag: '330' route_maps: - RM-MLAG-PEER-IN: - sequence_numbers: - 10: - type: permit - set: - - origin incomplete - description: Make routes learned over MLAG Peer-link less preferred on spines - to ensure optimal routing - RM-CONN-2-BGP: - sequence_numbers: - 10: - type: permit - match: - - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +- name: RM-MLAG-PEER-IN + sequence_numbers: + - sequence: 10 + type: permit + set: + - origin incomplete + description: Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing +- name: RM-CONN-2-BGP + sequence_numbers: + - sequence: 10 + type: permit + match: + - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY loopback_interfaces: - Loopback0: - description: EVPN_Overlay_Peering - shutdown: false - ip_address: 192.168.255.4/32 - Loopback1: - description: VTEP_VXLAN_Tunnel_Source - shutdown: false - ip_address: 192.168.254.3/32 - Loopback100: - description: Tenant_A_OP_Zone_VTEP_DIAGNOSTICS - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address: 10.255.1.4/32 +- name: Loopback0 + description: EVPN_Overlay_Peering + shutdown: false + ip_address: 192.168.255.4/32 +- name: Loopback1 + description: VTEP_VXLAN_Tunnel_Source + shutdown: false + ip_address: 192.168.254.3/32 +- name: Loopback100 + description: Tenant_A_OP_Zone_VTEP_DIAGNOSTICS + shutdown: false + vrf: Tenant_A_OP_Zone + ip_address: 10.255.1.4/32 prefix_lists: - PL-LOOPBACKS-EVPN-OVERLAY: - sequence_numbers: - 10: - action: permit 192.168.255.0/24 eq 32 - 20: - action: permit 192.168.254.0/24 eq 32 +- name: PL-LOOPBACKS-EVPN-OVERLAY + sequence_numbers: + - sequence: 10 + action: permit 192.168.255.0/24 eq 32 + - sequence: 20 + action: permit 192.168.254.0/24 eq 32 router_bfd: multihop: interval: 1200 @@ -813,73 +835,75 @@ router_bfd: multiplier: 3 ip_igmp_snooping: globally_enabled: true +ip_virtual_router_mac_address: 00:1c:73:00:dc:01 vxlan_interface: Vxlan1: description: DC1-LEAF1B_VTEP vxlan: + udp_port: 4789 source_interface: Loopback1 virtual_router_encapsulation_mac_address: mlag-system-id - udp_port: 4789 vlans: - 130: - vni: 10130 - 131: - vni: 10131 - 140: - vni: 10140 - 141: - vni: 10141 - 110: - vni: 10110 - 111: - vni: 50111 - 112: - vni: 50112 - 150: - vni: 10150 - 120: - vni: 10120 - 121: - vni: 10121 - 160: - vni: 55160 - 161: - vni: 10161 - 210: - vni: 20210 - 211: - vni: 20211 - 250: - vni: 20250 - 310: - vni: 30310 - 311: - vni: 30311 - 350: - vni: 30350 + - id: 130 + vni: 10130 + - id: 131 + vni: 10131 + - id: 140 + vni: 10140 + - id: 141 + vni: 10141 + - id: 110 + vni: 10110 + - id: 111 + vni: 50111 + - id: 112 + vni: 50112 + - id: 150 + vni: 10150 + - id: 120 + vni: 10120 + - id: 121 + vni: 10121 + - id: 160 + vni: 55160 + - id: 161 + vni: 10161 + - id: 210 + vni: 20210 + - id: 211 + vni: 20211 + - id: 250 + vni: 20250 + - id: 310 + vni: 30310 + - id: 311 + vni: 30311 + - id: 350 + vni: 30350 vrfs: - Tenant_A_APP_Zone: - vni: 12 - Tenant_A_DB_Zone: - vni: 13 - Tenant_A_OP_Zone: - vni: 10 - Tenant_A_WAN_Zone: - vni: 14 - Tenant_A_WEB_Zone: - vni: 11 - Tenant_B_OP_Zone: - vni: 20 - Tenant_B_WAN_Zone: - vni: 21 - Tenant_C_OP_Zone: - vni: 30 - Tenant_C_WAN_Zone: - vni: 31 + - name: Tenant_A_APP_Zone + vni: 12 + - name: Tenant_A_DB_Zone + vni: 13 + - name: Tenant_A_OP_Zone + vni: 10 + - name: Tenant_A_WAN_Zone + vni: 14 + - name: Tenant_A_WEB_Zone + vni: 11 + - name: Tenant_B_OP_Zone + vni: 20 + - name: Tenant_B_WAN_Zone + vni: 21 + - name: Tenant_C_OP_Zone + vni: 30 + - name: Tenant_C_WAN_Zone + vni: 31 virtual_source_nat_vrfs: - Tenant_A_OP_Zone: - ip_address: 10.255.1.4 -ip_virtual_router_mac_address: 00:1c:73:00:dc:01 +- name: Tenant_A_OP_Zone + ip_address: 10.255.1.4 +metadata: + platform: vEOS-LAB ntp: local_interface: name: Management1 diff --git a/inventory/intended/structured_configs/DC1-LEAF2A-debug-vars.yml b/inventory/intended/structured_configs/DC1-LEAF2A-debug-vars.yml index f265a25d6..e506147b6 100644 --- a/inventory/intended/structured_configs/DC1-LEAF2A-debug-vars.yml +++ b/inventory/intended/structured_configs/DC1-LEAF2A-debug-vars.yml @@ -20,14 +20,16 @@ local_users: privilege: 15 role: network-admin sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -cvp_instance_ip: 10.255.0.1 -cvp_ingestauth_key: '' +cvp_instance_ips: +- 10.255.0.1 mgmt_interface: Management1 mgmt_interface_vrf: MGMT mgmt_gateway: 10.255.0.1 -name_servers: -- 192.168.2.1 -- 8.8.8.8 +ip_name_servers: +- ip_address: 192.168.2.1 + vrf: MGMT +- ip_address: 8.8.8.8 + vrf: MGMT custom_structured_configuration_ntp: local_interface: name: Management1 @@ -38,27 +40,65 @@ custom_structured_configuration_ntp: vrf: MGMT - name: 1.fr.pool.ntp.org vrf: MGMT +port_profiles: + TENANT_A_B: + mode: trunk + vlans: 110-111,210-211 + TENANT_A: + mode: access + vlans: '110' + TENANT_B: + mode: trunk + vlans: 210-211 +servers: + server01: + rack: RackA + adapters: + - endpoint_ports: + - Eth0 + switch_ports: + - Ethernet5 + switches: + - DC1-L2LEAF1A + profile: TENANT_A + server02: + rack: RackA + adapters: + - endpoint_ports: + - Eth0 + switch_ports: + - Ethernet5 + switches: + - DC1-L2LEAF2A + profile: TENANT_A fabric_name: DC1_FABRIC -vxlan_vlan_aware_bundles: true +evpn_vlan_aware_bundles: true bgp_peer_groups: - IPv4_UNDERLAY_PEERS: + ipv4_underlay_peers: password: AQQvKeimxJu+uGQ/yYvv9w== - EVPN_OVERLAY_PEERS: + evpn_overlay_peers: password: q+VNViP5i4rVjW1cxFv2wA== - MLAG_IPv4_UNDERLAY_PEER: + mlag_ipv4_underlay_peer: password: vnEaG8gMeQf3d3cN6PktXQ== spine: defaults: platform: vEOS-LAB bgp_as: 65001 loopback_ipv4_pool: 192.168.255.0/24 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart mlag_peer_ipv4_pool: 10.255.252.0/24 mlag_peer_l3_ipv4_pool: 10.255.251.0/24 + structured_config: + router_bgp: + bgp: + default: + ipv4_unicast: false + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 nodes: DC1-SPINE1: id: 1 @@ -85,11 +125,18 @@ l3leaf: mlag_peer_ipv4_pool: 10.255.252.0/24 mlag_peer_l3_ipv4_pool: 10.255.251.0/24 virtual_router_mac_address: 00:1c:73:00:dc:01 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart + structured_config: + router_bgp: + bgp: + default: + ipv4_unicast: false + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 spanning_tree_mode: mstp spanning_tree_priority: 16384 node_groups: @@ -150,9 +197,9 @@ l2leaf: tenants: - Tenant_A tags: + - app - opzone - web - - app nodes: DC1-L2LEAF1A: id: 5 @@ -168,9 +215,9 @@ l2leaf: tenants: - Tenant_A tags: + - app - opzone - web - - app nodes: DC1-L2LEAF2A: id: 7 @@ -178,613 +225,1058 @@ l2leaf: uplink_switch_interfaces: - Ethernet5 - Ethernet5 -p2p_uplinks_mtu: 1500 +p2p_uplinks_mtu: 9000 bfd_multihop: interval: 1200 min_rx: 1200 multiplier: 3 -port_profiles: - TENANT_A_B: - mode: trunk - vlans: 110-111,210-211 - TENANT_A: - mode: access - vlans: '110' - TENANT_B: - mode: trunk - vlans: 210-211 -servers: - server01: - rack: RackA - adapters: - - type: nic - server_ports: - - Eth0 - switch_ports: - - Ethernet5 - switches: - - DC1-L2LEAF1A - profile: TENANT_A - server02: - rack: RackA - adapters: - - type: nic - server_ports: - - Eth0 - switch_ports: - - Ethernet5 - switches: - - DC1-L2LEAF2A - profile: TENANT_A -tenants: - Tenant_A: - mac_vrf_vni_base: 10000 - vrfs: - Tenant_A_OP_Zone: - vrf_vni: 10 - vtep_diagnostic: - loopback: 100 - loopback_ip_range: 10.255.1.0/24 - svis: - 110: - name: Tenant_A_OP_Zone_1 - tags: - - opzone - enabled: true - ip_address_virtual: 10.1.10.1/24 - 111: - vni_override: 50111 - name: Tenant_A_OP_Zone_2 - tags: - - opzone - enabled: true - ip_address_virtual: 10.1.11.1/24 - 112: - vni_override: 50112 - name: Tenant_A_OP_Zone_3 - tags: - - opzone - enabled: true - ip_address_virtual: 10.1.12.254/24 - Tenant_A_WEB_Zone: - vrf_vni: 11 - svis: - 120: - name: Tenant_A_WEB_Zone_1 - tags: - - web - - erp1 - enabled: true - ip_subnet: 10.1.20.0/24 - 121: - name: Tenant_A_WEBZone_2 - tags: - - web - enabled: true - ip_address_virtual: 10.1.21.1/24 - Tenant_A_APP_Zone: - vrf_vni: 12 - svis: - 130: - name: Tenant_A_APP_Zone_1 - tags: - - app - - erp1 - enabled: true - ip_subnet: 10.1.30.0/24 - 131: - name: Tenant_A_APP_Zone_2 - tags: - - app - enabled: true - ip_address_virtual: 10.1.31.254/24 - Tenant_A_DB_Zone: - vrf_vni: 13 - svis: - 140: - name: Tenant_A_DB_BZone_1 - tags: - - db - - erp1 - enabled: true - ip_address_virtual: 10.1.40.1/24 - 141: - name: Tenant_A_DB_Zone_2 - tags: - - db - enabled: true - ip_address_virtual: 10.1.41.1/24 - Tenant_A_WAN_Zone: - vrf_vni: 14 - svis: - 150: - name: Tenant_A_WAN_Zone_1 - tags: - - wan - enabled: true - ip_address_virtual: 10.1.40.1/24 - l2vlans: - 160: - vni_override: 55160 - name: Tenant_A_VMOTION - tags: - - vmotion - 161: - name: Tenant_A_NFS - tags: - - nfs - Tenant_B: - mac_vrf_vni_base: 20000 - vrfs: - Tenant_B_OP_Zone: - vrf_vni: 20 - svis: - 210: - name: Tenant_B_OP_Zone_1 - tags: - - opzone - enabled: true - ip_subnet: 10.2.10.0/24 - 211: - name: Tenant_B_OP_Zone_2 - tags: - - opzone - enabled: true - ip_address_virtual: 10.2.11.1/24 - Tenant_B_WAN_Zone: - vrf_vni: 21 - svis: - 250: - name: Tenant_B_WAN_Zone_1 - tags: - - wan - enabled: true - ip_address_virtual: 10.2.50.1/24 - Tenant_C: - mac_vrf_vni_base: 30000 - vrfs: - Tenant_C_OP_Zone: - vrf_vni: 30 - svis: - 310: - name: Tenant_C_OP_Zone_1 - tags: - - opzone - enabled: true - ip_subnet: 10.3.10.0/24 - 311: - name: Tenant_C_OP_Zone_2 - tags: - - opzone - enabled: true - ip_subnet: 10.3.11.1/24 - Tenant_C_WAN_Zone: - vrf_vni: 31 - svis: - 350: - name: Tenant_C_WAN_Zone_1 - tags: - - wan - enabled: true - ip_subnet: 10.3.50.1/24 -inventory_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml -inventory_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory +platform_settings: +- platforms: + - default +- platforms: + - vEOS-LAB + reload_delay: + mlag: 300 + non_mlag: 330 + feature_support: + queue_monitor_length_notify: false + interface_storm_control: false + poe: false + per_interface_mtu: false + bgp_update_wait_install: false + bgp_update_wait_for_convergence: false +Tenant_A: +- name: Tenant_A + mac_vrf_vni_base: 10000 + vrfs: + - name: Tenant_A_OP_Zone + vrf_vni: 10 + vtep_diagnostic: + loopback: 100 + loopback_ip_range: 10.255.1.0/24 + svis: + - id: 110 + name: Tenant_A_OP_Zone_1 + tags: + - opzone + enabled: true + ip_address_virtual: 10.1.10.1/24 + - id: 111 + vni_override: 50111 + name: Tenant_A_OP_Zone_2 + tags: + - opzone + enabled: true + ip_address_virtual: 10.1.11.1/24 + - id: 112 + vni_override: 50112 + name: Tenant_A_OP_Zone_3 + tags: + - opzone + enabled: true + ip_address_virtual: 10.1.12.254/24 + - name: Tenant_A_WEB_Zone + vrf_vni: 11 + svis: + - id: 120 + name: Tenant_A_WEB_Zone_1 + tags: + - web + - erp1 + enabled: true + - id: 121 + name: Tenant_A_WEBZone_2 + tags: + - web + enabled: true + ip_address_virtual: 10.1.21.1/24 + - name: Tenant_A_APP_Zone + vrf_vni: 12 + svis: + - id: 130 + name: Tenant_A_APP_Zone_1 + tags: + - app + - erp1 + enabled: true + - id: 131 + name: Tenant_A_APP_Zone_2 + tags: + - app + enabled: true + ip_address_virtual: 10.1.31.254/24 + - name: Tenant_A_DB_Zone + vrf_vni: 13 + svis: + - id: 140 + name: Tenant_A_DB_BZone_1 + tags: + - db + - erp1 + enabled: true + ip_address_virtual: 10.1.40.1/24 + - id: 141 + name: Tenant_A_DB_Zone_2 + tags: + - db + enabled: true + ip_address_virtual: 10.1.41.1/24 + - name: Tenant_A_WAN_Zone + vrf_vni: 14 + svis: + - id: 150 + name: Tenant_A_WAN_Zone_1 + tags: + - wan + enabled: true + ip_address_virtual: 10.1.40.1/24 + l2vlans: + - id: 160 + vni_override: 55160 + name: Tenant_A_VMOTION + tags: + - vmotion + - id: 161 + name: Tenant_A_NFS + tags: + - nfs +Tenant_B: +- name: Tenant_B + mac_vrf_vni_base: 20000 + vrfs: + - name: Tenant_B_OP_Zone + vrf_vni: 20 + svis: + - id: 210 + name: Tenant_B_OP_Zone_1 + tags: + - opzone + enabled: true + - id: 211 + name: Tenant_B_OP_Zone_2 + tags: + - opzone + enabled: true + ip_address_virtual: 10.2.11.1/24 + - name: Tenant_B_WAN_Zone + vrf_vni: 21 + svis: + - id: 250 + name: Tenant_B_WAN_Zone_1 + tags: + - wan + enabled: true + ip_address_virtual: 10.2.50.1/24 +Tenant_C: +- name: Tenant_C + mac_vrf_vni_base: 30000 + vrfs: + - name: Tenant_C_OP_Zone + vrf_vni: 30 + svis: + - id: 310 + name: Tenant_C_OP_Zone_1 + tags: + - opzone + enabled: true + - id: 311 + name: Tenant_C_OP_Zone_2 + tags: + - opzone + enabled: true + - name: Tenant_C_WAN_Zone + vrf_vni: 31 + svis: + - id: 350 + name: Tenant_C_WAN_Zone_1 + tags: + - wan + enabled: true +network_services_keys: +- name: Tenant_A +- name: Tenant_B +- name: Tenant_C +inventory_file: /Users/pvinci/ansible-avd-cloudvision-demo/inventory/inventory.yml +inventory_dir: /Users/pvinci/ansible-avd-cloudvision-demo/inventory ansible_host: 10.255.0.15 inventory_hostname: DC1-LEAF2A inventory_hostname_short: DC1-LEAF2A group_names: - DC1 +- DC1_CONNECTED_ENDPOINTS - DC1_FABRIC - DC1_L3LEAFS - DC1_LEAF2 -- DC1_SERVERS -- DC1_TENANTS_NETWORKS +- NETWORK_SERVICES ansible_facts: - switch: - type: l3leaf - node_type_key: l3leaf - connected_endpoints: true - default_evpn_role: client - mlag_support: true - network_services_l2: true - network_services_l3: true - underlay_router: true - uplink_type: p2p - vtep: true - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_LEAF2 - id: 3 - mgmt_ip: 10.255.0.15/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - all - filter_tags: - - all - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - virtual_router_mac_address: 00:1c:73:00:dc:01 - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: - - DC1-SPINE1 - - DC1-SPINE2 - uplink_switch_interfaces: - - Ethernet3 - - Ethernet3 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 2 - uplink_ipv4_pool: 172.31.255.0/24 - router_id: 192.168.255.5 - bgp_as: '65102' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: client - evpn_route_servers: - - DC1-SPINE1 - - DC1-SPINE2 - mlag: true - mlag_group: DC1_LEAF2 - mlag_ibgp_origin_incomplete: true - mlag_peer_vlan: 4094 - mlag_dual_primary_detection: false - mlag_interfaces: - - Ethernet3 - - Ethernet4 - mlag_l3: true - mlag_peer_l3_vlan: 4093 - mlag_role: primary - mlag_peer: DC1-LEAF2B - mlag_peer_mgmt_ip: 10.255.0.16 - mlag_ip: 10.255.252.4 - mlag_peer_ip: 10.255.252.5 - mlag_l3_ip: 10.255.251.4 - mlag_peer_l3_ip: 10.255.251.5 - vtep_loopback_ipv4_pool: 192.168.254.0/24 - vtep_loopback: Loopback1 - vtep_ip: 192.168.254.5 - evpn_services_l2_only: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_DB_Zone: - svis: - - 140 - - 141 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WAN_Zone: - svis: - - 150 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: - - 160 - - 161 - Tenant_B: - vrfs: - Tenant_B_OP_Zone: - svis: - - 210 - - 211 - Tenant_B_WAN_Zone: - svis: - - 250 - l2vlans: [] - Tenant_C: - vrfs: - Tenant_C_OP_Zone: - svis: - - 310 - - 311 - Tenant_C_WAN_Zone: - svis: - - 350 - l2vlans: [] - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 - topology: - links: - Ethernet1: + avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF1B + - DC1-LEAF1A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF2B + - DC1-LEAF2A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + avd_topology_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-LEAF2A: + - DC1-L2LEAF2A +avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 peer: DC1-SPINE1 peer_interface: Ethernet3 peer_type: spine + peer_is_deployed: true peer_bgp_as: '65001' type: underlay_p2p + prefix_length: 31 ip_address: 172.31.255.9 peer_ip_address: 172.31.255.8 - Ethernet2: + - interface: Ethernet2 peer: DC1-SPINE2 peer_interface: Ethernet3 peer_type: spine + peer_is_deployed: true peer_bgp_as: '65001' type: underlay_p2p + prefix_length: 31 ip_address: 172.31.255.11 peer_ip_address: 172.31.255.10 - peers: - - DC1-SPINE1 - - DC1-SPINE2 - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -switch: - type: l3leaf - node_type_key: l3leaf - connected_endpoints: true - default_evpn_role: client - mlag_support: true - network_services_l2: true - network_services_l3: true - underlay_router: true - uplink_type: p2p - vtep: true - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_LEAF2 - id: 3 - mgmt_ip: 10.255.0.15/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - all - filter_tags: - - all - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - virtual_router_mac_address: 00:1c:73:00:dc:01 - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: - - DC1-SPINE1 - - DC1-SPINE2 - uplink_switch_interfaces: - - Ethernet3 - - Ethernet3 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 2 - uplink_ipv4_pool: 172.31.255.0/24 - router_id: 192.168.255.5 - bgp_as: '65102' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: client - evpn_route_servers: - - DC1-SPINE1 - - DC1-SPINE2 - mlag: true - mlag_group: DC1_LEAF2 - mlag_ibgp_origin_incomplete: true - mlag_peer_vlan: 4094 - mlag_dual_primary_detection: false - mlag_interfaces: - - Ethernet3 - - Ethernet4 - mlag_l3: true - mlag_peer_l3_vlan: 4093 - mlag_role: primary - mlag_peer: DC1-LEAF2B - mlag_peer_mgmt_ip: 10.255.0.16 - mlag_ip: 10.255.252.4 - mlag_peer_ip: 10.255.252.5 - mlag_l3_ip: 10.255.251.4 - mlag_peer_l3_ip: 10.255.251.5 - vtep_loopback_ipv4_pool: 192.168.254.0/24 - vtep_loopback: Loopback1 - vtep_ip: 192.168.254.5 - evpn_services_l2_only: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_DB_Zone: - svis: - - 140 - - 141 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WAN_Zone: - svis: - - 150 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: - - 160 - - 161 - Tenant_B: - vrfs: - Tenant_B_OP_Zone: - svis: - - 210 - - 211 - Tenant_B_WAN_Zone: - svis: - - 250 - l2vlans: [] - Tenant_C: - vrfs: - Tenant_C_OP_Zone: - svis: - - 310 - - 311 - Tenant_C_WAN_Zone: - svis: - - 350 - l2vlans: [] - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -topology: - links: - Ethernet1: - peer: DC1-SPINE1 - peer_interface: Ethernet3 - peer_type: spine - peer_bgp_as: '65001' - type: underlay_p2p - ip_address: 172.31.255.9 - peer_ip_address: 172.31.255.8 - Ethernet2: - peer: DC1-SPINE2 - peer_interface: Ethernet3 - peer_type: spine - peer_bgp_as: '65001' - type: underlay_p2p - ip_address: 172.31.255.11 - peer_ip_address: 172.31.255.10 - peers: - - DC1-SPINE1 - - DC1-SPINE2 - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -playbook_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/playbooks -ansible_playbook_python: /Users/tgrimonet/.pyenv/versions/3.9.7/envs/arista-avd-demo/bin/python3.9 -ansible_config_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/ansible.cfg + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF1B + - DC1-LEAF1A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF2B + - DC1-LEAF2A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] +avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_topology_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-LEAF2A: + - DC1-L2LEAF2A +avd_requirements: + failed: false + changed: false +playbook_dir: /Users/pvinci/ansible-avd-cloudvision-demo/playbooks +ansible_playbook_python: /Users/pvinci/.pyenv/versions/3.11.9/bin/python3 +ansible_config_file: /Users/pvinci/ansible-avd-cloudvision-demo/ansible.cfg groups: all: - cv_ztp @@ -804,12 +1296,12 @@ groups: DC1: - DC1-SPINE1 - DC1-SPINE2 - - DC1-L2LEAF1A - - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B + - DC1-L2LEAF1A + - DC1-L2LEAF2A DC1_FABRIC: - DC1-SPINE1 - DC1-SPINE2 @@ -840,32 +1332,32 @@ groups: - DC1-L2LEAF1A DC1_L2LEAF2: - DC1-L2LEAF2A - DC1_TENANTS_NETWORKS: + NETWORK_SERVICES: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - DC1-L2LEAF1A - DC1-L2LEAF2A - DC1_SERVERS: + DC1_CONNECTED_ENDPOINTS: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - DC1-L2LEAF1A - DC1-L2LEAF2A -omit: __omit_place_holder__977da4f00604c643da39a9f2175c10b09f0b2380 +omit: __omit_place_holder__9e0ee8fc9716456e882c32fe1aa1621f8d1d8ab2 ansible_version: - string: 2.10.14 - full: 2.10.14 + string: 2.16.7 + full: 2.16.7 major: 2 - minor: 10 - revision: 14 + minor: 16 + revision: 7 ansible_check_mode: false ansible_diff_mode: false ansible_forks: 5 ansible_inventory_sources: -- /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml +- /Users/pvinci/ansible-avd-cloudvision-demo/inventory/inventory.yml ansible_skip_tags: [] ansible_run_tags: - build diff --git a/inventory/intended/structured_configs/DC1-LEAF2A.yml b/inventory/intended/structured_configs/DC1-LEAF2A.yml index ea0e2cebe..036ece2dd 100644 --- a/inventory/intended/structured_configs/DC1-LEAF2A.yml +++ b/inventory/intended/structured_configs/DC1-LEAF2A.yml @@ -1,296 +1,329 @@ +hostname: DC1-LEAF2A +is_deployed: true router_bgp: as: '65102' router_id: 192.168.255.5 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - - maximum-paths 4 ecmp 4 + bgp: + default: + ipv4_unicast: false + maximum_paths: + paths: 4 + ecmp: 4 peer_groups: - MLAG-IPv4-UNDERLAY-PEER: - type: ipv4 - remote_as: '65102' - next_hop_self: true - password: vnEaG8gMeQf3d3cN6PktXQ== - maximum_routes: 12000 - send_community: all - route_map_in: RM-MLAG-PEER-IN - IPv4-UNDERLAY-PEERS: - type: ipv4 - password: AQQvKeimxJu+uGQ/yYvv9w== - maximum_routes: 12000 - send_community: all - EVPN-OVERLAY-PEERS: - type: evpn - update_source: Loopback0 - bfd: true - ebgp_multihop: '3' - password: q+VNViP5i4rVjW1cxFv2wA== - send_community: all - maximum_routes: 0 + - name: MLAG-IPv4-UNDERLAY-PEER + type: ipv4 + remote_as: '65102' + next_hop_self: true + description: DC1-LEAF2B + password: vnEaG8gMeQf3d3cN6PktXQ== + maximum_routes: 12000 + send_community: all + route_map_in: RM-MLAG-PEER-IN + - name: IPv4-UNDERLAY-PEERS + type: ipv4 + password: AQQvKeimxJu+uGQ/yYvv9w== + maximum_routes: 12000 + send_community: all + - name: EVPN-OVERLAY-PEERS + type: evpn + update_source: Loopback0 + bfd: true + password: q+VNViP5i4rVjW1cxFv2wA== + send_community: all + maximum_routes: 0 + ebgp_multihop: 3 address_family_ipv4: peer_groups: - MLAG-IPv4-UNDERLAY-PEER: - activate: true - IPv4-UNDERLAY-PEERS: - activate: true - EVPN-OVERLAY-PEERS: - activate: false + - name: MLAG-IPv4-UNDERLAY-PEER + activate: true + - name: IPv4-UNDERLAY-PEERS + activate: true + - name: EVPN-OVERLAY-PEERS + activate: false neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - description: DC1-LEAF2B - 172.31.255.8: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65001' - description: DC1-SPINE1_Ethernet3 - 172.31.255.10: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65001' - description: DC1-SPINE2_Ethernet3 - 192.168.255.1: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-SPINE1 - remote_as: '65001' - 192.168.255.2: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-SPINE2 - remote_as: '65001' + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + peer: DC1-LEAF2B + description: DC1-LEAF2B + - ip_address: 172.31.255.8 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65001' + peer: DC1-SPINE1 + description: DC1-SPINE1_Ethernet3 + - ip_address: 172.31.255.10 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65001' + peer: DC1-SPINE2 + description: DC1-SPINE2_Ethernet3 + - ip_address: 192.168.255.1 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-SPINE1 + description: DC1-SPINE1 + remote_as: '65001' + - ip_address: 192.168.255.2 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-SPINE2 + description: DC1-SPINE2 + remote_as: '65001' redistribute_routes: - connected: - route_map: RM-CONN-2-BGP + - source_protocol: connected + route_map: RM-CONN-2-BGP address_family_evpn: peer_groups: - EVPN-OVERLAY-PEERS: - activate: true + - name: EVPN-OVERLAY-PEERS + activate: true vrfs: - Tenant_A_APP_Zone: - router_id: 192.168.255.5 - rd: 192.168.255.5:12 - route_targets: - import: - evpn: - - '12:12' - export: - evpn: - - '12:12' - neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_DB_Zone: - router_id: 192.168.255.5 - rd: 192.168.255.5:13 - route_targets: - import: - evpn: - - '13:13' - export: - evpn: - - '13:13' - neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_OP_Zone: - router_id: 192.168.255.5 - rd: 192.168.255.5:10 - route_targets: - import: - evpn: - - '10:10' - export: - evpn: - - '10:10' - neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_WAN_Zone: - router_id: 192.168.255.5 - rd: 192.168.255.5:14 - route_targets: - import: - evpn: - - '14:14' - export: - evpn: - - '14:14' - neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_WEB_Zone: - router_id: 192.168.255.5 - rd: 192.168.255.5:11 - route_targets: - import: - evpn: - - '11:11' - export: - evpn: - - '11:11' - neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_B_OP_Zone: - router_id: 192.168.255.5 - rd: 192.168.255.5:20 - route_targets: - import: - evpn: - - '20:20' - export: - evpn: - - '20:20' - neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_B_WAN_Zone: - router_id: 192.168.255.5 - rd: 192.168.255.5:21 - route_targets: - import: - evpn: - - '21:21' - export: - evpn: - - '21:21' - neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_C_OP_Zone: - router_id: 192.168.255.5 - rd: 192.168.255.5:30 - route_targets: - import: - evpn: - - '30:30' - export: - evpn: - - '30:30' - neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_C_WAN_Zone: - router_id: 192.168.255.5 - rd: 192.168.255.5:31 - route_targets: - import: - evpn: - - '31:31' - export: - evpn: - - '31:31' - neighbors: - 10.255.251.5: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - vlan_aware_bundles: - Tenant_A_APP_Zone: - rd: 192.168.255.5:12 - route_targets: - both: + - name: Tenant_A_APP_Zone + router_id: 192.168.255.5 + rd: 192.168.255.5:12 + route_targets: + import: + - address_family: evpn + route_targets: + - '12:12' + export: + - address_family: evpn + route_targets: - '12:12' - redistribute_routes: - - learned - vlan: 130-131 - Tenant_A_DB_Zone: - rd: 192.168.255.5:13 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_A_DB_Zone + router_id: 192.168.255.5 + rd: 192.168.255.5:13 + route_targets: + import: + - address_family: evpn + route_targets: + - '13:13' + export: + - address_family: evpn + route_targets: - '13:13' - redistribute_routes: - - learned - vlan: 140-141 - Tenant_A_OP_Zone: - rd: 192.168.255.5:10 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_A_OP_Zone + router_id: 192.168.255.5 + rd: 192.168.255.5:10 + route_targets: + import: + - address_family: evpn + route_targets: + - '10:10' + export: + - address_family: evpn + route_targets: - '10:10' - redistribute_routes: - - learned - vlan: 110-112 - Tenant_A_WAN_Zone: - rd: 192.168.255.5:14 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_A_WAN_Zone + router_id: 192.168.255.5 + rd: 192.168.255.5:14 + route_targets: + import: + - address_family: evpn + route_targets: - '14:14' - redistribute_routes: - - learned - vlan: 150 - Tenant_A_WEB_Zone: - rd: 192.168.255.5:11 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '14:14' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_A_WEB_Zone + router_id: 192.168.255.5 + rd: 192.168.255.5:11 + route_targets: + import: + - address_family: evpn + route_targets: - '11:11' - redistribute_routes: - - learned - vlan: 120-121 - Tenant_A_VMOTION: - tenant: Tenant_A - rd: 192.168.255.5:55160 - route_targets: - both: - - 55160:55160 - redistribute_routes: - - learned - vlan: 160 - Tenant_A_NFS: - tenant: Tenant_A - rd: 192.168.255.5:10161 - route_targets: - both: - - 10161:10161 - redistribute_routes: - - learned - vlan: 161 - Tenant_B_OP_Zone: - rd: 192.168.255.5:20 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '11:11' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_B_OP_Zone + router_id: 192.168.255.5 + rd: 192.168.255.5:20 + route_targets: + import: + - address_family: evpn + route_targets: - '20:20' - redistribute_routes: - - learned - vlan: 210-211 - Tenant_B_WAN_Zone: - rd: 192.168.255.5:21 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '20:20' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_B_WAN_Zone + router_id: 192.168.255.5 + rd: 192.168.255.5:21 + route_targets: + import: + - address_family: evpn + route_targets: - '21:21' - redistribute_routes: - - learned - vlan: 250 - Tenant_C_OP_Zone: - rd: 192.168.255.5:30 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '21:21' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_C_OP_Zone + router_id: 192.168.255.5 + rd: 192.168.255.5:30 + route_targets: + import: + - address_family: evpn + route_targets: + - '30:30' + export: + - address_family: evpn + route_targets: - '30:30' - redistribute_routes: - - learned - vlan: 310-311 - Tenant_C_WAN_Zone: - rd: 192.168.255.5:31 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_C_WAN_Zone + router_id: 192.168.255.5 + rd: 192.168.255.5:31 + route_targets: + import: + - address_family: evpn + route_targets: + - '31:31' + export: + - address_family: evpn + route_targets: - '31:31' - redistribute_routes: - - learned - vlan: 350 + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.5 + peer_group: MLAG-IPv4-UNDERLAY-PEER + vlan_aware_bundles: + - name: Tenant_A_APP_Zone + rd: 192.168.255.5:12 + route_targets: + both: + - '12:12' + redistribute_routes: + - learned + vlan: 130-131 + - name: Tenant_A_DB_Zone + rd: 192.168.255.5:13 + route_targets: + both: + - '13:13' + redistribute_routes: + - learned + vlan: 140-141 + - name: Tenant_A_OP_Zone + rd: 192.168.255.5:10 + route_targets: + both: + - '10:10' + redistribute_routes: + - learned + vlan: 110-112 + - name: Tenant_A_WAN_Zone + rd: 192.168.255.5:14 + route_targets: + both: + - '14:14' + redistribute_routes: + - learned + vlan: '150' + - name: Tenant_A_WEB_Zone + rd: 192.168.255.5:11 + route_targets: + both: + - '11:11' + redistribute_routes: + - learned + vlan: 120-121 + - name: Tenant_A_NFS + tenant: Tenant_A + rd: 192.168.255.5:10161 + route_targets: + both: + - 10161:10161 + redistribute_routes: + - learned + vlan: '161' + - name: Tenant_A_VMOTION + tenant: Tenant_A + rd: 192.168.255.5:55160 + route_targets: + both: + - 55160:55160 + redistribute_routes: + - learned + vlan: '160' + - name: Tenant_B_OP_Zone + rd: 192.168.255.5:20 + route_targets: + both: + - '20:20' + redistribute_routes: + - learned + vlan: 210-211 + - name: Tenant_B_WAN_Zone + rd: 192.168.255.5:21 + route_targets: + both: + - '21:21' + redistribute_routes: + - learned + vlan: '250' + - name: Tenant_C_OP_Zone + rd: 192.168.255.5:30 + route_targets: + both: + - '30:30' + redistribute_routes: + - learned + vlan: 310-311 + - name: Tenant_C_WAN_Zone + rd: 192.168.255.5:31 + route_targets: + both: + - '31:31' + redistribute_routes: + - learned + vlan: '350' + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 @@ -301,7 +334,8 @@ daemon_terminattr: cvaddrs: - 10.255.0.1:9910 cvauth: - method: key + method: token + token_file: /tmp/token cvvrf: MGMT smashexcludes: ale,flexCounter,hardware,kni,pulse,strata ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent @@ -311,501 +345,489 @@ vlan_internal_order: range: beginning: 1006 ending: 1199 -name_server: - source: - vrf: MGMT - nodes: - - 192.168.2.1 - - 8.8.8.8 spanning_tree: mode: mstp mst_instances: - '0': - priority: 16384 + - id: '0' + priority: 16384 no_spanning_tree_vlan: 4093-4094 local_users: - admin: - privilege: 15 - role: network-admin - sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 - ansible: - privilege: 15 - role: network-admin - sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ - cvpadmin: - privilege: 15 - role: network-admin - sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +- name: admin + privilege: 15 + role: network-admin + sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 +- name: ansible + privilege: 15 + role: network-admin + sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ +- name: cvpadmin + privilege: 15 + role: network-admin + sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. vrfs: - MGMT: - ip_routing: false - Tenant_A_APP_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_DB_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_OP_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_WAN_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_WEB_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_B_OP_Zone: - tenant: Tenant_B - ip_routing: true - Tenant_B_WAN_Zone: - tenant: Tenant_B - ip_routing: true - Tenant_C_OP_Zone: - tenant: Tenant_C - ip_routing: true - Tenant_C_WAN_Zone: - tenant: Tenant_C - ip_routing: true +- name: MGMT + ip_routing: false +- name: Tenant_A_APP_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_DB_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_OP_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_WAN_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_WEB_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_B_OP_Zone + tenant: Tenant_B + ip_routing: true +- name: Tenant_B_WAN_Zone + tenant: Tenant_B + ip_routing: true +- name: Tenant_C_OP_Zone + tenant: Tenant_C + ip_routing: true +- name: Tenant_C_WAN_Zone + tenant: Tenant_C + ip_routing: true management_interfaces: - Management1: - description: oob_management - shutdown: false - vrf: MGMT - ip_address: 10.255.0.15/24 - gateway: 10.255.0.1 - type: oob +- name: Management1 + description: oob_management + shutdown: false + vrf: MGMT + ip_address: 10.255.0.15/24 + gateway: 10.255.0.1 + type: oob management_api_http: enable_vrfs: - MGMT: {} + - name: MGMT enable_https: true vlans: - 4093: - tenant: system - name: LEAF_PEER_L3 - trunk_groups: - - LEAF_PEER_L3 - 4094: - tenant: system - name: MLAG_PEER - trunk_groups: - - MLAG - 130: - tenant: Tenant_A - name: Tenant_A_APP_Zone_1 - 131: - tenant: Tenant_A - name: Tenant_A_APP_Zone_2 - 3011: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_APP_Zone - trunk_groups: - - LEAF_PEER_L3 - 140: - tenant: Tenant_A - name: Tenant_A_DB_BZone_1 - 141: - tenant: Tenant_A - name: Tenant_A_DB_Zone_2 - 3012: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_DB_Zone - trunk_groups: - - LEAF_PEER_L3 - 110: - tenant: Tenant_A - name: Tenant_A_OP_Zone_1 - 111: - tenant: Tenant_A - name: Tenant_A_OP_Zone_2 - 112: - tenant: Tenant_A - name: Tenant_A_OP_Zone_3 - 3009: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 150: - tenant: Tenant_A - name: Tenant_A_WAN_Zone_1 - 3013: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 - 120: - tenant: Tenant_A - name: Tenant_A_WEB_Zone_1 - 121: - tenant: Tenant_A - name: Tenant_A_WEBZone_2 - 3010: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_WEB_Zone - trunk_groups: - - LEAF_PEER_L3 - 160: - tenant: Tenant_A - name: Tenant_A_VMOTION - 161: - tenant: Tenant_A - name: Tenant_A_NFS - 210: - tenant: Tenant_B - name: Tenant_B_OP_Zone_1 - 211: - tenant: Tenant_B - name: Tenant_B_OP_Zone_2 - 3019: - tenant: Tenant_B - name: MLAG_iBGP_Tenant_B_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 250: - tenant: Tenant_B - name: Tenant_B_WAN_Zone_1 - 3020: - tenant: Tenant_B - name: MLAG_iBGP_Tenant_B_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 - 310: - tenant: Tenant_C - name: Tenant_C_OP_Zone_1 - 311: - tenant: Tenant_C - name: Tenant_C_OP_Zone_2 - 3029: - tenant: Tenant_C - name: MLAG_iBGP_Tenant_C_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 350: - tenant: Tenant_C - name: Tenant_C_WAN_Zone_1 - 3030: - tenant: Tenant_C - name: MLAG_iBGP_Tenant_C_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 +- id: 4093 + tenant: system + name: LEAF_PEER_L3 + trunk_groups: + - LEAF_PEER_L3 +- id: 4094 + tenant: system + name: MLAG_PEER + trunk_groups: + - MLAG +- id: 130 + name: Tenant_A_APP_Zone_1 + tenant: Tenant_A +- id: 131 + name: Tenant_A_APP_Zone_2 + tenant: Tenant_A +- id: 3011 + name: MLAG_iBGP_Tenant_A_APP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 140 + name: Tenant_A_DB_BZone_1 + tenant: Tenant_A +- id: 141 + name: Tenant_A_DB_Zone_2 + tenant: Tenant_A +- id: 3012 + name: MLAG_iBGP_Tenant_A_DB_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 110 + name: Tenant_A_OP_Zone_1 + tenant: Tenant_A +- id: 111 + name: Tenant_A_OP_Zone_2 + tenant: Tenant_A +- id: 112 + name: Tenant_A_OP_Zone_3 + tenant: Tenant_A +- id: 3009 + name: MLAG_iBGP_Tenant_A_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 150 + name: Tenant_A_WAN_Zone_1 + tenant: Tenant_A +- id: 3013 + name: MLAG_iBGP_Tenant_A_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 120 + name: Tenant_A_WEB_Zone_1 + tenant: Tenant_A +- id: 121 + name: Tenant_A_WEBZone_2 + tenant: Tenant_A +- id: 3010 + name: MLAG_iBGP_Tenant_A_WEB_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 160 + name: Tenant_A_VMOTION + tenant: Tenant_A +- id: 161 + name: Tenant_A_NFS + tenant: Tenant_A +- id: 210 + name: Tenant_B_OP_Zone_1 + tenant: Tenant_B +- id: 211 + name: Tenant_B_OP_Zone_2 + tenant: Tenant_B +- id: 3019 + name: MLAG_iBGP_Tenant_B_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_B +- id: 250 + name: Tenant_B_WAN_Zone_1 + tenant: Tenant_B +- id: 3020 + name: MLAG_iBGP_Tenant_B_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_B +- id: 310 + name: Tenant_C_OP_Zone_1 + tenant: Tenant_C +- id: 311 + name: Tenant_C_OP_Zone_2 + tenant: Tenant_C +- id: 3029 + name: MLAG_iBGP_Tenant_C_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_C +- id: 350 + name: Tenant_C_WAN_Zone_1 + tenant: Tenant_C +- id: 3030 + name: MLAG_iBGP_Tenant_C_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_C vlan_interfaces: - Vlan4093: - description: MLAG_PEER_L3_PEERING - shutdown: false - ip_address: 10.255.251.4/31 - mtu: 1500 - Vlan4094: - description: MLAG_PEER - shutdown: false - ip_address: 10.255.252.4/31 - no_autostate: true - mtu: 1500 - Vlan130: - tenant: Tenant_A - tags: - - app - - erp1 - description: Tenant_A_APP_Zone_1 - shutdown: false - vrf: Tenant_A_APP_Zone - Vlan131: - tenant: Tenant_A - tags: - - app - description: Tenant_A_APP_Zone_2 - shutdown: false - vrf: Tenant_A_APP_Zone - ip_address_virtual: 10.1.31.254/24 - Vlan3011: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone' - vrf: Tenant_A_APP_Zone - ip_address: 10.255.251.4/31 - mtu: 1500 - Vlan140: - tenant: Tenant_A - tags: - - db - - erp1 - description: Tenant_A_DB_BZone_1 - shutdown: false - vrf: Tenant_A_DB_Zone - ip_address_virtual: 10.1.40.1/24 - Vlan141: - tenant: Tenant_A - tags: - - db - description: Tenant_A_DB_Zone_2 - shutdown: false - vrf: Tenant_A_DB_Zone - ip_address_virtual: 10.1.41.1/24 - Vlan3012: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone' - vrf: Tenant_A_DB_Zone - ip_address: 10.255.251.4/31 - mtu: 1500 - Vlan110: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_1 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.10.1/24 - Vlan111: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_2 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.11.1/24 - Vlan112: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_3 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.12.254/24 - Vlan3009: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone' - vrf: Tenant_A_OP_Zone - ip_address: 10.255.251.4/31 - mtu: 1500 - Vlan150: - tenant: Tenant_A - tags: - - wan - description: Tenant_A_WAN_Zone_1 - shutdown: false - vrf: Tenant_A_WAN_Zone - ip_address_virtual: 10.1.40.1/24 - Vlan3013: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone' - vrf: Tenant_A_WAN_Zone - ip_address: 10.255.251.4/31 - mtu: 1500 - Vlan120: - tenant: Tenant_A - tags: - - web - - erp1 - description: Tenant_A_WEB_Zone_1 - shutdown: false - vrf: Tenant_A_WEB_Zone - Vlan121: - tenant: Tenant_A - tags: - - web - description: Tenant_A_WEBZone_2 - shutdown: false - vrf: Tenant_A_WEB_Zone - ip_address_virtual: 10.1.21.1/24 - Vlan3010: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone' - vrf: Tenant_A_WEB_Zone - ip_address: 10.255.251.4/31 - mtu: 1500 - Vlan210: - tenant: Tenant_B - tags: - - opzone - description: Tenant_B_OP_Zone_1 - shutdown: false - vrf: Tenant_B_OP_Zone - Vlan211: - tenant: Tenant_B - tags: - - opzone - description: Tenant_B_OP_Zone_2 - shutdown: false - vrf: Tenant_B_OP_Zone - ip_address_virtual: 10.2.11.1/24 - Vlan3019: - tenant: Tenant_B - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone' - vrf: Tenant_B_OP_Zone - ip_address: 10.255.251.4/31 - mtu: 1500 - Vlan250: - tenant: Tenant_B - tags: - - wan - description: Tenant_B_WAN_Zone_1 - shutdown: false - vrf: Tenant_B_WAN_Zone - ip_address_virtual: 10.2.50.1/24 - Vlan3020: - tenant: Tenant_B - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone' - vrf: Tenant_B_WAN_Zone - ip_address: 10.255.251.4/31 - mtu: 1500 - Vlan310: - tenant: Tenant_C - tags: - - opzone - description: Tenant_C_OP_Zone_1 - shutdown: false - vrf: Tenant_C_OP_Zone - Vlan311: - tenant: Tenant_C - tags: - - opzone - description: Tenant_C_OP_Zone_2 - shutdown: false - vrf: Tenant_C_OP_Zone - Vlan3029: - tenant: Tenant_C - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone' - vrf: Tenant_C_OP_Zone - ip_address: 10.255.251.4/31 - mtu: 1500 - Vlan350: - tenant: Tenant_C - tags: - - wan - description: Tenant_C_WAN_Zone_1 - shutdown: false - vrf: Tenant_C_WAN_Zone - Vlan3030: - tenant: Tenant_C - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone' - vrf: Tenant_C_WAN_Zone - ip_address: 10.255.251.4/31 - mtu: 1500 +- name: Vlan4093 + description: MLAG_PEER_L3_PEERING + shutdown: false + ip_address: 10.255.251.4/31 +- name: Vlan4094 + description: MLAG_PEER + shutdown: false + no_autostate: true + ip_address: 10.255.252.4/31 +- name: Vlan130 + tenant: Tenant_A + tags: + - app + - erp1 + description: Tenant_A_APP_Zone_1 + shutdown: false + vrf: Tenant_A_APP_Zone +- name: Vlan131 + tenant: Tenant_A + tags: + - app + description: Tenant_A_APP_Zone_2 + shutdown: false + ip_address_virtual: 10.1.31.254/24 + vrf: Tenant_A_APP_Zone +- name: Vlan3011 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone' + vrf: Tenant_A_APP_Zone + mtu: null + ip_address: 10.255.251.4/31 +- name: Vlan140 + tenant: Tenant_A + tags: + - db + - erp1 + description: Tenant_A_DB_BZone_1 + shutdown: false + ip_address_virtual: 10.1.40.1/24 + vrf: Tenant_A_DB_Zone +- name: Vlan141 + tenant: Tenant_A + tags: + - db + description: Tenant_A_DB_Zone_2 + shutdown: false + ip_address_virtual: 10.1.41.1/24 + vrf: Tenant_A_DB_Zone +- name: Vlan3012 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone' + vrf: Tenant_A_DB_Zone + mtu: null + ip_address: 10.255.251.4/31 +- name: Vlan110 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_1 + shutdown: false + ip_address_virtual: 10.1.10.1/24 + vrf: Tenant_A_OP_Zone +- name: Vlan111 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.1.11.1/24 + vrf: Tenant_A_OP_Zone +- name: Vlan112 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_3 + shutdown: false + ip_address_virtual: 10.1.12.254/24 + vrf: Tenant_A_OP_Zone +- name: Vlan3009 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone' + vrf: Tenant_A_OP_Zone + mtu: null + ip_address: 10.255.251.4/31 +- name: Vlan150 + tenant: Tenant_A + tags: + - wan + description: Tenant_A_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.1.40.1/24 + vrf: Tenant_A_WAN_Zone +- name: Vlan3013 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone' + vrf: Tenant_A_WAN_Zone + mtu: null + ip_address: 10.255.251.4/31 +- name: Vlan120 + tenant: Tenant_A + tags: + - web + - erp1 + description: Tenant_A_WEB_Zone_1 + shutdown: false + vrf: Tenant_A_WEB_Zone +- name: Vlan121 + tenant: Tenant_A + tags: + - web + description: Tenant_A_WEBZone_2 + shutdown: false + ip_address_virtual: 10.1.21.1/24 + vrf: Tenant_A_WEB_Zone +- name: Vlan3010 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone' + vrf: Tenant_A_WEB_Zone + mtu: null + ip_address: 10.255.251.4/31 +- name: Vlan210 + tenant: Tenant_B + tags: + - opzone + description: Tenant_B_OP_Zone_1 + shutdown: false + vrf: Tenant_B_OP_Zone +- name: Vlan211 + tenant: Tenant_B + tags: + - opzone + description: Tenant_B_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.2.11.1/24 + vrf: Tenant_B_OP_Zone +- name: Vlan3019 + tenant: Tenant_B + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone' + vrf: Tenant_B_OP_Zone + mtu: null + ip_address: 10.255.251.4/31 +- name: Vlan250 + tenant: Tenant_B + tags: + - wan + description: Tenant_B_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.2.50.1/24 + vrf: Tenant_B_WAN_Zone +- name: Vlan3020 + tenant: Tenant_B + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone' + vrf: Tenant_B_WAN_Zone + mtu: null + ip_address: 10.255.251.4/31 +- name: Vlan310 + tenant: Tenant_C + tags: + - opzone + description: Tenant_C_OP_Zone_1 + shutdown: false + vrf: Tenant_C_OP_Zone +- name: Vlan311 + tenant: Tenant_C + tags: + - opzone + description: Tenant_C_OP_Zone_2 + shutdown: false + vrf: Tenant_C_OP_Zone +- name: Vlan3029 + tenant: Tenant_C + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone' + vrf: Tenant_C_OP_Zone + mtu: null + ip_address: 10.255.251.4/31 +- name: Vlan350 + tenant: Tenant_C + tags: + - wan + description: Tenant_C_WAN_Zone_1 + shutdown: false + vrf: Tenant_C_WAN_Zone +- name: Vlan3030 + tenant: Tenant_C + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone' + vrf: Tenant_C_WAN_Zone + mtu: null + ip_address: 10.255.251.4/31 port_channel_interfaces: - Port-Channel3: - description: MLAG_PEER_DC1-LEAF2B_Po3 - type: switched - shutdown: false - vlans: 2-4094 - mode: trunk - trunk_groups: - - LEAF_PEER_L3 - - MLAG - Port-Channel5: - description: DC1-L2LEAF2A_Po1 - type: switched - shutdown: false - vlans: 110-112,120-121,130-131 - mode: trunk - mlag: 5 +- name: Port-Channel3 + description: MLAG_PEER_DC1-LEAF2B_Po3 + type: switched + shutdown: false + mode: trunk + trunk_groups: + - LEAF_PEER_L3 + - MLAG +- name: Port-Channel5 + description: DC1-L2LEAF2A_Po1 + type: switched + shutdown: false + mode: trunk + vlans: 110-112,120-121,130-131 + mlag: 5 ethernet_interfaces: - Ethernet3: - peer: DC1-LEAF2B - peer_interface: Ethernet3 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF2B_Ethernet3 - type: switched - shutdown: false - channel_group: - id: 3 - mode: active - Ethernet4: - peer: DC1-LEAF2B - peer_interface: Ethernet4 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF2B_Ethernet4 - type: switched - shutdown: false - channel_group: - id: 3 - mode: active - Ethernet1: - peer: DC1-SPINE1 - peer_interface: Ethernet3 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE1_Ethernet3 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.9/31 - Ethernet2: - peer: DC1-SPINE2 - peer_interface: Ethernet3 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE2_Ethernet3 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.11/31 - Ethernet5: - peer: DC1-L2LEAF2A - peer_interface: Ethernet1 - peer_type: l2leaf - description: DC1-L2LEAF2A_Ethernet1 - type: switched - shutdown: false - channel_group: - id: 5 - mode: active +- name: Ethernet3 + peer: DC1-LEAF2B + peer_interface: Ethernet3 + peer_type: mlag_peer + description: MLAG_PEER_DC1-LEAF2B_Ethernet3 + type: port-channel-member + shutdown: false + channel_group: + id: 3 + mode: active +- name: Ethernet4 + peer: DC1-LEAF2B + peer_interface: Ethernet4 + peer_type: mlag_peer + description: MLAG_PEER_DC1-LEAF2B_Ethernet4 + type: port-channel-member + shutdown: false + channel_group: + id: 3 + mode: active +- name: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + description: P2P_LINK_TO_DC1-SPINE1_Ethernet3 + shutdown: false + type: routed + ip_address: 172.31.255.9/31 +- name: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + description: P2P_LINK_TO_DC1-SPINE2_Ethernet3 + shutdown: false + type: routed + ip_address: 172.31.255.11/31 +- name: Ethernet5 + peer: DC1-L2LEAF2A + peer_interface: Ethernet1 + peer_type: l2leaf + description: DC1-L2LEAF2A_Ethernet1 + shutdown: false + type: port-channel-member + channel_group: + id: 5 + mode: active mlag_configuration: domain_id: DC1_LEAF2 local_interface: Vlan4094 peer_address: 10.255.252.5 peer_link: Port-Channel3 - reload_delay_mlag: 300 - reload_delay_non_mlag: 330 + reload_delay_mlag: '300' + reload_delay_non_mlag: '330' route_maps: - RM-MLAG-PEER-IN: - sequence_numbers: - 10: - type: permit - set: - - origin incomplete - description: Make routes learned over MLAG Peer-link less preferred on spines - to ensure optimal routing - RM-CONN-2-BGP: - sequence_numbers: - 10: - type: permit - match: - - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +- name: RM-MLAG-PEER-IN + sequence_numbers: + - sequence: 10 + type: permit + set: + - origin incomplete + description: Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing +- name: RM-CONN-2-BGP + sequence_numbers: + - sequence: 10 + type: permit + match: + - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY loopback_interfaces: - Loopback0: - description: EVPN_Overlay_Peering - shutdown: false - ip_address: 192.168.255.5/32 - Loopback1: - description: VTEP_VXLAN_Tunnel_Source - shutdown: false - ip_address: 192.168.254.5/32 - Loopback100: - description: Tenant_A_OP_Zone_VTEP_DIAGNOSTICS - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address: 10.255.1.5/32 +- name: Loopback0 + description: EVPN_Overlay_Peering + shutdown: false + ip_address: 192.168.255.5/32 +- name: Loopback1 + description: VTEP_VXLAN_Tunnel_Source + shutdown: false + ip_address: 192.168.254.5/32 +- name: Loopback100 + description: Tenant_A_OP_Zone_VTEP_DIAGNOSTICS + shutdown: false + vrf: Tenant_A_OP_Zone + ip_address: 10.255.1.5/32 prefix_lists: - PL-LOOPBACKS-EVPN-OVERLAY: - sequence_numbers: - 10: - action: permit 192.168.255.0/24 eq 32 - 20: - action: permit 192.168.254.0/24 eq 32 +- name: PL-LOOPBACKS-EVPN-OVERLAY + sequence_numbers: + - sequence: 10 + action: permit 192.168.255.0/24 eq 32 + - sequence: 20 + action: permit 192.168.254.0/24 eq 32 router_bfd: multihop: interval: 1200 @@ -813,73 +835,75 @@ router_bfd: multiplier: 3 ip_igmp_snooping: globally_enabled: true +ip_virtual_router_mac_address: 00:1c:73:00:dc:01 vxlan_interface: Vxlan1: description: DC1-LEAF2A_VTEP vxlan: + udp_port: 4789 source_interface: Loopback1 virtual_router_encapsulation_mac_address: mlag-system-id - udp_port: 4789 vlans: - 130: - vni: 10130 - 131: - vni: 10131 - 140: - vni: 10140 - 141: - vni: 10141 - 110: - vni: 10110 - 111: - vni: 50111 - 112: - vni: 50112 - 150: - vni: 10150 - 120: - vni: 10120 - 121: - vni: 10121 - 160: - vni: 55160 - 161: - vni: 10161 - 210: - vni: 20210 - 211: - vni: 20211 - 250: - vni: 20250 - 310: - vni: 30310 - 311: - vni: 30311 - 350: - vni: 30350 + - id: 130 + vni: 10130 + - id: 131 + vni: 10131 + - id: 140 + vni: 10140 + - id: 141 + vni: 10141 + - id: 110 + vni: 10110 + - id: 111 + vni: 50111 + - id: 112 + vni: 50112 + - id: 150 + vni: 10150 + - id: 120 + vni: 10120 + - id: 121 + vni: 10121 + - id: 160 + vni: 55160 + - id: 161 + vni: 10161 + - id: 210 + vni: 20210 + - id: 211 + vni: 20211 + - id: 250 + vni: 20250 + - id: 310 + vni: 30310 + - id: 311 + vni: 30311 + - id: 350 + vni: 30350 vrfs: - Tenant_A_APP_Zone: - vni: 12 - Tenant_A_DB_Zone: - vni: 13 - Tenant_A_OP_Zone: - vni: 10 - Tenant_A_WAN_Zone: - vni: 14 - Tenant_A_WEB_Zone: - vni: 11 - Tenant_B_OP_Zone: - vni: 20 - Tenant_B_WAN_Zone: - vni: 21 - Tenant_C_OP_Zone: - vni: 30 - Tenant_C_WAN_Zone: - vni: 31 + - name: Tenant_A_APP_Zone + vni: 12 + - name: Tenant_A_DB_Zone + vni: 13 + - name: Tenant_A_OP_Zone + vni: 10 + - name: Tenant_A_WAN_Zone + vni: 14 + - name: Tenant_A_WEB_Zone + vni: 11 + - name: Tenant_B_OP_Zone + vni: 20 + - name: Tenant_B_WAN_Zone + vni: 21 + - name: Tenant_C_OP_Zone + vni: 30 + - name: Tenant_C_WAN_Zone + vni: 31 virtual_source_nat_vrfs: - Tenant_A_OP_Zone: - ip_address: 10.255.1.5 -ip_virtual_router_mac_address: 00:1c:73:00:dc:01 +- name: Tenant_A_OP_Zone + ip_address: 10.255.1.5 +metadata: + platform: vEOS-LAB ntp: local_interface: name: Management1 diff --git a/inventory/intended/structured_configs/DC1-LEAF2B-debug-vars.yml b/inventory/intended/structured_configs/DC1-LEAF2B-debug-vars.yml index ad26eebe0..588684857 100644 --- a/inventory/intended/structured_configs/DC1-LEAF2B-debug-vars.yml +++ b/inventory/intended/structured_configs/DC1-LEAF2B-debug-vars.yml @@ -20,14 +20,16 @@ local_users: privilege: 15 role: network-admin sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -cvp_instance_ip: 10.255.0.1 -cvp_ingestauth_key: '' +cvp_instance_ips: +- 10.255.0.1 mgmt_interface: Management1 mgmt_interface_vrf: MGMT mgmt_gateway: 10.255.0.1 -name_servers: -- 192.168.2.1 -- 8.8.8.8 +ip_name_servers: +- ip_address: 192.168.2.1 + vrf: MGMT +- ip_address: 8.8.8.8 + vrf: MGMT custom_structured_configuration_ntp: local_interface: name: Management1 @@ -38,27 +40,65 @@ custom_structured_configuration_ntp: vrf: MGMT - name: 1.fr.pool.ntp.org vrf: MGMT +port_profiles: + TENANT_A_B: + mode: trunk + vlans: 110-111,210-211 + TENANT_A: + mode: access + vlans: '110' + TENANT_B: + mode: trunk + vlans: 210-211 +servers: + server01: + rack: RackA + adapters: + - endpoint_ports: + - Eth0 + switch_ports: + - Ethernet5 + switches: + - DC1-L2LEAF1A + profile: TENANT_A + server02: + rack: RackA + adapters: + - endpoint_ports: + - Eth0 + switch_ports: + - Ethernet5 + switches: + - DC1-L2LEAF2A + profile: TENANT_A fabric_name: DC1_FABRIC -vxlan_vlan_aware_bundles: true +evpn_vlan_aware_bundles: true bgp_peer_groups: - IPv4_UNDERLAY_PEERS: + ipv4_underlay_peers: password: AQQvKeimxJu+uGQ/yYvv9w== - EVPN_OVERLAY_PEERS: + evpn_overlay_peers: password: q+VNViP5i4rVjW1cxFv2wA== - MLAG_IPv4_UNDERLAY_PEER: + mlag_ipv4_underlay_peer: password: vnEaG8gMeQf3d3cN6PktXQ== spine: defaults: platform: vEOS-LAB bgp_as: 65001 loopback_ipv4_pool: 192.168.255.0/24 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart mlag_peer_ipv4_pool: 10.255.252.0/24 mlag_peer_l3_ipv4_pool: 10.255.251.0/24 + structured_config: + router_bgp: + bgp: + default: + ipv4_unicast: false + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 nodes: DC1-SPINE1: id: 1 @@ -85,11 +125,18 @@ l3leaf: mlag_peer_ipv4_pool: 10.255.252.0/24 mlag_peer_l3_ipv4_pool: 10.255.251.0/24 virtual_router_mac_address: 00:1c:73:00:dc:01 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart + structured_config: + router_bgp: + bgp: + default: + ipv4_unicast: false + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 spanning_tree_mode: mstp spanning_tree_priority: 16384 node_groups: @@ -150,9 +197,9 @@ l2leaf: tenants: - Tenant_A tags: + - app - opzone - web - - app nodes: DC1-L2LEAF1A: id: 5 @@ -168,9 +215,9 @@ l2leaf: tenants: - Tenant_A tags: + - app - opzone - web - - app nodes: DC1-L2LEAF2A: id: 7 @@ -178,613 +225,1058 @@ l2leaf: uplink_switch_interfaces: - Ethernet5 - Ethernet5 -p2p_uplinks_mtu: 1500 +p2p_uplinks_mtu: 9000 bfd_multihop: interval: 1200 min_rx: 1200 multiplier: 3 -port_profiles: - TENANT_A_B: - mode: trunk - vlans: 110-111,210-211 - TENANT_A: - mode: access - vlans: '110' - TENANT_B: - mode: trunk - vlans: 210-211 -servers: - server01: - rack: RackA - adapters: - - type: nic - server_ports: - - Eth0 - switch_ports: - - Ethernet5 - switches: - - DC1-L2LEAF1A - profile: TENANT_A - server02: - rack: RackA - adapters: - - type: nic - server_ports: - - Eth0 - switch_ports: - - Ethernet5 - switches: - - DC1-L2LEAF2A - profile: TENANT_A -tenants: - Tenant_A: - mac_vrf_vni_base: 10000 - vrfs: - Tenant_A_OP_Zone: - vrf_vni: 10 - vtep_diagnostic: - loopback: 100 - loopback_ip_range: 10.255.1.0/24 - svis: - 110: - name: Tenant_A_OP_Zone_1 - tags: - - opzone - enabled: true - ip_address_virtual: 10.1.10.1/24 - 111: - vni_override: 50111 - name: Tenant_A_OP_Zone_2 - tags: - - opzone - enabled: true - ip_address_virtual: 10.1.11.1/24 - 112: - vni_override: 50112 - name: Tenant_A_OP_Zone_3 - tags: - - opzone - enabled: true - ip_address_virtual: 10.1.12.254/24 - Tenant_A_WEB_Zone: - vrf_vni: 11 - svis: - 120: - name: Tenant_A_WEB_Zone_1 - tags: - - web - - erp1 - enabled: true - ip_subnet: 10.1.20.0/24 - 121: - name: Tenant_A_WEBZone_2 - tags: - - web - enabled: true - ip_address_virtual: 10.1.21.1/24 - Tenant_A_APP_Zone: - vrf_vni: 12 - svis: - 130: - name: Tenant_A_APP_Zone_1 - tags: - - app - - erp1 - enabled: true - ip_subnet: 10.1.30.0/24 - 131: - name: Tenant_A_APP_Zone_2 - tags: - - app - enabled: true - ip_address_virtual: 10.1.31.254/24 - Tenant_A_DB_Zone: - vrf_vni: 13 - svis: - 140: - name: Tenant_A_DB_BZone_1 - tags: - - db - - erp1 - enabled: true - ip_address_virtual: 10.1.40.1/24 - 141: - name: Tenant_A_DB_Zone_2 - tags: - - db - enabled: true - ip_address_virtual: 10.1.41.1/24 - Tenant_A_WAN_Zone: - vrf_vni: 14 - svis: - 150: - name: Tenant_A_WAN_Zone_1 - tags: - - wan - enabled: true - ip_address_virtual: 10.1.40.1/24 - l2vlans: - 160: - vni_override: 55160 - name: Tenant_A_VMOTION - tags: - - vmotion - 161: - name: Tenant_A_NFS - tags: - - nfs - Tenant_B: - mac_vrf_vni_base: 20000 - vrfs: - Tenant_B_OP_Zone: - vrf_vni: 20 - svis: - 210: - name: Tenant_B_OP_Zone_1 - tags: - - opzone - enabled: true - ip_subnet: 10.2.10.0/24 - 211: - name: Tenant_B_OP_Zone_2 - tags: - - opzone - enabled: true - ip_address_virtual: 10.2.11.1/24 - Tenant_B_WAN_Zone: - vrf_vni: 21 - svis: - 250: - name: Tenant_B_WAN_Zone_1 - tags: - - wan - enabled: true - ip_address_virtual: 10.2.50.1/24 - Tenant_C: - mac_vrf_vni_base: 30000 - vrfs: - Tenant_C_OP_Zone: - vrf_vni: 30 - svis: - 310: - name: Tenant_C_OP_Zone_1 - tags: - - opzone - enabled: true - ip_subnet: 10.3.10.0/24 - 311: - name: Tenant_C_OP_Zone_2 - tags: - - opzone - enabled: true - ip_subnet: 10.3.11.1/24 - Tenant_C_WAN_Zone: - vrf_vni: 31 - svis: - 350: - name: Tenant_C_WAN_Zone_1 - tags: - - wan - enabled: true - ip_subnet: 10.3.50.1/24 -inventory_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml -inventory_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory +platform_settings: +- platforms: + - default +- platforms: + - vEOS-LAB + reload_delay: + mlag: 300 + non_mlag: 330 + feature_support: + queue_monitor_length_notify: false + interface_storm_control: false + poe: false + per_interface_mtu: false + bgp_update_wait_install: false + bgp_update_wait_for_convergence: false +Tenant_A: +- name: Tenant_A + mac_vrf_vni_base: 10000 + vrfs: + - name: Tenant_A_OP_Zone + vrf_vni: 10 + vtep_diagnostic: + loopback: 100 + loopback_ip_range: 10.255.1.0/24 + svis: + - id: 110 + name: Tenant_A_OP_Zone_1 + tags: + - opzone + enabled: true + ip_address_virtual: 10.1.10.1/24 + - id: 111 + vni_override: 50111 + name: Tenant_A_OP_Zone_2 + tags: + - opzone + enabled: true + ip_address_virtual: 10.1.11.1/24 + - id: 112 + vni_override: 50112 + name: Tenant_A_OP_Zone_3 + tags: + - opzone + enabled: true + ip_address_virtual: 10.1.12.254/24 + - name: Tenant_A_WEB_Zone + vrf_vni: 11 + svis: + - id: 120 + name: Tenant_A_WEB_Zone_1 + tags: + - web + - erp1 + enabled: true + - id: 121 + name: Tenant_A_WEBZone_2 + tags: + - web + enabled: true + ip_address_virtual: 10.1.21.1/24 + - name: Tenant_A_APP_Zone + vrf_vni: 12 + svis: + - id: 130 + name: Tenant_A_APP_Zone_1 + tags: + - app + - erp1 + enabled: true + - id: 131 + name: Tenant_A_APP_Zone_2 + tags: + - app + enabled: true + ip_address_virtual: 10.1.31.254/24 + - name: Tenant_A_DB_Zone + vrf_vni: 13 + svis: + - id: 140 + name: Tenant_A_DB_BZone_1 + tags: + - db + - erp1 + enabled: true + ip_address_virtual: 10.1.40.1/24 + - id: 141 + name: Tenant_A_DB_Zone_2 + tags: + - db + enabled: true + ip_address_virtual: 10.1.41.1/24 + - name: Tenant_A_WAN_Zone + vrf_vni: 14 + svis: + - id: 150 + name: Tenant_A_WAN_Zone_1 + tags: + - wan + enabled: true + ip_address_virtual: 10.1.40.1/24 + l2vlans: + - id: 160 + vni_override: 55160 + name: Tenant_A_VMOTION + tags: + - vmotion + - id: 161 + name: Tenant_A_NFS + tags: + - nfs +Tenant_B: +- name: Tenant_B + mac_vrf_vni_base: 20000 + vrfs: + - name: Tenant_B_OP_Zone + vrf_vni: 20 + svis: + - id: 210 + name: Tenant_B_OP_Zone_1 + tags: + - opzone + enabled: true + - id: 211 + name: Tenant_B_OP_Zone_2 + tags: + - opzone + enabled: true + ip_address_virtual: 10.2.11.1/24 + - name: Tenant_B_WAN_Zone + vrf_vni: 21 + svis: + - id: 250 + name: Tenant_B_WAN_Zone_1 + tags: + - wan + enabled: true + ip_address_virtual: 10.2.50.1/24 +Tenant_C: +- name: Tenant_C + mac_vrf_vni_base: 30000 + vrfs: + - name: Tenant_C_OP_Zone + vrf_vni: 30 + svis: + - id: 310 + name: Tenant_C_OP_Zone_1 + tags: + - opzone + enabled: true + - id: 311 + name: Tenant_C_OP_Zone_2 + tags: + - opzone + enabled: true + - name: Tenant_C_WAN_Zone + vrf_vni: 31 + svis: + - id: 350 + name: Tenant_C_WAN_Zone_1 + tags: + - wan + enabled: true +network_services_keys: +- name: Tenant_A +- name: Tenant_B +- name: Tenant_C +inventory_file: /Users/pvinci/ansible-avd-cloudvision-demo/inventory/inventory.yml +inventory_dir: /Users/pvinci/ansible-avd-cloudvision-demo/inventory ansible_host: 10.255.0.16 inventory_hostname: DC1-LEAF2B inventory_hostname_short: DC1-LEAF2B group_names: - DC1 +- DC1_CONNECTED_ENDPOINTS - DC1_FABRIC - DC1_L3LEAFS - DC1_LEAF2 -- DC1_SERVERS -- DC1_TENANTS_NETWORKS +- NETWORK_SERVICES ansible_facts: - switch: - type: l3leaf - node_type_key: l3leaf - connected_endpoints: true - default_evpn_role: client - mlag_support: true - network_services_l2: true - network_services_l3: true - underlay_router: true - uplink_type: p2p - vtep: true - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_LEAF2 - id: 4 - mgmt_ip: 10.255.0.16/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - all - filter_tags: - - all - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - virtual_router_mac_address: 00:1c:73:00:dc:01 - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: - - DC1-SPINE1 - - DC1-SPINE2 - uplink_switch_interfaces: - - Ethernet4 - - Ethernet4 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 2 - uplink_ipv4_pool: 172.31.255.0/24 - router_id: 192.168.255.6 - bgp_as: '65102' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: client - evpn_route_servers: - - DC1-SPINE1 - - DC1-SPINE2 - mlag: true - mlag_group: DC1_LEAF2 - mlag_ibgp_origin_incomplete: true - mlag_peer_vlan: 4094 - mlag_dual_primary_detection: false - mlag_interfaces: - - Ethernet3 - - Ethernet4 - mlag_l3: true - mlag_peer_l3_vlan: 4093 - mlag_role: secondary - mlag_peer: DC1-LEAF2A - mlag_peer_mgmt_ip: 10.255.0.15 - mlag_ip: 10.255.252.5 - mlag_peer_ip: 10.255.252.4 - mlag_l3_ip: 10.255.251.5 - mlag_peer_l3_ip: 10.255.251.4 - vtep_loopback_ipv4_pool: 192.168.254.0/24 - vtep_loopback: Loopback1 - vtep_ip: 192.168.254.5 - evpn_services_l2_only: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_DB_Zone: - svis: - - 140 - - 141 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WAN_Zone: - svis: - - 150 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: - - 160 - - 161 - Tenant_B: - vrfs: - Tenant_B_OP_Zone: - svis: - - 210 - - 211 - Tenant_B_WAN_Zone: - svis: - - 250 - l2vlans: [] - Tenant_C: - vrfs: - Tenant_C_OP_Zone: - svis: - - 310 - - 311 - Tenant_C_WAN_Zone: - svis: - - 350 - l2vlans: [] - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 - topology: - links: - Ethernet1: + avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF1B + - DC1-LEAF1A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF2B + - DC1-LEAF2A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + avd_topology_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-LEAF2A: + - DC1-L2LEAF2A +avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 peer: DC1-SPINE1 peer_interface: Ethernet4 peer_type: spine + peer_is_deployed: true peer_bgp_as: '65001' type: underlay_p2p + prefix_length: 31 ip_address: 172.31.255.13 peer_ip_address: 172.31.255.12 - Ethernet2: + - interface: Ethernet2 peer: DC1-SPINE2 peer_interface: Ethernet4 peer_type: spine + peer_is_deployed: true peer_bgp_as: '65001' type: underlay_p2p + prefix_length: 31 ip_address: 172.31.255.15 peer_ip_address: 172.31.255.14 - peers: - - DC1-SPINE1 - - DC1-SPINE2 - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -switch: - type: l3leaf - node_type_key: l3leaf - connected_endpoints: true - default_evpn_role: client - mlag_support: true - network_services_l2: true - network_services_l3: true - underlay_router: true - uplink_type: p2p - vtep: true - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - group: DC1_LEAF2 - id: 4 - mgmt_ip: 10.255.0.16/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - filter_tenants: - - all - filter_tags: - - all - spanning_tree_mode: mstp - spanning_tree_priority: 16384 - igmp_snooping_enabled: true - virtual_router_mac_address: 00:1c:73:00:dc:01 - max_uplink_switches: 2 - max_parallel_uplinks: 1 - uplink_switches: - - DC1-SPINE1 - - DC1-SPINE2 - uplink_switch_interfaces: - - Ethernet4 - - Ethernet4 - uplink_interfaces: - - Ethernet1 - - Ethernet2 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 2 - uplink_ipv4_pool: 172.31.255.0/24 - router_id: 192.168.255.6 - bgp_as: '65102' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: client - evpn_route_servers: - - DC1-SPINE1 - - DC1-SPINE2 - mlag: true - mlag_group: DC1_LEAF2 - mlag_ibgp_origin_incomplete: true - mlag_peer_vlan: 4094 - mlag_dual_primary_detection: false - mlag_interfaces: - - Ethernet3 - - Ethernet4 - mlag_l3: true - mlag_peer_l3_vlan: 4093 - mlag_role: secondary - mlag_peer: DC1-LEAF2A - mlag_peer_mgmt_ip: 10.255.0.15 - mlag_ip: 10.255.252.5 - mlag_peer_ip: 10.255.252.4 - mlag_l3_ip: 10.255.251.5 - mlag_peer_l3_ip: 10.255.251.4 - vtep_loopback_ipv4_pool: 192.168.254.0/24 - vtep_loopback: Loopback1 - vtep_ip: 192.168.254.5 - evpn_services_l2_only: false - tenants: - Tenant_A: - vrfs: - Tenant_A_APP_Zone: - svis: - - 130 - - 131 - Tenant_A_DB_Zone: - svis: - - 140 - - 141 - Tenant_A_OP_Zone: - svis: - - 110 - - 111 - - 112 - Tenant_A_WAN_Zone: - svis: - - 150 - Tenant_A_WEB_Zone: - svis: - - 120 - - 121 - l2vlans: - - 160 - - 161 - Tenant_B: - vrfs: - Tenant_B_OP_Zone: - svis: - - 210 - - 211 - Tenant_B_WAN_Zone: - svis: - - 250 - l2vlans: [] - Tenant_C: - vrfs: - Tenant_C_OP_Zone: - svis: - - 310 - - 311 - Tenant_C_WAN_Zone: - svis: - - 350 - l2vlans: [] - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -topology: - links: - Ethernet1: - peer: DC1-SPINE1 - peer_interface: Ethernet4 - peer_type: spine - peer_bgp_as: '65001' - type: underlay_p2p - ip_address: 172.31.255.13 - peer_ip_address: 172.31.255.12 - Ethernet2: - peer: DC1-SPINE2 - peer_interface: Ethernet4 - peer_type: spine - peer_bgp_as: '65001' - type: underlay_p2p - ip_address: 172.31.255.15 - peer_ip_address: 172.31.255.14 - peers: - - DC1-SPINE1 - - DC1-SPINE2 - vlans: - - 130 - - 131 - - 140 - - 141 - - 110 - - 111 - - 112 - - 150 - - 120 - - 121 - - 160 - - 161 - - 210 - - 211 - - 250 - - 310 - - 311 - - 350 -playbook_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/playbooks -ansible_playbook_python: /Users/tgrimonet/.pyenv/versions/3.9.7/envs/arista-avd-demo/bin/python3.9 -ansible_config_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/ansible.cfg + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF1B + - DC1-LEAF1A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF2B + - DC1-LEAF2A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] +avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_topology_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-LEAF2A: + - DC1-L2LEAF2A +avd_requirements: + failed: false + changed: false +playbook_dir: /Users/pvinci/ansible-avd-cloudvision-demo/playbooks +ansible_playbook_python: /Users/pvinci/.pyenv/versions/3.11.9/bin/python3 +ansible_config_file: /Users/pvinci/ansible-avd-cloudvision-demo/ansible.cfg groups: all: - cv_ztp @@ -804,12 +1296,12 @@ groups: DC1: - DC1-SPINE1 - DC1-SPINE2 - - DC1-L2LEAF1A - - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B + - DC1-L2LEAF1A + - DC1-L2LEAF2A DC1_FABRIC: - DC1-SPINE1 - DC1-SPINE2 @@ -840,32 +1332,32 @@ groups: - DC1-L2LEAF1A DC1_L2LEAF2: - DC1-L2LEAF2A - DC1_TENANTS_NETWORKS: + NETWORK_SERVICES: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - DC1-L2LEAF1A - DC1-L2LEAF2A - DC1_SERVERS: + DC1_CONNECTED_ENDPOINTS: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - DC1-L2LEAF1A - DC1-L2LEAF2A -omit: __omit_place_holder__977da4f00604c643da39a9f2175c10b09f0b2380 +omit: __omit_place_holder__9e0ee8fc9716456e882c32fe1aa1621f8d1d8ab2 ansible_version: - string: 2.10.14 - full: 2.10.14 + string: 2.16.7 + full: 2.16.7 major: 2 - minor: 10 - revision: 14 + minor: 16 + revision: 7 ansible_check_mode: false ansible_diff_mode: false ansible_forks: 5 ansible_inventory_sources: -- /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml +- /Users/pvinci/ansible-avd-cloudvision-demo/inventory/inventory.yml ansible_skip_tags: [] ansible_run_tags: - build diff --git a/inventory/intended/structured_configs/DC1-LEAF2B.yml b/inventory/intended/structured_configs/DC1-LEAF2B.yml index b9644c7e1..c8ccd10bf 100644 --- a/inventory/intended/structured_configs/DC1-LEAF2B.yml +++ b/inventory/intended/structured_configs/DC1-LEAF2B.yml @@ -1,296 +1,329 @@ +hostname: DC1-LEAF2B +is_deployed: true router_bgp: as: '65102' router_id: 192.168.255.6 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - - maximum-paths 4 ecmp 4 + bgp: + default: + ipv4_unicast: false + maximum_paths: + paths: 4 + ecmp: 4 peer_groups: - MLAG-IPv4-UNDERLAY-PEER: - type: ipv4 - remote_as: '65102' - next_hop_self: true - password: vnEaG8gMeQf3d3cN6PktXQ== - maximum_routes: 12000 - send_community: all - route_map_in: RM-MLAG-PEER-IN - IPv4-UNDERLAY-PEERS: - type: ipv4 - password: AQQvKeimxJu+uGQ/yYvv9w== - maximum_routes: 12000 - send_community: all - EVPN-OVERLAY-PEERS: - type: evpn - update_source: Loopback0 - bfd: true - ebgp_multihop: '3' - password: q+VNViP5i4rVjW1cxFv2wA== - send_community: all - maximum_routes: 0 + - name: MLAG-IPv4-UNDERLAY-PEER + type: ipv4 + remote_as: '65102' + next_hop_self: true + description: DC1-LEAF2A + password: vnEaG8gMeQf3d3cN6PktXQ== + maximum_routes: 12000 + send_community: all + route_map_in: RM-MLAG-PEER-IN + - name: IPv4-UNDERLAY-PEERS + type: ipv4 + password: AQQvKeimxJu+uGQ/yYvv9w== + maximum_routes: 12000 + send_community: all + - name: EVPN-OVERLAY-PEERS + type: evpn + update_source: Loopback0 + bfd: true + password: q+VNViP5i4rVjW1cxFv2wA== + send_community: all + maximum_routes: 0 + ebgp_multihop: 3 address_family_ipv4: peer_groups: - MLAG-IPv4-UNDERLAY-PEER: - activate: true - IPv4-UNDERLAY-PEERS: - activate: true - EVPN-OVERLAY-PEERS: - activate: false + - name: MLAG-IPv4-UNDERLAY-PEER + activate: true + - name: IPv4-UNDERLAY-PEERS + activate: true + - name: EVPN-OVERLAY-PEERS + activate: false neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - description: DC1-LEAF2A - 172.31.255.12: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65001' - description: DC1-SPINE1_Ethernet4 - 172.31.255.14: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65001' - description: DC1-SPINE2_Ethernet4 - 192.168.255.1: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-SPINE1 - remote_as: '65001' - 192.168.255.2: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-SPINE2 - remote_as: '65001' + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + peer: DC1-LEAF2A + description: DC1-LEAF2A + - ip_address: 172.31.255.12 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65001' + peer: DC1-SPINE1 + description: DC1-SPINE1_Ethernet4 + - ip_address: 