diff --git a/ansible_collections/arista/avd/docs/porting-guides/5.x.x.md b/ansible_collections/arista/avd/docs/porting-guides/5.x.x.md index 5e1c513c3fd..41101c8806b 100644 --- a/ansible_collections/arista/avd/docs/porting-guides/5.x.x.md +++ b/ansible_collections/arista/avd/docs/porting-guides/5.x.x.md @@ -833,7 +833,7 @@ To retain the previous behavior, set the value to `false`: + shutdown_interfaces_towards_undeployed_peers: false ``` -### BGP is now configured for Network services VRFs even if 'evpn' is not part of the address-families +### BGP is now configured for Network services VRFs even if `evpn` is not part of the address-families AVD versions below 5.0.0 did not generate BGP configuration for VRFs unless the node type included `evpn`, `vpn-ipv4` or `vpn-ipv6` under `default_overlay_address_families` *and* the VRF had the same `evpn`, `vpn-ipv4` or `vpn-ipv6` defined under `address_families` (default is `['evpn']`). diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/errdisable.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/errdisable.md deleted file mode 100644 index 955ad5bdc35..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/errdisable.md +++ /dev/null @@ -1,95 +0,0 @@ -# errdisable - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Errdisable](#errdisable-1) - - [Errdisable Summary](#errdisable-summary) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Errdisable - -### Errdisable Summary - -| Detect Cause | Enabled | -| ------------- | ------- | -| arp-inspection | True | -| dot1x | True | -| link-change | True | -| tapagg | True | -| xcvr-misconfigured | True | -| xcvr-overheat | True | -| xcvr-power-unsupported | True | - -| Detect Cause | Enabled | Interval | -| ------------- | ------- | -------- | -| bpduguard | True | 300 | -| dot1x | True | 300 | -| hitless-reload-down | True | 300 | -| lacp-rate-limit | True | 300 | -| link-flap | True | 300 | -| no-internal-vlan | True | 300 | -| portchannelguard | True | 300 | -| portsec | True | 300 | -| speed-misconfigured | True | 300 | -| tapagg | True | 300 | -| uplink-failure-detection | True | 300 | -| xcvr-misconfigured | True | 300 | -| xcvr-overheat | True | 300 | -| xcvr-power-unsupported | True | 300 | -| xcvr-unsupported | True | 300 | - -```eos -! -errdisable detect cause arp-inspection -errdisable detect cause dot1x -errdisable detect cause link-change -errdisable detect cause tapagg -errdisable detect cause xcvr-misconfigured -errdisable detect cause xcvr-overheat -errdisable detect cause xcvr-power-unsupported -errdisable recovery cause bpduguard -errdisable recovery cause dot1x -errdisable recovery cause hitless-reload-down -errdisable recovery cause lacp-rate-limit -errdisable recovery cause link-flap -errdisable recovery cause no-internal-vlan -errdisable recovery cause portchannelguard -errdisable recovery cause portsec -errdisable recovery cause speed-misconfigured -errdisable recovery cause tapagg -errdisable recovery cause uplink-failure-detection -errdisable recovery cause xcvr-misconfigured -errdisable recovery cause xcvr-overheat -errdisable recovery cause xcvr-power-unsupported -errdisable recovery cause xcvr-unsupported -errdisable recovery interval 300 -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/event-handlers.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/event-handlers.md deleted file mode 100644 index c50247b08ed..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/event-handlers.md +++ /dev/null @@ -1,133 +0,0 @@ -# event-handlers - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Monitoring](#monitoring) - - [Event Handler](#event-handler) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Monitoring - -### Event Handler - -#### Event Handler Summary - -| Handler | Actions | Trigger | Trigger Config | -| ------- | ------- | ------- | -------------- | -| CONFIG_VERSIONING | bash FN=/mnt/flash/startup-config; LFN="`ls -1 $FN.*-* \| tail -n 1`"; if [ -z "$LFN" -o -n "`diff -I 'last modified' $FN $LFN`" ]; then cp $FN $FN.`date +%Y%m%d-%H%M%S`; ls -1r $FN.*-* \| tail -n +11 \| xargs -I % rm %; fi | on-startup-config | - | -| trigger-on-boot | bash if [ 15 -gt 10 ]\nthen\n echo "a is greater than 10"\nfi
increment device health metric Metric1 | on-boot | - | -| trigger-on-counters | log | on-counters | poll interval 10
condition ( Arad*.IptCrcErrCnt.delta > 100 ) and ( Arad*.UcFifoFullDrop.delta > 100 )
granularity per-source | -| trigger-on-counters2 | - | on-counters | condition ( Arad*.IptCrcErrCnt.delta > 100 ) and ( Arad*.UcFifoFullDrop.delta > 100 )
granularity per-source | -| trigger-on-counters3 | - | on-counters | - | -| trigger-on-intf | - | on-intf | trigger on-intf Ethernet4 operstatus ip ip6 | -| trigger-on-intf2 | - | on-intf | - | -| trigger-on-logging | increment device health metric Metric2 | on-logging | poll interval 10
regex ab* | -| trigger-on-logging2 | - | on-logging | regex ab* | -| trigger-on-logging3 | - | on-logging | - | -| trigger-on-maintenance1 | - | on-maintenance | trigger on-maintenance enter interface Management3 after stage linkdown | -| trigger-on-maintenance2 | bash echo "on-maintenance" | on-maintenance | trigger on-maintenance exit unit unit1 before stage bgp | -| trigger-on-maintenance3 | bash echo "on-maintenance" | on-maintenance | trigger on-maintenance enter bgp 10.0.0.2 vrf vrf1 all | -| trigger-on-maintenance4 | - | on-maintenance | - | -| trigger-on-maintenance5 | - | on-maintenance | - | -| trigger-vm-tracer | bash echo "vm-tracer vm" | vm-tracer vm | - | - -#### Event Handler Device Configuration - -```eos -! -event-handler CONFIG_VERSIONING - trigger on-startup-config - action bash FN=/mnt/flash/startup-config; LFN="`ls -1 $FN.*-* | tail -n 1`"; if [ -z "$LFN" -o -n "`diff -I 'last modified' $FN $LFN`" ]; then cp $FN $FN.`date +%Y%m%d-%H%M%S`; ls -1r $FN.*-* | tail -n +11 | xargs -I % rm %; fi - delay 0 -! -event-handler trigger-on-boot - trigger on-boot - action bash - if [ 15 -gt 10 ] - then - echo "a is greater than 10" - fi - EOF - action increment device-health metric Metric1 -! -event-handler trigger-on-counters - action log - trigger on-counters - poll interval 10 - condition ( Arad*.IptCrcErrCnt.delta > 100 ) and ( Arad*.UcFifoFullDrop.delta > 100 ) - granularity per-source -! -event-handler trigger-on-counters2 - trigger on-counters - condition ( Arad*.IptCrcErrCnt.delta > 100 ) and ( Arad*.UcFifoFullDrop.delta > 100 ) - granularity per-source -! -event-handler trigger-on-counters3 - trigger on-counters -! -event-handler trigger-on-intf - trigger on-intf Ethernet4 operstatus ip ip6 -! -event-handler trigger-on-intf2 -! -event-handler trigger-on-logging - action increment device-health metric Metric2 - trigger on-logging - poll interval 10 - regex ab* -! -event-handler trigger-on-logging2 - trigger on-logging - regex ab* -! -event-handler trigger-on-logging3 - trigger on-logging -! -event-handler trigger-on-maintenance1 - trigger on-maintenance enter interface Management3 after stage linkdown -! -event-handler trigger-on-maintenance2 - trigger on-maintenance exit unit unit1 before stage bgp - action bash echo "on-maintenance" -! -event-handler trigger-on-maintenance3 - trigger on-maintenance enter bgp 10.0.0.2 vrf vrf1 all - action bash echo "on-maintenance" -! -event-handler trigger-on-maintenance4 -! -event-handler trigger-on-maintenance5 -! -event-handler trigger-vm-tracer - trigger vm-tracer vm - action bash echo "vm-tracer vm" -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/event-monitor.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/event-monitor.md deleted file mode 100644 index 9d0556b45c3..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/event-monitor.md +++ /dev/null @@ -1,34 +0,0 @@ -# event-monitor - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/groups.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/groups.md deleted file mode 100644 index 394fb35257f..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/groups.md +++ /dev/null @@ -1,90 +0,0 @@ -# groups - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Maintenance Mode](#maintenance-mode) - - [BGP Groups](#bgp-groups) - - [Interface Groups](#interface-groups) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Maintenance Mode - -### BGP Groups - -#### BGP Groups Summary - -| BGP group | VRF Name | Neighbors | BGP maintenance profiles | -| --------- | -------- | --------- | ------------------------ | -| bar | red | peer-group-baz | downlink-neighbors | -| foo | - | 169.254.1.1
fe80::1 | ixp
uplink-neighbors | - -#### BGP Groups Device Configuration - -```eos -! -group bgp bar - vrf red - neighbor peer-group-baz - maintenance profile bgp downlink-neighbors -! -group bgp foo - neighbor 169.254.1.1 - neighbor fe80::1 - maintenance profile bgp ixp - maintenance profile bgp uplink-neighbors -``` - -### Interface Groups - -#### Interface Groups Summary - -| Interface Group | Interfaces | Interface maintenance profile | BGP maintenance profiles | -| --------------- | ---------- | ----------------------------- | ------------------------ | -| QSFP_Interface_Group | Ethernet1,5 | uplink-interfaces | Default | -| SFP_Interface_Group | Ethernet10-20
Ethernet30-48 | downlink-interfaces
ix-interfaces | downlink-neighbors
local-ix | - -#### Interface Groups Device Configuration - -```eos -! -group interface QSFP_Interface_Group - interface Ethernet1,5 - maintenance profile interface uplink-interfaces -! -group interface SFP_Interface_Group - interface Ethernet10-20 - interface Ethernet30-48 - maintenance profile bgp downlink-neighbors - maintenance profile bgp local-ix - maintenance profile interface downlink-interfaces - maintenance profile interface ix-interfaces -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host1.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host1.md index 365385c79c6..a84aa96ee04 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host1.md +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host1.md @@ -1,4 +1,4 @@ -# host1 +# hostname-set-via-hostname-var ## Table of Contents @@ -26,21 +26,40 @@ - [DHCP Server](#dhcp-server) - [DHCP Servers Summary](#dhcp-servers-summary) - [DHCP Server Configuration](#dhcp-server-configuration) + - [DHCP Server Interfaces](#dhcp-server-interfaces) - [System Boot Settings](#system-boot-settings) - [Boot Secret Summary](#boot-secret-summary) - [System Boot Device Configuration](#system-boot-device-configuration) - [Monitoring](#monitoring) - [Custom daemons](#custom-daemons) + - [SFlow](#sflow) + - [Event Handler](#event-handler) - [Interfaces](#interfaces) + - [Interface Profiles](#interface-profiles) - [DPS Interfaces](#dps-interfaces) + - [Ethernet Interfaces](#ethernet-interfaces) + - [Port-Channel Interfaces](#port-channel-interfaces) + - [VLAN Interfaces](#vlan-interfaces) - [Routing](#routing) - [IP Routing](#ip-routing) - [IPv6 Routing](#ipv6-routing) - [ARP](#arp) +- [BFD](#bfd) + - [BFD Interfaces](#bfd-interfaces) +- [MPLS](#mpls) + - [MPLS Interfaces](#mpls-interfaces) +- [Multicast](#multicast) + - [IP IGMP Snooping](#ip-igmp-snooping) + - [PIM Sparse Mode](#pim-sparse-mode) - [Filters](#filters) + - [IP Community-lists](#ip-community-lists) + - [IP Extended Community Lists](#ip-extended-community-lists) + - [IP Extended Community RegExp Lists](#ip-extended-community-regexp-lists) - [AS Path Lists](#as-path-lists) - [802.1X Port Security](#8021x-port-security) - [802.1X Summary](#8021x-summary) +- [Power Over Ethernet (PoE)](#power-over-ethernet-poe) + - [PoE Summary](#poe-summary) - [VRF Instances](#vrf-instances) - [VRF Instances Summary](#vrf-instances-summary) - [VRF Instances Device Configuration](#vrf-instances-device-configuration) @@ -50,8 +69,19 @@ - [Categories](#categories) - [Field Sets](#field-sets) - [Router Application-Traffic-Recognition Device Configuration](#router-application-traffic-recognition-device-configuration) +- [IP DHCP Relay](#ip-dhcp-relay) + - [IP DHCP Relay Summary](#ip-dhcp-relay-summary) + - [IP DHCP Relay Device Configuration](#ip-dhcp-relay-device-configuration) +- [IP DHCP Snooping](#ip-dhcp-snooping) + - [IP DHCP Snooping Device Configuration](#ip-dhcp-snooping-device-configuration) +- [Errdisable](#errdisable) + - [Errdisable Summary](#errdisable-summary) - [Quality Of Service](#quality-of-service) - [QOS Class Maps](#qos-class-maps) + - [QOS Interfaces](#qos-interfaces) +- [Maintenance Mode](#maintenance-mode) + - [BGP Groups](#bgp-groups) + - [Interface Groups](#interface-groups) ## Management @@ -614,6 +644,12 @@ dhcp server vrf VRF01 disabled ``` +### DHCP Server Interfaces + +| Interface name | DHCP IPv4 | DHCP IPv6 | +| -------------- | --------- | --------- | +| Ethernet64 | True | True | + ## System Boot Settings ### Boot Secret Summary @@ -644,8 +680,168 @@ daemon random shutdown ``` +### SFlow + +#### SFlow Summary + +sFlow is disabled. + +#### SFlow Interfaces + +| Interface | Ingress Enabled | Egress Enabled | +| --------- | --------------- | -------------- | +| Ethernet50 | True | - | +| Ethernet51 | - | True | +| Ethernet52 | True | True (unmodified) | +| Ethernet53 | False | False | +| Ethernet54 | False | False (unmodified) | +| Port-Channel117 | True | True | +| Port-Channel118 | True | True (unmodified) | +| Port-Channel119 | False | False | +| Port-Channel120 | False | False (unmodified) | + +### Event Handler + +#### Event Handler Summary + +| Handler | Actions | Trigger | Trigger Config | +| ------- | ------- | ------- | -------------- | +| CONFIG_VERSIONING | bash FN=/mnt/flash/startup-config; LFN="`ls -1 $FN.*-* \| tail -n 1`"; if [ -z "$LFN" -o -n "`diff -I 'last modified' $FN $LFN`" ]; then cp $FN $FN.`date +%Y%m%d-%H%M%S`; ls -1r $FN.*-* \| tail -n +11 \| xargs -I % rm %; fi | on-startup-config | - | +| trigger-on-boot | bash if [ 15 -gt 10 ]\nthen\n echo "a is greater than 10"\nfi
increment device health metric Metric1 | on-boot | - | +| trigger-on-counters | log | on-counters | poll interval 10
condition ( Arad*.IptCrcErrCnt.delta > 100 ) and ( Arad*.UcFifoFullDrop.delta > 100 )
granularity per-source | +| trigger-on-counters2 | - | on-counters | condition ( Arad*.IptCrcErrCnt.delta > 100 ) and ( Arad*.UcFifoFullDrop.delta > 100 )
granularity per-source | +| trigger-on-counters3 | - | on-counters | - | +| trigger-on-intf | - | on-intf | trigger on-intf Ethernet4 operstatus ip ip6 | +| trigger-on-intf2 | - | on-intf | - | +| trigger-on-intf3 | - | on-intf | - | +| trigger-on-intf4 | - | on-intf | trigger on-intf Ethernet4 ip | +| trigger-on-intf5 | - | on-intf | trigger on-intf Ethernet5 ip6 | +| trigger-on-intf6 | - | on-intf | trigger on-intf Ethernet6 operstatus | +| trigger-on-logging | increment device health metric Metric2 | on-logging | poll interval 10
regex ab* | +| trigger-on-logging2 | - | on-logging | regex ab* | +| trigger-on-logging3 | - | on-logging | - | +| trigger-on-maintenance1 | - | on-maintenance | trigger on-maintenance enter interface Management3 after stage linkdown | +| trigger-on-maintenance2 | bash echo "on-maintenance" | on-maintenance | trigger on-maintenance exit unit unit1 before stage bgp | +| trigger-on-maintenance3 | bash echo "on-maintenance" | on-maintenance | trigger on-maintenance enter bgp 10.0.0.2 vrf vrf1 all | +| trigger-on-maintenance4 | - | on-maintenance | - | +| trigger-on-maintenance5 | - | on-maintenance | - | +| trigger-vm-tracer | bash echo "vm-tracer vm" | vm-tracer vm | - | +| trigger-vm-tracer2 | bash echo "vm-tracer vm"\nEOF | vm-tracer vm | - | +| without-trigger-key | - | - | - | + +#### Event Handler Device Configuration + +```eos +! +event-handler CONFIG_VERSIONING + trigger on-startup-config + action bash FN=/mnt/flash/startup-config; LFN="`ls -1 $FN.*-* | tail -n 1`"; if [ -z "$LFN" -o -n "`diff -I 'last modified' $FN $LFN`" ]; then cp $FN $FN.`date +%Y%m%d-%H%M%S`; ls -1r $FN.*-* | tail -n +11 | xargs -I % rm %; fi + delay 0 +! +event-handler trigger-on-boot + trigger on-boot + action bash + if [ 15 -gt 10 ] + then + echo "a is greater than 10" + fi + EOF + action log + action increment device-health metric Metric1 +! +event-handler trigger-on-counters + action log + trigger on-counters + poll interval 10 + condition ( Arad*.IptCrcErrCnt.delta > 100 ) and ( Arad*.UcFifoFullDrop.delta > 100 ) + granularity per-source +! +event-handler trigger-on-counters2 + trigger on-counters + condition ( Arad*.IptCrcErrCnt.delta > 100 ) and ( Arad*.UcFifoFullDrop.delta > 100 ) + granularity per-source +! +event-handler trigger-on-counters3 + trigger on-counters +! +event-handler trigger-on-intf + trigger on-intf Ethernet4 operstatus ip ip6 +! +event-handler trigger-on-intf2 +! +event-handler trigger-on-intf3 +! +event-handler trigger-on-intf4 + trigger on-intf Ethernet4 ip +! +event-handler trigger-on-intf5 + trigger on-intf Ethernet5 ip6 +! +event-handler trigger-on-intf6 + trigger on-intf Ethernet6 operstatus +! +event-handler trigger-on-logging + action increment device-health metric Metric2 + trigger on-logging + poll interval 10 + regex ab* +! +event-handler trigger-on-logging2 + trigger on-logging + regex ab* +! +event-handler trigger-on-logging3 + trigger on-logging +! +event-handler trigger-on-maintenance1 + trigger on-maintenance enter interface Management3 after stage linkdown +! +event-handler trigger-on-maintenance2 + trigger on-maintenance exit unit unit1 before stage bgp + action bash echo "on-maintenance" +! +event-handler trigger-on-maintenance3 + trigger on-maintenance enter bgp 10.0.0.2 vrf vrf1 all + action bash echo "on-maintenance" +! +event-handler trigger-on-maintenance4 +! +event-handler trigger-on-maintenance5 +! +event-handler trigger-vm-tracer + trigger vm-tracer vm + action bash echo "vm-tracer vm" +! +event-handler trigger-vm-tracer2 + trigger vm-tracer vm + action bash echo "vm-tracer vm"\nEOF +! +event-handler without-trigger-key +``` + ## Interfaces +### Interface Profiles + +#### Interface Profiles Summary + +- TEST-PROFILE-1 +- TEST-PROFILE-2 + +#### Interface Profiles Device Configuration + +```eos +! +interface profile TEST-PROFILE-1 + command description Molecule + command no switchport + command no lldp transmit +! +interface profile TEST-PROFILE-2 + command mtu 9214 + command ptp enable +``` + ### DPS Interfaces #### DPS Interfaces Summary @@ -669,6 +865,2400 @@ interface Dps1 load-interval 42 ``` +### Ethernet Interfaces + +#### Ethernet Interfaces Summary + +##### L2 + +| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | +| --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | +| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet1 | dot1q-tunnel | 110-111,200,210-211 | tag | g1, g2 | - | +| Ethernet2 | SRV-POD02_Eth1 | trunk | 110-111,210-211 | - | - | - | +| Ethernet3 | P2P_LINK_TO_DC1-SPINE2_Ethernet2 | trunk | - | 5 | - | - | +| Ethernet5 | Molecule Routing | - | 220 | - | - | - | +| Ethernet6 | SRV-POD02_Eth1 | trunk | 110-111,210-211 | - | - | - | +| Ethernet7 | Molecule L2 | - | - | - | - | - | +| Ethernet11 | interface_in_mode_access_accepting_tagged_LACP | access | 200 | - | - | - | +| Ethernet12 | interface_with_dot1q_tunnel | dot1q-tunnel | 300 | - | - | - | +| Ethernet13 | interface_in_mode_access_with_voice | trunk phone | - | 100 | - | - | +| Ethernet14 | SRV-POD02_Eth1 | trunk | 110-111,210-211 | - | - | - | +| Ethernet15 | PVLAN Promiscuous Access - only one secondary | access | 110 | - | - | - | +| Ethernet16 | PVLAN Promiscuous Trunk - vlan translation out | trunk | 110-112 | - | - | - | +| Ethernet17 | PVLAN Secondary Trunk | trunk | 110-112 | - | - | - | +| Ethernet19 | Switched port with no LLDP rx/tx | access | 110 | - | - | - | +| Ethernet21 | 200MBit/s shape | - | - | - | - | - | +| Ethernet22 | 10% shape | - | - | - | - | - | +| Ethernet23 | Error-correction encoding | - | - | - | - | - | +| Ethernet24 | Disable error-correction encoding | - | - | - | - | - | +| Ethernet25 | Molecule MAC | - | - | - | - | - | +| Ethernet27 | EVPN-Vxlan single-active redundancy | - | - | - | - | - | +| Ethernet28 | EVPN-MPLS multihoming | - | - | - | - | - | +| Ethernet29 | DOT1X Testing - auto phone true | - | - | - | - | - | +| Ethernet30 | DOT1X Testing - force-authorized phone false | - | - | - | - | - | +| Ethernet31 | DOT1X Testing - force-unauthorized - no phone | - | - | - | - | - | +| Ethernet32 | DOT1X Testing - auto reauthentication | - | - | - | - | - | +| Ethernet33 | DOT1X Testing - pae mode authenticator | - | - | - | - | - | +| Ethernet34 | DOT1X Testing - authentication_failure allow | - | - | - | - | - | +| Ethernet35 | DOT1X Testing - authentication_failure drop | - | - | - | - | - | +| Ethernet36 | DOT1X Testing - host-mode single-host | - | - | - | - | - | +| Ethernet37 | DOT1X Testing - host-mode multi-host | - | - | - | - | - | +| Ethernet38 | DOT1X Testing - host-mode multi-host authenticated | - | - | - | - | - | +| Ethernet39 | DOT1X Testing - mac_based_authentication host-mode common true | - | - | - | - | - | +| Ethernet40 | DOT1X Testing - mac_based_authentication always | - | - | - | - | - | +| Ethernet41 | DOT1X Testing - mac_based_authentication always and host-mode common | - | - | - | - | - | +| Ethernet42 | DOT1X Testing - mac_based_authentication | - | - | - | - | - | +| Ethernet43 | DOT1X Testing - timeout values | - | - | - | - | - | +| Ethernet44 | DOT1X Testing - reauthorization_request_limit | - | - | - | - | - | +| Ethernet45 | DOT1X Testing - all features | - | - | - | - | - | +| Ethernet46 | native-vlan-tag-precedence | trunk | - | tag | - | - | +| Ethernet48 | Load Interval | - | - | - | - | - | +| Ethernet50 | SFlow Interface Testing - SFlow ingress enabled | - | - | - | - | - | +| Ethernet51 | SFlow Interface Testing - SFlow egress enabled | - | - | - | - | - | +| Ethernet52 | SFlow Interface Testing - SFlow ingress and egress unmodified enabled | - | - | - | - | - | +| Ethernet53 | SFlow Interface Testing - SFlow ingress and egress disabled | - | - | - | - | - | +| Ethernet54 | SFlow Interface Testing - SFlow ingress and egress unmodified disabled | - | - | - | - | - | +| Ethernet56 | Interface with poe commands and limit in class | - | - | - | - | - | +| Ethernet57 | Interface with poe commands and limit in watts | - | - | - | - | - | +| Ethernet58 | Interface with poe disabled and no other poe keys | - | - | - | - | - | +| Ethernet60 | IP NAT Testing | - | - | - | - | - | +| Ethernet61 | interface_in_mode_access_with_voice | trunk phone | - | 100 | - | - | +| Ethernet62 | interface_in_mode_access_with_voice | trunk phone | - | 100 | - | - | +| Ethernet67 | Custom_Transceiver_Frequency | - | - | - | - | - | +| Ethernet68 | Custom_Transceiver_Frequency | - | - | - | - | - | +| Ethernet69 | IP NAT service-profile | - | - | - | - | - | +| Ethernet73 | DC1-AGG01_Ethernet1 | *trunk | *110,201 | *- | *- | 5 | +| Ethernet74 | MLAG_PEER_DC1-LEAF1B_Ethernet3 | *trunk | *2-4094 | *- | *LEAF_PEER_L3, MLAG | 3 | +| Ethernet75 | MLAG_PEER_DC1-LEAF1B_Ethernet4 | *trunk | *2-4094 | *- | *LEAF_PEER_L3, MLAG | 3 | +| Ethernet76 | SRV-POD03_Eth1 | *trunk | *110,201 | *- | *- | 5 | +| Ethernet78 | DC1-AGG03_Ethernet1 | *trunk | *110,201 | *- | *- | 15 | +| Ethernet79 | DC1-AGG04_Ethernet1 | *trunk | *110,201 | *10 | *- | 16 | +| Ethernet80/1 | LAG Member | *access | *110 | *- | *- | 101 | +| Ethernet80/2 | LAG Member | *trunk | *110-112 | *- | *- | 102 | +| Ethernet80/3 | LAG Member | *trunk | *110-112 | *- | *- | 103 | +| Ethernet80/4 | LAG Member LACP fallback | *trunk | *112 | *- | *- | 104 | +| Ethernet81 | LAG Member | *access | *110 | *- | *- | 109 | +| Ethernet81/2 | LAG Member LACP fallback LLDP ZTP VLAN | *trunk | *112 | *- | *- | 112 | + +*Inherited from Port-Channel Interface + +##### Encapsulation Dot1q Interfaces + +| Interface | Description | Vlan ID | Dot1q VLAN Tag | Dot1q Inner VLAN Tag | +| --------- | ----------- | ------- | -------------- | -------------------- | +| Ethernet8.101 | to WAN-ISP-01 Ethernet2.101 - VRF-C1 | - | 101 | - | +| Ethernet67.1 | Test_encapsulation_dot1q | - | 4 | 34 | + +##### Flexible Encapsulation Interfaces + +| Interface | Description | Vlan ID | Client Encapsulation | Client Inner Encapsulation | Client VLAN | Client Outer VLAN Tag | Client Inner VLAN Tag | Network Encapsulation | Network Inner Encapsulation | Network VLAN | Network Outer VLAN Tag | Network Inner VLAN Tag | +| --------- | ----------- | ------- | --------------- | --------------------- | ----------- | --------------------- | --------------------- | ---------------- | ---------------------- |------------ | ---------------------- | ---------------------- | +| Ethernet26.1 | TENANT_A pseudowire 1 interface | - | unmatched | - | - | - | - | - | - | - | - | - | +| Ethernet26.100 | TENANT_A pseudowire 1 interface | 10 | dot1q | - | 100 | - | - | client | - | - | - | - | +| Ethernet26.200 | TENANT_A pseudowire 2 interface | - | dot1q | - | 200 | - | - | - | - | - | - | - | +| Ethernet26.300 | TENANT_A pseudowire 3 interface | - | dot1q | - | 300 | - | - | dot1q | - | 400 | - | - | +| Ethernet26.400 | TENANT_A pseudowire 3 interface | - | dot1q | - | - | 400 | 20 | dot1q | - | - | 401 | 21 | +| Ethernet26.500 | TENANT_A pseudowire 3 interface | - | dot1q | - | - | 500 | 50 | client | - | - | - | - | +| Ethernet68.1 | Test_encapsulation_vlan1 | - | dot1q | dot1q | - | 23 | 45 | dot1ad | dot1ad | - | 32 | 54 | +| Ethernet68.2 | Test_encapsulation_vlan2 | - | dot1q | - | 10 | - | - | dot1q | - | - | 32 | 54 | +| Ethernet68.3 | Test_encapsulation_vlan3 | - | dot1ad | - | 12 | - | - | dot1q | - | 25 | - | - | +| Ethernet68.4 | Test_encapsulation_vlan4 | - | dot1ad | dot1q | - | 35 | 60 | dot1q | dot1ad | - | 53 | 6 | +| Ethernet68.5 | Test_encapsulation_vlan5 | - | dot1ad | - | - | 35 | 60 | dot1ad | - | - | 52 | 62 | +| Ethernet68.6 | Test_encapsulation_vlan6 | - | dot1ad | - | - | 35 | 60 | client | - | - | - | - | +| Ethernet68.7 | Test_encapsulation_vlan7 | - | untagged | - | - | - | - | dot1ad | - | - | 35 | 60 | +| Ethernet68.8 | Test_encapsulation_vlan8 | - | untagged | - | - | - | - | dot1q | - | - | 35 | 60 | +| Ethernet68.9 | Test_encapsulation_vlan9 | - | untagged | - | - | - | - | untagged | - | - | - | - | +| Ethernet68.10 | Test_encapsulation_vlan9 | - | dot1q | - | - | 14 | 11 | client inner | - | - | - | - | + +##### Private VLAN + +| Interface | PVLAN Mapping | Secondary Trunk | +| --------- | ------------- | ----------------| +| Ethernet1 | 20-30 | True | +| Ethernet2 | - | False | +| Ethernet15 | 111 | - | +| Ethernet17 | - | True | + +##### VLAN Translations + +| Interface | Direction | From VLAN ID(s) | To VLAN ID | From Inner VLAN ID | To Inner VLAN ID | Network | Dot1q-tunnel | +| --------- | --------- | --------------- | ---------- | ------------------ | ---------------- | ------- | ------------ | +| Ethernet1 | both | 12 | 20 | - | - | - | - | +| Ethernet1 | both | 24 | 46 | 78 | - | True | - | +| Ethernet1 | both | 24 | 46 | 78 | - | False | - | +| Ethernet1 | both | 43 | 30 | - | - | - | True | +| Ethernet1 | in | 10 | 24 | - | - | - | - | +| Ethernet1 | in | 23 | 45 | - | - | - | True | +| Ethernet1 | in | 37 | 49 | 56 | - | - | - | +| Ethernet1 | out | 10 | 45 | - | 34 | - | - | +| Ethernet1 | out | 34 | 50 | - | - | - | - | +| Ethernet1 | out | 45 | all | - | - | - | True | +| Ethernet1 | out | 55 | - | - | - | - | - | +| Ethernet3 | out | 23 | 50 | - | - | - | True | +| Ethernet16 | out | 111-112 | 110 | - | - | - | - | + +##### TCP MSS Clamping + +| Interface | Ipv4 Segment Size | Ipv6 Segment Size | Direction | +| --------- | ----------------- | ----------------- | --------- | +| Ethernet1 | 70 | 75 | egress | +| Ethernet2 | 70 | - | ingress | +| Ethernet3 | - | 65 | - | +| Ethernet4 | 65 | - | - | + +##### Transceiver Settings + +| Interface | Transceiver Frequency | Media Override | +| --------- | --------------------- | -------------- | +| Ethernet7 | - | 100gbase-ar4 | +| Ethernet67 | 190050.000 | - | +| Ethernet68 | 190080.000 ghz | 100gbase-ar4 | +| Ethernet73 | - | 100gbase-ar4 | + +##### Link Tracking Groups + +| Interface | Group Name | Direction | +| --------- | ---------- | --------- | +| Ethernet1 | EVPN_MH_ES1 | upstream | +| Ethernet1 | EVPN_MH_ES3, EVPN_MH_ES4 | upstream | +| Ethernet3 | EVPN_MH_ES2 | downstream | + +##### Phone Interfaces + +| Interface | Mode | Native VLAN | Phone VLAN | Phone VLAN Mode | +| --------- | ---- | ----------- | ---------- | --------------- | +| Ethernet1 | dot1q-tunnel | 5 | 110 | tagged | +| Ethernet13 | trunk phone | 100 | 70 | untagged | +| Ethernet61 | trunk phone | 100 | 70 | untagged phone | +| Ethernet62 | trunk phone | 100 | 70 | tagged phone | +| Port-Channel12 | trunk phone | 100 | 70 | untagged | +| Port-Channel100 | dot1q-tunnel | 5 | 110 | tagged | + +##### Multicast Routing + +| Interface | IP Version | Static Routes Allowed | Multicast Boundaries | +| --------- | ---------- | --------------------- | -------------------- | +| Ethernet2 | IPv4 | True | ACL_MULTICAST | +| Ethernet2 | IPv6 | - | ACL_V6_MULTICAST | +| Ethernet4 | IPv4 | True | 224.0.1.0/24, 224.0.2.0/24 | +| Ethernet4 | IPv6 | - | ff00::/16, ff01::/16 | +| Ethernet9 | IPv4 | - | ACL_MULTICAST | +| Ethernet9 | IPv6 | True | - | + +##### IPv4 + +| Interface | Description | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | +| --------- | ----------- | ------------- | ---------- | ----| ---- | -------- | ------ | ------- | +| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet1 | - | 172.31.255.1/31 | default | 1500 | - | - | - | +| Ethernet2 | SRV-POD02_Eth1 | - | 10.1.255.3/24 | default | - | - | - | - | +| Ethernet3 | P2P_LINK_TO_DC1-SPINE2_Ethernet2 | - | 172.31.128.1/31 | default | 1500 | - | - | - | +| Ethernet8.101 | to WAN-ISP-01 Ethernet2.101 - VRF-C1 | - | 172.31.128.1/31 | default | - | - | - | - | +| Ethernet9 | interface_with_mpls_enabled | - | 172.31.128.9/31 | default | - | - | - | - | +| Ethernet10 | interface_with_mpls_disabled | - | 172.31.128.10/31 | default | - | - | - | - | +| Ethernet18 | PBR Description | - | 192.0.2.1/31 | default | 1500 | - | - | - | +| Ethernet47 | IP Helper | - | 172.31.255.1/31 | default | - | - | - | - | +| Ethernet63 | DHCP client interface | - | dhcp | default | - | - | - | - | +| Ethernet64 | DHCP server interface | - | 192.168.42.42/24 | default | - | - | - | - | +| Ethernet65 | Multiple VRIDs | - | 192.0.2.2/25 | default | - | False | - | - | +| Ethernet66 | Multiple VRIDs and tracking | - | 192.0.2.2/25 | default | - | False | - | - | +| Ethernet80 | LAG Member | 17 | *192.0.2.3/31 | **default | **- | **- | **- | **- | + +*Inherited from Port-Channel Interface + +##### IP NAT: Source Static + +| Interface | Direction | Original IP | Original Port | Access List | Translated IP | Translated Port | Protocol | Group | Priority | Comment | +| --------- | --------- | ----------- | ------------- | ----------- | ------------- | --------------- | -------- | ----- | -------- | ------- | +| Ethernet60 | - | 3.0.0.1 | - | - | 4.0.0.1 | - | - | - | 0 | - | +| Ethernet60 | - | 3.0.0.2 | 22 | - | 4.0.0.2 | - | - | - | 0 | - | +| Ethernet60 | - | 3.0.0.3 | 22 | - | 4.0.0.3 | 23 | - | - | 0 | - | +| Ethernet60 | - | 3.0.0.4 | 22 | - | 4.0.0.4 | 23 | UDP | - | 0 | - | +| Ethernet60 | - | 3.0.0.5 | 22 | - | 4.0.0.5 | 23 | TCP | 1 | 0 | - | +| Ethernet60 | - | 3.0.0.6 | 22 | - | 4.0.0.6 | 23 | TCP | 2 | 5 | Comment Test | +| Ethernet60 | - | 3.0.0.7 | - | ACL21 | 4.0.0.7 | - | - | - | 0 | - | +| Ethernet60 | ingress | 3.0.0.8 | - | - | 4.0.0.8 | - | - | - | 0 | - | + +##### IP NAT: Source Dynamic + +| Interface | Access List | NAT Type | Pool Name | Priority | Comment | +| --------- | ----------- | -------- | --------- | -------- | ------- | +| Ethernet60 | ACL11 | pool | POOL11 | 0 | - | +| Ethernet60 | ACL12 | pool | POOL11 | 0 | POOL11 shared with ACL11/12 | +| Ethernet60 | ACL13 | pool | POOL13 | 10 | - | +| Ethernet60 | ACL14 | pool | POOL14 | 1 | Priority low end | +| Ethernet60 | ACL15 | pool | POOL15 | 4294967295 | Priority high end | +| Ethernet60 | ACL16 | pool | POOL16 | 0 | Priority default | +| Ethernet60 | ACL17 | overload | - | 10 | Priority_10 | +| Ethernet60 | ACL18 | pool-address-only | POOL18 | 10 | Priority_10 | +| Ethernet60 | ACL19 | pool-full-cone | POOL19 | 10 | Priority_10 | + +##### IP NAT: Destination Static + +| Interface | Direction | Original IP | Original Port | Access List | Translated IP | Translated Port | Protocol | Group | Priority | Comment | +| --------- | --------- | ----------- | ------------- | ----------- | ------------- | --------------- | -------- | ----- | -------- | ------- | +| Ethernet60 | - | 1.0.0.1 | - | - | 2.0.0.1 | - | - | - | 0 | - | +| Ethernet60 | - | 1.0.0.2 | 22 | - | 2.0.0.2 | - | - | - | 0 | - | +| Ethernet60 | - | 1.0.0.3 | 22 | - | 2.0.0.3 | 23 | - | - | 0 | - | +| Ethernet60 | - | 1.0.0.4 | 22 | - | 2.0.0.4 | 23 | udp | - | 0 | - | +| Ethernet60 | - | 1.0.0.5 | 22 | - | 2.0.0.5 | 23 | tcp | 1 | 0 | - | +| Ethernet60 | - | 1.0.0.6 | 22 | - | 2.0.0.6 | 23 | tcp | 2 | 5 | Comment Test | +| Ethernet60 | - | 1.0.0.7 | - | ACL21 | 2.0.0.7 | - | - | - | 0 | - | +| Ethernet60 | egress | 239.0.0.1 | - | - | 239.0.0.2 | - | - | - | 0 | - | + +##### IP NAT: Destination Dynamic + +| Interface | Access List | Pool Name | Priority | Comment | +| --------- | ----------- | --------- | -------- | ------- | +| Ethernet60 | ACL1 | POOL1 | 0 | - | +| Ethernet60 | ACL2 | POOL1 | 0 | POOL1 shared with ACL1/2 | +| Ethernet60 | ACL3 | POOL3 | 10 | - | +| Ethernet60 | ACL4 | POOL4 | 1 | Priority low end | +| Ethernet60 | ACL5 | POOL5 | 4294967295 | Priority high end | +| Ethernet60 | ACL6 | POOL6 | 0 | Priority default | + +##### IP NAT: Interfaces configured via profile + +| Interface | Profile | +| --------- |-------- | +| Ethernet69 | TEST-NAT-PROFILE | + +##### IPv6 + +| Interface | Description | Channel Group | IPv6 Address | VRF | MTU | Shutdown | ND RA Disabled | Managed Config Flag | IPv6 ACL In | IPv6 ACL Out | +| --------- | ----------- | --------------| ------------ | --- | --- | -------- | -------------- | -------------------| ----------- | ------------ | +| Ethernet3 | P2P_LINK_TO_DC1-SPINE2_Ethernet2 | - | 2002:ABDC::1/64 | default | 1500 | - | - | - | - | - | +| Ethernet4 | Molecule IPv6 | - | 2020::2020/64 | default | 9100 | True | True | True | IPv6_ACL_IN | IPv6_ACL_OUT | +| Ethernet8.101 | to WAN-ISP-01 Ethernet2.101 - VRF-C1 | - | 2002:ABDC::1/64 | default | - | - | - | - | - | - | +| Ethernet55 | DHCPv6 Relay Testing | - | a0::1/64 | default | - | False | - | - | - | - | +| Ethernet65 | Multiple VRIDs | - | 2001:db8::2/64 | default | - | False | - | - | - | - | +| Ethernet66 | Multiple VRIDs and tracking | - | 2001:db8::2/64 | default | - | False | - | - | - | - | + +##### VRRP Details + +| Interface | VRRP-ID | Priority | Advertisement Interval | Preempt | Tracked Object Name(s) | Tracked Object Action(s) | IPv4 Virtual IP | IPv4 VRRP Version | IPv6 Virtual IP | +| --------- | ------- | -------- | ---------------------- | --------| ---------------------- | ------------------------ | --------------- | ----------------- | --------------- | +| Ethernet65 | 1 | 105 | 2 | Enabled | - | - | 192.0.2.1 | 2 | - | +| Ethernet65 | 2 | - | - | Enabled | - | - | - | 2 | 2001:db8::1 | +| Ethernet66 | 1 | 105 | 2 | Enabled | ID1TrackedObjectDecrement, ID1TrackedObjectShutdown | Decrement 5, Shutdown | 192.0.2.1 | 2 | - | +| Ethernet66 | 2 | - | - | Enabled | ID2TrackedObjectDecrement, ID2TrackedObjectShutdown | Decrement 10, Shutdown | - | 2 | 2001:db8::1 | +| Ethernet66 | 3 | - | - | Disabled | - | - | 100.64.0.1 | 3 | - | + +##### ISIS + +| Interface | Channel Group | ISIS Instance | ISIS BFD | ISIS Metric | Mode | ISIS Circuit Type | Hello Padding | Authentication Mode | +| --------- | ------------- | ------------- | -------- | ----------- | ---- | ----------------- | ------------- | ------------------- | +| Ethernet5 | - | ISIS_TEST | True | 99 | point-to-point | level-2 | False | md5 | +| Ethernet81/10 | 110 | *ISIS_TEST | True | *99 | *point-to-point | *level-2 | *True | *text | + +*Inherited from Port-Channel Interface + +##### EVPN Multihoming + +####### EVPN Multihoming Summary + +| Interface | Ethernet Segment Identifier | Multihoming Redundancy Mode | Route Target | +| --------- | --------------------------- | --------------------------- | ------------ | +| Ethernet27 | 0000:0000:0000:0102:0304 | single-active | 00:00:01:02:03:04 | +| Ethernet28 | 0000:0000:0000:0102:0305 | all-active | 00:00:01:02:03:05 | + +####### Designated Forwarder Election Summary + +| Interface | Algorithm | Preference Value | Dont Preempt | Hold time | Subsequent Hold Time | Candidate Reachability Required | +| --------- | --------- | ---------------- | ------------ | --------- | -------------------- | ------------------------------- | +| Ethernet27 | preference | 100 | True | 10 | - | True | + +####### EVPN-MPLS summary + +| Interface | Shared Index | Tunnel Flood Filter Time | +| --------- | ------------ | ------------------------ | +| Ethernet28 | 100 | 100 | + +##### Error Correction Encoding Interfaces + +| Interface | Enabled | +| --------- | ------- | +| Ethernet23 | fire-code
reed-solomon | +| Ethernet24 | Disabled | +| Ethernet81/1 | fire-code
reed-solomon | + +#### Priority Flow Control + +| Interface | PFC | Priority | Drop/No_drop | +| Ethernet1 | True | 5 | False | +| Ethernet2 | True | 5 | True | +| Ethernet3 | False | - | - | +| Ethernet4 | True | - | - | + +#### Ethernet Interfaces Device Configuration + +```eos +! +interface Ethernet1 + description P2P_LINK_TO_DC1-SPINE1_Ethernet1 + mtu 1500 + bgp session tracker ST1 + l2 mtu 8000 + l2 mru 8000 + speed forced 100gfull + switchport access vlan 200 + switchport trunk native vlan tag + switchport phone vlan 110 + switchport phone trunk tagged + switchport vlan translation in required + switchport dot1q vlan tag required + switchport trunk allowed vlan 110-111,210-211 + switchport mode dot1q-tunnel + switchport dot1q ethertype 1536 + switchport vlan forwarding accept all + switchport trunk group g1 + switchport trunk group g2 + no switchport + switchport source-interface tx + switchport vlan translation 12 20 + switchport vlan translation 24 inner 78 network 46 + switchport vlan translation 24 inner 78 46 + switchport vlan translation 43 dot1q-tunnel 30 + switchport vlan translation in 10 24 + switchport vlan translation in 37 inner 56 49 + switchport vlan translation in 23 dot1q-tunnel 45 + switchport vlan translation out 34 50 + switchport vlan translation out 10 45 inner 34 + switchport vlan translation out 45 dot1q-tunnel all + switchport trunk private-vlan secondary + switchport pvlan mapping 20-30 + ip address 172.31.255.1/31 + ip verify unicast source reachable-via rx + bfd interval 500 min-rx 500 multiplier 5 + bfd echo + ip igmp host-proxy + ip igmp host-proxy 239.0.0.1 + ip igmp host-proxy 239.0.0.2 exclude 10.0.2.1 + ip igmp host-proxy 239.0.0.3 include 10.0.3.1 + ip igmp host-proxy 239.0.0.4 include 10.0.4.3 + ip igmp host-proxy 239.0.0.4 include 10.0.4.4 + ip igmp host-proxy 239.0.0.4 exclude 10.0.4.1 + ip igmp host-proxy 239.0.0.4 exclude 10.0.4.2 + ip igmp host-proxy access-list ACL1 + ip igmp host-proxy access-list ACL2 + ip igmp host-proxy report-interval 2 + ip igmp host-proxy version 2 + tcp mss ceiling ipv4 70 ipv6 75 egress + switchport port-security + switchport port-security mac-address maximum disabled + priority-flow-control on + priority-flow-control priority 5 drop + switchport backup-link Ethernet5 prefer vlan 10 + switchport backup preemption-delay 35 + switchport backup mac-move-burst 20 + switchport backup mac-move-burst-interval 30 + switchport backup initial-mac-move-delay 10 + switchport backup dest-macaddr 01:00:00:00:00:00 + link tracking group EVPN_MH_ES1 upstream + link tracking group EVPN_MH_ES3 upstream + link tracking group EVPN_MH_ES4 upstream + comment + Comment created from eos_cli under ethernet_interfaces.Ethernet1 + EOF + +! +interface Ethernet2 + description SRV-POD02_Eth1 + switchport dot1q vlan tag disallowed + switchport trunk allowed vlan 110-111,210-211 + switchport mode trunk + switchport + ip address 10.1.255.3/24 + ip address 1.1.1.3/24 secondary + ip address 1.1.1.4/24 secondary + ip address 10.0.0.254/24 secondary + ip address 192.168.1.1/24 secondary + tcp mss ceiling ipv4 70 ingress + multicast ipv4 boundary ACL_MULTICAST + multicast ipv6 boundary ACL_V6_MULTICAST out + multicast ipv4 static + switchport port-security violation protect log + switchport port-security mac-address maximum 100 + priority-flow-control on + priority-flow-control priority 5 no-drop + storm-control broadcast level pps 500 + storm-control unknown-unicast level 1 + storm-control all level 10 + spanning-tree bpduguard disable + spanning-tree bpdufilter disable +! +interface Ethernet3 + description P2P_LINK_TO_DC1-SPINE2_Ethernet2 + mtu 1500 + switchport trunk native vlan 5 + switchport mode trunk + no switchport + switchport vlan translation out 23 dot1q-tunnel 50 + no snmp trap link-change + ip address 172.31.128.1/31 + ipv6 enable + ipv6 address 2002:ABDC::1/64 + ipv6 nd prefix 2345:ABCD:3FE0::1/96 infinite 50 no-autoconfig + ipv6 nd prefix 2345:ABCD:3FE0::2/96 50 infinite + ipv6 nd prefix 2345:ABCD:3FE0::3/96 100000 no-autoconfig + tcp mss ceiling ipv6 65 + switchport port-security + no switchport port-security mac-address maximum disabled + switchport port-security vlan 1 mac-address maximum 3 + switchport port-security vlan 2 mac-address maximum 3 + switchport port-security vlan 2 mac-address maximum 4 + switchport port-security vlan 3 mac-address maximum 3 + switchport port-security vlan 22 mac-address maximum 4 + switchport port-security vlan 41 mac-address maximum 4 + switchport port-security vlan default mac-address maximum 2 + no priority-flow-control + spanning-tree guard root + switchport backup-link Ethernet4 + link tracking group EVPN_MH_ES2 downstream +! +interface Ethernet4 + description Molecule IPv6 + shutdown + mtu 9100 + no switchport + snmp trap link-change + ipv6 enable + ipv6 address 2020::2020/64 + ipv6 address FE80:FEA::AB65/64 link-local + ipv6 nd ra disabled + ipv6 nd managed-config-flag + tcp mss ceiling ipv4 65 + ipv6 access-group IPv6_ACL_IN in + ipv6 access-group IPv6_ACL_OUT out + multicast ipv4 boundary 224.0.1.0/24 out + multicast ipv4 boundary 224.0.2.0/24 + multicast ipv6 boundary ff00::/16 out + multicast ipv6 boundary ff01::/16 out + multicast ipv4 static + switchport port-security violation protect + priority-flow-control on + spanning-tree guard none +! +interface Ethernet5 + description Molecule Routing + no shutdown + mtu 9100 + switchport access vlan 220 + no switchport + ip ospf cost 99 + ip ospf network point-to-point + ip ospf authentication message-digest + ip ospf authentication-key 7 + ip ospf area 100 + ip ospf message-digest-key 1 sha512 7 + pim ipv4 sparse-mode + pim ipv4 bidirectional + pim ipv4 border-router + pim ipv4 hello interval 10 + pim ipv4 hello count 2.5 + pim ipv4 dr-priority 200 + pim ipv4 bfd + isis enable ISIS_TEST + isis bfd + isis circuit-type level-2 + isis metric 99 + no isis hello padding + isis network point-to-point + isis authentication mode md5 + isis authentication key 7 + spanning-tree guard loop +! +interface Ethernet6 + description SRV-POD02_Eth1 + logging event link-status + logging event congestion-drops + switchport trunk allowed vlan 110-111,210-211 + switchport mode trunk + switchport + logging event storm-control discards + spanning-tree bpduguard enable + spanning-tree bpdufilter enable + logging event spanning-tree +! +interface Ethernet7 + description Molecule L2 + no shutdown + mtu 7000 + switchport + ptp enable + ptp announce interval 10 + ptp announce timeout 30 + ptp delay-mechanism p2p + ptp delay-req interval 20 + ptp role master + ptp sync-message interval 5 + ptp transport layer2 + ptp vlan all + service-profile QoS + qos trust cos + qos cos 5 + storm-control broadcast level pps 10 + storm-control multicast level 50 + storm-control unknown-unicast level 10 + storm-control all level 75 + spanning-tree portfast + spanning-tree bpduguard enable + spanning-tree bpdufilter enable + vmtracer vmware-esx + transceiver media override 100gbase-ar4 +! +interface Ethernet8 + description to WAN-ISP1-01 Ethernet2 + no switchport + no lldp transmit + no lldp receive +! +interface Ethernet8.101 + description to WAN-ISP-01 Ethernet2.101 - VRF-C1 + encapsulation dot1q vlan 101 + ip address 172.31.128.1/31 + ipv6 enable + ipv6 address 2002:ABDC::1/64 +! +interface Ethernet9 + description interface_with_mpls_enabled + no switchport + ip address 172.31.128.9/31 + mpls ldp interface + multicast ipv4 boundary ACL_MULTICAST out + multicast ipv6 static + mpls ip +! +interface Ethernet10 + description interface_with_mpls_disabled + no switchport + ip address 172.31.128.10/31 + no mpls ldp interface + no mpls ip +! +interface Ethernet11 + description interface_in_mode_access_accepting_tagged_LACP + switchport access vlan 200 + switchport mode access + switchport + l2-protocol encapsulation dot1q vlan 200 +! +interface Ethernet12 + description interface_with_dot1q_tunnel + switchport access vlan 300 + switchport mode dot1q-tunnel + switchport +! +interface Ethernet13 + description interface_in_mode_access_with_voice + no logging event link-status + no logging event congestion-drops + switchport trunk native vlan 100 + switchport phone vlan 70 + switchport phone trunk untagged + switchport mode trunk phone + switchport + no logging event storm-control discards + no logging event spanning-tree +! +interface Ethernet14 + description SRV-POD02_Eth1 + logging event link-status + switchport trunk allowed vlan 110-111,210-211 + switchport mode trunk + switchport +! +interface Ethernet15 + description PVLAN Promiscuous Access - only one secondary + switchport access vlan 110 + switchport mode access + switchport + switchport pvlan mapping 111 +! +interface Ethernet16 + description PVLAN Promiscuous Trunk - vlan translation out + switchport vlan translation out required + switchport trunk allowed vlan 110-112 + switchport mode trunk + switchport + switchport vlan translation out 111-112 110 +! +interface Ethernet17 + description PVLAN Secondary Trunk + switchport trunk allowed vlan 110-112 + switchport mode trunk + switchport + switchport trunk private-vlan secondary +! +interface Ethernet18 + description PBR Description + mtu 1500 + no switchport + ip address 192.0.2.1/31 + service-policy type pbr input MyLANServicePolicy +! +interface Ethernet19 + description Switched port with no LLDP rx/tx + switchport access vlan 110 + switchport mode access + switchport + no lldp transmit + no lldp receive + lldp tlv transmit ztp vlan 666 +! +interface Ethernet20 + description Port patched through patch-panel to pseudowire + no switchport + no lldp transmit + no lldp receive +! +interface Ethernet21 + description 200MBit/s shape + switchport + no qos trust + shape rate 200000 kbps +! +interface Ethernet22 + description 10% shape + switchport + shape rate 10 percent +! +interface Ethernet23 + description Error-correction encoding + error-correction encoding fire-code + error-correction encoding reed-solomon + switchport +! +interface Ethernet24 + description Disable error-correction encoding + no error-correction encoding + switchport +! +interface Ethernet25 + description Molecule MAC + switchport + mac access-group MAC_ACL_IN in + mac access-group MAC_ACL_OUT out +! +interface Ethernet26 + no switchport +! +interface Ethernet26.1 + description TENANT_A pseudowire 1 interface + encapsulation vlan + client unmatched +! +interface Ethernet26.100 + description TENANT_A pseudowire 1 interface + vlan id 10 + encapsulation vlan + client dot1q 100 network client +! +interface Ethernet26.200 + description TENANT_A pseudowire 2 interface + encapsulation vlan + client dot1q 200 +! +interface Ethernet26.300 + description TENANT_A pseudowire 3 interface + encapsulation vlan + client dot1q 300 network dot1q 400 +! +interface Ethernet26.400 + description TENANT_A pseudowire 3 interface + encapsulation vlan + client dot1q outer 400 inner 20 network dot1q outer 401 inner 21 +! +interface Ethernet26.500 + description TENANT_A pseudowire 3 interface + encapsulation vlan + client dot1q outer 500 inner 50 network client +! +interface Ethernet27 + description EVPN-Vxlan single-active redundancy + switchport + ! + evpn ethernet-segment + identifier 0000:0000:0000:0102:0304 + redundancy single-active + designated-forwarder election algorithm preference 100 dont-preempt + designated-forwarder election hold-time 10 + designated-forwarder election candidate reachability required + route-target import 00:00:01:02:03:04 +! +interface Ethernet28 + description EVPN-MPLS multihoming + switchport + ! + evpn ethernet-segment + identifier 0000:0000:0000:0102:0305 + mpls tunnel flood filter time 100 + mpls shared index 100 + route-target import 00:00:01:02:03:05 +! +interface Ethernet29 + description DOT1X Testing - auto phone true + switchport + dot1x port-control auto + dot1x port-control force-authorized phone +! +interface Ethernet30 + description DOT1X Testing - force-authorized phone false + switchport + dot1x port-control force-authorized + no dot1x port-control force-authorized phone +! +interface Ethernet31 + description DOT1X Testing - force-unauthorized - no phone + switchport + dot1x port-control force-unauthorized +! +interface Ethernet32 + description DOT1X Testing - auto reauthentication + switchport + dot1x reauthentication + dot1x port-control auto +! +interface Ethernet33 + description DOT1X Testing - pae mode authenticator + switchport + dot1x pae authenticator +! +interface Ethernet34 + description DOT1X Testing - authentication_failure allow + switchport + dot1x authentication failure action traffic allow vlan 800 +! +interface Ethernet35 + description DOT1X Testing - authentication_failure drop + switchport + dot1x authentication failure action traffic drop +! +interface Ethernet36 + description DOT1X Testing - host-mode single-host + switchport + dot1x host-mode single-host +! +interface Ethernet37 + description DOT1X Testing - host-mode multi-host + switchport + dot1x host-mode multi-host +! +interface Ethernet38 + description DOT1X Testing - host-mode multi-host authenticated + switchport + dot1x host-mode multi-host authenticated +! +interface Ethernet39 + description DOT1X Testing - mac_based_authentication host-mode common true + switchport + dot1x mac based authentication host-mode common +! +interface Ethernet40 + description DOT1X Testing - mac_based_authentication always + switchport + dot1x mac based authentication always +! +interface Ethernet41 + description DOT1X Testing - mac_based_authentication always and host-mode common + switchport + dot1x mac based authentication host-mode common + dot1x mac based authentication always +! +interface Ethernet42 + description DOT1X Testing - mac_based_authentication + switchport + dot1x mac based authentication +! +interface Ethernet43 + description DOT1X Testing - timeout values + switchport + dot1x timeout quiet-period 10 + dot1x timeout reauth-timeout-ignore always + dot1x timeout tx-period 6 + dot1x timeout reauth-period server + dot1x timeout idle-host 15 seconds +! +interface Ethernet44 + description DOT1X Testing - reauthorization_request_limit + switchport + dot1x eapol disabled + dot1x reauthorization request limit 3 +! +interface Ethernet45 + description DOT1X Testing - all features + switchport + dot1x pae authenticator + dot1x authentication failure action traffic allow vlan 800 + dot1x reauthentication + dot1x port-control auto + dot1x host-mode multi-host authenticated + dot1x mac based authentication + dot1x timeout quiet-period 10 + dot1x timeout reauth-timeout-ignore always + dot1x timeout tx-period 10 + dot1x timeout reauth-period server + dot1x timeout idle-host 10 seconds + dot1x reauthorization request limit 2 + dot1x unauthorized access vlan membership egress + dot1x unauthorized native vlan membership egress + dot1x eapol authentication failure fallback mba timeout 600 +! +interface Ethernet46 + description native-vlan-tag-precedence + switchport trunk native vlan tag + switchport mode trunk + switchport +! +interface Ethernet47 + description IP Helper + no switchport + ip address 172.31.255.1/31 + ip helper-address 10.10.64.151 + ip helper-address 10.10.96.101 source-interface Loopback0 + ip helper-address 10.10.96.150 vrf MGMT source-interface Loopback0 + ip helper-address 10.10.96.151 vrf MGMT +! +interface Ethernet48 + description Load Interval + load-interval 5 + switchport +! +interface Ethernet50 + description SFlow Interface Testing - SFlow ingress enabled + switchport + sflow enable +! +interface Ethernet51 + description SFlow Interface Testing - SFlow egress enabled + switchport + sflow egress enable +! +interface Ethernet52 + description SFlow Interface Testing - SFlow ingress and egress unmodified enabled + switchport + sflow enable + sflow egress unmodified enable +! +interface Ethernet53 + description SFlow Interface Testing - SFlow ingress and egress disabled + switchport + no sflow enable + no sflow egress enable +! +interface Ethernet54 + description SFlow Interface Testing - SFlow ingress and egress unmodified disabled + switchport + no sflow enable + no sflow egress unmodified enable +! +interface Ethernet55 + description DHCPv6 Relay Testing + no shutdown + no switchport + ipv6 dhcp relay destination a0::2 link-address a0::3 + ipv6 dhcp relay destination a0::4 vrf TEST local-interface Loopback55 link-address a0::5 + ipv6 address a0::1/64 +! +interface Ethernet56 + description Interface with poe commands and limit in class + switchport + poe priority low + poe reboot action power-off + poe link down action power-off 10 seconds + poe shutdown action maintain + poe limit 30.00 watts + poe negotiation lldp disabled +! +interface Ethernet57 + description Interface with poe commands and limit in watts + switchport + poe priority critical + poe reboot action maintain + poe link down action maintain + poe shutdown action power-off + poe limit 45.00 watts fixed + poe legacy detect +! +interface Ethernet58 + description Interface with poe disabled and no other poe keys + switchport + poe disabled +! +interface Ethernet60 + description IP NAT Testing + switchport + ip nat destination static 1.0.0.1 2.0.0.1 + ip nat destination static 1.0.0.2 22 2.0.0.2 + ip nat destination static 1.0.0.3 22 2.0.0.3 23 + ip nat destination static 1.0.0.4 22 2.0.0.4 23 protocol udp + ip nat destination static 1.0.0.7 access-list ACL21 2.0.0.7 + ip nat source static 3.0.0.1 4.0.0.1 + ip nat source static 3.0.0.2 22 4.0.0.2 + ip nat source static 3.0.0.3 22 4.0.0.3 23 + ip nat source static 3.0.0.4 22 4.0.0.4 23 protocol udp + ip nat source static 3.0.0.7 access-list ACL21 4.0.0.7 + ip nat source ingress static 3.0.0.8 4.0.0.8 + ip nat destination egress static 239.0.0.1 239.0.0.2 + ip nat source static 3.0.0.5 22 4.0.0.5 23 protocol tcp group 1 + ip nat destination static 1.0.0.5 22 2.0.0.5 23 protocol tcp group 1 + ip nat source static 3.0.0.6 22 4.0.0.6 23 protocol tcp group 2 comment Comment Test + ip nat destination static 1.0.0.6 22 2.0.0.6 23 protocol tcp group 2 comment Comment Test + ip nat destination dynamic access-list ACL1 pool POOL1 + ip nat source dynamic access-list ACL11 pool POOL11 + ip nat source dynamic access-list ACL12 pool POOL11 comment POOL11 shared with ACL11/12 + ip nat source dynamic access-list ACL13 pool POOL13 priority 10 + ip nat source dynamic access-list ACL14 pool POOL14 priority 1 comment Priority low end + ip nat source dynamic access-list ACL15 pool POOL15 priority 4294967295 comment Priority high end + ip nat source dynamic access-list ACL16 pool POOL16 comment Priority default + ip nat source dynamic access-list ACL17 overload priority 10 comment Priority_10 + ip nat source dynamic access-list ACL18 pool POOL18 address-only priority 10 comment Priority_10 + ip nat source dynamic access-list ACL19 pool POOL19 full-cone priority 10 comment Priority_10 + ip nat destination dynamic access-list ACL2 pool POOL1 comment POOL1 shared with ACL1/2 + ip nat destination dynamic access-list ACL3 pool POOL3 priority 10 + ip nat destination dynamic access-list ACL4 pool POOL4 priority 1 comment Priority low end + ip nat destination dynamic access-list ACL5 pool POOL5 priority 4294967295 comment Priority high end + ip nat destination dynamic access-list ACL6 pool POOL6 comment Priority default +! +interface Ethernet61 + description interface_in_mode_access_with_voice + no logging event link-status + no logging event congestion-drops + switchport trunk native vlan 100 + switchport phone vlan 70 + switchport phone trunk untagged phone + switchport mode trunk phone + switchport + no logging event storm-control discards + no logging event spanning-tree +! +interface Ethernet62 + description interface_in_mode_access_with_voice + no logging event link-status + no logging event congestion-drops + switchport trunk native vlan 100 + switchport phone vlan 70 + switchport phone trunk tagged phone + switchport mode trunk phone + switchport + no logging event storm-control discards + no logging event spanning-tree +! +interface Ethernet63 + description DHCP client interface + no switchport + ip address dhcp + dhcp client accept default-route +! +interface Ethernet64 + description DHCP server interface + no switchport + mac timestamp replace-fcs + ip address 192.168.42.42/24 + dhcp server ipv4 + dhcp server ipv6 +! +interface Ethernet65 + description Multiple VRIDs + no shutdown + no switchport + mac timestamp header + ip address 192.0.2.2/25 + ipv6 enable + ipv6 address 2001:db8::2/64 + ipv6 address fe80::2/64 link-local + vrrp 1 priority-level 105 + vrrp 1 advertisement interval 2 + vrrp 1 preempt delay minimum 30 reload 800 + vrrp 1 ipv4 192.0.2.1 + vrrp 2 ipv6 2001:db8::1 +! +interface Ethernet66 + description Multiple VRIDs and tracking + no shutdown + no switchport + ip address 192.0.2.2/25 + ipv6 enable + ipv6 address 2001:db8::2/64 + ipv6 address fe80::2/64 link-local + vrrp 1 priority-level 105 + vrrp 1 advertisement interval 2 + vrrp 1 preempt delay minimum 30 reload 800 + vrrp 1 ipv4 192.0.2.1 + vrrp 1 tracked-object ID1TrackedObjectDecrement decrement 5 + vrrp 1 tracked-object ID1TrackedObjectShutdown shutdown + vrrp 2 ipv6 2001:db8::1 + vrrp 2 tracked-object ID2TrackedObjectDecrement decrement 10 + vrrp 2 tracked-object ID2TrackedObjectShutdown shutdown + no vrrp 3 preempt + vrrp 3 timers delay reload 900 + vrrp 3 ipv4 100.64.0.1 + vrrp 3 ipv4 version 3 +! +interface Ethernet67 + description Custom_Transceiver_Frequency + no shutdown + switchport + mac timestamp before-fcs + transceiver frequency 190050.000 +! +interface Ethernet67.1 + description Test_encapsulation_dot1q + encapsulation dot1q vlan 4 inner 34 +! +interface Ethernet68 + description Custom_Transceiver_Frequency + no shutdown + switchport + transceiver media override 100gbase-ar4 + transceiver frequency 190080.000 ghz +! +interface Ethernet68.1 + description Test_encapsulation_vlan1 + encapsulation vlan + client dot1q outer 23 inner dot1q 45 network dot1ad outer 32 inner dot1ad 54 +! +interface Ethernet68.2 + description Test_encapsulation_vlan2 + encapsulation vlan + client dot1q 10 network dot1q outer 32 inner 54 +! +interface Ethernet68.3 + description Test_encapsulation_vlan3 + encapsulation vlan + client dot1ad 12 network dot1q 25 +! +interface Ethernet68.4 + description Test_encapsulation_vlan4 + encapsulation vlan + client dot1ad outer 35 inner dot1q 60 network dot1q outer 53 inner dot1ad 6 +! +interface Ethernet68.5 + description Test_encapsulation_vlan5 + encapsulation vlan + client dot1ad outer 35 inner 60 network dot1ad outer 52 inner 62 +! +interface Ethernet68.6 + description Test_encapsulation_vlan6 + encapsulation vlan + client dot1ad outer 35 inner 60 network client +! +interface Ethernet68.7 + description Test_encapsulation_vlan7 + encapsulation vlan + client untagged network dot1ad outer 35 inner 60 +! +interface Ethernet68.8 + description Test_encapsulation_vlan8 + encapsulation vlan + client untagged network dot1q outer 35 inner 60 +! +interface Ethernet68.9 + description Test_encapsulation_vlan9 + encapsulation vlan + client untagged network untagged +! +interface Ethernet68.10 + description Test_encapsulation_vlan9 + encapsulation vlan + client dot1q outer 14 inner 11 network client inner +! +interface Ethernet69 + description IP NAT service-profile + switchport + ip nat service-profile TEST-NAT-PROFILE +! +interface Ethernet70 + description dot1x_aaa_unresponsive + no shutdown + dot1x aaa unresponsive phone action apply cached-results timeout 10 hours else traffic allow + dot1x aaa unresponsive action traffic allow vlan 10 access-list acl1 + dot1x aaa unresponsive eap response success + dot1x mac based access-list +! +interface Ethernet71 + description dot1x_aaa_unresponsive1 + no shutdown + dot1x aaa unresponsive phone action apply cached-results timeout 10 hours + dot1x aaa unresponsive action traffic allow vlan 10 access-list acl1 + dot1x aaa unresponsive eap response success + dot1x mac based access-list +! +interface Ethernet72 + description dot1x_aaa_unresponsive2 + no shutdown + dot1x aaa unresponsive action traffic allow vlan 10 access-list acl1 + dot1x aaa unresponsive eap response success + dot1x mac based access-list +! +interface Ethernet73 + description DC1-AGG01_Ethernet1 + channel-group 5 mode active + transceiver media override 100gbase-ar4 +! +interface Ethernet74 + description MLAG_PEER_DC1-LEAF1B_Ethernet3 + channel-group 3 mode active +! +interface Ethernet75 + description MLAG_PEER_DC1-LEAF1B_Ethernet4 + channel-group 3 mode active +! +interface Ethernet76 + description SRV-POD03_Eth1 + channel-group 5 mode active + no lldp transmit + no lldp receive +! +interface Ethernet77 + description MLAG_PEER_DC1-LEAF1B_Ethernet8 + channel-group 8 mode active +! +interface Ethernet78 + description DC1-AGG03_Ethernet1 + channel-group 15 mode active + lacp timer fast + lacp timer multiplier 30 +! +interface Ethernet79 + description DC1-AGG04_Ethernet1 + channel-group 16 mode active + lacp timer normal +! +interface Ethernet80 + description LAG Member + channel-group 17 mode active +! +interface Ethernet80/1 + description LAG Member + channel-group 101 mode active +! +interface Ethernet80/2 + description LAG Member + channel-group 102 mode active +! +interface Ethernet80/3 + description LAG Member + channel-group 103 mode active +! +interface Ethernet80/4 + description LAG Member LACP fallback + switchport trunk allowed vlan 100 + switchport mode trunk + switchport + channel-group 104 mode active + spanning-tree portfast +! +interface Ethernet81 + description LAG Member + channel-group 109 mode active +! +interface Ethernet81/1 + description LAG Member with error_correction + error-correction encoding fire-code + error-correction encoding reed-solomon + channel-group 111 mode active +! +interface Ethernet81/2 + description LAG Member LACP fallback LLDP ZTP VLAN + switchport trunk allowed vlan 112 + switchport mode trunk + switchport + channel-group 112 mode active + lldp tlv transmit ztp vlan 112 + spanning-tree portfast +! +interface Ethernet81/10 + description isis_port_channel_member + channel-group 110 mode active +``` + +### Port-Channel Interfaces + +#### Port-Channel Interfaces Summary + +##### L2 + +| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | +| --------- | ----------- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | +| Port-Channel3 | MLAG_PEER_DC1-LEAF1B_Po3 | trunk | 2-4094 | - | LEAF_PEER_L3, MLAG | - | - | - | - | +| Port-Channel5 | DC1_L2LEAF1_Po1 | trunk | 110,201 | - | - | - | - | 5 | - | +| Port-Channel10 | SRV01_bond0 | trunk | 2-3000 | - | - | - | - | - | 0000:0000:0404:0404:0303 | +| Port-Channel12 | interface_in_mode_access_with_voice | trunk phone | - | 100 | - | - | - | - | - | +| Port-Channel13 | EVPN-Vxlan single-active redundancy | - | - | - | - | - | - | - | 0000:0000:0000:0102:0304 | +| Port-Channel14 | EVPN-MPLS multihoming | - | - | - | - | - | - | - | 0000:0000:0000:0102:0305 | +| Port-Channel15 | DC1_L2LEAF3_Po1 | trunk | 110,201 | - | - | - | - | 15 | - | +| Port-Channel16 | DC1_L2LEAF4_Po1 | trunk | 110,201 | 10 | - | - | - | 16 | - | +| Port-Channel20 | Po_in_mode_access_accepting_tagged_LACP_frames | access | 200 | - | - | - | - | - | - | +| Port-Channel50 | SRV-POD03_PortChanne1 | trunk | 1-4000 | - | - | - | - | - | 0000:0000:0303:0202:0101 | +| Port-Channel51 | ipv6_prefix | trunk | 1-500 | - | - | - | - | - | - | +| Port-Channel100 | - | dot1q-tunnel | 10-11,200 | tag | g1, g2 | - | - | - | - | +| Port-Channel101 | PVLAN Promiscuous Access - only one secondary | access | 110 | - | - | - | - | - | - | +| Port-Channel102 | PVLAN Promiscuous Trunk - vlan translation out | trunk | 110-112 | - | - | - | - | - | - | +| Port-Channel103 | PVLAN Secondary Trunk | trunk | 110-112 | - | - | - | - | - | - | +| Port-Channel104 | LACP fallback individual | trunk | 112 | - | - | 300 | individual | - | - | +| Port-Channel105 | bpdu disabled | - | - | - | - | - | - | - | - | +| Port-Channel106 | bpdu enabled | - | - | - | - | - | - | - | - | +| Port-Channel107 | bpdu true | - | - | - | - | - | - | - | - | +| Port-Channel108 | bpdu false | - | - | - | - | - | - | - | - | +| Port-Channel109 | Molecule ACLs | access | 110 | - | - | - | - | - | - | +| Port-Channel112 | LACP fallback individual | trunk | 112 | - | - | 5 | individual | - | - | +| Port-Channel115 | native-vlan-tag-precedence | trunk | - | tag | - | - | - | - | - | +| Port-Channel121 | access_port_with_no_vlans | access | - | - | - | - | - | - | - | +| Port-Channel122 | trunk_port_with_no_vlans | trunk | - | - | - | - | - | - | - | +| Port-Channel130 | IP