diff --git a/.devcontainer/techlib-vxlan-domain-a/devcontainer.json b/.devcontainer/techlib-vxlan-domain-a/devcontainer.json new file mode 100644 index 0000000..672486d --- /dev/null +++ b/.devcontainer/techlib-vxlan-domain-a/devcontainer.json @@ -0,0 +1,23 @@ +{ + "image": "ghcr.io/${localEnv:GITHUB_REPOSITORY}/techlib-labs:python3.11-avd-v4.9.0-clab0.54.2-ceos4.32.1f", + // containerEnv set the variables applied to entire container + "containerEnv": { + "ARISTA_TOKEN": "${localEnv:ARTOKEN}", + "CONTAINERWSF": "${containerWorkspaceFolder}", + "GITHUB_REPOSITORY": "${localEnv:GITHUB_REPOSITORY}" + }, + "secrets": { + "ARTOKEN": { + "description": "token to auto-download EOS images from arista.com." + // "documentationUrl": "https://example.com/link/to/info" + } + }, + "hostRequirements": { + "cpus": 16, + "memory": "64gb", + "storage": "128gb" + }, + "postCreateCommand": "postCreate.sh", + "workspaceMount": "source=${localWorkspaceFolder}/labs/${containerWorkspaceFolder},target=/${containerWorkspaceFolder},type=bind", + "workspaceFolder": "/techlib-vxlan-domain-a" +} \ No newline at end of file diff --git a/.github/workflows/container_build_parent_matrix.yml b/.github/workflows/container_build_parent_matrix.yml index a0fae4a..f82c0a5 100644 --- a/.github/workflows/container_build_parent_matrix.yml +++ b/.github/workflows/container_build_parent_matrix.yml @@ -23,9 +23,9 @@ jobs: strategy: matrix: from_image: ["ghcr.io/aristanetworks/avd/universal"] - from_variant: ["python3.11-avd-v4.9.0"] - clab_version: ["0.54.2"] - ceos_lab_version: ["4.32.1F"] + from_variant: ["python3.11-avd-v4.9.0", "python3.11-avd-v4.10.0"] + clab_version: ["0.54.2", "0.56.0"] + ceos_lab_version: ["4.32.1F", "4.32.2F"] with: from_image: ${{ matrix.from_image }} from_variant: ${{ matrix.from_variant }} diff --git a/README.md b/README.md index 4c12a3f..83d7921 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,7 @@ -# tech-library-avd +# acLabs (Arista Community Labs) -AVD data models based on Tech Library deployment guides +> WARNING: Under Construction! + +To start the lab for testing, please use following links: + +- [EVPN, domain-A](https://codespaces.new/aristanetworks/aclabs/tree/main?quickstart=1&devcontainer_path=.devcontainer%2Ftechlib-vxlan-domain-a%2Fdevcontainer.json) diff --git a/labs/techlib-vxlan-domain-a/Makefile b/labs/techlib-vxlan-domain-a/Makefile new file mode 100644 index 0000000..188f635 --- /dev/null +++ b/labs/techlib-vxlan-domain-a/Makefile @@ -0,0 +1,13 @@ +CURRENT_DIR := $(shell pwd) + +.PHONY: help +help: ## Display help message + @grep -E '^[0-9a-zA-Z_-]+\.*[0-9a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' + +.PHONY: start +start: ## Deploy ceos lab + sudo containerlab deploy --debug --topo $(CURRENT_DIR)/clab/topology.clab.yml --max-workers 10 --timeout 5m --reconfigure + +.PHONY: stop +stop: ## Destroy ceos lab + sudo containerlab destroy --debug --topo $(CURRENT_DIR)/clab/topology.clab.yml --cleanup diff --git a/labs/techlib-vxlan-domain-a/clab/init-configs/.gitkeep b/labs/techlib-vxlan-domain-a/clab/init-configs/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF1.cfg b/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF1.cfg new file mode 100644 index 0000000..3531f8d --- /dev/null +++ b/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF1.cfg @@ -0,0 +1,286 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-LEAF1 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 30 + name Orange +! +vlan 3001 + name MLAG_PEER_VRF_PROD + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel7 + description HostA1 + switchport access vlan 10 + mlag 7 + spanning-tree portfast +! +interface Port-Channel8 + description HostA2 + switchport access vlan 30 + mlag 8 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + no switchport + ip address 192.168.0.1/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + no switchport + ip address 192.168.0.17/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + no switchport + ip address 192.168.0.33/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + no switchport + ip address 192.168.0.49/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + channel-group 7 mode active +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.1.1/32 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.1.1/32 +! +interface Loopback101 + vrf PROD + ip address 10.101.101.11/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.105/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback101 + ip address virtual 10.10.10.1/24 +! +interface Vlan30 + mtu 9014 + vrf PROD + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback101 + ip address virtual 10.30.30.1/24 +! +interface Vlan3001 + description MLAG iBGP Peer - VRF PROD + no autostate + vrf PROD + ip address 192.0.0.0/31 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.0/31 + pim ipv4 sparse-mode +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.1/30 +! +interface Vxlan1 + vxlan source-interface Loopback0 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 10,30 vni 10010,10030 + vxlan vrf PROD vni 50001 + vxlan mlag source-interface Loopback1 + vxlan vrf PROD multicast group 232.1.1.1 + vxlan vrf PROD multicast group overlay 239.0.10.101 encap 232.1.1.10 immediate +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.2 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65112 + router-id 1.1.1.1 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65100 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS remote-as 65100 + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor MLAG-IPV4-PEER peer group + neighbor MLAG-IPV4-PEER remote-as 65112 + neighbor MLAG-IPV4-PEER next-hop-self + neighbor MLAG-IPV4-PEER route-map RM-MLAG-PEER-OUT out + neighbor MLAG-IPV4-PEER password 7 CRkxra9QRmU5k9/wECPlUA== + neighbor 1.1.1.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.204 peer group LOCAL-EVPN-PEERS + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + neighbor 192.168.0.0 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.16 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.32 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.48 peer group LOCAL-IPV4-PEERS + redistribute connected route-map RM-CONN-2-BGP + ! + vlan 10 + rd 1.1.1.1:10010 + route-target both 10010:10010 + redistribute learned + ! + vlan 30 + rd 1.1.1.1:10030 + route-target both 10030:10030 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor MLAG-IPV4-PEER activate + ! + vrf PROD + rd 1.1.1.1:50001 + evpn multicast + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.1 activate +! +router multicast + ipv4 + routing + software-forwarding sfe + ! + vrf PROD + ipv4 + routing +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF2.cfg b/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF2.cfg new file mode 100644 index 0000000..35b8fd1 --- /dev/null +++ b/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF2.cfg @@ -0,0 +1,286 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-LEAF2 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 30 + name Orange +! +vlan 3001 + name MLAG_PEER_VRF_PROD + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel7 + description HostA1 + switchport access vlan 10 + mlag 7 + spanning-tree portfast +! +interface