├── roles └── atd_provisioner │ ├── handlers │ └── main.yml │ ├── defaults │ └── main.yml │ ├── tasks │ └── main.yml │ └── README.md ├── docs ├── .DS_Store └── imgs │ ├── atd-topo.png │ ├── atd-topo-avd.png │ ├── atd-interface.png │ ├── cv_ansible_logo.png │ └── atd-topo-provisioning.png ├── ansible.cfg ├── atd-inventory ├── group_vars │ ├── all │ │ └── eos_snapshot.yml │ ├── ATD_LAB.yml │ ├── cv_servers │ │ └── initial_topology.yml │ ├── ATD_SERVERS.yml │ ├── ATD_TENANTS_NETWORKS.yml │ └── ATD_FABRIC.yml ├── documentation │ ├── ATD_FABRIC │ │ ├── ATD_FABRIC-p2p-links.csv │ │ ├── ATD_FABRIC-topology.csv │ │ └── ATD_FABRIC-documentation.md │ └── devices │ │ ├── s1-spine1.md │ │ ├── s1-spine2.md │ │ ├── s1-leaf1.md │ │ └── s1-leaf2.md ├── inventory.yml └── intended │ ├── configs │ ├── s1-spine1.cfg │ ├── s1-spine2.cfg │ ├── s1-leaf1.cfg │ ├── s1-leaf2.cfg │ ├── s1-leaf3.cfg │ └── s1-leaf4.cfg │ └── structured_configs │ ├── s1-spine1.yml │ ├── s1-spine2.yml │ ├── s1-leaf1.yml │ ├── s1-leaf2.yml │ ├── s1-leaf3.yml │ └── s1-leaf4.yml ├── playbooks ├── atd-prepare-lab.yml ├── atd-snapshot.yml ├── atd-validate-states.yml ├── atd-fabric-provision.yml └── atd-fabric-build.yml ├── Makefile ├── .gitignore ├── README.md └── DEMO.md /roles/atd_provisioner/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for atd-provisioner 3 | -------------------------------------------------------------------------------- /docs/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/arista-netdevops-community/atd-avd/HEAD/docs/.DS_Store -------------------------------------------------------------------------------- /roles/atd_provisioner/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for atd-provisioner 3 | execute_tasks: false 4 | -------------------------------------------------------------------------------- /docs/imgs/atd-topo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/arista-netdevops-community/atd-avd/HEAD/docs/imgs/atd-topo.png -------------------------------------------------------------------------------- /docs/imgs/atd-topo-avd.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/arista-netdevops-community/atd-avd/HEAD/docs/imgs/atd-topo-avd.png -------------------------------------------------------------------------------- /docs/imgs/atd-interface.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/arista-netdevops-community/atd-avd/HEAD/docs/imgs/atd-interface.png -------------------------------------------------------------------------------- /docs/imgs/cv_ansible_logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/arista-netdevops-community/atd-avd/HEAD/docs/imgs/cv_ansible_logo.png -------------------------------------------------------------------------------- /docs/imgs/atd-topo-provisioning.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/arista-netdevops-community/atd-avd/HEAD/docs/imgs/atd-topo-provisioning.png -------------------------------------------------------------------------------- /ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | inventory =./atd-inventory/inventory.yml 3 | roles_path = roles 4 | jinja2_extensions = jinja2.ext.loopcontrols,jinja2.ext.do,jinja2.ext.i18n 5 | 6 | [persistent_connection] 7 | connect_timeout = 120 8 | command_timeout = 120 9 | -------------------------------------------------------------------------------- /atd-inventory/group_vars/all/eos_snapshot.yml: -------------------------------------------------------------------------------- 1 | --- 2 | output_format: 3 | - text 4 | - markdown 5 | - json 6 | - yaml 7 | commands_list: 8 | - show lldp neighbors 9 | - show ip interface brief 10 | - show interfaces description 11 | - show version 12 | - show running-config -------------------------------------------------------------------------------- /playbooks/atd-prepare-lab.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Provision ATD environment to prepare AVD Lab 3 | hosts: cv_servers 4 | connection: local 5 | gather_facts: false 6 | vars: 7 | execute_tasks: true 8 | tasks: 9 | - name: Run AVD Provisioner 10 | import_role: 11 | name: 'atd_provisioner' 12 | -------------------------------------------------------------------------------- /playbooks/atd-snapshot.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: "Collect EOS commands from devices" 3 | hosts: ATD_FABRIC 4 | connection: local 5 | gather_facts: false 6 | collections: 7 | - arista.avd 8 | tasks: 9 | - name: Collect show commands and generate reports 10 | import_role: 11 | name: eos_snapshot 12 | -------------------------------------------------------------------------------- /playbooks/atd-validate-states.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: "Run Fabric states validation" 3 | hosts: ATD_FABRIC 4 | connection: local 5 | gather_facts: false 6 | collections: 7 | - arista.avd 8 | tasks: 9 | 10 | - name: Deploy configuration to device 11 | import_role: 12 | name: eos_validate_state 13 | vars: 14 | use_anta: true 15 | save_catalog: true -------------------------------------------------------------------------------- /playbooks/atd-fabric-provision.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Configuration deployment with CVP 3 | hosts: cv_servers 4 | connection: local 5 | gather_facts: false 6 | collections: 7 | - arista.avd 8 | tasks: 9 | - name: Provision CVP with AVD configuration 10 | import_role: 11 | name: eos_config_deploy_cvp 12 | vars: 13 | container_root: 'ATD_FABRIC' 14 | configlets_prefix: 'AVD' 15 | state: present 16 | -------------------------------------------------------------------------------- /playbooks/atd-fabric-build.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Manage Arista EOS EVPN/VXLAN Configuration 3 | hosts: ATD_FABRIC 4 | connection: local 5 | gather_facts: false 6 | collections: 7 | - arista.avd 8 | vars: 9 | fabric_dir_name: "{{fabric_name}}" 10 | execute_tasks: false 11 | tasks: 12 | 13 | - name: Generate intended variables 14 | import_role: 15 | name: eos_designs 16 | 17 | - name: Generate device intended config and documentation 18 | import_role: 19 | name: eos_cli_config_gen 20 | -------------------------------------------------------------------------------- /atd-inventory/group_vars/ATD_LAB.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Documentation 3 | eos_designs_documentation: 4 | # Generate fabric-wide documentation. 5 | enable: true 6 | # Include connected endpoints in the fabric-wide documentation. 7 | connected_endpoints: true 8 | # Generate Topology CSV with all interfaces towards other devices. 9 | topology_csv: true 10 | # Generate P2P links CSV with all routed point-to-point links between devices. 11 | p2p_links_csv: true 12 | 13 | # OOB Management network default gateway 14 | mgmt_gateway: 192.168.0.1 15 | # If ATD is running cEOS, management interface is Management0 16 | # If ATD is running vEOS, management interface is Management1 17 | mgmt_interface: Management0 18 | mgmt_interface_vrf: default 19 | 20 | name_servers: 21 | - 192.168.2.1 22 | - 8.8.8.8 23 | 24 | dns_domain: atd.lab 25 | -------------------------------------------------------------------------------- /atd-inventory/documentation/ATD_FABRIC/ATD_FABRIC-p2p-links.csv: -------------------------------------------------------------------------------- 1 | Type,Node,Node Interface,Leaf IP Address,Peer Type,Peer Node,Peer Interface,Peer IP Address 2 | l3leaf,s1-leaf1,Ethernet2,172.30.255.1/31,spine,s1-spine1,Ethernet2,172.30.255.0/31 3 | l3leaf,s1-leaf1,Ethernet3,172.30.255.3/31,spine,s1-spine2,Ethernet2,172.30.255.2/31 4 | l3leaf,s1-leaf2,Ethernet2,172.30.255.5/31,spine,s1-spine1,Ethernet3,172.30.255.4/31 5 | l3leaf,s1-leaf2,Ethernet3,172.30.255.7/31,spine,s1-spine2,Ethernet3,172.30.255.6/31 6 | l3leaf,s1-leaf3,Ethernet2,172.30.255.9/31,spine,s1-spine1,Ethernet4,172.30.255.8/31 7 | l3leaf,s1-leaf3,Ethernet3,172.30.255.11/31,spine,s1-spine2,Ethernet4,172.30.255.10/31 8 | l3leaf,s1-leaf4,Ethernet2,172.30.255.13/31,spine,s1-spine1,Ethernet5,172.30.255.12/31 9 | l3leaf,s1-leaf4,Ethernet3,172.30.255.15/31,spine,s1-spine2,Ethernet5,172.30.255.14/31 10 | -------------------------------------------------------------------------------- /atd-inventory/group_vars/cv_servers/initial_topology.yml: -------------------------------------------------------------------------------- 1 | --- 2 | CVP_DEVICES_INIT: 3 | - fqdn: s1-spine1 4 | parentContainerName: STAGING 5 | configlets: 6 | - BASE_s1-spine1 7 | - fqdn: s1-spine2 8 | parentContainerName: STAGING 9 | configlets: 10 | - BASE_s1-spine2 11 | - fqdn: s1-leaf1 12 | parentContainerName: STAGING 13 | configlets: 14 | - BASE_s1-leaf1 15 | - fqdn: s1-leaf2 16 | parentContainerName: STAGING 17 | configlets: 18 | - BASE_s1-leaf2 19 | - fqdn: s1-leaf3 20 | parentContainerName: STAGING 21 | configlets: 22 | - BASE_s1-leaf3 23 | - fqdn: s1-leaf4 24 | parentContainerName: STAGING 25 | configlets: 26 | - BASE_s1-leaf4 27 | 28 | CVP_CONTAINERS_INIT: 29 | STAGING: 30 | parentContainerName: Tenant 31 | 32 | CVP_CONTAINERS_DELETE: 33 | S1-Leaf: 34 | parentContainerName: Tenant 35 | S1-Spine: 36 | parentContainerName: Tenant 37 | -------------------------------------------------------------------------------- /roles/atd_provisioner/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # tasks file for atd-provisioner 3 | # tasks file for eos-config-deploy-cvp - state=present 4 | - name: "Building Containers topology on {{ inventory_hostname }}" 5 | tags: [provision, apply] 6 | arista.cvp.cv_container_v3: 7 | topology: '{{ CVP_CONTAINERS_INIT }}' 8 | 9 | - name: "Configure devices on {{ inventory_hostname }}" 10 | tags: [provision, apply] 11 | arista.cvp.cv_device_v3: 12 | devices: "{{ CVP_DEVICES_INIT }}" 13 | state: present 14 | register: cvp_device_results 15 | 16 | - name: "Execute pending tasks on {{ inventory_hostname }}" 17 | tags: [apply] 18 | arista.cvp.cv_task_v3: 19 | tasks: "{{ cvp_device_results.taskIds }}" 20 | when: 21 | - execute_tasks|bool 22 | - cvp_device_results.taskIds | length > 0 23 | 24 | - name: "Refresh Containers topology on {{ inventory_hostname }}" 25 | tags: [provision, apply] 26 | arista.cvp.cv_container_v3: 27 | topology: '{{ CVP_CONTAINERS_DELETE }}' 28 | state: absent 29 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | ### Generic Variables 2 | SHELL := /bin/zsh 3 | 4 | .PHONY: help 5 | help: ## Display help message (*: main entry points / []: part of an entry point) 6 | @grep -E '^[0-9a-zA-Z_-]+\.*[0-9a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' 7 | 8 | 9 | ################################################################################ 10 | # ATD-fabric 11 | ################################################################################ 12 | 13 | .PHONY: prepare 14 | prepare: ## Build container topology in CVP to simulate a ZTP environment 15 | ansible-playbook playbooks/atd-prepare-lab.yml 16 | 17 | .PHONY: build 18 | build: ## Build fabric artifacts 19 | ansible-playbook playbooks/atd-fabric-build.yml 20 | 21 | .PHONY: cvp 22 | cvp: ## Push configurations to CVP and create tasks (user must execute) 23 | ansible-playbook playbooks/atd-fabric-provision.yml 24 | 25 | .PHONY: validate 26 | validate: ## Validate the fabric from the EOS nodes using eAPI 27 | ansible-playbook playbooks/atd-validate-states.yml 28 | -------------------------------------------------------------------------------- /atd-inventory/group_vars/ATD_SERVERS.yml: -------------------------------------------------------------------------------- 1 | --- 2 | port_profiles: 3 | - profile: TENANT_A 4 | mode: access 5 | vlans: "110" 6 | 7 | 8 | servers: 9 | - name: s1-host1 10 | rack: pod1 11 | adapters: 12 | - endpoint_ports: [Eth1, Eth2] 13 | switch_ports: [Ethernet4, Ethernet4] 14 | switches: [s1-leaf1, s1-leaf2] 15 | profile: TENANT_A 16 | port_channel: 17 | description: PortChannel 18 | mode: active 19 | 20 | - name: s1-host2 21 | rack: pod2 22 | adapters: 23 | - endpoint_ports: [Eth1, Eth2] 24 | switch_ports: [Ethernet4, Ethernet4] 25 | switches: [s1-leaf3, s1-leaf4] 26 | profile: TENANT_A 27 | port_channel: 28 | description: PortChannel 29 | mode: active 30 | 31 | # Sample network port config as access ports 32 | # For multiport port-channel setup, please use the connected endpoint example above 33 | 34 | # network_ports: 35 | # - switches: 36 | # - s1-leaf[34] # Simple regex to match on leaf3 and leaf4 37 | # switch_ports: # Ex Ethernet1-48 or Ethernet2-3/1-48 38 | # - Ethernet4 39 | # description: Connection to host2 40 | # profile: TENANT_A 41 | -------------------------------------------------------------------------------- /roles/atd_provisioner/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /atd-inventory/inventory.yml: -------------------------------------------------------------------------------- 1 | --- 2 | all: 3 | children: 4 | cv_servers: 5 | hosts: 6 | cv_atd1: 7 | ansible_host: 192.168.0.5 8 | cv_collection: v3 9 | ATD_LAB: 10 | children: 11 | ATD_FABRIC: 12 | children: 13 | ATD_SPINES: 14 | vars: 15 | type: spine 16 | hosts: 17 | s1-spine1: 18 | ansible_host: 192.168.0.10 19 | s1-spine2: 20 | ansible_host: 192.168.0.11 21 | ATD_LEAFS: 22 | vars: 23 | type: l3leaf 24 | children: 25 | pod1: 26 | hosts: 27 | s1-leaf1: 28 | ansible_host: 192.168.0.12 29 | s1-leaf2: 30 | ansible_host: 192.168.0.13 31 | pod2: 32 | hosts: 33 | s1-leaf3: 34 | ansible_host: 192.168.0.14 35 | s1-leaf4: 36 | ansible_host: 192.168.0.15 37 | ATD_TENANTS_NETWORKS: 38 | children: 39 | ATD_LEAFS: 40 | ATD_SERVERS: 41 | children: 42 | ATD_LEAFS: 43 | 44 | vars: 45 | ansible_user: arista 46 | ansible_password: "{{ lookup('env', 'LABPASSPHRASE') }}" 47 | ansible_network_os: arista.eos.eos 48 | # Configure privilege escalation 49 | ansible_become: true 50 | ansible_become_method: enable 51 | # HTTPAPI configuration 52 | ansible_connection: httpapi 53 | ansible_httpapi_port: 443 54 | ansible_httpapi_use_ssl: true 55 | ansible_httpapi_validate_certs: false 56 | ansible_python_interpreter: $(which python3) 57 | -------------------------------------------------------------------------------- /atd-inventory/documentation/ATD_FABRIC/ATD_FABRIC-topology.csv: -------------------------------------------------------------------------------- 1 | Node Type,Node,Node Interface,Peer Type,Peer Node,Peer Interface,Node Interface Enabled 2 | l3leaf,s1-leaf1,Ethernet1,mlag_peer,s1-leaf2,Ethernet1,True 3 | l3leaf,s1-leaf1,Ethernet2,spine,s1-spine1,Ethernet2,True 4 | l3leaf,s1-leaf1,Ethernet3,spine,s1-spine2,Ethernet2,True 5 | l3leaf,s1-leaf1,Ethernet4,server,s1-host1,Eth1,True 6 | l3leaf,s1-leaf1,Ethernet6,mlag_peer,s1-leaf2,Ethernet6,True 7 | l3leaf,s1-leaf2,Ethernet1,mlag_peer,s1-leaf1,Ethernet1,True 8 | l3leaf,s1-leaf2,Ethernet2,spine,s1-spine1,Ethernet3,True 9 | l3leaf,s1-leaf2,Ethernet3,spine,s1-spine2,Ethernet3,True 10 | l3leaf,s1-leaf2,Ethernet4,server,s1-host1,Eth2,True 11 | l3leaf,s1-leaf2,Ethernet6,mlag_peer,s1-leaf1,Ethernet6,True 12 | l3leaf,s1-leaf3,Ethernet1,mlag_peer,s1-leaf4,Ethernet1,True 13 | l3leaf,s1-leaf3,Ethernet2,spine,s1-spine1,Ethernet4,True 14 | l3leaf,s1-leaf3,Ethernet3,spine,s1-spine2,Ethernet4,True 15 | l3leaf,s1-leaf3,Ethernet4,server,s1-host2,Eth1,True 16 | l3leaf,s1-leaf3,Ethernet6,mlag_peer,s1-leaf4,Ethernet6,True 17 | l3leaf,s1-leaf4,Ethernet1,mlag_peer,s1-leaf3,Ethernet1,True 18 | l3leaf,s1-leaf4,Ethernet2,spine,s1-spine1,Ethernet5,True 19 | l3leaf,s1-leaf4,Ethernet3,spine,s1-spine2,Ethernet5,True 20 | l3leaf,s1-leaf4,Ethernet4,server,s1-host2,Eth2,True 21 | l3leaf,s1-leaf4,Ethernet6,mlag_peer,s1-leaf3,Ethernet6,True 22 | spine,s1-spine1,Ethernet2,l3leaf,s1-leaf1,Ethernet2,True 23 | spine,s1-spine1,Ethernet3,l3leaf,s1-leaf2,Ethernet2,True 24 | spine,s1-spine1,Ethernet4,l3leaf,s1-leaf3,Ethernet2,True 25 | spine,s1-spine1,Ethernet5,l3leaf,s1-leaf4,Ethernet2,True 26 | spine,s1-spine2,Ethernet2,l3leaf,s1-leaf1,Ethernet3,True 27 | spine,s1-spine2,Ethernet3,l3leaf,s1-leaf2,Ethernet3,True 28 | spine,s1-spine2,Ethernet4,l3leaf,s1-leaf3,Ethernet3,True 29 | spine,s1-spine2,Ethernet5,l3leaf,s1-leaf4,Ethernet3,True 30 | -------------------------------------------------------------------------------- /atd-inventory/group_vars/ATD_TENANTS_NETWORKS.yml: -------------------------------------------------------------------------------- 1 | svi_profiles: 2 | - profile: GENERIC 3 | mtu: 1560 4 | enabled: true 5 | - profile: GENERIC_FULL 6 | name: GENERIC Name 7 | mtu: 1560 8 | enabled: false 9 | ip_address_virtual: 10.1.10.254/24 10 | - profile: WITH_NO_MTU 11 | enabled: true 12 | - profile: WITH_SNOOPING 13 | enabled: true 14 | igmp_snooping_enabled: false 15 | 16 | tenants: 17 | # Tenant A Specific Information - VRFs / VLANs 18 | - name: Tenant_A 19 | mac_vrf_vni_base: 10000 20 | # Optional example enabling multicast for tenant 21 | # Requires enabling of multicast in ATD_FABRIC.yml 22 | # evpn_l2_multicast: 23 | # enabled: true 24 | # underlay_l2_multicast_group_ipv4_pool: 232.0.0.0/20 25 | # underlay_l2_multicast_group_ipv4_pool_offset: 2 26 | vrfs: 27 | - name: Tenant_A_OP_Zone 28 | vrf_vni: 10 29 | vtep_diagnostic: 30 | loopback: 100 31 | loopback_ip_range: 10.255.1.0/24 32 | svis: 33 | - id: 110 34 | name: Tenant_A_OP_Zone_1 35 | tags: [opzone] 36 | enabled: true 37 | ip_address_virtual: 10.1.10.1/24 38 | l2vlans: 39 | - id: 160 40 | vni_override: 55160 41 | name: Tenant_A_VMOTION 42 | tags: [vmotion] 43 | # - name: Tenant_B 44 | # mac_vrf_vni_base: 20000 45 | # vrfs: 46 | # - name: Tenant_B_OP_Zone 47 | # vrf_vni: 20 48 | # svis: 49 | # - id: 210 50 | # name: Tenant_B_OP_Zone_1 51 | # tags: ['opzone'] 52 | # profile: WITH_NO_MTU 53 | # ip_address_virtual: 10.2.10.1/24 54 | # - id: 211 55 | # name: Tenant_B_OP_Zone_2 56 | # tags: ['opzone'] 57 | # profile: GENERIC_FULL 58 | # ip_address_virtual: 10.2.11.1/24 59 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[cod] 4 | *$py.class 5 | 6 | # C extensions 7 | *.so 8 | 9 | # Distribution / packaging 10 | .Python 11 | build/ 12 | develop-eggs/ 13 | dist/ 14 | downloads/ 15 | eggs/ 16 | .eggs/ 17 | lib/ 18 | lib64/ 19 | parts/ 20 | sdist/ 21 | var/ 22 | wheels/ 23 | pip-wheel-metadata/ 24 | share/python-wheels/ 25 | *.egg-info/ 26 | .installed.cfg 27 | *.egg 28 | MANIFEST 29 | 30 | # PyInstaller 31 | # Usually these files are written by a python script from a template 32 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 33 | *.manifest 34 | *.spec 35 | 36 | # Installer logs 37 | pip-log.txt 38 | pip-delete-this-directory.txt 39 | 40 | # Unit test / coverage reports 41 | htmlcov/ 42 | .tox/ 43 | .nox/ 44 | .coverage 45 | .coverage.* 46 | .cache 47 | nosetests.xml 48 | coverage.xml 49 | *.cover 50 | *.py,cover 51 | .hypothesis/ 52 | .pytest_cache/ 53 | 54 | # Translations 55 | *.mo 56 | *.pot 57 | 58 | # Django stuff: 59 | *.log 60 | local_settings.py 61 | db.sqlite3 62 | db.sqlite3-journal 63 | 64 | # Flask stuff: 65 | instance/ 66 | .webassets-cache 67 | 68 | # Scrapy stuff: 69 | .scrapy 70 | 71 | # Sphinx documentation 72 | docs/_build/ 73 | 74 | # PyBuilder 75 | target/ 76 | 77 | # Jupyter Notebook 78 | .ipynb_checkpoints 79 | 80 | # IPython 81 | profile_default/ 82 | ipython_config.py 83 | 84 | # pyenv 85 | .python-version 86 | 87 | # pipenv 88 | # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. 89 | # However, in case of collaboration, if having platform-specific dependencies or dependencies 90 | # having no cross-platform support, pipenv may install dependencies that don't work, or not 91 | # install all needed dependencies. 92 | #Pipfile.lock 93 | 94 | # PEP 582; used by e.g. github.com/David-OConnor/pyflow 95 | __pypackages__/ 96 | 97 | # Celery stuff 98 | celerybeat-schedule 99 | celerybeat.pid 100 | 101 | # SageMath parsed files 102 | *.sage.py 103 | 104 | # Environments 105 | .env 106 | .venv 107 | env/ 108 | venv/ 109 | ENV/ 110 | env.bak/ 111 | venv.bak/ 112 | 113 | # Spyder project settings 114 | .spyderproject 115 | .spyproject 116 | 117 | # Rope project settings 118 | .ropeproject 119 | 120 | # mkdocs documentation 121 | /site 122 | 123 | # mypy 124 | .mypy_cache/ 125 | .dmypy.json 126 | dmypy.json 127 | 128 | # Pyre type checker 129 | .pyre/ -------------------------------------------------------------------------------- /atd-inventory/group_vars/ATD_FABRIC.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # L3LS Fabric Values - update these values with caution, 3 | # SOME CHANGES COULD BE DISRUPTIVE. 4 | 5 | fabric_name: ATD_FABRIC 6 | 7 | # Enable vlan aware bundles 8 | evpn_vlan_aware_bundles: true 9 | 10 | # Select rfc5549 or ospf, not both 11 | 12 | # underlay_rfc5549: true 13 | # overlay_mlag_rfc5549: true 14 | # underlay_ipv6: true 15 | 16 | # underlay_routing_protocol: OSPF 17 | 18 | # Optional, enable multicast features 19 | # underlay_multicast: true 20 | # evpn_multicast: true 21 | 22 | # bgp peer groups passwords 23 | bgp_peer_groups: 24 | ipv4_underlay_peers: 25 | password: "AQQvKeimxJu+uGQ/yYvv9w==" 26 | evpn_overlay_peers: 27 | password: "q+VNViP5i4rVjW1cxFv2wA==" 28 | mlag_ipv4_underlay_peer: 29 | password: "vnEaG8gMeQf3d3cN6PktXQ==" 30 | 31 | bgp_graceful_restart: 32 | enabled: true 33 | restart_time: 300 34 | 35 | bgp_distance: 36 | external_routes: 20 37 | internal_routes: 200 38 | local_routes: 200 39 | 40 | # Spine Switches 41 | spine: 42 | defaults: 43 | platform: cEOS 44 | bgp_as: 65001 45 | loopback_ipv4_pool: 192.0.255.0/24 46 | loopback_ipv6_pool: 2001:db8:c01d:c01a::/64 47 | nodes: 48 | - name: s1-spine1 49 | id: 1 50 | mgmt_ip: 192.168.0.10/24 51 | - name: s1-spine2 52 | id: 2 53 | mgmt_ip: 192.168.0.11/24 54 | 55 | # Leaf switch groups 56 | # A maximum of two nodes can form a leaf group 57 | # When two nodes are in a leaf group this will automatically form mlag pair 58 | 59 | l3leaf: 60 | defaults: 61 | platform: cEOS 62 | loopback_ipv4_pool: 192.0.255.0/24 63 | loopback_ipv6_pool: 2001:db8:c01d:c01a::/64 64 | loopback_ipv4_offset: 2 65 | vtep_loopback_ipv4_pool: 192.0.254.0/24 66 | uplink_interfaces: [Ethernet2, Ethernet3] 67 | uplink_switches: [s1-spine1, s1-spine2] 68 | uplink_ipv4_pool: 172.30.255.0/24 69 | mlag_interfaces: [Ethernet1, Ethernet6] 70 | mlag_peer_ipv4_pool: 10.255.252.0/24 71 | mlag_peer_l3_ipv4_pool: 10.255.251.0/24 72 | virtual_router_mac_address: 00:1c:73:00:dc:01 73 | spanning_tree_mode: mstp 74 | spanning_tree_priority: 16384 75 | filter: 76 | # only_vlans_in_use: true 77 | node_groups: 78 | - group: pod1 79 | bgp_as: 65101 80 | nodes: 81 | - name: s1-leaf1 82 | id: 1 83 | mgmt_ip: 192.168.0.12/24 84 | uplink_switch_interfaces: [Ethernet2, Ethernet2] 85 | - name: s1-leaf2 86 | id: 2 87 | mgmt_ip: 192.168.0.13/24 88 | uplink_switch_interfaces: [Ethernet3, Ethernet3] 89 | - group: pod2 90 | bgp_as: 65102 91 | nodes: 92 | - name: s1-leaf3 93 | id: 3 94 | mgmt_ip: 192.168.0.14/24 95 | uplink_switch_interfaces: [Ethernet4, Ethernet4] 96 | - name: s1-leaf4 97 | id: 4 98 | mgmt_ip: 192.168.0.15/24 99 | uplink_switch_interfaces: [Ethernet5, Ethernet5] 100 | 101 | #### Override for vEOS Lab Caveats #### 102 | 103 | # Disable update wait-for-convergence and update wait-for-install, 104 | # which is not supported in vEOS-LAB. 105 | # Refer to design guide 106 | 107 | # Update p2p mtu 9000 -> 1500 108 | p2p_uplinks_mtu: 1500 109 | 110 | # Adjust default bfd values 111 | bfd_multihop: 112 | interval: 1200 113 | min_rx: 1200 114 | multiplier: 3 115 | 116 | # List of additional CVP configlets to bind to devices and containers 117 | # Configlets MUST be configured on CVP before running AVD playbooks. 118 | 119 | # cv_configlets: 120 | # containers: 121 | # DC1_L3LEAFS: 122 | # - ASE_GLOBAL-ALIASES 123 | -------------------------------------------------------------------------------- /atd-inventory/intended/configs/s1-spine1.cfg: -------------------------------------------------------------------------------- 1 | ! 2 | no enable password 3 | no aaa root 4 | ! 5 | vlan internal order ascending range 1006 1199 6 | ! 7 | transceiver qsfp default-mode 4x10G 8 | ! 9 | service routing protocols model multi-agent 10 | ! 11 | hostname s1-spine1 12 | ip name-server vrf default 8.8.8.8 13 | ip name-server vrf default 192.168.2.1 14 | dns domain atd.lab 15 | ! 16 | spanning-tree mode none 17 | ! 18 | management api http-commands 19 | protocol https 20 | no shutdown 21 | ! 22 | vrf default 23 | no shutdown 24 | ! 25 | interface Ethernet2 26 | description P2P_s1-leaf1_Ethernet2 27 | no shutdown 28 | mtu 1500 29 | no switchport 30 | ip address 172.30.255.0/31 31 | ! 32 | interface Ethernet3 33 | description P2P_s1-leaf2_Ethernet2 34 | no shutdown 35 | mtu 1500 36 | no switchport 37 | ip address 172.30.255.4/31 38 | ! 39 | interface Ethernet4 40 | description P2P_s1-leaf3_Ethernet2 41 | no shutdown 42 | mtu 1500 43 | no switchport 44 | ip address 172.30.255.8/31 45 | ! 46 | interface Ethernet5 47 | description P2P_s1-leaf4_Ethernet2 48 | no shutdown 49 | mtu 1500 50 | no switchport 51 | ip address 172.30.255.12/31 52 | ! 53 | interface Loopback0 54 | description ROUTER_ID 55 | no shutdown 56 | ip address 192.0.255.1/32 57 | ! 58 | interface Management0 59 | description OOB_MANAGEMENT 60 | no shutdown 61 | ip address 192.168.0.10/24 62 | ! 63 | ip routing 64 | ! 65 | ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY 66 | seq 10 permit 192.0.255.0/24 eq 32 67 | ! 68 | ip route 0.0.0.0/0 192.168.0.1 69 | ! 70 | route-map RM-CONN-2-BGP permit 10 71 | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 72 | ! 73 | router bfd 74 | multihop interval 1200 min-rx 1200 multiplier 3 75 | ! 