diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-wan-use-evpn-on-lan.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-wan-use-evpn-on-lan.cfg new file mode 100644 index 00000000000..ba98fb155e0 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-wan-use-evpn-on-lan.cfg @@ -0,0 +1,240 @@ +! +no enable password +no aaa root +! +agent KernelFib environment KERNELFIB_PROGRAM_ALL_ECMP=1 +! +flow tracking hardware + tracker FLOW-TRACKER + record export on inactive timeout 70000 + record export on interval 300000 + exporter CV-TELEMETRY + collector 127.0.0.1 + local interface Loopback0 + template interval 3600000 + no shutdown +! +service routing protocols model multi-agent +! +hostname cv-pathfinder-edge-wan-use-evpn-on-lan +! +router adaptive-virtual-topology + topology role edge + region AVD_Land_West id 42 + zone AVD_Land_West-ZONE id 1 + site Site12 id 12 + ! + policy DEFAULT-POLICY + ! + match application-profile default + avt profile DEFAULT-POLICY-DEFAULT + ! + policy DEFAULT-POLICY-WITH-CP + ! + match application-profile APP-PROFILE-CONTROL-PLANE + avt profile DEFAULT-POLICY-CONTROL-PLANE + ! + match application-profile default + avt profile DEFAULT-POLICY-DEFAULT + ! + profile DEFAULT-POLICY-CONTROL-PLANE + path-selection load-balance LB-DEFAULT-POLICY-CONTROL-PLANE + ! + profile DEFAULT-POLICY-DEFAULT + path-selection load-balance LB-DEFAULT-POLICY-DEFAULT + ! + vrf default + avt policy DEFAULT-POLICY-WITH-CP + avt profile DEFAULT-POLICY-DEFAULT id 1 + avt profile DEFAULT-POLICY-CONTROL-PLANE id 254 + ! + vrf PROD + avt policy DEFAULT-POLICY + avt profile DEFAULT-POLICY-DEFAULT id 1 +! +router path-selection + tcp mss ceiling ipv4 ingress + ! + path-group INET id 101 + ipsec profile CP-PROFILE + ! + local interface Ethernet1 + stun server-profile INET-cv-pathfinder-pathfinder-Ethernet1 INET-cv-pathfinder-pathfinder-Ethernet3 + ! + peer dynamic + ! + peer static router-ip 192.168.144.1 + name cv-pathfinder-pathfinder + ipv4 address 172.17.7.7 + ipv4 address 10.9.9.9 + ! + load-balance policy LB-DEFAULT-POLICY-CONTROL-PLANE + path-group INET + ! + load-balance policy LB-DEFAULT-POLICY-DEFAULT + path-group INET +! +spanning-tree mode none +! +vrf instance MGMT +! +vrf instance PROD +! +management api http-commands + protocol https + no shutdown + ! + vrf MGMT + no shutdown +! +management security + ! + ssl profile STUN-DTLS + tls versions 1.2 + trust certificate aristaDeviceCertProvisionerDefaultRootCA.crt + certificate STUN-DTLS.crt key STUN-DTLS.key +! +ip security + ike policy CP-IKE-POLICY + local-id 192.168.255.12 + ! + sa policy CP-SA-POLICY + esp encryption aes256gcm128 + pfs dh-group 14 + ! + profile CP-PROFILE + ike-policy CP-IKE-POLICY + sa-policy CP-SA-POLICY + connection start + shared-key 7 ABCDEF1234567890 + dpd 10 50 clear + mode transport + ! + key controller + profile CP-PROFILE +! +interface Dps1 + description DPS Interface + mtu 9194 + flow tracker hardware FLOW-TRACKER + ip address 192.168.255.12/32 +! +interface Ethernet1 + description ATT_666 + no shutdown + no switchport + ip address dhcp + dhcp client accept default-route +! +interface Loopback0 + description ROUTER_ID + no shutdown + ip address 192.168.42.12/32 +! +interface