Merge pull request #31 from MitchV85/autovpn-dg

AutoVPN DG cLab Config Updates - RCF

tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-R1.cfg

@@ -58,7 +58,7 @@ router path-selection
       ipsec profile IPSEC-PROFILE
       !
       local interface Ethernet2
-         stun server-profile DC2-R2-Ethernet2 DC1-R2-Ethernet2
+         stun server-profile DC1-R2-Ethernet2 DC2-R2-Ethernet2
       !
       peer dynamic
       !
@@ -162,43 +162,36 @@ ip route vrf MGMT 0.0.0.0/0 172.100.100.1
 !
 arp aging timeout default 1500
 !
-route-map RM-CONN-2-BGP permit 10
-   match ip address prefix-list PL-LOOPBACKS
-!
-route-map RM-CONN-2-BGP permit 20
-   match ip address prefix-list PL-P2P-UNDERLAY
-!
 router bgp 65000
    router-id 10.0.1.2
    no bgp default ipv4-unicast
    distance bgp 20 200 200
    graceful-restart restart-time 300
    graceful-restart
    neighbor default send-community
-   neighbor DC1-EVPN-PEERS peer group
-   neighbor DC1-EVPN-PEERS remote-as 65100
-   neighbor DC1-EVPN-PEERS update-source Loopback0
-   neighbor DC1-EVPN-PEERS ebgp-multihop 3
-   neighbor DC1-EVPN-PEERS password 7 RxqKJj2uKvzsECQR+ApqjA==
    neighbor IPv4-UNDERLAY-PEERS peer group
    neighbor IPv4-UNDERLAY-PEERS remote-as 65100
    neighbor IPv4-UNDERLAY-PEERS password 7 t7gEXzNemRRE24Du53hBEA==
+   neighbor LOCAL-EVPN-PEERS peer group
+   neighbor LOCAL-EVPN-PEERS remote-as 65100
+   neighbor LOCAL-EVPN-PEERS update-source Loopback0
+   neighbor LOCAL-EVPN-PEERS ebgp-multihop 3
    neighbor WAN-OVERLAY-PEERS peer group
    neighbor WAN-OVERLAY-PEERS remote-as 65000
    neighbor WAN-OVERLAY-PEERS update-source Dps1
    neighbor WAN-OVERLAY-PEERS bfd
    neighbor WAN-OVERLAY-PEERS bfd interval 5000 min-rx 5000 multiplier 3
    neighbor WAN-OVERLAY-PEERS password 7 Jasxt4q1i1EVo3kE0U5v4w==
    neighbor WAN-OVERLAY-PEERS maximum-routes 0
-   neighbor 10.0.1.201 peer group DC1-EVPN-PEERS
+   neighbor 10.0.1.201 peer group LOCAL-EVPN-PEERS
    neighbor 10.1.1.3 peer group WAN-OVERLAY-PEERS
    neighbor 10.1.2.3 peer group WAN-OVERLAY-PEERS
    neighbor 172.20.1.2 peer group IPv4-UNDERLAY-PEERS
-   redistribute connected route-map RM-CONN-2-BGP
+   redistribute connected rcf CONN_2_BGP()
    !
    address-family evpn
-      neighbor DC1-EVPN-PEERS activate
-      neighbor DC1-EVPN-PEERS encapsulation vxlan 
+      neighbor LOCAL-EVPN-PEERS activate
+      neighbor LOCAL-EVPN-PEERS encapsulation vxlan 
       neighbor WAN-OVERLAY-PEERS activate
       neighbor WAN-OVERLAY-PEERS encapsulation path-selection 
       neighbor WAN-OVERLAY-PEERS domain remote
@@ -230,6 +223,30 @@ router bgp 65000
       route-target export evpn domain remote 51:51
       redistribute connected
 !
+router general
+   control-functions
+      code
+      ##############################
+      ##### Reusable Functions #####
+      ##############################
+      function IS_LOOPBACK() {
+         return prefix match prefix_list_v4 PL-LOOPBACKS;
+      }
+      function IS_UNDERLAY() {
+         return prefix match prefix_list_v4 PL-P2P-UNDERLAY;
+      }
+      ##############################
+      ##### Main Functions     #####
+      ##############################
+      function CONN_2_BGP() {
+         if IS_LOOPBACK() or IS_UNDERLAY() {
+            return true;
+         }
+       return false;
+      }
+      #
+      EOF
+!
 stun
    client
       server-profile DC1-R2-Ethernet2

tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-R2.cfg

@@ -153,12 +153,6 @@ ip route vrf MGMT 0.0.0.0/0 172.100.100.1
 !
 arp aging timeout default 1500
 !
-route-map RM-CONN-2-BGP permit 10
-   match ip address prefix-list PL-LOOPBACKS
-!
-route-map RM-CONN-2-BGP permit 20
-   match ip address prefix-list PL-P2P-UNDERLAY
-!
 router bgp 65000
    router-id 10.0.1.3
    no bgp default ipv4-unicast
@@ -168,14 +162,13 @@ router bgp 65000
    graceful-restart
    bgp listen range 10.0.0.0/8 peer-group WAN-OVERLAY-PEERS remote-as 65000
    neighbor default send-community
-   neighbor DC1-EVPN-PEERS peer group
-   neighbor DC1-EVPN-PEERS remote-as 65100
-   neighbor DC1-EVPN-PEERS update-source Loopback0
-   neighbor DC1-EVPN-PEERS ebgp-multihop 3
-   neighbor DC1-EVPN-PEERS password 7 RxqKJj2uKvzsECQR+ApqjA==
    neighbor IPv4-UNDERLAY-PEERS peer group
    neighbor IPv4-UNDERLAY-PEERS remote-as 65100
    neighbor IPv4-UNDERLAY-PEERS password 7 t7gEXzNemRRE24Du53hBEA==
+   neighbor LOCAL-EVPN-PEERS peer group
+   neighbor LOCAL-EVPN-PEERS remote-as 65100
+   neighbor LOCAL-EVPN-PEERS update-source Loopback0
+   neighbor LOCAL-EVPN-PEERS ebgp-multihop 3
    neighbor WAN-OVERLAY-PEERS peer group
    neighbor WAN-OVERLAY-PEERS remote-as 65000
    neighbor WAN-OVERLAY-PEERS update-source Dps1
@@ -184,14 +177,14 @@ router bgp 65000
    neighbor WAN-OVERLAY-PEERS route-reflector-client
    neighbor WAN-OVERLAY-PEERS password 7 Jasxt4q1i1EVo3kE0U5v4w==
    neighbor WAN-OVERLAY-PEERS maximum-routes 0
-   neighbor 10.0.1.201 peer group DC1-EVPN-PEERS
+   neighbor 10.0.1.201 peer group LOCAL-EVPN-PEERS
    neighbor 10.1.2.3 peer group WAN-OVERLAY-PEERS
    neighbor 172.20.1.4 peer group IPv4-UNDERLAY-PEERS
-   redistribute connected route-map RM-CONN-2-BGP
+   redistribute connected rcf CONN_2_BGP()
    !
    address-family evpn
-      neighbor DC1-EVPN-PEERS activate
-      neighbor DC1-EVPN-PEERS encapsulation vxlan 
+      neighbor LOCAL-EVPN-PEERS activate
+      neighbor LOCAL-EVPN-PEERS encapsulation vxlan 
       neighbor WAN-OVERLAY-PEERS activate
       neighbor WAN-OVERLAY-PEERS encapsulation path-selection 
       neighbor WAN-OVERLAY-PEERS domain remote
@@ -223,6 +216,30 @@ router bgp 65000
       route-target export evpn domain remote 51:51
       redistribute connected
 !
+router general
+   control-functions
+      code
+      ##############################
+      ##### Reusable Functions #####
+      ##############################
+      function IS_LOOPBACK() {
+         return prefix match prefix_list_v4 PL-LOOPBACKS;
+      }
+      function IS_UNDERLAY() {
+         return prefix match prefix_list_v4 PL-P2P-UNDERLAY;
+      }
+      ##############################
+      ##### Main Functions     #####
+      ##############################
+      function CONN_2_BGP() {
+         if IS_LOOPBACK() or IS_UNDERLAY() {
+            return true;
+         }
+       return false;
+      }
+      #
+      EOF
+!
 stun
    server
       local-interface Ethernet2

tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-R1.cfg

@@ -58,7 +58,7 @@ router path-selection
       ipsec profile IPSEC-PROFILE
       !
       local interface Ethernet2
-         stun server-profile DC2-R2-Ethernet2 DC1-R2-Ethernet2
+         stun server-profile DC1-R2-Ethernet2 DC2-R2-Ethernet2
       !
       peer dynamic
       !
@@ -162,43 +162,36 @@ ip route vrf MGMT 0.0.0.0/0 172.100.100.1
 !
 arp aging timeout default 1500
 !
-route-map RM-CONN-2-BGP permit 10
-   match ip address prefix-list PL-LOOPBACKS
-!
-route-map RM-CONN-2-BGP permit 20
-   match ip address prefix-list PL-P2P-UNDERLAY
-!
 router bgp 65000
    router-id 10.0.2.2
    no bgp default ipv4-unicast
    distance bgp 20 200 200
    graceful-restart restart-time 300
    graceful-restart
    neighbor default send-community
-   neighbor DC1-EVPN-PEERS peer group
-   neighbor DC1-EVPN-PEERS remote-as 65200
-   neighbor DC1-EVPN-PEERS update-source Loopback0
-   neighbor DC1-EVPN-PEERS ebgp-multihop 3
-   neighbor DC1-EVPN-PEERS password 7 RxqKJj2uKvzsECQR+ApqjA==
    neighbor IPv4-UNDERLAY-PEERS peer group
    neighbor IPv4-UNDERLAY-PEERS remote-as 65200
    neighbor IPv4-UNDERLAY-PEERS password 7 t7gEXzNemRRE24Du53hBEA==
+   neighbor LOCAL-EVPN-PEERS peer group
+   neighbor LOCAL-EVPN-PEERS remote-as 65200
+   neighbor LOCAL-EVPN-PEERS update-source Loopback0
+   neighbor LOCAL-EVPN-PEERS ebgp-multihop 3
    neighbor WAN-OVERLAY-PEERS peer group
    neighbor WAN-OVERLAY-PEERS remote-as 65000
    neighbor WAN-OVERLAY-PEERS update-source Dps1
    neighbor WAN-OVERLAY-PEERS bfd
    neighbor WAN-OVERLAY-PEERS bfd interval 5000 min-rx 5000 multiplier 3
    neighbor WAN-OVERLAY-PEERS password 7 Jasxt4q1i1EVo3kE0U5v4w==
    neighbor WAN-OVERLAY-PEERS maximum-routes 0
-   neighbor 10.0.2.201 peer group DC1-EVPN-PEERS
+   neighbor 10.0.2.201 peer group LOCAL-EVPN-PEERS
    neighbor 10.1.1.3 peer group WAN-OVERLAY-PEERS
    neighbor 10.1.2.3 peer group WAN-OVERLAY-PEERS
    neighbor 172.20.2.2 peer group IPv4-UNDERLAY-PEERS
-   redistribute connected route-map RM-CONN-2-BGP
+   redistribute connected rcf CONN_2_BGP()
    !
    address-family evpn
-      neighbor DC1-EVPN-PEERS activate
-      neighbor DC1-EVPN-PEERS encapsulation vxlan 
+      neighbor LOCAL-EVPN-PEERS activate
+      neighbor LOCAL-EVPN-PEERS encapsulation vxlan 
       neighbor WAN-OVERLAY-PEERS activate
       neighbor WAN-OVERLAY-PEERS encapsulation path-selection 
       neighbor WAN-OVERLAY-PEERS domain remote
@@ -230,6 +223,30 @@ router bgp 65000
       route-target export evpn domain remote 51:51
       redistribute connected
 !
+router general
+   control-functions
+      code
+      ##############################
+      ##### Reusable Functions #####
+      ##############################
+      function IS_LOOPBACK() {
+         return prefix match prefix_list_v4 PL-LOOPBACKS;
+      }
+      function IS_UNDERLAY() {
+         return prefix match prefix_list_v4 PL-P2P-UNDERLAY;
+      }
+      ##############################
+      ##### Main Functions     #####
+      ##############################
+      function CONN_2_BGP() {
+         if IS_LOOPBACK() or IS_UNDERLAY() {
+            return true;
+         }
+       return false;
+      }
+      #
+      EOF
+!
 stun
    client
       server-profile DC1-R2-Ethernet2

tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-R2.cfg

@@ -153,12 +153,6 @@ ip route vrf MGMT 0.0.0.0/0 172.100.100.1
 !
 arp aging timeout default 1500
 !
-route-map RM-CONN-2-BGP permit 10
-   match ip address prefix-list PL-LOOPBACKS
-!
-route-map RM-CONN-2-BGP permit 20
-   match ip address prefix-list PL-P2P-UNDERLAY
-!
 router bgp 65000
    router-id 10.0.2.3
    no bgp default ipv4-unicast
@@ -168,14 +162,13 @@ router bgp 65000
    graceful-restart
    bgp listen range 10.0.0.0/8 peer-group WAN-OVERLAY-PEERS remote-as 65000
    neighbor default send-community
-   neighbor DC1-EVPN-PEERS peer group
-   neighbor DC1-EVPN-PEERS remote-as 65200
-   neighbor DC1-EVPN-PEERS update-source Loopback0
-   neighbor DC1-EVPN-PEERS ebgp-multihop 3
-   neighbor DC1-EVPN-PEERS password 7 RxqKJj2uKvzsECQR+ApqjA==
    neighbor IPv4-UNDERLAY-PEERS peer group
    neighbor IPv4-UNDERLAY-PEERS remote-as 65200
    neighbor IPv4-UNDERLAY-PEERS password 7 t7gEXzNemRRE24Du53hBEA==
+   neighbor LOCAL-EVPN-PEERS peer group
+   neighbor LOCAL-EVPN-PEERS remote-as 65200
+   neighbor LOCAL-EVPN-PEERS update-source Loopback0
+   neighbor LOCAL-EVPN-PEERS ebgp-multihop 3
    neighbor WAN-OVERLAY-PEERS peer group
    neighbor WAN-OVERLAY-PEERS remote-as 65000
    neighbor WAN-OVERLAY-PEERS update-source Dps1
@@ -184,14 +177,14 @@ router bgp 65000
    neighbor WAN-OVERLAY-PEERS route-reflector-client
    neighbor WAN-OVERLAY-PEERS password 7 Jasxt4q1i1EVo3kE0U5v4w==
    neighbor WAN-OVERLAY-PEERS maximum-routes 0
-   neighbor 10.0.2.201 peer group DC1-EVPN-PEERS
+   neighbor 10.0.2.201 peer group LOCAL-EVPN-PEERS
    neighbor 10.1.1.3 peer group WAN-OVERLAY-PEERS
    neighbor 172.20.2.4 peer group IPv4-UNDERLAY-PEERS
-   redistribute connected route-map RM-CONN-2-BGP
+   redistribute connected rcf CONN_2_BGP()
    !
    address-family evpn
-      neighbor DC1-EVPN-PEERS activate
-      neighbor DC1-EVPN-PEERS encapsulation vxlan 
+      neighbor LOCAL-EVPN-PEERS activate
+      neighbor LOCAL-EVPN-PEERS encapsulation vxlan 
       neighbor WAN-OVERLAY-PEERS activate
       neighbor WAN-OVERLAY-PEERS encapsulation path-selection 
       neighbor WAN-OVERLAY-PEERS domain remote
@@ -221,6 +214,30 @@ router bgp 65000
       route-target export evpn domain remote 51:51
       redistribute connected
 !
+router general
+   control-functions
+      code
+      ##############################
+      ##### Reusable Functions #####
+      ##############################
+      function IS_LOOPBACK() {
+         return prefix match prefix_list_v4 PL-LOOPBACKS;
+      }
+      function IS_UNDERLAY() {
+         return prefix match prefix_list_v4 PL-P2P-UNDERLAY;
+      }
+      ##############################
+      ##### Main Functions     #####
+      ##############################
+      function CONN_2_BGP() {
+         if IS_LOOPBACK() or IS_UNDERLAY() {
+            return true;
+         }
+       return false;
+      }
+      #
+      EOF
+!
 stun
    server
       local-interface Ethernet2

tech-library/wan/autovpn/zbackend-infra/clab/configs/S1-R1.cfg

@@ -58,7 +58,7 @@ router path-selection
       ipsec profile IPSEC-PROFILE
       !
       local interface Ethernet2
-         stun server-profile DC1-R2-Ethernet2 DC2-R2-Ethernet2
+         stun server-profile DC2-R2-Ethernet2 DC1-R2-Ethernet2
       !
       peer dynamic
       !

tech-library/wan/autovpn/zbackend-infra/clab/configs/S2-R1.cfg

@@ -58,7 +58,7 @@ router path-selection
       ipsec profile IPSEC-PROFILE
       !
       local interface Ethernet2
-         stun server-profile DC1-R2-Ethernet2 DC2-R2-Ethernet2
+         stun server-profile DC2-R2-Ethernet2 DC1-R2-Ethernet2
       !
       peer dynamic
       !