diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 00000000..314766e9 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,3 @@ +* text=auto eol=lf +*.{cmd,[cC][mM][dD]} text eol=crlf +*.{bat,[bB][aA][tT]} text eol=crlf diff --git a/.gitignore b/.gitignore index b1e7286e..f308f4d1 100644 --- a/.gitignore +++ b/.gitignore @@ -1,11 +1,2 @@ -# ignore avd generated files -**/documentation/** -**/intended/** -**/reports/** -**/config_backup/** # ignore secrets **.tok** -# ignore domain act topos -**/lab_topology/** -# ignore act directory -**/act/** diff --git a/datacenter/act/act-inventory.yml b/datacenter/act/act-inventory.yml deleted file mode 100644 index e8e54297..00000000 --- a/datacenter/act/act-inventory.yml +++ /dev/null @@ -1,314 +0,0 @@ ---- -all: - children: - CVP: - hosts: - act_cv: - ansible_httpapi_host: 10.18.136.4 - ansible_host: 10.18.136.4 - ansible_user: cvpadmin - ansible_password: cvp123! - VEOS: - hosts: - A-LEAF1: - ansible_host: 10.18.160.144 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - A-LEAF2: - ansible_host: 10.18.152.99 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - A-LEAF3: - ansible_host: 10.18.137.22 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - A-LEAF4: - ansible_host: 10.18.164.107 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - A-LEAF5: - ansible_host: 10.18.157.244 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - A-LEAF6: - ansible_host: 10.18.159.85 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - A-LEAF7: - ansible_host: 10.18.137.206 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - A-LEAF8: - ansible_host: 10.18.157.27 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - A-SPINE1: - ansible_host: 10.18.137.213 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - A-SPINE2: - ansible_host: 10.18.164.11 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - A-SPINE3: - ansible_host: 10.18.164.29 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - A-SPINE4: - ansible_host: 10.18.160.162 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - A1: - ansible_host: 10.18.164.108 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - A2: - ansible_host: 10.18.137.203 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - A3: - ansible_host: 10.18.137.202 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - A4: - ansible_host: 10.18.142.151 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - A5: - ansible_host: 10.18.137.141 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - A6: - ansible_host: 10.18.157.208 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B-LEAF1: - ansible_host: 10.18.164.33 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B-LEAF2: - ansible_host: 10.18.157.209 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B-LEAF3: - ansible_host: 10.18.164.32 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B-LEAF4: - ansible_host: 10.18.164.35 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B-LEAF5: - ansible_host: 10.18.153.171 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B-LEAF6: - ansible_host: 10.18.136.5 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B-LEAF7: - ansible_host: 10.18.164.110 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B-LEAF8: - ansible_host: 10.18.157.137 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B-SPINE1: - ansible_host: 10.18.137.208 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B-SPINE2: - ansible_host: 10.18.164.109 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B-SPINE3: - ansible_host: 10.18.160.142 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B-SPINE4: - ansible_host: 10.18.157.206 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B-SW1: - ansible_host: 10.18.153.123 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B1: - ansible_host: 10.18.164.28 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B2: - ansible_host: 10.18.151.42 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B3: - ansible_host: 10.18.152.107 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B4: - ansible_host: 10.18.164.26 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B5: - ansible_host: 10.18.157.161 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B6: - ansible_host: 10.18.164.2 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - B7: - ansible_host: 10.18.151.254 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - BB1: - ansible_host: 10.18.164.34 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - BB2: - ansible_host: 10.18.164.111 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - C-LEAF1: - ansible_host: 10.18.157.240 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - C-LEAF2: - ansible_host: 10.18.160.141 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - C-LEAF3: - ansible_host: 10.18.152.104 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - C-LEAF4: - ansible_host: 10.18.137.218 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - C-LEAF5: - ansible_host: 10.18.150.238 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - C-LEAF6: - ansible_host: 10.18.137.255 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - C-LEAF7: - ansible_host: 10.18.160.143 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - C-LEAF8: - ansible_host: 10.18.137.204 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - C-SPINE1: - ansible_host: 10.18.152.106 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - C-SPINE2: - ansible_host: 10.18.164.7 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - C1: - ansible_host: 10.18.164.12 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - C2: - ansible_host: 10.18.142.152 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - C3: - ansible_host: 10.18.157.19 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - C4: - ansible_host: 10.18.164.36 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - C5: - ansible_host: 10.18.157.243 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - C6: - ansible_host: 10.18.157.237 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - D-LEAF1: - ansible_host: 10.18.164.31 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - D-LEAF2: - ansible_host: 10.18.164.10 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - D-LEAF3: - ansible_host: 10.18.164.30 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - D-LEAF4: - ansible_host: 10.18.164.0 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - D-LEAF5: - ansible_host: 10.18.164.27 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - D-LEAF6: - ansible_host: 10.18.157.196 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - D-LEAF7: - ansible_host: 10.18.160.147 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - D-LEAF8: - ansible_host: 10.18.152.100 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - D-SPINE1: - ansible_host: 10.18.160.146 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - D-SPINE2: - ansible_host: 10.18.164.8 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - D-SPINE3: - ansible_host: 10.18.151.41 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - D-SPINE4: - ansible_host: 10.18.152.98 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - D1: - ansible_host: 10.18.160.139 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - D2: - ansible_host: 10.18.154.199 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - D3: - ansible_host: 10.18.164.25 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - D4: - ansible_host: 10.18.157.235 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - D5: - ansible_host: 10.18.164.9 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - D6: - ansible_host: 10.18.137.222 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 - TOOLSSERVER: - hosts: - ansible-runner: - ansible_host: 10.18.136.0 - ansible_user: cvpadmin - ansible_ssh_pass: arista123 diff --git a/tech-library/campus/evpnvxlan/zbackend-infra/act/act-campus-evpnvxlan-dg.yml b/tech-library/campus/evpnvxlan/zbackend-infra/act/act-campus-evpnvxlan-dg.yml new file mode 100644 index 00000000..eaa48050 --- /dev/null +++ b/tech-library/campus/evpnvxlan/zbackend-infra/act/act-campus-evpnvxlan-dg.yml @@ -0,0 +1,3 @@ +--- + +# Placeholder diff --git a/tech-library/campus/evpnvxlan/zbackend-infra/clab/clab-campus-evpnvxlan-dg.yml b/tech-library/campus/evpnvxlan/zbackend-infra/clab/clab-campus-evpnvxlan-dg.yml new file mode 100644 index 00000000..eaa48050 --- /dev/null +++ b/tech-library/campus/evpnvxlan/zbackend-infra/clab/clab-campus-evpnvxlan-dg.yml @@ -0,0 +1,3 @@ +--- + +# Placeholder diff --git a/tech-library/campus/l2ls/zbackend-infra/act/act-campus-l2ls-dg.yml b/tech-library/campus/l2ls/zbackend-infra/act/act-campus-l2ls-dg.yml new file mode 100644 index 00000000..eaa48050 --- /dev/null +++ b/tech-library/campus/l2ls/zbackend-infra/act/act-campus-l2ls-dg.yml @@ -0,0 +1,3 @@ +--- + +# Placeholder diff --git a/tech-library/campus/l2ls/zbackend-infra/clab/clab-campus-l2ls-dg.yml b/tech-library/campus/l2ls/zbackend-infra/clab/clab-campus-l2ls-dg.yml new file mode 100644 index 00000000..eaa48050 --- /dev/null +++ b/tech-library/campus/l2ls/zbackend-infra/clab/clab-campus-l2ls-dg.yml @@ -0,0 +1,3 @@ +--- + +# Placeholder diff --git a/tech-library/campus/l3ls/zbackend-infra/act/act-campus-l3ls-dg.yml b/tech-library/campus/l3ls/zbackend-infra/act/act-campus-l3ls-dg.yml new file mode 100644 index 00000000..eaa48050 --- /dev/null +++ b/tech-library/campus/l3ls/zbackend-infra/act/act-campus-l3ls-dg.yml @@ -0,0 +1,3 @@ +--- + +# Placeholder diff --git a/tech-library/campus/l3ls/zbackend-infra/clab/clab-campus-l3ls-dg.yml b/tech-library/campus/l3ls/zbackend-infra/clab/clab-campus-l3ls-dg.yml new file mode 100644 index 00000000..eaa48050 --- /dev/null +++ b/tech-library/campus/l3ls/zbackend-infra/clab/clab-campus-l3ls-dg.yml @@ -0,0 +1,3 @@ +--- + +# Placeholder diff --git a/datacenter/Makefile b/tech-library/datacenter/evpnvxlan/Makefile similarity index 100% rename from datacenter/Makefile rename to tech-library/datacenter/evpnvxlan/Makefile diff --git a/datacenter/README.md b/tech-library/datacenter/evpnvxlan/README.md similarity index 100% rename from datacenter/README.md rename to tech-library/datacenter/evpnvxlan/README.md diff --git a/datacenter/ansible.cfg b/tech-library/datacenter/evpnvxlan/ansible.cfg similarity index 100% rename from datacenter/ansible.cfg rename to tech-library/datacenter/evpnvxlan/ansible.cfg diff --git a/datacenter/backbone/group_vars/ACT.yml b/tech-library/datacenter/evpnvxlan/backbone/group_vars/ACT.yml similarity index 100% rename from datacenter/backbone/group_vars/ACT.yml rename to tech-library/datacenter/evpnvxlan/backbone/group_vars/ACT.yml diff --git a/datacenter/backbone/group_vars/BACKBONE.yml b/tech-library/datacenter/evpnvxlan/backbone/group_vars/BACKBONE.yml similarity index 100% rename from datacenter/backbone/group_vars/BACKBONE.yml rename to tech-library/datacenter/evpnvxlan/backbone/group_vars/BACKBONE.yml diff --git a/datacenter/backbone/group_vars/FABRIC.yml b/tech-library/datacenter/evpnvxlan/backbone/group_vars/FABRIC.yml similarity index 100% rename from datacenter/backbone/group_vars/FABRIC.yml rename to tech-library/datacenter/evpnvxlan/backbone/group_vars/FABRIC.yml diff --git a/datacenter/backbone/host_vars/BB1.yml b/tech-library/datacenter/evpnvxlan/backbone/host_vars/BB1.yml similarity index 100% rename from datacenter/backbone/host_vars/BB1.yml rename to tech-library/datacenter/evpnvxlan/backbone/host_vars/BB1.yml diff --git a/datacenter/backbone/host_vars/BB2.yml b/tech-library/datacenter/evpnvxlan/backbone/host_vars/BB2.yml similarity index 100% rename from datacenter/backbone/host_vars/BB2.yml rename to tech-library/datacenter/evpnvxlan/backbone/host_vars/BB2.yml diff --git a/datacenter/backbone/inventory.yml b/tech-library/datacenter/evpnvxlan/backbone/inventory.yml similarity index 100% rename from datacenter/backbone/inventory.yml rename to tech-library/datacenter/evpnvxlan/backbone/inventory.yml diff --git a/datacenter/domain-a/group_vars/ACT.yml b/tech-library/datacenter/evpnvxlan/domain-a/group_vars/ACT.yml similarity index 100% rename from datacenter/domain-a/group_vars/ACT.yml rename to tech-library/datacenter/evpnvxlan/domain-a/group_vars/ACT.yml diff --git a/datacenter/domain-a/group_vars/CONNECTED_ENDPOINTS.yml b/tech-library/datacenter/evpnvxlan/domain-a/group_vars/CONNECTED_ENDPOINTS.yml similarity index 100% rename from datacenter/domain-a/group_vars/CONNECTED_ENDPOINTS.yml rename to tech-library/datacenter/evpnvxlan/domain-a/group_vars/CONNECTED_ENDPOINTS.yml diff --git a/datacenter/domain-a/group_vars/DOMAIN_A.yml b/tech-library/datacenter/evpnvxlan/domain-a/group_vars/DOMAIN_A.yml similarity index 100% rename from datacenter/domain-a/group_vars/DOMAIN_A.yml rename to tech-library/datacenter/evpnvxlan/domain-a/group_vars/DOMAIN_A.yml diff --git a/datacenter/domain-a/group_vars/DOMAIN_A_EVPNGW.yml b/tech-library/datacenter/evpnvxlan/domain-a/group_vars/DOMAIN_A_EVPNGW.yml similarity index 100% rename from datacenter/domain-a/group_vars/DOMAIN_A_EVPNGW.yml rename to tech-library/datacenter/evpnvxlan/domain-a/group_vars/DOMAIN_A_EVPNGW.yml diff --git a/datacenter/domain-a/group_vars/DOMAIN_A_L3_LEAVES.yml b/tech-library/datacenter/evpnvxlan/domain-a/group_vars/DOMAIN_A_L3_LEAVES.yml similarity index 100% rename from datacenter/domain-a/group_vars/DOMAIN_A_L3_LEAVES.yml rename to tech-library/datacenter/evpnvxlan/domain-a/group_vars/DOMAIN_A_L3_LEAVES.yml diff --git a/datacenter/domain-a/group_vars/DOMAIN_A_SPINES.yml b/tech-library/datacenter/evpnvxlan/domain-a/group_vars/DOMAIN_A_SPINES.yml similarity index 100% rename from datacenter/domain-a/group_vars/DOMAIN_A_SPINES.yml rename to tech-library/datacenter/evpnvxlan/domain-a/group_vars/DOMAIN_A_SPINES.yml diff --git a/datacenter/domain-a/group_vars/FABRIC.yml b/tech-library/datacenter/evpnvxlan/domain-a/group_vars/FABRIC.yml similarity index 100% rename from datacenter/domain-a/group_vars/FABRIC.yml rename to tech-library/datacenter/evpnvxlan/domain-a/group_vars/FABRIC.yml diff --git a/datacenter/domain-a/inventory.yml b/tech-library/datacenter/evpnvxlan/domain-a/inventory.yml similarity index 100% rename from datacenter/domain-a/inventory.yml rename to tech-library/datacenter/evpnvxlan/domain-a/inventory.yml diff --git a/datacenter/domain-b/custom_anta_catalogs/DOMAIN_B_L3_LEAVES.yml b/tech-library/datacenter/evpnvxlan/domain-b/custom_anta_catalogs/DOMAIN_B_L3_LEAVES.yml similarity index 100% rename from datacenter/domain-b/custom_anta_catalogs/DOMAIN_B_L3_LEAVES.yml rename to tech-library/datacenter/evpnvxlan/domain-b/custom_anta_catalogs/DOMAIN_B_L3_LEAVES.yml diff --git a/datacenter/domain-b/group_vars/ACT.yml b/tech-library/datacenter/evpnvxlan/domain-b/group_vars/ACT.yml similarity index 100% rename from datacenter/domain-b/group_vars/ACT.yml rename to tech-library/datacenter/evpnvxlan/domain-b/group_vars/ACT.yml diff --git a/datacenter/domain-b/group_vars/CONNECTED_ENDPOINTS.yml b/tech-library/datacenter/evpnvxlan/domain-b/group_vars/CONNECTED_ENDPOINTS.yml similarity index 100% rename from datacenter/domain-b/group_vars/CONNECTED_ENDPOINTS.yml rename to tech-library/datacenter/evpnvxlan/domain-b/group_vars/CONNECTED_ENDPOINTS.yml diff --git a/datacenter/domain-b/group_vars/DOMAIN_B.yml b/tech-library/datacenter/evpnvxlan/domain-b/group_vars/DOMAIN_B.yml similarity index 100% rename from datacenter/domain-b/group_vars/DOMAIN_B.yml rename to tech-library/datacenter/evpnvxlan/domain-b/group_vars/DOMAIN_B.yml diff --git a/datacenter/domain-b/group_vars/DOMAIN_B_EVPNGW.yml b/tech-library/datacenter/evpnvxlan/domain-b/group_vars/DOMAIN_B_EVPNGW.yml similarity index 100% rename from datacenter/domain-b/group_vars/DOMAIN_B_EVPNGW.yml rename to tech-library/datacenter/evpnvxlan/domain-b/group_vars/DOMAIN_B_EVPNGW.yml diff --git a/datacenter/domain-b/group_vars/DOMAIN_B_L2_SW.yml b/tech-library/datacenter/evpnvxlan/domain-b/group_vars/DOMAIN_B_L2_SW.yml similarity index 100% rename from datacenter/domain-b/group_vars/DOMAIN_B_L2_SW.yml rename to tech-library/datacenter/evpnvxlan/domain-b/group_vars/DOMAIN_B_L2_SW.yml diff --git a/datacenter/domain-b/group_vars/DOMAIN_B_L3_LEAVES.yml b/tech-library/datacenter/evpnvxlan/domain-b/group_vars/DOMAIN_B_L3_LEAVES.yml similarity index 100% rename from datacenter/domain-b/group_vars/DOMAIN_B_L3_LEAVES.yml rename to tech-library/datacenter/evpnvxlan/domain-b/group_vars/DOMAIN_B_L3_LEAVES.yml diff --git a/datacenter/domain-b/group_vars/DOMAIN_B_SPINES.yml b/tech-library/datacenter/evpnvxlan/domain-b/group_vars/DOMAIN_B_SPINES.yml similarity index 100% rename from datacenter/domain-b/group_vars/DOMAIN_B_SPINES.yml rename to tech-library/datacenter/evpnvxlan/domain-b/group_vars/DOMAIN_B_SPINES.yml diff --git a/datacenter/domain-b/group_vars/FABRIC.yml b/tech-library/datacenter/evpnvxlan/domain-b/group_vars/FABRIC.yml similarity index 100% rename from datacenter/domain-b/group_vars/FABRIC.yml rename to tech-library/datacenter/evpnvxlan/domain-b/group_vars/FABRIC.yml diff --git a/datacenter/domain-b/host_vars/B-LEAF5.yml b/tech-library/datacenter/evpnvxlan/domain-b/host_vars/B-LEAF5.yml similarity index 100% rename from datacenter/domain-b/host_vars/B-LEAF5.yml rename to tech-library/datacenter/evpnvxlan/domain-b/host_vars/B-LEAF5.yml diff --git a/datacenter/domain-b/host_vars/B-LEAF6.yml b/tech-library/datacenter/evpnvxlan/domain-b/host_vars/B-LEAF6.yml similarity index 100% rename from datacenter/domain-b/host_vars/B-LEAF6.yml rename to tech-library/datacenter/evpnvxlan/domain-b/host_vars/B-LEAF6.yml diff --git a/datacenter/domain-b/host_vars/B-LEAF7.yml b/tech-library/datacenter/evpnvxlan/domain-b/host_vars/B-LEAF7.yml similarity index 100% rename from datacenter/domain-b/host_vars/B-LEAF7.yml rename to tech-library/datacenter/evpnvxlan/domain-b/host_vars/B-LEAF7.yml diff --git a/datacenter/domain-b/host_vars/B-LEAF8.yml b/tech-library/datacenter/evpnvxlan/domain-b/host_vars/B-LEAF8.yml similarity index 100% rename from datacenter/domain-b/host_vars/B-LEAF8.yml rename to tech-library/datacenter/evpnvxlan/domain-b/host_vars/B-LEAF8.yml diff --git a/datacenter/domain-b/inventory.yml b/tech-library/datacenter/evpnvxlan/domain-b/inventory.yml similarity index 100% rename from datacenter/domain-b/inventory.yml rename to tech-library/datacenter/evpnvxlan/domain-b/inventory.yml diff --git a/datacenter/domain-c/group_vars/ACT.yml b/tech-library/datacenter/evpnvxlan/domain-c/group_vars/ACT.yml similarity index 100% rename from datacenter/domain-c/group_vars/ACT.yml rename to tech-library/datacenter/evpnvxlan/domain-c/group_vars/ACT.yml diff --git a/datacenter/domain-c/group_vars/CONNECTED_ENDPOINTS.yml b/tech-library/datacenter/evpnvxlan/domain-c/group_vars/CONNECTED_ENDPOINTS.yml similarity index 100% rename from datacenter/domain-c/group_vars/CONNECTED_ENDPOINTS.yml rename to tech-library/datacenter/evpnvxlan/domain-c/group_vars/CONNECTED_ENDPOINTS.yml diff --git a/datacenter/domain-c/group_vars/DOMAIN_C.yml b/tech-library/datacenter/evpnvxlan/domain-c/group_vars/DOMAIN_C.yml similarity index 100% rename from datacenter/domain-c/group_vars/DOMAIN_C.yml rename to tech-library/datacenter/evpnvxlan/domain-c/group_vars/DOMAIN_C.yml diff --git a/datacenter/domain-c/group_vars/DOMAIN_C_EVPNGW.yml b/tech-library/datacenter/evpnvxlan/domain-c/group_vars/DOMAIN_C_EVPNGW.yml similarity index 100% rename from datacenter/domain-c/group_vars/DOMAIN_C_EVPNGW.yml rename to tech-library/datacenter/evpnvxlan/domain-c/group_vars/DOMAIN_C_EVPNGW.yml diff --git a/datacenter/domain-c/group_vars/DOMAIN_C_L3_LEAVES.yml b/tech-library/datacenter/evpnvxlan/domain-c/group_vars/DOMAIN_C_L3_LEAVES.yml similarity index 100% rename from datacenter/domain-c/group_vars/DOMAIN_C_L3_LEAVES.yml rename to tech-library/datacenter/evpnvxlan/domain-c/group_vars/DOMAIN_C_L3_LEAVES.yml diff --git a/datacenter/domain-c/group_vars/DOMAIN_C_SPINES.yml b/tech-library/datacenter/evpnvxlan/domain-c/group_vars/DOMAIN_C_SPINES.yml similarity index 100% rename from datacenter/domain-c/group_vars/DOMAIN_C_SPINES.yml rename to tech-library/datacenter/evpnvxlan/domain-c/group_vars/DOMAIN_C_SPINES.yml diff --git a/datacenter/domain-c/group_vars/FABRIC.yml b/tech-library/datacenter/evpnvxlan/domain-c/group_vars/FABRIC.yml similarity index 100% rename from datacenter/domain-c/group_vars/FABRIC.yml rename to tech-library/datacenter/evpnvxlan/domain-c/group_vars/FABRIC.yml diff --git a/datacenter/domain-c/host_vars/C-LEAF7.yml b/tech-library/datacenter/evpnvxlan/domain-c/host_vars/C-LEAF7.yml similarity index 100% rename from datacenter/domain-c/host_vars/C-LEAF7.yml rename to tech-library/datacenter/evpnvxlan/domain-c/host_vars/C-LEAF7.yml diff --git a/datacenter/domain-c/host_vars/C-LEAF8.yml b/tech-library/datacenter/evpnvxlan/domain-c/host_vars/C-LEAF8.yml similarity index 100% rename from datacenter/domain-c/host_vars/C-LEAF8.yml rename to tech-library/datacenter/evpnvxlan/domain-c/host_vars/C-LEAF8.yml diff --git a/datacenter/domain-c/inventory.yml b/tech-library/datacenter/evpnvxlan/domain-c/inventory.yml similarity index 100% rename from datacenter/domain-c/inventory.yml rename to tech-library/datacenter/evpnvxlan/domain-c/inventory.yml diff --git a/datacenter/domain-d/group_vars/ACT.yml b/tech-library/datacenter/evpnvxlan/domain-d/group_vars/ACT.yml similarity index 100% rename from datacenter/domain-d/group_vars/ACT.yml rename to tech-library/datacenter/evpnvxlan/domain-d/group_vars/ACT.yml diff --git a/datacenter/domain-d/group_vars/CONNECTED_ENDPOINTS.yml b/tech-library/datacenter/evpnvxlan/domain-d/group_vars/CONNECTED_ENDPOINTS.yml similarity index 100% rename from datacenter/domain-d/group_vars/CONNECTED_ENDPOINTS.yml rename to tech-library/datacenter/evpnvxlan/domain-d/group_vars/CONNECTED_ENDPOINTS.yml diff --git a/datacenter/domain-d/group_vars/DOMAIN_D.yml b/tech-library/datacenter/evpnvxlan/domain-d/group_vars/DOMAIN_D.yml similarity index 100% rename from datacenter/domain-d/group_vars/DOMAIN_D.yml rename to tech-library/datacenter/evpnvxlan/domain-d/group_vars/DOMAIN_D.yml diff --git a/datacenter/domain-d/group_vars/DOMAIN_D_EVPNGW.yml b/tech-library/datacenter/evpnvxlan/domain-d/group_vars/DOMAIN_D_EVPNGW.yml similarity index 100% rename from datacenter/domain-d/group_vars/DOMAIN_D_EVPNGW.yml rename to tech-library/datacenter/evpnvxlan/domain-d/group_vars/DOMAIN_D_EVPNGW.yml diff --git a/datacenter/domain-d/group_vars/DOMAIN_D_L3_LEAVES.yml b/tech-library/datacenter/evpnvxlan/domain-d/group_vars/DOMAIN_D_L3_LEAVES.yml similarity index 100% rename from datacenter/domain-d/group_vars/DOMAIN_D_L3_LEAVES.yml rename to tech-library/datacenter/evpnvxlan/domain-d/group_vars/DOMAIN_D_L3_LEAVES.yml diff --git a/datacenter/domain-d/group_vars/DOMAIN_D_SPINES.yml b/tech-library/datacenter/evpnvxlan/domain-d/group_vars/DOMAIN_D_SPINES.yml similarity index 100% rename from datacenter/domain-d/group_vars/DOMAIN_D_SPINES.yml rename to tech-library/datacenter/evpnvxlan/domain-d/group_vars/DOMAIN_D_SPINES.yml diff --git a/datacenter/domain-d/group_vars/FABRIC.yml b/tech-library/datacenter/evpnvxlan/domain-d/group_vars/FABRIC.yml similarity index 100% rename from datacenter/domain-d/group_vars/FABRIC.yml rename to tech-library/datacenter/evpnvxlan/domain-d/group_vars/FABRIC.yml diff --git a/datacenter/domain-d/inventory.yml b/tech-library/datacenter/evpnvxlan/domain-d/inventory.yml similarity index 100% rename from datacenter/domain-d/inventory.yml rename to tech-library/datacenter/evpnvxlan/domain-d/inventory.yml diff --git a/datacenter/global_vars/avd_defaults/node-types.yml b/tech-library/datacenter/evpnvxlan/global_vars/avd_defaults/node-types.yml similarity index 100% rename from datacenter/global_vars/avd_defaults/node-types.yml rename to tech-library/datacenter/evpnvxlan/global_vars/avd_defaults/node-types.yml diff --git a/datacenter/global_vars/avd_defaults/variable-options.yml b/tech-library/datacenter/evpnvxlan/global_vars/avd_defaults/variable-options.yml similarity index 100% rename from datacenter/global_vars/avd_defaults/variable-options.yml rename to tech-library/datacenter/evpnvxlan/global_vars/avd_defaults/variable-options.yml diff --git a/datacenter/global_vars/evpn_vxlan/NETWORK_SERVICES.yml b/tech-library/datacenter/evpnvxlan/global_vars/evpn_vxlan/NETWORK_SERVICES.yml similarity index 100% rename from datacenter/global_vars/evpn_vxlan/NETWORK_SERVICES.yml rename to tech-library/datacenter/evpnvxlan/global_vars/evpn_vxlan/NETWORK_SERVICES.yml diff --git a/datacenter/global_vars/fabric_defaults/management.yml b/tech-library/datacenter/evpnvxlan/global_vars/fabric_defaults/management.yml similarity index 100% rename from datacenter/global_vars/fabric_defaults/management.yml rename to tech-library/datacenter/evpnvxlan/global_vars/fabric_defaults/management.yml diff --git a/datacenter/global_vars/fabric_defaults/routing-defaults.yml b/tech-library/datacenter/evpnvxlan/global_vars/fabric_defaults/routing-defaults.yml similarity index 100% rename from datacenter/global_vars/fabric_defaults/routing-defaults.yml rename to tech-library/datacenter/evpnvxlan/global_vars/fabric_defaults/routing-defaults.yml diff --git a/datacenter/global_vars/fabric_defaults/switching-defaults.yml b/tech-library/datacenter/evpnvxlan/global_vars/fabric_defaults/switching-defaults.yml similarity index 100% rename from datacenter/global_vars/fabric_defaults/switching-defaults.yml rename to tech-library/datacenter/evpnvxlan/global_vars/fabric_defaults/switching-defaults.yml diff --git a/datacenter/playbooks/fabric-build.yml b/tech-library/datacenter/evpnvxlan/playbooks/fabric-build.yml similarity index 100% rename from datacenter/playbooks/fabric-build.yml rename to tech-library/datacenter/evpnvxlan/playbooks/fabric-build.yml diff --git a/datacenter/playbooks/fabric-deploy-cv.yml b/tech-library/datacenter/evpnvxlan/playbooks/fabric-deploy-cv.yml similarity index 100% rename from datacenter/playbooks/fabric-deploy-cv.yml rename to tech-library/datacenter/evpnvxlan/playbooks/fabric-deploy-cv.yml diff --git a/datacenter/playbooks/fabric-deploy-cvp.yml b/tech-library/datacenter/evpnvxlan/playbooks/fabric-deploy-cvp.yml similarity index 100% rename from datacenter/playbooks/fabric-deploy-cvp.yml rename to tech-library/datacenter/evpnvxlan/playbooks/fabric-deploy-cvp.yml diff --git a/datacenter/playbooks/fabric-deploy-eapi.yml b/tech-library/datacenter/evpnvxlan/playbooks/fabric-deploy-eapi.yml similarity index 100% rename from datacenter/playbooks/fabric-deploy-eapi.yml rename to tech-library/datacenter/evpnvxlan/playbooks/fabric-deploy-eapi.yml diff --git a/datacenter/playbooks/fabric-operations.yml b/tech-library/datacenter/evpnvxlan/playbooks/fabric-operations.yml similarity index 100% rename from datacenter/playbooks/fabric-operations.yml rename to tech-library/datacenter/evpnvxlan/playbooks/fabric-operations.yml diff --git a/datacenter/playbooks/fabric-validate-state.yml b/tech-library/datacenter/evpnvxlan/playbooks/fabric-validate-state.yml similarity index 100% rename from datacenter/playbooks/fabric-validate-state.yml rename to tech-library/datacenter/evpnvxlan/playbooks/fabric-validate-state.yml diff --git a/datacenter/playbooks/roles/act_topology_gen/README.md b/tech-library/datacenter/evpnvxlan/playbooks/roles/act_topology_gen/README.md similarity index 100% rename from datacenter/playbooks/roles/act_topology_gen/README.md rename to tech-library/datacenter/evpnvxlan/playbooks/roles/act_topology_gen/README.md diff --git a/datacenter/playbooks/roles/act_topology_gen/defaults/main.yml b/tech-library/datacenter/evpnvxlan/playbooks/roles/act_topology_gen/defaults/main.yml similarity index 100% rename from datacenter/playbooks/roles/act_topology_gen/defaults/main.yml rename to tech-library/datacenter/evpnvxlan/playbooks/roles/act_topology_gen/defaults/main.yml diff --git a/datacenter/playbooks/roles/act_topology_gen/meta/main.yml b/tech-library/datacenter/evpnvxlan/playbooks/roles/act_topology_gen/meta/main.yml similarity index 100% rename from datacenter/playbooks/roles/act_topology_gen/meta/main.yml rename to tech-library/datacenter/evpnvxlan/playbooks/roles/act_topology_gen/meta/main.yml diff --git a/datacenter/playbooks/roles/act_topology_gen/tasks/main.yml b/tech-library/datacenter/evpnvxlan/playbooks/roles/act_topology_gen/tasks/main.yml similarity index 100% rename from datacenter/playbooks/roles/act_topology_gen/tasks/main.yml rename to tech-library/datacenter/evpnvxlan/playbooks/roles/act_topology_gen/tasks/main.yml diff --git a/datacenter/playbooks/roles/act_topology_gen/templates/act-topology.j2 b/tech-library/datacenter/evpnvxlan/playbooks/roles/act_topology_gen/templates/act-topology.j2 similarity index 100% rename from datacenter/playbooks/roles/act_topology_gen/templates/act-topology.j2 rename to tech-library/datacenter/evpnvxlan/playbooks/roles/act_topology_gen/templates/act-topology.j2 diff --git a/datacenter/playbooks/roles/act_topology_gen/tests/inventory b/tech-library/datacenter/evpnvxlan/playbooks/roles/act_topology_gen/tests/inventory similarity index 100% rename from datacenter/playbooks/roles/act_topology_gen/tests/inventory rename to tech-library/datacenter/evpnvxlan/playbooks/roles/act_topology_gen/tests/inventory diff --git a/datacenter/playbooks/roles/act_topology_gen/tests/test.yml b/tech-library/datacenter/evpnvxlan/playbooks/roles/act_topology_gen/tests/test.yml similarity index 100% rename from datacenter/playbooks/roles/act_topology_gen/tests/test.yml rename to tech-library/datacenter/evpnvxlan/playbooks/roles/act_topology_gen/tests/test.yml diff --git a/datacenter/playbooks/roles/act_topology_gen/vars/main.yml b/tech-library/datacenter/evpnvxlan/playbooks/roles/act_topology_gen/vars/main.yml similarity index 100% rename from datacenter/playbooks/roles/act_topology_gen/vars/main.yml rename to tech-library/datacenter/evpnvxlan/playbooks/roles/act_topology_gen/vars/main.yml diff --git a/datacenter/playbooks/server-build.yml b/tech-library/datacenter/evpnvxlan/playbooks/server-build.yml similarity index 100% rename from datacenter/playbooks/server-build.yml rename to tech-library/datacenter/evpnvxlan/playbooks/server-build.yml diff --git a/datacenter/playbooks/server-deploy-cv.yml b/tech-library/datacenter/evpnvxlan/playbooks/server-deploy-cv.yml similarity index 100% rename from datacenter/playbooks/server-deploy-cv.yml rename to tech-library/datacenter/evpnvxlan/playbooks/server-deploy-cv.yml diff --git a/datacenter/playbooks/server-deploy-eapi.yml b/tech-library/datacenter/evpnvxlan/playbooks/server-deploy-eapi.yml similarity index 100% rename from datacenter/playbooks/server-deploy-eapi.yml rename to tech-library/datacenter/evpnvxlan/playbooks/server-deploy-eapi.yml diff --git a/datacenter/playbooks/server-operations.yml b/tech-library/datacenter/evpnvxlan/playbooks/server-operations.yml similarity index 100% rename from datacenter/playbooks/server-operations.yml rename to tech-library/datacenter/evpnvxlan/playbooks/server-operations.yml diff --git a/datacenter/playbooks/templates/dom-b-template.j2 b/tech-library/datacenter/evpnvxlan/playbooks/templates/dom-b-template.j2 similarity index 100% rename from datacenter/playbooks/templates/dom-b-template.j2 rename to tech-library/datacenter/evpnvxlan/playbooks/templates/dom-b-template.j2 diff --git a/datacenter/playbooks/templates/dom-d-template.j2 b/tech-library/datacenter/evpnvxlan/playbooks/templates/dom-d-template.j2 similarity index 100% rename from datacenter/playbooks/templates/dom-d-template.j2 rename to tech-library/datacenter/evpnvxlan/playbooks/templates/dom-d-template.j2 diff --git a/datacenter/playbooks/templates/evpngw-af-evpn.j2 b/tech-library/datacenter/evpnvxlan/playbooks/templates/evpngw-af-evpn.j2 similarity index 100% rename from datacenter/playbooks/templates/evpngw-af-evpn.j2 rename to tech-library/datacenter/evpnvxlan/playbooks/templates/evpngw-af-evpn.j2 diff --git a/datacenter/playbooks/templates/vxlan-mcast-overlay.j2 b/tech-library/datacenter/evpnvxlan/playbooks/templates/vxlan-mcast-overlay.j2 similarity index 100% rename from datacenter/playbooks/templates/vxlan-mcast-overlay.j2 rename to tech-library/datacenter/evpnvxlan/playbooks/templates/vxlan-mcast-overlay.j2 diff --git a/datacenter/scripts/combine_act_topo.py b/tech-library/datacenter/evpnvxlan/scripts/combine_act_topo.py similarity index 100% rename from datacenter/scripts/combine_act_topo.py rename to tech-library/datacenter/evpnvxlan/scripts/combine_act_topo.py diff --git a/datacenter/scripts/convert_inventory-to-act-inventory.py b/tech-library/datacenter/evpnvxlan/scripts/convert_inventory-to-act-inventory.py similarity index 100% rename from datacenter/scripts/convert_inventory-to-act-inventory.py rename to tech-library/datacenter/evpnvxlan/scripts/convert_inventory-to-act-inventory.py diff --git a/datacenter/scripts/yaml-to-json.py b/tech-library/datacenter/evpnvxlan/scripts/yaml-to-json.py similarity index 100% rename from datacenter/scripts/yaml-to-json.py rename to tech-library/datacenter/evpnvxlan/scripts/yaml-to-json.py diff --git a/datacenter/servers/anta_inventory.yml b/tech-library/datacenter/evpnvxlan/servers/anta_inventory.yml similarity index 100% rename from datacenter/servers/anta_inventory.yml rename to tech-library/datacenter/evpnvxlan/servers/anta_inventory.yml diff --git a/datacenter/servers/custom_anta_catelogs/ping-blue-hosts.yml b/tech-library/datacenter/evpnvxlan/servers/custom_anta_catelogs/ping-blue-hosts.yml similarity index 100% rename from datacenter/servers/custom_anta_catelogs/ping-blue-hosts.yml rename to tech-library/datacenter/evpnvxlan/servers/custom_anta_catelogs/ping-blue-hosts.yml diff --git a/datacenter/servers/cv_studio_inputs/studio-inputs-hosts.yaml b/tech-library/datacenter/evpnvxlan/servers/cv_studio_inputs/studio-inputs-hosts.yaml similarity index 100% rename from datacenter/servers/cv_studio_inputs/studio-inputs-hosts.yaml rename to tech-library/datacenter/evpnvxlan/servers/cv_studio_inputs/studio-inputs-hosts.yaml diff --git a/datacenter/servers/host_vars/A1.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/A1.yml similarity index 100% rename from datacenter/servers/host_vars/A1.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/A1.yml diff --git a/datacenter/servers/host_vars/A2.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/A2.yml similarity index 100% rename from datacenter/servers/host_vars/A2.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/A2.yml diff --git a/datacenter/servers/host_vars/A3.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/A3.yml similarity index 100% rename from datacenter/servers/host_vars/A3.