NAT Testing | - | - | - | - | - | - | - | - | +| Port-Channel131 | dot1q-tunnel mode | dot1q-tunnel | 115 | - | - | - | - | - | - | + +##### Encapsulation Dot1q + +| Interface | Description | Vlan ID | Dot1q VLAN Tag | Dot1q Inner VLAN Tag | +| --------- | ----------- | ------- | -------------- | -------------------- | +| Port-Channel8.101 | to Dev02 Port-Channel8.101 - VRF-C1 | - | 101 | - | +| Port-Channel100.101 | IFL for TENANT01 | - | 101 | - | +| Port-Channel100.102 | IFL for TENANT02 | - | 102 | 110 | + +##### Flexible Encapsulation Interfaces + +| Interface | Description | Vlan ID | Client Encapsulation | Client Inner Encapsulation | Client VLAN | Client Outer VLAN Tag | Client Inner VLAN Tag | Network Encapsulation | Network Inner Encapsulation | Network VLAN | Network Outer VLAN Tag | Network Inner VLAN Tag | +| --------- | ----------- | ------- | --------------- | --------------------- | ----------- | --------------------- | --------------------- | ---------------- | ---------------------- | ------------ | ---------------------- | ---------------------- | +| Port-Channel111.1 | TENANT_A pseudowire 1 interface | - | unmatched | - | - | - | - | - | - | - | - | - | +| Port-Channel111.100 | TENANT_A pseudowire 2 interface | - | dot1q | - | 100 | - | - | client | - | - | - | - | +| Port-Channel111.200 | TENANT_A pseudowire 3 interface | - | dot1q | - | 200 | - | - | - | - | - | - | - | +| Port-Channel111.300 | TENANT_A pseudowire 4 interface | - | dot1q | - | 300 | - | - | dot1q | - | 400 | - | - | +| Port-Channel111.400 | TENANT_A pseudowire 3 interface | - | dot1q | - | - | 400 | 20 | dot1q | - | - | 401 | 21 | +| Port-Channel111.1000 | L2 Subinterface | 1000 | dot1q | - | 100 | - | - | client | - | - | - | - | +| Port-Channel131.1 | Test_encapsulation_vlan1 | - | dot1q | dot1q | - | 23 | 45 | dot1ad | dot1ad | - | 32 | 54 | +| Port-Channel131.2 | Test_encapsulation_vlan2 | - | dot1q | - | 10 | - | - | dot1q | - | - | 32 | 54 | +| Port-Channel131.3 | Test_encapsulation_vlan3 | - | dot1ad | - | 12 | - | - | dot1q | - | 25 | - | - | +| Port-Channel131.4 | Test_encapsulation_vlan4 | - | dot1ad | dot1q | - | 35 | 60 | dot1q | dot1ad | - | 53 | 6 | +| Port-Channel131.5 | Test_encapsulation_vlan5 | - | dot1ad | - | - | 35 | 60 | dot1ad | - | - | 52 | 62 | +| Port-Channel131.6 | Test_encapsulation_vlan6 | - | dot1ad | - | - | 35 | 60 | client | - | - | - | - | +| Port-Channel131.7 | Test_encapsulation_vlan7 | - | untagged | - | - | - | - | dot1ad | - | - | 35 | 60 | +| Port-Channel131.8 | Test_encapsulation_vlan8 | - | untagged | - | - | - | - | dot1q | - | - | 35 | 60 | +| Port-Channel131.9 | Test_encapsulation_vlan9 | - | untagged | - | - | - | - | untagged | - | - | - | - | +| Port-Channel131.10 | Test_encapsulation_vlan9 | - | dot1q | - | - | 14 | 11 | client inner | - | - | - | - | + +##### Private VLAN + +| Interface | PVLAN Mapping | Secondary Trunk | +| --------- | ------------- | ----------------| +| Port-Channel15 | - | False | +| Port-Channel100 | 20-30 | True | +| Port-Channel101 | 111 | - | +| Port-Channel103 | - | True | + +##### VLAN Translations + +| Interface | Direction | From VLAN ID(s) | To VLAN ID | From Inner VLAN ID | To Inner VLAN ID | Network | Dot1q-tunnel | +| --------- | --------- | --------------- | ---------- | ------------------ | ---------------- | ------- | ------------ | +| Port-Channel16 | out | 23 | 22 | - | - | - | True | +| Port-Channel100 | both | 12 | 20 | - | - | - | - | +| Port-Channel100 | both | 23 | 42 | 74 | - | False | - | +| Port-Channel100 | both | 24 | 46 | 78 | - | True | - | +| Port-Channel100 | both | 43 | 30 | - | - | - | True | +| Port-Channel100 | in | 23 | 45 | - | - | - | True | +| Port-Channel100 | in | 34 | 23 | - | - | - | - | +| Port-Channel100 | in | 37 | 49 | - | 56 | - | - | +| Port-Channel100 | out | 10 | 45 | - | 34 | - | - | +| Port-Channel100 | out | 34 | 50 | - | - | - | - | +| Port-Channel100 | out | 45 | all | - | - | - | True | +| Port-Channel100 | out | 55 | - | - | - | - | - | +| Port-Channel102 | out | 111-112 | 110 | - | - | - | - | + +##### EVPN Multihoming + +####### EVPN Multihoming Summary + +| Interface | Ethernet Segment Identifier | Multihoming Redundancy Mode | Route Target | +| --------- | --------------------------- | --------------------------- | ------------ | +| Port-Channel10 | 0000:0000:0404:0404:0303 | all-active | 04:04:03:03:02:02 | +| Port-Channel13 | 0000:0000:0000:0102:0304 | single-active | 00:00:01:02:03:04 | +| Port-Channel14 | 0000:0000:0000:0102:0305 | all-active | 00:00:01:02:03:05 | +| Port-Channel50 | 0000:0000:0303:0202:0101 | all-active | 03:03:02:02:01:01 | +| Port-Channel111.1000 | 0000:0000:0303:0202:0101 | all-active | 03:03:02:02:01:01 | + +####### Designated Forwarder Election Summary + +| Interface | Algorithm | Preference Value | Dont Preempt | Hold time | Subsequent Hold Time | Candidate Reachability Required | +| --------- | --------- | ---------------- | ------------ | --------- | -------------------- | ------------------------------- | +| Port-Channel13 | preference | 100 | True | 10 | - | True | + +####### EVPN-MPLS summary + +| Interface | Shared Index | Tunnel Flood Filter Time | +| --------- | ------------ | ------------------------ | +| Port-Channel14 | 100 | 100 | + +##### Link Tracking Groups + +| Interface | Group Name | Direction | +| --------- | ---------- | --------- | +| Port-Channel5 | EVPN_MH_ES1 | downstream | +| Port-Channel5 | EVPN_MH_ES3, EVPN_MH_ES4 | downstream | +| Port-Channel15 | EVPN_MH_ES2 | upstream | + +##### IPv4 + +| Interface | Description | MLAG ID | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | +| --------- | ----------- | ------- | ---------- | --- | --- | -------- | ------ | ------- | +| Port-Channel8.101 | to Dev02 Port-Channel8.101 - VRF-C1 | - | 10.1.2.3/31 | default | - | - | - | - | +| Port-Channel9 | - | - | 10.9.2.3/31 | default | - | - | - | - | +| Port-Channel17 | PBR Description | - | 192.0.2.3/31 | default | - | - | - | - | +| Port-Channel99 | MCAST | - | 192.0.2.10/31 | default | - | - | - | - | +| Port-Channel100.101 | IFL for TENANT01 | - | 10.1.1.3/31 | default | 1500 | - | - | - | +| Port-Channel100.102 | IFL for TENANT02 | - | 10.1.2.3/31 | C2 | 1500 | - | - | - | +| Port-Channel113 | interface_with_mpls_enabled | - | 172.31.128.9/31 | default | - | - | - | - | +| Port-Channel114 | interface_with_mpls_disabled | - | 172.31.128.10/31 | default | - | - | - | - | + +##### IP NAT: Source Static + +| Interface | Direction | Original IP | Original Port | Access List | Translated IP | Translated Port | Protocol | Group | Priority | Comment | +| --------- | --------- | ----------- | ------------- | ----------- | ------------- | --------------- | -------- | ----- | -------- | ------- | +| Port-Channel130 | - | 3.0.0.1 | - | - | 4.0.0.1 | - | - | - | 0 | - | + +##### IP NAT: Source Dynamic + +| Interface | Access List | NAT Type | Pool Name | Priority | Comment | +| --------- | ----------- | -------- | --------- | -------- | ------- | +| Port-Channel130 | ACL2 | pool | POOL2 | 0 | - | + +##### IP NAT: Destination Static + +| Interface | Direction | Original IP | Original Port | Access List | Translated IP | Translated Port | Protocol | Group | Priority | Comment | +| --------- | --------- | ----------- | ------------- | ----------- | ------------- | --------------- | -------- | ----- | -------- | ------- | +| Port-Channel130 | - | 1.0.0.1 | - | - | 2.0.0.1 | - | - | - | 0 | - | + +##### IP NAT: Destination Dynamic + +| Interface | Access List | Pool Name | Priority | Comment | +| --------- | ----------- | --------- | -------- | ------- | +| Port-Channel130 | ACL1 | POOL1 | 0 | - | + +##### ISIS + +| Interface | ISIS Instance | ISIS BFD | ISIS Metric | Mode | ISIS Circuit Type | Hello Padding | Authentication Mode | +| --------- | ------------- | -------- | ----------- | ---- | ----------------- | ------------- | ------------------- | +| Port-Channel110 | ISIS_TEST | True | 99 | point-to-point | level-2 | True | text | + +#### Port-Channel Interfaces Device Configuration + +```eos +! +interface Port-Channel3 + description MLAG_PEER_DC1-LEAF1B_Po3 + switchport trunk allowed vlan 2-4094 + switchport mode trunk + switchport trunk group LEAF_PEER_L3 + switchport trunk group MLAG + switchport + no snmp trap link-change + shape rate 200000 kbps +! +interface Port-Channel5 + description DC1_L2LEAF1_Po1 + bgp session tracker ST2 + switchport trunk allowed vlan 110,201 + switchport mode trunk + switchport + ip verify unicast source reachable-via rx + ip igmp host-proxy + ip igmp host-proxy 239.0.0.1 + ip igmp host-proxy 239.0.0.2 exclude 10.0.2.1 + ip igmp host-proxy 239.0.0.3 include 10.0.3.1 + ip igmp host-proxy 239.0.0.4 include 10.0.4.3 + ip igmp host-proxy 239.0.0.4 include 10.0.4.4 + ip igmp host-proxy 239.0.0.4 exclude 10.0.4.1 + ip igmp host-proxy 239.0.0.4 exclude 10.0.4.2 + ip igmp host-proxy access-list ACL1 + ip igmp host-proxy access-list ACL2 + ip igmp host-proxy report-interval 2 + ip igmp host-proxy version 2 + l2 mtu 8000 + l2 mru 8000 + mlag 5 + storm-control broadcast level 1 + storm-control multicast level 1 + storm-control unknown-unicast level 1 + link tracking group EVPN_MH_ES1 downstream + link tracking group EVPN_MH_ES3 downstream + link tracking group EVPN_MH_ES4 downstream + comment + Comment created from eos_cli under port_channel_interfaces.Port-Channel5 + EOF + +! +interface Port-Channel8 + description to Dev02 Port-channel 8 + no switchport + switchport port-security violation protect +! +interface Port-Channel8.101 + description to Dev02 Port-Channel8.101 - VRF-C1 + encapsulation dot1q vlan 101 + ip address 10.1.2.3/31 +! +interface Port-Channel9 + no switchport + ip address 10.9.2.3/31 + bfd interval 500 min-rx 500 multiplier 5 + bfd echo + bfd neighbor 10.1.2.4 + bfd per-link rfc-7130 + spanning-tree guard root +! +interface Port-Channel10 + description SRV01_bond0 + switchport trunk allowed vlan 2-3000 + switchport mode trunk + switchport + ! + evpn ethernet-segment + identifier 0000:0000:0404:0404:0303 + route-target import 04:04:03:03:02:02 + shape rate 50 percent +! +interface Port-Channel12 + description interface_in_mode_access_with_voice + switchport trunk native vlan 100 + switchport phone vlan 70 + switchport phone trunk untagged + switchport mode trunk phone + switchport +! +interface Port-Channel13 + description EVPN-Vxlan single-active redundancy + switchport + ! + evpn ethernet-segment + identifier 0000:0000:0000:0102:0304 + redundancy single-active + designated-forwarder election algorithm preference 100 dont-preempt + designated-forwarder election hold-time 10 + designated-forwarder election candidate reachability required + route-target import 00:00:01:02:03:04 +! +interface Port-Channel14 + description EVPN-MPLS multihoming + switchport + ! + evpn ethernet-segment + identifier 0000:0000:0000:0102:0305 + mpls tunnel flood filter time 100 + mpls shared index 100 + route-target import 00:00:01:02:03:05 +! +interface Port-Channel15 + description DC1_L2LEAF3_Po1 + switchport trunk allowed vlan 110,201 + switchport mode trunk + switchport + mlag 15 + spanning-tree guard loop + link tracking group EVPN_MH_ES2 upstream +! +interface Port-Channel16 + description DC1_L2LEAF4_Po1 + switchport trunk native vlan 10 + switchport dot1q vlan tag disallowed + switchport trunk allowed vlan 110,201 + switchport mode trunk + switchport + switchport vlan translation out 23 dot1q-tunnel 22 + snmp trap link-change + mlag 16 + switchport port-security violation protect log + switchport port-security mac-address maximum 100 + spanning-tree guard none + switchport backup-link Port-Channel100.102 prefer vlan 20 +! +interface Port-Channel17 + description PBR Description + no switchport + ip address 192.0.2.3/31 + service-policy type pbr input MyPolicy +! +interface Port-Channel20 + description Po_in_mode_access_accepting_tagged_LACP_frames + switchport access vlan 200 + switchport mode access + switchport + l2-protocol encapsulation dot1q vlan 200 +! +interface Port-Channel50 + description SRV-POD03_PortChanne1 + switchport trunk allowed vlan 1-4000 + switchport mode trunk + switchport + ! + evpn ethernet-segment + identifier 0000:0000:0303:0202:0101 + route-target import 03:03:02:02:01:01 + lacp system-id 0303.0202.0101 +! +interface Port-Channel51 + description ipv6_prefix + switchport trunk allowed vlan 1-500 + switchport mode trunk + switchport + ipv6 nd prefix a1::/64 infinite infinite no-autoconfig + switchport port-security + no switchport port-security mac-address maximum disabled + switchport port-security vlan 1 mac-address maximum 3 + switchport port-security vlan 2 mac-address maximum 3 + switchport port-security vlan 3 mac-address maximum 3 + switchport port-security vlan default mac-address maximum 2 +! +interface Port-Channel99 + description MCAST + no switchport + ip address 192.0.2.10/31 + pim ipv4 sparse-mode + pim ipv4 bidirectional + pim ipv4 hello interval 15 + pim ipv4 hello count 4.5 + pim ipv4 dr-priority 200 + pim ipv4 bfd +! +interface Port-Channel100 + logging event link-status + switchport access vlan 200 + switchport trunk native vlan tag + switchport phone vlan 110 + switchport phone trunk tagged + switchport vlan translation in required + switchport dot1q vlan tag required + switchport trunk allowed vlan 10-11 + switchport mode dot1q-tunnel + switchport dot1q ethertype 1536 + switchport vlan forwarding accept all + switchport trunk group g1 + switchport trunk group g2 + no switchport + switchport source-interface tx multicast + switchport vlan translation 12 20 + switchport vlan translation 23 inner 74 42 + switchport vlan translation 24 inner 78 network 46 + switchport vlan translation 43 dot1q-tunnel 30 + switchport vlan translation in 34 23 + switchport vlan translation in 37 inner 56 49 + switchport vlan translation in 23 dot1q-tunnel 45 + switchport vlan translation out 34 50 + switchport vlan translation out 10 45 inner 34 + switchport vlan translation out 45 dot1q-tunnel all + switchport trunk private-vlan secondary + switchport pvlan mapping 20-30 + switchport port-security + switchport port-security mac-address maximum disabled + switchport backup-link Port-channel51 + switchport backup preemption-delay 35 + switchport backup mac-move-burst 20 + switchport backup mac-move-burst-interval 30 + switchport backup initial-mac-move-delay 10 + switchport backup dest-macaddr 01:00:00:00:00:00 +! +interface Port-Channel100.101 + description IFL for TENANT01 + mtu 1500 + logging event link-status + encapsulation dot1q vlan 101 + ip address 10.1.1.3/31 +! +interface Port-Channel100.102 + description IFL for TENANT02 + mtu 1500 + no logging event link-status + encapsulation dot1q vlan 102 inner 110 + vrf C2 + ip address 10.1.2.3/31 + logging event storm-control discards +! +interface Port-Channel101 + description PVLAN Promiscuous Access - only one secondary + switchport access vlan 110 + switchport mode access + switchport + switchport pvlan mapping 111 + no qos trust +! +interface Port-Channel102 + description PVLAN Promiscuous Trunk - vlan translation out + switchport vlan translation out required + switchport trunk allowed vlan 110-112 + switchport mode trunk + switchport + switchport vlan translation out 111-112 110 +! +interface Port-Channel103 + description PVLAN Secondary Trunk + switchport trunk allowed vlan 110-112 + switchport mode trunk + switchport + switchport trunk private-vlan secondary +! +interface Port-Channel104 + description LACP fallback individual + switchport trunk allowed vlan 112 + switchport mode trunk + switchport + port-channel lacp fallback individual + port-channel lacp fallback timeout 300 +! +interface Port-Channel105 + description bpdu disabled + switchport + spanning-tree bpduguard disable + spanning-tree bpdufilter disable +! +interface Port-Channel106 + description bpdu enabled + switchport + spanning-tree bpduguard enable + spanning-tree bpdufilter enable +! +interface Port-Channel107 + description bpdu true + switchport + spanning-tree bpduguard enable + spanning-tree bpdufilter enable +! +interface Port-Channel108 + description bpdu false + switchport +! +interface Port-Channel109 + description Molecule ACLs + switchport access vlan 110 + switchport mode access + switchport + ip access-group IPV4_ACL_IN in + ip access-group IPV4_ACL_OUT out + ipv6 access-group IPV6_ACL_IN in + ipv6 access-group IPV6_ACL_OUT out + mac access-group MAC_ACL_IN in + mac access-group MAC_ACL_OUT out +! +interface Port-Channel110 + description isis_interface_knobs + no switchport + isis enable ISIS_TEST + isis bfd + isis circuit-type level-2 + isis metric 99 + isis hello padding + isis network point-to-point + isis authentication mode text + isis authentication key 7 +! +interface Port-Channel111 + description Flexencap Port-Channel + no switchport +! +interface Port-Channel111.1 + description TENANT_A pseudowire 1 interface + ! + encapsulation vlan + client unmatched +! +interface Port-Channel111.100 + description TENANT_A pseudowire 2 interface + ! + encapsulation vlan + client dot1q 100 network client +! +interface Port-Channel111.200 + description TENANT_A pseudowire 3 interface + ! + encapsulation vlan + client dot1q 200 +! +interface Port-Channel111.300 + description TENANT_A pseudowire 4 interface + ! + encapsulation vlan + client dot1q 300 network dot1q 400 +! +interface Port-Channel111.400 + description TENANT_A pseudowire 3 interface + ! + encapsulation vlan + client dot1q outer 400 inner 20 network dot1q outer 401 inner 21 +! +interface Port-Channel111.1000 + description L2 Subinterface + vlan id 1000 + ! + encapsulation vlan + client dot1q 100 network client + ! + evpn ethernet-segment + identifier 0000:0000:0303:0202:0101 + route-target import 03:03:02:02:01:01 + lacp system-id 0303.0202.0101 +! +interface Port-Channel112 + description LACP fallback individual + switchport trunk allowed vlan 112 + switchport mode trunk + switchport + port-channel lacp fallback individual + port-channel lacp fallback timeout 5 +! +interface Port-Channel113 + description interface_with_mpls_enabled + no switchport + ip address 172.31.128.9/31 + mpls ldp igp sync + mpls ldp interface + mpls ip +! +interface Port-Channel114 + description interface_with_mpls_disabled + no switchport + ip address 172.31.128.10/31 + no mpls ldp interface + no mpls ip +! +interface Port-Channel115 + description native-vlan-tag-precedence + switchport trunk native vlan tag + switchport mode trunk + switchport +! +interface Port-Channel117 + description interface_with_sflow_ingress_egress_enabled + no switchport + sflow enable + sflow egress enable +! +interface Port-Channel118 + description interface_with_sflow_ingress_egress_unmodified_enabled + no switchport + sflow enable + sflow egress unmodified enable +! +interface Port-Channel119 + description interface_with_sflow_ingress_egress_disabled + no switchport + no sflow enable + no sflow egress enable +! +interface Port-Channel120 + description interface_with_sflow_ingress_egress_unmodified_disabled + no switchport + no sflow enable + no sflow egress unmodified enable +! +interface Port-Channel121 + description access_port_with_no_vlans + switchport mode access + switchport +! +interface Port-Channel122 + description trunk_port_with_no_vlans + switchport mode trunk + switchport +! +interface Port-Channel130 + description IP NAT Testing + switchport + ip nat destination static 1.0.0.1 2.0.0.1 + ip nat source static 3.0.0.1 4.0.0.1 + ip nat destination dynamic access-list ACL1 pool POOL1 + ip nat source dynamic access-list ACL2 pool POOL2 +! +interface Port-Channel131 + description dot1q-tunnel mode + switchport access vlan 115 + switchport mode dot1q-tunnel + switchport +! +interface Port-Channel131.1 + description Test_encapsulation_vlan1 + ! + encapsulation vlan + client dot1q outer 23 inner dot1q 45 network dot1ad outer 32 inner dot1ad 54 +! +interface Port-Channel131.2 + description Test_encapsulation_vlan2 + ! + encapsulation vlan + client dot1q 10 network dot1q outer 32 inner 54 +! +interface Port-Channel131.3 + description Test_encapsulation_vlan3 + ! + encapsulation vlan + client dot1ad 12 network dot1q 25 +! +interface Port-Channel131.4 + description Test_encapsulation_vlan4 + ! + encapsulation vlan + client dot1ad outer 35 inner dot1q 60 network dot1q outer 53 inner dot1ad 6 +! +interface Port-Channel131.5 + description Test_encapsulation_vlan5 + ! + encapsulation vlan + client dot1ad outer 35 inner 60 network dot1ad outer 52 inner 62 +! +interface Port-Channel131.6 + description Test_encapsulation_vlan6 + ! + encapsulation vlan + client dot1ad outer 35 inner 60 network client +! +interface Port-Channel131.7 + description Test_encapsulation_vlan7 + ! + encapsulation vlan + client untagged network dot1ad outer 35 inner 60 +! +interface Port-Channel131.8 + description Test_encapsulation_vlan8 + ! + encapsulation vlan + client untagged network dot1q outer 35 inner 60 +! +interface Port-Channel131.9 + description Test_encapsulation_vlan9 + ! + encapsulation vlan + client untagged network untagged +! +interface Port-Channel131.10 + description Test_encapsulation_vlan9 + ! + encapsulation vlan + client dot1q outer 14 inner 11 network client inner +! +interface Port-Channel132 + profile test-interface-profile + description Test_port-channel_interface-profile +``` + +### VLAN Interfaces + +#### VLAN Interfaces Summary + +| Interface | Description | VRF | MTU | Shutdown | +| --------- | ----------- | --- | ---- | -------- | +| Vlan24 | SVI Description | default | - | False | +| Vlan25 | SVI Description | default | - | False | +| Vlan41 | SVI Description | default | - | False | +| Vlan42 | SVI Description | default | - | False | +| Vlan43 | SVI Description | default | - | False | +| Vlan44 | SVI Description | default | - | False | +| Vlan50 | IP NAT Testing | default | - | - | +| Vlan75 | SVI Description | default | - | False | +| Vlan81 | IPv6 Virtual Address | Tenant_C | - | - | +| Vlan83 | SVI Description | default | - | False | +| Vlan84 | SVI Description | default | - | - | +| Vlan85 | SVI Description | default | - | - | +| Vlan86 | SVI Description | default | - | - | +| Vlan87 | SVI Description | default | - | True | +| Vlan88 | SVI Description | default | - | True | +| Vlan89 | SVI Description | default | - | False | +| Vlan90 | SVI Description | default | - | - | +| Vlan91 | PBR Description | default | - | True | +| Vlan92 | SVI Description | default | - | - | +| Vlan110 | PVLAN Primary with vlan mapping | Tenant_A | - | False | +| Vlan333 | Multiple VRIDs and tracking | default | - | False | +| Vlan334 | v6 attached host exports | default | - | - | +| Vlan335 | v6 attached host exports | default | - | - | +| Vlan336 | v6 attached host exports | default | - | - | +| Vlan337 | v4 dhcp relay all-subnets | default | - | - | +| Vlan338 | v6 dhcp relay all-subnets | default | - | - | +| Vlan339 | v6 nd options | default | - | - | +| Vlan501 | SVI Description | default | - | False | +| Vlan667 | Multiple VRIDs | default | - | False | +| Vlan1001 | SVI Description | Tenant_A | - | False | +| Vlan1002 | SVI Description | Tenant_A | - | False | +| Vlan2001 | SVI Description | Tenant_B | - | - | +| Vlan2002 | SVI Description | Tenant_B | - | - | +| Vlan4094 | SVI Description | default | 9214 | - | + +##### Private VLAN + +| Interface | PVLAN Mapping | +| --------- | ------------- | +| Vlan110 | 111-112 | + +##### IPv4 + +| Interface | VRF | IP Address | IP Address Virtual | IP Router Virtual Address | ACL In | ACL Out | +| --------- | --- | ---------- | ------------------ | ------------------------- | ------ | ------- | +| Vlan24 | default | - | 10.10.24.1/24 | - | - | - | +| Vlan25 | default | - | - | - | - | - | +| Vlan41 | default | - | 10.10.41.1/24 | - | - | - | +| Vlan42 | default | - | 10.10.42.1/24 | - | - | - | +| Vlan43 | default | - | - | - | - | - | +| Vlan44 | default | - | - | - | - | - | +| Vlan50 | default | - | - | - | - | - | +| Vlan75 | default | - | 10.10.75.1/24 | - | - | - | +| Vlan81 | Tenant_C | - | 10.10.81.1/24 | - | - | - | +| Vlan83 | default | - | 10.10.83.1/24 | - | - | - | +| Vlan84 | default | 10.10.84.1/24 | - | 10.10.84.254, 10.11.84.254/24 | - | - | +| Vlan85 | default | 10.10.84.1/24 | - | - | - | - | +| Vlan86 | default | 10.10.83.1/24 | - | - | - | - | +| Vlan87 | default | 10.10.87.1/24 | - | - | ACL_IN | ACL_OUT | +| Vlan88 | default | - | 10.10.87.1/23 | - | - | - | +| Vlan89 | default | - | 10.10.144.3/20 | - | - | - | +| Vlan90 | default | 10.10.83.1/24 | - | - | - | - | +| Vlan91 | default | - | - | - | - | - | +| Vlan92 | default | 10.10.92.1/24 | - | - | - | - | +| Vlan110 | Tenant_A | 10.0.101.1/24 | - | - | - | - | +| Vlan333 | default | 192.0.2.2/25 | - | - | - | - | +| Vlan334 | default | - | - | - | - | - | +| Vlan335 | default | - | - | - | - | - | +| Vlan336 | default | - | - | - | - | - | +| Vlan337 | default | 10.0.2.2/25 | - | - | - | - | +| Vlan338 | default | - | - | - | - | - | +| Vlan339 | default | - | - | - | - | - | +| Vlan501 | default | 10.50.26.29/27 | - | - | - | - | +| Vlan667 | default | 192.0.2.2/25 | - | - | - | - | +| Vlan1001 | Tenant_A | - | 10.1.1.1/24 | - | - | - | +| Vlan1002 | Tenant_A | - | 10.1.2.1/24 | - | - | - | +| Vlan2001 | Tenant_B | - | 10.2.1.1/24 | - | - | - | +| Vlan2002 | Tenant_B | - | 10.2.2.1/24 | - | - | - | +| Vlan4094 | default | 169.254.252.0/31 | - | - | - | - | + +##### IP NAT: Source Static + +| Interface | Direction | Original IP | Original Port | Access List | Translated IP | Translated Port | Protocol | Group | Priority | Comment | +| --------- | --------- | ----------- | ------------- | ----------- | ------------- | --------------- | -------- | ----- | -------- | ------- | +| Vlan50 | - | 3.0.0.1 | - | - | 4.0.0.1 | - | - | - | 0 | - | + +##### IP NAT: Source Dynamic + +| Interface | Access List | NAT Type | Pool Name | Priority | Comment | +| --------- | ----------- | -------- | --------- | -------- | ------- | +| Vlan50 | ACL2 | pool | POOL2 | 0 | - | + +##### IP NAT: Destination Static + +| Interface | Direction | Original IP | Original Port | Access List | Translated IP | Translated Port | Protocol | Group | Priority | Comment | +| --------- | --------- | ----------- | ------------- | ----------- | ------------- | --------------- | -------- | ----- | -------- | ------- | +| Vlan50 | - | 1.0.0.1 | - | - | 2.0.0.1 | - | - | - | 0 | - | + +##### IP NAT: Destination Dynamic + +| Interface | Access List | Pool Name | Priority | Comment | +| --------- | ----------- | --------- | -------- | ------- | +| Vlan50 | ACL1 | POOL1 | 0 | - | + +##### IPv6 + +| Interface | VRF | IPv6 Address | IPv6 Virtual Addresses | Virtual Router Addresses | ND RA Disabled | Managed Config Flag | Other Config Flag | IPv6 ACL In | IPv6 ACL Out | +| --------- | --- | ------------ | ---------------------- | ------------------------ | -------------- | ------------------- | ----------------- | ----------- | ------------ | +| Vlan24 | default | 1b11:3a00:22b0:6::15/64 | - | 1b11:3a00:22b0:6::1 | - | True | - | - | - | +| Vlan25 | default | 1b11:3a00:22b0:16::16/64 | - | 1b11:3a00:22b0:16::15, 1b11:3a00:22b0:16::14 | - | - | - | - | - | +| Vlan43 | default | a0::1/64 | - | - | - | - | - | - | - | +| Vlan44 | default | a0::4/64 | - | - | - | - | - | - | - | +| Vlan75 | default | 1b11:3a00:22b0:1000::15/64 | - | 1b11:3a00:22b0:1000::1 | - | True | - | - | - | +| Vlan81 | Tenant_C | - | fc00:10:10:81::1/64, fc00:10:11:81::1/64, fc00:10:12:81::1/64 | - | - | - | - | - | - | +| Vlan89 | default | 1b11:3a00:22b0:5200::15/64 | - | 1b11:3a00:22b0:5200::3 | - | True | - | - | - | +| Vlan333 | default | 2001:db8:333::2/64 | - | - | - | - | - | - | - | +| Vlan334 | default | 2001:db8:334::1/64 | - | - | - | - | - | - | - | +| Vlan335 | default | 2001:db8:335::1/64 | - | - | - | - | - | - | - | +| Vlan336 | default | 2001:db8:336::1/64 | - | - | - | - | - | - | - | +| Vlan338 | default | 2001:db8:338::1/64 | - | - | - | - | - | - | - | +| Vlan339 | default | 2001:db8:339::1/64 | - | - | - | - | True | - | - | +| Vlan501 | default | 1b11:3a00:22b0:0088::207/127 | - | - | True | - | - | - | - | +| Vlan667 | default | 2001:db8:667::2/64 | - | - | - | - | - | - | - | +| Vlan1001 | Tenant_A | a1::1/64 | - | - | - | True | - | - | - | +| Vlan1002 | Tenant_A | a2::1/64 | - | - | True | True | - | - | - | + +##### VRRP Details + +| Interface | VRRP-ID | Priority | Advertisement Interval | Preempt | Tracked Object Name(s) | Tracked Object Action(s) | IPv4 Virtual IP | IPv4 VRRP Version | IPv6 Virtual IP | +| --------- | ------- | -------- | ---------------------- | --------| ---------------------- | ------------------------ | --------------- | ----------------- | --------------- | +| Vlan333 | 1 | 105 | 2 | Enabled | ID1TrackedObjectDecrement, ID1TrackedObjectShutdown | Decrement 5, Shutdown | 192.0.2.1 | 2 | - | +| Vlan333 | 2 | - | - | Enabled | ID2TrackedObjectDecrement, ID2TrackedObjectShutdown | Decrement 10, Shutdown | - | 2 | 2001:db8:333::1 | +| Vlan333 | 3 | - | - | Disabled | - | - | 100.64.0.1 | 3 | - | +| Vlan667 | 1 | 105 | 2 | Enabled | - | - | 192.0.2.1 | 2 | - | +| Vlan667 | 2 | - | - | Enabled | - | - | - | 2 | 2001:db8:667::1 | + +##### ISIS + +| Interface | ISIS Instance | ISIS BFD | ISIS Metric | Mode | ISIS Authentication Mode | +| --------- | ------------- | -------- | ----------- | ---- | ------------------------ | +| Vlan42 | EVPN_UNDERLAY | - | - | - | Level-1: sha | +| Vlan83 | EVPN_UNDERLAY | - | - | - | md5 | +| Vlan84 | EVPN_UNDERLAY | - | - | - | sha | +| Vlan85 | EVPN_UNDERLAY | - | - | - | sha | +| Vlan86 | EVPN_UNDERLAY | - | - | - | shared-secret | +| Vlan87 | EVPN_UNDERLAY | - | - | - | shared-secret | +| Vlan88 | EVPN_UNDERLAY | - | - | - | Level-1: md5
Level-2: text | +| Vlan90 | EVPN_UNDERLAY | - | - | - | Level-1: shared-secret
Level-2: shared-secret | +| Vlan91 | EVPN_UNDERLAY | - | - | - | Level-1: md5
Level-2: text | +| Vlan92 | EVPN_UNDERLAY | - | - | - | Level-1: shared-secret
Level-2: shared-secret | +| Vlan2002 | EVPN_UNDERLAY | True | - | - | md5 | +| Vlan4094 | EVPN_UNDERLAY | - | - | - | Level-1: sha
Level-2: sha | + +##### Multicast Routing + +| Interface | IP Version | Static Routes Allowed | Multicast Boundaries | Export Host Routes For Multicast Sources | +| --------- | ---------- | --------------------- | -------------------- | ---------------------------------------- | +| Vlan75 | IPv4 | True | 224.0.1.0/24, 224.0.2.0/24 | - | +| Vlan75 | IPv6 | - | ff00::/16, ff01::/16 | - | +| Vlan89 | IPv4 | - | ACL_MULTICAST | True | +| Vlan89 | IPv6 | True | ACL_V6_MULTICAST_WITH_OUT | - | +| Vlan110 | IPv4 | True | ACL_MULTICAST | - | +| Vlan110 | IPv6 | - | - | True | + +#### VLAN Interfaces Device Configuration + +```eos +! +interface Vlan24 + description SVI Description + no shutdown + ipv6 address 1b11:3a00:22b0:6::15/64 + ipv6 nd managed-config-flag + ipv6 nd prefix 1b11:3a00:22b0:6::/64 infinite infinite no-autoconfig + ip address virtual 10.10.24.1/24 + ipv6 virtual-router address 1b11:3a00:22b0:6::1 +! +interface Vlan25 + description SVI Description + no shutdown + ipv6 address 1b11:3a00:22b0:16::16/64 + ipv6 virtual-router address 1b11:3a00:22b0:16::14 + ipv6 virtual-router address 1b11:3a00:22b0:16::15 +! +interface Vlan41 + description SVI Description + no shutdown + ip helper-address 10.10.64.150 source-interface Loopback0 + ip helper-address 10.10.96.150 source-interface Loopback0 + ip helper-address 10.10.96.151 source-interface Loopback0 + ip igmp host-proxy + ip igmp host-proxy 239.0.0.1 + ip igmp host-proxy 239.0.0.2 exclude 10.0.2.1 + ip igmp host-proxy 239.0.0.3 include 10.0.3.1 + ip igmp host-proxy 239.0.0.4 include 10.0.4.3 + ip igmp host-proxy 239.0.0.4 include 10.0.4.4 + ip igmp host-proxy 239.0.0.4 exclude 10.0.4.1 + ip igmp host-proxy 239.0.0.4 exclude 10.0.4.2 + ip igmp host-proxy access-list ACL1 + ip igmp host-proxy access-list ACL2 + ip igmp host-proxy report-interval 2 + ip igmp host-proxy version 2 + ip address virtual 10.10.41.1/24 +! +interface Vlan42 + description SVI Description + no shutdown + ip helper-address 10.10.64.150 source-interface Loopback0 + ip helper-address 10.10.96.150 source-interface Loopback0 + ip helper-address 10.10.96.151 source-interface Loopback0 + isis enable EVPN_UNDERLAY + isis authentication mode sha key-id 5 level-1 + ip address virtual 10.10.42.1/24 +! +interface Vlan43 + description SVI Description + no shutdown + ipv6 dhcp relay destination a0::2 vrf TEST local-interface Loopback44 link-address a0::4 + ipv6 address a0::1/64 + isis authentication key-id 2 algorithm sha-512 key 0 password + isis authentication key-id 3 algorithm sha-512 rfc-5310 key 0 password1 + isis authentication key-id 1 algorithm sha-1 key 0 password level-1 + isis authentication key-id 4 algorithm sha-1 rfc-5310 key 0 password level-1 + isis authentication key-id 5 algorithm sha-1 key 0 password3 level-1 + isis authentication key-id 1 algorithm sha-1 key 0 password level-2 + isis authentication key-id 5 algorithm sha-1 rfc-5310 key 0 password level-2 +! +interface Vlan44 + description SVI Description + no shutdown + ipv6 dhcp relay destination a0::8 + ipv6 dhcp relay destination a0::5 vrf TEST source-address a0::6 link-address a0::7 + ipv6 address a0::4/64 +! +interface Vlan50 + description IP NAT Testing + ip nat destination static 1.0.0.1 2.0.0.1 + ip nat source static 3.0.0.1 4.0.0.1 + ip nat destination dynamic access-list ACL1 pool POOL1 + ip nat source dynamic access-list ACL2 pool POOL2 + isis authentication mode text rx-disabled level-2 + isis authentication key 0 password level-2 +! +interface Vlan75 + description SVI Description + no shutdown + ipv6 address 1b11:3a00:22b0:1000::15/64 + ipv6 nd managed-config-flag + ipv6 nd prefix 1b11:3a00:22b0:1000::/64 infinite infinite no-autoconfig + multicast ipv4 boundary 224.0.1.0/24 out + multicast ipv4 boundary 224.0.2.0/24 + multicast ipv6 boundary ff00::/16 out + multicast ipv6 boundary ff01::/16 out + multicast ipv4 static + ip address virtual 10.10.75.1/24 + ipv6 virtual-router address 1b11:3a00:22b0:1000::1 +! +interface Vlan81 + description IPv6 Virtual Address + vrf Tenant_C + ipv6 enable + ip address virtual 10.10.81.1/24 + ipv6 address virtual fc00:10:10:81::1/64 + ipv6 address virtual fc00:10:11:81::1/64 + ipv6 address virtual fc00:10:12:81::1/64 +! +interface Vlan83 + description SVI Description + no shutdown + isis enable EVPN_UNDERLAY + isis authentication mode md5 + isis authentication key 0 password + ip address virtual 10.10.83.1/24 + ip address virtual 10.11.83.1/24 secondary + ip address virtual 10.11.84.1/24 secondary +! +interface Vlan84 + description SVI Description + arp gratuitous accept + ip address 10.10.84.1/24 + arp monitor mac-address + isis enable EVPN_UNDERLAY + isis authentication mode sha key-id 2 rx-disabled + isis authentication key 0 password + ip virtual-router address 10.10.84.254 + ip virtual-router address 10.11.84.254/24 +! +interface Vlan85 + description SVI Description + ip address 10.10.84.1/24 + arp cache dynamic capacity 50000 + bfd interval 500 min-rx 500 multiplier 5 + bfd echo + isis enable EVPN_UNDERLAY + isis authentication mode sha key-id 2 + isis authentication key 0 password +! +interface Vlan86 + description SVI Description + ip address 10.10.83.1/24 + ip attached-host route export 10 + isis enable EVPN_UNDERLAY + isis authentication mode shared-secret profile profile1 algorithm sha-1 rx-disabled +! +interface Vlan87 + description SVI Description + shutdown + ip address 10.10.87.1/24 + ip access-group ACL_IN in + ip access-group ACL_OUT out + isis enable EVPN_UNDERLAY + isis authentication mode shared-secret profile profile1 algorithm sha-1 +! +interface Vlan88 + description SVI Description + shutdown + isis enable EVPN_UNDERLAY + isis authentication mode md5 rx-disabled level-1 + isis authentication mode text rx-disabled level-2 + isis authentication key 0 password level-1 + isis authentication key 0 password level-2 + ip address virtual 10.10.87.1/23 +! +interface Vlan89 + description SVI Description + no shutdown + ip helper-address 10.10.64.150 source-interface Loopback0 + ip helper-address 10.10.96.101 source-interface Loopback0 + ip helper-address 10.10.96.150 source-interface Loopback0 + ip helper-address 10.10.96.151 source-interface Loopback0 + ip igmp + ip igmp version 2 + ipv6 address 1b11:3a00:22b0:5200::15/64 + ipv6 nd managed-config-flag + ipv6 nd prefix 1b11:3a00:22b0:5200::/64 infinite infinite no-autoconfig + multicast ipv4 boundary ACL_MULTICAST + multicast ipv6 boundary ACL_V6_MULTICAST_WITH_OUT out + multicast ipv4 source route export + multicast ipv6 static + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback0 + ip address virtual 10.10.144.3/20 + ipv6 virtual-router address 1b11:3a00:22b0:5200::3 +! +interface Vlan90 + description SVI Description + ip address 10.10.83.1/24 + ip attached-host route export + isis enable EVPN_UNDERLAY + isis authentication mode shared-secret profile profile2 algorithm sha-1 level-1 + isis authentication mode shared-secret profile profile1 algorithm sha-256 level-2 +! +interface Vlan91 + description PBR Description + shutdown + service-policy type pbr input MyServicePolicy + isis enable EVPN_UNDERLAY + isis authentication mode md5 level-1 + isis authentication mode text level-2 + isis authentication key 0 password level-1 + isis authentication key 0 password level-2 +! +interface Vlan92 + description SVI Description + ip proxy-arp + ip address 10.10.92.1/24 + ip directed-broadcast + isis enable EVPN_UNDERLAY + isis authentication mode shared-secret profile profile2 algorithm sha-1 rx-disabled level-1 + isis authentication mode shared-secret profile profile1 algorithm sha-256 rx-disabled level-2 +! +interface Vlan110 + description PVLAN Primary with vlan mapping + no shutdown + pvlan mapping 111-112 + vrf Tenant_A + ip address 10.0.101.1/24 + multicast ipv4 boundary ACL_MULTICAST out + multicast ipv6 source route export 20 + multicast ipv4 static +! +interface Vlan333 + description Multiple VRIDs and tracking + no shutdown + ip address 192.0.2.2/25 + arp aging timeout 180 + ipv6 enable + ipv6 address 2001:db8:333::2/64 + ipv6 address fe80::2/64 link-local + vrrp 1 priority-level 105 + vrrp 1 advertisement interval 2 + vrrp 1 preempt delay minimum 30 reload 800 + vrrp 1 ipv4 192.0.2.1 + vrrp 1 tracked-object ID1TrackedObjectDecrement decrement 5 + vrrp 1 tracked-object ID1TrackedObjectShutdown shutdown + vrrp 2 ipv6 2001:db8:333::1 + vrrp 2 tracked-object ID2TrackedObjectDecrement decrement 10 + vrrp 2 tracked-object ID2TrackedObjectShutdown shutdown + no vrrp 3 preempt + vrrp 3 timers delay reload 900 + vrrp 3 ipv4 100.64.0.1 + vrrp 3 ipv4 version 3 +! +interface Vlan334 + description v6 attached host exports + ipv6 attached-host route export 19 + ipv6 enable + ipv6 address 2001:db8:334::1/64 +! +interface Vlan335 + description v6 attached host exports + ipv6 attached-host route export prefix-length 64 + ipv6 enable + ipv6 address 2001:db8:335::1/64 +! +interface Vlan336 + description v6 attached host exports + ipv6 attached-host route export 18 prefix-length 64 + ipv6 enable + ipv6 address 2001:db8:336::1/64 +! +interface Vlan337 + description v4 dhcp relay all-subnets + ip address 10.0.2.2/25 + ip dhcp relay all-subnets +! +interface Vlan338 + description v6 dhcp relay all-subnets + ipv6 dhcp relay all-subnets + ipv6 address 2001:db8:338::1/64 +! +interface Vlan339 + description v6 nd options + ipv6 nd cache expire 250 + ipv6 nd cache dynamic capacity 900 + ipv6 nd cache refresh always + ipv6 enable + ipv6 address 2001:db8:339::1/64 + ipv6 nd other-config-flag +! +interface Vlan501 + description SVI Description + no shutdown + ip address 10.50.26.29/27 + ipv6 address 1b11:3a00:22b0:0088::207/127 + ipv6 nd ra disabled +! +interface Vlan667 + description Multiple VRIDs + no shutdown + ip address 192.0.2.2/25 + arp aging timeout 180 + ipv6 enable + ipv6 address 2001:db8:667::2/64 + ipv6 address fe80::2/64 link-local + vrrp 1 priority-level 105 + vrrp 1 advertisement interval 2 + vrrp 1 preempt delay minimum 30 reload 800 + vrrp 1 ipv4 192.0.2.1 + vrrp 2 ipv6 2001:db8:667::1 +! +interface Vlan1001 + description SVI Description + no shutdown + vrf Tenant_A + ipv6 address a1::1/64 + ipv6 nd managed-config-flag + ipv6 nd prefix a1::/64 infinite infinite no-autoconfig + ip address virtual 10.1.1.1/24 +! +interface Vlan1002 + description SVI Description + no shutdown + vrf Tenant_A + ipv6 address a2::1/64 + ipv6 nd ra disabled + ipv6 nd managed-config-flag + ipv6 nd prefix a2::/64 infinite infinite no-autoconfig + ip address virtual 10.1.2.1/24 +! +interface Vlan2001 + description SVI Description + logging event link-status + vrf Tenant_B + ip address virtual 10.2.1.1/24 + comment + Comment created from eos_cli under vlan_interfaces.Vlan2001 + EOF + +! +interface Vlan2002 + description SVI Description + no autostate + vrf Tenant_B + ip verify unicast source reachable-via rx + isis enable EVPN_UNDERLAY + isis bfd + isis authentication mode md5 rx-disabled + isis authentication key 0 password + ip address virtual 10.2.2.1/24 +! +interface Vlan4094 + description SVI Description + mtu 9214 + ip address 169.254.252.0/31 + ipv6 address fe80::a/64 link-local + pim ipv4 sparse-mode + pim ipv4 bidirectional + pim ipv4 hello interval 10 + pim ipv4 hello count 3.5 + pim ipv4 dr-priority 200 + pim ipv4 bfd + isis enable EVPN_UNDERLAY + isis authentication mode sha key-id 5 rx-disabled level-1 + isis authentication mode sha key-id 10 rx-disabled level-2 +``` + ## Routing ### IP Routing @@ -738,8 +3328,170 @@ arp 43.42.42.42 DEAD.BEEF.CAFE arpa arp vrf defaulu 42.42.42.42 DEAD.BEEF.CAFE arpa ``` +## BFD + +### BFD Interfaces + +| Interface | Interval | Minimum RX | Multiplier | Echo | +| --------- | -------- | ---------- | ---------- | ---- | +| Ethernet1 | 500 | 500 | 5 | True | +| Port-Channel9 | 500 | 500 | 5 | True | +| Vlan85 | 500 | 500 | 5 | True | + +## MPLS + +### MPLS Interfaces + +| Interface | MPLS IP Enabled | LDP Enabled | IGP Sync | +| --------- | --------------- | ----------- | -------- | +| Ethernet9 | True | True | - | +| Ethernet10 | False | False | - | +| Port-Channel113 | True | True | True | +| Port-Channel114 | False | False | - | + +## Multicast + +### IP IGMP Snooping + +#### IP IGMP Snooping Summary + +| IGMP Snooping | Fast Leave | Interface Restart Query | Proxy | Restart Query Interval | Robustness Variable | +| ------------- | ---------- | ----------------------- | ----- | ---------------------- | ------------------- | +| Enabled | True | 500 | True | 30 | 2 | + +| Querier Enabled | IP Address | Query Interval | Max Response Time | Last Member Query Interval | Last Member Query Count | Startup Query Interval | Startup Query Count | Version | +| --------------- | ---------- | -------------- | ----------------- | -------------------------- | ----------------------- | ---------------------- | ------------------- | ------- | +| True | 10.10.10.1 | 40 | 10 | 5 | 2 | 20 | 2 | 3 | + +##### IP IGMP Snooping Vlan Summary + +| Vlan | IGMP Snooping | Fast Leave | Max Groups | Proxy | +| ---- | ------------- | ---------- | ---------- | ----- | +| 23 | True | True | 20 | True | +| 24 | True | - | - | - | +| 25 | False | False | - | False | +| 26 | - | - | - | - | + +| Vlan | Querier Enabled | IP Address | Query Interval | Max Response Time | Last Member Query Interval | Last Member Query Count | Startup Query Interval | Startup Query Count | Version | +| ---- | --------------- | ---------- | -------------- | ----------------- | -------------------------- | ----------------------- | ---------------------- | ------------------- | ------- | +| 23 | True | 10.10.23.1 | 40 | 10 | 5 | 2 | 20 | 2 | 3 | + +#### IP IGMP Snooping Device Configuration + +```eos +! +ip igmp snooping robustness-variable 2 +ip igmp snooping restart query-interval 30 +ip igmp snooping interface-restart-query 500 +ip igmp snooping fast-leave +ip igmp snooping vlan 23 +ip igmp snooping vlan 23 querier +ip igmp snooping vlan 23 querier address 10.10.23.1 +ip igmp snooping vlan 23 querier query-interval 40 +ip igmp snooping vlan 23 querier max-response-time 10 +ip igmp snooping vlan 23 querier last-member-query-interval 5 +ip igmp snooping vlan 23 querier last-member-query-count 2 +ip igmp snooping vlan 23 querier startup-query-interval 20 +ip igmp snooping vlan 23 querier startup-query-count 2 +ip igmp snooping vlan 23 querier version 3 +ip igmp snooping vlan 23 max-groups 20 +ip igmp snooping vlan 23 fast-leave +ip igmp snooping vlan 24 +no ip igmp snooping vlan 25 +no ip igmp snooping vlan 25 fast-leave +ip igmp snooping querier +ip igmp snooping querier address 10.10.10.1 +ip igmp snooping querier query-interval 40 +ip igmp snooping querier max-response-time 10 +ip igmp snooping querier last-member-query-interval 5 +ip igmp snooping querier last-member-query-count 2 +ip igmp snooping querier startup-query-interval 20 +ip igmp snooping querier startup-query-count 2 +ip igmp snooping querier version 3 +! +ip igmp snooping proxy +ip igmp snooping vlan 23 proxy +no ip igmp snooping vlan 25 proxy +``` + +### PIM Sparse Mode + +#### PIM Sparse Mode Enabled Interfaces + +| Interface Name | VRF Name | IP Version | Border Router | DR Priority | Local Interface | +| -------------- | -------- | ---------- | ------------- | ----------- | --------------- | +| Ethernet5 | - | IPv4 | True | 200 | - | +| Port-Channel99 | - | IPv4 | - | 200 | - | +| Vlan89 | - | IPv4 | - | - | Loopback0 | +| Vlan4094 | - | IPv4 | - | 200 | - | + ## Filters +### IP Community-lists + +#### IP Community-lists Summary + +| Name | Action | Communities / Regexp | +| ---- | ------ | -------------------- | +| IP_CL_TEST1 | permit | 1001:1001, 1002:1002 | +| IP_CL_TEST1 | deny | 1010:1010 | +| IP_CL_TEST1 | permit | 20:* | +| IP_CL_TEST2 | deny | 1003:1003 | +| IP_RE_TEST1 | permit | ^$ | +| IP_RE_TEST2 | deny | ^100 | + +#### IP Community-lists Device Configuration + +```eos +! +ip community-list IP_CL_TEST1 permit 1001:1001 1002:1002 +ip community-list IP_CL_TEST1 deny 1010:1010 +ip community-list regexp IP_CL_TEST1 permit 20:* +ip community-list IP_CL_TEST2 deny 1003:1003 +ip community-list regexp IP_RE_TEST1 permit ^$ +ip community-list regexp IP_RE_TEST2 deny ^100 +``` + +### IP Extended Community Lists + +#### IP Extended Community Lists Summary + +| List Name | Type | Extended Communities | +| --------- | ---- | -------------------- | +| TEST1 | permit | 65000:65000 | +| TEST1 | deny | 65002:65002 | +| TEST2 | deny | 65001:65001 | + +#### IP Extended Community Lists Device Configuration + +```eos +! +ip extcommunity-list TEST1 permit 65000:65000 +ip extcommunity-list TEST1 deny 65002:65002 +! +ip extcommunity-list TEST2 deny 65001:65001 +``` + +### IP Extended Community RegExp Lists + +#### IP Extended Community RegExp Lists Summary + +| List Name | Type | Regular Expression | +| --------- | ---- | ------------------ | +| TEST1 | permit | `65[0-9]{3}:[0-9]+` | +| TEST1 | deny | `.*` | +| TEST2 | deny | `6500[0-1]:650[0-9][0-9]` | + +#### IP Extended Community RegExp Lists Device Configuration + +```eos +! +ip extcommunity-list regexp TEST1 permit 65[0-9]{3}:[0-9]+ +ip extcommunity-list regexp TEST1 deny .* +! +ip extcommunity-list regexp TEST2 deny 6500[0-1]:650[0-9][0-9] +``` + ### AS Path Lists #### AS Path Lists Summary @@ -808,6 +3560,43 @@ ip as-path access-list mylist2 deny _64517$ igp | Profile2 | - | user_id2 | - | | Profile3 | - | - | PF2 | +#### 802.1X Interfaces + +| Interface | PAE Mode | State | Phone Force Authorized | Reauthentication | Auth Failure Action | Host Mode | Mac Based Auth | Eapol | +| --------- | -------- | ------| ---------------------- | ---------------- | ------------------- | --------- | -------------- | ------ | +| Ethernet29 | - | auto | True | - | - | - | - | - | +| Ethernet30 | - | force-authorized | False | - | - | - | - | - | +| Ethernet31 | - | force-unauthorized | - | - | - | - | - | - | +| Ethernet32 | - | auto | - | True | - | - | - | - | +| Ethernet33 | authenticator | - | - | - | - | - | - | - | +| Ethernet34 | - | - | - | - | allow vlan 800 | - | - | - | +| Ethernet35 | - | - | - | - | drop | - | - | - | +| Ethernet36 | - | - | - | - | - | single-host | - | - | +| Ethernet37 | - | - | - | - | - | multi-host | - | - | +| Ethernet38 | - | - | - | - | - | multi-host | - | - | +| Ethernet39 | - | - | - | - | - | - | True | - | +| Ethernet40 | - | - | - | - | - | - | True | - | +| Ethernet41 | - | - | - | - | - | - | True | - | +| Ethernet42 | - | - | - | - | - | - | True | - | +| Ethernet43 | - | - | - | - | - | - | - | - | +| Ethernet44 | - | - | - | - | - | - | - | - | +| Ethernet45 | authenticator | auto | - | True | allow vlan 800 | multi-host | True | True | +| Ethernet70 | - | - | - | - | - | - | - | - | +| Ethernet71 | - | - | - | - | - | - | - | - | +| Ethernet72 | - | - | - | - | - | - | - | - | + +## Power Over Ethernet (PoE) + +### PoE Summary + +#### PoE Interfaces + +| Interface | PoE Enabled | Priority | Limit | Reboot Action | Link Down Action | Shutdown Action | LLDP Negotiation | Legacy Detection | +| --------- | --------- | --------- | ----------- | ----------- | ----------- | ----------- | --------- | --------- | +| Ethernet56 | True | low | 30.00 watts | power-off | power-off (delayed 10 seconds) | maintain | False | - | +| Ethernet57 | True | critical | 45.00 watts (fixed) | maintain | maintain | power-off | True | True | +| Ethernet58 | False | - | - | - | - | - | - | - | + ## VRF Instances ### VRF Instances Summary @@ -1012,6 +3801,112 @@ application traffic recognition 5700-5800, 6500-6600 ``` +## IP DHCP Relay + +### IP DHCP Relay Summary + +IP DHCP Relay Option 82 is enabled. + +DhcpRelay Agent is in always-on mode. + +Forwarding requests with secondary IP addresses in the "giaddr" field is allowed. + +### IP DHCP Relay Device Configuration + +```eos +! +ip dhcp relay information option +ip dhcp relay always-on +ip dhcp relay all-subnets default +``` + +## IP DHCP Snooping + +IP DHCP Snooping is enabled + +IP DHCP Snooping Bridging is enabled + +IP DHCP Snooping Insertion of Option 82 is enabled + +IP DHCP Snooping Circuit-ID Suboption: 10 + +IP DHCP Snooping Circuit-ID Format: %h:%p + +IP DHCP Snooping enabled VLAN: 10,20,500,1000-2000 + +### IP DHCP Snooping Device Configuration + +```eos +! +ip dhcp snooping bridging +ip dhcp snooping information option +ip dhcp snooping information option circuit-id type 10 format %h:%p +ip dhcp snooping vlan 10,20,500,1000-2000 +``` + +## Errdisable + +### Errdisable Summary + +| Detect Cause | Enabled | +| ------------- | ------- | +| acl | True | +| arp-inspection | True | +| dot1x | True | +| link-change | True | +| tapagg | True | +| xcvr-misconfigured | True | +| xcvr-overheat | True | +| xcvr-power-unsupported | True | + +| Detect Cause | Enabled | Interval | +| ------------- | ------- | -------- | +| arp-inspection | True | 300 | +| bpduguard | True | 300 | +| dot1x | True | 300 | +| hitless-reload-down | True | 300 | +| lacp-rate-limit | True | 300 | +| link-flap | True | 300 | +| no-internal-vlan | True | 300 | +| portchannelguard | True | 300 | +| portsec | True | 300 | +| speed-misconfigured | True | 300 | +| tapagg | True | 300 | +| uplink-failure-detection | True | 300 | +| xcvr-misconfigured | True | 300 | +| xcvr-overheat | True | 300 | +| xcvr-power-unsupported | True | 300 | +| xcvr-unsupported | True | 300 | + +```eos +! +errdisable detect cause acl +errdisable detect cause arp-inspection +errdisable detect cause dot1x +errdisable detect cause link-change +errdisable detect cause tapagg +errdisable detect cause xcvr-misconfigured +errdisable detect cause xcvr-overheat +errdisable detect cause xcvr-power-unsupported +errdisable recovery cause arp-inspection +errdisable recovery cause bpduguard +errdisable recovery cause dot1x +errdisable recovery cause hitless-reload-down +errdisable recovery cause lacp-rate-limit +errdisable recovery cause link-flap +errdisable recovery cause no-internal-vlan +errdisable recovery cause portchannelguard +errdisable recovery cause portsec +errdisable recovery cause speed-misconfigured +errdisable recovery cause tapagg +errdisable recovery cause uplink-failure-detection +errdisable recovery cause xcvr-misconfigured +errdisable recovery cause xcvr-overheat +errdisable recovery cause xcvr-power-unsupported +errdisable recovery cause xcvr-unsupported +errdisable recovery interval 300 +``` + ## Quality Of Service ### QOS Class Maps @@ -1057,3 +3952,75 @@ class-map type pbr match-any CM_PBR_INCLUDE ! class-map type pbr match-any CM_PBR_WITHOUT_ACCESS_GROUP ``` + +### QOS Interfaces + +| Interface | Trust | Default DSCP | Default COS | Shape rate | +| --------- | ----- | ------------ | ----------- | ---------- | +| Ethernet7 | cos | - | 5 | - | +| Ethernet21 | disabled | - | - | 200000 kbps | +| Ethernet22 | - | - | - | 10 percent | +| Port-Channel3 | - | - | - | 200000 kbps | +| Port-Channel10 | - | - | - | 50 percent | +| Port-Channel101 | disabled | - | - | - | + +## Maintenance Mode + +### BGP Groups + +#### BGP Groups Summary + +| BGP group | VRF Name | Neighbors | BGP maintenance profiles | +| --------- | -------- | --------- | ------------------------ | +| bar | red | peer-group-baz | downlink-neighbors | +| foo | - | 169.254.1.1
fe80::1 | ixp
uplink-neighbors | +| without-neighbors-key | red | - | Default | + +#### BGP Groups Device Configuration + +```eos +! +group bgp bar + vrf red + neighbor peer-group-baz + maintenance profile bgp downlink-neighbors +! +group bgp foo + neighbor 169.254.1.1 + neighbor fe80::1 + maintenance profile bgp ixp + maintenance profile bgp uplink-neighbors +! +group bgp without-neighbors-key + vrf red +``` + +### Interface Groups + +#### Interface Groups Summary + +| Interface Group | Interfaces | Interface maintenance profile | BGP maintenance profiles | +| --------------- | ---------- | ----------------------------- | ------------------------ | +| QSFP_Interface_Group | Ethernet1,5 | uplink-interfaces | Default | +| QSFP_Interface_Group1 | Ethernet1,5 | Default | Default | +| SFP_Interface_Group | Ethernet10-20
Ethernet30-48 | downlink-interfaces
ix-interfaces | downlink-neighbors
local-ix | + +#### Interface Groups Device Configuration + +```eos +! +group interface QSFP_Interface_Group + interface Ethernet1,5 + maintenance profile interface uplink-interfaces +! +group interface QSFP_Interface_Group1 + interface Ethernet1,5 +! +group interface SFP_Interface_Group + interface Ethernet10-20 + interface Ethernet30-48 + maintenance profile bgp downlink-neighbors + maintenance profile bgp local-ix + maintenance profile interface downlink-interfaces + maintenance profile interface ix-interfaces +``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host2.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host2.md index b52799db5f6..3d4f032a44e 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host2.md +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host2.md @@ -25,6 +25,8 @@ - [DPS Interfaces](#dps-interfaces) - [Routing](#routing) - [ARP](#arp) +- [Multicast](#multicast) + - [IP IGMP Snooping](#ip-igmp-snooping) - [Filters](#filters) - [AS Path Lists](#as-path-lists) - [802.1X Port Security](#8021x-port-security) @@ -32,6 +34,11 @@ - [Application Traffic Recognition](#application-traffic-recognition) - [Applications](#applications) - [Router Application-Traffic-Recognition Device Configuration](#router-application-traffic-recognition-device-configuration) +- [IP DHCP Relay](#ip-dhcp-relay) + - [IP DHCP Relay Summary](#ip-dhcp-relay-summary) + - [IP DHCP Relay Device Configuration](#ip-dhcp-relay-device-configuration) +- [IP DHCP Snooping](#ip-dhcp-snooping) + - [IP DHCP Snooping Device Configuration](#ip-dhcp-snooping-device-configuration) ## Management @@ -244,6 +251,28 @@ ARP cache persistency is enabled. arp persistent ``` +## Multicast + +### IP IGMP Snooping + +#### IP IGMP Snooping Summary + +| IGMP Snooping | Fast Leave | Interface Restart Query | Proxy | Restart Query Interval | Robustness Variable | +| ------------- | ---------- | ----------------------- | ----- | ---------------------- | ------------------- | +| Enabled | False | - | False | - | - | + +| Querier Enabled | IP Address | Query Interval | Max Response Time | Last Member Query Interval | Last Member Query Count | Startup Query Interval | Startup Query Count | Version | +| --------------- | ---------- | -------------- | ----------------- | -------------------------- | ----------------------- | ---------------------- | ------------------- | ------- | +| False | - | - | - | - | - | - | - | - | + +#### IP IGMP Snooping Device Configuration + +```eos +! +no ip igmp snooping fast-leave +no ip igmp snooping querier +``` + ## Filters ### AS Path Lists @@ -309,3 +338,27 @@ application traffic recognition protocol tcp source port field-set src_port_set1 destination port field-set dest_port_set1 protocol udp ``` + +## IP DHCP Relay + +### IP DHCP Relay Summary + +IP DHCP Relay Option 82 is enabled. + +### IP DHCP Relay Device Configuration + +```eos +! +ip dhcp relay information option +``` + +## IP DHCP Snooping + +IP DHCP Snooping is enabled + +### IP DHCP Snooping Device Configuration + +```eos +! +ip dhcp snooping +``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/hostname.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/hostname.md deleted file mode 100644 index 0c46dd6f616..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/hostname.md +++ /dev/null @@ -1,34 +0,0 @@ -# hostname-set-via-hostname-var - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/interface-profiles.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/interface-profiles.md deleted file mode 100644 index 14cdaabd4e5..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/interface-profiles.md +++ /dev/null @@ -1,59 +0,0 @@ -# interface-profiles - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Interfaces](#interfaces) - - [Interface Profiles](#interface-profiles-1) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Interfaces - -### Interface Profiles - -#### Interface Profiles Summary - -- TEST-PROFILE-1 -- TEST-PROFILE-2 - -#### Interface Profiles Device Configuration - -```eos -! -interface profile TEST-PROFILE-1 - command description Molecule - command no switchport - command no lldp transmit -! -interface profile TEST-PROFILE-2 - command mtu 9214 - command ptp enable -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-community-lists.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-community-lists.md deleted file mode 100644 index 06ab0113944..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-community-lists.md +++ /dev/null @@ -1,63 +0,0 @@ -# ip-community-lists - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Filters](#filters) - - [IP Community-lists](#ip-community-lists-1) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Filters - -### IP Community-lists - -#### IP Community-lists Summary - -| Name | Action | Communities / Regexp | -| ---- | ------ | -------------------- | -| IP_CL_TEST1 | permit | 1001:1001, 1002:1002 | -| IP_CL_TEST1 | deny | 1010:1010 | -| IP_CL_TEST1 | permit | 20:* | -| IP_CL_TEST2 | deny | 1003:1003 | -| IP_RE_TEST1 | permit | ^$ | -| IP_RE_TEST2 | deny | ^100 | - -#### IP Community-lists Device Configuration - -```eos -! -ip community-list IP_CL_TEST1 permit 1001:1001 1002:1002 -ip community-list IP_CL_TEST1 deny 1010:1010 -ip community-list regexp IP_CL_TEST1 permit 20:* -ip community-list IP_CL_TEST2 deny 1003:1003 -ip community-list regexp IP_RE_TEST1 permit ^$ -ip community-list regexp IP_RE_TEST2 deny ^100 -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-dhcp-relay.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-dhcp-relay.md deleted file mode 100644 index e9a88e94df1..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-dhcp-relay.md +++ /dev/null @@ -1,56 +0,0 @@ -# ip-dhcp-relay - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [IP DHCP Relay](#ip-dhcp-relay-1) - - [IP DHCP Relay Summary](#ip-dhcp-relay-summary) - - [IP DHCP Relay Device Configuration](#ip-dhcp-relay-device-configuration) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## IP DHCP Relay - -### IP DHCP Relay Summary - -IP DHCP Relay Option 82 is enabled. - -DhcpRelay Agent is in always-on mode. - -Forwarding requests with secondary IP addresses in the "giaddr" field is allowed. - -### IP DHCP Relay Device Configuration - -```eos -! -ip dhcp relay information option -ip dhcp relay always-on -ip dhcp relay all-subnets default -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-dhcp-snooping.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-dhcp-snooping.md deleted file mode 100644 index 4e239a7193a..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-dhcp-snooping.md +++ /dev/null @@ -1,60 +0,0 @@ -# ip-dhcp-snooping - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [IP DHCP Snooping](#ip-dhcp-snooping-1) - - [IP DHCP Snooping Device Configuration](#ip-dhcp-snooping-device-configuration) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## IP DHCP Snooping - -IP DHCP Snooping is enabled - -IP DHCP Snooping Bridging is enabled - -IP DHCP Snooping Insertion of Option 82 is enabled - -IP DHCP Snooping Circuit-ID Suboption: 10 - -IP DHCP Snooping Circuit-ID Format: %h:%p - -IP DHCP Snooping enabled VLAN: 10,20,500,1000-2000 - -### IP DHCP Snooping Device Configuration - -```eos -! -ip dhcp snooping bridging -ip dhcp snooping information option -ip dhcp snooping information option circuit-id type 10 format %h:%p -ip dhcp snooping vlan 10,20,500,1000-2000 -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-extended-community-lists-regexp.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-extended-community-lists-regexp.md deleted file mode 100644 index 7724efd82c3..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-extended-community-lists-regexp.md +++ /dev/null @@ -1,58 +0,0 @@ -# ip-extended-community-lists-regexp - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Filters](#filters) - - [IP Extended Community RegExp Lists](#ip-extended-community-regexp-lists) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Filters - -### IP Extended Community RegExp Lists - -#### IP Extended Community RegExp Lists Summary - -| List Name | Type | Regular Expression | -| --------- | ---- | ------------------ | -| TEST1 | permit | 65[0-9]{3}:[0-9]+ | -| TEST1 | deny | .* | -| TEST2 | deny | 6500[0-1]:650[0-9][0-9] | - -#### IP Extended Community RegExp Lists Device Configuration - -```eos -! -ip extcommunity-list regexp TEST1 permit 65[0-9]{3}:[0-9]+ -ip extcommunity-list regexp TEST1 deny .* -! -ip extcommunity-list regexp TEST2 deny 6500[0-1]:650[0-9][0-9] -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-extended-community-lists.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-extended-community-lists.md deleted file mode 100644 index 1a895bc57b1..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-extended-community-lists.md +++ /dev/null @@ -1,58 +0,0 @@ -# ip-extended-community-lists - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Filters](#filters) - - [IP Extended Community Lists](#ip-extended-community-lists-1) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Filters - -### IP Extended Community Lists - -#### IP Extended Community Lists Summary - -| List Name | Type | Extended Communities | -| --------- | ---- | -------------------- | -| TEST1 | permit | 65000:65000 | -| TEST1 | deny | 65002:65002 | -| TEST2 | deny | 65001:65001 | - -#### IP Extended Community Lists Device Configuration - -```eos -! -ip extcommunity-list TEST1 permit 65000:65000 -ip extcommunity-list TEST1 deny 65002:65002 -! -ip extcommunity-list TEST2 deny 65001:65001 -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-igmp-snooping-enable.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-igmp-snooping-enable.md deleted file mode 100644 index 07dd8eac85d..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-igmp-snooping-enable.md +++ /dev/null @@ -1,100 +0,0 @@ -# ip-igmp-snooping-enable - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Multicast](#multicast) - - [IP IGMP Snooping](#ip-igmp-snooping) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Multicast - -### IP IGMP Snooping - -#### IP IGMP Snooping Summary - -| IGMP Snooping | Fast Leave | Interface Restart Query | Proxy | Restart Query Interval | Robustness Variable | -| ------------- | ---------- | ----------------------- | ----- | ---------------------- | ------------------- | -| Enabled | True | 500 | True | 30 | 2 | - -| Querier Enabled | IP Address | Query Interval | Max Response Time | Last Member Query Interval | Last Member Query Count | Startup Query Interval | Startup Query Count | Version | -| --------------- | ---------- | -------------- | ----------------- | -------------------------- | ----------------------- | ---------------------- | ------------------- | ------- | -| True | 10.10.10.1 | 40 | 10 | 5 | 2 | 20 | 2 | 3 | - -##### IP IGMP Snooping Vlan Summary - -| Vlan | IGMP Snooping | Fast Leave | Max Groups | Proxy | -| ---- | ------------- | ---------- | ---------- | ----- | -| 23 | True | True | 20 | True | -| 24 | True | - | - | - | -| 25 | False | False | - | False | - -| Vlan | Querier Enabled | IP Address | Query Interval | Max Response Time | Last Member Query Interval | Last Member Query Count | Startup Query Interval | Startup Query Count | Version | -| ---- | --------------- | ---------- | -------------- | ----------------- | -------------------------- | ----------------------- | ---------------------- | ------------------- | ------- | -| 23 | True | 10.10.23.1 | 40 | 10 | 5 | 2 | 20 | 2 | 3 | - -#### IP IGMP Snooping Device Configuration - -```eos -! -ip igmp snooping robustness-variable 2 -ip igmp snooping restart query-interval 30 -ip igmp snooping interface-restart-query 500 -ip igmp snooping fast-leave -ip igmp snooping vlan 23 -ip igmp snooping vlan 23 querier -ip igmp snooping vlan 23 querier address 10.10.23.1 -ip igmp snooping vlan 23 querier query-interval 40 -ip igmp snooping vlan 23 querier max-response-time 10 -ip igmp snooping vlan 23 querier last-member-query-interval 5 -ip igmp snooping vlan 23 querier last-member-query-count 2 -ip igmp snooping vlan 23 querier startup-query-interval 20 -ip igmp snooping vlan 23 querier startup-query-count 2 -ip igmp snooping vlan 23 querier version 3 -ip igmp snooping vlan 23 max-groups 20 -ip igmp snooping vlan 23 fast-leave -ip igmp snooping vlan 24 -no ip igmp snooping vlan 25 -no ip igmp snooping vlan 25 fast-leave -ip igmp snooping querier -ip igmp snooping querier address 10.10.10.1 -ip igmp snooping querier query-interval 40 -ip igmp snooping querier max-response-time 10 -ip igmp snooping querier last-member-query-interval 5 -ip igmp snooping querier last-member-query-count 2 -ip igmp snooping querier startup-query-interval 20 -ip igmp snooping querier startup-query-count 2 -ip igmp snooping querier version 3 -! -ip igmp snooping proxy -ip igmp snooping vlan 23 proxy -no ip igmp snooping vlan 25 proxy -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/vlan-interfaces.