From 085e4cb80be09683f57d4fae98d11aa67ccf4a45 Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Tue, 16 Jul 2024 18:05:09 +0530 Subject: [PATCH 01/22] Feat(eos_designs): Add option to disable default 'redistribute connected ' in VRF. --- .../eos_designs_unit_tests/intended/configs/DC1-LEAF2A.cfg | 1 - .../eos_designs_unit_tests/intended/configs/DC1-LEAF2B.cfg | 1 - .../intended/configs/evpn_services_l2_only_false.cfg | 1 - .../intended/structured_configs/DC1-LEAF2A.yml | 1 - .../intended/structured_configs/DC1-LEAF2B.yml | 1 - .../inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_D.yml | 1 + .../docs/tables/network-services-vrfs-settings.md | 4 ++++ python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml | 4 ++++ .../schema_fragments/defs_network_services.schema.yml | 4 ++++ .../structured_config/network_services/router_bgp.py | 6 ++++-- 10 files changed, 17 insertions(+), 7 deletions(-) diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2A.cfg index 3ae9ad2da78..6e4c9495284 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2A.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2A.cfg @@ -867,7 +867,6 @@ router bgp 65102 route-target import evpn 100000:40 route-target export evpn 100000:40 router-id 192.168.255.10 - redistribute connected redistribute static ! router ospf 16 vrf Tenant_A_OSPF diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2B.cfg index 012eef323f5..bc2392bf30d 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2B.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2B.cfg @@ -831,7 +831,6 @@ router bgp 65102 route-target import evpn 100000:40 route-target export evpn 100000:40 router-id 192.168.255.11 - redistribute connected redistribute static ! router ospf 16 vrf Tenant_A_OSPF diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/evpn_services_l2_only_false.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/evpn_services_l2_only_false.cfg index b7cc0a55d16..e9acf85ec5e 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/evpn_services_l2_only_false.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/evpn_services_l2_only_false.cfg @@ -679,7 +679,6 @@ router bgp 101 route-target import evpn 40:40 route-target export evpn 40:40 router-id 192.168.255.109 - redistribute connected ! router ospf 123 router-id 192.168.255.109 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2A.yml index 3f5fb891458..c34660ef2c6 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2A.yml @@ -234,7 +234,6 @@ router_bgp: - '100000:40' router_id: 192.168.255.10 redistribute_routes: - - source_protocol: connected - source_protocol: static vlan_aware_bundles: - name: Tenant_A_APP_Zone diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2B.yml index 0c2cfc7f401..c91568b06bf 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2B.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2B.yml @@ -234,7 +234,6 @@ router_bgp: - '100000:40' router_id: 192.168.255.11 redistribute_routes: - - source_protocol: connected - source_protocol: static vlan_aware_bundles: - name: Tenant_A_APP_Zone diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_D.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_D.yml index d8759b4ea3c..c63719c749f 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_D.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_D.yml @@ -6,6 +6,7 @@ tenant_d: vrf_vni: 40 enable_mlag_ibgp_peering_vrfs: true mlag_ibgp_peering_vlan: 2 + redistribute_connected: false svis: - id: 410 name: Tenant_D_v6_OP_Zone_1 diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md index f73658d5a14..5bfb82bda0a 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md @@ -58,6 +58,7 @@ | [            nodes](## ".[].vrfs.[].ipv6_static_routes.[].nodes") | List, items: String | | | | | | [              - <str>](## ".[].vrfs.[].ipv6_static_routes.[].nodes.[]") | String | | | | | | [        redistribute_static](## ".[].vrfs.[].redistribute_static") | Boolean | | | | Non-selectively enabling or disabling redistribute static inside the VRF. | + | [        redistribute_connected](## ".[].vrfs.[].redistribute_connected") | Boolean | | `True` | | Enabled/disable redistribution of connected routes. | | [        bgp](## ".[].vrfs.[].bgp") | Dictionary | | | | | | [          enabled](## ".[].vrfs.[].bgp.enabled") | Boolean | | | | Force (no) configuration of BGP for the VRF.
If not set, BGP will be configured when needed according to the following rules:
- If the VRF is part of an overlay (`evpn` or `mpls`), BGP will be configured for it.
- If any BGP peers are configured under the VRF, BGP will be configured for it. This is useful for L2LS designs with VRFs.
- If uplink type is `p2p-vrfs` *and* the vrf is included in the uplink VRFs, BGP will be configured for it. | | [          raw_eos_cli](## ".[].vrfs.[].bgp.raw_eos_cli") | String | | | | EOS CLI rendered directly on the Router BGP, VRF definition in the final EOS configuration.
| @@ -241,6 +242,9 @@ # Non-selectively enabling or disabling redistribute static inside the VRF. redistribute_static: + + # Enabled/disable redistribution of connected routes. + redistribute_connected: bgp: # Force (no) configuration of BGP for the VRF. diff --git a/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml b/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml index 35581fddd55..2c40558ab8b 100644 --- a/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml @@ -6670,6 +6670,10 @@ $defs: type: bool description: Non-selectively enabling or disabling redistribute static inside the VRF. + redistribute_connected: + type: bool + default: true + description: Enabled/disable redistribution of connected routes. bgp_peers: documentation_options: table: network-services-vrfs-bgp-settings diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml index ec12b299d3f..947881892a8 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml @@ -906,6 +906,10 @@ $defs: redistribute_static: type: bool description: Non-selectively enabling or disabling redistribute static inside the VRF. + redistribute_connected: + type: bool + default: true + description: Enabled/disable redistribution of connected routes. bgp_peers: documentation_options: table: network-services-vrfs-bgp-settings diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py index 54c78e7987f..55da0d33b34 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py @@ -165,11 +165,12 @@ def _router_bgp_vrfs(self: AvdStructuredConfigNetworkServices) -> dict: # The called function in-place updates the bgp_vrf dict. self._update_router_bgp_vrf_evpn_or_mpls_cfg(bgp_vrf, vrf, vrf_address_families) + bgp_vrf_redistribute_connected = get(vrf, "redistribute_connected", default=True) if vrf_name != "default": # Non-default VRF bgp_vrf |= { "router_id": self.shared_utils.router_id, - "redistribute_routes": [{"source_protocol": "connected"}], + "redistribute_routes": [{"source_protocol": "connected"}] if bgp_vrf_redistribute_connected else [], } # Redistribution of static routes for VRF default are handled elsewhere # since there is a choice between redistributing to underlay or overlay. @@ -318,7 +319,8 @@ def _update_router_bgp_vrf_evpn_or_mpls_cfg(self: AvdStructuredConfigNetworkServ def _update_router_bgp_vrf_mlag_neighbor_cfg(self: AvdStructuredConfigNetworkServices, bgp_vrf: dict, vrf: dict, tenant: dict, vlan_id: int) -> None: """In-place update MLAG neighbor part of structured config for *one* VRF under router_bgp.vrfs.""" if not self._mlag_ibgp_peering_redistribute(vrf, tenant): - bgp_vrf["redistribute_routes"][0]["route_map"] = "RM-CONN-2-BGP-VRFS" + if len(bgp_vrf["redistribute_routes"]) > 0: + bgp_vrf["redistribute_routes"][0]["route_map"] = "RM-CONN-2-BGP-VRFS" if self.shared_utils.underlay_rfc5549 and self.shared_utils.overlay_mlag_rfc5549: interface_name = f"Vlan{vlan_id}" From ad4e34fbf1cdb92add746895077e48d736364a85 Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Thu, 18 Jul 2024 17:42:31 +0530 Subject: [PATCH 02/22] Address comments. --- .../network_services/router_bgp.py | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py index 55da0d33b34..485c035e598 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py @@ -168,10 +168,9 @@ def _router_bgp_vrfs(self: AvdStructuredConfigNetworkServices) -> dict: bgp_vrf_redistribute_connected = get(vrf, "redistribute_connected", default=True) if vrf_name != "default": # Non-default VRF - bgp_vrf |= { - "router_id": self.shared_utils.router_id, - "redistribute_routes": [{"source_protocol": "connected"}] if bgp_vrf_redistribute_connected else [], - } + bgp_vrf |= {"router_id": self.shared_utils.router_id,} + if bgp_vrf_redistribute_connected is True: + bgp_vrf |= {"redistribute_routes": [{"source_protocol": "connected"}],} # Redistribution of static routes for VRF default are handled elsewhere # since there is a choice between redistributing to underlay or overlay. if (bgp_vrf_redistribute_static := vrf.get("redistribute_static")) is True or ( @@ -317,10 +316,11 @@ def _update_router_bgp_vrf_evpn_or_mpls_cfg(self: AvdStructuredConfigNetworkServ bgp_vrf["evpn_multicast_address_family"] = {"ipv4": {"transit": evpn_multicast_transit_mode}} def _update_router_bgp_vrf_mlag_neighbor_cfg(self: AvdStructuredConfigNetworkServices, bgp_vrf: dict, vrf: dict, tenant: dict, vlan_id: int) -> None: - """In-place update MLAG neighbor part of structured config for *one* VRF under router_bgp.vrfs.""" - if not self._mlag_ibgp_peering_redistribute(vrf, tenant): - if len(bgp_vrf["redistribute_routes"]) > 0: - bgp_vrf["redistribute_routes"][0]["route_map"] = "RM-CONN-2-BGP-VRFS" + """ + In-place update MLAG neighbor part of structured config for *one* VRF under router_bgp.vrfs + """ + if not self._mlag_ibgp_peering_redistribute(vrf, tenant) and get(vrf, "redistribute_connected", default=True): + bgp_vrf["redistribute_routes"][0]["route_map"] = "RM-CONN-2-BGP-VRFS" if self.shared_utils.underlay_rfc5549 and self.shared_utils.overlay_mlag_rfc5549: interface_name = f"Vlan{vlan_id}" From 567a74883a4fe494787446c4049c3697712ea1ce Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Fri, 26 Jul 2024 12:18:34 +0530 Subject: [PATCH 03/22] Reverting the change for redistribute to ospf. --- .../docs/tables/network-services-vrfs-settings.md | 8 ++++---- .../pyavd/_eos_designs/schema/eos_designs.schema.yml | 5 +++-- .../schema_fragments/defs_network_services.schema.yml | 4 ++-- 3 files changed, 9 insertions(+), 8 deletions(-) diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md index 5bfb82bda0a..a2d0f915a06 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md @@ -57,8 +57,8 @@ | [            interface](## ".[].vrfs.[].ipv6_static_routes.[].interface") | String | | | | | | [            nodes](## ".[].vrfs.[].ipv6_static_routes.[].nodes") | List, items: String | | | | | | [              - <str>](## ".[].vrfs.[].ipv6_static_routes.[].nodes.[]") | String | | | | | - | [        redistribute_static](## ".[].vrfs.[].redistribute_static") | Boolean | | | | Non-selectively enabling or disabling redistribute static inside the VRF. | - | [        redistribute_connected](## ".[].vrfs.[].redistribute_connected") | Boolean | | `True` | | Enabled/disable redistribution of connected routes. | + | [        redistribute_static](## ".[].vrfs.[].redistribute_static") | Boolean | | | | Non-selectively enabling or disabling redistribute static to BGP inside the VRF. | + | [        redistribute_connected](## ".[].vrfs.[].redistribute_connected") | Boolean | | `True` | | Non-selectively enabling or disabling redistribution of connected routes to BGP. | | [        bgp](## ".[].vrfs.[].bgp") | Dictionary | | | | | | [          enabled](## ".[].vrfs.[].bgp.enabled") | Boolean | | | | Force (no) configuration of BGP for the VRF.
If not set, BGP will be configured when needed according to the following rules:
- If the VRF is part of an overlay (`evpn` or `mpls`), BGP will be configured for it.
- If any BGP peers are configured under the VRF, BGP will be configured for it. This is useful for L2LS designs with VRFs.
- If uplink type is `p2p-vrfs` *and* the vrf is included in the uplink VRFs, BGP will be configured for it. | | [          raw_eos_cli](## ".[].vrfs.[].bgp.raw_eos_cli") | String | | | | EOS CLI rendered directly on the Router BGP, VRF definition in the final EOS configuration.
| @@ -240,10 +240,10 @@ nodes: - - # Non-selectively enabling or disabling redistribute static inside the VRF. + # Non-selectively enabling or disabling redistribute static to BGP inside the VRF. redistribute_static: - # Enabled/disable redistribution of connected routes. + # Non-selectively enabling or disabling redistribution of connected routes to BGP. redistribute_connected: bgp: diff --git a/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml b/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml index 2c40558ab8b..f6985e58924 100644 --- a/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml @@ -6669,11 +6669,12 @@ $defs: redistribute_static: type: bool description: Non-selectively enabling or disabling redistribute static - inside the VRF. + to BGP inside the VRF. redistribute_connected: type: bool default: true - description: Enabled/disable redistribution of connected routes. + description: Non-selectively enabling or disabling redistribution + of connected routes to BGP. bgp_peers: documentation_options: table: network-services-vrfs-bgp-settings diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml index 947881892a8..33ad3ddcb95 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml @@ -905,11 +905,11 @@ $defs: type: str redistribute_static: type: bool - description: Non-selectively enabling or disabling redistribute static inside the VRF. + description: Non-selectively enabling or disabling redistribute static to BGP inside the VRF. redistribute_connected: type: bool default: true - description: Enabled/disable redistribution of connected routes. + description: Non-selectively enabling or disabling redistribution of connected routes to BGP. bgp_peers: documentation_options: table: network-services-vrfs-bgp-settings From 91295564c2693dcecccd90d6cff372fca5c45e65 Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Fri, 26 Jul 2024 16:45:49 +0530 Subject: [PATCH 04/22] Update as per the comment. --- .../docs/tables/network-services-vrfs-settings.md | 4 ++-- python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml | 2 +- .../schema/schema_fragments/defs_network_services.schema.yml | 2 +- .../structured_config/network_services/router_bgp.py | 5 +++-- 4 files changed, 7 insertions(+), 6 deletions(-) diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md index a2d0f915a06..51e978d32b0 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md @@ -58,7 +58,7 @@ | [            nodes](## ".[].vrfs.[].ipv6_static_routes.[].nodes") | List, items: String | | | | | | [              - <str>](## ".[].vrfs.[].ipv6_static_routes.[].nodes.[]") | String | | | | | | [        redistribute_static](## ".[].vrfs.[].redistribute_static") | Boolean | | | | Non-selectively enabling or disabling redistribute static to BGP inside the VRF. | - | [        redistribute_connected](## ".[].vrfs.[].redistribute_connected") | Boolean | | `True` | | Non-selectively enabling or disabling redistribution of connected routes to BGP. | + | [        redistribute_connected](## ".[].vrfs.[].redistribute_connected") | Boolean | | `True` | | Non-selectively enabling or disabling redistribution of connected routes to BGP inside the VRF. | | [        bgp](## ".[].vrfs.[].bgp") | Dictionary | | | | | | [          enabled](## ".[].vrfs.[].bgp.enabled") | Boolean | | | | Force (no) configuration of BGP for the VRF.
If not set, BGP will be configured when needed according to the following rules:
- If the VRF is part of an overlay (`evpn` or `mpls`), BGP will be configured for it.
- If any BGP peers are configured under the VRF, BGP will be configured for it. This is useful for L2LS designs with VRFs.