76 | router bgp 65001 77 | router-id 192.0.255.1 78 | no bgp default ipv4-unicast 79 | distance bgp 20 200 200 80 | graceful-restart restart-time 300 81 | graceful-restart 82 | maximum-paths 4 ecmp 4 83 | neighbor EVPN-OVERLAY-PEERS peer group 84 | neighbor EVPN-OVERLAY-PEERS next-hop-unchanged 85 | neighbor EVPN-OVERLAY-PEERS update-source Loopback0 86 | neighbor EVPN-OVERLAY-PEERS bfd 87 | neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 88 | neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== 89 | neighbor EVPN-OVERLAY-PEERS send-community 90 | neighbor EVPN-OVERLAY-PEERS maximum-routes 0 91 | neighbor IPv4-UNDERLAY-PEERS peer group 92 | neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== 93 | neighbor IPv4-UNDERLAY-PEERS send-community 94 | neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 95 | neighbor 172.30.255.1 peer group IPv4-UNDERLAY-PEERS 96 | neighbor 172.30.255.1 remote-as 65101 97 | neighbor 172.30.255.1 description s1-leaf1_Ethernet2 98 | neighbor 172.30.255.5 peer group IPv4-UNDERLAY-PEERS 99 | neighbor 172.30.255.5 remote-as 65101 100 | neighbor 172.30.255.5 description s1-leaf2_Ethernet2 101 | neighbor 172.30.255.9 peer group IPv4-UNDERLAY-PEERS 102 | neighbor 172.30.255.9 remote-as 65102 103 | neighbor 172.30.255.9 description s1-leaf3_Ethernet2 104 | neighbor 172.30.255.13 peer group IPv4-UNDERLAY-PEERS 105 | neighbor 172.30.255.13 remote-as 65102 106 | neighbor 172.30.255.13 description s1-leaf4_Ethernet2 107 | neighbor 192.0.255.3 peer group EVPN-OVERLAY-PEERS 108 | neighbor 192.0.255.3 remote-as 65101 109 | neighbor 192.0.255.3 description s1-leaf1_Loopback0 110 | neighbor 192.0.255.4 peer group EVPN-OVERLAY-PEERS 111 | neighbor 192.0.255.4 remote-as 65101 112 | neighbor 192.0.255.4 description s1-leaf2_Loopback0 113 | neighbor 192.0.255.5 peer group EVPN-OVERLAY-PEERS 114 | neighbor 192.0.255.5 remote-as 65102 115 | neighbor 192.0.255.5 description s1-leaf3_Loopback0 116 | neighbor 192.0.255.6 peer group EVPN-OVERLAY-PEERS 117 | neighbor 192.0.255.6 remote-as 65102 118 | neighbor 192.0.255.6 description s1-leaf4_Loopback0 119 | redistribute connected route-map RM-CONN-2-BGP 120 | ! 121 | address-family evpn 122 | neighbor EVPN-OVERLAY-PEERS activate 123 | ! 124 | address-family ipv4 125 | no neighbor EVPN-OVERLAY-PEERS activate 126 | neighbor IPv4-UNDERLAY-PEERS activate 127 | ! 128 | end 129 | -------------------------------------------------------------------------------- /atd-inventory/intended/configs/s1-spine2.cfg: -------------------------------------------------------------------------------- 1 | ! 2 | no enable password 3 | no aaa root 4 | ! 5 | vlan internal order ascending range 1006 1199 6 | ! 7 | transceiver qsfp default-mode 4x10G 8 | ! 9 | service routing protocols model multi-agent 10 | ! 11 | hostname s1-spine2 12 | ip name-server vrf default 8.8.8.8 13 | ip name-server vrf default 192.168.2.1 14 | dns domain atd.lab 15 | ! 16 | spanning-tree mode none 17 | ! 18 | management api http-commands 19 | protocol https 20 | no shutdown 21 | ! 22 | vrf default 23 | no shutdown 24 | ! 25 | interface Ethernet2 26 | description P2P_s1-leaf1_Ethernet3 27 | no shutdown 28 | mtu 1500 29 | no switchport 30 | ip address 172.30.255.2/31 31 | ! 32 | interface Ethernet3 33 | description P2P_s1-leaf2_Ethernet3 34 | no shutdown 35 | mtu 1500 36 | no switchport 37 | ip address 172.30.255.6/31 38 | ! 39 | interface Ethernet4 40 | description P2P_s1-leaf3_Ethernet3 41 | no shutdown 42 | mtu 1500 43 | no switchport 44 | ip address 172.30.255.10/31 45 | ! 46 | interface Ethernet5 47 | description P2P_s1-leaf4_Ethernet3 48 | no shutdown 49 | mtu 1500 50 | no switchport 51 | ip address 172.30.255.14/31 52 | ! 53 | interface Loopback0 54 | description ROUTER_ID 55 | no shutdown 56 | ip address 192.0.255.2/32 57 | ! 58 | interface Management0 59 | description OOB_MANAGEMENT 60 | no shutdown 61 | ip address 192.168.0.11/24 62 | ! 63 | ip routing 64 | ! 65 | ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY 66 | seq 10 permit 192.0.255.0/24 eq 32 67 | ! 68 | ip route 0.0.0.0/0 192.168.0.1 69 | ! 70 | route-map RM-CONN-2-BGP permit 10 71 | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 72 | ! 73 | router bfd 74 | multihop interval 1200 min-rx 1200 multiplier 3 75 | ! 76 | router bgp 65001 77 | router-id 192.0.255.2 78 | no bgp default ipv4-unicast 79 | distance bgp 20 200 200 80 | graceful-restart restart-time 300 81 | graceful-restart 82 | maximum-paths 4 ecmp 4 83 | neighbor EVPN-OVERLAY-PEERS peer group 84 | neighbor EVPN-OVERLAY-PEERS next-hop-unchanged 85 | neighbor EVPN-OVERLAY-PEERS update-source Loopback0 86 | neighbor EVPN-OVERLAY-PEERS bfd 87 | neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 88 | neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== 89 | neighbor EVPN-OVERLAY-PEERS send-community 90 | neighbor EVPN-OVERLAY-PEERS maximum-routes 0 91 | neighbor IPv4-UNDERLAY-PEERS peer group 92 | neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== 93 | neighbor IPv4-UNDERLAY-PEERS send-community 94 | neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 95 | neighbor 172.30.255.3 peer group IPv4-UNDERLAY-PEERS 96 | neighbor 172.30.255.3 remote-as 65101 97 | neighbor 172.30.255.3 description s1-leaf1_Ethernet3 98 | neighbor 172.30.255.7 peer group IPv4-UNDERLAY-PEERS 99 | neighbor 172.30.255.7 remote-as 65101 100 | neighbor 172.30.255.7 description s1-leaf2_Ethernet3 101 | neighbor 172.30.255.11 peer group IPv4-UNDERLAY-PEERS 102 | neighbor 172.30.255.11 remote-as 65102 103 | neighbor 172.30.255.11 description s1-leaf3_Ethernet3 104 | neighbor 172.30.255.15 peer group IPv4-UNDERLAY-PEERS 105 | neighbor 172.30.255.15 remote-as 65102 106 | neighbor 172.30.255.15 description s1-leaf4_Ethernet3 107 | neighbor 192.0.255.3 peer group EVPN-OVERLAY-PEERS 108 | neighbor 192.0.255.3 remote-as 65101 109 | neighbor 192.0.255.3 description s1-leaf1_Loopback0 110 | neighbor 192.0.255.4 peer group EVPN-OVERLAY-PEERS 111 | neighbor 192.0.255.4 remote-as 65101 112 | neighbor 192.0.255.4 description s1-leaf2_Loopback0 113 | neighbor 192.0.255.5 peer group EVPN-OVERLAY-PEERS 114 | neighbor 192.0.255.5 remote-as 65102 115 | neighbor 192.0.255.5 description s1-leaf3_Loopback0 116 | neighbor 192.0.255.6 peer group EVPN-OVERLAY-PEERS 117 | neighbor 192.0.255.6 remote-as 65102 118 | neighbor 192.0.255.6 description s1-leaf4_Loopback0 119 | redistribute connected route-map RM-CONN-2-BGP 120 | ! 121 | address-family evpn 122 | neighbor EVPN-OVERLAY-PEERS activate 123 | ! 124 | address-family ipv4 125 | no neighbor EVPN-OVERLAY-PEERS activate 126 | neighbor IPv4-UNDERLAY-PEERS activate 127 | ! 128 | end 129 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # AVD Arista Validated Design for Arista Test Drive 2 | 3 | ![Arista CloudVision Automation](https://img.shields.io/badge/Arista-CVP%20Automation-blue) ![Arista EOS Automation](https://img.shields.io/badge/Arista-EOS%20Automation-blue) 4 | 5 | ## About 6 | 7 | This repository is configured to run [`arista.cvp`](https://github.com/aristanetworks/ansible-cvp) & [`arista.avd`](https://github.com/aristanetworks/ansible-avd) Ansible collections against the Arista Test Drive (ATD) single data center topology. 8 | 9 |

10 | Arista CloudVision and Ansible 11 |

12 | 13 | To access an ATD topology, please get in touch with your Arista representative. 14 | 15 | ## Lab topology 16 | 17 | The diagram below shows that the ATD lab topology has two data centers. We will only leverage DC1 in this example. 18 | 19 |

20 | ATD Lab Topology 21 |

22 | 23 | ## ATD topology device list 24 | 25 | | Device | IP Address | 26 | | --------- | ------------ | 27 | | s1-spine1 | 192.168.0.10 | 28 | | s1-spine2 | 192.168.0.11 | 29 | | s1-leaf1 | 192.168.0.12 | 30 | | s1-leaf2 | 192.168.0.13 | 31 | | s1-leaf3 | 192.168.0.14 | 32 | | s1-leaf4 | 192.168.0.15 | 33 | | s1-host1 | 192.168.0.16 | 34 | | s1-host2 | 192.168.0.17 | 35 | 36 | > Current repository is built with cEOS management interface (`Management0`). If you run a vEOS topology, please update `mgmt_interface` field to `Management1` in the [ATD_LAB](./atd-inventory/group_vars/ATD_LAB.yml) `group_vars`. 37 | 38 | ## Getting Started 39 | 40 | ### Connect to your ATD lab environment 41 | 42 | - Don't hesitate to contact your local account team if you need an ATD Lab instance. 43 | - Once connected to the ATD lab instance, select the Programmability IDE. 44 | - This container is built with all the requirements and Python modules to run AVD playbooks. 45 | 46 | 1. Next (optional), set up a Git user and email for the ATD lab environment 47 | 48 | - Open a terminal window in VS Code View -> Terminal from the menu, and run the following commands: 49 | 50 | ```shell 51 | # Setup your git global config (optional) 52 | git config --global user.email "you@example.com" 53 | git config --global user.name "Your Name" 54 | ``` 55 | 56 | 2. Set credentials and install any required tools 57 | 58 | > :warning: __Warning:__ Specific for the ATD environment. the `pip config` lines disable PIP safety checks and should not be used outside of ATD without understanding them. 59 | 60 | ```shell 61 | cd /home/coder/project/labfiles 62 | export LABPASSPHRASE=`cat /home/coder/.config/code-server/config.yaml| grep "password:" | awk '{print $2}'` 63 | ansible-galaxy collection install arista.avd:==5.1.0 64 | pip3 config set global.break-system-packages true 65 | pip3 config set global.disable-pip-version-check true 66 | pip install "pyavd[ansible]==5.1.0" 67 | git clone https://github.com/arista-netdevops-community/atd-avd.git 68 | cd atd-avd 69 | ``` 70 | 71 | 3. Run the playbook to prepare CloudVision for AVD 72 | 73 | - Execute the following command: 74 | 75 | ```shell 76 | ansible-playbook playbooks/atd-prepare-lab.yml 77 | ``` 78 | 79 | - Check that tasks in CloudVision have been automatically completed 80 | 81 | 4. Run playbook to deploy AVD setup 82 | 83 | - Run the following commands: 84 | 85 | ```shell 86 | ansible-playbook playbooks/atd-fabric-build.yml 87 | ansible-playbook playbooks/atd-fabric-provision.yml 88 | ``` 89 | 90 | - Run pending tasks in CloudVision Portal manually. 91 | 92 | 5. Run validation and snapshot playbooks 93 | 94 | - Run the following commands: 95 | 96 | ```shell 97 | # Run audit playbook to validate the fabric state 98 | ansible-playbook playbooks/atd-validate-states.yml 99 | 100 | # Run the atd-snapshot playbook to collect show commands 101 | ansible-playbook playbooks/atd-snapshot.yml 102 | ``` 103 | 104 | - Review generated output. 105 | 106 | ## Step-by-step walkthrough 107 | 108 | A complete [step-by-step guide](./DEMO.md) is available. 109 | 110 | ## Resources 111 | 112 | - [Arista Ansible AVD Collection](https://github.com/aristanetworks/ansible-avd) 113 | - [Arista CloudVision Collection](https://github.com/aristanetworks/ansible-cvp) 114 | - [Arista AVD documentation](https://avd.arista.com) 115 | 116 | ## License 117 | 118 | This Project is published under Apache License. 119 | -------------------------------------------------------------------------------- /atd-inventory/intended/structured_configs/s1-spine1.yml: -------------------------------------------------------------------------------- 1 | hostname: s1-spine1 2 | is_deployed: true 3 | router_bgp: 4 | as: '65001' 5 | router_id: 192.0.255.1 6 | distance: 7 | external_routes: 20 8 | internal_routes: 200 9 | local_routes: 200 10 | bgp: 11 | default: 12 | ipv4_unicast: false 13 | maximum_paths: 14 | paths: 4 15 | ecmp: 4 16 | redistribute: 17 | connected: 18 | enabled: true 19 | route_map: RM-CONN-2-BGP 20 | graceful_restart: 21 | enabled: true 22 | restart_time: 300 23 | peer_groups: 24 | - name: IPv4-UNDERLAY-PEERS 25 | type: ipv4 26 | password: AQQvKeimxJu+uGQ/yYvv9w== 27 | maximum_routes: 12000 28 | send_community: all 29 | - name: EVPN-OVERLAY-PEERS 30 | type: evpn 31 | update_source: Loopback0 32 | bfd: true 33 | password: q+VNViP5i4rVjW1cxFv2wA== 34 | send_community: all 35 | maximum_routes: 0 36 | ebgp_multihop: 3 37 | next_hop_unchanged: true 38 | address_family_ipv4: 39 | peer_groups: 40 | - name: IPv4-UNDERLAY-PEERS 41 | activate: true 42 | - name: EVPN-OVERLAY-PEERS 43 | activate: false 44 | neighbors: 45 | - ip_address: 172.30.255.1 46 | peer_group: IPv4-UNDERLAY-PEERS 47 | remote_as: '65101' 48 | peer: s1-leaf1 49 | description: s1-leaf1_Ethernet2 50 | - ip_address: 172.30.255.5 51 | peer_group: IPv4-UNDERLAY-PEERS 52 | remote_as: '65101' 53 | peer: s1-leaf2 54 | description: s1-leaf2_Ethernet2 55 | - ip_address: 172.30.255.9 56 | peer_group: IPv4-UNDERLAY-PEERS 57 | remote_as: '65102' 58 | peer: s1-leaf3 59 | description: s1-leaf3_Ethernet2 60 | - ip_address: 172.30.255.13 61 | peer_group: IPv4-UNDERLAY-PEERS 62 | remote_as: '65102' 63 | peer: s1-leaf4 64 | description: s1-leaf4_Ethernet2 65 | - ip_address: 192.0.255.3 66 | peer_group: EVPN-OVERLAY-PEERS 67 | peer: s1-leaf1 68 | description: s1-leaf1_Loopback0 69 | remote_as: '65101' 70 | - ip_address: 192.0.255.4 71 | peer_group: EVPN-OVERLAY-PEERS 72 | peer: s1-leaf2 73 | description: s1-leaf2_Loopback0 74 | remote_as: '65101' 75 | - ip_address: 192.0.255.5 76 | peer_group: EVPN-OVERLAY-PEERS 77 | peer: s1-leaf3 78 | description: s1-leaf3_Loopback0 79 | remote_as: '65102' 80 | - ip_address: 192.0.255.6 81 | peer_group: EVPN-OVERLAY-PEERS 82 | peer: s1-leaf4 83 | description: s1-leaf4_Loopback0 84 | remote_as: '65102' 85 | address_family_evpn: 86 | peer_groups: 87 | - name: EVPN-OVERLAY-PEERS 88 | activate: true 89 | static_routes: 90 | - vrf: default 91 | destination_address_prefix: 0.0.0.0/0 92 | gateway: 192.168.0.1 93 | service_routing_protocols_model: multi-agent 94 | ip_routing: true 95 | vlan_internal_order: 96 | allocation: ascending 97 | range: 98 | beginning: 1006 99 | ending: 1199 100 | aaa_root: 101 | disabled: true 102 | config_end: true 103 | enable_password: 104 | disabled: true 105 | transceiver_qsfp_default_mode_4x10: true 106 | ip_name_servers: 107 | - ip_address: 192.168.2.1 108 | vrf: default 109 | - ip_address: 8.8.8.8 110 | vrf: default 111 | spanning_tree: 112 | mode: none 113 | vrfs: 114 | - name: default 115 | ip_routing: false 116 | management_interfaces: 117 | - name: Management0 118 | description: OOB_MANAGEMENT 119 | shutdown: false 120 | vrf: default 121 | ip_address: 192.168.0.10/24 122 | gateway: 192.168.0.1 123 | type: oob 124 | management_api_http: 125 | enable_vrfs: 126 | - name: default 127 | enable_https: true 128 | ethernet_interfaces: 129 | - name: Ethernet2 130 | peer: s1-leaf1 131 | peer_interface: Ethernet2 132 | peer_type: l3leaf 133 | description: P2P_s1-leaf1_Ethernet2 134 | shutdown: false 135 | mtu: 1500 136 | switchport: 137 | enabled: false 138 | ip_address: 172.30.255.0/31 139 | - name: Ethernet3 140 | peer: s1-leaf2 141 | peer_interface: Ethernet2 142 | peer_type: l3leaf 143 | description: P2P_s1-leaf2_Ethernet2 144 | shutdown: false 145 | mtu: 1500 146 | switchport: 147 | enabled: false 148 | ip_address: 172.30.255.4/31 149 | - name: Ethernet4 150 | peer: s1-leaf3 151 | peer_interface: Ethernet2 152 | peer_type: l3leaf 153 | description: P2P_s1-leaf3_Ethernet2 154 | shutdown: false 155 | mtu: 1500 156 | switchport: 157 | enabled: false 158 | ip_address: 172.30.255.8/31 159 | - name: Ethernet5 160 | peer: s1-leaf4 161 | peer_interface: Ethernet2 162 | peer_type: l3leaf 163 | description: P2P_s1-leaf4_Ethernet2 164 | shutdown: false 165 | mtu: 1500 166 | switchport: 167 | enabled: false 168 | ip_address: 172.30.255.12/31 169 | loopback_interfaces: 170 | - name: Loopback0 171 | description: ROUTER_ID 172 | shutdown: false 173 | ip_address: 192.0.255.1/32 174 | prefix_lists: 175 | - name: PL-LOOPBACKS-EVPN-OVERLAY 176 | sequence_numbers: 177 | - sequence: 10 178 | action: permit 192.0.255.0/24 eq 32 179 | route_maps: 180 | - name: RM-CONN-2-BGP 181 | sequence_numbers: 182 | - sequence: 10 183 | type: permit 184 | match: 185 | - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 186 | router_bfd: 187 | multihop: 188 | interval: 1200 189 | min_rx: 1200 190 | multiplier: 3 191 | metadata: 192 | platform: cEOS 193 | -------------------------------------------------------------------------------- /atd-inventory/intended/structured_configs/s1-spine2.yml: -------------------------------------------------------------------------------- 1 | hostname: s1-spine2 2 | is_deployed: true 3 | router_bgp: 4 | as: '65001' 5 | router_id: 192.0.255.2 6 | distance: 7 | external_routes: 20 8 | internal_routes: 200 9 | local_routes: 200 10 | bgp: 11 | default: 12 | ipv4_unicast: false 13 | maximum_paths: 14 | paths: 4 15 | ecmp: 4 16 | redistribute: 17 | connected: 18 | enabled: true 19 | route_map: RM-CONN-2-BGP 20 | graceful_restart: 21 | enabled: true 22 | restart_time: 300 23 | peer_groups: 24 | - name: IPv4-UNDERLAY-PEERS 25 | type: ipv4 26 | password: AQQvKeimxJu+uGQ/yYvv9w== 27 | maximum_routes: 12000 28 | send_community: all 29 | - name: EVPN-OVERLAY-PEERS 30 | type: evpn 31 | update_source: Loopback0 32 | bfd: true 33 | password: q+VNViP5i4rVjW1cxFv2wA== 34 | send_community: all 35 | maximum_routes: 0 36 | ebgp_multihop: 3 37 | next_hop_unchanged: true 38 | address_family_ipv4: 39 | peer_groups: 40 | - name: IPv4-UNDERLAY-PEERS 41 | activate: true 42 | - name: EVPN-OVERLAY-PEERS 43 | activate: false 44 | neighbors: 45 | - ip_address: 172.30.255.3 46 | peer_group: IPv4-UNDERLAY-PEERS 47 | remote_as: '65101' 48 | peer: s1-leaf1 49 | description: s1-leaf1_Ethernet3 50 | - ip_address: 172.30.255.7 51 | peer_group: IPv4-UNDERLAY-PEERS 52 | remote_as: '65101' 53 | peer: s1-leaf2 54 | description: s1-leaf2_Ethernet3 55 | - ip_address: 172.30.255.11 56 | peer_group: IPv4-UNDERLAY-PEERS 57 | remote_as: '65102' 58 | peer: s1-leaf3 59 | description: s1-leaf3_Ethernet3 60 | - ip_address: 172.30.255.15 61 | peer_group: IPv4-UNDERLAY-PEERS 62 | remote_as: '65102' 63 | peer: s1-leaf4 64 | description: s1-leaf4_Ethernet3 65 | - ip_address: 192.0.255.3 66 | peer_group: EVPN-OVERLAY-PEERS 67 | peer: s1-leaf1 68 | description: s1-leaf1_Loopback0 69 | remote_as: '65101' 70 | - ip_address: 192.0.255.4 71 | peer_group: EVPN-OVERLAY-PEERS 72 | peer: s1-leaf2 73 | description: s1-leaf2_Loopback0 74 | remote_as: '65101' 75 | - ip_address: 192.0.255.5 76 | peer_group: EVPN-OVERLAY-PEERS 77 | peer: s1-leaf3 78 | description: s1-leaf3_Loopback0 79 | remote_as: '65102' 80 | - ip_address: 192.0.255.6 81 | peer_group: EVPN-OVERLAY-PEERS 82 | peer: s1-leaf4 83 | description: s1-leaf4_Loopback0 84 | remote_as: '65102' 85 | address_family_evpn: 86 | peer_groups: 87 | - name: EVPN-OVERLAY-PEERS 88 | activate: true 89 | static_routes: 90 | - vrf: default 91 | destination_address_prefix: 0.0.0.0/0 92 | gateway: 192.168.0.1 93 | service_routing_protocols_model: multi-agent 94 | ip_routing: true 95 | vlan_internal_order: 96 | allocation: ascending 97 | range: 98 | beginning: 1006 99 | ending: 1199 100 | aaa_root: 101 | disabled: true 102 | config_end: true 103 | enable_password: 104 | disabled: true 105 | transceiver_qsfp_default_mode_4x10: true 106 | ip_name_servers: 107 | - ip_address: 192.168.2.1 108 | vrf: default 109 | - ip_address: 8.8.8.8 110 | vrf: default 111 | spanning_tree: 112 | mode: none 113 | vrfs: 114 | - name: default 115 | ip_routing: false 116 | management_interfaces: 117 | - name: Management0 118 | description: OOB_MANAGEMENT 119 | shutdown: false 120 | vrf: default 121 | ip_address: 192.168.0.11/24 122 | gateway: 192.168.0.1 123 | type: oob 124 | management_api_http: 125 | enable_vrfs: 126 | - name: default 127 | enable_https: true 128 | ethernet_interfaces: 129 | - name: Ethernet2 130 | peer: s1-leaf1 131 | peer_interface: Ethernet3 132 | peer_type: l3leaf 133 | description: P2P_s1-leaf1_Ethernet3 134 | shutdown: false 135 | mtu: 1500 136 | switchport: 137 | enabled: false 138 | ip_address: 172.30.255.2/31 139 | - name: Ethernet3 140 | peer: s1-leaf2 141 | peer_interface: Ethernet3 142 | peer_type: l3leaf 143 | description: P2P_s1-leaf2_Ethernet3 144 | shutdown: false 145 | mtu: 1500 146 | switchport: 147 | enabled: false 148 | ip_address: 172.30.255.6/31 149 | - name: Ethernet4 150 | peer: s1-leaf3 151 | peer_interface: Ethernet3 152 | peer_type: l3leaf 153 | description: P2P_s1-leaf3_Ethernet3 154 | shutdown: false 155 | mtu: 1500 156 | switchport: 157 | enabled: false 158 | ip_address: 172.30.255.10/31 159 | - name: Ethernet5 160 | peer: s1-leaf4 161 | peer_interface: Ethernet3 162 | peer_type: l3leaf 163 | description: P2P_s1-leaf4_Ethernet3 164 | shutdown: false 165 | mtu: 1500 166 | switchport: 167 | enabled: false 168 | ip_address: 172.30.255.14/31 169 | loopback_interfaces: 170 | - name: Loopback0 171 | description: ROUTER_ID 172 | shutdown: false 173 | ip_address: 192.0.255.2/32 174 | prefix_lists: 175 | - name: PL-LOOPBACKS-EVPN-OVERLAY 176 | sequence_numbers: 177 | - sequence: 10 178 | action: permit 192.0.255.0/24 eq 32 179 | route_maps: 180 | - name: RM-CONN-2-BGP 181 | sequence_numbers: 182 | - sequence: 10 183 | type: permit 184 | match: 185 | - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 186 | router_bfd: 187 | multihop: 188 | interval: 1200 189 | min_rx: 1200 190 | multiplier: 3 191 | metadata: 192 | platform: cEOS 193 | -------------------------------------------------------------------------------- /atd-inventory/documentation/ATD_FABRIC/ATD_FABRIC-documentation.md: -------------------------------------------------------------------------------- 1 | # ATD_FABRIC 2 | 3 | ## Table of Contents 4 | 5 | - [Fabric Switches and Management IP](#fabric-switches-and-management-ip) 6 | - [Fabric Switches with inband Management IP](#fabric-switches-with-inband-management-ip) 7 | - [Fabric Topology](#fabric-topology) 8 | - [Fabric IP Allocation](#fabric-ip-allocation) 9 | - [Fabric Point-To-Point Links](#fabric-point-to-point-links) 10 | - [Point-To-Point Links Node Allocation](#point-to-point-links-node-allocation) 11 | - [Loopback Interfaces (BGP EVPN Peering)](#loopback-interfaces-bgp-evpn-peering) 12 | - [Loopback0 Interfaces Node Allocation](#loopback0-interfaces-node-allocation) 13 | - [VTEP Loopback VXLAN Tunnel Source Interfaces (VTEPs Only)](#vtep-loopback-vxlan-tunnel-source-interfaces-vteps-only) 14 | - [VTEP Loopback Node allocation](#vtep-loopback-node-allocation) 15 | - [Connected Endpoints](#connected-endpoints) 16 | - [Connected Endpoint Keys](#connected-endpoint-keys) 17 | - [Servers](#servers) 18 | - [Port Profiles](#port-profiles) 19 | 20 | ## Fabric Switches and Management IP 21 | 22 | | POD | Type | Node | Management IP | Platform | Provisioned in CloudVision | Serial Number | 23 | | --- | ---- | ---- | ------------- | -------- | -------------------------- | ------------- | 24 | | ATD_FABRIC | l3leaf | s1-leaf1 | 192.168.0.12/24 | cEOS | Provisioned | - | 25 | | ATD_FABRIC | l3leaf | s1-leaf2 | 192.168.0.13/24 | cEOS | Provisioned | - | 26 | | ATD_FABRIC | l3leaf | s1-leaf3 | 192.168.0.14/24 | cEOS | Provisioned | - | 27 | | ATD_FABRIC | l3leaf | s1-leaf4 | 192.168.0.15/24 | cEOS | Provisioned | - | 28 | | ATD_FABRIC | spine | s1-spine1 | 192.168.0.10/24 | cEOS | Provisioned | - | 29 | | ATD_FABRIC | spine | s1-spine2 | 192.168.0.11/24 | cEOS | Provisioned | - | 30 | 31 | > Provision status is based on Ansible inventory declaration and do not represent real status from CloudVision. 32 | 33 | ### Fabric Switches with inband Management IP 34 | 35 | | POD | Type | Node | Management IP | Inband Interface | 36 | | --- | ---- | ---- | ------------- | ---------------- | 37 | 38 | ## Fabric Topology 39 | 40 | | Type | Node | Node Interface | Peer Type | Peer Node | Peer Interface | 41 | | ---- | ---- | -------------- | --------- | ----------| -------------- | 42 | | l3leaf | s1-leaf1 | Ethernet1 | mlag_peer | s1-leaf2 | Ethernet1 | 43 | | l3leaf | s1-leaf1 | Ethernet2 | spine | s1-spine1 | Ethernet2 | 44 | | l3leaf | s1-leaf1 | Ethernet3 | spine | s1-spine2 | Ethernet2 | 45 | | l3leaf | s1-leaf1 | Ethernet6 | mlag_peer | s1-leaf2 | Ethernet6 | 46 | | l3leaf | s1-leaf2 | Ethernet2 | spine | s1-spine1 | Ethernet3 | 47 | | l3leaf | s1-leaf2 | Ethernet3 | spine | s1-spine2 | Ethernet3 | 48 | | l3leaf | s1-leaf3 | Ethernet1 | mlag_peer | s1-leaf4 | Ethernet1 | 49 | | l3leaf | s1-leaf3 | Ethernet2 | spine | s1-spine1 | Ethernet4 | 50 | | l3leaf | s1-leaf3 | Ethernet3 | spine | s1-spine2 | Ethernet4 | 51 | | l3leaf | s1-leaf3 | Ethernet6 | mlag_peer | s1-leaf4 | Ethernet6 | 52 | | l3leaf | s1-leaf4 | Ethernet2 | spine | s1-spine1 | Ethernet5 | 53 | | l3leaf | s1-leaf4 | Ethernet3 | spine | s1-spine2 | Ethernet5 | 54 | 55 | ## Fabric IP Allocation 56 | 57 | ### Fabric Point-To-Point Links 58 | 59 | | Uplink IPv4 Pool | Available Addresses | Assigned addresses | Assigned Address % | 60 | | ---------------- | ------------------- | ------------------ | ------------------ | 61 | | 172.30.255.0/24 | 256 | 16 | 6.25 % | 62 | 63 | ### Point-To-Point Links Node Allocation 64 | 65 | | Node | Node Interface | Node IP Address | Peer Node | Peer Interface | Peer IP Address | 66 | | ---- | -------------- | --------------- | --------- | -------------- | --------------- | 67 | | s1-leaf1 | Ethernet2 | 172.30.255.1/31 | s1-spine1 | Ethernet2 | 172.30.255.0/31 | 68 | | s1-leaf1 | Ethernet3 | 172.30.255.3/31 | s1-spine2 | Ethernet2 | 172.30.255.2/31 | 69 | | s1-leaf2 | Ethernet2 | 172.30.255.5/31 | s1-spine1 | Ethernet3 | 172.30.255.4/31 | 70 | | s1-leaf2 | Ethernet3 | 172.30.255.7/31 | s1-spine2 | Ethernet3 | 172.30.255.6/31 | 71 | | s1-leaf3 | Ethernet2 | 172.30.255.9/31 | s1-spine1 | Ethernet4 | 172.30.255.8/31 | 72 | | s1-leaf3 | Ethernet3 | 172.30.255.11/31 | s1-spine2 | Ethernet4 | 172.30.255.10/31 | 73 | | s1-leaf4 | Ethernet2 | 172.30.255.13/31 | s1-spine1 | Ethernet5 | 172.30.255.12/31 | 74 | | s1-leaf4 | Ethernet3 | 172.30.255.15/31 | s1-spine2 | Ethernet5 | 172.30.255.14/31 | 75 | 76 | ### Loopback Interfaces (BGP EVPN Peering) 77 | 78 | | Loopback Pool | Available Addresses | Assigned addresses | Assigned Address % | 79 | | ------------- | ------------------- | ------------------ | ------------------ | 80 | | 192.0.255.0/24 | 256 | 6 | 2.35 % | 81 | 82 | ### Loopback0 Interfaces Node Allocation 83 | 84 | | POD | Node | Loopback0 | 85 | | --- | ---- | --------- | 86 | | ATD_FABRIC | s1-leaf1 | 192.0.255.3/32 | 87 | | ATD_FABRIC | s1-leaf2 | 192.0.255.4/32 | 88 | | ATD_FABRIC | s1-leaf3 | 192.0.255.5/32 | 89 | | ATD_FABRIC | s1-leaf4 | 192.0.255.6/32 | 90 | | ATD_FABRIC | s1-spine1 | 192.0.255.1/32 | 91 | | ATD_FABRIC | s1-spine2 | 192.0.255.2/32 | 92 | 93 | ### VTEP Loopback VXLAN Tunnel Source Interfaces (VTEPs Only) 94 | 95 | | VTEP Loopback Pool | Available Addresses | Assigned addresses | Assigned Address % | 96 | | ------------------ | ------------------- | ------------------ | ------------------ | 97 | | 192.0.254.0/24 | 256 | 4 | 1.57 % | 98 | 99 | ### VTEP Loopback Node allocation 100 | 101 | | POD | Node | Loopback1 | 102 | | --- | ---- | --------- | 103 | | ATD_FABRIC | s1-leaf1 | 192.0.254.3/32 | 104 | | ATD_FABRIC | s1-leaf2 | 192.0.254.3/32 | 105 | | ATD_FABRIC | s1-leaf3 | 192.0.254.5/32 | 106 | | ATD_FABRIC | s1-leaf4 | 192.0.254.5/32 | 107 | 108 | ## Connected Endpoints 109 | 110 | ### Connected Endpoint Keys 111 | 112 | | Key | Type | Description | 113 | | --- | ---- | ----------- | 114 | | servers | server | Server | 115 | 116 | ### Servers 117 | 118 | | Name | Port | Fabric Device | Fabric Port | Description | Shutdown | Mode | Access VLAN | Trunk Allowed VLANs | Profile | 119 | | ---- | ---- | ------------- | ------------| ----------- | -------- | ---- | ----------- | ------------------- | ------- | 120 | | s1-host1 | Eth1 | s1-leaf1 | Ethernet4 | SERVER_s1-host1_Eth1 | False | access | 110 | - | TENANT_A | 121 | | s1-host1 | Eth2 | s1-leaf2 | Ethernet4 | SERVER_s1-host1_Eth2 | False | access | 110 | - | TENANT_A | 122 | | s1-host2 | Eth1 | s1-leaf3 | Ethernet4 | SERVER_s1-host2_Eth1 | False | access | 110 | - | TENANT_A | 123 | | s1-host2 | Eth2 | s1-leaf4 | Ethernet4 | SERVER_s1-host2_Eth2 | False | access | 110 | - | TENANT_A | 124 | 125 | ### Port Profiles 126 | 127 | | Profile Name | Parent Profile | 128 | | ------------ | -------------- | 129 | | TENANT_A | - | 130 | -------------------------------------------------------------------------------- /atd-inventory/intended/configs/s1-leaf1.cfg: -------------------------------------------------------------------------------- 1 | ! 