Vxlan1 + description cv-pathfinder-edge-wan-use-evpn-on-lan_VTEP + vxlan source-interface Dps1 + vxlan udp-port 4789 + vxlan vrf default vni 1 + vxlan vrf PROD vni 42 +! +application traffic recognition + ! + application ipv4 APP-CONTROL-PLANE + destination prefix field-set PFX-PATHFINDERS + ! + application-profile APP-PROFILE-CONTROL-PLANE + application APP-CONTROL-PLANE + ! + field-set ipv4 prefix PFX-PATHFINDERS + 192.168.144.1/32 +! +ip routing +no ip routing vrf MGMT +ip routing vrf PROD +! +ip extcommunity-list ECL-EVPN-SOO permit soo 192.168.42.12:12 +! +ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY + seq 10 permit 192.168.42.0/24 eq 32 +! +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY + set extcommunity soo 192.168.42.12:12 additive +! +route-map RM-EVPN-EXPORT-VRF-DEFAULT permit 10 + match extcommunity ECL-EVPN-SOO +! +router bfd + multihop interval 300 min-rx 300 multiplier 3 +! +router bgp 65000 + router-id 192.168.42.12 + update wait-install + no bgp default ipv4-unicast + maximum-paths 16 + neighbor EVPN-OVERLAY-PEERS peer group + neighbor EVPN-OVERLAY-PEERS update-source Loopback0 + neighbor EVPN-OVERLAY-PEERS bfd + neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 + neighbor EVPN-OVERLAY-PEERS send-community + neighbor EVPN-OVERLAY-PEERS maximum-routes 0 + neighbor WAN-OVERLAY-PEERS peer group + neighbor WAN-OVERLAY-PEERS remote-as 65000 + neighbor WAN-OVERLAY-PEERS update-source Dps1 + neighbor WAN-OVERLAY-PEERS bfd + neighbor WAN-OVERLAY-PEERS bfd interval 1000 min-rx 1000 multiplier 10 + neighbor WAN-OVERLAY-PEERS ttl maximum-hops 42 + neighbor WAN-OVERLAY-PEERS password 7 htm4AZe9mIQOO1uiMuGgYQ== + neighbor WAN-OVERLAY-PEERS send-community + neighbor WAN-OVERLAY-PEERS maximum-routes 0 + neighbor 192.168.144.1 peer group WAN-OVERLAY-PEERS + neighbor 192.168.144.1 description cv-pathfinder-pathfinder_Dps1 + redistribute connected route-map RM-CONN-2-BGP + ! + address-family evpn + neighbor WAN-OVERLAY-PEERS activate + neighbor WAN-OVERLAY-PEERS route-map RM-EVPN-SOO-IN in + neighbor WAN-OVERLAY-PEERS route-map RM-EVPN-SOO-OUT out + neighbor WAN-OVERLAY-PEERS encapsulation path-selection + ! + address-family ipv4 + no neighbor WAN-OVERLAY-PEERS activate + ! + address-family ipv4 sr-te + neighbor WAN-OVERLAY-PEERS activate + ! + address-family link-state + neighbor WAN-OVERLAY-PEERS activate + path-selection + ! + address-family path-selection + bgp additional-paths receive + bgp additional-paths send any + neighbor WAN-OVERLAY-PEERS activate + ! + vrf default + rd 192.168.42.12:1 + route-target import evpn 1:1 + route-target export evpn 1:1 + route-target export evpn route-map RM-EVPN-EXPORT-VRF-DEFAULT + ! + vrf PROD + rd 192.168.42.12:142 + route-target import evpn 142:142 + route-target export evpn 142:142 + router-id 192.168.42.12 + redistribute connected +! +router traffic-engineering +! +stun + client + server-profile INET-cv-pathfinder-pathfinder-Ethernet1 + ip address 172.17.7.7 + ssl profile STUN-DTLS + server-profile INET-cv-pathfinder-pathfinder-Ethernet3 + ip address 10.9.9.9 + ssl profile STUN-DTLS +! +end diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-wan-use-evpn-on-lan.