Port-Channel8 + description HostA2 + switchport access vlan 30 + mlag 8 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + no switchport + ip address 192.168.0.3/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + no switchport + ip address 192.168.0.19/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + no switchport + ip address 192.168.0.35/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + no switchport + ip address 192.168.0.51/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + channel-group 7 mode active +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.1.2/32 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.1.1/32 +! +interface Loopback101 + vrf PROD + ip address 10.101.101.12/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.106/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback101 + ip address virtual 10.10.10.1/24 +! +interface Vlan30 + mtu 9014 + vrf PROD + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback101 + ip address virtual 10.30.30.1/24 +! +interface Vlan3001 + description MLAG iBGP Peer - VRF PROD + no autostate + vrf PROD + ip address 192.0.0.1/31 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.1/31 + pim ipv4 sparse-mode +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.2/30 +! +interface Vxlan1 + vxlan source-interface Loopback0 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 10,30 vni 10010,10030 + vxlan vrf PROD vni 50001 + vxlan mlag source-interface Loopback1 + vxlan vrf PROD multicast group 232.1.1.1 + vxlan vrf PROD multicast group overlay 239.0.10.101 encap 232.1.1.10 immediate +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list regexp evpn-imported permit RT:.* +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.1 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65112 + router-id 1.1.1.2 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65100 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS remote-as 65100 + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor MLAG-IPV4-PEER peer group + neighbor MLAG-IPV4-PEER remote-as 65112 + neighbor MLAG-IPV4-PEER next-hop-self + neighbor MLAG-IPV4-PEER route-map RM-MLAG-PEER-OUT out + neighbor MLAG-IPV4-PEER password 7 CRkxra9QRmU5k9/wECPlUA== + neighbor 1.1.1.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.204 peer group LOCAL-EVPN-PEERS + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + neighbor 192.168.0.2 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.18 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.34 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.50 peer group LOCAL-IPV4-PEERS + redistribute connected route-map RM-CONN-2-BGP + ! + vlan 10 + rd 1.1.1.2:10010 + route-target both 10010:10010 + redistribute learned + ! + vlan 30 + rd 1.1.1.2:10030 + route-target both 10030:10030 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor MLAG-IPV4-PEER activate + ! + vrf PROD + rd 1.1.1.2:50001 + evpn multicast + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.0 activate +! +router multicast + ipv4 + routing + software-forwarding sfe + ! + vrf PROD + ipv4 + routing +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF3.cfg b/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF3.cfg new file mode 100644 index 0000000..7af1bac --- /dev/null +++ b/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF3.cfg @@ -0,0 +1,332 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-LEAF3 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001-3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 30 + name Orange +! +vlan 50 + name Yellow +! +vlan 3001 + name MLAG_PEER_VRF_PROD + trunk group MLAG_PEER +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel8 + description HostA4 + switchport access vlan 10 + mlag 8 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + no switchport + ip address 192.168.0.5/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + no switchport + ip address 192.168.0.21/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + no switchport + ip address 192.168.0.37/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + no switchport + ip address 192.168.0.53/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + description HostA3 + switchport access vlan 50 + spanning-tree portfast +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.1.3/32 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.1.3/32 +! +interface Loopback101 + vrf PROD + ip address 10.101.101.13/32 +! +interface Loopback102 + vrf DEV + ip address 10.102.102.13/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.107/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback101 + ip address virtual 10.10.10.1/24 +! +interface Vlan30 + mtu 9014 + vrf PROD + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback101 + ip address virtual 10.30.30.1/24 +! +interface Vlan50 + mtu 9014 + vrf DEV + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback102 + ip address virtual 10.50.50.1/24 +! +interface Vlan3001 + description MLAG iBGP Peer - VRF PROD + no autostate + vrf PROD + ip address 192.0.0.0/31 +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ip address 192.0.0.0/31 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.0/31 + pim ipv4 sparse-mode +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.1/30 +! +interface Vxlan1 + vxlan source-interface Loopback0 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 10,30,50 vni 10010,10030,10050 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 + vxlan mlag source-interface Loopback1 + vxlan vrf DEV multicast group 232.2.2.2 + vxlan vrf DEV multicast group overlay 239.0.50.101 encap 232.2.2.50 immediate + vxlan vrf PROD multicast group 232.1.1.1 + vxlan vrf PROD multicast group overlay 239.0.10.101 encap 232.1.1.10 immediate +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.2 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65134 + router-id 1.1.1.3 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65100 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS remote-as 65100 + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor MLAG-IPV4-PEER peer group + neighbor MLAG-IPV4-PEER remote-as 65134 + neighbor MLAG-IPV4-PEER next-hop-self + neighbor MLAG-IPV4-PEER route-map RM-MLAG-PEER-OUT out + neighbor MLAG-IPV4-PEER password 7 CRkxra9QRmU5k9/wECPlUA== + neighbor 1.1.1.