2 | no enable password 3 | no aaa root 4 | ! 5 | vlan internal order ascending range 1006 1199 6 | ! 7 | transceiver qsfp default-mode 4x10G 8 | ! 9 | service routing protocols model multi-agent 10 | ! 11 | hostname s1-leaf1 12 | ip name-server vrf default 8.8.8.8 13 | ip name-server vrf default 192.168.2.1 14 | dns domain atd.lab 15 | ! 16 | spanning-tree mode mstp 17 | no spanning-tree vlan-id 4093-4094 18 | spanning-tree mst 0 priority 16384 19 | ! 20 | vlan 110 21 | name Tenant_A_OP_Zone_1 22 | ! 23 | vlan 160 24 | name Tenant_A_VMOTION 25 | ! 26 | vlan 3009 27 | name MLAG_L3_VRF_Tenant_A_OP_Zone 28 | trunk group MLAG 29 | ! 30 | vlan 4093 31 | name MLAG_L3 32 | trunk group MLAG 33 | ! 34 | vlan 4094 35 | name MLAG 36 | trunk group MLAG 37 | ! 38 | vrf instance Tenant_A_OP_Zone 39 | ! 40 | management api http-commands 41 | protocol https 42 | no shutdown 43 | ! 44 | vrf default 45 | no shutdown 46 | ! 47 | interface Port-Channel1 48 | description MLAG_s1-leaf2_Port-Channel1 49 | no shutdown 50 | switchport mode trunk 51 | switchport trunk group MLAG 52 | switchport 53 | ! 54 | interface Port-Channel4 55 | description PortChannel 56 | no shutdown 57 | switchport access vlan 110 58 | switchport mode access 59 | switchport 60 | mlag 4 61 | ! 62 | interface Ethernet1 63 | description MLAG_s1-leaf2_Ethernet1 64 | no shutdown 65 | channel-group 1 mode active 66 | ! 67 | interface Ethernet2 68 | description P2P_s1-spine1_Ethernet2 69 | no shutdown 70 | mtu 1500 71 | no switchport 72 | ip address 172.30.255.1/31 73 | ! 74 | interface Ethernet3 75 | description P2P_s1-spine2_Ethernet2 76 | no shutdown 77 | mtu 1500 78 | no switchport 79 | ip address 172.30.255.3/31 80 | ! 81 | interface Ethernet4 82 | description SERVER_s1-host1_Eth1 83 | no shutdown 84 | channel-group 4 mode active 85 | ! 86 | interface Ethernet6 87 | description MLAG_s1-leaf2_Ethernet6 88 | no shutdown 89 | channel-group 1 mode active 90 | ! 91 | interface Loopback0 92 | description ROUTER_ID 93 | no shutdown 94 | ip address 192.0.255.3/32 95 | ! 96 | interface Loopback1 97 | description VXLAN_TUNNEL_SOURCE 98 | no shutdown 99 | ip address 192.0.254.3/32 100 | ! 101 | interface Loopback100 102 | description DIAG_VRF_Tenant_A_OP_Zone 103 | no shutdown 104 | vrf Tenant_A_OP_Zone 105 | ip address 10.255.1.3/32 106 | ! 107 | interface Management0 108 | description OOB_MANAGEMENT 109 | no shutdown 110 | ip address 192.168.0.12/24 111 | ! 112 | interface Vlan110 113 | description Tenant_A_OP_Zone_1 114 | no shutdown 115 | vrf Tenant_A_OP_Zone 116 | ip address virtual 10.1.10.1/24 117 | ! 118 | interface Vlan3009 119 | description MLAG_L3_VRF_Tenant_A_OP_Zone 120 | no shutdown 121 | mtu 1500 122 | vrf Tenant_A_OP_Zone 123 | ip address 10.255.251.0/31 124 | ! 125 | interface Vlan4093 126 | description MLAG_L3 127 | no shutdown 128 | mtu 1500 129 | ip address 10.255.251.0/31 130 | ! 131 | interface Vlan4094 132 | description MLAG 133 | no shutdown 134 | mtu 1500 135 | no autostate 136 | ip address 10.255.252.0/31 137 | ! 138 | interface Vxlan1 139 | description s1-leaf1_VTEP 140 | vxlan source-interface Loopback1 141 | vxlan virtual-router encapsulation mac-address mlag-system-id 142 | vxlan udp-port 4789 143 | vxlan vlan 110 vni 10110 144 | vxlan vlan 160 vni 55160 145 | vxlan vrf Tenant_A_OP_Zone vni 10 146 | ! 147 | ip virtual-router mac-address 00:1c:73:00:dc:01 148 | ! 149 | ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.3 150 | ! 151 | ip routing 152 | ip routing vrf Tenant_A_OP_Zone 153 | ! 154 | ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY 155 | seq 10 permit 192.0.255.0/24 eq 32 156 | seq 20 permit 192.0.254.0/24 eq 32 157 | ! 158 | ip prefix-list PL-MLAG-PEER-VRFS 159 | seq 10 permit 10.255.251.0/31 160 | ! 161 | mlag configuration 162 | domain-id pod1 163 | local-interface Vlan4094 164 | peer-address 10.255.252.1 165 | peer-link Port-Channel1 166 | reload-delay mlag 300 167 | reload-delay non-mlag 330 168 | ! 169 | ip route 0.0.0.0/0 192.168.0.1 170 | ! 171 | route-map RM-CONN-2-BGP permit 10 172 | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 173 | ! 174 | route-map RM-CONN-2-BGP-VRFS deny 10 175 | match ip address prefix-list PL-MLAG-PEER-VRFS 176 | ! 177 | route-map RM-CONN-2-BGP-VRFS permit 20 178 | ! 179 | route-map RM-MLAG-PEER-IN permit 10 180 | description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing 181 | set origin incomplete 182 | ! 183 | router bfd 184 | multihop interval 1200 min-rx 1200 multiplier 3 185 | ! 186 | router bgp 65101 187 | router-id 192.0.255.3 188 | no bgp default ipv4-unicast 189 | distance bgp 20 200 200 190 | graceful-restart restart-time 300 191 | graceful-restart 192 | maximum-paths 4 ecmp 4 193 | neighbor EVPN-OVERLAY-PEERS peer group 194 | neighbor EVPN-OVERLAY-PEERS update-source Loopback0 195 | neighbor EVPN-OVERLAY-PEERS bfd 196 | neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 197 | neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== 198 | neighbor EVPN-OVERLAY-PEERS send-community 199 | neighbor EVPN-OVERLAY-PEERS maximum-routes 0 200 | neighbor IPv4-UNDERLAY-PEERS peer group 201 | neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== 202 | neighbor IPv4-UNDERLAY-PEERS send-community 203 | neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 204 | neighbor MLAG-IPv4-UNDERLAY-PEER peer group 205 | neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101 206 | neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self 207 | neighbor MLAG-IPv4-UNDERLAY-PEER description s1-leaf2 208 | neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in 209 | neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== 210 | neighbor MLAG-IPv4-UNDERLAY-PEER send-community 211 | neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 212 | neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER 213 | neighbor 10.255.251.1 description s1-leaf2_Vlan4093 214 | neighbor 172.30.255.0 peer group IPv4-UNDERLAY-PEERS 215 | neighbor 172.30.255.0 remote-as 65001 216 | neighbor 172.30.255.0 description s1-spine1_Ethernet2 217 | neighbor 172.30.255.2 peer group IPv4-UNDERLAY-PEERS 218 | neighbor 172.30.255.2 remote-as 65001 219 | neighbor 172.30.255.2 description s1-spine2_Ethernet2 220 | neighbor 192.0.255.1 peer group EVPN-OVERLAY-PEERS 221 | neighbor 192.0.255.1 remote-as 65001 222 | neighbor 192.0.255.1 description s1-spine1_Loopback0 223 | neighbor 192.0.255.2 peer group EVPN-OVERLAY-PEERS 224 | neighbor 192.0.255.2 remote-as 65001 225 | neighbor 192.0.255.2 description s1-spine2_Loopback0 226 | redistribute connected route-map RM-CONN-2-BGP 227 | ! 228 | vlan-aware-bundle Tenant_A_OP_Zone 229 | rd 192.0.255.3:10 230 | route-target both 10:10 231 | redistribute learned 232 | vlan 110 233 | ! 234 | vlan-aware-bundle Tenant_A_VMOTION 235 | rd 192.0.255.3:55160 236 | route-target both 55160:55160 237 | redistribute learned 238 | vlan 160 239 | ! 240 | address-family evpn 241 | neighbor EVPN-OVERLAY-PEERS activate 242 | ! 243 | address-family ipv4 244 | no neighbor EVPN-OVERLAY-PEERS activate 245 | neighbor IPv4-UNDERLAY-PEERS activate 246 | neighbor MLAG-IPv4-UNDERLAY-PEER activate 247 | ! 248 | vrf Tenant_A_OP_Zone 249 | rd 192.0.255.3:10 250 | route-target import evpn 10:10 251 | route-target export evpn 10:10 252 | router-id 192.0.255.3 253 | neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER 254 | neighbor 10.255.251.1 description s1-leaf2_Vlan3009 255 | redistribute connected route-map RM-CONN-2-BGP-VRFS 256 | ! 257 | end 258 | -------------------------------------------------------------------------------- /atd-inventory/intended/configs/s1-leaf2.cfg: -------------------------------------------------------------------------------- 1 | ! 2 | no enable password 3 | no aaa root 4 | ! 5 | vlan internal order ascending range 1006 1199 6 | ! 7 | transceiver qsfp default-mode 4x10G 8 | ! 9 | service routing protocols model multi-agent 10 | ! 11 | hostname s1-leaf2 12 | ip name-server vrf default 8.8.8.8 13 | ip name-server vrf default 192.168.2.1 14 | dns domain atd.lab 15 | ! 16 | spanning-tree mode mstp 17 | no spanning-tree vlan-id 4093-4094 18 | spanning-tree mst 0 priority 16384 19 | ! 20 | vlan 110 21 | name Tenant_A_OP_Zone_1 22 | ! 23 | vlan 160 24 | name Tenant_A_VMOTION 25 | ! 26 | vlan 3009 27 | name MLAG_L3_VRF_Tenant_A_OP_Zone 28 | trunk group MLAG 29 | ! 30 | vlan 4093 31 | name MLAG_L3 32 | trunk group MLAG 33 | ! 34 | vlan 4094 35 | name MLAG 36 | trunk group MLAG 37 | ! 38 | vrf instance Tenant_A_OP_Zone 39 | ! 40 | management api http-commands 41 | protocol https 42 | no shutdown 43 | ! 44 | vrf default 45 | no shutdown 46 | ! 47 | interface Port-Channel1 48 | description MLAG_s1-leaf1_Port-Channel1 49 | no shutdown 50 | switchport mode trunk 51 | switchport trunk group MLAG 52 | switchport 53 | ! 54 | interface Port-Channel4 55 | description PortChannel 56 | no shutdown 57 | switchport access vlan 110 58 | switchport mode access 59 | switchport 60 | mlag 4 61 | ! 62 | interface Ethernet1 63 | description MLAG_s1-leaf1_Ethernet1 64 | no shutdown 65 | channel-group 1 mode active 66 | ! 67 | interface Ethernet2 68 | description P2P_s1-spine1_Ethernet3 69 | no shutdown 70 | mtu 1500 71 | no switchport 72 | ip address 172.30.255.5/31 73 | ! 74 | interface Ethernet3 75 | description P2P_s1-spine2_Ethernet3 76 | no shutdown 77 | mtu 1500 78 | no switchport 79 | ip address 172.30.255.7/31 80 | ! 81 | interface Ethernet4 82 | description SERVER_s1-host1_Eth2 83 | no shutdown 84 | channel-group 4 mode active 85 | ! 86 | interface Ethernet6 87 | description MLAG_s1-leaf1_Ethernet6 88 | no shutdown 89 | channel-group 1 mode active 90 | ! 91 | interface Loopback0 92 | description ROUTER_ID 93 | no shutdown 94 | ip address 192.0.255.4/32 95 | ! 96 | interface Loopback1 97 | description VXLAN_TUNNEL_SOURCE 98 | no shutdown 99 | ip address 192.0.254.3/32 100 | ! 101 | interface Loopback100 102 | description DIAG_VRF_Tenant_A_OP_Zone 103 | no shutdown 104 | vrf Tenant_A_OP_Zone 105 | ip address 10.255.1.4/32 106 | ! 107 | interface Management0 108 | description OOB_MANAGEMENT 109 | no shutdown 110 | ip address 192.168.0.13/24 111 | ! 112 | interface Vlan110 113 | description Tenant_A_OP_Zone_1 114 | no shutdown 115 | vrf Tenant_A_OP_Zone 116 | ip address virtual 10.1.10.1/24 117 | ! 118 | interface Vlan3009 119 | description MLAG_L3_VRF_Tenant_A_OP_Zone 120 | no shutdown 121 | mtu 1500 122 | vrf Tenant_A_OP_Zone 123 | ip address 10.255.251.1/31 124 | ! 125 | interface Vlan4093 126 | description MLAG_L3 127 | no shutdown 128 | mtu 1500 129 | ip address 10.255.251.1/31 130 | ! 131 | interface Vlan4094 132 | description MLAG 133 | no shutdown 134 | mtu 1500 135 | no autostate 136 | ip address 10.255.252.1/31 137 | ! 138 | interface Vxlan1 139 | description s1-leaf2_VTEP 140 | vxlan source-interface Loopback1 141 | vxlan virtual-router encapsulation mac-address mlag-system-id 142 | vxlan udp-port 4789 143 | vxlan vlan 110 vni 10110 144 | vxlan vlan 160 vni 55160 145 | vxlan vrf Tenant_A_OP_Zone vni 10 146 | ! 147 | ip virtual-router mac-address 00:1c:73:00:dc:01 148 | ! 149 | ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.4 150 | ! 151 | ip routing 152 | ip routing vrf Tenant_A_OP_Zone 153 | ! 154 | ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY 155 | seq 10 permit 192.0.255.0/24 eq 32 156 | seq 20 permit 192.0.254.0/24 eq 32 157 | ! 158 | ip prefix-list PL-MLAG-PEER-VRFS 159 | seq 10 permit 10.255.251.0/31 160 | ! 161 | mlag configuration 162 | domain-id pod1 163 | local-interface Vlan4094 164 | peer-address 10.255.252.0 165 | peer-link Port-Channel1 166 | reload-delay mlag 300 167 | reload-delay non-mlag 330 168 | ! 169 | ip route 0.0.0.0/0 192.168.0.1 170 | ! 171 | route-map RM-CONN-2-BGP permit 10 172 | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 173 | ! 174 | route-map RM-CONN-2-BGP-VRFS deny 10 175 | match ip address prefix-list PL-MLAG-PEER-VRFS 176 | ! 177 | route-map RM-CONN-2-BGP-VRFS permit 20 178 | ! 179 | route-map RM-MLAG-PEER-IN permit 10 180 | description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing 181 | set origin incomplete 182 | ! 183 | router bfd 184 | multihop interval 1200 min-rx 1200 multiplier 3 185 | ! 186 | router bgp 65101 187 | router-id 192.0.255.4 188 | no bgp default ipv4-unicast 189 | distance bgp 20 200 200 190 | graceful-restart restart-time 300 191 | graceful-restart 192 | maximum-paths 4 ecmp 4 193 | neighbor EVPN-OVERLAY-PEERS peer group 194 | neighbor EVPN-OVERLAY-PEERS update-source Loopback0 195 | neighbor EVPN-OVERLAY-PEERS bfd 196 | neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 197 | neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== 198 | neighbor EVPN-OVERLAY-PEERS send-community 199 | neighbor EVPN-OVERLAY-PEERS maximum-routes 0 200 | neighbor IPv4-UNDERLAY-PEERS peer group 201 | neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== 202 | neighbor IPv4-UNDERLAY-PEERS send-community 203 | neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 204 | neighbor MLAG-IPv4-UNDERLAY-PEER peer group 205 | neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101 206 | neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self 207 | neighbor MLAG-IPv4-UNDERLAY-PEER description s1-leaf1 208 | neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in 209 | neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== 210 | neighbor MLAG-IPv4-UNDERLAY-PEER send-community 211 | neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 212 | neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER 213 | neighbor 10.255.251.0 description s1-leaf1_Vlan4093 214 | neighbor 172.30.255.4 peer group IPv4-UNDERLAY-PEERS 215 | neighbor 172.30.255.4 remote-as 65001 216 | neighbor 172.30.255.4 description s1-spine1_Ethernet3 217 | neighbor 172.30.255.6 peer group IPv4-UNDERLAY-PEERS 218 | neighbor 172.30.255.6 remote-as 65001 219 | neighbor 172.30.255.6 description s1-spine2_Ethernet3 220 | neighbor 192.0.255.1 peer group EVPN-OVERLAY-PEERS 221 | neighbor 192.0.255.1 remote-as 65001 222 | neighbor 192.0.255.1 description s1-spine1_Loopback0 223 | neighbor 192.0.255.2 peer group EVPN-OVERLAY-PEERS 224 | neighbor 192.0.255.2 remote-as 65001 225 | neighbor 192.0.255.2 description s1-spine2_Loopback0 226 | redistribute connected route-map RM-CONN-2-BGP 227 | ! 228 | vlan-aware-bundle Tenant_A_OP_Zone 229 | rd 192.0.255.4:10 230 | route-target both 10:10 231 | redistribute learned 232 | vlan 110 233 | ! 234 | vlan-aware-bundle Tenant_A_VMOTION 235 | rd 192.0.255.4:55160 236 | route-target both 55160:55160 237 | redistribute learned 238 | vlan 160 239 | ! 240 | address-family evpn 241 | neighbor EVPN-OVERLAY-PEERS activate 242 | ! 243 | address-family ipv4 244 | no neighbor EVPN-OVERLAY-PEERS activate 245 | neighbor IPv4-UNDERLAY-PEERS activate 246 | neighbor MLAG-IPv4-UNDERLAY-PEER activate 247 | ! 248 | vrf Tenant_A_OP_Zone 249 | rd 192.0.255.4:10 250 | route-target import evpn 10:10 251 | route-target export evpn 10:10 252 | router-id 192.0.255.4 253 | neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER 254 | neighbor 10.255.251.0 description s1-leaf1_Vlan3009 255 | redistribute connected route-map RM-CONN-2-BGP-VRFS 256 | ! 257 | end 258 | -------------------------------------------------------------------------------- /atd-inventory/intended/configs/s1-leaf3.cfg: -------------------------------------------------------------------------------- 1 | ! 2 | no enable password 3 | no aaa root 4 | ! 5 | vlan internal order ascending range 1006 1199 6 | ! 7 | transceiver qsfp default-mode 4x10G 8 | ! 9 | service routing protocols model multi-agent 10 | ! 11 | hostname s1-leaf3 12 | ip name-server vrf default 8.8.8.8 13 | ip name-server vrf default 192.168.2.1 14 | dns domain atd.lab 15 | ! 16 | spanning-tree mode mstp 17 | no spanning-tree vlan-id 4093-4094 18 | spanning-tree mst 0 priority 16384 19 | ! 20 | vlan 110 21 | name Tenant_A_OP_Zone_1 22 | ! 23 | vlan 160 24 | name Tenant_A_VMOTION 25 | ! 26 | vlan 3009 27 | name MLAG_L3_VRF_Tenant_A_OP_Zone 28 | trunk group MLAG 29 | ! 30 | vlan 4093 31 | name MLAG_L3 32 | trunk group MLAG 33 | ! 34 | vlan 4094 35 | name MLAG 36 | trunk group MLAG 37 | ! 38 | vrf instance Tenant_A_OP_Zone 39 | ! 40 | management api http-commands 41 | protocol https 42 | no shutdown 43 | ! 44 | vrf default 45 | no shutdown 46 | ! 47 | interface Port-Channel1 48 | description MLAG_s1-leaf4_Port-Channel1 49 | no shutdown 50 | switchport mode trunk 51 | switchport trunk group MLAG 52 | switchport 53 | ! 54 | interface Port-Channel4 55 | description PortChannel 56 | no shutdown 57 | switchport access vlan 110 58 | switchport mode access 59 | switchport 60 | mlag 4 61 | ! 62 | interface Ethernet1 63 | description MLAG_s1-leaf4_Ethernet1 64 | no shutdown 65 | channel-group 1 mode active 66 | ! 67 | interface Ethernet2 68 | description P2P_s1-spine1_Ethernet4 69 | no shutdown 70 | mtu 1500 71 | no switchport 72 | ip address 172.30.255.9/31 73 | ! 74 | interface Ethernet3 75 | description P2P_s1-spine2_Ethernet4 76 | no shutdown 77 | mtu 1500 78 | no switchport 79 | ip address 172.30.255.11/31 80 | ! 81 | interface Ethernet4 82 | description SERVER_s1-host2_Eth1 83 | no shutdown 84 | channel-group 4 mode active 85 | ! 86 | interface Ethernet6 87 | description MLAG_s1-leaf4_Ethernet6 88 | no shutdown 89 | channel-group 1 mode active 90 | ! 91 | interface Loopback0 92 | description ROUTER_ID 93 | no shutdown 94 | ip address 192.0.255.5/32 95 | ! 96 | interface Loopback1 97 | description VXLAN_TUNNEL_SOURCE 98 | no shutdown 99 | ip address 192.0.254.5/32 100 | ! 101 | interface Loopback100 102 | description DIAG_VRF_Tenant_A_OP_Zone 103 | no shutdown 104 | vrf Tenant_A_OP_Zone 105 | ip address 10.255.1.5/32 106 | ! 107 | interface Management0 108 | description OOB_MANAGEMENT 109 | no shutdown 110 | ip address 192.168.0.14/24 111 | ! 112 | interface Vlan110 113 | description Tenant_A_OP_Zone_1 114 | no shutdown 115 | vrf Tenant_A_OP_Zone 116 | ip address virtual 10.1.10.1/24 117 | ! 118 | interface Vlan3009 119 | description MLAG_L3_VRF_Tenant_A_OP_Zone 120 | no shutdown 121 | mtu 1500 122 | vrf Tenant_A_OP_Zone 123 | ip address 10.255.251.4/31 124 | ! 125 | interface Vlan4093 126 | description MLAG_L3 127 | no shutdown 128 | mtu 1500 129 | ip address 10.255.251.4/31 130 | ! 131 | interface Vlan4094 132 | description MLAG 133 | no shutdown 134 | mtu 1500 135 | no autostate 136 | ip address 10.255.252.4/31 137 | ! 138 | interface Vxlan1 139 | description s1-leaf3_VTEP 140 | vxlan source-interface Loopback1 141 | vxlan virtual-router encapsulation mac-address mlag-system-id 142 | vxlan udp-port 4789 143 | vxlan vlan 110 vni 10110 144 | vxlan vlan 160 vni 55160 145 | vxlan vrf Tenant_A_OP_Zone vni 10 146 | ! 147 | ip virtual-router mac-address 00:1c:73:00:dc:01 148 | ! 149 | ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.5 150 | ! 151 | ip routing 152 | ip routing vrf Tenant_A_OP_Zone 153 | ! 154 | ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY 155 | seq 10 permit 192.0.255.0/24 eq 32 156 | seq 20 permit 192.0.254.0/24 eq 32 157 | ! 158 | ip prefix-list PL-MLAG-PEER-VRFS 159 | seq 10 permit 10.255.251.4/31 160 | ! 161 | mlag configuration 162 | domain-id pod2 163 | local-interface Vlan4094 164 | peer-address 10.255.252.5 165 | peer-link Port-Channel1 166 | reload-delay mlag 300 167 | reload-delay non-mlag 330 168 | ! 169 | ip route 0.0.0.0/0 192.168.0.1 170 | ! 171 | route-map RM-CONN-2-BGP permit 10 172 | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 173 | ! 174 | route-map RM-CONN-2-BGP-VRFS deny 10 175 | match ip address prefix-list PL-MLAG-PEER-VRFS 176 | ! 177 | route-map RM-CONN-2-BGP-VRFS permit 20 178 | ! 179 | route-map RM-MLAG-PEER-IN permit 10 180 | description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing 181 | set origin incomplete 182 | ! 183 | router bfd 184 | multihop interval 1200 min-rx 1200 multiplier 3 185 | ! 186 | router bgp 65102 187 | router-id 192.0.255.5 188 | no bgp default ipv4-unicast 189 | distance bgp 20 200 200 190 | graceful-restart restart-time 300 191 | graceful-restart 192 | maximum-paths 4 ecmp 4 193 | neighbor EVPN-OVERLAY-PEERS peer group 194 | neighbor EVPN-OVERLAY-PEERS update-source Loopback0 195 | neighbor EVPN-OVERLAY-PEERS bfd 196 | neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 197 | neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== 198 | neighbor EVPN-OVERLAY-PEERS send-community 199 | neighbor EVPN-OVERLAY-PEERS maximum-routes 0 200 | neighbor IPv4-UNDERLAY-PEERS peer group 201 | neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== 202 | neighbor IPv4-UNDERLAY-PEERS send-community 203 | neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 204 | neighbor MLAG-IPv4-UNDERLAY-PEER peer group 205 | neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102 206 | neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self 207 | neighbor MLAG-IPv4-UNDERLAY-PEER description s1-leaf4 208 | neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in 209 | neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== 210 | neighbor MLAG-IPv4-UNDERLAY-PEER send-community 211 | neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 212 | neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER 213 | neighbor 10.255.251.5 description s1-leaf4_Vlan4093 214 | neighbor 172.30.255.8 peer group IPv4-UNDERLAY-PEERS 215 | neighbor 172.30.255.8 remote-as 65001 216 | neighbor 172.30.255.8 description s1-spine1_Ethernet4 217 | neighbor 172.30.255.10 peer group IPv4-UNDERLAY-PEERS 218 | neighbor 172.30.255.10 remote-as 65001 219 | neighbor 172.30.255.10 description s1-spine2_Ethernet4 220 | neighbor 192.0.255.1 peer group EVPN-OVERLAY-PEERS 221 | neighbor 192.0.255.1 remote-as 65001 222 | neighbor 192.0.255.1 description s1-spine1_Loopback0 223 | neighbor 192.0.255.2 peer group EVPN-OVERLAY-PEERS 224 | neighbor 192.0.255.2 remote-as 65001 225 | neighbor 192.0.255.2 description s1-spine2_Loopback0 226 | redistribute connected route-map RM-CONN-2-BGP 227 | ! 228 | vlan-aware-bundle Tenant_A_OP_Zone 229 | rd 192.0.255.5:10 230 | route-target both 10:10 231 | redistribute learned 232 | vlan 110 233 | ! 234 | vlan-aware-bundle Tenant_A_VMOTION 235 | rd 192.0.255.5:55160 236 | route-target both 55160:55160 237 | redistribute learned 238 | vlan 160 239 | ! 240 | address-family evpn 241 | neighbor EVPN-OVERLAY-PEERS activate 242 | ! 243 | address-family ipv4 244 | no neighbor EVPN-OVERLAY-PEERS activate 245 | neighbor IPv4-UNDERLAY-PEERS activate 246 | neighbor MLAG-IPv4-UNDERLAY-PEER activate 247 | ! 248 | vrf Tenant_A_OP_Zone 249 | rd 192.0.255.5:10 250 | route-target import evpn 10:10 251 | route-target export evpn 10:10 252 | router-id 192.0.255.5 253 | neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER 254 | neighbor 10.255.251.5 description s1-leaf4_Vlan3009 255 | redistribute connected route-map RM-CONN-2-BGP-VRFS 256 | ! 257 | end 258 | -------------------------------------------------------------------------------- /atd-inventory/intended/configs/s1-leaf4.cfg: -------------------------------------------------------------------------------- 1 | ! 2 | no enable password 3 | no aaa root 4 | ! 5 | vlan internal order ascending range 1006 1199 6 | ! 7 | transceiver qsfp default-mode 4x10G 8 | ! 9 | service routing protocols model multi-agent 10 | ! 11 | hostname s1-leaf4 12 | ip name-server vrf default 8.8.8.8 13 | ip name-server vrf default 192.168.2.1 14 | dns domain atd.lab 15 | ! 16 | spanning-tree mode mstp 17 | no spanning-tree vlan-id 4093-4094 18 | spanning-tree mst 0 priority 16384 19 | ! 20 | vlan 110 21 | name Tenant_A_OP_Zone_1 22 | ! 23 | vlan 160 24 | name Tenant_A_VMOTION 25 | ! 26 | vlan 3009 27 | name MLAG_L3_VRF_Tenant_A_OP_Zone 28 | trunk group MLAG 29 | ! 30 | vlan 4093 31 | name MLAG_L3 32 | trunk group MLAG 33 | ! 34 | vlan 4094 35 | name MLAG 36 | trunk group MLAG 37 | ! 38 | vrf instance Tenant_A_OP_Zone 39 | ! 40 | management api http-commands 41 | protocol https 42 | no shutdown 43 | ! 44 | vrf default 45 | no shutdown 46 | ! 47 | interface Port-Channel1 48 | description MLAG_s1-leaf3_Port-Channel1 49 | no shutdown 50 | switchport mode trunk 51 | switchport trunk group MLAG 52 | switchport 53 | ! 54 | interface Port-Channel4 55 | description PortChannel 56 | no shutdown 57 | switchport access vlan 110 58 | switchport mode access 59 | switchport 60 | mlag 4 61 | ! 62 | interface Ethernet1 63 | description MLAG_s1-leaf3_Ethernet1 64 | no shutdown 65 | channel-group 1 mode active 66 | ! 67 | interface Ethernet2 68 | description P2P_s1-spine1_Ethernet5 69 | no shutdown 70 | mtu 1500 71 | no switchport 72 | ip address 172.30.255.13/31 73 | ! 74 | interface Ethernet3 75 | description P2P_s1-spine2_Ethernet5 76 | no shutdown 77 | mtu 1500 78 | no switchport 79 | ip address 172.30.255.15/31 80 | ! 