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-wan-use-evpn-on-lan.yml new file mode 100644 index 00000000000..fefa639c40d --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-wan-use-evpn-on-lan.yml @@ -0,0 +1,361 @@ +aaa_root: + disabled: true +agents: +- name: KernelFib + environment_variables: + - name: KERNELFIB_PROGRAM_ALL_ECMP + value: '1' +application_traffic_recognition: + field_sets: + ipv4_prefixes: + - name: PFX-PATHFINDERS + prefix_values: + - 192.168.144.1/32 + applications: + ipv4_applications: + - name: APP-CONTROL-PLANE + dest_prefix_set_name: PFX-PATHFINDERS + application_profiles: + - name: APP-PROFILE-CONTROL-PLANE + applications: + - name: APP-CONTROL-PLANE +config_end: true +dps_interfaces: +- name: Dps1 + description: DPS Interface + mtu: 9194 + ip_address: 192.168.255.12/32 + flow_tracker: + hardware: FLOW-TRACKER +enable_password: + disabled: true +ethernet_interfaces: +- name: Ethernet1 + description: ATT_666 + shutdown: false + ip_address: dhcp + dhcp_client_accept_default_route: true + peer_type: l3_interface + switchport: + enabled: false +flow_tracking: + hardware: + trackers: + - name: FLOW-TRACKER + record_export: + on_inactive_timeout: 70000 + on_interval: 300000 + exporters: + - name: CV-TELEMETRY + collector: + host: 127.0.0.1 + local_interface: Loopback0 + template_interval: 3600000 + shutdown: false +hostname: cv-pathfinder-edge-wan-use-evpn-on-lan +ip_extcommunity_lists: +- name: ECL-EVPN-SOO + entries: + - type: permit + extcommunities: soo 192.168.42.12:12 +ip_routing: true +ip_security: + ike_policies: + - name: CP-IKE-POLICY + local_id: 192.168.255.12 + sa_policies: + - name: CP-SA-POLICY + esp: + encryption: aes256gcm128 + pfs_dh_group: 14 + profiles: + - name: CP-PROFILE + ike_policy: CP-IKE-POLICY + sa_policy: CP-SA-POLICY + connection: start + shared_key: ABCDEF1234567890 + dpd: + interval: 10 + time: 50 + action: clear + mode: transport + key_controller: + profile: CP-PROFILE +is_deployed: true +loopback_interfaces: +- name: Loopback0 + description: ROUTER_ID + shutdown: false + ip_address: 192.168.42.12/32 +management_api_http: + enable_https: true + enable_vrfs: + - name: MGMT +management_security: + ssl_profiles: + - name: STUN-DTLS + tls_versions: '1.2' + trust_certificate: + certificates: + - aristaDeviceCertProvisionerDefaultRootCA.crt + certificate: + file: STUN-DTLS.crt + key: STUN-DTLS.key +metadata: + fabric_name: EOS_DESIGNS_UNIT_TESTS + cv_tags: + device_tags: + - name: Role + value: edge + - name: Region + value: AVD_Land_West + - name: Zone + value: AVD_Land_West-ZONE + - name: Site + value: Site12 + interface_tags: + - interface: Ethernet1 + tags: + - name: Type + value: wan + - name: Carrier + value: ATT + - name: Circuit + value: '666' + cv_pathfinder: + role: edge + region: AVD_Land_West + zone: AVD_Land_West-ZONE + site: Site12 + vtep_ip: 192.168.255.12 + ssl_profile: STUN-DTLS + pathfinders: + - vtep_ip: 192.168.144.1 + interfaces: + - name: Ethernet1 + carrier: ATT + circuit_id: '666' + pathgroup: INET +prefix_lists: +- name: PL-LOOPBACKS-EVPN-OVERLAY + sequence_numbers: + - sequence: 10 + action: permit 192.168.42.0/24 eq 32 +route_maps: +- name: RM-CONN-2-BGP + sequence_numbers: + - sequence: 10 + type: permit + match: + - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY + set: + - extcommunity soo 192.168.42.12:12 additive +- name: RM-EVPN-EXPORT-VRF-DEFAULT + sequence_numbers: + - sequence: 10 + type: permit + match: + - extcommunity ECL-EVPN-SOO +router_adaptive_virtual_topology: + topology_role: edge + region: + name: AVD_Land_West + id: 42 + zone: + name: AVD_Land_West-ZONE + id: 1 + site: + name: Site12 + id: 12 + profiles: + - name: DEFAULT-POLICY-CONTROL-PLANE + load_balance_policy: LB-DEFAULT-POLICY-CONTROL-PLANE + - name: DEFAULT-POLICY-DEFAULT + load_balance_policy: LB-DEFAULT-POLICY-DEFAULT + policies: + - name: DEFAULT-POLICY-WITH-CP + matches: + - application_profile: APP-PROFILE-CONTROL-PLANE + avt_profile: DEFAULT-POLICY-CONTROL-PLANE + - application_profile: default + avt_profile: DEFAULT-POLICY-DEFAULT + - name: DEFAULT-POLICY + matches: + - application_profile: default + avt_profile: DEFAULT-POLICY-DEFAULT + vrfs: + - name: default + policy: DEFAULT-POLICY-WITH-CP + profiles: + - name: DEFAULT-POLICY-CONTROL-PLANE + id: 254 + - name: DEFAULT-POLICY-DEFAULT + id: 1 + - name: PROD + policy: DEFAULT-POLICY + profiles: + - name: DEFAULT-POLICY-DEFAULT + id: 1 +router_bfd: + multihop: + interval: 300 + min_rx: 300 + multiplier: 3 +router_bgp: + as: '65000' + router_id: 192.168.42.12 + maximum_paths: + paths: 16 + updates: + wait_install: true + bgp: + default: + ipv4_unicast: false + peer_groups: + - name: EVPN-OVERLAY-PEERS + type: evpn + update_source: Loopback0 + bfd: true + ebgp_multihop: 3 + send_community: all + maximum_routes: 0 + - name: WAN-OVERLAY-PEERS + type: wan + remote_as: '65000' + update_source: Dps1 + bfd: true + bfd_timers: + interval: 1000 + min_rx: 1000 + multiplier: 10 + password: htm4AZe9mIQOO1uiMuGgYQ== + send_community: all + maximum_routes: 0 + ttl_maximum_hops: 42 + neighbors: + - ip_address: 192.168.144.1 + peer_group: WAN-OVERLAY-PEERS + peer: cv-pathfinder-pathfinder + description: cv-pathfinder-pathfinder_Dps1 + redistribute: + connected: + enabled: true + route_map: RM-CONN-2-BGP + address_family_evpn: + peer_groups: + - name: WAN-OVERLAY-PEERS + activate: true + route_map_in: RM-EVPN-SOO-IN + route_map_out: RM-EVPN-SOO-OUT + encapsulation: path-selection + address_family_ipv4: + peer_groups: + - name: WAN-OVERLAY-PEERS + activate: false + address_family_ipv4_sr_te: + peer_groups: + - name: WAN-OVERLAY-PEERS + activate: true + address_family_link_state: + peer_groups: + - name: WAN-OVERLAY-PEERS + activate: true + path_selection: + roles: + producer: true + address_family_path_selection: + bgp: + additional_paths: + receive: true + send: any + peer_groups: + - name: WAN-OVERLAY-PEERS + activate: true + vrfs: + - name: default + rd: 192.168.42.12:1 + route_targets: + import: + - address_family: evpn + route_targets: + - '1:1' + export: + - address_family: evpn + route_targets: + - '1:1' + - route-map RM-EVPN-EXPORT-VRF-DEFAULT + - name: PROD + rd: 192.168.42.12:142 + route_targets: + import: + - address_family: evpn + route_targets: + - 142:142 + export: + - address_family: evpn + route_targets: + - 142:142 + router_id: 192.168.42.12 + redistribute: + connected: + enabled: true +router_path_selection: + path_groups: + - name: INET + id: 