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.204 peer group LOCAL-EVPN-PEERS + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + neighbor 192.168.0.4 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.20 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.36 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.52 peer group LOCAL-IPV4-PEERS + redistribute connected route-map RM-CONN-2-BGP + ! + vlan 10 + rd 1.1.1.3:10010 + route-target both 10010:10010 + redistribute learned + ! + vlan 30 + rd 1.1.1.3:10030 + route-target both 10030:10030 + redistribute learned + ! + vlan 50 + rd 1.1.1.3:10050 + route-target both 10050:10050 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor MLAG-IPV4-PEER activate + ! + vrf DEV + rd 1.1.1.3:50002 + evpn multicast + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.1 activate + ! + vrf PROD + rd 1.1.1.3:50001 + evpn multicast + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.1 activate +! +router multicast + ipv4 + routing + software-forwarding sfe + ! + vrf DEV + ipv4 + routing + ! + vrf PROD + ipv4 + routing +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF4.cfg b/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF4.cfg new file mode 100644 index 0000000..aa453af --- /dev/null +++ b/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF4.cfg @@ -0,0 +1,332 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-LEAF4 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001-3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 30 + name Orange +! +vlan 50 + name Yellow +! +vlan 3001 + name MLAG_PEER_VRF_PROD + trunk group MLAG_PEER +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel8 + description HostA4 + switchport access vlan 10 + mlag 8 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + no switchport + ip address 192.168.0.7/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + no switchport + ip address 192.168.0.23/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + no switchport + ip address 192.168.0.39/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + no switchport + ip address 192.168.0.55/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + description HostE + switchport access vlan 30 + spanning-tree portfast +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.1.4/32 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.1.3/32 +! +interface Loopback101 + vrf PROD + ip address 10.101.101.14/32 +! +interface Loopback102 + vrf DEV + ip address 10.102.102.14/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.108/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback101 + ip address virtual 10.10.10.1/24 +! +interface Vlan30 + mtu 9014 + vrf PROD + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback101 + ip address virtual 10.30.30.1/24 +! +interface Vlan50 + mtu 9014 + vrf DEV + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback102 + ip address virtual 10.50.50.1/24 +! +interface Vlan3001 + description MLAG iBGP Peer - VRF PROD + no autostate + vrf PROD + ip address 192.0.0.1/31 +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ip address 192.0.0.1/31 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.1/31 + pim ipv4 sparse-mode +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.2/30 +! +interface Vxlan1 + vxlan source-interface Loopback0 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 10,30,50 vni 10010,10030,10050 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 + vxlan mlag source-interface Loopback1 + vxlan vrf DEV multicast group 232.2.2.2 + vxlan vrf DEV multicast group overlay 239.0.50.101 encap 232.2.2.50 immediate + vxlan vrf PROD multicast group 232.1.1.1 + vxlan vrf PROD multicast group overlay 239.0.10.101 encap 232.1.1.10 immediate +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.1 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65134 + router-id 1.1.1.4 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65100 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS remote-as 65100 + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor MLAG-IPV4-PEER peer group + neighbor MLAG-IPV4-PEER remote-as 65134 + neighbor MLAG-IPV4-PEER next-hop-self + neighbor MLAG-IPV4-PEER route-map RM-MLAG-PEER-OUT out + neighbor MLAG-IPV4-PEER password 7 CRkxra9QRmU5k9/wECPlUA== + neighbor 1.1.1.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.204 peer group LOCAL-EVPN-PEERS + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + neighbor 192.168.0.6 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.22 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.38 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.54 peer group LOCAL-IPV4-PEERS + redistribute connected route-map RM-CONN-2-BGP + ! + vlan 10 + rd 1.1.1.4:10010 + route-target both 10010:10010 + redistribute learned + ! + vlan 30 + rd 1.1.1.4:10030 + route-target both 10030:10030 + redistribute learned + ! + vlan 50 + rd 1.1.1.4:10050 + route-target both 10050:10050 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor MLAG-IPV4-PEER activate + ! + vrf DEV + rd 1.1.1.4:50002 + evpn multicast + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.0 activate + ! + vrf PROD + rd 1.1.1.4:50001 + evpn multicast + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.0 activate +! +router multicast + ipv4 + routing + software-forwarding sfe + ! + vrf DEV + ipv4 + routing + ! + vrf PROD + ipv4 + routing +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF5.cfg b/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF5.cfg new file mode 100644 index 0000000..7d812a4 --- /dev/null +++ b/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF5.cfg @@ -0,0 +1,261 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-LEAF5 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 70 + name Brown +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel7 + description HostF + switchport access vlan 70 + mlag 7 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + no switchport + ip address 192.168.0.9/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + no switchport + ip address 192.168.0.25/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + no switchport + ip address 192.168.0.41/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + no switchport + ip address 192.168.0.57/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + channel-group 7 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.1.5/32 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.1.5/32 +! +interface Loopback102 + vrf DEV + ip address 10.102.102.15/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.109/24 +! +interface Vlan70 + mtu 9014 + vrf DEV + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback102 + ip address virtual 10.70.70.1/24 +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ip address 192.0.0.0/31 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.0/31 +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.1/30 +! +interface Vxlan1 + vxlan source-interface Loopback0 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 70 vni 10070 + vxlan vrf DEV vni 50002 + vxlan mlag source-interface Loopback1 + vxlan vrf DEV multicast group 232.2.2.2 + vxlan vrf DEV multicast group overlay 239.0.50.101 encap 232.2.2.50 immediate +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.2 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65156 + router-id 1.1.1.5 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65100 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS remote-as 65100 + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor MLAG-IPV4-PEER peer group + neighbor MLAG-IPV4-PEER remote-as 65156 + neighbor MLAG-IPV4-PEER next-hop-self + neighbor MLAG-IPV4-PEER route-map RM-MLAG-PEER-OUT out + neighbor MLAG-IPV4-PEER password 7 CRkxra9QRmU5k9/wECPlUA== + neighbor 1.1.1.