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/A3.yml diff --git a/datacenter/servers/host_vars/A4.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/A4.yml similarity index 100% rename from datacenter/servers/host_vars/A4.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/A4.yml diff --git a/datacenter/servers/host_vars/A5.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/A5.yml similarity index 100% rename from datacenter/servers/host_vars/A5.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/A5.yml diff --git a/datacenter/servers/host_vars/A6.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/A6.yml similarity index 100% rename from datacenter/servers/host_vars/A6.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/A6.yml diff --git a/datacenter/servers/host_vars/B1.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/B1.yml similarity index 100% rename from datacenter/servers/host_vars/B1.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/B1.yml diff --git a/datacenter/servers/host_vars/B2.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/B2.yml similarity index 100% rename from datacenter/servers/host_vars/B2.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/B2.yml diff --git a/datacenter/servers/host_vars/B3.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/B3.yml similarity index 100% rename from datacenter/servers/host_vars/B3.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/B3.yml diff --git a/datacenter/servers/host_vars/B4.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/B4.yml similarity index 100% rename from datacenter/servers/host_vars/B4.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/B4.yml diff --git a/datacenter/servers/host_vars/B5.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/B5.yml similarity index 100% rename from datacenter/servers/host_vars/B5.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/B5.yml diff --git a/datacenter/servers/host_vars/B6.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/B6.yml similarity index 100% rename from datacenter/servers/host_vars/B6.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/B6.yml diff --git a/datacenter/servers/host_vars/B7.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/B7.yml similarity index 100% rename from datacenter/servers/host_vars/B7.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/B7.yml diff --git a/datacenter/servers/host_vars/C1.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/C1.yml similarity index 100% rename from datacenter/servers/host_vars/C1.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/C1.yml diff --git a/datacenter/servers/host_vars/C2.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/C2.yml similarity index 100% rename from datacenter/servers/host_vars/C2.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/C2.yml diff --git a/datacenter/servers/host_vars/C3.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/C3.yml similarity index 100% rename from datacenter/servers/host_vars/C3.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/C3.yml diff --git a/datacenter/servers/host_vars/C4.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/C4.yml similarity index 100% rename from datacenter/servers/host_vars/C4.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/C4.yml diff --git a/datacenter/servers/host_vars/C5.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/C5.yml similarity index 100% rename from datacenter/servers/host_vars/C5.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/C5.yml diff --git a/datacenter/servers/host_vars/C6.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/C6.yml similarity index 100% rename from datacenter/servers/host_vars/C6.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/C6.yml diff --git a/datacenter/servers/host_vars/D1.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/D1.yml similarity index 100% rename from datacenter/servers/host_vars/D1.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/D1.yml diff --git a/datacenter/servers/host_vars/D2.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/D2.yml similarity index 100% rename from datacenter/servers/host_vars/D2.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/D2.yml diff --git a/datacenter/servers/host_vars/D3.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/D3.yml similarity index 100% rename from datacenter/servers/host_vars/D3.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/D3.yml diff --git a/datacenter/servers/host_vars/D4.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/D4.yml similarity index 100% rename from datacenter/servers/host_vars/D4.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/D4.yml diff --git a/datacenter/servers/host_vars/D5.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/D5.yml similarity index 100% rename from datacenter/servers/host_vars/D5.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/D5.yml diff --git a/datacenter/servers/host_vars/D6.yml b/tech-library/datacenter/evpnvxlan/servers/host_vars/D6.yml similarity index 100% rename from datacenter/servers/host_vars/D6.yml rename to tech-library/datacenter/evpnvxlan/servers/host_vars/D6.yml diff --git a/datacenter/servers/inventory.yml b/tech-library/datacenter/evpnvxlan/servers/inventory.yml similarity index 100% rename from datacenter/servers/inventory.yml rename to tech-library/datacenter/evpnvxlan/servers/inventory.yml diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/act/act-dc-evpnvxlan-dg.yml b/tech-library/datacenter/evpnvxlan/zbackend-infra/act/act-dc-evpnvxlan-dg.yml new file mode 100644 index 00000000..cdb5cd89 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/act/act-dc-evpnvxlan-dg.yml @@ -0,0 +1,1214 @@ +--- + +veos: + password: Arista123! + username: arista + version: 4.32.1F + switchport_default_mode_routed: true + +cvp: + password: cvproot + username: root + version: 2024.1.2 + +generic: + password: ansible + username: ansible + version: ubuntu-2204-lts + +tools-server: + password: ansible + username: ansible + version: ubuntu-2204-lts + +nodes: +############################## +############################## +### Domain A +############################## +############################## + - A-SPINE1: + ip_addr: 192.168.0.11 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - A-SPINE2: + ip_addr: 192.168.0.12 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - A-SPINE3: + ip_addr: 192.168.0.13 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - A-SPINE4: + ip_addr: 192.168.0.14 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - A-LEAF1: + ip_addr: 192.168.0.111 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - A-LEAF2: + ip_addr: 192.168.0.112 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - A-LEAF3: + ip_addr: 192.168.0.113 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - A-LEAF4: + ip_addr: 192.168.0.114 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - A-LEAF5: + ip_addr: 192.168.0.115 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - A-LEAF6: + ip_addr: 192.168.0.116 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - A-LEAF7: + ip_addr: 192.168.0.117 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - A-LEAF8: + ip_addr: 192.168.0.118 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - A1: + ip_addr: 192.168.0.211 + node_type: generic + - A2: + ip_addr: 192.168.0.212 + node_type: generic + - A3: + ip_addr: 192.168.0.213 + node_type: generic + - A4: + ip_addr: 192.168.0.214 + node_type: generic + - A5: + ip_addr: 192.168.0.215 + node_type: generic + - A6: + ip_addr: 192.168.0.216 + node_type: generic +############################## +############################## +### Domain B +############################## +############################## + - B-SPINE1: + ip_addr: 192.168.0.21 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - B-SPINE2: + ip_addr: 192.168.0.22 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - B-SPINE3: + ip_addr: 192.168.0.23 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - B-SPINE4: + ip_addr: 192.168.0.24 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - B-LEAF1: + ip_addr: 192.168.0.121 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - B-LEAF2: + ip_addr: 192.168.0.122 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - B-LEAF3: + ip_addr: 192.168.0.123 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - B-LEAF4: + ip_addr: 192.168.0.124 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - B-LEAF5: + ip_addr: 192.168.0.125 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - B-LEAF6: + ip_addr: 192.168.0.126 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - B-LEAF7: + ip_addr: 192.168.0.127 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - B-LEAF8: + ip_addr: 192.168.0.128 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - B-SW1: + ip_addr: 192.168.0.129 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - B1: + ip_addr: 192.168.0.221 + node_type: generic + - B2: + ip_addr: 192.168.0.222 + node_type: generic + - B3: + ip_addr: 192.168.0.223 + node_type: generic + - B4: + ip_addr: 192.168.0.224 + node_type: generic + - B5: + ip_addr: 192.168.0.225 + node_type: generic + - B6: + ip_addr: 192.168.0.226 + node_type: generic + - B7: + ip_addr: 192.168.0.227 + node_type: generic +############################## +############################## +### Domain C +############################## +############################## + - C-SPINE1: + ip_addr: 192.168.0.31 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - C-SPINE2: + ip_addr: 192.168.0.32 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - C-LEAF1: + ip_addr: 192.168.0.131 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - C-LEAF2: + ip_addr: 192.168.0.132 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - C-LEAF3: + ip_addr: 192.168.0.133 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - C-LEAF4: + ip_addr: 192.168.0.134 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - C-LEAF5: + ip_addr: 192.168.0.135 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - C-LEAF6: + ip_addr: 192.168.0.136 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - C-LEAF7: + ip_addr: 192.168.0.137 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - C-LEAF8: + ip_addr: 192.168.0.138 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - C1: + ip_addr: 192.168.0.231 + node_type: generic + - C2: + ip_addr: 192.168.0.232 + node_type: generic + - C3: + ip_addr: 192.168.0.233 + node_type: generic + - C4: + ip_addr: 192.168.0.234 + node_type: generic + - C5: + ip_addr: 192.168.0.235 + node_type: generic + - C6: + ip_addr: 192.168.0.236 + node_type: generic +############################## +############################## +### Domain D +############################## +############################## + - D-SPINE1: + ip_addr: 192.168.0.41 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - D-SPINE2: + ip_addr: 192.168.0.42 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - D-SPINE3: + ip_addr: 192.168.0.43 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - D-SPINE4: + ip_addr: 192.168.0.44 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - D-LEAF1: + ip_addr: 192.168.0.141 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - D-LEAF2: + ip_addr: 192.168.0.142 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - D-LEAF3: + ip_addr: 192.168.0.143 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - D-LEAF4: + ip_addr: 192.168.0.144 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - D-LEAF5: + ip_addr: 192.168.0.145 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - D-LEAF6: + ip_addr: 192.168.0.146 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - D-LEAF7: + ip_addr: 192.168.0.147 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - D-LEAF8: + ip_addr: 192.168.0.148 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - D1: + ip_addr: 192.168.0.241 + node_type: generic + - D2: + ip_addr: 192.168.0.242 + node_type: generic + - D3: + ip_addr: 192.168.0.243 + node_type: generic + - D4: + ip_addr: 192.168.0.244 + node_type: generic + - D5: + ip_addr: 192.168.0.245 + node_type: generic + - D6: + ip_addr: 192.168.0.246 + node_type: generic +############################## +############################## +### Backbone +############################## +############################## + - BB1: + ip_addr: 192.168.0.251 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 + - BB2: + ip_addr: 192.168.0.252 + node_type: veos + instance_type: xlarge + ports: + - Ethernet1-10 +############################## +############################## +### CV and Tools Server +############################## +############################## + - cvp: + ip_addr: 192.168.0.5 + node_type: cvp + instance_type: xlarge + auto_configuration: true + - tools: + ip_addr: 192.168.0.9 + node_type: tools-server + instance_type: xlarge +links: +############################## +############################## +### Domain A Links +############################## +############################## +############################## +### A-SPINE1 to A-LEAF Nodes +############################## + - connection: + - A-SPINE1:Ethernet1 + - A-LEAF1:Ethernet1 + - connection: + - A-SPINE1:Ethernet2 + - A-LEAF2:Ethernet1 + - connection: + - A-SPINE1:Ethernet3 + - A-LEAF3:Ethernet1 + - connection: + - A-SPINE1:Ethernet4 + - A-LEAF4:Ethernet1 + - connection: + - A-SPINE1:Ethernet5 + - A-LEAF5:Ethernet1 + - connection: + - A-SPINE1:Ethernet6 + - A-LEAF6:Ethernet1 + - connection: + - A-SPINE1:Ethernet7 + - A-LEAF7:Ethernet1 + - connection: + - A-SPINE1:Ethernet8 + - A-LEAF8:Ethernet1 +############################## +### A-SPINE2 to A-LEAF Nodes +############################## + - connection: + - A-SPINE2:Ethernet1 + - A-LEAF1:Ethernet2 + - connection: + - A-SPINE2:Ethernet2 + - A-LEAF2:Ethernet2 + - connection: + - A-SPINE2:Ethernet3 + - A-LEAF3:Ethernet2 + - connection: + - A-SPINE2:Ethernet4 + - A-LEAF4:Ethernet2 + - connection: + - A-SPINE2:Ethernet5 + - A-LEAF5:Ethernet2 + - connection: + - A-SPINE2:Ethernet6 + - A-LEAF6:Ethernet2 + - connection: + - A-SPINE2:Ethernet7 + - A-LEAF7:Ethernet2 + - connection: + - A-SPINE2:Ethernet8 + - A-LEAF8:Ethernet2 +############################## +### A-SPINE3 to A-LEAF Nodes +############################## + - connection: + - A-SPINE3:Ethernet1 + - A-LEAF1:Ethernet3 + - connection: + - A-SPINE3:Ethernet2 + - A-LEAF2:Ethernet3 + - connection: + - A-SPINE3:Ethernet3 + - A-LEAF3:Ethernet3 + - connection: + - A-SPINE3:Ethernet4 + - A-LEAF4:Ethernet3 + - connection: + - A-SPINE3:Ethernet5 + - A-LEAF5:Ethernet3 + - connection: + - A-SPINE3:Ethernet6 + - A-LEAF6:Ethernet3 + - connection: + - A-SPINE3:Ethernet7 + - A-LEAF7:Ethernet3 + - connection: + - A-SPINE3:Ethernet8 + - A-LEAF8:Ethernet3 +############################## +### A-SPINE4 to A-LEAF Nodes +############################## + - connection: + - A-SPINE4:Ethernet1 + - A-LEAF1:Ethernet4 + - connection: + - A-SPINE4:Ethernet2 + - A-LEAF2:Ethernet4 + - connection: + - A-SPINE4:Ethernet3 + - A-LEAF3:Ethernet4 + - connection: + - A-SPINE4:Ethernet4 + - A-LEAF4:Ethernet4 + - connection: + - A-SPINE4:Ethernet5 + - A-LEAF5:Ethernet4 + - connection: + - A-SPINE4:Ethernet6 + - A-LEAF6:Ethernet4 + - connection: + - A-SPINE4:Ethernet7 + - A-LEAF7:Ethernet4 + - connection: + - A-SPINE4:Ethernet8 + - A-LEAF8:Ethernet4 +############################## +### A-LEAF1 A-LEAF2 +############################## + - connection: + - A-LEAF1:Ethernet5 + - A-LEAF2:Ethernet5 + - connection: + - A-LEAF1:Ethernet6 + - A-LEAF2:Ethernet6 +############################## +### A-LEAF3 A-LEAF4 +############################## + - connection: + - A-LEAF3:Ethernet5 + - A-LEAF4:Ethernet5 + - connection: + - A-LEAF3:Ethernet6 + - A-LEAF4:Ethernet6 +############################## +### A-LEAF5 A-LEAF6 +############################## + - connection: + - A-LEAF5:Ethernet5 + - A-LEAF6:Ethernet5 + - connection: + - A-LEAF5:Ethernet6 + - A-LEAF6:Ethernet6 +############################## +### A-LEAF7 A-LEAF8 +############################## + - connection: + - A-LEAF7:Ethernet5 + - A-LEAF8:Ethernet5 + - connection: + - A-LEAF7:Ethernet6 + - A-LEAF8:Ethernet6 +############################## +### Host A1 +############################## + - connection: + - A-LEAF1:Ethernet7 + - A1:Ethernet1 + - connection: + - A-LEAF2:Ethernet7 + - A1:Ethernet2 +############################## +### Host A2 +############################## + - connection: + - A-LEAF1:Ethernet8 + - A2:Ethernet1 + - connection: + - A-LEAF2:Ethernet8 + - A2:Ethernet2 +############################## +### Host A3 +############################## + - connection: + - A-LEAF3:Ethernet7 + - A3:Ethernet1 +############################## +### Host A4 +############################## + - connection: + - A-LEAF3:Ethernet8 + - A4:Ethernet1 + - connection: + - A-LEAF4:Ethernet8 + - A4:Ethernet2 +############################## +### Host A5 +############################## + - connection: + - A-LEAF4:Ethernet7 + - A5:Ethernet1 +############################## +### Host A6 +############################## + - connection: + - A-LEAF5:Ethernet7 + - A6:Ethernet1 + - connection: + - A-LEAF6:Ethernet7 + - A6:Ethernet2 +############################## +############################## +### Domain B Links +############################## +############################## +############################## +### B-SPINE1 to B-LEAF Nodes +############################## + - connection: + - B-SPINE1:Ethernet1 + - B-LEAF1:Ethernet1 + - connection: + - B-SPINE1:Ethernet2 + - B-LEAF2:Ethernet1 + - connection: + - B-SPINE1:Ethernet3 + - B-LEAF3:Ethernet1 + - connection: + - B-SPINE1:Ethernet4 + - B-LEAF4:Ethernet1 + - connection: + - B-SPINE1:Ethernet5 + - B-LEAF5:Ethernet1 + - connection: + - B-SPINE1:Ethernet6 + - B-LEAF6:Ethernet1 + - connection: + - B-SPINE1:Ethernet7 + - B-LEAF7:Ethernet1 + - connection: + - B-SPINE1:Ethernet8 + - B-LEAF8:Ethernet1 +############################## +### B-SPINE2 to B-LEAF Nodes +############################## + - connection: + - B-SPINE2:Ethernet1 + - B-LEAF1:Ethernet2 + - connection: + - B-SPINE2:Ethernet2 + - B-LEAF2:Ethernet2 + - connection: + - B-SPINE2:Ethernet3 + - B-LEAF3:Ethernet2 + - connection: + - B-SPINE2:Ethernet4 + - B-LEAF4:Ethernet2 + - connection: + - B-SPINE2:Ethernet5 + - B-LEAF5:Ethernet2 + - connection: + - B-SPINE2:Ethernet6 + - B-LEAF6:Ethernet2 + - connection: + - B-SPINE2:Ethernet7 + - B-LEAF7:Ethernet2 + - connection: + - B-SPINE2:Ethernet8 + - B-LEAF8:Ethernet2 +############################## +### B-SPINE3 to B-LEAF Nodes +############################## + - connection: + - B-SPINE3:Ethernet1 + - B-LEAF1:Ethernet3 + - connection: + - B-SPINE3:Ethernet2 + - B-LEAF2:Ethernet3 + - connection: + - B-SPINE3:Ethernet3 + - B-LEAF3:Ethernet3 + - connection: + - B-SPINE3:Ethernet4 + - B-LEAF4:Ethernet3 + - connection: + - B-SPINE3:Ethernet5 + - B-LEAF5:Ethernet3 + - connection: + - B-SPINE3:Ethernet6 + - B-LEAF6:Ethernet3 + - connection: + - B-SPINE3:Ethernet7 + - B-LEAF7:Ethernet3 + - connection: + - B-SPINE3:Ethernet8 + - B-LEAF8:Ethernet3 +############################## +### B-SPINE4 to B-LEAF Nodes +############################## + - connection: + - B-SPINE4:Ethernet1 + - B-LEAF1:Ethernet4 + - connection: + - B-SPINE4:Ethernet2 + - B-LEAF2:Ethernet4 + - connection: + - B-SPINE4:Ethernet3 + - B-LEAF3:Ethernet4 + - connection: + - B-SPINE4:Ethernet4 + - B-LEAF4:Ethernet4 + - connection: + - B-SPINE4:Ethernet5 + - B-LEAF5:Ethernet4 + - connection: + - B-SPINE4:Ethernet6 + - B-LEAF6:Ethernet4 + - connection: + - B-SPINE4:Ethernet7 + - B-LEAF7:Ethernet4 + - connection: + - B-SPINE4:Ethernet8 + - B-LEAF8:Ethernet4 +############################## +### B-SW1 +############################## + - connection: + - B-SW1:Ethernet1 + - B-LEAF5:Ethernet7 + - connection: + - B-SW1:Ethernet2 + - B-LEAF6:Ethernet7 +############################## +### Host B1 +############################## + - connection: + - B-LEAF1:Ethernet7 + - B1:Ethernet1 + - connection: + - B-LEAF2:Ethernet7 + - B1:Ethernet2 +############################## +### Host B2 +############################## + - connection: + - B-LEAF1:Ethernet8 + - B2:Ethernet1 + - connection: + - B-LEAF2:Ethernet8 + - B2:Ethernet2 +############################## +### Host B3 +############################## + - connection: + - B-LEAF3:Ethernet7 + - B3:Ethernet1 +############################## +### Host B4 +############################## + - connection: + - B-LEAF3:Ethernet8 + - B4:Ethernet1 + - connection: + - B-LEAF4:Ethernet8 + - B4:Ethernet2 +############################## +### Host B5 +############################## + - connection: + - B-LEAF4:Ethernet7 + - B5:Ethernet1 +############################## +### Host B6 +############################## + - connection: + - B-SW1:Ethernet3 + - B6:Ethernet1 +############################## +### Host B7 +############################## + - connection: + - B-SW1:Ethernet4 + - B7:Ethernet1 +############################## +############################## +### Domain C Links +############################## +############################## +############################## +### C-SPINE1 to C-LEAF Nodes +############################## + - connection: + - C-SPINE1:Ethernet1 + - C-LEAF1:Ethernet1 + - connection: + - C-SPINE1:Ethernet2 + - C-LEAF2:Ethernet1 + - connection: + - C-SPINE1:Ethernet3 + - C-LEAF3:Ethernet1 + - connection: + - C-SPINE1:Ethernet4 + - C-LEAF4:Ethernet1 + - connection: + - C-SPINE1:Ethernet5 + - C-LEAF5:Ethernet1 + - connection: + - C-SPINE1:Ethernet6 + - C-LEAF6:Ethernet1 + - connection: + - C-SPINE1:Ethernet7 + - C-LEAF7:Ethernet1 + - connection: + - C-SPINE1:Ethernet8 + - C-LEAF8:Ethernet1 +############################## +### C-SPINE2 to C-LEAF Nodes +############################## + - connection: + - C-SPINE2:Ethernet1 + - C-LEAF1:Ethernet2 + - connection: + - C-SPINE2:Ethernet2 + - C-LEAF2:Ethernet2 + - connection: + - C-SPINE2:Ethernet3 + - C-LEAF3:Ethernet2 + - connection: + - C-SPINE2:Ethernet4 + - C-LEAF4:Ethernet2 + - connection: + - C-SPINE2:Ethernet5 + - C-LEAF5:Ethernet2 + - connection: + - C-SPINE2:Ethernet6 + - C-LEAF6:Ethernet2 + - connection: + - C-SPINE2:Ethernet7 + - C-LEAF7:Ethernet2 + - connection: + - C-SPINE2:Ethernet8 + - C-LEAF8:Ethernet2 +############################## +### C-LEAF1 C-LEAF2 +############################## + - connection: + - C-LEAF1:Ethernet5 + - C-LEAF2:Ethernet5 + - connection: + - C-LEAF1:Ethernet6 + - C-LEAF2:Ethernet6 +############################## +### C-LEAF3 C-LEAF4 +############################## + - connection: + - C-LEAF3:Ethernet5 + - C-LEAF4:Ethernet5 + - connection: + - C-LEAF3:Ethernet6 + - C-LEAF4:Ethernet6 +############################## +### C-LEAF5 C-LEAF6 +############################## + - connection: + - C-LEAF5:Ethernet5 + - C-LEAF6:Ethernet5 + - connection: + - C-LEAF5:Ethernet6 + - C-LEAF6:Ethernet6 +############################## +### C-LEAF7 C-LEAF8 +############################## + - connection: + - C-LEAF7:Ethernet5 + - C-LEAF8:Ethernet5 + - connection: + - C-LEAF7:Ethernet6 + - C-LEAF8:Ethernet6 +############################## +### Host C1 +############################## + - connection: + - C-LEAF1:Ethernet7 + - C1:Ethernet1 + - connection: + - C-LEAF2:Ethernet7 + - C1:Ethernet2 +############################## +### Host C2 +############################## + - connection: + - C-LEAF3:Ethernet7 + - C2:Ethernet1 +############################## +### Host C3 +############################## + - connection: + - C-LEAF3:Ethernet8 + - C3:Ethernet1 + - connection: + - C-LEAF4:Ethernet8 + - C3:Ethernet2 +############################## +### Host C4 +############################## + - connection: + - C-LEAF4:Ethernet7 + - C4:Ethernet1 +############################## +### Host C5 +############################## + - connection: + - C-LEAF5:Ethernet7 + - C5:Ethernet1 + - connection: + - C-LEAF6:Ethernet7 + - C5:Ethernet2 +############################## +### Host C6 +############################## + - connection: + - C-LEAF5:Ethernet8 + - C6:Ethernet1 + - connection: + - C-LEAF6:Ethernet8 + - C6:Ethernet2 +############################## +############################## +### Domain D Links +############################## +############################## +############################## +### D-SPINE1 to D-LEAF Nodes +############################## + - connection: + - D-SPINE1:Ethernet1 + - D-LEAF1:Ethernet1 + - connection: + - D-SPINE1:Ethernet2 + - D-LEAF2:Ethernet1 + - connection: + - D-SPINE1:Ethernet3 + - D-LEAF3:Ethernet1 + - connection: + - D-SPINE1:Ethernet4 + - D-LEAF4:Ethernet1 + - connection: + - D-SPINE1:Ethernet5 + - D-LEAF5:Ethernet1 + - connection: + - D-SPINE1:Ethernet6 + - D-LEAF6:Ethernet1 + - connection: + - D-SPINE1:Ethernet7 + - D-LEAF7:Ethernet1 + - connection: + - D-SPINE1:Ethernet8 + - D-LEAF8:Ethernet1 +############################## +### D-SPINE2 to D-LEAF Nodes +############################## + - connection: + - D-SPINE2:Ethernet1 + - D-LEAF1:Ethernet2 + - connection: + - D-SPINE2:Ethernet2 + - D-LEAF2:Ethernet2 + - connection: + - D-SPINE2:Ethernet3 + - D-LEAF3:Ethernet2 + - connection: + - D-SPINE2:Ethernet4 + - D-LEAF4:Ethernet2 + - connection: + - D-SPINE2:Ethernet5 + - D-LEAF5:Ethernet2 + - connection: + - D-SPINE2:Ethernet6 + - D-LEAF6:Ethernet2 + - connection: + - D-SPINE2:Ethernet7 + - D-LEAF7:Ethernet2 + - connection: + - D-SPINE2:Ethernet8 + - D-LEAF8:Ethernet2 +############################## +### D-SPINE3 to D-LEAF Nodes +############################## + - connection: + - D-SPINE3:Ethernet1 + - D-LEAF1:Ethernet3 + - connection: + - D-SPINE3:Ethernet2 + - D-LEAF2:Ethernet3 + - connection: + - D-SPINE3:Ethernet3 + - D-LEAF3:Ethernet3 + - connection: + - D-SPINE3:Ethernet4 + - D-LEAF4:Ethernet3 + - connection: + - D-SPINE3:Ethernet5 + - D-LEAF5:Ethernet3 + - connection: + - D-SPINE3:Ethernet6 + - D-LEAF6:Ethernet3 + - connection: + - D-SPINE3:Ethernet7 + - D-LEAF7:Ethernet3 + - connection: + - D-SPINE3:Ethernet8 + - D-LEAF8:Ethernet3 +############################## +### D-SPINE4 to D-LEAF Nodes +############################## + - connection: + - D-SPINE4:Ethernet1 + - D-LEAF1:Ethernet4 + - connection: + - D-SPINE4:Ethernet2 + - D-LEAF2:Ethernet4 + - connection: + - D-SPINE4:Ethernet3 + - D-LEAF3:Ethernet4 + - connection: + - D-SPINE4:Ethernet4 + - D-LEAF4:Ethernet4 + - connection: + - D-SPINE4:Ethernet5 + - D-LEAF5:Ethernet4 + - connection: + - D-SPINE4:Ethernet6 + - D-LEAF6:Ethernet4 + - connection: + - D-SPINE4:Ethernet7 + - D-LEAF7:Ethernet4 + - connection: + - D-SPINE4:Ethernet8 + - D-LEAF8:Ethernet4 +############################## +### D-LEAF1 D-LEAF2 +############################## + - connection: + - D-LEAF1:Ethernet5 + - D-LEAF2:Ethernet5 + - connection: + - D-LEAF1:Ethernet6 + - D-LEAF2:Ethernet6 +############################## +### D-LEAF3 D-LEAF4 +############################## + - connection: + - D-LEAF3:Ethernet5 + - D-LEAF4:Ethernet5 + - connection: + - D-LEAF3:Ethernet6 + - D-LEAF4:Ethernet6 +############################## +### D-LEAF5 D-LEAF6 +############################## + - connection: + - D-LEAF5:Ethernet5 + - D-LEAF6:Ethernet5 + - connection: + - D-LEAF5:Ethernet6 + - D-LEAF6:Ethernet6 +############################## +### D-LEAF7 D-LEAF8 +############################## + - connection: + - D-LEAF7:Ethernet5 + - D-LEAF8:Ethernet5 + - connection: + - D-LEAF7:Ethernet6 + - D-LEAF8:Ethernet6 +############################## +### Host D1 +############################## + - connection: + - D-LEAF1:Ethernet7 + - D1:Ethernet1 + - connection: + - D-LEAF2:Ethernet7 + - D1:Ethernet2 +############################## +### Host D2 +############################## + - connection: + - D-LEAF1:Ethernet8 + - D2:Ethernet1 + - connection: + - D-LEAF2:Ethernet8 + - D2:Ethernet2 +############################## +### Host D3 +############################## + - connection: + - D-LEAF3:Ethernet7 + - D3:Ethernet1 +############################## +### Host D4 +############################## + - connection: + - D-LEAF3:Ethernet8 + - D4:Ethernet1 + - connection: + - D-LEAF4:Ethernet8 + - D4:Ethernet2 +############################## +### Host D5 +############################## + - connection: + - D-LEAF4:Ethernet7 + - D5:Ethernet1 +############################## +### Host D6 +############################## + - connection: + - D-LEAF5:Ethernet7 + - D6:Ethernet1 + - connection: + - D-LEAF6:Ethernet7 + - D6:Ethernet2 +############################## +############################## +### Backbone Links +############################## +############################## +############################## +### Domain A to Backbone +############################## + - connection: + - A-LEAF7:Ethernet7 + - BB1:Ethernet1 + - connection: + - A-LEAF7:Ethernet8 + - BB2:Ethernet1 + - connection: + - A-LEAF8:Ethernet7 + - BB1:Ethernet2 + - connection: + - A-LEAF8:Ethernet8 + - BB2:Ethernet2 +############################## +### Domain B to Backbone +############################## + - connection: + - B-LEAF7:Ethernet7 + - BB1:Ethernet3 + - connection: + - B-LEAF7:Ethernet8 + - BB2:Ethernet3 + - connection: + - B-LEAF8:Ethernet7 + - BB1:Ethernet4 + - connection: + - B-LEAF8:Ethernet8 + - BB2:Ethernet4 +############################## +### Domain C to Backbone +############################## + - connection: + - C-LEAF7:Ethernet7 + - BB1:Ethernet5 + - connection: + - C-LEAF7:Ethernet8 + - BB2:Ethernet5 + - connection: + - C-LEAF8:Ethernet7 + - BB1:Ethernet6 + - connection: + - C-LEAF8:Ethernet8 + - BB2:Ethernet6 +############################## +### Domain D to Backbone +############################## + - connection: + - D-LEAF7:Ethernet7 + - BB1:Ethernet7 + - connection: + - D-LEAF7:Ethernet8 + - BB2:Ethernet7 + - connection: + - D-LEAF8:Ethernet7 + - BB1:Ethernet8 + - connection: + - D-LEAF8:Ethernet8 + - BB2:Ethernet8 +############################## +### Backbone interconnect +############################## + - connection: + - BB1:Ethernet9 + - BB2:Ethernet9 diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/clab/ansible.