81 | interface Ethernet4 82 | description SERVER_s1-host2_Eth2 83 | no shutdown 84 | channel-group 4 mode active 85 | ! 86 | interface Ethernet6 87 | description MLAG_s1-leaf3_Ethernet6 88 | no shutdown 89 | channel-group 1 mode active 90 | ! 91 | interface Loopback0 92 | description ROUTER_ID 93 | no shutdown 94 | ip address 192.0.255.6/32 95 | ! 96 | interface Loopback1 97 | description VXLAN_TUNNEL_SOURCE 98 | no shutdown 99 | ip address 192.0.254.5/32 100 | ! 101 | interface Loopback100 102 | description DIAG_VRF_Tenant_A_OP_Zone 103 | no shutdown 104 | vrf Tenant_A_OP_Zone 105 | ip address 10.255.1.6/32 106 | ! 107 | interface Management0 108 | description OOB_MANAGEMENT 109 | no shutdown 110 | ip address 192.168.0.15/24 111 | ! 112 | interface Vlan110 113 | description Tenant_A_OP_Zone_1 114 | no shutdown 115 | vrf Tenant_A_OP_Zone 116 | ip address virtual 10.1.10.1/24 117 | ! 118 | interface Vlan3009 119 | description MLAG_L3_VRF_Tenant_A_OP_Zone 120 | no shutdown 121 | mtu 1500 122 | vrf Tenant_A_OP_Zone 123 | ip address 10.255.251.5/31 124 | ! 125 | interface Vlan4093 126 | description MLAG_L3 127 | no shutdown 128 | mtu 1500 129 | ip address 10.255.251.5/31 130 | ! 131 | interface Vlan4094 132 | description MLAG 133 | no shutdown 134 | mtu 1500 135 | no autostate 136 | ip address 10.255.252.5/31 137 | ! 138 | interface Vxlan1 139 | description s1-leaf4_VTEP 140 | vxlan source-interface Loopback1 141 | vxlan virtual-router encapsulation mac-address mlag-system-id 142 | vxlan udp-port 4789 143 | vxlan vlan 110 vni 10110 144 | vxlan vlan 160 vni 55160 145 | vxlan vrf Tenant_A_OP_Zone vni 10 146 | ! 147 | ip virtual-router mac-address 00:1c:73:00:dc:01 148 | ! 149 | ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.6 150 | ! 151 | ip routing 152 | ip routing vrf Tenant_A_OP_Zone 153 | ! 154 | ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY 155 | seq 10 permit 192.0.255.0/24 eq 32 156 | seq 20 permit 192.0.254.0/24 eq 32 157 | ! 158 | ip prefix-list PL-MLAG-PEER-VRFS 159 | seq 10 permit 10.255.251.4/31 160 | ! 161 | mlag configuration 162 | domain-id pod2 163 | local-interface Vlan4094 164 | peer-address 10.255.252.4 165 | peer-link Port-Channel1 166 | reload-delay mlag 300 167 | reload-delay non-mlag 330 168 | ! 169 | ip route 0.0.0.0/0 192.168.0.1 170 | ! 171 | route-map RM-CONN-2-BGP permit 10 172 | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 173 | ! 174 | route-map RM-CONN-2-BGP-VRFS deny 10 175 | match ip address prefix-list PL-MLAG-PEER-VRFS 176 | ! 177 | route-map RM-CONN-2-BGP-VRFS permit 20 178 | ! 179 | route-map RM-MLAG-PEER-IN permit 10 180 | description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing 181 | set origin incomplete 182 | ! 183 | router bfd 184 | multihop interval 1200 min-rx 1200 multiplier 3 185 | ! 186 | router bgp 65102 187 | router-id 192.0.255.6 188 | no bgp default ipv4-unicast 189 | distance bgp 20 200 200 190 | graceful-restart restart-time 300 191 | graceful-restart 192 | maximum-paths 4 ecmp 4 193 | neighbor EVPN-OVERLAY-PEERS peer group 194 | neighbor EVPN-OVERLAY-PEERS update-source Loopback0 195 | neighbor EVPN-OVERLAY-PEERS bfd 196 | neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 197 | neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== 198 | neighbor EVPN-OVERLAY-PEERS send-community 199 | neighbor EVPN-OVERLAY-PEERS maximum-routes 0 200 | neighbor IPv4-UNDERLAY-PEERS peer group 201 | neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== 202 | neighbor IPv4-UNDERLAY-PEERS send-community 203 | neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 204 | neighbor MLAG-IPv4-UNDERLAY-PEER peer group 205 | neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102 206 | neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self 207 | neighbor MLAG-IPv4-UNDERLAY-PEER description s1-leaf3 208 | neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in 209 | neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== 210 | neighbor MLAG-IPv4-UNDERLAY-PEER send-community 211 | neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 212 | neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER 213 | neighbor 10.255.251.4 description s1-leaf3_Vlan4093 214 | neighbor 172.30.255.12 peer group IPv4-UNDERLAY-PEERS 215 | neighbor 172.30.255.12 remote-as 65001 216 | neighbor 172.30.255.12 description s1-spine1_Ethernet5 217 | neighbor 172.30.255.14 peer group IPv4-UNDERLAY-PEERS 218 | neighbor 172.30.255.14 remote-as 65001 219 | neighbor 172.30.255.14 description s1-spine2_Ethernet5 220 | neighbor 192.0.255.1 peer group EVPN-OVERLAY-PEERS 221 | neighbor 192.0.255.1 remote-as 65001 222 | neighbor 192.0.255.1 description s1-spine1_Loopback0 223 | neighbor 192.0.255.2 peer group EVPN-OVERLAY-PEERS 224 | neighbor 192.0.255.2 remote-as 65001 225 | neighbor 192.0.255.2 description s1-spine2_Loopback0 226 | redistribute connected route-map RM-CONN-2-BGP 227 | ! 228 | vlan-aware-bundle Tenant_A_OP_Zone 229 | rd 192.0.255.6:10 230 | route-target both 10:10 231 | redistribute learned 232 | vlan 110 233 | ! 234 | vlan-aware-bundle Tenant_A_VMOTION 235 | rd 192.0.255.6:55160 236 | route-target both 55160:55160 237 | redistribute learned 238 | vlan 160 239 | ! 240 | address-family evpn 241 | neighbor EVPN-OVERLAY-PEERS activate 242 | ! 243 | address-family ipv4 244 | no neighbor EVPN-OVERLAY-PEERS activate 245 | neighbor IPv4-UNDERLAY-PEERS activate 246 | neighbor MLAG-IPv4-UNDERLAY-PEER activate 247 | ! 248 | vrf Tenant_A_OP_Zone 249 | rd 192.0.255.6:10 250 | route-target import evpn 10:10 251 | route-target export evpn 10:10 252 | router-id 192.0.255.6 253 | neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER 254 | neighbor 10.255.251.4 description s1-leaf3_Vlan3009 255 | redistribute connected route-map RM-CONN-2-BGP-VRFS 256 | ! 257 | end 258 | -------------------------------------------------------------------------------- /atd-inventory/intended/structured_configs/s1-leaf1.yml: -------------------------------------------------------------------------------- 1 | hostname: s1-leaf1 2 | is_deployed: true 3 | router_bgp: 4 | as: '65101' 5 | router_id: 192.0.255.3 6 | distance: 7 | external_routes: 20 8 | internal_routes: 200 9 | local_routes: 200 10 | bgp: 11 | default: 12 | ipv4_unicast: false 13 | maximum_paths: 14 | paths: 4 15 | ecmp: 4 16 | redistribute: 17 | connected: 18 | enabled: true 19 | route_map: RM-CONN-2-BGP 20 | graceful_restart: 21 | enabled: true 22 | restart_time: 300 23 | peer_groups: 24 | - name: MLAG-IPv4-UNDERLAY-PEER 25 | type: ipv4 26 | remote_as: '65101' 27 | next_hop_self: true 28 | description: s1-leaf2 29 | password: vnEaG8gMeQf3d3cN6PktXQ== 30 | maximum_routes: 12000 31 | send_community: all 32 | route_map_in: RM-MLAG-PEER-IN 33 | - name: IPv4-UNDERLAY-PEERS 34 | type: ipv4 35 | password: AQQvKeimxJu+uGQ/yYvv9w== 36 | maximum_routes: 12000 37 | send_community: all 38 | - name: EVPN-OVERLAY-PEERS 39 | type: evpn 40 | update_source: Loopback0 41 | bfd: true 42 | password: q+VNViP5i4rVjW1cxFv2wA== 43 | send_community: all 44 | maximum_routes: 0 45 | ebgp_multihop: 3 46 | address_family_ipv4: 47 | peer_groups: 48 | - name: MLAG-IPv4-UNDERLAY-PEER 49 | activate: true 50 | - name: IPv4-UNDERLAY-PEERS 51 | activate: true 52 | - name: EVPN-OVERLAY-PEERS 53 | activate: false 54 | neighbors: 55 | - ip_address: 10.255.251.1 56 | peer_group: MLAG-IPv4-UNDERLAY-PEER 57 | peer: s1-leaf2 58 | description: s1-leaf2_Vlan4093 59 | - ip_address: 172.30.255.0 60 | peer_group: IPv4-UNDERLAY-PEERS 61 | remote_as: '65001' 62 | peer: s1-spine1 63 | description: s1-spine1_Ethernet2 64 | - ip_address: 172.30.255.2 65 | peer_group: IPv4-UNDERLAY-PEERS 66 | remote_as: '65001' 67 | peer: s1-spine2 68 | description: s1-spine2_Ethernet2 69 | - ip_address: 192.0.255.1 70 | peer_group: EVPN-OVERLAY-PEERS 71 | peer: s1-spine1 72 | description: s1-spine1_Loopback0 73 | remote_as: '65001' 74 | - ip_address: 192.0.255.2 75 | peer_group: EVPN-OVERLAY-PEERS 76 | peer: s1-spine2 77 | description: s1-spine2_Loopback0 78 | remote_as: '65001' 79 | address_family_evpn: 80 | peer_groups: 81 | - name: EVPN-OVERLAY-PEERS 82 | activate: true 83 | vrfs: 84 | - name: Tenant_A_OP_Zone 85 | rd: 192.0.255.3:10 86 | route_targets: 87 | import: 88 | - address_family: evpn 89 | route_targets: 90 | - '10:10' 91 | export: 92 | - address_family: evpn 93 | route_targets: 94 | - '10:10' 95 | router_id: 192.0.255.3 96 | redistribute: 97 | connected: 98 | enabled: true 99 | route_map: RM-CONN-2-BGP-VRFS 100 | neighbors: 101 | - ip_address: 10.255.251.1 102 | peer_group: MLAG-IPv4-UNDERLAY-PEER 103 | description: s1-leaf2_Vlan3009 104 | vlan_aware_bundles: 105 | - name: Tenant_A_OP_Zone 106 | rd: 192.0.255.3:10 107 | route_targets: 108 | both: 109 | - '10:10' 110 | redistribute_routes: 111 | - learned 112 | vlan: '110' 113 | - name: Tenant_A_VMOTION 114 | tenant: Tenant_A 115 | rd: 192.0.255.3:55160 116 | route_targets: 117 | both: 118 | - 55160:55160 119 | redistribute_routes: 120 | - learned 121 | vlan: '160' 122 | static_routes: 123 | - vrf: default 124 | destination_address_prefix: 0.0.0.0/0 125 | gateway: 192.168.0.1 126 | service_routing_protocols_model: multi-agent 127 | ip_routing: true 128 | vlan_internal_order: 129 | allocation: ascending 130 | range: 131 | beginning: 1006 132 | ending: 1199 133 | aaa_root: 134 | disabled: true 135 | config_end: true 136 | enable_password: 137 | disabled: true 138 | transceiver_qsfp_default_mode_4x10: true 139 | ip_name_servers: 140 | - ip_address: 192.168.2.1 141 | vrf: default 142 | - ip_address: 8.8.8.8 143 | vrf: default 144 | spanning_tree: 145 | mode: mstp 146 | mst_instances: 147 | - id: '0' 148 | priority: 16384 149 | no_spanning_tree_vlan: 4093-4094 150 | vrfs: 151 | - name: default 152 | ip_routing: false 153 | - name: Tenant_A_OP_Zone 154 | tenant: Tenant_A 155 | ip_routing: true 156 | management_interfaces: 157 | - name: Management0 158 | description: OOB_MANAGEMENT 159 | shutdown: false 160 | vrf: default 161 | ip_address: 192.168.0.12/24 162 | gateway: 192.168.0.1 163 | type: oob 164 | management_api_http: 165 | enable_vrfs: 166 | - name: default 167 | enable_https: true 168 | vlans: 169 | - id: 4093 170 | tenant: system 171 | name: MLAG_L3 172 | trunk_groups: 173 | - MLAG 174 | - id: 4094 175 | tenant: system 176 | name: MLAG 177 | trunk_groups: 178 | - MLAG 179 | - id: 110 180 | name: Tenant_A_OP_Zone_1 181 | tenant: Tenant_A 182 | - id: 3009 183 | name: MLAG_L3_VRF_Tenant_A_OP_Zone 184 | trunk_groups: 185 | - MLAG 186 | tenant: Tenant_A 187 | - id: 160 188 | name: Tenant_A_VMOTION 189 | tenant: Tenant_A 190 | vlan_interfaces: 191 | - name: Vlan4093 192 | description: MLAG_L3 193 | shutdown: false 194 | mtu: 1500 195 | ip_address: 10.255.251.0/31 196 | - name: Vlan4094 197 | description: MLAG 198 | shutdown: false 199 | no_autostate: true 200 | mtu: 1500 201 | ip_address: 10.255.252.0/31 202 | - name: Vlan110 203 | tenant: Tenant_A 204 | tags: 205 | - opzone 206 | description: Tenant_A_OP_Zone_1 207 | shutdown: false 208 | ip_address_virtual: 10.1.10.1/24 209 | vrf: Tenant_A_OP_Zone 210 | - name: Vlan3009 211 | tenant: Tenant_A 212 | type: underlay_peering 213 | shutdown: false 214 | description: MLAG_L3_VRF_Tenant_A_OP_Zone 215 | vrf: Tenant_A_OP_Zone 216 | mtu: 1500 217 | ip_address: 10.255.251.0/31 218 | port_channel_interfaces: 219 | - name: Port-Channel1 220 | description: MLAG_s1-leaf2_Port-Channel1 221 | switchport: 222 | enabled: true 223 | mode: trunk 224 | trunk: 225 | groups: 226 | - MLAG 227 | shutdown: false 228 | - name: Port-Channel4 229 | description: PortChannel 230 | shutdown: false 231 | switchport: 232 | enabled: true 233 | mode: access 234 | access_vlan: 110 235 | mlag: 4 236 | ethernet_interfaces: 237 | - name: Ethernet1 238 | peer: s1-leaf2 239 | peer_interface: Ethernet1 240 | peer_type: mlag_peer 241 | description: MLAG_s1-leaf2_Ethernet1 242 | shutdown: false 243 | channel_group: 244 | id: 1 245 | mode: active 246 | - name: Ethernet6 247 | peer: s1-leaf2 248 | peer_interface: Ethernet6 249 | peer_type: mlag_peer 250 | description: MLAG_s1-leaf2_Ethernet6 251 | shutdown: false 252 | channel_group: 253 | id: 1 254 | mode: active 255 | - name: Ethernet2 256 | peer: s1-spine1 257 | peer_interface: Ethernet2 258 | peer_type: spine 259 | description: P2P_s1-spine1_Ethernet2 260 | shutdown: false 261 | mtu: 1500 262 | switchport: 263 | enabled: false 264 | ip_address: 172.30.255.1/31 265 | - name: Ethernet3 266 | peer: s1-spine2 267 | peer_interface: Ethernet2 268 | peer_type: spine 269 | description: P2P_s1-spine2_Ethernet2 270 | shutdown: false 271 | mtu: 1500 272 | switchport: 273 | enabled: false 274 | ip_address: 172.30.255.3/31 275 | - name: Ethernet4 276 | peer: s1-host1 277 | peer_interface: Eth1 278 | peer_type: server 279 | port_profile: TENANT_A 280 | description: SERVER_s1-host1_Eth1 281 | shutdown: false 282 | channel_group: 283 | id: 4 284 | mode: active 285 | mlag_configuration: 286 | domain_id: pod1 287 | local_interface: Vlan4094 288 | peer_address: 10.255.252.1 289 | peer_link: Port-Channel1 290 | reload_delay_mlag: '300' 291 | reload_delay_non_mlag: '330' 292 | route_maps: 293 | - name: RM-MLAG-PEER-IN 294 | sequence_numbers: 295 | - sequence: 10 296 | type: permit 297 | set: 298 | - origin incomplete 299 | description: Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing 300 | - name: RM-CONN-2-BGP 301 | sequence_numbers: 302 | - sequence: 10 303 | type: permit 304 | match: 305 | - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 306 | - name: RM-CONN-2-BGP-VRFS 307 | sequence_numbers: 308 | - sequence: 10 309 | type: deny 310 | match: 311 | - ip address prefix-list PL-MLAG-PEER-VRFS 312 | - sequence: 20 313 | type: permit 314 | loopback_interfaces: 315 | - name: Loopback0 316 | description: ROUTER_ID 317 | shutdown: false 318 | ip_address: 192.0.255.3/32 319 | - name: Loopback1 320 | description: VXLAN_TUNNEL_SOURCE 321 | shutdown: false 322 | ip_address: 192.0.254.3/32 323 | - name: Loopback100 324 | description: DIAG_VRF_Tenant_A_OP_Zone 325 | shutdown: false 326 | vrf: Tenant_A_OP_Zone 327 | ip_address: 10.255.1.3/32 328 | prefix_lists: 329 | - name: PL-LOOPBACKS-EVPN-OVERLAY 330 | sequence_numbers: 331 | - sequence: 10 332 | action: permit 192.0.255.0/24 eq 32 333 | - sequence: 20 334 | action: permit 192.0.254.0/24 eq 32 335 | - name: PL-MLAG-PEER-VRFS 336 | sequence_numbers: 337 | - sequence: 10 338 | action: permit 10.255.251.0/31 339 | router_bfd: 340 | multihop: 341 | interval: 1200 342 | min_rx: 1200 343 | multiplier: 3 344 | ip_igmp_snooping: 345 | globally_enabled: true 346 | ip_virtual_router_mac_address: 00:1c:73:00:dc:01 347 | vxlan_interface: 348 | vxlan1: 349 | description: s1-leaf1_VTEP 350 | vxlan: 351 | udp_port: 4789 352 | source_interface: Loopback1 353 | virtual_router_encapsulation_mac_address: mlag-system-id 354 | vlans: 355 | - id: 110 356 | vni: 10110 357 | - id: 160 358 | vni: 55160 359 | vrfs: 360 | - name: Tenant_A_OP_Zone 361 | vni: 10 362 | virtual_source_nat_vrfs: 363 | - name: Tenant_A_OP_Zone 364 | ip_address: 10.255.1.3 365 | metadata: 366 | platform: cEOS 367 | -------------------------------------------------------------------------------- /atd-inventory/intended/structured_configs/s1-leaf2.yml: -------------------------------------------------------------------------------- 1 | hostname: s1-leaf2 2 | is_deployed: true 3 | router_bgp: 4 | as: '65101' 5 | router_id: 192.0.255.4 6 | distance: 7 | external_routes: 20 8 | internal_routes: 200 9 | local_routes: 200 10 | bgp: 11 | default: 12 | ipv4_unicast: false 13 | maximum_paths: 14 | paths: 4 15 | ecmp: 4 16 | redistribute: 17 | connected: 18 | enabled: true 19 | route_map: RM-CONN-2-BGP 20 | graceful_restart: 21 | enabled: true 22 | restart_time: 300 23 | peer_groups: 24 | - name: MLAG-IPv4-UNDERLAY-PEER 25 | type: ipv4 26 | remote_as: '65101' 27 | next_hop_self: true 28 | description: s1-leaf1 29 | password: vnEaG8gMeQf3d3cN6PktXQ== 30 | maximum_routes: 12000 31 | send_community: all 32 | route_map_in: RM-MLAG-PEER-IN 33 | - name: IPv4-UNDERLAY-PEERS 34 | type: ipv4 35 | password: AQQvKeimxJu+uGQ/yYvv9w== 36 | maximum_routes: 12000 37 | send_community: all 38 | - name: EVPN-OVERLAY-PEERS 39 | type: evpn 40 | update_source: Loopback0 41 | bfd: true 42 | password: q+VNViP5i4rVjW1cxFv2wA== 43 | send_community: all 44 | maximum_routes: 0 45 | ebgp_multihop: 3 46 | address_family_ipv4: 47 | peer_groups: 48 | - name: MLAG-IPv4-UNDERLAY-PEER 49 | activate: true 50 | - name: IPv4-UNDERLAY-PEERS 51 | activate: true 52 | - name: EVPN-OVERLAY-PEERS 53 | activate: false 54 | neighbors: 55 | - ip_address: 10.255.251.0 56 | peer_group: MLAG-IPv4-UNDERLAY-PEER 57 | peer: s1-leaf1 58 | description: s1-leaf1_Vlan4093 59 | - ip_address: 172.30.255.4 60 | peer_group: IPv4-UNDERLAY-PEERS 61 | remote_as: '65001' 62 | peer: s1-spine1 63 | description: s1-spine1_Ethernet3 64 | - ip_address: 172.30.255.6 65 | peer_group: IPv4-UNDERLAY-PEERS 66 | remote_as: '65001' 67 | peer: s1-spine2 68 | description: s1-spine2_Ethernet3 69 | - ip_address: 192.0.255.1 70 | peer_group: EVPN-OVERLAY-PEERS 71 | peer: s1-spine1 72 | description: s1-spine1_Loopback0 73 | remote_as: '65001' 74 | - ip_address: 192.0.255.2 75 | peer_group: EVPN-OVERLAY-PEERS 76 | peer: s1-spine2 77 | description: s1-spine2_Loopback0 78 | remote_as: '65001' 79 | address_family_evpn: 80 | peer_groups: 81 | - name: EVPN-OVERLAY-PEERS 82 | activate: true 83 | vrfs: 84 | - name: Tenant_A_OP_Zone 85 | rd: 192.0.255.4:10 86 | route_targets: 87 | import: 88 | - address_family: evpn 89 | route_targets: 90 | - '10:10' 91 | export: 92 | - address_family: evpn 93 | route_targets: 94 | - '10:10' 95 | router_id: 192.0.255.4 96 | redistribute: 97 | connected: 98 | enabled: true 99 | route_map: RM-CONN-2-BGP-VRFS 100 | neighbors: 101 | - ip_address: 10.255.251.0 102 | peer_group: MLAG-IPv4-UNDERLAY-PEER 103 | description: s1-leaf1_Vlan3009 104 | vlan_aware_bundles: 105 | - name: Tenant_A_OP_Zone 106 | rd: 192.0.255.4:10 107 | route_targets: 108 | both: 109 | - '10:10' 110 | redistribute_routes: 111 | - learned 112 | vlan: '110' 113 | - name: Tenant_A_VMOTION 114 | tenant: Tenant_A 115 | rd: 192.0.255.4:55160 116 | route_targets: 117 | both: 118 | - 55160:55160 119 | redistribute_routes: 120 | - learned 121 | vlan: '160' 122 | static_routes: 123 | - vrf: default 124 | destination_address_prefix: 0.0.0.0/0 125 | gateway: 192.168.0.1 126 | service_routing_protocols_model: multi-agent 127 | ip_routing: true 128 | vlan_internal_order: 129 | allocation: ascending 130 | range: 131 | beginning: 1006 132 | ending: 1199 133 | aaa_root: 134 | disabled: true 135 | config_end: true 136 | enable_password: 137 | disabled: true 138 | transceiver_qsfp_default_mode_4x10: true 139 | ip_name_servers: 140 | - ip_address: 192.168.2.1 141 | vrf: default 142 | - ip_address: 8.8.8.8 143 | vrf: default 144 | spanning_tree: 145 | mode: mstp 146 | mst_instances: 147 | - id: '0' 148 | priority: 16384 149 | no_spanning_tree_vlan: 4093-4094 150 | vrfs: 151 | - name: default 152 | ip_routing: false 153 | - name: Tenant_A_OP_Zone 154 | tenant: Tenant_A 155 | ip_routing: true 156 | management_interfaces: 157 | - name: Management0 158 | description: OOB_MANAGEMENT 159 | shutdown: false 160 | vrf: default 161 | ip_address: 192.168.0.13/24 162 | gateway: 192.168.0.1 163 | type: oob 164 | management_api_http: 165 | enable_vrfs: 166 | - name: default 167 | enable_https: true 168 | vlans: 169 | - id: 4093 170 | tenant: system 171 | name: MLAG_L3 172 | trunk_groups: 173 | - MLAG 174 | - id: 4094 175 | tenant: system 176 | name: MLAG 177 | trunk_groups: 178 | - MLAG 179 | - id: 110 180 | name: Tenant_A_OP_Zone_1 181 | tenant: Tenant_A 182 | - id: 3009 183 | name: MLAG_L3_VRF_Tenant_A_OP_Zone 184 | trunk_groups: 185 | - MLAG 186 | tenant: Tenant_A 187 | - id: 160 188 | name: Tenant_A_VMOTION 189 | tenant: Tenant_A 190 | vlan_interfaces: 191 | - name: Vlan4093 192 | description: MLAG_L3 193 | shutdown: false 194 | mtu: 1500 195 | ip_address: 10.255.251.1/31 196 | - name: Vlan4094 197 | description: MLAG 198 | shutdown: false 199 | no_autostate: true 200 | mtu: 1500 201 | ip_address: 10.255.252.1/31 202 | - name: Vlan110 203 | tenant: Tenant_A 204 | tags: 205 | - opzone 206 | description: Tenant_A_OP_Zone_1 207 | shutdown: false 208 | ip_address_virtual: 10.1.10.1/24 209 | vrf: Tenant_A_OP_Zone 210 | - name: Vlan3009 211 | tenant: Tenant_A 212 | type: underlay_peering 213 | shutdown: false 214 | description: MLAG_L3_VRF_Tenant_A_OP_Zone 215 | vrf: Tenant_A_OP_Zone 216 | mtu: 1500 217 | ip_address: 10.255.251.1/31 218 | port_channel_interfaces: 219 | - name: Port-Channel1 220 | description: MLAG_s1-leaf1_Port-Channel1 221 | switchport: 222 | enabled: true 223 | mode: trunk 224 | trunk: 225 | groups: 226 | - MLAG 227 | shutdown: false 228 | - name: Port-Channel4 229 | description: PortChannel 230 | shutdown: false 231 | switchport: 232 | enabled: true 233 | mode: access 234 | access_vlan: 110 235 | mlag: 4 236 | ethernet_interfaces: 237 | - name: Ethernet1 238 | peer: s1-leaf1 239 | peer_interface: Ethernet1 240 | peer_type: mlag_peer 241 | description: MLAG_s1-leaf1_Ethernet1 242 | shutdown: false 243 | channel_group: 244 | id: 1 245 | mode: active 246 | - name: Ethernet6 247 | peer: s1-leaf1 248 | peer_interface: Ethernet6 249 | peer_type: mlag_peer 250 | description: MLAG_s1-leaf1_Ethernet6 251 | shutdown: false 252 | channel_group: 253 | id: 1 254 | mode: active 255 | - name: Ethernet2 256 | peer: s1-spine1 257 | peer_interface: Ethernet3 258 | peer_type: spine 259 | description: P2P_s1-spine1_Ethernet3 260 | shutdown: false 261 | mtu: 1500 262 | switchport: 263 | enabled: false 264 | ip_address: 172.30.255.5/31 265 | - name: Ethernet3 266 | peer: s1-spine2 267 | peer_interface: Ethernet3 268 | peer_type: spine 269 | description: P2P_s1-spine2_Ethernet3 270 | shutdown: false 271 | mtu: 1500 272 | switchport: 273 | enabled: false 274 | ip_address: 172.30.255.7/31 275 | - name: Ethernet4 276 | peer: s1-host1 277 | peer_interface: Eth2 278 | peer_type: server 279 | port_profile: TENANT_A 280 | description: SERVER_s1-host1_Eth2 281 | shutdown: false 282 | channel_group: 283 | id: 4 284 | mode: active 285 | mlag_configuration: 286 | domain_id: pod1 287 | local_interface: Vlan4094 288 | peer_address: 10.255.252.0 289 | peer_link: Port-Channel1 290 | reload_delay_mlag: '300' 291 | reload_delay_non_mlag: '330' 292 | route_maps: 293 | - name: RM-MLAG-PEER-IN 294 | sequence_numbers: 295 | - sequence: 10 296 | type: permit 297 | set: 298 | - origin incomplete 299 | description: Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing 300 | - name: RM-CONN-2-BGP 301 | sequence_numbers: 302 | - sequence: 10 303 | type: permit 304 | match: 305 | - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 306 | - name: RM-CONN-2-BGP-VRFS 307 | sequence_numbers: 308 | - sequence: 10 309 | type: deny 310 | match: 311 | - ip address prefix-list PL-MLAG-PEER-VRFS 312 | - sequence: 20 313 | type: permit 314 | loopback_interfaces: 315 | - name: Loopback0 316 | description: ROUTER_ID 317 | shutdown: false 318 | ip_address: 192.0.255.4/32 319 | - name: Loopback1 320 | description: VXLAN_TUNNEL_SOURCE 321 | shutdown: false 322 | ip_address: 192.0.254.3/32 323 | - name: Loopback100 324 | description: DIAG_VRF_Tenant_A_OP_Zone 325 | shutdown: false 326 | vrf: Tenant_A_OP_Zone 327 | ip_address: 10.255.1.4/32 328 | prefix_lists: 329 | - name: PL-LOOPBACKS-EVPN-OVERLAY 330 | sequence_numbers: 331 | - sequence: 10 332 | action: permit 192.0.255.0/24 eq 32 333 | - sequence: 20 334 | action: permit 192.0.254.0/24 eq 32 335 | - name: PL-MLAG-PEER-VRFS 336 | sequence_numbers: 337 | - sequence: 10 338 | action: permit 10.255.251.0/31 339 | router_bfd: 340 | multihop: 341 | interval: 1200 342 | min_rx: 1200 343 | multiplier: 3 344 | ip_igmp_snooping: 345 | globally_enabled: true 346 | ip_virtual_router_mac_address: 00:1c:73:00:dc:01 347 | vxlan_interface: 348 | vxlan1: 349 | description: s1-leaf2_VTEP 350 | vxlan: 351 | udp_port: 4789 352 | source_interface: Loopback1 353 | virtual_router_encapsulation_mac_address: mlag-system-id 354 | vlans: 355 | - id: 110 356 | vni: 10110 357 | - id: 160 358 | vni: 55160 359 | vrfs: 360 | - name: Tenant_A_OP_Zone 361 | vni: 10 362 | virtual_source_nat_vrfs: 363 | - name: Tenant_A_OP_Zone 364 | ip_address: 10.255.1.4 365 | metadata: 366 | platform: cEOS 367 | -------------------------------------------------------------------------------- /atd-inventory/intended/structured_configs/s1-leaf3.yml: -------------------------------------------------------------------------------- 1 | hostname: s1-leaf3 2 | is_deployed: true 3 | router_bgp: 4 | as: '65102' 5 | router_id: 192.0.255.5 6 | distance: 7 | external_routes: 20 8 | internal_routes: 200 9 | local_routes: 200 10 | bgp: 11 | default: 12 | ipv4_unicast: false 13 | maximum_paths: 14 | paths: 4 15 | ecmp: 4 16 | redistribute: 17 | connected: 18 | enabled: true 19 | route_map: RM-CONN-2-BGP 20 | graceful_restart: 21 | enabled: true 22 | restart_time: 300 23 | peer_groups: 24 | - name: MLAG-IPv4-UNDERLAY-PEER 25 | type: ipv4 26 | remote_as: '65102' 27 | next_hop_self: true 28 | description: s1-leaf4 29 | password: vnEaG8gMeQf3d3cN6PktXQ== 30 | maximum_routes: 12000 31 | send_community: all 32 | route_map_in: RM-MLAG-PEER-IN 33 | - name: IPv4-UNDERLAY-PEERS 34 | type: ipv4 35 | password: AQQvKeimxJu+uGQ/yYvv9w== 36 | maximum_routes: 12000 37 | send_community: all 38 | - name: EVPN-OVERLAY-PEERS 39 | type: evpn 40 | update_source: Loopback0 41 | bfd: true 42 | password: q+VNViP5i4rVjW1cxFv2wA== 43 | send_community: all 44 | maximum_routes: 0 45 | ebgp_multihop: 3 46 | address_family_ipv4: 47 | peer_groups: 48 | - name: MLAG-IPv4-UNDERLAY-PEER 49 | activate: true 50 | - name: IPv4-UNDERLAY-PEERS 51 | activate: true 52 | - name: EVPN-OVERLAY-PEERS 53 | activate: false 54 | neighbors: 55 | - ip_address: 10.255.251.5 56 | peer_group: MLAG-IPv4-UNDERLAY-PEER 57 | peer: s1-leaf4 58 | description: s1-leaf4_Vlan4093 59 | - ip_address: 172.30.255.8 60 | peer_group: IPv4-UNDERLAY-PEERS 61 | remote_as: '65001' 62 | peer: s1-spine1 63 | description: s1-spine1_Ethernet4 64 | - ip_address: 172.30.255.10 65 | peer_group: IPv4-UNDERLAY-PEERS 66 | remote_as: '65001' 67 | peer: s1-spine2 68 | description: s1-spine2_Ethernet4 69 | - ip_address: 192.0.255.1 70 | peer_group: EVPN-OVERLAY-PEERS 71 | peer: s1-spine1 72 | description: s1-spine1_Loopback0 73 | remote_as: '65001' 74 | - ip_address: 192.0.255.2 75 | peer_group: EVPN-OVERLAY-PEERS 76 | peer: s1-spine2 77 | description: s1-spine2_Loopback0 78 | remote_as: '65001' 79 | address_family_evpn: 80 | peer_groups: 81 | - name: EVPN-OVERLAY-PEERS 82 | activate: true 83 | vrfs: 84 | - name: Tenant_A_OP_Zone 85 | rd: 192.0.255.5:10 86 | route_targets: 87 | import: 88 | - address_family: evpn 89 | route_targets: 90 | - '10:10' 91 | export: 92 | - address_family: evpn 93 | route_targets: 94 | - '10:10' 95 | router_id: 192.0.255.5 96 | redistribute: 97 | connected: 98 | enabled: true 99 | route_map: RM-CONN-2-BGP-VRFS 100 | neighbors: 101 | - ip_address: 10.255.251.5 102 | peer_group: MLAG-IPv4-UNDERLAY-PEER 103 | description: s1-leaf4_Vlan3009 104 | vlan_aware_bundles: 105 | - name: Tenant_A_OP_Zone 106 | rd: 192.0.255.5:10 107 | route_targets: 108 | both: 109 | - '10:10' 110 | redistribute_routes: 111 | - learned 112 | vlan: '110' 113 | - name: Tenant_A_VMOTION 114 | tenant: Tenant_A 115 | rd: 192.0.255.5:55160 116 | route_targets: 117 | both: 118 | - 55160:55160 119 | redistribute_routes: 120 | - learned 121 | vlan: '160' 122 | static_routes: 123 | - vrf: default 124 | destination_address_prefix: 0.0.0.0/0 125 | gateway: 192.168.0.1 126 | service_routing_protocols_model: multi-agent 127 | ip_routing: true 128 | vlan_internal_order: 129 | allocation: ascending 130 | range: 131 | beginning: 1006 132 | ending: 1199 133 | aaa_root: 134 | disabled: true 135 | config_end: true 136 | enable_password: 137 | disabled: true 138 | transceiver_qsfp_default_mode_4x10: true 139 | ip_name_servers: 140 | - ip_address: 192.168.2.1 141 | vrf: default 142 | - ip_address: 8.8.8.8 143 | vrf: default 144 | spanning_tree: 145 | mode: mstp 146 | mst_instances: 147 | - id: '0' 148 | priority: 16384 149 | no_spanning_tree_vlan: 4093-4094 150 | vrfs: 151 | - name: default 152 | ip_routing: false 153 | - name: Tenant_A_OP_Zone 154 | tenant: Tenant_A 155 | ip_routing: true 156 | management_interfaces: 157 | - name: Management0 158 | description: OOB_MANAGEMENT 159 | shutdown: false 160 | vrf: default 161 | ip_address: 192.168.0.14/24 162 | gateway: 192.168.0.1 163 | type: oob 164 | management_api_http: 165 | enable_vrfs: 166 | - name: default 167 | enable_https: true 168 | vlans: 169 | - id: 4093 170 | tenant: system 171 | name: MLAG_L3 172 | trunk_groups: 173 | - MLAG 174 | - id: 4094 175 | tenant: system 176 | name: MLAG 177 | trunk_groups: 178 | - MLAG 179 | - id: 110 180 | name: Tenant_A_OP_Zone_1 181 | tenant: Tenant_A 182 | - id: 3009 183 | name: MLAG_L3_VRF_Tenant_A_OP_Zone 184 | trunk_groups: 185 | - MLAG 186 | tenant: Tenant_A 187 | - id: 160 188 | name: Tenant_A_VMOTION 189 | tenant: Tenant_A 190 | vlan_interfaces: 191 | - name: Vlan4093 192 | description: MLAG_L3 193 | shutdown: false 194 | mtu: 1500 195 | ip_address: 10.255.251.4/31 196 | - name: Vlan4094 197 | description: MLAG 198 | shutdown: false 199 | no_autostate: true 200 | mtu: 1500 201 | ip_address: 10.255.252.4/31 202 | - name: Vlan110 203 | tenant: Tenant_A 204 | tags: 205 | - opzone 206 | description: Tenant_A_OP_Zone_1 207 | shutdown: false 208 | ip_address_virtual: 10.1.10.1/24 209 | vrf: Tenant_A_OP_Zone 210 | - name: Vlan3009 211 | tenant: Tenant_A 212 | type: underlay_peering 213 | shutdown: false 214 | description: MLAG_L3_VRF_Tenant_A_OP_Zone 215 | vrf: Tenant_A_OP_Zone 216 | mtu: 1500 217 | ip_address: 10.255.251.4/31 218 | port_channel_interfaces: 219 | - name: Port-Channel1 220 | description: MLAG_s1-leaf4_Port-Channel1 221 | switchport: 222 | enabled: true 223 | mode: trunk 224 | trunk: 225 | groups: 226 | - MLAG 227 | shutdown: false 228 | - name: Port-Channel4 229 | description: PortChannel 230 | shutdown: false 231 | switchport: 232 | enabled: true 233 | mode: access 234 | access_vlan: 110 235 | mlag: 4 236 | ethernet_interfaces: 237 | - name: Ethernet1 238 | peer: s1-leaf4 239 | peer_interface: Ethernet1 240 | peer_type: mlag_peer 241 | description: MLAG_s1-leaf4_Ethernet1 242 | shutdown: false 243 | channel_group: 244 | id: 1 245 | mode: active 246 | - name: Ethernet6 247 | peer: s1-leaf4 248 | peer_interface: Ethernet6 249 | peer_type: mlag_peer 250 | description: MLAG_s1-leaf4_Ethernet6 251 | shutdown: false 252 | channel_group: 253 | id: 1 254 | mode: active 255 | - name: Ethernet2 256 | peer: s1-spine1 257 | peer_interface: Ethernet4 258 | peer_type: spine 259 | description: P2P_s1-spine1_Ethernet4 260 | shutdown: false 261 | mtu: 1500 262 | switchport: 263 | enabled: false 264 | ip_address: 172.30.255.9/31 265 | - name: Ethernet3 266 | peer: s1-spine2 267 | peer_interface: Ethernet4 268 | peer_type: spine 269 | description: P2P_s1-spine2_Ethernet4 270 | shutdown: false 271 | mtu: 1500 272 | switchport: 273 | enabled: false 274 | ip_address: 172.30.255.11/31 275 | - name: Ethernet4 276 | peer: s1-host2 277 | peer_interface: Eth1 278 | peer_type: server 279 | port_profile: TENANT_A 280 | description: SERVER_s1-host2_Eth1 281 | shutdown: false 282 | channel_group: 283 | id: 4 284 | mode: active 285 | mlag_configuration: 286 | domain_id: pod2 287 | local_interface: Vlan4094 288 | peer_address: 10.255.252.5 289 | peer_link: Port-Channel1 290 | reload_delay_mlag: '300' 291 | reload_delay_non_mlag: '330' 292 | route_maps: 293 | - name: RM-MLAG-PEER-IN 294 | sequence_numbers: 295 | - sequence: 10 296 | type: permit 297 | set: 298 | - origin incomplete 299 | description: Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing 300 | - name: RM-CONN-2-BGP 301 | sequence_numbers: 302 | - sequence: 10 303 | type: permit 304 | match: 305 | - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 306 | - name: RM-CONN-2-BGP-VRFS 307 | sequence_numbers: 308 | - sequence: 10 309 | type: deny 310 | match: 311 | - ip address prefix-list PL-MLAG-PEER-VRFS 312 | - sequence: 20 313 | type: permit 314 | loopback_interfaces: 315 | - name: Loopback0 316 | description: ROUTER_ID 317 | shutdown: false 318 | ip_address: 192.0.255.5/32 319 | - name: Loopback1 320 | description: VXLAN_TUNNEL_SOURCE 321 | shutdown: false 322 | ip_address: 192.0.254.5/32 323 | - name: Loopback100 324 | description: DIAG_VRF_Tenant_A_OP_Zone 325 | shutdown: false 326 | vrf: Tenant_A_OP_Zone 327 | ip_address: 10.255.1.5/32 328 | prefix_lists: 329 | - name: PL-LOOPBACKS-EVPN-OVERLAY 330 | sequence_numbers: 331 | - sequence: 10 332 | action: permit 192.0.255.0/24 eq 32 333 | - sequence: 20 334 | action: permit 192.0.254.0/24 eq 32 335 | - name: PL-MLAG-PEER-VRFS 336 | sequence_numbers: 337 | - sequence: 10 338 | action: permit 10.255.251.4/31 339 | router_bfd: 340 | multihop: 341 | interval: 1200 342 | min_rx: 1200 343 | multiplier: 3 344 | ip_igmp_snooping: 345 | globally_enabled: true 346 | ip_virtual_router_mac_address: 00:1c:73:00:dc:01 347 | vxlan_interface: 348 | vxlan1: 349 | description: s1-leaf3_VTEP 350 | vxlan: 351 | udp_port: 4789 352 | source_interface: Loopback1 353 | virtual_router_encapsulation_mac_address: mlag-system-id 354 | vlans: 355 | - id: 110 356 | vni: 10110 357 | - id: 160 358 | vni: 55160 359 | vrfs: 360 | - name: Tenant_A_OP_Zone 361 | vni: 10 362 | virtual_source_nat_vrfs: 363 | - name: Tenant_A_OP_Zone 364 | ip_address: 10.255.1.5 365 | metadata: 366 | platform: cEOS 367 | -------------------------------------------------------------------------------- /atd-inventory/intended/structured_configs/s1-leaf4.yml: -------------------------------------------------------------------------------- 1 | hostname: s1-leaf4 2 | is_deployed: true 3 | router_bgp: 4 | as: '65102' 5 | router_id: 192.0.255.6 6 | distance: 7 | external_routes: 20 8 | internal_routes: 200 9 | local_routes: 200 10 | bgp: 11 | default: 12 | ipv4_unicast: false 13 | maximum_paths: 14 | paths: 4 15 | ecmp: 4 16 | redistribute: 17 | connected: 18 | enabled: true 19 | route_map: RM-CONN-2-BGP 20 | graceful_restart: 21 | enabled: true 22 | restart_time: 300 23 | peer_groups: 24 | - name: MLAG-IPv4-UNDERLAY-PEER 25 | type: ipv4 26 | remote_as: '65102' 27 | next_hop_self: true 28 | description: s1-leaf3 29 | password: vnEaG8gMeQf3d3cN6PktXQ== 30 | maximum_routes: 12000 31 | send_community: all 32 | route_map_in: RM-MLAG-PEER-IN 33 | - name: IPv4-UNDERLAY-PEERS 34 | type: ipv4 35 | password: AQQvKeimxJu+uGQ/yYvv9w== 36 | maximum_routes: 12000 37 | send_community: all 38 | - name: EVPN-OVERLAY-PEERS 39 | type: evpn 40 | update_source: Loopback0 41 | bfd: true 42 | password: q+VNViP5i4rVjW1cxFv2wA== 43 | send_community: all 44 | maximum_routes: 0 45 | ebgp_multihop: 3 46 | address_family_ipv4: 47 | peer_groups: 48 | - name: MLAG-IPv4-UNDERLAY-PEER 49 | activate: true 50 | - name: IPv4-UNDERLAY-PEERS 51 | activate: true 52 | - name: EVPN-OVERLAY-PEERS 53 | activate: false 54 | neighbors: 55 | - ip_address: 10.255.251.4 56 | peer_group: MLAG-IPv4-UNDERLAY-PEER 57 | peer: s1-leaf3 58 | description: s1-leaf3_Vlan4093 59 | - ip_address: 172.30.255.12 60 | peer_group: IPv4-UNDERLAY-PEERS 61 | remote_as: '65001' 62 | peer: s1-spine1 63 | description: s1-spine1_Ethernet5 64 | - ip_address: 172.30.255.14 65 | peer_group: IPv4-UNDERLAY-PEERS 66 | remote_as: '65001' 67 | peer: s1-spine2 68 | description: s1-spine2_Ethernet5 69 | - ip_address: 192.0.255.1 70 | peer_group: EVPN-OVERLAY-PEERS 71 | peer: s1-spine1 72 | description: s1-spine1_Loopback0 73 | remote_as: '65001' 74 | - ip_address: 192.0.255.2 75 | peer_group: EVPN-OVERLAY-PEERS 76 | peer: s1-spine2 77 | description: s1-spine2_Loopback0 78 | remote_as: '65001' 79 | address_family_evpn: 80 | peer_groups: 81 | - name: EVPN-OVERLAY-PEERS 82 | activate: true 83 | vrfs: 84 | - name: Tenant_A_OP_Zone 85 | rd: 192.0.255.6:10 86 | route_targets: 87 | import: 88 | - address_family: evpn 89 | route_targets: 90 | - '10:10' 91 | export: 92 | - address_family: evpn 93 | route_targets: 94 | - '10:10' 95 | router_id: 192.0.255.6 96 | redistribute: 97 | connected: 98 | enabled: true 99 | route_map: RM-CONN-2-BGP-VRFS 100 | neighbors: 101 | - ip_address: 10.255.251.4 102 | peer_group: MLAG-IPv4-UNDERLAY-PEER 103 | description: s1-leaf3_Vlan3009 104 | vlan_aware_bundles: 105 | - name: Tenant_A_OP_Zone 106 | rd: 192.0.255.6:10 107 | route_targets: 108 | both: 109 | - '10:10' 110 | redistribute_routes: 111 | - learned 112 | vlan: '110' 113 | - name: Tenant_A_VMOTION 114 | tenant: Tenant_A 115 | rd: 192.0.255.6:55160 116 | route_targets: 117 | both: 118 | - 55160:55160 119 | redistribute_routes: 120 | - learned 121 | vlan: '160' 122 | static_routes: 123 | - vrf: default 124 | destination_address_prefix: 0.0.0.0/0 125 | gateway: 192.168.0.1 126 | service_routing_protocols_model: multi-agent 127 | ip_routing: true 128 | vlan_internal_order: 129 | allocation: ascending 130 | range: 131 | beginning: 1006 132 | ending: 1199 133 | aaa_root: 134 | disabled: true 135 | config_end: true 136 | enable_password: 137 | disabled: true 138 | transceiver_qsfp_default_mode_4x10: true 139 | ip_name_servers: 140 | - ip_address: 192.168.2.1 141 | vrf: default 142 | - ip_address: 8.8.8.8 143 | vrf: default 144 | spanning_tree: 145 | mode: mstp 146 | mst_instances: 147 | - id: '0' 148 | priority: 16384 149 | no_spanning_tree_vlan: 4093-4094 150 | vrfs: 151 | - name: default 152 | ip_routing: false 153 | - name: Tenant_A_OP_Zone 154 | tenant: Tenant_A 155 | ip_routing: true 156 | management_interfaces: 157 | - name: Management0 158 | description: OOB_MANAGEMENT 159 | shutdown: false 160 | vrf: default 161 | ip_address: 192.168.0.15/24 162 | gateway: 192.168.0.1 163 | type: oob 164 | management_api_http: 165 | enable_vrfs: 166 | - name: default 167 | enable_https: true 168 | vlans: 169 | - id: 4093 170 | tenant: system 171 | name: MLAG_L3 172 | trunk_groups: 173 | - MLAG 174 | - id: 4094 175 | tenant: system 176 | name: MLAG 177 | trunk_groups: 178 | - MLAG 179 | - id: 110 180 | name: Tenant_A_OP_Zone_1 181 | tenant: Tenant_A 182 | - id: 3009 183 | name: MLAG_L3_VRF_Tenant_A_OP_Zone 184 | trunk_groups: 185 | - MLAG 186 | tenant: Tenant_A 187 | - id: 160 188 | name: Tenant_A_VMOTION 189 | tenant: Tenant_A 190 | vlan_interfaces: 191 | - name: Vlan4093 192 | description: MLAG_L3 193 | shutdown: false 194 | mtu: 1500 195 | ip_address: 10.255.251.5/31 196 | - name: Vlan4094 197 | description: MLAG 198 | shutdown: false 199 | no_autostate: true 200 | mtu: 1500 201 | ip_address: 10.255.252.5/31 202 | - name: Vlan110 203 | tenant: Tenant_A 204 | tags: 205 | - opzone 206 | description: Tenant_A_OP_Zone_1 207 | shutdown: false 208 | ip_address_virtual: 10.1.10.1/24 209 | vrf: Tenant_A_OP_Zone 210 | - name: Vlan3009 211 | tenant: Tenant_A 212 | type: underlay_peering 213 | shutdown: false 214 | description: MLAG_L3_VRF_Tenant_A_OP_Zone 215 | vrf: Tenant_A_OP_Zone 216 | mtu: 1500 217 | ip_address: 10.255.251.5/31 218 | port_channel_interfaces: 219 | - name: Port-Channel1 220 | description: MLAG_s1-leaf3_Port-Channel1 221 | switchport: 222 | enabled: true 223 | mode: trunk 224 | trunk: 225 | groups: 226 | - MLAG 227 | shutdown: false 228 | - name: Port-Channel4 229 | description: PortChannel 230 | shutdown: false 231 | switchport: 232 | enabled: true 233 | mode: access 234 | access_vlan: 110 235 | mlag: 4 236 | ethernet_interfaces: 237 | - name: Ethernet1 238 | peer: s1-leaf3 239 | peer_interface: Ethernet1 240 | peer_type: mlag_peer 241 | description: MLAG_s1-leaf3_Ethernet1 242 | shutdown: false 243 | channel_group: 244 | id: 1 245 | mode: active 246 | - name: Ethernet6 247 | peer: s1-leaf3 248 | peer_interface: Ethernet6 249 | peer_type: mlag_peer 250 | description: MLAG_s1-leaf3_Ethernet6 251 | shutdown: false 252 | channel_group: 253 | id: 1 254 | mode: active 255 | - name: Ethernet2 256 | peer: s1-spine1 257 | peer_interface: Ethernet5 258 | peer_type: spine 259 | description: P2P_s1-spine1_Ethernet5 260 | shutdown: false 261 | mtu: 1500 262 | switchport: 263 | enabled: false 264 | ip_address: 172.30.255.13/31 265 | - name: Ethernet3 266 | peer: s1-spine2 267 | peer_interface: Ethernet5 268 | peer_type: spine 269 | description: P2P_s1-spine2_Ethernet5 270 | shutdown: false 271 | mtu: 1500 272 | switchport: 273 | enabled: false 274 | ip_address: 172.30.255.15/31 275 | - name: Ethernet4 276 | peer: s1-host2 277 | peer_interface: Eth2 278 | peer_type: server 279 | port_profile: TENANT_A 280 | description: SERVER_s1-host2_Eth2 281 | shutdown: false 282 | channel_group: 283 | id: 4 284 | mode: active 285 | mlag_configuration: 286 | domain_id: pod2 287 | local_interface: Vlan4094 288 | peer_address: 10.255.252.4 289 | peer_link: Port-Channel1 290 | reload_delay_mlag: '300' 291 | reload_delay_non_mlag: '330' 292 | route_maps: 293 | - name: RM-MLAG-PEER-IN 294 | sequence_numbers: 295 | - sequence: 10 296 | type: permit 297 | set: 298 | - origin incomplete 299 | description: Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing 300 | - name: RM-CONN-2-BGP 301 | sequence_numbers: 302 | - sequence: 10 303 | type: permit 304 | match: 305 | - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 306 | - name: RM-CONN-2-BGP-VRFS 307 | sequence_numbers: 308 | - sequence: 10 309 | type: deny 310 | match: 311 | - ip address prefix-list PL-MLAG-PEER-VRFS 312 | - sequence: 20 313 | type: permit 314 | loopback_interfaces: 315 | - name: Loopback0 316 | description: ROUTER_ID 317 | shutdown: false 318 | ip_address: 192.0.255.6/32 319 | - name: Loopback1 320 | description: VXLAN_TUNNEL_SOURCE 321 | shutdown: false 322 | ip_address: 192.0.254.5/32 323 | - name: Loopback100 324 | description: DIAG_VRF_Tenant_A_OP_Zone 325 | shutdown: false 326 | vrf: Tenant_A_OP_Zone 327 | ip_address: 10.255.1.6/32 328 | prefix_lists: 329 | - name: PL-LOOPBACKS-EVPN-OVERLAY 330 | sequence_numbers: 331 | - sequence: 10 332 | action: permit 192.0.255.0/24 eq 32 333 | - sequence: 20 334 | action: permit 192.0.254.0/24 eq 32 335 | - name: PL-MLAG-PEER-VRFS 336 | sequence_numbers: 337 | - sequence: 10 338 | action: permit 10.255.251.4/31 339 | router_bfd: 340 | multihop: 341 | interval: 1200 342 | min_rx: 1200 343 | multiplier: 3 344 | ip_igmp_snooping: 345 | globally_enabled: true 346 | ip_virtual_router_mac_address: 00:1c:73:00:dc:01 347 | vxlan_interface: 348 | vxlan1: 349 | description: s1-leaf4_VTEP 350 | vxlan: 351 | udp_port: 4789 352 | source_interface: Loopback1 353 | virtual_router_encapsulation_mac_address: mlag-system-id 354 | vlans: 355 | - id: 110 356 | vni: 10110 357 | - id: 160 358 | vni: 55160 359 | vrfs: 360 | - name: Tenant_A_OP_Zone 361 | vni: 10 362 | virtual_source_nat_vrfs: 363 | - name: Tenant_A_OP_Zone 364 | ip_address: 10.255.1.6 365 | metadata: 366 | platform: cEOS 367 | -------------------------------------------------------------------------------- /DEMO.md: -------------------------------------------------------------------------------- 1 | # Step-by-step demo 2 | 3 | ## 1. Connect to GUI VM 4 | 5 | In your ATD interface, click on __Programmability IDE__ and use the password listed on your lab topology. 6 | 7 | > __Note:__ Unique password is auto-generated for each lab instance. 8 | 9 | ![ATD Interface](./docs/imgs/atd-interface.png) 10 | 11 | In addition, open CloudVision Portal (CVP) by clicking the __CVP__ link. Then, log in with the username `arista` and the auto-generated password on the lab topology screen. 12 | 13 | ## 2. Configure your credential 14 | 15 | Because the password is auto-generated, you must update the `ansible_password` variable. We will read a configuration file to set our credential file as an environment variable. 16 | 17 | Run the following commands from the Programmability IDE terminal: 18 | 19 | ```shell 20 | export LABPASSPHRASE=`cat /home/coder/.config/code-server/config.yaml| grep "password:" | awk '{print $2}'` 21 | ``` 22 | 23 | ## 3. Install all the requirements 24 | 25 | The code block below performs the following actions: 26 | 27 | - Moves to the `labfiles` directory 28 | - Installs version 5.1.0 of the arista.avd collection 29 | - Installs PyAVD 5.1.0 and arista.avd Ansible collection Python requirements. 30 | - Clones this repository 31 | - Moves to the cloned repository folder 32 | 33 | > :warning: __Warning:__ Specific for the ATD environment. the `pip config` lines disable PIP safety checks and should not be used outside of ATD without understanding them. 34 | 35 | ```shell 36 | cd /home/coder/project/labfiles 37 | export LABPASSPHRASE=`cat /home/coder/.config/code-server/config.yaml| grep "password:" | awk '{print $2}'` 38 | ansible-galaxy collection install arista.avd:==5.1.0 39 | pip3 config set global.break-system-packages true 40 | pip3 config set global.disable-pip-version-check true 41 | pip install "pyavd[ansible]==5.1.0" 42 | git clone https://github.com/arista-netdevops-community/atd-avd.git 43 | cd atd-avd 44 | ``` 45 | 46 | ## 4. Prepare ATD 47 | 48 | To emulate a ZTP environment, we will move all devices from their current containers to a dedicated one named `STAGING` to mimic an `undefined` container. 49 | 50 | ```bash 51 | ansible-playbook playbooks/atd-prepare-lab.yml 52 | ``` 53 | 54 | - This playbook executes the following tasks: 55 | - Recreates the container topology in staging format 56 | - Moves nodes to the appropriate container 57 | - Executes pending tasks for the user on CVP 58 | - Provisioning topology view should be similar to below 59 | 60 | ![Provisioning topo](docs/imgs/atd-topo-provisioning.png) 61 | 62 | ## 4. Apply AVD configuration 63 | 64 | While the playbook supports build/provision/execute in one sequence, we will proceed step-by-step. 65 | 66 | ### Build device configurations and documentation files 67 | 68 | ```bash 69 | ansible-playbook playbooks/atd-fabric-build.yml 70 | ``` 71 | 72 | You can review the generated output in your VScode instance: 73 | 74 | - EOS Configuration: [atd-inventory/intended/configs](atd-inventory/intended/configs) 75 | - Fabric documentation: [atd-inventory/documentation](atd-inventory/documentation) 76 | 77 | ### Provision CVP 78 | 79 | ```bash 80 | ansible-playbook playbooks/atd-fabric-provision.yml 81 | ``` 82 | 83 | This playbook creates the following: 84 | 85 | - A new containers topology to support AVD devices based on inventory file 86 | - Move devices to their respective container 87 | - Create configlet per device and bind to devices 88 | 89 | Change control remains on the user's side as it's a safer approach for production. We have the option to execute tasks automatically on CloudVision as well. 90 | 91 | > Create the change control and execute all pending tasks. 92 | 93 | ![CloudVision Topology for AVD](./docs/imgs/atd-topo-avd.png) 94 | 95 | ## 5. Update underlay routing protocol 96 | 97 | By default, AVD leverages EBGP for the underlay and overlay. However, these settings can be easily modified to fit your environment. For example, if you would like to deploy OSPF as the underlay, update the [ATD_FABRIC.yml](atd-inventory/group_vars/ATD_FABRIC.yml) file by uncommenting the `underlay_routing_protocol: OSPF` variable. 98 | 99 | ```yaml 100 | ... 101 | underlay_routing_protocol: OSPF 102 | 103 | ... 104 | # bgp peer groups passwords 105 | bgp_peer_groups: 106 | ipv4_underlay_peers: 107 | ... 108 | ``` 109 | 110 | You can rerun the build and provision playbooks to build and provision simultaneously. Remember to create a change control to finalize the deployment on the EOS nodes. 111 | 112 | ```bash 113 | ansible-playbook playbooks/atd-fabric-build.yml 114 | ansible-playbook playbooks/atd-fabric-provision.yml 115 | ``` 116 | 117 | ## 6. Add a new tenant to the fabric 118 | 119 | Edit the [ATD_TENANTS_NETWORKS.yml](atd-inventory/group_vars/ATD_TENANTS_NETWORKS.yml) file and uncomment `Tenant_B` before running the playbook. 120 | 121 | ```yaml 122 | # edit atd-inventory/group_vars/ATD_TENANTS_NETWORKS.yml 123 | tenants: 124 | # Tenant A Specific Information - VRFs / VLANs 125 | - name: Tenant_A: 126 | ... 127 | 128 | - name: Tenant_B 129 | mac_vrf_vni_base: 20000 130 | vrfs: 131 | - name: Tenant_B_OP_Zone 132 | vrf_vni: 20 133 | svis: 134 | - id: 210 135 | name: Tenant_B_OP_Zone_1 136 | tags: ['opzone'] 137 | profile: WITH_NO_MTU 138 | ip_address_virtual: 10.2.10.1/24 139 | - id: 211 140 | name: Tenant_B_OP_Zone_2 141 | tags: ['opzone'] 142 | profile: GENERIC_FULL 143 | ip_address_virtual: 10.2.11.1/24 144 | ``` 145 | 146 | - Run the build and provision playbooks once again. 147 | 148 | ```bash 149 | ansible-playbook playbooks/atd-fabric-build.yml 150 | ansible-playbook playbooks/atd-fabric-provision.yml 151 | ``` 152 | 153 | > Once more, create a change control in CVP and execute all tasks. 154 | 155 | ## 7. Filter VLANs deployed on the fabric 156 | 157 | All VLANs configured under the [ATD_TENANTS_NETWORKS.yml](atd-inventory/group_vars/ATD_TENANTS_NETWORKS.yml) file have been deployed to our fabric, whether we have client-facing interfaces configured for those VLANs or not. For example, below is the current output from leaf1. 158 | 159 | ```eos 160 | leaf1#show vlan 161 | VLAN Name Status Ports 162 | ----- -------------------------------- --------- ------------------------------- 163 | 1 default active Et6, PEt6 164 | 110 Tenant_A_OP_Zone_1 active Cpu, Po1, Po4, Vx1 165 | 160 Tenant_A_VMOTION active Po1, Vx1 166 | 210 Tenant_B_OP_Zone_1 active Cpu, Po1, Vx1 167 | 211 Tenant_B_OP_Zone_2 active Po1, Vx1 168 | 1198* VLAN1198 active Cpu, Po1, Vx1 169 | 1199* VLAN1199 active Cpu, Po1, Vx1 170 | 3009 MLAG_iBGP_Tenant_A_OP_Zone active Cpu, Po1 171 | 3019 MLAG_iBGP_Tenant_B_OP_Zone active Cpu, Po1 172 | 4093 LEAF_PEER_L3 active Cpu, Po1 173 | 4094 MLAG_PEER active Cpu, Po1 174 | 175 | * indicates a Dynamic VLAN 176 | leaf1# 177 | ``` 178 | 179 | Focusing on TENANT-specific VLANs, only VLAN 110 is assigned to any host-facing interfaces. We can enable the filtering option and check back on leaf1. 180 | 181 | To enable the filtering feature, uncomment the `only_vlans_in_use` variable within the `l3leaf` key in the [ATD_FABRIC.yml](atd-inventory/group_vars/ATD_FABRIC.yml) file. 182 | 183 | ```yaml 184 | ... 185 | spanning_tree_mode: mstp 186 | spanning_tree_priority: 16384 187 | filter: 188 | only_vlans_in_use: true 189 | node_groups: 190 | - group: pod1 191 | bgp_as: 65101 192 | ... 193 | ``` 194 | 195 | - Run the build and provision playbooks once again. 196 | 197 | ```bash 198 | ansible-playbook playbooks/atd-fabric-build.yml 199 | ansible-playbook playbooks/atd-fabric-provision.yml 200 | ``` 201 | 202 | Once more, in CVP, create a change control and execute all tasks. Below is the new output from leaf1 with VLANs filtered. 203 | 204 | ```eos 205 | leaf1#show vlan 206 | VLAN Name Status Ports 207 | ----- -------------------------------- --------- ------------------------------- 208 | 1 default active Et6, PEt6 209 | 110 Tenant_A_OP_Zone_1 active Cpu, Po1, Po4, Vx1 210 | 1199* VLAN1199 active Cpu, Po1, Vx1 211 | 3009 MLAG_iBGP_Tenant_A_OP_Zone active Cpu, Po1 212 | 4093 LEAF_PEER_L3 active Cpu, Po1 213 | 4094 MLAG_PEER active Cpu, Po1 214 | 215 | * indicates a Dynamic VLAN 216 | leaf1# 217 | ``` 218 | 219 | ## 8. Connected endpoints or network ports 220 | 221 | Currently, we have a host-specific configuration for host1 and host2 in [ATD_SERVERS.yml](atd-inventory/group_vars/ATD_SERVERS.yml). Example below: 222 | 223 | ```yaml 224 | - name: host2 225 | rack: pod2 226 | adapters: 227 | - endpoint_ports: [Eth1, Eth2] 228 | switch_ports: [Ethernet4, Ethernet4] 229 | switches: [s1-leaf3, s1-leaf4] 230 | profile: TENANT_A 231 | port_channel: 232 | description: PortChannel 233 | mode: active 234 | ``` 235 | 236 | AVD can now use a more generic definition of host-facing ports. The `network_ports` feature is useful when a series of interfaces share the same configuration. For example, if we wanted interface four on leaf3 and leaf4 configured similarly, we could do something like the following: 237 | 238 | ```yaml 239 | --- 240 | port_profiles: 241 | - profile: TENANT_A 242 | mode: access 243 | vlans: "110" 244 | ... 