172.31.255.14 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65001' + peer: DC1-SPINE2 + description: DC1-SPINE2_Ethernet4 + - ip_address: 192.168.255.1 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-SPINE1 + description: DC1-SPINE1 + remote_as: '65001' + - ip_address: 192.168.255.2 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-SPINE2 + description: DC1-SPINE2 + remote_as: '65001' redistribute_routes: - connected: - route_map: RM-CONN-2-BGP + - source_protocol: connected + route_map: RM-CONN-2-BGP address_family_evpn: peer_groups: - EVPN-OVERLAY-PEERS: - activate: true + - name: EVPN-OVERLAY-PEERS + activate: true vrfs: - Tenant_A_APP_Zone: - router_id: 192.168.255.6 - rd: 192.168.255.6:12 - route_targets: - import: - evpn: - - '12:12' - export: - evpn: - - '12:12' - neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_DB_Zone: - router_id: 192.168.255.6 - rd: 192.168.255.6:13 - route_targets: - import: - evpn: - - '13:13' - export: - evpn: - - '13:13' - neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_OP_Zone: - router_id: 192.168.255.6 - rd: 192.168.255.6:10 - route_targets: - import: - evpn: - - '10:10' - export: - evpn: - - '10:10' - neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_WAN_Zone: - router_id: 192.168.255.6 - rd: 192.168.255.6:14 - route_targets: - import: - evpn: - - '14:14' - export: - evpn: - - '14:14' - neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_A_WEB_Zone: - router_id: 192.168.255.6 - rd: 192.168.255.6:11 - route_targets: - import: - evpn: - - '11:11' - export: - evpn: - - '11:11' - neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_B_OP_Zone: - router_id: 192.168.255.6 - rd: 192.168.255.6:20 - route_targets: - import: - evpn: - - '20:20' - export: - evpn: - - '20:20' - neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_B_WAN_Zone: - router_id: 192.168.255.6 - rd: 192.168.255.6:21 - route_targets: - import: - evpn: - - '21:21' - export: - evpn: - - '21:21' - neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_C_OP_Zone: - router_id: 192.168.255.6 - rd: 192.168.255.6:30 - route_targets: - import: - evpn: - - '30:30' - export: - evpn: - - '30:30' - neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - Tenant_C_WAN_Zone: - router_id: 192.168.255.6 - rd: 192.168.255.6:31 - route_targets: - import: - evpn: - - '31:31' - export: - evpn: - - '31:31' - neighbors: - 10.255.251.4: - peer_group: MLAG-IPv4-UNDERLAY-PEER - redistribute_routes: - - connected - vlan_aware_bundles: - Tenant_A_APP_Zone: - rd: 192.168.255.6:12 - route_targets: - both: + - name: Tenant_A_APP_Zone + router_id: 192.168.255.6 + rd: 192.168.255.6:12 + route_targets: + import: + - address_family: evpn + route_targets: + - '12:12' + export: + - address_family: evpn + route_targets: - '12:12' - redistribute_routes: - - learned - vlan: 130-131 - Tenant_A_DB_Zone: - rd: 192.168.255.6:13 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_A_DB_Zone + router_id: 192.168.255.6 + rd: 192.168.255.6:13 + route_targets: + import: + - address_family: evpn + route_targets: + - '13:13' + export: + - address_family: evpn + route_targets: - '13:13' - redistribute_routes: - - learned - vlan: 140-141 - Tenant_A_OP_Zone: - rd: 192.168.255.6:10 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_A_OP_Zone + router_id: 192.168.255.6 + rd: 192.168.255.6:10 + route_targets: + import: + - address_family: evpn + route_targets: + - '10:10' + export: + - address_family: evpn + route_targets: - '10:10' - redistribute_routes: - - learned - vlan: 110-112 - Tenant_A_WAN_Zone: - rd: 192.168.255.6:14 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_A_WAN_Zone + router_id: 192.168.255.6 + rd: 192.168.255.6:14 + route_targets: + import: + - address_family: evpn + route_targets: - '14:14' - redistribute_routes: - - learned - vlan: 150 - Tenant_A_WEB_Zone: - rd: 192.168.255.6:11 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '14:14' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_A_WEB_Zone + router_id: 192.168.255.6 + rd: 192.168.255.6:11 + route_targets: + import: + - address_family: evpn + route_targets: - '11:11' - redistribute_routes: - - learned - vlan: 120-121 - Tenant_A_VMOTION: - tenant: Tenant_A - rd: 192.168.255.6:55160 - route_targets: - both: - - 55160:55160 - redistribute_routes: - - learned - vlan: 160 - Tenant_A_NFS: - tenant: Tenant_A - rd: 192.168.255.6:10161 - route_targets: - both: - - 10161:10161 - redistribute_routes: - - learned - vlan: 161 - Tenant_B_OP_Zone: - rd: 192.168.255.6:20 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '11:11' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_B_OP_Zone + router_id: 192.168.255.6 + rd: 192.168.255.6:20 + route_targets: + import: + - address_family: evpn + route_targets: - '20:20' - redistribute_routes: - - learned - vlan: 210-211 - Tenant_B_WAN_Zone: - rd: 192.168.255.6:21 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '20:20' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_B_WAN_Zone + router_id: 192.168.255.6 + rd: 192.168.255.6:21 + route_targets: + import: + - address_family: evpn + route_targets: - '21:21' - redistribute_routes: - - learned - vlan: 250 - Tenant_C_OP_Zone: - rd: 192.168.255.6:30 - route_targets: - both: + export: + - address_family: evpn + route_targets: + - '21:21' + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_C_OP_Zone + router_id: 192.168.255.6 + rd: 192.168.255.6:30 + route_targets: + import: + - address_family: evpn + route_targets: + - '30:30' + export: + - address_family: evpn + route_targets: - '30:30' - redistribute_routes: - - learned - vlan: 310-311 - Tenant_C_WAN_Zone: - rd: 192.168.255.6:31 - route_targets: - both: + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + - name: Tenant_C_WAN_Zone + router_id: 192.168.255.6 + rd: 192.168.255.6:31 + route_targets: + import: + - address_family: evpn + route_targets: + - '31:31' + export: + - address_family: evpn + route_targets: - '31:31' - redistribute_routes: - - learned - vlan: 350 + redistribute_routes: + - source_protocol: connected + neighbors: + - ip_address: 10.255.251.4 + peer_group: MLAG-IPv4-UNDERLAY-PEER + vlan_aware_bundles: + - name: Tenant_A_APP_Zone + rd: 192.168.255.6:12 + route_targets: + both: + - '12:12' + redistribute_routes: + - learned + vlan: 130-131 + - name: Tenant_A_DB_Zone + rd: 192.168.255.6:13 + route_targets: + both: + - '13:13' + redistribute_routes: + - learned + vlan: 140-141 + - name: Tenant_A_OP_Zone + rd: 192.168.255.6:10 + route_targets: + both: + - '10:10' + redistribute_routes: + - learned + vlan: 110-112 + - name: Tenant_A_WAN_Zone + rd: 192.168.255.6:14 + route_targets: + both: + - '14:14' + redistribute_routes: + - learned + vlan: '150' + - name: Tenant_A_WEB_Zone + rd: 192.168.255.6:11 + route_targets: + both: + - '11:11' + redistribute_routes: + - learned + vlan: 120-121 + - name: Tenant_A_NFS + tenant: Tenant_A + rd: 192.168.255.6:10161 + route_targets: + both: + - 10161:10161 + redistribute_routes: + - learned + vlan: '161' + - name: Tenant_A_VMOTION + tenant: Tenant_A + rd: 192.168.255.6:55160 + route_targets: + both: + - 55160:55160 + redistribute_routes: + - learned + vlan: '160' + - name: Tenant_B_OP_Zone + rd: 192.168.255.6:20 + route_targets: + both: + - '20:20' + redistribute_routes: + - learned + vlan: 210-211 + - name: Tenant_B_WAN_Zone + rd: 192.168.255.6:21 + route_targets: + both: + - '21:21' + redistribute_routes: + - learned + vlan: '250' + - name: Tenant_C_OP_Zone + rd: 192.168.255.6:30 + route_targets: + both: + - '30:30' + redistribute_routes: + - learned + vlan: 310-311 + - name: Tenant_C_WAN_Zone + rd: 192.168.255.6:31 + route_targets: + both: + - '31:31' + redistribute_routes: + - learned + vlan: '350' + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 @@ -301,7 +334,8 @@ daemon_terminattr: cvaddrs: - 10.255.0.1:9910 cvauth: - method: key + method: token + token_file: /tmp/token cvvrf: MGMT smashexcludes: ale,flexCounter,hardware,kni,pulse,strata ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent @@ -311,501 +345,489 @@ vlan_internal_order: range: beginning: 1006 ending: 1199 -name_server: - source: - vrf: MGMT - nodes: - - 192.168.2.1 - - 8.8.8.8 spanning_tree: mode: mstp mst_instances: - '0': - priority: 16384 + - id: '0' + priority: 16384 no_spanning_tree_vlan: 4093-4094 local_users: - admin: - privilege: 15 - role: network-admin - sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 - ansible: - privilege: 15 - role: network-admin - sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ - cvpadmin: - privilege: 15 - role: network-admin - sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +- name: admin + privilege: 15 + role: network-admin + sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 +- name: ansible + privilege: 15 + role: network-admin + sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ +- name: cvpadmin + privilege: 15 + role: network-admin + sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. vrfs: - MGMT: - ip_routing: false - Tenant_A_APP_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_DB_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_OP_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_WAN_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_A_WEB_Zone: - tenant: Tenant_A - ip_routing: true - Tenant_B_OP_Zone: - tenant: Tenant_B - ip_routing: true - Tenant_B_WAN_Zone: - tenant: Tenant_B - ip_routing: true - Tenant_C_OP_Zone: - tenant: Tenant_C - ip_routing: true - Tenant_C_WAN_Zone: - tenant: Tenant_C - ip_routing: true +- name: MGMT + ip_routing: false +- name: Tenant_A_APP_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_DB_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_OP_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_WAN_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_A_WEB_Zone + tenant: Tenant_A + ip_routing: true +- name: Tenant_B_OP_Zone + tenant: Tenant_B + ip_routing: true +- name: Tenant_B_WAN_Zone + tenant: Tenant_B + ip_routing: true +- name: Tenant_C_OP_Zone + tenant: Tenant_C + ip_routing: true +- name: Tenant_C_WAN_Zone + tenant: Tenant_C + ip_routing: true management_interfaces: - Management1: - description: oob_management - shutdown: false - vrf: MGMT - ip_address: 10.255.0.16/24 - gateway: 10.255.0.1 - type: oob +- name: Management1 + description: oob_management + shutdown: false + vrf: MGMT + ip_address: 10.255.0.16/24 + gateway: 10.255.0.1 + type: oob management_api_http: enable_vrfs: - MGMT: {} + - name: MGMT enable_https: true vlans: - 4093: - tenant: system - name: LEAF_PEER_L3 - trunk_groups: - - LEAF_PEER_L3 - 4094: - tenant: system - name: MLAG_PEER - trunk_groups: - - MLAG - 130: - tenant: Tenant_A - name: Tenant_A_APP_Zone_1 - 131: - tenant: Tenant_A - name: Tenant_A_APP_Zone_2 - 3011: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_APP_Zone - trunk_groups: - - LEAF_PEER_L3 - 140: - tenant: Tenant_A - name: Tenant_A_DB_BZone_1 - 141: - tenant: Tenant_A - name: Tenant_A_DB_Zone_2 - 3012: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_DB_Zone - trunk_groups: - - LEAF_PEER_L3 - 110: - tenant: Tenant_A - name: Tenant_A_OP_Zone_1 - 111: - tenant: Tenant_A - name: Tenant_A_OP_Zone_2 - 112: - tenant: Tenant_A - name: Tenant_A_OP_Zone_3 - 3009: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 150: - tenant: Tenant_A - name: Tenant_A_WAN_Zone_1 - 3013: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 - 120: - tenant: Tenant_A - name: Tenant_A_WEB_Zone_1 - 121: - tenant: Tenant_A - name: Tenant_A_WEBZone_2 - 3010: - tenant: Tenant_A - name: MLAG_iBGP_Tenant_A_WEB_Zone - trunk_groups: - - LEAF_PEER_L3 - 160: - tenant: Tenant_A - name: Tenant_A_VMOTION - 161: - tenant: Tenant_A - name: Tenant_A_NFS - 210: - tenant: Tenant_B - name: Tenant_B_OP_Zone_1 - 211: - tenant: Tenant_B - name: Tenant_B_OP_Zone_2 - 3019: - tenant: Tenant_B - name: MLAG_iBGP_Tenant_B_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 250: - tenant: Tenant_B - name: Tenant_B_WAN_Zone_1 - 3020: - tenant: Tenant_B - name: MLAG_iBGP_Tenant_B_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 - 310: - tenant: Tenant_C - name: Tenant_C_OP_Zone_1 - 311: - tenant: Tenant_C - name: Tenant_C_OP_Zone_2 - 3029: - tenant: Tenant_C - name: MLAG_iBGP_Tenant_C_OP_Zone - trunk_groups: - - LEAF_PEER_L3 - 350: - tenant: Tenant_C - name: Tenant_C_WAN_Zone_1 - 3030: - tenant: Tenant_C - name: MLAG_iBGP_Tenant_C_WAN_Zone - trunk_groups: - - LEAF_PEER_L3 +- id: 4093 + tenant: system + name: LEAF_PEER_L3 + trunk_groups: + - LEAF_PEER_L3 +- id: 4094 + tenant: system + name: MLAG_PEER + trunk_groups: + - MLAG +- id: 130 + name: Tenant_A_APP_Zone_1 + tenant: Tenant_A +- id: 131 + name: Tenant_A_APP_Zone_2 + tenant: Tenant_A +- id: 3011 + name: MLAG_iBGP_Tenant_A_APP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 140 + name: Tenant_A_DB_BZone_1 + tenant: Tenant_A +- id: 141 + name: Tenant_A_DB_Zone_2 + tenant: Tenant_A +- id: 3012 + name: MLAG_iBGP_Tenant_A_DB_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 110 + name: Tenant_A_OP_Zone_1 + tenant: Tenant_A +- id: 111 + name: Tenant_A_OP_Zone_2 + tenant: Tenant_A +- id: 112 + name: Tenant_A_OP_Zone_3 + tenant: Tenant_A +- id: 3009 + name: MLAG_iBGP_Tenant_A_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 150 + name: Tenant_A_WAN_Zone_1 + tenant: Tenant_A +- id: 3013 + name: MLAG_iBGP_Tenant_A_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 120 + name: Tenant_A_WEB_Zone_1 + tenant: Tenant_A +- id: 121 + name: Tenant_A_WEBZone_2 + tenant: Tenant_A +- id: 3010 + name: MLAG_iBGP_Tenant_A_WEB_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A +- id: 160 + name: Tenant_A_VMOTION + tenant: Tenant_A +- id: 161 + name: Tenant_A_NFS + tenant: Tenant_A +- id: 210 + name: Tenant_B_OP_Zone_1 + tenant: Tenant_B +- id: 211 + name: Tenant_B_OP_Zone_2 + tenant: Tenant_B +- id: 3019 + name: MLAG_iBGP_Tenant_B_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_B +- id: 250 + name: Tenant_B_WAN_Zone_1 + tenant: Tenant_B +- id: 3020 + name: MLAG_iBGP_Tenant_B_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_B +- id: 310 + name: Tenant_C_OP_Zone_1 + tenant: Tenant_C +- id: 311 + name: Tenant_C_OP_Zone_2 + tenant: Tenant_C +- id: 3029 + name: MLAG_iBGP_Tenant_C_OP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_C +- id: 350 + name: Tenant_C_WAN_Zone_1 + tenant: Tenant_C +- id: 3030 + name: MLAG_iBGP_Tenant_C_WAN_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_C vlan_interfaces: - Vlan4093: - description: MLAG_PEER_L3_PEERING - shutdown: false - ip_address: 10.255.251.5/31 - mtu: 1500 - Vlan4094: - description: MLAG_PEER - shutdown: false - ip_address: 10.255.252.5/31 - no_autostate: true - mtu: 1500 - Vlan130: - tenant: Tenant_A - tags: - - app - - erp1 - description: Tenant_A_APP_Zone_1 - shutdown: false - vrf: Tenant_A_APP_Zone - Vlan131: - tenant: Tenant_A - tags: - - app - description: Tenant_A_APP_Zone_2 - shutdown: false - vrf: Tenant_A_APP_Zone - ip_address_virtual: 10.1.31.254/24 - Vlan3011: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone' - vrf: Tenant_A_APP_Zone - ip_address: 10.255.251.5/31 - mtu: 1500 - Vlan140: - tenant: Tenant_A - tags: - - db - - erp1 - description: Tenant_A_DB_BZone_1 - shutdown: false - vrf: Tenant_A_DB_Zone - ip_address_virtual: 10.1.40.1/24 - Vlan141: - tenant: Tenant_A - tags: - - db - description: Tenant_A_DB_Zone_2 - shutdown: false - vrf: Tenant_A_DB_Zone - ip_address_virtual: 10.1.41.1/24 - Vlan3012: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone' - vrf: Tenant_A_DB_Zone - ip_address: 10.255.251.5/31 - mtu: 1500 - Vlan110: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_1 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.10.1/24 - Vlan111: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_2 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.11.1/24 - Vlan112: - tenant: Tenant_A - tags: - - opzone - description: Tenant_A_OP_Zone_3 - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address_virtual: 10.1.12.254/24 - Vlan3009: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone' - vrf: Tenant_A_OP_Zone - ip_address: 10.255.251.5/31 - mtu: 1500 - Vlan150: - tenant: Tenant_A - tags: - - wan - description: Tenant_A_WAN_Zone_1 - shutdown: false - vrf: Tenant_A_WAN_Zone - ip_address_virtual: 10.1.40.1/24 - Vlan3013: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone' - vrf: Tenant_A_WAN_Zone - ip_address: 10.255.251.5/31 - mtu: 1500 - Vlan120: - tenant: Tenant_A - tags: - - web - - erp1 - description: Tenant_A_WEB_Zone_1 - shutdown: false - vrf: Tenant_A_WEB_Zone - Vlan121: - tenant: Tenant_A - tags: - - web - description: Tenant_A_WEBZone_2 - shutdown: false - vrf: Tenant_A_WEB_Zone - ip_address_virtual: 10.1.21.1/24 - Vlan3010: - tenant: Tenant_A - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone' - vrf: Tenant_A_WEB_Zone - ip_address: 10.255.251.5/31 - mtu: 1500 - Vlan210: - tenant: Tenant_B - tags: - - opzone - description: Tenant_B_OP_Zone_1 - shutdown: false - vrf: Tenant_B_OP_Zone - Vlan211: - tenant: Tenant_B - tags: - - opzone - description: Tenant_B_OP_Zone_2 - shutdown: false - vrf: Tenant_B_OP_Zone - ip_address_virtual: 10.2.11.1/24 - Vlan3019: - tenant: Tenant_B - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone' - vrf: Tenant_B_OP_Zone - ip_address: 10.255.251.5/31 - mtu: 1500 - Vlan250: - tenant: Tenant_B - tags: - - wan - description: Tenant_B_WAN_Zone_1 - shutdown: false - vrf: Tenant_B_WAN_Zone - ip_address_virtual: 10.2.50.1/24 - Vlan3020: - tenant: Tenant_B - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone' - vrf: Tenant_B_WAN_Zone - ip_address: 10.255.251.5/31 - mtu: 1500 - Vlan310: - tenant: Tenant_C - tags: - - opzone - description: Tenant_C_OP_Zone_1 - shutdown: false - vrf: Tenant_C_OP_Zone - Vlan311: - tenant: Tenant_C - tags: - - opzone - description: Tenant_C_OP_Zone_2 - shutdown: false - vrf: Tenant_C_OP_Zone - Vlan3029: - tenant: Tenant_C - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone' - vrf: Tenant_C_OP_Zone - ip_address: 10.255.251.5/31 - mtu: 1500 - Vlan350: - tenant: Tenant_C - tags: - - wan - description: Tenant_C_WAN_Zone_1 - shutdown: false - vrf: Tenant_C_WAN_Zone - Vlan3030: - tenant: Tenant_C - type: underlay_peering - shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone' - vrf: Tenant_C_WAN_Zone - ip_address: 10.255.251.5/31 - mtu: 1500 +- name: Vlan4093 + description: MLAG_PEER_L3_PEERING + shutdown: false + ip_address: 10.255.251.5/31 +- name: Vlan4094 + description: MLAG_PEER + shutdown: false + no_autostate: true + ip_address: 10.255.252.5/31 +- name: Vlan130 + tenant: Tenant_A + tags: + - app + - erp1 + description: Tenant_A_APP_Zone_1 + shutdown: false + vrf: Tenant_A_APP_Zone +- name: Vlan131 + tenant: Tenant_A + tags: + - app + description: Tenant_A_APP_Zone_2 + shutdown: false + ip_address_virtual: 10.1.31.254/24 + vrf: Tenant_A_APP_Zone +- name: Vlan3011 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone' + vrf: Tenant_A_APP_Zone + mtu: null + ip_address: 10.255.251.5/31 +- name: Vlan140 + tenant: Tenant_A + tags: + - db + - erp1 + description: Tenant_A_DB_BZone_1 + shutdown: false + ip_address_virtual: 10.1.40.1/24 + vrf: Tenant_A_DB_Zone +- name: Vlan141 + tenant: Tenant_A + tags: + - db + description: Tenant_A_DB_Zone_2 + shutdown: false + ip_address_virtual: 10.1.41.1/24 + vrf: Tenant_A_DB_Zone +- name: Vlan3012 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone' + vrf: Tenant_A_DB_Zone + mtu: null + ip_address: 10.255.251.5/31 +- name: Vlan110 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_1 + shutdown: false + ip_address_virtual: 10.1.10.1/24 + vrf: Tenant_A_OP_Zone +- name: Vlan111 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.1.11.1/24 + vrf: Tenant_A_OP_Zone +- name: Vlan112 + tenant: Tenant_A + tags: + - opzone + description: Tenant_A_OP_Zone_3 + shutdown: false + ip_address_virtual: 10.1.12.254/24 + vrf: Tenant_A_OP_Zone +- name: Vlan3009 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone' + vrf: Tenant_A_OP_Zone + mtu: null + ip_address: 10.255.251.5/31 +- name: Vlan150 + tenant: Tenant_A + tags: + - wan + description: Tenant_A_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.1.40.1/24 + vrf: Tenant_A_WAN_Zone +- name: Vlan3013 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone' + vrf: Tenant_A_WAN_Zone + mtu: null + ip_address: 10.255.251.5/31 +- name: Vlan120 + tenant: Tenant_A + tags: + - web + - erp1 + description: Tenant_A_WEB_Zone_1 + shutdown: false + vrf: Tenant_A_WEB_Zone +- name: Vlan121 + tenant: Tenant_A + tags: + - web + description: Tenant_A_WEBZone_2 + shutdown: false + ip_address_virtual: 10.1.21.1/24 + vrf: Tenant_A_WEB_Zone +- name: Vlan3010 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone' + vrf: Tenant_A_WEB_Zone + mtu: null + ip_address: 10.255.251.5/31 +- name: Vlan210 + tenant: Tenant_B + tags: + - opzone + description: Tenant_B_OP_Zone_1 + shutdown: false + vrf: Tenant_B_OP_Zone +- name: Vlan211 + tenant: Tenant_B + tags: + - opzone + description: Tenant_B_OP_Zone_2 + shutdown: false + ip_address_virtual: 10.2.11.1/24 + vrf: Tenant_B_OP_Zone +- name: Vlan3019 + tenant: Tenant_B + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone' + vrf: Tenant_B_OP_Zone + mtu: null + ip_address: 10.255.251.5/31 +- name: Vlan250 + tenant: Tenant_B + tags: + - wan + description: Tenant_B_WAN_Zone_1 + shutdown: false + ip_address_virtual: 10.2.50.1/24 + vrf: Tenant_B_WAN_Zone +- name: Vlan3020 + tenant: Tenant_B + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone' + vrf: Tenant_B_WAN_Zone + mtu: null + ip_address: 10.255.251.5/31 +- name: Vlan310 + tenant: Tenant_C + tags: + - opzone + description: Tenant_C_OP_Zone_1 + shutdown: false + vrf: Tenant_C_OP_Zone +- name: Vlan311 + tenant: Tenant_C + tags: + - opzone + description: Tenant_C_OP_Zone_2 + shutdown: false + vrf: Tenant_C_OP_Zone +- name: Vlan3029 + tenant: Tenant_C + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone' + vrf: Tenant_C_OP_Zone + mtu: null + ip_address: 10.255.251.5/31 +- name: Vlan350 + tenant: Tenant_C + tags: + - wan + description: Tenant_C_WAN_Zone_1 + shutdown: false + vrf: Tenant_C_WAN_Zone +- name: Vlan3030 + tenant: Tenant_C + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone' + vrf: Tenant_C_WAN_Zone + mtu: null + ip_address: 10.255.251.5/31 port_channel_interfaces: - Port-Channel3: - description: MLAG_PEER_DC1-LEAF2A_Po3 - type: switched - shutdown: false - vlans: 2-4094 - mode: trunk - trunk_groups: - - LEAF_PEER_L3 - - MLAG - Port-Channel5: - description: DC1-L2LEAF2A_Po1 - type: switched - shutdown: false - vlans: 110-112,120-121,130-131 - mode: trunk - mlag: 5 +- name: Port-Channel3 + description: MLAG_PEER_DC1-LEAF2A_Po3 + type: switched + shutdown: false + mode: trunk + trunk_groups: + - LEAF_PEER_L3 + - MLAG +- name: Port-Channel5 + description: DC1-L2LEAF2A_Po1 + type: switched + shutdown: false + mode: trunk + vlans: 110-112,120-121,130-131 + mlag: 5 ethernet_interfaces: - Ethernet3: - peer: DC1-LEAF2A - peer_interface: Ethernet3 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF2A_Ethernet3 - type: switched - shutdown: false - channel_group: - id: 3 - mode: active - Ethernet4: - peer: DC1-LEAF2A - peer_interface: Ethernet4 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF2A_Ethernet4 - type: switched - shutdown: false - channel_group: - id: 3 - mode: active - Ethernet1: - peer: DC1-SPINE1 - peer_interface: Ethernet4 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE1_Ethernet4 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.13/31 - Ethernet2: - peer: DC1-SPINE2 - peer_interface: Ethernet4 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE2_Ethernet4 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.15/31 - Ethernet5: - peer: DC1-L2LEAF2A - peer_interface: Ethernet2 - peer_type: l2leaf - description: DC1-L2LEAF2A_Ethernet2 - type: switched - shutdown: false - channel_group: - id: 5 - mode: active +- name: Ethernet3 + peer: DC1-LEAF2A + peer_interface: Ethernet3 + peer_type: mlag_peer + description: MLAG_PEER_DC1-LEAF2A_Ethernet3 + type: port-channel-member + shutdown: false + channel_group: + id: 3 + mode: active +- name: Ethernet4 + peer: DC1-LEAF2A + peer_interface: Ethernet4 + peer_type: mlag_peer + description: MLAG_PEER_DC1-LEAF2A_Ethernet4 + type: port-channel-member + shutdown: false + channel_group: + id: 3 + mode: active +- name: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + description: P2P_LINK_TO_DC1-SPINE1_Ethernet4 + shutdown: false + type: routed + ip_address: 172.31.255.13/31 +- name: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + description: P2P_LINK_TO_DC1-SPINE2_Ethernet4 + shutdown: false + type: routed + ip_address: 172.31.255.15/31 +- name: Ethernet5 + peer: DC1-L2LEAF2A + peer_interface: Ethernet2 + peer_type: l2leaf + description: DC1-L2LEAF2A_Ethernet2 + shutdown: false + type: port-channel-member + channel_group: + id: 5 + mode: active mlag_configuration: domain_id: DC1_LEAF2 local_interface: Vlan4094 peer_address: 10.255.252.4 peer_link: Port-Channel3 - reload_delay_mlag: 300 - reload_delay_non_mlag: 330 + reload_delay_mlag: '300' + reload_delay_non_mlag: '330' route_maps: - RM-MLAG-PEER-IN: - sequence_numbers: - 10: - type: permit - set: - - origin incomplete - description: Make routes learned over MLAG Peer-link less preferred on spines - to ensure optimal routing - RM-CONN-2-BGP: - sequence_numbers: - 10: - type: permit - match: - - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +- name: RM-MLAG-PEER-IN + sequence_numbers: + - sequence: 10 + type: permit + set: + - origin incomplete + description: Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing +- name: RM-CONN-2-BGP + sequence_numbers: + - sequence: 10 + type: permit + match: + - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY loopback_interfaces: - Loopback0: - description: EVPN_Overlay_Peering - shutdown: false - ip_address: 192.168.255.6/32 - Loopback1: - description: VTEP_VXLAN_Tunnel_Source - shutdown: false - ip_address: 192.168.254.5/32 - Loopback100: - description: Tenant_A_OP_Zone_VTEP_DIAGNOSTICS - shutdown: false - vrf: Tenant_A_OP_Zone - ip_address: 10.255.1.6/32 +- name: Loopback0 + description: EVPN_Overlay_Peering + shutdown: false + ip_address: 192.168.255.6/32 +- name: Loopback1 + description: VTEP_VXLAN_Tunnel_Source + shutdown: false + ip_address: 192.168.254.5/32 +- name: Loopback100 + description: Tenant_A_OP_Zone_VTEP_DIAGNOSTICS + shutdown: false + vrf: Tenant_A_OP_Zone + ip_address: 10.255.1.6/32 prefix_lists: - PL-LOOPBACKS-EVPN-OVERLAY: - sequence_numbers: - 10: - action: permit 192.168.255.0/24 eq 32 - 20: - action: permit 192.168.254.0/24 eq 32 +- name: PL-LOOPBACKS-EVPN-OVERLAY + sequence_numbers: + - sequence: 10 + action: permit 192.168.255.0/24 eq 32 + - sequence: 20 + action: permit 192.168.254.0/24 eq 32 router_bfd: multihop: interval: 1200 @@ -813,73 +835,75 @@ router_bfd: multiplier: 3 ip_igmp_snooping: globally_enabled: true +ip_virtual_router_mac_address: 00:1c:73:00:dc:01 vxlan_interface: Vxlan1: description: DC1-LEAF2B_VTEP vxlan: + udp_port: 4789 source_interface: Loopback1 virtual_router_encapsulation_mac_address: mlag-system-id - udp_port: 4789 vlans: - 130: - vni: 10130 - 131: - vni: 10131 - 140: - vni: 10140 - 141: - vni: 10141 - 110: - vni: 10110 - 111: - vni: 50111 - 112: - vni: 50112 - 150: - vni: 10150 - 120: - vni: 10120 - 121: - vni: 10121 - 160: - vni: 55160 - 161: - vni: 10161 - 210: - vni: 20210 - 211: - vni: 20211 - 250: - vni: 20250 - 310: - vni: 30310 - 311: - vni: 30311 - 350: - vni: 30350 + - id: 130 + vni: 10130 + - id: 131 + vni: 10131 + - id: 140 + vni: 10140 + - id: 141 + vni: 10141 + - id: 110 + vni: 10110 + - id: 111 + vni: 50111 + - id: 112 + vni: 50112 + - id: 150 + vni: 10150 + - id: 120 + vni: 10120 + - id: 121 + vni: 10121 + - id: 160 + vni: 55160 + - id: 161 + vni: 10161 + - id: 210 + vni: 20210 + - id: 211 + vni: 20211 + - id: 250 + vni: 20250 + - id: 310 + vni: 30310 + - id: 311 + vni: 30311 + - id: 350 + vni: 30350 vrfs: - Tenant_A_APP_Zone: - vni: 12 - Tenant_A_DB_Zone: - vni: 13 - Tenant_A_OP_Zone: - vni: 10 - Tenant_A_WAN_Zone: - vni: 14 - Tenant_A_WEB_Zone: - vni: 11 - Tenant_B_OP_Zone: - vni: 20 - Tenant_B_WAN_Zone: - vni: 21 - Tenant_C_OP_Zone: - vni: 30 - Tenant_C_WAN_Zone: - vni: 31 + - name: Tenant_A_APP_Zone + vni: 12 + - name: Tenant_A_DB_Zone + vni: 13 + - name: Tenant_A_OP_Zone + vni: 10 + - name: Tenant_A_WAN_Zone + vni: 14 + - name: Tenant_A_WEB_Zone + vni: 11 + - name: Tenant_B_OP_Zone + vni: 20 + - name: Tenant_B_WAN_Zone + vni: 21 + - name: Tenant_C_OP_Zone + vni: 30 + - name: Tenant_C_WAN_Zone + vni: 31 virtual_source_nat_vrfs: - Tenant_A_OP_Zone: - ip_address: 10.255.1.6 -ip_virtual_router_mac_address: 00:1c:73:00:dc:01 +- name: Tenant_A_OP_Zone + ip_address: 10.255.1.6 +metadata: + platform: vEOS-LAB ntp: local_interface: name: Management1 diff --git a/inventory/intended/structured_configs/DC1-SPINE1-debug-vars.yml b/inventory/intended/structured_configs/DC1-SPINE1-debug-vars.yml index 3730b2546..7192b275a 100644 --- a/inventory/intended/structured_configs/DC1-SPINE1-debug-vars.yml +++ b/inventory/intended/structured_configs/DC1-SPINE1-debug-vars.yml @@ -20,14 +20,16 @@ local_users: privilege: 15 role: network-admin sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -cvp_instance_ip: 10.255.0.1 -cvp_ingestauth_key: '' +cvp_instance_ips: +- 10.255.0.1 mgmt_interface: Management1 mgmt_interface_vrf: MGMT mgmt_gateway: 10.255.0.1 -name_servers: -- 192.168.2.1 -- 8.8.8.8 +ip_name_servers: +- ip_address: 192.168.2.1 + vrf: MGMT +- ip_address: 8.8.8.8 + vrf: MGMT custom_structured_configuration_ntp: local_interface: name: Management1 @@ -39,26 +41,33 @@ custom_structured_configuration_ntp: - name: 1.fr.pool.ntp.org vrf: MGMT fabric_name: DC1_FABRIC -vxlan_vlan_aware_bundles: true +evpn_vlan_aware_bundles: true bgp_peer_groups: - IPv4_UNDERLAY_PEERS: + ipv4_underlay_peers: password: AQQvKeimxJu+uGQ/yYvv9w== - EVPN_OVERLAY_PEERS: + evpn_overlay_peers: password: q+VNViP5i4rVjW1cxFv2wA== - MLAG_IPv4_UNDERLAY_PEER: + mlag_ipv4_underlay_peer: password: vnEaG8gMeQf3d3cN6PktXQ== spine: defaults: platform: vEOS-LAB bgp_as: 65001 loopback_ipv4_pool: 192.168.255.0/24 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart mlag_peer_ipv4_pool: 10.255.252.0/24 mlag_peer_l3_ipv4_pool: 10.255.251.0/24 + structured_config: + router_bgp: + bgp: + default: + ipv4_unicast: false + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 nodes: DC1-SPINE1: id: 1 @@ -85,11 +94,18 @@ l3leaf: mlag_peer_ipv4_pool: 10.255.252.0/24 mlag_peer_l3_ipv4_pool: 10.255.251.0/24 virtual_router_mac_address: 00:1c:73:00:dc:01 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart + structured_config: + router_bgp: + bgp: + default: + ipv4_unicast: false + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 spanning_tree_mode: mstp spanning_tree_priority: 16384 node_groups: @@ -150,9 +166,9 @@ l2leaf: tenants: - Tenant_A tags: + - app - opzone - web - - app nodes: DC1-L2LEAF1A: id: 5 @@ -168,9 +184,9 @@ l2leaf: tenants: - Tenant_A tags: + - app - opzone - web - - app nodes: DC1-L2LEAF2A: id: 7 @@ -178,13 +194,28 @@ l2leaf: uplink_switch_interfaces: - Ethernet5 - Ethernet5 -p2p_uplinks_mtu: 1500 +p2p_uplinks_mtu: 9000 bfd_multihop: interval: 1200 min_rx: 1200 multiplier: 3 -inventory_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml -inventory_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory +platform_settings: +- platforms: + - default +- platforms: + - vEOS-LAB + reload_delay: + mlag: 300 + non_mlag: 330 + feature_support: + queue_monitor_length_notify: false + interface_storm_control: false + poe: false + per_interface_mtu: false + bgp_update_wait_install: false + bgp_update_wait_for_convergence: false +inventory_file: /Users/pvinci/ansible-avd-cloudvision-demo/inventory/inventory.yml +inventory_dir: /Users/pvinci/ansible-avd-cloudvision-demo/inventory ansible_host: 10.255.0.11 inventory_hostname: DC1-SPINE1 inventory_hostname_short: DC1-SPINE1 @@ -193,125 +224,874 @@ group_names: - DC1_FABRIC - DC1_SPINES ansible_facts: - switch: - type: spine - node_type_key: spine - connected_endpoints: false - default_evpn_role: server - mlag_support: false - network_services_l2: false - network_services_l3: false - underlay_router: true - uplink_type: p2p - vtep: false - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - id: 1 - mgmt_ip: 10.255.0.11/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - spanning_tree_mode: none - max_uplink_switches: 0 - max_parallel_uplinks: 1 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 0 - router_id: 192.168.255.1 - bgp_as: '65001' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: server - mlag: false - topology: - peers: [] - vlans: [] -switch: - type: spine - node_type_key: spine - connected_endpoints: false - default_evpn_role: server - mlag_support: false - network_services_l2: false - network_services_l3: false - underlay_router: true - uplink_type: p2p - vtep: false - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - id: 1 - mgmt_ip: 10.255.0.11/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - spanning_tree_mode: none - max_uplink_switches: 0 - max_parallel_uplinks: 1 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 0 - router_id: 192.168.255.1 - bgp_as: '65001' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: server - mlag: false -topology: - peers: [] - vlans: [] -playbook_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/playbooks -ansible_playbook_python: /Users/tgrimonet/.pyenv/versions/3.9.7/envs/arista-avd-demo/bin/python3.9 -ansible_config_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/ansible.cfg + avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF1B + - DC1-LEAF1A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF2B + - DC1-LEAF2A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + avd_topology_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-LEAF2A: + - DC1-L2LEAF2A +avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF1B + - DC1-LEAF1A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF2B + - DC1-LEAF2A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] +avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_topology_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-LEAF2A: + - DC1-L2LEAF2A +avd_requirements: + failed: false + changed: false +playbook_dir: /Users/pvinci/ansible-avd-cloudvision-demo/playbooks +ansible_playbook_python: /Users/pvinci/.pyenv/versions/3.11.9/bin/python3 +ansible_config_file: /Users/pvinci/ansible-avd-cloudvision-demo/ansible.cfg groups: all: - cv_ztp @@ -331,12 +1111,12 @@ groups: DC1: - DC1-SPINE1 - DC1-SPINE2 - - DC1-L2LEAF1A - - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B + - DC1-L2LEAF1A + - DC1-L2LEAF2A DC1_FABRIC: - DC1-SPINE1 - DC1-SPINE2 @@ -367,32 +1147,32 @@ groups: - DC1-L2LEAF1A DC1_L2LEAF2: - DC1-L2LEAF2A - DC1_TENANTS_NETWORKS: + NETWORK_SERVICES: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - DC1-L2LEAF1A - DC1-L2LEAF2A - DC1_SERVERS: + DC1_CONNECTED_ENDPOINTS: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - DC1-L2LEAF1A - DC1-L2LEAF2A -omit: __omit_place_holder__977da4f00604c643da39a9f2175c10b09f0b2380 +omit: __omit_place_holder__9e0ee8fc9716456e882c32fe1aa1621f8d1d8ab2 ansible_version: - string: 2.10.14 - full: 2.10.14 + string: 2.16.7 + full: 2.16.7 major: 2 - minor: 10 - revision: 14 + minor: 16 + revision: 7 ansible_check_mode: false ansible_diff_mode: false ansible_forks: 5 ansible_inventory_sources: -- /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml +- /Users/pvinci/ansible-avd-cloudvision-demo/inventory/inventory.yml ansible_skip_tags: [] ansible_run_tags: - build diff --git a/inventory/intended/structured_configs/DC1-SPINE1.yml b/inventory/intended/structured_configs/DC1-SPINE1.yml index 9a98fa014..a94fce651 100644 --- a/inventory/intended/structured_configs/DC1-SPINE1.yml +++ b/inventory/intended/structured_configs/DC1-SPINE1.yml @@ -1,73 +1,90 @@ +hostname: DC1-SPINE1 +is_deployed: true router_bgp: as: '65001' router_id: 192.168.255.1 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - - maximum-paths 4 ecmp 4 + bgp: + default: + ipv4_unicast: false + maximum_paths: + paths: 4 + ecmp: 4 peer_groups: - IPv4-UNDERLAY-PEERS: - type: ipv4 - password: AQQvKeimxJu+uGQ/yYvv9w== - maximum_routes: 12000 - send_community: all - EVPN-OVERLAY-PEERS: - type: evpn - update_source: Loopback0 - bfd: true - ebgp_multihop: '3' - password: q+VNViP5i4rVjW1cxFv2wA== - send_community: all - maximum_routes: 0 - next_hop_unchanged: true + - name: IPv4-UNDERLAY-PEERS + type: ipv4 + password: AQQvKeimxJu+uGQ/yYvv9w== + maximum_routes: 12000 + send_community: all + - name: EVPN-OVERLAY-PEERS + type: evpn + update_source: Loopback0 + bfd: true + password: q+VNViP5i4rVjW1cxFv2wA== + send_community: all + maximum_routes: 0 + ebgp_multihop: 3 + next_hop_unchanged: true address_family_ipv4: peer_groups: - IPv4-UNDERLAY-PEERS: - activate: true - EVPN-OVERLAY-PEERS: - activate: false + - name: IPv4-UNDERLAY-PEERS + activate: true + - name: EVPN-OVERLAY-PEERS + activate: false redistribute_routes: - connected: - route_map: RM-CONN-2-BGP + - source_protocol: connected + route_map: RM-CONN-2-BGP neighbors: - 172.31.255.1: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65101' - description: DC1-LEAF1A_Ethernet1 - 172.31.255.5: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65101' - description: DC1-LEAF1B_Ethernet1 - 172.31.255.9: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65102' - description: DC1-LEAF2A_Ethernet1 - 172.31.255.13: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65102' - description: DC1-LEAF2B_Ethernet1 - 192.168.255.3: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-LEAF1A - remote_as: '65101' - 192.168.255.4: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-LEAF1B - remote_as: '65101' - 192.168.255.5: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-LEAF2A - remote_as: '65102' - 192.168.255.6: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-LEAF2B - remote_as: '65102' + - ip_address: 172.31.255.1 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65101' + peer: DC1-LEAF1A + description: DC1-LEAF1A_Ethernet1 + - ip_address: 172.31.255.5 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65101' + peer: DC1-LEAF1B + description: DC1-LEAF1B_Ethernet1 + - ip_address: 172.31.255.9 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65102' + peer: DC1-LEAF2A + description: DC1-LEAF2A_Ethernet1 + - ip_address: 172.31.255.13 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65102' + peer: DC1-LEAF2B + description: DC1-LEAF2B_Ethernet1 + - ip_address: 192.168.255.3 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-LEAF1A + description: DC1-LEAF1A + remote_as: '65101' + - ip_address: 192.168.255.4 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-LEAF1B + description: DC1-LEAF1B + remote_as: '65101' + - ip_address: 192.168.255.5 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-LEAF2A + description: DC1-LEAF2A + remote_as: '65102' + - ip_address: 192.168.255.6 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-LEAF2B + description: DC1-LEAF2B + remote_as: '65102' address_family_evpn: peer_groups: - EVPN-OVERLAY-PEERS: - activate: true + - name: EVPN-OVERLAY-PEERS + activate: true + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 @@ -78,7 +95,8 @@ daemon_terminattr: cvaddrs: - 10.255.0.1:9910 cvauth: - method: key + method: token + token_file: /tmp/token cvvrf: MGMT smashexcludes: ale,flexCounter,hardware,kni,pulse,strata ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent @@ -88,101 +106,93 @@ vlan_internal_order: range: beginning: 1006 ending: 1199 -name_server: - source: - vrf: MGMT - nodes: - - 192.168.2.1 - - 8.8.8.8 spanning_tree: mode: none local_users: - admin: - privilege: 15 - role: network-admin - sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 - ansible: - privilege: 15 - role: network-admin - sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ - cvpadmin: - privilege: 15 - role: network-admin - sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +- name: admin + privilege: 15 + role: network-admin + sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 +- name: ansible + privilege: 15 + role: network-admin + sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ +- name: cvpadmin + privilege: 15 + role: network-admin + sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. vrfs: - MGMT: - ip_routing: false +- name: MGMT + ip_routing: false management_interfaces: - Management1: - description: oob_management - shutdown: false - vrf: MGMT - ip_address: 10.255.0.11/24 - gateway: 10.255.0.1 - type: oob +- name: Management1 + description: oob_management + shutdown: false + vrf: MGMT + ip_address: 10.255.0.11/24 + gateway: 10.255.0.1 + type: oob management_api_http: enable_vrfs: - MGMT: {} + - name: MGMT enable_https: true ethernet_interfaces: - Ethernet1: - peer: DC1-LEAF1A - peer_interface: Ethernet1 - peer_type: l3leaf - description: P2P_LINK_TO_DC1-LEAF1A_Ethernet1 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.0/31 - Ethernet2: - peer: DC1-LEAF1B - peer_interface: Ethernet1 - peer_type: l3leaf - description: P2P_LINK_TO_DC1-LEAF1B_Ethernet1 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.4/31 - Ethernet3: - peer: DC1-LEAF2A - peer_interface: Ethernet1 - peer_type: l3leaf - description: P2P_LINK_TO_DC1-LEAF2A_Ethernet1 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.8/31 - Ethernet4: - peer: DC1-LEAF2B - peer_interface: Ethernet1 - peer_type: l3leaf - description: P2P_LINK_TO_DC1-LEAF2B_Ethernet1 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.12/31 +- name: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet1 + peer_type: l3leaf + description: P2P_LINK_TO_DC1-LEAF1A_Ethernet1 + shutdown: false + type: routed + ip_address: 172.31.255.0/31 +- name: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet1 + peer_type: l3leaf + description: P2P_LINK_TO_DC1-LEAF1B_Ethernet1 + shutdown: false + type: routed + ip_address: 172.31.255.4/31 +- name: Ethernet3 + peer: DC1-LEAF2A + peer_interface: Ethernet1 + peer_type: l3leaf + description: P2P_LINK_TO_DC1-LEAF2A_Ethernet1 + shutdown: false + type: routed + ip_address: 172.31.255.8/31 +- name: Ethernet4 + peer: DC1-LEAF2B + peer_interface: Ethernet1 + peer_type: l3leaf + description: P2P_LINK_TO_DC1-LEAF2B_Ethernet1 + shutdown: false + type: routed + ip_address: 172.31.255.12/31 loopback_interfaces: - Loopback0: - description: EVPN_Overlay_Peering - shutdown: false - ip_address: 192.168.255.1/32 +- name: Loopback0 + description: EVPN_Overlay_Peering + shutdown: false + ip_address: 192.168.255.1/32 prefix_lists: - PL-LOOPBACKS-EVPN-OVERLAY: - sequence_numbers: - 10: - action: permit 192.168.255.0/24 eq 32 +- name: PL-LOOPBACKS-EVPN-OVERLAY + sequence_numbers: + - sequence: 10 + action: permit 192.168.255.0/24 eq 32 route_maps: - RM-CONN-2-BGP: - sequence_numbers: - 10: - type: permit - match: - - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +- name: RM-CONN-2-BGP + sequence_numbers: + - sequence: 10 + type: permit + match: + - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY router_bfd: multihop: interval: 1200 min_rx: 1200 multiplier: 3 +metadata: + platform: vEOS-LAB ntp: local_interface: name: Management1 diff --git a/inventory/intended/structured_configs/DC1-SPINE2-debug-vars.yml b/inventory/intended/structured_configs/DC1-SPINE2-debug-vars.yml index ea9a96c17..5fc800fe1 100644 --- a/inventory/intended/structured_configs/DC1-SPINE2-debug-vars.yml +++ b/inventory/intended/structured_configs/DC1-SPINE2-debug-vars.yml @@ -20,14 +20,16 @@ local_users: privilege: 15 role: network-admin sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ -cvp_instance_ip: 10.255.0.1 -cvp_ingestauth_key: '' +cvp_instance_ips: +- 10.255.0.1 mgmt_interface: Management1 mgmt_interface_vrf: MGMT mgmt_gateway: 10.255.0.1 -name_servers: -- 192.168.2.1 -- 8.8.8.8 +ip_name_servers: +- ip_address: 192.168.2.1 + vrf: MGMT +- ip_address: 8.8.8.8 + vrf: MGMT custom_structured_configuration_ntp: local_interface: name: Management1 @@ -39,26 +41,33 @@ custom_structured_configuration_ntp: - name: 1.fr.pool.ntp.org vrf: MGMT fabric_name: DC1_FABRIC -vxlan_vlan_aware_bundles: true +evpn_vlan_aware_bundles: true bgp_peer_groups: - IPv4_UNDERLAY_PEERS: + ipv4_underlay_peers: password: AQQvKeimxJu+uGQ/yYvv9w== - EVPN_OVERLAY_PEERS: + evpn_overlay_peers: password: q+VNViP5i4rVjW1cxFv2wA== - MLAG_IPv4_UNDERLAY_PEER: + mlag_ipv4_underlay_peer: password: vnEaG8gMeQf3d3cN6PktXQ== spine: defaults: platform: vEOS-LAB bgp_as: 65001 loopback_ipv4_pool: 192.168.255.0/24 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart mlag_peer_ipv4_pool: 10.255.252.0/24 mlag_peer_l3_ipv4_pool: 10.255.251.0/24 + structured_config: + router_bgp: + bgp: + default: + ipv4_unicast: false + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 nodes: DC1-SPINE1: id: 1 @@ -85,11 +94,18 @@ l3leaf: mlag_peer_ipv4_pool: 10.255.252.0/24 mlag_peer_l3_ipv4_pool: 10.255.251.0/24 virtual_router_mac_address: 00:1c:73:00:dc:01 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart + structured_config: + router_bgp: + bgp: + default: + ipv4_unicast: false + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 spanning_tree_mode: mstp spanning_tree_priority: 16384 node_groups: @@ -150,9 +166,9 @@ l2leaf: tenants: - Tenant_A tags: + - app - opzone - web - - app nodes: DC1-L2LEAF1A: id: 5 @@ -168,9 +184,9 @@ l2leaf: tenants: - Tenant_A tags: + - app - opzone - web - - app nodes: DC1-L2LEAF2A: id: 7 @@ -178,13 +194,28 @@ l2leaf: uplink_switch_interfaces: - Ethernet5 - Ethernet5 -p2p_uplinks_mtu: 1500 +p2p_uplinks_mtu: 9000 bfd_multihop: interval: 1200 min_rx: 1200 multiplier: 3 -inventory_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml -inventory_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory +platform_settings: +- platforms: + - default +- platforms: + - vEOS-LAB + reload_delay: + mlag: 300 + non_mlag: 330 + feature_support: + queue_monitor_length_notify: false + interface_storm_control: false + poe: false + per_interface_mtu: false + bgp_update_wait_install: false + bgp_update_wait_for_convergence: false +inventory_file: /Users/pvinci/ansible-avd-cloudvision-demo/inventory/inventory.yml +inventory_dir: /Users/pvinci/ansible-avd-cloudvision-demo/inventory ansible_host: 10.255.0.12 inventory_hostname: DC1-SPINE2 inventory_hostname_short: DC1-SPINE2 @@ -193,125 +224,874 @@ group_names: - DC1_FABRIC - DC1_SPINES ansible_facts: - switch: - type: spine - node_type_key: spine - connected_endpoints: false - default_evpn_role: server - mlag_support: false - network_services_l2: false - network_services_l3: false - underlay_router: true - uplink_type: p2p - vtep: false - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - id: 2 - mgmt_ip: 10.255.0.12/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - spanning_tree_mode: none - max_uplink_switches: 0 - max_parallel_uplinks: 1 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 0 - router_id: 192.168.255.2 - bgp_as: '65001' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: server - mlag: false - topology: - peers: [] - vlans: [] -switch: - type: spine - node_type_key: spine - connected_endpoints: false - default_evpn_role: server - mlag_support: false - network_services_l2: false - network_services_l3: false - underlay_router: true - uplink_type: p2p - vtep: false - ip_addressing: - router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 - mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 - mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 - mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 - mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 - p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 - p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 - vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 - vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 - interface_descriptions: - underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 - underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 - connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 - connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 - overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 - vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 - underlay_routing_protocol: ebgp - overlay_routing_protocol: ebgp - id: 2 - mgmt_ip: 10.255.0.12/24 - platform: vEOS-LAB - platform_settings: - platforms: - - default - reload_delay: - mlag: 300 - non_mlag: 330 - feature_support: - queue_monitor_length_notify: false - spanning_tree_mode: none - max_uplink_switches: 0 - max_parallel_uplinks: 1 - loopback_ipv4_pool: 192.168.255.0/24 - loopback_ipv4_offset: 0 - router_id: 192.168.255.2 - bgp_as: '65001' - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - evpn_role: server - mlag: false -topology: - peers: [] - vlans: [] -playbook_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/playbooks -ansible_playbook_python: /Users/tgrimonet/.pyenv/versions/3.9.7/envs/arista-avd-demo/bin/python3.9 -ansible_config_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/ansible.cfg + avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF1B + - DC1-LEAF1A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF2B + - DC1-LEAF2A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + avd_topology_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-LEAF2A: + - DC1-L2LEAF2A +avd_switch_facts: + DC1-SPINE1: + switch: + id: 1 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.11/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.1 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.1 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-SPINE2: + switch: + id: 2 + type: spine + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.12/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + bgp_as: '65001' + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + router_id: 192.168.255.2 + evpn_role: server + mpls_overlay_role: none + overlay: + peering_address: 192.168.255.2 + evpn_mpls: false + max_parallel_uplinks: 1 + max_uplink_switches: 0 + uplinks: [] + uplink_peers: [] + vlans: '' + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1A: + switch: + id: 1 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.13/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.3 + mlag_peer: DC1-LEAF1B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.0 + mlag_l3_ip: 10.255.251.0 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.3 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.1 + peer_ip_address: 172.31.255.0 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet1 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.3 + peer_ip_address: 172.31.255.2 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF1B: + switch: + id: 2 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.14/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65101' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF1 + router_id: 192.168.255.4 + mlag_peer: DC1-LEAF1A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.1 + mlag_l3_ip: 10.255.251.1 + mlag_switch_ids: + primary: 1 + secondary: 2 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.4 + evpn_mpls: false + vtep_ip: 192.168.254.3 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.5 + peer_ip_address: 172.31.255.4 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet2 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.7 + peer_ip_address: 172.31.255.6 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2A: + switch: + id: 3 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.15/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.5 + mlag_peer: DC1-LEAF2B + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.4 + mlag_l3_ip: 10.255.251.4 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.5 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.9 + peer_ip_address: 172.31.255.8 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet3 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.11 + peer_ip_address: 172.31.255.10 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-LEAF2B: + switch: + id: 4 + type: l3leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.16/24 + mpls_lsr: false + loopback_ipv4_pool: 192.168.255.0/24 + uplink_ipv4_pool: 172.31.255.0/24 + bgp_as: '65102' + underlay_routing_protocol: ebgp + vtep_loopback_ipv4_pool: 192.168.254.0/24 + inband_ztp_lacp_fallback_delay: 30 + group: DC1_LEAF2 + router_id: 192.168.255.6 + mlag_peer: DC1-LEAF2A + mlag_port_channel_id: 3 + mlag_interfaces: + - Ethernet3 + - Ethernet4 + mlag_ip: 10.255.252.5 + mlag_l3_ip: 10.255.251.5 + mlag_switch_ids: + primary: 3 + secondary: 4 + evpn_role: client + mpls_overlay_role: none + evpn_route_servers: + - DC1-SPINE1 + - DC1-SPINE2 + overlay: + peering_address: 192.168.255.6 + evpn_mpls: false + vtep_ip: 192.168.254.5 + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-SPINE1 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.13 + peer_ip_address: 172.31.255.12 + - interface: Ethernet2 + peer: DC1-SPINE2 + peer_interface: Ethernet4 + peer_type: spine + peer_is_deployed: true + peer_bgp_as: '65001' + type: underlay_p2p + prefix_length: 31 + ip_address: 172.31.255.15 + peer_ip_address: 172.31.255.14 + uplink_peers: + - DC1-SPINE1 + - DC1-SPINE2 + vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF1A: + switch: + id: 5 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.17/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF1 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF1 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF1B + - DC1-LEAF1A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] + DC1-L2LEAF2A: + switch: + id: 7 + type: l2leaf + platform: vEOS-LAB + is_deployed: true + mgmt_interface: Management1 + mgmt_ip: 10.255.0.18/24 + mpls_lsr: false + underlay_routing_protocol: ebgp + inband_ztp_lacp_fallback_delay: 30 + group: DC1_L2LEAF2 + evpn_route_servers: [] + max_parallel_uplinks: 1 + max_uplink_switches: 2 + uplinks: + - interface: Ethernet1 + peer: DC1-LEAF2A + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + - interface: Ethernet2 + peer: DC1-LEAF2B + peer_interface: Ethernet5 + peer_type: l3leaf + peer_is_deployed: true + type: underlay_l2 + vlans: 110-112,120-121,130-131 + channel_description: DC1_LEAF2 + peer_mlag: true + channel_group_id: '1' + peer_channel_group_id: '5' + uplink_peers: + - DC1-LEAF2B + - DC1-LEAF2A + vlans: 110-112,120-121,130-131 + local_endpoint_trunk_groups: [] + endpoint_trunk_groups: [] +avd_overlay_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B +avd_topology_peers: + DC1-SPINE1: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-SPINE2: + - DC1-LEAF1A + - DC1-LEAF1B + - DC1-LEAF2A + - DC1-LEAF2B + DC1-LEAF1B: + - DC1-L2LEAF1A + DC1-LEAF1A: + - DC1-L2LEAF1A + DC1-LEAF2B: + - DC1-L2LEAF2A + DC1-LEAF2A: + - DC1-L2LEAF2A +avd_requirements: + failed: false + changed: false +playbook_dir: /Users/pvinci/ansible-avd-cloudvision-demo/playbooks +ansible_playbook_python: /Users/pvinci/.pyenv/versions/3.11.9/bin/python3 +ansible_config_file: /Users/pvinci/ansible-avd-cloudvision-demo/ansible.cfg groups: all: - cv_ztp @@ -331,12 +1111,12 @@ groups: DC1: - DC1-SPINE1 - DC1-SPINE2 - - DC1-L2LEAF1A - - DC1-L2LEAF2A - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B + - DC1-L2LEAF1A + - DC1-L2LEAF2A DC1_FABRIC: - DC1-SPINE1 - DC1-SPINE2 @@ -367,32 +1147,32 @@ groups: - DC1-L2LEAF1A DC1_L2LEAF2: - DC1-L2LEAF2A - DC1_TENANTS_NETWORKS: + NETWORK_SERVICES: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - DC1-L2LEAF1A - DC1-L2LEAF2A - DC1_SERVERS: + DC1_CONNECTED_ENDPOINTS: - DC1-LEAF1A - DC1-LEAF1B - DC1-LEAF2A - DC1-LEAF2B - DC1-L2LEAF1A - DC1-L2LEAF2A -omit: __omit_place_holder__977da4f00604c643da39a9f2175c10b09f0b2380 +omit: __omit_place_holder__9e0ee8fc9716456e882c32fe1aa1621f8d1d8ab2 ansible_version: - string: 2.10.14 - full: 2.10.14 + string: 2.16.7 + full: 2.16.7 major: 2 - minor: 10 - revision: 14 + minor: 16 + revision: 7 ansible_check_mode: false ansible_diff_mode: false ansible_forks: 5 ansible_inventory_sources: -- /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml +- /Users/pvinci/ansible-avd-cloudvision-demo/inventory/inventory.yml ansible_skip_tags: [] ansible_run_tags: - build diff --git a/inventory/intended/structured_configs/DC1-SPINE2.yml b/inventory/intended/structured_configs/DC1-SPINE2.yml index a922d8acc..9dcd4fdaa 100644 --- a/inventory/intended/structured_configs/DC1-SPINE2.yml +++ b/inventory/intended/structured_configs/DC1-SPINE2.yml @@ -1,73 +1,90 @@ +hostname: DC1-SPINE2 +is_deployed: true router_bgp: as: '65001' router_id: 192.168.255.2 - bgp_defaults: - - no bgp default ipv4-unicast - - distance bgp 20 200 200 - - graceful-restart restart-time 300 - - graceful-restart - - maximum-paths 4 ecmp 4 + bgp: + default: + ipv4_unicast: false + maximum_paths: + paths: 4 + ecmp: 4 peer_groups: - IPv4-UNDERLAY-PEERS: - type: ipv4 - password: AQQvKeimxJu+uGQ/yYvv9w== - maximum_routes: 12000 - send_community: all - EVPN-OVERLAY-PEERS: - type: evpn - update_source: Loopback0 - bfd: true - ebgp_multihop: '3' - password: q+VNViP5i4rVjW1cxFv2wA== - send_community: all - maximum_routes: 0 - next_hop_unchanged: true + - name: IPv4-UNDERLAY-PEERS + type: ipv4 + password: AQQvKeimxJu+uGQ/yYvv9w== + maximum_routes: 12000 + send_community: all + - name: EVPN-OVERLAY-PEERS + type: evpn + update_source: Loopback0 + bfd: true + password: q+VNViP5i4rVjW1cxFv2wA== + send_community: all + maximum_routes: 0 + ebgp_multihop: 3 + next_hop_unchanged: true address_family_ipv4: peer_groups: - IPv4-UNDERLAY-PEERS: - activate: true - EVPN-OVERLAY-PEERS: - activate: false + - name: IPv4-UNDERLAY-PEERS + activate: true + - name: EVPN-OVERLAY-PEERS + activate: false redistribute_routes: - connected: - route_map: RM-CONN-2-BGP + - source_protocol: connected + route_map: RM-CONN-2-BGP neighbors: - 172.31.255.3: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65101' - description: DC1-LEAF1A_Ethernet2 - 172.31.255.7: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65101' - description: DC1-LEAF1B_Ethernet2 - 172.31.255.11: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65102' - description: DC1-LEAF2A_Ethernet2 - 172.31.255.15: - peer_group: IPv4-UNDERLAY-PEERS - remote_as: '65102' - description: DC1-LEAF2B_Ethernet2 - 192.168.255.3: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-LEAF1A - remote_as: '65101' - 192.168.255.4: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-LEAF1B - remote_as: '65101' - 192.168.255.5: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-LEAF2A - remote_as: '65102' - 192.168.255.6: - peer_group: EVPN-OVERLAY-PEERS - description: DC1-LEAF2B - remote_as: '65102' + - ip_address: 172.31.255.3 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65101' + peer: DC1-LEAF1A + description: DC1-LEAF1A_Ethernet2 + - ip_address: 172.31.255.7 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65101' + peer: DC1-LEAF1B + description: DC1-LEAF1B_Ethernet2 + - ip_address: 172.31.255.11 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65102' + peer: DC1-LEAF2A + description: DC1-LEAF2A_Ethernet2 + - ip_address: 172.31.255.15 + peer_group: IPv4-UNDERLAY-PEERS + remote_as: '65102' + peer: DC1-LEAF2B + description: DC1-LEAF2B_Ethernet2 + - ip_address: 192.168.255.3 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-LEAF1A + description: DC1-LEAF1A + remote_as: '65101' + - ip_address: 192.168.255.4 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-LEAF1B + description: DC1-LEAF1B + remote_as: '65101' + - ip_address: 192.168.255.5 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-LEAF2A + description: DC1-LEAF2A + remote_as: '65102' + - ip_address: 192.168.255.6 + peer_group: EVPN-OVERLAY-PEERS + peer: DC1-LEAF2B + description: DC1-LEAF2B + remote_as: '65102' address_family_evpn: peer_groups: - EVPN-OVERLAY-PEERS: - activate: true + - name: EVPN-OVERLAY-PEERS + activate: true + distance: + external_routes: 20 + internal_routes: 200 + local_routes: 200 + graceful_restart: + enabled: true + restart_time: 300 static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 @@ -78,7 +95,8 @@ daemon_terminattr: cvaddrs: - 10.255.0.1:9910 cvauth: - method: key + method: token + token_file: /tmp/token cvvrf: MGMT smashexcludes: ale,flexCounter,hardware,kni,pulse,strata ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent @@ -88,101 +106,93 @@ vlan_internal_order: range: beginning: 1006 ending: 1199 -name_server: - source: - vrf: MGMT - nodes: - - 192.168.2.1 - - 8.8.8.8 spanning_tree: mode: none local_users: - admin: - privilege: 15 - role: network-admin - sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 - ansible: - privilege: 15 - role: network-admin - sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ - cvpadmin: - privilege: 15 - role: network-admin - sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. +- name: admin + privilege: 15 + role: network-admin + sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 +- name: ansible + privilege: 15 + role: network-admin + sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ +- name: cvpadmin + privilege: 15 + role: network-admin + sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. vrfs: - MGMT: - ip_routing: false +- name: MGMT + ip_routing: false management_interfaces: - Management1: - description: oob_management - shutdown: false - vrf: MGMT - ip_address: 10.255.0.12/24 - gateway: 10.255.0.1 - type: oob +- name: Management1 + description: oob_management + shutdown: false + vrf: MGMT + ip_address: 10.255.0.12/24 + gateway: 10.255.0.1 + type: oob management_api_http: enable_vrfs: - MGMT: {} + - name: MGMT enable_https: true ethernet_interfaces: - Ethernet1: - peer: DC1-LEAF1A - peer_interface: Ethernet2 - peer_type: l3leaf - description: P2P_LINK_TO_DC1-LEAF1A_Ethernet2 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.2/31 - Ethernet2: - peer: DC1-LEAF1B - peer_interface: Ethernet2 - peer_type: l3leaf - description: P2P_LINK_TO_DC1-LEAF1B_Ethernet2 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.6/31 - Ethernet3: - peer: DC1-LEAF2A - peer_interface: Ethernet2 - peer_type: l3leaf - description: P2P_LINK_TO_DC1-LEAF2A_Ethernet2 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.10/31 - Ethernet4: - peer: DC1-LEAF2B - peer_interface: Ethernet2 - peer_type: l3leaf - description: P2P_LINK_TO_DC1-LEAF2B_Ethernet2 - mtu: 1500 - type: routed - shutdown: false - ip_address: 172.31.255.14/31 +- name: Ethernet1 + peer: DC1-LEAF1A + peer_interface: Ethernet2 + peer_type: l3leaf + description: P2P_LINK_TO_DC1-LEAF1A_Ethernet2 + shutdown: false + type: routed + ip_address: 172.31.255.2/31 +- name: Ethernet2 + peer: DC1-LEAF1B + peer_interface: Ethernet2 + peer_type: l3leaf + description: P2P_LINK_TO_DC1-LEAF1B_Ethernet2 + shutdown: false + type: routed + ip_address: 172.31.255.6/31 +- name: Ethernet3 + peer: DC1-LEAF2A + peer_interface: Ethernet2 + peer_type: l3leaf + description: P2P_LINK_TO_DC1-LEAF2A_Ethernet2 + shutdown: false + type: routed + ip_address: 172.31.255.10/31 +- name: Ethernet4 + peer: DC1-LEAF2B + peer_interface: Ethernet2 + peer_type: l3leaf + description: P2P_LINK_TO_DC1-LEAF2B_Ethernet2 + shutdown: false + type: routed + ip_address: 172.31.255.14/31 loopback_interfaces: - Loopback0: - description: EVPN_Overlay_Peering - shutdown: false - ip_address: 192.168.255.2/32 +- name: Loopback0 + description: EVPN_Overlay_Peering + shutdown: false + ip_address: 192.168.255.2/32 prefix_lists: - PL-LOOPBACKS-EVPN-OVERLAY: - sequence_numbers: - 10: - action: permit 192.168.255.0/24 eq 32 +- name: PL-LOOPBACKS-EVPN-OVERLAY + sequence_numbers: + - sequence: 10 + action: permit 192.168.255.0/24 eq 32 route_maps: - RM-CONN-2-BGP: - sequence_numbers: - 10: - type: permit - match: - - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +- name: RM-CONN-2-BGP + sequence_numbers: + - sequence: 10 + type: permit + match: + - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY router_bfd: multihop: interval: 1200 min_rx: 1200 multiplier: 3 +metadata: + platform: vEOS-LAB ntp: local_interface: name: Management1 diff --git a/inventory/intended/structured_configs/cvp/cv_server.yml b/inventory/intended/structured_configs/cvp/cv_server.yml index ef3e2de41..7294ad403 100644 --- a/inventory/intended/structured_configs/cvp/cv_server.yml +++ b/inventory/intended/structured_configs/cvp/cv_server.yml @@ -1,67 +1,51 @@ --- -CVP_DEVICES: - DC1-L2LEAF1A: - name: DC1-L2LEAF1A +cvp_devices: + - fqdn: DC1-L2LEAF1A parentContainerName: DC1_L2LEAF1 configlets: - DC1-AVD_DC1-L2LEAF1A - imageBundle: [] - DC1-L2LEAF2A: - name: DC1-L2LEAF2A + - fqdn: DC1-L2LEAF2A parentContainerName: DC1_L2LEAF2 configlets: - DC1-AVD_DC1-L2LEAF2A - imageBundle: [] - DC1-LEAF1A: - name: DC1-LEAF1A + - fqdn: DC1-LEAF1A parentContainerName: DC1_LEAF1 configlets: - DC1-AVD_DC1-LEAF1A - imageBundle: [] - DC1-LEAF1B: - name: DC1-LEAF1B + - fqdn: DC1-LEAF1B parentContainerName: DC1_LEAF1 configlets: - DC1-AVD_DC1-LEAF1B - imageBundle: [] - DC1-LEAF2A: - name: DC1-LEAF2A + - fqdn: DC1-LEAF2A parentContainerName: DC1_LEAF2 configlets: - DC1-AVD_DC1-LEAF2A - imageBundle: [] - DC1-LEAF2B: - name: DC1-LEAF2B + - fqdn: DC1-LEAF2B parentContainerName: DC1_LEAF2 configlets: - DC1-AVD_DC1-LEAF2B - imageBundle: [] - DC1-SPINE1: - name: DC1-SPINE1 + - fqdn: DC1-SPINE1 parentContainerName: DC1_SPINES configlets: - DC1-AVD_DC1-SPINE1 - imageBundle: [] - DC1-SPINE2: - name: DC1-SPINE2 + - fqdn: DC1-SPINE2 parentContainerName: DC1_SPINES configlets: - DC1-AVD_DC1-SPINE2 - imageBundle: [] -CVP_CONTAINERS: +cvp_containers: DC1_FABRIC: - parent_container: Tenant + parentContainerName: Tenant DC1_L2LEAF1: - parent_container: DC1_L2LEAFS + parentContainerName: DC1_L2LEAFS DC1_L2LEAF2: - parent_container: DC1_L2LEAFS + parentContainerName: DC1_L2LEAFS DC1_L2LEAFS: - parent_container: DC1_FABRIC + parentContainerName: DC1_FABRIC DC1_L3LEAFS: - parent_container: DC1_FABRIC + parentContainerName: DC1_FABRIC DC1_LEAF1: - parent_container: DC1_L3LEAFS + parentContainerName: DC1_L3LEAFS DC1_LEAF2: - parent_container: DC1_L3LEAFS + parentContainerName: DC1_L3LEAFS DC1_SPINES: - parent_container: DC1_FABRIC + parentContainerName: DC1_FABRIC diff --git a/inventory/intended/structured_configs/cvp/cv_server_configlets.yml b/inventory/intended/structured_configs/cvp/cv_server_configlets.yml index 1be3d9442..44c25c5fb 100644 --- a/inventory/intended/structured_configs/cvp/cv_server_configlets.yml +++ b/inventory/intended/structured_configs/cvp/cv_server_configlets.yml @@ -1,980 +1,943 @@ -CVP_CONFIGLETS: - DC1-AVD_DC1-L2LEAF1A: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec\ - \ /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata\ - \ -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n\ - !\nvlan internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode\ - \ 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname DC1-L2LEAF1A\n\ - ip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface\ - \ vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server\ - \ vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nspanning-tree mst 0\ - \ priority 16384\n!\nno aaa root\nno enable password\n!\nusername admin privilege\ - \ 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\n\ - username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\n\ - username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n\ - !\nvlan 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n\ - !\nvlan 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n\ - !\nvlan 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n\ - !\nvlan 131\n name Tenant_A_APP_Zone_2\n!\nvrf instance MGMT\n!\ninterface Port-Channel1\n\ - \ description DC1_LEAF1_Po5\n no shutdown\n switchport\n switchport trunk\ - \ allowed vlan 110-112,120-121,130-131\n switchport mode trunk\n!\ninterface\ - \ Ethernet1\n description DC1-LEAF1A_Ethernet5\n no shutdown\n channel-group\ - \ 1 mode active\n!\ninterface Ethernet2\n description DC1-LEAF1B_Ethernet5\n\ - \ no shutdown\n channel-group 1 mode active\n!\ninterface Ethernet5\n description\ - \ server01_Eth0\n no shutdown\n switchport\n switchport access vlan 110\n\ - \ switchport mode access\n!\ninterface Management1\n description oob_management\n\ - \ no shutdown\n vrf MGMT\n ip address 10.255.0.17/24\n!\nip routing\nno\ - \ ip routing vrf MGMT\n!\nip route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nmanagement\ - \ api http-commands\n protocol https\n no shutdown\n !\n vrf MGMT\n \ - \ no shutdown\n!\nend\n" - DC1-AVD_DC1-L2LEAF2A: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec\ - \ /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata\ - \ -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n\ - !\nvlan internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode\ - \ 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname DC1-L2LEAF2A\n\ - ip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface\ - \ vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server\ - \ vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nspanning-tree mst 0\ - \ priority 16384\n!\nno aaa root\nno enable password\n!\nusername admin privilege\ - \ 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\n\ - username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\n\ - username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n\ - !\nvlan 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n\ - !\nvlan 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n\ - !\nvlan 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n\ - !\nvlan 131\n name Tenant_A_APP_Zone_2\n!\nvrf instance MGMT\n!\ninterface Port-Channel1\n\ - \ description DC1_LEAF2_Po5\n no shutdown\n switchport\n switchport trunk\ - \ allowed vlan 110-112,120-121,130-131\n switchport mode trunk\n!\ninterface\ - \ Ethernet1\n description DC1-LEAF2A_Ethernet5\n no shutdown\n channel-group\ - \ 1 mode active\n!\ninterface Ethernet2\n description DC1-LEAF2B_Ethernet5\n\ - \ no shutdown\n channel-group 1 mode active\n!\ninterface Ethernet5\n description\ - \ server02_Eth0\n no shutdown\n switchport\n switchport access vlan 110\n\ - \ switchport mode access\n!\ninterface Management1\n description oob_management\n\ - \ no shutdown\n vrf MGMT\n ip address 10.255.0.18/24\n!\nip routing\nno\ - \ ip routing vrf MGMT\n!\nip route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nmanagement\ - \ api http-commands\n protocol https\n no shutdown\n !\n vrf MGMT\n \ - \ no shutdown\n!\nend\n" - DC1-AVD_DC1-LEAF1A: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec\ - \ /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata\ - \ -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n\ - !\nvlan internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode\ - \ 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname DC1-LEAF1A\n\ - ip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface\ - \ vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server\ - \ vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nno spanning-tree vlan-id\ - \ 4093-4094\nspanning-tree mst 0 priority 16384\n!\nno aaa root\nno enable password\n\ - !\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\n\ - username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\n\ - username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n\ - !\nvlan 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n\ - !\nvlan 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n\ - !\nvlan 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n\ - !\nvlan 131\n name Tenant_A_APP_Zone_2\n!\nvlan 140\n name Tenant_A_DB_BZone_1\n\ - !\nvlan 141\n name Tenant_A_DB_Zone_2\n!\nvlan 150\n name Tenant_A_WAN_Zone_1\n\ - !\nvlan 160\n name Tenant_A_VMOTION\n!\nvlan 161\n name Tenant_A_NFS\n!\n\ - vlan 210\n name Tenant_B_OP_Zone_1\n!\nvlan 211\n name Tenant_B_OP_Zone_2\n\ - !\nvlan 250\n name Tenant_B_WAN_Zone_1\n!\nvlan 310\n name Tenant_C_OP_Zone_1\n\ - !\nvlan 311\n name Tenant_C_OP_Zone_2\n!\nvlan 350\n name Tenant_C_WAN_Zone_1\n\ - !\nvlan 3009\n name MLAG_iBGP_Tenant_A_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3010\n name MLAG_iBGP_Tenant_A_WEB_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3011\n name MLAG_iBGP_Tenant_A_APP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3012\n name MLAG_iBGP_Tenant_A_DB_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3013\n name MLAG_iBGP_Tenant_A_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3019\n name MLAG_iBGP_Tenant_B_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3020\n name MLAG_iBGP_Tenant_B_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3029\n name MLAG_iBGP_Tenant_C_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3030\n name MLAG_iBGP_Tenant_C_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 4093\n name LEAF_PEER_L3\n trunk group LEAF_PEER_L3\n!\nvlan 4094\n\ - \ name MLAG_PEER\n trunk group MLAG\n!\nvrf instance MGMT\n!\nvrf instance\ - \ Tenant_A_APP_Zone\n!\nvrf instance Tenant_A_DB_Zone\n!\nvrf instance Tenant_A_OP_Zone\n\ - !\nvrf instance Tenant_A_WAN_Zone\n!\nvrf instance Tenant_A_WEB_Zone\n!\nvrf instance\ - \ Tenant_B_OP_Zone\n!\nvrf instance Tenant_B_WAN_Zone\n!\nvrf instance Tenant_C_OP_Zone\n\ - !\nvrf instance Tenant_C_WAN_Zone\n!\ninterface Port-Channel3\n description\ - \ MLAG_PEER_DC1-LEAF1B_Po3\n no shutdown\n switchport\n switchport trunk\ - \ allowed vlan 2-4094\n switchport mode trunk\n switchport trunk group LEAF_PEER_L3\n\ - \ switchport trunk group MLAG\n!\ninterface Port-Channel5\n description DC1-L2LEAF1A_Po1\n\ - \ no shutdown\n switchport\n switchport trunk allowed vlan 110-112,120-121,130-131\n\ - \ switchport mode trunk\n mlag 5\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-SPINE1_Ethernet1\n\ - \ no shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.1/31\n\ - !\ninterface Ethernet2\n description P2P_LINK_TO_DC1-SPINE2_Ethernet1\n no\ - \ shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.3/31\n!\n\ - interface Ethernet3\n description MLAG_PEER_DC1-LEAF1B_Ethernet3\n no shutdown\n\ - \ channel-group 3 mode active\n!\ninterface Ethernet4\n description MLAG_PEER_DC1-LEAF1B_Ethernet4\n\ - \ no shutdown\n channel-group 3 mode active\n!\ninterface Ethernet5\n description\ - \ DC1-L2LEAF1A_Ethernet1\n no shutdown\n channel-group 5 mode active\n!\n\ - interface Loopback0\n description EVPN_Overlay_Peering\n no shutdown\n ip\ - \ address 192.168.255.3/32\n!\ninterface Loopback1\n description VTEP_VXLAN_Tunnel_Source\n\ - \ no shutdown\n ip address 192.168.254.3/32\n!\ninterface Loopback100\n \ - \ description Tenant_A_OP_Zone_VTEP_DIAGNOSTICS\n no shutdown\n vrf Tenant_A_OP_Zone\n\ - \ ip address 10.255.1.3/32\n!\ninterface Management1\n description oob_management\n\ - \ no shutdown\n vrf MGMT\n ip address 10.255.0.13/24\n!\ninterface Vlan110\n\ - \ description Tenant_A_OP_Zone_1\n no shutdown\n vrf Tenant_A_OP_Zone\n\ - \ ip address virtual 10.1.10.1/24\n!\ninterface Vlan111\n description Tenant_A_OP_Zone_2\n\ - \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.11.1/24\n\ - !\ninterface Vlan112\n description Tenant_A_OP_Zone_3\n no shutdown\n vrf\ - \ Tenant_A_OP_Zone\n ip address virtual 10.1.12.254/24\n!\ninterface Vlan120\n\ - \ description Tenant_A_WEB_Zone_1\n no shutdown\n vrf Tenant_A_WEB_Zone\n\ - !\ninterface Vlan121\n description Tenant_A_WEBZone_2\n no shutdown\n vrf\ - \ Tenant_A_WEB_Zone\n ip address virtual 10.1.21.1/24\n!\ninterface Vlan130\n\ - \ description Tenant_A_APP_Zone_1\n no shutdown\n vrf Tenant_A_APP_Zone\n\ - !\ninterface Vlan131\n description Tenant_A_APP_Zone_2\n no shutdown\n vrf\ - \ Tenant_A_APP_Zone\n ip address virtual 10.1.31.254/24\n!\ninterface Vlan140\n\ - \ description Tenant_A_DB_BZone_1\n no shutdown\n vrf Tenant_A_DB_Zone\n\ - \ ip address virtual 10.1.40.1/24\n!\ninterface Vlan141\n description Tenant_A_DB_Zone_2\n\ - \ no shutdown\n vrf Tenant_A_DB_Zone\n ip address virtual 10.1.41.1/24\n\ - !\ninterface Vlan150\n description Tenant_A_WAN_Zone_1\n no shutdown\n vrf\ - \ Tenant_A_WAN_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface Vlan210\n\ - \ description Tenant_B_OP_Zone_1\n no shutdown\n vrf Tenant_B_OP_Zone\n\ - !\ninterface Vlan211\n description Tenant_B_OP_Zone_2\n no shutdown\n vrf\ - \ Tenant_B_OP_Zone\n ip address virtual 10.2.11.1/24\n!\ninterface Vlan250\n\ - \ description Tenant_B_WAN_Zone_1\n no shutdown\n vrf Tenant_B_WAN_Zone\n\ - \ ip address virtual 10.2.50.1/24\n!\ninterface Vlan310\n description Tenant_C_OP_Zone_1\n\ - \ no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface Vlan311\n description\ - \ Tenant_C_OP_Zone_2\n no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface Vlan350\n\ - \ description Tenant_C_WAN_Zone_1\n no shutdown\n vrf Tenant_C_WAN_Zone\n\ - !\ninterface Vlan3009\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_OP_Zone\n ip address 10.255.251.0/31\n\ - !\ninterface Vlan3010\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_WEB_Zone\n ip address 10.255.251.0/31\n\ - !\ninterface Vlan3011\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_APP_Zone\n ip address 10.255.251.0/31\n\ - !\ninterface Vlan3012\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_DB_Zone\n ip address 10.255.251.0/31\n\ - !\ninterface Vlan3013\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_WAN_Zone\n ip address 10.255.251.0/31\n\ - !\ninterface Vlan3019\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_B_OP_Zone\n ip address 10.255.251.0/31\n\ - !\ninterface Vlan3020\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_B_WAN_Zone\n ip address 10.255.251.0/31\n\ - !\ninterface Vlan3029\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_C_OP_Zone\n ip address 10.255.251.0/31\n\ - !\ninterface Vlan3030\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_C_WAN_Zone\n ip address 10.255.251.0/31\n\ - !\ninterface Vlan4093\n description MLAG_PEER_L3_PEERING\n no shutdown\n \ - \ mtu 1500\n ip address 10.255.251.0/31\n!\ninterface Vlan4094\n description\ - \ MLAG_PEER\n no shutdown\n mtu 1500\n no autostate\n ip address 10.255.252.0/31\n\ - !\ninterface Vxlan1\n description DC1-LEAF1A_VTEP\n vxlan source-interface\ - \ Loopback1\n vxlan virtual-router encapsulation mac-address mlag-system-id\n\ - \ vxlan udp-port 4789\n vxlan vlan 110 vni 10110\n vxlan vlan 111 vni 50111\n\ - \ vxlan vlan 112 vni 50112\n vxlan vlan 120 vni 10120\n vxlan vlan 121 vni\ - \ 10121\n vxlan vlan 130 vni 10130\n vxlan vlan 131 vni 10131\n vxlan vlan\ - \ 140 vni 10140\n vxlan vlan 141 vni 10141\n vxlan vlan 150 vni 10150\n \ - \ vxlan vlan 160 vni 55160\n vxlan vlan 161 vni 10161\n vxlan vlan 210 vni\ - \ 20210\n vxlan vlan 211 vni 20211\n vxlan vlan 250 vni 20250\n vxlan vlan\ - \ 310 vni 30310\n vxlan vlan 311 vni 30311\n vxlan vlan 350 vni 30350\n \ - \ vxlan vrf Tenant_A_APP_Zone vni 12\n vxlan vrf Tenant_A_DB_Zone vni 13\n \ - \ vxlan vrf Tenant_A_OP_Zone vni 10\n vxlan vrf Tenant_A_WAN_Zone vni 14\n\ - \ vxlan vrf Tenant_A_WEB_Zone vni 11\n vxlan vrf Tenant_B_OP_Zone vni 20\n\ - \ vxlan vrf Tenant_B_WAN_Zone vni 21\n vxlan vrf Tenant_C_OP_Zone vni 30\n\ - \ vxlan vrf Tenant_C_WAN_Zone vni 31\n!\nip virtual-router mac-address 00:1c:73:00:dc:01\n\ - !\nip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.3\n!\n\ - ip routing\nno ip routing vrf MGMT\nip routing vrf Tenant_A_APP_Zone\nip routing\ - \ vrf Tenant_A_DB_Zone\nip routing vrf Tenant_A_OP_Zone\nip routing vrf Tenant_A_WAN_Zone\n\ - ip routing vrf Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing\ - \ vrf Tenant_B_WAN_Zone\nip routing vrf Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n\ - !\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24\ - \ eq 32\n seq 20 permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id\ - \ DC1_LEAF1\n local-interface Vlan4094\n peer-address 10.255.252.1\n peer-link\ - \ Port-Channel3\n reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip\ - \ route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map RM-CONN-2-BGP permit 10\n\ - \ match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN\ - \ permit 10\n description Make routes learned over MLAG Peer-link less preferred\ - \ on spines to ensure optimal routing\n set origin incomplete\n!\nrouter bfd\n\ - \ multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65101\n router-id\ - \ 192.168.255.3\n no bgp default ipv4-unicast\n distance bgp 20 200 200\n\ - \ graceful-restart restart-time 300\n graceful-restart\n maximum-paths 4\ - \ ecmp 4\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS\ - \ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS\ - \ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n\ - \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS\ - \ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS\ - \ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n\ - \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101\n neighbor\ - \ MLAG-IPv4-UNDERLAY-PEER next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER password\ - \ 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n\ - \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ neighbor 10.255.251.1 description DC1-LEAF1B\n neighbor 172.31.255.0 peer\ - \ group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.0 remote-as 65001\n neighbor\ - \ 172.31.255.0 description DC1-SPINE1_Ethernet1\n neighbor 172.31.255.2 peer\ - \ group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.2 remote-as 65001\n neighbor\ - \ 172.31.255.2 description DC1-SPINE2_Ethernet1\n neighbor 192.168.255.1 peer\ - \ group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor\ - \ 192.168.255.1 description DC1-SPINE1\n neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n\ - \ neighbor 192.168.255.2 remote-as 65001\n neighbor 192.168.255.2 description\ - \ DC1-SPINE2\n redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle\ - \ Tenant_A_APP_Zone\n rd 192.168.255.3:12\n route-target both 12:12\n\ - \ redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n\ - \ rd 192.168.255.3:13\n route-target both 13:13\n redistribute\ - \ learned\n vlan 140-141\n !\n vlan-aware-bundle Tenant_A_NFS\n \ - \ rd 192.168.255.3:10161\n route-target both 10161:10161\n redistribute\ - \ learned\n vlan 161\n !\n vlan-aware-bundle Tenant_A_OP_Zone\n \ - \ rd 192.168.255.3:10\n route-target both 10:10\n redistribute learned\n\ - \ vlan 110-112\n !\n vlan-aware-bundle Tenant_A_VMOTION\n rd 192.168.255.3:55160\n\ - \ route-target both 55160:55160\n redistribute learned\n vlan 160\n\ - \ !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd 192.168.255.3:14\n \ - \ route-target both 14:14\n redistribute learned\n vlan 150\n !\n\ - \ vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.3:11\n route-target\ - \ both 11:11\n redistribute learned\n vlan 120-121\n !\n vlan-aware-bundle\ - \ Tenant_B_OP_Zone\n rd 192.168.255.3:20\n route-target both 20:20\n\ - \ redistribute learned\n vlan 210-211\n !\n vlan-aware-bundle Tenant_B_WAN_Zone\n\ - \ rd 192.168.255.3:21\n route-target both 21:21\n redistribute\ - \ learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n \ - \ rd 192.168.255.3:30\n route-target both 30:30\n redistribute learned\n\ - \ vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd 192.168.255.3:31\n\ - \ route-target both 31:31\n redistribute learned\n vlan 350\n \ - \ !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n\ - \ address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n \ - \ neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ activate\n !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.3:12\n route-target\ - \ import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.3\n\ - \ neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_DB_Zone\n rd 192.168.255.3:13\n route-target\ - \ import evpn 13:13\n route-target export evpn 13:13\n router-id 192.168.255.3\n\ - \ neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.3:10\n route-target\ - \ import evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.3\n\ - \ neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.3:14\n \ - \ route-target import evpn 14:14\n route-target export evpn 14:14\n \ - \ router-id 192.168.255.3\n neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.3:11\n\ - \ route-target import evpn 11:11\n route-target export evpn 11:11\n\ - \ router-id 192.168.255.3\n neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.3:20\n\ - \ route-target import evpn 20:20\n route-target export evpn 20:20\n\ - \ router-id 192.168.255.3\n neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.3:21\n\ - \ route-target import evpn 21:21\n route-target export evpn 21:21\n\ - \ router-id 192.168.255.3\n neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.3:30\n\ - \ route-target import evpn 30:30\n route-target export evpn 30:30\n\ - \ router-id 192.168.255.3\n neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.3:31\n\ - \ route-target import evpn 31:31\n route-target export evpn 31:31\n\ - \ router-id 192.168.255.3\n neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n!\nmanagement api http-commands\n protocol https\n\ - \ no shutdown\n !\n vrf MGMT\n no shutdown\n!\nend\n" - DC1-AVD_DC1-LEAF1B: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec\ - \ /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata\ - \ -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n\ - !\nvlan internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode\ - \ 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname DC1-LEAF1B\n\ - ip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface\ - \ vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server\ - \ vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nno spanning-tree vlan-id\ - \ 4093-4094\nspanning-tree mst 0 priority 16384\n!\nno aaa root\nno enable password\n\ - !\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\n\ - username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\n\ - username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n\ - !\nvlan 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n\ - !\nvlan 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n\ - !\nvlan 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n\ - !\nvlan 131\n name Tenant_A_APP_Zone_2\n!\nvlan 140\n name Tenant_A_DB_BZone_1\n\ - !\nvlan 141\n name Tenant_A_DB_Zone_2\n!\nvlan 150\n name Tenant_A_WAN_Zone_1\n\ - !\nvlan 160\n name Tenant_A_VMOTION\n!\nvlan 161\n name Tenant_A_NFS\n!\n\ - vlan 210\n name Tenant_B_OP_Zone_1\n!\nvlan 211\n name Tenant_B_OP_Zone_2\n\ - !\nvlan 250\n name Tenant_B_WAN_Zone_1\n!\nvlan 310\n name Tenant_C_OP_Zone_1\n\ - !\nvlan 311\n name Tenant_C_OP_Zone_2\n!\nvlan 350\n name Tenant_C_WAN_Zone_1\n\ - !\nvlan 3009\n name MLAG_iBGP_Tenant_A_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3010\n name MLAG_iBGP_Tenant_A_WEB_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3011\n name MLAG_iBGP_Tenant_A_APP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3012\n name MLAG_iBGP_Tenant_A_DB_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3013\n name MLAG_iBGP_Tenant_A_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3019\n name MLAG_iBGP_Tenant_B_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3020\n name MLAG_iBGP_Tenant_B_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3029\n name MLAG_iBGP_Tenant_C_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3030\n name MLAG_iBGP_Tenant_C_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 4093\n name LEAF_PEER_L3\n trunk group LEAF_PEER_L3\n!\nvlan 4094\n\ - \ name MLAG_PEER\n trunk group MLAG\n!\nvrf instance MGMT\n!\nvrf instance\ - \ Tenant_A_APP_Zone\n!\nvrf instance Tenant_A_DB_Zone\n!\nvrf instance Tenant_A_OP_Zone\n\ - !\nvrf instance Tenant_A_WAN_Zone\n!\nvrf instance Tenant_A_WEB_Zone\n!\nvrf instance\ - \ Tenant_B_OP_Zone\n!\nvrf instance Tenant_B_WAN_Zone\n!\nvrf instance Tenant_C_OP_Zone\n\ - !\nvrf instance Tenant_C_WAN_Zone\n!\ninterface Port-Channel3\n description\ - \ MLAG_PEER_DC1-LEAF1A_Po3\n no shutdown\n switchport\n switchport trunk\ - \ allowed vlan 2-4094\n switchport mode trunk\n switchport trunk group LEAF_PEER_L3\n\ - \ switchport trunk group MLAG\n!\ninterface Port-Channel5\n description DC1-L2LEAF1A_Po1\n\ - \ no shutdown\n switchport\n switchport trunk allowed vlan 110-112,120-121,130-131\n\ - \ switchport mode trunk\n mlag 5\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-SPINE1_Ethernet2\n\ - \ no shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.5/31\n\ - !\ninterface Ethernet2\n description P2P_LINK_TO_DC1-SPINE2_Ethernet2\n no\ - \ shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.7/31\n!\n\ - interface Ethernet3\n description MLAG_PEER_DC1-LEAF1A_Ethernet3\n no shutdown\n\ - \ channel-group 3 mode active\n!\ninterface Ethernet4\n description MLAG_PEER_DC1-LEAF1A_Ethernet4\n\ - \ no shutdown\n channel-group 3 mode active\n!\ninterface Ethernet5\n description\ - \ DC1-L2LEAF1A_Ethernet2\n no shutdown\n channel-group 5 mode active\n!\n\ - interface Loopback0\n description EVPN_Overlay_Peering\n no shutdown\n ip\ - \ address 192.168.255.4/32\n!\ninterface Loopback1\n description VTEP_VXLAN_Tunnel_Source\n\ - \ no shutdown\n ip address 192.168.254.3/32\n!\ninterface Loopback100\n \ - \ description Tenant_A_OP_Zone_VTEP_DIAGNOSTICS\n no shutdown\n vrf Tenant_A_OP_Zone\n\ - \ ip address 10.255.1.4/32\n!\ninterface Management1\n description oob_management\n\ - \ no shutdown\n vrf MGMT\n ip address 10.255.0.14/24\n!\ninterface Vlan110\n\ - \ description Tenant_A_OP_Zone_1\n no shutdown\n vrf Tenant_A_OP_Zone\n\ - \ ip address virtual 10.1.10.1/24\n!\ninterface Vlan111\n description Tenant_A_OP_Zone_2\n\ - \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.11.1/24\n\ - !\ninterface Vlan112\n description Tenant_A_OP_Zone_3\n no shutdown\n vrf\ - \ Tenant_A_OP_Zone\n ip address virtual 10.1.12.254/24\n!\ninterface Vlan120\n\ - \ description Tenant_A_WEB_Zone_1\n no shutdown\n vrf Tenant_A_WEB_Zone\n\ - !\ninterface Vlan121\n description Tenant_A_WEBZone_2\n no shutdown\n vrf\ - \ Tenant_A_WEB_Zone\n ip address virtual 10.1.21.1/24\n!\ninterface Vlan130\n\ - \ description Tenant_A_APP_Zone_1\n no shutdown\n vrf Tenant_A_APP_Zone\n\ - !\ninterface Vlan131\n description Tenant_A_APP_Zone_2\n no shutdown\n vrf\ - \ Tenant_A_APP_Zone\n ip address virtual 10.1.31.254/24\n!\ninterface Vlan140\n\ - \ description Tenant_A_DB_BZone_1\n no shutdown\n vrf Tenant_A_DB_Zone\n\ - \ ip address virtual 10.1.40.1/24\n!\ninterface Vlan141\n description Tenant_A_DB_Zone_2\n\ - \ no shutdown\n vrf Tenant_A_DB_Zone\n ip address virtual 10.1.41.1/24\n\ - !\ninterface Vlan150\n description Tenant_A_WAN_Zone_1\n no shutdown\n vrf\ - \ Tenant_A_WAN_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface Vlan210\n\ - \ description Tenant_B_OP_Zone_1\n no shutdown\n vrf Tenant_B_OP_Zone\n\ - !\ninterface Vlan211\n description Tenant_B_OP_Zone_2\n no shutdown\n vrf\ - \ Tenant_B_OP_Zone\n ip address virtual 10.2.11.1/24\n!\ninterface Vlan250\n\ - \ description Tenant_B_WAN_Zone_1\n no shutdown\n vrf Tenant_B_WAN_Zone\n\ - \ ip address virtual 10.2.50.1/24\n!\ninterface Vlan310\n description Tenant_C_OP_Zone_1\n\ - \ no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface Vlan311\n description\ - \ Tenant_C_OP_Zone_2\n no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface Vlan350\n\ - \ description Tenant_C_WAN_Zone_1\n no shutdown\n vrf Tenant_C_WAN_Zone\n\ - !\ninterface Vlan3009\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_OP_Zone\n ip address 10.255.251.1/31\n\ - !\ninterface Vlan3010\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_WEB_Zone\n ip address 10.255.251.1/31\n\ - !\ninterface Vlan3011\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_APP_Zone\n ip address 10.255.251.1/31\n\ - !\ninterface Vlan3012\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_DB_Zone\n ip address 10.255.251.1/31\n\ - !\ninterface Vlan3013\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_WAN_Zone\n ip address 10.255.251.1/31\n\ - !\ninterface Vlan3019\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_B_OP_Zone\n ip address 10.255.251.1/31\n\ - !\ninterface Vlan3020\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_B_WAN_Zone\n ip address 10.255.251.1/31\n\ - !\ninterface Vlan3029\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_C_OP_Zone\n ip address 10.255.251.1/31\n\ - !\ninterface Vlan3030\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_C_WAN_Zone\n ip address 10.255.251.1/31\n\ - !\ninterface Vlan4093\n description MLAG_PEER_L3_PEERING\n no shutdown\n \ - \ mtu 1500\n ip address 10.255.251.1/31\n!\ninterface Vlan4094\n description\ - \ MLAG_PEER\n no shutdown\n mtu 1500\n no autostate\n ip address 10.255.252.1/31\n\ - !\ninterface Vxlan1\n description DC1-LEAF1B_VTEP\n vxlan source-interface\ - \ Loopback1\n vxlan virtual-router encapsulation mac-address mlag-system-id\n\ - \ vxlan udp-port 4789\n vxlan vlan 110 vni 10110\n vxlan vlan 111 vni 50111\n\ - \ vxlan vlan 112 vni 50112\n vxlan vlan 120 vni 10120\n vxlan vlan 121 vni\ - \ 10121\n vxlan vlan 130 vni 10130\n vxlan vlan 131 vni 10131\n vxlan vlan\ - \ 140 vni 10140\n vxlan vlan 141 vni 10141\n vxlan vlan 150 vni 10150\n \ - \ vxlan vlan 160 vni 55160\n vxlan vlan 161 vni 10161\n vxlan vlan 210 vni\ - \ 20210\n vxlan vlan 211 vni 20211\n vxlan vlan 250 vni 20250\n vxlan vlan\ - \ 310 vni 30310\n vxlan vlan 311 vni 30311\n vxlan vlan 350 vni 30350\n \ - \ vxlan vrf Tenant_A_APP_Zone vni 12\n vxlan vrf Tenant_A_DB_Zone vni 13\n \ - \ vxlan vrf Tenant_A_OP_Zone vni 10\n vxlan vrf Tenant_A_WAN_Zone vni 14\n\ - \ vxlan vrf Tenant_A_WEB_Zone vni 11\n vxlan vrf Tenant_B_OP_Zone vni 20\n\ - \ vxlan vrf Tenant_B_WAN_Zone vni 21\n vxlan vrf Tenant_C_OP_Zone vni 30\n\ - \ vxlan vrf Tenant_C_WAN_Zone vni 31\n!\nip virtual-router mac-address 00:1c:73:00:dc:01\n\ - !\nip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.4\n!\n\ - ip routing\nno ip routing vrf MGMT\nip routing vrf Tenant_A_APP_Zone\nip routing\ - \ vrf Tenant_A_DB_Zone\nip routing vrf Tenant_A_OP_Zone\nip routing vrf Tenant_A_WAN_Zone\n\ - ip routing vrf Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing\ - \ vrf Tenant_B_WAN_Zone\nip routing vrf Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n\ - !\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24\ - \ eq 32\n seq 20 permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id\ - \ DC1_LEAF1\n local-interface Vlan4094\n peer-address 10.255.252.0\n peer-link\ - \ Port-Channel3\n reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip\ - \ route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map RM-CONN-2-BGP permit 10\n\ - \ match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN\ - \ permit 10\n description Make routes learned over MLAG Peer-link less preferred\ - \ on spines to ensure optimal routing\n set origin incomplete\n!\nrouter bfd\n\ - \ multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65101\n router-id\ - \ 192.168.255.4\n no bgp default ipv4-unicast\n distance bgp 20 200 200\n\ - \ graceful-restart restart-time 300\n graceful-restart\n maximum-paths 4\ - \ ecmp 4\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS\ - \ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS\ - \ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n\ - \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS\ - \ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS\ - \ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n\ - \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101\n neighbor\ - \ MLAG-IPv4-UNDERLAY-PEER next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER password\ - \ 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n\ - \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ neighbor 10.255.251.0 description DC1-LEAF1A\n neighbor 172.31.255.4 peer\ - \ group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.4 remote-as 65001\n neighbor\ - \ 172.31.255.4 description DC1-SPINE1_Ethernet2\n neighbor 172.31.255.6 peer\ - \ group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.6 remote-as 65001\n neighbor\ - \ 172.31.255.6 description DC1-SPINE2_Ethernet2\n neighbor 192.168.255.1 peer\ - \ group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor\ - \ 192.168.255.1 description DC1-SPINE1\n neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n\ - \ neighbor 192.168.255.2 remote-as 65001\n neighbor 192.168.255.2 description\ - \ DC1-SPINE2\n redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle\ - \ Tenant_A_APP_Zone\n rd 192.168.255.4:12\n route-target both 12:12\n\ - \ redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n\ - \ rd 192.168.255.4:13\n route-target both 13:13\n redistribute\ - \ learned\n vlan 140-141\n !\n vlan-aware-bundle Tenant_A_NFS\n \ - \ rd 192.168.255.4:10161\n route-target both 10161:10161\n redistribute\ - \ learned\n vlan 161\n !\n vlan-aware-bundle Tenant_A_OP_Zone\n \ - \ rd 192.168.255.4:10\n route-target both 10:10\n redistribute learned\n\ - \ vlan 110-112\n !\n vlan-aware-bundle Tenant_A_VMOTION\n rd 192.168.255.4:55160\n\ - \ route-target both 55160:55160\n redistribute learned\n vlan 160\n\ - \ !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd 192.168.255.4:14\n \ - \ route-target both 14:14\n redistribute learned\n vlan 150\n !\n\ - \ vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.4:11\n route-target\ - \ both 11:11\n redistribute learned\n vlan 120-121\n !\n vlan-aware-bundle\ - \ Tenant_B_OP_Zone\n rd 192.168.255.4:20\n route-target both 20:20\n\ - \ redistribute learned\n vlan 210-211\n !\n vlan-aware-bundle Tenant_B_WAN_Zone\n\ - \ rd 192.168.255.4:21\n route-target both 21:21\n redistribute\ - \ learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n \ - \ rd 192.168.255.4:30\n route-target both 30:30\n redistribute learned\n\ - \ vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd 192.168.255.4:31\n\ - \ route-target both 31:31\n redistribute learned\n vlan 350\n \ - \ !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n\ - \ address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n \ - \ neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ activate\n !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.4:12\n route-target\ - \ import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.4\n\ - \ neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_DB_Zone\n rd 192.168.255.4:13\n route-target\ - \ import evpn 13:13\n route-target export evpn 13:13\n router-id 192.168.255.4\n\ - \ neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.4:10\n route-target\ - \ import evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.4\n\ - \ neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.4:14\n \ - \ route-target import evpn 14:14\n route-target export evpn 14:14\n \ - \ router-id 192.168.255.4\n neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.4:11\n\ - \ route-target import evpn 11:11\n route-target export evpn 11:11\n\ - \ router-id 192.168.255.4\n neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.4:20\n\ - \ route-target import evpn 20:20\n route-target export evpn 20:20\n\ - \ router-id 192.168.255.4\n neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.4:21\n\ - \ route-target import evpn 21:21\n route-target export evpn 21:21\n\ - \ router-id 192.168.255.4\n neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.4:30\n\ - \ route-target import evpn 30:30\n route-target export evpn 30:30\n\ - \ router-id 192.168.255.4\n neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.4:31\n\ - \ route-target import evpn 31:31\n route-target export evpn 31:31\n\ - \ router-id 192.168.255.4\n neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n!\nmanagement api http-commands\n protocol https\n\ - \ no shutdown\n !\n vrf MGMT\n no shutdown\n!\nend\n" - DC1-AVD_DC1-LEAF2A: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec\ - \ /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata\ - \ -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n\ - !\nvlan internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode\ - \ 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname DC1-LEAF2A\n\ - ip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface\ - \ vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server\ - \ vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nno spanning-tree vlan-id\ - \ 4093-4094\nspanning-tree mst 0 priority 16384\n!\nno aaa root\nno enable password\n\ - !\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\n\ - username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\n\ - username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n\ - !\nvlan 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n\ - !\nvlan 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n\ - !\nvlan 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n\ - !\nvlan 131\n name Tenant_A_APP_Zone_2\n!\nvlan 140\n name Tenant_A_DB_BZone_1\n\ - !\nvlan 141\n name Tenant_A_DB_Zone_2\n!\nvlan 150\n name Tenant_A_WAN_Zone_1\n\ - !\nvlan 160\n name Tenant_A_VMOTION\n!\nvlan 161\n name Tenant_A_NFS\n!\n\ - vlan 210\n name Tenant_B_OP_Zone_1\n!\nvlan 211\n name Tenant_B_OP_Zone_2\n\ - !\nvlan 250\n name Tenant_B_WAN_Zone_1\n!\nvlan 310\n name Tenant_C_OP_Zone_1\n\ - !\nvlan 311\n name Tenant_C_OP_Zone_2\n!\nvlan 350\n name Tenant_C_WAN_Zone_1\n\ - !\nvlan 3009\n name MLAG_iBGP_Tenant_A_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3010\n name MLAG_iBGP_Tenant_A_WEB_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3011\n name MLAG_iBGP_Tenant_A_APP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3012\n name MLAG_iBGP_Tenant_A_DB_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3013\n name MLAG_iBGP_Tenant_A_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3019\n name MLAG_iBGP_Tenant_B_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3020\n name MLAG_iBGP_Tenant_B_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3029\n name MLAG_iBGP_Tenant_C_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3030\n name MLAG_iBGP_Tenant_C_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 4093\n name LEAF_PEER_L3\n trunk group LEAF_PEER_L3\n!\nvlan 4094\n\ - \ name MLAG_PEER\n trunk group MLAG\n!\nvrf instance MGMT\n!\nvrf instance\ - \ Tenant_A_APP_Zone\n!\nvrf instance Tenant_A_DB_Zone\n!\nvrf instance Tenant_A_OP_Zone\n\ - !\nvrf instance Tenant_A_WAN_Zone\n!\nvrf instance Tenant_A_WEB_Zone\n!\nvrf instance\ - \ Tenant_B_OP_Zone\n!\nvrf instance Tenant_B_WAN_Zone\n!\nvrf instance Tenant_C_OP_Zone\n\ - !\nvrf instance Tenant_C_WAN_Zone\n!\ninterface Port-Channel3\n description\ - \ MLAG_PEER_DC1-LEAF2B_Po3\n no shutdown\n switchport\n switchport trunk\ - \ allowed vlan 2-4094\n switchport mode trunk\n switchport trunk group LEAF_PEER_L3\n\ - \ switchport trunk group MLAG\n!\ninterface Port-Channel5\n description DC1-L2LEAF2A_Po1\n\ - \ no shutdown\n switchport\n switchport trunk allowed vlan 110-112,120-121,130-131\n\ - \ switchport mode trunk\n mlag 5\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-SPINE1_Ethernet3\n\ - \ no shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.9/31\n\ - !\ninterface Ethernet2\n description P2P_LINK_TO_DC1-SPINE2_Ethernet3\n no\ - \ shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.11/31\n!\n\ - interface Ethernet3\n description MLAG_PEER_DC1-LEAF2B_Ethernet3\n no shutdown\n\ - \ channel-group 3 mode active\n!\ninterface Ethernet4\n description MLAG_PEER_DC1-LEAF2B_Ethernet4\n\ - \ no shutdown\n channel-group 3 mode active\n!\ninterface Ethernet5\n description\ - \ DC1-L2LEAF2A_Ethernet1\n no shutdown\n channel-group 5 mode active\n!\n\ - interface Loopback0\n description EVPN_Overlay_Peering\n no shutdown\n ip\ - \ address 192.168.255.5/32\n!\ninterface Loopback1\n description VTEP_VXLAN_Tunnel_Source\n\ - \ no shutdown\n ip address 192.168.254.5/32\n!\ninterface Loopback100\n \ - \ description Tenant_A_OP_Zone_VTEP_DIAGNOSTICS\n no shutdown\n vrf Tenant_A_OP_Zone\n\ - \ ip address 10.255.1.5/32\n!\ninterface Management1\n description oob_management\n\ - \ no shutdown\n vrf MGMT\n ip address 10.255.0.15/24\n!\ninterface Vlan110\n\ - \ description Tenant_A_OP_Zone_1\n no shutdown\n vrf Tenant_A_OP_Zone\n\ - \ ip address virtual 10.1.10.1/24\n!\ninterface Vlan111\n description Tenant_A_OP_Zone_2\n\ - \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.11.1/24\n\ - !\ninterface Vlan112\n description Tenant_A_OP_Zone_3\n no shutdown\n vrf\ - \ Tenant_A_OP_Zone\n ip address virtual 10.1.12.254/24\n!\ninterface Vlan120\n\ - \ description Tenant_A_WEB_Zone_1\n no shutdown\n vrf Tenant_A_WEB_Zone\n\ - !\ninterface Vlan121\n description Tenant_A_WEBZone_2\n no shutdown\n vrf\ - \ Tenant_A_WEB_Zone\n ip address virtual 10.1.21.1/24\n!\ninterface Vlan130\n\ - \ description Tenant_A_APP_Zone_1\n no shutdown\n vrf Tenant_A_APP_Zone\n\ - !\ninterface Vlan131\n description Tenant_A_APP_Zone_2\n no shutdown\n vrf\ - \ Tenant_A_APP_Zone\n ip address virtual 10.1.31.254/24\n!\ninterface Vlan140\n\ - \ description Tenant_A_DB_BZone_1\n no shutdown\n vrf Tenant_A_DB_Zone\n\ - \ ip address virtual 10.1.40.1/24\n!\ninterface Vlan141\n description Tenant_A_DB_Zone_2\n\ - \ no shutdown\n vrf Tenant_A_DB_Zone\n ip address virtual 10.1.41.1/24\n\ - !\ninterface Vlan150\n description Tenant_A_WAN_Zone_1\n no shutdown\n vrf\ - \ Tenant_A_WAN_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface Vlan210\n\ - \ description Tenant_B_OP_Zone_1\n no shutdown\n vrf Tenant_B_OP_Zone\n\ - !\ninterface Vlan211\n description Tenant_B_OP_Zone_2\n no shutdown\n vrf\ - \ Tenant_B_OP_Zone\n ip address virtual 10.2.11.1/24\n!\ninterface Vlan250\n\ - \ description Tenant_B_WAN_Zone_1\n no shutdown\n vrf Tenant_B_WAN_Zone\n\ - \ ip address virtual 10.2.50.1/24\n!\ninterface Vlan310\n description Tenant_C_OP_Zone_1\n\ - \ no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface Vlan311\n description\ - \ Tenant_C_OP_Zone_2\n no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface Vlan350\n\ - \ description Tenant_C_WAN_Zone_1\n no shutdown\n vrf Tenant_C_WAN_Zone\n\ - !