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/clab/ansible.cfg new file mode 100644 index 00000000..203d1efd --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/clab/ansible.cfg @@ -0,0 +1,45 @@ +[defaults] + +# Disable host key checking by the underlying tools Ansible uses to connect to target hosts +host_key_checking = False + +# Location of inventory file containing target hosts +inventory = ./inventory/inventory.yml + +# Only gather Ansible facts if explicity directed to in a given play +gathering = explicit + +# Disable the creation of .retry files if a playbook fails +retry_files_enabled = False + +# Path(s) to search for installed Ansible Galaxy Collections +collections_paths = ~/.ansible/collections + +# Enable additional Jinja2 Extensions (https://jinja.palletsprojects.com/en/3.1.x/extensions/) +jinja2_extensions = jinja2.ext.loopcontrols,jinja2.ext.do,jinja2.ext.i18n + +# Enable the YAML callback plugin, providing much easier to read terminal output. (https://docs.ansible.com/ansible/latest/plugins/callback.html#callback-plugins) +# stdout_callback = yaml + +# Permit the use of callback plugins when running ad-hoc commands +bin_ansible_callbacks = True + +# List of enabled callbacks. Many callbacks shipped with Ansible are not enabled by default +callbacks_enabled = profile_roles, profile_tasks, timer + +# Maximum number of forks that Ansible will use to execute tasks on target hosts +forks = 15 + +# Disable cowsay (Why?) +nocows = True + +[paramiko_connection] +# Automatically add the keys of target hosts to known hosts +host_key_auto_add = True + +[persistent_connection] +# Set the amount of time, in seconds, to wait for response from remote device before timing out persistent connection. +command_timeout = 60 + +# Set the amount of time, in seconds, that a persistent connection will remain idle before it is destroyed. +connect_timeout = 60 diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/clab/clab-dc-evpnvxlan-dg.yml b/tech-library/datacenter/evpnvxlan/zbackend-infra/clab/clab-dc-evpnvxlan-dg.yml new file mode 100644 index 00000000..d675b0db --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/clab/clab-dc-evpnvxlan-dg.yml @@ -0,0 +1,1161 @@ +--- +# -------------------------------------------------------------- +# Arista EVPN Deployment Guide Topology +# -------------------------------------------------------------- + +name: arista-evpn-dg + +prefix: "" + +mgmt: + network: mgmt + ipv4-subnet: 172.100.100.0/24 + +topology: + + defaults: + env: + INTFTYPE: et + + kinds: + ceos: + image: ceos:latest + memory: 4g + linux: + image: mitchv85/devhost + + nodes: +############################################################### +############################################################### +############################################################### +############################################################### +############################################################### +# DOMAIN "A" # +############################################################### +############################################################### +############################################################### +############################################################### +############################################################### + + +######################### +# DC "A" SPINE # +######################### + + A-SPINE1: + kind: ceos + mgmt-ipv4: 172.100.100.101 + startup-config: ../configs/A-SPINE1.cfg + ports: + - '22001:22' + - '8001:80' + - '44301:443' + + A-SPINE2: + kind: ceos + mgmt-ipv4: 172.100.100.102 + startup-config: ../configs/A-SPINE2.cfg + ports: + - '22002:22' + - '8002:80' + - '44302:443' + + A-SPINE3: + kind: ceos + mgmt-ipv4: 172.100.100.103 + startup-config: ../configs/A-SPINE3.cfg + ports: + - '22003:22' + - '8003:80' + - '44303:443' + + A-SPINE4: + kind: ceos + mgmt-ipv4: 172.100.100.104 + startup-config: ../configs/A-SPINE4.cfg + ports: + - '22004:22' + - '8004:80' + - '44304:443' + +######################### +# DC "A" LEAF # +######################### + + A-LEAF1: + kind: ceos + mgmt-ipv4: 172.100.100.105 + startup-config: ../configs/A-LEAF1.cfg + ports: + - '22005:22' + - '8005:80' + - '44305:443' + + A-LEAF2: + kind: ceos + mgmt-ipv4: 172.100.100.106 + startup-config: ../configs/A-LEAF2.cfg + ports: + - '22006:22' + - '8006:80' + - '44306:443' + + A-LEAF3: + kind: ceos + mgmt-ipv4: 172.100.100.107 + startup-config: ../configs/A-LEAF3.cfg + ports: + - '22007:22' + - '8007:80' + - '44307:443' + + A-LEAF4: + kind: ceos + mgmt-ipv4: 172.100.100.108 + startup-config: ../configs/A-LEAF4.cfg + ports: + - '22008:22' + - '8008:80' + - '44308:443' + + A-LEAF5: + kind: ceos + mgmt-ipv4: 172.100.100.109 + startup-config: ../configs/A-LEAF5.cfg + ports: + - '22009:22' + - '8009:80' + - '44309:443' + + A-LEAF6: + kind: ceos + mgmt-ipv4: 172.100.100.110 + startup-config: ../configs/A-LEAF6.cfg + ports: + - '22010:22' + - '8010:80' + - '44310:443' + + A-LEAF7: + kind: ceos + mgmt-ipv4: 172.100.100.111 + startup-config: ../configs/A-LEAF7.cfg + ports: + - '22011:22' + - '8011:80' + - '44311:443' + + A-LEAF8: + kind: ceos + mgmt-ipv4: 172.100.100.112 + startup-config: ../configs/A-LEAF8.cfg + ports: + - '22012:22' + - '8012:80' + - '44312:443' + +######################### +# DC "A" HostC6 # +######################### + + HostA1: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.201 + ports: + - '22201:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.10.10.101/24 -i6 2001:db8:10:10::101/64 -g 10.10.10.1 + + HostA2: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.202 + ports: + - '22202:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.30.30.101/24 -i6 2001:db8:30:30::101/64 -g 10.30.30.1 + + HostA3: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.203 + ports: + - '22203:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -i4 10.50.50.101/24 -i6 2001:db8:50:50::101/64 -g 10.50.50.1 + + HostA4: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.204 + ports: + - '22204:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.10.10.102/24 -i6 2001:db8:10:10::102/64 -g 10.10.10.1 + + HostA5: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.205 + ports: + - '22205:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -i4 10.30.30.102/24 -i6 2001:db8:30:30::102/64 -g 10.30.30.1 + + HostA6: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.206 + ports: + - '22206:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.70.70.101/24 -i6 2001:db8:70:70::101/64 -g 10.70.70.1 + + +############################################################### +############################################################### +############################################################### +############################################################### +############################################################### +# DOMAIN "B" # +############################################################### +############################################################### +############################################################### +############################################################### +############################################################### + + +######################### +# DC "B" SPINE # +######################### + + B-SPINE1: + kind: ceos + mgmt-ipv4: 172.100.100.114 + startup-config: ../configs/B-SPINE1.cfg + startup-delay: 30 + ports: + - '22014:22' + - '8014:80' + - '44314:443' + + B-SPINE2: + kind: ceos + mgmt-ipv4: 172.100.100.115 + startup-config: ../configs/B-SPINE2.cfg + startup-delay: 30 + ports: + - '22015:22' + - '8015:80' + - '44315:443' + + B-SPINE3: + kind: ceos + mgmt-ipv4: 172.100.100.116 + startup-config: ../configs/B-SPINE3.cfg + startup-delay: 30 + ports: + - '22016:22' + - '8016:80' + - '44316:443' + + B-SPINE4: + kind: ceos + mgmt-ipv4: 172.100.100.117 + startup-config: ../configs/B-SPINE4.cfg + startup-delay: 30 + ports: + - '22017:22' + - '8017:80' + - '44317:443' + +######################### +# DC "B" LEAF # +######################### + + B-LEAF1: + kind: ceos + mgmt-ipv4: 172.100.100.118 + startup-config: ../configs/B-LEAF1.cfg + startup-delay: 30 + ports: + - '22018:22' + - '8018:80' + - '44318:443' + + B-LEAF2: + kind: ceos + mgmt-ipv4: 172.100.100.119 + startup-config: ../configs/B-LEAF2.cfg + startup-delay: 30 + ports: + - '22019:22' + - '8019:80' + - '44319:443' + + B-LEAF3: + kind: ceos + mgmt-ipv4: 172.100.100.120 + startup-config: ../configs/B-LEAF3.cfg + startup-delay: 30 + ports: + - '22020:22' + - '8020:80' + - '44320:443' + + B-LEAF4: + kind: ceos + mgmt-ipv4: 172.100.100.121 + startup-config: ../configs/B-LEAF4.cfg + startup-delay: 30 + ports: + - '22021:22' + - '8021:80' + - '44321:443' + + B-LEAF5: + kind: ceos + mgmt-ipv4: 172.100.100.122 + startup-config: ../configs/B-LEAF5.cfg + startup-delay: 30 + ports: + - '22022:22' + - '8022:80' + - '44322:443' + + B-LEAF6: + kind: ceos + mgmt-ipv4: 172.100.100.123 + startup-config: ../configs/B-LEAF6.cfg + startup-delay: 30 + ports: + - '22023:22' + - '8023:80' + - '44323:443' + + B-LEAF7: + kind: ceos + mgmt-ipv4: 172.100.100.124 + startup-config: ../configs/B-LEAF7.cfg + startup-delay: 30 + ports: + - '22024:22' + - '8024:80' + - '44324:443' + + B-LEAF8: + kind: ceos + mgmt-ipv4: 172.100.100.125 + startup-config: ../configs/B-LEAF8.cfg + startup-delay: 30 + ports: + - '22025:22' + - '8025:80' + - '44325:443' + + B-SW1: + kind: ceos + mgmt-ipv4: 172.100.100.139 + startup-config: ../configs/B-SW1.cfg + startup-delay: 30 + ports: + - '22039:22' + - '8039:80' + - '44339:443' + +######################### +# DC "B" HostC6 # +######################### + + HostB1: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.207 + startup-delay: 30 + ports: + - '22207:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.20.20.101/24 -i6 2001:db8:20:20::101/64 -g 10.20.20.1 + + HostB2: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.208 + startup-delay: 30 + ports: + - '22208:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.40.40.101/24 -i6 2001:db8:40:40::101/64 -g 10.40.40.1 + + HostB3: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.209 + startup-delay: 30 + ports: + - '22209:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -i4 10.60.60.101/24 -i6 2001:db8:60:60::101/64 -g 10.60.60.1 + + HostB4: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.210 + startup-delay: 30 + ports: + - '22210:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.10.10.103/24 -i6 2001:db8:10:10::103/64 -g 10.10.10.1 + + HostB5: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.211 + startup-delay: 30 + ports: + - '22211:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -i4 10.70.70.102/24 -i6 2001:db8:70:70::102/64 -g 10.70.70.1 + + HostB6: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.212 + startup-delay: 30 + ports: + - '22212:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -i4 10.40.40.102/24 -i6 2001:db8:40:40::102/64 -g 10.40.40.1 + + HostB7: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.213 + startup-delay: 30 + ports: + - '22213:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -i4 10.80.80.101/24 -i6 2001:db8:80:80::101/64 -g 10.80.80.1 + + +############################################################### +############################################################### +############################################################### +############################################################### +############################################################### +# DOMAIN "C" # +############################################################### +############################################################### +############################################################### +############################################################### +############################################################### + + +######################### +# DC "C" SPINE # +######################### + + C-SPINE1: + kind: ceos + mgmt-ipv4: 172.100.100.127 + startup-config: ../configs/C-SPINE1.cfg + startup-delay: 60 + ports: + - '22027:22' + - '8027:80' + - '44327:443' + + C-SPINE2: + kind: ceos + mgmt-ipv4: 172.100.100.128 + startup-config: ../configs/C-SPINE2.cfg + startup-delay: 60 + ports: + - '22028:22' + - '8028:80' + - '44328:443' + +######################### +# DC "C" LEAF # +######################### + + C-LEAF1: + kind: ceos + mgmt-ipv4: 172.100.100.129 + startup-config: ../configs/C-LEAF1.cfg + startup-delay: 60 + ports: + - '22029:22' + - '8029:80' + - '44329:443' + + C-LEAF2: + kind: ceos + mgmt-ipv4: 172.100.100.130 + startup-config: ../configs/C-LEAF2.cfg + startup-delay: 60 + ports: + - '22030:22' + - '8030:80' + - '44330:443' + + C-LEAF3: + kind: ceos + mgmt-ipv4: 172.100.100.131 + startup-config: ../configs/C-LEAF3.cfg + startup-delay: 60 + ports: + - '22031:22' + - '8031:80' + - '44331:443' + + C-LEAF4: + kind: ceos + mgmt-ipv4: 172.100.100.132 + startup-config: ../configs/C-LEAF4.cfg + startup-delay: 60 + ports: + - '22032:22' + - '8032:80' + - '44332:443' + + C-LEAF5: + kind: ceos + group: leaf + mgmt-ipv4: 172.100.100.133 + startup-config: ../configs/C-LEAF5.cfg + startup-delay: 60 + ports: + - '22033:22' + - '8033:80' + - '44333:443' + + C-LEAF6: + kind: ceos + mgmt-ipv4: 172.100.100.134 + startup-config: ../configs/C-LEAF6.cfg + startup-delay: 60 + ports: + - '22034:22' + - '8034:80' + - '44334:443' + + C-LEAF7: + kind: ceos + mgmt-ipv4: 172.100.100.135 + startup-config: ../configs/C-LEAF7.cfg + startup-delay: 60 + ports: + - '22035:22' + - '8035:80' + - '44335:443' + + C-LEAF8: + kind: ceos + mgmt-ipv4: 172.100.100.136 + startup-config: ../configs/C-LEAF8.cfg + startup-delay: 60 + ports: + - '22036:22' + - '8036:80' + - '44336:443' + +######################### +# DC "C" HostC6 # +######################### + + HostC1: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.214 + startup-delay: 60 + ports: + - '22214:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.10.10.104/24 -i6 2001:db8:10:10::104/64 -g 10.10.10.1 + + HostC2: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.215 + startup-delay: 60 + ports: + - '22215:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -i4 10.20.20.102/24 -i6 2001:db8:20:20::102/64 -g 10.20.20.1 + + HostC3: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.216 + startup-delay: 60 + ports: + - '22216:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.60.60.102/24 -i6 2001:db8:60:60::102/64 -g 10.60.60.1 + + HostC4: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.217 + startup-delay: 60 + ports: + - '22217:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -i4 10.50.50.102/24 -i6 2001:db8:50:50::102/64 -g 10.50.50.1 + + HostC5: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.218 + startup-delay: 60 + ports: + - '22218:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.20.20.103/24 -i6 2001:db8:20:20::103/64 -g 10.20.20.1 + + HostC6: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.219 + startup-delay: 60 + ports: + - '22219:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.60.60.103/24 -i6 2001:db8:60:60::103/64 -g 10.60.60.1 + + +############################################################### +############################################################### +############################################################### +############################################################### +############################################################### +# DOMAIN "D" # +############################################################### +############################################################### +############################################################### +############################################################### +############################################################### + + +######################### +# DC "D" SPINE # +######################### + + D-SPINE1: + kind: ceos + mgmt-ipv4: 172.100.100.140 + startup-config: ../configs/D-SPINE1.cfg + startup-delay: 90 + ports: + - '22040:22' + - '8040:80' + - '44340:443' + + D-SPINE2: + kind: ceos + mgmt-ipv4: 172.100.100.141 + startup-config: ../configs/D-SPINE2.cfg + startup-delay: 90 + ports: + - '22041:22' + - '8041:80' + - '44341:443' + + D-SPINE3: + kind: ceos + mgmt-ipv4: 172.100.100.142 + startup-config: ../configs/D-SPINE3.cfg + startup-delay: 90 + ports: + - '22042:22' + - '8042:80' + - '44342:443' + + D-SPINE4: + kind: ceos + mgmt-ipv4: 172.100.100.143 + startup-config: ../configs/D-SPINE4.cfg + startup-delay: 90 + ports: + - '22043:22' + - '8043:80' + - '44343:443' + +######################### +# DC "A" LEAF # +######################### + + D-LEAF1: + kind: ceos + mgmt-ipv4: 172.100.100.144 + startup-config: ../configs/D-LEAF1.cfg + startup-delay: 90 + ports: + - '22044:22' + - '8044:80' + - '44344:443' + + D-LEAF2: + kind: ceos + mgmt-ipv4: 172.100.100.145 + startup-config: ../configs/D-LEAF2.cfg + startup-delay: 90 + ports: + - '22045:22' + - '8045:80' + - '44345:443' + + D-LEAF3: + kind: ceos + mgmt-ipv4: 172.100.100.146 + startup-config: ../configs/D-LEAF3.cfg + startup-delay: 90 + ports: + - '22046:22' + - '8046:80' + - '44346:443' + + D-LEAF4: + kind: ceos + mgmt-ipv4: 172.100.100.147 + startup-config: ../configs/D-LEAF4.cfg + startup-delay: 90 + ports: + - '22047:22' + - '8047:80' + - '44347:443' + + D-LEAF5: + kind: ceos + mgmt-ipv4: 172.100.100.148 + startup-config: ../configs/D-LEAF5.cfg + startup-delay: 90 + ports: + - '22048:22' + - '8048:80' + - '44348:443' + + D-LEAF6: + kind: ceos + mgmt-ipv4: 172.100.100.149 + startup-config: ../configs/D-LEAF6.cfg + startup-delay: 90 + ports: + - '22049:22' + - '8049:80' + - '44349:443' + + D-LEAF7: + kind: ceos + mgmt-ipv4: 172.100.100.150 + startup-config: ../configs/D-LEAF7.cfg + startup-delay: 90 + ports: + - '22050:22' + - '8050:80' + - '44350:443' + + D-LEAF8: + kind: ceos + mgmt-ipv4: 172.100.100.151 + startup-config: ../configs/D-LEAF8.cfg + startup-delay: 90 + ports: + - '22051:22' + - '8051:80' + - '44351:443' + +######################### +# DC "D" HostC6 # +######################### + + HostD1: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.220 + startup-delay: 90 + ports: + - '22220:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.10.10.105/24 -i6 2001:db8:10:10::105/64 -g 10.10.10.1 + + HostD2: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.221 + startup-delay: 90 + ports: + - '22221:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.90.90.101/24 -i6 2001:db8:90:90::101/64 -g 10.90.90.1 + + HostD3: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.222 + startup-delay: 90 + ports: + - '22222:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -i4 10.50.50.103/24 -i6 2001:db8:50:50::103/64 -g 10.50.50.1 + + HostD4: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.223 + startup-delay: 90 + ports: + - '22223:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.10.10.106/24 -i6 2001:db8:10:10::106/64 -g 10.10.10.1 + + HostD5: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.224 + startup-delay: 90 + ports: + - '22224:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -i4 10.90.90.102/24 -i6 2001:db8:90:90::102/64 -g 10.90.90.1 + + HostD6: + kind: linux + image: mitchv85/devhost + mgmt-ipv4: 172.100.100.225 + startup-delay: 90 + ports: + - '22225:22' + exec: + - bash /usr/local/bin/hostnetconfig.sh -b -i4 10.70.70.103/24 -i6 2001:db8:70:70::103/64 -g 10.70.70.1 + + + +############################################################### +############################################################### +############################################################### +############################################################### +############################################################### +# IP TRANSPORT # +############################################################### +############################################################### +############################################################### +############################################################### +############################################################### + + BB1: + kind: ceos + mgmt-ipv4: 172.100.100.138 + startup-config: ../configs/BB1.cfg + ports: + - '22038:22' + - '8038:80' + - '44338:443' + BB2: + kind: ceos + mgmt-ipv4: 172.100.100.126 + startup-config: ../configs/BB2.cfg + ports: + - '22026:22' + - '8026:80' + - '44326:443' + + links: +###################### +# A-SPINE1 to LEAF # +###################### + - endpoints: ["A-SPINE1:et1", "A-LEAF1:et1"] + - endpoints: ["A-SPINE1:et2", "A-LEAF2:et1"] + - endpoints: ["A-SPINE1:et3", "A-LEAF3:et1"] + - endpoints: ["A-SPINE1:et4", "A-LEAF4:et1"] + - endpoints: ["A-SPINE1:et5", "A-LEAF5:et1"] + - endpoints: ["A-SPINE1:et6", "A-LEAF6:et1"] + - endpoints: ["A-SPINE1:et7", "A-LEAF7:et1"] + - endpoints: ["A-SPINE1:et8", "A-LEAF8:et1"] +###################### +# A-SPINE2 to LEAF # +###################### + - endpoints: ["A-SPINE2:et1", "A-LEAF1:et2"] + - endpoints: ["A-SPINE2:et2", "A-LEAF2:et2"] + - endpoints: ["A-SPINE2:et3", "A-LEAF3:et2"] + - endpoints: ["A-SPINE2:et4", "A-LEAF4:et2"] + - endpoints: ["A-SPINE2:et5", "A-LEAF5:et2"] + - endpoints: ["A-SPINE2:et6", "A-LEAF6:et2"] + - endpoints: ["A-SPINE2:et7", "A-LEAF7:et2"] + - endpoints: ["A-SPINE2:et8", "A-LEAF8:et2"] +###################### +# A-SPINE3 to LEAF # +###################### + - endpoints: ["A-SPINE3:et1", "A-LEAF1:et3"] + - endpoints: ["A-SPINE3:et2", "A-LEAF2:et3"] + - endpoints: ["A-SPINE3:et3", "A-LEAF3:et3"] + - endpoints: ["A-SPINE3:et4", "A-LEAF4:et3"] + - endpoints: ["A-SPINE3:et5", "A-LEAF5:et3"] + - endpoints: ["A-SPINE3:et6", "A-LEAF6:et3"] + - endpoints: ["A-SPINE3:et7", "A-LEAF7:et3"] + - endpoints: ["A-SPINE3:et8", "A-LEAF8:et3"] +###################### +# A-SPINE4 to LEAF # +###################### + - endpoints: ["A-SPINE4:et1", "A-LEAF1:et4"] + - endpoints: ["A-SPINE4:et2", "A-LEAF2:et4"] + - endpoints: ["A-SPINE4:et3", "A-LEAF3:et4"] + - endpoints: ["A-SPINE4:et4", "A-LEAF4:et4"] + - endpoints: ["A-SPINE4:et5", "A-LEAF5:et4"] + - endpoints: ["A-SPINE4:et6", "A-LEAF6:et4"] + - endpoints: ["A-SPINE4:et7", "A-LEAF7:et4"] + - endpoints: ["A-SPINE4:et8", "A-LEAF8:et4"] +######################## +# A-LEAF1 to A-LEAF2 # +######################## + - endpoints: ["A-LEAF1:et5", "A-LEAF2:et5"] + - endpoints: ["A-LEAF1:et6", "A-LEAF2:et6"] +######################## +# A-LEAF3 to A-LEAF4 # +######################## + - endpoints: ["A-LEAF3:et5", "A-LEAF4:et5"] + - endpoints: ["A-LEAF3:et6", "A-LEAF4:et6"] +######################## +# A-LEAF5 to A-LEAF6 # +######################## + - endpoints: ["A-LEAF5:et5", "A-LEAF6:et5"] + - endpoints: ["A-LEAF5:et6", "A-LEAF6:et6"] +######################## +# A-LEAF7 to A-LEAF8 # +######################## + - endpoints: ["A-LEAF7:et5", "A-LEAF8:et5"] + - endpoints: ["A-LEAF7:et6", "A-LEAF8:et6"] +######################## +# DC "A" HostC6 # +######################## + - endpoints: ["HostA1:eth1", "A-LEAF1:et7"] + - endpoints: ["HostA1:eth2", "A-LEAF2:et7"] + - endpoints: ["HostA2:eth1", "A-LEAF1:et8"] + - endpoints: ["HostA2:eth2", "A-LEAF2:et8"] + - endpoints: ["HostA3:eth1", "A-LEAF3:et7"] + - endpoints: ["HostA4:eth1", "A-LEAF3:et8"] + - endpoints: ["HostA4:eth2", "A-LEAF4:et8"] + - endpoints: ["HostA5:eth1", "A-LEAF4:et7"] + - endpoints: ["HostA6:eth1", "A-LEAF5:et7"] + - endpoints: ["HostA6:eth2", "A-LEAF6:et7"] +###################### +# B-SPINE1 to LEAF # +###################### + - endpoints: ["B-SPINE1:et1", "B-LEAF1:et1"] + - endpoints: ["B-SPINE1:et2", "B-LEAF2:et1"] + - endpoints: ["B-SPINE1:et3", "B-LEAF3:et1"] + - endpoints: ["B-SPINE1:et4", "B-LEAF4:et1"] + - endpoints: ["B-SPINE1:et5", "B-LEAF5:et1"] + - endpoints: ["B-SPINE1:et6", "B-LEAF6:et1"] + - endpoints: ["B-SPINE1:et7", "B-LEAF7:et1"] + - endpoints: ["B-SPINE1:et8", "B-LEAF8:et1"] +###################### +# B-SPINE2 to LEAF # +###################### + - endpoints: ["B-SPINE2:et1", "B-LEAF1:et2"] + - endpoints: ["B-SPINE2:et2", "B-LEAF2:et2"] + - endpoints: ["B-SPINE2:et3", "B-LEAF3:et2"] + - endpoints: ["B-SPINE2:et4", "B-LEAF4:et2"] + - endpoints: ["B-SPINE2:et5", "B-LEAF5:et2"] + - endpoints: ["B-SPINE2:et6", "B-LEAF6:et2"] + - endpoints: ["B-SPINE2:et7", "B-LEAF7:et2"] + - endpoints: ["B-SPINE2:et8", "B-LEAF8:et2"] +###################### +# B-SPINE3 to LEAF # +###################### + - endpoints: ["B-SPINE3:et1", "B-LEAF1:et3"] + - endpoints: ["B-SPINE3:et2", "B-LEAF2:et3"] + - endpoints: ["B-SPINE3:et3", "B-LEAF3:et3"] + - endpoints: ["B-SPINE3:et4", "B-LEAF4:et3"] + - endpoints: ["B-SPINE3:et5", "B-LEAF5:et3"] + - endpoints: ["B-SPINE3:et6", "B-LEAF6:et3"] + - endpoints: ["B-SPINE3:et7", "B-LEAF7:et3"] + - endpoints: ["B-SPINE3:et8", "B-LEAF8:et3"] +###################### +# B-SPINE4 to LEAF # +###################### + - endpoints: ["B-SPINE4:et1", "B-LEAF1:et4"] + - endpoints: ["B-SPINE4:et2", "B-LEAF2:et4"] + - endpoints: ["B-SPINE4:et3", "B-LEAF3:et4"] + - endpoints: ["B-SPINE4:et4", "B-LEAF4:et4"] + - endpoints: ["B-SPINE4:et5", "B-LEAF5:et4"] + - endpoints: ["B-SPINE4:et6", "B-LEAF6:et4"] + - endpoints: ["B-SPINE4:et7", "B-LEAF7:et4"] + - endpoints: ["B-SPINE4:et8", "B-LEAF8:et4"] +################################# +# B-LEAF5 and B-LEAF6 to B-SW1 # +################################# + - endpoints: ["B-LEAF5:et7", "B-SW1:et1"] + - endpoints: ["B-LEAF6:et7", "B-SW1:et2"] +######################## +# B-LEAF7 to B-LEAF8 # +######################## + - endpoints: ["B-LEAF7:et5", "B-LEAF8:et5"] + - endpoints: ["B-LEAF7:et6", "B-LEAF8:et6"] +######################## +# DC "B" HostC6 # +######################## + - endpoints: ["HostB1:eth1", "B-LEAF1:et7"] + - endpoints: ["HostB1:eth2", "B-LEAF2:et7"] + - endpoints: ["HostB2:eth1", "B-LEAF1:et8"] + - endpoints: ["HostB2:eth2", "B-LEAF2:et8"] + - endpoints: ["HostB3:eth1", "B-LEAF3:et7"] + - endpoints: ["HostB4:eth1", "B-LEAF3:et8"] + - endpoints: ["HostB4:eth2", "B-LEAF4:et8"] + - endpoints: ["HostB5:eth1", "B-LEAF4:et7"] + - endpoints: ["HostB6:eth1", "B-SW1:et3"] + - endpoints: ["HostB7:eth1", "B-SW1:et4"] +###################### +# C-SPINE1 to LEAF # +###################### + - endpoints: ["C-SPINE1:et1", "C-LEAF1:et1"] + - endpoints: ["C-SPINE1:et2", "C-LEAF2:et1"] + - endpoints: ["C-SPINE1:et3", "C-LEAF3:et1"] + - endpoints: ["C-SPINE1:et4", "C-LEAF4:et1"] + - endpoints: ["C-SPINE1:et5", "C-LEAF5:et1"] + - endpoints: ["C-SPINE1:et6", "C-LEAF6:et1"] + - endpoints: ["C-SPINE1:et7", "C-LEAF7:et1"] + - endpoints: ["C-SPINE1:et8", "C-LEAF8:et1"] +###################### +# C-SPINE2 to LEAF # +###################### + - endpoints: ["C-SPINE2:et1", "C-LEAF1:et2"] + - endpoints: ["C-SPINE2:et2", "C-LEAF2:et2"] + - endpoints: ["C-SPINE2:et3", "C-LEAF3:et2"] + - endpoints: ["C-SPINE2:et4", "C-LEAF4:et2"] + - endpoints: ["C-SPINE2:et5", "C-LEAF5:et2"] + - endpoints: ["C-SPINE2:et6", "C-LEAF6:et2"] + - endpoints: ["C-SPINE2:et7", "C-LEAF7:et2"] + - endpoints: ["C-SPINE2:et8", "C-LEAF8:et2"] +######################## +# C-LEAF1 to C-LEAF2 # +######################## + - endpoints: ["C-LEAF1:et5", "C-LEAF2:et5"] + - endpoints: ["C-LEAF1:et6", "C-LEAF2:et6"] +######################## +# C-LEAF3 to C-LEAF4 # +######################## + - endpoints: ["C-LEAF3:et5", "C-LEAF4:et5"] + - endpoints: ["C-LEAF3:et6", "C-LEAF4:et6"] +######################## +# C-LEAF5 to C-LEAF6 # +######################## + - endpoints: ["C-LEAF5:et5", "C-LEAF6:et5"] + - endpoints: ["C-LEAF5:et6", "C-LEAF6:et6"] +######################## +# C-LEAF7 to C-LEAF8 # +######################## + - endpoints: ["C-LEAF7:et5", "C-LEAF8:et5"] + - endpoints: ["C-LEAF7:et6", "C-LEAF8:et6"] +######################## +# DC "C" HostC6 # +######################## + - endpoints: ["HostC1:eth1", "C-LEAF1:et7"] + - endpoints: ["HostC1:eth2", "C-LEAF2:et7"] + - endpoints: ["HostC2:eth1", "C-LEAF3:et7"] + - endpoints: ["HostC3:eth1", "C-LEAF3:et8"] + - endpoints: ["HostC3:eth2", "C-LEAF4:et8"] + - endpoints: ["HostC4:eth1", "C-LEAF4:et7"] + - endpoints: ["HostC5:eth1", "C-LEAF5:et7"] + - endpoints: ["HostC5:eth2", "C-LEAF6:et7"] + - endpoints: ["HostC6:eth1", "C-LEAF5:et8"] + - endpoints: ["HostC6:eth2", "C-LEAF6:et8"] +###################### +# D-SPINE1 to LEAF # +###################### + - endpoints: ["D-SPINE1:et1", "D-LEAF1:et1"] + - endpoints: ["D-SPINE1:et2", "D-LEAF2:et1"] + - endpoints: ["D-SPINE1:et3", "D-LEAF3:et1"] + - endpoints: ["D-SPINE1:et4", "D-LEAF4:et1"] + - endpoints: ["D-SPINE1:et5", "D-LEAF5:et1"] + - endpoints: ["D-SPINE1:et6", "D-LEAF6:et1"] + - endpoints: ["D-SPINE1:et7", "D-LEAF7:et1"] + - endpoints: ["D-SPINE1:et8", "D-LEAF8:et1"] +###################### +# D-SPINE2 to LEAF # +###################### + - endpoints: ["D-SPINE2:et1", "D-LEAF1:et2"] + - endpoints: ["D-SPINE2:et2", "D-LEAF2:et2"] + - endpoints: ["D-SPINE2:et3", "D-LEAF3:et2"] + - endpoints: ["D-SPINE2:et4", "D-LEAF4:et2"] + - endpoints: ["D-SPINE2:et5", "D-LEAF5:et2"] + - endpoints: ["D-SPINE2:et6", "D-LEAF6:et2"] + - endpoints: ["D-SPINE2:et7", "D-LEAF7:et2"] + - endpoints: ["D-SPINE2:et8", "D-LEAF8:et2"] +###################### +# D-SPINE3 to LEAF # +###################### + - endpoints: ["D-SPINE3:et1", "D-LEAF1:et3"] + - endpoints: ["D-SPINE3:et2", "D-LEAF2:et3"] + - endpoints: ["D-SPINE3:et3", "D-LEAF3:et3"] + - endpoints: ["D-SPINE3:et4", "D-LEAF4:et3"] + - endpoints: ["D-SPINE3:et5", "D-LEAF5:et3"] + - endpoints: ["D-SPINE3:et6", "D-LEAF6:et3"] + - endpoints: ["D-SPINE3:et7", "D-LEAF7:et3"] + - endpoints: ["D-SPINE3:et8", "D-LEAF8:et3"] +###################### +# D-SPINE4 to LEAF # +###################### + - endpoints: ["D-SPINE4:et1", "D-LEAF1:et4"] + - endpoints: ["D-SPINE4:et2", "D-LEAF2:et4"] + - endpoints: ["D-SPINE4:et3", "D-LEAF3:et4"] + - endpoints: ["D-SPINE4:et4", "D-LEAF4:et4"] + - endpoints: ["D-SPINE4:et5", "D-LEAF5:et4"] + - endpoints: ["D-SPINE4:et6", "D-LEAF6:et4"] + - endpoints: ["D-SPINE4:et7", "D-LEAF7:et4"] + - endpoints: ["D-SPINE4:et8", "D-LEAF8:et4"] +######################## +# D-LEAF1 to D-LEAF2 # +######################## + - endpoints: ["D-LEAF1:et5", "D-LEAF2:et5"] + - endpoints: ["D-LEAF1:et6", "D-LEAF2:et6"] +######################## +# D-LEAF3 to D-LEAF4 # +######################## + - endpoints: ["D-LEAF3:et5", "D-LEAF4:et5"] + - endpoints: ["D-LEAF3:et6", "D-LEAF4:et6"] +######################## +# D-LEAF5 to D-LEAF6 # +######################## + - endpoints: ["D-LEAF5:et5", "D-LEAF6:et5"] + - endpoints: ["D-LEAF5:et6", "D-LEAF6:et6"] +######################## +# D-LEAF7 to D-LEAF8 # +######################## + - endpoints: ["D-LEAF7:et5", "D-LEAF8:et5"] + - endpoints: ["D-LEAF7:et6", "D-LEAF8:et6"] +######################## +# DC "D" HostC6 # +######################## + - endpoints: ["HostD1:eth1", "D-LEAF1:et7"] + - endpoints: ["HostD1:eth2", "D-LEAF2:et7"] + - endpoints: ["HostD2:eth1", "D-LEAF1:et8"] + - endpoints: ["HostD2:eth2", "D-LEAF2:et8"] + - endpoints: ["HostD3:eth1", "D-LEAF3:et7"] + - endpoints: ["HostD4:eth1", "D-LEAF3:et8"] + - endpoints: ["HostD4:eth2", "D-LEAF4:et8"] + - endpoints: ["HostD5:eth1", "D-LEAF4:et7"] + - endpoints: ["HostD6:eth1", "D-LEAF5:et7"] + - endpoints: ["HostD6:eth2", "D-LEAF6:et7"] +################################# +# IP Transport Connectivity # +################################# + - endpoints: ["BB1:et1", "A-LEAF7:et7"] + - endpoints: ["BB1:et2", "A-LEAF8:et7"] + - endpoints: ["BB1:et3", "B-LEAF7:et7"] + - endpoints: ["BB1:et4", "B-LEAF8:et7"] + - endpoints: ["BB1:et5", "C-LEAF7:et7"] + - endpoints: ["BB1:et6", "C-LEAF8:et7"] + - endpoints: ["BB1:et7", "D-LEAF7:et7"] + - endpoints: ["BB1:et8", "D-LEAF8:et7"] + - endpoints: ["BB1:et9", "BB2:et9"] + - endpoints: ["BB2:et1", "A-LEAF7:et8"] + - endpoints: ["BB2:et2", "A-LEAF8:et8"] + - endpoints: ["BB2:et3", "B-LEAF7:et8"] + - endpoints: ["BB2:et4", "B-LEAF8:et8"] + - endpoints: ["BB2:et5", "C-LEAF7:et8"] + - endpoints: ["BB2:et6", "C-LEAF8:et8"] + - endpoints: ["BB2:et7", "D-LEAF7:et8"] + - endpoints: ["BB2:et8", "D-LEAF8:et8"] diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/clab/config_grab.yml b/tech-library/datacenter/evpnvxlan/zbackend-infra/clab/config_grab.yml new file mode 100644 index 00000000..59d66b3d --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/clab/config_grab.yml @@ -0,0 +1,19 @@ +--- + +- name: Get configs from all switches in topology + connection: httpapi + hosts: lab + gather_facts: false + + vars: + ansible_python_interpreter: /usr/bin/python3 + config_dir: "{{ playbook_dir }}/../configs/" + + tasks: + + - name: "Save running config to {{ config_dir }}" + eos_config: + backup: yes + backup_options: + dir_path: "{{ config_dir }}" + filename: "{{ inventory_hostname }}.cfg" diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/clab/inventory/group_vars/eos.yml b/tech-library/datacenter/evpnvxlan/zbackend-infra/clab/inventory/group_vars/eos.yml new file mode 100644 index 00000000..0c54635e --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/clab/inventory/group_vars/eos.yml @@ -0,0 +1,9 @@ +ansible_network_os: eos +ansible_connection: httpapi +ansible_user: admin +ansible_password: admin +ansible_become: true +ansible_become_method: enable +ansible_httpapi_use_ssl: true +ansible_httpapi_validate_certs: false +ansible_python_interpreter: $(which python3) diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/clab/inventory/inventory.yml b/tech-library/datacenter/evpnvxlan/zbackend-infra/clab/inventory/inventory.yml new file mode 100644 index 00000000..906f25dc --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/clab/inventory/inventory.yml @@ -0,0 +1,228 @@ +--- +all: + children: + eos: + children: + lab: + hosts: +############################################################### +############################################################### +# DOMAIN "A" # +############################################################### +############################################################### + A-SPINE1: + ansible_host: 127.0.0.1 + ansible_port: 22001 + ansible_httpapi_port: 44301 + A-SPINE2: + ansible_host: 127.0.0.1 + ansible_port: 22002 + ansible_httpapi_port: 44302 + A-SPINE3: + ansible_host: 127.0.0.1 + ansible_port: 22003 + ansible_httpapi_port: 44303 + A-SPINE4: + ansible_host: 127.0.0.1 + ansible_port: 22004 + ansible_httpapi_port: 44304 + A-LEAF1: + ansible_host: 127.0.0.1 + ansible_port: 22005 + ansible_httpapi_port: 44305 + A-LEAF2: + ansible_host: 127.0.0.1 + ansible_port: 22006 + ansible_httpapi_port: 44306 + A-LEAF3: + ansible_host: 127.0.0.1 + ansible_port: 22007 + ansible_httpapi_port: 44307 + A-LEAF4: + ansible_host: 127.0.0.1 + ansible_port: 22008 + ansible_httpapi_port: 44308 + A-LEAF5: + ansible_host: 127.0.0.1 + ansible_port: 22009 + ansible_httpapi_port: 44309 + A-LEAF6: + ansible_host: 127.0.0.1 + ansible_port: 22010 + ansible_httpapi_port: 44310 + A-LEAF7: + ansible_host: 127.0.0.1 + ansible_port: 22011 + ansible_httpapi_port: 44311 + A-LEAF8: + ansible_host: 127.0.0.1 + ansible_port: 22012 + ansible_httpapi_port: 44312 +############################################################### +############################################################### +# DOMAIN "B" # +############################################################### +############################################################### + B-SPINE1: + ansible_host: 127.0.0.1 + ansible_port: 22014 + ansible_httpapi_port: 44314 + B-SPINE2: + ansible_host: 127.0.0.1 + ansible_port: 22015 + ansible_httpapi_port: 44315 + B-SPINE3: + ansible_host: 127.0.0.1 + ansible_port: 22016 + ansible_httpapi_port: 44316 + B-SPINE4: + ansible_host: 127.0.0.1 + ansible_port: 22017 + ansible_httpapi_port: 44317 + B-LEAF1: + ansible_host: 127.0.0.1 + ansible_port: 22018 + ansible_httpapi_port: 44318 + B-LEAF2: + ansible_host: 127.0.0.1 + ansible_port: 22019 + ansible_httpapi_port: 44319 + B-LEAF3: + ansible_host: 127.0.0.1 + ansible_port: 22020 + ansible_httpapi_port: 44320 + B-LEAF4: + ansible_host: 127.0.0.1 + ansible_port: 22021 + ansible_httpapi_port: 44321 + B-LEAF5: + ansible_host: 127.0.0.1 + ansible_port: 22022 + ansible_httpapi_port: 44322 + B-LEAF6: + ansible_host: 127.0.0.1 + ansible_port: 22023 + ansible_httpapi_port: 44323 + B-LEAF7: + ansible_host: 127.0.0.1 + ansible_port: 22024 + ansible_httpapi_port: 44324 + B-LEAF8: + ansible_host: 127.0.0.1 + ansible_port: 22025 + ansible_httpapi_port: 44325 + B-SW1: + ansible_host: 127.0.0.1 + ansible_port: 22039 + ansible_httpapi_port: 44339 +############################################################### +############################################################### +# DOMAIN "C" # +############################################################### +############################################################### + C-SPINE1: + ansible_host: 127.0.0.1 + ansible_port: 22027 + ansible_httpapi_port: 44327 + C-SPINE2: + ansible_host: 127.0.0.1 + ansible_port: 22028 + ansible_httpapi_port: 44328 + C-LEAF1: + ansible_host: 127.0.0.1 + ansible_port: 22029 + ansible_httpapi_port: 44329 + C-LEAF2: + ansible_host: 127.0.0.1 + ansible_port: 22030 + ansible_httpapi_port: 44330 + C-LEAF3: + ansible_host: 127.0.0.1 + ansible_port: 22031 + ansible_httpapi_port: 44331 + C-LEAF4: + ansible_host: 127.0.0.1 + ansible_port: 22032 + ansible_httpapi_port: 44332 + C-LEAF5: + ansible_host: 127.0.0.1 + ansible_port: 22033 + ansible_httpapi_port: 44333 + C-LEAF6: + ansible_host: 127.0.0.1 + ansible_port: 22034 + ansible_httpapi_port: 44334 + C-LEAF7: + ansible_host: 127.0.0.1 + ansible_port: 22035 + ansible_httpapi_port: 44335 + C-LEAF8: + ansible_host: 127.0.0.1 + ansible_port: 22036 + ansible_httpapi_port: 44336 +############################################################### +############################################################### +# DOMAIN "A" # +############################################################### +############################################################### + D-SPINE1: + ansible_host: 127.0.0.1 + ansible_port: 22040 + ansible_httpapi_port: 44340 + D-SPINE2: + ansible_host: 127.0.0.1 + ansible_port: 22041 + ansible_httpapi_port: 44341 + D-SPINE3: + ansible_host: 127.0.0.1 + ansible_port: 22042 + ansible_httpapi_port: 44342 + D-SPINE4: + ansible_host: 127.0.0.1 + ansible_port: 22043 + ansible_httpapi_port: 44343 + D-LEAF1: + ansible_host: 127.0.0.1 + ansible_port: 22044 + ansible_httpapi_port: 44344 + D-LEAF2: + ansible_host: 127.0.0.1 + ansible_port: 22045 + ansible_httpapi_port: 44345 + D-LEAF3: + ansible_host: 127.0.0.1 + ansible_port: 22046 + ansible_httpapi_port: 44346 + D-LEAF4: + ansible_host: 127.0.0.1 + ansible_port: 22047 + ansible_httpapi_port: 44347 + D-LEAF5: + ansible_host: 127.0.0.1 + ansible_port: 22048 + ansible_httpapi_port: 44348 + D-LEAF6: + ansible_host: 127.0.0.1 + ansible_port: 22049 + ansible_httpapi_port: 44349 + D-LEAF7: + ansible_host: 127.0.0.1 + ansible_port: 22050 + ansible_httpapi_port: 44350 + D-LEAF8: + ansible_host: 127.0.0.1 + ansible_port: 22051 + ansible_httpapi_port: 44351 +############################################################### +############################################################### +# IP TRANSPORT # +############################################################### +############################################################### + BB1: + ansible_host: 127.0.0.1 + ansible_port: 22038 + ansible_httpapi_port: 44338 + BB2: + ansible_host: 127.0.0.1 + ansible_port: 22026 + ansible_httpapi_port: 44326 diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF1.