- If uplink type is `p2p-vrfs` *and* the vrf is included in the uplink VRFs, BGP will be configured for it. | | [          raw_eos_cli](## ".[].vrfs.[].bgp.raw_eos_cli") | String | | | | EOS CLI rendered directly on the Router BGP, VRF definition in the final EOS configuration.
| @@ -243,7 +243,7 @@ # Non-selectively enabling or disabling redistribute static to BGP inside the VRF. redistribute_static: - # Non-selectively enabling or disabling redistribution of connected routes to BGP. + # Non-selectively enabling or disabling redistribution of connected routes to BGP inside the VRF. redistribute_connected: bgp: diff --git a/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml b/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml index f6985e58924..01d93a2b7f8 100644 --- a/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml @@ -6674,7 +6674,7 @@ $defs: type: bool default: true description: Non-selectively enabling or disabling redistribution - of connected routes to BGP. + of connected routes to BGP inside the VRF. bgp_peers: documentation_options: table: network-services-vrfs-bgp-settings diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml index 33ad3ddcb95..b0202fe8214 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml @@ -909,7 +909,7 @@ $defs: redistribute_connected: type: bool default: true - description: Non-selectively enabling or disabling redistribution of connected routes to BGP. + description: Non-selectively enabling or disabling redistribution of connected routes to BGP inside the VRF. bgp_peers: documentation_options: table: network-services-vrfs-bgp-settings diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py index 485c035e598..05bf395be79 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py @@ -319,8 +319,9 @@ def _update_router_bgp_vrf_mlag_neighbor_cfg(self: AvdStructuredConfigNetworkSer """ In-place update MLAG neighbor part of structured config for *one* VRF under router_bgp.vrfs """ - if not self._mlag_ibgp_peering_redistribute(vrf, tenant) and get(vrf, "redistribute_connected", default=True): - bgp_vrf["redistribute_routes"][0]["route_map"] = "RM-CONN-2-BGP-VRFS" + if get(vrf, "redistribute_connected", default=True): + if not self._mlag_ibgp_peering_redistribute(vrf, tenant): + bgp_vrf["redistribute_routes"][0]["route_map"] = "RM-CONN-2-BGP-VRFS" if self.shared_utils.underlay_rfc5549 and self.shared_utils.overlay_mlag_rfc5549: interface_name = f"Vlan{vlan_id}" From b0fb3f2f49357d4d9ad2c8f65ff368f4830b76f8 Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Mon, 29 Jul 2024 15:57:22 +0530 Subject: [PATCH 05/22] Fix. --- .../structured_config/network_services/prefix_lists.py | 2 +- .../structured_config/network_services/router_bgp.py | 5 ++--- .../structured_config/network_services/utils.py | 8 ++++++-- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/prefix_lists.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/prefix_lists.py index a4bf84e500a..7aee9993c5a 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/prefix_lists.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/prefix_lists.py @@ -81,7 +81,7 @@ def _mlag_ibgp_peering_subnets_without_redistribution(self: AvdStructuredConfigN if self._mlag_ibgp_peering_vlan_vrf(vrf, tenant) is None: continue - if self._mlag_ibgp_peering_redistribute(vrf, tenant): + if not self._exclude_mlag_ibgp_peering_from_redistribute(vrf, tenant): # By default the BGP peering is redistributed, so we only need the prefix-list for the false case. continue diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py index 05bf395be79..4dc49cdbf61 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py @@ -319,9 +319,8 @@ def _update_router_bgp_vrf_mlag_neighbor_cfg(self: AvdStructuredConfigNetworkSer """ In-place update MLAG neighbor part of structured config for *one* VRF under router_bgp.vrfs """ - if get(vrf, "redistribute_connected", default=True): - if not self._mlag_ibgp_peering_redistribute(vrf, tenant): - bgp_vrf["redistribute_routes"][0]["route_map"] = "RM-CONN-2-BGP-VRFS" + if self._exclude_mlag_ibgp_peering_from_redistribute(vrf, tenant): + bgp_vrf["redistribute_routes"][0]["route_map"] = "RM-CONN-2-BGP-VRFS" if self.shared_utils.underlay_rfc5549 and self.shared_utils.overlay_mlag_rfc5549: interface_name = f"Vlan{vlan_id}" diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py index 67adad6a35c..8971d4bfb7c 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py @@ -164,7 +164,7 @@ def _mlag_ibgp_peering_vlan_vrf(self: AvdStructuredConfigNetworkServices, vrf: d return vlan_id - def _mlag_ibgp_peering_redistribute(self: AvdStructuredConfigNetworkServices, vrf: dict, tenant: dict) -> bool: + def _exclude_mlag_ibgp_peering_from_redistribute(self: AvdStructuredConfigNetworkServices, vrf, tenant) -> bool: """ Returns True if MLAG IBGP Peering subnet should be redistributed for the given vrf/tenant. @@ -172,7 +172,11 @@ def _mlag_ibgp_peering_redistribute(self: AvdStructuredConfigNetworkServices, vr Does _not_ include checks if the peering is enabled at all, so that should be checked first. """ - return default(vrf.get("redistribute_mlag_ibgp_peering_vrfs"), tenant.get("redistribute_mlag_ibgp_peering_vrfs"), True) is True # noqa: FBT003 + + if get(vrf, "redistribute_connected", True) is True: + return default(vrf.get("redistribute_mlag_ibgp_peering_vrfs"), tenant.get("redistribute_mlag_ibgp_peering_vrfs"), True) is False + + return True @cached_property def _configure_bgp_mlag_peer_group(self: AvdStructuredConfigNetworkServices) -> bool: From 1fd98b85bc13292394d6c6b27d4df7f5b291cf95 Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Mon, 5 Aug 2024 19:51:50 +0530 Subject: [PATCH 06/22] fix CI --- .../structured_config/network_services/router_bgp.py | 4 +--- .../_eos_designs/structured_config/network_services/utils.py | 5 ++--- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py index 4dc49cdbf61..5929028baa5 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py @@ -316,9 +316,7 @@ def _update_router_bgp_vrf_evpn_or_mpls_cfg(self: AvdStructuredConfigNetworkServ bgp_vrf["evpn_multicast_address_family"] = {"ipv4": {"transit": evpn_multicast_transit_mode}} def _update_router_bgp_vrf_mlag_neighbor_cfg(self: AvdStructuredConfigNetworkServices, bgp_vrf: dict, vrf: dict, tenant: dict, vlan_id: int) -> None: - """ - In-place update MLAG neighbor part of structured config for *one* VRF under router_bgp.vrfs - """ + """In-place update MLAG neighbor part of structured config for *one* VRF under router_bgp.vrfs""" if self._exclude_mlag_ibgp_peering_from_redistribute(vrf, tenant): bgp_vrf["redistribute_routes"][0]["route_map"] = "RM-CONN-2-BGP-VRFS" diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py index 8971d4bfb7c..346b798ed68 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py @@ -164,7 +164,7 @@ def _mlag_ibgp_peering_vlan_vrf(self: AvdStructuredConfigNetworkServices, vrf: d return vlan_id - def _exclude_mlag_ibgp_peering_from_redistribute(self: AvdStructuredConfigNetworkServices, vrf, tenant) -> bool: + def _exclude_mlag_ibgp_peering_from_redistribute(self: AvdStructuredConfigNetworkServices, vrf:dict, tenant:dict) -> bool: """ Returns True if MLAG IBGP Peering subnet should be redistributed for the given vrf/tenant. @@ -172,9 +172,8 @@ def _exclude_mlag_ibgp_peering_from_redistribute(self: AvdStructuredConfigNetwor Does _not_ include checks if the peering is enabled at all, so that should be checked first. """ - if get(vrf, "redistribute_connected", True) is True: - return default(vrf.get("redistribute_mlag_ibgp_peering_vrfs"), tenant.get("redistribute_mlag_ibgp_peering_vrfs"), True) is False + return default(vrf.get("redistribute_mlag_ibgp_peering_vrfs"), tenant.get("redistribute_mlag_ibgp_peering_vrfs")) is False return True From f8c58dea62cf2de450b23eb4c3f16558474f9aa8 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Mon, 5 Aug 2024 14:24:04 +0000 Subject: [PATCH 07/22] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- .../_eos_designs/structured_config/network_services/utils.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py index 346b798ed68..37e4afc65c4 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py @@ -164,7 +164,7 @@ def _mlag_ibgp_peering_vlan_vrf(self: AvdStructuredConfigNetworkServices, vrf: d return vlan_id - def _exclude_mlag_ibgp_peering_from_redistribute(self: AvdStructuredConfigNetworkServices, vrf:dict, tenant:dict) -> bool: + def _exclude_mlag_ibgp_peering_from_redistribute(self: AvdStructuredConfigNetworkServices, vrf: dict, tenant: dict) -> bool: """ Returns True if MLAG IBGP Peering subnet should be redistributed for the given vrf/tenant. From 2579b6b112f14e5fa6a92445d24276f68e0c6cdc Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Mon, 5 Aug 2024 19:58:06 +0530 Subject: [PATCH 08/22] fix CI, --- .../structured_config/network_services/router_bgp.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py index 5929028baa5..36311d2ec10 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py @@ -316,7 +316,7 @@ def _update_router_bgp_vrf_evpn_or_mpls_cfg(self: AvdStructuredConfigNetworkServ bgp_vrf["evpn_multicast_address_family"] = {"ipv4": {"transit": evpn_multicast_transit_mode}} def _update_router_bgp_vrf_mlag_neighbor_cfg(self: AvdStructuredConfigNetworkServices, bgp_vrf: dict, vrf: dict, tenant: dict, vlan_id: int) -> None: - """In-place update MLAG neighbor part of structured config for *one* VRF under router_bgp.vrfs""" + """In-place update MLAG neighbor part of structured config for *one* VRF under router_bgp.vrfs.""" if self._exclude_mlag_ibgp_peering_from_redistribute(vrf, tenant): bgp_vrf["redistribute_routes"][0]["route_map"] = "RM-CONN-2-BGP-VRFS" From 718251af8bd653bef971f92eedd74fac01ecfb3c Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Mon, 12 Aug 2024 16:52:40 +0530 Subject: [PATCH 09/22] Removing changes from past tests, added new tests and address comment for issue in code. --- .../intended/configs/DC1-BL1A.cfg | 30 +++++++++ .../intended/configs/DC1-BL1B.cfg | 30 +++++++++ .../intended/configs/DC1-BL2A.cfg | 28 ++++++++ .../intended/configs/DC1-BL2B.cfg | 28 ++++++++ .../intended/configs/DC1-L2LEAF2A.cfg | 6 +- .../intended/configs/DC1-L2LEAF2B.cfg | 6 +- .../intended/configs/DC1-LEAF2A.cfg | 1 + .../intended/configs/DC1-LEAF2B.cfg | 1 + .../intended/configs/DC1-SVC3A.cfg | 45 ++++++++++++- .../intended/configs/DC1-SVC3B.cfg | 45 ++++++++++++- .../configs/evpn_services_l2_only_false.cfg | 62 +++++++++++++++++ .../configs/evpn_services_l2_only_true.cfg | 21 ++++++ .../configs/mgmt_interface_default.cfg | 7 ++ .../configs/mgmt_interface_fabric.cfg | 7 ++ .../intended/configs/mgmt_interface_host.cfg | 7 ++ .../configs/mgmt_interface_platform.cfg | 7 ++ .../intended/structured_configs/DC1-BL1A.yml | 47 +++++++++++++ .../intended/structured_configs/DC1-BL1B.yml | 47 +++++++++++++ .../intended/structured_configs/DC1-BL2A.yml | 41 ++++++++++++ .../intended/structured_configs/DC1-BL2B.yml | 41 ++++++++++++ .../structured_configs/DC1-L2LEAF2A.yml | 7 +- .../structured_configs/DC1-L2LEAF2B.yml | 7 +- .../structured_configs/DC1-LEAF2A.yml | 1 + .../structured_configs/DC1-LEAF2B.yml | 1 + .../intended/structured_configs/DC1-SVC3A.yml | 67 ++++++++++++++++++- .../intended/structured_configs/DC1-SVC3B.yml | 67 ++++++++++++++++++- .../evpn_services_l2_only_false.yml | 65 ++++++++++++++++++ .../evpn_services_l2_only_true.yml | 28 ++++++++ .../mgmt_interface_default.yml | 8 +++ .../mgmt_interface_fabric.yml | 8 +++ .../mgmt_interface_host.yml | 8 +++ .../mgmt_interface_platform.yml | 8 +++ .../inventory/group_vars/DC1_FABRIC.yml | 2 +- .../DC1_TENANTS_NETWORKS/Tenant_A.yml | 13 ++++ .../DC1_TENANTS_NETWORKS/Tenant_D.yml | 11 ++- .../network_services/utils.py | 2 +- 36 files changed, 799 insertions(+), 11 deletions(-) diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1A.cfg index adf33a6fe9b..29c0527437f 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1A.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1A.cfg @@ -64,6 +64,9 @@ vlan 250 vlan 350 name Tenant_C_WAN_Zone_1 ! +vlan 453 + name Tenant_D_WAN_Zone_1 +! vrf instance MGMT ! vrf instance Tenant_A_L3_VRF_Zone @@ -76,6 +79,8 @@ vrf instance Tenant_B_WAN_Zone ! vrf instance Tenant_C_WAN_Zone ! +vrf instance TENANT_D_WAN_ZONE +! interface Ethernet1 description P2P_LINK_TO_DC1-SPINE1_Ethernet22 no shutdown @@ -224,6 +229,13 @@ interface Vlan350 vrf Tenant_C_WAN_Zone ip address virtual 10.3.50.1/24 ! +interface Vlan453 + description Tenant_D_WAN_Zone_1 + no shutdown + vrf TENANT_D_WAN_ZONE + ipv6 enable + ipv6 address virtual 10.0.10.1/24 +! interface Vxlan1 description DC1-BL1A_VTEP vxlan source-interface Loopback1 @@ -231,11 +243,13 @@ interface Vxlan1 vxlan vlan 150 vni 10150 vxlan vlan 250 vni 20250 vxlan vlan 350 vni 30350 + vxlan vlan 453 vni 40453 vxlan vrf Tenant_A_L3_VRF_Zone vni 15 vxlan vrf Tenant_A_WAN_Zone vni 14 vxlan vrf Tenant_B_OP_Zone vni 20 vxlan vrf Tenant_B_WAN_Zone vni 21 vxlan vrf Tenant_C_WAN_Zone vni 31 + vxlan vrf TENANT_D_WAN_ZONE vni 42 ! hardware tcam system profile vxlan-routing @@ -272,6 +286,8 @@ ip routing vrf Tenant_A_WAN_Zone ip routing vrf Tenant_B_OP_Zone ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_WAN_Zone +ip routing vrf TENANT_D_WAN_ZONE +ipv6 unicast-routing vrf TENANT_D_WAN_ZONE ! ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 10 permit 192.168.255.0/24 eq 32 @@ -367,6 +383,14 @@ router bgp 65104 redistribute learned vlan 350 ! + vlan-aware-bundle TENANT_D_WAN_ZONE + rd 192.168.254.14:42 + rd evpn domain remote 192.168.254.14:42 + route-target both 65104:42 + route-target import export evpn domain remote 65104:42 + redistribute learned + vlan 453 + ! address-family evpn host-flap detection window 180 threshold 5 expiry timeout 10 seconds neighbor EVPN-OVERLAY-CORE activate @@ -464,6 +488,12 @@ router bgp 65104 route-target export evpn 65104:31 router-id 192.168.255.14 redistribute connected + ! + vrf TENANT_D_WAN_ZONE + rd 192.168.254.14:42 + route-target import evpn 65104:42 + route-target export evpn 65104:42 + router-id 192.168.255.14 ! router ospf 14 vrf Tenant_A_WAN_Zone router-id 192.168.255.14 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1B.cfg index a424cb2c179..8ae77912537 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1B.