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.204 peer group LOCAL-EVPN-PEERS + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + neighbor 192.168.0.8 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.24 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.40 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.56 peer group LOCAL-IPV4-PEERS + redistribute connected route-map RM-CONN-2-BGP + ! + vlan 70 + rd 1.1.1.5:10070 + route-target both 10070:10070 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor MLAG-IPV4-PEER activate + ! + vrf DEV + rd 1.1.1.5:50002 + evpn multicast + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.1 activate +! +router multicast + ipv4 + routing + software-forwarding sfe + ! + vrf DEV + ipv4 + routing +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF6.cfg b/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF6.cfg new file mode 100644 index 0000000..1b395fe --- /dev/null +++ b/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF6.cfg @@ -0,0 +1,261 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-LEAF6 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 70 + name Brown +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel7 + description HostF + switchport access vlan 70 + mlag 7 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + no switchport + ip address 192.168.0.11/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + no switchport + ip address 192.168.0.27/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + no switchport + ip address 192.168.0.43/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + no switchport + ip address 192.168.0.59/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + channel-group 7 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.1.6/32 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.1.5/32 +! +interface Loopback102 + vrf DEV + ip address 10.102.102.16/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.110/24 +! +interface Vlan70 + mtu 9014 + vrf DEV + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback102 + ip address virtual 10.70.70.1/24 +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ip address 192.0.0.1/31 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.1/31 +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.2/30 +! +interface Vxlan1 + vxlan source-interface Loopback0 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 70 vni 10070 + vxlan vrf DEV vni 50002 + vxlan mlag source-interface Loopback1 + vxlan vrf DEV multicast group 232.2.2.2 + vxlan vrf DEV multicast group overlay 239.0.50.101 encap 232.2.2.50 immediate +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.1 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65156 + router-id 1.1.1.6 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65100 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS remote-as 65100 + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor MLAG-IPV4-PEER peer group + neighbor MLAG-IPV4-PEER remote-as 65156 + neighbor MLAG-IPV4-PEER next-hop-self + neighbor MLAG-IPV4-PEER route-map RM-MLAG-PEER-OUT out + neighbor MLAG-IPV4-PEER password 7 CRkxra9QRmU5k9/wECPlUA== + neighbor 1.1.1.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.204 peer group LOCAL-EVPN-PEERS + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + neighbor 192.168.0.10 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.26 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.42 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.58 peer group LOCAL-IPV4-PEERS + redistribute connected route-map RM-CONN-2-BGP + ! + vlan 70 + rd 1.1.1.6:10070 + route-target both 10070:10070 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor MLAG-IPV4-PEER activate + ! + vrf DEV + rd 1.1.1.6:50002 + evpn multicast + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.0 activate +! +router multicast + ipv4 + routing + software-forwarding sfe + ! + vrf DEV + ipv4 + routing +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF7.cfg b/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF7.cfg new file mode 100644 index 0000000..5286301 --- /dev/null +++ b/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF7.cfg @@ -0,0 +1,312 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-LEAF7 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001-3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 50 + name Yellow +! +vlan 70 + name Brown +! +vlan 3001 + name MLAG_PEER_VRF_PROD + trunk group MLAG_PEER +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + no switchport + ip address 192.168.0.13/31 +! +interface Ethernet2 + no switchport + ip address 192.168.0.29/31 +! +interface Ethernet3 + no switchport + ip address 192.168.0.45/31 +! +interface Ethernet4 + no switchport + ip address 192.168.0.61/31 +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + no switchport + ip address 172.16.1.1/31 +! +interface Ethernet8 + no switchport + ip address 172.16.1.5/31 +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.1.7/32 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.1.7/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.111/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + ip address virtual 10.10.10.1/24 +! +interface Vlan50 + mtu 9014 + vrf DEV + ip address virtual 10.50.50.1/24 +! +interface Vlan70 + mtu 9014 + vrf DEV + ip address virtual 10.70.70.1/24 +! +interface Vlan3001 + description MLAG iBGP Peer - VRF PROD + no autostate + vrf PROD + ip address 192.0.0.0/31 +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ip address 192.0.0.0/31 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.0/31 +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.1/30 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 10,50,70 vni 10010,10050,10070 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ip prefix-list PL-GATEWAY-LOOP + seq 10 permit 2.2.1.7/32 + seq 20 permit 1.1.1.7/32 + seq 30 permit 1.1.1.8/32 +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.2 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-AS65000-IPV4-OUT permit 10 + match ip address prefix-list PL-GATEWAY-LOOP +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65178 + router-id 1.1.1.7 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + bgp bestpath d-path + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65100 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS remote-as 65100 + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor MLAG-IPV4-PEER peer group + neighbor MLAG-IPV4-PEER remote-as 65178 + neighbor MLAG-IPV4-PEER next-hop-self + neighbor MLAG-IPV4-PEER route-map RM-MLAG-PEER-OUT out + neighbor MLAG-IPV4-PEER password 7 CRkxra9QRmU5k9/wECPlUA== + neighbor REMOTE-EVPN-PEERS peer group + neighbor REMOTE-EVPN-PEERS remote-as 65000 + neighbor REMOTE-EVPN-PEERS local-as 65000 no-prepend replace-as + neighbor REMOTE-EVPN-PEERS update-source Loopback0 + neighbor REMOTE-EVPN-PEERS password 7 IO6gE/ln7Sp2wt33WX/Asg== + neighbor REMOTE-IPV4-PEERS peer group + neighbor REMOTE-IPV4-PEERS remote-as 65000 + neighbor REMOTE-IPV4-PEERS route-map RM-AS65000-IPV4-OUT out + neighbor REMOTE-IPV4-PEERS password 7 dkvBq1jk4inJHsHfMjYRnQ== + neighbor 1.1.0.1 peer group REMOTE-EVPN-PEERS + neighbor 1.1.0.2 peer group REMOTE-EVPN-PEERS + neighbor 1.1.1.