\ninterface Vlan3009\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_OP_Zone\n ip address 10.255.251.4/31\n\ - !\ninterface Vlan3010\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_WEB_Zone\n ip address 10.255.251.4/31\n\ - !\ninterface Vlan3011\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_APP_Zone\n ip address 10.255.251.4/31\n\ - !\ninterface Vlan3012\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_DB_Zone\n ip address 10.255.251.4/31\n\ - !\ninterface Vlan3013\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_WAN_Zone\n ip address 10.255.251.4/31\n\ - !\ninterface Vlan3019\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_B_OP_Zone\n ip address 10.255.251.4/31\n\ - !\ninterface Vlan3020\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_B_WAN_Zone\n ip address 10.255.251.4/31\n\ - !\ninterface Vlan3029\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_C_OP_Zone\n ip address 10.255.251.4/31\n\ - !\ninterface Vlan3030\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_C_WAN_Zone\n ip address 10.255.251.4/31\n\ - !\ninterface Vlan4093\n description MLAG_PEER_L3_PEERING\n no shutdown\n \ - \ mtu 1500\n ip address 10.255.251.4/31\n!\ninterface Vlan4094\n description\ - \ MLAG_PEER\n no shutdown\n mtu 1500\n no autostate\n ip address 10.255.252.4/31\n\ - !\ninterface Vxlan1\n description DC1-LEAF2A_VTEP\n vxlan source-interface\ - \ Loopback1\n vxlan virtual-router encapsulation mac-address mlag-system-id\n\ - \ vxlan udp-port 4789\n vxlan vlan 110 vni 10110\n vxlan vlan 111 vni 50111\n\ - \ vxlan vlan 112 vni 50112\n vxlan vlan 120 vni 10120\n vxlan vlan 121 vni\ - \ 10121\n vxlan vlan 130 vni 10130\n vxlan vlan 131 vni 10131\n vxlan vlan\ - \ 140 vni 10140\n vxlan vlan 141 vni 10141\n vxlan vlan 150 vni 10150\n \ - \ vxlan vlan 160 vni 55160\n vxlan vlan 161 vni 10161\n vxlan vlan 210 vni\ - \ 20210\n vxlan vlan 211 vni 20211\n vxlan vlan 250 vni 20250\n vxlan vlan\ - \ 310 vni 30310\n vxlan vlan 311 vni 30311\n vxlan vlan 350 vni 30350\n \ - \ vxlan vrf Tenant_A_APP_Zone vni 12\n vxlan vrf Tenant_A_DB_Zone vni 13\n \ - \ vxlan vrf Tenant_A_OP_Zone vni 10\n vxlan vrf Tenant_A_WAN_Zone vni 14\n\ - \ vxlan vrf Tenant_A_WEB_Zone vni 11\n vxlan vrf Tenant_B_OP_Zone vni 20\n\ - \ vxlan vrf Tenant_B_WAN_Zone vni 21\n vxlan vrf Tenant_C_OP_Zone vni 30\n\ - \ vxlan vrf Tenant_C_WAN_Zone vni 31\n!\nip virtual-router mac-address 00:1c:73:00:dc:01\n\ - !\nip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.5\n!\n\ - ip routing\nno ip routing vrf MGMT\nip routing vrf Tenant_A_APP_Zone\nip routing\ - \ vrf Tenant_A_DB_Zone\nip routing vrf Tenant_A_OP_Zone\nip routing vrf Tenant_A_WAN_Zone\n\ - ip routing vrf Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing\ - \ vrf Tenant_B_WAN_Zone\nip routing vrf Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n\ - !\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24\ - \ eq 32\n seq 20 permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id\ - \ DC1_LEAF2\n local-interface Vlan4094\n peer-address 10.255.252.5\n peer-link\ - \ Port-Channel3\n reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip\ - \ route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map RM-CONN-2-BGP permit 10\n\ - \ match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN\ - \ permit 10\n description Make routes learned over MLAG Peer-link less preferred\ - \ on spines to ensure optimal routing\n set origin incomplete\n!\nrouter bfd\n\ - \ multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65102\n router-id\ - \ 192.168.255.5\n no bgp default ipv4-unicast\n distance bgp 20 200 200\n\ - \ graceful-restart restart-time 300\n graceful-restart\n maximum-paths 4\ - \ ecmp 4\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS\ - \ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS\ - \ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n\ - \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS\ - \ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS\ - \ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n\ - \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102\n neighbor\ - \ MLAG-IPv4-UNDERLAY-PEER next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER password\ - \ 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n\ - \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ neighbor 10.255.251.5 description DC1-LEAF2B\n neighbor 172.31.255.8 peer\ - \ group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.8 remote-as 65001\n neighbor\ - \ 172.31.255.8 description DC1-SPINE1_Ethernet3\n neighbor 172.31.255.10 peer\ - \ group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.10 remote-as 65001\n neighbor\ - \ 172.31.255.10 description DC1-SPINE2_Ethernet3\n neighbor 192.168.255.1 peer\ - \ group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor\ - \ 192.168.255.1 description DC1-SPINE1\n neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n\ - \ neighbor 192.168.255.2 remote-as 65001\n neighbor 192.168.255.2 description\ - \ DC1-SPINE2\n redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle\ - \ Tenant_A_APP_Zone\n rd 192.168.255.5:12\n route-target both 12:12\n\ - \ redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n\ - \ rd 192.168.255.5:13\n route-target both 13:13\n redistribute\ - \ learned\n vlan 140-141\n !\n vlan-aware-bundle Tenant_A_NFS\n \ - \ rd 192.168.255.5:10161\n route-target both 10161:10161\n redistribute\ - \ learned\n vlan 161\n !\n vlan-aware-bundle Tenant_A_OP_Zone\n \ - \ rd 192.168.255.5:10\n route-target both 10:10\n redistribute learned\n\ - \ vlan 110-112\n !\n vlan-aware-bundle Tenant_A_VMOTION\n rd 192.168.255.5:55160\n\ - \ route-target both 55160:55160\n redistribute learned\n vlan 160\n\ - \ !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd 192.168.255.5:14\n \ - \ route-target both 14:14\n redistribute learned\n vlan 150\n !\n\ - \ vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.5:11\n route-target\ - \ both 11:11\n redistribute learned\n vlan 120-121\n !\n vlan-aware-bundle\ - \ Tenant_B_OP_Zone\n rd 192.168.255.5:20\n route-target both 20:20\n\ - \ redistribute learned\n vlan 210-211\n !\n vlan-aware-bundle Tenant_B_WAN_Zone\n\ - \ rd 192.168.255.5:21\n route-target both 21:21\n redistribute\ - \ learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n \ - \ rd 192.168.255.5:30\n route-target both 30:30\n redistribute learned\n\ - \ vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd 192.168.255.5:31\n\ - \ route-target both 31:31\n redistribute learned\n vlan 350\n \ - \ !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n\ - \ address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n \ - \ neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ activate\n !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.5:12\n route-target\ - \ import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.5\n\ - \ neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_DB_Zone\n rd 192.168.255.5:13\n route-target\ - \ import evpn 13:13\n route-target export evpn 13:13\n router-id 192.168.255.5\n\ - \ neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.5:10\n route-target\ - \ import evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.5\n\ - \ neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.5:14\n \ - \ route-target import evpn 14:14\n route-target export evpn 14:14\n \ - \ router-id 192.168.255.5\n neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.5:11\n\ - \ route-target import evpn 11:11\n route-target export evpn 11:11\n\ - \ router-id 192.168.255.5\n neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.5:20\n\ - \ route-target import evpn 20:20\n route-target export evpn 20:20\n\ - \ router-id 192.168.255.5\n neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.5:21\n\ - \ route-target import evpn 21:21\n route-target export evpn 21:21\n\ - \ router-id 192.168.255.5\n neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.5:30\n\ - \ route-target import evpn 30:30\n route-target export evpn 30:30\n\ - \ router-id 192.168.255.5\n neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.5:31\n\ - \ route-target import evpn 31:31\n route-target export evpn 31:31\n\ - \ router-id 192.168.255.5\n neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n!\nmanagement api http-commands\n protocol https\n\ - \ no shutdown\n !\n vrf MGMT\n no shutdown\n!\nend\n" - DC1-AVD_DC1-LEAF2B: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec\ - \ /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata\ - \ -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n\ - !\nvlan internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode\ - \ 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname DC1-LEAF2B\n\ - ip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface\ - \ vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server\ - \ vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nno spanning-tree vlan-id\ - \ 4093-4094\nspanning-tree mst 0 priority 16384\n!\nno aaa root\nno enable password\n\ - !\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\n\ - username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\n\ - username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n\ - !\nvlan 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n\ - !\nvlan 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n\ - !\nvlan 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n\ - !\nvlan 131\n name Tenant_A_APP_Zone_2\n!\nvlan 140\n name Tenant_A_DB_BZone_1\n\ - !\nvlan 141\n name Tenant_A_DB_Zone_2\n!\nvlan 150\n name Tenant_A_WAN_Zone_1\n\ - !\nvlan 160\n name Tenant_A_VMOTION\n!\nvlan 161\n name Tenant_A_NFS\n!\n\ - vlan 210\n name Tenant_B_OP_Zone_1\n!\nvlan 211\n name Tenant_B_OP_Zone_2\n\ - !\nvlan 250\n name Tenant_B_WAN_Zone_1\n!\nvlan 310\n name Tenant_C_OP_Zone_1\n\ - !\nvlan 311\n name Tenant_C_OP_Zone_2\n!\nvlan 350\n name Tenant_C_WAN_Zone_1\n\ - !\nvlan 3009\n name MLAG_iBGP_Tenant_A_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3010\n name MLAG_iBGP_Tenant_A_WEB_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3011\n name MLAG_iBGP_Tenant_A_APP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3012\n name MLAG_iBGP_Tenant_A_DB_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3013\n name MLAG_iBGP_Tenant_A_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3019\n name MLAG_iBGP_Tenant_B_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3020\n name MLAG_iBGP_Tenant_B_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3029\n name MLAG_iBGP_Tenant_C_OP_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 3030\n name MLAG_iBGP_Tenant_C_WAN_Zone\n trunk group LEAF_PEER_L3\n\ - !\nvlan 4093\n name LEAF_PEER_L3\n trunk group LEAF_PEER_L3\n!\nvlan 4094\n\ - \ name MLAG_PEER\n trunk group MLAG\n!\nvrf instance MGMT\n!\nvrf instance\ - \ Tenant_A_APP_Zone\n!\nvrf instance Tenant_A_DB_Zone\n!\nvrf instance Tenant_A_OP_Zone\n\ - !\nvrf instance Tenant_A_WAN_Zone\n!\nvrf instance Tenant_A_WEB_Zone\n!\nvrf instance\ - \ Tenant_B_OP_Zone\n!\nvrf instance Tenant_B_WAN_Zone\n!\nvrf instance Tenant_C_OP_Zone\n\ - !\nvrf instance Tenant_C_WAN_Zone\n!\ninterface Port-Channel3\n description\ - \ MLAG_PEER_DC1-LEAF2A_Po3\n no shutdown\n switchport\n switchport trunk\ - \ allowed vlan 2-4094\n switchport mode trunk\n switchport trunk group LEAF_PEER_L3\n\ - \ switchport trunk group MLAG\n!\ninterface Port-Channel5\n description DC1-L2LEAF2A_Po1\n\ - \ no shutdown\n switchport\n switchport trunk allowed vlan 110-112,120-121,130-131\n\ - \ switchport mode trunk\n mlag 5\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-SPINE1_Ethernet4\n\ - \ no shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.13/31\n\ - !\ninterface Ethernet2\n description P2P_LINK_TO_DC1-SPINE2_Ethernet4\n no\ - \ shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.15/31\n!\n\ - interface Ethernet3\n description MLAG_PEER_DC1-LEAF2A_Ethernet3\n no shutdown\n\ - \ channel-group 3 mode active\n!\ninterface Ethernet4\n description MLAG_PEER_DC1-LEAF2A_Ethernet4\n\ - \ no shutdown\n channel-group 3 mode active\n!\ninterface Ethernet5\n description\ - \ DC1-L2LEAF2A_Ethernet2\n no shutdown\n channel-group 5 mode active\n!\n\ - interface Loopback0\n description EVPN_Overlay_Peering\n no shutdown\n ip\ - \ address 192.168.255.6/32\n!\ninterface Loopback1\n description VTEP_VXLAN_Tunnel_Source\n\ - \ no shutdown\n ip address 192.168.254.5/32\n!\ninterface Loopback100\n \ - \ description Tenant_A_OP_Zone_VTEP_DIAGNOSTICS\n no shutdown\n vrf Tenant_A_OP_Zone\n\ - \ ip address 10.255.1.6/32\n!\ninterface Management1\n description oob_management\n\ - \ no shutdown\n vrf MGMT\n ip address 10.255.0.16/24\n!\ninterface Vlan110\n\ - \ description Tenant_A_OP_Zone_1\n no shutdown\n vrf Tenant_A_OP_Zone\n\ - \ ip address virtual 10.1.10.1/24\n!\ninterface Vlan111\n description Tenant_A_OP_Zone_2\n\ - \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.11.1/24\n\ - !\ninterface Vlan112\n description Tenant_A_OP_Zone_3\n no shutdown\n vrf\ - \ Tenant_A_OP_Zone\n ip address virtual 10.1.12.254/24\n!\ninterface Vlan120\n\ - \ description Tenant_A_WEB_Zone_1\n no shutdown\n vrf Tenant_A_WEB_Zone\n\ - !\ninterface Vlan121\n description Tenant_A_WEBZone_2\n no shutdown\n vrf\ - \ Tenant_A_WEB_Zone\n ip address virtual 10.1.21.1/24\n!\ninterface Vlan130\n\ - \ description Tenant_A_APP_Zone_1\n no shutdown\n vrf Tenant_A_APP_Zone\n\ - !\ninterface Vlan131\n description Tenant_A_APP_Zone_2\n no shutdown\n vrf\ - \ Tenant_A_APP_Zone\n ip address virtual 10.1.31.254/24\n!\ninterface Vlan140\n\ - \ description Tenant_A_DB_BZone_1\n no shutdown\n vrf Tenant_A_DB_Zone\n\ - \ ip address virtual 10.1.40.1/24\n!\ninterface Vlan141\n description Tenant_A_DB_Zone_2\n\ - \ no shutdown\n vrf Tenant_A_DB_Zone\n ip address virtual 10.1.41.1/24\n\ - !\ninterface Vlan150\n description Tenant_A_WAN_Zone_1\n no shutdown\n vrf\ - \ Tenant_A_WAN_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface Vlan210\n\ - \ description Tenant_B_OP_Zone_1\n no shutdown\n vrf Tenant_B_OP_Zone\n\ - !\ninterface Vlan211\n description Tenant_B_OP_Zone_2\n no shutdown\n vrf\ - \ Tenant_B_OP_Zone\n ip address virtual 10.2.11.1/24\n!\ninterface Vlan250\n\ - \ description Tenant_B_WAN_Zone_1\n no shutdown\n vrf Tenant_B_WAN_Zone\n\ - \ ip address virtual 10.2.50.1/24\n!\ninterface Vlan310\n description Tenant_C_OP_Zone_1\n\ - \ no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface Vlan311\n description\ - \ Tenant_C_OP_Zone_2\n no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface Vlan350\n\ - \ description Tenant_C_WAN_Zone_1\n no shutdown\n vrf Tenant_C_WAN_Zone\n\ - !\ninterface Vlan3009\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_OP_Zone\n ip address 10.255.251.5/31\n\ - !\ninterface Vlan3010\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_WEB_Zone\n ip address 10.255.251.5/31\n\ - !\ninterface Vlan3011\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_APP_Zone\n ip address 10.255.251.5/31\n\ - !\ninterface Vlan3012\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_DB_Zone\n ip address 10.255.251.5/31\n\ - !\ninterface Vlan3013\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_A_WAN_Zone\n ip address 10.255.251.5/31\n\ - !\ninterface Vlan3019\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_B_OP_Zone\n ip address 10.255.251.5/31\n\ - !\ninterface Vlan3020\n description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_B_WAN_Zone\n ip address 10.255.251.5/31\n\ - !\ninterface Vlan3029\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_C_OP_Zone\n ip address 10.255.251.5/31\n\ - !\ninterface Vlan3030\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone\n\ - \ no shutdown\n mtu 1500\n vrf Tenant_C_WAN_Zone\n ip address 10.255.251.5/31\n\ - !\ninterface Vlan4093\n description MLAG_PEER_L3_PEERING\n no shutdown\n \ - \ mtu 1500\n ip address 10.255.251.5/31\n!\ninterface Vlan4094\n description\ - \ MLAG_PEER\n no shutdown\n mtu 1500\n no autostate\n ip address 10.255.252.5/31\n\ - !\ninterface Vxlan1\n description DC1-LEAF2B_VTEP\n vxlan source-interface\ - \ Loopback1\n vxlan virtual-router encapsulation mac-address mlag-system-id\n\ - \ vxlan udp-port 4789\n vxlan vlan 110 vni 10110\n vxlan vlan 111 vni 50111\n\ - \ vxlan vlan 112 vni 50112\n vxlan vlan 120 vni 10120\n vxlan vlan 121 vni\ - \ 10121\n vxlan vlan 130 vni 10130\n vxlan vlan 131 vni 10131\n vxlan vlan\ - \ 140 vni 10140\n vxlan vlan 141 vni 10141\n vxlan vlan 150 vni 10150\n \ - \ vxlan vlan 160 vni 55160\n vxlan vlan 161 vni 10161\n vxlan vlan 210 vni\ - \ 20210\n vxlan vlan 211 vni 20211\n vxlan vlan 250 vni 20250\n vxlan vlan\ - \ 310 vni 30310\n vxlan vlan 311 vni 30311\n vxlan vlan 350 vni 30350\n \ - \ vxlan vrf Tenant_A_APP_Zone vni 12\n vxlan vrf Tenant_A_DB_Zone vni 13\n \ - \ vxlan vrf Tenant_A_OP_Zone vni 10\n vxlan vrf Tenant_A_WAN_Zone vni 14\n\ - \ vxlan vrf Tenant_A_WEB_Zone vni 11\n vxlan vrf Tenant_B_OP_Zone vni 20\n\ - \ vxlan vrf Tenant_B_WAN_Zone vni 21\n vxlan vrf Tenant_C_OP_Zone vni 30\n\ - \ vxlan vrf Tenant_C_WAN_Zone vni 31\n!\nip virtual-router mac-address 00:1c:73:00:dc:01\n\ - !\nip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.6\n!\n\ - ip routing\nno ip routing vrf MGMT\nip routing vrf Tenant_A_APP_Zone\nip routing\ - \ vrf Tenant_A_DB_Zone\nip routing vrf Tenant_A_OP_Zone\nip routing vrf Tenant_A_WAN_Zone\n\ - ip routing vrf Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing\ - \ vrf Tenant_B_WAN_Zone\nip routing vrf Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n\ - !\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24\ - \ eq 32\n seq 20 permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id\ - \ DC1_LEAF2\n local-interface Vlan4094\n peer-address 10.255.252.4\n peer-link\ - \ Port-Channel3\n reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip\ - \ route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map RM-CONN-2-BGP permit 10\n\ - \ match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN\ - \ permit 10\n description Make routes learned over MLAG Peer-link less preferred\ - \ on spines to ensure optimal routing\n set origin incomplete\n!\nrouter bfd\n\ - \ multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65102\n router-id\ - \ 192.168.255.6\n no bgp default ipv4-unicast\n distance bgp 20 200 200\n\ - \ graceful-restart restart-time 300\n graceful-restart\n maximum-paths 4\ - \ ecmp 4\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS\ - \ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS\ - \ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n\ - \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS\ - \ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS\ - \ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n\ - \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102\n neighbor\ - \ MLAG-IPv4-UNDERLAY-PEER next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER password\ - \ 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n\ - \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ neighbor 10.255.251.4 description DC1-LEAF2A\n neighbor 172.31.255.12 peer\ - \ group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.12 remote-as 65001\n neighbor\ - \ 172.31.255.12 description DC1-SPINE1_Ethernet4\n neighbor 172.31.255.14 peer\ - \ group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.14 remote-as 65001\n neighbor\ - \ 172.31.255.14 description DC1-SPINE2_Ethernet4\n neighbor 192.168.255.1 peer\ - \ group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor\ - \ 192.168.255.1 description DC1-SPINE1\n neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n\ - \ neighbor 192.168.255.2 remote-as 65001\n neighbor 192.168.255.2 description\ - \ DC1-SPINE2\n redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle\ - \ Tenant_A_APP_Zone\n rd 192.168.255.6:12\n route-target both 12:12\n\ - \ redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n\ - \ rd 192.168.255.6:13\n route-target both 13:13\n redistribute\ - \ learned\n vlan 140-141\n !\n vlan-aware-bundle Tenant_A_NFS\n \ - \ rd 192.168.255.6:10161\n route-target both 10161:10161\n redistribute\ - \ learned\n vlan 161\n !\n vlan-aware-bundle Tenant_A_OP_Zone\n \ - \ rd 192.168.255.6:10\n route-target both 10:10\n redistribute learned\n\ - \ vlan 110-112\n !\n vlan-aware-bundle Tenant_A_VMOTION\n rd 192.168.255.6:55160\n\ - \ route-target both 55160:55160\n redistribute learned\n vlan 160\n\ - \ !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd 192.168.255.6:14\n \ - \ route-target both 14:14\n redistribute learned\n vlan 150\n !\n\ - \ vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.6:11\n route-target\ - \ both 11:11\n redistribute learned\n vlan 120-121\n !\n vlan-aware-bundle\ - \ Tenant_B_OP_Zone\n rd 192.168.255.6:20\n route-target both 20:20\n\ - \ redistribute learned\n vlan 210-211\n !\n vlan-aware-bundle Tenant_B_WAN_Zone\n\ - \ rd 192.168.255.6:21\n route-target both 21:21\n redistribute\ - \ learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n \ - \ rd 192.168.255.6:30\n route-target both 30:30\n redistribute learned\n\ - \ vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd 192.168.255.6:31\n\ - \ route-target both 31:31\n redistribute learned\n vlan 350\n \ - \ !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n\ - \ address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n \ - \ neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER\ - \ activate\n !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.6:12\n route-target\ - \ import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.6\n\ - \ neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_DB_Zone\n rd 192.168.255.6:13\n route-target\ - \ import evpn 13:13\n route-target export evpn 13:13\n router-id 192.168.255.6\n\ - \ neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.6:10\n route-target\ - \ import evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.6\n\ - \ neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute\ - \ connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.6:14\n \ - \ route-target import evpn 14:14\n route-target export evpn 14:14\n \ - \ router-id 192.168.255.6\n neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.6:11\n\ - \ route-target import evpn 11:11\n route-target export evpn 11:11\n\ - \ router-id 192.168.255.6\n neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.6:20\n\ - \ route-target import evpn 20:20\n route-target export evpn 20:20\n\ - \ router-id 192.168.255.6\n neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.6:21\n\ - \ route-target import evpn 21:21\n route-target export evpn 21:21\n\ - \ router-id 192.168.255.6\n neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.6:30\n\ - \ route-target import evpn 30:30\n route-target export evpn 30:30\n\ - \ router-id 192.168.255.6\n neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.6:31\n\ - \ route-target import evpn 31:31\n route-target export evpn 31:31\n\ - \ router-id 192.168.255.6\n neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n\ - \ redistribute connected\n!\nmanagement api http-commands\n protocol https\n\ - \ no shutdown\n !\n vrf MGMT\n no shutdown\n!\nend\n" - DC1-AVD_DC1-SPINE1: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec\ - \ /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata\ - \ -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n\ - !\nvlan internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode\ - \ 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname DC1-SPINE1\n\ - ip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface\ - \ vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server\ - \ vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode none\n!\nno aaa root\nno enable\ - \ password\n!\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\n\ - username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\n\ - username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n\ - !\nvrf instance MGMT\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-LEAF1A_Ethernet1\n\ - \ no shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.0/31\n\ - !\ninterface Ethernet2\n description P2P_LINK_TO_DC1-LEAF1B_Ethernet1\n no\ - \ shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.4/31\n!\n\ - interface Ethernet3\n description P2P_LINK_TO_DC1-LEAF2A_Ethernet1\n no shutdown\n\ - \ mtu 1500\n no switchport\n ip address 172.31.255.8/31\n!\ninterface Ethernet4\n\ - \ description P2P_LINK_TO_DC1-LEAF2B_Ethernet1\n no shutdown\n mtu 1500\n\ - \ no switchport\n ip address 172.31.255.12/31\n!\ninterface Loopback0\n \ - \ description EVPN_Overlay_Peering\n no shutdown\n ip address 192.168.255.1/32\n\ - !\ninterface Management1\n description oob_management\n no shutdown\n vrf\ - \ MGMT\n ip address 10.255.0.11/24\n!\nip routing\nno ip routing vrf MGMT\n\ - !\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24\ - \ eq 32\n!\nip route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map RM-CONN-2-BGP\ - \ permit 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nrouter\ - \ bfd\n multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65001\n\ - \ router-id 192.168.255.1\n no bgp default ipv4-unicast\n distance bgp 20\ - \ 200 200\n graceful-restart restart-time 300\n graceful-restart\n maximum-paths\ - \ 4 ecmp 4\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS\ - \ next-hop-unchanged\n neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n\ - \ neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop\ - \ 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor\ - \ EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS maximum-routes\ - \ 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS\ - \ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n\ - \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor 172.31.255.1\ - \ peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.1 remote-as 65101\n \ - \ neighbor 172.31.255.1 description DC1-LEAF1A_Ethernet1\n neighbor 172.31.255.5\ - \ peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.5 remote-as 65101\n \ - \ neighbor 172.31.255.5 description DC1-LEAF1B_Ethernet1\n neighbor 172.31.255.9\ - \ peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.9 remote-as 65102\n \ - \ neighbor 172.31.255.9 description DC1-LEAF2A_Ethernet1\n neighbor 172.31.255.13\ - \ peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.13 remote-as 65102\n\ - \ neighbor 172.31.255.13 description DC1-LEAF2B_Ethernet1\n neighbor 192.168.255.3\ - \ peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3 remote-as 65101\n \ - \ neighbor 192.168.255.3 description DC1-LEAF1A\n neighbor 192.168.255.4 peer\ - \ group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4 remote-as 65101\n neighbor\ - \ 192.168.255.4 description DC1-LEAF1B\n neighbor 192.168.255.5 peer group EVPN-OVERLAY-PEERS\n\ - \ neighbor 192.168.255.5 remote-as 65102\n neighbor 192.168.255.5 description\ - \ DC1-LEAF2A\n neighbor 192.168.255.6 peer group EVPN-OVERLAY-PEERS\n neighbor\ - \ 192.168.255.6 remote-as 65102\n neighbor 192.168.255.6 description DC1-LEAF2B\n\ - \ redistribute connected route-map RM-CONN-2-BGP\n !\n address-family evpn\n\ - \ neighbor EVPN-OVERLAY-PEERS activate\n !\n address-family ipv4\n \ - \ no neighbor EVPN-OVERLAY-PEERS activate\n neighbor IPv4-UNDERLAY-PEERS\ - \ activate\n!\nmanagement api http-commands\n protocol https\n no shutdown\n\ - \ !\n vrf MGMT\n no shutdown\n!\nend\n" - DC1-AVD_DC1-SPINE2: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec\ - \ /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata\ - \ -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs\n no shutdown\n\ - !\nvlan internal order ascending range 1006 1199\n!\ntransceiver qsfp default-mode\ - \ 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname DC1-SPINE2\n\ - ip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp local-interface\ - \ vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp server\ - \ vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode none\n!\nno aaa root\nno enable\ - \ password\n!\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\n\ - username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\n\ - username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n\ - !\nvrf instance MGMT\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-LEAF1A_Ethernet2\n\ - \ no shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.2/31\n\ - !\ninterface Ethernet2\n description P2P_LINK_TO_DC1-LEAF1B_Ethernet2\n no\ - \ shutdown\n mtu 1500\n no switchport\n ip address 172.31.255.6/31\n!\n\ - interface Ethernet3\n description P2P_LINK_TO_DC1-LEAF2A_Ethernet2\n no shutdown\n\ - \ mtu 1500\n no switchport\n ip address 172.31.255.10/31\n!\ninterface Ethernet4\n\ - \ description P2P_LINK_TO_DC1-LEAF2B_Ethernet2\n no shutdown\n mtu 1500\n\ - \ no switchport\n ip address 172.31.255.14/31\n!\ninterface Loopback0\n \ - \ description EVPN_Overlay_Peering\n no shutdown\n ip address 192.168.255.2/32\n\ - !\ninterface Management1\n description oob_management\n no shutdown\n vrf\ - \ MGMT\n ip address 10.255.0.12/24\n!\nip routing\nno ip routing vrf MGMT\n\ - !\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24\ - \ eq 32\n!\nip route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map RM-CONN-2-BGP\ - \ permit 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nrouter\ - \ bfd\n multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65001\n\ - \ router-id 192.168.255.2\n no bgp default ipv4-unicast\n distance bgp 20\ - \ 200 200\n graceful-restart restart-time 300\n graceful-restart\n maximum-paths\ - \ 4 ecmp 4\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS\ - \ next-hop-unchanged\n neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n\ - \ neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop\ - \ 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor\ - \ EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS maximum-routes\ - \ 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS\ - \ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n\ - \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor 172.31.255.3\ - \ peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.3 remote-as 65101\n \ - \ neighbor 172.31.255.3 description DC1-LEAF1A_Ethernet2\n neighbor 172.31.255.7\ - \ peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.7 remote-as 65101\n \ - \ neighbor 172.31.255.7 description DC1-LEAF1B_Ethernet2\n neighbor 172.31.255.11\ - \ peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.11 remote-as 65102\n\ - \ neighbor 172.31.255.11 description DC1-LEAF2A_Ethernet2\n neighbor 172.31.255.15\ - \ peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.15 remote-as 65102\n\ - \ neighbor 172.31.255.15 description DC1-LEAF2B_Ethernet2\n neighbor 192.168.255.3\ - \ peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3 remote-as 65101\n \ - \ neighbor 192.168.255.3 description DC1-LEAF1A\n neighbor 192.168.255.4 peer\ - \ group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4 remote-as 65101\n neighbor\ - \ 192.168.255.4 description DC1-LEAF1B\n neighbor 192.168.255.5 peer group EVPN-OVERLAY-PEERS\n\ - \ neighbor 192.168.255.5 remote-as 65102\n neighbor 192.168.255.5 description\ - \ DC1-LEAF2A\n neighbor 192.168.255.6 peer group EVPN-OVERLAY-PEERS\n neighbor\ - \ 192.168.255.6 remote-as 65102\n neighbor 192.168.255.6 description DC1-LEAF2B\n\ - \ redistribute connected route-map RM-CONN-2-BGP\n !\n address-family evpn\n\ - \ neighbor EVPN-OVERLAY-PEERS activate\n !\n address-family ipv4\n \ - \ no neighbor EVPN-OVERLAY-PEERS activate\n neighbor IPv4-UNDERLAY-PEERS\ - \ activate\n!\nmanagement api http-commands\n protocol https\n no shutdown\n\ - \ !\n vrf MGMT\n no shutdown\n!\nend\n" -CVP_TOPOLOGY: +cvp_configlets: + DC1-AVD_DC1-L2LEAF1A: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec + /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT + -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent + -taillogs\n no shutdown\n!\nvlan internal order ascending range 1006 1199\n!\ntransceiver + qsfp default-mode 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname + DC1-L2LEAF1A\nip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp + local-interface vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp + server vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nspanning-tree mst + 0 priority 16384\n!\nno enable password\nno aaa root\n!\nusername admin privilege + 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\nusername + ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\nusername + cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nvlan + 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n!\nvlan + 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n!\nvlan + 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n!\nvlan + 131\n name Tenant_A_APP_Zone_2\n!\nvrf instance MGMT\n!\ninterface Port-Channel1\n + \ description DC1_LEAF1_Po5\n no shutdown\n switchport\n switchport trunk + allowed vlan 110-112,120-121,130-131\n switchport mode trunk\n!\ninterface Ethernet1\n + \ description DC1-LEAF1A_Ethernet5\n no shutdown\n channel-group 1 mode active\n!\ninterface + Ethernet2\n description DC1-LEAF1B_Ethernet5\n no shutdown\n channel-group + 1 mode active\n!\ninterface Ethernet5\n description server01_Eth0\n no shutdown\n + \ switchport access vlan 110\n switchport mode access\n switchport\n!\ninterface + Management1\n description oob_management\n no shutdown\n vrf MGMT\n ip + address 10.255.0.17/24\nno ip routing vrf MGMT\n!\nip route vrf MGMT 0.0.0.0/0 + 10.255.0.1\n!\nmanagement api http-commands\n protocol https\n no shutdown\n + \ !\n vrf MGMT\n no shutdown\n!\nend\n" + DC1-AVD_DC1-L2LEAF2A: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec + /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT + -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent + -taillogs\n no shutdown\n!\nvlan internal order ascending range 1006 1199\n!\ntransceiver + qsfp default-mode 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname + DC1-L2LEAF2A\nip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp + local-interface vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp + server vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nspanning-tree mst + 0 priority 16384\n!\nno enable password\nno aaa root\n!\nusername admin privilege + 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\nusername + ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\nusername + cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nvlan + 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n!\nvlan + 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n!\nvlan + 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n!\nvlan + 131\n name Tenant_A_APP_Zone_2\n!\nvrf instance MGMT\n!\ninterface Port-Channel1\n + \ description DC1_LEAF2_Po5\n no shutdown\n switchport\n switchport trunk + allowed vlan 110-112,120-121,130-131\n switchport mode trunk\n!\ninterface Ethernet1\n + \ description DC1-LEAF2A_Ethernet5\n no shutdown\n channel-group 1 mode active\n!