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1B.cfg @@ -61,6 +61,9 @@ vlan 250 vlan 350 name Tenant_C_WAN_Zone_1 ! +vlan 453 + name Tenant_D_WAN_Zone_1 +! vrf instance MGMT ! vrf instance Tenant_A_L3_VRF_Zone @@ -73,6 +76,8 @@ vrf instance Tenant_B_WAN_Zone ! vrf instance Tenant_C_WAN_Zone ! +vrf instance TENANT_D_WAN_ZONE +! interface Ethernet1 description P2P_LINK_TO_DC1-SPINE1_Ethernet23 no shutdown @@ -214,6 +219,13 @@ interface Vlan350 vrf Tenant_C_WAN_Zone ip address virtual 10.3.50.1/24 ! +interface Vlan453 + description Tenant_D_WAN_Zone_1 + no shutdown + vrf TENANT_D_WAN_ZONE + ipv6 enable + ipv6 address virtual 10.0.10.1/24 +! interface Vxlan1 description DC1-BL1B_VTEP vxlan source-interface Loopback1 @@ -221,11 +233,13 @@ interface Vxlan1 vxlan vlan 150 vni 10150 vxlan vlan 250 vni 20250 vxlan vlan 350 vni 30350 + vxlan vlan 453 vni 40453 vxlan vrf Tenant_A_L3_VRF_Zone vni 15 vxlan vrf Tenant_A_WAN_Zone vni 14 vxlan vrf Tenant_B_OP_Zone vni 20 vxlan vrf Tenant_B_WAN_Zone vni 21 vxlan vrf Tenant_C_WAN_Zone vni 31 + vxlan vrf TENANT_D_WAN_ZONE vni 42 ! hardware tcam system profile vxlan-routing @@ -253,6 +267,8 @@ ip routing vrf Tenant_A_WAN_Zone ip routing vrf Tenant_B_OP_Zone ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_WAN_Zone +ip routing vrf TENANT_D_WAN_ZONE +ipv6 unicast-routing vrf TENANT_D_WAN_ZONE ! ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 10 permit 192.168.255.0/24 eq 32 @@ -348,6 +364,14 @@ router bgp 65105 redistribute learned vlan 350 ! + vlan-aware-bundle TENANT_D_WAN_ZONE + rd 192.168.254.15:42 + rd evpn domain remote 192.168.254.15:42 + route-target both 65105:42 + route-target import export evpn domain remote 65105:42 + redistribute learned + vlan 453 + ! address-family evpn host-flap detection window 180 threshold 5 expiry timeout 10 seconds neighbor EVPN-OVERLAY-CORE activate @@ -445,6 +469,12 @@ router bgp 65105 route-target export evpn 65105:31 router-id 192.168.255.15 redistribute connected + ! + vrf TENANT_D_WAN_ZONE + rd 192.168.254.15:42 + route-target import evpn 65105:42 + route-target export evpn 65105:42 + router-id 192.168.255.15 ! router ospf 14 vrf Tenant_A_WAN_Zone router-id 192.168.255.15 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL2A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL2A.cfg index ca199d58a2e..67c1b4ff188 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL2A.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL2A.cfg @@ -51,6 +51,9 @@ vlan 250 vlan 350 name Tenant_C_WAN_Zone_1 ! +vlan 453 + name Tenant_D_WAN_Zone_1 +! vrf instance MGMT ! vrf instance Tenant_A_WAN_Zone @@ -61,6 +64,8 @@ vrf instance Tenant_B_WAN_Zone ! vrf instance Tenant_C_WAN_Zone ! +vrf instance TENANT_D_WAN_ZONE +! interface Ethernet1 description P2P_LINK_TO_DC1-SPINE1_Ethernet24 no shutdown @@ -131,6 +136,13 @@ interface Vlan350 vrf Tenant_C_WAN_Zone ip address virtual 10.3.50.1/24 ! +interface Vlan453 + description Tenant_D_WAN_Zone_1 + no shutdown + vrf TENANT_D_WAN_ZONE + ipv6 enable + ipv6 address virtual 10.0.10.1/24 +! interface Vxlan1 description DC1-BL2A_VTEP vxlan source-interface Loopback1 @@ -138,10 +150,12 @@ interface Vxlan1 vxlan vlan 150 vni 10150 vxlan vlan 250 vni 20250 vxlan vlan 350 vni 30350 + vxlan vlan 453 vni 40453 vxlan vrf Tenant_A_WAN_Zone vni 14 vxlan vrf Tenant_B_OP_Zone vni 20 vxlan vrf Tenant_B_WAN_Zone vni 21 vxlan vrf Tenant_C_WAN_Zone vni 31 + vxlan vrf TENANT_D_WAN_ZONE vni 42 ! hardware tcam system profile vxlan-routing @@ -154,6 +168,8 @@ ip routing vrf Tenant_A_WAN_Zone ip routing vrf Tenant_B_OP_Zone ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_WAN_Zone +ip routing vrf TENANT_D_WAN_ZONE +ipv6 unicast-routing vrf TENANT_D_WAN_ZONE ! ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 10 permit 192.168.255.0/24 eq 32 @@ -264,6 +280,12 @@ router bgp 65106 redistribute learned vlan 350 ! + vlan-aware-bundle TENANT_D_WAN_ZONE + rd 192.168.255.16:42 + route-target both 42:42 + redistribute learned + vlan 453 + ! address-family evpn host-flap detection window 180 threshold 5 expiry timeout 10 seconds domain identifier 65000:3 @@ -333,5 +355,11 @@ router bgp 65106 address-family ipv4 neighbor 2.2.2.2 activate neighbor 2.2.2.3 activate + ! + vrf TENANT_D_WAN_ZONE + rd 192.168.255.16:42 + route-target import evpn 42:42 + route-target export evpn 42:42 + router-id 192.168.255.16 ! end diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL2B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL2B.cfg index 9b12c148c70..139e6293269 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL2B.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL2B.cfg @@ -49,6 +49,9 @@ vlan 250 vlan 350 name Tenant_C_WAN_Zone_1 ! +vlan 453 + name Tenant_D_WAN_Zone_1 +! vrf instance MGMT ! vrf instance Tenant_A_WAN_Zone @@ -59,6 +62,8 @@ vrf instance Tenant_B_WAN_Zone ! vrf instance Tenant_C_WAN_Zone ! +vrf instance TENANT_D_WAN_ZONE +! interface Ethernet1 description P2P_LINK_TO_DC1-SPINE1_Ethernet25 no shutdown @@ -129,6 +134,13 @@ interface Vlan350 vrf Tenant_C_WAN_Zone ip address virtual 10.3.50.1/24 ! +interface Vlan453 + description Tenant_D_WAN_Zone_1 + no shutdown + vrf TENANT_D_WAN_ZONE + ipv6 enable + ipv6 address virtual 10.0.10.1/24 +! interface Vxlan1 description DC1-BL2B_VTEP vxlan source-interface Loopback1 @@ -136,10 +148,12 @@ interface Vxlan1 vxlan vlan 150 vni 10150 vxlan vlan 250 vni 20250 vxlan vlan 350 vni 30350 + vxlan vlan 453 vni 40453 vxlan vrf Tenant_A_WAN_Zone vni 14 vxlan vrf Tenant_B_OP_Zone vni 20 vxlan vrf Tenant_B_WAN_Zone vni 21 vxlan vrf Tenant_C_WAN_Zone vni 31 + vxlan vrf TENANT_D_WAN_ZONE vni 42 ! hardware tcam system profile vxlan-routing @@ -152,6 +166,8 @@ ip routing vrf Tenant_A_WAN_Zone ip routing vrf Tenant_B_OP_Zone ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_WAN_Zone +ip routing vrf TENANT_D_WAN_ZONE +ipv6 unicast-routing vrf TENANT_D_WAN_ZONE ! ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 10 permit 192.168.255.0/24 eq 32 @@ -261,6 +277,12 @@ router bgp 65107 redistribute learned vlan 350 ! + vlan-aware-bundle TENANT_D_WAN_ZONE + rd 192.168.255.17:42 + route-target both 42:42 + redistribute learned + vlan 453 + ! address-family evpn host-flap detection window 180 threshold 5 expiry timeout 10 seconds domain identifier 65000:3 @@ -331,5 +353,11 @@ router bgp 65107 ! address-family ipv6 neighbor BEBA::C0CA:C07A activate + ! + vrf TENANT_D_WAN_ZONE + rd 192.168.255.17:42 + route-target import evpn 42:42 + route-target export evpn 42:42 + router-id 192.168.255.17 ! end diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-L2LEAF2A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-L2LEAF2A.cfg index c2a8dcf6743..f7d522a6870 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-L2LEAF2A.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-L2LEAF2A.cfg @@ -24,6 +24,7 @@ daemon TerminAttr vlan internal order ascending range 1006 1199 ! no ip igmp snooping vlan 120 +no ip igmp snooping vlan 122 ! transceiver qsfp default-mode 4x10G ! @@ -57,6 +58,9 @@ vlan 120 vlan 121 name Tenant_A_WEBZone_2 ! +vlan 122 + name Tenant_A_ERP_Zone_1 +! vlan 130 name Tenant_A_APP_Zone_1 ! @@ -113,7 +117,7 @@ interface Port-Channel1001 description DC1_SVC3_Po1007 no shutdown switchport - switchport trunk allowed vlan 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + switchport trunk allowed vlan 110-112,120-122,130-131,140-141,150,160-161,210-211,250,310-311,350 switchport mode trunk mlag 1001 ! diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-L2LEAF2B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-L2LEAF2B.cfg index f8b1fcd8a97..cc6c7064540 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-L2LEAF2B.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-L2LEAF2B.cfg @@ -24,6 +24,7 @@ daemon TerminAttr vlan internal order ascending range 1006 1199 ! no ip igmp snooping vlan 120 +no ip igmp snooping vlan 122 ! transceiver qsfp default-mode 4x10G ! @@ -57,6 +58,9 @@ vlan 120 vlan 121 name Tenant_A_WEBZone_2 ! +vlan 122 + name Tenant_A_ERP_Zone_1 +! vlan 130 name Tenant_A_APP_Zone_1 ! @@ -113,7 +117,7 @@ interface Port-Channel1001 description DC1_SVC3_Po1007 no shutdown switchport - switchport trunk allowed vlan 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + switchport trunk allowed vlan 110-112,120-122,130-131,140-141,150,160-161,210-211,250,310-311,350 switchport mode trunk mlag 1001 ! diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2A.cfg index 6e4c9495284..3ae9ad2da78 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2A.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2A.cfg @@ -867,6 +867,7 @@ router bgp 65102 route-target import evpn 100000:40 route-target export evpn 100000:40 router-id 192.168.255.10 + redistribute connected redistribute static ! router ospf 16 vrf Tenant_A_OSPF diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2B.cfg index bc2392bf30d..012eef323f5 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2B.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2B.cfg @@ -831,6 +831,7 @@ router bgp 65102 route-target import evpn 100000:40 route-target export evpn 100000:40 router-id 192.168.255.11 + redistribute connected redistribute static ! router ospf 16 vrf Tenant_A_OSPF diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3A.cfg index 882a781ba84..ba864c57626 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3A.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3A.cfg @@ -24,6 +24,7 @@ daemon TerminAttr vlan internal order ascending range 1006 1199 ! no ip igmp snooping vlan 120 +no ip igmp snooping vlan 122 ! transceiver qsfp default-mode 4x10G ! @@ -62,6 +63,9 @@ vlan 120 vlan 121 name Tenant_A_WEBZone_2 ! +vlan 122 + name Tenant_A_ERP_Zone_1 +! vlan 130 name Tenant_A_APP_Zone_1 ! @@ -121,6 +125,10 @@ vlan 3013 name MLAG_iBGP_Tenant_A_WAN_Zone trunk group LEAF_PEER_L3 ! +vlan 3016 + name MLAG_iBGP_Tenant_A_ERP_Zone + trunk group LEAF_PEER_L3 +! vlan 3019 name MLAG_iBGP_Tenant_B_OP_Zone trunk group LEAF_PEER_L3 @@ -147,6 +155,8 @@ vrf instance Tenant_A_APP_Zone ! vrf instance Tenant_A_DB_Zone ! +vrf instance Tenant_A_ERP_Zone +! vrf instance Tenant_A_OP_Zone description Tenant_A_OP_Zone ! @@ -325,7 +335,7 @@ interface Port-Channel1007 description DC1_L2LEAF2_Po1001 no shutdown switchport - switchport trunk allowed vlan 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + switchport trunk allowed vlan 110-112,120-122,130-131,140-141,150,160-161,210-211,250,310-311,350 switchport mode trunk mlag 1007 ! @@ -665,6 +675,15 @@ interface Vlan121 vrf Tenant_A_WEB_Zone ip address virtual 10.1.10.254/24 ! +interface Vlan122 + description Tenant_A_ERP_Zone_1 + no shutdown + vrf Tenant_A_ERP_Zone + ip helper-address 1.1.1.1 vrf TEST source-interface lo100 + ip address virtual 10.1.30.1/24 + ip address virtual 10.2.30.1/24 secondary + ip address virtual 10.2.31.1/24 secondary +! interface Vlan130 description Tenant_A_APP_Zone_1 no shutdown @@ -770,6 +789,13 @@ interface Vlan3013 vrf Tenant_A_WAN_Zone ip address 10.255.251.6/31 ! +interface Vlan3016 + description MLAG_PEER_L3_iBGP: vrf Tenant_A_ERP_Zone + no shutdown + mtu 1500 + vrf Tenant_A_ERP_Zone + ip address 172.31.12.6/31 +! interface Vlan3019 description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone no shutdown @@ -814,6 +840,7 @@ interface Vxlan1 vxlan vlan 112 vni 10112 vxlan vlan 120 vni 10120 vxlan vlan 121 vni 10121 + vxlan vlan 122 vni 10122 vxlan vlan 130 vni 10130 vxlan vlan 131 vni 10131 vxlan vlan 140 vni 10140 @@ -829,6 +856,7 @@ interface Vxlan1 vxlan vlan 350 vni 30350 vxlan vrf Tenant_A_APP_Zone vni 12 vxlan vrf Tenant_A_DB_Zone vni 13 + vxlan vrf Tenant_A_ERP_Zone vni 17 vxlan vrf Tenant_A_OP_Zone vni 10 vxlan vrf Tenant_A_WAN_Zone vni 14 vxlan vrf Tenant_A_WEB_Zone vni 11 @@ -852,6 +880,7 @@ ip routing no ip routing vrf MGMT ip routing vrf Tenant_A_APP_Zone ip routing vrf Tenant_A_DB_Zone +ip routing vrf Tenant_A_ERP_Zone ip routing vrf Tenant_A_OP_Zone ip routing vrf Tenant_A_WAN_Zone ip routing vrf Tenant_A_WEB_Zone @@ -975,6 +1004,12 @@ router bgp 65103 redistribute learned vlan 140-141 ! + vlan-aware-bundle Tenant_A_ERP_Zone + rd 65103:17 + route-target both 17:17 + redistribute learned + vlan 122 + ! vlan-aware-bundle Tenant_A_NFS rd 65103:20161 route-target both 20161:20161 @@ -1058,6 +1093,14 @@ router bgp 65103 neighbor 10.255.251.7 description DC1-SVC3B redistribute connected route-map RM-CONN-2-BGP-VRFS ! + vrf Tenant_A_ERP_Zone + rd 65103:17 + route-target import evpn 17:17 + route-target export evpn 17:17 + router-id 192.168.255.12 + update wait-install + neighbor 172.31.12.7 peer group MLAG-PEERS + ! vrf Tenant_A_OP_Zone rd 65103:9 route-target import evpn 9:9 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3B.cfg index e91dea69878..7f2cf49a73e 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3B.