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/vlan-interfaces.md deleted file mode 100644 index b26ef8eff17..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/vlan-interfaces.md +++ /dev/null @@ -1,584 +0,0 @@ -# vlan-interfaces - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Interfaces](#interfaces) - - [VLAN Interfaces](#vlan-interfaces-1) -- [BFD](#bfd) - - [BFD Interfaces](#bfd-interfaces) -- [Multicast](#multicast) - - [PIM Sparse Mode](#pim-sparse-mode) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Interfaces - -### VLAN Interfaces - -#### VLAN Interfaces Summary - -| Interface | Description | VRF | MTU | Shutdown | -| --------- | ----------- | --- | ---- | -------- | -| Vlan24 | SVI Description | default | - | False | -| Vlan25 | SVI Description | default | - | False | -| Vlan41 | SVI Description | default | - | False | -| Vlan42 | SVI Description | default | - | False | -| Vlan43 | SVI Description | default | - | False | -| Vlan44 | SVI Description | default | - | False | -| Vlan50 | IP NAT Testing | default | - | - | -| Vlan75 | SVI Description | default | - | False | -| Vlan81 | IPv6 Virtual Address | Tenant_C | - | - | -| Vlan83 | SVI Description | default | - | False | -| Vlan84 | SVI Description | default | - | - | -| Vlan85 | SVI Description | default | - | - | -| Vlan86 | SVI Description | default | - | - | -| Vlan87 | SVI Description | default | - | True | -| Vlan88 | SVI Description | default | - | True | -| Vlan89 | SVI Description | default | - | False | -| Vlan90 | SVI Description | default | - | - | -| Vlan91 | PBR Description | default | - | True | -| Vlan92 | SVI Description | default | - | - | -| Vlan110 | PVLAN Primary with vlan mapping | Tenant_A | - | False | -| Vlan333 | Multiple VRIDs and tracking | default | - | False | -| Vlan334 | v6 attached host exports | default | - | - | -| Vlan335 | v6 attached host exports | default | - | - | -| Vlan336 | v6 attached host exports | default | - | - | -| Vlan337 | v4 dhcp relay all-subnets | default | - | - | -| Vlan338 | v6 dhcp relay all-subnets | default | - | - | -| Vlan339 | v6 nd options | default | - | - | -| Vlan501 | SVI Description | default | - | False | -| Vlan667 | Multiple VRIDs | default | - | False | -| Vlan1001 | SVI Description | Tenant_A | - | False | -| Vlan1002 | SVI Description | Tenant_A | - | False | -| Vlan2001 | SVI Description | Tenant_B | - | - | -| Vlan2002 | SVI Description | Tenant_B | - | - | -| Vlan4094 | SVI Description | default | 9214 | - | - -##### Private VLAN - -| Interface | PVLAN Mapping | -| --------- | ------------- | -| Vlan110 | 111-112 | - -##### IPv4 - -| Interface | VRF | IP Address | IP Address Virtual | IP Router Virtual Address | ACL In | ACL Out | -| --------- | --- | ---------- | ------------------ | ------------------------- | ------ | ------- | -| Vlan24 | default | - | 10.10.24.1/24 | - | - | - | -| Vlan25 | default | - | - | - | - | - | -| Vlan41 | default | - | 10.10.41.1/24 | - | - | - | -| Vlan42 | default | - | 10.10.42.1/24 | - | - | - | -| Vlan43 | default | - | - | - | - | - | -| Vlan44 | default | - | - | - | - | - | -| Vlan50 | default | - | - | - | - | - | -| Vlan75 | default | - | 10.10.75.1/24 | - | - | - | -| Vlan81 | Tenant_C | - | 10.10.81.1/24 | - | - | - | -| Vlan83 | default | - | 10.10.83.1/24 | - | - | - | -| Vlan84 | default | 10.10.84.1/24 | - | 10.10.84.254, 10.11.84.254/24 | - | - | -| Vlan85 | default | 10.10.84.1/24 | - | - | - | - | -| Vlan86 | default | 10.10.83.1/24 | - | - | - | - | -| Vlan87 | default | 10.10.87.1/24 | - | - | ACL_IN | ACL_OUT | -| Vlan88 | default | - | 10.10.87.1/23 | - | - | - | -| Vlan89 | default | - | 10.10.144.3/20 | - | - | - | -| Vlan90 | default | 10.10.83.1/24 | - | - | - | - | -| Vlan91 | default | - | - | - | - | - | -| Vlan92 | default | 10.10.92.1/24 | - | - | - | - | -| Vlan110 | Tenant_A | 10.0.101.1/24 | - | - | - | - | -| Vlan333 | default | 192.0.2.2/25 | - | - | - | - | -| Vlan334 | default | - | - | - | - | - | -| Vlan335 | default | - | - | - | - | - | -| Vlan336 | default | - | - | - | - | - | -| Vlan337 | default | 10.0.2.2/25 | - | - | - | - | -| Vlan338 | default | - | - | - | - | - | -| Vlan339 | default | - | - | - | - | - | -| Vlan501 | default | 10.50.26.29/27 | - | - | - | - | -| Vlan667 | default | 192.0.2.2/25 | - | - | - | - | -| Vlan1001 | Tenant_A | - | 10.1.1.1/24 | - | - | - | -| Vlan1002 | Tenant_A | - | 10.1.2.1/24 | - | - | - | -| Vlan2001 | Tenant_B | - | 10.2.1.1/24 | - | - | - | -| Vlan2002 | Tenant_B | - | 10.2.2.1/24 | - | - | - | -| Vlan4094 | default | 169.254.252.0/31 | - | - | - | - | - -##### IP NAT: Source Static - -| Interface | Direction | Original IP | Original Port | Access List | Translated IP | Translated Port | Protocol | Group | Priority | Comment | -| --------- | --------- | ----------- | ------------- | ----------- | ------------- | --------------- | -------- | ----- | -------- | ------- | -| Vlan50 | - | 3.0.0.1 | - | - | 4.0.0.1 | - | - | - | 0 | - | - -##### IP NAT: Source Dynamic - -| Interface | Access List | NAT Type | Pool Name | Priority | Comment | -| --------- | ----------- | -------- | --------- | -------- | ------- | -| Vlan50 | ACL2 | pool | POOL2 | 0 | - | - -##### IP NAT: Destination Static - -| Interface | Direction | Original IP | Original Port | Access List | Translated IP | Translated Port | Protocol | Group | Priority | Comment | -| --------- | --------- | ----------- | ------------- | ----------- | ------------- | --------------- | -------- | ----- | -------- | ------- | -| Vlan50 | - | 1.0.0.1 | - | - | 2.0.0.1 | - | - | - | 0 | - | - -##### IP NAT: Destination Dynamic - -| Interface | Access List | Pool Name | Priority | Comment | -| --------- | ----------- | --------- | -------- | ------- | -| Vlan50 | ACL1 | POOL1 | 0 | - | - -##### IPv6 - -| Interface | VRF | IPv6 Address | IPv6 Virtual Addresses | Virtual Router Addresses | ND RA Disabled | Managed Config Flag | Other Config Flag | IPv6 ACL In | IPv6 ACL Out | -| --------- | --- | ------------ | ---------------------- | ------------------------ | -------------- | ------------------- | ----------------- | ----------- | ------------ | -| Vlan24 | default | 1b11:3a00:22b0:6::15/64 | - | 1b11:3a00:22b0:6::1 | - | True | - | - | - | -| Vlan25 | default | 1b11:3a00:22b0:16::16/64 | - | 1b11:3a00:22b0:16::15, 1b11:3a00:22b0:16::14 | - | - | - | - | - | -| Vlan43 | default | a0::1/64 | - | - | - | - | - | - | - | -| Vlan44 | default | a0::4/64 | - | - | - | - | - | - | - | -| Vlan75 | default | 1b11:3a00:22b0:1000::15/64 | - | 1b11:3a00:22b0:1000::1 | - | True | - | - | - | -| Vlan81 | Tenant_C | - | fc00:10:10:81::1/64, fc00:10:11:81::1/64, fc00:10:12:81::1/64 | - | - | - | - | - | - | -| Vlan89 | default | 1b11:3a00:22b0:5200::15/64 | - | 1b11:3a00:22b0:5200::3 | - | True | - | - | - | -| Vlan333 | default | 2001:db8:333::2/64 | - | - | - | - | - | - | - | -| Vlan334 | default | 2001:db8:334::1/64 | - | - | - | - | - | - | - | -| Vlan335 | default | 2001:db8:335::1/64 | - | - | - | - | - | - | - | -| Vlan336 | default | 2001:db8:336::1/64 | - | - | - | - | - | - | - | -| Vlan338 | default | 2001:db8:338::1/64 | - | - | - | - | - | - | - | -| Vlan339 | default | 2001:db8:339::1/64 | - | - | - | - | True | - | - | -| Vlan501 | default | 1b11:3a00:22b0:0088::207/127 | - | - | True | - | - | - | - | -| Vlan667 | default | 2001:db8:667::2/64 | - | - | - | - | - | - | - | -| Vlan1001 | Tenant_A | a1::1/64 | - | - | - | True | - | - | - | -| Vlan1002 | Tenant_A | a2::1/64 | - | - | True | True | - | - | - | - -##### VRRP Details - -| Interface | VRRP-ID | Priority | Advertisement Interval | Preempt | Tracked Object Name(s) | Tracked Object Action(s) | IPv4 Virtual IP | IPv4 VRRP Version | IPv6 Virtual IP | -| --------- | ------- | -------- | ---------------------- | --------| ---------------------- | ------------------------ | --------------- | ----------------- | --------------- | -| Vlan333 | 1 | 105 | 2 | Enabled | ID1-TrackedObjectDecrement, ID1-TrackedObjectShutdown | Decrement 5, Shutdown | 192.0.2.1 | 2 | - | -| Vlan333 | 2 | - | - | Enabled | ID2-TrackedObjectDecrement, ID2-TrackedObjectShutdown | Decrement 10, Shutdown | - | 2 | 2001:db8:333::1 | -| Vlan333 | 3 | - | - | Disabled | - | - | 100.64.0.1 | 3 | - | -| Vlan667 | 1 | 105 | 2 | Enabled | - | - | 192.0.2.1 | 2 | - | -| Vlan667 | 2 | - | - | Enabled | - | - | - | 2 | 2001:db8:667::1 | - -##### ISIS - -| Interface | ISIS Instance | ISIS BFD | ISIS Metric | Mode | ISIS Authentication Mode | -| --------- | ------------- | -------- | ----------- | ---- | ------------------------ | -| Vlan42 | EVPN_UNDERLAY | - | - | - | Level-1: sha | -| Vlan83 | EVPN_UNDERLAY | - | - | - | md5 | -| Vlan84 | EVPN_UNDERLAY | - | - | - | sha | -| Vlan85 | EVPN_UNDERLAY | - | - | - | sha | -| Vlan86 | EVPN_UNDERLAY | - | - | - | shared-secret | -| Vlan87 | EVPN_UNDERLAY | - | - | - | shared-secret | -| Vlan88 | EVPN_UNDERLAY | - | - | - | Level-1: md5
Level-2: text | -| Vlan90 | EVPN_UNDERLAY | - | - | - | Level-1: shared-secret
Level-2: shared-secret | -| Vlan91 | EVPN_UNDERLAY | - | - | - | Level-1: md5
Level-2: text | -| Vlan92 | EVPN_UNDERLAY | - | - | - | Level-1: shared-secret
Level-2: shared-secret | -| Vlan2002 | EVPN_UNDERLAY | True | - | - | md5 | -| Vlan4094 | EVPN_UNDERLAY | - | - | - | Level-1: sha
Level-2: sha | - -##### Multicast Routing - -| Interface | IP Version | Static Routes Allowed | Multicast Boundaries | Export Host Routes For Multicast Sources | -| --------- | ---------- | --------------------- | -------------------- | ---------------------------------------- | -| Vlan75 | IPv4 | True | 224.0.1.0/24, 224.0.2.0/24 | - | -| Vlan75 | IPv6 | - | ff00::/16, ff01::/16 | - | -| Vlan89 | IPv4 | - | ACL_MULTICAST | True | -| Vlan89 | IPv6 | True | ACL_V6_MULTICAST_WITH_OUT | - | -| Vlan110 | IPv4 | True | ACL_MULTICAST | - | -| Vlan110 | IPv6 | - | - | True | - -#### VLAN Interfaces Device Configuration - -```eos -! -interface Vlan24 - description SVI Description - no shutdown - ipv6 address 1b11:3a00:22b0:6::15/64 - ipv6 nd managed-config-flag - ipv6 nd prefix 1b11:3a00:22b0:6::/64 infinite infinite no-autoconfig - ip address virtual 10.10.24.1/24 - ipv6 virtual-router address 1b11:3a00:22b0:6::1 -! -interface Vlan25 - description SVI Description - no shutdown - ipv6 address 1b11:3a00:22b0:16::16/64 - ipv6 virtual-router address 1b11:3a00:22b0:16::14 - ipv6 virtual-router address 1b11:3a00:22b0:16::15 -! -interface Vlan41 - description SVI Description - no shutdown - ip helper-address 10.10.64.150 source-interface Loopback0 - ip helper-address 10.10.96.150 source-interface Loopback0 - ip helper-address 10.10.96.151 source-interface Loopback0 - ip igmp host-proxy - ip igmp host-proxy 239.0.0.1 - ip igmp host-proxy 239.0.0.2 exclude 10.0.2.1 - ip igmp host-proxy 239.0.0.3 include 10.0.3.1 - ip igmp host-proxy 239.0.0.4 include 10.0.4.3 - ip igmp host-proxy 239.0.0.4 include 10.0.4.4 - ip igmp host-proxy 239.0.0.4 exclude 10.0.4.1 - ip igmp host-proxy 239.0.0.4 exclude 10.0.4.2 - ip igmp host-proxy access-list ACL1 - ip igmp host-proxy access-list ACL2 - ip igmp host-proxy report-interval 2 - ip igmp host-proxy version 2 - ip address virtual 10.10.41.1/24 -! -interface Vlan42 - description SVI Description - no shutdown - ip helper-address 10.10.64.150 source-interface Loopback0 - ip helper-address 10.10.96.150 source-interface Loopback0 - ip helper-address 10.10.96.151 source-interface Loopback0 - isis enable EVPN_UNDERLAY - isis authentication mode sha key-id 5 level-1 - ip address virtual 10.10.42.1/24 -! -interface Vlan43 - description SVI Description - no shutdown - ipv6 dhcp relay destination a0::2 vrf TEST local-interface Loopback44 link-address a0::4 - ipv6 address a0::1/64 - isis authentication key-id 2 algorithm sha-512 key 0 password - isis authentication key-id 3 algorithm sha-512 rfc-5310 key 0 password1 - isis authentication key-id 1 algorithm sha-1 key 0 password level-1 - isis authentication key-id 4 algorithm sha-1 rfc-5310 key 0 password level-1 - isis authentication key-id 5 algorithm sha-1 key 0 password3 level-1 - isis authentication key-id 1 algorithm sha-1 key 0 password level-2 - isis authentication key-id 5 algorithm sha-1 rfc-5310 key 0 password level-2 -! -interface Vlan44 - description SVI Description - no shutdown - ipv6 dhcp relay destination a0::8 - ipv6 dhcp relay destination a0::5 vrf TEST source-address a0::6 link-address a0::7 - ipv6 address a0::4/64 -! -interface Vlan50 - description IP NAT Testing - ip nat destination static 1.0.0.1 2.0.0.1 - ip nat source static 3.0.0.1 4.0.0.1 - ip nat destination dynamic access-list ACL1 pool POOL1 - ip nat source dynamic access-list ACL2 pool POOL2 - isis authentication mode text rx-disabled level-2 - isis authentication key 0 password level-2 -! -interface Vlan75 - description SVI Description - no shutdown - ipv6 address 1b11:3a00:22b0:1000::15/64 - ipv6 nd managed-config-flag - ipv6 nd prefix 1b11:3a00:22b0:1000::/64 infinite infinite no-autoconfig - multicast ipv4 boundary 224.0.1.0/24 out - multicast ipv4 boundary 224.0.2.0/24 - multicast ipv6 boundary ff00::/16 out - multicast ipv6 boundary ff01::/16 out - multicast ipv4 static - ip address virtual 10.10.75.1/24 - ipv6 virtual-router address 1b11:3a00:22b0:1000::1 -! -interface Vlan81 - description IPv6 Virtual Address - vrf Tenant_C - ipv6 enable - ip address virtual 10.10.81.1/24 - ipv6 address virtual fc00:10:10:81::1/64 - ipv6 address virtual fc00:10:11:81::1/64 - ipv6 address virtual fc00:10:12:81::1/64 -! -interface Vlan83 - description SVI Description - no shutdown - isis enable EVPN_UNDERLAY - isis authentication mode md5 - isis authentication key 0 password - ip address virtual 10.10.83.1/24 - ip address virtual 10.11.83.1/24 secondary - ip address virtual 10.11.84.1/24 secondary -! -interface Vlan84 - description SVI Description - arp gratuitous accept - ip address 10.10.84.1/24 - arp monitor mac-address - isis enable EVPN_UNDERLAY - isis authentication mode sha key-id 2 rx-disabled - isis authentication key 0 password - ip virtual-router address 10.10.84.254 - ip virtual-router address 10.11.84.254/24 -! -interface Vlan85 - description SVI Description - ip address 10.10.84.1/24 - arp cache dynamic capacity 50000 - bfd interval 500 min-rx 500 multiplier 5 - bfd echo - isis enable EVPN_UNDERLAY - isis authentication mode sha key-id 2 - isis authentication key 0 password -! -interface Vlan86 - description SVI Description - ip address 10.10.83.1/24 - ip attached-host route export 10 - isis enable EVPN_UNDERLAY - isis authentication mode shared-secret profile profile1 algorithm sha-1 rx-disabled -! -interface Vlan87 - description SVI Description - shutdown - ip address 10.10.87.1/24 - ip access-group ACL_IN in - ip access-group ACL_OUT out - isis enable EVPN_UNDERLAY - isis authentication mode shared-secret profile profile1 algorithm sha-1 -! -interface Vlan88 - description SVI Description - shutdown - isis enable EVPN_UNDERLAY - isis authentication mode md5 rx-disabled level-1 - isis authentication mode text rx-disabled level-2 - isis authentication key 0 password level-1 - isis authentication key 0 password level-2 - ip address virtual 10.10.87.1/23 -! -interface Vlan89 - description SVI Description - no shutdown - ip helper-address 10.10.64.150 source-interface Loopback0 - ip helper-address 10.10.96.101 source-interface Loopback0 - ip helper-address 10.10.96.150 source-interface Loopback0 - ip helper-address 10.10.96.151 source-interface Loopback0 - ip igmp - ip igmp version 2 - ipv6 address 1b11:3a00:22b0:5200::15/64 - ipv6 nd managed-config-flag - ipv6 nd prefix 1b11:3a00:22b0:5200::/64 infinite infinite no-autoconfig - multicast ipv4 boundary ACL_MULTICAST - multicast ipv6 boundary ACL_V6_MULTICAST_WITH_OUT out - multicast ipv4 source route export - multicast ipv6 static - pim ipv4 sparse-mode - pim ipv4 local-interface Loopback0 - ip address virtual 10.10.144.3/20 - ipv6 virtual-router address 1b11:3a00:22b0:5200::3 -! -interface Vlan90 - description SVI Description - ip address 10.10.83.1/24 - ip attached-host route export - isis enable EVPN_UNDERLAY - isis authentication mode shared-secret profile profile2 algorithm sha-1 level-1 - isis authentication mode shared-secret profile profile1 algorithm sha-256 level-2 -! -interface Vlan91 - description PBR Description - shutdown - service-policy type pbr input MyServicePolicy - isis enable EVPN_UNDERLAY - isis authentication mode md5 level-1 - isis authentication mode text level-2 - isis authentication key 0 password level-1 - isis authentication key 0 password level-2 -! -interface Vlan92 - description SVI Description - ip proxy-arp - ip address 10.10.92.1/24 - ip directed-broadcast - isis enable EVPN_UNDERLAY - isis authentication mode shared-secret profile profile2 algorithm sha-1 rx-disabled level-1 - isis authentication mode shared-secret profile profile1 algorithm sha-256 rx-disabled level-2 -! -interface Vlan110 - description PVLAN Primary with vlan mapping - no shutdown - pvlan mapping 111-112 - vrf Tenant_A - ip address 10.0.101.1/24 - multicast ipv4 boundary ACL_MULTICAST out - multicast ipv6 source route export 20 - multicast ipv4 static -! -interface Vlan333 - description Multiple VRIDs and tracking - no shutdown - ip address 192.0.2.2/25 - arp aging timeout 180 - ipv6 enable - ipv6 address 2001:db8:333::2/64 - ipv6 address fe80::2/64 link-local - vrrp 1 priority-level 105 - vrrp 1 advertisement interval 2 - vrrp 1 preempt delay minimum 30 reload 800 - vrrp 1 ipv4 192.0.2.1 - vrrp 1 tracked-object ID1-TrackedObjectDecrement decrement 5 - vrrp 1 tracked-object ID1-TrackedObjectShutdown shutdown - vrrp 2 ipv6 2001:db8:333::1 - vrrp 2 tracked-object ID2-TrackedObjectDecrement decrement 10 - vrrp 2 tracked-object ID2-TrackedObjectShutdown shutdown - no vrrp 3 preempt - vrrp 3 timers delay reload 900 - vrrp 3 ipv4 100.64.0.1 - vrrp 3 ipv4 version 3 -! -interface Vlan334 - description v6 attached host exports - ipv6 attached-host route export 19 - ipv6 enable - ipv6 address 2001:db8:334::1/64 -! -interface Vlan335 - description v6 attached host exports - ipv6 attached-host route export prefix-length 64 - ipv6 enable - ipv6 address 2001:db8:335::1/64 -! -interface Vlan336 - description v6 attached host exports - ipv6 attached-host route export 18 prefix-length 64 - ipv6 enable - ipv6 address 2001:db8:336::1/64 -! -interface Vlan337 - description v4 dhcp relay all-subnets - ip address 10.0.2.2/25 - ip dhcp relay all-subnets -! -interface Vlan338 - description v6 dhcp relay all-subnets - ipv6 dhcp relay all-subnets - ipv6 address 2001:db8:338::1/64 -! -interface Vlan339 - description v6 nd options - ipv6 nd cache expire 250 - ipv6 nd cache dynamic capacity 900 - ipv6 nd cache refresh always - ipv6 enable - ipv6 address 2001:db8:339::1/64 - ipv6 nd other-config-flag -! -interface Vlan501 - description SVI Description - no shutdown - ip address 10.50.26.29/27 - ipv6 address 1b11:3a00:22b0:0088::207/127 - ipv6 nd ra disabled -! -interface Vlan667 - description Multiple VRIDs - no shutdown - ip address 192.0.2.2/25 - arp aging timeout 180 - ipv6 enable - ipv6 address 2001:db8:667::2/64 - ipv6 address fe80::2/64 link-local - vrrp 1 priority-level 105 - vrrp 1 advertisement interval 2 - vrrp 1 preempt delay minimum 30 reload 800 - vrrp 1 ipv4 192.0.2.1 - vrrp 2 ipv6 2001:db8:667::1 -! -interface Vlan1001 - description SVI Description - no shutdown - vrf Tenant_A - ipv6 address a1::1/64 - ipv6 nd managed-config-flag - ipv6 nd prefix a1::/64 infinite infinite no-autoconfig - ip address virtual 10.1.1.1/24 -! -interface Vlan1002 - description SVI Description - no shutdown - vrf Tenant_A - ipv6 address a2::1/64 - ipv6 nd ra disabled - ipv6 nd managed-config-flag - ipv6 nd prefix a2::/64 infinite infinite no-autoconfig - ip address virtual 10.1.2.1/24 -! -interface Vlan2001 - description SVI Description - logging event link-status - vrf Tenant_B - ip address virtual 10.2.1.1/24 - comment - Comment created from eos_cli under vlan_interfaces.Vlan2001 - EOF - -! -interface Vlan2002 - description SVI Description - no autostate - vrf Tenant_B - ip verify unicast source reachable-via rx - isis enable EVPN_UNDERLAY - isis bfd - isis authentication mode md5 rx-disabled - isis authentication key 0 password - ip address virtual 10.2.2.1/24 -! -interface Vlan4094 - description SVI Description - mtu 9214 - ip address 169.254.252.0/31 - ipv6 address fe80::a/64 link-local - pim ipv4 sparse-mode - pim ipv4 bidirectional - pim ipv4 hello interval 10 - pim ipv4 hello count 3.5 - pim ipv4 dr-priority 200 - pim ipv4 bfd - isis enable EVPN_UNDERLAY - isis authentication mode sha key-id 5 rx-disabled level-1 - isis authentication mode sha key-id 10 rx-disabled level-2 -``` - -## BFD - -### BFD Interfaces - -| Interface | Interval | Minimum RX | Multiplier | Echo | -| --------- | -------- | ---------- | ---------- | ---- | -| Vlan85 | 500 | 500 | 5 | True | - -## Multicast - -### PIM Sparse Mode - -#### PIM Sparse Mode Enabled Interfaces - -| Interface Name | VRF Name | IP Version | Border Router | DR Priority | Local Interface | -| -------------- | -------- | ---------- | ------------- | ----------- | --------------- | -| Vlan89 | - | IPv4 | - | - | Loopback0 | -| Vlan4094 | - | IPv4 | - | 200 | - | diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/errdisable.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/errdisable.cfg deleted file mode 100644 index e77d4de0bd8..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/errdisable.cfg +++ /dev/null @@ -1,29 +0,0 @@ -! -errdisable detect cause arp-inspection -errdisable detect cause dot1x -errdisable detect cause link-change -errdisable detect cause tapagg -errdisable detect cause xcvr-misconfigured -errdisable detect cause xcvr-overheat -errdisable detect cause xcvr-power-unsupported -errdisable recovery cause bpduguard -errdisable recovery cause dot1x -errdisable recovery cause hitless-reload-down -errdisable recovery cause lacp-rate-limit -errdisable recovery cause link-flap -errdisable recovery cause no-internal-vlan -errdisable recovery cause portchannelguard -errdisable recovery cause portsec -errdisable recovery cause speed-misconfigured -errdisable recovery cause tapagg -errdisable recovery cause uplink-failure-detection -errdisable recovery cause xcvr-misconfigured -errdisable recovery cause xcvr-overheat -errdisable recovery cause xcvr-power-unsupported -errdisable recovery cause xcvr-unsupported -errdisable recovery interval 300 -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/event-handlers.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/event-handlers.cfg deleted file mode 100644 index 3f6953c265b..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/event-handlers.cfg +++ /dev/null @@ -1,72 +0,0 @@ -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -event-handler CONFIG_VERSIONING - trigger on-startup-config - action bash FN=/mnt/flash/startup-config; LFN="`ls -1 $FN.*-* | tail -n 1`"; if [ -z "$LFN" -o -n "`diff -I 'last modified' $FN $LFN`" ]; then cp $FN $FN.`date +%Y%m%d-%H%M%S`; ls -1r $FN.*-* | tail -n +11 | xargs -I % rm %; fi - delay 0 -! -event-handler trigger-on-boot - trigger on-boot - action bash - if [ 15 -gt 10 ] - then - echo "a is greater than 10" - fi - EOF - action increment device-health metric Metric1 -! -event-handler trigger-on-counters - action log - trigger on-counters - poll interval 10 - condition ( Arad*.IptCrcErrCnt.delta > 100 ) and ( Arad*.UcFifoFullDrop.delta > 100 ) - granularity per-source -! -event-handler trigger-on-counters2 - trigger on-counters - condition ( Arad*.IptCrcErrCnt.delta > 100 ) and ( Arad*.UcFifoFullDrop.delta > 100 ) - granularity per-source -! -event-handler trigger-on-counters3 - trigger on-counters -! -event-handler trigger-on-intf - trigger on-intf Ethernet4 operstatus ip ip6 -! -event-handler trigger-on-intf2 -! -event-handler trigger-on-logging - action increment device-health metric Metric2 - trigger on-logging - poll interval 10 - regex ab* -! -event-handler trigger-on-logging2 - trigger on-logging - regex ab* -! -event-handler trigger-on-logging3 - trigger on-logging -! -event-handler trigger-on-maintenance1 - trigger on-maintenance enter interface Management3 after stage linkdown -! -event-handler trigger-on-maintenance2 - trigger on-maintenance exit unit unit1 before stage bgp - action bash echo "on-maintenance" -! -event-handler trigger-on-maintenance3 - trigger on-maintenance enter bgp 10.0.0.2 vrf vrf1 all - action bash echo "on-maintenance" -! -event-handler trigger-on-maintenance4 -! -event-handler trigger-on-maintenance5 -! -event-handler trigger-vm-tracer - trigger vm-tracer vm - action bash echo "vm-tracer vm" diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/event-monitor.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/event-monitor.cfg deleted file mode 100644 index 3dd8fb80d9f..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/event-monitor.cfg +++ /dev/null @@ -1,7 +0,0 @@ -! -event-monitor -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/groups.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/groups.cfg deleted file mode 100644 index 66181578b16..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/groups.cfg +++ /dev/null @@ -1,28 +0,0 @@ -! -group bgp bar - vrf red - neighbor peer-group-baz - maintenance profile bgp downlink-neighbors -! -group bgp foo - neighbor 169.254.1.1 - neighbor fe80::1 - maintenance profile bgp ixp - maintenance profile bgp uplink-neighbors -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -group interface QSFP_Interface_Group - interface Ethernet1,5 - maintenance profile interface uplink-interfaces -! -group interface SFP_Interface_Group - interface Ethernet10-20 - interface Ethernet30-48 - maintenance profile bgp downlink-neighbors - maintenance profile bgp local-ix - maintenance profile interface downlink-interfaces - maintenance profile interface ix-interfaces diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host1.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host1.cfg index a705ff28115..dd9de2b5f5a 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host1.cfg +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host1.cfg @@ -37,6 +37,10 @@ dhcp relay server dhcp-relay-server1 server dhcp-relay-server2 ! +ip dhcp relay information option +ip dhcp relay always-on +ip dhcp relay all-subnets default +! dhcp server vrf AVRF ! subnet 172.16.254.0/24 @@ -99,6 +103,74 @@ dhcp server vrf VRF01 ! subnet 192.168.0.0/24 disabled +! +ip dhcp snooping bridging +ip dhcp snooping information option +ip dhcp snooping information option circuit-id type 10 format %h:%p +ip dhcp snooping vlan 10,20,500,1000-2000 +! +errdisable detect cause acl +errdisable detect cause arp-inspection +errdisable detect cause dot1x +errdisable detect cause link-change +errdisable detect cause tapagg +errdisable detect cause xcvr-misconfigured +errdisable detect cause xcvr-overheat +errdisable detect cause xcvr-power-unsupported +errdisable recovery cause arp-inspection +errdisable recovery cause bpduguard +errdisable recovery cause dot1x +errdisable recovery cause hitless-reload-down +errdisable recovery cause lacp-rate-limit +errdisable recovery cause link-flap +errdisable recovery cause no-internal-vlan +errdisable recovery cause portchannelguard +errdisable recovery cause portsec +errdisable recovery cause speed-misconfigured +errdisable recovery cause tapagg +errdisable recovery cause uplink-failure-detection +errdisable recovery cause xcvr-misconfigured +errdisable recovery cause xcvr-overheat +errdisable recovery cause xcvr-power-unsupported +errdisable recovery cause xcvr-unsupported +errdisable recovery interval 300 +! +event-monitor +! +ip igmp snooping robustness-variable 2 +ip igmp snooping restart query-interval 30 +ip igmp snooping interface-restart-query 500 +ip igmp snooping fast-leave +ip igmp snooping vlan 23 +ip igmp snooping vlan 23 querier +ip igmp snooping vlan 23 querier address 10.10.23.1 +ip igmp snooping vlan 23 querier query-interval 40 +ip igmp snooping vlan 23 querier max-response-time 10 +ip igmp snooping vlan 23 querier last-member-query-interval 5 +ip igmp snooping vlan 23 querier last-member-query-count 2 +ip igmp snooping vlan 23 querier startup-query-interval 20 +ip igmp snooping vlan 23 querier startup-query-count 2 +ip igmp snooping vlan 23 querier version 3 +ip igmp snooping vlan 23 max-groups 20 +ip igmp snooping vlan 23 fast-leave +ip igmp snooping vlan 24 +no ip igmp snooping vlan 25 +no ip igmp snooping vlan 25 fast-leave +ip igmp snooping querier +ip igmp snooping querier address 10.10.10.1 +ip igmp snooping querier query-interval 40 +ip igmp snooping querier max-response-time 10 +ip igmp snooping querier last-member-query-interval 5 +ip igmp snooping querier last-member-query-count 2 +ip igmp snooping querier startup-query-interval 20 +ip igmp snooping querier startup-query-count 2 +ip igmp snooping querier version 3 +! +ip igmp snooping proxy +ip igmp snooping vlan 23 proxy +no ip igmp snooping vlan 25 proxy +! +hostname hostname-set-via-hostname-var ip domain-list domain1.local ip domain-list domain2.local ! @@ -124,6 +196,20 @@ vrf instance TENANT_A_PROJECT01 ! vrf instance TENANT_A_PROJECT02 ! +group bgp bar + vrf red + neighbor peer-group-baz + maintenance profile bgp downlink-neighbors +! +group bgp foo + neighbor 169.254.1.1 + neighbor fe80::1 + maintenance profile bgp ixp + maintenance profile bgp uplink-neighbors +! +group bgp without-neighbors-key + vrf red +! radius-server deadtime 10 radius-server attribute 32 include-in-access-req hostname radius-server dynamic-authorization port 1700 @@ -241,6 +327,498 @@ dot1x radius av-pair dhcp vendor-class-id auth-only supplicant logging ! +interface Port-Channel3 + description MLAG_PEER_DC1-LEAF1B_Po3 + switchport trunk allowed vlan 2-4094 + switchport mode trunk + switchport trunk group LEAF_PEER_L3 + switchport trunk group MLAG + switchport + no snmp trap link-change + shape rate 200000 kbps +! +interface Port-Channel5 + description DC1_L2LEAF1_Po1 + bgp session tracker ST2 + switchport trunk allowed vlan 110,201 + switchport mode trunk + switchport + ip verify unicast source reachable-via rx + ip igmp host-proxy + ip igmp host-proxy 239.0.0.1 + ip igmp host-proxy 239.0.0.2 exclude 10.0.2.1 + ip igmp host-proxy 239.0.0.3 include 10.0.3.1 + ip igmp host-proxy 239.0.0.4 include 10.0.4.3 + ip igmp host-proxy 239.0.0.4 include 10.0.4.4 + ip igmp host-proxy 239.0.0.4 exclude 10.0.4.1 + ip igmp host-proxy 239.0.0.4 exclude 10.0.4.2 + ip igmp host-proxy access-list ACL1 + ip igmp host-proxy access-list ACL2 + ip igmp host-proxy report-interval 2 + ip igmp host-proxy version 2 + l2 mtu 8000 + l2 mru 8000 + mlag 5 + storm-control broadcast level 1 + storm-control multicast level 1 + storm-control unknown-unicast level 1 + link tracking group EVPN_MH_ES1 downstream + link tracking group EVPN_MH_ES3 downstream + link tracking group EVPN_MH_ES4 downstream + comment + Comment created from eos_cli under port_channel_interfaces.Port-Channel5 + EOF + +! +interface Port-Channel8 + description to Dev02 Port-channel 8 + no switchport + switchport port-security violation protect +! +interface Port-Channel8.101 + description to Dev02 Port-Channel8.101 - VRF-C1 + encapsulation dot1q vlan 101 + ip address 10.1.2.3/31 +! +interface Port-Channel9 + no switchport + ip address 10.9.2.3/31 + bfd interval 500 min-rx 500 multiplier 5 + bfd echo + bfd neighbor 10.1.2.4 + bfd per-link rfc-7130 + spanning-tree guard root +! +interface Port-Channel10 + description SRV01_bond0 + switchport trunk allowed vlan 2-3000 + switchport mode trunk + switchport + ! + evpn ethernet-segment + identifier 0000:0000:0404:0404:0303 + route-target import 04:04:03:03:02:02 + shape rate 50 percent +! +interface Port-Channel12 + description interface_in_mode_access_with_voice + switchport trunk native vlan 100 + switchport phone vlan 70 + switchport phone trunk untagged + switchport mode trunk phone + switchport +! +interface Port-Channel13 + description EVPN-Vxlan single-active redundancy + switchport + ! + evpn ethernet-segment + identifier 0000:0000:0000:0102:0304 + redundancy single-active + designated-forwarder election algorithm preference 100 dont-preempt + designated-forwarder election hold-time 10 + designated-forwarder election candidate reachability required + route-target import 00:00:01:02:03:04 +! +interface Port-Channel14 + description EVPN-MPLS multihoming + switchport + ! + evpn ethernet-segment + identifier 0000:0000:0000:0102:0305 + mpls tunnel flood filter time 100 + mpls shared index 100 + route-target import 00:00:01:02:03:05 +! +interface Port-Channel15 + description DC1_L2LEAF3_Po1 + switchport trunk allowed vlan 110,201 + switchport mode trunk + switchport + mlag 15 + spanning-tree guard loop + link tracking group EVPN_MH_ES2 upstream +! +interface Port-Channel16 + description DC1_L2LEAF4_Po1 + switchport trunk native vlan 10 + switchport dot1q vlan tag disallowed + switchport trunk allowed vlan 110,201 + switchport mode trunk + switchport + switchport vlan translation out 23 dot1q-tunnel 22 + snmp trap link-change + mlag 16 + switchport port-security violation protect log + switchport port-security mac-address maximum 100 + spanning-tree guard none + switchport backup-link Port-Channel100.102 prefer vlan 20 +! +interface Port-Channel17 + description PBR Description + no switchport + ip address 192.0.2.3/31 + service-policy type pbr input MyPolicy +! +interface Port-Channel20 + description Po_in_mode_access_accepting_tagged_LACP_frames + switchport access vlan 200 + switchport mode access + switchport + l2-protocol encapsulation dot1q vlan 200 +! +interface Port-Channel50 + description SRV-POD03_PortChanne1 + switchport trunk allowed vlan 1-4000 + switchport mode trunk + switchport + ! + evpn ethernet-segment + identifier 0000:0000:0303:0202:0101 + route-target import 03:03:02:02:01:01 + lacp system-id 0303.0202.0101 +! +interface Port-Channel51 + description ipv6_prefix + switchport trunk allowed vlan 1-500 + switchport mode trunk + switchport + ipv6 nd prefix a1::/64 infinite infinite no-autoconfig + switchport port-security + no switchport port-security mac-address maximum disabled + switchport port-security vlan 1 mac-address maximum 3 + switchport port-security vlan 2 mac-address maximum 3 + switchport port-security vlan 3 mac-address maximum 3 + switchport port-security vlan default mac-address maximum 2 +! +interface Port-Channel99 + description MCAST + no switchport + ip address 192.0.2.10/31 + pim ipv4 sparse-mode + pim ipv4 bidirectional + pim ipv4 hello interval 15 + pim ipv4 hello count 4.5 + pim ipv4 dr-priority 200 + pim ipv4 bfd +! +interface Port-Channel100 + logging event link-status + switchport access vlan 200 + switchport trunk native vlan tag + switchport phone vlan 110 + switchport phone trunk tagged + switchport vlan translation in required + switchport dot1q vlan tag required + switchport trunk allowed vlan 10-11 + switchport mode dot1q-tunnel + switchport dot1q ethertype 1536 + switchport vlan forwarding accept all + switchport trunk group g1 + switchport trunk group g2 + no switchport + switchport source-interface tx multicast + switchport vlan translation 12 20 + switchport vlan translation 23 inner 74 42 + switchport vlan translation 24 inner 78 network 46 + switchport vlan translation 43 dot1q-tunnel 30 + switchport vlan translation in 34 23 + switchport vlan translation in 37 inner 56 49 + switchport vlan translation in 23 dot1q-tunnel 45 + switchport vlan translation out 34 50 + switchport vlan translation out 10 45 inner 34 + switchport vlan translation out 45 dot1q-tunnel all + switchport trunk private-vlan secondary + switchport pvlan mapping 20-30 + switchport port-security + switchport port-security mac-address maximum disabled + switchport backup-link Port-channel51 + switchport backup preemption-delay 35 + switchport backup mac-move-burst 20 + switchport backup mac-move-burst-interval 30 + switchport backup initial-mac-move-delay 10 + switchport backup dest-macaddr 01:00:00:00:00:00 +! +interface Port-Channel100.101 + description IFL for TENANT01 + mtu 1500 + logging event link-status + encapsulation dot1q vlan 101 + ip address 10.1.1.3/31 +! +interface Port-Channel100.102 + description IFL for TENANT02 + mtu 1500 + no logging event link-status + encapsulation dot1q vlan 102 inner 110 + vrf C2 + ip address 10.1.2.3/31 + logging event storm-control discards +! +interface Port-Channel101 + description PVLAN Promiscuous Access - only one secondary + switchport access vlan 110 + switchport mode access + switchport + switchport pvlan mapping 111 + no qos trust +! +interface Port-Channel102 + description PVLAN Promiscuous Trunk - vlan translation out + switchport vlan translation out required + switchport trunk allowed vlan 110-112 + switchport mode trunk + switchport + switchport vlan translation out 111-112 110 +! +interface Port-Channel103 + description PVLAN Secondary Trunk + switchport trunk allowed vlan 110-112 + switchport mode trunk + switchport + switchport trunk private-vlan secondary +! +interface Port-Channel104 + description LACP fallback individual + switchport trunk allowed vlan 112 + switchport mode trunk + switchport + port-channel lacp fallback individual + port-channel lacp fallback timeout 300 +! +interface Port-Channel105 + description bpdu disabled + switchport + spanning-tree bpduguard disable + spanning-tree bpdufilter disable +! +interface Port-Channel106 + description bpdu enabled + switchport + spanning-tree bpduguard enable + spanning-tree bpdufilter enable +! +interface Port-Channel107 + description bpdu true + switchport + spanning-tree bpduguard enable + spanning-tree bpdufilter enable +! +interface Port-Channel108 + description bpdu false + switchport +! +interface Port-Channel109 + description Molecule ACLs + switchport access vlan 110 + switchport mode access + switchport + ip access-group IPV4_ACL_IN in + ip access-group IPV4_ACL_OUT out + ipv6 access-group IPV6_ACL_IN in + ipv6 access-group IPV6_ACL_OUT out + mac access-group MAC_ACL_IN in + mac access-group MAC_ACL_OUT out +! +interface Port-Channel110 + description isis_interface_knobs + no switchport + isis enable ISIS_TEST + isis bfd + isis circuit-type level-2 + isis metric 99 + isis hello padding + isis network point-to-point + isis authentication mode text + isis authentication key 7 asfddja23452 +! +interface Port-Channel111 + description Flexencap Port-Channel + no switchport +! +interface Port-Channel111.1 + description TENANT_A pseudowire 1 interface + ! + encapsulation vlan + client unmatched +! +interface Port-Channel111.100 + description TENANT_A pseudowire 2 interface + ! + encapsulation vlan + client dot1q 100 network client +! +interface Port-Channel111.200 + description TENANT_A pseudowire 3 interface + ! + encapsulation vlan + client dot1q 200 +! +interface Port-Channel111.300 + description TENANT_A pseudowire 4 interface + ! + encapsulation vlan + client dot1q 300 network dot1q 400 +! +interface Port-Channel111.400 + description TENANT_A pseudowire 3 interface + ! + encapsulation vlan + client dot1q outer 400 inner 20 network dot1q outer 401 inner 21 +! +interface Port-Channel111.1000 + description L2 Subinterface + vlan id 1000 + ! + encapsulation vlan + client dot1q 100 network client + ! + evpn ethernet-segment + identifier 0000:0000:0303:0202:0101 + route-target import 03:03:02:02:01:01 + lacp system-id 0303.0202.0101 +! +interface Port-Channel112 + description LACP fallback individual + switchport trunk allowed vlan 112 + switchport mode trunk + switchport + port-channel lacp fallback individual + port-channel lacp fallback timeout 5 +! +interface Port-Channel113 + description interface_with_mpls_enabled + no switchport + ip address 172.31.128.9/31 + mpls ldp igp sync + mpls ldp interface + mpls ip +! +interface Port-Channel114 + description interface_with_mpls_disabled + no switchport + ip address 172.31.128.10/31 + no mpls ldp interface + no mpls ip +! +interface Port-Channel115 + description native-vlan-tag-precedence + switchport trunk native vlan tag + switchport mode trunk + switchport +! +interface Port-Channel117 + description interface_with_sflow_ingress_egress_enabled + no switchport + sflow enable + sflow egress enable +! +interface Port-Channel118 + description interface_with_sflow_ingress_egress_unmodified_enabled + no switchport + sflow enable + sflow egress unmodified enable +! +interface Port-Channel119 + description interface_with_sflow_ingress_egress_disabled + no switchport + no sflow enable + no sflow egress enable +! +interface Port-Channel120 + description interface_with_sflow_ingress_egress_unmodified_disabled + no switchport + no sflow enable + no sflow egress unmodified enable +! +interface Port-Channel121 + description access_port_with_no_vlans + switchport mode access + switchport +! +interface Port-Channel122 + description trunk_port_with_no_vlans + switchport mode trunk + switchport +! +interface Port-Channel130 + description IP NAT Testing + switchport + ip nat destination static 1.0.0.1 2.0.0.1 + ip nat source static 3.0.0.1 4.0.0.1 + ip nat destination dynamic access-list ACL1 pool POOL1 + ip nat source dynamic access-list ACL2 pool POOL2 +! +interface Port-Channel131 + description dot1q-tunnel mode + switchport access vlan 115 + switchport mode dot1q-tunnel + switchport +! +interface Port-Channel131.1 + description Test_encapsulation_vlan1 + ! + encapsulation vlan + client dot1q outer 23 inner dot1q 45 network dot1ad outer 32 inner dot1ad 54 +! +interface Port-Channel131.2 + description Test_encapsulation_vlan2 + ! + encapsulation vlan + client dot1q 10 network dot1q outer 32 inner 54 +! +interface Port-Channel131.3 + description Test_encapsulation_vlan3 + ! + encapsulation vlan + client dot1ad 12 network dot1q 25 +! +interface Port-Channel131.4 + description Test_encapsulation_vlan4 + ! + encapsulation vlan + client dot1ad outer 35 inner dot1q 60 network dot1q outer 53 inner dot1ad 6 +! +interface Port-Channel131.5 + description Test_encapsulation_vlan5 + ! + encapsulation vlan + client dot1ad outer 35 inner 60 network dot1ad outer 52 inner 62 +! +interface Port-Channel131.6 + description Test_encapsulation_vlan6 + ! + encapsulation vlan + client dot1ad outer 35 inner 60 network client +! +interface Port-Channel131.7 + description Test_encapsulation_vlan7 + ! + encapsulation vlan + client untagged network dot1ad outer 35 inner 60 +! +interface Port-Channel131.8 + description Test_encapsulation_vlan8 + ! + encapsulation vlan + client untagged network dot1q outer 35 inner 60 +! +interface Port-Channel131.9 + description Test_encapsulation_vlan9 + ! + encapsulation vlan + client untagged network untagged +! +interface Port-Channel131.10 + description Test_encapsulation_vlan9 + ! + encapsulation vlan + client dot1q outer 14 inner 11 network client inner +! +interface Port-Channel132 + profile test-interface-profile + description Test_port-channel_interface-profile +! interface Dps1 description Test DPS Interface shutdown @@ -251,11 +829,1237 @@ interface Dps1 tcp mss ceiling ipv4 666 ipv6 666 ingress load-interval 42 ! +interface Ethernet1 + description P2P_LINK_TO_DC1-SPINE1_Ethernet1 + mtu 1500 + bgp session tracker ST1 + l2 mtu 8000 + l2 mru 8000 + speed forced 100gfull + switchport access vlan 200 + switchport trunk native vlan tag + switchport phone vlan 110 + switchport phone trunk tagged + switchport vlan translation in required + switchport dot1q vlan tag required + switchport trunk allowed vlan 110-111,210-211 + switchport mode dot1q-tunnel + switchport dot1q ethertype 1536 + switchport vlan forwarding accept all + switchport trunk group g1 + switchport trunk group g2 + no switchport + switchport source-interface tx + switchport vlan translation 12 20 + switchport vlan translation 24 inner 78 network 46 + switchport vlan translation 24 inner 78 46 + switchport vlan translation 43 dot1q-tunnel 30 + switchport vlan translation in 10 24 + switchport vlan translation in 37 inner 56 49 + switchport vlan translation in 23 dot1q-tunnel 45 + switchport vlan translation out 34 50 + switchport vlan translation out 10 45 inner 34 + switchport vlan translation out 45 dot1q-tunnel all + switchport trunk private-vlan secondary + switchport pvlan mapping 20-30 + ip address 172.31.255.1/31 + ip verify unicast source reachable-via rx + bfd interval 500 min-rx 500 multiplier 5 + bfd echo + ip igmp host-proxy + ip igmp host-proxy 239.0.0.1 + ip igmp host-proxy 239.0.0.2 exclude 10.0.2.1 + ip igmp host-proxy 239.0.0.3 include 10.0.3.1 + ip igmp host-proxy 239.0.0.4 include 10.0.4.3 + ip igmp host-proxy 239.0.0.4 include 10.0.4.4 + ip igmp host-proxy 239.0.0.4 exclude 10.0.4.1 + ip igmp host-proxy 239.0.0.4 exclude 10.0.4.2 + ip igmp host-proxy access-list ACL1 + ip igmp host-proxy access-list ACL2 + ip igmp host-proxy report-interval 2 + ip igmp host-proxy version 2 + tcp mss ceiling ipv4 70 ipv6 75 egress + switchport port-security + switchport port-security mac-address maximum disabled + priority-flow-control on + priority-flow-control priority 5 drop + switchport backup-link Ethernet5 prefer vlan 10 + switchport backup preemption-delay 35 + switchport backup mac-move-burst 20 + switchport backup mac-move-burst-interval 30 + switchport backup initial-mac-move-delay 10 + switchport backup dest-macaddr 01:00:00:00:00:00 + link tracking group EVPN_MH_ES1 upstream + link tracking group EVPN_MH_ES3 upstream + link tracking group EVPN_MH_ES4 upstream + comment + Comment created from eos_cli under ethernet_interfaces.Ethernet1 + EOF + +! +interface Ethernet2 + description SRV-POD02_Eth1 + switchport dot1q vlan tag disallowed + switchport trunk allowed vlan 110-111,210-211 + switchport mode trunk + switchport + ip address 10.1.255.3/24 + ip address 1.1.1.3/24 secondary + ip address 1.1.1.4/24 secondary + ip address 10.0.0.254/24 secondary + ip address 192.168.1.1/24 secondary + tcp mss ceiling ipv4 70 ingress + multicast ipv4 boundary ACL_MULTICAST + multicast ipv6 boundary ACL_V6_MULTICAST out + multicast ipv4 static + switchport port-security violation protect log + switchport port-security mac-address maximum 100 + priority-flow-control on + priority-flow-control priority 5 no-drop + storm-control broadcast level pps 500 + storm-control unknown-unicast level 1 + storm-control all level 10 + spanning-tree bpduguard disable + spanning-tree bpdufilter disable +! +interface Ethernet3 + description P2P_LINK_TO_DC1-SPINE2_Ethernet2 + mtu 1500 + switchport trunk native vlan 5 + switchport mode trunk + no switchport + switchport vlan translation out 23 dot1q-tunnel 50 + no snmp trap link-change + ip address 172.31.128.1/31 + ipv6 enable + ipv6 address 2002:ABDC::1/64 + ipv6 nd prefix 2345:ABCD:3FE0::1/96 infinite 50 no-autoconfig + ipv6 nd prefix 2345:ABCD:3FE0::2/96 50 infinite + ipv6 nd prefix 2345:ABCD:3FE0::3/96 100000 no-autoconfig + tcp mss ceiling ipv6 65 + switchport port-security + no switchport port-security mac-address maximum disabled + switchport port-security vlan 1 mac-address maximum 3 + switchport port-security vlan 2 mac-address maximum 3 + switchport port-security vlan 2 mac-address maximum 4 + switchport port-security vlan 3 mac-address maximum 3 + switchport port-security vlan 22 mac-address maximum 4 + switchport port-security vlan 41 mac-address maximum 4 + switchport port-security vlan default mac-address maximum 2 + no priority-flow-control + spanning-tree guard root + switchport backup-link Ethernet4 + link tracking group EVPN_MH_ES2 downstream +! +interface Ethernet4 + description Molecule IPv6 + shutdown + mtu 9100 + no switchport + snmp trap link-change + ipv6 enable + ipv6 address 2020::2020/64 + ipv6 address FE80:FEA::AB65/64 link-local + ipv6 nd ra disabled + ipv6 nd managed-config-flag + tcp mss ceiling ipv4 65 + ipv6 access-group IPv6_ACL_IN in + ipv6 access-group IPv6_ACL_OUT out + multicast ipv4 boundary 224.0.1.0/24 out + multicast ipv4 boundary 224.0.2.0/24 + multicast ipv6 boundary ff00::/16 out + multicast ipv6 boundary ff01::/16 out + multicast ipv4 static + switchport port-security violation protect + priority-flow-control on + spanning-tree guard none +! +interface Ethernet5 + description Molecule Routing + no shutdown + mtu 9100 + switchport access vlan 220 + no switchport + ip ospf cost 99 + ip ospf network point-to-point + ip ospf authentication message-digest + ip ospf authentication-key 7 asfddja23452 + ip ospf area 100 + ip ospf message-digest-key 1 sha512 7 asfddja23452 + pim ipv4 sparse-mode + pim ipv4 bidirectional + pim ipv4 border-router + pim ipv4 hello interval 10 + pim ipv4 hello count 2.5 + pim ipv4 dr-priority 200 + pim ipv4 bfd + isis enable ISIS_TEST + isis bfd + isis circuit-type level-2 + isis metric 99 + no isis hello padding + isis network point-to-point + isis authentication mode md5 + isis authentication key 7 asfddja23452 + spanning-tree guard loop +! +interface Ethernet6 + description SRV-POD02_Eth1 + logging event link-status + logging event congestion-drops + switchport trunk allowed vlan 110-111,210-211 + switchport mode trunk + switchport + logging event storm-control discards + spanning-tree bpduguard enable + spanning-tree bpdufilter enable + logging event spanning-tree +! +interface Ethernet7 + description Molecule L2 + no shutdown + mtu 7000 + switchport + ptp enable + ptp announce interval 10 + ptp announce timeout 30 + ptp delay-mechanism p2p + ptp delay-req interval 20 + ptp role master + ptp sync-message interval 5 + ptp transport layer2 + ptp vlan all + service-profile QoS + qos trust cos + qos cos 5 + storm-control broadcast level pps 10 + storm-control multicast level 50 + storm-control unknown-unicast level 10 + storm-control all level 75 + spanning-tree portfast + spanning-tree bpduguard enable + spanning-tree bpdufilter enable + vmtracer vmware-esx + transceiver media override 100gbase-ar4 +! +interface Ethernet8 + description to WAN-ISP1-01 Ethernet2 + no switchport + no lldp transmit + no lldp receive +! +interface Ethernet8.101 + description to WAN-ISP-01 Ethernet2.101 - VRF-C1 + encapsulation dot1q vlan 101 + ip address 172.31.128.1/31 + ipv6 enable + ipv6 address 2002:ABDC::1/64 +! +interface Ethernet9 + description interface_with_mpls_enabled + no switchport + ip address 172.31.128.9/31 + mpls ldp interface + multicast ipv4 boundary ACL_MULTICAST out + multicast ipv6 static + mpls ip +! +interface Ethernet10 + description interface_with_mpls_disabled + no switchport + ip address 172.31.128.10/31 + no mpls ldp interface + no mpls ip +! +interface Ethernet11 + description interface_in_mode_access_accepting_tagged_LACP + switchport access vlan 200 + switchport mode access + switchport + l2-protocol encapsulation dot1q vlan 200 +! +interface Ethernet12 + description interface_with_dot1q_tunnel + switchport access vlan 300 + switchport mode dot1q-tunnel + switchport +! +interface Ethernet13 + description interface_in_mode_access_with_voice + no logging event link-status + no logging event congestion-drops + switchport trunk native vlan 100 + switchport phone vlan 70 + switchport phone trunk untagged + switchport mode trunk phone + switchport + no logging event storm-control discards + no logging event spanning-tree +! +interface Ethernet14 + description SRV-POD02_Eth1 + logging event link-status + switchport trunk allowed vlan 110-111,210-211 + switchport mode trunk + switchport +! +interface Ethernet15 + description PVLAN Promiscuous Access - only one secondary + switchport access vlan 110 + switchport mode access + switchport + switchport pvlan mapping 111 +! +interface Ethernet16 + description PVLAN Promiscuous Trunk - vlan translation out + switchport vlan translation out required + switchport trunk allowed vlan 110-112 + switchport mode trunk + switchport + switchport vlan translation out 111-112 110 +! +interface Ethernet17 + description PVLAN Secondary Trunk + switchport trunk allowed vlan 110-112 + switchport mode trunk + switchport + switchport trunk private-vlan secondary +! +interface Ethernet18 + description PBR Description + mtu 1500 + no switchport + ip address 192.0.2.1/31 + service-policy type pbr input MyLANServicePolicy +! +interface Ethernet19 + description Switched port with no LLDP rx/tx + switchport access vlan 110 + switchport mode access + switchport + no lldp transmit + no lldp receive + lldp tlv transmit ztp vlan 666 +! +interface Ethernet20 + description Port patched through patch-panel to pseudowire + no switchport + no lldp transmit + no lldp receive +! +interface Ethernet21 + description 200MBit/s shape + switchport + no qos trust + shape rate 200000 kbps +! +interface Ethernet22 + description 10% shape + switchport + shape rate 10 percent +! +interface Ethernet23 + description Error-correction encoding + error-correction encoding fire-code + error-correction encoding reed-solomon + switchport +! +interface Ethernet24 + description Disable error-correction encoding + no error-correction encoding + switchport +! +interface Ethernet25 + description Molecule MAC + switchport + mac access-group MAC_ACL_IN in + mac access-group MAC_ACL_OUT out +! +interface Ethernet26 + no switchport +! +interface Ethernet26.1 + description TENANT_A pseudowire 1 interface + encapsulation vlan + client unmatched +! +interface Ethernet26.100 + description TENANT_A pseudowire 1 interface + vlan id 10 + encapsulation vlan + client dot1q 100 network client +! +interface Ethernet26.200 + description TENANT_A pseudowire 2 interface + encapsulation vlan + client dot1q 200 +! +interface Ethernet26.300 + description TENANT_A pseudowire 3 interface + encapsulation vlan + client dot1q 300 network dot1q 400 +! +interface Ethernet26.400 + description TENANT_A pseudowire 3 interface + encapsulation vlan + client dot1q outer 400 inner 20 network dot1q outer 401 inner 21 +! +interface Ethernet26.500 + description TENANT_A pseudowire 3 interface + encapsulation vlan + client dot1q outer 500 inner 50 network client +! +interface Ethernet27 + description EVPN-Vxlan single-active redundancy + switchport + ! + evpn ethernet-segment + identifier 0000:0000:0000:0102:0304 + redundancy single-active + designated-forwarder election algorithm preference 100 dont-preempt + designated-forwarder election hold-time 10 + designated-forwarder election candidate reachability required + route-target import 00:00:01:02:03:04 +! +interface Ethernet28 + description EVPN-MPLS multihoming + switchport + ! + evpn ethernet-segment + identifier 0000:0000:0000:0102:0305 + mpls tunnel flood filter time 100 + mpls shared index 100 + route-target import 00:00:01:02:03:05 +! +interface Ethernet29 + description DOT1X Testing - auto phone true + switchport + dot1x port-control auto + dot1x port-control force-authorized phone +! +interface Ethernet30 + description DOT1X Testing - force-authorized phone false + switchport + dot1x port-control force-authorized + no dot1x port-control force-authorized phone +! +interface Ethernet31 + description DOT1X Testing - force-unauthorized - no phone + switchport + dot1x port-control force-unauthorized +! +interface Ethernet32 + description DOT1X Testing - auto reauthentication + switchport + dot1x reauthentication + dot1x port-control auto +! +interface Ethernet33 + description DOT1X Testing - pae mode authenticator + switchport + dot1x pae authenticator +! +interface Ethernet34 + description DOT1X Testing - authentication_failure allow + switchport + dot1x authentication failure action traffic allow vlan 800 +! +interface Ethernet35 + description DOT1X Testing - authentication_failure drop + switchport + dot1x authentication failure action traffic drop +! +interface Ethernet36 + description DOT1X Testing - host-mode single-host + switchport + dot1x host-mode single-host +! +interface Ethernet37 + description DOT1X Testing - host-mode multi-host + switchport + dot1x host-mode multi-host +! +interface Ethernet38 + description DOT1X Testing - host-mode multi-host authenticated + switchport + dot1x host-mode multi-host authenticated +! +interface Ethernet39 + description DOT1X Testing - mac_based_authentication host-mode common true + switchport + dot1x mac based authentication host-mode common +! +interface Ethernet40 + description DOT1X Testing - mac_based_authentication always + switchport + dot1x mac based authentication always +! +interface Ethernet41 + description DOT1X Testing - mac_based_authentication always and host-mode common + switchport + dot1x mac based authentication host-mode common + dot1x mac based authentication always +! +interface Ethernet42 + description DOT1X Testing - mac_based_authentication + switchport + dot1x mac based authentication +! +interface Ethernet43 + description DOT1X Testing - timeout values + switchport + dot1x timeout quiet-period 10 + dot1x timeout reauth-timeout-ignore always + dot1x timeout tx-period 6 + dot1x timeout reauth-period server + dot1x timeout idle-host 15 seconds +! +interface Ethernet44 + description DOT1X Testing - reauthorization_request_limit + switchport + dot1x eapol disabled + dot1x reauthorization request limit 3 +! +interface Ethernet45 + description DOT1X Testing - all features + switchport + dot1x pae authenticator + dot1x authentication failure action traffic allow vlan 800 + dot1x reauthentication + dot1x port-control auto + dot1x host-mode multi-host authenticated + dot1x mac based authentication + dot1x timeout quiet-period 10 + dot1x timeout reauth-timeout-ignore always + dot1x timeout tx-period 10 + dot1x timeout reauth-period server + dot1x timeout idle-host 10 seconds + dot1x reauthorization request limit 2 + dot1x unauthorized access vlan membership egress + dot1x unauthorized native vlan membership egress + dot1x eapol authentication failure fallback mba timeout 600 +! +interface Ethernet46 + description native-vlan-tag-precedence + switchport trunk native vlan tag + switchport mode trunk + switchport +! +interface Ethernet47 + description IP Helper + no switchport + ip address 172.31.255.1/31 + ip helper-address 10.10.64.151 + ip helper-address 10.10.96.101 source-interface Loopback0 + ip helper-address 10.10.96.150 vrf MGMT source-interface Loopback0 + ip helper-address 10.10.96.151 vrf MGMT +! +interface Ethernet48 + description Load Interval + load-interval 5 + switchport +! +interface Ethernet50 + description SFlow Interface Testing - SFlow ingress enabled + switchport + sflow enable +! +interface Ethernet51 + description SFlow Interface Testing - SFlow egress enabled + switchport + sflow egress enable +! +interface Ethernet52 + description SFlow Interface Testing - SFlow ingress and egress unmodified enabled + switchport + sflow enable + sflow egress unmodified enable +! +interface Ethernet53 + description SFlow Interface Testing - SFlow ingress and egress disabled + switchport + no sflow enable + no sflow egress enable +! +interface Ethernet54 + description SFlow Interface Testing - SFlow ingress and egress unmodified disabled + switchport + no sflow enable + no sflow egress unmodified enable +! +interface Ethernet55 + description DHCPv6 Relay Testing + no shutdown + no switchport + ipv6 dhcp relay destination a0::2 link-address a0::3 + ipv6 dhcp relay destination a0::4 vrf TEST local-interface Loopback55 link-address a0::5 + ipv6 address a0::1/64 +! +interface Ethernet56 + description Interface with poe commands and limit in class + switchport + poe priority low + poe reboot action power-off + poe link down action power-off 10 seconds + poe shutdown action maintain + poe limit 30.00 watts + poe negotiation lldp disabled +! +interface Ethernet57 + description Interface with poe commands and limit in watts + switchport + poe priority critical + poe reboot action maintain + poe link down action maintain + poe shutdown action power-off + poe limit 45.00 watts fixed + poe legacy detect +! +interface Ethernet58 + description Interface with poe disabled and no other poe keys + switchport + poe disabled +! +interface Ethernet60 + description IP NAT Testing + switchport + ip nat destination static 1.0.0.1 2.0.0.1 + ip nat destination static 1.0.0.2 22 2.0.0.2 + ip nat destination static 1.0.0.3 22 2.0.0.3 23 + ip nat destination static 1.0.0.4 22 2.0.0.4 23 protocol udp + ip nat destination static 1.0.0.7 access-list ACL21 2.0.0.7 + ip nat source static 3.0.0.1 4.0.0.1 + ip nat source static 3.0.0.2 22 4.0.0.2 + ip nat source static 3.0.0.3 22 4.0.0.3 23 + ip nat source static 3.0.0.4 22 4.0.0.4 23 protocol udp + ip nat source static 3.0.0.7 access-list ACL21 4.0.0.7 + ip nat source ingress static 3.0.0.8 4.0.0.8 + ip nat destination egress static 239.0.0.1 239.0.0.2 + ip nat source static 3.0.0.5 22 4.0.0.5 23 protocol tcp group 1 + ip nat destination static 1.0.0.5 22 2.0.0.5 23 protocol tcp group 1 + ip nat source static 3.0.0.6 22 4.0.0.6 23 protocol tcp group 2 comment Comment Test + ip nat destination static 1.0.0.6 22 2.0.0.6 23 protocol tcp group 2 comment Comment Test + ip nat destination dynamic access-list ACL1 pool POOL1 + ip nat source dynamic access-list ACL11 pool POOL11 + ip nat source dynamic access-list ACL12 pool POOL11 comment POOL11 shared with ACL11/12 + ip nat source dynamic access-list ACL13 pool POOL13 priority 10 + ip nat source dynamic access-list ACL14 pool POOL14 priority 1 comment Priority low end + ip nat source dynamic access-list ACL15 pool POOL15 priority 4294967295 comment Priority high end + ip nat source dynamic access-list ACL16 pool POOL16 comment Priority default + ip nat source dynamic access-list ACL17 overload priority 10 comment Priority_10 + ip nat source dynamic access-list ACL18 pool POOL18 address-only priority 10 comment Priority_10 + ip nat source dynamic access-list ACL19 pool POOL19 full-cone priority 10 comment Priority_10 + ip nat destination dynamic access-list ACL2 pool POOL1 comment POOL1 shared with ACL1/2 + ip nat destination dynamic access-list ACL3 pool POOL3 priority 10 + ip nat destination dynamic access-list ACL4 pool POOL4 priority 1 comment Priority low end + ip nat destination dynamic access-list ACL5 pool POOL5 priority 4294967295 comment Priority high end + ip nat destination dynamic access-list ACL6 pool POOL6 comment Priority default +! +interface Ethernet61 + description interface_in_mode_access_with_voice + no logging event link-status + no logging event congestion-drops + switchport trunk native vlan 100 + switchport phone vlan 70 + switchport phone trunk untagged phone + switchport mode trunk phone + switchport + no logging event storm-control discards + no logging event spanning-tree +! +interface Ethernet62 + description interface_in_mode_access_with_voice + no logging event link-status + no logging event congestion-drops + switchport trunk native vlan 100 + switchport phone vlan 70 + switchport phone trunk tagged phone + switchport mode trunk phone + switchport + no logging event storm-control discards + no logging event spanning-tree +! +interface Ethernet63 + description DHCP client interface + no switchport + ip address dhcp + dhcp client accept default-route +! +interface Ethernet64 + description DHCP server interface + no switchport + mac timestamp replace-fcs + ip address 192.168.42.42/24 + dhcp server ipv4 + dhcp server ipv6 +! +interface Ethernet65 + description Multiple VRIDs + no shutdown + no switchport + mac timestamp header + ip address 192.0.2.2/25 + ipv6 enable + ipv6 address 2001:db8::2/64 + ipv6 address fe80::2/64 link-local + vrrp 1 priority-level 105 + vrrp 1 advertisement interval 2 + vrrp 1 preempt delay minimum 30 reload 800 + vrrp 1 ipv4 192.0.2.1 + vrrp 2 ipv6 2001:db8::1 +! +interface Ethernet66 + description Multiple VRIDs and tracking + no shutdown + no switchport + ip address 192.0.2.2/25 + ipv6 enable + ipv6 address 2001:db8::2/64 + ipv6 address fe80::2/64 link-local + vrrp 1 priority-level 105 + vrrp 1 advertisement interval 2 + vrrp 1 preempt delay minimum 30 reload 800 + vrrp 1 ipv4 192.0.2.1 + vrrp 1 tracked-object ID1TrackedObjectDecrement decrement 5 + vrrp 1 tracked-object ID1TrackedObjectShutdown shutdown + vrrp 2 ipv6 2001:db8::1 + vrrp 2 tracked-object ID2TrackedObjectDecrement decrement 10 + vrrp 2 tracked-object ID2TrackedObjectShutdown shutdown + no vrrp 3 preempt + vrrp 3 timers delay reload 900 + vrrp 3 ipv4 100.64.0.1 + vrrp 3 ipv4 version 3 +! +interface Ethernet67 + description Custom_Transceiver_Frequency + no shutdown + switchport + mac timestamp before-fcs + transceiver frequency 190050.000 +! +interface Ethernet67.1 + description Test_encapsulation_dot1q + encapsulation dot1q vlan 4 inner 34 +! +interface Ethernet68 + description Custom_Transceiver_Frequency + no shutdown + switchport + transceiver media override 100gbase-ar4 + transceiver frequency 190080.000 ghz +! +interface Ethernet68.1 + description Test_encapsulation_vlan1 + encapsulation vlan + client dot1q outer 23 inner dot1q 45 network dot1ad outer 32 inner dot1ad 54 +! +interface Ethernet68.2 + description Test_encapsulation_vlan2 + encapsulation vlan + client dot1q 10 network dot1q outer 32 inner 54 +! +interface Ethernet68.3 + description Test_encapsulation_vlan3 + encapsulation vlan + client dot1ad 12 network dot1q 25 +! +interface Ethernet68.4 + description Test_encapsulation_vlan4 + encapsulation vlan + client dot1ad outer 35 inner dot1q 60 network dot1q outer 53 inner dot1ad 6 +! +interface Ethernet68.5 + description Test_encapsulation_vlan5 + encapsulation vlan + client dot1ad outer 35 inner 60 network dot1ad outer 52 inner 62 +! +interface Ethernet68.6 + description Test_encapsulation_vlan6 + encapsulation vlan + client dot1ad outer 35 inner 60 network client +! +interface Ethernet68.7 + description Test_encapsulation_vlan7 + encapsulation vlan + client untagged network dot1ad outer 35 inner 60 +! +interface Ethernet68.8 + description Test_encapsulation_vlan8 + encapsulation vlan + client untagged network dot1q outer 35 inner 60 +! +interface Ethernet68.9 + description Test_encapsulation_vlan9 + encapsulation vlan + client untagged network untagged +! +interface Ethernet68.10 + description Test_encapsulation_vlan9 + encapsulation vlan + client dot1q outer 14 inner 11 network client inner +! +interface Ethernet69 + description IP NAT service-profile + switchport + ip nat service-profile TEST-NAT-PROFILE +! +interface Ethernet70 + description dot1x_aaa_unresponsive + no shutdown + dot1x aaa unresponsive phone action apply cached-results timeout 10 hours else traffic allow + dot1x aaa unresponsive action traffic allow vlan 10 access-list acl1 + dot1x aaa unresponsive eap response success + dot1x mac based access-list +! +interface Ethernet71 + description dot1x_aaa_unresponsive1 + no shutdown + dot1x aaa unresponsive phone action apply cached-results timeout 10 hours + dot1x aaa unresponsive action traffic allow vlan 10 access-list acl1 + dot1x aaa unresponsive eap response success + dot1x mac based access-list +! +interface Ethernet72 + description dot1x_aaa_unresponsive2 + no shutdown + dot1x aaa unresponsive action traffic allow vlan 10 access-list acl1 + dot1x aaa unresponsive eap response success + dot1x mac based access-list +! +interface Ethernet73 + description DC1-AGG01_Ethernet1 + channel-group 5 mode active + transceiver media override 100gbase-ar4 +! +interface Ethernet74 + description MLAG_PEER_DC1-LEAF1B_Ethernet3 + channel-group 3 mode active +! +interface Ethernet75 + description MLAG_PEER_DC1-LEAF1B_Ethernet4 + channel-group 3 mode active +! +interface Ethernet76 + description SRV-POD03_Eth1 + channel-group 5 mode active + no lldp transmit + no lldp receive +! +interface Ethernet77 + description MLAG_PEER_DC1-LEAF1B_Ethernet8 + channel-group 8 mode active +! +interface Ethernet78 + description DC1-AGG03_Ethernet1 + channel-group 15 mode active + lacp timer fast + lacp timer multiplier 30 +! +interface Ethernet79 + description DC1-AGG04_Ethernet1 + channel-group 16 mode active + lacp timer normal +! +interface Ethernet80 + description LAG Member + channel-group 17 mode active +! +interface Ethernet80/1 + description LAG Member + channel-group 101 mode active +! +interface Ethernet80/2 + description LAG Member + channel-group 102 mode active +! +interface Ethernet80/3 + description LAG Member + channel-group 103 mode active +! +interface Ethernet80/4 + description LAG Member LACP fallback + switchport trunk allowed vlan 100 + switchport mode trunk + switchport + channel-group 104 mode active + spanning-tree portfast +! +interface Ethernet81 + description LAG Member + channel-group 109 mode active +! +interface Ethernet81/1 + description LAG Member with error_correction + error-correction encoding fire-code + error-correction encoding reed-solomon + channel-group 111 mode active +! +interface Ethernet81/2 + description LAG Member LACP fallback LLDP ZTP VLAN + switchport trunk allowed vlan 112 + switchport mode trunk + switchport + channel-group 112 mode active + lldp tlv transmit ztp vlan 112 + spanning-tree portfast +! +interface Ethernet81/10 + description isis_port_channel_member + channel-group 110 mode active +! interface Management1 description OOB_MANAGEMENT vrf MGMT ip address 10.73.255.122/24 ! +interface Vlan24 + description SVI Description + no shutdown + ipv6 address 1b11:3a00:22b0:6::15/64 + ipv6 nd managed-config-flag + ipv6 nd prefix 1b11:3a00:22b0:6::/64 infinite infinite no-autoconfig + ip address virtual 10.10.24.1/24 + ipv6 virtual-router address 1b11:3a00:22b0:6::1 +! +interface Vlan25 + description SVI Description + no shutdown + ipv6 address 1b11:3a00:22b0:16::16/64 + ipv6 virtual-router address 1b11:3a00:22b0:16::14 + ipv6 virtual-router address 1b11:3a00:22b0:16::15 +! +interface Vlan41 + description SVI Description + no shutdown + ip helper-address 10.10.64.150 source-interface Loopback0 + ip helper-address 10.10.96.150 source-interface Loopback0 + ip helper-address 10.10.96.151 source-interface Loopback0 + ip igmp host-proxy + ip igmp host-proxy 239.0.0.1 + ip igmp host-proxy 239.0.0.2 exclude 10.0.2.1 + ip igmp host-proxy 239.0.0.3 include 10.0.3.1 + ip igmp host-proxy 239.0.0.4 include 10.0.4.3 + ip igmp host-proxy 239.0.0.4 include 10.0.4.4 + ip igmp host-proxy 239.0.0.4 exclude 10.0.4.1 + ip igmp host-proxy 239.0.0.4 exclude 10.0.4.2 + ip igmp host-proxy access-list ACL1 + ip igmp host-proxy access-list ACL2 + ip igmp host-proxy report-interval 2 + ip igmp host-proxy version 2 + ip address virtual 10.10.41.1/24 +! +interface Vlan42 + description SVI Description + no shutdown + ip helper-address 10.10.64.150 source-interface Loopback0 + ip helper-address 10.10.96.150 source-interface Loopback0 + ip helper-address 10.10.96.151 source-interface Loopback0 + isis enable EVPN_UNDERLAY + isis authentication mode sha key-id 5 level-1 + ip address virtual 10.10.42.1/24 +! +interface Vlan43 + description SVI Description + no shutdown + ipv6 dhcp relay destination a0::2 vrf TEST local-interface Loopback44 link-address a0::4 + ipv6 address a0::1/64 + isis authentication key-id 2 algorithm sha-512 key 0 password + isis authentication key-id 3 algorithm sha-512 rfc-5310 key 0 password1 + isis authentication key-id 1 algorithm sha-1 key 0 password level-1 + isis authentication key-id 4 algorithm sha-1 rfc-5310 key 0 password level-1 + isis authentication key-id 5 algorithm sha-1 key 0 password3 level-1 + isis authentication key-id 1 algorithm sha-1 key 0 password level-2 + isis authentication key-id 5 algorithm sha-1 rfc-5310 key 0 password level-2 +! +interface Vlan44 + description SVI Description + no shutdown + ipv6 dhcp relay destination a0::8 + ipv6 dhcp relay destination a0::5 vrf TEST source-address a0::6 link-address a0::7 + ipv6 address a0::4/64 +! +interface Vlan50 + description IP NAT Testing + ip nat destination static 1.0.0.1 2.0.0.1 + ip nat source static 3.0.0.1 4.0.0.1 + ip nat destination dynamic access-list ACL1 pool POOL1 + ip nat source dynamic access-list ACL2 pool POOL2 + isis authentication mode text rx-disabled level-2 + isis authentication key 0 password level-2 +! +interface Vlan75 + description SVI Description + no shutdown + ipv6 address 1b11:3a00:22b0:1000::15/64 + ipv6 nd managed-config-flag + ipv6 nd prefix 1b11:3a00:22b0:1000::/64 infinite infinite no-autoconfig + multicast ipv4 boundary 224.0.1.0/24 out + multicast ipv4 boundary 224.0.2.0/24 + multicast ipv6 boundary ff00::/16 out + multicast ipv6 boundary ff01::/16 out + multicast ipv4 static + ip address virtual 10.10.75.1/24 + ipv6 virtual-router address 1b11:3a00:22b0:1000::1 +! +interface Vlan81 + description IPv6 Virtual Address + vrf Tenant_C + ipv6 enable + ip address virtual 10.10.81.1/24 + ipv6 address virtual fc00:10:10:81::1/64 + ipv6 address virtual fc00:10:11:81::1/64 + ipv6 address virtual fc00:10:12:81::1/64 +! +interface Vlan83 + description SVI Description + no shutdown + isis enable EVPN_UNDERLAY + isis authentication mode md5 + isis authentication key 0 password + ip address virtual 10.10.83.1/24 + ip address virtual 10.11.83.1/24 secondary + ip address virtual 10.11.84.1/24 secondary +! +interface Vlan84 + description SVI Description + arp gratuitous accept + ip address 10.10.84.1/24 + arp monitor mac-address + isis enable EVPN_UNDERLAY + isis authentication mode sha key-id 2 rx-disabled + isis authentication key 0 password + ip virtual-router address 10.10.84.254 + ip virtual-router address 10.11.84.254/24 +! +interface Vlan85 + description SVI Description + ip address 10.10.84.1/24 + arp cache dynamic capacity 50000 + bfd interval 500 min-rx 500 multiplier 5 + bfd echo + isis enable EVPN_UNDERLAY + isis authentication mode sha key-id 2 + isis authentication key 0 password +! +interface Vlan86 + description SVI Description + ip address 10.10.83.1/24 + ip attached-host route export 10 + isis enable EVPN_UNDERLAY + isis authentication mode shared-secret profile profile1 algorithm sha-1 rx-disabled +! +interface Vlan87 + description SVI Description + shutdown + ip address 10.10.87.1/24 + ip access-group ACL_IN in + ip access-group ACL_OUT out + isis enable EVPN_UNDERLAY + isis authentication mode shared-secret profile profile1 algorithm sha-1 +! +interface Vlan88 + description SVI Description + shutdown + isis enable EVPN_UNDERLAY + isis authentication mode md5 rx-disabled level-1 + isis authentication mode text rx-disabled level-2 + isis authentication key 0 password level-1 + isis authentication key 0 password level-2 + ip address virtual 10.10.87.1/23 +! +interface Vlan89 + description SVI Description + no shutdown + ip helper-address 10.10.64.150 source-interface Loopback0 + ip helper-address 10.10.96.101 source-interface Loopback0 + ip helper-address 10.10.96.150 source-interface Loopback0 + ip helper-address 10.10.96.151 source-interface Loopback0 + ip igmp + ip igmp version 2 + ipv6 address 1b11:3a00:22b0:5200::15/64 + ipv6 nd managed-config-flag + ipv6 nd prefix 1b11:3a00:22b0:5200::/64 infinite infinite no-autoconfig + multicast ipv4 boundary ACL_MULTICAST + multicast ipv6 boundary ACL_V6_MULTICAST_WITH_OUT out + multicast ipv4 source route export + multicast ipv6 static + pim ipv4 sparse-mode + pim ipv4 local-interface Loopback0 + ip address virtual 10.10.144.3/20 + ipv6 virtual-router address 1b11:3a00:22b0:5200::3 +! +interface Vlan90 + description SVI Description + ip address 10.10.83.1/24 + ip attached-host route export + isis enable EVPN_UNDERLAY + isis authentication mode shared-secret profile profile2 algorithm sha-1 level-1 + isis authentication mode shared-secret profile profile1 algorithm sha-256 level-2 +! +interface Vlan91 + description PBR Description + shutdown + service-policy type pbr input MyServicePolicy + isis enable EVPN_UNDERLAY + isis authentication mode md5 level-1 + isis authentication mode text level-2 + isis authentication key 0 password level-1 + isis authentication key 0 password level-2 +! +interface Vlan92 + description SVI Description + ip proxy-arp + ip address 10.10.92.1/24 + ip directed-broadcast + isis enable EVPN_UNDERLAY + isis authentication mode shared-secret profile profile2 algorithm sha-1 rx-disabled level-1 + isis authentication mode shared-secret profile profile1 algorithm sha-256 rx-disabled level-2 +! +interface Vlan110 + description PVLAN Primary with vlan mapping + no shutdown + pvlan mapping 111-112 + vrf Tenant_A + ip address 10.0.101.1/24 + multicast ipv4 boundary ACL_MULTICAST out + multicast ipv6 source route export 20 + multicast ipv4 static +! +interface Vlan333 + description Multiple VRIDs and tracking + no shutdown + ip address 192.0.2.2/25 + arp aging timeout 180 + ipv6 enable + ipv6 address 2001:db8:333::2/64 + ipv6 address fe80::2/64 link-local + vrrp 1 priority-level 105 + vrrp 1 advertisement interval 2 + vrrp 1 preempt delay minimum 30 reload 800 + vrrp 1 ipv4 192.0.2.1 + vrrp 1 tracked-object ID1TrackedObjectDecrement decrement 5 + vrrp 1 tracked-object ID1TrackedObjectShutdown shutdown + vrrp 2 ipv6 2001:db8:333::1 + vrrp 2 tracked-object ID2TrackedObjectDecrement decrement 10 + vrrp 2 tracked-object ID2TrackedObjectShutdown shutdown + no vrrp 3 preempt + vrrp 3 timers delay reload 900 + vrrp 3 ipv4 100.64.0.1 + vrrp 3 ipv4 version 3 +! +interface Vlan334 + description v6 attached host exports + ipv6 attached-host route export 19 + ipv6 enable + ipv6 address 2001:db8:334::1/64 +! +interface Vlan335 + description v6 attached host exports + ipv6 attached-host route export prefix-length 64 + ipv6 enable + ipv6 address 2001:db8:335::1/64 +! +interface Vlan336 + description v6 attached host exports + ipv6 attached-host route export 18 prefix-length 64 + ipv6 enable + ipv6 address 2001:db8:336::1/64 +! +interface Vlan337 + description v4 dhcp relay all-subnets + ip address 10.0.2.2/25 + ip dhcp relay all-subnets +! +interface Vlan338 + description v6 dhcp relay all-subnets + ipv6 dhcp relay all-subnets + ipv6 address 2001:db8:338::1/64 +! +interface Vlan339 + description v6 nd options + ipv6 nd cache expire 250 + ipv6 nd cache dynamic capacity 900 + ipv6 nd cache refresh always + ipv6 enable + ipv6 address 2001:db8:339::1/64 + ipv6 nd other-config-flag +! +interface Vlan501 + description SVI Description + no shutdown + ip address 10.50.26.29/27 + ipv6 address 1b11:3a00:22b0:0088::207/127 + ipv6 nd ra disabled +! +interface Vlan667 + description Multiple VRIDs + no shutdown + ip address 192.0.2.2/25 + arp aging timeout 180 + ipv6 enable + ipv6 address 2001:db8:667::2/64 + ipv6 address fe80::2/64 link-local + vrrp 1 priority-level 105 + vrrp 1 advertisement interval 2 + vrrp 1 preempt delay minimum 30 reload 800 + vrrp 1 ipv4 192.0.2.1 + vrrp 2 ipv6 2001:db8:667::1 +! +interface Vlan1001 + description SVI Description + no shutdown + vrf Tenant_A + ipv6 address a1::1/64 + ipv6 nd managed-config-flag + ipv6 nd prefix a1::/64 infinite infinite no-autoconfig + ip address virtual 10.1.1.1/24 +! +interface Vlan1002 + description SVI Description + no shutdown + vrf Tenant_A + ipv6 address a2::1/64 + ipv6 nd ra disabled + ipv6 nd managed-config-flag + ipv6 nd prefix a2::/64 infinite infinite no-autoconfig + ip address virtual 10.1.2.1/24 +! +interface Vlan2001 + description SVI Description + logging event link-status + vrf Tenant_B + ip address virtual 10.2.1.1/24 + comment + Comment created from eos_cli under vlan_interfaces.Vlan2001 + EOF + +! +interface Vlan2002 + description SVI Description + no autostate + vrf Tenant_B + ip verify unicast source reachable-via rx + isis enable EVPN_UNDERLAY + isis bfd + isis authentication mode md5 rx-disabled + isis authentication key 0 password + ip address virtual 10.2.2.1/24 +! +interface Vlan4094 + description SVI Description + mtu 9214 + ip address 169.254.252.0/31 + ipv6 address fe80::a/64 link-local + pim ipv4 sparse-mode + pim ipv4 bidirectional + pim ipv4 hello interval 10 + pim ipv4 hello count 3.5 + pim ipv4 dr-priority 200 + pim ipv4 bfd + isis enable EVPN_UNDERLAY + isis authentication mode sha key-id 5 rx-disabled level-1 + isis authentication mode sha key-id 10 rx-disabled level-2 +! application traffic recognition ! application ipv4 empty-application @@ -349,6 +2153,115 @@ application traffic recognition field-set l4-port src_port_set2 5700-5800, 6500-6600 ! +event-handler CONFIG_VERSIONING + trigger on-startup-config + action bash FN=/mnt/flash/startup-config; LFN="`ls -1 $FN.*-* | tail -n 1`"; if [ -z "$LFN" -o -n "`diff -I 'last modified' $FN $LFN`" ]; then cp $FN $FN.`date +%Y%m%d-%H%M%S`; ls -1r $FN.*-* | tail -n +11 | xargs -I % rm %; fi + delay 0 +! +event-handler trigger-on-boot + trigger on-boot + action bash + if [ 15 -gt 10 ] + then + echo "a is greater than 10" + fi + EOF + action log + action increment device-health metric Metric1 +! +event-handler trigger-on-counters + action log + trigger on-counters + poll interval 10 + condition ( Arad*.IptCrcErrCnt.delta > 100 ) and ( Arad*.UcFifoFullDrop.delta > 100 ) + granularity per-source +! +event-handler trigger-on-counters2 + trigger on-counters + condition ( Arad*.IptCrcErrCnt.delta > 100 ) and ( Arad*.UcFifoFullDrop.delta > 100 ) + granularity per-source +! +event-handler trigger-on-counters3 + trigger on-counters +! +event-handler trigger-on-intf + trigger on-intf Ethernet4 operstatus ip ip6 +! +event-handler trigger-on-intf2 +! +event-handler trigger-on-intf3 +! +event-handler trigger-on-intf4 + trigger on-intf Ethernet4 ip +! +event-handler trigger-on-intf5 + trigger on-intf Ethernet5 ip6 +! +event-handler trigger-on-intf6 + trigger on-intf Ethernet6 operstatus +! +event-handler trigger-on-logging + action increment device-health metric Metric2 + trigger on-logging + poll interval 10 + regex ab* +! +event-handler trigger-on-logging2 + trigger on-logging + regex ab* +! +event-handler trigger-on-logging3 + trigger on-logging +! +event-handler trigger-on-maintenance1 + trigger on-maintenance enter interface Management3 after stage linkdown +! +event-handler trigger-on-maintenance2 + trigger on-maintenance exit unit unit1 before stage bgp + action bash echo "on-maintenance" +! +event-handler trigger-on-maintenance3 + trigger on-maintenance enter bgp 10.0.0.2 vrf vrf1 all + action bash echo "on-maintenance" +! +event-handler trigger-on-maintenance4 +! +event-handler trigger-on-maintenance5 +! +event-handler trigger-vm-tracer + trigger vm-tracer vm + action bash echo "vm-tracer vm" +! +event-handler trigger-vm-tracer2 + trigger vm-tracer vm + action bash echo "vm-tracer vm"\nEOF +! +event-handler without-trigger-key +! +group interface QSFP_Interface_Group + interface Ethernet1,5 + maintenance profile interface uplink-interfaces +! +group interface QSFP_Interface_Group1 + interface Ethernet1,5 +! +group interface SFP_Interface_Group + interface Ethernet10-20 + interface Ethernet30-48 + maintenance profile bgp downlink-neighbors + maintenance profile bgp local-ix + maintenance profile interface downlink-interfaces + maintenance profile interface ix-interfaces +! +interface profile TEST-PROFILE-1 + command description Molecule + command no switchport + command no lldp transmit +! +interface profile TEST-PROFILE-2 + command mtu 9214 + command ptp enable +! class-map type pbr match-any CM_PBR_EXCLUDE match ip access-group ACL_PBR_EXCLUDE ! @@ -365,6 +2278,23 @@ ip as-path access-list mylist1 permit ^(64512|645115) egp ip as-path access-list mylist1 deny (64513|64515)$ any ip as-path access-list mylist2 deny _64517$ igp ! +ip community-list IP_CL_TEST1 permit 1001:1001 1002:1002 +ip community-list IP_CL_TEST1 deny 1010:1010 +ip community-list regexp IP_CL_TEST1 permit 20:* +ip community-list IP_CL_TEST2 deny 1003:1003 +ip community-list regexp IP_RE_TEST1 permit ^$ +ip community-list regexp IP_RE_TEST2 deny ^100 +! +ip extcommunity-list TEST1 permit 65000:65000 +ip extcommunity-list TEST1 deny 65002:65002 +! +ip extcommunity-list TEST2 deny 65001:65001 +! +ip extcommunity-list regexp TEST1 permit 65[0-9]{3}:[0-9]+ +ip extcommunity-list regexp TEST1 deny .* +! +ip extcommunity-list regexp TEST2 deny 6500[0-1]:650[0-9][0-9] +! arp persistent refresh-delay 700 arp aging timeout default 300 arp vrf BLAH 42.42.42.42 DEAD.BEEF.CAFE arpa diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host2.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host2.cfg index f0045107836..924727ff0f1 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host2.cfg +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host2.cfg @@ -6,6 +6,13 @@ dhcp relay server dhcp-relay-server1 server dhcp-relay-server2 ! +ip dhcp relay information option +! +ip dhcp snooping +! +no ip igmp snooping fast-leave +no ip igmp snooping querier +! management security password encryption reversible aes-256-gcm ! diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/hostname.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/hostname.cfg deleted file mode 100644 index a337019910c..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/hostname.cfg +++ /dev/null @@ -1,7 +0,0 @@ -! -hostname hostname-set-via-hostname-var -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/interface-profiles.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/interface-profiles.cfg deleted file mode 100644 index daa1d36f896..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/interface-profiles.cfg +++ /dev/null @@ -1,14 +0,0 @@ -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -interface profile TEST-PROFILE-1 - command description Molecule - command no switchport - command no lldp transmit -! -interface profile TEST-PROFILE-2 - command mtu 9214 - command ptp enable diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-community-lists.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-community-lists.cfg deleted file mode 100644 index 73c99437dc9..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-community-lists.cfg +++ /dev/null @@ -1,12 +0,0 @@ -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -ip community-list IP_CL_TEST1 permit 1001:1001 1002:1002 -ip community-list IP_CL_TEST1 deny 1010:1010 -ip community-list regexp IP_CL_TEST1 permit 20:* -ip community-list IP_CL_TEST2 deny 1003:1003 -ip community-list regexp IP_RE_TEST1 permit ^$ -ip community-list regexp IP_RE_TEST2 deny ^100 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-dhcp-relay.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-dhcp-relay.cfg deleted file mode 100644 index ac3eb588e3b..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-dhcp-relay.cfg +++ /dev/null @@ -1,9 +0,0 @@ -! -ip dhcp relay information option -ip dhcp relay always-on -ip dhcp relay all-subnets default -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-dhcp-snooping.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-dhcp-snooping.cfg deleted file mode 100644 index 4fc26748515..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-dhcp-snooping.cfg +++ /dev/null @@ -1,10 +0,0 @@ -! -ip dhcp snooping bridging -ip dhcp snooping information option -ip dhcp snooping information option circuit-id type 10 format %h:%p -ip dhcp snooping vlan 10,20,500,1000-2000 -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-extended-community-lists-regexp.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-extended-community-lists-regexp.cfg deleted file mode 100644 index f652d9ecae3..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-extended-community-lists-regexp.cfg +++ /dev/null @@ -1,10 +0,0 @@ -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -ip extcommunity-list regexp TEST1 permit 65[0-9]{3}:[0-9]+ -ip extcommunity-list regexp TEST1 deny .* -! -ip extcommunity-list regexp TEST2 deny 6500[0-1]:650[0-9][0-9] diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-extended-community-lists.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-extended-community-lists.cfg deleted file mode 100644 index 3a87f581467..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-extended-community-lists.cfg +++ /dev/null @@ -1,10 +0,0 @@ -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -ip extcommunity-list TEST1 permit 65000:65000 -ip extcommunity-list TEST1 deny 65002:65002 -! -ip extcommunity-list TEST2 deny 65001:65001 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-igmp-snooping-enable.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-igmp-snooping-enable.cfg deleted file mode 100644 index a3c0943a32e..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-igmp-snooping-enable.cfg +++ /dev/null @@ -1,38 +0,0 @@ -! -ip igmp snooping robustness-variable 2 -ip igmp snooping restart query-interval 30 -ip igmp snooping interface-restart-query 500 -ip igmp snooping fast-leave -ip igmp snooping vlan 23 -ip igmp snooping vlan 23 querier -ip igmp snooping vlan 23 querier address 10.10.23.1 -ip igmp snooping vlan 23 querier query-interval 40 -ip igmp snooping vlan 23 querier max-response-time 10 -ip igmp snooping vlan 23 querier last-member-query-interval 5 -ip igmp snooping vlan 23 querier last-member-query-count 2 -ip igmp snooping vlan 23 querier startup-query-interval 20 -ip igmp snooping vlan 23 querier startup-query-count 2 -ip igmp snooping vlan 23 querier version 3 -ip igmp snooping vlan 23 max-groups 20 -ip igmp snooping vlan 23 fast-leave -ip igmp snooping vlan 24 -no ip igmp snooping vlan 25 -no ip igmp snooping vlan 25 fast-leave -ip igmp snooping querier -ip igmp snooping querier address 10.10.10.1 -ip igmp snooping querier query-interval 40 -ip igmp snooping querier max-response-time 10 -ip igmp snooping querier last-member-query-interval 5 -ip igmp snooping querier last-member-query-count 2 -ip igmp snooping querier startup-query-interval 20 -ip igmp snooping querier startup-query-count 2 -ip igmp snooping querier version 3 -! -ip igmp snooping proxy -ip igmp snooping vlan 23 proxy -no ip igmp snooping vlan 25 proxy -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/vlan-interfaces.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/vlan-interfaces.cfg deleted file mode 100644 index 8773cc2f395..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/vlan-interfaces.cfg +++ /dev/null @@ -1,353 +0,0 @@ -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -interface Vlan24 - description SVI Description - no shutdown - ipv6 address 1b11:3a00:22b0:6::15/64 - ipv6 nd managed-config-flag - ipv6 nd prefix 1b11:3a00:22b0:6::/64 infinite infinite no-autoconfig - ip address virtual 10.10.24.1/24 - ipv6 virtual-router address 1b11:3a00:22b0:6::1 -! -interface Vlan25 - description SVI Description - no shutdown - ipv6 address 1b11:3a00:22b0:16::16/64 - ipv6 virtual-router address 1b11:3a00:22b0:16::14 - ipv6 virtual-router address 1b11:3a00:22b0:16::15 -! -interface Vlan41 - description SVI Description - no shutdown - ip helper-address 10.10.64.150 source-interface Loopback0 - ip helper-address 10.10.96.150 source-interface Loopback0 - ip helper-address 10.10.96.151 source-interface Loopback0 - ip igmp host-proxy - ip igmp host-proxy 239.0.0.1 - ip igmp host-proxy 239.0.0.2 exclude 10.0.2.1 - ip igmp host-proxy 239.0.0.3 include 10.0.3.1 - ip igmp host-proxy 239.0.0.4 include 10.0.4.3 - ip igmp host-proxy 239.0.0.4 include 10.0.4.4 - ip igmp host-proxy 239.0.0.4 exclude 10.0.4.1 - ip igmp host-proxy 239.0.0.4 exclude 10.0.4.2 - ip igmp host-proxy access-list ACL1 - ip igmp host-proxy access-list ACL2 - ip igmp host-proxy report-interval 2 - ip igmp host-proxy version 2 - ip address virtual 10.10.41.1/24 -! -interface Vlan42 - description SVI Description - no shutdown - ip helper-address 10.10.64.150 source-interface Loopback0 - ip helper-address 10.10.96.150 source-interface Loopback0 - ip helper-address 10.10.96.151 source-interface Loopback0 - isis enable EVPN_UNDERLAY - isis authentication mode sha key-id 5 level-1 - ip address virtual 10.10.42.1/24 -! -interface Vlan43 - description SVI Description - no shutdown - ipv6 dhcp relay destination a0::2 vrf TEST local-interface Loopback44 link-address a0::4 - ipv6 address a0::1/64 - isis authentication key-id 2 algorithm sha-512 key 0 password - isis authentication key-id 3 algorithm sha-512 rfc-5310 key 0 password1 - isis authentication key-id 1 algorithm sha-1 key 0 password level-1 - isis authentication key-id 4 algorithm sha-1 rfc-5310 key 0 password level-1 - isis authentication key-id 5 algorithm sha-1 key 0 password3 level-1 - isis authentication key-id 1 algorithm sha-1 key 0 password level-2 - isis authentication key-id 5 algorithm sha-1 rfc-5310 key 0 password level-2 -! -interface Vlan44 - description SVI Description - no shutdown - ipv6 dhcp relay destination a0::8 - ipv6 dhcp relay destination a0::5 vrf TEST source-address a0::6 link-address a0::7 - ipv6 address a0::4/64 -! -interface Vlan50 - description IP NAT Testing - ip nat destination static 1.0.0.1 2.0.0.1 - ip nat source static 3.0.0.1 4.0.0.1 - ip nat destination dynamic access-list ACL1 pool POOL1 - ip nat source dynamic access-list ACL2 pool POOL2 - isis authentication mode text rx-disabled level-2 - isis authentication key 0 password level-2 -! -interface Vlan75 - description SVI Description - no shutdown - ipv6 address 1b11:3a00:22b0:1000::15/64 - ipv6 nd managed-config-flag - ipv6 nd prefix 1b11:3a00:22b0:1000::/64 infinite infinite no-autoconfig - multicast ipv4 boundary 224.0.1.0/24 out - multicast ipv4 boundary 224.0.2.0/24 - multicast ipv6 boundary ff00::/16 out - multicast ipv6 boundary ff01::/16 out - multicast ipv4 static - ip address virtual 10.10.75.1/24 - ipv6 virtual-router address 1b11:3a00:22b0:1000::1 -! -interface Vlan81 - description IPv6 Virtual Address - vrf Tenant_C - ipv6 enable - ip address virtual 10.10.81.1/24 - ipv6 address virtual fc00:10:10:81::1/64 - ipv6 address virtual fc00:10:11:81::1/64 - ipv6 address virtual fc00:10:12:81::1/64 -! -interface Vlan83 - description SVI Description - no shutdown - isis enable EVPN_UNDERLAY - isis authentication mode md5 - isis authentication key 0 password - ip address virtual 10.10.83.1/24 - ip address virtual 10.11.83.1/24 secondary - ip address virtual 10.11.84.1/24 secondary -! -interface Vlan84 - description SVI Description - arp gratuitous accept - ip address 10.10.84.1/24 - arp monitor mac-address - isis enable EVPN_UNDERLAY - isis authentication mode sha key-id 2 rx-disabled - isis authentication key 0 password - ip virtual-router address 10.10.84.254 - ip virtual-router address 10.11.84.254/24 -! -interface Vlan85 - description SVI Description - ip address 10.10.84.1/24 - arp cache dynamic capacity 50000 - bfd interval 500 min-rx 500 multiplier 5 - bfd echo - isis enable EVPN_UNDERLAY - isis authentication mode sha key-id 2 - isis authentication key 0 password -! -interface Vlan86 - description SVI Description - ip address 10.10.83.1/24 - ip attached-host route export 10 - isis enable EVPN_UNDERLAY - isis authentication mode shared-secret profile profile1 algorithm sha-1 rx-disabled -! -interface Vlan87 - description SVI Description - shutdown - ip address 10.10.87.1/24 - ip access-group ACL_IN in - ip access-group ACL_OUT out - isis enable EVPN_UNDERLAY - isis authentication mode shared-secret profile profile1 algorithm sha-1 -! -interface Vlan88 - description SVI Description - shutdown - isis enable EVPN_UNDERLAY - isis authentication mode md5 rx-disabled level-1 - isis authentication mode text rx-disabled level-2 - isis authentication key 0 password level-1 - isis authentication key 0 password level-2 - ip address virtual 10.10.87.1/23 -! -interface Vlan89 - description SVI Description - no shutdown - ip helper-address 10.10.64.150 source-interface Loopback0 - ip helper-address 10.10.96.101 source-interface Loopback0 - ip helper-address 10.10.96.150 source-interface Loopback0 - ip helper-address 10.10.96.151 source-interface Loopback0 - ip igmp - ip igmp version 2 - ipv6 address 1b11:3a00:22b0:5200::15/64 - ipv6 nd managed-config-flag - ipv6 nd prefix 1b11:3a00:22b0:5200::/64 infinite infinite no-autoconfig - multicast ipv4 boundary ACL_MULTICAST - multicast ipv6 boundary ACL_V6_MULTICAST_WITH_OUT out - multicast ipv4 source route export - multicast ipv6 static - pim ipv4 sparse-mode - pim ipv4 local-interface Loopback0 - ip address virtual 10.10.144.3/20 - ipv6 virtual-router address 1b11:3a00:22b0:5200::3 -! -interface Vlan90 - description SVI Description - ip address 10.10.83.1/24 - ip attached-host route export - isis enable EVPN_UNDERLAY - isis authentication mode shared-secret profile profile2 algorithm sha-1 level-1 - isis authentication mode shared-secret profile profile1 algorithm sha-256 level-2 -! -interface Vlan91 - description PBR Description - shutdown - service-policy type pbr input MyServicePolicy - isis enable EVPN_UNDERLAY - isis authentication mode md5 level-1 - isis authentication mode text level-2 - isis authentication key 0 password level-1 - isis authentication key 0 password level-2 -! -interface Vlan92 - description SVI Description - ip proxy-arp - ip address 10.10.92.1/24 - ip directed-broadcast - isis enable EVPN_UNDERLAY - isis authentication mode shared-secret profile profile2 algorithm sha-1 rx-disabled level-1 - isis authentication mode shared-secret profile profile1 algorithm sha-256 rx-disabled level-2 -! -interface Vlan110 - description PVLAN Primary with vlan mapping - no shutdown - pvlan mapping 111-112 - vrf Tenant_A - ip address 10.0.101.1/24 - multicast ipv4 boundary ACL_MULTICAST out - multicast ipv6 source route export 20 - multicast ipv4 static -! -interface Vlan333 - description Multiple VRIDs and tracking - no shutdown - ip address 192.0.2.2/25 - arp aging timeout 180 - ipv6 enable - ipv6 address 2001:db8:333::2/64 - ipv6 address fe80::2/64 link-local - vrrp 1 priority-level 105 - vrrp 1 advertisement interval 2 - vrrp 1 preempt delay minimum 30 reload 800 - vrrp 1 ipv4 192.0.2.1 - vrrp 1 tracked-object ID1-TrackedObjectDecrement decrement 5 - vrrp 1 tracked-object ID1-TrackedObjectShutdown shutdown - vrrp 2 ipv6 2001:db8:333::1 - vrrp 2 tracked-object ID2-TrackedObjectDecrement decrement 10 - vrrp 2 tracked-object ID2-TrackedObjectShutdown shutdown - no vrrp 3 preempt - vrrp 3 timers delay reload 900 - vrrp 3 ipv4 100.64.0.1 - vrrp 3 ipv4 version 3 -! -interface Vlan334 - description v6 attached host exports - ipv6 attached-host route export 19 - ipv6 enable - ipv6 address 2001:db8:334::1/64 -! -interface Vlan335 - description v6 attached host exports - ipv6 attached-host route export prefix-length 64 - ipv6 enable - ipv6 address 2001:db8:335::1/64 -! -interface Vlan336 - description v6 attached host exports - ipv6 attached-host route export 18 prefix-length 64 - ipv6 enable - ipv6 address 2001:db8:336::1/64 -! -interface Vlan337 - description v4 dhcp relay all-subnets - ip address 10.0.2.2/25 - ip dhcp relay all-subnets -! -interface Vlan338 - description v6 dhcp relay all-subnets - ipv6 dhcp relay all-subnets - ipv6 address 2001:db8:338::1/64 -! -interface Vlan339 - description v6 nd options - ipv6 nd cache expire 250 - ipv6 nd cache dynamic capacity 900 - ipv6 nd cache refresh always - ipv6 enable - ipv6 address 2001:db8:339::1/64 - ipv6 nd other-config-flag -! -interface Vlan501 - description SVI Description - no shutdown - ip address 10.50.26.29/27 - ipv6 address 1b11:3a00:22b0:0088::207/127 - ipv6 nd ra disabled -! -interface Vlan667 - description Multiple VRIDs - no shutdown - ip address 192.0.2.2/25 - arp aging timeout 180 - ipv6 enable - ipv6 address 2001:db8:667::2/64 - ipv6 address fe80::2/64 link-local - vrrp 1 priority-level 105 - vrrp 1 advertisement interval 2 - vrrp 1 preempt delay minimum 30 reload 800 - vrrp 1 ipv4 192.0.2.1 - vrrp 2 ipv6 2001:db8:667::1 -! -interface Vlan1001 - description SVI Description - no shutdown - vrf Tenant_A - ipv6 address a1::1/64 - ipv6 nd managed-config-flag - ipv6 nd prefix a1::/64 infinite infinite no-autoconfig - ip address virtual 10.1.1.1/24 -! -interface Vlan1002 - description SVI Description - no shutdown - vrf Tenant_A - ipv6 address a2::1/64 - ipv6 nd ra disabled - ipv6 nd managed-config-flag - ipv6 nd prefix a2::/64 infinite infinite no-autoconfig - ip address virtual 10.1.2.1/24 -! -interface Vlan2001 - description SVI Description - logging event link-status - vrf Tenant_B - ip address virtual 10.2.1.1/24 - comment - Comment created from eos_cli under vlan_interfaces.Vlan2001 - EOF - -! -interface Vlan2002 - description SVI Description - no autostate - vrf Tenant_B - ip verify unicast source reachable-via rx - isis enable EVPN_UNDERLAY - isis bfd - isis authentication mode md5 rx-disabled - isis authentication key 0 password - ip address virtual 10.2.2.1/24 -! -interface Vlan4094 - description SVI Description - mtu 9214 - ip address 169.254.252.0/31 - ipv6 address fe80::a/64 link-local - pim ipv4 sparse-mode - pim ipv4 bidirectional - pim ipv4 hello interval 10 - pim ipv4 hello count 3.5 - pim ipv4 dr-priority 200 - pim ipv4 bfd - isis enable EVPN_UNDERLAY - isis authentication mode sha key-id 5 rx-disabled level-1 - isis authentication mode sha key-id 10 rx-disabled level-2 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/bgp-groups.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/bgp-groups.yml new file mode 100644 index 00000000000..c2ebaf5757d --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/bgp-groups.yml @@ -0,0 +1,19 @@ +--- +### BGP Groups ### +bgp_groups: + - name: foo + neighbors: + - fe80::1 + - 169.254.1.1 + bgp_maintenance_profiles: + - uplink-neighbors + - ixp + + - name: bar + neighbors: + - peer-group-baz + bgp_maintenance_profiles: + - downlink-neighbors + vrf: red + - name: without-neighbors-key + vrf: red diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/errdisable.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/errdisable.yml similarity index 93% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/errdisable.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/errdisable.yml index 4f899a6eedc..7ba47202998 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/errdisable.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/errdisable.yml @@ -1,3 +1,4 @@ +--- ### Errdisable ### errdisable: @@ -10,6 +11,7 @@ errdisable: - xcvr-misconfigured - xcvr-overheat - xcvr-power-unsupported + - acl recovery: causes: - bpduguard @@ -27,4 +29,5 @@ errdisable: - xcvr-overheat - xcvr-power-unsupported - xcvr-unsupported + - arp-inspection interval: 300 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ethernet-interfaces.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ethernet-interfaces.yml similarity index 91% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ethernet-interfaces.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ethernet-interfaces.yml index a2b3eac753c..c04de97da42 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ethernet-interfaces.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ethernet-interfaces.yml @@ -1209,9 +1209,9 @@ ethernet_interfaces: ipv4: address: 192.0.2.1 tracked_object: - - name: ID1-TrackedObjectDecrement + - name: ID1TrackedObjectDecrement decrement: 5 - - name: ID1-TrackedObjectShutdown + - name: ID1TrackedObjectShutdown shutdown: true - id: 2 preempt: @@ -1220,9 +1220,9 @@ ethernet_interfaces: ipv6: address: 2001:db8::1 tracked_object: - - name: ID2-TrackedObjectDecrement + - name: ID2TrackedObjectDecrement decrement: 10 - - name: ID2-TrackedObjectShutdown + - name: ID2TrackedObjectShutdown shutdown: true - id: 3 timers: @@ -1413,3 +1413,147 @@ ethernet_interfaces: traffic_allow_vlan: 10 traffic_allow_access_list: acl1 mac_based_access_list: true + + - name: Ethernet73 + peer: DC1-AGG01 + peer_interface: Ethernet1 + peer_type: l2leaf + description: DC1-AGG01_Ethernet1 + channel_group: + id: 5 + mode: active + transceiver: + media: + override: 100gbase-ar4 + + - name: Ethernet74 + peer: DC1-LEAF1B + peer_interface: Ethernet3 + peer_type: mlag_peer + description: MLAG_PEER_DC1-LEAF1B_Ethernet3 + channel_group: + id: 3 + mode: active + + - name: Ethernet75 + peer: DC1-LEAF1B + peer_interface: Ethernet4 + peer_type: mlag_peer + description: MLAG_PEER_DC1-LEAF1B_Ethernet4 + channel_group: + id: 3 + mode: active + + - name: Ethernet76 + peer: SRV-POD03 + peer_interface: Eth1 + peer_type: server + description: SRV-POD03_Eth1 + channel_group: + id: 5 + mode: "active" + lldp: + receive: false + transmit: false + + - name: Ethernet77 + peer: DC1-LEAF1B + peer_interface: Ethernet4 + description: MLAG_PEER_DC1-LEAF1B_Ethernet8 + channel_group: + id: 8 + mode: active + + - name: Ethernet78 + peer: DC1-AGG03 + peer_interface: Ethernet1 + peer_type: l2leaf + description: DC1-AGG03_Ethernet1 + channel_group: + id: 15 + mode: active + lacp_timer: + mode: fast + multiplier: 30 + + - name: Ethernet79 + peer: DC1-AGG04 + peer_interface: Ethernet1 + peer_type: l2leaf + description: DC1-AGG04_Ethernet1 + channel_group: + id: 16 + mode: active + lacp_timer: + mode: normal + + - name: Ethernet80 + description: LAG Member + channel_group: + id: 17 + mode: active + + - name: Ethernet80/1 + description: LAG Member + channel_group: + id: 101 + mode: active + + - name: Ethernet80/2 + description: LAG Member + channel_group: + id: 102 + mode: active + + - name: Ethernet80/3 + description: LAG Member + channel_group: + id: 103 + mode: active + + - name: Ethernet80/4 + description: LAG Member LACP fallback + channel_group: + id: 104 + mode: active + switchport: + enabled: true + mode: trunk + trunk: + allowed_vlan: 100 + spanning_tree_portfast: edge + + - name: Ethernet81 + description: LAG Member + channel_group: + id: 109 + mode: active + + - name: Ethernet81/10 + description: isis_port_channel_member + channel_group: + id: 110 + mode: active + + - name: Ethernet81/1 + description: LAG Member with error_correction + error_correction_encoding: + fire_code: true + reed_solomon: true + channel_group: + id: 111 + mode: active + + - name: Ethernet81/2 + description: LAG Member LACP fallback LLDP ZTP VLAN + channel_group: + id: 112 + mode: active + switchport: + enabled: true + mode: trunk + trunk: + allowed_vlan: 112 + spanning_tree_portfast: edge + lldp: + ztp_vlan: 112 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/event-handlers.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/event-handlers.yml similarity index 81% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/event-handlers.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/event-handlers.yml index fd1573f375f..771876032cf 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/event-handlers.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/event-handlers.yml @@ -17,6 +17,7 @@ event_handlers: echo "a is greater than 10" fi increment_device_health_metric: Metric1 + log: true - name: trigger-on-maintenance1 trigger: on-maintenance trigger_on_maintenance: @@ -90,7 +91,31 @@ event_handlers: operstatus: true - name: trigger-on-intf2 trigger: on-intf + - name: trigger-on-intf3 + trigger: on-intf + trigger_on_intf: + interface: Ethernet3 + - name: trigger-on-intf4 + trigger: on-intf + trigger_on_intf: + interface: Ethernet4 + ip: true + - name: trigger-on-intf5 + trigger: on-intf + trigger_on_intf: + interface: Ethernet5 + ipv6: true + - name: trigger-on-intf6 + trigger: on-intf + trigger_on_intf: + interface: Ethernet6 + operstatus: true - name: trigger-vm-tracer trigger: "vm-tracer vm" actions: bash_command: echo "vm-tracer vm" + - name: trigger-vm-tracer2 + trigger: "vm-tracer vm" + actions: + bash_command: echo "vm-tracer vm"\nEOF + - name: without-trigger-key diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/event-monitor.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/event-monitor.yml similarity index 100% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/event-monitor.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/event-monitor.yml diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/hostname.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/hostname.yml similarity index 100% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/hostname.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/hostname.yml diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/groups.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/interface-groups.yml similarity index 57% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/groups.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/interface-groups.yml index a16df6bfbb4..c55a1423ce0 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/groups.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/interface-groups.yml @@ -1,19 +1,5 @@ -### BGP & Interface Groups ### -bgp_groups: - - name: foo - neighbors: - - fe80::1 - - 169.254.1.1 - bgp_maintenance_profiles: - - uplink-neighbors - - ixp - - - name: bar - neighbors: - - peer-group-baz - bgp_maintenance_profiles: - - downlink-neighbors - vrf: red +--- +### Interface Groups ### interface_groups: - name: SFP_Interface_Group @@ -32,3 +18,7 @@ interface_groups: - Ethernet1,5 interface_maintenance_profiles: - uplink-interfaces + + - name: QSFP_Interface_Group1 + interfaces: + - Ethernet1,5 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/interface-profiles.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/interface-profiles.yml similarity index 98% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/interface-profiles.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/interface-profiles.yml index 1d65be0ea5e..063f412ec9b 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/interface-profiles.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/interface-profiles.yml @@ -1,3 +1,4 @@ +--- ### Interface profiles interface_profiles: diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-community-lists.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-community-lists.yml similarity index 99% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-community-lists.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-community-lists.yml index 542e95adfaf..04a7a22409e 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-community-lists.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-community-lists.yml @@ -1,3 +1,4 @@ +--- ### IP community lists ### ip_community_lists: - name: IP_CL_TEST1 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-dhcp-relay.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-dhcp-relay.yml similarity index 96% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-dhcp-relay.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-dhcp-relay.yml index 406b1b08757..bc42178b68c 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-dhcp-relay.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-dhcp-relay.yml @@ -1,3 +1,4 @@ +--- ### IP DHCP Relay ### ip_dhcp_relay: diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-dhcp-snooping.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-dhcp-snooping.yml similarity index 98% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-dhcp-snooping.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-dhcp-snooping.yml index 44b8a2e476a..30464fce77d 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-dhcp-snooping.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-dhcp-snooping.yml @@ -1,3 +1,4 @@ +--- ### IP DHCP Snooping ### ip_dhcp_snooping: diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-extended-community-lists-regexp.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-extended-community-lists-regexp.yml similarity index 98% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-extended-community-lists-regexp.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-extended-community-lists-regexp.yml index b2b36b03c7a..06853ed5b2c 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-extended-community-lists-regexp.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-extended-community-lists-regexp.yml @@ -1,3 +1,4 @@ +--- ### IP extended community lists regexp ### ip_extcommunity_lists_regexp: diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-extended-community-lists.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-extended-community-lists.yml similarity index 98% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-extended-community-lists.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-extended-community-lists.yml index 635d368f567..78bc0fe35b6 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-extended-community-lists.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-extended-community-lists.yml @@ -1,3 +1,4 @@ +--- ### IP extended community lists ### ip_extcommunity_lists: diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-igmp-snooping-enable.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-igmp-snooping-enable.yml similarity index 98% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-igmp-snooping-enable.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-igmp-snooping-enable.yml index 68ed40991df..76d83082a41 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-igmp-snooping-enable.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-igmp-snooping-enable.yml @@ -1,3 +1,4 @@ +--- ### IGMP Snooping Enabled ip_igmp_snooping: @@ -40,3 +41,4 @@ ip_igmp_snooping: # Settings documented even if not enabled fast_leave: false proxy: false + - id: 26 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/port-channel-interfaces.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/port-channel-interfaces.yml similarity index 85% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/port-channel-interfaces.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/port-channel-interfaces.yml index 04068470e04..928a4e8405a 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/port-channel-interfaces.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/port-channel-interfaces.yml @@ -742,149 +742,3 @@ port_channel_interfaces: - name: Port-Channel132 description: Test_port-channel_interface-profile profile: test-interface-profile - -# Children interfaces -ethernet_interfaces: - - name: Ethernet5 - peer: DC1-AGG01 - peer_interface: Ethernet1 - peer_type: l2leaf - description: DC1-AGG01_Ethernet1 - channel_group: - id: 5 - mode: active - transceiver: - media: - override: 100gbase-ar4 - - - name: Ethernet3 - peer: DC1-LEAF1B - peer_interface: Ethernet3 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF1B_Ethernet3 - channel_group: - id: 3 - mode: active - - - name: Ethernet4 - peer: DC1-LEAF1B - peer_interface: Ethernet4 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF1B_Ethernet4 - channel_group: - id: 3 - mode: active - - - name: Ethernet50 - peer: SRV-POD03 - peer_interface: Eth1 - peer_type: server - description: SRV-POD03_Eth1 - channel_group: - id: 5 - mode: "active" - lldp: - receive: false - transmit: false - - - name: Ethernet8 - peer: DC1-LEAF1B - peer_interface: Ethernet4 - description: MLAG_PEER_DC1-LEAF1B_Ethernet8 - channel_group: - id: 8 - mode: active - - - name: Ethernet15 - peer: DC1-AGG03 - peer_interface: Ethernet1 - peer_type: l2leaf - description: DC1-AGG03_Ethernet1 - channel_group: - id: 15 - mode: active - lacp_timer: - mode: fast - multiplier: 30 - - - name: Ethernet16 - peer: DC1-AGG04 - peer_interface: Ethernet1 - peer_type: l2leaf - description: DC1-AGG04_Ethernet1 - channel_group: - id: 16 - mode: active - lacp_timer: - mode: normal - - - name: Ethernet17 - description: LAG Member - channel_group: - id: 17 - mode: active - - - name: Ethernet10/1 - description: LAG Member - channel_group: - id: 101 - mode: active - - - name: Ethernet10/2 - description: LAG Member - channel_group: - id: 102 - mode: active - - - name: Ethernet10/3 - description: LAG Member - channel_group: - id: 103 - mode: active - - - name: Ethernet10/4 - description: LAG Member LACP fallback - channel_group: - id: 104 - mode: active - switchport: - enabled: true - mode: trunk - trunk: - allowed_vlan: 100 - spanning_tree_portfast: edge - - - name: Ethernet18 - description: LAG Member - channel_group: - id: 109 - mode: active - - - name: Ethernet10/10 - description: isis_port_channel_member - channel_group: - id: 110 - mode: active - - - name: Ethernet11/1 - description: LAG Member with error_correction - error_correction_encoding: - fire_code: true - reed_solomon: true - channel_group: - id: 111 - mode: active - - - name: Ethernet11/2 - description: LAG Member LACP fallback LLDP ZTP VLAN - channel_group: - id: 112 - mode: active - switchport: - enabled: true - mode: trunk - trunk: - allowed_vlan: 112 - spanning_tree_portfast: edge - lldp: - ztp_vlan: 112 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/vlan-interfaces.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/vlan-interfaces.yml similarity index 98% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/vlan-interfaces.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/vlan-interfaces.yml index 4bf70adf432..d39f5c6d1f9 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/vlan-interfaces.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/vlan-interfaces.yml @@ -578,9 +578,9 @@ vlan_interfaces: ipv4: address: 192.0.2.1 tracked_object: - - name: ID1-TrackedObjectDecrement + - name: ID1TrackedObjectDecrement decrement: 5 - - name: ID1-TrackedObjectShutdown + - name: ID1TrackedObjectShutdown shutdown: true - id: 2 preempt: @@ -589,9 +589,9 @@ vlan_interfaces: ipv6: address: 2001:db8:333::1 tracked_object: - - name: ID2-TrackedObjectDecrement + - name: ID2TrackedObjectDecrement decrement: 10 - - name: ID2-TrackedObjectShutdown + - name: ID2TrackedObjectShutdown shutdown: true - id: 3 timers: diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ip-dhcp-relay.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ip-dhcp-relay.yml new file mode 100644 index 00000000000..6226d532a3c --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ip-dhcp-relay.yml @@ -0,0 +1,5 @@ +--- +### IP DHCP Relay ### + +ip_dhcp_relay: + information_option: true diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ip-dhcp-snooping.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ip-dhcp-snooping.yml new file mode 100644 index 00000000000..9bd7ce9dcec --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ip-dhcp-snooping.yml @@ -0,0 +1,5 @@ +--- +### IP DHCP Snooping ### + +ip_dhcp_snooping: + enabled: true diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ip-igmp-snooping-enable.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ip-igmp-snooping-enable.yml new file mode 100644 index 00000000000..dbb3d5951f2 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ip-igmp-snooping-enable.yml @@ -0,0 +1,8 @@ +--- +### IGMP Snooping Enabled + +ip_igmp_snooping: + fast_leave: false + querier: + enabled: false + proxy: false diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/hosts.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/hosts.yml index 18fc19240c4..c220e61dd5a 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/hosts.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/hosts.yml @@ -19,27 +19,14 @@ test_hosts: dns-ntp: eos_cli_config_gen_configuration.enable: eos_cli_config_gen_documentation.enable: - errdisable: - ethernet-interfaces: - event-handlers: - event-monitor: flow-tracking: flow-tracking-2: - groups: hardware-counter: hardware: hide-passwords: - hostname: igmp-snooping: interface-defaults: - interface-profiles: ip-access-lists: - ip-dhcp-relay: - ip-dhcp-snooping: - ip-community-lists: - ip-extended-community-lists: - ip-extended-community-lists-regexp: - ip-igmp-snooping-enable: ip-nat: ip-security: ip-routing: @@ -101,7 +88,6 @@ test_hosts: poe: policy-maps: policy-maps-pbr: - port-channel-interfaces: prefix-lists: prompt: prompt-2: @@ -183,7 +169,6 @@ test_hosts: transceiver_qsfp_default_mode_4x10_false: tunnel-interfaces: unsupported-transceiver: - vlan-interfaces: virtual-source-nat: vlan-internal-order: vlans: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/core-1-isis-sr-ldp.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/core-1-isis-sr-ldp.cfg index b3c315ff1e7..6611edb1697 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/core-1-isis-sr-ldp.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/core-1-isis-sr-ldp.cfg @@ -109,7 +109,6 @@ interface Ethernet2 isis circuit-type level-1 isis metric 60 isis hello padding - isis network point-to-point ! interface Ethernet3 description P2P_LINK_TO_CORE-2-OSPF-LDP_Ethernet3 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/inband-mgmt-parent-vrf.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/inband-mgmt-parent-vrf.cfg index e9e972152b6..ad6cd031a02 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/inband-mgmt-parent-vrf.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/inband-mgmt-parent-vrf.cfg @@ -186,5 +186,6 @@ router bgp 65001 route-target export evpn 1:1 router-id 10.0.255.2 redistribute connected + redistribute attached-host ! end diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/core-1-isis-sr-ldp.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/core-1-isis-sr-ldp.yml index 4fe06f03eb9..45c404ec101 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/core-1-isis-sr-ldp.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/core-1-isis-sr-ldp.yml @@ -111,7 +111,7 @@ ethernet_interfaces: ip_address: 100.123.123.2/31 isis_enable: CORE isis_metric: 60 - isis_network_point_to_point: true + isis_network_point_to_point: false isis_hello_padding: true isis_circuit_type: level-1 mpls: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/inband-mgmt-parent-vrf.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/inband-mgmt-parent-vrf.yml index 555370e4e63..ce82a886f46 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/inband-mgmt-parent-vrf.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/inband-mgmt-parent-vrf.yml @@ -53,6 +53,8 @@ router_bgp: redistribute: connected: enabled: true + attached_host: + enabled: true service_routing_protocols_model: multi-agent ip_routing: true vlan_internal_order: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CORE_UNIT_TESTS.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CORE_UNIT_TESTS.yml index b0cd778e84f..9369c8e3ee3 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CORE_UNIT_TESTS.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CORE_UNIT_TESTS.yml @@ -71,6 +71,7 @@ core_interfaces: ipv6_enable: true isis_authentication_mode: md5 isis_authentication_key: $1c$sTNAlR6rKSw= + isis_network_type: point-to-point - name: ospf_bb_profile speed: "forced 1000full" @@ -96,6 +97,7 @@ core_interfaces: isis_hello_padding: true isis_circuit_type: level-1 isis_metric: 60 + isis_network_type: broadcast qos_profile: test_qos_profile # Normal link with profile diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/application-traffic-recognition.md b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/application-traffic-recognition.md index b452fd1b54c..8dfe87390e6 100644 --- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/application-traffic-recognition.md +++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/application-traffic-recognition.md @@ -48,7 +48,7 @@ | [        udp_dest_port_set_name](## "application_traffic_recognition.applications.l4_applications.[].udp_dest_port_set_name") | String | | | | Name of field set for UDP destination ports.
When the `protocols` list contain both `tcp` and `udp`, this key value
must be the same as `tcp_dest_port_set_name`. | | [        tcp_dest_port_set_name](## "application_traffic_recognition.applications.l4_applications.[].tcp_dest_port_set_name") | String | | | | Name of field set for TCP destination ports.
When the `protocols` list contain both `tcp` and `udp`, this key value
must be the same as `udp_dest_port_set_name`. | | [  application_profiles](## "application_traffic_recognition.application_profiles") | List, items: Dictionary | | | | Group of applications. | - | [    - name](## "application_traffic_recognition.application_profiles.[].name") | String | | | | Application Profile name. | + | [    - name](## "application_traffic_recognition.application_profiles.[].name") | String | Required, Unique | | | Application Profile name. | | [      applications](## "application_traffic_recognition.application_profiles.[].applications") | List, items: Dictionary | | | | List of applications part of the application profile. | | [        - name](## "application_traffic_recognition.application_profiles.[].applications.[].name") | String | | | | Application Name. | | [          service](## "application_traffic_recognition.application_profiles.[].applications.[].service") | String | | | Valid Values:
- audio-video
- chat
- default
- file-transfer
- networking-protocols
- peer-to-peer
- software-update | Service Name.
Specific service to target for this application.
If no service is specified, all supported services of the application are matched.
Not all valid values are valid for all applications, check on EOS CLI. | @@ -206,7 +206,7 @@ application_profiles: # Application Profile name. - - name: + - name: # List of applications part of the application profile. applications: diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/dot1x.md b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/dot1x.md index b9603e12f94..6b59abf5b13 100644 --- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/dot1x.md +++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/dot1x.md @@ -62,7 +62,7 @@ | [    enabled](## "dot1x.captive_portal.enabled") | Boolean | Required | | | | | [    url](## "dot1x.captive_portal.url") | String | | | | Supported URL type:
- http: http://[:]
- https: https://[:] | | [    ssl_profile](## "dot1x.captive_portal.ssl_profile") | String | | | | | - | [    start_limit_infinite](## "dot1x.captive_portal.start_limit_infinite") | Boolean | | | | Set captive-portal start limit to infinte. | + | [    start_limit_infinite](## "dot1x.captive_portal.start_limit_infinite") | Boolean | | | | Set captive-portal start limit to infinite. | | [    access_list_ipv4](## "dot1x.captive_portal.access_list_ipv4") | String | | | | Standard access-list name. | | [  supplicant](## "dot1x.supplicant") | Dictionary | | | | | | [    profiles](## "dot1x.supplicant.profiles") | List, items: Dictionary | | | | Dot1x supplicant profiles. | @@ -194,7 +194,7 @@ url: ssl_profile: - # Set captive-portal start limit to infinte. + # Set captive-portal start limit to infinite. start_limit_infinite: # Standard access-list name. diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/ethernet-interfaces.md b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/ethernet-interfaces.md index debc5f1625b..6e8ab4defde 100644 --- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/ethernet-interfaces.md +++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/ethernet-interfaces.md @@ -29,7 +29,7 @@ | [    mac_timestamp](## "ethernet_interfaces.[].mac_timestamp") | String | | | Valid Values:
- before-fcs
- replace-fcs
- header | header: Insert timestamp in ethernet header. Supported on platforms like 7500E/R and 7280E/R.
before-fcs: Insert timestamp before fcs field. Supported on platforms like 7150.
replace-fcs: Replace fcs field with timestamp. | | [    trunk_groups](## "ethernet_interfaces.[].trunk_groups") deprecated | List, items: String | | | | This key is deprecated. Support will be removed in AVD version 6.0.0. Use switchport.trunk.groups instead. | | [      - <str>](## "ethernet_interfaces.[].trunk_groups.[]") | String | | | | | - | [    type](## "ethernet_interfaces.[].type") deprecated | String | | | Valid Values:
- routed
- switched
- l3dot1q
- l2dot1q
- port-channel-member | l3dot1q and l2dot1q are used for sub-interfaces. The parent interface should be defined as routed.
The `type = switched/routed` should not be combined with `switchport`.
This key is deprecated. Support will be removed in AVD version 6.0.0. See [here](https://avd.arista.com/stable/docs/release-notes/5.x.x.html#removal-of-type-key-dependency-for-rendering-ethernetport-channel-interfaces-configuration-and-documentation) for details. | + | [    type](## "ethernet_interfaces.[].type") deprecated | String | | | Valid Values:
- routed
- switched
- l3dot1q
- l2dot1q
- port-channel-member | l3dot1q and l2dot1q are used for sub-interfaces. The parent interface should be defined as routed.
The `type = switched/routed` should not be combined with `switchport`.
This key is deprecated. Support will be removed in AVD version 6.0.0. See [here](https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#removal-of-type-key-dependency-for-rendering-ethernetport-channel-interfaces-configuration-and-documentation) for details. | | [    snmp_trap_link_change](## "ethernet_interfaces.[].snmp_trap_link_change") | Boolean | | | | | | [    address_locking](## "ethernet_interfaces.[].address_locking") | Dictionary | | | | | | [      ipv4](## "ethernet_interfaces.[].address_locking.ipv4") | Boolean | | | | Enable address locking for IPv4. | @@ -570,7 +570,7 @@ # The `type = switched/routed` should not be combined with `switchport`. # This key is deprecated. # Support will be removed in AVD version 6.0.0. - # See [here](https://avd.arista.com/stable/docs/release-notes/5.x.x.html#removal-of-type-key-dependency-for-rendering-ethernetport-channel-interfaces-configuration-and-documentation) for details. + # See [here](https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#removal-of-type-key-dependency-for-rendering-ethernetport-channel-interfaces-configuration-and-documentation) for details. type: snmp_trap_link_change: address_locking: diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/generate-default-config.md b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/generate-default-config.md index ca41f832659..9c67a4a78fa 100644 --- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/generate-default-config.md +++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/generate-default-config.md @@ -7,7 +7,7 @@ | Variable | Type | Required | Default | Value Restrictions | Description | | -------- | ---- | -------- | ------- | ------------------ | ----------- | - | [generate_default_config](## "generate_default_config") deprecated | Boolean | | `False` | | The `generate_default_config` knob allows to omit default EOS configuration.
This can be useful when leveraging `eos_cli_config_gen` to generate configlets with CloudVision.