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.204 peer group LOCAL-EVPN-PEERS + neighbor 172.16.1.0 peer group REMOTE-IPV4-PEERS + neighbor 172.16.1.4 peer group REMOTE-IPV4-PEERS + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + neighbor 192.168.0.12 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.28 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.44 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.60 peer group LOCAL-IPV4-PEERS + redistribute connected route-map RM-CONN-2-BGP + ! + vlan 10 + rd evpn domain all 1.1.1.7:10010 + route-target import export evpn domain all 10010:10010 + ! + vlan 50 + rd evpn domain all 1.1.1.7:10050 + route-target import export evpn domain all 10050:10050 + ! + vlan 70 + rd evpn domain all 1.1.1.7:10070 + route-target import export evpn domain all 10070:10070 + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + neighbor REMOTE-EVPN-PEERS activate + neighbor REMOTE-EVPN-PEERS domain remote + domain identifier 1:1 + domain identifier 99:99 remote + route import match-failure action discard + neighbor default next-hop-self received-evpn-routes route-type ip-prefix inter-domain + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor MLAG-IPV4-PEER activate + neighbor REMOTE-IPV4-PEERS activate + ! + vrf DEV + rd 1.1.1.7:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.1 activate + ! + vrf PROD + rd 1.1.1.7:50001 + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.1 activate +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF8.cfg b/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF8.cfg new file mode 100644 index 0000000..49b248f --- /dev/null +++ b/labs/techlib-vxlan-domain-a/clab/init-configs/A-LEAF8.cfg @@ -0,0 +1,312 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-LEAF8 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001-3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 50 + name Yellow +! +vlan 70 + name Brown +! +vlan 3001 + name MLAG_PEER_VRF_PROD + trunk group MLAG_PEER +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + no switchport + ip address 192.168.0.15/31 +! +interface Ethernet2 + no switchport + ip address 192.168.0.31/31 +! +interface Ethernet3 + no switchport + ip address 192.168.0.47/31 +! +interface Ethernet4 + no switchport + ip address 192.168.0.63/31 +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + no switchport + ip address 172.16.1.3/31 +! +interface Ethernet8 + no switchport + ip address 172.16.1.7/31 +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.1.8/32 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.1.7/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.112/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + ip address virtual 10.10.10.1/24 +! +interface Vlan50 + mtu 9014 + vrf DEV + ip address virtual 10.50.50.1/24 +! +interface Vlan70 + mtu 9014 + vrf DEV + ip address virtual 10.70.70.1/24 +! +interface Vlan3001 + description MLAG iBGP Peer - VRF PROD + no autostate + vrf PROD + ip address 192.0.0.1/31 +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ip address 192.0.0.1/31 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.1/31 +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.2/30 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 10,50,70 vni 10010,10050,10070 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ip prefix-list PL-GATEWAY-LOOP + seq 10 permit 2.2.1.7/32 + seq 20 permit 1.1.1.7/32 + seq 30 permit 1.1.1.8/32 +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.1 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-AS65000-IPV4-OUT permit 10 + match ip address prefix-list PL-GATEWAY-LOOP +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65178 + router-id 1.1.1.8 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + bgp bestpath d-path + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65100 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS remote-as 65100 + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor MLAG-IPV4-PEER peer group + neighbor MLAG-IPV4-PEER remote-as 65178 + neighbor MLAG-IPV4-PEER next-hop-self + neighbor MLAG-IPV4-PEER route-map RM-MLAG-PEER-OUT out + neighbor MLAG-IPV4-PEER password 7 CRkxra9QRmU5k9/wECPlUA== + neighbor REMOTE-EVPN-PEERS peer group + neighbor REMOTE-EVPN-PEERS remote-as 65000 + neighbor REMOTE-EVPN-PEERS local-as 65000 no-prepend replace-as + neighbor REMOTE-EVPN-PEERS update-source Loopback0 + neighbor REMOTE-EVPN-PEERS password 7 IO6gE/ln7Sp2wt33WX/Asg== + neighbor REMOTE-IPV4-PEERS peer group + neighbor REMOTE-IPV4-PEERS remote-as 65000 + neighbor REMOTE-IPV4-PEERS route-map RM-AS65000-IPV4-OUT out + neighbor REMOTE-IPV4-PEERS password 7 dkvBq1jk4inJHsHfMjYRnQ== + neighbor 1.1.0.1 peer group REMOTE-EVPN-PEERS + neighbor 1.1.0.2 peer group REMOTE-EVPN-PEERS + neighbor 1.1.1.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.204 peer group LOCAL-EVPN-PEERS + neighbor 172.16.1.2 peer group REMOTE-IPV4-PEERS + neighbor 172.16.1.6 peer group REMOTE-IPV4-PEERS + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + neighbor 192.168.0.14 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.30 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.46 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.62 peer group LOCAL-IPV4-PEERS + redistribute connected route-map RM-CONN-2-BGP + ! + vlan 10 + rd evpn domain all 1.1.1.8:10010 + route-target import export evpn domain all 10010:10010 + ! + vlan 50 + rd evpn domain all 1.1.1.8:10050 + route-target import export evpn domain all 10050:10050 + ! + vlan 70 + rd evpn domain all 1.1.1.8:10070 + route-target import export evpn domain all 10070:10070 + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + neighbor REMOTE-EVPN-PEERS activate + neighbor REMOTE-EVPN-PEERS domain remote + domain identifier 1:1 + domain identifier 99:99 remote + route import match-failure action discard + neighbor default next-hop-self received-evpn-routes route-type ip-prefix inter-domain + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor MLAG-IPV4-PEER activate + neighbor REMOTE-IPV4-PEERS activate + ! + vrf DEV + rd 1.1.1.8:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.0 activate + ! + vrf PROD + rd 1.1.1.8:50001 + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.0 activate +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/labs/techlib-vxlan-domain-a/clab/init-configs/A-SPINE1.cfg b/labs/techlib-vxlan-domain-a/clab/init-configs/A-SPINE1.cfg new file mode 100644 index 0000000..7a13108 --- /dev/null +++ b/labs/techlib-vxlan-domain-a/clab/init-configs/A-SPINE1.cfg @@ -0,0 +1,191 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-SPINE1 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description A-LEAF1 + no switchport + ip address 192.168.0.0/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + description A-LEAF2 + no switchport + ip address 192.168.0.2/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + description A-LEAF3 + no switchport + ip address 192.168.0.4/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + description A-LEAF4 + no switchport + ip address 192.168.0.6/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + description A-LEAF5 + no switchport + ip address 192.168.0.8/31 + pim ipv4 sparse-mode +! +interface Ethernet6 + description A-LEAF6 + no switchport + ip address 192.168.0.10/31 + pim ipv4 sparse-mode +! +interface Ethernet7 + description A-LEAF7 + no switchport + ip address 192.168.0.12/31 + pim ipv4 sparse-mode +! +interface Ethernet8 + description A-LEAF8 + no switchport + ip address 192.168.0.14/31 + pim ipv4 sparse-mode +! +interface Loopback0 + ip address 