101 + ipsec_profile: CP-PROFILE + local_interfaces: + - name: Ethernet1 + stun: + server_profiles: + - INET-cv-pathfinder-pathfinder-Ethernet1 + - INET-cv-pathfinder-pathfinder-Ethernet3 + dynamic_peers: + enabled: true + static_peers: + - router_ip: 192.168.144.1 + name: cv-pathfinder-pathfinder + ipv4_addresses: + - 172.17.7.7 + - 10.9.9.9 + load_balance_policies: + - name: LB-DEFAULT-POLICY-CONTROL-PLANE + path_groups: + - name: INET + - name: LB-DEFAULT-POLICY-DEFAULT + path_groups: + - name: INET + tcp_mss_ceiling: + ipv4_segment_size: auto +router_traffic_engineering: + enabled: true +service_routing_protocols_model: multi-agent +spanning_tree: + mode: none +stun: + client: + server_profiles: + - name: INET-cv-pathfinder-pathfinder-Ethernet1 + ip_address: 172.17.7.7 + ssl_profile: STUN-DTLS + - name: INET-cv-pathfinder-pathfinder-Ethernet3 + ip_address: 10.9.9.9 + ssl_profile: STUN-DTLS +transceiver_qsfp_default_mode_4x10: false +vrfs: +- name: MGMT + ip_routing: false +- name: PROD + ip_routing: true + tenant: TenantA +vxlan_interface: + vxlan1: + description: cv-pathfinder-edge-wan-use-evpn-on-lan_VTEP + vxlan: + source_interface: Dps1 + udp_port: 4789 + vrfs: + - name: default + vni: 1 + - name: PROD + vni: 42 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/leaf-wan-use-evpn-on-lan.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/leaf-wan-use-evpn-on-lan.yml new file mode 100644 index 00000000000..9f3b68b9191 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/leaf-wan-use-evpn-on-lan.yml @@ -0,0 +1,247 @@ +aaa_root: + disabled: true +config_end: true +enable_password: + disabled: true +hostname: leaf-wan-use-evpn-on-lan +ip_igmp_snooping: + globally_enabled: true +ip_routing: true +ip_virtual_router_mac_address: 00:1c:73:00:00:01 +is_deployed: true +loopback_interfaces: +- name: Loopback0 + description: ROUTER_ID + shutdown: false + ip_address: 192.168.45.13/32 +- name: Loopback1 + description: VXLAN_TUNNEL_SOURCE + shutdown: false + ip_address: 192.168.255.13/32 +management_api_http: + enable_https: true + enable_vrfs: + - name: MGMT +metadata: + fabric_name: EOS_DESIGNS_UNIT_TESTS +prefix_lists: +- name: PL-LOOPBACKS-EVPN-OVERLAY + sequence_numbers: + - sequence: 10 + action: permit 192.168.45.0/24 eq 32 + - sequence: 20 + action: permit 192.168.255.0/24 eq 32 +route_maps: +- name: RM-CONN-2-BGP + sequence_numbers: + - sequence: 10 + type: permit + match: + - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +router_bfd: + multihop: + interval: 300 + min_rx: 300 + multiplier: 3 +router_bgp: + as: '65042' + router_id: 192.168.45.13 + maximum_paths: + paths: 4 + ecmp: 4 + updates: + wait_install: true + bgp: + default: + ipv4_unicast: false + peer_groups: + - name: IPv4-UNDERLAY-PEERS + type: ipv4 + send_community: all + maximum_routes: 12000 + - name: EVPN-OVERLAY-PEERS + type: evpn + update_source: Loopback0 + bfd: true + ebgp_multihop: 3 + send_community: all + maximum_routes: 0 + redistribute: + connected: + enabled: true + route_map: RM-CONN-2-BGP + vlans: + - id: 1000 + tenant: TenantA + rd: 192.168.45.13:2000 + route_targets: + both: + - 2000:2000 + redistribute_routes: + - learned + - id: 100 + tenant: TenantA + rd: 192.168.45.13:1100 + route_targets: + both: + - 1100:1100 + redistribute_routes: + - learned + - id: 101 + tenant: TenantA + rd: 192.168.45.13:1101 + route_targets: + both: + - 1101:1101 + redistribute_routes: + - learned + - id: 666 + tenant: TenantC + rd: 192.168.45.13:1666 + route_targets: + both: + - 1666:1666 + redistribute_routes: + - learned + address_family_evpn: + peer_groups: + - name: EVPN-OVERLAY-PEERS + activate: true + address_family_ipv4: + peer_groups: + - name: IPv4-UNDERLAY-PEERS + activate: true + - name: EVPN-OVERLAY-PEERS + activate: false + vrfs: + - name: default + rd: 192.168.45.13:1 + route_targets: + import: + - address_family: evpn + route_targets: + - '1:1' + export: + - address_family: evpn + route_targets: + - '1:1' + - name: IT + rd: 192.168.45.13:1000 + route_targets: + import: + - address_family: evpn + route_targets: + - 1000:1000 + export: + - address_family: evpn + route_targets: + - 1000:1000 + router_id: 192.168.45.13 + redistribute: + connected: + enabled: true + - name: PROD + rd: 192.168.45.13:142 + route_targets: + import: + - address_family: evpn + route_targets: + - 142:142 + export: + - address_family: evpn + route_targets: + - 142:142 + router_id: 192.168.45.13 + redistribute: + connected: + enabled: true + - name: ATTRACTED-VRF-FROM-UPLINK + rd: 192.168.45.13:666 + route_targets: + import: + - address_family: evpn + route_targets: + - 666:666 + export: + - address_family: evpn + route_targets: + - 666:666 + router_id: 192.168.45.13 + redistribute: + connected: + enabled: true +service_routing_protocols_model: multi-agent +transceiver_qsfp_default_mode_4x10: true +vlan_interfaces: +- name: Vlan1000 + description: VLAN1000 + shutdown: true + vrf: IT + ip_address_virtual: 10.0.100.1/24 + tenant: TenantA +- name: Vlan100 + description: VLAN100 + shutdown: true + vrf: PROD + ip_address_virtual: 10.0.100.1/24 + tenant: TenantA +- name: Vlan666 + description: VLAN666 + shutdown: true + vrf: ATTRACTED-VRF-FROM-UPLINK + ip_address_virtual: 10.66.66.66/24 + tenant: TenantC +vlan_internal_order: + allocation: ascending + range: + beginning: 1006 + ending: 1199 +vlans: +- id: 1000 + name: VLAN1000 + tenant: TenantA +- id: 100 + name: VLAN100 + tenant: TenantA +- id: 101 + name: VLAN101 + tenant: TenantA +- id: 666 + name: VLAN666 + tenant: TenantC +vrfs: +- name: MGMT + ip_routing: false +- name: IT + ip_routing: true + tenant: TenantA +- name: PROD + ip_routing: true + tenant: TenantA +- name: ATTRACTED-VRF-FROM-UPLINK + ip_routing: true + tenant: TenantC +vxlan_interface: + vxlan1: + description: leaf-wan-use-evpn-on-lan_VTEP + vxlan: + source_interface: Loopback1 + udp_port: 4789 + vlans: + - id: 1000 + vni: 2000 + - id: 100 + vni: 1100 + - id: 101 + vni: 1101 + - id: 666 + vni: 1666 + vrfs: + - name: default + vni: 1 + - name: IT + vni: 1000 + - name: PROD + vni: 142 + - name: ATTRACTED-VRF-FROM-UPLINK + vni: 666 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CV_PATHFINDER_TESTS.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CV_PATHFINDER_TESTS.yml index 98f3f1be85e..f02f7635cd6 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CV_PATHFINDER_TESTS.