The following commands will be omitted when `generate_default_config` is set to `false`:

- RANCID Content Type
- Hostname (even if `hostname` variable is not set. Then the hostname is picked up from `inventory_hostname`)
- Default configuration for `aaa`
- Default configuration for `enable password`
- Transceiver qsfp default mode
- End of configuration delimiter
This key is deprecated. Support will be removed in AVD version 6.0.0. See [here](https://avd.arista.com/devel/docs/porting-guides/5.x.x.html#default-eos-configuration-is-no-longer-automatically-generated) for details. | + | [generate_default_config](## "generate_default_config") deprecated | Boolean | | `False` | | The `generate_default_config` knob allows to omit default EOS configuration.
This can be useful when leveraging `eos_cli_config_gen` to generate configlets with CloudVision.

The following commands will be omitted when `generate_default_config` is set to `false`:

- RANCID Content Type
- Hostname (even if `hostname` variable is not set. Then the hostname is picked up from `inventory_hostname`)
- Default configuration for `aaa`
- Default configuration for `enable password`
- Transceiver qsfp default mode
- End of configuration delimiter
This key is deprecated. Support will be removed in AVD version 6.0.0. See [here](https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#default-eos-configuration-is-no-longer-automatically-generated) for details. | === "YAML" @@ -25,6 +25,6 @@ # - End of configuration delimiter # This key is deprecated. # Support will be removed in AVD version 6.0.0. - # See [here](https://avd.arista.com/devel/docs/porting-guides/5.x.x.html#default-eos-configuration-is-no-longer-automatically-generated) for details. + # See [here](https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#default-eos-configuration-is-no-longer-automatically-generated) for details. generate_default_config: ``` diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/logging.md b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/logging.md index f786ee5d637..9e47971745f 100644 --- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/logging.md +++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/logging.md @@ -46,7 +46,7 @@ | [        interval](## "logging.event.storm_control.discards.interval") | Integer | | | Min: 10
Max: 65535 | Logging interval in seconds. | | [  level](## "logging.level") | List, items: Dictionary | | | | Configure logging severity. | | [    - facility](## "logging.level.[].facility") | String | Required, Unique | | | | - | [      severity](## "logging.level.[].severity") | String | | | Valid Values:
- alerts
- critical
- debugging
- emergencies
- errors
- informational
- notifications
- warnings
- 0
- 1
- 2
- 3
- 4
- 5
- 6
- 7 | Severity of facility. Below are the supported severites.
emergencies System is unusable (severity=0)
alerts Immediate action needed (severity=1)
critical Critical conditions (severity=2)
errors Error conditions (severity=3)
warnings Warning conditions (severity=4)
notifications Normal but significant conditions (severity=5)
informational Informational messages (severity=6)
debugging Debugging messages (severity=7)
<0-7> Severity level value | + | [      severity](## "logging.level.[].severity") | String | | | Valid Values:
- alerts
- critical
- debugging
- emergencies
- errors
- informational
- notifications
- warnings
- 0
- 1
- 2
- 3
- 4
- 5
- 6
- 7 | Severity of facility. Below are the supported severities.
emergencies System is unusable (severity=0)
alerts Immediate action needed (severity=1)
critical Critical conditions (severity=2)
errors Error conditions (severity=3)
warnings Warning conditions (severity=4)
notifications Normal but significant conditions (severity=5)
informational Informational messages (severity=6)
debugging Debugging messages (severity=7)
<0-7> Severity level value | === "YAML" @@ -127,7 +127,7 @@ level: - facility: - # Severity of facility. Below are the supported severites. + # Severity of facility. Below are the supported severities. # emergencies System is unusable (severity=0) # alerts Immediate action needed (severity=1) # critical Critical conditions (severity=2) diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-telemetry.md b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-telemetry.md index 8e4dac90e2d..883bc1f1380 100644 --- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-telemetry.md +++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-telemetry.md @@ -36,7 +36,7 @@ | [      rate](## "monitor_telemetry_postcard_policy.ingress.sample.rate") | Integer | | | Valid Values:
- 16384
- 32768
- 65536 | Sampling rate. `rate` is preferred when both `rate` and `tcp_udp_checksum` are defined. | | [      tcp_udp_checksum](## "monitor_telemetry_postcard_policy.ingress.sample.tcp_udp_checksum") | Dictionary | | | | TCP/UDP parameters. | | [        value](## "monitor_telemetry_postcard_policy.ingress.sample.tcp_udp_checksum.value") | Integer | | | Min: 0
Max: 65535 | TCP/UDP checksum or IP ID value. | - | [        mask](## "monitor_telemetry_postcard_policy.ingress.sample.tcp_udp_checksum.mask") | String | | | | 16 bit hexadecimal mask for TCP/UDP or IP ID with atmost 2 unset bits. | + | [        mask](## "monitor_telemetry_postcard_policy.ingress.sample.tcp_udp_checksum.mask") | String | | | | 16 bit hexadecimal mask for TCP/UDP or IP ID with at most 2 unset bits. | | [  marker_vxlan](## "monitor_telemetry_postcard_policy.marker_vxlan") | Dictionary | | | | | | [    enabled](## "monitor_telemetry_postcard_policy.marker_vxlan.enabled") | Boolean | | | | Enable vxlan marking using default bit 0. | | [    header_word_zero_bit](## "monitor_telemetry_postcard_policy.marker_vxlan.header_word_zero_bit") | Integer | | | Min: 1
Max: 31 | | @@ -128,7 +128,7 @@ # TCP/UDP checksum or IP ID value. value: - # 16 bit hexadecimal mask for TCP/UDP or IP ID with atmost 2 unset bits. + # 16 bit hexadecimal mask for TCP/UDP or IP ID with at most 2 unset bits. mask: marker_vxlan: diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/port-channel-interfaces.md b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/port-channel-interfaces.md index d4978723fcf..c073d2bd252 100644 --- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/port-channel-interfaces.md +++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/port-channel-interfaces.md @@ -20,7 +20,7 @@ | [    l2_mru](## "port_channel_interfaces.[].l2_mru") | Integer | | | Min: 68
Max: 65535 | "l2_mru" should only be defined for platforms supporting the "l2 mru" CLI.
| | [    vlans](## "port_channel_interfaces.[].vlans") deprecated | String | | | | List of switchport vlans as string.
For a trunk port this would be a range like "1-200,300".
For an access port this would be a single vlan "123".
This key is deprecated. Support will be removed in AVD version 6.0.0. Use switchport.access_vlan or switchport.trunk.allowed_vlan instead. | | [    snmp_trap_link_change](## "port_channel_interfaces.[].snmp_trap_link_change") | Boolean | | | | | - | [    type](## "port_channel_interfaces.[].type") deprecated | String | | | Valid Values:
- routed
- switched
- l3dot1q
- l2dot1q | l3dot1q and l2dot1q are used for sub-interfaces. The parent interface should be defined as routed.
Interface will not be listed in device documentation, unless "type" is set.
This key is deprecated. Support will be removed in AVD version 6.0.0. See [here](https://avd.arista.com/stable/docs/release-notes/5.x.x.html#removal-of-type-key-dependency-for-rendering-ethernetport-channel-interfaces-configuration-and-documentation) for details. | + | [    type](## "port_channel_interfaces.[].type") deprecated | String | | | Valid Values:
- routed
- switched
- l3dot1q
- l2dot1q | l3dot1q and l2dot1q are used for sub-interfaces. The parent interface should be defined as routed.
Interface will not be listed in device documentation, unless "type" is set.
This key is deprecated. Support will be removed in AVD version 6.0.0. See [here](https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#removal-of-type-key-dependency-for-rendering-ethernetport-channel-interfaces-configuration-and-documentation) for details. | | [    encapsulation_dot1q_vlan](## "port_channel_interfaces.[].encapsulation_dot1q_vlan") deprecated | Integer | | | | VLAN tag to configure on sub-interface.This key is deprecated. Support will be removed in AVD version 6.0.0. Use encapsulation_dot1q.vlan instead. | | [    encapsulation_dot1q](## "port_channel_interfaces.[].encapsulation_dot1q") | Dictionary | | | | Warning: `encapsulation_dot1q` should not be combined with `ethernet_interfaces[].type: l3dot1q` or `ethernet_interfaces[].type: l2dot1q`. | | [      vlan](## "port_channel_interfaces.[].encapsulation_dot1q.vlan") | Integer | Required | | Min: 1
Max: 4094 | VLAD ID. | @@ -52,7 +52,7 @@ | [    vlan_id](## "port_channel_interfaces.[].vlan_id") | Integer | | | Min: 1
Max: 4094 | This setting can only be applied to sub-interfaces on EOS.
Warning: `vlan_id` should not be combined with `ethernet_interfaces[].type == l2dot1q`. | | [    mode](## "port_channel_interfaces.[].mode") deprecated | String | | | Valid Values:
- access
- dot1q-tunnel
- trunk
- trunk phone | This key is deprecated. Support will be removed in AVD version 6.0.0. Use switchport.mode instead. | | [    native_vlan](## "port_channel_interfaces.[].native_vlan") deprecated | Integer | | | | If setting both native_vlan and native_vlan_tag, native_vlan_tag takes precedence.This key is deprecated. Support will be removed in AVD version 6.0.0. Use switchport.trunk.native_vlan instead. | - | [    native_vlan_tag](## "port_channel_interfaces.[].native_vlan_tag") deprecated | Boolean | | `False` | | If setting both native_vlan and native_vlan_tag, native_vlan_tag takes precedence.This key is deprecated. Support will be removed in AVD version 6.0.0. Use switchport.trunk.native_vlan_tag instead. | + | [    native_vlan_tag](## "port_channel_interfaces.[].native_vlan_tag") deprecated | Boolean | | | | If setting both native_vlan and native_vlan_tag, native_vlan_tag takes precedence.This key is deprecated. Support will be removed in AVD version 6.0.0. Use switchport.trunk.native_vlan_tag instead. | | [    link_tracking_groups](## "port_channel_interfaces.[].link_tracking_groups") | List, items: Dictionary | | | | | | [      - name](## "port_channel_interfaces.[].link_tracking_groups.[].name") | String | Required, Unique | | | Group name. | | [        direction](## "port_channel_interfaces.[].link_tracking_groups.[].direction") | String | | | Valid Values:
- upstream
- downstream | | @@ -70,7 +70,7 @@ | [    mlag](## "port_channel_interfaces.[].mlag") | Integer | | | Min: 1
Max: 2000 | MLAG ID. | | [    trunk_groups](## "port_channel_interfaces.[].trunk_groups") deprecated | List, items: String | | | | This key is deprecated. Support will be removed in AVD version 6.0.0. Use switchport.trunk.groups instead. | | [      - <str>](## "port_channel_interfaces.[].trunk_groups.[]") | String | | | | | - | [    lacp_fallback_timeout](## "port_channel_interfaces.[].lacp_fallback_timeout") | Integer | | `90` | Min: 0
Max: 300 | Timeout in seconds. | + | [    lacp_fallback_timeout](## "port_channel_interfaces.[].lacp_fallback_timeout") | Integer | | | Min: 0
Max: 300 | Timeout in seconds. EOS default is 90 seconds. | | [    lacp_fallback_mode](## "port_channel_interfaces.[].lacp_fallback_mode") | String | | | Valid Values:
- individual
- static | | | [    qos](## "port_channel_interfaces.[].qos") | Dictionary | | | | | | [      trust](## "port_channel_interfaces.[].qos.trust") | String | | | Valid Values:
- dscp
- cos
- disabled | | @@ -365,7 +365,7 @@ # Interface will not be listed in device documentation, unless "type" is set. # This key is deprecated. # Support will be removed in AVD version 6.0.0. - # See [here](https://avd.arista.com/stable/docs/release-notes/5.x.x.html#removal-of-type-key-dependency-for-rendering-ethernetport-channel-interfaces-configuration-and-documentation) for details. + # See [here](https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#removal-of-type-key-dependency-for-rendering-ethernetport-channel-interfaces-configuration-and-documentation) for details. type: # VLAN tag to configure on sub-interface. @@ -467,7 +467,7 @@ # This key is deprecated. # Support will be removed in AVD version 6.0.0. # Use switchport.trunk.native_vlan_tag instead. - native_vlan_tag: + native_vlan_tag: link_tracking_groups: # Group name. @@ -504,8 +504,8 @@ trunk_groups: - - # Timeout in seconds. - lacp_fallback_timeout: + # Timeout in seconds. EOS default is 90 seconds. + lacp_fallback_timeout: lacp_fallback_mode: qos: trust: diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/input-variables.md b/ansible_collections/arista/avd/roles/eos_designs/docs/input-variables.md index bed4e236970..a4b6744f42e 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/input-variables.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/input-variables.md @@ -722,14 +722,14 @@ The following underlay routing protocols are supported: - EBGP (default for l3ls-evpn) - OSPF. - ISIS. -- ISIS-SR*. -- ISIS-LDP*. -- ISIS-SR-LDP*. -- OSPF-LDP*. -- none**. +- ISIS-SR¹. +- ISIS-LDP¹. +- ISIS-SR-LDP¹. +- OSPF-LDP¹. +- none². -\* Only supported with core_interfaces data model.
-\** For use with design type "l2ls" or other designs where there is no requirement for a routing protocol for underlay and/or overlay on l3 devices. +¹ Only supported with core_interfaces data model.
+² For use with design type "l2ls" or other designs where there is no requirement for a routing protocol for underlay and/or overlay on l3 devices. ??? note "Details on `enable_trunk_groups`" @@ -815,12 +815,12 @@ The following overlay routing protocols are supported: - EBGP (default for l3ls-evpn) - IBGP (only with OSPF or ISIS variants in underlay) -- none* -- HER (Head-End Replication)** +- none¹ +- HER (Head-End Replication)² - CVX (CloudVision eXchange) -\* For use with design type "l2ls" or other designs where there is no requirement for a routing protocol for underlay and/or overlay on l3 devices.
-\** By setting `overlay_routing_protocol:HER`, `eos_designs` will configure static VXLAN flood-lists instead of using a dynamic overlay protocol. +¹ For use with design type "l2ls" or other designs where there is no requirement for a routing protocol for underlay and/or overlay on l3 devices.
+² By setting `overlay_routing_protocol:HER`, `eos_designs` will configure static VXLAN flood-lists instead of using a dynamic overlay protocol. --8<-- roles/eos_designs/docs/tables/overlay-settings.md diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/application-classification.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/application-classification.md index 1457400e8ff..06bcf74586a 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/application-classification.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/application-classification.md @@ -48,7 +48,7 @@ | [        udp_dest_port_set_name](## "application_classification.applications.l4_applications.[].udp_dest_port_set_name") | String | | | | Name of field set for UDP destination ports.
When the `protocols` list contain both `tcp` and `udp`, this key value
must be the same as `tcp_dest_port_set_name`. | | [        tcp_dest_port_set_name](## "application_classification.applications.l4_applications.[].tcp_dest_port_set_name") | String | | | | Name of field set for TCP destination ports.
When the `protocols` list contain both `tcp` and `udp`, this key value
must be the same as `udp_dest_port_set_name`. | | [  application_profiles](## "application_classification.application_profiles") | List, items: Dictionary | | | | Group of applications. | - | [    - name](## "application_classification.application_profiles.[].name") | String | | | | Application Profile name. | + | [    - name](## "application_classification.application_profiles.[].name") | String | Required, Unique | | | Application Profile name. | | [      applications](## "application_classification.application_profiles.[].applications") | List, items: Dictionary | | | | List of applications part of the application profile. | | [        - name](## "application_classification.application_profiles.[].applications.[].name") | String | | | | Application Name. | | [          service](## "application_classification.application_profiles.[].applications.[].service") | String | | | Valid Values:
- audio-video
- chat
- default
- file-transfer
- networking-protocols
- peer-to-peer
- software-update | Service Name.
Specific service to target for this application.
If no service is specified, all supported services of the application are matched.
Not all valid values are valid for all applications, check on EOS CLI. | @@ -206,7 +206,7 @@ application_profiles: # Application Profile name. - - name: + - name: # List of applications part of the application profile. applications: diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/bgp-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/bgp-settings.md index 068574ce6fd..f07e86eafd3 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/bgp-settings.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/bgp-settings.md @@ -76,8 +76,8 @@ | [      multiplier](## "bgp_peer_groups.wan_rr_overlay_peers.bfd_timers.multiplier") | Integer | Required | `10` | Min: 3
Max: 50 | | | [    ttl_maximum_hops](## "bgp_peer_groups.wan_rr_overlay_peers.ttl_maximum_hops") | Integer | | `1` | | | | [    structured_config](## "bgp_peer_groups.wan_rr_overlay_peers.structured_config") | Dictionary | | | | Custom structured config added under router_bgp.peer_groups.[name=] for eos_cli_config_gen. | - | [bgp_update_wait_install](## "bgp_update_wait_install") | Boolean | | | | Do not advertise reachability to a prefix until that prefix has been installed in hardware.
This will eliminate any temporary black holes due to a BGP speaker advertising reachability to a prefix that may not yet be installed into the forwarding plane.
| - | [bgp_update_wait_for_convergence](## "bgp_update_wait_for_convergence") | Boolean | | | | Disables FIB updates and route advertisement when the BGP instance is initiated until the BGP convergence state is reached.
| + | [bgp_update_wait_install](## "bgp_update_wait_install") | Boolean | | `True` | | Do not advertise reachability to a prefix until that prefix has been installed in hardware.
This will eliminate any temporary black holes due to a BGP speaker advertising reachability to a prefix that may not yet be installed into the forwarding plane.
| + | [bgp_update_wait_for_convergence](## "bgp_update_wait_for_convergence") | Boolean | | `False` | | Disables FIB updates and route advertisement when the BGP instance is initiated until the BGP convergence state is reached.
| === "YAML" @@ -260,8 +260,8 @@ # Do not advertise reachability to a prefix until that prefix has been installed in hardware. # This will eliminate any temporary black holes due to a BGP speaker advertising reachability to a prefix that may not yet be installed into the forwarding plane. - bgp_update_wait_install: + bgp_update_wait_install: # Disables FIB updates and route advertisement when the BGP instance is initiated until the BGP convergence state is reached. - bgp_update_wait_for_convergence: + bgp_update_wait_for_convergence: ``` diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/core-interfaces.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/core-interfaces.md index c2033ffcbf6..ccdb0ec2844 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/core-interfaces.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/core-interfaces.md @@ -30,15 +30,16 @@ | [      descriptions](## "core_interfaces.p2p_links_profiles.[].descriptions") | List, items: String | | | | Interface descriptions. | | [        - <str>](## "core_interfaces.p2p_links_profiles.[].descriptions.[]") | String | | | | Description or description template to be used on the ethernet interface.
This can be a template using the AVD string formatter syntax: https://avd.arista.com/devel/roles/eos_designs/docs/how-to/custom-descriptions-names.html#avd-string-formatter-syntax.
The available template fields are:
- `peer`: The name of the peer.
- `interface`: The local interface name.
- `peer_interface`: The interface on the peer.