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF1.cfg new file mode 100644 index 00000000..3531f8da --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF1.cfg @@ -0,0 +1,286 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-LEAF1 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 30 + name Orange +! +vlan 3001 + name MLAG_PEER_VRF_PROD + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel7 + description HostA1 + switchport access vlan 10 + mlag 7 + spanning-tree portfast +! +interface Port-Channel8 + description HostA2 + switchport access vlan 30 + mlag 8 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + no switchport + ip address 192.168.0.1/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + no switchport + ip address 192.168.0.17/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + no switchport + ip address 192.168.0.33/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + no switchport + ip address 192.168.0.49/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + channel-group 7 mode active +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.1.1/32 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.1.1/32 +! +interface Loopback101 + vrf PROD + ip address 10.101.101.11/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.105/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback101 + ip address virtual 10.10.10.1/24 +! +interface Vlan30 + mtu 9014 + vrf PROD + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback101 + ip address virtual 10.30.30.1/24 +! +interface Vlan3001 + description MLAG iBGP Peer - VRF PROD + no autostate + vrf PROD + ip address 192.0.0.0/31 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.0/31 + pim ipv4 sparse-mode +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.1/30 +! +interface Vxlan1 + vxlan source-interface Loopback0 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 10,30 vni 10010,10030 + vxlan vrf PROD vni 50001 + vxlan mlag source-interface Loopback1 + vxlan vrf PROD multicast group 232.1.1.1 + vxlan vrf PROD multicast group overlay 239.0.10.101 encap 232.1.1.10 immediate +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.2 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65112 + router-id 1.1.1.1 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65100 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS remote-as 65100 + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor MLAG-IPV4-PEER peer group + neighbor MLAG-IPV4-PEER remote-as 65112 + neighbor MLAG-IPV4-PEER next-hop-self + neighbor MLAG-IPV4-PEER route-map RM-MLAG-PEER-OUT out + neighbor MLAG-IPV4-PEER password 7 CRkxra9QRmU5k9/wECPlUA== + neighbor 1.1.1.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.204 peer group LOCAL-EVPN-PEERS + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + neighbor 192.168.0.0 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.16 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.32 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.48 peer group LOCAL-IPV4-PEERS + redistribute connected route-map RM-CONN-2-BGP + ! + vlan 10 + rd 1.1.1.1:10010 + route-target both 10010:10010 + redistribute learned + ! + vlan 30 + rd 1.1.1.1:10030 + route-target both 10030:10030 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor MLAG-IPV4-PEER activate + ! + vrf PROD + rd 1.1.1.1:50001 + evpn multicast + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.1 activate +! +router multicast + ipv4 + routing + software-forwarding sfe + ! + vrf PROD + ipv4 + routing +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF2.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF2.cfg new file mode 100644 index 00000000..35b8fd15 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF2.cfg @@ -0,0 +1,286 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-LEAF2 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 30 + name Orange +! +vlan 3001 + name MLAG_PEER_VRF_PROD + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel7 + description HostA1 + switchport access vlan 10 + mlag 7 + spanning-tree portfast +! +interface Port-Channel8 + description HostA2 + switchport access vlan 30 + mlag 8 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + no switchport + ip address 192.168.0.3/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + no switchport + ip address 192.168.0.19/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + no switchport + ip address 192.168.0.35/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + no switchport + ip address 192.168.0.51/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + channel-group 7 mode active +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.1.2/32 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.1.1/32 +! +interface Loopback101 + vrf PROD + ip address 10.101.101.12/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.106/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback101 + ip address virtual 10.10.10.1/24 +! +interface Vlan30 + mtu 9014 + vrf PROD + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback101 + ip address virtual 10.30.30.1/24 +! +interface Vlan3001 + description MLAG iBGP Peer - VRF PROD + no autostate + vrf PROD + ip address 192.0.0.1/31 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.1/31 + pim ipv4 sparse-mode +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.2/30 +! +interface Vxlan1 + vxlan source-interface Loopback0 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 10,30 vni 10010,10030 + vxlan vrf PROD vni 50001 + vxlan mlag source-interface Loopback1 + vxlan vrf PROD multicast group 232.1.1.1 + vxlan vrf PROD multicast group overlay 239.0.10.101 encap 232.1.1.10 immediate +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list regexp evpn-imported permit RT:.* +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.1 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65112 + router-id 1.1.1.2 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65100 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS remote-as 65100 + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor MLAG-IPV4-PEER peer group + neighbor MLAG-IPV4-PEER remote-as 65112 + neighbor MLAG-IPV4-PEER next-hop-self + neighbor MLAG-IPV4-PEER route-map RM-MLAG-PEER-OUT out + neighbor MLAG-IPV4-PEER password 7 CRkxra9QRmU5k9/wECPlUA== + neighbor 1.1.1.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.204 peer group LOCAL-EVPN-PEERS + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + neighbor 192.168.0.2 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.18 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.34 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.50 peer group LOCAL-IPV4-PEERS + redistribute connected route-map RM-CONN-2-BGP + ! + vlan 10 + rd 1.1.1.2:10010 + route-target both 10010:10010 + redistribute learned + ! + vlan 30 + rd 1.1.1.2:10030 + route-target both 10030:10030 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor MLAG-IPV4-PEER activate + ! + vrf PROD + rd 1.1.1.2:50001 + evpn multicast + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.0 activate +! +router multicast + ipv4 + routing + software-forwarding sfe + ! + vrf PROD + ipv4 + routing +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF3.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF3.cfg new file mode 100644 index 00000000..7af1bacb --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF3.cfg @@ -0,0 +1,332 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-LEAF3 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001-3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 30 + name Orange +! +vlan 50 + name Yellow +! +vlan 3001 + name MLAG_PEER_VRF_PROD + trunk group MLAG_PEER +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel8 + description HostA4 + switchport access vlan 10 + mlag 8 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + no switchport + ip address 192.168.0.5/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + no switchport + ip address 192.168.0.21/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + no switchport + ip address 192.168.0.37/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + no switchport + ip address 192.168.0.53/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + description HostA3 + switchport access vlan 50 + spanning-tree portfast +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.1.3/32 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.1.3/32 +! +interface Loopback101 + vrf PROD + ip address 10.101.101.13/32 +! +interface Loopback102 + vrf DEV + ip address 10.102.102.13/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.107/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback101 + ip address virtual 10.10.10.1/24 +! +interface Vlan30 + mtu 9014 + vrf PROD + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback101 + ip address virtual 10.30.30.1/24 +! +interface Vlan50 + mtu 9014 + vrf DEV + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback102 + ip address virtual 10.50.50.1/24 +! +interface Vlan3001 + description MLAG iBGP Peer - VRF PROD + no autostate + vrf PROD + ip address 192.0.0.0/31 +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ip address 192.0.0.0/31 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.0/31 + pim ipv4 sparse-mode +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.1/30 +! +interface Vxlan1 + vxlan source-interface Loopback0 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 10,30,50 vni 10010,10030,10050 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 + vxlan mlag source-interface Loopback1 + vxlan vrf DEV multicast group 232.2.2.2 + vxlan vrf DEV multicast group overlay 239.0.50.101 encap 232.2.2.50 immediate + vxlan vrf PROD multicast group 232.1.1.1 + vxlan vrf PROD multicast group overlay 239.0.10.101 encap 232.1.1.10 immediate +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.2 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65134 + router-id 1.1.1.3 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65100 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS remote-as 65100 + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor MLAG-IPV4-PEER peer group + neighbor MLAG-IPV4-PEER remote-as 65134 + neighbor MLAG-IPV4-PEER next-hop-self + neighbor MLAG-IPV4-PEER route-map RM-MLAG-PEER-OUT out + neighbor MLAG-IPV4-PEER password 7 CRkxra9QRmU5k9/wECPlUA== + neighbor 1.1.1.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.204 peer group LOCAL-EVPN-PEERS + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + neighbor 192.168.0.4 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.20 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.36 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.52 peer group LOCAL-IPV4-PEERS + redistribute connected route-map RM-CONN-2-BGP + ! + vlan 10 + rd 1.1.1.3:10010 + route-target both 10010:10010 + redistribute learned + ! + vlan 30 + rd 1.1.1.3:10030 + route-target both 10030:10030 + redistribute learned + ! + vlan 50 + rd 1.1.1.3:10050 + route-target both 10050:10050 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor MLAG-IPV4-PEER activate + ! + vrf DEV + rd 1.1.1.3:50002 + evpn multicast + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.1 activate + ! + vrf PROD + rd 1.1.1.3:50001 + evpn multicast + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.1 activate +! +router multicast + ipv4 + routing + software-forwarding sfe + ! + vrf DEV + ipv4 + routing + ! + vrf PROD + ipv4 + routing +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF4.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF4.cfg new file mode 100644 index 00000000..aa453af2 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF4.cfg @@ -0,0 +1,332 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-LEAF4 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001-3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 30 + name Orange +! +vlan 50 + name Yellow +! +vlan 3001 + name MLAG_PEER_VRF_PROD + trunk group MLAG_PEER +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel8 + description HostA4 + switchport access vlan 10 + mlag 8 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + no switchport + ip address 192.168.0.7/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + no switchport + ip address 192.168.0.23/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + no switchport + ip address 192.168.0.39/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + no switchport + ip address 192.168.0.55/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + description HostE + switchport access vlan 30 + spanning-tree portfast +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.1.4/32 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.1.3/32 +! +interface Loopback101 + vrf PROD + ip address 10.101.101.14/32 +! +interface Loopback102 + vrf DEV + ip address 10.102.102.14/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.108/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback101 + ip address virtual 10.10.10.1/24 +! +interface Vlan30 + mtu 9014 + vrf PROD + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback101 + ip address virtual 10.30.30.1/24 +! +interface Vlan50 + mtu 9014 + vrf DEV + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback102 + ip address virtual 10.50.50.1/24 +! +interface Vlan3001 + description MLAG iBGP Peer - VRF PROD + no autostate + vrf PROD + ip address 192.0.0.1/31 +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ip address 192.0.0.1/31 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.1/31 + pim ipv4 sparse-mode +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.2/30 +! +interface Vxlan1 + vxlan source-interface Loopback0 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 10,30,50 vni 10010,10030,10050 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 + vxlan mlag source-interface Loopback1 + vxlan vrf DEV multicast group 232.2.2.2 + vxlan vrf DEV multicast group overlay 239.0.50.101 encap 232.2.2.50 immediate + vxlan vrf PROD multicast group 232.1.1.1 + vxlan vrf PROD multicast group overlay 239.0.10.101 encap 232.1.1.10 immediate +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.1 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65134 + router-id 1.1.1.4 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65100 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS remote-as 65100 + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor MLAG-IPV4-PEER peer group + neighbor MLAG-IPV4-PEER remote-as 65134 + neighbor MLAG-IPV4-PEER next-hop-self + neighbor MLAG-IPV4-PEER route-map RM-MLAG-PEER-OUT out + neighbor MLAG-IPV4-PEER password 7 CRkxra9QRmU5k9/wECPlUA== + neighbor 1.1.1.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.204 peer group LOCAL-EVPN-PEERS + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + neighbor 192.168.0.6 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.22 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.38 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.54 peer group LOCAL-IPV4-PEERS + redistribute connected route-map RM-CONN-2-BGP + ! + vlan 10 + rd 1.1.1.4:10010 + route-target both 10010:10010 + redistribute learned + ! + vlan 30 + rd 1.1.1.4:10030 + route-target both 10030:10030 + redistribute learned + ! + vlan 50 + rd 1.1.1.4:10050 + route-target both 10050:10050 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor MLAG-IPV4-PEER activate + ! + vrf DEV + rd 1.1.1.4:50002 + evpn multicast + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.0 activate + ! + vrf PROD + rd 1.1.1.4:50001 + evpn multicast + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.0 activate +! +router multicast + ipv4 + routing + software-forwarding sfe + ! + vrf DEV + ipv4 + routing + ! + vrf PROD + ipv4 + routing +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF5.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF5.cfg new file mode 100644 index 00000000..7d812a42 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF5.cfg @@ -0,0 +1,261 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-LEAF5 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 70 + name Brown +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel7 + description HostF + switchport access vlan 70 + mlag 7 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + no switchport + ip address 192.168.0.9/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + no switchport + ip address 192.168.0.25/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + no switchport + ip address 192.168.0.41/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + no switchport + ip address 192.168.0.57/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + channel-group 7 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.1.5/32 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.1.5/32 +! +interface Loopback102 + vrf DEV + ip address 10.102.102.15/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.109/24 +! +interface Vlan70 + mtu 9014 + vrf DEV + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback102 + ip address virtual 10.70.70.1/24 +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ip address 192.0.0.0/31 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.0/31 +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.1/30 +! +interface Vxlan1 + vxlan source-interface Loopback0 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 70 vni 10070 + vxlan vrf DEV vni 50002 + vxlan mlag source-interface Loopback1 + vxlan vrf DEV multicast group 232.2.2.2 + vxlan vrf DEV multicast group overlay 239.0.50.101 encap 232.2.2.50 immediate +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.2 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65156 + router-id 1.1.1.5 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65100 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS remote-as 65100 + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor MLAG-IPV4-PEER peer group + neighbor MLAG-IPV4-PEER remote-as 65156 + neighbor MLAG-IPV4-PEER next-hop-self + neighbor MLAG-IPV4-PEER route-map RM-MLAG-PEER-OUT out + neighbor MLAG-IPV4-PEER password 7 CRkxra9QRmU5k9/wECPlUA== + neighbor 1.1.1.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.204 peer group LOCAL-EVPN-PEERS + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + neighbor 192.168.0.8 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.24 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.40 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.56 peer group LOCAL-IPV4-PEERS + redistribute connected route-map RM-CONN-2-BGP + ! + vlan 70 + rd 1.1.1.5:10070 + route-target both 10070:10070 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor MLAG-IPV4-PEER activate + ! + vrf DEV + rd 1.1.1.5:50002 + evpn multicast + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.1 activate +! +router multicast + ipv4 + routing + software-forwarding sfe + ! + vrf DEV + ipv4 + routing +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF6.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF6.cfg new file mode 100644 index 00000000..1b395fe2 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF6.cfg @@ -0,0 +1,261 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-LEAF6 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 70 + name Brown +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel7 + description HostF + switchport access vlan 70 + mlag 7 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + no switchport + ip address 192.168.0.11/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + no switchport + ip address 192.168.0.27/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + no switchport + ip address 192.168.0.43/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + no switchport + ip address 192.168.0.59/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + channel-group 7 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.1.6/32 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.1.5/32 +! +interface Loopback102 + vrf DEV + ip address 10.102.102.16/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.110/24 +! +interface Vlan70 + mtu 9014 + vrf DEV + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback102 + ip address virtual 10.70.70.1/24 +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ip address 192.0.0.1/31 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.1/31 +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.2/30 +! +interface Vxlan1 + vxlan source-interface Loopback0 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 70 vni 10070 + vxlan vrf DEV vni 50002 + vxlan mlag source-interface Loopback1 + vxlan vrf DEV multicast group 232.2.2.2 + vxlan vrf DEV multicast group overlay 239.0.50.101 encap 232.2.2.50 immediate +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.1 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65156 + router-id 1.1.1.6 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65100 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS remote-as 65100 + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor MLAG-IPV4-PEER peer group + neighbor MLAG-IPV4-PEER remote-as 65156 + neighbor MLAG-IPV4-PEER next-hop-self + neighbor MLAG-IPV4-PEER route-map RM-MLAG-PEER-OUT out + neighbor MLAG-IPV4-PEER password 7 CRkxra9QRmU5k9/wECPlUA== + neighbor 1.1.1.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.204 peer group LOCAL-EVPN-PEERS + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + neighbor 192.168.0.10 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.26 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.42 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.58 peer group LOCAL-IPV4-PEERS + redistribute connected route-map RM-CONN-2-BGP + ! + vlan 70 + rd 1.1.1.6:10070 + route-target both 10070:10070 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor MLAG-IPV4-PEER activate + ! + vrf DEV + rd 1.1.1.6:50002 + evpn multicast + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.0 activate +! +router multicast + ipv4 + routing + software-forwarding sfe + ! + vrf DEV + ipv4 + routing +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF7.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF7.cfg new file mode 100644 index 00000000..5286301f --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF7.cfg @@ -0,0 +1,312 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-LEAF7 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001-3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 50 + name Yellow +! +vlan 70 + name Brown +! +vlan 3001 + name MLAG_PEER_VRF_PROD + trunk group MLAG_PEER +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + no switchport + ip address 192.168.0.13/31 +! +interface Ethernet2 + no switchport + ip address 192.168.0.29/31 +! +interface Ethernet3 + no switchport + ip address 192.168.0.45/31 +! +interface Ethernet4 + no switchport + ip address 192.168.0.61/31 +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + no switchport + ip address 172.16.1.1/31 +! +interface Ethernet8 + no switchport + ip address 172.16.1.5/31 +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.1.7/32 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.1.7/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.111/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + ip address virtual 10.10.10.1/24 +! +interface Vlan50 + mtu 9014 + vrf DEV + ip address virtual 10.50.50.1/24 +! +interface Vlan70 + mtu 9014 + vrf DEV + ip address virtual 10.70.70.1/24 +! +interface Vlan3001 + description MLAG iBGP Peer - VRF PROD + no autostate + vrf PROD + ip address 192.0.0.0/31 +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ip address 192.0.0.0/31 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.0/31 +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.1/30 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 10,50,70 vni 10010,10050,10070 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ip prefix-list PL-GATEWAY-LOOP + seq 10 permit 2.2.1.7/32 + seq 20 permit 1.1.1.7/32 + seq 30 permit 1.1.1.8/32 +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.2 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-AS65000-IPV4-OUT permit 10 + match ip address prefix-list PL-GATEWAY-LOOP +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65178 + router-id 1.1.1.7 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + bgp bestpath d-path + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65100 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS remote-as 65100 + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor MLAG-IPV4-PEER peer group + neighbor MLAG-IPV4-PEER remote-as 65178 + neighbor MLAG-IPV4-PEER next-hop-self + neighbor MLAG-IPV4-PEER route-map RM-MLAG-PEER-OUT out + neighbor MLAG-IPV4-PEER password 7 CRkxra9QRmU5k9/wECPlUA== + neighbor REMOTE-EVPN-PEERS peer group + neighbor REMOTE-EVPN-PEERS remote-as 65000 + neighbor REMOTE-EVPN-PEERS local-as 65000 no-prepend replace-as + neighbor REMOTE-EVPN-PEERS update-source Loopback0 + neighbor REMOTE-EVPN-PEERS password 7 IO6gE/ln7Sp2wt33WX/Asg== + neighbor REMOTE-IPV4-PEERS peer group + neighbor REMOTE-IPV4-PEERS remote-as 65000 + neighbor REMOTE-IPV4-PEERS route-map RM-AS65000-IPV4-OUT out + neighbor REMOTE-IPV4-PEERS password 7 dkvBq1jk4inJHsHfMjYRnQ== + neighbor 1.1.0.1 peer group REMOTE-EVPN-PEERS + neighbor 1.1.0.2 peer group REMOTE-EVPN-PEERS + neighbor 1.1.1.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.204 peer group LOCAL-EVPN-PEERS + neighbor 172.16.1.0 peer group REMOTE-IPV4-PEERS + neighbor 172.16.1.4 peer group REMOTE-IPV4-PEERS + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + neighbor 192.168.0.12 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.28 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.44 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.60 peer group LOCAL-IPV4-PEERS + redistribute connected route-map RM-CONN-2-BGP + ! + vlan 10 + rd evpn domain all 1.1.1.7:10010 + route-target import export evpn domain all 10010:10010 + ! + vlan 50 + rd evpn domain all 1.1.1.7:10050 + route-target import export evpn domain all 10050:10050 + ! + vlan 70 + rd evpn domain all 1.1.1.7:10070 + route-target import export evpn domain all 10070:10070 + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + neighbor REMOTE-EVPN-PEERS activate + neighbor REMOTE-EVPN-PEERS domain remote + domain identifier 1:1 + domain identifier 99:99 remote + route import match-failure action discard + neighbor default next-hop-self received-evpn-routes route-type ip-prefix inter-domain + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor MLAG-IPV4-PEER activate + neighbor REMOTE-IPV4-PEERS activate + ! + vrf DEV + rd 1.1.1.7:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.1 activate + ! + vrf PROD + rd 1.1.1.7:50001 + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.1 activate +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF8.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF8.cfg new file mode 100644 index 00000000..49b248fe --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-LEAF8.cfg @@ -0,0 +1,312 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-LEAF8 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001-3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 50 + name Yellow +! +vlan 70 + name Brown +! +vlan 3001 + name MLAG_PEER_VRF_PROD + trunk group MLAG_PEER +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + no switchport + ip address 192.168.0.15/31 +! +interface Ethernet2 + no switchport + ip address 192.168.0.31/31 +! +interface Ethernet3 + no switchport + ip address 192.168.0.47/31 +! +interface Ethernet4 + no switchport + ip address 192.168.0.63/31 +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + no switchport + ip address 172.16.1.3/31 +! +interface Ethernet8 + no switchport + ip address 172.16.1.7/31 +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.1.8/32 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.1.7/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.112/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + ip address virtual 10.10.10.1/24 +! +interface Vlan50 + mtu 9014 + vrf DEV + ip address virtual 10.50.50.1/24 +! +interface Vlan70 + mtu 9014 + vrf DEV + ip address virtual 10.70.70.1/24 +! +interface Vlan3001 + description MLAG iBGP Peer - VRF PROD + no autostate + vrf PROD + ip address 192.0.0.1/31 +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ip address 192.0.0.1/31 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.1/31 +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.2/30 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 10,50,70 vni 10010,10050,10070 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ip prefix-list PL-GATEWAY-LOOP + seq 10 permit 2.2.1.7/32 + seq 20 permit 1.1.1.7/32 + seq 30 permit 1.1.1.8/32 +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.1 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-AS65000-IPV4-OUT permit 10 + match ip address prefix-list PL-GATEWAY-LOOP +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65178 + router-id 1.1.1.8 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + bgp bestpath d-path + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65100 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS remote-as 65100 + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor MLAG-IPV4-PEER peer group + neighbor MLAG-IPV4-PEER remote-as 65178 + neighbor MLAG-IPV4-PEER next-hop-self + neighbor MLAG-IPV4-PEER route-map RM-MLAG-PEER-OUT out + neighbor MLAG-IPV4-PEER password 7 CRkxra9QRmU5k9/wECPlUA== + neighbor REMOTE-EVPN-PEERS peer group + neighbor REMOTE-EVPN-PEERS remote-as 65000 + neighbor REMOTE-EVPN-PEERS local-as 65000 no-prepend replace-as + neighbor REMOTE-EVPN-PEERS update-source Loopback0 + neighbor REMOTE-EVPN-PEERS password 7 IO6gE/ln7Sp2wt33WX/Asg== + neighbor REMOTE-IPV4-PEERS peer group + neighbor REMOTE-IPV4-PEERS remote-as 65000 + neighbor REMOTE-IPV4-PEERS route-map RM-AS65000-IPV4-OUT out + neighbor REMOTE-IPV4-PEERS password 7 dkvBq1jk4inJHsHfMjYRnQ== + neighbor 1.1.0.1 peer group REMOTE-EVPN-PEERS + neighbor 1.1.0.2 peer group REMOTE-EVPN-PEERS + neighbor 1.1.1.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.204 peer group LOCAL-EVPN-PEERS + neighbor 172.16.1.2 peer group REMOTE-IPV4-PEERS + neighbor 172.16.1.6 peer group REMOTE-IPV4-PEERS + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + neighbor 192.168.0.14 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.30 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.46 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.62 peer group LOCAL-IPV4-PEERS + redistribute connected route-map RM-CONN-2-BGP + ! + vlan 10 + rd evpn domain all 1.1.1.8:10010 + route-target import export evpn domain all 10010:10010 + ! + vlan 50 + rd evpn domain all 1.1.1.8:10050 + route-target import export evpn domain all 10050:10050 + ! + vlan 70 + rd evpn domain all 1.1.1.8:10070 + route-target import export evpn domain all 10070:10070 + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + neighbor REMOTE-EVPN-PEERS activate + neighbor REMOTE-EVPN-PEERS domain remote + domain identifier 1:1 + domain identifier 99:99 remote + route import match-failure action discard + neighbor default next-hop-self received-evpn-routes route-type ip-prefix inter-domain + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor MLAG-IPV4-PEER activate + neighbor REMOTE-IPV4-PEERS activate + ! + vrf DEV + rd 1.1.1.8:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.0 activate + ! + vrf PROD + rd 1.1.1.8:50001 + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.0 activate +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-SPINE1.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-SPINE1.cfg new file mode 100644 index 00000000..7a131084 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-SPINE1.cfg @@ -0,0 +1,191 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-SPINE1 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description A-LEAF1 + no switchport + ip address 192.168.0.0/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + description A-LEAF2 + no switchport + ip address 192.168.0.2/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + description A-LEAF3 + no switchport + ip address 192.168.0.4/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + description A-LEAF4 + no switchport + ip address 192.168.0.6/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + description A-LEAF5 + no switchport + ip address 192.168.0.8/31 + pim ipv4 sparse-mode +! +interface Ethernet6 + description A-LEAF6 + no switchport + ip address 192.168.0.10/31 + pim ipv4 sparse-mode +! +interface Ethernet7 + description A-LEAF7 + no switchport + ip address 192.168.0.12/31 + pim ipv4 sparse-mode +! +interface Ethernet8 + description A-LEAF8 + no switchport + ip address 192.168.0.14/31 + pim ipv4 sparse-mode +! +interface Loopback0 + ip address 1.1.1.201/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.101/24 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +router bgp 65100 + router-id 1.1.1.201 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS next-hop-unchanged + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor 1.1.1.1 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.1 remote-as 65112 + neighbor 1.1.1.1 description A-LEAF1.EVPN + neighbor 1.1.1.2 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.2 remote-as 65112 + neighbor 1.1.1.2 description A-LEAF2.EVPN + neighbor 1.1.1.3 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.3 remote-as 65134 + neighbor 1.1.1.3 description A-LEAF3.EVPN + neighbor 1.1.1.4 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.4 remote-as 65134 + neighbor 1.1.1.4 description A-LEAF4.EVPN + neighbor 1.1.1.5 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.5 remote-as 65156 + neighbor 1.1.1.5 description A-LEAF5.EVPN + neighbor 1.1.1.6 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.6 remote-as 65156 + neighbor 1.1.1.6 description A-LEAF6.EVPN + neighbor 1.1.1.7 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.7 remote-as 65178 + neighbor 1.1.1.7 description A-LEAF7.EVPN + neighbor 1.1.1.8 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.8 remote-as 65178 + neighbor 1.1.1.8 description A-LEAF8.EVPN + neighbor 192.168.0.1 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.1 remote-as 65112 + neighbor 192.168.0.1 description A-LEAF1.IPV4 + neighbor 192.168.0.3 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.3 remote-as 65112 + neighbor 192.168.0.3 description A-LEAF2.IPV4 + neighbor 192.168.0.5 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.5 remote-as 65134 + neighbor 192.168.0.5 description A-LEAF3.IPV4 + neighbor 192.168.0.7 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.7 remote-as 65134 + neighbor 192.168.0.7 description A-LEAF4.IPV4 + neighbor 192.168.0.9 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.9 remote-as 65156 + neighbor 192.168.0.9 description A-LEAF5.IPV4 + neighbor 192.168.0.11 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.11 remote-as 65156 + neighbor 192.168.0.11 description A-LEAF6.IPV4 + neighbor 192.168.0.13 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.13 remote-as 65178 + neighbor 192.168.0.13 description A-LEAF7.IPV4 + neighbor 192.168.0.15 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.15 remote-as 65178 + neighbor 192.168.0.15 description A-LEAF8.IPV4 + redistribute connected route-map RM-CONN-2-BGP + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate +! +router multicast + ipv4 + routing + software-forwarding sfe +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-SPINE2.