245 | network_ports: 246 | - switches: 247 | - s1-leaf[34] # Simple regex to match on leaf3 and leaf4 248 | switch_ports: # Ex Ethernet1-48 or Ethernet2-3/1-48 249 | - Ethernet4 250 | description: Connection to host2 251 | profile: TENANT_A 252 | ``` 253 | 254 | > Please note, if using this example, the connected endpoints example for host2 must be commented out or removed. 255 | 256 | - Run the build and provision playbooks once again. 257 | 258 | ```bash 259 | ansible-playbook playbooks/atd-fabric-build.yml 260 | ansible-playbook playbooks/atd-fabric-provision.yml 261 | ``` 262 | 263 | We can see the generated configuration from the [leaf3](atd-inventory/intended/configs/leaf3.cfg) configuration file. 264 | 265 | ```eos 266 | interface Ethernet4 267 | description Connection to host2 268 | no shutdown 269 | switchport access vlan 110 270 | switchport mode access 271 | switchport 272 | ``` 273 | 274 | ## 9. Validate the fabric state 275 | 276 | Once deployed, it's possible to validate the fabric state using a set of generated tests using the AVD `eos_validate_state` role. The reports are stored in the `atd-inventory/reports` folder. 277 | 278 | - Run the `atd-validate-states.yml` playbook 279 | 280 | ```bash 281 | ansible-playbook playbooks/atd-validate-states.yml 282 | ``` 283 | 284 | More information on the role can be found at 285 | [https://avd.sh/en/stable/roles/eos_validate_state/index.html](https://avd.sh/en/stable/roles/eos_validate_state/index.html) 286 | 287 | ## 10. Take snapshots of show commands output on the fabric 288 | 289 | It's also possible to collect snapshots of the running configuration and 290 | additional show commands using the AVD `eos_snapshot` role. The outputs are stored in the `atd-inventory/snapshots` folder. 291 | 292 | - Run the playbook `atd-snapshot.yml` playbook 293 | 294 | ```bash 295 | ansible-playbook playbooks/atd-snapshot.yml 296 | ``` 297 | 298 | More information on the role can be found at 299 | [https://avd.sh/en/stable/roles/eos_snapshot/index.html](https://avd.sh/en/stable/roles/eos_snapshot/index.html) 300 | -------------------------------------------------------------------------------- /atd-inventory/documentation/devices/s1-spine1.md: -------------------------------------------------------------------------------- 1 | # s1-spine1 2 | 3 | ## Table of Contents 4 | 5 | - [Management](#management) 6 | - [Management Interfaces](#management-interfaces) 7 | - [DNS Domain](#dns-domain) 8 | - [IP Name Servers](#ip-name-servers) 9 | - [Management API HTTP](#management-api-http) 10 | - [Authentication](#authentication) 11 | - [Enable Password](#enable-password) 12 | - [Spanning Tree](#spanning-tree) 13 | - [Spanning Tree Summary](#spanning-tree-summary) 14 | - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) 15 | - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) 16 | - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) 17 | - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) 18 | - [Interfaces](#interfaces) 19 | - [Ethernet Interfaces](#ethernet-interfaces) 20 | - [Loopback Interfaces](#loopback-interfaces) 21 | - [Routing](#routing) 22 | - [Service Routing Protocols Model](#service-routing-protocols-model) 23 | - [IP Routing](#ip-routing) 24 | - [IPv6 Routing](#ipv6-routing) 25 | - [Static Routes](#static-routes) 26 | - [Router BGP](#router-bgp) 27 | - [BFD](#bfd) 28 | - [Router BFD](#router-bfd) 29 | - [Filters](#filters) 30 | - [Prefix-lists](#prefix-lists) 31 | - [Route-maps](#route-maps) 32 | - [VRF Instances](#vrf-instances) 33 | - [VRF Instances Summary](#vrf-instances-summary) 34 | - [VRF Instances Device Configuration](#vrf-instances-device-configuration) 35 | 36 | ## Management 37 | 38 | ### Management Interfaces 39 | 40 | #### Management Interfaces Summary 41 | 42 | ##### IPv4 43 | 44 | | Management Interface | Description | Type | VRF | IP Address | Gateway | 45 | | -------------------- | ----------- | ---- | --- | ---------- | ------- | 46 | | Management0 | OOB_MANAGEMENT | oob | default | 192.168.0.10/24 | 192.168.0.1 | 47 | 48 | ##### IPv6 49 | 50 | | Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | 51 | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | 52 | | Management0 | OOB_MANAGEMENT | oob | default | - | - | 53 | 54 | #### Management Interfaces Device Configuration 55 | 56 | ```eos 57 | ! 58 | interface Management0 59 | description OOB_MANAGEMENT 60 | no shutdown 61 | ip address 192.168.0.10/24 62 | ``` 63 | 64 | ### DNS Domain 65 | 66 | DNS domain: atd.lab 67 | 68 | #### DNS Domain Device Configuration 69 | 70 | ```eos 71 | dns domain atd.lab 72 | ! 73 | ``` 74 | 75 | ### IP Name Servers 76 | 77 | #### IP Name Servers Summary 78 | 79 | | Name Server | VRF | Priority | 80 | | ----------- | --- | -------- | 81 | | 192.168.2.1 | default | - | 82 | | 8.8.8.8 | default | - | 83 | 84 | #### IP Name Servers Device Configuration 85 | 86 | ```eos 87 | ip name-server vrf default 8.8.8.8 88 | ip name-server vrf default 192.168.2.1 89 | ``` 90 | 91 | ### Management API HTTP 92 | 93 | #### Management API HTTP Summary 94 | 95 | | HTTP | HTTPS | Default Services | 96 | | ---- | ----- | ---------------- | 97 | | False | True | - | 98 | 99 | #### Management API VRF Access 100 | 101 | | VRF Name | IPv4 ACL | IPv6 ACL | 102 | | -------- | -------- | -------- | 103 | | default | - | - | 104 | 105 | #### Management API HTTP Device Configuration 106 | 107 | ```eos 108 | ! 109 | management api http-commands 110 | protocol https 111 | no shutdown 112 | ! 113 | vrf default 114 | no shutdown 115 | ``` 116 | 117 | ## Authentication 118 | 119 | ### Enable Password 120 | 121 | Enable password has been disabled 122 | 123 | ## Spanning Tree 124 | 125 | ### Spanning Tree Summary 126 | 127 | STP mode: **none** 128 | 129 | ### Spanning Tree Device Configuration 130 | 131 | ```eos 132 | ! 133 | spanning-tree mode none 134 | ``` 135 | 136 | ## Internal VLAN Allocation Policy 137 | 138 | ### Internal VLAN Allocation Policy Summary 139 | 140 | | Policy Allocation | Range Beginning | Range Ending | 141 | | ------------------| --------------- | ------------ | 142 | | ascending | 1006 | 1199 | 143 | 144 | ### Internal VLAN Allocation Policy Device Configuration 145 | 146 | ```eos 147 | ! 148 | vlan internal order ascending range 1006 1199 149 | ``` 150 | 151 | ## Interfaces 152 | 153 | ### Ethernet Interfaces 154 | 155 | #### Ethernet Interfaces Summary 156 | 157 | ##### L2 158 | 159 | | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | 160 | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | 161 | 162 | *Inherited from Port-Channel Interface 163 | 164 | ##### IPv4 165 | 166 | | Interface | Description | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | 167 | | --------- | ----------- | ------------- | ---------- | ----| ---- | -------- | ------ | ------- | 168 | | Ethernet2 | P2P_s1-leaf1_Ethernet2 | - | 172.30.255.0/31 | default | 1500 | False | - | - | 169 | | Ethernet3 | P2P_s1-leaf2_Ethernet2 | - | 172.30.255.4/31 | default | 1500 | False | - | - | 170 | | Ethernet4 | P2P_s1-leaf3_Ethernet2 | - | 172.30.255.8/31 | default | 1500 | False | - | - | 171 | | Ethernet5 | P2P_s1-leaf4_Ethernet2 | - | 172.30.255.12/31 | default | 1500 | False | - | - | 172 | 173 | #### Ethernet Interfaces Device Configuration 174 | 175 | ```eos 176 | ! 177 | interface Ethernet2 178 | description P2P_s1-leaf1_Ethernet2 179 | no shutdown 180 | mtu 1500 181 | no switchport 182 | ip address 172.30.255.0/31 183 | ! 184 | interface Ethernet3 185 | description P2P_s1-leaf2_Ethernet2 186 | no shutdown 187 | mtu 1500 188 | no switchport 189 | ip address 172.30.255.4/31 190 | ! 191 | interface Ethernet4 192 | description P2P_s1-leaf3_Ethernet2 193 | no shutdown 194 | mtu 1500 195 | no switchport 196 | ip address 172.30.255.8/31 197 | ! 198 | interface Ethernet5 199 | description P2P_s1-leaf4_Ethernet2 200 | no shutdown 201 | mtu 1500 202 | no switchport 203 | ip address 172.30.255.12/31 204 | ``` 205 | 206 | ### Loopback Interfaces 207 | 208 | #### Loopback Interfaces Summary 209 | 210 | ##### IPv4 211 | 212 | | Interface | Description | VRF | IP Address | 213 | | --------- | ----------- | --- | ---------- | 214 | | Loopback0 | ROUTER_ID | default | 192.0.255.1/32 | 215 | 216 | ##### IPv6 217 | 218 | | Interface | Description | VRF | IPv6 Address | 219 | | --------- | ----------- | --- | ------------ | 220 | | Loopback0 | ROUTER_ID | default | - | 221 | 222 | #### Loopback Interfaces Device Configuration 223 | 224 | ```eos 225 | ! 226 | interface Loopback0 227 | description ROUTER_ID 228 | no shutdown 229 | ip address 192.0.255.1/32 230 | ``` 231 | 232 | ## Routing 233 | 234 | ### Service Routing Protocols Model 235 | 236 | Multi agent routing protocol model enabled 237 | 238 | ```eos 239 | ! 240 | service routing protocols model multi-agent 241 | ``` 242 | 243 | ### IP Routing 244 | 245 | #### IP Routing Summary 246 | 247 | | VRF | Routing Enabled | 248 | | --- | --------------- | 249 | | default | True | 250 | 251 | #### IP Routing Device Configuration 252 | 253 | ```eos 254 | ! 255 | ip routing 256 | ``` 257 | 258 | ### IPv6 Routing 259 | 260 | #### IPv6 Routing Summary 261 | 262 | | VRF | Routing Enabled | 263 | | --- | --------------- | 264 | | default | False | 265 | | default | false | 266 | 267 | ### Static Routes 268 | 269 | #### Static Routes Summary 270 | 271 | | VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | 272 | | --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | 273 | | default | 0.0.0.0/0 | 192.168.0.1 | - | 1 | - | - | - | 274 | 275 | #### Static Routes Device Configuration 276 | 277 | ```eos 278 | ! 279 | ip route 0.0.0.0/0 192.168.0.1 280 | ``` 281 | 282 | ### Router BGP 283 | 284 | ASN Notation: asplain 285 | 286 | #### Router BGP Summary 287 | 288 | | BGP AS | Router ID | 289 | | ------ | --------- | 290 | | 65001 | 192.0.255.1 | 291 | 292 | | BGP Tuning | 293 | | ---------- | 294 | | graceful-restart restart-time 300 | 295 | | graceful-restart | 296 | | no bgp default ipv4-unicast | 297 | | distance bgp 20 200 200 | 298 | | maximum-paths 4 ecmp 4 | 299 | 300 | #### Router BGP Peer Groups 301 | 302 | ##### EVPN-OVERLAY-PEERS 303 | 304 | | Settings | Value | 305 | | -------- | ----- | 306 | | Address Family | evpn | 307 | | Next-hop unchanged | True | 308 | | Source | Loopback0 | 309 | | BFD | True | 310 | | Ebgp multihop | 3 | 311 | | Send community | all | 312 | | Maximum routes | 0 (no limit) | 313 | 314 | ##### IPv4-UNDERLAY-PEERS 315 | 316 | | Settings | Value | 317 | | -------- | ----- | 318 | | Address Family | ipv4 | 319 | | Send community | all | 320 | | Maximum routes | 12000 | 321 | 322 | #### BGP Neighbors 323 | 324 | | Neighbor | Remote AS | VRF | Shutdown | Send-community | Maximum-routes | Allowas-in | BFD | RIB Pre-Policy Retain | Route-Reflector Client | Passive | TTL Max Hops | 325 | | -------- | --------- | --- | -------- | -------------- | -------------- | ---------- | --- | --------------------- | ---------------------- | ------- | ------------ | 326 | | 172.30.255.1 | 65101 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | 327 | | 172.30.255.5 | 65101 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | 328 | | 172.30.255.9 | 65102 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | 329 | | 172.30.255.13 | 65102 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | 330 | | 192.0.255.3 | 65101 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | 331 | | 192.0.255.4 | 65101 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | 332 | | 192.0.255.5 | 65102 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | 333 | | 192.0.255.6 | 65102 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | 334 | 335 | #### Router BGP EVPN Address Family 336 | 337 | ##### EVPN Peer Groups 338 | 339 | | Peer Group | Activate | Route-map In | Route-map Out | Encapsulation | 340 | | ---------- | -------- | ------------ | ------------- | ------------- | 341 | | EVPN-OVERLAY-PEERS | True | - | - | default | 342 | 343 | #### Router BGP Device Configuration 344 | 345 | ```eos 346 | ! 347 | router bgp 65001 348 | router-id 192.0.255.1 349 | no bgp default ipv4-unicast 350 | distance bgp 20 200 200 351 | graceful-restart restart-time 300 352 | graceful-restart 353 | maximum-paths 4 ecmp 4 354 | neighbor EVPN-OVERLAY-PEERS peer group 355 | neighbor EVPN-OVERLAY-PEERS next-hop-unchanged 356 | neighbor EVPN-OVERLAY-PEERS update-source Loopback0 357 | neighbor EVPN-OVERLAY-PEERS bfd 358 | neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 359 | neighbor EVPN-OVERLAY-PEERS password 7 360 | neighbor EVPN-OVERLAY-PEERS send-community 361 | neighbor EVPN-OVERLAY-PEERS maximum-routes 0 362 | neighbor IPv4-UNDERLAY-PEERS peer group 363 | neighbor IPv4-UNDERLAY-PEERS password 7 364 | neighbor IPv4-UNDERLAY-PEERS send-community 365 | neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 366 | neighbor 172.30.255.1 peer group IPv4-UNDERLAY-PEERS 367 | neighbor 172.30.255.1 remote-as 65101 368 | neighbor 172.30.255.1 description s1-leaf1_Ethernet2 369 | neighbor 172.30.255.5 peer group IPv4-UNDERLAY-PEERS 370 | neighbor 172.30.255.5 remote-as 65101 371 | neighbor 172.30.255.5 description s1-leaf2_Ethernet2 372 | neighbor 172.30.255.9 peer group IPv4-UNDERLAY-PEERS 373 | neighbor 172.30.255.9 remote-as 65102 374 | neighbor 172.30.255.9 description s1-leaf3_Ethernet2 375 | neighbor 172.30.255.13 peer group IPv4-UNDERLAY-PEERS 376 | neighbor 172.30.255.13 remote-as 65102 377 | neighbor 172.30.255.13 description s1-leaf4_Ethernet2 378 | neighbor 192.0.255.3 peer group EVPN-OVERLAY-PEERS 379 | neighbor 192.0.255.3 remote-as 65101 380 | neighbor 192.0.255.3 description s1-leaf1_Loopback0 381 | neighbor 192.0.255.4 peer group EVPN-OVERLAY-PEERS 382 | neighbor 192.0.255.4 remote-as 65101 383 | neighbor 192.0.255.4 description s1-leaf2_Loopback0 384 | neighbor 192.0.255.5 peer group EVPN-OVERLAY-PEERS 385 | neighbor 192.0.255.5 remote-as 65102 386 | neighbor 192.0.255.5 description s1-leaf3_Loopback0 387 | neighbor 192.0.255.6 peer group EVPN-OVERLAY-PEERS 388 | neighbor 192.0.255.6 remote-as 65102 389 | neighbor 192.0.255.6 description s1-leaf4_Loopback0 390 | redistribute connected route-map RM-CONN-2-BGP 391 | ! 392 | address-family evpn 393 | neighbor EVPN-OVERLAY-PEERS activate 394 | ! 395 | address-family ipv4 396 | no neighbor EVPN-OVERLAY-PEERS activate 397 | neighbor IPv4-UNDERLAY-PEERS activate 398 | ``` 399 | 400 | ## BFD 401 | 402 | ### Router BFD 403 | 404 | #### Router BFD Multihop Summary 405 | 406 | | Interval | Minimum RX | Multiplier | 407 | | -------- | ---------- | ---------- | 408 | | 1200 | 1200 | 3 | 409 | 410 | #### Router BFD Device Configuration 411 | 412 | ```eos 413 | ! 414 | router bfd 415 | multihop interval 1200 min-rx 1200 multiplier 3 416 | ``` 417 | 418 | ## Filters 419 | 420 | ### Prefix-lists 421 | 422 | #### Prefix-lists Summary 423 | 424 | ##### PL-LOOPBACKS-EVPN-OVERLAY 425 | 426 | | Sequence | Action | 427 | | -------- | ------ | 428 | | 10 | permit 192.0.255.0/24 eq 32 | 429 | 430 | #### Prefix-lists Device Configuration 431 | 432 | ```eos 433 | ! 434 | ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY 435 | seq 10 permit 192.0.255.0/24 eq 32 436 | ``` 437 | 438 | ### Route-maps 439 | 440 | #### Route-maps Summary 441 | 442 | ##### RM-CONN-2-BGP 443 | 444 | | Sequence | Type | Match | Set | Sub-Route-Map | Continue | 445 | | -------- | ---- | ----- | --- | ------------- | -------- | 446 | | 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - | 447 | 448 | #### Route-maps Device Configuration 449 | 450 | ```eos 451 | ! 452 | route-map RM-CONN-2-BGP permit 10 453 | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 454 | ``` 455 | 456 | ## VRF Instances 457 | 458 | ### VRF Instances Summary 459 | 460 | | VRF Name | IP Routing | 461 | | -------- | ---------- | 462 | 463 | ### VRF Instances Device Configuration 464 | 465 | ```eos 466 | ``` 467 | -------------------------------------------------------------------------------- /atd-inventory/documentation/devices/s1-spine2.md: -------------------------------------------------------------------------------- 1 | # s1-spine2 2 | 3 | ## Table of Contents 4 | 5 | - [Management](#management) 6 | - [Management Interfaces](#management-interfaces) 7 | - [DNS Domain](#dns-domain) 8 | - [IP Name Servers](#ip-name-servers) 9 | - [Management API HTTP](#management-api-http) 10 | - [Authentication](#authentication) 11 | - [Enable Password](#enable-password) 12 | - [Spanning Tree](#spanning-tree) 13 | - [Spanning Tree Summary](#spanning-tree-summary) 14 | - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) 15 | - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) 16 | - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) 17 | - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) 18 | - [Interfaces](#interfaces) 19 | - [Ethernet Interfaces](#ethernet-interfaces) 20 | - [Loopback Interfaces](#loopback-interfaces) 21 | - [Routing](#routing) 22 | - [Service Routing Protocols Model](#service-routing-protocols-model) 23 | - [IP Routing](#ip-routing) 24 | - [IPv6 Routing](#ipv6-routing) 25 | - [Static Routes](#static-routes) 26 | - [Router BGP](#router-bgp) 27 | - [BFD](#bfd) 28 | - [Router BFD](#router-bfd) 29 | - [Filters](#filters) 30 | - [Prefix-lists](#prefix-lists) 31 | - [Route-maps](#route-maps) 32 | - [VRF Instances](#vrf-instances) 33 | - [VRF Instances Summary](#vrf-instances-summary) 34 | - [VRF Instances Device Configuration](#vrf-instances-device-configuration) 35 | 36 | ## Management 37 | 38 | ### Management Interfaces 39 | 40 | #### Management Interfaces Summary 41 | 42 | ##### IPv4 43 | 44 | | Management Interface | Description | Type | VRF | IP Address | Gateway | 45 | | -------------------- | ----------- | ---- | --- | ---------- | ------- | 46 | | Management0 | OOB_MANAGEMENT | oob | default | 192.168.0.11/24 | 192.168.0.1 | 47 | 48 | ##### IPv6 49 | 50 | | Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | 51 | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | 52 | | Management0 | OOB_MANAGEMENT | oob | default | - | - | 53 | 54 | #### Management Interfaces Device Configuration 55 | 56 | ```eos 57 | ! 58 | interface Management0 59 | description OOB_MANAGEMENT 60 | no shutdown 61 | ip address 192.168.0.11/24 62 | ``` 63 | 64 | ### DNS Domain 65 | 66 | DNS domain: atd.lab 67 | 68 | #### DNS Domain Device Configuration 69 | 70 | ```eos 71 | dns domain atd.lab 72 | ! 73 | ``` 74 | 75 | ### IP Name Servers 76 | 77 | #### IP Name Servers Summary 78 | 79 | | Name Server | VRF | Priority | 80 | | ----------- | --- | -------- | 81 | | 192.168.2.1 | default | - | 82 | | 8.8.8.8 | default | - | 83 | 84 | #### IP Name Servers Device Configuration 85 | 86 | ```eos 87 | ip name-server vrf default 8.8.8.8 88 | ip name-server vrf default 192.168.2.1 89 | ``` 90 | 91 | ### Management API HTTP 92 | 93 | #### Management API HTTP Summary 94 | 95 | | HTTP | HTTPS | Default Services | 96 | | ---- | ----- | ---------------- | 97 | | False | True | - | 98 | 99 | #### Management API VRF Access 100 | 101 | | VRF Name | IPv4 ACL | IPv6 ACL | 102 | | -------- | -------- | -------- | 103 | | default | - | - | 104 | 105 | #### Management API HTTP Device Configuration 106 | 107 | ```eos 108 | ! 109 | management api http-commands 110 | protocol https 111 | no shutdown 112 | ! 113 | vrf default 114 | no shutdown 115 | ``` 116 | 117 | ## Authentication 118 | 119 | ### Enable Password 120 | 121 | Enable password has been disabled 122 | 123 | ## Spanning Tree 124 | 125 | ### Spanning Tree Summary 126 | 127 | STP mode: **none** 128 | 129 | ### Spanning Tree Device Configuration 130 | 131 | ```eos 132 | ! 133 | spanning-tree mode none 134 | ``` 135 | 136 | ## Internal VLAN Allocation Policy 137 | 138 | ### Internal VLAN Allocation Policy Summary 139 | 140 | | Policy Allocation | Range Beginning | Range Ending | 141 | | ------------------| --------------- | ------------ | 142 | | ascending | 1006 | 1199 | 143 | 144 | ### Internal VLAN Allocation Policy Device Configuration 145 | 146 | ```eos 147 | ! 148 | vlan internal order ascending range 1006 1199 149 | ``` 150 | 151 | ## Interfaces 152 | 153 | ### Ethernet Interfaces 154 | 155 | #### Ethernet Interfaces Summary 156 | 157 | ##### L2 158 | 159 | | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | 160 | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | 161 | 162 | *Inherited from Port-Channel Interface 163 | 164 | ##### IPv4 165 | 166 | | Interface | Description | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | 167 | | --------- | ----------- | ------------- | ---------- | ----| ---- | -------- | ------ | ------- | 168 | | Ethernet2 | P2P_s1-leaf1_Ethernet3 | - | 172.30.255.2/31 | default | 1500 | False | - | - | 169 | | Ethernet3 | P2P_s1-leaf2_Ethernet3 | - | 172.30.255.6/31 | default | 1500 | False | - | - | 170 | | Ethernet4 | P2P_s1-leaf3_Ethernet3 | - | 172.30.255.10/31 | default | 1500 | False | - | - | 171 | | Ethernet5 | P2P_s1-leaf4_Ethernet3 | - | 172.30.255.14/31 | default | 1500 | False | - | - | 172 | 173 | #### Ethernet Interfaces Device Configuration 174 | 175 | ```eos 176 | ! 177 | interface Ethernet2 178 | description P2P_s1-leaf1_Ethernet3 179 | no shutdown 180 | mtu 1500 181 | no switchport 182 | ip address 172.30.255.2/31 183 | ! 184 | interface Ethernet3 185 | description P2P_s1-leaf2_Ethernet3 186 | no shutdown 187 | mtu 1500 188 | no switchport 189 | ip address 172.30.255.6/31 190 | ! 191 | interface Ethernet4 192 | description P2P_s1-leaf3_Ethernet3 193 | no shutdown 194 | mtu 1500 195 | no switchport 196 | ip address 172.30.255.10/31 197 | ! 198 | interface Ethernet5 199 | description P2P_s1-leaf4_Ethernet3 200 | no shutdown 201 | mtu 1500 202 | no switchport 203 | ip address 172.30.255.14/31 204 | ``` 205 | 206 | ### Loopback Interfaces 207 | 208 | #### Loopback Interfaces Summary 209 | 210 | ##### IPv4 211 | 212 | | Interface | Description | VRF | IP Address | 213 | | --------- | ----------- | --- | ---------- | 214 | | Loopback0 | ROUTER_ID | default | 192.0.255.2/32 | 215 | 216 | ##### IPv6 217 | 218 | | Interface | Description | VRF | IPv6 Address | 219 | | --------- | ----------- | --- | ------------ | 220 | | Loopback0 | ROUTER_ID | default | - | 221 | 222 | #### Loopback Interfaces Device Configuration 223 | 224 | ```eos 225 | ! 226 | interface Loopback0 227 | description ROUTER_ID 228 | no shutdown 229 | ip address 192.0.255.2/32 230 | ``` 231 | 232 | ## Routing 233 | 234 | ### Service Routing Protocols Model 235 | 236 | Multi agent routing protocol model enabled 237 | 238 | ```eos 239 | ! 240 | service routing protocols model multi-agent 241 | ``` 242 | 243 | ### IP Routing 244 | 245 | #### IP Routing Summary 246 | 247 | | VRF | Routing Enabled | 248 | | --- | --------------- | 249 | | default | True | 250 | 251 | #### IP Routing Device Configuration 252 | 253 | ```eos 254 | ! 255 | ip routing 256 | ``` 257 | 258 | ### IPv6 Routing 259 | 260 | #### IPv6 Routing Summary 261 | 262 | | VRF | Routing Enabled | 263 | | --- | --------------- | 264 | | default | False | 265 | | default | false | 266 | 267 | ### Static Routes 268 | 269 | #### Static Routes Summary 270 | 271 | | VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | 272 | | --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | 273 | | default | 0.0.0.0/0 | 192.168.0.1 | - | 1 | - | - | - | 274 | 275 | #### Static Routes Device Configuration 276 | 277 | ```eos 278 | ! 279 | ip route 0.0.0.0/0 192.168.0.1 280 | ``` 281 | 282 | ### Router BGP 283 | 284 | ASN Notation: asplain 285 | 286 | #### Router BGP Summary 287 | 288 | | BGP AS | Router ID | 289 | | ------ | --------- | 290 | | 65001 | 192.0.255.2 | 291 | 292 | | BGP Tuning | 293 | | ---------- | 294 | | graceful-restart restart-time 300 | 295 | | graceful-restart | 296 | | no bgp default ipv4-unicast | 297 | | distance bgp 20 200 200 | 298 | | maximum-paths 4 ecmp 4 | 299 | 300 | #### Router BGP Peer Groups 301 | 302 | ##### EVPN-OVERLAY-PEERS 303 | 304 | | Settings | Value | 305 | | -------- | ----- | 306 | | Address Family | evpn | 307 | | Next-hop unchanged | True | 308 | | Source | Loopback0 | 309 | | BFD | True | 310 | | Ebgp multihop | 3 | 311 | | Send community | all | 312 | | Maximum routes | 0 (no limit) | 313 | 314 | ##### IPv4-UNDERLAY-PEERS 315 | 316 | | Settings | Value | 317 | | -------- | ----- | 318 | | Address Family | ipv4 | 319 | | Send community | all | 320 | | Maximum routes | 12000 | 321 | 322 | #### BGP Neighbors 323 | 324 | | Neighbor | Remote AS | VRF | Shutdown | Send-community | Maximum-routes | Allowas-in | BFD | RIB Pre-Policy Retain | Route-Reflector Client | Passive | TTL Max Hops | 325 | | -------- | --------- | --- | -------- | -------------- | -------------- | ---------- | --- | --------------------- | ---------------------- | ------- | ------------ | 326 | | 172.30.255.3 | 65101 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | 327 | | 172.30.255.7 | 65101 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | 328 | | 172.30.255.11 | 65102 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | 329 | | 172.30.255.15 | 65102 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | 330 | | 192.0.255.3 | 65101 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | 331 | | 192.0.255.4 | 65101 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | 332 | | 192.0.255.5 | 65102 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | 333 | | 192.0.255.6 | 65102 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | 334 | 335 | #### Router BGP EVPN Address Family 336 | 337 | ##### EVPN Peer Groups 338 | 339 | | Peer Group | Activate | Route-map In | Route-map Out | Encapsulation | 340 | | ---------- | -------- | ------------ | ------------- | ------------- | 341 | | EVPN-OVERLAY-PEERS | True | - | - | default | 342 | 343 | #### Router BGP Device Configuration 344 | 345 | ```eos 346 | ! 