The default description is set by `default_underlay_p2p_ethernet_description`.
By default the description is templated from the name and interface of the peer. | | [      include_in_underlay_protocol](## "core_interfaces.p2p_links_profiles.[].include_in_underlay_protocol") | Boolean | | `True` | | Add this interface to underlay routing protocol. | - | [      isis_hello_padding](## "core_interfaces.p2p_links_profiles.[].isis_hello_padding") | Boolean | | `False` | | | + | [      isis_hello_padding](## "core_interfaces.p2p_links_profiles.[].isis_hello_padding") | Boolean | | `True` | | | | [      isis_metric](## "core_interfaces.p2p_links_profiles.[].isis_metric") | Integer | | | | | | [      isis_circuit_type](## "core_interfaces.p2p_links_profiles.[].isis_circuit_type") | String | | | Valid Values:
- level-1
- level-2
- level-1-2 | | | [      isis_authentication_mode](## "core_interfaces.p2p_links_profiles.[].isis_authentication_mode") | String | | | Valid Values:
- md5
- text | | | [      isis_authentication_key](## "core_interfaces.p2p_links_profiles.[].isis_authentication_key") | String | | | | Type-7 encrypted password. | + | [      isis_network_type](## "core_interfaces.p2p_links_profiles.[].isis_network_type") | String | | `point-to-point` | Valid Values:
- point-to-point
- broadcast | | | [      mpls_ip](## "core_interfaces.p2p_links_profiles.[].mpls_ip") | Boolean | | | | MPLS parameters. Default value is true if switch.mpls_lsr is true. | | [      mpls_ldp](## "core_interfaces.p2p_links_profiles.[].mpls_ldp") | Boolean | | | | MPLS parameters. Default value is true for ldp underlay variants, otherwise false. | | [      mtu](## "core_interfaces.p2p_links_profiles.[].mtu") | Integer | | | | MTU for this P2P link. Default value same as p2p_uplinks_mtu. | - | [      bfd](## "core_interfaces.p2p_links_profiles.[].bfd") | Boolean | | `False` | | Enable BFD (only considered for BGP). | + | [      bfd](## "core_interfaces.p2p_links_profiles.[].bfd") | Boolean | | | | Enable BFD (only considered for BGP). | | [      ptp](## "core_interfaces.p2p_links_profiles.[].ptp") | Dictionary | | | | PTP parameters. | | [        enabled](## "core_interfaces.p2p_links_profiles.[].ptp.enabled") | Boolean | | `False` | | Enable PTP. | | [      sflow](## "core_interfaces.p2p_links_profiles.[].sflow") | Boolean | | | | Enable sFlow. Overrides `fabric_sflow` setting. | @@ -77,15 +78,16 @@ | [      descriptions](## "core_interfaces.p2p_links.[].descriptions") | List, items: String | | | | Interface descriptions. | | [        - <str>](## "core_interfaces.p2p_links.[].descriptions.[]") | String | | | | Description or description template to be used on the ethernet interface.
This can be a template using the AVD string formatter syntax: https://avd.arista.com/devel/roles/eos_designs/docs/how-to/custom-descriptions-names.html#avd-string-formatter-syntax.
The available template fields are:
- `peer`: The name of the peer.
- `interface`: The local interface name.
- `peer_interface`: The interface on the peer.

The default description is set by `default_underlay_p2p_ethernet_description`.
By default the description is templated from the name and interface of the peer. | | [      include_in_underlay_protocol](## "core_interfaces.p2p_links.[].include_in_underlay_protocol") | Boolean | | `True` | | Add this interface to underlay routing protocol. | - | [      isis_hello_padding](## "core_interfaces.p2p_links.[].isis_hello_padding") | Boolean | | `False` | | | + | [      isis_hello_padding](## "core_interfaces.p2p_links.[].isis_hello_padding") | Boolean | | `True` | | | | [      isis_metric](## "core_interfaces.p2p_links.[].isis_metric") | Integer | | | | | | [      isis_circuit_type](## "core_interfaces.p2p_links.[].isis_circuit_type") | String | | | Valid Values:
- level-1
- level-2
- level-1-2 | | | [      isis_authentication_mode](## "core_interfaces.p2p_links.[].isis_authentication_mode") | String | | | Valid Values:
- md5
- text | | | [      isis_authentication_key](## "core_interfaces.p2p_links.[].isis_authentication_key") | String | | | | Type-7 encrypted password. | + | [      isis_network_type](## "core_interfaces.p2p_links.[].isis_network_type") | String | | `point-to-point` | Valid Values:
- point-to-point
- broadcast | | | [      mpls_ip](## "core_interfaces.p2p_links.[].mpls_ip") | Boolean | | | | MPLS parameters. Default value is true if switch.mpls_lsr is true. | | [      mpls_ldp](## "core_interfaces.p2p_links.[].mpls_ldp") | Boolean | | | | MPLS parameters. Default value is true for ldp underlay variants, otherwise false. | | [      mtu](## "core_interfaces.p2p_links.[].mtu") | Integer | | | | MTU for this P2P link. Default value same as p2p_uplinks_mtu. | - | [      bfd](## "core_interfaces.p2p_links.[].bfd") | Boolean | | `False` | | Enable BFD (only considered for BGP). | + | [      bfd](## "core_interfaces.p2p_links.[].bfd") | Boolean | | | | Enable BFD (only considered for BGP). | | [      ptp](## "core_interfaces.p2p_links.[].ptp") | Dictionary | | | | PTP parameters. | | [        enabled](## "core_interfaces.p2p_links.[].ptp.enabled") | Boolean | | `False` | | Enable PTP. | | [      sflow](## "core_interfaces.p2p_links.[].sflow") | Boolean | | | | Enable sFlow. Overrides `fabric_sflow` setting. | @@ -185,13 +187,14 @@ # Add this interface to underlay routing protocol. include_in_underlay_protocol: - isis_hello_padding: + isis_hello_padding: isis_metric: isis_circuit_type: isis_authentication_mode: # Type-7 encrypted password. isis_authentication_key: + isis_network_type: # MPLS parameters. Default value is true if switch.mpls_lsr is true. mpls_ip: @@ -203,7 +206,7 @@ mtu: # Enable BFD (only considered for BGP). - bfd: + bfd: # PTP parameters. ptp: @@ -330,13 +333,14 @@ # Add this interface to underlay routing protocol. include_in_underlay_protocol: - isis_hello_padding: + isis_hello_padding: isis_metric: isis_circuit_type: isis_authentication_mode: # Type-7 encrypted password. isis_authentication_key: + isis_network_type: # MPLS parameters. Default value is true if switch.mpls_lsr is true. mpls_ip: @@ -348,7 +352,7 @@ mtu: # Enable BFD (only considered for BGP). - bfd: + bfd: # PTP parameters. ptp: diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/cv-pathfinder-internet-exit-policies.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/cv-pathfinder-internet-exit-policies.md index 4dc5f91afdb..300c3847530 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/cv-pathfinder-internet-exit-policies.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/cv-pathfinder-internet-exit-policies.md @@ -12,7 +12,7 @@ | [    type](## "cv_pathfinder_internet_exit_policies.[].type") | String | Required | | Valid Values:
- direct
- zscaler | Internet-exit policy type.
direct: Exit directly over wan interfaces
zscaler: Exit using Zscaler secure web gateway service | | [    fallback_to_system_default](## "cv_pathfinder_internet_exit_policies.[].fallback_to_system_default") | Boolean | | `True` | | Add system default exit-group at the end of the policy. | | [    zscaler](## "cv_pathfinder_internet_exit_policies.[].zscaler") | Dictionary | | | | Zscaler information. Only used if `type` is 'zscaler'. | - | [      ipsec_key_salt](## "cv_pathfinder_internet_exit_policies.[].zscaler.ipsec_key_salt") | String | Required | | | "Salt" used for auto generation of encryption keys for IPsec tunnels to Zscaler.
The keys will be generated as a hash of `salt__`.
Since this salt can be used to deduct the encryption key, it is recommeneded to use vault. | + | [      ipsec_key_salt](## "cv_pathfinder_internet_exit_policies.[].zscaler.ipsec_key_salt") | String | Required | | | "Salt" used for auto generation of encryption keys for IPsec tunnels to Zscaler.
The keys will be generated as a hash of `salt__`.
Since this salt can be used to deduct the encryption key, it is recommended to use vault. | | [      domain_name](## "cv_pathfinder_internet_exit_policies.[].zscaler.domain_name") | String | Required | | | Domain name as configured in Zscaler for the tenant. Used as UFQDN suffix for authentication. | | [      encrypt_traffic](## "cv_pathfinder_internet_exit_policies.[].zscaler.encrypt_traffic") | Boolean | | `True` | | When `true` the traffic going over the tunnels will be encrypted with AES-256-GCM. Otherwise the traffic will be using NULL encryption.
Note that encryption requires a subscription on the Zscaler account. | | [      download_bandwidth](## "cv_pathfinder_internet_exit_policies.[].zscaler.download_bandwidth") | Integer | | | | Maximum allowed download bandwidth in Mbps for each device using this policy. | @@ -46,7 +46,7 @@ # "Salt" used for auto generation of encryption keys for IPsec tunnels to Zscaler. # The keys will be generated as a hash of `salt__`. - # Since this salt can be used to deduct the encryption key, it is recommeneded to use vault. + # Since this salt can be used to deduct the encryption key, it is recommended to use vault. ipsec_key_salt: # Domain name as configured in Zscaler for the tenant. Used as UFQDN suffix for authentication. diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/design.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/design.md index 3fb92432ded..f939ec8a20b 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/design.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/design.md @@ -7,7 +7,7 @@ | Variable | Type | Required | Default | Value Restrictions | Description | | -------- | ---- | -------- | ------- | ------------------ | ----------- | - | [design](## "design") deprecated | Dictionary | | | | This key is deprecated. Support will be removed in AVD version 6.0.0. See [here](https://avd.arista.com/stable/docs/release-notes/5.x.x.html#deprecation_of_design.type) for details. | + | [design](## "design") deprecated | Dictionary | | | | This key is deprecated. Support will be removed in AVD version 6.0.0. See [here](https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#deprecation-of-designtype) for details. | | [  type](## "design.type") | String | | `l3ls-evpn` | Valid Values:
- l3ls-evpn
- mpls
- l2ls | By setting the design.type variable, the default node-types and templates described in these documents will be used.
| === "YAML" @@ -15,7 +15,7 @@ ```yaml # This key is deprecated. # Support will be removed in AVD version 6.0.0. - # See [here](https://avd.arista.com/stable/docs/release-notes/5.x.x.html#deprecation_of_design.type) for details. + # See [here](https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#deprecation-of-designtype) for details. design: # By setting the design.type variable, the default node-types and templates described in these documents will be used. diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/evpn-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/evpn-settings.md index 1ed5abe5f14..15905d32d6b 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/evpn-settings.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/evpn-settings.md @@ -21,7 +21,7 @@ | [evpn_prevent_readvertise_to_server](## "evpn_prevent_readvertise_to_server") | Boolean | | `False` | | Configure route-map on eBGP sessions towards route-servers, where prefixes with the peer's ASN in the AS Path are filtered away.
This is very useful in large-scale networks, where convergence will be quicker by not returning all updates received
from Route-server-1 to Router-server-2 just for Route-server-2 to throw them away because of AS Path loop detection.
| | [evpn_short_esi_prefix](## "evpn_short_esi_prefix") | String | | `0000:0000:` | | Configure prefix for "short_esi" values. | | [evpn_vlan_aware_bundles](## "evpn_vlan_aware_bundles") | Boolean | | `False` | | Enable VLAN aware bundles for every EVPN MAC-VRF.
If set to `true` all SVIs in a VRF are configured in a vlan-aware-bundle using the VRF name as the bundle name. `l2vlans` are bundled in vlan-aware-bundles using the VLAN name as the bundle name.

The `evpn_vlan_bundle` option under `svis` and `l2vlans` takes precedence and overrides this behavior. Per svi/l2vlan `evpn_vlan_bundle` also works when this setting is disabled which allow mixing vlan-aware-bundles with regular MAC-VRFs. | - | [fabric_evpn_encapsulation](## "fabric_evpn_encapsulation") | String | | `vxlan` | Valid Values:
- vxlan
- mpls | Should be set to mpls for evpn-mpls scenario. | + | [fabric_evpn_encapsulation](## "fabric_evpn_encapsulation") | String | | | Valid Values:
- vxlan
- mpls | Should be set to mpls for evpn-mpls scenario. This overrides the evpn_encapsulation setting under node_type_keys. | === "YAML" @@ -83,6 +83,6 @@ # The `evpn_vlan_bundle` option under `svis` and `l2vlans` takes precedence and overrides this behavior. Per svi/l2vlan `evpn_vlan_bundle` also works when this setting is disabled which allow mixing vlan-aware-bundles with regular MAC-VRFs. evpn_vlan_aware_bundles: - # Should be set to mpls for evpn-mpls scenario. - fabric_evpn_encapsulation: + # Should be set to mpls for evpn-mpls scenario. This overrides the evpn_encapsulation setting under node_type_keys. + fabric_evpn_encapsulation: ``` diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/fabric-ip-addressing.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/fabric-ip-addressing.md index a636aad54f2..d67e102570b 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/fabric-ip-addressing.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/fabric-ip-addressing.md @@ -9,7 +9,7 @@ | -------- | ---- | -------- | ------- | ------------------ | ----------- | | [fabric_ip_addressing](## "fabric_ip_addressing") | Dictionary | | | | | | [  mlag](## "fabric_ip_addressing.mlag") | Dictionary | | | | | - | [    algorithm](## "fabric_ip_addressing.mlag.algorithm") | String | | `first_id` | Valid Values:
- first_id
- odd_id
- same_subnet | This variable defines the Multi-chassis Link Aggregation (MLAG) algorithm used.
Each MLAG link will have a /31* subnet with each subnet allocated from the relevant MLAG pool via a calculated offset.
The offset is calculated using one of the following algorithms:
- first_id: `(mlag_primary_id - 1) * 2` where `mlag_primary_id` is the ID of the first node defined under the node_group.
This allocation method will skip every other /31* subnet making it less space efficient than `odd_id`.
- odd_id: `(odd_id - 1) / 2`. Requires the node_group to have a node with an odd ID and a node with an even ID.
- same_subnet: the offset will always be zero.
This allocation method will cause every MLAG link to be addressed with the same /31* subnet.
\* - The prefix length is configurable with a default of /31. | + | [    algorithm](## "fabric_ip_addressing.mlag.algorithm") | String | | `first_id` | Valid Values:
- first_id
- odd_id
- same_subnet | This variable defines the Multi-chassis Link Aggregation (MLAG) algorithm used.
Each MLAG link will have a /31¹ subnet with each subnet allocated from the relevant MLAG pool via a calculated offset.
The offset is calculated using one of the following algorithms:
- first_id: `(mlag_primary_id - 1) * 2` where `mlag_primary_id` is the ID of the first node defined under the node_group.
This allocation method will skip every other /31¹ subnet making it less space efficient than `odd_id`.
- odd_id: `(odd_id - 1) / 2`. Requires the node_group to have a node with an odd ID and a node with an even ID.
- same_subnet: the offset will always be zero.
This allocation method will cause every MLAG link to be addressed with the same /31¹ subnet.
¹ The prefix length is configurable with a default of /31. | | [    ipv4_prefix_length](## "fabric_ip_addressing.mlag.ipv4_prefix_length") | Integer | | `31` | Min: 1
Max: 31 | IPv4 prefix length used for MLAG peer-vlan and L3 point-to-point SVIs over the MLAG peer-link. | | [    ipv6_prefix_length](## "fabric_ip_addressing.mlag.ipv6_prefix_length") | Integer | | `64` | Min: 1
Max: 127 | IPv6 prefix length used for MLAG peer-vlan and L3 point-to-point SVIs over the MLAG peer-link. | | [  p2p_uplinks](## "fabric_ip_addressing.p2p_uplinks") | Dictionary | | | | | @@ -24,14 +24,14 @@ mlag: # This variable defines the Multi-chassis Link Aggregation (MLAG) algorithm used. - # Each MLAG link will have a /31* subnet with each subnet allocated from the relevant MLAG pool via a calculated offset. + # Each MLAG link will have a /31¹ subnet with each subnet allocated from the relevant MLAG pool via a calculated offset. # The offset is calculated using one of the following algorithms: # - first_id: `(mlag_primary_id - 1) * 2` where `mlag_primary_id` is the ID of the first node defined under the node_group. - # This allocation method will skip every other /31* subnet making it less space efficient than `odd_id`. + # This allocation method will skip every other /31¹ subnet making it less space efficient than `odd_id`. # - odd_id: `(odd_id - 1) / 2`. Requires the node_group to have a node with an odd ID and a node with an even ID. # - same_subnet: the offset will always be zero. - # This allocation method will cause every MLAG link to be addressed with the same /31* subnet. - # \* - The prefix length is configurable with a default of /31. + # This allocation method will cause every MLAG link to be addressed with the same /31¹ subnet. + # ¹ The prefix length is configurable with a default of /31. algorithm: # IPv4 prefix length used for MLAG peer-vlan and L3 point-to-point SVIs over the MLAG peer-link. diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/isis-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/isis-settings.md index 279506da878..54efbd73e01 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/isis-settings.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/isis-settings.md @@ -12,7 +12,7 @@ | [isis_default_circuit_type](## "isis_default_circuit_type") | String | | `level-2` | Valid Values:
- level-1-2
- level-1
- level-2 | These fabric level parameters can be used with core_interfaces running ISIS, and may be overridden on link profile or link level.
| | [isis_default_is_type](## "isis_default_is_type") | String | | `level-2` | Valid Values:
- level-1-2
- level-1
- level-2 | | | [isis_default_metric](## "isis_default_metric") | Integer | | `50` | | These fabric level parameters can be used with core_interfaces running ISIS, and may be overridden at link profile or link level.
| - | [isis_maximum_paths](## "isis_maximum_paths") | Integer | | | | Number of path to configure in ECMP for ISIS. | + | [isis_maximum_paths](## "isis_maximum_paths") | Integer | | `4` | | Number of path to configure in ECMP for ISIS. | | [isis_system_id_format](## "isis_system_id_format") | String | | `underlay_loopback` | Valid Values:
- node_id
- underlay_loopback | Configures source for the system-id within the ISIS net id.
If this key is set to `node_id`, the fields `id` and `isis_system_id_prefix` configured under the node attributes are used to generate the system-id.
If `underlay_loopback` is selected then all node `isis_system_id_prefix` settings will be ignored and the loopback address will be used to generate the system-id. | | [isis_ti_lfa](## "isis_ti_lfa") | Dictionary | | | | | | [  enabled](## "isis_ti_lfa.enabled") | Boolean | | `False` | | | @@ -35,7 +35,7 @@ isis_default_metric: # Number of path to configure in ECMP for ISIS. - isis_maximum_paths: + isis_maximum_paths: # Configures source for the system-id within the ISIS net id. # If this key is set to `node_id`, the fields `id` and `isis_system_id_prefix` configured under the node attributes are used to generate the system-id. diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/l3-edge.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/l3-edge.md index 093608ced46..40eb4f7d50e 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/l3-edge.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/l3-edge.md @@ -30,15 +30,16 @@ | [      descriptions](## "l3_edge.p2p_links_profiles.[].descriptions") | List, items: String | | | | Interface descriptions. | | [        - <str>](## "l3_edge.p2p_links_profiles.[].descriptions.[]") | String | | | | Description or description template to be used on the ethernet interface.
This can be a template using the AVD string formatter syntax: https://avd.arista.com/devel/roles/eos_designs/docs/how-to/custom-descriptions-names.html#avd-string-formatter-syntax.
The available template fields are:
- `peer`: The name of the peer.
- `interface`: The local interface name.
- `peer_interface`: The interface on the peer.

The default description is set by `default_underlay_p2p_ethernet_description`.
By default the description is templated from the name and interface of the peer. | | [      include_in_underlay_protocol](## "l3_edge.p2p_links_profiles.[].include_in_underlay_protocol") | Boolean | | `True` | | Add this interface to underlay routing protocol. | - | [      isis_hello_padding](## "l3_edge.p2p_links_profiles.[].isis_hello_padding") | Boolean | | `False` | | | + | [      isis_hello_padding](## "l3_edge.p2p_links_profiles.[].isis_hello_padding") | Boolean | | `True` | | | | [      isis_metric](## "l3_edge.p2p_links_profiles.[].isis_metric") | Integer | | | | | | [      isis_circuit_type](## "l3_edge.p2p_links_profiles.[].isis_circuit_type") | String | | | Valid Values:
- level-1
- level-2
- level-1-2 | | | [      isis_authentication_mode](## "l3_edge.p2p_links_profiles.[].isis_authentication_mode") | String | | | Valid Values:
- md5
- text | | | [      isis_authentication_key](## "l3_edge.p2p_links_profiles.[].isis_authentication_key") | String | | | | Type-7 encrypted password. | + | [      isis_network_type](## "l3_edge.p2p_links_profiles.[].isis_network_type") | String | | `point-to-point` | Valid Values:
- point-to-point
- broadcast | | | [      mpls_ip](## "l3_edge.p2p_links_profiles.[].mpls_ip") | Boolean | | | | MPLS parameters. Default value is true if switch.mpls_lsr is true. | | [      mpls_ldp](## "l3_edge.p2p_links_profiles.[].mpls_ldp") | Boolean | | | | MPLS parameters. Default value is true for ldp underlay variants, otherwise false. | | [      mtu](## "l3_edge.p2p_links_profiles.[].mtu") | Integer | | | | MTU for this P2P link. Default value same as p2p_uplinks_mtu. | - | [      bfd](## "l3_edge.p2p_links_profiles.[].bfd") | Boolean | | `False` | | Enable BFD (only considered for BGP). | + | [      bfd](## "l3_edge.p2p_links_profiles.[].bfd") | Boolean | | | | Enable BFD (only considered for BGP). | | [      ptp](## "l3_edge.p2p_links_profiles.[].ptp") | Dictionary | | | | PTP parameters. | | [        enabled](## "l3_edge.p2p_links_profiles.[].ptp.enabled") | Boolean | | `False` | | Enable PTP. | | [      sflow](## "l3_edge.p2p_links_profiles.[].sflow") | Boolean | | | | Enable sFlow. Overrides `fabric_sflow` setting. | @@ -77,15 +78,16 @@ | [      descriptions](## "l3_edge.p2p_links.[].descriptions") | List, items: String | | | | Interface descriptions. | | [        - <str>](## "l3_edge.p2p_links.[].descriptions.[]") | String | | | | Description or description template to be used on the ethernet interface.
This can be a template using the AVD string formatter syntax: https://avd.arista.com/devel/roles/eos_designs/docs/how-to/custom-descriptions-names.html#avd-string-formatter-syntax.
The available template fields are:
- `peer`: The name of the peer.
- `interface`: The local interface name.
- `peer_interface`: The interface on the peer.