1.1.1.201/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.101/24 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +router bgp 65100 + router-id 1.1.1.201 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS next-hop-unchanged + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor 1.1.1.1 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.1 remote-as 65112 + neighbor 1.1.1.1 description A-LEAF1.EVPN + neighbor 1.1.1.2 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.2 remote-as 65112 + neighbor 1.1.1.2 description A-LEAF2.EVPN + neighbor 1.1.1.3 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.3 remote-as 65134 + neighbor 1.1.1.3 description A-LEAF3.EVPN + neighbor 1.1.1.4 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.4 remote-as 65134 + neighbor 1.1.1.4 description A-LEAF4.EVPN + neighbor 1.1.1.5 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.5 remote-as 65156 + neighbor 1.1.1.5 description A-LEAF5.EVPN + neighbor 1.1.1.6 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.6 remote-as 65156 + neighbor 1.1.1.6 description A-LEAF6.EVPN + neighbor 1.1.1.7 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.7 remote-as 65178 + neighbor 1.1.1.7 description A-LEAF7.EVPN + neighbor 1.1.1.8 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.8 remote-as 65178 + neighbor 1.1.1.8 description A-LEAF8.EVPN + neighbor 192.168.0.1 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.1 remote-as 65112 + neighbor 192.168.0.1 description A-LEAF1.IPV4 + neighbor 192.168.0.3 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.3 remote-as 65112 + neighbor 192.168.0.3 description A-LEAF2.IPV4 + neighbor 192.168.0.5 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.5 remote-as 65134 + neighbor 192.168.0.5 description A-LEAF3.IPV4 + neighbor 192.168.0.7 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.7 remote-as 65134 + neighbor 192.168.0.7 description A-LEAF4.IPV4 + neighbor 192.168.0.9 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.9 remote-as 65156 + neighbor 192.168.0.9 description A-LEAF5.IPV4 + neighbor 192.168.0.11 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.11 remote-as 65156 + neighbor 192.168.0.11 description A-LEAF6.IPV4 + neighbor 192.168.0.13 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.13 remote-as 65178 + neighbor 192.168.0.13 description A-LEAF7.IPV4 + neighbor 192.168.0.15 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.15 remote-as 65178 + neighbor 192.168.0.15 description A-LEAF8.IPV4 + redistribute connected route-map RM-CONN-2-BGP + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate +! +router multicast + ipv4 + routing + software-forwarding sfe +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/labs/techlib-vxlan-domain-a/clab/init-configs/A-SPINE2.cfg b/labs/techlib-vxlan-domain-a/clab/init-configs/A-SPINE2.cfg new file mode 100644 index 0000000..06deb0e --- /dev/null +++ b/labs/techlib-vxlan-domain-a/clab/init-configs/A-SPINE2.cfg @@ -0,0 +1,191 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-SPINE2 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description A-LEAF1 + no switchport + ip address 192.168.0.16/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + description A-LEAF2 + no switchport + ip address 192.168.0.18/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + description A-LEAF3 + no switchport + ip address 192.168.0.20/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + description A-LEAF4 + no switchport + ip address 192.168.0.22/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + description A-LEAF5 + no switchport + ip address 192.168.0.24/31 + pim ipv4 sparse-mode +! +interface Ethernet6 + description A-LEAF6 + no switchport + ip address 192.168.0.26/31 + pim ipv4 sparse-mode +! +interface Ethernet7 + description A-LEAF7 + no switchport + ip address 192.168.0.28/31 + pim ipv4 sparse-mode +! +interface Ethernet8 + description A-LEAF8 + no switchport + ip address 192.168.0.30/31 + pim ipv4 sparse-mode +! +interface Loopback0 + ip address 1.1.1.202/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.102/24 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +router bgp 65100 + router-id 1.1.1.202 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS next-hop-unchanged + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor 1.1.1.1 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.1 remote-as 65112 + neighbor 1.1.1.1 description A-LEAF1.EVPN + neighbor 1.1.1.2 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.2 remote-as 65112 + neighbor 1.1.1.2 description A-LEAF2.EVPN + neighbor 1.1.1.3 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.3 remote-as 65134 + neighbor 1.1.1.3 description A-LEAF3.EVPN + neighbor 1.1.1.4 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.4 remote-as 65134 + neighbor 1.1.1.4 description A-LEAF4.EVPN + neighbor 1.1.1.5 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.5 remote-as 65156 + neighbor 1.1.1.5 description A-LEAF5.EVPN + neighbor 1.1.1.6 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.6 remote-as 65156 + neighbor 1.1.1.6 description A-LEAF6.EVPN + neighbor 1.1.1.7 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.7 remote-as 65178 + neighbor 1.1.1.7 description A-LEAF7.EVPN + neighbor 1.1.1.8 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.8 remote-as 65178 + neighbor 1.1.1.8 description A-LEAF8.EVPN + neighbor 192.168.0.17 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.17 remote-as 65112 + neighbor 192.168.0.17 description A-LEAF1.IPV4 + neighbor 192.168.0.19 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.19 remote-as 65112 + neighbor 192.168.0.19 description A-LEAF2.IPV4 + neighbor 192.168.0.21 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.21 remote-as 65134 + neighbor 192.168.0.21 description A-LEAF3.IPV4 + neighbor 192.168.0.23 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.23 remote-as 65134 + neighbor 192.168.0.23 description A-LEAF4.IPV4 + neighbor 192.168.0.25 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.25 remote-as 65156 + neighbor 192.168.0.25 description A-LEAF5.IPV4 + neighbor 192.168.0.27 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.27 remote-as 65156 + neighbor 192.168.0.27 description A-LEAF6.IPV4 + neighbor 192.168.0.29 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.29 remote-as 65178 + neighbor 192.168.0.29 description A-LEAF7.IPV4 + neighbor 192.168.0.31 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.31 remote-as 65178 + neighbor 192.168.0.31 description A-LEAF8.IPV4 + redistribute connected route-map RM-CONN-2-BGP + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate +! +router multicast + ipv4 + routing + software-forwarding sfe +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/labs/techlib-vxlan-domain-a/clab/init-configs/A-SPINE3.cfg b/labs/techlib-vxlan-domain-a/clab/init-configs/A-SPINE3.cfg new file mode 100644 index 0000000..50e02ef --- /dev/null +++ b/labs/techlib-vxlan-domain-a/clab/init-configs/A-SPINE3.cfg @@ -0,0 +1,191 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-SPINE3 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description A-LEAF1 + no switchport + ip address 192.168.0.32/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + description A-LEAF2 + no switchport + ip address 192.168.0.34/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + description A-LEAF3 + no switchport + ip address 192.168.0.36/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + description A-LEAF4 + no switchport + ip address 192.168.0.38/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + description A-LEAF5 + no switchport + ip address 192.168.0.40/31 + pim ipv4 sparse-mode +! +interface Ethernet6 + description A-LEAF6 + no switchport + ip address 192.168.0.42/31 + pim ipv4 sparse-mode +! +interface Ethernet7 + description A-LEAF7 + no switchport + ip address 192.168.0.44/31 + pim ipv4 sparse-mode +! +interface Ethernet8 + description A-LEAF8 + no switchport + ip address 192.168.0.46/31 + pim ipv4 sparse-mode +! +interface Loopback0 + ip address 1.1.1.203/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.103/24 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +router bgp 65100 + router-id 1.1.1.203 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS next-hop-unchanged + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor 1.1.1.1 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.1 remote-as 65112 + neighbor 1.1.1.1 description A-LEAF1.EVPN + neighbor 1.1.1.2 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.2 remote-as 65112 + neighbor 1.1.1.2 description A-LEAF2.EVPN + neighbor 1.1.1.3 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.3 remote-as 65134 + neighbor 1.1.1.3 description A-LEAF3.EVPN + neighbor 1.1.1.4 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.4 remote-as 65134 + neighbor 1.1.1.4 description A-LEAF4.EVPN + neighbor 1.1.1.5 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.5 remote-as 65156 + neighbor 1.1.1.5 description A-LEAF5.EVPN + neighbor 1.1.1.6 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.6 remote-as 65156 + neighbor 1.1.1.6 description A-LEAF6.EVPN + neighbor 1.1.1.7 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.7 remote-as 65178 + neighbor 1.1.1.7 description A-LEAF7.EVPN + neighbor 1.1.1.8 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.8 remote-as 65178 + neighbor 1.1.1.8 description A-LEAF8.EVPN + neighbor 192.168.0.33 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.33 remote-as 65112 + neighbor 192.168.0.33 description A-LEAF1.IPV4 + neighbor 192.168.0.35 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.35 remote-as 65112 + neighbor 192.168.0.35 description A-LEAF2.IPV4 + neighbor 192.168.0.37 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.37 remote-as 65134 + neighbor 192.168.0.37 description A-LEAF3.IPV4 + neighbor 192.168.0.39 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.39 remote-as 65134 + neighbor 192.168.0.39 description A-LEAF4.IPV4 + neighbor 192.168.0.41 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.41 remote-as 65156 + neighbor 192.168.0.41 description A-LEAF5.IPV4 + neighbor 192.168.0.43 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.43 remote-as 65156 + neighbor 192.168.0.43 description A-LEAF6.IPV4 + neighbor 192.168.0.45 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.45 remote-as 65178 + neighbor 192.168.0.45 description A-LEAF7.IPV4 + neighbor 192.168.0.47 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.47 remote-as 65178 + neighbor 192.168.0.47 description A-LEAF8.IPV4 + redistribute connected route-map RM-CONN-2-BGP + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate +! +router multicast + ipv4 + routing + software-forwarding sfe +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/labs/techlib-vxlan-domain-a/clab/init-configs/A-SPINE4.cfg b/labs/techlib-vxlan-domain-a/clab/init-configs/A-SPINE4.cfg new file mode 100644 index 0000000..8791fae --- /dev/null +++ b/labs/techlib-vxlan-domain-a/clab/init-configs/A-SPINE4.cfg @@ -0,0 +1,191 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-SPINE4 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description A-LEAF1 + no switchport + ip address 192.168.0.48/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + description A-LEAF2 + no switchport + ip address 192.168.0.50/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + description A-LEAF3 + no switchport + ip address 192.168.0.52/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + description A-LEAF4 + no switchport + ip address 192.168.0.54/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + description A-LEAF5 + no switchport + ip address 192.168.0.56/31 + pim ipv4 sparse-mode +! +interface Ethernet6 + description A-LEAF6 + no switchport + ip address 192.168.0.58/31 + pim ipv4 sparse-mode +! +interface Ethernet7 + description A-LEAF7 + no switchport + ip address 192.168.0.60/31 + pim ipv4 sparse-mode +! +interface Ethernet8 + description A-LEAF8 + no switchport + ip address 192.168.0.62/31 + pim ipv4 sparse-mode +! +interface Loopback0 + ip address 1.1.1.204/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.104/24 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +router bgp 65100 + router-id 1.1.1.204 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS next-hop-unchanged + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor 1.1.1.1 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.1 remote-as 65112 + neighbor 1.1.1.1 description A-LEAF1.EVPN + neighbor 1.1.1.2 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.2 remote-as 65112 + neighbor 1.1.1.2 description A-LEAF2.EVPN + neighbor 1.1.1.3 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.3 remote-as 65134 + neighbor 1.1.1.3 description A-LEAF3.EVPN + neighbor 1.1.1.4 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.4 remote-as 65134 + neighbor 1.1.1.4 description A-LEAF4.EVPN + neighbor 1.1.1.5 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.5 remote-as 65156 + neighbor 1.1.1.5 description A-LEAF5.EVPN + neighbor 1.1.1.6 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.6 remote-as 65156 + neighbor 1.1.1.6 description A-LEAF6.EVPN + neighbor 1.1.1.7 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.7 remote-as 65178 + neighbor 1.1.1.7 description A-LEAF7.EVPN + neighbor 1.1.1.8 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.8 remote-as 65178 + neighbor 1.1.1.8 description A-LEAF8.EVPN + neighbor 192.168.0.49 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.49 remote-as 65112 + neighbor 192.168.0.49 description A-LEAF1.IPV4 + neighbor 192.168.0.51 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.51 remote-as 65112 + neighbor 192.168.0.51 description A-LEAF2.IPV4 + neighbor 192.168.0.53 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.53 remote-as 65134 + neighbor 192.168.0.53 description A-LEAF3.IPV4 + neighbor 192.168.0.55 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.55 remote-as 65134 + neighbor 192.168.0.55 description A-LEAF4.IPV4 + neighbor 192.168.0.57 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.57 remote-as 65156 + neighbor 192.168.0.57 description A-LEAF5.IPV4 + neighbor 192.168.0.59 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.59 remote-as 65156 + neighbor 192.168.0.59 description A-LEAF6.IPV4 + neighbor 192.168.0.61 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.61 remote-as 65178 + neighbor 192.168.0.61 description A-LEAF7.IPV4 + neighbor 192.168.0.63 