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-SPINE2.cfg new file mode 100644 index 00000000..06deb0e4 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-SPINE2.cfg @@ -0,0 +1,191 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-SPINE2 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description A-LEAF1 + no switchport + ip address 192.168.0.16/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + description A-LEAF2 + no switchport + ip address 192.168.0.18/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + description A-LEAF3 + no switchport + ip address 192.168.0.20/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + description A-LEAF4 + no switchport + ip address 192.168.0.22/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + description A-LEAF5 + no switchport + ip address 192.168.0.24/31 + pim ipv4 sparse-mode +! +interface Ethernet6 + description A-LEAF6 + no switchport + ip address 192.168.0.26/31 + pim ipv4 sparse-mode +! +interface Ethernet7 + description A-LEAF7 + no switchport + ip address 192.168.0.28/31 + pim ipv4 sparse-mode +! +interface Ethernet8 + description A-LEAF8 + no switchport + ip address 192.168.0.30/31 + pim ipv4 sparse-mode +! +interface Loopback0 + ip address 1.1.1.202/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.102/24 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +router bgp 65100 + router-id 1.1.1.202 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS next-hop-unchanged + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor 1.1.1.1 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.1 remote-as 65112 + neighbor 1.1.1.1 description A-LEAF1.EVPN + neighbor 1.1.1.2 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.2 remote-as 65112 + neighbor 1.1.1.2 description A-LEAF2.EVPN + neighbor 1.1.1.3 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.3 remote-as 65134 + neighbor 1.1.1.3 description A-LEAF3.EVPN + neighbor 1.1.1.4 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.4 remote-as 65134 + neighbor 1.1.1.4 description A-LEAF4.EVPN + neighbor 1.1.1.5 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.5 remote-as 65156 + neighbor 1.1.1.5 description A-LEAF5.EVPN + neighbor 1.1.1.6 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.6 remote-as 65156 + neighbor 1.1.1.6 description A-LEAF6.EVPN + neighbor 1.1.1.7 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.7 remote-as 65178 + neighbor 1.1.1.7 description A-LEAF7.EVPN + neighbor 1.1.1.8 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.8 remote-as 65178 + neighbor 1.1.1.8 description A-LEAF8.EVPN + neighbor 192.168.0.17 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.17 remote-as 65112 + neighbor 192.168.0.17 description A-LEAF1.IPV4 + neighbor 192.168.0.19 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.19 remote-as 65112 + neighbor 192.168.0.19 description A-LEAF2.IPV4 + neighbor 192.168.0.21 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.21 remote-as 65134 + neighbor 192.168.0.21 description A-LEAF3.IPV4 + neighbor 192.168.0.23 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.23 remote-as 65134 + neighbor 192.168.0.23 description A-LEAF4.IPV4 + neighbor 192.168.0.25 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.25 remote-as 65156 + neighbor 192.168.0.25 description A-LEAF5.IPV4 + neighbor 192.168.0.27 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.27 remote-as 65156 + neighbor 192.168.0.27 description A-LEAF6.IPV4 + neighbor 192.168.0.29 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.29 remote-as 65178 + neighbor 192.168.0.29 description A-LEAF7.IPV4 + neighbor 192.168.0.31 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.31 remote-as 65178 + neighbor 192.168.0.31 description A-LEAF8.IPV4 + redistribute connected route-map RM-CONN-2-BGP + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate +! +router multicast + ipv4 + routing + software-forwarding sfe +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-SPINE3.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-SPINE3.cfg new file mode 100644 index 00000000..50e02ef8 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-SPINE3.cfg @@ -0,0 +1,191 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-SPINE3 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description A-LEAF1 + no switchport + ip address 192.168.0.32/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + description A-LEAF2 + no switchport + ip address 192.168.0.34/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + description A-LEAF3 + no switchport + ip address 192.168.0.36/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + description A-LEAF4 + no switchport + ip address 192.168.0.38/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + description A-LEAF5 + no switchport + ip address 192.168.0.40/31 + pim ipv4 sparse-mode +! +interface Ethernet6 + description A-LEAF6 + no switchport + ip address 192.168.0.42/31 + pim ipv4 sparse-mode +! +interface Ethernet7 + description A-LEAF7 + no switchport + ip address 192.168.0.44/31 + pim ipv4 sparse-mode +! +interface Ethernet8 + description A-LEAF8 + no switchport + ip address 192.168.0.46/31 + pim ipv4 sparse-mode +! +interface Loopback0 + ip address 1.1.1.203/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.103/24 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +router bgp 65100 + router-id 1.1.1.203 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS next-hop-unchanged + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor 1.1.1.1 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.1 remote-as 65112 + neighbor 1.1.1.1 description A-LEAF1.EVPN + neighbor 1.1.1.2 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.2 remote-as 65112 + neighbor 1.1.1.2 description A-LEAF2.EVPN + neighbor 1.1.1.3 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.3 remote-as 65134 + neighbor 1.1.1.3 description A-LEAF3.EVPN + neighbor 1.1.1.4 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.4 remote-as 65134 + neighbor 1.1.1.4 description A-LEAF4.EVPN + neighbor 1.1.1.5 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.5 remote-as 65156 + neighbor 1.1.1.5 description A-LEAF5.EVPN + neighbor 1.1.1.6 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.6 remote-as 65156 + neighbor 1.1.1.6 description A-LEAF6.EVPN + neighbor 1.1.1.7 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.7 remote-as 65178 + neighbor 1.1.1.7 description A-LEAF7.EVPN + neighbor 1.1.1.8 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.8 remote-as 65178 + neighbor 1.1.1.8 description A-LEAF8.EVPN + neighbor 192.168.0.33 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.33 remote-as 65112 + neighbor 192.168.0.33 description A-LEAF1.IPV4 + neighbor 192.168.0.35 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.35 remote-as 65112 + neighbor 192.168.0.35 description A-LEAF2.IPV4 + neighbor 192.168.0.37 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.37 remote-as 65134 + neighbor 192.168.0.37 description A-LEAF3.IPV4 + neighbor 192.168.0.39 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.39 remote-as 65134 + neighbor 192.168.0.39 description A-LEAF4.IPV4 + neighbor 192.168.0.41 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.41 remote-as 65156 + neighbor 192.168.0.41 description A-LEAF5.IPV4 + neighbor 192.168.0.43 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.43 remote-as 65156 + neighbor 192.168.0.43 description A-LEAF6.IPV4 + neighbor 192.168.0.45 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.45 remote-as 65178 + neighbor 192.168.0.45 description A-LEAF7.IPV4 + neighbor 192.168.0.47 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.47 remote-as 65178 + neighbor 192.168.0.47 description A-LEAF8.IPV4 + redistribute connected route-map RM-CONN-2-BGP + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate +! +router multicast + ipv4 + routing + software-forwarding sfe +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-SPINE4.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-SPINE4.cfg new file mode 100644 index 00000000..8791fae4 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/A-SPINE4.cfg @@ -0,0 +1,191 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname A-SPINE4 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description A-LEAF1 + no switchport + ip address 192.168.0.48/31 + pim ipv4 sparse-mode +! +interface Ethernet2 + description A-LEAF2 + no switchport + ip address 192.168.0.50/31 + pim ipv4 sparse-mode +! +interface Ethernet3 + description A-LEAF3 + no switchport + ip address 192.168.0.52/31 + pim ipv4 sparse-mode +! +interface Ethernet4 + description A-LEAF4 + no switchport + ip address 192.168.0.54/31 + pim ipv4 sparse-mode +! +interface Ethernet5 + description A-LEAF5 + no switchport + ip address 192.168.0.56/31 + pim ipv4 sparse-mode +! +interface Ethernet6 + description A-LEAF6 + no switchport + ip address 192.168.0.58/31 + pim ipv4 sparse-mode +! +interface Ethernet7 + description A-LEAF7 + no switchport + ip address 192.168.0.60/31 + pim ipv4 sparse-mode +! +interface Ethernet8 + description A-LEAF8 + no switchport + ip address 192.168.0.62/31 + pim ipv4 sparse-mode +! +interface Loopback0 + ip address 1.1.1.204/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.104/24 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-P2P-UNDERLAY + seq 10 permit 192.168.0.0/24 le 31 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP permit 20 + match ip address prefix-list PL-P2P-UNDERLAY +! +router bgp 65100 + router-id 1.1.1.204 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS next-hop-unchanged + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor 1.1.1.1 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.1 remote-as 65112 + neighbor 1.1.1.1 description A-LEAF1.EVPN + neighbor 1.1.1.2 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.2 remote-as 65112 + neighbor 1.1.1.2 description A-LEAF2.EVPN + neighbor 1.1.1.3 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.3 remote-as 65134 + neighbor 1.1.1.3 description A-LEAF3.EVPN + neighbor 1.1.1.4 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.4 remote-as 65134 + neighbor 1.1.1.4 description A-LEAF4.EVPN + neighbor 1.1.1.5 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.5 remote-as 65156 + neighbor 1.1.1.5 description A-LEAF5.EVPN + neighbor 1.1.1.6 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.6 remote-as 65156 + neighbor 1.1.1.6 description A-LEAF6.EVPN + neighbor 1.1.1.7 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.7 remote-as 65178 + neighbor 1.1.1.7 description A-LEAF7.EVPN + neighbor 1.1.1.8 peer group LOCAL-EVPN-PEERS + neighbor 1.1.1.8 remote-as 65178 + neighbor 1.1.1.8 description A-LEAF8.EVPN + neighbor 192.168.0.49 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.49 remote-as 65112 + neighbor 192.168.0.49 description A-LEAF1.IPV4 + neighbor 192.168.0.51 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.51 remote-as 65112 + neighbor 192.168.0.51 description A-LEAF2.IPV4 + neighbor 192.168.0.53 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.53 remote-as 65134 + neighbor 192.168.0.53 description A-LEAF3.IPV4 + neighbor 192.168.0.55 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.55 remote-as 65134 + neighbor 192.168.0.55 description A-LEAF4.IPV4 + neighbor 192.168.0.57 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.57 remote-as 65156 + neighbor 192.168.0.57 description A-LEAF5.IPV4 + neighbor 192.168.0.59 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.59 remote-as 65156 + neighbor 192.168.0.59 description A-LEAF6.IPV4 + neighbor 192.168.0.61 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.61 remote-as 65178 + neighbor 192.168.0.61 description A-LEAF7.IPV4 + neighbor 192.168.0.63 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.63 remote-as 65178 + neighbor 192.168.0.63 description A-LEAF8.IPV4 + redistribute connected route-map RM-CONN-2-BGP + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate +! +router multicast + ipv4 + routing + software-forwarding sfe +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF1.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF1.cfg new file mode 100644 index 00000000..5343e03e --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF1.cfg @@ -0,0 +1,231 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname B-LEAF1 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +spanning-tree edge-port bpduguard default +spanning-tree root super +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 20 + name Green +! +vlan 40 + name Purple +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel7 + description HostG + bgp session tracker TRACK-LOCAL-EVPN-PEERS + switchport access vlan 20 + ! + evpn ethernet-segment + identifier 0000:000b:0001:0002:0007 + route-target import 0b:01:02:00:00:07 + lacp system-id c0d6.8200.0000 + spanning-tree portfast +! +interface Port-Channel8 + description HostH + bgp session tracker TRACK-LOCAL-EVPN-PEERS + switchport access vlan 40 + ! + evpn ethernet-segment + identifier 0000:000b:0001:0002:0008 + route-target import 0b:01:02:00:00:08 + lacp system-id c0d6.8200.0000 + spanning-tree portfast +! +interface Ethernet1 + description B-SPINE1 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet2 + description B-SPINE2 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet3 + description B-SPINE3 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet4 + description B-SPINE4 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet7 + channel-group 7 mode active +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.2.1/32 + isis enable 100 + isis circuit-type level-2 +! +interface Loopback1 + description VTEP IP + ip address 2.2.2.1/32 + isis enable 100 + isis circuit-type level-2 +! +interface Loopback101 + vrf PROD + ip address 10.101.101.21/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.118/24 +! +interface Vlan20 + mtu 9014 + vrf PROD + ip igmp + pim ipv4 local-interface Loopback101 + ip address virtual 10.20.20.1/24 + ipv6 address virtual 2001:db8:20:20::1/64 +! +interface Vlan40 + mtu 9014 + vrf PROD + ip igmp + pim ipv4 local-interface Loopback101 + ip address virtual 10.40.40.1/24 + ipv6 address virtual 2001:db8:40:40::1/64 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan udp-port 4789 + vxlan vlan 20,40 vni 10020,10040 + vxlan vrf PROD vni 50001 + vxlan vrf PROD multicast group 232.1.1.1 + vxlan vrf PROD multicast group overlay 239.0.20.101 encap 232.1.1.20 immediate +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +no ip routing vrf MGMT +ip routing vrf PROD +! +ipv6 unicast-routing vrf PROD +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +router bgp 65200 + router-id 1.1.2.1 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65200 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS session tracker TRACK-LOCAL-EVPN-PEERS + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor 1.1.2.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.204 peer group LOCAL-EVPN-PEERS + ! + vlan 20 + rd 1.1.2.1:10020 + route-target both 10020:10020 + redistribute learned + ! + vlan 40 + rd 1.1.2.1:10040 + route-target both 10040:10040 + redistribute learned + ! + address-family evpn + route export ethernet-segment ip mass-withdraw + route import ethernet-segment ip mass-withdraw + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + layer-2 fec in-place update + ! + vrf PROD + rd 1.1.2.1:50001 + evpn multicast + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + redistribute connected + ! + session tracker TRACK-LOCAL-EVPN-PEERS + recovery delay 300 seconds +! +router isis 100 + net 49.1111.0000.0000.0001.00 + is-type level-2 + ! + address-family ipv4 unicast +! +router multicast + ipv4 + routing + software-forwarding sfe + ! + vrf PROD + ipv4 + routing +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF2.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF2.cfg new file mode 100644 index 00000000..36abf27a --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF2.cfg @@ -0,0 +1,231 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname B-LEAF2 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +spanning-tree edge-port bpduguard default +spanning-tree root super +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 20 + name Green +! +vlan 40 + name Purple +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel7 + description HostG + bgp session tracker TRACK-LOCAL-EVPN-PEERS + switchport access vlan 20 + ! + evpn ethernet-segment + identifier 0000:000b:0001:0002:0007 + route-target import 0b:01:02:00:00:07 + lacp system-id c0d6.8200.0000 + spanning-tree portfast +! +interface Port-Channel8 + description HostH + bgp session tracker TRACK-LOCAL-EVPN-PEERS + switchport access vlan 40 + ! + evpn ethernet-segment + identifier 0000:000b:0001:0002:0008 + route-target import 0b:01:02:00:00:08 + lacp system-id c0d6.8200.0000 + spanning-tree portfast +! +interface Ethernet1 + description B-SPINE1 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet2 + description B-SPINE2 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet3 + description B-SPINE3 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet4 + description B-SPINE4 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet7 + channel-group 7 mode active +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.2.2/32 + isis enable 100 + isis circuit-type level-2 +! +interface Loopback1 + description VTEP IP + ip address 2.2.2.2/32 + isis enable 100 + isis circuit-type level-2 +! +interface Loopback101 + vrf PROD + ip address 10.101.101.22/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.119/24 +! +interface Vlan20 + mtu 9014 + vrf PROD + ip igmp + pim ipv4 local-interface Loopback101 + ip address virtual 10.20.20.1/24 + ipv6 address virtual 2001:db8:20:20::1/64 +! +interface Vlan40 + mtu 9014 + vrf PROD + ip igmp + pim ipv4 local-interface Loopback101 + ip address virtual 10.40.40.1/24 + ipv6 address virtual 2001:db8:40:40::1/64 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan udp-port 4789 + vxlan vlan 20,40 vni 10020,10040 + vxlan vrf PROD vni 50001 + vxlan vrf PROD multicast group 232.1.1.1 + vxlan vrf PROD multicast group overlay 239.0.20.101 encap 232.1.1.20 immediate +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +no ip routing vrf MGMT +ip routing vrf PROD +! +ipv6 unicast-routing vrf PROD +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +router bgp 65200 + router-id 1.1.2.2 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65200 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS session tracker TRACK-LOCAL-EVPN-PEERS + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor 1.1.2.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.204 peer group LOCAL-EVPN-PEERS + ! + vlan 20 + rd 1.1.2.2:10020 + route-target both 10020:10020 + redistribute learned + ! + vlan 40 + rd 1.1.2.2:10040 + route-target both 10040:10040 + redistribute learned + ! + address-family evpn + route export ethernet-segment ip mass-withdraw + route import ethernet-segment ip mass-withdraw + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + layer-2 fec in-place update + ! + vrf PROD + rd 1.1.2.2:50001 + evpn multicast + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + redistribute connected + ! + session tracker TRACK-LOCAL-EVPN-PEERS + recovery delay 300 seconds +! +router isis 100 + net 49.1111.0000.0000.0002.00 + is-type level-2 + ! + address-family ipv4 unicast +! +router multicast + ipv4 + routing + software-forwarding sfe + ! + vrf PROD + ipv4 + routing +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF3.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF3.cfg new file mode 100644 index 00000000..fd2eb12a --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF3.cfg @@ -0,0 +1,245 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname B-LEAF3 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +spanning-tree edge-port bpduguard default +spanning-tree root super +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 60 + name Red +! +vlan 70 + name Brown +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel8 + description HostJ + bgp session tracker TRACK-LOCAL-EVPN-PEERS + switchport access vlan 10 + ! + evpn ethernet-segment + identifier 0000:000b:0003:0004:0008 + route-target import 0b:03:03:00:00:08 + lacp system-id c0d6.8200.0000 + spanning-tree portfast +! +interface Ethernet1 + description B-SPINE1 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet2 + description B-SPINE2 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet3 + description B-SPINE3 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet4 + description B-SPINE4 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet7 + description HostI + switchport access vlan 60 + spanning-tree portfast +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.2.3/32 + isis enable 100 + isis circuit-type level-2 +! +interface Loopback1 + description VTEP IP + ip address 2.2.2.3/32 + isis enable 100 + isis circuit-type level-2 +! +interface Loopback101 + vrf PROD + ip address 10.101.101.23/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.120/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + ip igmp + pim ipv4 local-interface Loopback101 + ip address virtual 10.10.10.1/24 + ipv6 address virtual 2001:db8:10:10::1/64 +! +interface Vlan60 + mtu 9014 + vrf DEV + ip address virtual 10.60.60.1/24 + ipv6 address virtual 2001:db8:60:60::1/64 +! +interface Vlan70 + mtu 9014 + vrf DEV + ip address virtual 10.70.70.1/24 + ipv6 address virtual 2001:db8:70:70::1/64 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan udp-port 4789 + vxlan vlan 10,60,70 vni 10010,10060,10070 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 + vxlan vrf PROD multicast group 232.1.1.1 + vxlan vrf PROD multicast group overlay 239.0.20.101 encap 232.1.1.20 immediate +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ipv6 unicast-routing vrf DEV +ipv6 unicast-routing vrf PROD +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +router bgp 65200 + router-id 1.1.2.3 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65200 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS session tracker TRACK-LOCAL-EVPN-PEERS + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor 1.1.2.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.204 peer group LOCAL-EVPN-PEERS + ! + vlan 10 + rd 1.1.2.3:10010 + route-target both 10010:10010 + redistribute learned + ! + vlan 60 + rd 1.1.2.3:10060 + route-target both 10060:10060 + redistribute learned + ! + vlan 70 + rd 1.1.2.3:10070 + route-target both 10070:10070 + redistribute learned + ! + address-family evpn + route export ethernet-segment ip mass-withdraw + route import ethernet-segment ip mass-withdraw + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + layer-2 fec in-place update + ! + vrf DEV + rd 1.1.2.3:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + redistribute connected + ! + vrf PROD + rd 1.1.2.3:50001 + evpn multicast + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + redistribute connected + ! + session tracker TRACK-LOCAL-EVPN-PEERS + recovery delay 300 seconds +! +router isis 100 + net 49.1111.0000.0000.0003.00 + is-type level-2 + ! + address-family ipv4 unicast +! +router multicast + ipv4 + routing + software-forwarding sfe + ! + vrf PROD + ipv4 + routing +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF4.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF4.cfg new file mode 100644 index 00000000..7699f009 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF4.cfg @@ -0,0 +1,245 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname B-LEAF4 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +spanning-tree edge-port bpduguard default +spanning-tree root super +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 60 + name Red +! +vlan 70 + name Brown +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel8 + description HostJ + bgp session tracker TRACK-LOCAL-EVPN-PEERS + switchport access vlan 10 + ! + evpn ethernet-segment + identifier 0000:000b:0003:0004:0008 + route-target import 0b:03:03:00:00:08 + lacp system-id c0d6.8200.0000 + spanning-tree portfast +! +interface Ethernet1 + description B-SPINE1 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet2 + description B-SPINE2 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet3 + description B-SPINE3 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet4 + description B-SPINE4 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet7 + description HostK + switchport access vlan 70 + spanning-tree portfast +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.2.4/32 + isis enable 100 + isis circuit-type level-2 +! +interface Loopback1 + description VTEP IP + ip address 2.2.2.4/32 + isis enable 100 + isis circuit-type level-2 +! +interface Loopback101 + vrf PROD + ip address 10.101.101.24/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.121/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + ip igmp + pim ipv4 local-interface Loopback101 + ip address virtual 10.10.10.1/24 + ipv6 address virtual 2001:db8:10:10::1/64 +! +interface Vlan60 + mtu 9014 + vrf DEV + ip address virtual 10.60.60.1/24 + ipv6 address virtual 2001:db8:60:60::1/64 +! +interface Vlan70 + mtu 9014 + vrf DEV + ip address virtual 10.70.70.1/24 + ipv6 address virtual 2001:db8:70:70::1/64 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan udp-port 4789 + vxlan vlan 10,60,70 vni 10010,10060,10070 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 + vxlan vrf PROD multicast group 232.1.1.1 + vxlan vrf PROD multicast group overlay 239.0.20.101 encap 232.1.1.20 immediate +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ipv6 unicast-routing vrf DEV +ipv6 unicast-routing vrf PROD +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +router bgp 65200 + router-id 1.1.2.4 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65200 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS session tracker TRACK-LOCAL-EVPN-PEERS + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor 1.1.2.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.204 peer group LOCAL-EVPN-PEERS + ! + vlan 10 + rd 1.1.2.4:10010 + route-target both 10010:10010 + redistribute learned + ! + vlan 60 + rd 1.1.2.4:10060 + route-target both 10060:10060 + redistribute learned + ! + vlan 70 + rd 1.1.2.4:10070 + route-target both 10070:10070 + redistribute learned + ! + address-family evpn + route export ethernet-segment ip mass-withdraw + route import ethernet-segment ip mass-withdraw + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + layer-2 fec in-place update + ! + vrf DEV + rd 1.1.2.4:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + redistribute connected + ! + vrf PROD + rd 1.1.2.4:50001 + evpn multicast + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + redistribute connected + ! + session tracker TRACK-LOCAL-EVPN-PEERS + recovery delay 300 seconds +! +router isis 100 + net 49.1111.0000.0000.0004.00 + is-type level-2 + ! + address-family ipv4 unicast +! +router multicast + ipv4 + routing + software-forwarding sfe + ! + vrf PROD + ipv4 + routing +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF5.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF5.cfg new file mode 100644 index 00000000..7fbef218 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF5.cfg @@ -0,0 +1,226 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname B-LEAF5 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +spanning-tree edge-port bpduguard default +spanning-tree root super +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 40 + name Purple +! +vlan 80 + name Black +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description B-SPINE1 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet2 + description B-SPINE2 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet3 + description B-SPINE3 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet4 + description B-SPINE4 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet7 + description B-SW1 + bgp session tracker TRACK-LOCAL-EVPN-PEERS + switchport trunk allowed vlan 40,80 + switchport mode trunk + ! + evpn ethernet-segment + identifier 0000:000b:0005:0006:0007 + redundancy single-active + designated-forwarder election algorithm preference 2000 + route-target import 0b:05:06:00:00:07 + spanning-tree portfast + spanning-tree bpduguard disable +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.2.5/32 + isis enable 100 + isis circuit-type level-2 +! +interface Loopback1 + description VTEP IP + ip address 2.2.2.5/32 + isis enable 100 + isis circuit-type level-2 +! +interface Loopback101 + vrf PROD + ip address 10.101.101.25/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.122/24 +! +interface Vlan40 + mtu 9014 + vrf PROD + ip igmp + pim ipv4 local-interface Loopback101 + ip address virtual 10.40.40.1/24 + ipv6 address virtual 2001:db8:40:40::1/64 +! +interface Vlan80 + mtu 9014 + vrf DEV + ip address virtual 10.80.80.1/24 + ipv6 address virtual 2001:db8:80:80::1/64 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan udp-port 4789 + vxlan vlan 40,80 vni 10040,10080 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 + vxlan vrf PROD multicast group 232.1.1.1 + vxlan vrf PROD multicast group overlay 239.0.20.101 encap 232.1.1.20 immediate +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ipv6 unicast-routing vrf DEV +ipv6 unicast-routing vrf PROD +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +router bgp 65200 + router-id 1.1.2.5 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65200 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS session tracker TRACK-LOCAL-EVPN-PEERS + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor 1.1.2.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.204 peer group LOCAL-EVPN-PEERS + ! + vlan 40 + rd 1.1.2.5:10040 + route-target both 10040:10040 + redistribute learned + ! + vlan 80 + rd 1.1.2.5:10080 + route-target both 10080:10080 + redistribute learned + ! + address-family evpn + route export ethernet-segment ip mass-withdraw + route import ethernet-segment ip mass-withdraw + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + layer-2 fec in-place update + ! + vrf DEV + rd 1.1.2.5:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + redistribute connected + ! + vrf PROD + rd 1.1.2.5:50001 + evpn multicast + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + redistribute connected + ! + session tracker TRACK-LOCAL-EVPN-PEERS + recovery delay 300 seconds +! +router isis 100 + net 49.1111.0000.0000.0005.00 + is-type level-2 + ! + address-family ipv4 unicast +! +router multicast + ipv4 + routing + software-forwarding sfe + ! + vrf PROD + ipv4 + routing +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF6.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF6.cfg new file mode 100644 index 00000000..98ad8527 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF6.cfg @@ -0,0 +1,226 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname B-LEAF6 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +spanning-tree edge-port bpduguard default +spanning-tree root super +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 40 + name Purple +! +vlan 80 + name Black +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description B-SPINE1 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet2 + description B-SPINE2 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet3 + description B-SPINE3 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet4 + description B-SPINE4 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet7 + description B-SW1 + bgp session tracker TRACK-LOCAL-EVPN-PEERS + switchport trunk allowed vlan 40,80 + switchport mode trunk + ! + evpn ethernet-segment + identifier 0000:000b:0005:0006:0007 + redundancy single-active + designated-forwarder election algorithm preference 1000 + route-target import 0b:05:06:00:00:07 + spanning-tree portfast + spanning-tree bpduguard disable +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.2.6/32 + isis enable 100 + isis circuit-type level-2 +! +interface Loopback1 + description VTEP IP + ip address 2.2.2.6/32 + isis enable 100 + isis circuit-type level-2 +! +interface Loopback101 + vrf PROD + ip address 10.101.101.26/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.123/24 +! +interface Vlan40 + mtu 9014 + vrf PROD + ip igmp + pim ipv4 local-interface Loopback101 + ip address virtual 10.40.40.1/24 + ipv6 address virtual 2001:db8:40:40::1/64 +! +interface Vlan80 + mtu 9014 + vrf DEV + ip address virtual 10.80.80.1/24 + ipv6 address virtual 2001:db8:80:80::1/64 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan udp-port 4789 + vxlan vlan 40,80 vni 10040,10080 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 + vxlan vrf PROD multicast group 232.1.1.1 + vxlan vrf PROD multicast group overlay 239.0.20.101 encap 232.1.1.20 immediate +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ipv6 unicast-routing vrf DEV +ipv6 unicast-routing vrf PROD +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +router bgp 65200 + router-id 1.1.2.6 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65200 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS session tracker TRACK-LOCAL-EVPN-PEERS + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor 1.1.2.