The default description is set by `default_underlay_p2p_ethernet_description`.
By default the description is templated from the name and interface of the peer. | | [      include_in_underlay_protocol](## "l3_edge.p2p_links.[].include_in_underlay_protocol") | Boolean | | `True` | | Add this interface to underlay routing protocol. | - | [      isis_hello_padding](## "l3_edge.p2p_links.[].isis_hello_padding") | Boolean | | `False` | | | + | [      isis_hello_padding](## "l3_edge.p2p_links.[].isis_hello_padding") | Boolean | | `True` | | | | [      isis_metric](## "l3_edge.p2p_links.[].isis_metric") | Integer | | | | | | [      isis_circuit_type](## "l3_edge.p2p_links.[].isis_circuit_type") | String | | | Valid Values:
- level-1
- level-2
- level-1-2 | | | [      isis_authentication_mode](## "l3_edge.p2p_links.[].isis_authentication_mode") | String | | | Valid Values:
- md5
- text | | | [      isis_authentication_key](## "l3_edge.p2p_links.[].isis_authentication_key") | String | | | | Type-7 encrypted password. | + | [      isis_network_type](## "l3_edge.p2p_links.[].isis_network_type") | String | | `point-to-point` | Valid Values:
- point-to-point
- broadcast | | | [      mpls_ip](## "l3_edge.p2p_links.[].mpls_ip") | Boolean | | | | MPLS parameters. Default value is true if switch.mpls_lsr is true. | | [      mpls_ldp](## "l3_edge.p2p_links.[].mpls_ldp") | Boolean | | | | MPLS parameters. Default value is true for ldp underlay variants, otherwise false. | | [      mtu](## "l3_edge.p2p_links.[].mtu") | Integer | | | | MTU for this P2P link. Default value same as p2p_uplinks_mtu. | - | [      bfd](## "l3_edge.p2p_links.[].bfd") | Boolean | | `False` | | Enable BFD (only considered for BGP). | + | [      bfd](## "l3_edge.p2p_links.[].bfd") | Boolean | | | | Enable BFD (only considered for BGP). | | [      ptp](## "l3_edge.p2p_links.[].ptp") | Dictionary | | | | PTP parameters. | | [        enabled](## "l3_edge.p2p_links.[].ptp.enabled") | Boolean | | `False` | | Enable PTP. | | [      sflow](## "l3_edge.p2p_links.[].sflow") | Boolean | | | | Enable sFlow. Overrides `fabric_sflow` setting. | @@ -185,13 +187,14 @@ # Add this interface to underlay routing protocol. include_in_underlay_protocol: - isis_hello_padding: + isis_hello_padding: isis_metric: isis_circuit_type: isis_authentication_mode: # Type-7 encrypted password. isis_authentication_key: + isis_network_type: # MPLS parameters. Default value is true if switch.mpls_lsr is true. mpls_ip: @@ -203,7 +206,7 @@ mtu: # Enable BFD (only considered for BGP). - bfd: + bfd: # PTP parameters. ptp: @@ -330,13 +333,14 @@ # Add this interface to underlay routing protocol. include_in_underlay_protocol: - isis_hello_padding: + isis_hello_padding: isis_metric: isis_circuit_type: isis_authentication_mode: # Type-7 encrypted password. isis_authentication_key: + isis_network_type: # MPLS parameters. Default value is true if switch.mpls_lsr is true. mpls_ip: @@ -348,7 +352,7 @@ mtu: # Enable BFD (only considered for BGP). - bfd: + bfd: # PTP parameters. ptp: diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/management-flow-tracking-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/management-flow-tracking-settings.md index c0284a1b5fb..5eddb2ca443 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/management-flow-tracking-settings.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/management-flow-tracking-settings.md @@ -9,32 +9,32 @@ | -------- | ---- | -------- | ------- | ------------------ | ----------- | | [fabric_flow_tracking](## "fabric_flow_tracking") | Dictionary | | | | Default enabling of flow-tracking(IPFIX) for various interface types across the fabric.
Flow Tracking can also be enabled/disabled under each of the specific data models.
For general flow-tracking settings see `flow_tracking_settings`. | | [  uplinks](## "fabric_flow_tracking.uplinks") | Dictionary | | | | Enable flow-tracking on all fabric uplinks. | - | [    enabled](## "fabric_flow_tracking.uplinks.enabled") | Boolean | | | | | - | [    name](## "fabric_flow_tracking.uplinks.name") | String | | | | Flow tracker name as defined in flow_tracking_settings. | + | [    enabled](## "fabric_flow_tracking.uplinks.enabled") | Boolean | | `False` | | | + | [    name](## "fabric_flow_tracking.uplinks.name") | String | | `FLOW-TRACKER` | | Flow tracker name as defined in flow_tracking_settings. | | [  downlinks](## "fabric_flow_tracking.downlinks") | Dictionary | | | | Enable flow-tracking on all fabric downlinks. | - | [    enabled](## "fabric_flow_tracking.downlinks.enabled") | Boolean | | | | | - | [    name](## "fabric_flow_tracking.downlinks.name") | String | | | | Flow tracker name as defined in flow_tracking_settings. | + | [    enabled](## "fabric_flow_tracking.downlinks.enabled") | Boolean | | `False` | | | + | [    name](## "fabric_flow_tracking.downlinks.name") | String | | `FLOW-TRACKER` | | Flow tracker name as defined in flow_tracking_settings. | | [  endpoints](## "fabric_flow_tracking.endpoints") | Dictionary | | | | Enable flow-tracking on all endpoints ports. | - | [    enabled](## "fabric_flow_tracking.endpoints.enabled") | Boolean | | | | | - | [    name](## "fabric_flow_tracking.endpoints.name") | String | | | | Flow tracker name as defined in flow_tracking_settings. | + | [    enabled](## "fabric_flow_tracking.endpoints.enabled") | Boolean | | `False` | | | + | [    name](## "fabric_flow_tracking.endpoints.name") | String | | `FLOW-TRACKER` | | Flow tracker name as defined in flow_tracking_settings. | | [  l3_edge](## "fabric_flow_tracking.l3_edge") | Dictionary | | | | Enable flow-tracking on all p2p_links defined under l3_edge. | - | [    enabled](## "fabric_flow_tracking.l3_edge.enabled") | Boolean | | | | | - | [    name](## "fabric_flow_tracking.l3_edge.name") | String | | | | Flow tracker name as defined in flow_tracking_settings. | + | [    enabled](## "fabric_flow_tracking.l3_edge.enabled") | Boolean | | `False` | | | + | [    name](## "fabric_flow_tracking.l3_edge.name") | String | | `FLOW-TRACKER` | | Flow tracker name as defined in flow_tracking_settings. | | [  core_interfaces](## "fabric_flow_tracking.core_interfaces") | Dictionary | | | | Enable flow-tracking on all p2p_links defined under core_interfaces. | - | [    enabled](## "fabric_flow_tracking.core_interfaces.enabled") | Boolean | | | | | - | [    name](## "fabric_flow_tracking.core_interfaces.name") | String | | | | Flow tracker name as defined in flow_tracking_settings. | + | [    enabled](## "fabric_flow_tracking.core_interfaces.enabled") | Boolean | | `False` | | | + | [    name](## "fabric_flow_tracking.core_interfaces.name") | String | | `FLOW-TRACKER` | | Flow tracker name as defined in flow_tracking_settings. | | [  mlag_interfaces](## "fabric_flow_tracking.mlag_interfaces") | Dictionary | | | | Enable flow-tracking on all MLAG peer interfaces. | - | [    enabled](## "fabric_flow_tracking.mlag_interfaces.enabled") | Boolean | | | | | - | [    name](## "fabric_flow_tracking.mlag_interfaces.name") | String | | | | Flow tracker name as defined in flow_tracking_settings. | + | [    enabled](## "fabric_flow_tracking.mlag_interfaces.enabled") | Boolean | | `False` | | | + | [    name](## "fabric_flow_tracking.mlag_interfaces.name") | String | | `FLOW-TRACKER` | | Flow tracker name as defined in flow_tracking_settings. | | [  l3_interfaces](## "fabric_flow_tracking.l3_interfaces") | Dictionary | | | | Enable flow-tracking on all node.l3_interfaces and network-services tenants.vrfs.l3_interfaces. | - | [    enabled](## "fabric_flow_tracking.l3_interfaces.enabled") | Boolean | | | | | - | [    name](## "fabric_flow_tracking.l3_interfaces.name") | String | | | | Flow tracker name as defined in flow_tracking_settings. | + | [    enabled](## "fabric_flow_tracking.l3_interfaces.enabled") | Boolean | | `False` | | | + | [    name](## "fabric_flow_tracking.l3_interfaces.name") | String | | `FLOW-TRACKER` | | Flow tracker name as defined in flow_tracking_settings. | | [  dps_interfaces](## "fabric_flow_tracking.dps_interfaces") | Dictionary | | | | Enable flow-tracking on all dps_interfaces. | - | [    enabled](## "fabric_flow_tracking.dps_interfaces.enabled") | Boolean | | | | | - | [    name](## "fabric_flow_tracking.dps_interfaces.name") | String | | | | Flow tracker name as defined in flow_tracking_settings. | + | [    enabled](## "fabric_flow_tracking.dps_interfaces.enabled") | Boolean | | `True` | | | + | [    name](## "fabric_flow_tracking.dps_interfaces.name") | String | | `FLOW-TRACKER` | | Flow tracker name as defined in flow_tracking_settings. | | [  direct_wan_ha_links](## "fabric_flow_tracking.direct_wan_ha_links") | Dictionary | | | | Enable flow-tracking on all direct WAN HA links. | - | [    enabled](## "fabric_flow_tracking.direct_wan_ha_links.enabled") | Boolean | | | | | - | [    name](## "fabric_flow_tracking.direct_wan_ha_links.name") | String | | | | Flow tracker name as defined in flow_tracking_settings. | + | [    enabled](## "fabric_flow_tracking.direct_wan_ha_links.enabled") | Boolean | | `False` | | | + | [    name](## "fabric_flow_tracking.direct_wan_ha_links.name") | String | | `FLOW-TRACKER` | | Flow tracker name as defined in flow_tracking_settings. | | [flow_tracking_settings](## "flow_tracking_settings") | Dictionary | | | | Define the flow tracking parameters for this topology. | | [  sampled](## "flow_tracking_settings.sampled") | Dictionary | | | | The options relevant only for flow tracker type sampled. | | [    encapsulation](## "flow_tracking_settings.sampled.encapsulation") | Dictionary | | | | | @@ -77,66 +77,66 @@ # Enable flow-tracking on all fabric uplinks. uplinks: - enabled: + enabled: # Flow tracker name as defined in flow_tracking_settings. - name: + name: # Enable flow-tracking on all fabric downlinks. downlinks: - enabled: + enabled: # Flow tracker name as defined in flow_tracking_settings. - name: + name: # Enable flow-tracking on all endpoints ports. endpoints: - enabled: + enabled: # Flow tracker name as defined in flow_tracking_settings. - name: + name: # Enable flow-tracking on all p2p_links defined under l3_edge. l3_edge: - enabled: + enabled: # Flow tracker name as defined in flow_tracking_settings. - name: + name: # Enable flow-tracking on all p2p_links defined under core_interfaces. core_interfaces: - enabled: + enabled: # Flow tracker name as defined in flow_tracking_settings. - name: + name: # Enable flow-tracking on all MLAG peer interfaces. mlag_interfaces: - enabled: + enabled: # Flow tracker name as defined in flow_tracking_settings. - name: + name: # Enable flow-tracking on all node.l3_interfaces and network-services tenants.vrfs.l3_interfaces. l3_interfaces: - enabled: + enabled: # Flow tracker name as defined in flow_tracking_settings. - name: + name: # Enable flow-tracking on all dps_interfaces. dps_interfaces: - enabled: + enabled: # Flow tracker name as defined in flow_tracking_settings. - name: + name: # Enable flow-tracking on all direct WAN HA links. direct_wan_ha_links: - enabled: + enabled: # Flow tracker name as defined in flow_tracking_settings. - name: + name: # Define the flow tracking parameters for this topology. flow_tracking_settings: diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/management-source-interfaces-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/management-source-interfaces-settings.md index e7d29c21246..9ba932e7543 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/management-source-interfaces-settings.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/management-source-interfaces-settings.md @@ -9,23 +9,23 @@ | -------- | ---- | -------- | ------- | ------------------ | ----------- | | [source_interfaces](## "source_interfaces") | Dictionary | | | | Configure source-interfaces based on the management interfaces set for other `eos_designs` data models.
By default, no source-interfaces will be configured. They can still be configured manually using `eos_cli_config_gen` and custom structured configuration.
EOS supports a single source-interface per VRF, so an error will be raised in case of conflicts.
Errors will also be raised if an interface is not found for a device. | | [  domain_lookup](## "source_interfaces.domain_lookup") | Dictionary | | | | IP Domain Lookup source-interfaces. | - | [    mgmt_interface](## "source_interfaces.domain_lookup.mgmt_interface") | Boolean | | | | Configure an IP Domain Lookup source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`.
`mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. | - | [    inband_mgmt_interface](## "source_interfaces.domain_lookup.inband_mgmt_interface") | Boolean | | | | Configure an IP Domain Lookup source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`.
`inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. | + | [    mgmt_interface](## "source_interfaces.domain_lookup.mgmt_interface") | Boolean | | `False` | | Configure an IP Domain Lookup source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`.
`mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. | + | [    inband_mgmt_interface](## "source_interfaces.domain_lookup.inband_mgmt_interface") | Boolean | | `False` | | Configure an IP Domain Lookup source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`.
`inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. | | [  http_client](## "source_interfaces.http_client") | Dictionary | | | | IP HTTP Client source-interfaces. | - | [    mgmt_interface](## "source_interfaces.http_client.mgmt_interface") | Boolean | | | | Configure an IP HTTP Client source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`.
`mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. | - | [    inband_mgmt_interface](## "source_interfaces.http_client.inband_mgmt_interface") | Boolean | | | | Configure an IP HTTP Client source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`.
`inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. | + | [    mgmt_interface](## "source_interfaces.http_client.mgmt_interface") | Boolean | | `False` | | Configure an IP HTTP Client source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`.
`mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. | + | [    inband_mgmt_interface](## "source_interfaces.http_client.inband_mgmt_interface") | Boolean | | `False` | | Configure an IP HTTP Client source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`.
`inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. | | [  radius](## "source_interfaces.radius") | Dictionary | | | | IP Radius source-interfaces. | - | [    mgmt_interface](## "source_interfaces.radius.mgmt_interface") | Boolean | | | | Configure an IP Radius source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`.
`mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. | - | [    inband_mgmt_interface](## "source_interfaces.radius.inband_mgmt_interface") | Boolean | | | | Configure an IP Radius source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`.
`inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. | + | [    mgmt_interface](## "source_interfaces.radius.mgmt_interface") | Boolean | | `False` | | Configure an IP Radius source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`.
`mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. | + | [    inband_mgmt_interface](## "source_interfaces.radius.inband_mgmt_interface") | Boolean | | `False` | | Configure an IP Radius source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`.
`inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. | | [  snmp](## "source_interfaces.snmp") | Dictionary | | | | SNMP local-interfaces. | - | [    mgmt_interface](## "source_interfaces.snmp.mgmt_interface") | Boolean | | | | Configure a SNMP local-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`.
`mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. | - | [    inband_mgmt_interface](## "source_interfaces.snmp.inband_mgmt_interface") | Boolean | | | | Configure a SNMP local-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`.
`inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. | + | [    mgmt_interface](## "source_interfaces.snmp.mgmt_interface") | Boolean | | `False` | | Configure a SNMP local-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`.
`mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. | + | [    inband_mgmt_interface](## "source_interfaces.snmp.inband_mgmt_interface") | Boolean | | `False` | | Configure a SNMP local-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`.
`inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. | | [  ssh_client](## "source_interfaces.ssh_client") | Dictionary | | | | IP SSH Client source-interfaces. | - | [    mgmt_interface](## "source_interfaces.ssh_client.mgmt_interface") | Boolean | | | | Configure an IP SSH Client source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`.
`mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. | - | [    inband_mgmt_interface](## "source_interfaces.ssh_client.inband_mgmt_interface") | Boolean | | | | Configure an IP SSH Client source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`.
`inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. | + | [    mgmt_interface](## "source_interfaces.ssh_client.mgmt_interface") | Boolean | | `False` | | Configure an IP SSH Client source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`.
`mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. | + | [    inband_mgmt_interface](## "source_interfaces.ssh_client.inband_mgmt_interface") | Boolean | | `False` | | Configure an IP SSH Client source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`.
`inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. | | [  tacacs](## "source_interfaces.tacacs") | Dictionary | | | | IP Tacacs source-interfaces. | - | [    mgmt_interface](## "source_interfaces.tacacs.mgmt_interface") | Boolean | | | | Configure an IP Tacacs source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`.
`mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. | - | [    inband_mgmt_interface](## "source_interfaces.tacacs.inband_mgmt_interface") | Boolean | | | | Configure an IP Tacacs source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`.
`inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. | + | [    mgmt_interface](## "source_interfaces.tacacs.mgmt_interface") | Boolean | | `False` | | Configure an IP Tacacs source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`.
`mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. | + | [    inband_mgmt_interface](## "source_interfaces.tacacs.inband_mgmt_interface") | Boolean | | `False` | | Configure an IP Tacacs source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`.
`inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. | === "YAML" @@ -41,64 +41,64 @@ # Configure an IP Domain Lookup source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`. # `mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. - mgmt_interface: + mgmt_interface: # Configure an IP Domain Lookup source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`. # `inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. - inband_mgmt_interface: + inband_mgmt_interface: # IP HTTP Client source-interfaces. http_client: # Configure an IP HTTP Client source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`. # `mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. - mgmt_interface: + mgmt_interface: # Configure an IP HTTP Client source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`. # `inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. - inband_mgmt_interface: + inband_mgmt_interface: # IP Radius source-interfaces. radius: # Configure an IP Radius source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`. # `mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. - mgmt_interface: + mgmt_interface: # Configure an IP Radius source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`. # `inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. - inband_mgmt_interface: + inband_mgmt_interface: # SNMP local-interfaces. snmp: # Configure a SNMP local-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`. # `mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. - mgmt_interface: + mgmt_interface: # Configure a SNMP local-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`. # `inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. - inband_mgmt_interface: + inband_mgmt_interface: # IP SSH Client source-interfaces. ssh_client: # Configure an IP SSH Client source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`. # `mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. - mgmt_interface: + mgmt_interface: # Configure an IP SSH Client source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`. # `inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. - inband_mgmt_interface: + inband_mgmt_interface: # IP Tacacs source-interfaces. tacacs: # Configure an IP Tacacs source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`. # `mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. - mgmt_interface: + mgmt_interface: # Configure an IP Tacacs source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`. # `inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. - inband_mgmt_interface: + inband_mgmt_interface: ``` diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-l2vlans-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-l2vlans-settings.md index 57ff625e812..d74a701e474 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-l2vlans-settings.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-l2vlans-settings.md @@ -15,7 +15,7 @@ | [        rt_override](## ".[].l2vlans.[].rt_override") | String | | | | By default the MAC VRF RT will be derived from mac_vrf_id_base + vlan_id.
The rt_override allows us to override this value and statically define it.
rt_override will default to vni_override if set.

rt_override supports two formats:
- A single number which will be used in the RT fields instead of mac_vrf_id/mac_vrf_vni (see 'overlay_rt_type' for details).
- A full RT string with colon separator which will override the full RT.
| | [        rd_override](## ".[].l2vlans.[].rd_override") | String | | | | By default the MAC VRF RD will be derived from mac_vrf_id_base + vlan_id.
The rt_override allows us to override this value and statically define it.
rd_override will default to rt_override or vni_override if set.

rd_override supports two formats:
- A single number which will be used in the RD assigned number field instead of mac_vrf_id/mac_vrf_vni (see 'overlay_rd_type' for details).
- A full RD string with colon separator which will override the full RD.
| | [        name](## ".[].l2vlans.[].name") | String | Required | | | VLAN name. | - | [        tags](## ".[].l2vlans.[].tags") | List, items: String | | | | Tags leveraged for networks services filtering.
Tags are matched against filter.tags defined under node type settings.
Tags are also matched against the node_group name under node type settings.
| + | [        tags](## ".[].l2vlans.[].tags") | List, items: String | | `['all']` | | Tags leveraged for networks services filtering.
Tags are matched against filter.tags defined under node type settings.
Tags are also matched against the node_group name under node type settings.
| | [          - <str>](## ".[].l2vlans.[].tags.[]") | String | | `all` | | | | [        vxlan](## ".[].l2vlans.[].vxlan") | Boolean | | `True` | | Extend this L2VLAN over VXLAN. | | [        spanning_tree_priority](## ".[].l2vlans.[].spanning_tree_priority") | Integer | | | | Setting spanning-tree priority per VLAN is only supported with `spanning_tree_mode: rapid-pvst` under node type settings.
The default priority for rapid-PVST is set under the node type settings with `spanning_tree_priority` (default=32768). | @@ -70,7 +70,7 @@ # Tags leveraged for networks services filtering. # Tags are matched against filter.tags defined under node type settings. # Tags are also matched against the node_group name under node type settings. - tags: + tags: # default=['all'] - # Extend this L2VLAN over VXLAN. diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-multicast-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-multicast-settings.md index f4601df1a69..46548a3035e 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-multicast-settings.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-multicast-settings.md @@ -12,13 +12,13 @@ | [    evpn_l2_multicast](## ".[].evpn_l2_multicast") | Dictionary | | | | Enable EVPN L2 Multicast for all SVIs and l2vlans within Tenant.
- Multicast group binding is created only for Multicast traffic. BULL traffic will use ingress-replication.
- Configures binding between VXLAN, VLAN, and multicast group IPv4 address using the following formula:
< evpn_l2_multicast.underlay_l2_multicast_group_ipv4_pool > + < vlan_id - 1 > + < evpn_l2_multicast.underlay_l2_multicast_group_ipv4_pool_offset >.
- The recommendation is to assign a /20 block within the 232.0.0.0/8 Source-Specific Multicast range.
- Enables `redistribute igmp` on the router bgp MAC VRF.
- When evpn_l2_multicast.enabled is true for a VLAN or a tenant, "igmp snooping" and "igmp snooping querier" will always be enabled - overriding those individual settings.
- Requires `evpn_multicast` to also be set to `true`.
| | [      enabled](## ".[].evpn_l2_multicast.enabled") | Boolean | | | | | | [      underlay_l2_multicast_group_ipv4_pool](## ".[].evpn_l2_multicast.underlay_l2_multicast_group_ipv4_pool") | String | | | | IPv4_address/Mask. | - | [      underlay_l2_multicast_group_ipv4_pool_offset](## ".[].evpn_l2_multicast.underlay_l2_multicast_group_ipv4_pool_offset") | Integer | | | | | + | [      underlay_l2_multicast_group_ipv4_pool_offset](## ".[].evpn_l2_multicast.underlay_l2_multicast_group_ipv4_pool_offset") | Integer | | `0` | | | | [      fast_leave](## ".[].evpn_l2_multicast.fast_leave") | Boolean | | | | Enable IGMP snooping fast-leave feature for all SVIs and l2vlans within the Tenant. | | [      always_redistribute_igmp](## ".[].evpn_l2_multicast.always_redistribute_igmp") | Boolean | | | | Always configure `redistribute igmp` under BGP for all SVIs within the Tenant if `evpn_l2_multicast` is True.
By default `redistribute igmp` is only configured when `evpn_l2_multicast` is True and `evpn_l3_multicast` for the VRF is False.
Configuring `redistribute igmp` when both L2 and L3 EVPN Multicast is enabled will take up additional control-plane and data-plane resources,
but it is required to support forwarding of TTL=1 multicast traffic within the VLAN.
This can be overridden per SVI. | | [    evpn_l3_multicast](## ".[].evpn_l3_multicast") | Dictionary | | | | Enable L3 Multicast for all SVIs and l3vlans within Tenant.
- In the evpn-l3ls design type, this enables L3 EVPN Multicast (aka OISM)'.
- Multicast group binding for VRF is created only for Multicast traffic. BULL traffic will use ingress-replication.
- Configures binding between VXLAN, VLAN, and multicast group IPv4 address using the following formula:
< l3_multicast.evpn_underlay_l3_multicast_group_ipv4_pool > + < vrf_id - 1 > + < l3_multicast.evpn_underlay_l3_multicast_group_ipv4_pool_offset >.
- The recommendation is to assign a /20 block within the 232.0.0.0/8 Source-Specific Multicast range.
- If enabled on an SVI using the anycast default gateway feature, a diagnostic loopback (see below) MUST be configured to source IGMP traffic.
- Enables `evpn multicast` on the router bgp VRF.
- When enabled on an SVI:
- If switch is part of an MLAG pair, enables "pim ipv4 sparse-mode" on the SVI.
- If switch is standalone or A-A MH, enables "ip igmp" on the SVI.
- If "ip address virtual" is configured, enables "pim ipv4 local-interface" and uses the diagnostic Loopback defined in the VRF
- Requires `evpn_multicast` to also be set to `true`.
| | [      enabled](## ".[].evpn_l3_multicast.enabled") | Boolean | | | | | | [      evpn_underlay_l3_multicast_group_ipv4_pool](## ".[].evpn_l3_multicast.evpn_underlay_l3_multicast_group_ipv4_pool") | String | Required | | | IPv4_address/Mask. | - | [      evpn_underlay_l3_multicast_group_ipv4_pool_offset](## ".[].evpn_l3_multicast.evpn_underlay_l3_multicast_group_ipv4_pool_offset") | Integer | | | | | + | [      evpn_underlay_l3_multicast_group_ipv4_pool_offset](## ".[].evpn_l3_multicast.evpn_underlay_l3_multicast_group_ipv4_pool_offset") | Integer | | `0` | | | | [      evpn_peg](## ".[].evpn_l3_multicast.evpn_peg") | List, items: Dictionary | | | | For each group of nodes, allow configuration of EVPN PEG options.
The first group of settings where the device's hostname is present in the 'nodes' list will be used.
| | [        - nodes](## ".[].evpn_l3_multicast.evpn_peg.[].nodes") | List, items: String | | | | A description will be applied to all nodes with RP addresses configured if not set. | | [            - <str>](## ".[].evpn_l3_multicast.evpn_peg.[].nodes.[]") | String | | | | | @@ -34,7 +34,7 @@ | [    igmp_snooping_querier](## ".[].igmp_snooping_querier") | Dictionary | | | | Enable IGMP snooping querier for each SVI/l2vlan within tenant, by default using IP address of Loopback 0.
When enabled, IGMP snooping querier will only be configured on L3 devices, i.e., uplink_type: p2p.
| | [      enabled](## ".[].igmp_snooping_querier.enabled") | Boolean | | | | Will be enabled automatically if "evpn_l2_multicast" is enabled. | | [      source_address](## ".[].igmp_snooping_querier.source_address") | String | | | Format: ipv4 | Default IP address of Loopback0. | - | [      version](## ".[].igmp_snooping_querier.version") | Integer | | `2` | Valid Values:
- 1
- 2
- 3 | | + | [      version](## ".[].igmp_snooping_querier.version") | Integer | | | Valid Values:
- 1
- 2
- 3 | IGMP Version (By default EOS uses IGMP version 2 for IGMP querier). | | [    vrfs](## ".[].vrfs") | List, items: Dictionary | | | | VRFs will only be configured on a node if any of the underlying objects like `svis` or `l3_interfaces` apply to the node.

It is recommended to only define a VRF in one Tenant. If the same VRF name is used across multiple tenants and those tenants
are accepted by `filter.tenants` on the node, any object set under the duplicate VRFs must either be unique or be an exact match.

VRF "default" is partially supported under network-services. Currently the supported options for "default" vrf are route-target,
route-distinguisher settings, structured_config, raw_eos_cli in bgp and SVIs are the only supported interface type.
Vlan-aware-bundles are supported as well inside default vrf. OSPF is not supported currently.
| | [      - name](## ".[].vrfs.[].name") | String | Required, Unique | | | | | [        evpn_l3_multicast](## ".[].vrfs.[].evpn_l3_multicast") | Dictionary | | | | Explicitly enable or disable evpn_l3_multicast to override setting of `.[].evpn_l3_multicast.enabled`.
Allow override of `.[].evpn_l3_multicast` node_settings.
Requires `evpn_multicast` to also be set to `true`.
| @@ -62,7 +62,7 @@ | [                  always_redistribute_igmp](## ".[].vrfs.[].svis.[].nodes.[].evpn_l2_multicast.always_redistribute_igmp") | Boolean | | | | Always configure `redistribute igmp` under BGP for the VLAN. Overrides the setting of `.[].evpn_l2_multicast.always_redistribute_igmp`.
By default `redistribute igmp` is only configured when `evpn_l2_multicast` is True and `evpn_l3_multicast` for the VRF is False.
Configuring `redistribute igmp` when both L2 and L3 EVPN Multicast is enabled will take up additional control-plane and data-plane resources,
but it is required to support forwarding of TTL=1 multicast traffic within the VLAN. | | [                evpn_l3_multicast](## ".[].vrfs.[].svis.[].nodes.[].evpn_l3_multicast") | Dictionary | | | | Explicitly enable or disable evpn_l3_multicast to override setting of `.[].evpn_l3_multicast.enabled` and `.[].vrfs.[].evpn_l3_multicast.enabled`.
Requires `evpn_multicast` to also be set to `true`.
| | [                  enabled](## ".[].vrfs.[].svis.[].nodes.[].evpn_l3_multicast.enabled") | Boolean | | | | | - | [                igmp_snooping_enabled](## ".[].vrfs.[].svis.[].nodes.[].igmp_snooping_enabled") | Boolean | | | | Enable IGMP Snooping (Enabled by default on EOS). | + | [                igmp_snooping_enabled](## ".[].vrfs.[].svis.[].nodes.[].igmp_snooping_enabled") | Boolean | | | | Enable or disable IGMP snooping (Enabled by default on EOS). | | [                igmp_snooping_querier](## ".[].vrfs.[].svis.[].nodes.[].igmp_snooping_querier") | Dictionary | | | | | | [                  enabled](## ".[].vrfs.[].svis.[].nodes.[].igmp_snooping_querier.enabled") | Boolean | | | | Will be enabled automatically if evpn_l2_multicast is enabled. | | [                  source_address](## ".[].vrfs.[].svis.[].nodes.[].igmp_snooping_querier.source_address") | String | | | | IPv4_address
If not set, IP address of "Loopback0" will be used.
| @@ -73,7 +73,7 @@ | [              always_redistribute_igmp](## ".[].vrfs.[].svis.[].evpn_l2_multicast.always_redistribute_igmp") | Boolean | | | | Always configure `redistribute igmp` under BGP for the VLAN. Overrides the setting of `.[].evpn_l2_multicast.always_redistribute_igmp`.
By default `redistribute igmp` is only configured when `evpn_l2_multicast` is True and `evpn_l3_multicast` for the VRF is False.
Configuring `redistribute igmp` when both L2 and L3 EVPN Multicast is enabled will take up additional control-plane and data-plane resources,
but it is required to support forwarding of TTL=1 multicast traffic within the VLAN. | | [            evpn_l3_multicast](## ".[].vrfs.[].svis.[].evpn_l3_multicast") | Dictionary | | | | Explicitly enable or disable evpn_l3_multicast to override setting of `.[].evpn_l3_multicast.enabled` and `.[].vrfs.[].evpn_l3_multicast.enabled`.
Requires `evpn_multicast` to also be set to `true`.
| | [              enabled](## ".[].vrfs.[].svis.[].evpn_l3_multicast.enabled") | Boolean | | | | | - | [            igmp_snooping_enabled](## ".[].vrfs.[].svis.[].igmp_snooping_enabled") | Boolean | | | | Enable IGMP Snooping (Enabled by default on EOS). | + | [            igmp_snooping_enabled](## ".[].vrfs.[].svis.[].igmp_snooping_enabled") | Boolean | | | | Enable or disable IGMP snooping (Enabled by default on EOS). | | [            igmp_snooping_querier](## ".[].vrfs.[].svis.[].igmp_snooping_querier") | Dictionary | | | | | | [              enabled](## ".[].vrfs.[].svis.[].igmp_snooping_querier.enabled") | Boolean | | | | Will be enabled automatically if evpn_l2_multicast is enabled. | | [              source_address](## ".[].vrfs.[].svis.[].igmp_snooping_querier.source_address") | String | | | | IPv4_address
If not set, IP address of "Loopback0" will be used.
| @@ -83,11 +83,11 @@ | [      - id](## ".[].l2vlans.[].id") | Integer | Required | | Min: 1
Max: 4094 | VLAN ID. | | [        evpn_l2_multicast](## ".[].l2vlans.[].evpn_l2_multicast") | Dictionary | | | | Explicitly enable or disable evpn_l2_multicast to override setting of `.[].evpn_l2_multicast.enabled`.
When evpn_l2_multicast.enabled is set to true for a vlan or a tenant, igmp snooping and igmp snooping querier will always be enabled, overriding those individual settings.
Requires `evpn_multicast` to also be set to `true`.
| | [          enabled](## ".[].l2vlans.[].evpn_l2_multicast.enabled") | Boolean | | | | | - | [        igmp_snooping_enabled](## ".[].l2vlans.[].igmp_snooping_enabled") | Boolean | | `True` | | Activate or deactivate IGMP snooping. | + | [        igmp_snooping_enabled](## ".[].l2vlans.[].igmp_snooping_enabled") | Boolean | | | | Enable or disable IGMP snooping (Enabled by default on EOS). | | [        igmp_snooping_querier](## ".[].l2vlans.[].igmp_snooping_querier") | Dictionary | | | | Enable igmp snooping querier, by default using IP address of Loopback 0.
When enabled, igmp snooping querier will only be configured on l3 devices, i.e., uplink_type: p2p.
| | [          enabled](## ".[].l2vlans.[].igmp_snooping_querier.enabled") | Boolean | | | | Will be enabled automatically if evpn_l2_multicast is enabled. | | [          source_address](## ".[].l2vlans.[].igmp_snooping_querier.source_address") | String | | | | IPv4_address
If not set, IP address of "Loopback0" will be used.
| - | [          version](## ".[].l2vlans.[].igmp_snooping_querier.version") | Integer | | `2` | Valid Values:
- 1
- 2
- 3 | | + | [          version](## ".[].l2vlans.[].igmp_snooping_querier.version") | Integer | | | Valid Values:
- 1
- 2
- 3 | IGMP Version (By default EOS uses IGMP version 2 for IGMP querier). | | [          fast_leave](## ".[].l2vlans.[].igmp_snooping_querier.fast_leave") | Boolean | | | | Enable IGMP snooping fast-leave feature. | | [svi_profiles](## "svi_profiles") | List, items: Dictionary | | | | Profiles to share common settings for SVIs under `.[].vrfs.svis`.
Keys are the same used under SVIs. Keys defined under SVIs take precedence.
Note: structured configuration is not merged recursively and will be taken directly from the most specific level in the following order:
1. svi.nodes[inventory_hostname].structured_config
2. svi_profile.nodes[inventory_hostname].structured_config
3. svi_parent_profile.nodes[inventory_hostname].structured_config
4. svi.structured_config
5. svi_profile.structured_config
6. svi_parent_profile.structured_config
| | [  - profile](## "svi_profiles.[].profile") | String | Required, Unique | | | Profile name. | @@ -98,7 +98,7 @@ | [          always_redistribute_igmp](## "svi_profiles.[].nodes.[].evpn_l2_multicast.always_redistribute_igmp") | Boolean | | | | Always configure `redistribute igmp` under BGP for the VLAN. Overrides the setting of `.[].evpn_l2_multicast.always_redistribute_igmp`.
By default `redistribute igmp` is only configured when `evpn_l2_multicast` is True and `evpn_l3_multicast` for the VRF is False.
Configuring `redistribute igmp` when both L2 and L3 EVPN Multicast is enabled will take up additional control-plane and data-plane resources,
but it is required to support forwarding of TTL=1 multicast traffic within the VLAN. | | [        evpn_l3_multicast](## "svi_profiles.[].nodes.[].evpn_l3_multicast") | Dictionary | | | | Explicitly enable or disable evpn_l3_multicast to override setting of `.[].evpn_l3_multicast.enabled` and `.[].vrfs.[].evpn_l3_multicast.enabled`.
Requires `evpn_multicast` to also be set to `true`.
| | [          enabled](## "svi_profiles.[].nodes.[].evpn_l3_multicast.enabled") | Boolean | | | | | - | [        igmp_snooping_enabled](## "svi_profiles.[].nodes.[].igmp_snooping_enabled") | Boolean | | | | Enable IGMP Snooping (Enabled by default on EOS). | + | [        igmp_snooping_enabled](## "svi_profiles.[].nodes.[].igmp_snooping_enabled") | Boolean | | | | Enable or disable IGMP snooping (Enabled by default on EOS). | | [        igmp_snooping_querier](## "svi_profiles.[].nodes.[].igmp_snooping_querier") | Dictionary | | | | | | [          enabled](## "svi_profiles.[].nodes.[].igmp_snooping_querier.enabled") | Boolean | | | | Will be enabled automatically if evpn_l2_multicast is enabled. | | [          source_address](## "svi_profiles.[].nodes.[].igmp_snooping_querier.source_address") | String | | | | IPv4_address
If not set, IP address of "Loopback0" will be used.
| @@ -109,7 +109,7 @@ | [      always_redistribute_igmp](## "svi_profiles.[].evpn_l2_multicast.always_redistribute_igmp") | Boolean | | | | Always configure `redistribute igmp` under BGP for the VLAN. Overrides the setting of `.[].evpn_l2_multicast.always_redistribute_igmp`.
By default `redistribute igmp` is only configured when `evpn_l2_multicast` is True and `evpn_l3_multicast` for the VRF is False.
Configuring `redistribute igmp` when both L2 and L3 EVPN Multicast is enabled will take up additional control-plane and data-plane resources,
but it is required to support forwarding of TTL=1 multicast traffic within the VLAN. | | [    evpn_l3_multicast](## "svi_profiles.[].evpn_l3_multicast") | Dictionary | | | | Explicitly enable or disable evpn_l3_multicast to override setting of `.[].evpn_l3_multicast.enabled` and `.[].vrfs.[].evpn_l3_multicast.enabled`.
Requires `evpn_multicast` to also be set to `true`.
| | [      enabled](## "svi_profiles.[].evpn_l3_multicast.enabled") | Boolean | | | | | - | [    igmp_snooping_enabled](## "svi_profiles.[].igmp_snooping_enabled") | Boolean | | | | Enable IGMP Snooping (Enabled by default on EOS). | + | [    igmp_snooping_enabled](## "svi_profiles.[].igmp_snooping_enabled") | Boolean | | | | Enable or disable IGMP snooping (Enabled by default on EOS). | | [    igmp_snooping_querier](## "svi_profiles.[].igmp_snooping_querier") | Dictionary | | | | | | [      enabled](## "svi_profiles.[].igmp_snooping_querier.enabled") | Boolean | | | | Will be enabled automatically if evpn_l2_multicast is enabled. | | [      source_address](## "svi_profiles.[].igmp_snooping_querier.source_address") | String | | | | IPv4_address
If not set, IP address of "Loopback0" will be used.
| @@ -139,7 +139,7 @@ # IPv4_address/Mask. underlay_l2_multicast_group_ipv4_pool: - underlay_l2_multicast_group_ipv4_pool_offset: + underlay_l2_multicast_group_ipv4_pool_offset: # Enable IGMP snooping fast-leave feature for all SVIs and l2vlans within the Tenant. fast_leave: @@ -169,7 +169,7 @@ # IPv4_address/Mask. evpn_underlay_l3_multicast_group_ipv4_pool: - evpn_underlay_l3_multicast_group_ipv4_pool_offset: + evpn_underlay_l3_multicast_group_ipv4_pool_offset: # For each group of nodes, allow configuration of EVPN PEG options. # The first group of settings where the device's hostname is present in the 'nodes' list will be used. @@ -214,7 +214,9 @@ # Default IP address of Loopback0. source_address: - version: + + # IGMP Version (By default EOS uses IGMP version 2 for IGMP querier). + version: # VRFs will only be configured on a node if any of the underlying objects like `svis` or `l3_interfaces` apply to the node. # @@ -306,7 +308,7 @@ evpn_l3_multicast: enabled: - # Enable IGMP Snooping (Enabled by default on EOS). + # Enable or disable IGMP snooping (Enabled by default on EOS). igmp_snooping_enabled: igmp_snooping_querier: @@ -340,7 +342,7 @@ evpn_l3_multicast: enabled: - # Enable IGMP Snooping (Enabled by default on EOS). + # Enable or disable IGMP snooping (Enabled by default on EOS). igmp_snooping_enabled: igmp_snooping_querier: @@ -369,8 +371,8 @@ evpn_l2_multicast: enabled: - # Activate or deactivate IGMP snooping. - igmp_snooping_enabled: + # Enable or disable IGMP snooping (Enabled by default on EOS). + igmp_snooping_enabled: # Enable igmp snooping querier, by default using IP address of Loopback 0. # When enabled, igmp snooping querier will only be configured on l3 devices, i.e., uplink_type: p2p. @@ -382,7 +384,9 @@ # IPv4_address # If not set, IP address of "Loopback0" will be used. source_address: - version: + + # IGMP Version (By default EOS uses IGMP version 2 for IGMP querier). + version: # Enable IGMP snooping fast-leave feature. fast_leave: @@ -425,7 +429,7 @@ evpn_l3_multicast: enabled: - # Enable IGMP Snooping (Enabled by default on EOS). + # Enable or disable IGMP snooping (Enabled by default on EOS). igmp_snooping_enabled: igmp_snooping_querier: @@ -459,7 +463,7 @@ evpn_l3_multicast: enabled: - # Enable IGMP Snooping (Enabled by default on EOS). + # Enable or disable IGMP snooping (Enabled by default on EOS). igmp_snooping_enabled: igmp_snooping_querier: diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-ospf-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-ospf-settings.md index a10784b9feb..347987134d2 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-ospf-settings.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-ospf-settings.md @@ -32,7 +32,7 @@ | [              - node](## ".[].vrfs.[].svis.[].nodes.[].node") | String | Required, Unique | | | l3_leaf inventory hostname. | | [                ospf](## ".[].vrfs.[].svis.[].nodes.[].ospf") | Dictionary | | | | OSPF interface configuration. | | [                  enabled](## ".[].vrfs.[].svis.[].nodes.[].ospf.enabled") | Boolean | | | | | - | [                  point_to_point](## ".[].vrfs.[].svis.[].nodes.[].ospf.point_to_point") | Boolean | | `True` | | | + | [                  point_to_point](## ".[].vrfs.[].svis.[].nodes.[].ospf.point_to_point") | Boolean | | `False` | | | | [                  area](## ".[].vrfs.[].svis.[].nodes.[].ospf.area") | String | | `0.0.0.0` | | OSPF area ID. | | [                  cost](## ".[].vrfs.[].svis.[].nodes.[].ospf.cost") | Integer | | | | OSPF link cost. | | [                  authentication](## ".[].vrfs.[].svis.[].nodes.[].ospf.authentication") | String | | | Valid Values:
- simple
- message-digest | | @@ -43,7 +43,7 @@ | [                      key](## ".[].vrfs.[].svis.[].nodes.[].ospf.message_digest_keys.[].key") | String | | | | Type 7 encrypted key. | | [            ospf](## ".[].vrfs.[].svis.[].ospf") | Dictionary | | | | OSPF interface configuration. | | [              enabled](## ".[].vrfs.[].svis.[].ospf.enabled") | Boolean | | | | | - | [              point_to_point](## ".[].vrfs.[].svis.[].ospf.point_to_point") | Boolean | | `True` | | | + | [              point_to_point](## ".[].vrfs.[].svis.[].ospf.point_to_point") | Boolean | | `False` | | | | [              area](## ".[].vrfs.[].svis.[].ospf.area") | String | | `0.0.0.0` | | OSPF area ID. | | [              cost](## ".[].vrfs.[].svis.[].ospf.cost") | Integer | | | | OSPF link cost. | | [              authentication](## ".[].vrfs.[].svis.[].ospf.authentication") | String | | | Valid Values:
- simple
- message-digest | | @@ -58,7 +58,7 @@ | [      - node](## "svi_profiles.[].nodes.[].node") | String | Required, Unique | | | l3_leaf inventory hostname. | | [        ospf](## "svi_profiles.[].nodes.[].ospf") | Dictionary | | | | OSPF interface configuration. | | [          enabled](## "svi_profiles.[].nodes.[].ospf.enabled") | Boolean | | | | | - | [          point_to_point](## "svi_profiles.[].nodes.[].ospf.point_to_point") | Boolean | | `True` | | | + | [          point_to_point](## "svi_profiles.[].nodes.[].ospf.point_to_point") | Boolean | | `False` | | | | [          area](## "svi_profiles.[].nodes.[].ospf.area") | String | | `0.0.0.0` | | OSPF area ID. | | [          cost](## "svi_profiles.[].nodes.[].ospf.cost") | Integer | | | | OSPF link cost. | | [          authentication](## "svi_profiles.[].nodes.[].ospf.authentication") | String | | | Valid Values:
- simple
- message-digest | | @@ -69,7 +69,7 @@ | [              key](## "svi_profiles.[].nodes.[].ospf.message_digest_keys.[].key") | String | | | | Type 7 encrypted key. | | [    ospf](## "svi_profiles.[].ospf") | Dictionary | | | | OSPF interface configuration. | | [      enabled](## "svi_profiles.[].ospf.enabled") | Boolean | | | | | - | [      point_to_point](## "svi_profiles.[].ospf.point_to_point") | Boolean | | `True` | | | + | [      point_to_point](## "svi_profiles.[].ospf.point_to_point") | Boolean | | `False` | | | | [      area](## "svi_profiles.[].ospf.area") | String | | `0.0.0.0` | | OSPF area ID. | | [      cost](## "svi_profiles.[].ospf.cost") | Integer | | | | OSPF link cost. | | [      authentication](## "svi_profiles.[].ospf.authentication") | String | | | Valid Values:
- simple
- message-digest | | @@ -149,7 +149,7 @@ # OSPF interface configuration. ospf: enabled: - point_to_point: + point_to_point: # OSPF area ID. area: @@ -170,7 +170,7 @@ # OSPF interface configuration. ospf: enabled: - point_to_point: + point_to_point: # OSPF area ID. area: @@ -212,7 +212,7 @@ # OSPF interface configuration. ospf: enabled: - point_to_point: + point_to_point: # OSPF area ID. area: @@ -233,7 +233,7 @@ # OSPF interface configuration. ospf: enabled: - point_to_point: + point_to_point: # OSPF area ID. area: diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md index 9de63d94def..de8007afaeb 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md @@ -9,11 +9,11 @@ | -------- | ---- | -------- | ------- | ------------------ | ----------- | | [<network_services_keys.name>](## "") | List, items: Dictionary | | | | | | [  - name](## ".[].name") | String | Required, Unique | | | Specify a tenant name.
Tenant provide a construct to group L3 VRFs and L2 VLANs.
Networks services can be filtered by tenant name.
| - | [    enable_mlag_ibgp_peering_vrfs](## ".[].enable_mlag_ibgp_peering_vrfs") | Boolean | | | | MLAG iBGP peering per VRF.
By default an iBGP peering is configured per VRF between MLAG peers on separate VLANs.
Setting `enable_mlag_ibgp_peering_vrfs` false under a tenant will change this default to prevent configuration of these peerings and VLANs for all VRFs in the tenant.
This setting can be overridden per VRF.
| + | [    enable_mlag_ibgp_peering_vrfs](## ".[].enable_mlag_ibgp_peering_vrfs") | Boolean | | `True` | | MLAG iBGP peering per VRF.
By default an iBGP peering is configured per VRF between MLAG peers on separate VLANs.
Setting `enable_mlag_ibgp_peering_vrfs` false under a tenant will change this default to prevent configuration of these peerings and VLANs for all VRFs in the tenant.
This setting can be overridden per VRF.
| | [    redistribute_mlag_ibgp_peering_vrfs](## ".[].redistribute_mlag_ibgp_peering_vrfs") | Boolean | | `False` | | Redistribute the connected subnet for the MLAG iBGP peering per VRF into overlay BGP.
By default the iBGP peering subnet is not redistributed into the overlay routing protocol per VRF.
Setting `redistribute_mlag_ibgp_peering_vrfs: true` under a tenant will change this default to redistribution of these subnets for all VRFs in the tenant.
This setting can be overridden per VRF.
| | [    vrfs](## ".[].vrfs") | List, items: Dictionary | | | | VRFs will only be configured on a node if any of the underlying objects like `svis` or `l3_interfaces` apply to the node.

It is recommended to only define a VRF in one Tenant. If the same VRF name is used across multiple tenants and those tenants
are accepted by `filter.tenants` on the node, any object set under the duplicate VRFs must either be unique or be an exact match.

VRF "default" is partially supported under network-services. Currently the supported options for "default" vrf are route-target,
route-distinguisher settings, structured_config, raw_eos_cli in bgp and SVIs are the only supported interface type.
Vlan-aware-bundles are supported as well inside default vrf. OSPF is not supported currently.
| | [      - name](## ".[].vrfs.[].name") | String | Required, Unique | | | | - | [        address_families](## ".[].vrfs.[].address_families") | List, items: String | | | | | + | [        address_families](## ".[].vrfs.[].address_families") | List, items: String | | `['evpn']` | | | | [          - <str>](## ".[].vrfs.[].address_families.[]") | String | | | Valid Values:
- evpn
- vpn-ipv4
- vpn-ipv6 | | | [        description](## ".[].vrfs.[].description") | String | | | | VRF description. | | [        vrf_vni](## ".[].vrfs.[].vrf_vni") | Integer | | | Min: 1
Max: 16777215 | Required if "vrf_id" is not set.
The VRF VNI range is not limited, but if vrf_id is not set, "vrf_vni" is used for calculating MLAG iBGP peering vlan id.
"vrf_vni" may also be used for VRF RD/RT ID. See "overlay_rd_type" and "overlay_rt_type" for details.
See "mlag_ibgp_peering_vrfs.base_vlan" for details.
If vrf_vni > 10000 make sure to adjust "mac_vrf_vni_base" accordingly to avoid overlap.
| @@ -25,15 +25,15 @@ | [          - ip_helper](## ".[].vrfs.[].ip_helpers.[].ip_helper") | String | Required, Unique | | | IPv4 DHCP server IP. | | [            source_interface](## ".[].vrfs.[].ip_helpers.[].source_interface") | String | | | | Interface name. | | [            source_vrf](## ".[].vrfs.[].ip_helpers.[].source_vrf") | String | | | | VRF to originate DHCP relay packets to DHCP server. If not set, uses current VRF. | - | [        enable_mlag_ibgp_peering_vrfs](## ".[].vrfs.[].enable_mlag_ibgp_peering_vrfs") | Boolean | | | | MLAG iBGP peering per VRF.
By default an iBGP peering is configured per VRF between MLAG peers on separate VLANs.
Setting `enable_mlag_ibgp_peering_vrfs: false` under a VRF will change this default and/or override the tenant-wide setting.
| - | [        redistribute_mlag_ibgp_peering_vrfs](## ".[].vrfs.[].redistribute_mlag_ibgp_peering_vrfs") | Boolean | | `False` | | Redistribute the connected subnet for the MLAG iBGP peering per VRF into overlay BGP.
By default the iBGP peering subnet is not redistributed into the overlay routing protocol per VRF.
Setting `redistribute_mlag_ibgp_peering_vrfs: true` under a VRF will change this default and/or override the tenant-wide setting.
| + | [        enable_mlag_ibgp_peering_vrfs](## ".[].vrfs.[].enable_mlag_ibgp_peering_vrfs") | Boolean | | | | MLAG iBGP peering per VRF.
By default an iBGP peering is configured per VRF between MLAG peers on separate VLANs.
Setting `enable_mlag_ibgp_peering_vrfs: false` under a VRF overrides the tenant-wide setting.
| + | [        redistribute_mlag_ibgp_peering_vrfs](## ".[].vrfs.[].redistribute_mlag_ibgp_peering_vrfs") | Boolean | | | | Redistribute the connected subnet for the MLAG iBGP peering per VRF into overlay BGP.
By default the iBGP peering subnet is not redistributed into the overlay routing protocol per VRF.
Setting `redistribute_mlag_ibgp_peering_vrfs` under a VRF overrides the tenant-wide setting.
| | [        mlag_ibgp_peering_vlan](## ".[].vrfs.[].mlag_ibgp_peering_vlan") | Integer | | | Min: 1
Max: 4096 | Manually define the VLAN used on the MLAG pair for the iBGP session.
By default this parameter is calculated using the following formula: `` + `` - 1.
| | [        vtep_diagnostic](## ".[].vrfs.[].vtep_diagnostic") | Dictionary | | | | Enable VTEP Network diagnostics.
This will create a loopback with virtual source-nat enable to perform diagnostics from the switch.
| | [          loopback](## ".[].vrfs.[].vtep_diagnostic.loopback") | Integer | | | Min: 2
Max: 2100 | Loopback interface number, required when vtep_diagnotics defined.
| | [          loopback_description](## ".[].vrfs.[].vtep_diagnostic.loopback_description") | String | | | | Provide a custom description or description template to be used on the VRF diagnostic loopback interface.
This can be a template using the AVD string formatter syntax: https://avd.arista.com/devel/roles/eos_designs/docs/how-to/custom-descriptions-names.html#avd-string-formatter-syntax.
The available template fields are:
- `interface`: The Loopback interface name.
- `vrf`: The VRF name.
- `tenant`: The tenant name.