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.63 remote-as 65178 + neighbor 192.168.0.63 description A-LEAF8.IPV4 + redistribute connected route-map RM-CONN-2-BGP + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate +! +router multicast + ipv4 + routing + software-forwarding sfe +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/labs/techlib-vxlan-domain-a/clab/sn/.gitkeep b/labs/techlib-vxlan-domain-a/clab/sn/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/labs/techlib-vxlan-domain-a/clab/topology.clab.yml b/labs/techlib-vxlan-domain-a/clab/topology.clab.yml new file mode 100644 index 0000000..69a5410 --- /dev/null +++ b/labs/techlib-vxlan-domain-a/clab/topology.clab.yml @@ -0,0 +1,225 @@ +--- +# -------------------------------------------------------------- +# Arista EVPN Deployment Guide Topology +# -------------------------------------------------------------- + +name: arista-evpn-dg + +prefix: "" + +mgmt: + network: mgmt + ipv4-subnet: 172.100.100.0/24 + +topology: + + defaults: + env: + INTFTYPE: et + + kinds: + ceos: + image: arista/ceos:4.32.1F + linux: + image: ghcr.io/aristanetworks/aclabs/host-alpine:latest + + nodes: +############################################################### +############################################################### +############################################################### +############################################################### +############################################################### +# DOMAIN "A" # +############################################################### +############################################################### +############################################################### +############################################################### +############################################################### + + +######################### +# DC "A" SPINE # +######################### + + A-SPINE1: + kind: ceos + mgmt-ipv4: 172.100.100.101 + startup-config: init-configs/A-SPINE1.cfg + + A-SPINE2: + kind: ceos + mgmt-ipv4: 172.100.100.102 + startup-config: init-configs/A-SPINE2.cfg + + A-SPINE3: + kind: ceos + mgmt-ipv4: 172.100.100.103 + startup-config: init-configs/A-SPINE3.cfg + + A-SPINE4: + kind: ceos + mgmt-ipv4: 172.100.100.104 + startup-config: init-configs/A-SPINE4.cfg + +######################### +# DC "A" LEAF # +######################### + + A-LEAF1: + kind: ceos + mgmt-ipv4: 172.100.100.105 + startup-config: init-configs/A-LEAF1.cfg + + A-LEAF2: + kind: ceos + mgmt-ipv4: 172.100.100.106 + startup-config: init-configs/A-LEAF2.cfg + + A-LEAF3: + kind: ceos + mgmt-ipv4: 172.100.100.107 + startup-config: init-configs/A-LEAF3.cfg + + A-LEAF4: + kind: ceos + mgmt-ipv4: 172.100.100.108 + startup-config: init-configs/A-LEAF4.cfg + + A-LEAF5: + kind: ceos + mgmt-ipv4: 172.100.100.109 + startup-config: init-configs/A-LEAF5.cfg + + A-LEAF6: + kind: ceos + mgmt-ipv4: 172.100.100.110 + startup-config: init-configs/A-LEAF6.cfg + + A-LEAF7: + kind: ceos + mgmt-ipv4: 172.100.100.111 + startup-config: init-configs/A-LEAF7.cfg + + A-LEAF8: + kind: ceos + mgmt-ipv4: 172.100.100.112 + startup-config: init-configs/A-LEAF8.cfg + +######################### +# DC "A" HostC6 # +######################### + + HostA1: + kind: linux + mgmt-ipv4: 172.100.100.201 + # exec: + # - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.10.10.101/24 -i6 2001:db8:10:10::101/64 -g 10.10.10.1 + + HostA2: + kind: linux + mgmt-ipv4: 172.100.100.202 + # exec: + # - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.30.30.101/24 -i6 2001:db8:30:30::101/64 -g 10.30.30.1 + + HostA3: + kind: linux + mgmt-ipv4: 172.100.100.203 + # exec: + # - bash /usr/local/bin/hostnetconfig.sh -i4 10.50.50.101/24 -i6 2001:db8:50:50::101/64 -g 10.50.50.1 + + HostA4: + kind: linux + mgmt-ipv4: 172.100.100.204 + # exec: + # - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.10.10.102/24 -i6 2001:db8:10:10::102/64 -g 10.10.10.1 + + HostA5: + kind: linux + mgmt-ipv4: 172.100.100.205 + # exec: + # - bash /usr/local/bin/hostnetconfig.sh -i4 10.30.30.102/24 -i6 2001:db8:30:30::102/64 -g 10.30.30.1 + + HostA6: + kind: linux + mgmt-ipv4: 172.100.100.206 + # exec: + # - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.70.70.101/24 -i6 2001:db8:70:70::101/64 -g 10.70.70.1 + + links: +###################### +# A-SPINE1 to LEAF # +###################### + - endpoints: ["A-SPINE1:et1", "A-LEAF1:et1"] + - endpoints: ["A-SPINE1:et2", "A-LEAF2:et1"] + - endpoints: ["A-SPINE1:et3", "A-LEAF3:et1"] + - endpoints: ["A-SPINE1:et4", "A-LEAF4:et1"] + - endpoints: ["A-SPINE1:et5", "A-LEAF5:et1"] + - endpoints: ["A-SPINE1:et6", "A-LEAF6:et1"] + - endpoints: ["A-SPINE1:et7", "A-LEAF7:et1"] + - endpoints: ["A-SPINE1:et8", "A-LEAF8:et1"] +###################### +# A-SPINE2 to LEAF # +###################### + - endpoints: ["A-SPINE2:et1", "A-LEAF1:et2"] + - endpoints: ["A-SPINE2:et2", "A-LEAF2:et2"] + - endpoints: ["A-SPINE2:et3", "A-LEAF3:et2"] + - endpoints: ["A-SPINE2:et4", "A-LEAF4:et2"] + - endpoints: ["A-SPINE2:et5", "A-LEAF5:et2"] + - endpoints: ["A-SPINE2:et6", "A-LEAF6:et2"] + - endpoints: ["A-SPINE2:et7", "A-LEAF7:et2"] + - endpoints: ["A-SPINE2:et8", "A-LEAF8:et2"] +###################### +# A-SPINE3 to LEAF # +###################### + - endpoints: ["A-SPINE3:et1", "A-LEAF1:et3"] + - endpoints: ["A-SPINE3:et2", "A-LEAF2:et3"] + - endpoints: ["A-SPINE3:et3", "A-LEAF3:et3"] + - endpoints: ["A-SPINE3:et4", "A-LEAF4:et3"] + - endpoints: ["A-SPINE3:et5", "A-LEAF5:et3"] + - endpoints: ["A-SPINE3:et6", "A-LEAF6:et3"] + - endpoints: ["A-SPINE3:et7", "A-LEAF7:et3"] + - endpoints: ["A-SPINE3:et8", "A-LEAF8:et3"] +###################### +# A-SPINE4 to LEAF # +###################### + - endpoints: ["A-SPINE4:et1", "A-LEAF1:et4"] + - endpoints: ["A-SPINE4:et2", "A-LEAF2:et4"] + - endpoints: ["A-SPINE4:et3", "A-LEAF3:et4"] + - endpoints: ["A-SPINE4:et4", "A-LEAF4:et4"] + - endpoints: ["A-SPINE4:et5", "A-LEAF5:et4"] + - endpoints: ["A-SPINE4:et6", "A-LEAF6:et4"] + - endpoints: ["A-SPINE4:et7", "A-LEAF7:et4"] + - endpoints: ["A-SPINE4:et8", "A-LEAF8:et4"] +######################## +# A-LEAF1 to A-LEAF2 # +######################## + - endpoints: ["A-LEAF1:et5", "A-LEAF2:et5"] + - endpoints: ["A-LEAF1:et6", "A-LEAF2:et6"] +######################## +# A-LEAF3 to A-LEAF4 # +######################## + - endpoints: ["A-LEAF3:et5", "A-LEAF4:et5"] + - endpoints: ["A-LEAF3:et6", "A-LEAF4:et6"] +######################## +# A-LEAF5 to A-LEAF6 # +######################## + - endpoints: ["A-LEAF5:et5", "A-LEAF6:et5"] + - endpoints: ["A-LEAF5:et6", "A-LEAF6:et6"] +######################## +# A-LEAF7 to A-LEAF8 # +######################## + - endpoints: ["A-LEAF7:et5", "A-LEAF8:et5"] + - endpoints: ["A-LEAF7:et6", "A-LEAF8:et6"] +######################## +# DC "A" HostC6 # +######################## + - endpoints: ["HostA1:eth1", "A-LEAF1:et7"] + - endpoints: ["HostA1:eth2", "A-LEAF2:et7"] + - endpoints: ["HostA2:eth1", "A-LEAF1:et8"] + - endpoints: ["HostA2:eth2", "A-LEAF2:et8"] + - endpoints: ["HostA3:eth1", "A-LEAF3:et7"] + - endpoints: ["HostA4:eth1", "A-LEAF3:et8"] + - endpoints: ["HostA4:eth2", "A-LEAF4:et8"] + - endpoints: ["HostA5:eth1", "A-LEAF4:et7"] + - endpoints: ["HostA6:eth1", "A-LEAF5:et7"] + - endpoints: ["HostA6:eth2", "A-LEAF6:et7"]