\ninterface + Ethernet2\n description DC1-LEAF2B_Ethernet5\n no shutdown\n channel-group + 1 mode active\n!\ninterface Ethernet5\n description server02_Eth0\n no shutdown\n + \ switchport access vlan 110\n switchport mode access\n switchport\n!\ninterface + Management1\n description oob_management\n no shutdown\n vrf MGMT\n ip + address 10.255.0.18/24\nno ip routing vrf MGMT\n!\nip route vrf MGMT 0.0.0.0/0 + 10.255.0.1\n!\nmanagement api http-commands\n protocol https\n no shutdown\n + \ !\n vrf MGMT\n no shutdown\n!\nend\n" + DC1-AVD_DC1-LEAF1A: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec + /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT + -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent + -taillogs\n no shutdown\n!\nvlan internal order ascending range 1006 1199\n!\ntransceiver + qsfp default-mode 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname + DC1-LEAF1A\nip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp + local-interface vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp + server vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nno spanning-tree + vlan-id 4093-4094\nspanning-tree mst 0 priority 16384\n!\nno enable password\nno + aaa root\n!\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\nusername + ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\nusername + cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nvlan + 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n!\nvlan + 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n!\nvlan + 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n!\nvlan + 131\n name Tenant_A_APP_Zone_2\n!\nvlan 140\n name Tenant_A_DB_BZone_1\n!\nvlan + 141\n name Tenant_A_DB_Zone_2\n!\nvlan 150\n name Tenant_A_WAN_Zone_1\n!\nvlan + 160\n name Tenant_A_VMOTION\n!\nvlan 161\n name Tenant_A_NFS\n!\nvlan 210\n + \ name Tenant_B_OP_Zone_1\n!\nvlan 211\n name Tenant_B_OP_Zone_2\n!\nvlan 250\n + \ name Tenant_B_WAN_Zone_1\n!\nvlan 310\n name Tenant_C_OP_Zone_1\n!\nvlan + 311\n name Tenant_C_OP_Zone_2\n!\nvlan 350\n name Tenant_C_WAN_Zone_1\n!\nvlan + 3009\n name MLAG_iBGP_Tenant_A_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3010\n name MLAG_iBGP_Tenant_A_WEB_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3011\n name MLAG_iBGP_Tenant_A_APP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3012\n name MLAG_iBGP_Tenant_A_DB_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3013\n name MLAG_iBGP_Tenant_A_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3019\n name MLAG_iBGP_Tenant_B_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3020\n name MLAG_iBGP_Tenant_B_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3029\n name MLAG_iBGP_Tenant_C_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3030\n name MLAG_iBGP_Tenant_C_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 4093\n name LEAF_PEER_L3\n trunk group LEAF_PEER_L3\n!\nvlan 4094\n name + MLAG_PEER\n trunk group MLAG\n!\nvrf instance MGMT\n!\nvrf instance Tenant_A_APP_Zone\n!\nvrf + instance Tenant_A_DB_Zone\n!\nvrf instance Tenant_A_OP_Zone\n!\nvrf instance Tenant_A_WAN_Zone\n!\nvrf + instance Tenant_A_WEB_Zone\n!\nvrf instance Tenant_B_OP_Zone\n!\nvrf instance + Tenant_B_WAN_Zone\n!\nvrf instance Tenant_C_OP_Zone\n!\nvrf instance Tenant_C_WAN_Zone\n!\ninterface + Port-Channel3\n description MLAG_PEER_DC1-LEAF1B_Po3\n no shutdown\n switchport\n + \ switchport mode trunk\n switchport trunk group LEAF_PEER_L3\n switchport + trunk group MLAG\n!\ninterface Port-Channel5\n description DC1-L2LEAF1A_Po1\n + \ no shutdown\n switchport\n switchport trunk allowed vlan 110-112,120-121,130-131\n + \ switchport mode trunk\n mlag 5\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-SPINE1_Ethernet1\n + \ no shutdown\n no switchport\n ip address 172.31.255.1/31\n!\ninterface + Ethernet2\n description P2P_LINK_TO_DC1-SPINE2_Ethernet1\n no shutdown\n no + switchport\n ip address 172.31.255.3/31\n!\ninterface Ethernet3\n description + MLAG_PEER_DC1-LEAF1B_Ethernet3\n no shutdown\n channel-group 3 mode active\n!\ninterface + Ethernet4\n description MLAG_PEER_DC1-LEAF1B_Ethernet4\n no shutdown\n channel-group + 3 mode active\n!\ninterface Ethernet5\n description DC1-L2LEAF1A_Ethernet1\n + \ no shutdown\n channel-group 5 mode active\n!\ninterface Loopback0\n description + EVPN_Overlay_Peering\n no shutdown\n ip address 192.168.255.3/32\n!\ninterface + Loopback1\n description VTEP_VXLAN_Tunnel_Source\n no shutdown\n ip address + 192.168.254.3/32\n!\ninterface Loopback100\n description Tenant_A_OP_Zone_VTEP_DIAGNOSTICS\n + \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address 10.255.1.3/32\n!\ninterface + Management1\n description oob_management\n no shutdown\n vrf MGMT\n ip + address 10.255.0.13/24\n!\ninterface Vlan110\n description Tenant_A_OP_Zone_1\n + \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.10.1/24\n!\ninterface + Vlan111\n description Tenant_A_OP_Zone_2\n no shutdown\n vrf Tenant_A_OP_Zone\n + \ ip address virtual 10.1.11.1/24\n!\ninterface Vlan112\n description Tenant_A_OP_Zone_3\n + \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.12.254/24\n!\ninterface + Vlan120\n description Tenant_A_WEB_Zone_1\n no shutdown\n vrf Tenant_A_WEB_Zone\n!\ninterface + Vlan121\n description Tenant_A_WEBZone_2\n no shutdown\n vrf Tenant_A_WEB_Zone\n + \ ip address virtual 10.1.21.1/24\n!\ninterface Vlan130\n description Tenant_A_APP_Zone_1\n + \ no shutdown\n vrf Tenant_A_APP_Zone\n!\ninterface Vlan131\n description + Tenant_A_APP_Zone_2\n no shutdown\n vrf Tenant_A_APP_Zone\n ip address virtual + 10.1.31.254/24\n!\ninterface Vlan140\n description Tenant_A_DB_BZone_1\n no + shutdown\n vrf Tenant_A_DB_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface + Vlan141\n description Tenant_A_DB_Zone_2\n no shutdown\n vrf Tenant_A_DB_Zone\n + \ ip address virtual 10.1.41.1/24\n!\ninterface Vlan150\n description Tenant_A_WAN_Zone_1\n + \ no shutdown\n vrf Tenant_A_WAN_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface + Vlan210\n description Tenant_B_OP_Zone_1\n no shutdown\n vrf Tenant_B_OP_Zone\n!\ninterface + Vlan211\n description Tenant_B_OP_Zone_2\n no shutdown\n vrf Tenant_B_OP_Zone\n + \ ip address virtual 10.2.11.1/24\n!\ninterface Vlan250\n description Tenant_B_WAN_Zone_1\n + \ no shutdown\n vrf Tenant_B_WAN_Zone\n ip address virtual 10.2.50.1/24\n!\ninterface + Vlan310\n description Tenant_C_OP_Zone_1\n no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface + Vlan311\n description Tenant_C_OP_Zone_2\n no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface + Vlan350\n description Tenant_C_WAN_Zone_1\n no shutdown\n vrf Tenant_C_WAN_Zone\n!\ninterface + Vlan3009\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone\n no shutdown\n + \ vrf Tenant_A_OP_Zone\n ip address 10.255.251.0/31\n!\ninterface Vlan3010\n + \ description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone\n no shutdown\n vrf + Tenant_A_WEB_Zone\n ip address 10.255.251.0/31\n!\ninterface Vlan3011\n description + MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone\n no shutdown\n vrf Tenant_A_APP_Zone\n + \ ip address 10.255.251.0/31\n!\ninterface Vlan3012\n description MLAG_PEER_L3_iBGP: + vrf Tenant_A_DB_Zone\n no shutdown\n vrf Tenant_A_DB_Zone\n ip address 10.255.251.0/31\n!\ninterface + Vlan3013\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone\n no shutdown\n + \ vrf Tenant_A_WAN_Zone\n ip address 10.255.251.0/31\n!\ninterface Vlan3019\n + \ description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone\n no shutdown\n vrf + Tenant_B_OP_Zone\n ip address 10.255.251.0/31\n!\ninterface Vlan3020\n description + MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone\n no shutdown\n vrf Tenant_B_WAN_Zone\n + \ ip address 10.255.251.0/31\n!\ninterface Vlan3029\n description MLAG_PEER_L3_iBGP: + vrf Tenant_C_OP_Zone\n no shutdown\n vrf Tenant_C_OP_Zone\n ip address 10.255.251.0/31\n!\ninterface + Vlan3030\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone\n no shutdown\n + \ vrf Tenant_C_WAN_Zone\n ip address 10.255.251.0/31\n!\ninterface Vlan4093\n + \ description MLAG_PEER_L3_PEERING\n no shutdown\n ip address 10.255.251.0/31\n!\ninterface + Vlan4094\n description MLAG_PEER\n no shutdown\n no autostate\n ip address + 10.255.252.0/31\n!\ninterface Vxlan1\n description DC1-LEAF1A_VTEP\n vxlan + source-interface Loopback1\n vxlan virtual-router encapsulation mac-address + mlag-system-id\n vxlan udp-port 4789\n vxlan vlan 110 vni 10110\n vxlan + vlan 111 vni 50111\n vxlan vlan 112 vni 50112\n vxlan vlan 120 vni 10120\n + \ vxlan vlan 121 vni 10121\n vxlan vlan 130 vni 10130\n vxlan vlan 131 vni + 10131\n vxlan vlan 140 vni 10140\n vxlan vlan 141 vni 10141\n vxlan vlan + 150 vni 10150\n vxlan vlan 160 vni 55160\n vxlan vlan 161 vni 10161\n vxlan + vlan 210 vni 20210\n vxlan vlan 211 vni 20211\n vxlan vlan 250 vni 20250\n + \ vxlan vlan 310 vni 30310\n vxlan vlan 311 vni 30311\n vxlan vlan 350 vni + 30350\n vxlan vrf Tenant_A_APP_Zone vni 12\n vxlan vrf Tenant_A_DB_Zone vni + 13\n vxlan vrf Tenant_A_OP_Zone vni 10\n vxlan vrf Tenant_A_WAN_Zone vni 14\n + \ vxlan vrf Tenant_A_WEB_Zone vni 11\n vxlan vrf Tenant_B_OP_Zone vni 20\n + \ vxlan vrf Tenant_B_WAN_Zone vni 21\n vxlan vrf Tenant_C_OP_Zone vni 30\n + \ vxlan vrf Tenant_C_WAN_Zone vni 31\n!\nip virtual-router mac-address 00:1c:73:00:dc:01\n!\nip + address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.3\n!\nip routing\nno + ip routing vrf MGMT\nip routing vrf Tenant_A_APP_Zone\nip routing vrf Tenant_A_DB_Zone\nip + routing vrf Tenant_A_OP_Zone\nip routing vrf Tenant_A_WAN_Zone\nip routing vrf + Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing vrf Tenant_B_WAN_Zone\nip + routing vrf Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n!\nip prefix-list + PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24 eq 32\n seq 20 + permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id DC1_LEAF1\n + \ local-interface Vlan4094\n peer-address 10.255.252.1\n peer-link Port-Channel3\n + \ reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0 + 10.255.0.1\n!\nroute-map RM-CONN-2-BGP permit 10\n match ip address prefix-list + PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN permit 10\n description + Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal + routing\n set origin incomplete\n!\nrouter bfd\n multihop interval 1200 min-rx + 1200 multiplier 3\n!\nrouter bgp 65101\n router-id 192.168.255.3\n distance + bgp 20 200 200\n graceful-restart restart-time 300\n graceful-restart\n maximum-paths + 4 ecmp 4\n no bgp default ipv4-unicast\n neighbor EVPN-OVERLAY-PEERS peer + group\n neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS + bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS + password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS send-community\n + \ neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS + peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n + \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS + maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER peer group\n neighbor + MLAG-IPv4-UNDERLAY-PEER remote-as 65101\n neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self\n + \ neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF1B\n neighbor MLAG-IPv4-UNDERLAY-PEER + password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n + \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER + route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n + \ neighbor 10.255.251.1 description DC1-LEAF1B\n neighbor 172.31.255.0 peer + group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.0 remote-as 65001\n neighbor + 172.31.255.0 description DC1-SPINE1_Ethernet1\n neighbor 172.31.255.2 peer group + IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.2 remote-as 65001\n neighbor 172.31.255.2 + description DC1-SPINE2_Ethernet1\n neighbor 192.168.255.1 peer group EVPN-OVERLAY-PEERS\n + \ neighbor 192.168.255.1 remote-as 65001\n neighbor 192.168.255.1 description + DC1-SPINE1\n neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n neighbor + 192.168.255.2 remote-as 65001\n neighbor 192.168.255.2 description DC1-SPINE2\n + \ redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle + Tenant_A_APP_Zone\n rd 192.168.255.3:12\n route-target both 12:12\n + \ redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n + \ rd 192.168.255.3:13\n route-target both 13:13\n redistribute learned\n + \ vlan 140-141\n !\n vlan-aware-bundle Tenant_A_NFS\n rd 192.168.255.3:10161\n + \ route-target both 10161:10161\n redistribute learned\n vlan 161\n + \ !\n vlan-aware-bundle Tenant_A_OP_Zone\n rd 192.168.255.3:10\n route-target + both 10:10\n redistribute learned\n vlan 110-112\n !\n vlan-aware-bundle + Tenant_A_VMOTION\n rd 192.168.255.3:55160\n route-target both 55160:55160\n + \ redistribute learned\n vlan 160\n !\n vlan-aware-bundle Tenant_A_WAN_Zone\n + \ rd 192.168.255.3:14\n route-target both 14:14\n redistribute learned\n + \ vlan 150\n !\n vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.3:11\n + \ route-target both 11:11\n redistribute learned\n vlan 120-121\n + \ !\n vlan-aware-bundle Tenant_B_OP_Zone\n rd 192.168.255.3:20\n route-target + both 20:20\n redistribute learned\n vlan 210-211\n !\n vlan-aware-bundle + Tenant_B_WAN_Zone\n rd 192.168.255.3:21\n route-target both 21:21\n + \ redistribute learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n + \ rd 192.168.255.3:30\n route-target both 30:30\n redistribute learned\n + \ vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd 192.168.255.3:31\n + \ route-target both 31:31\n redistribute learned\n vlan 350\n !\n + \ address-family evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n address-family + ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n neighbor IPv4-UNDERLAY-PEERS + activate\n neighbor MLAG-IPv4-UNDERLAY-PEER activate\n !\n vrf Tenant_A_APP_Zone\n + \ rd 192.168.255.3:12\n route-target import evpn 12:12\n route-target + export evpn 12:12\n router-id 192.168.255.3\n neighbor 10.255.251.1 + peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n !\n vrf + Tenant_A_DB_Zone\n rd 192.168.255.3:13\n route-target import evpn 13:13\n + \ route-target export evpn 13:13\n router-id 192.168.255.3\n neighbor + 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n + \ !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.3:10\n route-target import + evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.3\n + \ neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.3:14\n route-target + import evpn 14:14\n route-target export evpn 14:14\n router-id 192.168.255.3\n + \ neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.3:11\n route-target + import evpn 11:11\n route-target export evpn 11:11\n router-id 192.168.255.3\n + \ neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.3:20\n route-target + import evpn 20:20\n route-target export evpn 20:20\n router-id 192.168.255.3\n + \ neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.3:21\n route-target + import evpn 21:21\n route-target export evpn 21:21\n router-id 192.168.255.3\n + \ neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.3:30\n route-target + import evpn 30:30\n route-target export evpn 30:30\n router-id 192.168.255.3\n + \ neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.3:31\n route-target + import evpn 31:31\n route-target export evpn 31:31\n router-id 192.168.255.3\n + \ neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n!\nmanagement api http-commands\n protocol https\n no shutdown\n + \ !\n vrf MGMT\n no shutdown\n!\nend\n" + DC1-AVD_DC1-LEAF1B: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec + /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT + -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent + -taillogs\n no shutdown\n!\nvlan internal order ascending range 1006 1199\n!\ntransceiver + qsfp default-mode 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname + DC1-LEAF1B\nip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp + local-interface vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp + server vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nno spanning-tree + vlan-id 4093-4094\nspanning-tree mst 0 priority 16384\n!\nno enable password\nno + aaa root\n!\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\nusername + ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\nusername + cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nvlan + 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n!\nvlan + 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n!\nvlan + 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n!\nvlan + 131\n name Tenant_A_APP_Zone_2\n!\nvlan 140\n name Tenant_A_DB_BZone_1\n!\nvlan + 141\n name Tenant_A_DB_Zone_2\n!\nvlan 150\n name Tenant_A_WAN_Zone_1\n!\nvlan + 160\n name Tenant_A_VMOTION\n!\nvlan 161\n name Tenant_A_NFS\n!\nvlan 210\n + \ name Tenant_B_OP_Zone_1\n!\nvlan 211\n name Tenant_B_OP_Zone_2\n!\nvlan 250\n + \ name Tenant_B_WAN_Zone_1\n!\nvlan 310\n name Tenant_C_OP_Zone_1\n!\nvlan + 311\n name Tenant_C_OP_Zone_2\n!\nvlan 350\n name Tenant_C_WAN_Zone_1\n!\nvlan + 3009\n name MLAG_iBGP_Tenant_A_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3010\n name MLAG_iBGP_Tenant_A_WEB_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3011\n name MLAG_iBGP_Tenant_A_APP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3012\n name MLAG_iBGP_Tenant_A_DB_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3013\n name MLAG_iBGP_Tenant_A_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3019\n name MLAG_iBGP_Tenant_B_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3020\n name MLAG_iBGP_Tenant_B_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3029\n name MLAG_iBGP_Tenant_C_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3030\n name MLAG_iBGP_Tenant_C_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 4093\n name LEAF_PEER_L3\n trunk group LEAF_PEER_L3\n!\nvlan 4094\n name + MLAG_PEER\n trunk group MLAG\n!\nvrf instance MGMT\n!\nvrf instance Tenant_A_APP_Zone\n!\nvrf + instance Tenant_A_DB_Zone\n!\nvrf instance Tenant_A_OP_Zone\n!\nvrf instance Tenant_A_WAN_Zone\n!\nvrf + instance Tenant_A_WEB_Zone\n!\nvrf instance Tenant_B_OP_Zone\n!\nvrf instance + Tenant_B_WAN_Zone\n!\nvrf instance Tenant_C_OP_Zone\n!\nvrf instance Tenant_C_WAN_Zone\n!\ninterface + Port-Channel3\n description MLAG_PEER_DC1-LEAF1A_Po3\n no shutdown\n switchport\n + \ switchport mode trunk\n switchport trunk group LEAF_PEER_L3\n switchport + trunk group MLAG\n!\ninterface Port-Channel5\n description DC1-L2LEAF1A_Po1\n + \ no shutdown\n switchport\n switchport trunk allowed vlan 110-112,120-121,130-131\n + \ switchport mode trunk\n mlag 5\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-SPINE1_Ethernet2\n + \ no shutdown\n no switchport\n ip address 172.31.255.5/31\n!\ninterface + Ethernet2\n description P2P_LINK_TO_DC1-SPINE2_Ethernet2\n no shutdown\n no + switchport\n ip address 172.31.255.7/31\n!\ninterface Ethernet3\n description + MLAG_PEER_DC1-LEAF1A_Ethernet3\n no shutdown\n channel-group 3 mode active\n!\ninterface + Ethernet4\n description MLAG_PEER_DC1-LEAF1A_Ethernet4\n no shutdown\n channel-group + 3 mode active\n!\ninterface Ethernet5\n description DC1-L2LEAF1A_Ethernet2\n + \ no shutdown\n channel-group 5 mode active\n!\ninterface Loopback0\n description + EVPN_Overlay_Peering\n no shutdown\n ip address 192.168.255.4/32\n!\ninterface + Loopback1\n description VTEP_VXLAN_Tunnel_Source\n no shutdown\n ip address + 192.168.254.3/32\n!\ninterface Loopback100\n description Tenant_A_OP_Zone_VTEP_DIAGNOSTICS\n + \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address 10.255.1.4/32\n!\ninterface + Management1\n description oob_management\n no shutdown\n vrf MGMT\n ip + address 10.255.0.14/24\n!\ninterface Vlan110\n description Tenant_A_OP_Zone_1\n + \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.10.1/24\n!\ninterface + Vlan111\n description Tenant_A_OP_Zone_2\n no shutdown\n vrf Tenant_A_OP_Zone\n + \ ip address virtual 10.1.11.1/24\n!\ninterface Vlan112\n description Tenant_A_OP_Zone_3\n + \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.12.254/24\n!\ninterface + Vlan120\n description Tenant_A_WEB_Zone_1\n no shutdown\n vrf Tenant_A_WEB_Zone\n!\ninterface + Vlan121\n description Tenant_A_WEBZone_2\n no shutdown\n vrf Tenant_A_WEB_Zone\n + \ ip address virtual 10.1.21.1/24\n!\ninterface Vlan130\n description Tenant_A_APP_Zone_1\n + \ no shutdown\n vrf Tenant_A_APP_Zone\n!\ninterface Vlan131\n description + Tenant_A_APP_Zone_2\n no shutdown\n vrf Tenant_A_APP_Zone\n ip address virtual + 10.1.31.254/24\n!\ninterface Vlan140\n description Tenant_A_DB_BZone_1\n no + shutdown\n vrf Tenant_A_DB_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface + Vlan141\n description Tenant_A_DB_Zone_2\n no shutdown\n vrf Tenant_A_DB_Zone\n + \ ip address virtual 10.1.41.1/24\n!\ninterface Vlan150\n description Tenant_A_WAN_Zone_1\n + \ no shutdown\n vrf Tenant_A_WAN_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface + Vlan210\n description Tenant_B_OP_Zone_1\n no shutdown\n vrf Tenant_B_OP_Zone\n!\ninterface + Vlan211\n description Tenant_B_OP_Zone_2\n no shutdown\n vrf Tenant_B_OP_Zone\n + \ ip address virtual 10.2.11.1/24\n!\ninterface Vlan250\n description Tenant_B_WAN_Zone_1\n + \ no shutdown\n vrf Tenant_B_WAN_Zone\n ip address virtual 10.2.50.1/24\n!\ninterface + Vlan310\n description Tenant_C_OP_Zone_1\n no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface + Vlan311\n description Tenant_C_OP_Zone_2\n no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface + Vlan350\n description Tenant_C_WAN_Zone_1\n no shutdown\n vrf Tenant_C_WAN_Zone\n!\ninterface + Vlan3009\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone\n no shutdown\n + \ vrf Tenant_A_OP_Zone\n ip address 10.255.251.1/31\n!\ninterface Vlan3010\n + \ description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone\n no shutdown\n vrf + Tenant_A_WEB_Zone\n ip address 10.255.251.1/31\n!\ninterface Vlan3011\n description + MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone\n no shutdown\n vrf Tenant_A_APP_Zone\n + \ ip address 10.255.251.1/31\n!\ninterface Vlan3012\n description MLAG_PEER_L3_iBGP: + vrf Tenant_A_DB_Zone\n no shutdown\n vrf Tenant_A_DB_Zone\n ip address 10.255.251.1/31\n!\ninterface + Vlan3013\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone\n no shutdown\n + \ vrf Tenant_A_WAN_Zone\n ip address 10.255.251.1/31\n!\ninterface Vlan3019\n + \ description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone\n no shutdown\n vrf + Tenant_B_OP_Zone\n ip address 10.255.251.1/31\n!\ninterface Vlan3020\n description + MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone\n no shutdown\n vrf Tenant_B_WAN_Zone\n + \ ip address 10.255.251.1/31\n!\ninterface Vlan3029\n description MLAG_PEER_L3_iBGP: + vrf Tenant_C_OP_Zone\n no shutdown\n vrf Tenant_C_OP_Zone\n ip address 10.255.251.1/31\n!\ninterface + Vlan3030\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone\n no shutdown\n + \ vrf Tenant_C_WAN_Zone\n ip address 10.255.251.1/31\n!\ninterface Vlan4093\n + \ description MLAG_PEER_L3_PEERING\n no shutdown\n ip address 10.255.251.1/31\n!\ninterface + Vlan4094\n description MLAG_PEER\n no shutdown\n no autostate\n ip address + 10.255.252.1/31\n!\ninterface Vxlan1\n description DC1-LEAF1B_VTEP\n vxlan + source-interface Loopback1\n vxlan virtual-router encapsulation mac-address + mlag-system-id\n vxlan udp-port 4789\n vxlan vlan 110 vni 10110\n vxlan + vlan 111 vni 50111\n vxlan vlan 112 vni 50112\n vxlan vlan 120 vni 10120\n + \ vxlan vlan 121 vni 10121\n vxlan vlan 130 vni 10130\n vxlan vlan 131 vni + 10131\n vxlan vlan 140 vni 10140\n vxlan vlan 141 vni 10141\n vxlan vlan + 150 vni 10150\n vxlan vlan 160 vni 55160\n vxlan vlan 161 vni 10161\n vxlan + vlan 210 vni 20210\n vxlan vlan 211 vni 20211\n vxlan vlan 250 vni 20250\n + \ vxlan vlan 310 vni 30310\n vxlan vlan 311 vni 30311\n vxlan vlan 350 vni + 30350\n vxlan vrf Tenant_A_APP_Zone vni 12\n vxlan vrf Tenant_A_DB_Zone vni + 13\n vxlan vrf Tenant_A_OP_Zone vni 10\n vxlan vrf Tenant_A_WAN_Zone vni 14\n + \ vxlan vrf Tenant_A_WEB_Zone vni 11\n vxlan vrf Tenant_B_OP_Zone vni 20\n + \ vxlan vrf Tenant_B_WAN_Zone vni 21\n vxlan vrf Tenant_C_OP_Zone vni 30\n + \ vxlan vrf Tenant_C_WAN_Zone vni 31\n!\nip virtual-router mac-address 00:1c:73:00:dc:01\n!\nip + address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.4\n!\nip routing\nno + ip routing vrf MGMT\nip routing vrf Tenant_A_APP_Zone\nip routing vrf Tenant_A_DB_Zone\nip + routing vrf Tenant_A_OP_Zone\nip routing vrf Tenant_A_WAN_Zone\nip routing vrf + Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing vrf Tenant_B_WAN_Zone\nip + routing vrf Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n!\nip prefix-list + PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24 eq 32\n seq 20 + permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id DC1_LEAF1\n + \ local-interface Vlan4094\n peer-address 10.255.252.0\n peer-link Port-Channel3\n + \ reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0 + 10.255.0.1\n!\nroute-map RM-CONN-2-BGP permit 10\n match ip address prefix-list + PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN permit 10\n description + Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal + routing\n set origin incomplete\n!\nrouter bfd\n multihop interval 1200 min-rx + 1200 multiplier 3\n!\nrouter bgp 65101\n router-id 192.168.255.4\n distance + bgp 20 200 200\n graceful-restart restart-time 300\n graceful-restart\n maximum-paths + 4 ecmp 4\n no bgp default ipv4-unicast\n neighbor EVPN-OVERLAY-PEERS peer + group\n neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS + bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS + password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS send-community\n + \ neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS + peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n + \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS + maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER peer group\n neighbor + MLAG-IPv4-UNDERLAY-PEER remote-as 65101\n neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self\n + \ neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF1A\n neighbor MLAG-IPv4-UNDERLAY-PEER + password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n + \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER + route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n + \ neighbor 10.255.251.0 description DC1-LEAF1A\n neighbor 172.31.255.4 peer + group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.4 remote-as 65001\n neighbor + 172.31.255.4 description DC1-SPINE1_Ethernet2\n neighbor 172.31.255.6 peer group + IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.6 remote-as 65001\n neighbor 172.31.255.6 + description DC1-SPINE2_Ethernet2\n neighbor 192.168.255.1 peer group EVPN-OVERLAY-PEERS\n + \ neighbor 192.168.255.1 remote-as 65001\n neighbor 192.168.255.1 description + DC1-SPINE1\n neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n neighbor + 192.168.255.2 remote-as 65001\n neighbor 192.168.255.2 description DC1-SPINE2\n + \ redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle + Tenant_A_APP_Zone\n rd 192.168.255.4:12\n route-target both 12:12\n + \ redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n + \ rd 192.168.255.4:13\n route-target both 13:13\n redistribute learned\n + \ vlan 140-141\n !\n vlan-aware-bundle Tenant_A_NFS\n rd 192.168.255.4:10161\n + \ route-target both 10161:10161\n redistribute learned\n vlan 161\n + \ !\n vlan-aware-bundle Tenant_A_OP_Zone\n rd 192.168.255.4:10\n route-target + both 10:10\n redistribute learned\n vlan 110-112\n !\n vlan-aware-bundle + Tenant_A_VMOTION\n rd 192.168.255.4:55160\n route-target both 55160:55160\n + \ redistribute learned\n vlan 160\n !\n vlan-aware-bundle Tenant_A_WAN_Zone\n + \ rd 192.168.255.4:14\n route-target both 14:14\n redistribute learned\n + \ vlan 150\n !\n vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.4:11\n + \ route-target both 11:11\n redistribute learned\n vlan 120-121\n + \ !\n vlan-aware-bundle Tenant_B_OP_Zone\n rd 192.168.255.4:20\n route-target + both 20:20\n redistribute learned\n vlan 210-211\n !\n vlan-aware-bundle + Tenant_B_WAN_Zone\n rd 192.168.255.4:21\n route-target both 21:21\n + \ redistribute learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n + \ rd 192.168.255.4:30\n route-target both 30:30\n redistribute learned\n + \ vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd 192.168.255.4:31\n + \ route-target both 31:31\n redistribute learned\n vlan 350\n !\n + \ address-family evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n address-family + ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n neighbor IPv4-UNDERLAY-PEERS + activate\n neighbor MLAG-IPv4-UNDERLAY-PEER activate\n !\n vrf Tenant_A_APP_Zone\n + \ rd 192.168.255.4:12\n route-target import evpn 12:12\n route-target + export evpn 12:12\n router-id 192.168.255.4\n neighbor 10.255.251.0 + peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n !\n vrf + Tenant_A_DB_Zone\n rd 192.168.255.4:13\n route-target import evpn 13:13\n + \ route-target export evpn 13:13\n router-id 192.168.255.4\n neighbor + 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n + \ !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.4:10\n route-target import + evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.4\n + \ neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.4:14\n route-target + import evpn 14:14\n route-target export evpn 14:14\n router-id 192.168.255.4\n + \ neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.4:11\n route-target + import evpn 11:11\n route-target export evpn 11:11\n router-id 192.168.255.4\n + \ neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.4:20\n route-target + import evpn 20:20\n route-target export evpn 20:20\n router-id 192.168.255.4\n + \ neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.4:21\n route-target + import evpn 21:21\n route-target export evpn 21:21\n router-id 192.168.255.4\n + \ neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.4:30\n route-target + import evpn 30:30\n route-target export evpn 30:30\n router-id 192.168.255.4\n + \ neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.4:31\n route-target + import evpn 31:31\n route-target export evpn 31:31\n router-id 192.168.255.4\n + \ neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n!\nmanagement api http-commands\n protocol https\n no shutdown\n + \ !\n vrf MGMT\n no shutdown\n!\nend\n" + DC1-AVD_DC1-LEAF2A: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec + /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT + -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent + -taillogs\n no shutdown\n!\nvlan internal order ascending range 1006 1199\n!\ntransceiver + qsfp default-mode 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname + DC1-LEAF2A\nip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp + local-interface vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp + server vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nno spanning-tree + vlan-id 4093-4094\nspanning-tree mst 0 priority 16384\n!\nno enable password\nno + aaa root\n!\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\nusername + ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\nusername + cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nvlan + 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n!\nvlan + 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n!\nvlan + 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n!\nvlan + 131\n name Tenant_A_APP_Zone_2\n!\nvlan 140\n name Tenant_A_DB_BZone_1\n!\nvlan + 141\n name Tenant_A_DB_Zone_2\n!\nvlan 150\n name Tenant_A_WAN_Zone_1\n!\nvlan + 160\n name Tenant_A_VMOTION\n!\nvlan 161\n name Tenant_A_NFS\n!\nvlan 210\n + \ name Tenant_B_OP_Zone_1\n!\nvlan 211\n name Tenant_B_OP_Zone_2\n!\nvlan 250\n + \ name Tenant_B_WAN_Zone_1\n!\nvlan 310\n name Tenant_C_OP_Zone_1\n!\nvlan + 311\n name Tenant_C_OP_Zone_2\n!\nvlan 350\n name Tenant_C_WAN_Zone_1\n!\nvlan + 3009\n name MLAG_iBGP_Tenant_A_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3010\n name MLAG_iBGP_Tenant_A_WEB_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3011\n name MLAG_iBGP_Tenant_A_APP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3012\n name MLAG_iBGP_Tenant_A_DB_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3013\n name MLAG_iBGP_Tenant_A_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3019\n name MLAG_iBGP_Tenant_B_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3020\n name MLAG_iBGP_Tenant_B_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3029\n name MLAG_iBGP_Tenant_C_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3030\n name MLAG_iBGP_Tenant_C_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 4093\n name LEAF_PEER_L3\n trunk group LEAF_PEER_L3\n!\nvlan 4094\n name + MLAG_PEER\n trunk group MLAG\n!\nvrf instance MGMT\n!\nvrf instance Tenant_A_APP_Zone\n!\nvrf + instance Tenant_A_DB_Zone\n!\nvrf instance Tenant_A_OP_Zone\n!\nvrf instance Tenant_A_WAN_Zone\n!\nvrf + instance Tenant_A_WEB_Zone\n!\nvrf instance Tenant_B_OP_Zone\n!\nvrf instance + Tenant_B_WAN_Zone\n!\nvrf instance Tenant_C_OP_Zone\n!\nvrf instance Tenant_C_WAN_Zone\n!\ninterface + Port-Channel3\n description MLAG_PEER_DC1-LEAF2B_Po3\n no shutdown\n switchport\n + \ switchport mode trunk\n switchport trunk group LEAF_PEER_L3\n switchport + trunk group MLAG\n!\ninterface Port-Channel5\n description DC1-L2LEAF2A_Po1\n + \ no shutdown\n switchport\n switchport trunk allowed vlan 110-112,120-121,130-131\n + \ switchport mode trunk\n mlag 5\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-SPINE1_Ethernet3\n + \ no shutdown\n no switchport\n ip address 172.31.255.9/31\n!\ninterface + Ethernet2\n description P2P_LINK_TO_DC1-SPINE2_Ethernet3\n no shutdown\n no + switchport\n ip address 172.31.255.11/31\n!\ninterface Ethernet3\n description + MLAG_PEER_DC1-LEAF2B_Ethernet3\n no shutdown\n channel-group 3 mode active\n!\ninterface + Ethernet4\n description MLAG_PEER_DC1-LEAF2B_Ethernet4\n no shutdown\n channel-group + 3 mode active\n!\ninterface Ethernet5\n description DC1-L2LEAF2A_Ethernet1\n + \ no shutdown\n channel-group 5 mode active\n!\ninterface Loopback0\n description + EVPN_Overlay_Peering\n no shutdown\n ip address 192.168.255.5/32\n!\ninterface + Loopback1\n description VTEP_VXLAN_Tunnel_Source\n no shutdown\n ip address + 192.168.254.5/32\n!\ninterface Loopback100\n description Tenant_A_OP_Zone_VTEP_DIAGNOSTICS\n + \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address 10.255.1.5/32\n!\ninterface + Management1\n description oob_management\n no shutdown\n vrf MGMT\n ip + address 10.255.0.15/24\n!\ninterface Vlan110\n description Tenant_A_OP_Zone_1\n + \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.10.1/24\n!\ninterface + Vlan111\n description Tenant_A_OP_Zone_2\n no shutdown\n vrf Tenant_A_OP_Zone\n + \ ip address virtual 10.1.11.1/24\n!\ninterface Vlan112\n description Tenant_A_OP_Zone_3\n + \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.12.254/24\n!\ninterface + Vlan120\n description Tenant_A_WEB_Zone_1\n no shutdown\n vrf Tenant_A_WEB_Zone\n!