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CV_PATHFINDER_TESTS.yml @@ -36,6 +36,9 @@ cv_pathfinder_regions: - name: Site423 id: 423 location: Somewhere-warm + - name: Site12 + id: 12 + location: 12 Downing Street, London - name: AVD_Land_East id: 43 description: AVD Region @@ -522,6 +525,12 @@ tenants: ip_address_virtual: 10.0.100.1/24 - name: IT vrf_id: 1000 + svis: + - id: 1000 + name: VLAN1000 + ip_address_virtual: 10.0.100.1/24 + nodes: + - node: leaf-use-wan-evpn-on-lan l2vlans: - id: 101 name: VLAN101 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/cv-pathfinder-edge-wan-use-evpn-on-lan.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/cv-pathfinder-edge-wan-use-evpn-on-lan.yml index 588d6840a5f..dad40a114da 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/cv-pathfinder-edge-wan-use-evpn-on-lan.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/cv-pathfinder-edge-wan-use-evpn-on-lan.yml @@ -1,58 +1,14 @@ --- # Testing CV pathfinder edge using new toggle wan_use_evpn_node_settings_for_lan -wan_mode: cv-pathfinder wan_use_evpn_node_settings_for_lan: true # enabling EVPN on LAN overlay_routing_protocol: ebgp bgp_as: 65000 -flow_tracking_settings: - trackers: - - name: custom_flow_track_name - record_export: - on_inactive_timeout: 50000 - on_interval: 300331 - exporters: - - name: ayush_exporter - collector: - host: 127.0.0.1 - local_interface: Loopback0 - template_interval: 40000 - -fabric_flow_tracking: - dps_interfaces: - name: custom_flow_track_name - -cv_pathfinder_regions: - - name: AVD_Land_West - id: 42 - description: AVD Region - sites: - - name: Site12 - id: 12 - location: 12 Downing Street, London - -bgp_peer_groups: - wan_overlay_peers: - password: "htm4AZe9mIQOO1uiMuGgYQ==" - # Overwriting TTL - ttl_maximum_hops: 42 - listen_range_prefixes: - - 192.168.255.0/24 - wan_route_servers: - hostname: cv-pathfinder-pathfinder -wan_ipsec_profiles: - control_plane: - shared_key: ABCDEF1234567890 - -default_node_types: - - node_type: wan_router - match_hostnames: - - "cv-pathfinder-edge.*" - wan_router: defaults: loopback_ipv4_pool: 192.168.42.0/24 @@ -61,9 +17,15 @@ wan_router: always_include_vrfs_in_tenants: [TenantA] deny_vrfs: [IT] nodes: - - name: cv-pathfinder-edge-wan0use-evpn-on-lan + - name: cv-pathfinder-edge-wan-use-evpn-on-lan cv_pathfinder_region: AVD_Land_West cv_pathfinder_site: Site12 + # Adding uplink to leaf for EVPN + uplink_switches: [leaf-use-wan-evpn-on-lan] + uplink_type: p2p + uplink_interfaces: [Ethernet52] + uplink_switch_interfaces: [Ethernet1] + uplink_ipv4_pool: 172.18.0.0/24 evpn_role: client id: 12 l3_interfaces: @@ -72,102 +34,3 @@ wan_router: wan_circuit_id: 666 dhcp_accept_default_route: true ip_address: dhcp - - name: Ethernet2 - wan_carrier: Colt - wan_circuit_id: 10555 - ip_address: 172.15.5.5/31 - - name: Ethernet3 - wan_carrier: Comcast-5G - wan_circuit_id: AF830 - ip_address: 172.20.20.20/31 - connected_to_pathfinder: false - -wan_path_groups: - - name: MPLS - ipsec: - static_peers: false - # TODO remove one once auto-id is implemented - for now required in schema - id: 100 - - name: INET - id: 101 - - name: LTE - id: 102 - - name: Equinix - id: 103 - - name: Satellite - id: 104 - -wan_carriers: - - name: Comcast - path_group: INET - trusted: true - - name: ATT - path_group: INET - trusted: true - - name: Bouygues_Telecom - path_group: INET - trusted: true - - name: SFR - path_group: INET - trusted: true - - name: Orange - path_group: INET - trusted: true - - name: Another-ISP - path_group: INET - trusted: true - - name: Colt - path_group: MPLS - trusted: true - - name: ATT-MPLS - path_group: MPLS - trusted: true - - name: Comcast-5G - path_group: LTE - trusted: true - - name: Inmrasat - path_group: Satellite - trusted: true - -tenants: - - name: TenantA - vrfs: - - name: default - vrf_id: 1 - - name: PROD - vrf_id: 42 - - name: IT - vrf_id: 100 - -wan_virtual_topologies: - vrfs: - # No policy for default or PROD, going to use DEFAULT-POLICY - # overwrite DEFAULT-POLICY below - - name: default - wan_vni: 1 - - name: PROD - wan_vni: 42 - policies: - # Name of the DEFAULT-POLICY being overwritten - - name: DEFAULT-POLICY - default_virtual_topology: - path_groups: - - names: [INET] - - names: [LTE] - preference: 42 - application_virtual_topologies: - - application_profile: VIDEO - path_groups: - - names: [MPLS, INET] - preference: preferred - id: 3 - -application_classification: - application_profiles: - - name: VIDEO - # Testing categories filtering - applications: - # Testing applications in application-profiles filtering - - name: CUSTOM-APPLICATION-1 - # Builtin application that should not raise - - name: skype diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/leaf-wan-use-evpn-on-lan.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/leaf-wan-use-evpn-on-lan.yml new file mode 100644 index 00000000000..586dcf0ecee --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/leaf-wan-use-evpn-on-lan.yml @@ -0,0 +1,14 @@ +--- +type: l3leaf + +l3leaf: + defaults: + bgp_as: 65042 + loopback_ipv4_pool: 192.168.45.0/24 + vtep_loopback_ipv4_pool: 192.168.255.0/24 + virtual_router_mac_address: 00:1c:73:00:00:01 + filter: + always_include_vrfs_in_tenants: [TenantA] + nodes: + - name: leaf-wan-use-evpn-on-lan + id: 13 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml index 1d59cf7bf24..c815d67ba36 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml @@ -397,6 +397,10 @@ all: cv-pathfinder-edge: cv-pathfinder-edge1: site-ha-disabled-leaf: + SITE_EVPN: + hosts: + cv-pathfinder-edge-wan-use-evpn-on-lan: + leaf-wan-use-evpn-on-lan: CV_PATHFINDERS: hosts: cv-pathfinder-pathfinder: @@ -420,6 +424,7 @@ all: site-ha-enabled-leaf2B: site-ha-enabled-leaf1: site-ha-disabled-leaf: + leaf-wan-use-evpn-on-lan: WAN_UNIT_TESTS: hosts: autovpn-edge-no-default-policy: diff --git a/python-avd/pyavd/_eos_designs/structured_config/overlay/router_bgp.py b/python-avd/pyavd/_eos_designs/structured_config/overlay/router_bgp.py index 0c29e7c5e22..34fe1a93039 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/overlay/router_bgp.py +++ b/python-avd/pyavd/_eos_designs/structured_config/overlay/router_bgp.py @@ -493,10 +493,7 @@ def _create_neighbor( ), } - if self.shared_utils.overlay_routing_protocol == "ebgp": - if remote_as is None: - msg = "Configuring eBGP neighbor without a remote_as" - raise AristaAvdError(msg) + if remote_as is None: neighbor["remote_as"] = remote_as if self.inputs.shutdown_bgp_towards_undeployed_peers and name in self._avd_overlay_peers: