diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-R1.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-R1.cfg index b247d94b..951ee688 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-R1.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-R1.cfg @@ -58,7 +58,7 @@ router path-selection ipsec profile IPSEC-PROFILE ! local interface Ethernet2 - stun server-profile DC2-R2-Ethernet2 DC1-R2-Ethernet2 + stun server-profile DC1-R2-Ethernet2 DC2-R2-Ethernet2 ! peer dynamic ! @@ -162,12 +162,6 @@ ip route vrf MGMT 0.0.0.0/0 172.100.100.1 ! arp aging timeout default 1500 ! -route-map RM-CONN-2-BGP permit 10 - match ip address prefix-list PL-LOOPBACKS -! -route-map RM-CONN-2-BGP permit 20 - match ip address prefix-list PL-P2P-UNDERLAY -! router bgp 65000 router-id 10.0.1.2 no bgp default ipv4-unicast @@ -175,14 +169,13 @@ router bgp 65000 graceful-restart restart-time 300 graceful-restart neighbor default send-community + neighbor IPv4-UNDERLAY-PEERS peer group + neighbor IPv4-UNDERLAY-PEERS remote-as 65100 + neighbor IPv4-UNDERLAY-PEERS password 7 t7gEXzNemRRE24Du53hBEA== neighbor LOCAL-EVPN-PEERS peer group neighbor LOCAL-EVPN-PEERS remote-as 65100 neighbor LOCAL-EVPN-PEERS update-source Loopback0 neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 - neighbor LOCAL-EVPN-PEERS password 7 RxqKJj2uKvzsECQR+ApqjA== - neighbor IPv4-UNDERLAY-PEERS peer group - neighbor IPv4-UNDERLAY-PEERS remote-as 65100 - neighbor IPv4-UNDERLAY-PEERS password 7 t7gEXzNemRRE24Du53hBEA== neighbor WAN-OVERLAY-PEERS peer group neighbor WAN-OVERLAY-PEERS remote-as 65000 neighbor WAN-OVERLAY-PEERS update-source Dps1 @@ -194,13 +187,13 @@ router bgp 65000 neighbor 10.1.1.3 peer group WAN-OVERLAY-PEERS neighbor 10.1.2.3 peer group WAN-OVERLAY-PEERS neighbor 172.20.1.2 peer group IPv4-UNDERLAY-PEERS - redistribute connected route-map RM-CONN-2-BGP + redistribute connected rcf CONN_2_BGP() ! address-family evpn neighbor LOCAL-EVPN-PEERS activate - neighbor LOCAL-EVPN-PEERS encapsulation vxlan + neighbor LOCAL-EVPN-PEERS encapsulation vxlan neighbor WAN-OVERLAY-PEERS activate - neighbor WAN-OVERLAY-PEERS encapsulation path-selection + neighbor WAN-OVERLAY-PEERS encapsulation path-selection neighbor WAN-OVERLAY-PEERS domain remote route import match-failure action discard ! @@ -230,6 +223,30 @@ router bgp 65000 route-target export evpn domain remote 51:51 redistribute connected ! +router general + control-functions + code + ############################## + ##### Reusable Functions ##### + ############################## + function IS_LOOPBACK() { + return prefix match prefix_list_v4 PL-LOOPBACKS; + } + function IS_UNDERLAY() { + return prefix match prefix_list_v4 PL-P2P-UNDERLAY; + } + ############################## + ##### Main Functions ##### + ############################## + function CONN_2_BGP() { + if IS_LOOPBACK() or IS_UNDERLAY() { + return true; + } + return false; + } + # + EOF +! stun client server-profile DC1-R2-Ethernet2 @@ -238,4 +255,4 @@ stun server-profile DC2-R2-Ethernet2 ip address 192.0.2.14 ! -end +end \ No newline at end of file diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-R2.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-R2.cfg index 82d0b790..85594546 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-R2.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-R2.cfg @@ -153,12 +153,6 @@ ip route vrf MGMT 0.0.0.0/0 172.100.100.1 ! arp aging timeout default 1500 ! -route-map RM-CONN-2-BGP permit 10 - match ip address prefix-list PL-LOOPBACKS -! -route-map RM-CONN-2-BGP permit 20 - match ip address prefix-list PL-P2P-UNDERLAY -! router bgp 65000 router-id 10.0.1.3 no bgp default ipv4-unicast @@ -168,14 +162,13 @@ router bgp 65000 graceful-restart bgp listen range 10.0.0.0/8 peer-group WAN-OVERLAY-PEERS remote-as 65000 neighbor default send-community + neighbor IPv4-UNDERLAY-PEERS peer group + neighbor IPv4-UNDERLAY-PEERS remote-as 65100 + neighbor IPv4-UNDERLAY-PEERS password 7 t7gEXzNemRRE24Du53hBEA== neighbor LOCAL-EVPN-PEERS peer group neighbor LOCAL-EVPN-PEERS remote-as 65100 neighbor LOCAL-EVPN-PEERS update-source Loopback0 neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 - neighbor LOCAL-EVPN-PEERS password 7 RxqKJj2uKvzsECQR+ApqjA== - neighbor IPv4-UNDERLAY-PEERS peer group - neighbor IPv4-UNDERLAY-PEERS remote-as 65100 - neighbor IPv4-UNDERLAY-PEERS password 7 t7gEXzNemRRE24Du53hBEA== neighbor WAN-OVERLAY-PEERS peer group neighbor WAN-OVERLAY-PEERS remote-as 65000 neighbor WAN-OVERLAY-PEERS update-source Dps1 @@ -187,13 +180,13 @@ router bgp 65000 neighbor 10.0.1.201 peer group LOCAL-EVPN-PEERS neighbor 10.1.2.3 peer group WAN-OVERLAY-PEERS neighbor 172.20.1.4 peer group IPv4-UNDERLAY-PEERS - redistribute connected route-map RM-CONN-2-BGP + redistribute connected rcf CONN_2_BGP() ! address-family evpn neighbor LOCAL-EVPN-PEERS activate - neighbor LOCAL-EVPN-PEERS encapsulation vxlan + neighbor LOCAL-EVPN-PEERS encapsulation vxlan neighbor WAN-OVERLAY-PEERS activate - neighbor WAN-OVERLAY-PEERS encapsulation path-selection + neighbor WAN-OVERLAY-PEERS encapsulation path-selection neighbor WAN-OVERLAY-PEERS domain remote route import match-failure action discard ! @@ -223,8 +216,32 @@ router bgp 65000 route-target export evpn domain remote 51:51 redistribute connected ! +router general + control-functions + code + ############################## + ##### Reusable Functions ##### + ############################## + function IS_LOOPBACK() { + return prefix match prefix_list_v4 PL-LOOPBACKS; + } + function IS_UNDERLAY() { + return prefix match prefix_list_v4 PL-P2P-UNDERLAY; + } + ############################## + ##### Main Functions ##### + ############################## + function CONN_2_BGP() { + if IS_LOOPBACK() or IS_UNDERLAY() { + return true; + } + return false; + } + # + EOF +! stun server local-interface Ethernet2 ! -end +end \ No newline at end of file diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-R1.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-R1.cfg index 22bf8436..a07f8c81 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-R1.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-R1.cfg @@ -58,7 +58,7 @@ router path-selection ipsec profile IPSEC-PROFILE ! local interface Ethernet2 - stun server-profile DC2-R2-Ethernet2 DC1-R2-Ethernet2 + stun server-profile DC1-R2-Ethernet2 DC2-R2-Ethernet2 ! peer dynamic ! @@ -162,12 +162,6 @@ ip route vrf MGMT 0.0.0.0/0 172.100.100.1 ! arp aging timeout default 1500 ! -route-map RM-CONN-2-BGP permit 10 - match ip address prefix-list PL-LOOPBACKS -! -route-map RM-CONN-2-BGP permit 20 - match ip address prefix-list PL-P2P-UNDERLAY -! router bgp 65000 router-id 10.0.2.2 no bgp default ipv4-unicast @@ -175,14 +169,13 @@ router bgp 65000 graceful-restart restart-time 300 graceful-restart neighbor default send-community + neighbor IPv4-UNDERLAY-PEERS peer group + neighbor IPv4-UNDERLAY-PEERS remote-as 65200 + neighbor IPv4-UNDERLAY-PEERS password 7 t7gEXzNemRRE24Du53hBEA== neighbor LOCAL-EVPN-PEERS peer group neighbor LOCAL-EVPN-PEERS remote-as 65200 neighbor LOCAL-EVPN-PEERS update-source Loopback0 neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 - neighbor LOCAL-EVPN-PEERS password 7 RxqKJj2uKvzsECQR+ApqjA== - neighbor IPv4-UNDERLAY-PEERS peer group - neighbor IPv4-UNDERLAY-PEERS remote-as 65200 - neighbor IPv4-UNDERLAY-PEERS password 7 t7gEXzNemRRE24Du53hBEA== neighbor WAN-OVERLAY-PEERS peer group neighbor WAN-OVERLAY-PEERS remote-as 65000 neighbor WAN-OVERLAY-PEERS update-source Dps1 @@ -194,13 +187,13 @@ router bgp 65000 neighbor 10.1.1.3 peer group WAN-OVERLAY-PEERS neighbor 10.1.2.3 peer group WAN-OVERLAY-PEERS neighbor 172.20.2.2 peer group IPv4-UNDERLAY-PEERS - redistribute connected route-map RM-CONN-2-BGP + redistribute connected rcf CONN_2_BGP() ! address-family evpn neighbor LOCAL-EVPN-PEERS activate - neighbor LOCAL-EVPN-PEERS encapsulation vxlan + neighbor LOCAL-EVPN-PEERS encapsulation vxlan neighbor WAN-OVERLAY-PEERS activate - neighbor WAN-OVERLAY-PEERS encapsulation path-selection + neighbor WAN-OVERLAY-PEERS encapsulation path-selection neighbor WAN-OVERLAY-PEERS domain remote route import match-failure action discard ! @@ -230,6 +223,30 @@ router bgp 65000 route-target export evpn domain remote 51:51 redistribute connected ! +router general + control-functions + code + ############################## + ##### Reusable Functions ##### + ############################## + function IS_LOOPBACK() { + return prefix match prefix_list_v4 PL-LOOPBACKS; + } + function IS_UNDERLAY() { + return prefix match prefix_list_v4 PL-P2P-UNDERLAY; + } + ############################## + ##### Main Functions ##### + ############################## + function CONN_2_BGP() { + if IS_LOOPBACK() or IS_UNDERLAY() { + return true; + } + return false; + } + # + EOF +! stun client server-profile DC1-R2-Ethernet2 @@ -238,4 +255,4 @@ stun server-profile DC2-R2-Ethernet2 ip address 192.0.2.14 ! -end +end \ No newline at end of file diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-R2.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-R2.cfg index d04105bf..24627774 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-R2.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-R2.cfg @@ -153,12 +153,6 @@ ip route vrf MGMT 0.0.0.0/0 172.100.100.1 ! arp aging timeout default 1500 ! -route-map RM-CONN-2-BGP permit 10 - match ip address prefix-list PL-LOOPBACKS -! -route-map RM-CONN-2-BGP permit 20 - match ip address prefix-list PL-P2P-UNDERLAY -! router bgp 65000 router-id 10.0.2.3 no bgp default ipv4-unicast @@ -168,14 +162,13 @@ router bgp 65000 graceful-restart bgp listen range 10.0.0.0/8 peer-group WAN-OVERLAY-PEERS remote-as 65000 neighbor default send-community + neighbor IPv4-UNDERLAY-PEERS peer group + neighbor IPv4-UNDERLAY-PEERS remote-as 65200 + neighbor IPv4-UNDERLAY-PEERS password 7 t7gEXzNemRRE24Du53hBEA== neighbor LOCAL-EVPN-PEERS peer group neighbor LOCAL-EVPN-PEERS remote-as 65200 neighbor LOCAL-EVPN-PEERS update-source Loopback0 neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 - neighbor LOCAL-EVPN-PEERS password 7 RxqKJj2uKvzsECQR+ApqjA== - neighbor IPv4-UNDERLAY-PEERS peer group - neighbor IPv4-UNDERLAY-PEERS remote-as 65200 - neighbor IPv4-UNDERLAY-PEERS password 7 t7gEXzNemRRE24Du53hBEA== neighbor WAN-OVERLAY-PEERS peer group neighbor WAN-OVERLAY-PEERS remote-as 65000 neighbor WAN-OVERLAY-PEERS update-source Dps1 @@ -187,13 +180,13 @@ router bgp 65000 neighbor 10.0.2.201 peer group LOCAL-EVPN-PEERS neighbor 10.1.1.3 peer group WAN-OVERLAY-PEERS neighbor 172.20.2.4 peer group IPv4-UNDERLAY-PEERS - redistribute connected route-map RM-CONN-2-BGP + redistribute connected rcf CONN_2_BGP() ! address-family evpn neighbor LOCAL-EVPN-PEERS activate - neighbor LOCAL-EVPN-PEERS encapsulation vxlan + neighbor LOCAL-EVPN-PEERS encapsulation vxlan neighbor WAN-OVERLAY-PEERS activate - neighbor WAN-OVERLAY-PEERS encapsulation path-selection + neighbor WAN-OVERLAY-PEERS encapsulation path-selection neighbor WAN-OVERLAY-PEERS domain remote route import match-failure action discard ! @@ -221,8 +214,32 @@ router bgp 65000 route-target export evpn domain remote 51:51 redistribute connected ! +router general + control-functions + code + ############################## + ##### Reusable Functions ##### + ############################## + function IS_LOOPBACK() { + return prefix match prefix_list_v4 PL-LOOPBACKS; + } + function IS_UNDERLAY() { + return prefix match prefix_list_v4 PL-P2P-UNDERLAY; + } + ############################## + ##### Main Functions ##### + ############################## + function CONN_2_BGP() { + if IS_LOOPBACK() or IS_UNDERLAY() { + return true; + } + return false; + } + # + EOF +! stun server local-interface Ethernet2 ! -end +end \ No newline at end of file diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/S1-R1.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/S1-R1.cfg index 90edefef..ca0abf47 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/S1-R1.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/S1-R1.cfg @@ -58,7 +58,7 @@ router path-selection ipsec profile IPSEC-PROFILE ! local interface Ethernet2 - stun server-profile DC1-R2-Ethernet2 DC2-R2-Ethernet2 + stun server-profile DC2-R2-Ethernet2 DC1-R2-Ethernet2 ! peer dynamic ! diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/S2-R1.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/S2-R1.cfg index a0901756..d37bd987 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/S2-R1.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/S2-R1.cfg @@ -58,7 +58,7 @@ router path-selection ipsec profile IPSEC-PROFILE ! local interface Ethernet2 - stun server-profile DC1-R2-Ethernet2 DC2-R2-Ethernet2 + stun server-profile DC2-R2-Ethernet2 DC1-R2-Ethernet2 ! peer dynamic !