\ninterface + Vlan121\n description Tenant_A_WEBZone_2\n no shutdown\n vrf Tenant_A_WEB_Zone\n + \ ip address virtual 10.1.21.1/24\n!\ninterface Vlan130\n description Tenant_A_APP_Zone_1\n + \ no shutdown\n vrf Tenant_A_APP_Zone\n!\ninterface Vlan131\n description + Tenant_A_APP_Zone_2\n no shutdown\n vrf Tenant_A_APP_Zone\n ip address virtual + 10.1.31.254/24\n!\ninterface Vlan140\n description Tenant_A_DB_BZone_1\n no + shutdown\n vrf Tenant_A_DB_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface + Vlan141\n description Tenant_A_DB_Zone_2\n no shutdown\n vrf Tenant_A_DB_Zone\n + \ ip address virtual 10.1.41.1/24\n!\ninterface Vlan150\n description Tenant_A_WAN_Zone_1\n + \ no shutdown\n vrf Tenant_A_WAN_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface + Vlan210\n description Tenant_B_OP_Zone_1\n no shutdown\n vrf Tenant_B_OP_Zone\n!\ninterface + Vlan211\n description Tenant_B_OP_Zone_2\n no shutdown\n vrf Tenant_B_OP_Zone\n + \ ip address virtual 10.2.11.1/24\n!\ninterface Vlan250\n description Tenant_B_WAN_Zone_1\n + \ no shutdown\n vrf Tenant_B_WAN_Zone\n ip address virtual 10.2.50.1/24\n!\ninterface + Vlan310\n description Tenant_C_OP_Zone_1\n no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface + Vlan311\n description Tenant_C_OP_Zone_2\n no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface + Vlan350\n description Tenant_C_WAN_Zone_1\n no shutdown\n vrf Tenant_C_WAN_Zone\n!\ninterface + Vlan3009\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone\n no shutdown\n + \ vrf Tenant_A_OP_Zone\n ip address 10.255.251.4/31\n!\ninterface Vlan3010\n + \ description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone\n no shutdown\n vrf + Tenant_A_WEB_Zone\n ip address 10.255.251.4/31\n!\ninterface Vlan3011\n description + MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone\n no shutdown\n vrf Tenant_A_APP_Zone\n + \ ip address 10.255.251.4/31\n!\ninterface Vlan3012\n description MLAG_PEER_L3_iBGP: + vrf Tenant_A_DB_Zone\n no shutdown\n vrf Tenant_A_DB_Zone\n ip address 10.255.251.4/31\n!\ninterface + Vlan3013\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone\n no shutdown\n + \ vrf Tenant_A_WAN_Zone\n ip address 10.255.251.4/31\n!\ninterface Vlan3019\n + \ description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone\n no shutdown\n vrf + Tenant_B_OP_Zone\n ip address 10.255.251.4/31\n!\ninterface Vlan3020\n description + MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone\n no shutdown\n vrf Tenant_B_WAN_Zone\n + \ ip address 10.255.251.4/31\n!\ninterface Vlan3029\n description MLAG_PEER_L3_iBGP: + vrf Tenant_C_OP_Zone\n no shutdown\n vrf Tenant_C_OP_Zone\n ip address 10.255.251.4/31\n!\ninterface + Vlan3030\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone\n no shutdown\n + \ vrf Tenant_C_WAN_Zone\n ip address 10.255.251.4/31\n!\ninterface Vlan4093\n + \ description MLAG_PEER_L3_PEERING\n no shutdown\n ip address 10.255.251.4/31\n!\ninterface + Vlan4094\n description MLAG_PEER\n no shutdown\n no autostate\n ip address + 10.255.252.4/31\n!\ninterface Vxlan1\n description DC1-LEAF2A_VTEP\n vxlan + source-interface Loopback1\n vxlan virtual-router encapsulation mac-address + mlag-system-id\n vxlan udp-port 4789\n vxlan vlan 110 vni 10110\n vxlan + vlan 111 vni 50111\n vxlan vlan 112 vni 50112\n vxlan vlan 120 vni 10120\n + \ vxlan vlan 121 vni 10121\n vxlan vlan 130 vni 10130\n vxlan vlan 131 vni + 10131\n vxlan vlan 140 vni 10140\n vxlan vlan 141 vni 10141\n vxlan vlan + 150 vni 10150\n vxlan vlan 160 vni 55160\n vxlan vlan 161 vni 10161\n vxlan + vlan 210 vni 20210\n vxlan vlan 211 vni 20211\n vxlan vlan 250 vni 20250\n + \ vxlan vlan 310 vni 30310\n vxlan vlan 311 vni 30311\n vxlan vlan 350 vni + 30350\n vxlan vrf Tenant_A_APP_Zone vni 12\n vxlan vrf Tenant_A_DB_Zone vni + 13\n vxlan vrf Tenant_A_OP_Zone vni 10\n vxlan vrf Tenant_A_WAN_Zone vni 14\n + \ vxlan vrf Tenant_A_WEB_Zone vni 11\n vxlan vrf Tenant_B_OP_Zone vni 20\n + \ vxlan vrf Tenant_B_WAN_Zone vni 21\n vxlan vrf Tenant_C_OP_Zone vni 30\n + \ vxlan vrf Tenant_C_WAN_Zone vni 31\n!\nip virtual-router mac-address 00:1c:73:00:dc:01\n!\nip + address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.5\n!\nip routing\nno + ip routing vrf MGMT\nip routing vrf Tenant_A_APP_Zone\nip routing vrf Tenant_A_DB_Zone\nip + routing vrf Tenant_A_OP_Zone\nip routing vrf Tenant_A_WAN_Zone\nip routing vrf + Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing vrf Tenant_B_WAN_Zone\nip + routing vrf Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n!\nip prefix-list + PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24 eq 32\n seq 20 + permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id DC1_LEAF2\n + \ local-interface Vlan4094\n peer-address 10.255.252.5\n peer-link Port-Channel3\n + \ reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0 + 10.255.0.1\n!\nroute-map RM-CONN-2-BGP permit 10\n match ip address prefix-list + PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN permit 10\n description + Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal + routing\n set origin incomplete\n!\nrouter bfd\n multihop interval 1200 min-rx + 1200 multiplier 3\n!\nrouter bgp 65102\n router-id 192.168.255.5\n distance + bgp 20 200 200\n graceful-restart restart-time 300\n graceful-restart\n maximum-paths + 4 ecmp 4\n no bgp default ipv4-unicast\n neighbor EVPN-OVERLAY-PEERS peer + group\n neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS + bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS + password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS send-community\n + \ neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS + peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n + \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS + maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER peer group\n neighbor + MLAG-IPv4-UNDERLAY-PEER remote-as 65102\n neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self\n + \ neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2B\n neighbor MLAG-IPv4-UNDERLAY-PEER + password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n + \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER + route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n + \ neighbor 10.255.251.5 description DC1-LEAF2B\n neighbor 172.31.255.8 peer + group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.8 remote-as 65001\n neighbor + 172.31.255.8 description DC1-SPINE1_Ethernet3\n neighbor 172.31.255.10 peer + group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.10 remote-as 65001\n neighbor + 172.31.255.10 description DC1-SPINE2_Ethernet3\n neighbor 192.168.255.1 peer + group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor + 192.168.255.1 description DC1-SPINE1\n neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n + \ neighbor 192.168.255.2 remote-as 65001\n neighbor 192.168.255.2 description + DC1-SPINE2\n redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle + Tenant_A_APP_Zone\n rd 192.168.255.5:12\n route-target both 12:12\n + \ redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n + \ rd 192.168.255.5:13\n route-target both 13:13\n redistribute learned\n + \ vlan 140-141\n !\n vlan-aware-bundle Tenant_A_NFS\n rd 192.168.255.5:10161\n + \ route-target both 10161:10161\n redistribute learned\n vlan 161\n + \ !\n vlan-aware-bundle Tenant_A_OP_Zone\n rd 192.168.255.5:10\n route-target + both 10:10\n redistribute learned\n vlan 110-112\n !\n vlan-aware-bundle + Tenant_A_VMOTION\n rd 192.168.255.5:55160\n route-target both 55160:55160\n + \ redistribute learned\n vlan 160\n !\n vlan-aware-bundle Tenant_A_WAN_Zone\n + \ rd 192.168.255.5:14\n route-target both 14:14\n redistribute learned\n + \ vlan 150\n !\n vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.5:11\n + \ route-target both 11:11\n redistribute learned\n vlan 120-121\n + \ !\n vlan-aware-bundle Tenant_B_OP_Zone\n rd 192.168.255.5:20\n route-target + both 20:20\n redistribute learned\n vlan 210-211\n !\n vlan-aware-bundle + Tenant_B_WAN_Zone\n rd 192.168.255.5:21\n route-target both 21:21\n + \ redistribute learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n + \ rd 192.168.255.5:30\n route-target both 30:30\n redistribute learned\n + \ vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd 192.168.255.5:31\n + \ route-target both 31:31\n redistribute learned\n vlan 350\n !\n + \ address-family evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n address-family + ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n neighbor IPv4-UNDERLAY-PEERS + activate\n neighbor MLAG-IPv4-UNDERLAY-PEER activate\n !\n vrf Tenant_A_APP_Zone\n + \ rd 192.168.255.5:12\n route-target import evpn 12:12\n route-target + export evpn 12:12\n router-id 192.168.255.5\n neighbor 10.255.251.5 + peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n !\n vrf + Tenant_A_DB_Zone\n rd 192.168.255.5:13\n route-target import evpn 13:13\n + \ route-target export evpn 13:13\n router-id 192.168.255.5\n neighbor + 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n + \ !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.5:10\n route-target import + evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.5\n + \ neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.5:14\n route-target + import evpn 14:14\n route-target export evpn 14:14\n router-id 192.168.255.5\n + \ neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.5:11\n route-target + import evpn 11:11\n route-target export evpn 11:11\n router-id 192.168.255.5\n + \ neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.5:20\n route-target + import evpn 20:20\n route-target export evpn 20:20\n router-id 192.168.255.5\n + \ neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.5:21\n route-target + import evpn 21:21\n route-target export evpn 21:21\n router-id 192.168.255.5\n + \ neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.5:30\n route-target + import evpn 30:30\n route-target export evpn 30:30\n router-id 192.168.255.5\n + \ neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.5:31\n route-target + import evpn 31:31\n route-target export evpn 31:31\n router-id 192.168.255.5\n + \ neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n!\nmanagement api http-commands\n protocol https\n no shutdown\n + \ !\n vrf MGMT\n no shutdown\n!\nend\n" + DC1-AVD_DC1-LEAF2B: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec + /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT + -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent + -taillogs\n no shutdown\n!\nvlan internal order ascending range 1006 1199\n!\ntransceiver + qsfp default-mode 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname + DC1-LEAF2B\nip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp + local-interface vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp + server vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode mstp\nno spanning-tree + vlan-id 4093-4094\nspanning-tree mst 0 priority 16384\n!\nno enable password\nno + aaa root\n!\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\nusername + ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\nusername + cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nvlan + 110\n name Tenant_A_OP_Zone_1\n!\nvlan 111\n name Tenant_A_OP_Zone_2\n!\nvlan + 112\n name Tenant_A_OP_Zone_3\n!\nvlan 120\n name Tenant_A_WEB_Zone_1\n!\nvlan + 121\n name Tenant_A_WEBZone_2\n!\nvlan 130\n name Tenant_A_APP_Zone_1\n!\nvlan + 131\n name Tenant_A_APP_Zone_2\n!\nvlan 140\n name Tenant_A_DB_BZone_1\n!\nvlan + 141\n name Tenant_A_DB_Zone_2\n!\nvlan 150\n name Tenant_A_WAN_Zone_1\n!\nvlan + 160\n name Tenant_A_VMOTION\n!\nvlan 161\n name Tenant_A_NFS\n!\nvlan 210\n + \ name Tenant_B_OP_Zone_1\n!\nvlan 211\n name Tenant_B_OP_Zone_2\n!\nvlan 250\n + \ name Tenant_B_WAN_Zone_1\n!\nvlan 310\n name Tenant_C_OP_Zone_1\n!\nvlan + 311\n name Tenant_C_OP_Zone_2\n!\nvlan 350\n name Tenant_C_WAN_Zone_1\n!\nvlan + 3009\n name MLAG_iBGP_Tenant_A_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3010\n name MLAG_iBGP_Tenant_A_WEB_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3011\n name MLAG_iBGP_Tenant_A_APP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3012\n name MLAG_iBGP_Tenant_A_DB_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3013\n name MLAG_iBGP_Tenant_A_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3019\n name MLAG_iBGP_Tenant_B_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3020\n name MLAG_iBGP_Tenant_B_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3029\n name MLAG_iBGP_Tenant_C_OP_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 3030\n name MLAG_iBGP_Tenant_C_WAN_Zone\n trunk group LEAF_PEER_L3\n!\nvlan + 4093\n name LEAF_PEER_L3\n trunk group LEAF_PEER_L3\n!\nvlan 4094\n name + MLAG_PEER\n trunk group MLAG\n!\nvrf instance MGMT\n!\nvrf instance Tenant_A_APP_Zone\n!\nvrf + instance Tenant_A_DB_Zone\n!\nvrf instance Tenant_A_OP_Zone\n!\nvrf instance Tenant_A_WAN_Zone\n!\nvrf + instance Tenant_A_WEB_Zone\n!\nvrf instance Tenant_B_OP_Zone\n!\nvrf instance + Tenant_B_WAN_Zone\n!\nvrf instance Tenant_C_OP_Zone\n!\nvrf instance Tenant_C_WAN_Zone\n!\ninterface + Port-Channel3\n description MLAG_PEER_DC1-LEAF2A_Po3\n no shutdown\n switchport\n + \ switchport mode trunk\n switchport trunk group LEAF_PEER_L3\n switchport + trunk group MLAG\n!\ninterface Port-Channel5\n description DC1-L2LEAF2A_Po1\n + \ no shutdown\n switchport\n switchport trunk allowed vlan 110-112,120-121,130-131\n + \ switchport mode trunk\n mlag 5\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-SPINE1_Ethernet4\n + \ no shutdown\n no switchport\n ip address 172.31.255.13/31\n!\ninterface + Ethernet2\n description P2P_LINK_TO_DC1-SPINE2_Ethernet4\n no shutdown\n no + switchport\n ip address 172.31.255.15/31\n!\ninterface Ethernet3\n description + MLAG_PEER_DC1-LEAF2A_Ethernet3\n no shutdown\n channel-group 3 mode active\n!\ninterface + Ethernet4\n description MLAG_PEER_DC1-LEAF2A_Ethernet4\n no shutdown\n channel-group + 3 mode active\n!\ninterface Ethernet5\n description DC1-L2LEAF2A_Ethernet2\n + \ no shutdown\n channel-group 5 mode active\n!\ninterface Loopback0\n description + EVPN_Overlay_Peering\n no shutdown\n ip address 192.168.255.6/32\n!\ninterface + Loopback1\n description VTEP_VXLAN_Tunnel_Source\n no shutdown\n ip address + 192.168.254.5/32\n!\ninterface Loopback100\n description Tenant_A_OP_Zone_VTEP_DIAGNOSTICS\n + \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address 10.255.1.6/32\n!\ninterface + Management1\n description oob_management\n no shutdown\n vrf MGMT\n ip + address 10.255.0.16/24\n!\ninterface Vlan110\n description Tenant_A_OP_Zone_1\n + \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.10.1/24\n!\ninterface + Vlan111\n description Tenant_A_OP_Zone_2\n no shutdown\n vrf Tenant_A_OP_Zone\n + \ ip address virtual 10.1.11.1/24\n!\ninterface Vlan112\n description Tenant_A_OP_Zone_3\n + \ no shutdown\n vrf Tenant_A_OP_Zone\n ip address virtual 10.1.12.254/24\n!\ninterface + Vlan120\n description Tenant_A_WEB_Zone_1\n no shutdown\n vrf Tenant_A_WEB_Zone\n!\ninterface + Vlan121\n description Tenant_A_WEBZone_2\n no shutdown\n vrf Tenant_A_WEB_Zone\n + \ ip address virtual 10.1.21.1/24\n!\ninterface Vlan130\n description Tenant_A_APP_Zone_1\n + \ no shutdown\n vrf Tenant_A_APP_Zone\n!\ninterface Vlan131\n description + Tenant_A_APP_Zone_2\n no shutdown\n vrf Tenant_A_APP_Zone\n ip address virtual + 10.1.31.254/24\n!\ninterface Vlan140\n description Tenant_A_DB_BZone_1\n no + shutdown\n vrf Tenant_A_DB_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface + Vlan141\n description Tenant_A_DB_Zone_2\n no shutdown\n vrf Tenant_A_DB_Zone\n + \ ip address virtual 10.1.41.1/24\n!\ninterface Vlan150\n description Tenant_A_WAN_Zone_1\n + \ no shutdown\n vrf Tenant_A_WAN_Zone\n ip address virtual 10.1.40.1/24\n!\ninterface + Vlan210\n description Tenant_B_OP_Zone_1\n no shutdown\n vrf Tenant_B_OP_Zone\n!\ninterface + Vlan211\n description Tenant_B_OP_Zone_2\n no shutdown\n vrf Tenant_B_OP_Zone\n + \ ip address virtual 10.2.11.1/24\n!\ninterface Vlan250\n description Tenant_B_WAN_Zone_1\n + \ no shutdown\n vrf Tenant_B_WAN_Zone\n ip address virtual 10.2.50.1/24\n!\ninterface + Vlan310\n description Tenant_C_OP_Zone_1\n no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface + Vlan311\n description Tenant_C_OP_Zone_2\n no shutdown\n vrf Tenant_C_OP_Zone\n!\ninterface + Vlan350\n description Tenant_C_WAN_Zone_1\n no shutdown\n vrf Tenant_C_WAN_Zone\n!\ninterface + Vlan3009\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone\n no shutdown\n + \ vrf Tenant_A_OP_Zone\n ip address 10.255.251.5/31\n!\ninterface Vlan3010\n + \ description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone\n no shutdown\n vrf + Tenant_A_WEB_Zone\n ip address 10.255.251.5/31\n!\ninterface Vlan3011\n description + MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone\n no shutdown\n vrf Tenant_A_APP_Zone\n + \ ip address 10.255.251.5/31\n!\ninterface Vlan3012\n description MLAG_PEER_L3_iBGP: + vrf Tenant_A_DB_Zone\n no shutdown\n vrf Tenant_A_DB_Zone\n ip address 10.255.251.5/31\n!\ninterface + Vlan3013\n description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone\n no shutdown\n + \ vrf Tenant_A_WAN_Zone\n ip address 10.255.251.5/31\n!\ninterface Vlan3019\n + \ description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone\n no shutdown\n vrf + Tenant_B_OP_Zone\n ip address 10.255.251.5/31\n!\ninterface Vlan3020\n description + MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone\n no shutdown\n vrf Tenant_B_WAN_Zone\n + \ ip address 10.255.251.5/31\n!\ninterface Vlan3029\n description MLAG_PEER_L3_iBGP: + vrf Tenant_C_OP_Zone\n no shutdown\n vrf Tenant_C_OP_Zone\n ip address 10.255.251.5/31\n!\ninterface + Vlan3030\n description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone\n no shutdown\n + \ vrf Tenant_C_WAN_Zone\n ip address 10.255.251.5/31\n!\ninterface Vlan4093\n + \ description MLAG_PEER_L3_PEERING\n no shutdown\n ip address 10.255.251.5/31\n!\ninterface + Vlan4094\n description MLAG_PEER\n no shutdown\n no autostate\n ip address + 10.255.252.5/31\n!\ninterface Vxlan1\n description DC1-LEAF2B_VTEP\n vxlan + source-interface Loopback1\n vxlan virtual-router encapsulation mac-address + mlag-system-id\n vxlan udp-port 4789\n vxlan vlan 110 vni 10110\n vxlan + vlan 111 vni 50111\n vxlan vlan 112 vni 50112\n vxlan vlan 120 vni 10120\n + \ vxlan vlan 121 vni 10121\n vxlan vlan 130 vni 10130\n vxlan vlan 131 vni + 10131\n vxlan vlan 140 vni 10140\n vxlan vlan 141 vni 10141\n vxlan vlan + 150 vni 10150\n vxlan vlan 160 vni 55160\n vxlan vlan 161 vni 10161\n vxlan + vlan 210 vni 20210\n vxlan vlan 211 vni 20211\n vxlan vlan 250 vni 20250\n + \ vxlan vlan 310 vni 30310\n vxlan vlan 311 vni 30311\n vxlan vlan 350 vni + 30350\n vxlan vrf Tenant_A_APP_Zone vni 12\n vxlan vrf Tenant_A_DB_Zone vni + 13\n vxlan vrf Tenant_A_OP_Zone vni 10\n vxlan vrf Tenant_A_WAN_Zone vni 14\n + \ vxlan vrf Tenant_A_WEB_Zone vni 11\n vxlan vrf Tenant_B_OP_Zone vni 20\n + \ vxlan vrf Tenant_B_WAN_Zone vni 21\n vxlan vrf Tenant_C_OP_Zone vni 30\n + \ vxlan vrf Tenant_C_WAN_Zone vni 31\n!\nip virtual-router mac-address 00:1c:73:00:dc:01\n!\nip + address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.6\n!\nip routing\nno + ip routing vrf MGMT\nip routing vrf Tenant_A_APP_Zone\nip routing vrf Tenant_A_DB_Zone\nip + routing vrf Tenant_A_OP_Zone\nip routing vrf Tenant_A_WAN_Zone\nip routing vrf + Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing vrf Tenant_B_WAN_Zone\nip + routing vrf Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n!\nip prefix-list + PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24 eq 32\n seq 20 + permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id DC1_LEAF2\n + \ local-interface Vlan4094\n peer-address 10.255.252.4\n peer-link Port-Channel3\n + \ reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0 + 10.255.0.1\n!\nroute-map RM-CONN-2-BGP permit 10\n match ip address prefix-list + PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN permit 10\n description + Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal + routing\n set origin incomplete\n!\nrouter bfd\n multihop interval 1200 min-rx + 1200 multiplier 3\n!\nrouter bgp 65102\n router-id 192.168.255.6\n distance + bgp 20 200 200\n graceful-restart restart-time 300\n graceful-restart\n maximum-paths + 4 ecmp 4\n no bgp default ipv4-unicast\n neighbor EVPN-OVERLAY-PEERS peer + group\n neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS + bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS + password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS send-community\n + \ neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS + peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n + \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS + maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER peer group\n neighbor + MLAG-IPv4-UNDERLAY-PEER remote-as 65102\n neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self\n + \ neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2A\n neighbor MLAG-IPv4-UNDERLAY-PEER + password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n + \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER + route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n + \ neighbor 10.255.251.4 description DC1-LEAF2A\n neighbor 172.31.255.12 peer + group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.12 remote-as 65001\n neighbor + 172.31.255.12 description DC1-SPINE1_Ethernet4\n neighbor 172.31.255.14 peer + group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.14 remote-as 65001\n neighbor + 172.31.255.14 description DC1-SPINE2_Ethernet4\n neighbor 192.168.255.1 peer + group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor + 192.168.255.1 description DC1-SPINE1\n neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n + \ neighbor 192.168.255.2 remote-as 65001\n neighbor 192.168.255.2 description + DC1-SPINE2\n redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle + Tenant_A_APP_Zone\n rd 192.168.255.6:12\n route-target both 12:12\n + \ redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n + \ rd 192.168.255.6:13\n route-target both 13:13\n redistribute learned\n + \ vlan 140-141\n !\n vlan-aware-bundle Tenant_A_NFS\n rd 192.168.255.6:10161\n + \ route-target both 10161:10161\n redistribute learned\n vlan 161\n + \ !\n vlan-aware-bundle Tenant_A_OP_Zone\n rd 192.168.255.6:10\n route-target + both 10:10\n redistribute learned\n vlan 110-112\n !\n vlan-aware-bundle + Tenant_A_VMOTION\n rd 192.168.255.6:55160\n route-target both 55160:55160\n + \ redistribute learned\n vlan 160\n !\n vlan-aware-bundle Tenant_A_WAN_Zone\n + \ rd 192.168.255.6:14\n route-target both 14:14\n redistribute learned\n + \ vlan 150\n !\n vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.6:11\n + \ route-target both 11:11\n redistribute learned\n vlan 120-121\n + \ !\n vlan-aware-bundle Tenant_B_OP_Zone\n rd 192.168.255.6:20\n route-target + both 20:20\n redistribute learned\n vlan 210-211\n !\n vlan-aware-bundle + Tenant_B_WAN_Zone\n rd 192.168.255.6:21\n route-target both 21:21\n + \ redistribute learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n + \ rd 192.168.255.6:30\n route-target both 30:30\n redistribute learned\n + \ vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd 192.168.255.6:31\n + \ route-target both 31:31\n redistribute learned\n vlan 350\n !\n + \ address-family evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n address-family + ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n neighbor IPv4-UNDERLAY-PEERS + activate\n neighbor MLAG-IPv4-UNDERLAY-PEER activate\n !\n vrf Tenant_A_APP_Zone\n + \ rd 192.168.255.6:12\n route-target import evpn 12:12\n route-target + export evpn 12:12\n router-id 192.168.255.6\n neighbor 10.255.251.4 + peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n !\n vrf + Tenant_A_DB_Zone\n rd 192.168.255.6:13\n route-target import evpn 13:13\n + \ route-target export evpn 13:13\n router-id 192.168.255.6\n neighbor + 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute connected\n + \ !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.6:10\n route-target import + evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.6\n + \ neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.6:14\n route-target + import evpn 14:14\n route-target export evpn 14:14\n router-id 192.168.255.6\n + \ neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.6:11\n route-target + import evpn 11:11\n route-target export evpn 11:11\n router-id 192.168.255.6\n + \ neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.6:20\n route-target + import evpn 20:20\n route-target export evpn 20:20\n router-id 192.168.255.6\n + \ neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.6:21\n route-target + import evpn 21:21\n route-target export evpn 21:21\n router-id 192.168.255.6\n + \ neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.6:30\n route-target + import evpn 30:30\n route-target export evpn 30:30\n router-id 192.168.255.6\n + \ neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.6:31\n route-target + import evpn 31:31\n route-target export evpn 31:31\n router-id 192.168.255.6\n + \ neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER\n redistribute + connected\n!\nmanagement api http-commands\n protocol https\n no shutdown\n + \ !\n vrf MGMT\n no shutdown\n!\nend\n" + DC1-AVD_DC1-SPINE1: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec + /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT + -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent + -taillogs\n no shutdown\n!\nvlan internal order ascending range 1006 1199\n!\ntransceiver + qsfp default-mode 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname + DC1-SPINE1\nip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp + local-interface vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp + server vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode none\n!\nno enable password\nno + aaa root\n!\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\nusername + ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\nusername + cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nvrf + instance MGMT\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-LEAF1A_Ethernet1\n + \ no shutdown\n no switchport\n ip address 172.31.255.0/31\n!\ninterface + Ethernet2\n description P2P_LINK_TO_DC1-LEAF1B_Ethernet1\n no shutdown\n no + switchport\n ip address 172.31.255.4/31\n!\ninterface Ethernet3\n description + P2P_LINK_TO_DC1-LEAF2A_Ethernet1\n no shutdown\n no switchport\n ip address + 172.31.255.8/31\n!\ninterface Ethernet4\n description P2P_LINK_TO_DC1-LEAF2B_Ethernet1\n + \ no shutdown\n no switchport\n ip address 172.31.255.12/31\n!\ninterface + Loopback0\n description EVPN_Overlay_Peering\n no shutdown\n ip address + 192.168.255.1/32\n!\ninterface Management1\n description oob_management\n no + shutdown\n vrf MGMT\n ip address 10.255.0.11/24\n!\nip routing\nno ip routing + vrf MGMT\n!\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24 + eq 32\n!\nip route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map RM-CONN-2-BGP permit + 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nrouter bfd\n + \ multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65001\n router-id + 192.168.255.1\n distance bgp 20 200 200\n graceful-restart restart-time 300\n + \ graceful-restart\n maximum-paths 4 ecmp 4\n no bgp default ipv4-unicast\n + \ neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS next-hop-unchanged\n + \ neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS + bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS + password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS send-community\n + \ neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS + peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n + \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS + maximum-routes 12000\n neighbor 172.31.255.1 peer group IPv4-UNDERLAY-PEERS\n + \ neighbor 172.31.255.1 remote-as 65101\n neighbor 172.31.255.1 description + DC1-LEAF1A_Ethernet1\n neighbor 172.31.255.5 peer group IPv4-UNDERLAY-PEERS\n + \ neighbor 172.31.255.5 remote-as 65101\n neighbor 172.31.255.5 description + DC1-LEAF1B_Ethernet1\n neighbor 172.31.255.9 peer group IPv4-UNDERLAY-PEERS\n + \ neighbor 172.31.255.9 remote-as 65102\n neighbor 172.31.255.9 description + DC1-LEAF2A_Ethernet1\n neighbor 172.31.255.13 peer group IPv4-UNDERLAY-PEERS\n + \ neighbor 172.31.255.13 remote-as 65102\n neighbor 172.31.255.13 description + DC1-LEAF2B_Ethernet1\n neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS\n + \ neighbor 192.168.255.3 remote-as 65101\n neighbor 192.168.255.3 description + DC1-LEAF1A\n neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS\n neighbor + 192.168.255.4 remote-as 65101\n neighbor 192.168.255.4 description DC1-LEAF1B\n + \ neighbor 192.168.255.5 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.5 + remote-as 65102\n neighbor 192.168.255.5 description DC1-LEAF2A\n neighbor + 192.168.255.6 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.6 remote-as + 65102\n neighbor 192.168.255.6 description DC1-LEAF2B\n redistribute connected + route-map RM-CONN-2-BGP\n !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS + activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n + \ neighbor IPv4-UNDERLAY-PEERS activate\n!\nmanagement api http-commands\n + \ protocol https\n no shutdown\n !\n vrf MGMT\n no shutdown\n!\nend\n" + DC1-AVD_DC1-SPINE2: "!RANCID-CONTENT-TYPE: arista\n!\ndaemon TerminAttr\n exec + /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvauth=token,/tmp/token -cvvrf=MGMT + -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent + -taillogs\n no shutdown\n!\nvlan internal order ascending range 1006 1199\n!\ntransceiver + qsfp default-mode 4x10G\n!\nservice routing protocols model multi-agent\n!\nhostname + DC1-SPINE2\nip name-server vrf MGMT 8.8.8.8\nip name-server vrf MGMT 192.168.2.1\n!\nntp + local-interface vrf MGMT Management1\nntp server vrf MGMT 0.fr.pool.ntp.org prefer\nntp + server vrf MGMT 1.fr.pool.ntp.org\n!\nspanning-tree mode none\n!\nno enable password\nno + aaa root\n!\nusername admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1\nusername + ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/\nusername + cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nvrf + instance MGMT\n!\ninterface Ethernet1\n description P2P_LINK_TO_DC1-LEAF1A_Ethernet2\n + \ no shutdown\n no switchport\n ip address 172.31.255.2/31\n!\ninterface + Ethernet2\n description P2P_LINK_TO_DC1-LEAF1B_Ethernet2\n no shutdown\n no + switchport\n ip address 172.31.255.6/31\n!\ninterface Ethernet3\n description + P2P_LINK_TO_DC1-LEAF2A_Ethernet2\n no shutdown\n no switchport\n ip address + 172.31.255.10/31\n!\ninterface Ethernet4\n description P2P_LINK_TO_DC1-LEAF2B_Ethernet2\n + \ no shutdown\n no switchport\n ip address 172.31.255.14/31\n!\ninterface + Loopback0\n description EVPN_Overlay_Peering\n no shutdown\n ip address + 192.168.255.2/32\n!\ninterface Management1\n description oob_management\n no + shutdown\n vrf MGMT\n ip address 10.255.0.12/24\n!\nip routing\nno ip routing + vrf MGMT\n!\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24 + eq 32\n!\nip route vrf MGMT 0.0.0.0/0 10.255.0.1\n!\nroute-map RM-CONN-2-BGP permit + 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nrouter bfd\n + \ multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65001\n router-id + 192.168.255.2\n distance bgp 20 200 200\n graceful-restart restart-time 300\n + \ graceful-restart\n maximum-paths 4 ecmp 4\n no bgp default ipv4-unicast\n + \ neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS next-hop-unchanged\n + \ neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS + bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS + password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS send-community\n + \ neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS + peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n + \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS + maximum-routes 12000\n neighbor 172.31.255.3 peer group IPv4-UNDERLAY-PEERS\n + \ neighbor 172.31.255.3 remote-as 65101\n neighbor 172.31.255.3 description + DC1-LEAF1A_Ethernet2\n neighbor 172.31.255.7 peer group IPv4-UNDERLAY-PEERS\n + \ neighbor 172.31.255.7 remote-as 65101\n neighbor 172.31.255.7 description + DC1-LEAF1B_Ethernet2\n neighbor 172.31.255.11 peer group IPv4-UNDERLAY-PEERS\n + \ neighbor 172.31.255.11 remote-as 65102\n neighbor 172.31.255.11 description + DC1-LEAF2A_Ethernet2\n neighbor 172.31.255.15 peer group IPv4-UNDERLAY-PEERS\n + \ neighbor 172.31.255.15 remote-as 65102\n neighbor 172.31.255.15 description + DC1-LEAF2B_Ethernet2\n neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS\n + \ neighbor 192.168.255.3 remote-as 65101\n neighbor 192.168.255.3 description + DC1-LEAF1A\n neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS\n neighbor + 192.168.255.4 remote-as 65101\n neighbor 192.168.255.4 description DC1-LEAF1B\n + \ neighbor 192.168.255.5 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.5 + remote-as 65102\n neighbor 192.168.255.5 description DC1-LEAF2A\n neighbor + 192.168.255.6 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.6 remote-as + 65102\n neighbor 192.168.255.6 description DC1-LEAF2B\n redistribute connected + route-map RM-CONN-2-BGP\n !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS + activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n + \ neighbor IPv4-UNDERLAY-PEERS activate\n!\nmanagement api http-commands\n + \ protocol https\n no shutdown\n !\n vrf MGMT\n no shutdown\n!\nend\n" +cvp_topology: DC1_FABRIC: + devices: [] parent_container: Tenant DC1_L2LEAF1: devices: @@ -985,8 +948,10 @@ CVP_TOPOLOGY: - DC1-L2LEAF2A parent_container: DC1_L2LEAFS DC1_L2LEAFS: + devices: [] parent_container: DC1_FABRIC DC1_L3LEAFS: + devices: [] parent_container: DC1_FABRIC DC1_LEAF1: devices: @@ -1003,4 +968,3 @@ CVP_TOPOLOGY: - DC1-SPINE1 - DC1-SPINE2 parent_container: DC1_FABRIC -changed: false diff --git a/inventory/inventory.yml b/inventory/inventory.yml index 3526a7442..b481da069 100644 --- a/inventory/inventory.yml +++ b/inventory/inventory.yml @@ -70,11 +70,12 @@ all: ansible_become_method: enable ansible_httpapi_use_ssl: true ansible_httpapi_validate_certs: false - DC1_TENANTS_NETWORKS: + NETWORK_SERVICES: children: + # DC1_SPINES: DC1_L3LEAFS: DC1_L2LEAFS: - DC1_SERVERS: + DC1_CONNECTED_ENDPOINTS: children: DC1_L3LEAFS: DC1_L2LEAFS: diff --git a/playbooks/dc1-ztp-configuration.yml b/playbooks/dc1-ztp-configuration.yml index c2bacdbb0..c635aad6b 100644 --- a/playbooks/dc1-ztp-configuration.yml +++ b/playbooks/dc1-ztp-configuration.yml @@ -5,4 +5,4 @@ tasks: - name: 'Execute ZTP configuration role' import_role: - name: arista.cvp.dhcp_configuration + name: arista.avd.dhcp_provisioner diff --git a/requirements.txt b/requirements.txt deleted file mode 100644 index 25c3b9862..000000000 --- a/requirements.txt +++ /dev/null @@ -1,11 +0,0 @@ -ansible==4.2.0 -netaddr==0.7.19 -Jinja2==2.11.3 -treelib==1.5.5 -cvprac==1.0.7 -paramiko==2.10.1 -jsonschema==3.2.0 -requests==2.25.1 -PyYAML==5.4.1 -md-toc==7.1.0 -markupsafe==2.0.1