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3B.cfg @@ -24,6 +24,7 @@ daemon TerminAttr vlan internal order ascending range 1006 1199 ! no ip igmp snooping vlan 120 +no ip igmp snooping vlan 122 ! transceiver qsfp default-mode 4x10G ! @@ -62,6 +63,9 @@ vlan 120 vlan 121 name Tenant_A_WEBZone_2 ! +vlan 122 + name Tenant_A_ERP_Zone_1 +! vlan 130 name Tenant_A_APP_Zone_1 ! @@ -121,6 +125,10 @@ vlan 3013 name MLAG_iBGP_Tenant_A_WAN_Zone trunk group LEAF_PEER_L3 ! +vlan 3016 + name MLAG_iBGP_Tenant_A_ERP_Zone + trunk group LEAF_PEER_L3 +! vlan 3019 name MLAG_iBGP_Tenant_B_OP_Zone trunk group LEAF_PEER_L3 @@ -147,6 +155,8 @@ vrf instance Tenant_A_APP_Zone ! vrf instance Tenant_A_DB_Zone ! +vrf instance Tenant_A_ERP_Zone +! vrf instance Tenant_A_OP_Zone description Tenant_A_OP_Zone ! @@ -314,7 +324,7 @@ interface Port-Channel1007 description DC1_L2LEAF2_Po1001 no shutdown switchport - switchport trunk allowed vlan 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + switchport trunk allowed vlan 110-112,120-122,130-131,140-141,150,160-161,210-211,250,310-311,350 switchport mode trunk mlag 1007 ! @@ -631,6 +641,15 @@ interface Vlan121 vrf Tenant_A_WEB_Zone ip address virtual 10.1.10.254/24 ! +interface Vlan122 + description Tenant_A_ERP_Zone_1 + no shutdown + vrf Tenant_A_ERP_Zone + ip helper-address 1.1.1.1 vrf TEST source-interface lo100 + ip address virtual 10.1.30.1/24 + ip address virtual 10.2.30.1/24 secondary + ip address virtual 10.2.31.1/24 secondary +! interface Vlan130 description Tenant_A_APP_Zone_1 no shutdown @@ -736,6 +755,13 @@ interface Vlan3013 vrf Tenant_A_WAN_Zone ip address 10.255.251.7/31 ! +interface Vlan3016 + description MLAG_PEER_L3_iBGP: vrf Tenant_A_ERP_Zone + no shutdown + mtu 1500 + vrf Tenant_A_ERP_Zone + ip address 172.31.12.7/31 +! interface Vlan3019 description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone no shutdown @@ -780,6 +806,7 @@ interface Vxlan1 vxlan vlan 112 vni 10112 vxlan vlan 120 vni 10120 vxlan vlan 121 vni 10121 + vxlan vlan 122 vni 10122 vxlan vlan 130 vni 10130 vxlan vlan 131 vni 10131 vxlan vlan 140 vni 10140 @@ -795,6 +822,7 @@ interface Vxlan1 vxlan vlan 350 vni 30350 vxlan vrf Tenant_A_APP_Zone vni 12 vxlan vrf Tenant_A_DB_Zone vni 13 + vxlan vrf Tenant_A_ERP_Zone vni 17 vxlan vrf Tenant_A_OP_Zone vni 10 vxlan vrf Tenant_A_WAN_Zone vni 14 vxlan vrf Tenant_A_WEB_Zone vni 11 @@ -818,6 +846,7 @@ ip routing no ip routing vrf MGMT ip routing vrf Tenant_A_APP_Zone ip routing vrf Tenant_A_DB_Zone +ip routing vrf Tenant_A_ERP_Zone ip routing vrf Tenant_A_OP_Zone ip routing vrf Tenant_A_WAN_Zone ip routing vrf Tenant_A_WEB_Zone @@ -940,6 +969,12 @@ router bgp 65103 redistribute learned vlan 140-141 ! + vlan-aware-bundle Tenant_A_ERP_Zone + rd 65103:17 + route-target both 17:17 + redistribute learned + vlan 122 + ! vlan-aware-bundle Tenant_A_NFS rd 65103:20161 route-target both 20161:20161 @@ -1023,6 +1058,14 @@ router bgp 65103 neighbor 10.255.251.6 description DC1-SVC3A redistribute connected route-map RM-CONN-2-BGP-VRFS ! + vrf Tenant_A_ERP_Zone + rd 65103:17 + route-target import evpn 17:17 + route-target export evpn 17:17 + router-id 192.168.255.13 + update wait-install + neighbor 172.31.12.6 peer group MLAG-PEERS + ! vrf Tenant_A_OP_Zone rd 65103:9 route-target import evpn 9:9 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/evpn_services_l2_only_false.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/evpn_services_l2_only_false.cfg index e9acf85ec5e..bc7d0ddfbd8 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/evpn_services_l2_only_false.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/evpn_services_l2_only_false.cfg @@ -24,6 +24,7 @@ daemon TerminAttr vlan internal order ascending range 1006 1199 ! no ip igmp snooping vlan 120 +no ip igmp snooping vlan 122 ! transceiver qsfp default-mode 4x10G ! @@ -56,6 +57,9 @@ vlan 120 vlan 121 name Tenant_A_WEBZone_2 ! +vlan 122 + name Tenant_A_ERP_Zone_1 +! vlan 130 name Tenant_A_APP_Zone_1 ! @@ -134,6 +138,9 @@ vlan 451 vlan 452 name Tenant_D_v6_WAN_Zone_3 ! +vlan 453 + name Tenant_D_WAN_Zone_1 +! vlan 1234 name VRF_DEFAULT_SVI_WITH_OSPF ! @@ -145,6 +152,8 @@ vrf instance Tenant_A_APP_Zone ! vrf instance Tenant_A_DB_Zone ! +vrf instance Tenant_A_ERP_Zone +! vrf instance Tenant_A_OP_Zone description Tenant_A_OP_Zone ! @@ -162,6 +171,8 @@ vrf instance Tenant_C_WAN_Zone ! vrf instance Tenant_D_OP_Zone ! +vrf instance TENANT_D_WAN_ZONE +! interface Loopback0 description ROUTER_ID no shutdown @@ -232,6 +243,15 @@ interface Vlan121 vrf Tenant_A_WEB_Zone ip address virtual 10.1.10.254/24 ! +interface Vlan122 + description Tenant_A_ERP_Zone_1 + no shutdown + vrf Tenant_A_ERP_Zone + ip helper-address 1.1.1.1 vrf TEST source-interface lo100 + ip address virtual 10.1.30.1/24 + ip address virtual 10.2.30.1/24 secondary + ip address virtual 10.2.31.1/24 secondary +! interface Vlan130 description Tenant_A_APP_Zone_1 no shutdown @@ -374,6 +394,13 @@ interface Vlan452 ipv6 address virtual 2001:db8:412::1/64 ip address virtual 10.4.12.254/24 ! +interface Vlan453 + description Tenant_D_WAN_Zone_1 + no shutdown + vrf TENANT_D_WAN_ZONE + ipv6 enable + ipv6 address virtual 10.0.10.1/24 +! interface Vlan1234 description VRF_DEFAULT_SVI_WITH_OSPF shutdown @@ -389,6 +416,7 @@ interface Vxlan1 vxlan vlan 113 vni 10113 vxlan vlan 120 vni 10120 vxlan vlan 121 vni 10121 + vxlan vlan 122 vni 10122 vxlan vlan 130 vni 10130 vxlan vlan 131 vni 10131 vxlan vlan 132 vni 10132 @@ -415,11 +443,13 @@ interface Vxlan1 vxlan vlan 450 vni 40450 vxlan vlan 451 vni 40451 vxlan vlan 452 vni 40452 + vxlan vlan 453 vni 40453 vxlan vlan 1234 vni 41234 vxlan vrf 12345678 vni 41 vxlan vrf default vni 123 vxlan vrf Tenant_A_APP_Zone vni 12 vxlan vrf Tenant_A_DB_Zone vni 13 + vxlan vrf Tenant_A_ERP_Zone vni 17 vxlan vrf Tenant_A_OP_Zone vni 10 vxlan vrf Tenant_A_WAN_Zone vni 14 vxlan vrf Tenant_A_WEB_Zone vni 11 @@ -428,6 +458,7 @@ interface Vxlan1 vxlan vrf Tenant_C_OP_Zone vni 30 vxlan vrf Tenant_C_WAN_Zone vni 31 vxlan vrf Tenant_D_OP_Zone vni 40 + vxlan vrf TENANT_D_WAN_ZONE vni 42 ! ip virtual-router mac-address 00:dc:00:00:00:0a ! @@ -445,6 +476,7 @@ ip routing vrf 12345678 no ip routing vrf MGMT ip routing vrf Tenant_A_APP_Zone ip routing vrf Tenant_A_DB_Zone +ip routing vrf Tenant_A_ERP_Zone ip routing vrf Tenant_A_OP_Zone ip routing vrf Tenant_A_WAN_Zone ip routing vrf Tenant_A_WEB_Zone @@ -453,6 +485,11 @@ ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_OP_Zone ip routing vrf Tenant_C_WAN_Zone ip routing vrf Tenant_D_OP_Zone +ip routing vrf TENANT_D_WAN_ZONE +! +ipv6 unicast-routing vrf 12345678 +ipv6 unicast-routing vrf Tenant_D_OP_Zone +ipv6 unicast-routing vrf TENANT_D_WAN_ZONE ! ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 10 permit 192.168.255.0/24 eq 32 @@ -529,6 +566,12 @@ router bgp 101 redistribute learned vlan 140-141 ! + vlan-aware-bundle Tenant_A_ERP_Zone + rd 192.168.255.109:17 + route-target both 17:17 + redistribute learned + vlan 122 + ! vlan-aware-bundle Tenant_A_NFS rd 192.168.255.109:20161 route-target both 20161:20161 @@ -589,6 +632,12 @@ router bgp 101 redistribute learned vlan 410-413 ! + vlan-aware-bundle TENANT_D_WAN_ZONE + rd 192.168.255.109:42 + route-target both 42:42 + redistribute learned + vlan 453 + ! address-family evpn host-flap detection window 180 threshold 5 expiry timeout 10 seconds neighbor EVPN-OVERLAY-PEERS activate @@ -623,6 +672,12 @@ router bgp 101 router-id 192.168.255.109 redistribute connected ! + vrf Tenant_A_ERP_Zone + rd 192.168.255.109:17 + route-target import evpn 17:17 + route-target export evpn 17:17 + router-id 192.168.255.109 + ! vrf Tenant_A_OP_Zone rd 192.168.255.109:9 route-target import evpn 9:9 @@ -679,6 +734,13 @@ router bgp 101 route-target import evpn 40:40 route-target export evpn 40:40 router-id 192.168.255.109 + redistribute connected + ! + vrf TENANT_D_WAN_ZONE + rd 192.168.255.109:42 + route-target import evpn 42:42 + route-target export evpn 42:42 + router-id 192.168.255.109 ! router ospf 123 router-id 192.168.255.109 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/evpn_services_l2_only_true.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/evpn_services_l2_only_true.cfg index b47f3a2181a..9d011b1b4f9 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/evpn_services_l2_only_true.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/evpn_services_l2_only_true.cfg @@ -24,6 +24,7 @@ daemon TerminAttr vlan internal order ascending range 1006 1199 ! no ip igmp snooping vlan 120 +no ip igmp snooping vlan 122 ! transceiver qsfp default-mode 4x10G ! @@ -56,6 +57,9 @@ vlan 120 vlan 121 name Tenant_A_WEBZone_2 ! +vlan 122 + name Tenant_A_ERP_Zone_1 +! vlan 130 name Tenant_A_APP_Zone_1 ! @@ -134,6 +138,9 @@ vlan 451 vlan 452 name Tenant_D_v6_WAN_Zone_3 ! +vlan 453 + name Tenant_D_WAN_Zone_1 +! vlan 1234 name VRF_DEFAULT_SVI_WITH_OSPF ! @@ -165,6 +172,7 @@ interface Vxlan1 vxlan vlan 113 vni 10113 vxlan vlan 120 vni 10120 vxlan vlan 121 vni 10121 + vxlan vlan 122 vni 10122 vxlan vlan 130 vni 10130 vxlan vlan 131 vni 10131 vxlan vlan 132 vni 10132 @@ -191,6 +199,7 @@ interface Vxlan1 vxlan vlan 450 vni 40450 vxlan vlan 451 vni 40451 vxlan vlan 452 vni 40452 + vxlan vlan 453 vni 40453 vxlan vlan 1234 vni 41234 ! ip routing @@ -266,6 +275,12 @@ router bgp 101 redistribute learned vlan 140-141 ! + vlan-aware-bundle Tenant_A_ERP_Zone + rd 192.168.255.109:17 + route-target both 17:17 + redistribute learned + vlan 122 + ! vlan-aware-bundle Tenant_A_NFS rd 192.168.255.109:20161 route-target both 20161:20161 @@ -326,6 +341,12 @@ router bgp 101 redistribute learned vlan 410-413 ! + vlan-aware-bundle TENANT_D_WAN_ZONE + rd 192.168.255.109:42 + route-target both 42:42 + redistribute learned + vlan 453 + ! address-family evpn host-flap detection window 180 threshold 5 expiry timeout 10 seconds neighbor EVPN-OVERLAY-PEERS activate diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/mgmt_interface_default.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/mgmt_interface_default.cfg index 6d20ecc6d76..c9449a923d7 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/mgmt_interface_default.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/mgmt_interface_default.cfg @@ -24,6 +24,7 @@ daemon TerminAttr vlan internal order ascending range 1006 1199 ! no ip igmp snooping vlan 120 +no ip igmp snooping vlan 122 ! transceiver qsfp default-mode 4x10G ! @@ -56,6 +57,9 @@ vlan 120 vlan 121 name Tenant_A_WEBZone_2 ! +vlan 122 + name Tenant_A_ERP_Zone_1 +! vlan 130 name Tenant_A_APP_Zone_1 ! @@ -134,6 +138,9 @@ vlan 451 vlan 452 name Tenant_D_v6_WAN_Zone_3 ! +vlan 453 + name Tenant_D_WAN_Zone_1 +! vlan 1234 name VRF_DEFAULT_SVI_WITH_OSPF ! diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/mgmt_interface_fabric.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/mgmt_interface_fabric.cfg index ed23550bb88..decefb5f266 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/mgmt_interface_fabric.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/mgmt_interface_fabric.cfg @@ -24,6 +24,7 @@ daemon TerminAttr vlan internal order ascending range 1006 1199 ! no ip igmp snooping vlan 120 +no ip igmp snooping vlan 122 ! transceiver qsfp default-mode 4x10G ! @@ -56,6 +57,9 @@ vlan 120 vlan 121 name Tenant_A_WEBZone_2 ! +vlan 122 + name Tenant_A_ERP_Zone_1 +! vlan 130 name Tenant_A_APP_Zone_1 ! @@ -134,6 +138,9 @@ vlan 451 vlan 452 name Tenant_D_v6_WAN_Zone_3 ! +vlan 453 + name Tenant_D_WAN_Zone_1 +! vlan 1234 name VRF_DEFAULT_SVI_WITH_OSPF ! diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/mgmt_interface_host.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/mgmt_interface_host.cfg index f443abb76bc..e3c74a299df 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/mgmt_interface_host.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/mgmt_interface_host.cfg @@ -24,6 +24,7 @@ daemon TerminAttr vlan internal order ascending range 1006 1199 ! no ip igmp snooping vlan 120 +no ip igmp snooping vlan 122 ! transceiver qsfp default-mode 4x10G ! @@ -58,6 +59,9 @@ vlan 120 vlan 121 name Tenant_A_WEBZone_2 ! +vlan 122 + name Tenant_A_ERP_Zone_1 +! vlan 130 name Tenant_A_APP_Zone_1 ! @@ -136,6 +140,9 @@ vlan 451 vlan 452 name Tenant_D_v6_WAN_Zone_3 ! +vlan 453 + name Tenant_D_WAN_Zone_1 +! vlan 1234 name VRF_DEFAULT_SVI_WITH_OSPF ! diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/mgmt_interface_platform.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/mgmt_interface_platform.cfg index 47864a05744..3779d9d4d1f 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/mgmt_interface_platform.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/mgmt_interface_platform.cfg @@ -24,6 +24,7 @@ daemon TerminAttr vlan internal order ascending range 1006 1199 ! no ip igmp snooping vlan 120 +no ip igmp snooping vlan 122 ! transceiver qsfp default-mode 4x10G ! @@ -58,6 +59,9 @@ vlan 120 vlan 121 name Tenant_A_WEBZone_2 ! +vlan 122 + name Tenant_A_ERP_Zone_1 +! vlan 130 name Tenant_A_APP_Zone_1 ! @@ -136,6 +140,9 @@ vlan 451 vlan 452 name Tenant_D_v6_WAN_Zone_3 ! +vlan 453 + name Tenant_D_WAN_Zone_1 +! vlan 1234 name VRF_DEFAULT_SVI_WITH_OSPF ! diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1A.yml index 8eec1c7f45d..49677d53e77 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1A.yml @@ -249,6 +249,18 @@ router_bgp: router_id: 192.168.255.14 redistribute_routes: - source_protocol: connected + - name: TENANT_D_WAN_ZONE + router_id: 192.168.255.14 + rd: 192.168.254.14:42 + route_targets: + import: + - address_family: evpn + route_targets: + - '65104:42' + export: + - address_family: evpn + route_targets: + - '65104:42' vlan_aware_bundles: - name: Tenant_A_WAN_Zone rd: 192.168.254.14:14 @@ -280,6 +292,20 @@ router_bgp: redistribute_routes: - learned vlan: '350' + - name: TENANT_D_WAN_ZONE + rd: 192.168.254.14:42 + route_targets: + both: + - '65104:42' + import_export_evpn_domains: + - domain: remote + route_target: '65104:42' + redistribute_routes: + - learned + vlan: '453' + rd_evpn_domain: + domain: remote + rd: 192.168.254.14:42 static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 @@ -382,6 +408,10 @@ vrfs: - name: Tenant_C_WAN_Zone tenant: Tenant_C ip_routing: true +- name: TENANT_D_WAN_ZONE + tenant: Tenant_D + ip_routing: true + ipv6_routing: true management_interfaces: - name: Management99 description: OOB_MANAGEMENT @@ -590,6 +620,9 @@ vlans: - id: 350 name: Tenant_C_WAN_Zone_1 tenant: Tenant_C +- id: 453 + name: Tenant_D_WAN_Zone_1 + tenant: Tenant_D ip_access_lists: - name: TEST-IPV4-ACL-WITH-IP-FIELDS-IN_Ethernet12 entries: @@ -652,6 +685,16 @@ vlan_interfaces: shutdown: false ip_address_virtual: 10.3.50.1/24 vrf: Tenant_C_WAN_Zone +- name: Vlan453 + tenant: Tenant_D + tags: + - wan + description: Tenant_D_WAN_Zone_1 + shutdown: false + ipv6_enable: true + ipv6_address_virtuals: + - 10.0.10.1/24 + vrf: TENANT_D_WAN_ZONE router_ospf: process_ids: - id: 14 @@ -681,6 +724,8 @@ vxlan_interface: vni: 20250 - id: 350 vni: 30350 + - id: 453 + vni: 40453 vrfs: - name: Tenant_A_L3_VRF_Zone vni: 15 @@ -692,6 +737,8 @@ vxlan_interface: vni: 21 - name: Tenant_C_WAN_Zone vni: 31 + - name: TENANT_D_WAN_ZONE + vni: 42 metadata: platform: 7280R cv_tags: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1B.yml index 1105b93fbc8..e90707ba88f 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1B.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1B.yml @@ -254,6 +254,18 @@ router_bgp: router_id: 192.168.255.15 redistribute_routes: - source_protocol: connected + - name: TENANT_D_WAN_ZONE + router_id: 192.168.255.15 + rd: 192.168.254.15:42 + route_targets: + import: + - address_family: evpn + route_targets: + - '65105:42' + export: + - address_family: evpn + route_targets: + - '65105:42' vlan_aware_bundles: - name: Tenant_A_WAN_Zone rd: 192.168.254.15:14 @@ -285,6 +297,20 @@ router_bgp: redistribute_routes: - learned vlan: '350' + - name: TENANT_D_WAN_ZONE + rd: 192.168.254.15:42 + route_targets: + both: + - '65105:42' + import_export_evpn_domains: + - domain: remote + route_target: '65105:42' + redistribute_routes: + - learned + vlan: '453' + rd_evpn_domain: + domain: remote + rd: 192.168.254.15:42 static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 @@ -374,6 +400,10 @@ vrfs: - name: Tenant_C_WAN_Zone tenant: Tenant_C ip_routing: true +- name: TENANT_D_WAN_ZONE + tenant: Tenant_D + ip_routing: true + ipv6_routing: true management_interfaces: - name: Management99 description: OOB_MANAGEMENT @@ -563,6 +593,9 @@ vlans: - id: 350 name: Tenant_C_WAN_Zone_1 tenant: Tenant_C +- id: 453 + name: Tenant_D_WAN_Zone_1 + tenant: Tenant_D ip_access_lists: - name: TEST-IPV4-ACL-WITH-IP-FIELDS-IN_Ethernet12 entries: @@ -625,6 +658,16 @@ vlan_interfaces: shutdown: false ip_address_virtual: 10.3.50.1/24 vrf: Tenant_C_WAN_Zone +- name: Vlan453 + tenant: Tenant_D + tags: + - wan + description: Tenant_D_WAN_Zone_1 + shutdown: false + ipv6_enable: true + ipv6_address_virtuals: + - 10.0.10.1/24 + vrf: TENANT_D_WAN_ZONE router_ospf: process_ids: - id: 14 @@ -653,6 +696,8 @@ vxlan_interface: vni: 20250 - id: 350 vni: 30350 + - id: 453 + vni: 40453 vrfs: - name: Tenant_A_L3_VRF_Zone vni: 15 @@ -664,6 +709,8 @@ vxlan_interface: vni: 21 - name: Tenant_C_WAN_Zone vni: 31 + - name: TENANT_D_WAN_ZONE + vni: 42 metadata: platform: 7280R sflow: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL2A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL2A.yml index 71f1de73e46..30f7825253d 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL2A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL2A.yml @@ -236,6 +236,18 @@ router_bgp: description: test_bgp_peer_group_without_nodes_2nd_time updates: wait_install: true + - name: TENANT_D_WAN_ZONE + router_id: 192.168.255.16 + rd: 192.168.255.16:42 + route_targets: + import: + - address_family: evpn + route_targets: + - '42:42' + export: + - address_family: evpn + route_targets: + - '42:42' vlan_aware_bundles: - name: Tenant_A_WAN_Zone rd: 192.168.255.16:14 @@ -261,6 +273,14 @@ router_bgp: redistribute_routes: - learned vlan: '350' + - name: TENANT_D_WAN_ZONE + rd: 192.168.255.16:42 + route_targets: + both: + - '42:42' + redistribute_routes: + - learned + vlan: '453' static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 @@ -332,6 +352,10 @@ vrfs: - name: Tenant_C_WAN_Zone tenant: Tenant_C ip_routing: true +- name: TENANT_D_WAN_ZONE + tenant: Tenant_D + ip_routing: true + ipv6_routing: true management_interfaces: - name: Management1 description: OOB_MANAGEMENT @@ -443,6 +467,9 @@ vlans: - id: 350 name: Tenant_C_WAN_Zone_1 tenant: Tenant_C +- id: 453 + name: Tenant_D_WAN_Zone_1 + tenant: Tenant_D ip_igmp_snooping: globally_enabled: true ip_virtual_router_mac_address: 00:dc:00:00:00:0a @@ -476,6 +503,16 @@ vlan_interfaces: shutdown: false ip_address_virtual: 10.3.50.1/24 vrf: Tenant_C_WAN_Zone +- name: Vlan453 + tenant: Tenant_D + tags: + - wan + description: Tenant_D_WAN_Zone_1 + shutdown: false + ipv6_enable: true + ipv6_address_virtuals: + - 10.0.10.1/24 + vrf: TENANT_D_WAN_ZONE vxlan_interface: vxlan1: description: DC1-BL2A_VTEP @@ -489,6 +526,8 @@ vxlan_interface: vni: 20250 - id: 350 vni: 30350 + - id: 453 + vni: 40453 vrfs: - name: Tenant_A_WAN_Zone vni: 14 @@ -498,5 +537,7 @@ vxlan_interface: vni: 21 - name: Tenant_C_WAN_Zone vni: 31 + - name: TENANT_D_WAN_ZONE + vni: 42 metadata: platform: 7280R2 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL2B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL2B.yml index f64c3b6c62f..1e367db5247 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL2B.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL2B.yml @@ -234,6 +234,18 @@ router_bgp: activate: true updates: wait_install: true + - name: TENANT_D_WAN_ZONE + router_id: 192.168.255.17 + rd: 192.168.255.17:42 + route_targets: + import: + - address_family: evpn + route_targets: + - '42:42' + export: + - address_family: evpn + route_targets: + - '42:42' vlan_aware_bundles: - name: Tenant_A_WAN_Zone rd: 192.168.255.17:14 @@ -259,6 +271,14 @@ router_bgp: redistribute_routes: - learned vlan: '350' + - name: TENANT_D_WAN_ZONE + rd: 192.168.255.17:42 + route_targets: + both: + - '42:42' + redistribute_routes: + - learned + vlan: '453' static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 @@ -330,6 +350,10 @@ vrfs: - name: Tenant_C_WAN_Zone tenant: Tenant_C ip_routing: true +- name: TENANT_D_WAN_ZONE + tenant: Tenant_D + ip_routing: true + ipv6_routing: true management_interfaces: - name: Management1 description: OOB_MANAGEMENT @@ -443,6 +467,9 @@ vlans: - id: 350 name: Tenant_C_WAN_Zone_1 tenant: Tenant_C +- id: 453 + name: Tenant_D_WAN_Zone_1 + tenant: Tenant_D ip_igmp_snooping: globally_enabled: true ip_virtual_router_mac_address: 00:dc:00:00:00:0a @@ -476,6 +503,16 @@ vlan_interfaces: shutdown: false ip_address_virtual: 10.3.50.1/24 vrf: Tenant_C_WAN_Zone +- name: Vlan453 + tenant: Tenant_D + tags: + - wan + description: Tenant_D_WAN_Zone_1 + shutdown: false + ipv6_enable: true + ipv6_address_virtuals: + - 10.0.10.1/24 + vrf: TENANT_D_WAN_ZONE vxlan_interface: vxlan1: description: DC1-BL2B_VTEP @@ -489,6 +526,8 @@ vxlan_interface: vni: 20250 - id: 350 vni: 30350 + - id: 453 + vni: 40453 vrfs: - name: Tenant_A_WAN_Zone vni: 14 @@ -498,5 +537,7 @@ vxlan_interface: vni: 21 - name: Tenant_C_WAN_Zone vni: 31 + - name: TENANT_D_WAN_ZONE + vni: 42 metadata: platform: 7280R3 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-L2LEAF2A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-L2LEAF2A.yml index 36765e81065..f4124da33cd 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-L2LEAF2A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-L2LEAF2A.yml @@ -102,6 +102,9 @@ vlans: - id: 141 name: Tenant_A_DB_Zone_2 tenant: Tenant_A +- id: 122 + name: Tenant_A_ERP_Zone_1 + tenant: Tenant_A - id: 110 name: Tenant_A_OP_Zone_1 tenant: Tenant_A @@ -164,7 +167,7 @@ port_channel_interfaces: type: switched shutdown: false mode: trunk - vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + vlans: 110-112,120-122,130-131,140-141,150,160-161,210-211,250,310-311,350 mlag: 1001 ethernet_interfaces: - name: Ethernet3 @@ -223,6 +226,8 @@ mlag_configuration: ip_igmp_snooping: globally_enabled: true vlans: + - id: 122 + enabled: false - id: 120 enabled: false metadata: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-L2LEAF2B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-L2LEAF2B.yml index 4017a65453f..63126364a71 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-L2LEAF2B.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-L2LEAF2B.yml @@ -102,6 +102,9 @@ vlans: - id: 141 name: Tenant_A_DB_Zone_2 tenant: Tenant_A +- id: 122 + name: Tenant_A_ERP_Zone_1 + tenant: Tenant_A - id: 110 name: Tenant_A_OP_Zone_1 tenant: Tenant_A @@ -164,7 +167,7 @@ port_channel_interfaces: type: switched shutdown: false mode: trunk - vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + vlans: 110-112,120-122,130-131,140-141,150,160-161,210-211,250,310-311,350 mlag: 1001 ethernet_interfaces: - name: Ethernet3 @@ -223,6 +226,8 @@ mlag_configuration: ip_igmp_snooping: globally_enabled: true vlans: + - id: 122 + enabled: false - id: 120 enabled: false metadata: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2A.yml index c34660ef2c6..3f5fb891458 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2A.yml @@ -234,6 +234,7 @@ router_bgp: - '100000:40' router_id: 192.168.255.10 redistribute_routes: + - source_protocol: connected - source_protocol: static vlan_aware_bundles: - name: Tenant_A_APP_Zone diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2B.yml index c91568b06bf..0c2cfc7f401 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2B.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2B.yml @@ -234,6 +234,7 @@ router_bgp: - '100000:40' router_id: 192.168.255.11 redistribute_routes: + - source_protocol: connected - source_protocol: static vlan_aware_bundles: - name: Tenant_A_APP_Zone diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml index caa8d6466c1..c247b4f56d1 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml @@ -144,6 +144,23 @@ router_bgp: description: DC1-SVC3B updates: wait_install: true + - name: Tenant_A_ERP_Zone + router_id: 192.168.255.12 + rd: '65103:17' + route_targets: + import: + - address_family: evpn + route_targets: + - '17:17' + export: + - address_family: evpn + route_targets: + - '17:17' + neighbors: + - ip_address: 172.31.12.7 + peer_group: MLAG-PEERS + updates: + wait_install: true - name: Tenant_A_OP_Zone rd: '65103:9' route_targets: @@ -305,6 +322,14 @@ router_bgp: redistribute_routes: - learned vlan: 140-141 + - name: Tenant_A_ERP_Zone + rd: '65103:17' + route_targets: + both: + - '17:17' + redistribute_routes: + - learned + vlan: '122' - name: Tenant_A_OP_Zone rd: '65103:9' route_targets: @@ -445,6 +470,9 @@ vrfs: - name: Tenant_A_DB_Zone tenant: Tenant_A ip_routing: true +- name: Tenant_A_ERP_Zone + tenant: Tenant_A + ip_routing: true - name: Tenant_A_OP_Zone tenant: Tenant_A ip_routing: true @@ -526,6 +554,14 @@ vlans: trunk_groups: - LEAF_PEER_L3 tenant: Tenant_A +- id: 122 + name: Tenant_A_ERP_Zone_1 + tenant: Tenant_A +- id: 3016 + name: MLAG_iBGP_Tenant_A_ERP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A - id: 110 name: Tenant_A_OP_Zone_1 tenant: Tenant_A @@ -665,6 +701,29 @@ vlan_interfaces: vrf: Tenant_A_DB_Zone mtu: 1500 ip_address: 10.255.251.6/31 +- name: Vlan122 + tenant: Tenant_A + tags: + - erp3 + description: Tenant_A_ERP_Zone_1 + shutdown: false + ip_address_virtual: 10.1.30.1/24 + ip_address_virtual_secondaries: + - 10.2.30.1/24 + - 10.2.31.1/24 + vrf: Tenant_A_ERP_Zone + ip_helpers: + - ip_helper: 1.1.1.1 + source_interface: lo100 + vrf: TEST +- name: Vlan3016 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_ERP_Zone' + vrf: Tenant_A_ERP_Zone + mtu: 1500 + ip_address: 172.31.12.6/31 - name: Vlan110 tenant: Tenant_A tags: @@ -856,7 +915,7 @@ port_channel_interfaces: type: switched shutdown: false mode: trunk - vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + vlans: 110-112,120-122,130-131,140-141,150,160-161,210-211,250,310-311,350 mlag: 1007 - name: Port-Channel10 description: server03_ESI_PortChanne1 @@ -1583,6 +1642,8 @@ ip_access_lists: ip_igmp_snooping: globally_enabled: true vlans: + - id: 122 + enabled: false - id: 120 enabled: false ip_virtual_router_mac_address: 00:dc:00:00:00:0a @@ -1602,6 +1663,8 @@ vxlan_interface: vni: 10140 - id: 141 vni: 10141 + - id: 122 + vni: 10122 - id: 110 vni: 10110 - id: 111 @@ -1635,6 +1698,8 @@ vxlan_interface: vni: 12 - name: Tenant_A_DB_Zone vni: 13 + - name: Tenant_A_ERP_Zone + vni: 17 - name: Tenant_A_OP_Zone vni: 10 - name: Tenant_A_WAN_Zone diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml index bb73c5b3375..097b12ca1e4 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml @@ -144,6 +144,23 @@ router_bgp: description: DC1-SVC3A updates: wait_install: true + - name: Tenant_A_ERP_Zone + router_id: 192.168.255.13 + rd: '65103:17' + route_targets: + import: + - address_family: evpn + route_targets: + - '17:17' + export: + - address_family: evpn + route_targets: + - '17:17' + neighbors: + - ip_address: 172.31.12.6 + peer_group: MLAG-PEERS + updates: + wait_install: true - name: Tenant_A_OP_Zone rd: '65103:9' route_targets: @@ -305,6 +322,14 @@ router_bgp: redistribute_routes: - learned vlan: 140-141 + - name: Tenant_A_ERP_Zone + rd: '65103:17' + route_targets: + both: + - '17:17' + redistribute_routes: + - learned + vlan: '122' - name: Tenant_A_OP_Zone rd: '65103:9' route_targets: @@ -445,6 +470,9 @@ vrfs: - name: Tenant_A_DB_Zone tenant: Tenant_A ip_routing: true +- name: Tenant_A_ERP_Zone + tenant: Tenant_A + ip_routing: true - name: Tenant_A_OP_Zone tenant: Tenant_A ip_routing: true @@ -526,6 +554,14 @@ vlans: trunk_groups: - LEAF_PEER_L3 tenant: Tenant_A +- id: 122 + name: Tenant_A_ERP_Zone_1 + tenant: Tenant_A +- id: 3016 + name: MLAG_iBGP_Tenant_A_ERP_Zone + trunk_groups: + - LEAF_PEER_L3 + tenant: Tenant_A - id: 110 name: Tenant_A_OP_Zone_1 tenant: Tenant_A @@ -665,6 +701,29 @@ vlan_interfaces: vrf: Tenant_A_DB_Zone mtu: 1500 ip_address: 10.255.251.7/31 +- name: Vlan122 + tenant: Tenant_A + tags: + - erp3 + description: Tenant_A_ERP_Zone_1 + shutdown: false + ip_address_virtual: 10.1.30.1/24 + ip_address_virtual_secondaries: + - 10.2.30.1/24 + - 10.2.31.1/24 + vrf: Tenant_A_ERP_Zone + ip_helpers: + - ip_helper: 1.1.1.1 + source_interface: lo100 + vrf: TEST +- name: Vlan3016 + tenant: Tenant_A + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf Tenant_A_ERP_Zone' + vrf: Tenant_A_ERP_Zone + mtu: 1500 + ip_address: 172.31.12.7/31 - name: Vlan110 tenant: Tenant_A tags: @@ -856,7 +915,7 @@ port_channel_interfaces: type: switched shutdown: false mode: trunk - vlans: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + vlans: 110-112,120-122,130-131,140-141,150,160-161,210-211,250,310-311,350 mlag: 1007 - name: Port-Channel14 description: server07_inherit_all_from_profile_port_channel_ALL_WITH_SECURITY_PORT_CHANNEL @@ -1535,6 +1594,8 @@ ip_access_lists: ip_igmp_snooping: globally_enabled: true vlans: + - id: 122 + enabled: false - id: 120 enabled: false ip_virtual_router_mac_address: 00:dc:00:00:00:0a @@ -1554,6 +1615,8 @@ vxlan_interface: vni: 10140 - id: 141 vni: 10141 + - id: 122 + vni: 10122 - id: 110 vni: 10110 - id: 111 @@ -1587,6 +1650,8 @@ vxlan_interface: vni: 12 - name: Tenant_A_DB_Zone vni: 13 + - name: Tenant_A_ERP_Zone + vni: 17 - name: Tenant_A_OP_Zone vni: 10 - name: Tenant_A_WAN_Zone diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/evpn_services_l2_only_false.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/evpn_services_l2_only_false.yml index 1af6e3b2243..90a574908fd 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/evpn_services_l2_only_false.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/evpn_services_l2_only_false.yml @@ -74,6 +74,7 @@ router_bgp: redistribute_routes: - source_protocol: connected - name: Tenant_A_OP_Zone + router_id: 192.168.255.109 rd: 192.168.255.109:9 route_targets: import: @@ -229,6 +230,14 @@ router_bgp: redistribute_routes: - learned vlan: 140-141 + - name: Tenant_A_ERP_Zone + rd: 192.168.255.109:17 + route_targets: + both: + - '17:17' + redistribute_routes: + - learned + vlan: '122' - name: Tenant_A_OP_Zone rd: 192.168.255.109:9 route_targets: @@ -345,6 +354,14 @@ router_bgp: redistribute_routes: - learned vlan: 410-413 + - name: TENANT_D_WAN_ZONE + rd: 192.168.255.109:42 + route_targets: + both: + - '42:42' + redistribute_routes: + - learned + vlan: '453' static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 @@ -408,6 +425,9 @@ vrfs: - name: Tenant_A_DB_Zone tenant: Tenant_A ip_routing: true +- name: Tenant_A_ERP_Zone + tenant: Tenant_A + ip_routing: true - name: Tenant_A_OP_Zone tenant: Tenant_A ip_routing: true @@ -438,6 +458,10 @@ vrfs: tenant: Tenant_D ip_routing: true ipv6_routing: true +- name: TENANT_D_WAN_ZONE + tenant: Tenant_D + ip_routing: true + ipv6_routing: true management_interfaces: - name: Management1 description: OOB_MANAGEMENT @@ -513,6 +537,9 @@ vlans: - id: 141 name: Tenant_A_DB_Zone_2 tenant: Tenant_A +- id: 122 + name: Tenant_A_ERP_Zone_1 + tenant: Tenant_A - id: 110 name: Tenant_A_OP_Zone_1 tenant: Tenant_A @@ -597,6 +624,9 @@ vlans: - id: 413 name: Tenant_D_v6_OP_Zone_3 tenant: Tenant_D +- id: 453 + name: Tenant_D_WAN_Zone_1 + tenant: Tenant_D ip_access_lists: - name: TEST-IPV4-ACL-WITH-IP-FIELDS-IN_Vlan110 entries: @@ -615,6 +645,8 @@ ip_access_lists: ip_igmp_snooping: globally_enabled: true vlans: + - id: 122 + enabled: false - id: 120 enabled: false ip_virtual_router_mac_address: 00:dc:00:00:00:0a @@ -660,6 +692,21 @@ vlan_interfaces: shutdown: false ip_address_virtual: 10.1.41.1/24 vrf: Tenant_A_DB_Zone +- name: Vlan122 + tenant: Tenant_A + tags: + - erp3 + description: Tenant_A_ERP_Zone_1 + shutdown: false + ip_address_virtual: 10.1.30.1/24 + ip_address_virtual_secondaries: + - 10.2.30.1/24 + - 10.2.31.1/24 + vrf: Tenant_A_ERP_Zone + ip_helpers: + - ip_helper: 1.1.1.1 + source_interface: lo100 + vrf: TEST - name: Vlan110 tenant: Tenant_A tags: @@ -898,6 +945,16 @@ vlan_interfaces: - ip_helper: 1.1.1.2 source_interface: lo102 vrf: TEST +- name: Vlan453 + tenant: Tenant_D + tags: + - wan + description: Tenant_D_WAN_Zone_1 + shutdown: false + ipv6_enable: true + ipv6_address_virtuals: + - 10.0.10.1/24 + vrf: TENANT_D_WAN_ZONE router_ospf: process_ids: - id: 123 @@ -925,6 +982,8 @@ vxlan_interface: vni: 10140 - id: 141 vni: 10141 + - id: 122 + vni: 10122 - id: 110 vni: 10110 - id: 111 @@ -981,11 +1040,15 @@ vxlan_interface: vni: 40412 - id: 413 vni: 40413 + - id: 453 + vni: 40453 vrfs: - name: Tenant_A_APP_Zone vni: 12 - name: Tenant_A_DB_Zone vni: 13 + - name: Tenant_A_ERP_Zone + vni: 17 - name: Tenant_A_OP_Zone vni: 10 - name: Tenant_A_WAN_Zone @@ -1006,6 +1069,8 @@ vxlan_interface: vni: 123 - name: Tenant_D_OP_Zone vni: 40 + - name: TENANT_D_WAN_ZONE + vni: 42 virtual_source_nat_vrfs: - name: Tenant_A_OP_Zone ip_address: 10.255.1.109 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/evpn_services_l2_only_true.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/evpn_services_l2_only_true.yml index b8517fac011..d86a9ffa4d4 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/evpn_services_l2_only_true.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/evpn_services_l2_only_true.yml @@ -60,6 +60,14 @@ router_bgp: redistribute_routes: - learned vlan: 140-141 + - name: Tenant_A_ERP_Zone + rd: 192.168.255.109:17 + route_targets: + both: + - '17:17' + redistribute_routes: + - learned + vlan: '122' - name: Tenant_A_OP_Zone rd: 192.168.255.109:9 route_targets: @@ -176,6 +184,14 @@ router_bgp: redistribute_routes: - learned vlan: 410-413 + - name: TENANT_D_WAN_ZONE + rd: 192.168.255.109:42 + route_targets: + both: + - '42:42' + redistribute_routes: + - learned + vlan: '453' static_routes: - vrf: MGMT destination_address_prefix: 0.0.0.0/0 @@ -299,6 +315,9 @@ vlans: - id: 141 name: Tenant_A_DB_Zone_2 tenant: Tenant_A +- id: 122 + name: Tenant_A_ERP_Zone_1 + tenant: Tenant_A - id: 110 name: Tenant_A_OP_Zone_1 tenant: Tenant_A @@ -383,9 +402,14 @@ vlans: - id: 413 name: Tenant_D_v6_OP_Zone_3 tenant: Tenant_D +- id: 453 + name: Tenant_D_WAN_Zone_1 + tenant: Tenant_D ip_igmp_snooping: globally_enabled: true vlans: + - id: 122 + enabled: false - id: 120 enabled: false vxlan_interface: @@ -405,6 +429,8 @@ vxlan_interface: vni: 10140 - id: 141 vni: 10141 + - id: 122 + vni: 10122 - id: 110 vni: 10110 - id: 111 @@ -461,3 +487,5 @@ vxlan_interface: vni: 40412 - id: 413 vni: 40413 + - id: 453 + vni: 40453 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/mgmt_interface_default.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/mgmt_interface_default.yml index 35eb31fa11d..09f4d52229e 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/mgmt_interface_default.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/mgmt_interface_default.yml @@ -94,6 +94,9 @@ vlans: - id: 141 name: Tenant_A_DB_Zone_2 tenant: Tenant_A +- id: 122 + name: Tenant_A_ERP_Zone_1 + tenant: Tenant_A - id: 110 name: Tenant_A_OP_Zone_1 tenant: Tenant_A @@ -178,8 +181,13 @@ vlans: - id: 413 name: Tenant_D_v6_OP_Zone_3 tenant: Tenant_D +- id: 453 + name: Tenant_D_WAN_Zone_1 + tenant: Tenant_D ip_igmp_snooping: globally_enabled: true vlans: + - id: 122 + enabled: false - id: 120 enabled: false diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/mgmt_interface_fabric.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/mgmt_interface_fabric.yml index 948b45e6584..d2e21d3fafb 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/mgmt_interface_fabric.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/mgmt_interface_fabric.yml @@ -94,6 +94,9 @@ vlans: - id: 141 name: Tenant_A_DB_Zone_2 tenant: Tenant_A +- id: 122 + name: Tenant_A_ERP_Zone_1 + tenant: Tenant_A - id: 110 name: Tenant_A_OP_Zone_1 tenant: Tenant_A @@ -178,8 +181,13 @@ vlans: - id: 413 name: Tenant_D_v6_OP_Zone_3 tenant: Tenant_D +- id: 453 + name: Tenant_D_WAN_Zone_1 + tenant: Tenant_D ip_igmp_snooping: globally_enabled: true vlans: + - id: 122 + enabled: false - id: 120 enabled: false diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/mgmt_interface_host.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/mgmt_interface_host.yml index 1ce54f468cc..a4a09e32707 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/mgmt_interface_host.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/mgmt_interface_host.yml @@ -100,6 +100,9 @@ vlans: - id: 141 name: Tenant_A_DB_Zone_2 tenant: Tenant_A +- id: 122 + name: Tenant_A_ERP_Zone_1 + tenant: Tenant_A - id: 110 name: Tenant_A_OP_Zone_1 tenant: Tenant_A @@ -184,9 +187,14 @@ vlans: - id: 413 name: Tenant_D_v6_OP_Zone_3 tenant: Tenant_D +- id: 453 + name: Tenant_D_WAN_Zone_1 + tenant: Tenant_D ip_igmp_snooping: globally_enabled: true vlans: + - id: 122 + enabled: false - id: 120 enabled: false metadata: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/mgmt_interface_platform.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/mgmt_interface_platform.yml index c2f0598753d..3f11638d990 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/mgmt_interface_platform.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/mgmt_interface_platform.yml @@ -100,6 +100,9 @@ vlans: - id: 141 name: Tenant_A_DB_Zone_2 tenant: Tenant_A +- id: 122 + name: Tenant_A_ERP_Zone_1 + tenant: Tenant_A - id: 110 name: Tenant_A_OP_Zone_1 tenant: Tenant_A @@ -184,9 +187,14 @@ vlans: - id: 413 name: Tenant_D_v6_OP_Zone_3 tenant: Tenant_D +- id: 453 + name: Tenant_D_WAN_Zone_1 + tenant: Tenant_D ip_igmp_snooping: globally_enabled: true vlans: + - id: 122 + enabled: false - id: 120 enabled: false metadata: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_FABRIC.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_FABRIC.yml index 3f0d068ff74..7f30f23fbd1 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_FABRIC.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_FABRIC.yml @@ -139,7 +139,7 @@ l3leaf: mlag_domain_id: custom_mlag_domain_id filter: tenants: [ Tenant_A, Tenant_B, Tenant_C ] - tags: [ opzone, web, app, db, vmotion, nfs, wan ] + tags: [ opzone, web, app, db, vmotion, nfs, wan , erp3] nodes: - name: DC1-SVC3A id: 4 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_A.yml index 66d7bbc1986..76b37411f2d 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_A.yml @@ -74,6 +74,19 @@ tenant_a: name: Tenant_A_WEBZone_2 tags: ['web'] profile: GENERIC_FULL + - name: Tenant_A_ERP_Zone + vrf_vni: 17 + redistribute_connected: false + mlag_ibgp_peering_ipv4_pool: 172.31.12.0/24 + svis: + - id: 122 + name: Tenant_A_ERP_Zone_1 + tags: ['erp3'] + profile: WITH_DHCP_AND_SNOOPING + ip_address_virtual: 10.1.30.1/24 + ip_address_virtual_secondaries: + - 10.2.30.1/24 + - 10.2.31.1/24 - name: Tenant_A_APP_Zone vrf_vni: 12 svis: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_D.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_D.yml index c63719c749f..94677dfeb47 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_D.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_D.yml @@ -6,7 +6,6 @@ tenant_d: vrf_vni: 40 enable_mlag_ibgp_peering_vrfs: true mlag_ibgp_peering_vlan: 2 - redistribute_connected: false svis: - id: 410 name: Tenant_D_v6_OP_Zone_1 @@ -122,3 +121,13 @@ tenant_d: ospf: area: 0.0.0.0 enabled: true + - name: TENANT_D_WAN_ZONE + vrf_vni: 42 + redistribute_connected: false + svis: + - id: 453 + name: Tenant_D_WAN_Zone_1 + tags: ['wan'] + enabled: True + ipv6_address_virtuals: + - "10.0.10.1/24" diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py index 37e4afc65c4..2b19bdeea19 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py @@ -175,7 +175,7 @@ def _exclude_mlag_ibgp_peering_from_redistribute(self: AvdStructuredConfigNetwor if get(vrf, "redistribute_connected", True) is True: return default(vrf.get("redistribute_mlag_ibgp_peering_vrfs"), tenant.get("redistribute_mlag_ibgp_peering_vrfs")) is False - return True + return False @cached_property def _configure_bgp_mlag_peer_group(self: AvdStructuredConfigNetworkServices) -> bool: From dba8f57c5de8108b06df939dedbae4de770c7ad0 Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Mon, 12 Aug 2024 17:28:39 +0530 Subject: [PATCH 10/22] Update docstring. --- .../_eos_designs/structured_config/network_services/utils.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py index 2b19bdeea19..3a9308156e0 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py @@ -166,7 +166,7 @@ def _mlag_ibgp_peering_vlan_vrf(self: AvdStructuredConfigNetworkServices, vrf: d def _exclude_mlag_ibgp_peering_from_redistribute(self: AvdStructuredConfigNetworkServices, vrf: dict, tenant: dict) -> bool: """ - Returns True if MLAG IBGP Peering subnet should be redistributed for the given vrf/tenant. + Returns True if MLAG IBGP Peering subnet should be _excluded_ from redistribution for the given vrf/tenant. False otherwise. From 501bebc6dc9b7d9ad3079f918a4067dfb418f81c Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Tue, 13 Aug 2024 10:44:32 +0530 Subject: [PATCH 11/22] Fix CI. --- .../eos_designs_unit_tests/inventory/group_vars/DC1_FABRIC.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_FABRIC.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_FABRIC.yml index 7f30f23fbd1..890d90d05ab 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_FABRIC.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_FABRIC.yml @@ -139,7 +139,7 @@ l3leaf: mlag_domain_id: custom_mlag_domain_id filter: tenants: [ Tenant_A, Tenant_B, Tenant_C ] - tags: [ opzone, web, app, db, vmotion, nfs, wan , erp3] + tags: [ opzone, web, app, db, vmotion, nfs, wan, erp3 ] nodes: - name: DC1-SVC3A id: 4 From 5a625c3402ce5307db72e042669bbf6d52b669cc Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Wed, 28 Aug 2024 13:01:40 +0530 Subject: [PATCH 12/22] Fix CI. --- .../eos_designs_unit_tests/intended/configs/DC1-SVC3A.cfg | 1 + .../eos_designs_unit_tests/intended/configs/DC1-SVC3B.cfg | 1 + .../intended/structured_configs/DC1-SVC3A.yml | 1 + .../intended/structured_configs/DC1-SVC3B.yml | 1 + 4 files changed, 4 insertions(+) diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3A.cfg index ba864c57626..effdcefc14f 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3A.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3A.cfg @@ -1100,6 +1100,7 @@ router bgp 65103 router-id 192.168.255.12 update wait-install neighbor 172.31.12.7 peer group MLAG-PEERS + neighbor 172.31.12.7 description DC1-SVC3B ! vrf Tenant_A_OP_Zone rd 65103:9 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3B.cfg index 7f2cf49a73e..3f06ae64b16 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3B.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3B.cfg @@ -1065,6 +1065,7 @@ router bgp 65103 router-id 192.168.255.13 update wait-install neighbor 172.31.12.6 peer group MLAG-PEERS + neighbor 172.31.12.6 description DC1-SVC3A ! vrf Tenant_A_OP_Zone rd 65103:9 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml index c247b4f56d1..531d28fe0a1 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml @@ -159,6 +159,7 @@ router_bgp: neighbors: - ip_address: 172.31.12.7 peer_group: MLAG-PEERS + description: DC1-SVC3B updates: wait_install: true - name: Tenant_A_OP_Zone diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml index 097b12ca1e4..1ca00dd4a6f 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml @@ -159,6 +159,7 @@ router_bgp: neighbors: - ip_address: 172.31.12.6 peer_group: MLAG-PEERS + description: DC1-SVC3A updates: wait_install: true - name: Tenant_A_OP_Zone From 0f82c9ea8f23195140d369d7abdfa81c28162ab8 Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Thu, 29 Aug 2024 14:03:28 +0530 Subject: [PATCH 13/22] Address comment. --- .../docs/tables/network-services-vrfs-settings.md | 8 ++++---- .../pyavd/_eos_designs/schema/eos_designs.schema.yml | 8 ++++---- .../schema_fragments/defs_network_services.schema.yml | 4 ++-- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md index 51e978d32b0..aca10d83889 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md @@ -57,8 +57,8 @@ | [            interface](## ".[].vrfs.[].ipv6_static_routes.[].interface") | String | | | | | | [            nodes](## ".[].vrfs.[].ipv6_static_routes.[].nodes") | List, items: String | | | | | | [              - <str>](## ".[].vrfs.[].ipv6_static_routes.[].nodes.[]") | String | | | | | - | [        redistribute_static](## ".[].vrfs.[].redistribute_static") | Boolean | | | | Non-selectively enabling or disabling redistribute static to BGP inside the VRF. | - | [        redistribute_connected](## ".[].vrfs.[].redistribute_connected") | Boolean | | `True` | | Non-selectively enabling or disabling redistribution of connected routes to BGP inside the VRF. | + | [        redistribute_static](## ".[].vrfs.[].redistribute_static") | Boolean | | | | Enable or disable the redistribution of all static routes to BGP in the VRF. | + | [        redistribute_connected](## ".[].vrfs.[].redistribute_connected") | Boolean | | `True` | | Enable or disable the redistribution of all connected routes to BGP in the VRF. | | [        bgp](## ".[].vrfs.[].bgp") | Dictionary | | | | | | [          enabled](## ".[].vrfs.[].bgp.enabled") | Boolean | | | | Force (no) configuration of BGP for the VRF.
If not set, BGP will be configured when needed according to the following rules:
- If the VRF is part of an overlay (`evpn` or `mpls`), BGP will be configured for it.
- If any BGP peers are configured under the VRF, BGP will be configured for it. This is useful for L2LS designs with VRFs.
- If uplink type is `p2p-vrfs` *and* the vrf is included in the uplink VRFs, BGP will be configured for it. | | [          raw_eos_cli](## ".[].vrfs.[].bgp.raw_eos_cli") | String | | | | EOS CLI rendered directly on the Router BGP, VRF definition in the final EOS configuration.
| @@ -240,10 +240,10 @@ nodes: - - # Non-selectively enabling or disabling redistribute static to BGP inside the VRF. + # Enable or disable the redistribution of all static routes to BGP in the VRF. redistribute_static: - # Non-selectively enabling or disabling redistribution of connected routes to BGP inside the VRF. + # Enable or disable the redistribution of all connected routes to BGP in the VRF. redistribute_connected: bgp: diff --git a/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml b/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml index 01d93a2b7f8..20b2c5104a9 100644 --- a/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml @@ -6668,13 +6668,13 @@ $defs: type: str redistribute_static: type: bool - description: Non-selectively enabling or disabling redistribute static - to BGP inside the VRF. + description: Enable or disable the redistribution of all static routes + to BGP in the VRF. redistribute_connected: type: bool default: true - description: Non-selectively enabling or disabling redistribution - of connected routes to BGP inside the VRF. + description: Enable or disable the redistribution of all connected + routes to BGP in the VRF. bgp_peers: documentation_options: table: network-services-vrfs-bgp-settings diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml index b0202fe8214..40064daecb2 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml @@ -905,11 +905,11 @@ $defs: type: str redistribute_static: type: bool - description: Non-selectively enabling or disabling redistribute static to BGP inside the VRF. + description: Enable or disable the redistribution of all static routes to BGP in the VRF. redistribute_connected: type: bool default: true - description: Non-selectively enabling or disabling redistribution of connected routes to BGP inside the VRF. + description: Enable or disable the redistribution of all connected routes to BGP in the VRF. bgp_peers: documentation_options: table: network-services-vrfs-bgp-settings From d7b70cf1a7507c8b3eaa273f79c9166b350186a8 Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Tue, 10 Sep 2024 12:15:05 +0530 Subject: [PATCH 14/22] Rebase --- .../intended/structured_configs/DC1-BL1A.yml | 2 +- .../intended/structured_configs/DC1-BL1B.yml | 2 +- .../intended/structured_configs/DC1-BL2A.yml | 2 +- .../intended/structured_configs/DC1-BL2B.yml | 2 +- .../intended/structured_configs/DC1-SVC3A.yml | 2 +- .../intended/structured_configs/DC1-SVC3B.yml | 2 +- .../evpn_services_l2_only_false.yml | 25 ++++++++++++++++++- 7 files changed, 30 insertions(+), 7 deletions(-) diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1A.yml index 49677d53e77..5400b01fd44 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1A.yml @@ -250,7 +250,6 @@ router_bgp: redistribute_routes: - source_protocol: connected - name: TENANT_D_WAN_ZONE - router_id: 192.168.255.14 rd: 192.168.254.14:42 route_targets: import: @@ -261,6 +260,7 @@ router_bgp: - address_family: evpn route_targets: - '65104:42' + router_id: 192.168.255.14 vlan_aware_bundles: - name: Tenant_A_WAN_Zone rd: 192.168.254.14:14 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1B.yml index e90707ba88f..341516578f7 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1B.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1B.yml @@ -255,7 +255,6 @@ router_bgp: redistribute_routes: - source_protocol: connected - name: TENANT_D_WAN_ZONE - router_id: 192.168.255.15 rd: 192.168.254.15:42 route_targets: import: @@ -266,6 +265,7 @@ router_bgp: - address_family: evpn route_targets: - '65105:42' + router_id: 192.168.255.15 vlan_aware_bundles: - name: Tenant_A_WAN_Zone rd: 192.168.254.15:14 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL2A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL2A.yml index 30f7825253d..25870f8304a 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL2A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL2A.yml @@ -237,7 +237,6 @@ router_bgp: updates: wait_install: true - name: TENANT_D_WAN_ZONE - router_id: 192.168.255.16 rd: 192.168.255.16:42 route_targets: import: @@ -248,6 +247,7 @@ router_bgp: - address_family: evpn route_targets: - '42:42' + router_id: 192.168.255.16 vlan_aware_bundles: - name: Tenant_A_WAN_Zone rd: 192.168.255.16:14 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL2B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL2B.yml index 1e367db5247..94fb0f8d58e 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL2B.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL2B.yml @@ -235,7 +235,6 @@ router_bgp: updates: wait_install: true - name: TENANT_D_WAN_ZONE - router_id: 192.168.255.17 rd: 192.168.255.17:42 route_targets: import: @@ -246,6 +245,7 @@ router_bgp: - address_family: evpn route_targets: - '42:42' + router_id: 192.168.255.17 vlan_aware_bundles: - name: Tenant_A_WAN_Zone rd: 192.168.255.17:14 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml index 531d28fe0a1..4b5ac1ee754 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml @@ -145,7 +145,6 @@ router_bgp: updates: wait_install: true - name: Tenant_A_ERP_Zone - router_id: 192.168.255.12 rd: '65103:17' route_targets: import: @@ -156,6 +155,7 @@ router_bgp: - address_family: evpn route_targets: - '17:17' + router_id: 192.168.255.12 neighbors: - ip_address: 172.31.12.7 peer_group: MLAG-PEERS diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml index 1ca00dd4a6f..dd541051976 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml @@ -145,7 +145,6 @@ router_bgp: updates: wait_install: true - name: Tenant_A_ERP_Zone - router_id: 192.168.255.13 rd: '65103:17' route_targets: import: @@ -156,6 +155,7 @@ router_bgp: - address_family: evpn route_targets: - '17:17' + router_id: 192.168.255.13 neighbors: - ip_address: 172.31.12.6 peer_group: MLAG-PEERS diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/evpn_services_l2_only_false.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/evpn_services_l2_only_false.yml index 90a574908fd..f357500118f 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/evpn_services_l2_only_false.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/evpn_services_l2_only_false.yml @@ -73,8 +73,19 @@ router_bgp: router_id: 192.168.255.109 redistribute_routes: - source_protocol: connected - - name: Tenant_A_OP_Zone + - name: Tenant_A_ERP_Zone + rd: 192.168.255.109:17 + route_targets: + import: + - address_family: evpn + route_targets: + - '17:17' + export: + - address_family: evpn + route_targets: + - '17:17' router_id: 192.168.255.109 + - name: Tenant_A_OP_Zone rd: 192.168.255.109:9 route_targets: import: @@ -213,6 +224,18 @@ router_bgp: router_id: 192.168.255.109 redistribute_routes: - source_protocol: connected + - name: TENANT_D_WAN_ZONE + rd: 192.168.255.109:42 + route_targets: + import: + - address_family: evpn + route_targets: + - '42:42' + export: + - address_family: evpn + route_targets: + - '42:42' + router_id: 192.168.255.109 vlan_aware_bundles: - name: Tenant_A_APP_Zone rd: 192.168.255.109:12 From 0924c2eff3f4ab43d29d11f4384d58635dde7605 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Thu, 19 Sep 2024 12:12:31 +0000 Subject: [PATCH 15/22] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- .../structured_config/network_services/router_bgp.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py index 36311d2ec10..46b937e25dc 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py @@ -168,9 +168,9 @@ def _router_bgp_vrfs(self: AvdStructuredConfigNetworkServices) -> dict: bgp_vrf_redistribute_connected = get(vrf, "redistribute_connected", default=True) if vrf_name != "default": # Non-default VRF - bgp_vrf |= {"router_id": self.shared_utils.router_id,} + bgp_vrf |= {"router_id": self.shared_utils.router_id} if bgp_vrf_redistribute_connected is True: - bgp_vrf |= {"redistribute_routes": [{"source_protocol": "connected"}],} + bgp_vrf |= {"redistribute_routes": [{"source_protocol": "connected"}]} # Redistribution of static routes for VRF default are handled elsewhere # since there is a choice between redistributing to underlay or overlay. if (bgp_vrf_redistribute_static := vrf.get("redistribute_static")) is True or ( From 6503098086f5caac92919dfe3813cd497fef997e Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Thu, 19 Sep 2024 17:58:08 +0530 Subject: [PATCH 16/22] FIx CI. --- .../eos_designs_unit_tests/intended/configs/DC1-BL1A.cfg | 2 +- .../eos_designs_unit_tests/intended/configs/DC1-BL1B.cfg | 2 +- .../eos_designs_unit_tests/intended/configs/DC1-BL2A.cfg | 2 +- .../eos_designs_unit_tests/intended/configs/DC1-BL2B.cfg | 2 +- .../intended/configs/evpn_services_l2_only_false.cfg | 5 +---- 5 files changed, 5 insertions(+), 8 deletions(-) diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1A.cfg index 29c0527437f..8e6d697b937 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1A.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1A.cfg @@ -287,12 +287,12 @@ ip routing vrf Tenant_B_OP_Zone ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_WAN_Zone ip routing vrf TENANT_D_WAN_ZONE -ipv6 unicast-routing vrf TENANT_D_WAN_ZONE ! ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 10 permit 192.168.255.0/24 eq 32 seq 20 permit 192.168.254.0/24 eq 32 seq 30 permit 192.168.255.255/32 +ipv6 unicast-routing vrf TENANT_D_WAN_ZONE ! mac address-table notification host-flap logging ! diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1B.cfg index 8ae77912537..83c7aef43c9 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1B.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1B.cfg @@ -268,11 +268,11 @@ ip routing vrf Tenant_B_OP_Zone ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_WAN_Zone ip routing vrf TENANT_D_WAN_ZONE -ipv6 unicast-routing vrf TENANT_D_WAN_ZONE ! ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 10 permit 192.168.255.0/24 eq 32 seq 20 permit 192.168.254.0/24 eq 32 +ipv6 unicast-routing vrf TENANT_D_WAN_ZONE ! ip route vrf MGMT 0.0.0.0/0 192.168.200.5 ip route vrf Tenant_A_WAN_Zone 10.3.4.0/24 1.2.3.4 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL2A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL2A.cfg index 67c1b4ff188..12d189e9dbb 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL2A.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL2A.cfg @@ -169,11 +169,11 @@ ip routing vrf Tenant_B_OP_Zone ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_WAN_Zone ip routing vrf TENANT_D_WAN_ZONE -ipv6 unicast-routing vrf TENANT_D_WAN_ZONE ! ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 10 permit 192.168.255.0/24 eq 32 seq 20 permit 192.168.254.0/24 eq 32 +ipv6 unicast-routing vrf TENANT_D_WAN_ZONE ! ip route vrf MGMT 0.0.0.0/0 192.168.200.5 ! diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL2B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL2B.cfg index 139e6293269..e14c97a2607 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL2B.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL2B.cfg @@ -167,11 +167,11 @@ ip routing vrf Tenant_B_OP_Zone ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_WAN_Zone ip routing vrf TENANT_D_WAN_ZONE -ipv6 unicast-routing vrf TENANT_D_WAN_ZONE ! ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 10 permit 192.168.255.0/24 eq 32 seq 20 permit 192.168.254.0/24 eq 32 +ipv6 unicast-routing vrf TENANT_D_WAN_ZONE ! ip route vrf MGMT 0.0.0.0/0 192.168.200.5 ! diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/evpn_services_l2_only_false.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/evpn_services_l2_only_false.cfg index bc7d0ddfbd8..5ca82db358d 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/evpn_services_l2_only_false.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/evpn_services_l2_only_false.cfg @@ -487,16 +487,13 @@ ip routing vrf Tenant_C_WAN_Zone ip routing vrf Tenant_D_OP_Zone ip routing vrf TENANT_D_WAN_ZONE ! -ipv6 unicast-routing vrf 12345678 -ipv6 unicast-routing vrf Tenant_D_OP_Zone -ipv6 unicast-routing vrf TENANT_D_WAN_ZONE -! ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 10 permit 192.168.255.0/24 eq 32 seq 20 permit 192.168.254.0/24 eq 32 ! ipv6 unicast-routing vrf 12345678 ipv6 unicast-routing vrf Tenant_D_OP_Zone +ipv6 unicast-routing vrf TENANT_D_WAN_ZONE ! ip route vrf MGMT 0.0.0.0/0 192.168.200.5 ip route vrf Tenant_D_OP_Zone 10.3.11.0/24 Vlan411 name VARP From b9e744d9ba7f3c19f636e60adda79705648ba1f1 Mon Sep 17 00:00:00 2001 From: laxmikantchintakindi <159624484+laxmikantchintakindi@users.noreply.github.com> Date: Fri, 20 Sep 2024 22:26:05 +0530 Subject: [PATCH 17/22] Update python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py Co-authored-by: Guillaume Mulocher --- .../structured_config/network_services/router_bgp.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py index 46b937e25dc..ac71af014ea 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py @@ -168,7 +168,7 @@ def _router_bgp_vrfs(self: AvdStructuredConfigNetworkServices) -> dict: bgp_vrf_redistribute_connected = get(vrf, "redistribute_connected", default=True) if vrf_name != "default": # Non-default VRF - bgp_vrf |= {"router_id": self.shared_utils.router_id} + bgp_vrf["router_id] = self.shared_utils.router_id if bgp_vrf_redistribute_connected is True: bgp_vrf |= {"redistribute_routes": [{"source_protocol": "connected"}]} # Redistribution of static routes for VRF default are handled elsewhere From 48b14bd8a4211a008a5ff7493da74e8880dd76ad Mon Sep 17 00:00:00 2001 From: laxmikantchintakindi <159624484+laxmikantchintakindi@users.noreply.github.com> Date: Fri, 20 Sep 2024 22:26:12 +0530 Subject: [PATCH 18/22] Update python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py Co-authored-by: Guillaume Mulocher --- .../structured_config/network_services/router_bgp.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py index ac71af014ea..ccc88b598de 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py @@ -170,7 +170,7 @@ def _router_bgp_vrfs(self: AvdStructuredConfigNetworkServices) -> dict: # Non-default VRF bgp_vrf["router_id] = self.shared_utils.router_id if bgp_vrf_redistribute_connected is True: - bgp_vrf |= {"redistribute_routes": [{"source_protocol": "connected"}]} + bgp_vrf["redistribute_routes"] = [{"source_protocol": "connected"}] # Redistribution of static routes for VRF default are handled elsewhere # since there is a choice between redistributing to underlay or overlay. if (bgp_vrf_redistribute_static := vrf.get("redistribute_static")) is True or ( From b6d09cf069bf0d54eb8c80df9f203e054df57de3 Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Fri, 20 Sep 2024 22:41:36 +0530 Subject: [PATCH 19/22] Fix CI. --- .../eos_designs_unit_tests/intended/configs/DC1-L2LEAF2A.cfg | 2 +- .../eos_designs_unit_tests/intended/configs/DC1-L2LEAF2B.cfg | 2 +- .../eos_designs_unit_tests/intended/configs/DC1-SVC3A.cfg | 2 +- .../eos_designs_unit_tests/intended/configs/DC1-SVC3B.cfg | 2 +- .../intended/structured_configs/DC1-L2LEAF2A.yml | 2 +- .../intended/structured_configs/DC1-L2LEAF2B.yml | 2 +- .../intended/structured_configs/DC1-SVC3A.yml | 2 +- .../intended/structured_configs/DC1-SVC3B.yml | 2 +- .../structured_config/network_services/router_bgp.py | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-L2LEAF2A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-L2LEAF2A.cfg index 0926ebf862a..6f9182953b1 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-L2LEAF2A.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-L2LEAF2A.cfg @@ -116,7 +116,7 @@ interface Port-Channel3 interface Port-Channel1001 description DC1_SVC3_Po1007 no shutdown - switchport trunk allowed vlan 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + switchport trunk allowed vlan 110-112,120-122,130-131,140-141,150,160-161,210-211,250,310-311,350 switchport mode trunk switchport mlag 1001 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-L2LEAF2B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-L2LEAF2B.cfg index 605063a322b..1f7ba027ab5 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-L2LEAF2B.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-L2LEAF2B.cfg @@ -116,7 +116,7 @@ interface Port-Channel3 interface Port-Channel1001 description DC1_SVC3_Po1007 no shutdown - switchport trunk allowed vlan 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + switchport trunk allowed vlan 110-112,120-122,130-131,140-141,150,160-161,210-211,250,310-311,350 switchport mode trunk switchport mlag 1001 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3A.cfg index 49803dc89bd..e5f889b6533 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3A.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3A.cfg @@ -339,7 +339,7 @@ interface Port-Channel42 interface Port-Channel1007 description DC1_L2LEAF2_Po1001 no shutdown - switchport trunk allowed vlan 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + switchport trunk allowed vlan 110-112,120-122,130-131,140-141,150,160-161,210-211,250,310-311,350 switchport mode trunk switchport mlag 1007 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3B.cfg index 904e872496a..d44bf97139c 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3B.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3B.cfg @@ -328,7 +328,7 @@ interface Port-Channel42 interface Port-Channel1007 description DC1_L2LEAF2_Po1001 no shutdown - switchport trunk allowed vlan 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + switchport trunk allowed vlan 110-112,120-122,130-131,140-141,150,160-161,210-211,250,310-311,350 switchport mode trunk switchport mlag 1007 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-L2LEAF2A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-L2LEAF2A.yml index bea0a7751b8..aa843f471e2 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-L2LEAF2A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-L2LEAF2A.yml @@ -170,7 +170,7 @@ port_channel_interfaces: enabled: true mode: trunk trunk: - allowed_vlan: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + allowed_vlan: 110-112,120-122,130-131,140-141,150,160-161,210-211,250,310-311,350 shutdown: false mlag: 1001 ethernet_interfaces: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-L2LEAF2B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-L2LEAF2B.yml index 66a36b93329..31390a73f5d 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-L2LEAF2B.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-L2LEAF2B.yml @@ -170,7 +170,7 @@ port_channel_interfaces: enabled: true mode: trunk trunk: - allowed_vlan: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + allowed_vlan: 110-112,120-122,130-131,140-141,150,160-161,210-211,250,310-311,350 shutdown: false mlag: 1001 ethernet_interfaces: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml index f84f1f2243e..13ec78da845 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml @@ -919,7 +919,7 @@ port_channel_interfaces: enabled: true mode: trunk trunk: - allowed_vlan: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + allowed_vlan: 110-112,120-122,130-131,140-141,150,160-161,210-211,250,310-311,350 shutdown: false mlag: 1007 - name: Port-Channel10 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml index 6adcf796c7a..faab5270f62 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml @@ -919,7 +919,7 @@ port_channel_interfaces: enabled: true mode: trunk trunk: - allowed_vlan: 110-112,120-121,130-131,140-141,150,160-161,210-211,250,310-311,350 + allowed_vlan: 110-112,120-122,130-131,140-141,150,160-161,210-211,250,310-311,350 shutdown: false mlag: 1007 - name: Port-Channel14 diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py index ccc88b598de..097106de35d 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py @@ -168,7 +168,7 @@ def _router_bgp_vrfs(self: AvdStructuredConfigNetworkServices) -> dict: bgp_vrf_redistribute_connected = get(vrf, "redistribute_connected", default=True) if vrf_name != "default": # Non-default VRF - bgp_vrf["router_id] = self.shared_utils.router_id + bgp_vrf["router_id"] = self.shared_utils.router_id if bgp_vrf_redistribute_connected is True: bgp_vrf["redistribute_routes"] = [{"source_protocol": "connected"}] # Redistribution of static routes for VRF default are handled elsewhere From 7f01494ff8da011386b168a1f0e8c42d0721406a Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Tue, 8 Oct 2024 17:48:12 +0530 Subject: [PATCH 20/22] Adding changes as redistribute_mlag_ibgp_peering_vrfs is now False by default --- .../structured_config/network_services/utils.py | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py index 4dc4e9dc877..b33fabb1eae 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py @@ -162,18 +162,16 @@ def _mlag_ibgp_peering_vlan_vrf(self: AvdStructuredConfigNetworkServices, vrf: d return vlan_id - def _exclude_mlag_ibgp_peering_from_redistribute(self: AvdStructuredConfigNetworkServices, vrf: dict, tenant: dict) -> bool: + def _exclude_mlag_ibgp_peering_from_redistribute(self: AvdStructuredConfigNetworkServices, vrf: dict, tenant: dict) -> bool | None: """ - Returns True if MLAG IBGP Peering subnet should be _excluded_ from redistribution for the given vrf/tenant. - - False otherwise. + Returns True if redistribute_connected is True and MLAG IBGP Peering subnet should be _excluded_ from redistribution for the given vrf/tenant. Does _not_ include checks if the peering is enabled at all, so that should be checked first. """ if get(vrf, "redistribute_connected", True) is True: - return default(vrf.get("redistribute_mlag_ibgp_peering_vrfs"), tenant.get("redistribute_mlag_ibgp_peering_vrfs")) is False + return default(vrf.get("redistribute_mlag_ibgp_peering_vrfs"), tenant.get("redistribute_mlag_ibgp_peering_vrfs"), False) is False - return False + return None @cached_property def _configure_bgp_mlag_peer_group(self: AvdStructuredConfigNetworkServices) -> bool: From f7767aa2a6f7d827d84ee95dfb2844faa090ac7f Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Tue, 8 Oct 2024 18:03:38 +0530 Subject: [PATCH 21/22] Ignore CI. --- .../_eos_designs/structured_config/network_services/utils.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py index b33fabb1eae..1d1fa5b26ae 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py @@ -169,7 +169,7 @@ def _exclude_mlag_ibgp_peering_from_redistribute(self: AvdStructuredConfigNetwor Does _not_ include checks if the peering is enabled at all, so that should be checked first. """ if get(vrf, "redistribute_connected", True) is True: - return default(vrf.get("redistribute_mlag_ibgp_peering_vrfs"), tenant.get("redistribute_mlag_ibgp_peering_vrfs"), False) is False + return default(vrf.get("redistribute_mlag_ibgp_peering_vrfs"), tenant.get("redistribute_mlag_ibgp_peering_vrfs"), False) is False # noqa: FBT003 return None From aff3a9b58b489668c3faff87fd47b5c8f796e5ff Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Tue, 8 Oct 2024 12:36:23 +0000 Subject: [PATCH 22/22] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- .../_eos_designs/structured_config/network_services/utils.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py index 1d1fa5b26ae..088287e6c0f 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py @@ -169,7 +169,7 @@ def _exclude_mlag_ibgp_peering_from_redistribute(self: AvdStructuredConfigNetwor Does _not_ include checks if the peering is enabled at all, so that should be checked first. """ if get(vrf, "redistribute_connected", True) is True: - return default(vrf.get("redistribute_mlag_ibgp_peering_vrfs"), tenant.get("redistribute_mlag_ibgp_peering_vrfs"), False) is False # noqa: FBT003 + return default(vrf.get("redistribute_mlag_ibgp_peering_vrfs"), tenant.get("redistribute_mlag_ibgp_peering_vrfs"), False) is False # noqa: FBT003 return None