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.204 peer group LOCAL-EVPN-PEERS + ! + vlan 40 + rd 1.1.2.6:10040 + route-target both 10040:10040 + redistribute learned + ! + vlan 80 + rd 1.1.2.6:10080 + route-target both 10080:10080 + redistribute learned + ! + address-family evpn + route export ethernet-segment ip mass-withdraw + route import ethernet-segment ip mass-withdraw + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + layer-2 fec in-place update + ! + vrf DEV + rd 1.1.2.6:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + redistribute connected + ! + vrf PROD + rd 1.1.2.6:50001 + evpn multicast + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + redistribute connected + ! + session tracker TRACK-LOCAL-EVPN-PEERS + recovery delay 300 seconds +! +router isis 100 + net 49.1111.0000.0000.0006.00 + is-type level-2 + ! + address-family ipv4 unicast +! +router multicast + ipv4 + routing + software-forwarding sfe + ! + vrf PROD + ipv4 + routing +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF7.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF7.cfg new file mode 100644 index 00000000..d8893ba5 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF7.cfg @@ -0,0 +1,328 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname B-LEAF7 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001-3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 20 + name Green +! +vlan 60 + name Red +! +vlan 70 + name Brown +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description B-SPINE1 + no switchport + ip address unnumbered Loopback0 + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet2 + description B-SPINE2 + no switchport + ip address unnumbered Loopback0 + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet3 + description B-SPINE3 + no switchport + ip address unnumbered Loopback0 + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet4 + description B-SPINE4 + no switchport + ip address unnumbered Loopback0 + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet5 +! +interface Ethernet6 +! +interface Ethernet7 + no switchport + ip address 172.16.2.1/31 +! +interface Ethernet8 + no switchport + ip address 172.16.2.5/31 +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.2.7/32 + isis enable 100 + isis circuit-type level-2 +! +interface Loopback1 + description VTEP IP + ip address 2.2.2.7/32 + isis enable 100 + isis circuit-type level-2 +! +interface Management0 + vrf MGMT + ip address 172.100.100.124/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + ip address virtual 10.10.10.1/24 + ipv6 address virtual 2001:db8:10:10::1/64 +! +interface Vlan20 + mtu 9014 + vrf PROD + ip address virtual 10.20.20.1/24 + ipv6 address virtual 2001:db8:20:20::1/64 +! +interface Vlan60 + mtu 9014 + vrf DEV + ip address virtual 10.60.60.1/24 + ipv6 address virtual 2001:db8:60:60::1/64 +! +interface Vlan70 + mtu 9014 + vrf DEV + ip address virtual 10.70.70.1/24 + ipv6 address virtual 2001:db8:70:70::1/64 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan udp-port 4789 + vxlan vlan 10,20,60,70 vni 10010,10020,10060,10070 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ip prefix-list PL-GATEWAY-LOOP + seq 10 permit 1.1.2.7/32 + seq 20 permit 1.1.2.8/32 + seq 30 permit 2.2.2.7/32 + seq 40 permit 2.2.2.8/32 +! +ipv6 unicast-routing vrf DEV +ipv6 unicast-routing vrf PROD +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +router bgp 65200 + router-id 1.1.2.7 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + bgp bestpath d-path + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65200 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS route-reflector-client + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor REMOTE-EVPN-PEERS peer group + neighbor REMOTE-EVPN-PEERS remote-as 65000 + neighbor REMOTE-EVPN-PEERS local-as 65000 no-prepend replace-as + neighbor REMOTE-EVPN-PEERS update-source Loopback0 + neighbor REMOTE-EVPN-PEERS route-reflector-client + neighbor REMOTE-EVPN-PEERS password 7 IO6gE/ln7Sp2wt33WX/Asg== + neighbor REMOTE-IPV4-PEERS peer group + neighbor REMOTE-IPV4-PEERS remote-as 65000 + neighbor REMOTE-IPV4-PEERS password 7 dkvBq1jk4inJHsHfMjYRnQ== + neighbor 1.1.0.1 peer group REMOTE-EVPN-PEERS + neighbor 1.1.0.2 peer group REMOTE-EVPN-PEERS + neighbor 1.1.2.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.204 peer group LOCAL-EVPN-PEERS + neighbor 172.16.2.0 peer group REMOTE-IPV4-PEERS + neighbor 172.16.2.4 peer group REMOTE-IPV4-PEERS + ! + vlan 10 + rd evpn domain all 1.1.2.7:10010 + route-target import export evpn domain all 10010:10010 + ! + vlan 20 + rd evpn domain all 1.1.2.7:10020 + route-target import export evpn domain all 10020:10020 + ! + vlan 60 + rd evpn domain all 1.1.2.7:10060 + route-target import export evpn domain all 10060:10060 + ! + vlan 70 + rd evpn domain all 1.1.2.7:10070 + route-target import export evpn domain all 10070:10070 + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + neighbor LOCAL-EVPN-PEERS rcf in AS65200_IN_EVPN() + neighbor LOCAL-EVPN-PEERS rcf out AS65200_OUT_EVPN() + neighbor REMOTE-EVPN-PEERS activate + neighbor REMOTE-EVPN-PEERS rcf in AS65000_IN_EVPN() + neighbor REMOTE-EVPN-PEERS rcf out AS65000_OUT_EVPN() + neighbor REMOTE-EVPN-PEERS domain remote + domain identifier 2:2 + domain identifier 99:99 remote + route import match-failure action discard + neighbor default next-hop-self received-evpn-routes route-type ip-prefix inter-domain + layer-2 fec in-place update + ! + evpn ethernet-segment domain all + identifier 0000:bbbb:0007:0008:0000 + designated-forwarder election algorithm preference 2000 + route-target import 00:bb:bb:07:08:00 + ! + address-family ipv4 + neighbor REMOTE-IPV4-PEERS activate + neighbor REMOTE-IPV4-PEERS rcf out AS65000_OUT_IPV4() + redistribute connected + ! + vrf DEV + rd 1.1.2.7:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + ! + vrf PROD + rd 1.1.2.7:50001 + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 +! +router general + control-functions + code + #################################### + #################################### + # Reusable functions # + #################################### + #################################### + function PREFIX_ROUTE() { + return evpn.route_type is EVPN_IP_PREFIX; + } + function IMET_ROUTE() { + return evpn.route_type is EVPN_IMET; + } + function FROM_GW_PEER() { + return community has_any {2:2}; + } + function GW_LOOPBACK() { + return prefix match prefix_list_v4 PL-GATEWAY-LOOP; + } + ############################################ + ############################################ + # IPv4 Unicast Address Family Functions # + ############################################ + ############################################ + function AS65000_OUT_IPV4() { #(1)! + if GW_LOOPBACK(){ + return true; + } + return false; + } + #################################### + #################################### + # EVPN Address Family Functions # + #################################### + #################################### + function AS65000_OUT_EVPN() { #(2)! + if IMET_ROUTE() or PREFIX_ROUTE(){ + community add {2:2}; + } + return true; + } + # + # + function AS65000_IN_EVPN() { #(3)! + if (IMET_ROUTE() or PREFIX_ROUTE()) and FROM_GW_PEER() { + return false; + } + return true; + } + # + # + function AS65200_OUT_EVPN() { #(4)! + if PREFIX_ROUTE(){ + community add {2:2}; + } + return true; + } + # + # + function AS65200_IN_EVPN() { #(5)! + if PREFIX_ROUTE() and FROM_GW_PEER() { + return false; + } + return true; + } + # + EOF +! +router isis 100 + net 49.1111.0000.0000.0007.00 + is-type level-2 + ! + address-family ipv4 unicast +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF8.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF8.cfg new file mode 100644 index 00000000..2a854d6b --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-LEAF8.cfg @@ -0,0 +1,328 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname B-LEAF8 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001-3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 20 + name Green +! +vlan 60 + name Red +! +vlan 70 + name Brown +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description B-SPINE1 + no switchport + ip address unnumbered Loopback0 + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet2 + description B-SPINE2 + no switchport + ip address unnumbered Loopback0 + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet3 + description B-SPINE3 + no switchport + ip address unnumbered Loopback0 + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet4 + description B-SPINE4 + no switchport + ip address unnumbered Loopback0 + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet5 +! +interface Ethernet6 +! +interface Ethernet7 + no switchport + ip address 172.16.2.3/31 +! +interface Ethernet8 + no switchport + ip address 172.16.2.7/31 +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.2.8/32 + isis enable 100 + isis circuit-type level-2 +! +interface Loopback1 + description VTEP IP + ip address 2.2.2.8/32 + isis enable 100 + isis circuit-type level-2 +! +interface Management0 + vrf MGMT + ip address 172.100.100.125/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + ip address virtual 10.10.10.1/24 + ipv6 address virtual 2001:db8:10:10::1/64 +! +interface Vlan20 + mtu 9014 + vrf PROD + ip address virtual 10.20.20.1/24 + ipv6 address virtual 2001:db8:20:20::1/64 +! +interface Vlan60 + mtu 9014 + vrf DEV + ip address virtual 10.60.60.1/24 + ipv6 address virtual 2001:db8:60:60::1/64 +! +interface Vlan70 + mtu 9014 + vrf DEV + ip address virtual 10.70.70.1/24 + ipv6 address virtual 2001:db8:70:70::1/64 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan udp-port 4789 + vxlan vlan 10,20,60,70 vni 10010,10020,10060,10070 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ip prefix-list PL-GATEWAY-LOOP + seq 10 permit 1.1.2.7/32 + seq 20 permit 1.1.2.8/32 + seq 30 permit 2.2.2.7/32 + seq 40 permit 2.2.2.8/32 +! +ipv6 unicast-routing vrf DEV +ipv6 unicast-routing vrf PROD +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +router bgp 65200 + router-id 1.1.2.8 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + bgp bestpath d-path + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65200 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS route-reflector-client + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor REMOTE-EVPN-PEERS peer group + neighbor REMOTE-EVPN-PEERS remote-as 65000 + neighbor REMOTE-EVPN-PEERS local-as 65000 no-prepend replace-as + neighbor REMOTE-EVPN-PEERS update-source Loopback0 + neighbor REMOTE-EVPN-PEERS route-reflector-client + neighbor REMOTE-EVPN-PEERS password 7 IO6gE/ln7Sp2wt33WX/Asg== + neighbor REMOTE-IPV4-PEERS peer group + neighbor REMOTE-IPV4-PEERS remote-as 65000 + neighbor REMOTE-IPV4-PEERS password 7 dkvBq1jk4inJHsHfMjYRnQ== + neighbor 1.1.0.1 peer group REMOTE-EVPN-PEERS + neighbor 1.1.0.2 peer group REMOTE-EVPN-PEERS + neighbor 1.1.2.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.2.204 peer group LOCAL-EVPN-PEERS + neighbor 172.16.2.2 peer group REMOTE-IPV4-PEERS + neighbor 172.16.2.6 peer group REMOTE-IPV4-PEERS + ! + vlan 10 + rd evpn domain all 1.1.2.8:10010 + route-target import export evpn domain all 10010:10010 + ! + vlan 20 + rd evpn domain all 1.1.2.8:10020 + route-target import export evpn domain all 10020:10020 + ! + vlan 60 + rd evpn domain all 1.1.2.8:10060 + route-target import export evpn domain all 10060:10060 + ! + vlan 70 + rd evpn domain all 1.1.2.8:10070 + route-target import export evpn domain all 10070:10070 + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + neighbor LOCAL-EVPN-PEERS rcf in AS65200_IN_EVPN() + neighbor LOCAL-EVPN-PEERS rcf out AS65200_OUT_EVPN() + neighbor REMOTE-EVPN-PEERS activate + neighbor REMOTE-EVPN-PEERS rcf in AS65000_IN_EVPN() + neighbor REMOTE-EVPN-PEERS rcf out AS65000_OUT_EVPN() + neighbor REMOTE-EVPN-PEERS domain remote + domain identifier 2:2 + domain identifier 99:99 remote + route import match-failure action discard + neighbor default next-hop-self received-evpn-routes route-type ip-prefix inter-domain + layer-2 fec in-place update + ! + evpn ethernet-segment domain all + identifier 0000:bbbb:0007:0008:0000 + designated-forwarder election algorithm preference 1000 + route-target import 00:bb:bb:07:08:00 + ! + address-family ipv4 + neighbor REMOTE-IPV4-PEERS activate + neighbor REMOTE-IPV4-PEERS rcf out AS65000_OUT_IPV4() + redistribute connected + ! + vrf DEV + rd 1.1.2.8:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + ! + vrf PROD + rd 1.1.2.8:50001 + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 +! +router general + control-functions + code + #################################### + #################################### + # Reusable functions # + #################################### + #################################### + function PREFIX_ROUTE() { + return evpn.route_type is EVPN_IP_PREFIX; + } + function IMET_ROUTE() { + return evpn.route_type is EVPN_IMET; + } + function FROM_GW_PEER() { + return community has_any {2:2}; + } + function GW_LOOPBACK() { + return prefix match prefix_list_v4 PL-GATEWAY-LOOP; + } + ############################################ + ############################################ + # IPv4 Unicast Address Family Functions # + ############################################ + ############################################ + function AS65000_OUT_IPV4() { #(1)! + if GW_LOOPBACK(){ + return true; + } + return false; + } + #################################### + #################################### + # EVPN Address Family Functions # + #################################### + #################################### + function AS65000_OUT_EVPN() { #(2)! + if IMET_ROUTE() or PREFIX_ROUTE(){ + community add {2:2}; + } + return true; + } + # + # + function AS65000_IN_EVPN() { #(3)! + if (IMET_ROUTE() or PREFIX_ROUTE()) and FROM_GW_PEER() { + return false; + } + return true; + } + # + # + function AS65200_OUT_EVPN() { #(4)! + if PREFIX_ROUTE(){ + community add {2:2}; + } + return true; + } + # + # + function AS65200_IN_EVPN() { #(5)! + if PREFIX_ROUTE() and FROM_GW_PEER() { + return false; + } + return true; + } + # + EOF +! +router isis 100 + net 49.1111.0000.0000.0008.00 + is-type level-2 + ! + address-family ipv4 unicast +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-SPINE1.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-SPINE1.cfg new file mode 100644 index 00000000..ead1d6a6 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-SPINE1.cfg @@ -0,0 +1,158 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname B-SPINE1 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description B-LEAF1 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet2 + description B-LEAF2 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet3 + description B-LEAF3 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet4 + description B-LEAF4 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet5 + description B-LEAF5 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet6 + description B-LEAF6 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet7 + description B-LEAF7 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet8 + description B-LEAF8 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.2.201/32 + isis enable 100 + isis circuit-type level-2 +! +interface Management0 + vrf MGMT + ip address 172.100.100.114/24 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +router bgp 65200 + router-id 1.1.2.201 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + bgp cluster-id 1.1.2.205 + graceful-restart + maximum-paths 4 + bgp listen range 1.1.2.0/24 peer-group LOCAL-EVPN-PEERS remote-as 65200 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS route-reflector-client + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate +! +router isis 100 + net 49.1111.0000.0000.0201.00 + is-type level-2 + ! + address-family ipv4 unicast +! +router multicast + ipv4 + routing + software-forwarding sfe +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-SPINE2.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-SPINE2.cfg new file mode 100644 index 00000000..232b3910 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-SPINE2.cfg @@ -0,0 +1,158 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname B-SPINE2 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description B-LEAF1 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet2 + description B-LEAF2 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet3 + description B-LEAF3 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet4 + description B-LEAF4 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet5 + description B-LEAF5 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet6 + description B-LEAF6 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet7 + description B-LEAF7 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet8 + description B-LEAF8 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.2.202/32 + isis enable 100 + isis circuit-type level-2 +! +interface Management0 + vrf MGMT + ip address 172.100.100.115/24 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +router bgp 65200 + router-id 1.1.2.202 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + bgp cluster-id 1.1.2.205 + graceful-restart + maximum-paths 4 + bgp listen range 1.1.2.0/24 peer-group LOCAL-EVPN-PEERS remote-as 65200 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS route-reflector-client + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate +! +router isis 100 + net 49.1111.0000.0000.0202.00 + is-type level-2 + ! + address-family ipv4 unicast +! +router multicast + ipv4 + routing + software-forwarding sfe +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-SPINE3.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-SPINE3.cfg new file mode 100644 index 00000000..a7ad4d77 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-SPINE3.cfg @@ -0,0 +1,158 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname B-SPINE3 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description B-LEAF1 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet2 + description B-LEAF2 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet3 + description B-LEAF3 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet4 + description B-LEAF4 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet5 + description B-LEAF5 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet6 + description B-LEAF6 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet7 + description B-LEAF7 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet8 + description B-LEAF8 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.2.203/32 + isis enable 100 + isis circuit-type level-2 +! +interface Management0 + vrf MGMT + ip address 172.100.100.116/24 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +router bgp 65200 + router-id 1.1.2.203 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + bgp cluster-id 1.1.2.205 + graceful-restart + maximum-paths 4 + bgp listen range 1.1.2.0/24 peer-group LOCAL-EVPN-PEERS remote-as 65200 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS route-reflector-client + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate +! +router isis 100 + net 49.1111.0000.0000.0203.00 + is-type level-2 + ! + address-family ipv4 unicast +! +router multicast + ipv4 + routing + software-forwarding sfe +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-SPINE4.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-SPINE4.cfg new file mode 100644 index 00000000..04af0db5 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-SPINE4.cfg @@ -0,0 +1,158 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname B-SPINE4 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description B-LEAF1 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet2 + description B-LEAF2 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet3 + description B-LEAF3 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet4 + description B-LEAF4 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet5 + description B-LEAF5 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet6 + description B-LEAF6 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet7 + description B-LEAF7 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Ethernet8 + description B-LEAF8 + no switchport + ip address unnumbered Loopback0 + pim ipv4 sparse-mode + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.2.204/32 + isis enable 100 + isis circuit-type level-2 +! +interface Management0 + vrf MGMT + ip address 172.100.100.117/24 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +router bgp 65200 + router-id 1.1.2.204 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + bgp cluster-id 1.1.2.205 + graceful-restart + maximum-paths 4 + bgp listen range 1.1.2.0/24 peer-group LOCAL-EVPN-PEERS remote-as 65200 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS route-reflector-client + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate +! +router isis 100 + net 49.1111.0000.0000.0204.00 + is-type level-2 + ! + address-family ipv4 unicast +! +router multicast + ipv4 + routing + software-forwarding sfe +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-SW1.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-SW1.cfg new file mode 100644 index 00000000..68446186 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/B-SW1.cfg @@ -0,0 +1,67 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname B-SW1 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 40 + name Purple +! +vlan 80 + name Black +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + switchport mode trunk +! +interface Ethernet2 + switchport mode trunk +! +interface Ethernet3 + description HostL + switchport access vlan 40 + spanning-tree portfast +! +interface Ethernet4 + description HostM + switchport access vlan 80 + spanning-tree portfast +! +interface Management0 + vrf MGMT + ip address 172.100.100.139/24 +! +ip routing +no ip routing vrf MGMT +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/BB1.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/BB1.cfg new file mode 100644 index 00000000..9ccacf58 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/BB1.cfg @@ -0,0 +1,124 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname BB1 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + mtu 9214 + no switchport + ip address 172.16.1.0/31 +! +interface Ethernet2 + mtu 9214 + no switchport + ip address 172.16.1.2/31 +! +interface Ethernet3 + mtu 9214 + no switchport + ip address 172.16.2.0/31 +! +interface Ethernet4 + mtu 9214 + no switchport + ip address 172.16.2.2/31 +! +interface Ethernet5 + mtu 9214 + no switchport + ip address 172.16.3.0/31 +! +interface Ethernet6 + mtu 9214 + no switchport + ip address 172.16.3.2/31 +! +interface Ethernet7 + mtu 9214 + no switchport + ip address 172.16.4.0/31 +! +interface Ethernet8 + mtu 9214 + no switchport + ip address 172.16.4.2/31 +! +interface Ethernet9 + mtu 9214 + no switchport + ip address 172.16.255.0/31 +! +interface Loopback0 + ip address 1.1.0.1/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.138/24 +! +ip routing +no ip routing vrf MGMT +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +peer-filter DC-ASN-RANGE + 10 match as-range 65100-65499 result accept +! +router bgp 65000 + router-id 1.1.0.1 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + bgp cluster-id 1.1.0.0 + graceful-restart + maximum-paths 4 + bgp listen range 1.1.0.0/16 peer-group EVPN-GW-PEERS remote-as 65000 + bgp listen range 172.16.0.0/16 peer-group IP-TRANSPORT-CLIENTS peer-filter DC-ASN-RANGE + neighbor default send-community + neighbor EVPN-GW-PEERS peer group + neighbor EVPN-GW-PEERS next-hop-unchanged + neighbor EVPN-GW-PEERS update-source Loopback0 + neighbor EVPN-GW-PEERS ebgp-multihop 5 + neighbor EVPN-GW-PEERS route-reflector-client + neighbor EVPN-GW-PEERS password 7 hBArOS+tjuUeTz8PN9pwMA== + neighbor IP-TRANSPORT-CLIENTS peer group + neighbor IP-TRANSPORT-CLIENTS route-reflector-client + neighbor IP-TRANSPORT-CLIENTS password 7 uJNz72DuFXan+gkG/U30PQ== + ! + address-family evpn + neighbor EVPN-GW-PEERS activate + ! + address-family ipv4 + neighbor IP-TRANSPORT-CLIENTS activate + network 1.1.0.1/32 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/BB2.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/BB2.cfg new file mode 100644 index 00000000..ab1ffb8b --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/BB2.cfg @@ -0,0 +1,124 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname BB2 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + mtu 9214 + no switchport + ip address 172.16.1.4/31 +! +interface Ethernet2 + mtu 9214 + no switchport + ip address 172.16.1.6/31 +! +interface Ethernet3 + mtu 9214 + no switchport + ip address 172.16.2.4/31 +! +interface Ethernet4 + mtu 9214 + no switchport + ip address 172.16.2.6/31 +! +interface Ethernet5 + mtu 9214 + no switchport + ip address 172.16.3.4/31 +! +interface Ethernet6 + mtu 9214 + no switchport + ip address 172.16.3.6/31 +! +interface Ethernet7 + mtu 9214 + no switchport + ip address 172.16.4.4/31 +! +interface Ethernet8 + mtu 9214 + no switchport + ip address 172.16.4.6/31 +! +interface Ethernet9 + mtu 9214 + no switchport + ip address 172.16.255.1/31 +! +interface Loopback0 + ip address 1.1.0.2/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.126/24 +! +ip routing +no ip routing vrf MGMT +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +peer-filter DC-ASN-RANGE + 10 match as-range 65100-65499 result accept +! +router bgp 65000 + router-id 1.1.0.2 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + bgp cluster-id 1.1.0.0 + graceful-restart + maximum-paths 4 + bgp listen range 1.1.0.0/16 peer-group EVPN-GW-PEERS remote-as 65000 + bgp listen range 172.16.0.0/16 peer-group IP-TRANSPORT-CLIENTS peer-filter DC-ASN-RANGE + neighbor default send-community + neighbor EVPN-GW-PEERS peer group + neighbor EVPN-GW-PEERS next-hop-unchanged + neighbor EVPN-GW-PEERS update-source Loopback0 + neighbor EVPN-GW-PEERS ebgp-multihop 5 + neighbor EVPN-GW-PEERS route-reflector-client + neighbor EVPN-GW-PEERS password 7 hBArOS+tjuUeTz8PN9pwMA== + neighbor IP-TRANSPORT-CLIENTS peer group + neighbor IP-TRANSPORT-CLIENTS route-reflector-client + neighbor IP-TRANSPORT-CLIENTS password 7 uJNz72DuFXan+gkG/U30PQ== + ! + address-family evpn + neighbor EVPN-GW-PEERS activate + ! + address-family ipv4 + neighbor IP-TRANSPORT-CLIENTS activate + network 1.1.0.2/32 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF1.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF1.cfg new file mode 100644 index 00000000..50eeec52 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF1.cfg @@ -0,0 +1,160 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname C-LEAF1 +ip name-server vrf MGMT 8.8.8.8 +! +router l2-vpn + arp learning bridged +! +spanning-tree mode mstp +no spanning-tree vlan-id 4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 4093-4094 + trunk group MLAG_PEER +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel7 + description HostN + switchport access vlan 10 + mlag 7 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + description C-SPINE1 + no switchport + ip address 192.168.0.1/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet2 + description C-SPINE2 + no switchport + ip address 192.168.0.17/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + channel-group 7 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.3.1/32 + ip ospf area 0.0.0.0 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.3.1/32 + ip ospf area 0.0.0.0 +! +interface Management0 + vrf MGMT + ip address 172.100.100.129/24 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.0/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.1/30 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 10 vni 10010 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.2 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +router bgp 65312 + router-id 1.1.3.1 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 2 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65300 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor 1.1.3.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.3.201 description C-SPINE1.EVPN + neighbor 1.1.3.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.3.202 description C-SPINE2.EVPN + ! + vlan 10 + rd 1.1.3.1:10010 + route-target both 10010:10010 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard +! +router ospf 100 + router-id 1.1.3.1 + max-lsa 12000 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF2.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF2.cfg new file mode 100644 index 00000000..d18401cb --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF2.cfg @@ -0,0 +1,160 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname C-LEAF2 +ip name-server vrf MGMT 8.8.8.8 +! +router l2-vpn + arp learning bridged +! +spanning-tree mode mstp +no spanning-tree vlan-id 4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 4093-4094 + trunk group MLAG_PEER +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel7 + description HostN + switchport access vlan 10 + mlag 7 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + description C-SPINE1 + no switchport + ip address 192.168.0.3/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet2 + description C-SPINE2 + no switchport + ip address 192.168.0.19/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + channel-group 7 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.3.2/32 + ip ospf area 0.0.0.0 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.3.1/32 + ip ospf area 0.0.0.0 +! +interface Management0 + vrf MGMT + ip address 172.100.100.130/24 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.1/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.2/30 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 10 vni 10010 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.1 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +router bgp 65312 + router-id 1.1.3.2 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 2 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65300 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor 1.1.3.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.3.201 description C-SPINE1.EVPN + neighbor 1.1.3.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.3.202 description C-SPINE2.EVPN + ! + vlan 10 + rd 1.1.3.2:10010 + route-target both 10010:10010 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard +! +router ospf 100 + router-id 1.1.3.2 + max-lsa 12000 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF3.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF3.cfg new file mode 100644 index 00000000..aeef63f2 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF3.cfg @@ -0,0 +1,181 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname C-LEAF3 +ip name-server vrf MGMT 8.8.8.8 +! +router l2-vpn + arp learning bridged +! +spanning-tree mode mstp +no spanning-tree vlan-id 4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 20 + name Green +! +vlan 50 + name Yellow +! +vlan 60 + name Red +! +vlan 4093-4094 + trunk group MLAG_PEER +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel8 + description HostP + switchport access vlan 60 + mlag 8 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + description C-SPINE1 + no switchport + ip address 192.168.0.5/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet2 + description C-SPINE2 + no switchport + ip address 192.168.0.21/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + description HostO + switchport access vlan 20 + spanning-tree portfast +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.3.3/32 + ip ospf area 0.0.0.0 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.3.3/32 + ip ospf area 0.0.0.0 +! +interface Management0 + vrf MGMT + ip address 172.100.100.131/24 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.0/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.1/30 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 20,50,60 vni 10020,10050,10060 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.2 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +router bgp 65334 + router-id 1.1.3.3 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 2 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65300 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor 1.1.3.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.3.201 description C-SPINE1.EVPN + neighbor 1.1.3.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.3.202 description C-SPINE2.EVPN + ! + vlan 20 + rd 1.1.3.3:10020 + route-target both 10020:10020 + redistribute learned + ! + vlan 50 + rd 1.1.3.3:10050 + route-target both 10050:10050 + redistribute learned + ! + vlan 60 + rd 1.1.3.3:10060 + route-target both 10060:10060 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard +! +router ospf 100 + router-id 1.1.3.3 + max-lsa 12000 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF4.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF4.cfg new file mode 100644 index 00000000..603cdd55 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF4.cfg @@ -0,0 +1,181 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname C-LEAF4 +ip name-server vrf MGMT 8.8.8.8 +! +router l2-vpn + arp learning bridged +! +spanning-tree mode mstp +no spanning-tree vlan-id 4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 20 + name Green +! +vlan 50 + name Yellow +! +vlan 60 + name Red +! +vlan 4093-4094 + trunk group MLAG_PEER +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel8 + description HostP + switchport access vlan 60 + mlag 8 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + description C-SPINE1 + no switchport + ip address 192.168.0.7/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet2 + description C-SPINE2 + no switchport + ip address 192.168.0.23/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + description HostQ + switchport access vlan 50 + spanning-tree portfast +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.3.4/32 + ip ospf area 0.0.0.0 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.3.3/32 + ip ospf area 0.0.0.0 +! +interface Management0 + vrf MGMT + ip address 172.100.100.132/24 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.1/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.2/30 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 20,50,60 vni 10020,10050,10060 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.1 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +router bgp 65334 + router-id 1.1.3.4 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 2 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65300 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor 1.1.3.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.3.201 description C-SPINE1.EVPN + neighbor 1.1.3.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.3.202 description C-SPINE2.EVPN + ! + vlan 20 + rd 1.1.3.4:10020 + route-target both 10020:10020 + redistribute learned + ! + vlan 50 + rd 1.1.3.4:10050 + route-target both 10050:10050 + redistribute learned + ! + vlan 60 + rd 1.1.3.4:10060 + route-target both 10060:10060 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard +! +router ospf 100 + router-id 1.1.3.4 + max-lsa 12000 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF5.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF5.cfg new file mode 100644 index 00000000..c2b6e522 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF5.cfg @@ -0,0 +1,177 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname C-LEAF5 +ip name-server vrf MGMT 8.8.8.8 +! +router l2-vpn + arp learning bridged +! +spanning-tree mode mstp +no spanning-tree vlan-id 4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 20 + name Green +! +vlan 60 + name Red +! +vlan 4093-4094 + trunk group MLAG_PEER +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel7 + description HostR + switchport access vlan 20 + mlag 7 + spanning-tree portfast +! +interface Port-Channel8 + description HostS + switchport access vlan 60 + mlag 8 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + description C-SPINE1 + no switchport + ip address 192.168.0.9/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet2 + description C-SPINE2 + no switchport + ip address 192.168.0.25/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + channel-group 7 mode active +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.3.5/32 + ip ospf area 0.0.0.0 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.3.5/32 + ip ospf area 0.0.0.0 +! +interface Management0 + vrf MGMT + ip address 172.100.100.133/24 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.0/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.1/30 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 20,60 vni 10020,10060 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.2 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +router bgp 65356 + router-id 1.1.3.5 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 2 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65300 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor 1.1.3.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.3.201 description C-SPINE1.EVPN + neighbor 1.1.3.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.3.202 description C-SPINE2.EVPN + ! + vlan 20 + rd 1.1.3.5:10020 + route-target both 10020:10020 + redistribute learned + ! + vlan 60 + rd 1.1.3.5:10060 + route-target both 10060:10060 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard +! +router ospf 100 + router-id 1.1.3.5 + max-lsa 12000 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF6.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF6.cfg new file mode 100644 index 00000000..bb729b05 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF6.cfg @@ -0,0 +1,177 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname C-LEAF6 +ip name-server vrf MGMT 8.8.8.8 +! +router l2-vpn + arp learning bridged +! +spanning-tree mode mstp +no spanning-tree vlan-id 4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 20 + name Green +! +vlan 60 + name Red +! +vlan 4093-4094 + trunk group MLAG_PEER +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel7 + description HostR + switchport access vlan 20 + mlag 7 + spanning-tree portfast +! +interface Port-Channel8 + description HostS + switchport access vlan 60 + mlag 8 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + description C-SPINE1 + no switchport + ip address 192.168.0.11/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet2 + description C-SPINE2 + no switchport + ip address 192.168.0.27/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + channel-group 7 mode active +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.3.6/32 + ip ospf area 0.0.0.0 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.3.5/32 + ip ospf area 0.0.0.0 +! +interface Management0 + vrf MGMT + ip address 172.100.100.134/24 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.1/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.2/30 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 20,60 vni 10020,10060 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.1 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +router bgp 65356 + router-id 1.1.3.6 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 2 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65300 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor 1.1.3.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.3.201 description C-SPINE1.EVPN + neighbor 1.1.3.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.3.202 description C-SPINE2.EVPN + ! + vlan 20 + rd 1.1.3.6:10020 + route-target both 10020:10020 + redistribute learned + ! + vlan 60 + rd 1.1.3.6:10060 + route-target both 10060:10060 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard +! +router ospf 100 + router-id 1.1.3.6 + max-lsa 12000 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF7.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF7.cfg new file mode 100644 index 00000000..22bd9a77 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF7.cfg @@ -0,0 +1,310 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname C-LEAF7 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001-3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 20 + name Green +! +vlan 50 + name Yellow +! +vlan 60 + name Red +! +vlan 3001 + name MLAG_PEER_VRF_PROD + trunk group MLAG_PEER +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + description C-SPINE1 + no switchport + ip address 192.168.0.13/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet2 + description C-SPINE2 + no switchport + ip address 192.168.0.29/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + description BB1 + no switchport + ip address 172.16.3.1/31 +! +interface Ethernet8 + description BB2 + no switchport + ip address 172.16.3.5/31 +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.3.7/32 + ip ospf area 0.0.0.0 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.3.7/32 + ip address 2.2.3.255/32 secondary + ip ospf area 0.0.0.0 +! +interface Management0 + vrf MGMT + ip address 172.100.100.135/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + ip address virtual 10.10.10.1/24 +! +interface Vlan20 + mtu 9014 + vrf PROD + ip address virtual 10.20.20.1/24 +! +interface Vlan50 + mtu 9014 + vrf DEV + ip address virtual 10.50.50.1/24 +! +interface Vlan60 + mtu 9014 + vrf DEV + ip address virtual 10.60.60.1/24 +! +interface Vlan3001 + description MLAG iBGP Peer - VRF PROD + no autostate + vrf PROD + ip address 192.0.0.0/31 +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ip address 192.0.0.0/31 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.0/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.1/30 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 10,20,50,60 vni 10010,10020,10050,10060 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ip prefix-list PL-GATEWAY-LOOP + seq 10 permit 2.2.3.7/32 + seq 20 permit 1.1.3.7/32 + seq 30 permit 1.1.3.8/32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.2 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-AS65000-IPV4-OUT permit 10 + match ip address prefix-list PL-GATEWAY-LOOP +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65378 + router-id 1.1.3.7 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 2 + bgp bestpath d-path + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65300 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor MLAG-IPV4-PEER peer group + neighbor MLAG-IPV4-PEER remote-as 65378 + neighbor MLAG-IPV4-PEER next-hop-self + neighbor MLAG-IPV4-PEER route-map RM-MLAG-PEER-OUT out + neighbor MLAG-IPV4-PEER password 7 CRkxra9QRmU5k9/wECPlUA== + neighbor REMOTE-EVPN-PEERS peer group + neighbor REMOTE-EVPN-PEERS remote-as 65000 + neighbor REMOTE-EVPN-PEERS local-as 65000 no-prepend replace-as + neighbor REMOTE-EVPN-PEERS update-source Loopback0 + neighbor REMOTE-EVPN-PEERS password 7 IO6gE/ln7Sp2wt33WX/Asg== + neighbor REMOTE-IPV4-PEERS peer group + neighbor REMOTE-IPV4-PEERS remote-as 65000 + neighbor REMOTE-IPV4-PEERS route-map RM-AS65000-IPV4-OUT out + neighbor REMOTE-IPV4-PEERS password 7 dkvBq1jk4inJHsHfMjYRnQ== + neighbor 1.1.0.1 peer group REMOTE-EVPN-PEERS + neighbor 1.1.0.2 peer group REMOTE-EVPN-PEERS + neighbor 1.1.3.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.3.202 peer group LOCAL-EVPN-PEERS + neighbor 172.16.3.0 peer group REMOTE-IPV4-PEERS + neighbor 172.16.3.4 peer group REMOTE-IPV4-PEERS + ! + vlan 10 + rd evpn domain all 1.1.3.7:10010 + route-target import export evpn domain all 10010:10010 + ! + vlan 20 + rd evpn domain all 1.1.3.7:10020 + route-target import export evpn domain all 10020:10020 + ! + vlan 50 + rd evpn domain all 1.1.3.7:10050 + route-target import export evpn domain all 10050:10050 + ! + vlan 60 + rd evpn domain all 1.1.3.7:10060 + route-target import export evpn domain all 10060:10060 + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + neighbor REMOTE-EVPN-PEERS activate + neighbor REMOTE-EVPN-PEERS domain remote + domain identifier 3:3 + domain identifier 99:99 remote + route import match-failure action discard + neighbor default next-hop-self received-evpn-routes route-type ip-prefix inter-domain + ! + address-family ipv4 + neighbor REMOTE-IPV4-PEERS activate + network 1.1.3.7/32 + network 1.1.3.8/32 + network 2.2.3.7/32 + ! + vrf DEV + rd 1.1.3.7:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.1 activate + ! + vrf PROD + rd 1.1.3.7:50001 + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + neighbor 192.0.0.1 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.1 activate +! +router ospf 100 + router-id 1.1.3.7 + max-lsa 12000 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF8.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF8.cfg new file mode 100644 index 00000000..b6dddcff --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-LEAF8.cfg @@ -0,0 +1,310 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname C-LEAF8 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001-3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 20 + name Green +! +vlan 50 + name Yellow +! +vlan 60 + name Red +! +vlan 3001 + name MLAG_PEER_VRF_PROD + trunk group MLAG_PEER +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + description C-SPINE1 + no switchport + ip address 192.168.0.15/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet2 + description C-SPINE2 + no switchport + ip address 192.168.0.31/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + description BB1 + no switchport + ip address 172.16.3.3/31 +! +interface Ethernet8 + description BB2 + no switchport + ip address 172.16.3.7/31 +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.3.8/32 + ip ospf area 0.0.0.0 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.3.7/32 + ip address 2.2.3.255/32 secondary + ip ospf area 0.0.0.0 +! +interface Management0 + vrf MGMT + ip address 172.100.100.136/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + ip address virtual 10.10.10.1/24 +! +interface Vlan20 + mtu 9014 + vrf PROD + ip address virtual 10.20.20.1/24 +! +interface Vlan50 + mtu 9014 + vrf DEV + ip address virtual 10.50.50.1/24 +! +interface Vlan60 + mtu 9014 + vrf DEV + ip address virtual 10.60.60.1/24 +! +interface Vlan3001 + description MLAG iBGP Peer - VRF PROD + no autostate + vrf PROD + ip address 192.0.0.1/31 +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ip address 192.0.0.1/31 +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ip address 192.0.0.1/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ip address 169.254.0.2/30 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 10,20,50,60 vni 10010,10020,10050,10060 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ip prefix-list PL-GATEWAY-LOOP + seq 10 permit 2.2.3.7/32 + seq 20 permit 1.1.3.7/32 + seq 30 permit 1.1.3.8/32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 169.254.0.1 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-AS65000-IPV4-OUT permit 10 + match ip address prefix-list PL-GATEWAY-LOOP +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65378 + router-id 1.1.3.8 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 2 + bgp bestpath d-path + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65300 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor MLAG-IPV4-PEER peer group + neighbor MLAG-IPV4-PEER remote-as 65378 + neighbor MLAG-IPV4-PEER next-hop-self + neighbor MLAG-IPV4-PEER route-map RM-MLAG-PEER-OUT out + neighbor MLAG-IPV4-PEER password 7 CRkxra9QRmU5k9/wECPlUA== + neighbor REMOTE-EVPN-PEERS peer group + neighbor REMOTE-EVPN-PEERS remote-as 65000 + neighbor REMOTE-EVPN-PEERS local-as 65000 no-prepend replace-as + neighbor REMOTE-EVPN-PEERS update-source Loopback0 + neighbor REMOTE-EVPN-PEERS password 7 IO6gE/ln7Sp2wt33WX/Asg== + neighbor REMOTE-IPV4-PEERS peer group + neighbor REMOTE-IPV4-PEERS remote-as 65000 + neighbor REMOTE-IPV4-PEERS route-map RM-AS65000-IPV4-OUT out + neighbor REMOTE-IPV4-PEERS password 7 dkvBq1jk4inJHsHfMjYRnQ== + neighbor 1.1.0.1 peer group REMOTE-EVPN-PEERS + neighbor 1.1.0.2 peer group REMOTE-EVPN-PEERS + neighbor 1.1.3.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.3.202 peer group LOCAL-EVPN-PEERS + neighbor 172.16.3.2 peer group REMOTE-IPV4-PEERS + neighbor 172.16.3.6 peer group REMOTE-IPV4-PEERS + ! + vlan 10 + rd evpn domain all 1.1.3.8:10010 + route-target import export evpn domain all 10010:10010 + ! + vlan 20 + rd evpn domain all 1.1.3.8:10020 + route-target import export evpn domain all 10020:10020 + ! + vlan 50 + rd evpn domain all 1.1.3.8:10050 + route-target import export evpn domain all 10050:10050 + ! + vlan 60 + rd evpn domain all 1.1.3.8:10060 + route-target import export evpn domain all 10060:10060 + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + neighbor REMOTE-EVPN-PEERS activate + neighbor REMOTE-EVPN-PEERS domain remote + domain identifier 3:3 + domain identifier 99:99 remote + route import match-failure action discard + neighbor default next-hop-self received-evpn-routes route-type ip-prefix inter-domain + ! + address-family ipv4 + neighbor REMOTE-IPV4-PEERS activate + network 1.1.3.7/32 + network 1.1.3.8/32 + network 2.2.3.7/32 + ! + vrf DEV + rd 1.1.3.8:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.0 activate + ! + vrf PROD + rd 1.1.3.8:50001 + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + neighbor 192.0.0.0 peer group MLAG-IPV4-PEER + redistribute connected route-map RM-CONN-2-BGP-VRFS + ! + address-family ipv4 + neighbor 192.0.0.0 activate +! +router ospf 100 + router-id 1.1.3.8 + max-lsa 12000 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-SPINE1.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-SPINE1.cfg new file mode 100644 index 00000000..4b542bd1 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-SPINE1.cfg @@ -0,0 +1,136 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname C-SPINE1 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description C-LEAF1 + no switchport + ip address 192.168.0.0/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet2 + description C-LEAF2 + no switchport + ip address 192.168.0.2/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet3 + description C-LEAF3 + no switchport + ip address 192.168.0.4/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet4 + description C-LEAF4 + no switchport + ip address 192.168.0.6/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet5 + description C-LEAF5 + no switchport + ip address 192.168.0.8/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet6 + description C-LEAF6 + no switchport + ip address 192.168.0.10/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet7 + description C-LEAF7 + no switchport + ip address 192.168.0.12/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet8 + description C-LEAF8 + no switchport + ip address 192.168.0.14/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Loopback0 + ip address 1.1.3.201/32 + ip ospf area 0.0.0.0 +! +interface Management0 + vrf MGMT + ip address 172.100.100.127/24 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +peer-filter LEAF-AS-RANGE + 10 match as-range 65301-65399 result accept +! +router bgp 65300 + router-id 1.1.3.201 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 2 + bgp listen range 1.1.3.0/24 peer-group LOCAL-EVPN-PEERS peer-filter LEAF-AS-RANGE + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS next-hop-unchanged + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate +! +router ospf 100 + router-id 1.1.3.201 + max-lsa 12000 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-SPINE2.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-SPINE2.cfg new file mode 100644 index 00000000..023e8a54 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/C-SPINE2.cfg @@ -0,0 +1,136 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname C-SPINE2 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description C-LEAF1 + no switchport + ip address 192.168.0.16/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet2 + description C-LEAF2 + no switchport + ip address 192.168.0.18/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet3 + description C-LEAF3 + no switchport + ip address 192.168.0.20/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet4 + description C-LEAF4 + no switchport + ip address 192.168.0.22/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet5 + description C-LEAF5 + no switchport + ip address 192.168.0.24/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet6 + description C-LEAF6 + no switchport + ip address 192.168.0.26/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet7 + description C-LEAF7 + no switchport + ip address 192.168.0.28/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Ethernet8 + description C-LEAF8 + no switchport + ip address 192.168.0.30/31 + ip ospf network point-to-point + ip ospf area 0.0.0.0 +! +interface Loopback0 + ip address 1.1.3.202/32 + ip ospf area 0.0.0.0 +! +interface Management0 + vrf MGMT + ip address 172.100.100.128/24 +! +mac address-table aging-time 1800 +! +ip routing +no ip routing vrf MGMT +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +peer-filter LEAF-AS-RANGE + 10 match as-range 65301-65399 result accept +! +router bgp 65300 + router-id 1.1.3.202 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 2 + bgp listen range 1.1.3.0/24 peer-group LOCAL-EVPN-PEERS peer-filter LEAF-AS-RANGE + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS next-hop-unchanged + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate +! +router ospf 100 + router-id 1.1.3.202 + max-lsa 12000 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF1.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF1.cfg new file mode 100644 index 00000000..5f2549f8 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF1.cfg @@ -0,0 +1,272 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname D-LEAF1 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001-3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 90 + name Pink +! +vlan 3001 + name MLAG_PEER_VRF_PROD + trunk group MLAG_PEER +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel7 + description HostD1 + switchport access vlan 10 + mlag 7 + spanning-tree portfast +! +interface Port-Channel8 + description HostD2 + switchport access vlan 90 + mlag 8 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + description D-SPINE1 + no switchport + ipv6 enable +! +interface Ethernet2 + description D-SPINE2 + no switchport + ipv6 enable +! +interface Ethernet3 + description D-SPINE3 + no switchport + ipv6 enable +! +interface Ethernet4 + description D-SPINE4 + no switchport + ipv6 enable +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + channel-group 7 mode active +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.4.1/32 + ipv6 address 2001:db8:d:1::1/128 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.4.1/32 + ipv6 address 2001:db8:d:2::1/128 +! +interface Management0 + vrf MGMT + ip address 172.100.100.144/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + ip address virtual 10.10.10.1/24 + ipv6 address virtual 2001:db8:10:10::1/64 +! +interface Vlan90 + mtu 9014 + vrf DEV + ip address virtual 10.90.90.1/24 + ipv6 address virtual 2001:db8:90:90::1/64 +! +interface Vlan3001 + description MLAG iBGP Peer - VRF PROD + no autostate + vrf PROD + ipv6 enable +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ipv6 enable +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ipv6 enable +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ipv6 address 2001:db8::1/64 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan encapsulation ipv4 ipv6 + vxlan vlan 10,90 vni 10010,10090 + vxlan vrf PROD vni 50001 +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing ipv6 interfaces +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ipv6 unicast-routing +ipv6 unicast-routing vrf DEV +ipv6 unicast-routing vrf PROD +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 2001:db8::2 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65401 + router-id 1.1.4.1 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65400 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV6-PEERS peer group + neighbor LOCAL-IPV6-PEERS password 7 nI7sLaKoXTZaU/dFFLYqCQ== + neighbor MLAG-IPV6-PEER peer group + neighbor MLAG-IPV6-PEER next-hop-self + neighbor MLAG-IPV6-PEER route-map RM-MLAG-PEER-OUT out + neighbor 2001:db8:d:1::201 peer group LOCAL-EVPN-PEERS + neighbor 2001:db8:d:1::202 peer group LOCAL-EVPN-PEERS + neighbor 2001:db8:d:1::203 peer group LOCAL-EVPN-PEERS + neighbor 2001:db8:d:1::204 peer group LOCAL-EVPN-PEERS + neighbor interface Et1-4 peer-group LOCAL-IPV6-PEERS remote-as 65400 + neighbor interface Vl4093 peer-group MLAG-IPV6-PEER remote-as 65401 + ! + vlan 10 + rd 1.1.4.1:10010 + route-target both 10010:10010 + redistribute learned + ! + vlan 90 + rd 1.1.4.1:10090 + route-target both 10090:10090 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + ! + address-family ipv4 + neighbor LOCAL-IPV6-PEERS activate + neighbor LOCAL-IPV6-PEERS next-hop address-family ipv6 originate + neighbor MLAG-IPV6-PEER activate + neighbor MLAG-IPV6-PEER next-hop address-family ipv6 originate + redistribute connected + ! + address-family ipv6 + neighbor LOCAL-IPV6-PEERS activate + neighbor MLAG-IPV6-PEER activate + redistribute connected + ! + vrf DEV + rd 1.1.4.1:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + router-id 1.1.4.1 + redistribute connected + neighbor interface Vl3002 peer-group MLAG-IPV6-PEER remote-as 65401 + ! + vrf PROD + rd 1.1.4.1:50001 + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + router-id 1.1.4.1 + redistribute connected + neighbor interface Vl3001 peer-group MLAG-IPV6-PEER remote-as 65401 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF2.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF2.cfg new file mode 100644 index 00000000..7b9239ae --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF2.cfg @@ -0,0 +1,287 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname D-LEAF2 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001-3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 90 + name Pink +! +vlan 3001 + name MLAG_PEER_VRF_PROD + trunk group MLAG_PEER +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel7 + description HostD1 + switchport access vlan 10 + mlag 7 + spanning-tree portfast +! +interface Port-Channel8 + description HostD2 + switchport access vlan 90 + mlag 8 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + description D-SPINE1 + no switchport + ipv6 enable +! +interface Ethernet2 + description D-SPINE2 + no switchport + ipv6 enable +! +interface Ethernet3 + description D-SPINE3 + no switchport + ipv6 enable +! +interface Ethernet4 + description D-SPINE4 + no switchport + ipv6 enable +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + channel-group 7 mode active +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.4.2/32 + ipv6 address 2001:db8:d:1::2/128 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.4.1/32 + ipv6 address 2001:db8:d:2::1/128 +! +interface Management0 + vrf MGMT + ip address 172.100.100.145/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + ip address virtual 10.10.10.1/24 + ipv6 address virtual 2001:db8:10:10::1/64 +! +interface Vlan90 + mtu 9014 + vrf DEV + ip address virtual 10.90.90.1/24 + ipv6 address virtual 2001:db8:90:90::1/64 +! +interface Vlan3001 + description MLAG iBGP Peer - VRF PROD + no autostate + vrf PROD + ipv6 enable +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ipv6 enable +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ipv6 enable +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ipv6 address 2001:db8::2/64 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan encapsulation ipv4 ipv6 + vxlan vlan 10,90 vni 10010,10090 + vxlan vrf PROD vni 50001 +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing ipv6 interfaces +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ip prefix-list PL-MLAG-PEER-VRFS + seq 10 permit 192.0.0.0/31 +! +ipv6 unicast-routing +ipv6 unicast-routing vrf DEV +ipv6 unicast-routing vrf PROD +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 2001:db8::1 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +route-map RM-CONN-2-BGP-VRFS deny 10 + match ip address prefix-list PL-MLAG-PEER-VRFS +! +route-map RM-CONN-2-BGP-VRFS permit 20 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65401 + router-id 1.1.4.2 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65400 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV6-PEERS peer group + neighbor LOCAL-IPV6-PEERS password 7 nI7sLaKoXTZaU/dFFLYqCQ== + neighbor MLAG-IPV6-PEER peer group + neighbor MLAG-IPV6-PEER next-hop-self + neighbor MLAG-IPV6-PEER route-map RM-MLAG-PEER-OUT out + neighbor 2001:db8:d:1::201 peer group LOCAL-EVPN-PEERS + neighbor 2001:db8:d:1::202 peer group LOCAL-EVPN-PEERS + neighbor 2001:db8:d:1::203 peer group LOCAL-EVPN-PEERS + neighbor 2001:db8:d:1::204 peer group LOCAL-EVPN-PEERS + neighbor interface Et1-4 peer-group LOCAL-IPV6-PEERS remote-as 65400 + neighbor interface Vl4093 peer-group MLAG-IPV6-PEER remote-as 65401 + ! + vlan 10 + rd 1.1.4.2:10010 + route-target both 10010:10010 + redistribute learned + ! + vlan 90 + rd 1.1.4.2:10090 + route-target both 10090:10090 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + ! + address-family ipv4 + neighbor LOCAL-IPV6-PEERS activate + neighbor LOCAL-IPV6-PEERS next-hop address-family ipv6 originate + neighbor MLAG-IPV6-PEER activate + neighbor MLAG-IPV6-PEER next-hop address-family ipv6 originate + redistribute connected + ! + address-family ipv6 + neighbor LOCAL-IPV6-PEERS activate + neighbor MLAG-IPV6-PEER activate + redistribute connected + ! + vrf DEV + rd 1.1.4.2:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + router-id 1.1.4.2 + redistribute connected + neighbor interface Vl3002 peer-group MLAG-IPV6-PEER remote-as 65401 + ! + vrf PROD + rd 1.1.4.2:50001 + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + router-id 1.1.4.2 + redistribute connected + neighbor interface Vl3001 peer-group MLAG-IPV6-PEER remote-as 65401 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF3.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF3.cfg new file mode 100644 index 00000000..9ff0b3c6 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF3.cfg @@ -0,0 +1,287 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname D-LEAF3 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001-3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 50 + name Yellow +! +vlan 90 +! +vlan 3001 + name MLAG_PEER_VRF_PROD + trunk group MLAG_PEER +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel8 + description HostD4 + switchport access vlan 10 + mlag 8 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + description D-SPINE1 + no switchport + ipv6 enable +! +interface Ethernet2 + description D-SPINE2 + no switchport + ipv6 enable +! +interface Ethernet3 + description D-SPINE3 + no switchport + ipv6 enable +! +interface Ethernet4 + description D-SPINE4 + no switchport + ipv6 enable +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + description HostD3 + switchport access vlan 50 + spanning-tree portfast +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.4.3/32 + ipv6 address 2001:db8:d:1::3/128 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.4.3/32 + ipv6 address 2001:db8:d:2::3/128 +! +interface Management0 + vrf MGMT + ip address 172.100.100.146/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + ip address virtual 10.10.10.1/24 + ipv6 address virtual 2001:db8:10:10::1/64 +! +interface Vlan50 + mtu 9014 + vrf DEV + ip address virtual 10.50.50.1/24 + ipv6 address virtual 2001:db8:50:50::1/64 +! +interface Vlan90 + mtu 9014 + vrf DEV + ip address virtual 10.90.90.1/24 + ipv6 address virtual 2001:db8:90:90::1/64 +! +interface Vlan3001 + description MLAG iBGP Peer - VRF PROD + no autostate + vrf PROD + ipv6 enable +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ipv6 enable +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ipv6 enable +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ipv6 address 2001:db8::1/64 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan encapsulation ipv4 ipv6 + vxlan vlan 10,50,90 vni 10010,10050,10090 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing ipv6 interfaces +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ipv6 unicast-routing +ipv6 unicast-routing vrf DEV +ipv6 unicast-routing vrf PROD +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 2001:db8::2 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65403 + router-id 1.1.4.3 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65400 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV6-PEERS peer group + neighbor LOCAL-IPV6-PEERS password 7 nI7sLaKoXTZaU/dFFLYqCQ== + neighbor MLAG-IPV6-PEER peer group + neighbor MLAG-IPV6-PEER next-hop-self + neighbor MLAG-IPV6-PEER route-map RM-MLAG-PEER-OUT out + neighbor 2001:db8:d:1::201 peer group LOCAL-EVPN-PEERS + neighbor 2001:db8:d:1::202 peer group LOCAL-EVPN-PEERS + neighbor 2001:db8:d:1::203 peer group LOCAL-EVPN-PEERS + neighbor 2001:db8:d:1::204 peer group LOCAL-EVPN-PEERS + neighbor interface Et1-4 peer-group LOCAL-IPV6-PEERS remote-as 65400 + neighbor interface Vl4093 peer-group MLAG-IPV6-PEER remote-as 65403 + ! + vlan 10 + rd 1.1.4.3:10010 + route-target both 10010:10010 + redistribute learned + ! + vlan 30 + rd 1.1.4.3:10030 + route-target both 10030:10030 + redistribute learned + ! + vlan 50 + rd 1.1.4.3:10050 + route-target both 10050:10050 + redistribute learned + ! + vlan 90 + rd 1.1.4.3:10090 + route-target both 10090:10090 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + ! + address-family ipv4 + neighbor LOCAL-IPV6-PEERS activate + neighbor LOCAL-IPV6-PEERS next-hop address-family ipv6 originate + neighbor MLAG-IPV6-PEER activate + neighbor MLAG-IPV6-PEER next-hop address-family ipv6 originate + redistribute connected + ! + address-family ipv6 + neighbor LOCAL-IPV6-PEERS activate + neighbor MLAG-IPV6-PEER activate + redistribute connected + ! + vrf DEV + rd 1.1.4.3:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + router-id 1.1.4.3 + redistribute connected + neighbor interface Vl3002 peer-group MLAG-IPV6-PEER remote-as 65403 + ! + vrf PROD + rd 1.1.4.3:50001 + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + router-id 1.1.4.3 + redistribute connected + neighbor interface Vl3001 peer-group MLAG-IPV6-PEER remote-as 65403 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF4.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF4.cfg new file mode 100644 index 00000000..20e6911e --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF4.cfg @@ -0,0 +1,283 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname D-LEAF4 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3001-3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 50 + name Yellow +! +vlan 90 + name Pink +! +vlan 3001 + name MLAG_PEER_VRF_PROD + trunk group MLAG_PEER +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel8 + description HostD4 + switchport access vlan 10 + mlag 8 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + description D-SPINE1 + no switchport + ipv6 enable +! +interface Ethernet2 + description D-SPINE2 + no switchport + ipv6 enable +! +interface Ethernet3 + description D-SPINE3 + no switchport + ipv6 enable +! +interface Ethernet4 + description D-SPINE4 + no switchport + ipv6 enable +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + description HostD5 + switchport access vlan 90 + spanning-tree portfast +! +interface Ethernet8 + channel-group 8 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.4.4/32 + ipv6 address 2001:db8:d:1::4/128 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.4.3/32 + ipv6 address 2001:db8:d:2::3/128 +! +interface Management0 + vrf MGMT + ip address 172.100.100.147/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + ip address virtual 10.10.10.1/24 + ipv6 address virtual 2001:db8:10:10::1/64 +! +interface Vlan50 + mtu 9014 + vrf DEV + ip address virtual 10.50.50.1/24 + ipv6 address virtual 2001:db8:50:50::1/64 +! +interface Vlan90 + mtu 9014 + vrf DEV + ip address virtual 10.90.90.1/24 + ipv6 address virtual 2001:db8:90:90::1/64 +! +interface Vlan3001 + description MLAG iBGP Peer - VRF PROD + no autostate + vrf PROD + ipv6 enable +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ipv6 enable +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ipv6 enable +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ipv6 address 2001:db8::2/64 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan encapsulation ipv4 ipv6 + vxlan vlan 10,50,90 vni 10010,10050,10090 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing ipv6 interfaces +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ipv6 unicast-routing +ipv6 unicast-routing vrf DEV +ipv6 unicast-routing vrf PROD +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 2001:db8::1 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65403 + router-id 1.1.4.4 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65400 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV6-PEERS peer group + neighbor LOCAL-IPV6-PEERS password 7 nI7sLaKoXTZaU/dFFLYqCQ== + neighbor MLAG-IPV6-PEER peer group + neighbor MLAG-IPV6-PEER next-hop-self + neighbor MLAG-IPV6-PEER route-map RM-MLAG-PEER-OUT out + neighbor 2001:db8:d:1::201 peer group LOCAL-EVPN-PEERS + neighbor 2001:db8:d:1::202 peer group LOCAL-EVPN-PEERS + neighbor 2001:db8:d:1::203 peer group LOCAL-EVPN-PEERS + neighbor 2001:db8:d:1::204 peer group LOCAL-EVPN-PEERS + neighbor interface Et1-4 peer-group LOCAL-IPV6-PEERS remote-as 65400 + neighbor interface Vl4093 peer-group MLAG-IPV6-PEER remote-as 65403 + ! + vlan 10 + rd 1.1.4.4:10010 + route-target both 10010:10010 + redistribute learned + ! + vlan 50 + rd 1.1.4.4:10050 + route-target both 10050:10050 + redistribute learned + ! + vlan 90 + rd 1.1.4.4:10090 + route-target both 10090:10090 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + ! + address-family ipv4 + neighbor LOCAL-IPV6-PEERS activate + neighbor LOCAL-IPV6-PEERS next-hop address-family ipv6 originate + neighbor MLAG-IPV6-PEER activate + neighbor MLAG-IPV6-PEER next-hop address-family ipv6 originate + redistribute connected + ! + address-family ipv6 + neighbor LOCAL-IPV6-PEERS activate + neighbor MLAG-IPV6-PEER activate + redistribute connected + ! + vrf DEV + rd 1.1.4.4:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + router-id 1.1.4.4 + redistribute connected + neighbor interface Vl3002 peer-group MLAG-IPV6-PEER remote-as 65403 + ! + vrf PROD + rd 1.1.4.4:50001 + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + router-id 1.1.4.4 + redistribute connected + neighbor interface Vl3001 peer-group MLAG-IPV6-PEER remote-as 65403 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF5.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF5.cfg new file mode 100644 index 00000000..beee3ab1 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF5.cfg @@ -0,0 +1,227 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname D-LEAF5 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 70 + name Brown +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel7 + description HostD6 + switchport access vlan 70 + mlag 7 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + description D-SPINE1 + no switchport + ipv6 enable +! +interface Ethernet2 + description D-SPINE2 + no switchport + ipv6 enable +! +interface Ethernet3 + description D-SPINE3 + no switchport + ipv6 enable +! +interface Ethernet4 + description D-SPINE4 + no switchport + ipv6 enable +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + channel-group 7 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.4.5/32 + ipv6 address 2001:db8:d:1::5/128 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.4.5/32 + ipv6 address 2001:db8:d:2::5/128 +! +interface Management0 + vrf MGMT + ip address 172.100.100.148/24 +! +interface Vlan70 + mtu 9014 + vrf DEV + ip address virtual 10.70.70.1/24 + ipv6 address virtual 2001:db8:70:70::1/64 +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ipv6 enable +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ipv6 enable +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ipv6 address 2001:db8::1/64 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan encapsulation ipv4 ipv6 + vxlan vlan 70 vni 10070 + vxlan vrf DEV vni 50002 +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing ipv6 interfaces +ip routing vrf DEV +no ip routing vrf MGMT +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ipv6 unicast-routing +ipv6 unicast-routing vrf DEV +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 2001:db8::2 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65405 + router-id 1.1.4.5 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65400 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV6-PEERS peer group + neighbor LOCAL-IPV6-PEERS password 7 nI7sLaKoXTZaU/dFFLYqCQ== + neighbor MLAG-IPV6-PEER peer group + neighbor MLAG-IPV6-PEER next-hop-self + neighbor MLAG-IPV6-PEER route-map RM-MLAG-PEER-OUT out + neighbor 2001:db8:d:1::201 peer group LOCAL-EVPN-PEERS + neighbor 2001:db8:d:1::202 peer group LOCAL-EVPN-PEERS + neighbor 2001:db8:d:1::203 peer group LOCAL-EVPN-PEERS + neighbor 2001:db8:d:1::204 peer group LOCAL-EVPN-PEERS + neighbor interface Et1-4 peer-group LOCAL-IPV6-PEERS remote-as 65400 + neighbor interface Vl4093 peer-group MLAG-IPV6-PEER remote-as 65405 + ! + vlan 70 + rd 1.1.4.5:10070 + route-target both 10070:10070 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + ! + address-family ipv4 + neighbor LOCAL-IPV6-PEERS activate + neighbor LOCAL-IPV6-PEERS next-hop address-family ipv6 originate + neighbor MLAG-IPV6-PEER activate + neighbor MLAG-IPV6-PEER next-hop address-family ipv6 originate + redistribute connected + ! + address-family ipv6 + neighbor LOCAL-IPV6-PEERS activate + neighbor MLAG-IPV6-PEER activate + redistribute connected + ! + vrf DEV + rd 1.1.4.5:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + router-id 1.1.4.5 + redistribute connected + neighbor interface Vl3002 peer-group MLAG-IPV6-PEER remote-as 65405 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF6.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF6.cfg new file mode 100644 index 00000000..a2e723ba --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF6.cfg @@ -0,0 +1,227 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +dhcp relay + tunnel requests disabled + mlag peer-link requests disabled +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname D-LEAF6 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode mstp +no spanning-tree vlan-id 3002,4093-4094 +spanning-tree edge-port bpduguard default +spanning-tree mst 0 priority 0 +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 70 + name Brown +! +vlan 3002 + name MLAG_PEER_VRF_DEV + trunk group MLAG_PEER +! +vlan 4093 + name MLAG_PEER_L3_UNDERLAY + trunk group MLAG_PEER +! +vlan 4094 + name MLAG_PEER_SYNC + trunk group MLAG_PEER +! +vrf instance DEV +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Port-Channel7 + description HostD6 + switchport access vlan 70 + mlag 7 + spanning-tree portfast +! +interface Port-Channel1000 + description MLAG PEER-LINK + switchport mode trunk + switchport trunk group MLAG_PEER +! +interface Ethernet1 + description D-SPINE1 + no switchport + ipv6 enable +! +interface Ethernet2 + description D-SPINE2 + no switchport + ipv6 enable +! +interface Ethernet3 + description D-SPINE3 + no switchport + ipv6 enable +! +interface Ethernet4 + description D-SPINE4 + no switchport + ipv6 enable +! +interface Ethernet5 + channel-group 1000 mode active +! +interface Ethernet6 + channel-group 1000 mode active +! +interface Ethernet7 + channel-group 7 mode active +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.4.6/32 + ipv6 address 2001:db8:d:1::6/128 +! +interface Loopback1 + description Shared VTEP IP (MLAG) + ip address 2.2.4.5/32 + ipv6 address 2001:db8:d:2::5/128 +! +interface Management0 + vrf MGMT + ip address 172.100.100.149/24 +! +interface Vlan70 + mtu 9014 + vrf DEV + ip address virtual 10.70.70.1/24 + ipv6 address virtual 2001:db8:70:70::1/64 +! +interface Vlan3002 + description MLAG iBGP Peer - VRF DEV + no autostate + vrf DEV + ipv6 enable +! +interface Vlan4093 + description MLAG UNDERLAY BGP PEER + no autostate + ipv6 enable +! +interface Vlan4094 + description MLAG PEER SYNC + no autostate + ipv6 address 2001:db8::2/64 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan encapsulation ipv4 ipv6 + vxlan vlan 70 vni 10070 + vxlan vrf DEV vni 50002 +! +mac address-table aging-time 1800 +! +ip virtual-router mac-address 00:1c:73:00:00:01 +! +ip routing ipv6 interfaces +ip routing vrf DEV +no ip routing vrf MGMT +! +ip extcommunity-list regexp evpn-imported permit RT.* +! +ipv6 unicast-routing +ipv6 unicast-routing vrf DEV +! +mlag configuration + domain-id 100 + local-interface Vlan4094 + peer-address 2001:db8::1 + peer-link Port-Channel1000 +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-MLAG-PEER-OUT deny 10 + match extcommunity evpn-imported +! +route-map RM-MLAG-PEER-OUT permit 20 + set origin incomplete +! +router bgp 65405 + router-id 1.1.4.6 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65400 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV6-PEERS peer group + neighbor LOCAL-IPV6-PEERS password 7 nI7sLaKoXTZaU/dFFLYqCQ== + neighbor MLAG-IPV6-PEER peer group + neighbor MLAG-IPV6-PEER next-hop-self + neighbor MLAG-IPV6-PEER route-map RM-MLAG-PEER-OUT out + neighbor 2001:db8:d:1::201 peer group LOCAL-EVPN-PEERS + neighbor 2001:db8:d:1::202 peer group LOCAL-EVPN-PEERS + neighbor 2001:db8:d:1::203 peer group LOCAL-EVPN-PEERS + neighbor 2001:db8:d:1::204 peer group LOCAL-EVPN-PEERS + neighbor interface Et1-4 peer-group LOCAL-IPV6-PEERS remote-as 65400 + neighbor interface Vl4093 peer-group MLAG-IPV6-PEER remote-as 65405 + ! + vlan 70 + rd 1.1.4.6:10070 + route-target both 10070:10070 + redistribute learned + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + route import match-failure action discard + ! + address-family ipv4 + neighbor LOCAL-IPV6-PEERS activate + neighbor LOCAL-IPV6-PEERS next-hop address-family ipv6 originate + neighbor MLAG-IPV6-PEER activate + neighbor MLAG-IPV6-PEER next-hop address-family ipv6 originate + redistribute connected + ! + address-family ipv6 + neighbor LOCAL-IPV6-PEERS activate + neighbor MLAG-IPV6-PEER activate + redistribute connected + ! + vrf DEV + rd 1.1.4.6:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + router-id 1.1.4.6 + redistribute connected + neighbor interface Vl3002 peer-group MLAG-IPV6-PEER remote-as 65405 +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF7.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF7.cfg new file mode 100644 index 00000000..c629d65e --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF7.cfg @@ -0,0 +1,303 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname D-LEAF7 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 50 + name Yellow +! +vlan 70 + name Brown +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description D-SPINE1 + load-interval 1 + no switchport + ip address 192.168.0.1/31 +! +interface Ethernet2 + description D-SPINE2 + load-interval 1 + no switchport + ip address 192.168.0.3/31 +! +interface Ethernet3 + description D-SPINE3 + load-interval 1 + no switchport + ip address 192.168.0.5/31 +! +interface Ethernet4 + description D-SPINE4 + load-interval 1 + no switchport + ip address 192.168.0.7/31 +! +interface Ethernet5 + no switchport + ipv6 enable +! +interface Ethernet6 + no switchport + ipv6 enable +! +interface Ethernet7 + no switchport + ip address 172.16.4.1/31 + ipv6 enable +! +interface Ethernet8 + no switchport + ip address 172.16.4.5/31 + ipv6 enable +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.4.7/32 + ipv6 address 2001:db8:d:1::7/128 +! +interface Loopback1 + description VTEP IP + ip address 2.2.4.7/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.150/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + ip address virtual 10.10.10.1/24 + ipv6 address virtual 2001:db8:10:10::1/64 +! +interface Vlan50 + mtu 9014 + vrf DEV + ip address virtual 10.50.50.1/24 + ipv6 address virtual 2001:db8:50:50::1/64 +! +interface Vlan70 + mtu 9014 + vrf DEV + ip address virtual 10.70.70.1/24 + ipv6 address virtual 2001:db8:70:70::1/64 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan udp-port 4789 + vxlan vlan 10,50,70 vni 10010,10050,10070 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 +! +mac address-table aging-time 1800 +! +ip routing ipv6 interfaces +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ip prefix-list PL-GATEWAY-LOOP + seq 10 permit 1.1.4.7/32 + seq 20 permit 1.1.4.8/32 + seq 30 permit 2.2.4.7/32 +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ipv6 unicast-routing +ipv6 unicast-routing vrf DEV +ipv6 unicast-routing vrf PROD +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-AS65000-IPV4-OUT permit 10 + match ip address prefix-list PL-GATEWAY-LOOP +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +router bgp 65407 + router-id 1.1.4.7 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65400 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS remote-as 65400 + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor REMOTE-EVPN-PEERS peer group + neighbor REMOTE-EVPN-PEERS remote-as 65000 + neighbor REMOTE-EVPN-PEERS local-as 65000 no-prepend replace-as + neighbor REMOTE-EVPN-PEERS update-source Loopback0 + neighbor REMOTE-EVPN-PEERS password 7 IO6gE/ln7Sp2wt33WX/Asg== + neighbor REMOTE-IPV4-PEERS peer group + neighbor REMOTE-IPV4-PEERS remote-as 65000 + neighbor REMOTE-IPV4-PEERS route-map RM-AS65000-IPV4-OUT out + neighbor REMOTE-IPV4-PEERS password 7 dkvBq1jk4inJHsHfMjYRnQ== + neighbor 1.1.0.1 peer group REMOTE-EVPN-PEERS + neighbor 1.1.0.1 description BB1.EVPN + neighbor 1.1.0.2 peer group REMOTE-EVPN-PEERS + neighbor 1.1.0.2 description BB2.EVPN + neighbor 1.1.4.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.4.201 description D-SPINE1.EVPN + neighbor 1.1.4.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.4.202 description D-SPINE2.EVPN + neighbor 1.1.4.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.4.203 description D-SPINE3.EVPN + neighbor 1.1.4.204 peer group LOCAL-EVPN-PEERS + neighbor 1.1.4.204 description D-SPINE4.EVPN + neighbor 172.16.4.0 peer group REMOTE-IPV4-PEERS + neighbor 172.16.4.0 description BB1.IPV4 + neighbor 172.16.4.4 peer group REMOTE-IPV4-PEERS + neighbor 172.16.4.4 description BB2.IPV4 + neighbor 192.168.0.0 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.0 description D-SPINE1.IPV4 + neighbor 192.168.0.2 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.2 description D-SPINE2.IPV4 + neighbor 192.168.0.4 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.4 description D-SPINE3.IPV4 + neighbor 192.168.0.6 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.6 description D-SPINE4.IPV4 + ! + vlan 10 + rd evpn domain all 1.1.4.7:10010 + route-target import export evpn domain all 10010:10010 + ! + vlan 50 + rd evpn domain all 1.1.4.7:10050 + route-target import export evpn domain all 10050:10050 + ! + vlan 70 + rd evpn domain all 1.1.4.7:10070 + route-target import export evpn domain all 10070:10070 + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + neighbor LOCAL-EVPN-PEERS rcf in AS65400_IN_EVPN() + neighbor LOCAL-EVPN-PEERS rcf out AS65400_OUT_EVPN() + neighbor REMOTE-EVPN-PEERS activate + neighbor REMOTE-EVPN-PEERS rcf in AS65000_IN_EVPN() + neighbor REMOTE-EVPN-PEERS rcf out AS65000_OUT_EVPN() + neighbor REMOTE-EVPN-PEERS domain remote + domain identifier 4:4 + domain identifier 99:99 remote + route import match-failure action discard + neighbor default next-hop-self received-evpn-routes route-type ip-prefix inter-domain + layer-2 fec in-place update + ! + evpn ethernet-segment domain all + identifier 0000:dddd:0007:0008:0000 + designated-forwarder election algorithm preference 2000 + route-target import 00:dd:dd:07:08:00 + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor REMOTE-IPV4-PEERS activate + redistribute connected + ! + vrf DEV + rd 1.1.4.7:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + router-id 1.1.4.7 + ! + vrf PROD + rd 1.1.4.7:50001 + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + router-id 1.1.4.7 +! +router general + control-functions + code + function PREFIX_ROUTE() { + return evpn.route_type is EVPN_IP_PREFIX; + } + function IMET_ROUTE() { + return evpn.route_type is EVPN_IMET; + } + function FROM_GW_PEER() { + return community has_any {4:4}; + } + # + # + # + function AS65000_OUT_EVPN() { + if IMET_ROUTE() or PREFIX_ROUTE(){ + community add {4:4}; + } + return true; + } + # + function AS65000_IN_EVPN() { + if (IMET_ROUTE() or PREFIX_ROUTE()) and FROM_GW_PEER() { + return false; + } + return true; + } + # + # + # + # + function AS65400_OUT_EVPN() { + if PREFIX_ROUTE(){ + community add {4:4}; + } + return true; + } + # + function AS65400_IN_EVPN() { + if PREFIX_ROUTE() and FROM_GW_PEER() { + return false; + } + return true; + } + # + EOF +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF8.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF8.cfg new file mode 100644 index 00000000..a62df8dd --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-LEAF8.cfg @@ -0,0 +1,304 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname D-LEAF8 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vlan 10 + name Blue +! +vlan 50 + name Yellow +! +vlan 70 + name Brown +! +vrf instance DEV +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description D-SPINE1 + load-interval 1 + no switchport + ip address 192.168.0.9/31 +! +interface Ethernet2 + description D-SPINE2 + load-interval 1 + no switchport + ip address 192.168.0.11/31 +! +interface Ethernet3 + description D-SPINE3 + load-interval 1 + no switchport + ip address 192.168.0.13/31 +! +interface Ethernet4 + description D-SPINE4 + load-interval 1 + no switchport + ip address 192.168.0.15/31 +! +interface Ethernet5 + no switchport + ipv6 enable +! +interface Ethernet6 + no switchport + ipv6 enable +! +interface Ethernet7 + no switchport + ip address 172.16.4.3/31 + ipv6 enable +! +interface Ethernet8 + no switchport + ip address 172.16.4.7/31 + ipv6 enable +! +interface Loopback0 + description Globally Unique Address + ip address 1.1.4.8/32 + ipv6 address 2001:db8:d:1::8/128 +! +interface Loopback1 + description VTEP IP + ip address 2.2.4.8/32 +! +interface Management0 + vrf MGMT + ip address 172.100.100.151/24 +! +interface Vlan10 + mtu 9014 + vrf PROD + ip address virtual 10.10.10.1/24 + ipv6 address virtual 2001:db8:10:10::1/64 +! +interface Vlan50 + mtu 9014 + vrf DEV + ip address virtual 10.50.50.1/24 + ipv6 address virtual 2001:db8:50:50::1/64 +! +interface Vlan70 + mtu 9014 + vrf DEV + ip address virtual 10.70.70.1/24 + ipv6 address virtual 2001:db8:70:70::1/64 +! +interface Vxlan1 + vxlan source-interface Loopback1 + vxlan udp-port 4789 + vxlan vlan 10,50,70 vni 10010,10050,10070 + vxlan vrf DEV vni 50002 + vxlan vrf PROD vni 50001 +! +mac address-table aging-time 1800 +! +ip routing ipv6 interfaces +ip routing vrf DEV +no ip routing vrf MGMT +ip routing vrf PROD +! +ip prefix-list PL-GATEWAY-LOOP + seq 10 permit 1.1.4.7/32 + seq 20 permit 1.1.4.8/32 + seq 30 permit 2.2.4.7/32 + seq 40 permit 2.2.4.8/32 +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ipv6 unicast-routing +ipv6 unicast-routing vrf DEV +ipv6 unicast-routing vrf PROD +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-AS65000-IPV4-OUT permit 10 + match ip address prefix-list PL-GATEWAY-LOOP +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS +! +router bgp 65408 + router-id 1.1.4.8 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS remote-as 65400 + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS remote-as 65400 + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor REMOTE-EVPN-PEERS peer group + neighbor REMOTE-EVPN-PEERS remote-as 65000 + neighbor REMOTE-EVPN-PEERS local-as 65000 no-prepend replace-as + neighbor REMOTE-EVPN-PEERS update-source Loopback0 + neighbor REMOTE-EVPN-PEERS password 7 IO6gE/ln7Sp2wt33WX/Asg== + neighbor REMOTE-IPV4-PEERS peer group + neighbor REMOTE-IPV4-PEERS remote-as 65000 + neighbor REMOTE-IPV4-PEERS route-map RM-AS65000-IPV4-OUT out + neighbor REMOTE-IPV4-PEERS password 7 dkvBq1jk4inJHsHfMjYRnQ== + neighbor 1.1.0.1 peer group REMOTE-EVPN-PEERS + neighbor 1.1.0.1 description BB1.EVPN + neighbor 1.1.0.2 peer group REMOTE-EVPN-PEERS + neighbor 1.1.0.2 description BB2.EVPN + neighbor 1.1.4.201 peer group LOCAL-EVPN-PEERS + neighbor 1.1.4.201 description D-SPINE1.EVPN + neighbor 1.1.4.202 peer group LOCAL-EVPN-PEERS + neighbor 1.1.4.202 description D-SPINE2.EVPN + neighbor 1.1.4.203 peer group LOCAL-EVPN-PEERS + neighbor 1.1.4.203 description D-SPINE3.EVPN + neighbor 1.1.4.204 peer group LOCAL-EVPN-PEERS + neighbor 1.1.4.204 description D-SPINE4.EVPN + neighbor 172.16.4.2 peer group REMOTE-IPV4-PEERS + neighbor 172.16.4.2 description BB1.IPV4 + neighbor 172.16.4.6 peer group REMOTE-IPV4-PEERS + neighbor 172.16.4.6 description BB2.IPV4 + neighbor 192.168.0.8 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.8 description D-SPINE1.IPV4 + neighbor 192.168.0.10 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.10 description D-SPINE2.IPV4 + neighbor 192.168.0.12 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.12 description D-SPINE3.IPV4 + neighbor 192.168.0.14 peer group LOCAL-IPV4-PEERS + neighbor 192.168.0.14 description D-SPINE4.IPV4 + ! + vlan 10 + rd evpn domain all 1.1.4.8:10010 + route-target import export evpn domain all 10010:10010 + ! + vlan 50 + rd evpn domain all 1.1.4.8:10050 + route-target import export evpn domain all 10050:10050 + ! + vlan 70 + rd evpn domain all 1.1.4.8:10070 + route-target import export evpn domain all 10070:10070 + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + neighbor LOCAL-EVPN-PEERS rcf in AS65400_IN_EVPN() + neighbor LOCAL-EVPN-PEERS rcf out AS65400_OUT_EVPN() + neighbor REMOTE-EVPN-PEERS activate + neighbor REMOTE-EVPN-PEERS rcf in AS65000_IN_EVPN() + neighbor REMOTE-EVPN-PEERS rcf out AS65000_OUT_EVPN() + neighbor REMOTE-EVPN-PEERS domain remote + domain identifier 4:4 + domain identifier 99:99 remote + route import match-failure action discard + neighbor default next-hop-self received-evpn-routes route-type ip-prefix inter-domain + layer-2 fec in-place update + ! + evpn ethernet-segment domain all + identifier 0000:dddd:0007:0008:0000 + designated-forwarder election algorithm preference 2000 + route-target import 00:dd:dd:07:08:00 + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor REMOTE-IPV4-PEERS activate + redistribute connected + ! + vrf DEV + rd 1.1.4.8:50002 + route-target import evpn 50002:50002 + route-target export evpn 50002:50002 + router-id 1.1.4.8 + ! + vrf PROD + rd 1.1.4.8:50001 + route-target import evpn 50001:50001 + route-target export evpn 50001:50001 + router-id 1.1.4.8 +! +router general + control-functions + code + function PREFIX_ROUTE() { + return evpn.route_type is EVPN_IP_PREFIX; + } + function IMET_ROUTE() { + return evpn.route_type is EVPN_IMET; + } + function FROM_GW_PEER() { + return community has_any {4:4}; + } + # + # + # + function AS65000_OUT_EVPN() { + if IMET_ROUTE() or PREFIX_ROUTE(){ + community add {4:4}; + } + return true; + } + # + function AS65000_IN_EVPN() { + if (IMET_ROUTE() or PREFIX_ROUTE()) and FROM_GW_PEER() { + return false; + } + return true; + } + # + # + # + # + function AS65400_OUT_EVPN() { + if PREFIX_ROUTE(){ + community add {4:4}; + } + return true; + } + # + function AS65400_IN_EVPN() { + if PREFIX_ROUTE() and FROM_GW_PEER() { + return false; + } + return true; + } + # + EOF +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-SPINE1.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-SPINE1.cfg new file mode 100644 index 00000000..d22579a4 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-SPINE1.cfg @@ -0,0 +1,142 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname D-SPINE1 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description D-LEAF1 + no switchport + ipv6 enable +! +interface Ethernet2 + description D-LEAF2 + no switchport + ipv6 enable +! +interface Ethernet3 + description D-LEAF3 + no switchport + ipv6 enable +! +interface Ethernet4 + description D-LEAF4 + no switchport + ipv6 enable +! +interface Ethernet5 + description D-LEAF5 + no switchport + ipv6 enable +! +interface Ethernet6 + description D-LEAF6 + no switchport + ipv6 enable +! +interface Ethernet7 + description D-LEAF7 + no switchport + ip address 192.168.0.0/31 +! +interface Ethernet8 + description D-LEAF8 + no switchport + ip address 192.168.0.8/31 +! +interface Loopback0 + ip address 1.1.4.201/32 + ipv6 address 2001:db8:d:1::201/128 +! +interface Management0 + vrf MGMT + ip address 172.100.100.140/24 +! +mac address-table aging-time 1800 +! +ip routing ipv6 interfaces +no ip routing vrf MGMT +! +ipv6 prefix-list PL-LOOPBACKS + seq 10 permit 2001:db8:d:1::/64 eq 128 + seq 20 permit 2001:db8:d:2::/64 eq 128 +! +ipv6 unicast-routing +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ipv6 address prefix-list PL-LOOPBACKS +! +peer-filter LEAF-AS-RANGE + 10 match as-range 65401-65499 result accept +! +router bgp 65400 + router-id 1.1.4.201 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + bgp listen range 1.1.0.0/16 peer-group LOCAL-EVPN-PEERS peer-filter LEAF-AS-RANGE + bgp listen range 2001:db8:d:1::/64 peer-group LOCAL-EVPN-PEERS peer-filter LEAF-AS-RANGE + bgp listen range 192.168.0.0/24 peer-group LOCAL-IPV4-PEERS peer-filter LEAF-AS-RANGE + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS next-hop-unchanged + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor LOCAL-IPV6-PEERS peer group + neighbor LOCAL-IPV6-PEERS password 7 nI7sLaKoXTZaU/dFFLYqCQ== + neighbor interface Et1-8 peer-group LOCAL-IPV6-PEERS peer-filter LEAF-AS-RANGE + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor LOCAL-IPV6-PEERS activate + neighbor LOCAL-IPV6-PEERS next-hop address-family ipv6 originate + redistribute connected + ! + address-family ipv6 + neighbor LOCAL-IPV6-PEERS activate + redistribute connected +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-SPINE2.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-SPINE2.cfg new file mode 100644 index 00000000..20b43201 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-SPINE2.cfg @@ -0,0 +1,142 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname D-SPINE2 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description D-LEAF1 + no switchport + ipv6 enable +! +interface Ethernet2 + description D-LEAF2 + no switchport + ipv6 enable +! +interface Ethernet3 + description D-LEAF3 + no switchport + ipv6 enable +! +interface Ethernet4 + description D-LEAF4 + no switchport + ipv6 enable +! +interface Ethernet5 + description D-LEAF5 + no switchport + ipv6 enable +! +interface Ethernet6 + description D-LEAF6 + no switchport + ipv6 enable +! +interface Ethernet7 + description D-LEAF7 + no switchport + ip address 192.168.0.2/31 +! +interface Ethernet8 + description D-LEAF8 + no switchport + ip address 192.168.0.10/31 +! +interface Loopback0 + ip address 1.1.4.202/32 + ipv6 address 2001:db8:d:1::202/128 +! +interface Management0 + vrf MGMT + ip address 172.100.100.141/24 +! +mac address-table aging-time 1800 +! +ip routing ipv6 interfaces +no ip routing vrf MGMT +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ipv6 unicast-routing +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ipv6 address prefix-list PL-LOOPBACKS +! +peer-filter LEAF-AS-RANGE + 10 match as-range 65401-65499 result accept +! +router bgp 65400 + router-id 1.1.4.202 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + bgp listen range 1.1.0.0/16 peer-group LOCAL-EVPN-PEERS peer-filter LEAF-AS-RANGE + bgp listen range 2001:db8:d:1::/64 peer-group LOCAL-EVPN-PEERS peer-filter LEAF-AS-RANGE + bgp listen range 192.168.0.0/24 peer-group LOCAL-IPV4-PEERS peer-filter LEAF-AS-RANGE + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS next-hop-unchanged + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor LOCAL-IPV6-PEERS peer group + neighbor LOCAL-IPV6-PEERS password 7 nI7sLaKoXTZaU/dFFLYqCQ== + neighbor interface Et1-8 peer-group LOCAL-IPV6-PEERS peer-filter LEAF-AS-RANGE + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor LOCAL-IPV6-PEERS activate + neighbor LOCAL-IPV6-PEERS next-hop address-family ipv6 originate + redistribute connected + ! + address-family ipv6 + neighbor LOCAL-IPV6-PEERS activate + redistribute connected +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-SPINE3.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-SPINE3.cfg new file mode 100644 index 00000000..54711600 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-SPINE3.cfg @@ -0,0 +1,142 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname D-SPINE3 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description D-LEAF1 + no switchport + ipv6 enable +! +interface Ethernet2 + description D-LEAF2 + no switchport + ipv6 enable +! +interface Ethernet3 + description D-LEAF3 + no switchport + ipv6 enable +! +interface Ethernet4 + description D-LEAF4 + no switchport + ipv6 enable +! +interface Ethernet5 + description D-LEAF5 + no switchport + ipv6 enable +! +interface Ethernet6 + description D-LEAF6 + no switchport + ipv6 enable +! +interface Ethernet7 + description D-LEAF7 + no switchport + ip address 192.168.0.4/31 +! +interface Ethernet8 + description D-LEAF8 + no switchport + ip address 192.168.0.12/31 +! +interface Loopback0 + ip address 1.1.4.203/32 + ipv6 address 2001:db8:d:1::203/128 +! +interface Management0 + vrf MGMT + ip address 172.100.100.142/24 +! +mac address-table aging-time 1800 +! +ip routing ipv6 interfaces +no ip routing vrf MGMT +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ipv6 unicast-routing +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ipv6 address prefix-list PL-LOOPBACKS +! +peer-filter LEAF-AS-RANGE + 10 match as-range 65401-65499 result accept +! +router bgp 65400 + router-id 1.1.4.203 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + bgp listen range 1.1.0.0/16 peer-group LOCAL-EVPN-PEERS peer-filter LEAF-AS-RANGE + bgp listen range 2001:db8:d:1::/64 peer-group LOCAL-EVPN-PEERS peer-filter LEAF-AS-RANGE + bgp listen range 192.168.0.0/24 peer-group LOCAL-IPV4-PEERS peer-filter LEAF-AS-RANGE + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS next-hop-unchanged + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor LOCAL-IPV6-PEERS peer group + neighbor LOCAL-IPV6-PEERS password 7 nI7sLaKoXTZaU/dFFLYqCQ== + neighbor interface Et1-8 peer-group LOCAL-IPV6-PEERS peer-filter LEAF-AS-RANGE + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor LOCAL-IPV6-PEERS activate + neighbor LOCAL-IPV6-PEERS next-hop address-family ipv6 originate + redistribute connected + ! + address-family ipv6 + neighbor LOCAL-IPV6-PEERS activate + redistribute connected +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-SPINE4.cfg b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-SPINE4.cfg new file mode 100644 index 00000000..c505febe --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/D-SPINE4.cfg @@ -0,0 +1,142 @@ +! +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/. +! +switchport default mode routed +! +transceiver qsfp default-mode 4x10G +! +interface defaults + mtu 9214 +! +service routing protocols model multi-agent +! +hostname D-SPINE4 +ip name-server vrf MGMT 8.8.8.8 +! +spanning-tree mode none +! +system l1 + unsupported speed action error + unsupported error-correction action error +! +vrf instance MGMT +! +management api http-commands + no shutdown + ! + vrf MGMT + no shutdown +! +aaa authorization exec default local +! +interface Ethernet1 + description D-LEAF1 + no switchport + ipv6 enable +! +interface Ethernet2 + description D-LEAF2 + no switchport + ipv6 enable +! +interface Ethernet3 + description D-LEAF3 + no switchport + ipv6 enable +! +interface Ethernet4 + description D-LEAF4 + no switchport + ipv6 enable +! +interface Ethernet5 + description D-LEAF5 + no switchport + ipv6 enable +! +interface Ethernet6 + description D-LEAF6 + no switchport + ipv6 enable +! +interface Ethernet7 + description D-LEAF7 + no switchport + ip address 192.168.0.6/31 +! +interface Ethernet8 + description D-LEAF8 + no switchport + ip address 192.168.0.14/31 +! +interface Loopback0 + ip address 1.1.4.204/32 + ipv6 address 2001:db8:d:1::204/128 +! +interface Management0 + vrf MGMT + ip address 172.100.100.143/24 +! +mac address-table aging-time 1800 +! +ip routing ipv6 interfaces +no ip routing vrf MGMT +! +ip prefix-list PL-LOOPBACKS + seq 10 permit 1.1.0.0/16 eq 32 + seq 20 permit 2.2.0.0/16 eq 32 +! +ipv6 unicast-routing +! +ip route vrf MGMT 0.0.0.0/0 172.100.100.1 +! +arp aging timeout default 1500 +! +route-map RM-CONN-2-BGP permit 10 + match ipv6 address prefix-list PL-LOOPBACKS +! +peer-filter LEAF-AS-RANGE + 10 match as-range 65401-65499 result accept +! +router bgp 65400 + router-id 1.1.4.204 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + bgp listen range 1.1.0.0/16 peer-group LOCAL-EVPN-PEERS peer-filter LEAF-AS-RANGE + bgp listen range 2001:db8:d:1::/64 peer-group LOCAL-EVPN-PEERS peer-filter LEAF-AS-RANGE + bgp listen range 192.168.0.0/24 peer-group LOCAL-IPV4-PEERS peer-filter LEAF-AS-RANGE + neighbor default send-community + neighbor LOCAL-EVPN-PEERS peer group + neighbor LOCAL-EVPN-PEERS next-hop-unchanged + neighbor LOCAL-EVPN-PEERS update-source Loopback0 + neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 + neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor LOCAL-IPV4-PEERS peer group + neighbor LOCAL-IPV4-PEERS password 7 DGMjRCIj8IZAFhehikpUIQ== + neighbor LOCAL-IPV6-PEERS peer group + neighbor LOCAL-IPV6-PEERS password 7 nI7sLaKoXTZaU/dFFLYqCQ== + neighbor interface Et1-8 peer-group LOCAL-IPV6-PEERS peer-filter LEAF-AS-RANGE + ! + address-family evpn + neighbor LOCAL-EVPN-PEERS activate + ! + address-family ipv4 + neighbor LOCAL-IPV4-PEERS activate + neighbor LOCAL-IPV6-PEERS activate + neighbor LOCAL-IPV6-PEERS next-hop address-family ipv6 originate + redistribute connected + ! + address-family ipv6 + neighbor LOCAL-IPV6-PEERS activate + redistribute connected +! +management ssh + vrf MGMT + no shutdown +! +end diff --git a/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/toggle_override b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/toggle_override new file mode 100644 index 00000000..d3666565 --- /dev/null +++ b/tech-library/datacenter/evpnvxlan/zbackend-infra/configs/toggle_override @@ -0,0 +1 @@ +EvpnL3DciRdRt=1 diff --git a/tech-library/datacenter/l2ls/zbackend-infra/act/act-dc-l2ls-dg.yml b/tech-library/datacenter/l2ls/zbackend-infra/act/act-dc-l2ls-dg.yml new file mode 100644 index 00000000..eaa48050 --- /dev/null +++ b/tech-library/datacenter/l2ls/zbackend-infra/act/act-dc-l2ls-dg.yml @@ -0,0 +1,3 @@ +--- + +# Placeholder diff --git a/tech-library/datacenter/l2ls/zbackend-infra/clab/clab-dc-l2ls-dg.yml b/tech-library/datacenter/l2ls/zbackend-infra/clab/clab-dc-l2ls-dg.yml new file mode 100644 index 00000000..eaa48050 --- /dev/null +++ b/tech-library/datacenter/l2ls/zbackend-infra/clab/clab-dc-l2ls-dg.yml @@ -0,0 +1,3 @@ +--- + +# Placeholder diff --git a/tech-library/datacenter/l3ls/zbackend-infra/act/act-dc-l3ls-dg.yml b/tech-library/datacenter/l3ls/zbackend-infra/act/act-dc-l3ls-dg.yml new file mode 100644 index 00000000..eaa48050 --- /dev/null +++ b/tech-library/datacenter/l3ls/zbackend-infra/act/act-dc-l3ls-dg.yml @@ -0,0 +1,3 @@ +--- + +# Placeholder diff --git a/tech-library/datacenter/l3ls/zbackend-infra/clab/clab-dc-l3ls-dg.yml b/tech-library/datacenter/l3ls/zbackend-infra/clab/clab-dc-l3ls-dg.yml new file mode 100644 index 00000000..eaa48050 --- /dev/null +++ b/tech-library/datacenter/l3ls/zbackend-infra/clab/clab-dc-l3ls-dg.yml @@ -0,0 +1,3 @@ +--- + +# Placeholder