347 | router bgp 65001 348 | router-id 192.0.255.2 349 | no bgp default ipv4-unicast 350 | distance bgp 20 200 200 351 | graceful-restart restart-time 300 352 | graceful-restart 353 | maximum-paths 4 ecmp 4 354 | neighbor EVPN-OVERLAY-PEERS peer group 355 | neighbor EVPN-OVERLAY-PEERS next-hop-unchanged 356 | neighbor EVPN-OVERLAY-PEERS update-source Loopback0 357 | neighbor EVPN-OVERLAY-PEERS bfd 358 | neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 359 | neighbor EVPN-OVERLAY-PEERS password 7 360 | neighbor EVPN-OVERLAY-PEERS send-community 361 | neighbor EVPN-OVERLAY-PEERS maximum-routes 0 362 | neighbor IPv4-UNDERLAY-PEERS peer group 363 | neighbor IPv4-UNDERLAY-PEERS password 7 364 | neighbor IPv4-UNDERLAY-PEERS send-community 365 | neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 366 | neighbor 172.30.255.3 peer group IPv4-UNDERLAY-PEERS 367 | neighbor 172.30.255.3 remote-as 65101 368 | neighbor 172.30.255.3 description s1-leaf1_Ethernet3 369 | neighbor 172.30.255.7 peer group IPv4-UNDERLAY-PEERS 370 | neighbor 172.30.255.7 remote-as 65101 371 | neighbor 172.30.255.7 description s1-leaf2_Ethernet3 372 | neighbor 172.30.255.11 peer group IPv4-UNDERLAY-PEERS 373 | neighbor 172.30.255.11 remote-as 65102 374 | neighbor 172.30.255.11 description s1-leaf3_Ethernet3 375 | neighbor 172.30.255.15 peer group IPv4-UNDERLAY-PEERS 376 | neighbor 172.30.255.15 remote-as 65102 377 | neighbor 172.30.255.15 description s1-leaf4_Ethernet3 378 | neighbor 192.0.255.3 peer group EVPN-OVERLAY-PEERS 379 | neighbor 192.0.255.3 remote-as 65101 380 | neighbor 192.0.255.3 description s1-leaf1_Loopback0 381 | neighbor 192.0.255.4 peer group EVPN-OVERLAY-PEERS 382 | neighbor 192.0.255.4 remote-as 65101 383 | neighbor 192.0.255.4 description s1-leaf2_Loopback0 384 | neighbor 192.0.255.5 peer group EVPN-OVERLAY-PEERS 385 | neighbor 192.0.255.5 remote-as 65102 386 | neighbor 192.0.255.5 description s1-leaf3_Loopback0 387 | neighbor 192.0.255.6 peer group EVPN-OVERLAY-PEERS 388 | neighbor 192.0.255.6 remote-as 65102 389 | neighbor 192.0.255.6 description s1-leaf4_Loopback0 390 | redistribute connected route-map RM-CONN-2-BGP 391 | ! 392 | address-family evpn 393 | neighbor EVPN-OVERLAY-PEERS activate 394 | ! 395 | address-family ipv4 396 | no neighbor EVPN-OVERLAY-PEERS activate 397 | neighbor IPv4-UNDERLAY-PEERS activate 398 | ``` 399 | 400 | ## BFD 401 | 402 | ### Router BFD 403 | 404 | #### Router BFD Multihop Summary 405 | 406 | | Interval | Minimum RX | Multiplier | 407 | | -------- | ---------- | ---------- | 408 | | 1200 | 1200 | 3 | 409 | 410 | #### Router BFD Device Configuration 411 | 412 | ```eos 413 | ! 414 | router bfd 415 | multihop interval 1200 min-rx 1200 multiplier 3 416 | ``` 417 | 418 | ## Filters 419 | 420 | ### Prefix-lists 421 | 422 | #### Prefix-lists Summary 423 | 424 | ##### PL-LOOPBACKS-EVPN-OVERLAY 425 | 426 | | Sequence | Action | 427 | | -------- | ------ | 428 | | 10 | permit 192.0.255.0/24 eq 32 | 429 | 430 | #### Prefix-lists Device Configuration 431 | 432 | ```eos 433 | ! 434 | ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY 435 | seq 10 permit 192.0.255.0/24 eq 32 436 | ``` 437 | 438 | ### Route-maps 439 | 440 | #### Route-maps Summary 441 | 442 | ##### RM-CONN-2-BGP 443 | 444 | | Sequence | Type | Match | Set | Sub-Route-Map | Continue | 445 | | -------- | ---- | ----- | --- | ------------- | -------- | 446 | | 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - | 447 | 448 | #### Route-maps Device Configuration 449 | 450 | ```eos 451 | ! 452 | route-map RM-CONN-2-BGP permit 10 453 | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 454 | ``` 455 | 456 | ## VRF Instances 457 | 458 | ### VRF Instances Summary 459 | 460 | | VRF Name | IP Routing | 461 | | -------- | ---------- | 462 | 463 | ### VRF Instances Device Configuration 464 | 465 | ```eos 466 | ``` 467 | -------------------------------------------------------------------------------- /atd-inventory/documentation/devices/s1-leaf1.md: -------------------------------------------------------------------------------- 1 | # s1-leaf1 2 | 3 | ## Table of Contents 4 | 5 | - [Management](#management) 6 | - [Management Interfaces](#management-interfaces) 7 | - [DNS Domain](#dns-domain) 8 | - [IP Name Servers](#ip-name-servers) 9 | - [Management API HTTP](#management-api-http) 10 | - [Authentication](#authentication) 11 | - [Enable Password](#enable-password) 12 | - [MLAG](#mlag) 13 | - [MLAG Summary](#mlag-summary) 14 | - [MLAG Device Configuration](#mlag-device-configuration) 15 | - [Spanning Tree](#spanning-tree) 16 | - [Spanning Tree Summary](#spanning-tree-summary) 17 | - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) 18 | - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) 19 | - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) 20 | - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) 21 | - [VLANs](#vlans) 22 | - [VLANs Summary](#vlans-summary) 23 | - [VLANs Device Configuration](#vlans-device-configuration) 24 | - [Interfaces](#interfaces) 25 | - [Ethernet Interfaces](#ethernet-interfaces) 26 | - [Port-Channel Interfaces](#port-channel-interfaces) 27 | - [Loopback Interfaces](#loopback-interfaces) 28 | - [VLAN Interfaces](#vlan-interfaces) 29 | - [VXLAN Interface](#vxlan-interface) 30 | - [Routing](#routing) 31 | - [Service Routing Protocols Model](#service-routing-protocols-model) 32 | - [Virtual Router MAC Address](#virtual-router-mac-address) 33 | - [IP Routing](#ip-routing) 34 | - [IPv6 Routing](#ipv6-routing) 35 | - [Static Routes](#static-routes) 36 | - [Router BGP](#router-bgp) 37 | - [BFD](#bfd) 38 | - [Router BFD](#router-bfd) 39 | - [Multicast](#multicast) 40 | - [IP IGMP Snooping](#ip-igmp-snooping) 41 | - [Filters](#filters) 42 | - [Prefix-lists](#prefix-lists) 43 | - [Route-maps](#route-maps) 44 | - [VRF Instances](#vrf-instances) 45 | - [VRF Instances Summary](#vrf-instances-summary) 46 | - [VRF Instances Device Configuration](#vrf-instances-device-configuration) 47 | - [Virtual Source NAT](#virtual-source-nat) 48 | - [Virtual Source NAT Summary](#virtual-source-nat-summary) 49 | - [Virtual Source NAT Configuration](#virtual-source-nat-configuration) 50 | 51 | ## Management 52 | 53 | ### Management Interfaces 54 | 55 | #### Management Interfaces Summary 56 | 57 | ##### IPv4 58 | 59 | | Management Interface | Description | Type | VRF | IP Address | Gateway | 60 | | -------------------- | ----------- | ---- | --- | ---------- | ------- | 61 | | Management0 | OOB_MANAGEMENT | oob | default | 192.168.0.12/24 | 192.168.0.1 | 62 | 63 | ##### IPv6 64 | 65 | | Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | 66 | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | 67 | | Management0 | OOB_MANAGEMENT | oob | default | - | - | 68 | 69 | #### Management Interfaces Device Configuration 70 | 71 | ```eos 72 | ! 73 | interface Management0 74 | description OOB_MANAGEMENT 75 | no shutdown 76 | ip address 192.168.0.12/24 77 | ``` 78 | 79 | ### DNS Domain 80 | 81 | DNS domain: atd.lab 82 | 83 | #### DNS Domain Device Configuration 84 | 85 | ```eos 86 | dns domain atd.lab 87 | ! 88 | ``` 89 | 90 | ### IP Name Servers 91 | 92 | #### IP Name Servers Summary 93 | 94 | | Name Server | VRF | Priority | 95 | | ----------- | --- | -------- | 96 | | 192.168.2.1 | default | - | 97 | | 8.8.8.8 | default | - | 98 | 99 | #### IP Name Servers Device Configuration 100 | 101 | ```eos 102 | ip name-server vrf default 8.8.8.8 103 | ip name-server vrf default 192.168.2.1 104 | ``` 105 | 106 | ### Management API HTTP 107 | 108 | #### Management API HTTP Summary 109 | 110 | | HTTP | HTTPS | Default Services | 111 | | ---- | ----- | ---------------- | 112 | | False | True | - | 113 | 114 | #### Management API VRF Access 115 | 116 | | VRF Name | IPv4 ACL | IPv6 ACL | 117 | | -------- | -------- | -------- | 118 | | default | - | - | 119 | 120 | #### Management API HTTP Device Configuration 121 | 122 | ```eos 123 | ! 124 | management api http-commands 125 | protocol https 126 | no shutdown 127 | ! 128 | vrf default 129 | no shutdown 130 | ``` 131 | 132 | ## Authentication 133 | 134 | ### Enable Password 135 | 136 | Enable password has been disabled 137 | 138 | ## MLAG 139 | 140 | ### MLAG Summary 141 | 142 | | Domain-id | Local-interface | Peer-address | Peer-link | 143 | | --------- | --------------- | ------------ | --------- | 144 | | pod1 | Vlan4094 | 10.255.252.1 | Port-Channel1 | 145 | 146 | Dual primary detection is disabled. 147 | 148 | ### MLAG Device Configuration 149 | 150 | ```eos 151 | ! 152 | mlag configuration 153 | domain-id pod1 154 | local-interface Vlan4094 155 | peer-address 10.255.252.1 156 | peer-link Port-Channel1 157 | reload-delay mlag 300 158 | reload-delay non-mlag 330 159 | ``` 160 | 161 | ## Spanning Tree 162 | 163 | ### Spanning Tree Summary 164 | 165 | STP mode: **mstp** 166 | 167 | #### MSTP Instance and Priority 168 | 169 | | Instance(s) | Priority | 170 | | -------- | -------- | 171 | | 0 | 16384 | 172 | 173 | #### Global Spanning-Tree Settings 174 | 175 | - Spanning Tree disabled for VLANs: **4093-4094** 176 | 177 | ### Spanning Tree Device Configuration 178 | 179 | ```eos 180 | ! 181 | spanning-tree mode mstp 182 | no spanning-tree vlan-id 4093-4094 183 | spanning-tree mst 0 priority 16384 184 | ``` 185 | 186 | ## Internal VLAN Allocation Policy 187 | 188 | ### Internal VLAN Allocation Policy Summary 189 | 190 | | Policy Allocation | Range Beginning | Range Ending | 191 | | ------------------| --------------- | ------------ | 192 | | ascending | 1006 | 1199 | 193 | 194 | ### Internal VLAN Allocation Policy Device Configuration 195 | 196 | ```eos 197 | ! 198 | vlan internal order ascending range 1006 1199 199 | ``` 200 | 201 | ## VLANs 202 | 203 | ### VLANs Summary 204 | 205 | | VLAN ID | Name | Trunk Groups | 206 | | ------- | ---- | ------------ | 207 | | 110 | Tenant_A_OP_Zone_1 | - | 208 | | 160 | Tenant_A_VMOTION | - | 209 | | 3009 | MLAG_L3_VRF_Tenant_A_OP_Zone | MLAG | 210 | | 4093 | MLAG_L3 | MLAG | 211 | | 4094 | MLAG | MLAG | 212 | 213 | ### VLANs Device Configuration 214 | 215 | ```eos 216 | ! 217 | vlan 110 218 | name Tenant_A_OP_Zone_1 219 | ! 220 | vlan 160 221 | name Tenant_A_VMOTION 222 | ! 223 | vlan 3009 224 | name MLAG_L3_VRF_Tenant_A_OP_Zone 225 | trunk group MLAG 226 | ! 227 | vlan 4093 228 | name MLAG_L3 229 | trunk group MLAG 230 | ! 231 | vlan 4094 232 | name MLAG 233 | trunk group MLAG 234 | ``` 235 | 236 | ## Interfaces 237 | 238 | ### Ethernet Interfaces 239 | 240 | #### Ethernet Interfaces Summary 241 | 242 | ##### L2 243 | 244 | | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | 245 | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | 246 | | Ethernet1 | MLAG_s1-leaf2_Ethernet1 | *trunk | *- | *- | *MLAG | 1 | 247 | | Ethernet4 | SERVER_s1-host1_Eth1 | *access | *110 | *- | *- | 4 | 248 | | Ethernet6 | MLAG_s1-leaf2_Ethernet6 | *trunk | *- | *- | *MLAG | 1 | 249 | 250 | *Inherited from Port-Channel Interface 251 | 252 | ##### IPv4 253 | 254 | | Interface | Description | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | 255 | | --------- | ----------- | ------------- | ---------- | ----| ---- | -------- | ------ | ------- | 256 | | Ethernet2 | P2P_s1-spine1_Ethernet2 | - | 172.30.255.1/31 | default | 1500 | False | - | - | 257 | | Ethernet3 | P2P_s1-spine2_Ethernet2 | - | 172.30.255.3/31 | default | 1500 | False | - | - | 258 | 259 | #### Ethernet Interfaces Device Configuration 260 | 261 | ```eos 262 | ! 263 | interface Ethernet1 264 | description MLAG_s1-leaf2_Ethernet1 265 | no shutdown 266 | channel-group 1 mode active 267 | ! 268 | interface Ethernet2 269 | description P2P_s1-spine1_Ethernet2 270 | no shutdown 271 | mtu 1500 272 | no switchport 273 | ip address 172.30.255.1/31 274 | ! 275 | interface Ethernet3 276 | description P2P_s1-spine2_Ethernet2 277 | no shutdown 278 | mtu 1500 279 | no switchport 280 | ip address 172.30.255.3/31 281 | ! 282 | interface Ethernet4 283 | description SERVER_s1-host1_Eth1 284 | no shutdown 285 | channel-group 4 mode active 286 | ! 287 | interface Ethernet6 288 | description MLAG_s1-leaf2_Ethernet6 289 | no shutdown 290 | channel-group 1 mode active 291 | ``` 292 | 293 | ### Port-Channel Interfaces 294 | 295 | #### Port-Channel Interfaces Summary 296 | 297 | ##### L2 298 | 299 | | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | 300 | | --------- | ----------- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | 301 | | Port-Channel1 | MLAG_s1-leaf2_Port-Channel1 | trunk | - | - | MLAG | - | - | - | - | 302 | | Port-Channel4 | PortChannel | access | 110 | - | - | - | - | 4 | - | 303 | 304 | #### Port-Channel Interfaces Device Configuration 305 | 306 | ```eos 307 | ! 308 | interface Port-Channel1 309 | description MLAG_s1-leaf2_Port-Channel1 310 | no shutdown 311 | switchport mode trunk 312 | switchport trunk group MLAG 313 | switchport 314 | ! 315 | interface Port-Channel4 316 | description PortChannel 317 | no shutdown 318 | switchport access vlan 110 319 | switchport mode access 320 | switchport 321 | mlag 4 322 | ``` 323 | 324 | ### Loopback Interfaces 325 | 326 | #### Loopback Interfaces Summary 327 | 328 | ##### IPv4 329 | 330 | | Interface | Description | VRF | IP Address | 331 | | --------- | ----------- | --- | ---------- | 332 | | Loopback0 | ROUTER_ID | default | 192.0.255.3/32 | 333 | | Loopback1 | VXLAN_TUNNEL_SOURCE | default | 192.0.254.3/32 | 334 | | Loopback100 | DIAG_VRF_Tenant_A_OP_Zone | Tenant_A_OP_Zone | 10.255.1.3/32 | 335 | 336 | ##### IPv6 337 | 338 | | Interface | Description | VRF | IPv6 Address | 339 | | --------- | ----------- | --- | ------------ | 340 | | Loopback0 | ROUTER_ID | default | - | 341 | | Loopback1 | VXLAN_TUNNEL_SOURCE | default | - | 342 | | Loopback100 | DIAG_VRF_Tenant_A_OP_Zone | Tenant_A_OP_Zone | - | 343 | 344 | #### Loopback Interfaces Device Configuration 345 | 346 | ```eos 347 | ! 348 | interface Loopback0 349 | description ROUTER_ID 350 | no shutdown 351 | ip address 192.0.255.3/32 352 | ! 353 | interface Loopback1 354 | description VXLAN_TUNNEL_SOURCE 355 | no shutdown 356 | ip address 192.0.254.3/32 357 | ! 358 | interface Loopback100 359 | description DIAG_VRF_Tenant_A_OP_Zone 360 | no shutdown 361 | vrf Tenant_A_OP_Zone 362 | ip address 10.255.1.3/32 363 | ``` 364 | 365 | ### VLAN Interfaces 366 | 367 | #### VLAN Interfaces Summary 368 | 369 | | Interface | Description | VRF | MTU | Shutdown | 370 | | --------- | ----------- | --- | ---- | -------- | 371 | | Vlan110 | Tenant_A_OP_Zone_1 | Tenant_A_OP_Zone | - | False | 372 | | Vlan3009 | MLAG_L3_VRF_Tenant_A_OP_Zone | Tenant_A_OP_Zone | 1500 | False | 373 | | Vlan4093 | MLAG_L3 | default | 1500 | False | 374 | | Vlan4094 | MLAG | default | 1500 | False | 375 | 376 | ##### IPv4 377 | 378 | | Interface | VRF | IP Address | IP Address Virtual | IP Router Virtual Address | ACL In | ACL Out | 379 | | --------- | --- | ---------- | ------------------ | ------------------------- | ------ | ------- | 380 | | Vlan110 | Tenant_A_OP_Zone | - | 10.1.10.1/24 | - | - | - | 381 | | Vlan3009 | Tenant_A_OP_Zone | 10.255.251.0/31 | - | - | - | - | 382 | | Vlan4093 | default | 10.255.251.0/31 | - | - | - | - | 383 | | Vlan4094 | default | 10.255.252.0/31 | - | - | - | - | 384 | 385 | #### VLAN Interfaces Device Configuration 386 | 387 | ```eos 388 | ! 389 | interface Vlan110 390 | description Tenant_A_OP_Zone_1 391 | no shutdown 392 | vrf Tenant_A_OP_Zone 393 | ip address virtual 10.1.10.1/24 394 | ! 395 | interface Vlan3009 396 | description MLAG_L3_VRF_Tenant_A_OP_Zone 397 | no shutdown 398 | mtu 1500 399 | vrf Tenant_A_OP_Zone 400 | ip address 10.255.251.0/31 401 | ! 402 | interface Vlan4093 403 | description MLAG_L3 404 | no shutdown 405 | mtu 1500 406 | ip address 10.255.251.0/31 407 | ! 408 | interface Vlan4094 409 | description MLAG 410 | no shutdown 411 | mtu 1500 412 | no autostate 413 | ip address 10.255.252.0/31 414 | ``` 415 | 416 | ### VXLAN Interface 417 | 418 | #### VXLAN Interface Summary 419 | 420 | | Setting | Value | 421 | | ------- | ----- | 422 | | Source Interface | Loopback1 | 423 | | UDP port | 4789 | 424 | | EVPN MLAG Shared Router MAC | mlag-system-id | 425 | 426 | ##### VLAN to VNI, Flood List and Multicast Group Mappings 427 | 428 | | VLAN | VNI | Flood List | Multicast Group | 429 | | ---- | --- | ---------- | --------------- | 430 | | 110 | 10110 | - | - | 431 | | 160 | 55160 | - | - | 432 | 433 | ##### VRF to VNI and Multicast Group Mappings 434 | 435 | | VRF | VNI | Multicast Group | 436 | | ---- | --- | --------------- | 437 | | Tenant_A_OP_Zone | 10 | - | 438 | 439 | #### VXLAN Interface Device Configuration 440 | 441 | ```eos 442 | ! 443 | interface Vxlan1 444 | description s1-leaf1_VTEP 445 | vxlan source-interface Loopback1 446 | vxlan virtual-router encapsulation mac-address mlag-system-id 447 | vxlan udp-port 4789 448 | vxlan vlan 110 vni 10110 449 | vxlan vlan 160 vni 55160 450 | vxlan vrf Tenant_A_OP_Zone vni 10 451 | ``` 452 | 453 | ## Routing 454 | 455 | ### Service Routing Protocols Model 456 | 457 | Multi agent routing protocol model enabled 458 | 459 | ```eos 460 | ! 461 | service routing protocols model multi-agent 462 | ``` 463 | 464 | ### Virtual Router MAC Address 465 | 466 | #### Virtual Router MAC Address Summary 467 | 468 | Virtual Router MAC Address: 00:1c:73:00:dc:01 469 | 470 | #### Virtual Router MAC Address Device Configuration 471 | 472 | ```eos 473 | ! 474 | ip virtual-router mac-address 00:1c:73:00:dc:01 475 | ``` 476 | 477 | ### IP Routing 478 | 479 | #### IP Routing Summary 480 | 481 | | VRF | Routing Enabled | 482 | | --- | --------------- | 483 | | default | True | 484 | | Tenant_A_OP_Zone | True | 485 | 486 | #### IP Routing Device Configuration 487 | 488 | ```eos 489 | ! 490 | ip routing 491 | ip routing vrf Tenant_A_OP_Zone 492 | ``` 493 | 494 | ### IPv6 Routing 495 | 496 | #### IPv6 Routing Summary 497 | 498 | | VRF | Routing Enabled | 499 | | --- | --------------- | 500 | | default | False | 501 | | default | false | 502 | | Tenant_A_OP_Zone | false | 503 | 504 | ### Static Routes 505 | 506 | #### Static Routes Summary 507 | 508 | | VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | 509 | | --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | 510 | | default | 0.0.0.0/0 | 192.168.0.1 | - | 1 | - | - | - | 511 | 512 | #### Static Routes Device Configuration 513 | 514 | ```eos 515 | ! 516 | ip route 0.0.0.0/0 192.168.0.1 517 | ``` 518 | 519 | ### Router BGP 520 | 521 | ASN Notation: asplain 522 | 523 | #### Router BGP Summary 524 | 525 | | BGP AS | Router ID | 526 | | ------ | --------- | 527 | | 65101 | 192.0.255.3 | 528 | 529 | | BGP Tuning | 530 | | ---------- | 531 | | graceful-restart restart-time 300 | 532 | | graceful-restart | 533 | | no bgp default ipv4-unicast | 534 | | distance bgp 20 200 200 | 535 | | maximum-paths 4 ecmp 4 | 536 | 537 | #### Router BGP Peer Groups 538 | 539 | ##### EVPN-OVERLAY-PEERS 540 | 541 | | Settings | Value | 542 | | -------- | ----- | 543 | | Address Family | evpn | 544 | | Source | Loopback0 | 545 | | BFD | True | 546 | | Ebgp multihop | 3 | 547 | | Send community | all | 548 | | Maximum routes | 0 (no limit) | 549 | 550 | ##### IPv4-UNDERLAY-PEERS 551 | 552 | | Settings | Value | 553 | | -------- | ----- | 554 | | Address Family | ipv4 | 555 | | Send community | all | 556 | | Maximum routes | 12000 | 557 | 558 | ##### MLAG-IPv4-UNDERLAY-PEER 559 | 560 | | Settings | Value | 561 | | -------- | ----- | 562 | | Address Family | ipv4 | 563 | | Remote AS | 65101 | 564 | | Next-hop self | True | 565 | | Send community | all | 566 | | Maximum routes | 12000 | 567 | 568 | #### BGP Neighbors 569 | 570 | | Neighbor | Remote AS | VRF | Shutdown | Send-community | Maximum-routes | Allowas-in | BFD | RIB Pre-Policy Retain | Route-Reflector Client | Passive | TTL Max Hops | 571 | | -------- | --------- | --- | -------- | -------------- | -------------- | ---------- | --- | --------------------- | ---------------------- | ------- | ------------ | 572 | | 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | default | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | 573 | | 172.30.255.0 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | 574 | | 172.30.255.2 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | 575 | | 192.0.255.1 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | 576 | | 192.0.255.2 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | 577 | | 10.255.251.1 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | 578 | 579 | #### Router BGP EVPN Address Family 580 | 581 | ##### EVPN Peer Groups 582 | 583 | | Peer Group | Activate | Route-map In | Route-map Out | Encapsulation | 584 | | ---------- | -------- | ------------ | ------------- | ------------- | 585 | | EVPN-OVERLAY-PEERS | True | - | - | default | 586 | 587 | #### Router BGP VLAN Aware Bundles 588 | 589 | | VLAN Aware Bundle | Route-Distinguisher | Both Route-Target | Import Route Target | Export Route-Target | Redistribute | VLANs | 590 | | ----------------- | ------------------- | ----------------- | ------------------- | ------------------- | ------------ | ----- | 591 | | Tenant_A_OP_Zone | 192.0.255.3:10 | 10:10 | - | - | learned | 110 | 592 | | Tenant_A_VMOTION | 192.0.255.3:55160 | 55160:55160 | - | - | learned | 160 | 593 | 594 | #### Router BGP VRFs 595 | 596 | | VRF | Route-Distinguisher | Redistribute | 597 | | --- | ------------------- | ------------ | 598 | | Tenant_A_OP_Zone | 192.0.255.3:10 | connected | 599 | 600 | #### Router BGP Device Configuration 601 | 602 | ```eos 603 | ! 604 | router bgp 65101 605 | router-id 192.0.255.3 606 | no bgp default ipv4-unicast 607 | distance bgp 20 200 200 608 | graceful-restart restart-time 300 609 | graceful-restart 610 | maximum-paths 4 ecmp 4 611 | neighbor EVPN-OVERLAY-PEERS peer group 612 | neighbor EVPN-OVERLAY-PEERS update-source Loopback0 613 | neighbor EVPN-OVERLAY-PEERS bfd 614 | neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 615 | neighbor EVPN-OVERLAY-PEERS password 7 616 | neighbor EVPN-OVERLAY-PEERS send-community 617 | neighbor EVPN-OVERLAY-PEERS maximum-routes 0 618 | neighbor IPv4-UNDERLAY-PEERS peer group 619 | neighbor IPv4-UNDERLAY-PEERS password 7 620 | neighbor IPv4-UNDERLAY-PEERS send-community 621 | neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 622 | neighbor MLAG-IPv4-UNDERLAY-PEER peer group 623 | neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101 624 | neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self 625 | neighbor MLAG-IPv4-UNDERLAY-PEER description s1-leaf2 626 | neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in 627 | neighbor MLAG-IPv4-UNDERLAY-PEER password 7 628 | neighbor MLAG-IPv4-UNDERLAY-PEER send-community 629 | neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 630 | neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER 631 | neighbor 10.255.251.1 description s1-leaf2_Vlan4093 632 | neighbor 172.30.255.0 peer group IPv4-UNDERLAY-PEERS 633 | neighbor 172.30.255.0 remote-as 65001 634 | neighbor 172.30.255.0 description s1-spine1_Ethernet2 635 | neighbor 172.30.255.2 peer group IPv4-UNDERLAY-PEERS 636 | neighbor 172.30.255.2 remote-as 65001 637 | neighbor 172.30.255.2 description s1-spine2_Ethernet2 638 | neighbor 192.0.255.1 peer group EVPN-OVERLAY-PEERS 639 | neighbor 192.0.255.1 remote-as 65001 640 | neighbor 192.0.255.1 description s1-spine1_Loopback0 641 | neighbor 192.0.255.2 peer group EVPN-OVERLAY-PEERS 642 | neighbor 192.0.255.2 remote-as 65001 643 | neighbor 192.0.255.2 description s1-spine2_Loopback0 644 | redistribute connected route-map RM-CONN-2-BGP 645 | ! 646 | vlan-aware-bundle Tenant_A_OP_Zone 647 | rd 192.0.255.3:10 648 | route-target both 10:10 649 | redistribute learned 650 | vlan 110 651 | ! 652 | vlan-aware-bundle Tenant_A_VMOTION 653 | rd 192.0.255.3:55160 654 | route-target both 55160:55160 655 | redistribute learned 656 | vlan 160 657 | ! 658 | address-family evpn 659 | neighbor EVPN-OVERLAY-PEERS activate 660 | ! 661 | address-family ipv4 662 | no neighbor EVPN-OVERLAY-PEERS activate 663 | neighbor IPv4-UNDERLAY-PEERS activate 664 | neighbor MLAG-IPv4-UNDERLAY-PEER activate 665 | ! 666 | vrf Tenant_A_OP_Zone 667 | rd 192.0.255.3:10 668 | route-target import evpn 10:10 669 | route-target export evpn 10:10 670 | router-id 192.0.255.3 671 | neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER 672 | neighbor 10.255.251.1 description s1-leaf2_Vlan3009 673 | redistribute connected route-map RM-CONN-2-BGP-VRFS 674 | ``` 675 | 676 | ## BFD 677 | 678 | ### Router BFD 679 | 680 | #### Router BFD Multihop Summary 681 | 682 | | Interval | Minimum RX | Multiplier | 683 | | -------- | ---------- | ---------- | 684 | | 1200 | 1200 | 3 | 685 | 686 | #### Router BFD Device Configuration 687 | 688 | ```eos 689 | ! 690 | router bfd 691 | multihop interval 1200 min-rx 1200 multiplier 3 692 | ``` 693 | 694 | ## Multicast 695 | 696 | ### IP IGMP Snooping 697 | 698 | #### IP IGMP Snooping Summary 699 | 700 | | IGMP Snooping | Fast Leave | Interface Restart Query | Proxy | Restart Query Interval | Robustness Variable | 701 | | ------------- | ---------- | ----------------------- | ----- | ---------------------- | ------------------- | 702 | | Enabled | - | - | - | - | - | 703 | 704 | #### IP IGMP Snooping Device Configuration 705 | 706 | ```eos 707 | ``` 708 | 709 | ## Filters 710 | 711 | ### Prefix-lists 712 | 713 | #### Prefix-lists Summary 714 | 715 | ##### PL-LOOPBACKS-EVPN-OVERLAY 716 | 717 | | Sequence | Action | 718 | | -------- | ------ | 719 | | 10 | permit 192.0.255.0/24 eq 32 | 720 | | 20 | permit 192.0.254.0/24 eq 32 | 721 | 722 | ##### PL-MLAG-PEER-VRFS 723 | 724 | | Sequence | Action | 725 | | -------- | ------ | 726 | | 10 | permit 10.255.251.0/31 | 727 | 728 | #### Prefix-lists Device Configuration 729 | 730 | ```eos 731 | ! 732 | ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY 733 | seq 10 permit 192.0.255.0/24 eq 32 734 | seq 20 permit 192.0.254.0/24 eq 32 735 | ! 736 | ip prefix-list PL-MLAG-PEER-VRFS 737 | seq 10 permit 10.255.251.0/31 738 | ``` 739 | 740 | ### Route-maps 741 | 742 | #### Route-maps Summary 743 | 744 | ##### RM-CONN-2-BGP 745 | 746 | | Sequence | Type | Match | Set | Sub-Route-Map | Continue | 747 | | -------- | ---- | ----- | --- | ------------- | -------- | 748 | | 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - | 749 | 750 | ##### RM-CONN-2-BGP-VRFS 751 | 752 | | Sequence | Type | Match | Set | Sub-Route-Map | Continue | 753 | | -------- | ---- | ----- | --- | ------------- | -------- | 754 | | 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - | 755 | | 20 | permit | - | - | - | - | 756 | 757 | ##### RM-MLAG-PEER-IN 758 | 759 | | Sequence | Type | Match | Set | Sub-Route-Map | Continue | 760 | | -------- | ---- | ----- | --- | ------------- | -------- | 761 | | 10 | permit | - | origin incomplete | - | - | 762 | 763 | #### Route-maps Device Configuration 764 | 765 | ```eos 766 | ! 767 | route-map RM-CONN-2-BGP permit 10 768 | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 769 | ! 770 | route-map RM-CONN-2-BGP-VRFS deny 10 771 | match ip address prefix-list PL-MLAG-PEER-VRFS 772 | ! 773 | route-map RM-CONN-2-BGP-VRFS permit 20 774 | ! 775 | route-map RM-MLAG-PEER-IN permit 10 776 | description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing 777 | set origin incomplete 778 | ``` 779 | 780 | ## VRF Instances 781 | 782 | ### VRF Instances Summary 783 | 784 | | VRF Name | IP Routing | 785 | | -------- | ---------- | 786 | | Tenant_A_OP_Zone | enabled | 787 | 788 | ### VRF Instances Device Configuration 789 | 790 | ```eos 791 | ! 792 | vrf instance Tenant_A_OP_Zone 793 | ``` 794 | 795 | ## Virtual Source NAT 796 | 797 | ### Virtual Source NAT Summary 798 | 799 | | Source NAT VRF | Source NAT IPv4 Address | Source NAT IPv6 Address | 800 | | -------------- | ----------------------- | ----------------------- | 801 | | Tenant_A_OP_Zone | 10.255.1.3 | - | 802 | 803 | ### Virtual Source NAT Configuration 804 | 805 | ```eos 806 | ! 807 | ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.3 808 | ``` 809 | -------------------------------------------------------------------------------- /atd-inventory/documentation/devices/s1-leaf2.md: -------------------------------------------------------------------------------- 1 | # s1-leaf2 2 | 3 | ## Table of Contents 4 | 5 | - [Management](#management) 6 | - [Management Interfaces](#management-interfaces) 7 | - [DNS Domain](#dns-domain) 8 | - [IP Name Servers](#ip-name-servers) 9 | - [Management API HTTP](#management-api-http) 10 | - [Authentication](#authentication) 11 | - [Enable Password](#enable-password) 12 | - [MLAG](#mlag) 13 | - [MLAG Summary](#mlag-summary) 14 | - [MLAG Device Configuration](#mlag-device-configuration) 15 | - [Spanning Tree](#spanning-tree) 16 | - [Spanning Tree Summary](#spanning-tree-summary) 17 | - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) 18 | - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) 19 | - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) 20 | - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) 21 | - [VLANs](#vlans) 22 | - [VLANs Summary](#vlans-summary) 23 | - [VLANs Device Configuration](#vlans-device-configuration) 24 | - [Interfaces](#interfaces) 25 | - [Ethernet Interfaces](#ethernet-interfaces) 26 | - [Port-Channel Interfaces](#port-channel-interfaces) 27 | - [Loopback Interfaces](#loopback-interfaces) 28 | - [VLAN Interfaces](#vlan-interfaces) 29 | - [VXLAN Interface](#vxlan-interface) 30 | - [Routing](#routing) 31 | - [Service Routing Protocols Model](#service-routing-protocols-model) 32 | - [Virtual Router MAC Address](#virtual-router-mac-address) 33 | - [IP Routing](#ip-routing) 34 | - [IPv6 Routing](#ipv6-routing) 35 | - [Static Routes](#static-routes) 36 | - [Router BGP](#router-bgp) 37 | - [BFD](#bfd) 38 | - [Router BFD](#router-bfd) 39 | - [Multicast](#multicast) 40 | - [IP IGMP Snooping](#ip-igmp-snooping) 41 | - [Filters](#filters) 42 | - [Prefix-lists](#prefix-lists) 43 | - [Route-maps](#route-maps) 44 | - [VRF Instances](#vrf-instances) 45 | - [VRF Instances Summary](#vrf-instances-summary) 46 | - [VRF Instances Device Configuration](#vrf-instances-device-configuration) 47 | - [Virtual Source NAT](#virtual-source-nat) 48 | - [Virtual Source NAT Summary](#virtual-source-nat-summary) 49 | - [Virtual Source NAT Configuration](#virtual-source-nat-configuration) 50 | 51 | ## Management 52 | 53 | ### Management Interfaces 54 | 55 | #### Management Interfaces Summary 56 | 57 | ##### IPv4 58 | 59 | | Management Interface | Description | Type | VRF | IP Address | Gateway | 60 | | -------------------- | ----------- | ---- | --- | ---------- | ------- | 61 | | Management0 | OOB_MANAGEMENT | oob | default | 192.168.0.13/24 | 192.168.0.1 | 62 | 63 | ##### IPv6 64 | 65 | | Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | 66 | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | 67 | | Management0 | OOB_MANAGEMENT | oob | default | - | - | 68 | 69 | #### Management Interfaces Device Configuration 70 | 71 | ```eos 72 | ! 73 | interface Management0 74 | description OOB_MANAGEMENT 75 | no shutdown 76 | ip address 192.168.0.13/24 77 | ``` 78 | 79 | ### DNS Domain 80 | 81 | DNS domain: atd.lab 82 | 83 | #### DNS Domain Device Configuration 84 | 85 | ```eos 86 | dns domain atd.lab 87 | ! 88 | ``` 89 | 90 | ### IP Name Servers 91 | 92 | #### IP Name Servers Summary 93 | 94 | | Name Server | VRF | Priority | 95 | | ----------- | --- | -------- | 96 | | 192.168.2.1 | default | - | 97 | | 8.8.8.8 | default | - | 98 | 99 | #### IP Name Servers Device Configuration 100 | 101 | ```eos 102 | ip name-server vrf default 8.8.8.8 103 | ip name-server vrf default 192.168.2.1 104 | ``` 105 | 106 | ### Management API HTTP 107 | 108 | #### Management API HTTP Summary 109 | 110 | | HTTP | HTTPS | Default Services | 111 | | ---- | ----- | ---------------- | 112 | | False | True | - | 113 | 114 | #### Management API VRF Access 115 | 116 | | VRF Name | IPv4 ACL | IPv6 ACL | 117 | | -------- | -------- | -------- | 118 | | default | - | - | 119 | 120 | #### Management API HTTP Device Configuration 121 | 122 | ```eos 123 | ! 124 | management api http-commands 125 | protocol https 126 | no shutdown 127 | ! 128 | vrf default 129 | no shutdown 130 | ``` 131 | 132 | ## Authentication 133 | 134 | ### Enable Password 135 | 136 | Enable password has been disabled 137 | 138 | ## MLAG 139 | 140 | ### MLAG Summary 141 | 142 | | Domain-id | Local-interface | Peer-address | Peer-link | 143 | | --------- | --------------- | ------------ | --------- | 144 | | pod1 | Vlan4094 | 10.255.252.0 | Port-Channel1 | 145 | 146 | Dual primary detection is disabled. 147 | 148 | ### MLAG Device Configuration 149 | 150 | ```eos 151 | ! 152 | mlag configuration 153 | domain-id pod1 154 | local-interface Vlan4094 155 | peer-address 10.255.252.0 156 | peer-link Port-Channel1 157 | reload-delay mlag 300 158 | reload-delay non-mlag 330 159 | ``` 160 | 161 | ## Spanning Tree 162 | 163 | ### Spanning Tree Summary 164 | 165 | STP mode: **mstp** 166 | 167 | #### MSTP Instance and Priority 168 | 169 | | Instance(s) | Priority | 170 | | -------- | -------- | 171 | | 0 | 16384 | 172 | 173 | #### Global Spanning-Tree Settings 174 | 175 | - Spanning Tree disabled for VLANs: **4093-4094** 176 | 177 | ### Spanning Tree Device Configuration 178 | 179 | ```eos 180 | ! 181 | spanning-tree mode mstp 182 | no spanning-tree vlan-id 4093-4094 183 | spanning-tree mst 0 priority 16384 184 | ``` 185 | 186 | ## Internal VLAN Allocation Policy 187 | 188 | ### Internal VLAN Allocation Policy Summary 189 | 190 | | Policy Allocation | Range Beginning | Range Ending | 191 | | ------------------| --------------- | ------------ | 192 | | ascending | 1006 | 1199 | 193 | 194 | ### Internal VLAN Allocation Policy Device Configuration 195 | 196 | ```eos 197 | ! 198 | vlan internal order ascending range 1006 1199 199 | ``` 200 | 201 | ## VLANs 202 | 203 | ### VLANs Summary 204 | 205 | | VLAN ID | Name | Trunk Groups | 206 | | ------- | ---- | ------------ | 207 | | 110 | Tenant_A_OP_Zone_1 | - | 208 | | 160 | Tenant_A_VMOTION | - | 209 | | 3009 | MLAG_L3_VRF_Tenant_A_OP_Zone | MLAG | 210 | | 4093 | MLAG_L3 | MLAG | 211 | | 4094 | MLAG | MLAG | 212 | 213 | ### VLANs Device Configuration 214 | 215 | ```eos 216 | ! 217 | vlan 110 218 | name Tenant_A_OP_Zone_1 219 | ! 220 | vlan 160 221 | name Tenant_A_VMOTION 222 | ! 223 | vlan 3009 224 | name MLAG_L3_VRF_Tenant_A_OP_Zone 225 | trunk group MLAG 226 | ! 227 | vlan 4093 228 | name MLAG_L3 229 | trunk group MLAG 230 | ! 231 | vlan 4094 232 | name MLAG 233 | trunk group MLAG 234 | ``` 235 | 236 | ## Interfaces 237 | 238 | ### Ethernet Interfaces 239 | 240 | #### Ethernet Interfaces Summary 241 | 242 | ##### L2 243 | 244 | | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | 245 | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | 246 | | Ethernet1 | MLAG_s1-leaf1_Ethernet1 | *trunk | *- | *- | *MLAG | 1 | 247 | | Ethernet4 | SERVER_s1-host1_Eth2 | *access | *110 | *- | *- | 4 | 248 | | Ethernet6 | MLAG_s1-leaf1_Ethernet6 | *trunk | *- | *- | *MLAG | 1 | 249 | 250 | *Inherited from Port-Channel Interface 251 | 252 | ##### IPv4 253 | 254 | | Interface | Description | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | 255 | | --------- | ----------- | ------------- | ---------- | ----| ---- | -------- | ------ | ------- | 256 | | Ethernet2 | P2P_s1-spine1_Ethernet3 | - | 172.30.255.5/31 | default | 1500 | False | - | - | 257 | | Ethernet3 | P2P_s1-spine2_Ethernet3 | - | 172.30.255.7/31 | default | 1500 | False | - | - | 258 | 259 | #### Ethernet Interfaces Device Configuration 260 | 261 | ```eos 262 | ! 263 | interface Ethernet1 264 | description MLAG_s1-leaf1_Ethernet1 265 | no shutdown 266 | channel-group 1 mode active 267 | ! 268 | interface Ethernet2 269 | description P2P_s1-spine1_Ethernet3 270 | no shutdown 271 | mtu 1500 272 | no switchport 273 | ip address 172.30.255.5/31 274 | ! 275 | interface Ethernet3 276 | description P2P_s1-spine2_Ethernet3 277 | no shutdown 278 | mtu 1500 279 | no switchport 280 | ip address 172.30.255.7/31 281 | ! 282 | interface Ethernet4 283 | description SERVER_s1-host1_Eth2 284 | no shutdown 285 | channel-group 4 mode active 286 | ! 287 | interface Ethernet6 288 | description MLAG_s1-leaf1_Ethernet6 289 | no shutdown 290 | channel-group 1 mode active 291 | ``` 292 | 293 | ### Port-Channel Interfaces 294 | 295 | #### Port-Channel Interfaces Summary 296 | 297 | ##### L2 298 | 299 | | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | 300 | | --------- | ----------- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | 301 | | Port-Channel1 | MLAG_s1-leaf1_Port-Channel1 | trunk | - | - | MLAG | - | - | - | - | 302 | | Port-Channel4 | PortChannel | access | 110 | - | - | - | - | 4 | - | 303 | 304 | #### Port-Channel Interfaces Device Configuration 305 | 306 | ```eos 307 | ! 308 | interface Port-Channel1 309 | description MLAG_s1-leaf1_Port-Channel1 310 | no shutdown 311 | switchport mode trunk 312 | switchport trunk group MLAG 313 | switchport 314 | ! 315 | interface Port-Channel4 316 | description PortChannel 317 | no shutdown 318 | switchport access vlan 110 319 | switchport mode access 320 | switchport 321 | mlag 4 322 | ``` 323 | 324 | ### Loopback Interfaces 325 | 326 | #### Loopback Interfaces Summary 327 | 328 | ##### IPv4 329 | 330 | | Interface | Description | VRF | IP Address | 331 | | --------- | ----------- | --- | ---------- | 332 | | Loopback0 | ROUTER_ID | default | 192.0.255.4/32 | 333 | | Loopback1 | VXLAN_TUNNEL_SOURCE | default | 192.0.254.3/32 | 334 | | Loopback100 | DIAG_VRF_Tenant_A_OP_Zone | Tenant_A_OP_Zone | 10.255.1.4/32 | 335 | 336 | ##### IPv6 337 | 338 | | Interface | Description | VRF | IPv6 Address | 339 | | --------- | ----------- | --- | ------------ | 340 | | Loopback0 | ROUTER_ID | default | - | 341 | | Loopback1 | VXLAN_TUNNEL_SOURCE | default | - | 342 | | Loopback100 | DIAG_VRF_Tenant_A_OP_Zone | Tenant_A_OP_Zone | - | 343 | 344 | #### Loopback Interfaces Device Configuration 345 | 346 | ```eos 347 | ! 348 | interface Loopback0 349 | description ROUTER_ID 350 | no shutdown 351 | ip address 192.0.255.4/32 352 | ! 353 | interface Loopback1 354 | description VXLAN_TUNNEL_SOURCE 355 | no shutdown 356 | ip address 192.0.254.3/32 357 | ! 358 | interface Loopback100 359 | description DIAG_VRF_Tenant_A_OP_Zone 360 | no shutdown 361 | vrf Tenant_A_OP_Zone 362 | ip address 10.255.1.4/32 363 | ``` 364 | 365 | ### VLAN Interfaces 366 | 367 | #### VLAN Interfaces Summary 368 | 369 | | Interface | Description | VRF | MTU | Shutdown | 370 | | --------- | ----------- | --- | ---- | -------- | 371 | | Vlan110 | Tenant_A_OP_Zone_1 | Tenant_A_OP_Zone | - | False | 372 | | Vlan3009 | MLAG_L3_VRF_Tenant_A_OP_Zone | Tenant_A_OP_Zone | 1500 | False | 373 | | Vlan4093 | MLAG_L3 | default | 1500 | False | 374 | | Vlan4094 | MLAG | default | 1500 | False | 375 | 376 | ##### IPv4 377 | 378 | | Interface | VRF | IP Address | IP Address Virtual | IP Router Virtual Address | ACL In | ACL Out | 379 | | --------- | --- | ---------- | ------------------ | ------------------------- | ------ | ------- | 380 | | Vlan110 | Tenant_A_OP_Zone | - | 10.1.10.1/24 | - | - | - | 381 | | Vlan3009 | Tenant_A_OP_Zone | 10.255.251.1/31 | - | - | - | - | 382 | | Vlan4093 | default | 10.255.251.1/31 | - | - | - | - | 383 | | Vlan4094 | default | 10.255.252.1/31 | - | - | - | - | 384 | 385 | #### VLAN Interfaces Device Configuration 386 | 387 | ```eos 388 | ! 389 | interface Vlan110 390 | description Tenant_A_OP_Zone_1 391 | no shutdown 392 | vrf Tenant_A_OP_Zone 393 | ip address virtual 10.1.10.1/24 394 | ! 395 | interface Vlan3009 396 | description MLAG_L3_VRF_Tenant_A_OP_Zone 397 | no shutdown 398 | mtu 1500 399 | vrf Tenant_A_OP_Zone 400 | ip address 10.255.251.1/31 401 | ! 402 | interface Vlan4093 403 | description MLAG_L3 404 | no shutdown 405 | mtu 1500 406 | ip address 10.255.251.1/31 407 | ! 408 | interface Vlan4094 409 | description MLAG 410 | no shutdown 411 | mtu 1500 412 | no autostate 413 | ip address 10.255.252.1/31 414 | ``` 415 | 416 | ### VXLAN Interface 417 | 418 | #### VXLAN Interface Summary 419 | 420 | | Setting | Value | 421 | | ------- | ----- | 422 | | Source Interface | Loopback1 | 423 | | UDP port | 4789 | 424 | | EVPN MLAG Shared Router MAC | mlag-system-id | 425 | 426 | ##### VLAN to VNI, Flood List and Multicast Group Mappings 427 | 428 | | VLAN | VNI | Flood List | Multicast Group | 429 | | ---- | --- | ---------- | --------------- | 430 | | 110 | 10110 | - | - | 431 | | 160 | 55160 | - | - | 432 | 433 | ##### VRF to VNI and Multicast Group Mappings 434 | 435 | | VRF | VNI | Multicast Group | 436 | | ---- | --- | --------------- | 437 | | Tenant_A_OP_Zone | 10 | - | 438 | 439 | #### VXLAN Interface Device Configuration 440 | 441 | ```eos 442 | ! 443 | interface Vxlan1 444 | description s1-leaf2_VTEP 445 | vxlan source-interface Loopback1 446 | vxlan virtual-router encapsulation mac-address mlag-system-id 447 | vxlan udp-port 4789 448 | vxlan vlan 110 vni 10110 449 | vxlan vlan 160 vni 55160 450 | vxlan vrf Tenant_A_OP_Zone vni 10 451 | ``` 452 | 453 | ## Routing 454 | 455 | ### Service Routing Protocols Model 456 | 457 | Multi agent routing protocol model enabled 458 | 459 | ```eos 460 | ! 461 | service routing protocols model multi-agent 462 | ``` 463 | 464 | ### Virtual Router MAC Address 465 | 466 | #### Virtual Router MAC Address Summary 467 | 468 | Virtual Router MAC Address: 00:1c:73:00:dc:01 469 | 470 | #### Virtual Router MAC Address Device Configuration 471 | 472 | ```eos 473 | ! 474 | ip virtual-router mac-address 00:1c:73:00:dc:01 475 | ``` 476 | 477 | ### IP Routing 478 | 479 | #### IP Routing Summary 480 | 481 | | VRF | Routing Enabled | 482 | | --- | --------------- | 483 | | default | True | 484 | | Tenant_A_OP_Zone | True | 485 | 486 | #### IP Routing Device Configuration 487 | 488 | ```eos 489 | ! 490 | ip routing 491 | ip routing vrf Tenant_A_OP_Zone 492 | ``` 493 | 494 | ### IPv6 Routing 495 | 496 | #### IPv6 Routing Summary 497 | 498 | | VRF | Routing Enabled | 499 | | --- | --------------- | 500 | | default | False | 501 | | default | false | 502 | | Tenant_A_OP_Zone | false | 503 | 504 | ### Static Routes 505 | 506 | #### Static Routes Summary 507 | 508 | | VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | 509 | | --- | ------------------ | ----------- | -------------- | ----------------------- | --- | ---------- | ------ | 510 | | default | 0.0.0.0/0 | 192.168.0.1 | - | 1 | - | - | - | 511 | 512 | #### Static Routes Device Configuration 513 | 514 | ```eos 515 | ! 516 | ip route 0.0.0.0/0 192.168.0.1 517 | ``` 518 | 519 | ### Router BGP 520 | 521 | ASN Notation: asplain 522 | 523 | #### Router BGP Summary 524 | 525 | | BGP AS | Router ID | 526 | | ------ | --------- | 527 | | 65101 | 192.0.255.4 | 528 | 529 | | BGP Tuning | 530 | | ---------- | 531 | | graceful-restart restart-time 300 | 532 | | graceful-restart | 533 | | no bgp default ipv4-unicast | 534 | | distance bgp 20 200 200 | 535 | | maximum-paths 4 ecmp 4 | 536 | 537 | #### Router BGP Peer Groups 538 | 539 | ##### EVPN-OVERLAY-PEERS 540 | 541 | | Settings | Value | 542 | | -------- | ----- | 543 | | Address Family | evpn | 544 | | Source | Loopback0 | 545 | | BFD | True | 546 | | Ebgp multihop | 3 | 547 | | Send community | all | 548 | | Maximum routes | 0 (no limit) | 549 | 550 | ##### IPv4-UNDERLAY-PEERS 551 | 552 | | Settings | Value | 553 | | -------- | ----- | 554 | | Address Family | ipv4 | 555 | | Send community | all | 556 | | Maximum routes | 12000 | 557 | 558 | ##### MLAG-IPv4-UNDERLAY-PEER 559 | 560 | | Settings | Value | 561 | | -------- | ----- | 562 | | Address Family | ipv4 | 563 | | Remote AS | 65101 | 564 | | Next-hop self | True | 565 | | Send community | all | 566 | | Maximum routes | 12000 | 567 | 568 | #### BGP Neighbors 569 | 570 | | Neighbor | Remote AS | VRF | Shutdown | Send-community | Maximum-routes | Allowas-in | BFD | RIB Pre-Policy Retain | Route-Reflector Client | Passive | TTL Max Hops | 571 | | -------- | --------- | --- | -------- | -------------- | -------------- | ---------- | --- | --------------------- | ---------------------- | ------- | ------------ | 572 | | 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | default | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | 573 | | 172.30.255.4 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | 574 | | 172.30.255.6 | 65001 | default | - | Inherited from peer group IPv4-UNDERLAY-PEERS | Inherited from peer group IPv4-UNDERLAY-PEERS | - | - | - | - | - | - | 575 | | 192.0.255.1 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | 576 | | 192.0.255.2 | 65001 | default | - | Inherited from peer group EVPN-OVERLAY-PEERS | Inherited from peer group EVPN-OVERLAY-PEERS | - | Inherited from peer group EVPN-OVERLAY-PEERS | - | - | - | - | 577 | | 10.255.251.0 | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Tenant_A_OP_Zone | - | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | Inherited from peer group MLAG-IPv4-UNDERLAY-PEER | - | - | - | - | - | - | 578 | 579 | #### Router BGP EVPN Address Family 580 | 581 | ##### EVPN Peer Groups 582 | 583 | | Peer Group | Activate | Route-map In | Route-map Out | Encapsulation | 584 | | ---------- | -------- | ------------ | ------------- | ------------- | 585 | | EVPN-OVERLAY-PEERS | True | - | - | default | 586 | 587 | #### Router BGP VLAN Aware Bundles 588 | 589 | | VLAN Aware Bundle | Route-Distinguisher | Both Route-Target | Import Route Target | Export Route-Target | Redistribute | VLANs | 590 | | ----------------- | ------------------- | ----------------- | ------------------- | ------------------- | ------------ | ----- | 591 | | Tenant_A_OP_Zone | 192.0.255.4:10 | 10:10 | - | - | learned | 110 | 592 | | Tenant_A_VMOTION | 192.0.255.4:55160 | 55160:55160 | - | - | learned | 160 | 593 | 594 | #### Router BGP VRFs 595 | 596 | | VRF | Route-Distinguisher | Redistribute | 597 | | --- | ------------------- | ------------ | 598 | | Tenant_A_OP_Zone | 192.0.255.4:10 | connected | 599 | 600 | #### Router BGP Device Configuration 601 | 602 | ```eos 603 | ! 604 | router bgp 65101 605 | router-id 192.0.255.4 606 | no bgp default ipv4-unicast 607 | distance bgp 20 200 200 608 | graceful-restart restart-time 300 609 | graceful-restart 610 | maximum-paths 4 ecmp 4 611 | neighbor EVPN-OVERLAY-PEERS peer group 612 | neighbor EVPN-OVERLAY-PEERS update-source Loopback0 613 | neighbor EVPN-OVERLAY-PEERS bfd 614 | neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 615 | neighbor EVPN-OVERLAY-PEERS password 7 616 | neighbor EVPN-OVERLAY-PEERS send-community 617 | neighbor EVPN-OVERLAY-PEERS maximum-routes 0 618 | neighbor IPv4-UNDERLAY-PEERS peer group 619 | neighbor IPv4-UNDERLAY-PEERS password 7 620 | neighbor IPv4-UNDERLAY-PEERS send-community 621 | neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 622 | neighbor MLAG-IPv4-UNDERLAY-PEER peer group 623 | neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101 624 | neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self 625 | neighbor MLAG-IPv4-UNDERLAY-PEER description s1-leaf1 626 | neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in 627 | neighbor MLAG-IPv4-UNDERLAY-PEER password 7 628 | neighbor MLAG-IPv4-UNDERLAY-PEER send-community 629 | neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 630 | neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER 631 | neighbor 10.255.251.0 description s1-leaf1_Vlan4093 632 | neighbor 172.30.255.4 peer group IPv4-UNDERLAY-PEERS 633 | neighbor 172.30.255.4 remote-as 65001 634 | neighbor 172.30.255.4 description s1-spine1_Ethernet3 635 | neighbor 172.30.255.6 peer group IPv4-UNDERLAY-PEERS 636 | neighbor 172.30.255.6 remote-as 65001 637 | neighbor 172.30.255.6 description s1-spine2_Ethernet3 638 | neighbor 192.0.255.1 peer group EVPN-OVERLAY-PEERS 639 | neighbor 192.0.255.1 remote-as 65001 640 | neighbor 192.0.255.1 description s1-spine1_Loopback0 641 | neighbor 192.0.255.2 peer group EVPN-OVERLAY-PEERS 642 | neighbor 192.0.255.2 remote-as 65001 643 | neighbor 192.0.255.2 description s1-spine2_Loopback0 644 | redistribute connected route-map RM-CONN-2-BGP 645 | ! 646 | vlan-aware-bundle Tenant_A_OP_Zone 647 | rd 192.0.255.4:10 648 | route-target both 10:10 649 | redistribute learned 650 | vlan 110 651 | ! 652 | vlan-aware-bundle Tenant_A_VMOTION 653 | rd 192.0.255.4:55160 654 | route-target both 55160:55160 655 | redistribute learned 656 | vlan 160 657 | ! 658 | address-family evpn 659 | neighbor EVPN-OVERLAY-PEERS activate 660 | ! 661 | address-family ipv4 662 | no neighbor EVPN-OVERLAY-PEERS activate 663 | neighbor IPv4-UNDERLAY-PEERS activate 664 | neighbor MLAG-IPv4-UNDERLAY-PEER activate 665 | ! 666 | vrf Tenant_A_OP_Zone 667 | rd 192.0.255.4:10 668 | route-target import evpn 10:10 669 | route-target export evpn 10:10 670 | router-id 192.0.255.4 671 | neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER 672 | neighbor 10.255.251.0 description s1-leaf1_Vlan3009 673 | redistribute connected route-map RM-CONN-2-BGP-VRFS 674 | ``` 675 | 676 | ## BFD 677 | 678 | ### Router BFD 679 | 680 | #### Router BFD Multihop Summary 681 | 682 | | Interval | Minimum RX | Multiplier | 683 | | -------- | ---------- | ---------- | 684 | | 1200 | 1200 | 3 | 685 | 686 | #### Router BFD Device Configuration 687 | 688 | ```eos 689 | ! 690 | router bfd 691 | multihop interval 1200 min-rx 1200 multiplier 3 692 | ``` 693 | 694 | ## Multicast 695 | 696 | ### IP IGMP Snooping 697 | 698 | #### IP IGMP Snooping Summary 699 | 700 | | IGMP Snooping | Fast Leave | Interface Restart Query | Proxy | Restart Query Interval | Robustness Variable | 701 | | ------------- | ---------- | ----------------------- | ----- | ---------------------- | ------------------- | 702 | | Enabled | - | - | - | - | - | 703 | 704 | #### IP IGMP Snooping Device Configuration 705 | 706 | ```eos 707 | ``` 708 | 709 | ## Filters 710 | 711 | ### Prefix-lists 712 | 713 | #### Prefix-lists Summary 714 | 715 | ##### PL-LOOPBACKS-EVPN-OVERLAY 716 | 717 | | Sequence | Action | 718 | | -------- | ------ | 719 | | 10 | permit 192.0.255.0/24 eq 32 | 720 | | 20 | permit 192.0.254.0/24 eq 32 | 721 | 722 | ##### PL-MLAG-PEER-VRFS 723 | 724 | | Sequence | Action | 725 | | -------- | ------ | 726 | | 10 | permit 10.255.251.0/31 | 727 | 728 | #### Prefix-lists Device Configuration 729 | 730 | ```eos 731 | ! 732 | ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY 733 | seq 10 permit 192.0.255.0/24 eq 32 734 | seq 20 permit 192.0.254.0/24 eq 32 735 | ! 736 | ip prefix-list PL-MLAG-PEER-VRFS 737 | seq 10 permit 10.255.251.0/31 738 | ``` 739 | 740 | ### Route-maps 741 | 742 | #### Route-maps Summary 743 | 744 | ##### RM-CONN-2-BGP 745 | 746 | | Sequence | Type | Match | Set | Sub-Route-Map | Continue | 747 | | -------- | ---- | ----- | --- | ------------- | -------- | 748 | | 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - | 749 | 750 | ##### RM-CONN-2-BGP-VRFS 751 | 752 | | Sequence | Type | Match | Set | Sub-Route-Map | Continue | 753 | | -------- | ---- | ----- | --- | ------------- | -------- | 754 | | 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - | 755 | | 20 | permit | - | - | - | - | 756 | 757 | ##### RM-MLAG-PEER-IN 758 | 759 | | Sequence | Type | Match | Set | Sub-Route-Map | Continue | 760 | | -------- | ---- | ----- | --- | ------------- | -------- | 761 | | 10 | permit | - | origin incomplete | - | - | 762 | 763 | #### Route-maps Device Configuration 764 | 765 | ```eos 766 | ! 767 | route-map RM-CONN-2-BGP permit 10 768 | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 769 | ! 770 | route-map RM-CONN-2-BGP-VRFS deny 10 771 | match ip address prefix-list PL-MLAG-PEER-VRFS 772 | ! 773 | route-map RM-CONN-2-BGP-VRFS permit 20 774 | ! 775 | route-map RM-MLAG-PEER-IN permit 10 776 | description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing 777 | set origin incomplete 778 | ``` 779 | 780 | ## VRF Instances 781 | 782 | ### VRF Instances Summary 783 | 784 | | VRF Name | IP Routing | 785 | | -------- | ---------- | 786 | | Tenant_A_OP_Zone | enabled | 787 | 788 | ### VRF Instances Device Configuration 789 | 790 | ```eos 791 | ! 792 | vrf instance Tenant_A_OP_Zone 793 | ``` 794 | 795 | ## Virtual Source NAT 796 | 797 | ### Virtual Source NAT Summary 798 | 799 | | Source NAT VRF | Source NAT IPv4 Address | Source NAT IPv6 Address | 800 | | -------------- | ----------------------- | ----------------------- | 801 | | Tenant_A_OP_Zone | 10.255.1.4 | - | 802 | 803 | ### Virtual Source NAT Configuration 804 | 805 | ```eos 806 | ! 807 | ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.4 808 | ``` 809 | --------------------------------------------------------------------------------