The default description is set by `default_vrf_diag_loopback_description`.
By default the description is templated from the VRF name. | | [          loopback_ip_range](## ".[].vrfs.[].vtep_diagnostic.loopback_ip_range") | String | | | | IPv4_address/Mask.
Loopback ip range, a unique ip is derived from this ranged and assignedto each l3 leaf based on it's unique id.
Loopback is not created unless loopback_ip_range or loopback_ip_pools are set.
| - | [          loopback_ip_pools](## ".[].vrfs.[].vtep_diagnostic.loopback_ip_pools") | List, items: Dictionary | | | | For inventories with multiple PODs a loopback range can be set per POD to avoid overlaps.
This only takes effect when loopback_ip_range is not defined, ptional (loopback is not created unless loopback_ip_range or loopback_ip_pools are set).
| - | [            - pod](## ".[].vrfs.[].vtep_diagnostic.loopback_ip_pools.[].pod") | String | | | | POD name. | + | [          loopback_ip_pools](## ".[].vrfs.[].vtep_diagnostic.loopback_ip_pools") | List, items: Dictionary | | | | For inventories with multiple PODs a loopback range can be set per POD to avoid overlaps.
This only takes effect when loopback_ip_range is not defined, optional (loopback is not created unless loopback_ip_range or loopback_ip_pools are set).
| + | [            - pod](## ".[].vrfs.[].vtep_diagnostic.loopback_ip_pools.[].pod") | String | Required, Unique | | | POD name. | | [              ipv4_pool](## ".[].vrfs.[].vtep_diagnostic.loopback_ip_pools.[].ipv4_pool") | String | | | | IPv4_address/Mask. | | [        static_routes](## ".[].vrfs.[].static_routes") | List, items: Dictionary | | | | List of static routes for v4 and/or v6.
This will create static routes inside the tenant VRF.
If nodes are not specified, all l3leafs that carry the VRF will also be applied the static routes.
If a node has a static route in the VRF, redistribute static will be automatically enabled in that VRF.
This automatic behavior can be overridden non-selectively with the redistribute_static knob for the VRF.
| | [          - destination_address_prefix](## ".[].vrfs.[].static_routes.[].destination_address_prefix") | String | | | | IPv4_address. | @@ -58,7 +58,7 @@ | [            nodes](## ".[].vrfs.[].ipv6_static_routes.[].nodes") | List, items: String | | | | | | [              - <str>](## ".[].vrfs.[].ipv6_static_routes.[].nodes.[]") | String | | | | | | [        redistribute_static](## ".[].vrfs.[].redistribute_static") | Boolean | | | | Enable or disable the redistribution of all static routes to BGP in the VRF. | - | [        redistribute_connected](## ".[].vrfs.[].redistribute_connected") | Boolean | | `True` | | Enable or disable the redistribution of all connected routes to BGP in the VRF. | + | [        redistribute_connected](## ".[].vrfs.[].redistribute_connected") | Boolean | | `True` | | Enable or disable the redistribution of all connected routes to BGP in the VRF. Note this is not applicable to VRF `default`. | | [        bgp](## ".[].vrfs.[].bgp") | Dictionary | | | | | | [          enabled](## ".[].vrfs.[].bgp.enabled") | Boolean | | | | Force (no) configuration of BGP for the VRF.
If not set, BGP will be configured when needed according to the following rules:
- If the VRF is part of an overlay (`evpn` or `mpls`), BGP will be configured for it.
- If any BGP peers are configured under the VRF, BGP will be configured for it. This is useful for L2LS designs with VRFs.
- If uplink type is `p2p-vrfs` *and* the vrf is included in the uplink VRFs, BGP will be configured for it. | | [          raw_eos_cli](## ".[].vrfs.[].bgp.raw_eos_cli") | String | | | | EOS CLI rendered directly on the Router BGP, VRF definition in the final EOS configuration.
| @@ -88,7 +88,7 @@ # By default an iBGP peering is configured per VRF between MLAG peers on separate VLANs. # Setting `enable_mlag_ibgp_peering_vrfs` false under a tenant will change this default to prevent configuration of these peerings and VLANs for all VRFs in the tenant. # This setting can be overridden per VRF. - enable_mlag_ibgp_peering_vrfs: + enable_mlag_ibgp_peering_vrfs: # Redistribute the connected subnet for the MLAG iBGP peering per VRF into overlay BGP. # By default the iBGP peering subnet is not redistributed into the overlay routing protocol per VRF. @@ -106,7 +106,7 @@ # Vlan-aware-bundles are supported as well inside default vrf. OSPF is not supported currently. vrfs: - name: - address_families: + address_families: # default=['evpn'] - # VRF description. @@ -161,13 +161,13 @@ # MLAG iBGP peering per VRF. # By default an iBGP peering is configured per VRF between MLAG peers on separate VLANs. - # Setting `enable_mlag_ibgp_peering_vrfs: false` under a VRF will change this default and/or override the tenant-wide setting. + # Setting `enable_mlag_ibgp_peering_vrfs: false` under a VRF overrides the tenant-wide setting. enable_mlag_ibgp_peering_vrfs: # Redistribute the connected subnet for the MLAG iBGP peering per VRF into overlay BGP. # By default the iBGP peering subnet is not redistributed into the overlay routing protocol per VRF. - # Setting `redistribute_mlag_ibgp_peering_vrfs: true` under a VRF will change this default and/or override the tenant-wide setting. - redistribute_mlag_ibgp_peering_vrfs: + # Setting `redistribute_mlag_ibgp_peering_vrfs` under a VRF overrides the tenant-wide setting. + redistribute_mlag_ibgp_peering_vrfs: # Manually define the VLAN used on the MLAG pair for the iBGP session. # By default this parameter is calculated using the following formula: `` + `` - 1. @@ -197,11 +197,11 @@ loopback_ip_range: # For inventories with multiple PODs a loopback range can be set per POD to avoid overlaps. - # This only takes effect when loopback_ip_range is not defined, ptional (loopback is not created unless loopback_ip_range or loopback_ip_pools are set). + # This only takes effect when loopback_ip_range is not defined, optional (loopback is not created unless loopback_ip_range or loopback_ip_pools are set). loopback_ip_pools: # POD name. - - pod: + - pod: # IPv4_address/Mask. ipv4_pool: @@ -251,7 +251,7 @@ # Enable or disable the redistribution of all static routes to BGP in the VRF. redistribute_static: - # Enable or disable the redistribution of all connected routes to BGP in the VRF. + # Enable or disable the redistribution of all connected routes to BGP in the VRF. Note this is not applicable to VRF `default`. redistribute_connected: bgp: diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/new-network-services-bgp-vrf-config.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/new-network-services-bgp-vrf-config.md index 9fc30faf3f1..c931781edbc 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/new-network-services-bgp-vrf-config.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/new-network-services-bgp-vrf-config.md @@ -7,7 +7,7 @@ | Variable | Type | Required | Default | Value Restrictions | Description | | -------- | ---- | -------- | ------- | ------------------ | ----------- | - | [new_network_services_bgp_vrf_config](## "new_network_services_bgp_vrf_config") removed | Boolean | | `True` | | This key was used to generate BGP configuration for network services even when `evpn` is not in the address families for the node as well as the VRF.
This is now part of the default behavior so this key has been removed.This key was removed. Support was removed in AVD version 5.0.0. See [here](https://avd.arista.com/devel/porting-guides/5.x.x.html#new-improved-logic-for-bgp-configuration-of-network-services-vrfs) for details. | + | [new_network_services_bgp_vrf_config](## "new_network_services_bgp_vrf_config") removed | Boolean | | `True` | | This key was used to generate BGP configuration for network services even when `evpn` is not in the address families for the node as well as the VRF.
This is now part of the default behavior so this key has been removed.This key was removed. Support was removed in AVD version 5.0.0. See [here](https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#bgp-is-now-configured-for-network-services-vrfs-even-if-evpn-is-not-part-of-the-address-families) for details. | === "YAML" diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-evpn-ipvpn-gateway-configuration.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-evpn-ipvpn-gateway-configuration.md index 378342b01ec..c08972daf95 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-evpn-ipvpn-gateway-configuration.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-evpn-ipvpn-gateway-configuration.md @@ -15,11 +15,11 @@ | [      ipvpn_domain_id](## ".defaults.ipvpn_gateway.ipvpn_domain_id") | String | | `65535:2` | | Domain ID to assign to IPVPN address families for use with D-path. Format :. | | [      enable_d_path](## ".defaults.ipvpn_gateway.enable_d_path") | Boolean | | `True` | | Enable D-path for use with BGP bestpath selection algorithm. | | [      maximum_routes](## ".defaults.ipvpn_gateway.maximum_routes") | Integer | | `0` | | Maximum routes to accept from IPVPN remote peers. | - | [      local_as](## ".defaults.ipvpn_gateway.local_as") | String | | `none` | | Local BGP AS applied to peering with IPVPN remote peers.
BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. | + | [      local_as](## ".defaults.ipvpn_gateway.local_as") | String | | | | Local BGP AS applied to peering with IPVPN remote peers.
BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. | | [      address_families](## ".defaults.ipvpn_gateway.address_families") | List, items: String | | `['vpn-ipv4']` | | IPVPN address families to enable for remote peers. | | [        - <str>](## ".defaults.ipvpn_gateway.address_families.[]") | String | | | | | | [      remote_peers](## ".defaults.ipvpn_gateway.remote_peers") | List, items: Dictionary | | | | | - | [        - hostname](## ".defaults.ipvpn_gateway.remote_peers.[].hostname") | String | Required | | | Hostname of remote IPVPN Peer. | + | [        - hostname](## ".defaults.ipvpn_gateway.remote_peers.[].hostname") | String | Required, Unique | | | Hostname of remote IPVPN Peer. | | [          ip_address](## ".defaults.ipvpn_gateway.remote_peers.[].ip_address") | String | Required | | Format: ipv4 | Peering IP of remote IPVPN Peer. | | [          bgp_as](## ".defaults.ipvpn_gateway.remote_peers.[].bgp_as") | String | Required | | | Remote IPVPN Peer's BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. | | [  node_groups](## ".node_groups") | List, items: Dictionary | | | | Define variables related to all nodes part of this group. | @@ -32,11 +32,11 @@ | [            ipvpn_domain_id](## ".node_groups.[].nodes.[].ipvpn_gateway.ipvpn_domain_id") | String | | `65535:2` | | Domain ID to assign to IPVPN address families for use with D-path. Format :. | | [            enable_d_path](## ".node_groups.[].nodes.[].ipvpn_gateway.enable_d_path") | Boolean | | `True` | | Enable D-path for use with BGP bestpath selection algorithm. | | [            maximum_routes](## ".node_groups.[].nodes.[].ipvpn_gateway.maximum_routes") | Integer | | `0` | | Maximum routes to accept from IPVPN remote peers. | - | [            local_as](## ".node_groups.[].nodes.[].ipvpn_gateway.local_as") | String | | `none` | | Local BGP AS applied to peering with IPVPN remote peers.
BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. | + | [            local_as](## ".node_groups.[].nodes.[].ipvpn_gateway.local_as") | String | | | | Local BGP AS applied to peering with IPVPN remote peers.
BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. | | [            address_families](## ".node_groups.[].nodes.[].ipvpn_gateway.address_families") | List, items: String | | `['vpn-ipv4']` | | IPVPN address families to enable for remote peers. | | [              - <str>](## ".node_groups.[].nodes.[].ipvpn_gateway.address_families.[]") | String | | | | | | [            remote_peers](## ".node_groups.[].nodes.[].ipvpn_gateway.remote_peers") | List, items: Dictionary | | | | | - | [              - hostname](## ".node_groups.[].nodes.[].ipvpn_gateway.remote_peers.[].hostname") | String | Required | | | Hostname of remote IPVPN Peer. | + | [              - hostname](## ".node_groups.[].nodes.[].ipvpn_gateway.remote_peers.[].hostname") | String | Required, Unique | | | Hostname of remote IPVPN Peer. | | [                ip_address](## ".node_groups.[].nodes.[].ipvpn_gateway.remote_peers.[].ip_address") | String | Required | | Format: ipv4 | Peering IP of remote IPVPN Peer. | | [                bgp_as](## ".node_groups.[].nodes.[].ipvpn_gateway.remote_peers.[].bgp_as") | String | Required | | | Remote IPVPN Peer's BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. | | [      ipvpn_gateway](## ".node_groups.[].ipvpn_gateway") | Dictionary | | | | Node is acting as IP-VPN Gateway for EVPN to MPLS-IP-VPN Interworking. The BGP peer group used for this is "bgp_peer_groups.ipvpn_gateway_peers".
L3 Reachability is required for this to work, the preferred method to establish underlay connectivity is to use core_interfaces.
| @@ -45,11 +45,11 @@ | [        ipvpn_domain_id](## ".node_groups.[].ipvpn_gateway.ipvpn_domain_id") | String | | `65535:2` | | Domain ID to assign to IPVPN address families for use with D-path. Format :. | | [        enable_d_path](## ".node_groups.[].ipvpn_gateway.enable_d_path") | Boolean | | `True` | | Enable D-path for use with BGP bestpath selection algorithm. | | [        maximum_routes](## ".node_groups.[].ipvpn_gateway.maximum_routes") | Integer | | `0` | | Maximum routes to accept from IPVPN remote peers. | - | [        local_as](## ".node_groups.[].ipvpn_gateway.local_as") | String | | `none` | | Local BGP AS applied to peering with IPVPN remote peers.
BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. | + | [        local_as](## ".node_groups.[].ipvpn_gateway.local_as") | String | | | | Local BGP AS applied to peering with IPVPN remote peers.
BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. | | [        address_families](## ".node_groups.[].ipvpn_gateway.address_families") | List, items: String | | `['vpn-ipv4']` | | IPVPN address families to enable for remote peers. | | [          - <str>](## ".node_groups.[].ipvpn_gateway.address_families.[]") | String | | | | | | [        remote_peers](## ".node_groups.[].ipvpn_gateway.remote_peers") | List, items: Dictionary | | | | | - | [          - hostname](## ".node_groups.[].ipvpn_gateway.remote_peers.[].hostname") | String | Required | | | Hostname of remote IPVPN Peer. | + | [          - hostname](## ".node_groups.[].ipvpn_gateway.remote_peers.[].hostname") | String | Required, Unique | | | Hostname of remote IPVPN Peer. | | [            ip_address](## ".node_groups.[].ipvpn_gateway.remote_peers.[].ip_address") | String | Required | | Format: ipv4 | Peering IP of remote IPVPN Peer. | | [            bgp_as](## ".node_groups.[].ipvpn_gateway.remote_peers.[].bgp_as") | String | Required | | | Remote IPVPN Peer's BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. | | [  nodes](## ".nodes") | List, items: Dictionary | | | | Define variables per node. | @@ -60,11 +60,11 @@ | [        ipvpn_domain_id](## ".nodes.[].ipvpn_gateway.ipvpn_domain_id") | String | | `65535:2` | | Domain ID to assign to IPVPN address families for use with D-path. Format :. | | [        enable_d_path](## ".nodes.[].ipvpn_gateway.enable_d_path") | Boolean | | `True` | | Enable D-path for use with BGP bestpath selection algorithm. | | [        maximum_routes](## ".nodes.[].ipvpn_gateway.maximum_routes") | Integer | | `0` | | Maximum routes to accept from IPVPN remote peers. | - | [        local_as](## ".nodes.[].ipvpn_gateway.local_as") | String | | `none` | | Local BGP AS applied to peering with IPVPN remote peers.
BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. | + | [        local_as](## ".nodes.[].ipvpn_gateway.local_as") | String | | | | Local BGP AS applied to peering with IPVPN remote peers.
BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. | | [        address_families](## ".nodes.[].ipvpn_gateway.address_families") | List, items: String | | `['vpn-ipv4']` | | IPVPN address families to enable for remote peers. | | [          - <str>](## ".nodes.[].ipvpn_gateway.address_families.[]") | String | | | | | | [        remote_peers](## ".nodes.[].ipvpn_gateway.remote_peers") | List, items: Dictionary | | | | | - | [          - hostname](## ".nodes.[].ipvpn_gateway.remote_peers.[].hostname") | String | Required | | | Hostname of remote IPVPN Peer. | + | [          - hostname](## ".nodes.[].ipvpn_gateway.remote_peers.[].hostname") | String | Required, Unique | | | Hostname of remote IPVPN Peer. | | [            ip_address](## ".nodes.[].ipvpn_gateway.remote_peers.[].ip_address") | String | Required | | Format: ipv4 | Peering IP of remote IPVPN Peer. | | [            bgp_as](## ".nodes.[].ipvpn_gateway.remote_peers.[].bgp_as") | String | Required | | | Remote IPVPN Peer's BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. | @@ -96,7 +96,7 @@ # Local BGP AS applied to peering with IPVPN remote peers. # BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>". # For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. - local_as: + local_as: # IPVPN address families to enable for remote peers. address_families: # default=['vpn-ipv4'] @@ -104,7 +104,7 @@ remote_peers: # Hostname of remote IPVPN Peer. - - hostname: + - hostname: # Peering IP of remote IPVPN Peer. ip_address: @@ -146,7 +146,7 @@ # Local BGP AS applied to peering with IPVPN remote peers. # BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>". # For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. - local_as: + local_as: # IPVPN address families to enable for remote peers. address_families: # default=['vpn-ipv4'] @@ -154,7 +154,7 @@ remote_peers: # Hostname of remote IPVPN Peer. - - hostname: + - hostname: # Peering IP of remote IPVPN Peer. ip_address: @@ -183,7 +183,7 @@ # Local BGP AS applied to peering with IPVPN remote peers. # BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>". # For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. - local_as: + local_as: # IPVPN address families to enable for remote peers. address_families: # default=['vpn-ipv4'] @@ -191,7 +191,7 @@ remote_peers: # Hostname of remote IPVPN Peer. - - hostname: + - hostname: # Peering IP of remote IPVPN Peer. ip_address: @@ -226,7 +226,7 @@ # Local BGP AS applied to peering with IPVPN remote peers. # BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>". # For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. - local_as: + local_as: # IPVPN address families to enable for remote peers. address_families: # default=['vpn-ipv4'] @@ -234,7 +234,7 @@ remote_peers: # Hostname of remote IPVPN Peer. - - hostname: + - hostname: # Peering IP of remote IPVPN Peer. ip_address: diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-evpn-multi-domain-gateway-configuration.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-evpn-multi-domain-gateway-configuration.md index 79594afa298..be89fc61e0a 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-evpn-multi-domain-gateway-configuration.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-evpn-multi-domain-gateway-configuration.md @@ -11,7 +11,7 @@ | [  defaults](## ".defaults") | Dictionary | | | | Define variables for all nodes of this type. | | [    evpn_gateway](## ".defaults.evpn_gateway") | Dictionary | | | | Node is acting as EVPN Multi-Domain Gateway.
New BGP peer-group is generated between EVPN GWs in different domains or between GWs and Route Servers.
Name can be changed under "bgp_peer_groups.evpn_overlay_core" variable.
L3 rechability for different EVPN GWs must be already in place, it is recommended to use DCI & L3 Edge if Route Servers and GWs are not defined under the same Ansible inventory.
| | [      remote_peers](## ".defaults.evpn_gateway.remote_peers") | List, items: Dictionary | | | | Define remote peers of the EVPN VXLAN Gateway.
If the hostname can be found in the inventory, ip_address and BGP ASN will be automatically populated. Manual override takes precedence.
If the peer's hostname can not be found in the inventory, ip_address and bgp_as must be defined.
| - | [        - hostname](## ".defaults.evpn_gateway.remote_peers.[].hostname") | String | | | | Hostname of remote EVPN GW server. | + | [        - hostname](## ".defaults.evpn_gateway.remote_peers.[].hostname") | String | Required, Unique | | | Hostname of remote EVPN GW server. | | [          ip_address](## ".defaults.evpn_gateway.remote_peers.[].ip_address") | String | | | Format: ipv4 | Peering IP of remote Route Server. | | [          bgp_as](## ".defaults.evpn_gateway.remote_peers.[].bgp_as") | String | | | | Remote Route Server's BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. | | [      evpn_l2](## ".defaults.evpn_gateway.evpn_l2") | Dictionary | | | | Enable EVPN Gateway functionality for route-types 2 (MAC-IP) and 3 (IMET). | @@ -25,7 +25,7 @@ | [        - name](## ".node_groups.[].nodes.[].name") | String | Required, Unique | | | The Node Name is used as "hostname". | | [          evpn_gateway](## ".node_groups.[].nodes.[].evpn_gateway") | Dictionary | | | | Node is acting as EVPN Multi-Domain Gateway.
New BGP peer-group is generated between EVPN GWs in different domains or between GWs and Route Servers.
Name can be changed under "bgp_peer_groups.evpn_overlay_core" variable.
L3 rechability for different EVPN GWs must be already in place, it is recommended to use DCI & L3 Edge if Route Servers and GWs are not defined under the same Ansible inventory.
| | [            remote_peers](## ".node_groups.[].nodes.[].evpn_gateway.remote_peers") | List, items: Dictionary | | | | Define remote peers of the EVPN VXLAN Gateway.
If the hostname can be found in the inventory, ip_address and BGP ASN will be automatically populated. Manual override takes precedence.
If the peer's hostname can not be found in the inventory, ip_address and bgp_as must be defined.
| - | [              - hostname](## ".node_groups.[].nodes.[].evpn_gateway.remote_peers.[].hostname") | String | | | | Hostname of remote EVPN GW server. | + | [              - hostname](## ".node_groups.[].nodes.[].evpn_gateway.remote_peers.[].hostname") | String | Required, Unique | | | Hostname of remote EVPN GW server. | | [                ip_address](## ".node_groups.[].nodes.[].evpn_gateway.remote_peers.[].ip_address") | String | | | Format: ipv4 | Peering IP of remote Route Server. | | [                bgp_as](## ".node_groups.[].nodes.[].evpn_gateway.remote_peers.[].bgp_as") | String | | | | Remote Route Server's BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. | | [            evpn_l2](## ".node_groups.[].nodes.[].evpn_gateway.evpn_l2") | Dictionary | | | | Enable EVPN Gateway functionality for route-types 2 (MAC-IP) and 3 (IMET). | @@ -35,7 +35,7 @@ | [              inter_domain](## ".node_groups.[].nodes.[].evpn_gateway.evpn_l3.inter_domain") | Boolean | | `True` | | | | [      evpn_gateway](## ".node_groups.[].evpn_gateway") | Dictionary | | | | Node is acting as EVPN Multi-Domain Gateway.
New BGP peer-group is generated between EVPN GWs in different domains or between GWs and Route Servers.
Name can be changed under "bgp_peer_groups.evpn_overlay_core" variable.
L3 rechability for different EVPN GWs must be already in place, it is recommended to use DCI & L3 Edge if Route Servers and GWs are not defined under the same Ansible inventory.
| | [        remote_peers](## ".node_groups.[].evpn_gateway.remote_peers") | List, items: Dictionary | | | | Define remote peers of the EVPN VXLAN Gateway.
If the hostname can be found in the inventory, ip_address and BGP ASN will be automatically populated. Manual override takes precedence.
If the peer's hostname can not be found in the inventory, ip_address and bgp_as must be defined.
| - | [          - hostname](## ".node_groups.[].evpn_gateway.remote_peers.[].hostname") | String | | | | Hostname of remote EVPN GW server. | + | [          - hostname](## ".node_groups.[].evpn_gateway.remote_peers.[].hostname") | String | Required, Unique | | | Hostname of remote EVPN GW server. | | [            ip_address](## ".node_groups.[].evpn_gateway.remote_peers.[].ip_address") | String | | | Format: ipv4 | Peering IP of remote Route Server. | | [            bgp_as](## ".node_groups.[].evpn_gateway.remote_peers.[].bgp_as") | String | | | | Remote Route Server's BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. | | [        evpn_l2](## ".node_groups.[].evpn_gateway.evpn_l2") | Dictionary | | | | Enable EVPN Gateway functionality for route-types 2 (MAC-IP) and 3 (IMET). | @@ -47,7 +47,7 @@ | [    - name](## ".nodes.[].name") | String | Required, Unique | | | The Node Name is used as "hostname". | | [      evpn_gateway](## ".nodes.[].evpn_gateway") | Dictionary | | | | Node is acting as EVPN Multi-Domain Gateway.
New BGP peer-group is generated between EVPN GWs in different domains or between GWs and Route Servers.
Name can be changed under "bgp_peer_groups.evpn_overlay_core" variable.
L3 rechability for different EVPN GWs must be already in place, it is recommended to use DCI & L3 Edge if Route Servers and GWs are not defined under the same Ansible inventory.
| | [        remote_peers](## ".nodes.[].evpn_gateway.remote_peers") | List, items: Dictionary | | | | Define remote peers of the EVPN VXLAN Gateway.
If the hostname can be found in the inventory, ip_address and BGP ASN will be automatically populated. Manual override takes precedence.
If the peer's hostname can not be found in the inventory, ip_address and bgp_as must be defined.
| - | [          - hostname](## ".nodes.[].evpn_gateway.remote_peers.[].hostname") | String | | | | Hostname of remote EVPN GW server. | + | [          - hostname](## ".nodes.[].evpn_gateway.remote_peers.[].hostname") | String | Required, Unique | | | Hostname of remote EVPN GW server. | | [            ip_address](## ".nodes.[].evpn_gateway.remote_peers.[].ip_address") | String | | | Format: ipv4 | Peering IP of remote Route Server. | | [            bgp_as](## ".nodes.[].evpn_gateway.remote_peers.[].bgp_as") | String | | | | Remote Route Server's BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
For asdot notation in YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float number. | | [        evpn_l2](## ".nodes.[].evpn_gateway.evpn_l2") | Dictionary | | | | Enable EVPN Gateway functionality for route-types 2 (MAC-IP) and 3 (IMET). | @@ -76,7 +76,7 @@ remote_peers: # Hostname of remote EVPN GW server. - - hostname: + - hostname: # Peering IP of remote Route Server. ip_address: @@ -119,7 +119,7 @@ remote_peers: # Hostname of remote EVPN GW server. - - hostname: + - hostname: # Peering IP of remote Route Server. ip_address: @@ -149,7 +149,7 @@ remote_peers: # Hostname of remote EVPN GW server. - - hostname: + - hostname: # Peering IP of remote Route Server. ip_address: @@ -185,7 +185,7 @@ remote_peers: # Hostname of remote EVPN GW server. - - hostname: + - hostname: # Peering IP of remote Route Server. ip_address: diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-evpn-services-configuration.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-evpn-services-configuration.md index e6b32aee472..48cae68a104 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-evpn-services-configuration.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-evpn-services-configuration.md @@ -22,7 +22,7 @@ | [      always_include_vrfs_in_tenants](## ".defaults.filter.always_include_vrfs_in_tenants") | List, items: String | | | | List of tenants where VRFs will be configured even if VLANs are not included in tags.
Useful for L3 "border" leaf.
| | [        - <str>](## ".defaults.filter.always_include_vrfs_in_tenants.[]") | String | | | | | | [      only_vlans_in_use](## ".defaults.filter.only_vlans_in_use") | Boolean | | `False` | | Only configure VLANs, SVIs, VRFs in use by connected endpoints or downstream L2 switches.
Note! This feature only considers configuration managed by eos_designs.
This excludes structured_config, custom_structured_configuration_, raw_eos_cli, eos_cli, custom templates, configlets etc.
| - | [    igmp_snooping_enabled](## ".defaults.igmp_snooping_enabled") | Boolean | | `True` | | Activate or deactivate IGMP snooping on device level. | + | [    igmp_snooping_enabled](## ".defaults.igmp_snooping_enabled") | Boolean | | | | Activate or deactivate IGMP snooping on device level. | | [  node_groups](## ".node_groups") | List, items: Dictionary | | | | Define variables related to all nodes part of this group. | | [    - group](## ".node_groups.[].group") | String | Required, Unique | | | The Node Group Name is used for MLAG domain unless set with 'mlag_domain_id'.
The Node Group Name is also used for peer description on downstream switches' uplinks.
| | [      nodes](## ".node_groups.[].nodes") | List, items: Dictionary | | | | Define variables per node. | @@ -40,7 +40,7 @@ | [            always_include_vrfs_in_tenants](## ".node_groups.[].nodes.[].filter.always_include_vrfs_in_tenants") | List, items: String | | | | List of tenants where VRFs will be configured even if VLANs are not included in tags.
Useful for L3 "border" leaf.
| | [              - <str>](## ".node_groups.[].nodes.[].filter.always_include_vrfs_in_tenants.[]") | String | | | | | | [            only_vlans_in_use](## ".node_groups.[].nodes.[].filter.only_vlans_in_use") | Boolean | | `False` | | Only configure VLANs, SVIs, VRFs in use by connected endpoints or downstream L2 switches.
Note! This feature only considers configuration managed by eos_designs.
This excludes structured_config, custom_structured_configuration_, raw_eos_cli, eos_cli, custom templates, configlets etc.
| - | [          igmp_snooping_enabled](## ".node_groups.[].nodes.[].igmp_snooping_enabled") | Boolean | | `True` | | Activate or deactivate IGMP snooping on device level. | + | [          igmp_snooping_enabled](## ".node_groups.[].nodes.[].igmp_snooping_enabled") | Boolean | | | | Activate or deactivate IGMP snooping on device level. | | [      evpn_services_l2_only](## ".node_groups.[].evpn_services_l2_only") | Boolean | | `False` | | Possibility to prevent configuration of Tenant VRFs and SVIs.
Override node definition "network_services_l3" from node_type_keys.
This allows support for centralized routing.
| | [      filter](## ".node_groups.[].filter") | Dictionary | | | | Filter L3 and L2 network services based on tenant and tags (and operation filter).
If filter is not defined it will default to all.
| | [        tenants](## ".node_groups.[].filter.tenants") | List, items: String | | `['all']` | | Limit configured Network Services to those defined under these Tenants. Set to ['all'] for all Tenants (default).
This list also limits Tenants included by `always_include_vrfs_in_tenants`. | @@ -54,7 +54,7 @@ | [        always_include_vrfs_in_tenants](## ".node_groups.[].filter.always_include_vrfs_in_tenants") | List, items: String | | | | List of tenants where VRFs will be configured even if VLANs are not included in tags.
Useful for L3 "border" leaf.
| | [          - <str>](## ".node_groups.[].filter.always_include_vrfs_in_tenants.[]") | String | | | | | | [        only_vlans_in_use](## ".node_groups.[].filter.only_vlans_in_use") | Boolean | | `False` | | Only configure VLANs, SVIs, VRFs in use by connected endpoints or downstream L2 switches.
Note! This feature only considers configuration managed by eos_designs.
This excludes structured_config, custom_structured_configuration_, raw_eos_cli, eos_cli, custom templates, configlets etc.
| - | [      igmp_snooping_enabled](## ".node_groups.[].igmp_snooping_enabled") | Boolean | | `True` | | Activate or deactivate IGMP snooping on device level. | + | [      igmp_snooping_enabled](## ".node_groups.[].igmp_snooping_enabled") | Boolean | | | | Activate or deactivate IGMP snooping on device level. | | [  nodes](## ".nodes") | List, items: Dictionary | | | | Define variables per node. | | [    - name](## ".nodes.[].name") | String | Required, Unique | | | The Node Name is used as "hostname". | | [      evpn_services_l2_only](## ".nodes.[].evpn_services_l2_only") | Boolean | | `False` | | Possibility to prevent configuration of Tenant VRFs and SVIs.
Override node definition "network_services_l3" from node_type_keys.
This allows support for centralized routing.
| @@ -70,7 +70,7 @@ | [        always_include_vrfs_in_tenants](## ".nodes.[].filter.always_include_vrfs_in_tenants") | List, items: String | | | | List of tenants where VRFs will be configured even if VLANs are not included in tags.
Useful for L3 "border" leaf.
| | [          - <str>](## ".nodes.[].filter.always_include_vrfs_in_tenants.[]") | String | | | | | | [        only_vlans_in_use](## ".nodes.[].filter.only_vlans_in_use") | Boolean | | `False` | | Only configure VLANs, SVIs, VRFs in use by connected endpoints or downstream L2 switches.
Note! This feature only considers configuration managed by eos_designs.
This excludes structured_config, custom_structured_configuration_, raw_eos_cli, eos_cli, custom templates, configlets etc.
| - | [      igmp_snooping_enabled](## ".nodes.[].igmp_snooping_enabled") | Boolean | | `True` | | Activate or deactivate IGMP snooping on device level. | + | [      igmp_snooping_enabled](## ".nodes.[].igmp_snooping_enabled") | Boolean | | | | Activate or deactivate IGMP snooping on device level. | === "YAML" @@ -119,7 +119,7 @@ only_vlans_in_use: # Activate or deactivate IGMP snooping on device level. - igmp_snooping_enabled: + igmp_snooping_enabled: # Define variables related to all nodes part of this group. node_groups: @@ -173,7 +173,7 @@ only_vlans_in_use: # Activate or deactivate IGMP snooping on device level. - igmp_snooping_enabled: + igmp_snooping_enabled: # Possibility to prevent configuration of Tenant VRFs and SVIs. # Override node definition "network_services_l3" from node_type_keys. @@ -214,7 +214,7 @@ only_vlans_in_use: # Activate or deactivate IGMP snooping on device level. - igmp_snooping_enabled: + igmp_snooping_enabled: # Define variables per node. nodes: @@ -261,5 +261,5 @@ only_vlans_in_use: # Activate or deactivate IGMP snooping on device level. - igmp_snooping_enabled: + igmp_snooping_enabled: ``` diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-inband-management-configuration.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-inband-management-configuration.md index b20d99bd1c8..c7533bc36b5 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-inband-management-configuration.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-inband-management-configuration.md @@ -18,7 +18,7 @@ | [    inband_mgmt_ipv6_subnet](## ".defaults.inband_mgmt_ipv6_subnet") | String | | | Format: ipv6_cidr | Optional IPv6 prefix assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks).
Parent l3leafs will have SVI with "ipv6 virtual-router" and host-route injection based on ARP.
This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension.
SVI IP address will be assigned as follows:
virtual-router: + 1
l3leaf A : + 2 (same IP on all l3leaf A)
l3leaf B : + 3 (same IP on all l3leaf B)
l2leafs : + 3 +
GW on l2leafs : + 1
Assign range larger than total l2leafs + 5

Setting is ignored if 'inband_mgmt_ipv6_address' is set.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
| | [    inband_mgmt_ipv6_gateway](## ".defaults.inband_mgmt_ipv6_gateway") | String | | | Format: ipv6 | Default gateway configured in the 'inband_mgmt_vrf'.
Used when `inband_mgmt_ipv6_address` is set.
Ignored when 'inband_mgmt_ipv6_subnet' is set (first IP in subnet used as gateway).

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
| | [    inband_mgmt_description](## ".defaults.inband_mgmt_description") | String | | `Inband Management` | | Description configured on the Inband Management SVI.

This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | - | [    inband_mgmt_vlan_name](## ".defaults.inband_mgmt_vlan_name") | String | | `Inband Management` | | Name configured on the Inband Management VLAN.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | + | [    inband_mgmt_vlan_name](## ".defaults.inband_mgmt_vlan_name") | String | | `INBAND_MGMT` | | Name configured on the Inband Management VLAN.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | | [    inband_mgmt_vrf](## ".defaults.inband_mgmt_vrf") | String | | `default` | | VRF configured on the Inband Management Interface.
The VRF is created if not already created by other means.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | | [    inband_mgmt_mtu](## ".defaults.inband_mgmt_mtu") | Integer | | `1500` | | MTU configured on the Inband Management Interface.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | | [    inband_ztp](## ".defaults.inband_ztp") | Boolean | | `False` | | Enable to configure upstream device with proper configuration to allow downstream devices to ZTP inband.
This setting also requires that the `inband_mgmt_vlan` is set for the node. | @@ -38,7 +38,7 @@ | [          inband_mgmt_ipv6_subnet](## ".node_groups.[].nodes.[].inband_mgmt_ipv6_subnet") | String | | | Format: ipv6_cidr | Optional IPv6 prefix assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks).
Parent l3leafs will have SVI with "ipv6 virtual-router" and host-route injection based on ARP.
This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension.
SVI IP address will be assigned as follows:
virtual-router: + 1
l3leaf A : + 2 (same IP on all l3leaf A)
l3leaf B : + 3 (same IP on all l3leaf B)
l2leafs : + 3 +
GW on l2leafs : + 1
Assign range larger than total l2leafs + 5

Setting is ignored if 'inband_mgmt_ipv6_address' is set.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
| | [          inband_mgmt_ipv6_gateway](## ".node_groups.[].nodes.[].inband_mgmt_ipv6_gateway") | String | | | Format: ipv6 | Default gateway configured in the 'inband_mgmt_vrf'.
Used when `inband_mgmt_ipv6_address` is set.
Ignored when 'inband_mgmt_ipv6_subnet' is set (first IP in subnet used as gateway).

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
| | [          inband_mgmt_description](## ".node_groups.[].nodes.[].inband_mgmt_description") | String | | `Inband Management` | | Description configured on the Inband Management SVI.

This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | - | [          inband_mgmt_vlan_name](## ".node_groups.[].nodes.[].inband_mgmt_vlan_name") | String | | `Inband Management` | | Name configured on the Inband Management VLAN.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | + | [          inband_mgmt_vlan_name](## ".node_groups.[].nodes.[].inband_mgmt_vlan_name") | String | | `INBAND_MGMT` | | Name configured on the Inband Management VLAN.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | | [          inband_mgmt_vrf](## ".node_groups.[].nodes.[].inband_mgmt_vrf") | String | | `default` | | VRF configured on the Inband Management Interface.
The VRF is created if not already created by other means.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | | [          inband_mgmt_mtu](## ".node_groups.[].nodes.[].inband_mgmt_mtu") | Integer | | `1500` | | MTU configured on the Inband Management Interface.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | | [          inband_ztp](## ".node_groups.[].nodes.[].inband_ztp") | Boolean | | `False` | | Enable to configure upstream device with proper configuration to allow downstream devices to ZTP inband.
This setting also requires that the `inband_mgmt_vlan` is set for the node. | @@ -54,7 +54,7 @@ | [      inband_mgmt_ipv6_subnet](## ".node_groups.[].inband_mgmt_ipv6_subnet") | String | | | Format: ipv6_cidr | Optional IPv6 prefix assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks).
Parent l3leafs will have SVI with "ipv6 virtual-router" and host-route injection based on ARP.
This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension.
SVI IP address will be assigned as follows:
virtual-router: + 1
l3leaf A : + 2 (same IP on all l3leaf A)
l3leaf B : + 3 (same IP on all l3leaf B)
l2leafs : + 3 +
GW on l2leafs : + 1
Assign range larger than total l2leafs + 5

Setting is ignored if 'inband_mgmt_ipv6_address' is set.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
| | [      inband_mgmt_ipv6_gateway](## ".node_groups.[].inband_mgmt_ipv6_gateway") | String | | | Format: ipv6 | Default gateway configured in the 'inband_mgmt_vrf'.
Used when `inband_mgmt_ipv6_address` is set.
Ignored when 'inband_mgmt_ipv6_subnet' is set (first IP in subnet used as gateway).

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
| | [      inband_mgmt_description](## ".node_groups.[].inband_mgmt_description") | String | | `Inband Management` | | Description configured on the Inband Management SVI.

This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | - | [      inband_mgmt_vlan_name](## ".node_groups.[].inband_mgmt_vlan_name") | String | | `Inband Management` | | Name configured on the Inband Management VLAN.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | + | [      inband_mgmt_vlan_name](## ".node_groups.[].inband_mgmt_vlan_name") | String | | `INBAND_MGMT` | | Name configured on the Inband Management VLAN.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | | [      inband_mgmt_vrf](## ".node_groups.[].inband_mgmt_vrf") | String | | `default` | | VRF configured on the Inband Management Interface.
The VRF is created if not already created by other means.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | | [      inband_mgmt_mtu](## ".node_groups.[].inband_mgmt_mtu") | Integer | | `1500` | | MTU configured on the Inband Management Interface.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | | [      inband_ztp](## ".node_groups.[].inband_ztp") | Boolean | | `False` | | Enable to configure upstream device with proper configuration to allow downstream devices to ZTP inband.
This setting also requires that the `inband_mgmt_vlan` is set for the node. | @@ -72,7 +72,7 @@ | [      inband_mgmt_ipv6_subnet](## ".nodes.[].inband_mgmt_ipv6_subnet") | String | | | Format: ipv6_cidr | Optional IPv6 prefix assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks).
Parent l3leafs will have SVI with "ipv6 virtual-router" and host-route injection based on ARP.
This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension.
SVI IP address will be assigned as follows:
virtual-router: + 1
l3leaf A : + 2 (same IP on all l3leaf A)
l3leaf B : + 3 (same IP on all l3leaf B)
l2leafs : + 3 +
GW on l2leafs : + 1
Assign range larger than total l2leafs + 5

Setting is ignored if 'inband_mgmt_ipv6_address' is set.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
| | [      inband_mgmt_ipv6_gateway](## ".nodes.[].inband_mgmt_ipv6_gateway") | String | | | Format: ipv6 | Default gateway configured in the 'inband_mgmt_vrf'.
Used when `inband_mgmt_ipv6_address` is set.
Ignored when 'inband_mgmt_ipv6_subnet' is set (first IP in subnet used as gateway).

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
| | [      inband_mgmt_description](## ".nodes.[].inband_mgmt_description") | String | | `Inband Management` | | Description configured on the Inband Management SVI.

This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | - | [      inband_mgmt_vlan_name](## ".nodes.[].inband_mgmt_vlan_name") | String | | `Inband Management` | | Name configured on the Inband Management VLAN.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | + | [      inband_mgmt_vlan_name](## ".nodes.[].inband_mgmt_vlan_name") | String | | `INBAND_MGMT` | | Name configured on the Inband Management VLAN.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | | [      inband_mgmt_vrf](## ".nodes.[].inband_mgmt_vrf") | String | | `default` | | VRF configured on the Inband Management Interface.
The VRF is created if not already created by other means.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | | [      inband_mgmt_mtu](## ".nodes.[].inband_mgmt_mtu") | Integer | | `1500` | | MTU configured on the Inband Management Interface.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. | | [      inband_ztp](## ".nodes.[].inband_ztp") | Boolean | | `False` | | Enable to configure upstream device with proper configuration to allow downstream devices to ZTP inband.
This setting also requires that the `inband_mgmt_vlan` is set for the node. | @@ -169,7 +169,7 @@ # Name configured on the Inband Management VLAN. # This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. - inband_mgmt_vlan_name: + inband_mgmt_vlan_name: # VRF configured on the Inband Management Interface. # The VRF is created if not already created by other means. @@ -282,7 +282,7 @@ # Name configured on the Inband Management VLAN. # This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. - inband_mgmt_vlan_name: + inband_mgmt_vlan_name: # VRF configured on the Inband Management Interface. # The VRF is created if not already created by other means. @@ -382,7 +382,7 @@ # Name configured on the Inband Management VLAN. # This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. - inband_mgmt_vlan_name: + inband_mgmt_vlan_name: # VRF configured on the Inband Management Interface. # The VRF is created if not already created by other means. @@ -488,7 +488,7 @@ # Name configured on the Inband Management VLAN. # This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. - inband_mgmt_vlan_name: + inband_mgmt_vlan_name: # VRF configured on the Inband Management Interface. # The VRF is created if not already created by other means. diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-isis-configuration.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-isis-configuration.md index d27941faeb4..2450b97f76e 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-isis-configuration.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-isis-configuration.md @@ -11,7 +11,7 @@ | [  defaults](## ".defaults") | Dictionary | | | | Define variables for all nodes of this type. | | [    isis_system_id_prefix](## ".defaults.isis_system_id_prefix") | String | | | Pattern: `[0-9a-f]{4}\.[0-9a-f]{4}` | (4.4 hexadecimal). | | [    isis_maximum_paths](## ".defaults.isis_maximum_paths") | Integer | | | | Number of path to configure in ECMP for ISIS. | - | [    is_type](## ".defaults.is_type") | String | | `level-2` | Valid Values:
- level-1-2
- level-1
- level-2 | | + | [    is_type](## ".defaults.is_type") | String | | | Valid Values:
- level-1-2
- level-1
- level-2 | Overrides `isis_default_is_type`. | | [    node_sid_base](## ".defaults.node_sid_base") | Integer | | `0` | | Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID. | | [  node_groups](## ".node_groups") | List, items: Dictionary | | | | Define variables related to all nodes part of this group. | | [    - group](## ".node_groups.[].group") | String | Required, Unique | | | The Node Group Name is used for MLAG domain unless set with 'mlag_domain_id'.
The Node Group Name is also used for peer description on downstream switches' uplinks.
| @@ -19,17 +19,17 @@ | [        - name](## ".node_groups.[].nodes.[].name") | String | Required, Unique | | | The Node Name is used as "hostname". | | [          isis_system_id_prefix](## ".node_groups.[].nodes.[].isis_system_id_prefix") | String | | | Pattern: `[0-9a-f]{4}\.[0-9a-f]{4}` | (4.4 hexadecimal). | | [          isis_maximum_paths](## ".node_groups.[].nodes.[].isis_maximum_paths") | Integer | | | | Number of path to configure in ECMP for ISIS. | - | [          is_type](## ".node_groups.[].nodes.[].is_type") | String | | `level-2` | Valid Values:
- level-1-2
- level-1
- level-2 | | + | [          is_type](## ".node_groups.[].nodes.[].is_type") | String | | | Valid Values:
- level-1-2
- level-1
- level-2 | Overrides `isis_default_is_type`. | | [          node_sid_base](## ".node_groups.[].nodes.[].node_sid_base") | Integer | | `0` | | Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID. | | [      isis_system_id_prefix](## ".node_groups.[].isis_system_id_prefix") | String | | | Pattern: `[0-9a-f]{4}\.[0-9a-f]{4}` | (4.4 hexadecimal). | | [      isis_maximum_paths](## ".node_groups.[].isis_maximum_paths") | Integer | | | | Number of path to configure in ECMP for ISIS. | - | [      is_type](## ".node_groups.[].is_type") | String | | `level-2` | Valid Values:
- level-1-2
- level-1
- level-2 | | + | [      is_type](## ".node_groups.[].is_type") | String | | | Valid Values:
- level-1-2
- level-1
- level-2 | Overrides `isis_default_is_type`. | | [      node_sid_base](## ".node_groups.[].node_sid_base") | Integer | | `0` | | Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID. | | [  nodes](## ".nodes") | List, items: Dictionary | | | | Define variables per node. | | [    - name](## ".nodes.[].name") | String | Required, Unique | | | The Node Name is used as "hostname". | | [      isis_system_id_prefix](## ".nodes.[].isis_system_id_prefix") | String | | | Pattern: `[0-9a-f]{4}\.[0-9a-f]{4}` | (4.4 hexadecimal). | | [      isis_maximum_paths](## ".nodes.[].isis_maximum_paths") | Integer | | | | Number of path to configure in ECMP for ISIS. | - | [      is_type](## ".nodes.[].is_type") | String | | `level-2` | Valid Values:
- level-1-2
- level-1
- level-2 | | + | [      is_type](## ".nodes.[].is_type") | String | | | Valid Values:
- level-1-2
- level-1
- level-2 | Overrides `isis_default_is_type`. | | [      node_sid_base](## ".nodes.[].node_sid_base") | Integer | | `0` | | Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID. | === "YAML" @@ -45,7 +45,9 @@ # Number of path to configure in ECMP for ISIS. isis_maximum_paths: - is_type: + + # Overrides `isis_default_is_type`. + is_type: # Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID. node_sid_base: @@ -68,7 +70,9 @@ # Number of path to configure in ECMP for ISIS. isis_maximum_paths: - is_type: + + # Overrides `isis_default_is_type`. + is_type: # Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID. node_sid_base: @@ -78,7 +82,9 @@ # Number of path to configure in ECMP for ISIS. isis_maximum_paths: - is_type: + + # Overrides `isis_default_is_type`. + is_type: # Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID. node_sid_base: @@ -94,7 +100,9 @@ # Number of path to configure in ECMP for ISIS. isis_maximum_paths: - is_type: + + # Overrides `isis_default_is_type`. + is_type: # Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID. node_sid_base: diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-keys.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-keys.md index 8013f2e4fcf..3154817cdda 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-keys.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-keys.md @@ -16,9 +16,9 @@ | [    default_underlay_routing_protocol](## "custom_node_type_keys.[].default_underlay_routing_protocol") | String | | `ebgp` | Value is converted to lower case.
Valid Values:
- ebgp
- ospf
- ospf-ldp
- isis
- isis-sr
- isis-ldp
- isis-sr-ldp
- none | Set the default underlay routing_protocol.
Can be overridden by setting "underlay_routing_protocol" host/group_vars.
| | [    default_overlay_routing_protocol](## "custom_node_type_keys.[].default_overlay_routing_protocol") | String | | `ebgp` | Value is converted to lower case.
Valid Values:
- ebgp
- ibgp
- her
- cvx
- none | Set the default overlay routing_protocol.
Can be overridden by setting "overlay_routing_protocol" host/group_vars.
| | [    default_mpls_overlay_role](## "custom_node_type_keys.[].default_mpls_overlay_role") | String | | | Valid Values:
- client
- server
- none | Set the default mpls overlay role.
Acting role in overlay control plane.
| - | [    default_overlay_address_families](## "custom_node_type_keys.[].default_overlay_address_families") | List, items: String | | | | Set the default overlay address families.
| + | [    default_overlay_address_families](## "custom_node_type_keys.[].default_overlay_address_families") | List, items: String | | `['evpn']` | | Set the default overlay address families.
| | [      - <str>](## "custom_node_type_keys.[].default_overlay_address_families.[]") | String | | | Value is converted to lower case.
Valid Values:
- evpn
- vpn-ipv4
- vpn-ipv6 | | - | [    default_evpn_encapsulation](## "custom_node_type_keys.[].default_evpn_encapsulation") | String | | | Value is converted to lower case.
Valid Values:
- mpls
- vxlan | Set the default evpn encapsulation.
| + | [    default_evpn_encapsulation](## "custom_node_type_keys.[].default_evpn_encapsulation") | String | | `vxlan` | Value is converted to lower case.
Valid Values:
- mpls
- vxlan | Set the default evpn encapsulation.
| | [    default_wan_role](## "custom_node_type_keys.[].default_wan_role") | String | | | Valid Values:
- client
- server | Set the default WAN role.

This is used both for AutoVPN and Pathfinder designs.
That means if `wan_mode` root key is set to `autovpn` or `cv-pathfinder`.
`server` indicates that the router is a route-reflector.

Only supported if `overlay_routing_protocol` is set to `ibgp`.
| | [    default_flow_tracker_type](## "custom_node_type_keys.[].default_flow_tracker_type") | String | | `sampled` | Valid Values:
- sampled
- hardware | Set the default flow tracker type. | | [    mlag_support](## "custom_node_type_keys.[].mlag_support") | Boolean | | `False` | | Can this node type support mlag. | @@ -32,7 +32,7 @@ | [    mpls_lsr](## "custom_node_type_keys.[].mpls_lsr") | Boolean | | `False` | | Is this switch an MPLS LSR. | | [    ip_addressing](## "custom_node_type_keys.[].ip_addressing") | Dictionary | | | | Override ip_addressing templates. | | [      python_module](## "custom_node_type_keys.[].ip_addressing.python_module") | String | | | | Custom Python Module to import for IP addressing. | - | [      python_class_name](## "custom_node_type_keys.[].ip_addressing.python_class_name") | String | | | | Name of Custom Python Class to import for IP addressing. | + | [      python_class_name](## "custom_node_type_keys.[].ip_addressing.python_class_name") | String | | `AvdIpAddressing` | | Name of Custom Python Class to import for IP addressing. | | [      router_id](## "custom_node_type_keys.[].ip_addressing.router_id") | String | | | | Path to Custom J2 template. | | [      router_id_ipv6](## "custom_node_type_keys.[].ip_addressing.router_id_ipv6") | String | | | | Path to Custom J2 template. | | [      mlag_ip_primary](## "custom_node_type_keys.[].ip_addressing.mlag_ip_primary") | String | | | | Path to Custom J2 template. | @@ -47,7 +47,7 @@ | [      vtep_ip](## "custom_node_type_keys.[].ip_addressing.vtep_ip") | String | | | | Path to Custom J2 template. | | [    interface_descriptions](## "custom_node_type_keys.[].interface_descriptions") | Dictionary | | | | Override interface_descriptions templates.
If description templates use Jinja2, they have to strip whitespaces using {%- -%} on any code blocks.
| | [      python_module](## "custom_node_type_keys.[].interface_descriptions.python_module") | String | | | | Custom Python Module to import for interface descriptions. | - | [      python_class_name](## "custom_node_type_keys.[].interface_descriptions.python_class_name") | String | | | | Name of Custom Python Class to import for interface descriptions. | + | [      python_class_name](## "custom_node_type_keys.[].interface_descriptions.python_class_name") | String | | `AvdInterfaceDescriptions` | | Name of Custom Python Class to import for interface descriptions. | | [      underlay_ethernet_interfaces](## "custom_node_type_keys.[].interface_descriptions.underlay_ethernet_interfaces") | String | | | | Path to Custom J2 template. | | [      underlay_port_channel_interfaces](## "custom_node_type_keys.[].interface_descriptions.underlay_port_channel_interfaces") | String | | | | Path to Custom J2 template. | | [      mlag_ethernet_interfaces](## "custom_node_type_keys.[].interface_descriptions.mlag_ethernet_interfaces") | String | | | | Path to Custom J2 template. | @@ -66,9 +66,9 @@ | [    default_underlay_routing_protocol](## "node_type_keys.[].default_underlay_routing_protocol") | String | | `ebgp` | Value is converted to lower case.
Valid Values:
- ebgp
- ospf
- ospf-ldp
- isis
- isis-sr
- isis-ldp
- isis-sr-ldp
- none | Set the default underlay routing_protocol.
Can be overridden by setting "underlay_routing_protocol" host/group_vars.
| | [    default_overlay_routing_protocol](## "node_type_keys.[].default_overlay_routing_protocol") | String | | `ebgp` | Value is converted to lower case.
Valid Values:
- ebgp
- ibgp
- her
- cvx
- none | Set the default overlay routing_protocol.
Can be overridden by setting "overlay_routing_protocol" host/group_vars.
| | [    default_mpls_overlay_role](## "node_type_keys.[].default_mpls_overlay_role") | String | | | Valid Values:
- client
- server
- none | Set the default mpls overlay role.
Acting role in overlay control plane.
| - | [    default_overlay_address_families](## "node_type_keys.[].default_overlay_address_families") | List, items: String | | | | Set the default overlay address families.
| + | [    default_overlay_address_families](## "node_type_keys.[].default_overlay_address_families") | List, items: String | | `['evpn']` | | Set the default overlay address families.
| | [      - <str>](## "node_type_keys.[].default_overlay_address_families.[]") | String | | | Value is converted to lower case.
Valid Values:
- evpn
- vpn-ipv4
- vpn-ipv6 | | - | [    default_evpn_encapsulation](## "node_type_keys.[].default_evpn_encapsulation") | String | | | Value is converted to lower case.
Valid Values:
- mpls
- vxlan | Set the default evpn encapsulation.
| + | [    default_evpn_encapsulation](## "node_type_keys.[].default_evpn_encapsulation") | String | | `vxlan` | Value is converted to lower case.
Valid Values:
- mpls
- vxlan | Set the default evpn encapsulation.
| | [    default_wan_role](## "node_type_keys.[].default_wan_role") | String | | | Valid Values:
- client
- server | Set the default WAN role.

This is used both for AutoVPN and Pathfinder designs.
That means if `wan_mode` root key is set to `autovpn` or `cv-pathfinder`.
`server` indicates that the router is a route-reflector.

Only supported if `overlay_routing_protocol` is set to `ibgp`.
| | [    default_flow_tracker_type](## "node_type_keys.[].default_flow_tracker_type") | String | | `sampled` | Valid Values:
- sampled
- hardware | Set the default flow tracker type. | | [    mlag_support](## "node_type_keys.[].mlag_support") | Boolean | | `False` | | Can this node type support mlag. | @@ -82,7 +82,7 @@ | [    mpls_lsr](## "node_type_keys.[].mpls_lsr") | Boolean | | `False` | | Is this switch an MPLS LSR. | | [    ip_addressing](## "node_type_keys.[].ip_addressing") | Dictionary | | | | Override ip_addressing templates. | | [      python_module](## "node_type_keys.[].ip_addressing.python_module") | String | | | | Custom Python Module to import for IP addressing. | - | [      python_class_name](## "node_type_keys.[].ip_addressing.python_class_name") | String | | | | Name of Custom Python Class to import for IP addressing. | + | [      python_class_name](## "node_type_keys.[].ip_addressing.python_class_name") | String | | `AvdIpAddressing` | | Name of Custom Python Class to import for IP addressing. | | [      router_id](## "node_type_keys.[].ip_addressing.router_id") | String | | | | Path to Custom J2 template. | | [      router_id_ipv6](## "node_type_keys.[].ip_addressing.router_id_ipv6") | String | | | | Path to Custom J2 template. | | [      mlag_ip_primary](## "node_type_keys.[].ip_addressing.mlag_ip_primary") | String | | | | Path to Custom J2 template. | @@ -97,7 +97,7 @@ | [      vtep_ip](## "node_type_keys.[].ip_addressing.vtep_ip") | String | | | | Path to Custom J2 template. | | [    interface_descriptions](## "node_type_keys.[].interface_descriptions") | Dictionary | | | | Override interface_descriptions templates.
If description templates use Jinja2, they have to strip whitespaces using {%- -%} on any code blocks.
| | [      python_module](## "node_type_keys.[].interface_descriptions.python_module") | String | | | | Custom Python Module to import for interface descriptions. | - | [      python_class_name](## "node_type_keys.[].interface_descriptions.python_class_name") | String | | | | Name of Custom Python Class to import for interface descriptions. | + | [      python_class_name](## "node_type_keys.[].interface_descriptions.python_class_name") | String | | `AvdInterfaceDescriptions` | | Name of Custom Python Class to import for interface descriptions. | | [      underlay_ethernet_interfaces](## "node_type_keys.[].interface_descriptions.underlay_ethernet_interfaces") | String | | | | Path to Custom J2 template. | | [      underlay_port_channel_interfaces](## "node_type_keys.[].interface_descriptions.underlay_port_channel_interfaces") | String | | | | Path to Custom J2 template. | | [      mlag_ethernet_interfaces](## "node_type_keys.[].interface_descriptions.mlag_ethernet_interfaces") | String | | | | Path to Custom J2 template. | @@ -144,11 +144,11 @@ default_mpls_overlay_role: # Set the default overlay address families. - default_overlay_address_families: + default_overlay_address_families: # default=['evpn'] - # Set the default evpn encapsulation. - default_evpn_encapsulation: + default_evpn_encapsulation: # Set the default WAN role. # @@ -210,7 +210,7 @@ python_module: # Name of Custom Python Class to import for IP addressing. - python_class_name: + python_class_name: # Path to Custom J2 template. router_id: @@ -256,7 +256,7 @@ python_module: # Name of Custom Python Class to import for interface descriptions. - python_class_name: + python_class_name: # Path to Custom J2 template. underlay_ethernet_interfaces: @@ -324,11 +324,11 @@ default_mpls_overlay_role: # Set the default overlay address families. - default_overlay_address_families: + default_overlay_address_families: # default=['evpn'] - # Set the default evpn encapsulation. - default_evpn_encapsulation: + default_evpn_encapsulation: # Set the default WAN role. # @@ -390,7 +390,7 @@ python_module: # Name of Custom Python Class to import for IP addressing. - python_class_name: + python_class_name: # Path to Custom J2 template. router_id: @@ -436,7 +436,7 @@ python_module: # Name of Custom Python Class to import for interface descriptions. - python_class_name: + python_class_name: # Path to Custom J2 template. underlay_ethernet_interfaces: diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-ptp-configuration.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-ptp-configuration.md index a49156bf73b..7aee673bf4a 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-ptp-configuration.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-ptp-configuration.md @@ -10,14 +10,14 @@ | [<node_type_keys.key>](## "") | Dictionary | | | | | | [  defaults](## ".defaults") | Dictionary | | | | Define variables for all nodes of this type. | | [    ptp](## ".defaults.ptp") | Dictionary | | | | | - | [      enabled](## ".defaults.ptp.enabled") | Boolean | | `False` | | | - | [      profile](## ".defaults.ptp.profile") | String | | `aes67-r16-2016` | | Default available profiles are:
- "aes67"
- "aes67-r16-2016"
- "smpte2059-2" | + | [      enabled](## ".defaults.ptp.enabled") | Boolean | | | | | + | [      profile](## ".defaults.ptp.profile") | String | | | | Default available profiles are:
- "aes67"
- "aes67-r16-2016"
- "smpte2059-2" | | [      mlag](## ".defaults.ptp.mlag") | Boolean | | `False` | | Configure PTP on the MLAG peer-link port-channel when PTP is enabled. By default PTP will not be configured on the MLAG peer-link port-channel. | | [      domain](## ".defaults.ptp.domain") | Integer | | `127` | Min: 0
Max: 255 | | | [      priority1](## ".defaults.ptp.priority1") | Integer | | | Min: 0
Max: 255 | default -> automatically set based on node_type.
| | [      priority2](## ".defaults.ptp.priority2") | Integer | | | Min: 0
Max: 255 | default -> (node_id modulus 256).
| - | [      auto_clock_identity](## ".defaults.ptp.auto_clock_identity") | Boolean | | `True` | | If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity.
default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + ":00:" + (PTP priority 2 as HEX).
| - | [      clock_identity_prefix](## ".defaults.ptp.clock_identity_prefix") | String | | | | PTP clock idetentiy 3-byte prefix. i.e. "01:02:03".
By default the 3-byte prefix is "00:1C:73".
This can be overridden if auto_clock_identity is set to true (which is the default).
| + | [      auto_clock_identity](## ".defaults.ptp.auto_clock_identity") | Boolean | | | | If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity.
default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + ":00:" + (PTP priority 2 as HEX).
| + | [      clock_identity_prefix](## ".defaults.ptp.clock_identity_prefix") | String | | `00:1C:73` | | PTP clock idetentiy 3-byte prefix. i.e. "01:02:03".
By default the 3-byte prefix is "00:1C:73".
This can be overridden if auto_clock_identity is set to true (which is the default).
| | [      clock_identity](## ".defaults.ptp.clock_identity") | String | | | | Set PTP clock identity manually. 6-byte value i.e. "01:02:03:04:05:06".
| | [      source_ip](## ".defaults.ptp.source_ip") | String | | | | By default in EOS, PTP packets are sourced with an IP address from the routed port or from the relevant SVI, which is the recommended behaviour.
This can be set manually if required, for example, to a value of "10.1.2.3".
| | [      mode](## ".defaults.ptp.mode") | String | | `boundary` | Valid Values:
- boundary | | @@ -51,14 +51,14 @@ | [      nodes](## ".node_groups.[].nodes") | List, items: Dictionary | | | | Define variables per node. | | [        - name](## ".node_groups.[].nodes.[].name") | String | Required, Unique | | | The Node Name is used as "hostname". | | [          ptp](## ".node_groups.[].nodes.[].ptp") | Dictionary | | | | | - | [            enabled](## ".node_groups.[].nodes.[].ptp.enabled") | Boolean | | `False` | | | - | [            profile](## ".node_groups.[].nodes.[].ptp.profile") | String | | `aes67-r16-2016` | | Default available profiles are:
- "aes67"
- "aes67-r16-2016"
- "smpte2059-2" | + | [            enabled](## ".node_groups.[].nodes.[].ptp.enabled") | Boolean | | | | | + | [            profile](## ".node_groups.[].nodes.[].ptp.profile") | String | | | | Default available profiles are:
- "aes67"
- "aes67-r16-2016"
- "smpte2059-2" | | [            mlag](## ".node_groups.[].nodes.[].ptp.mlag") | Boolean | | `False` | | Configure PTP on the MLAG peer-link port-channel when PTP is enabled. By default PTP will not be configured on the MLAG peer-link port-channel. | | [            domain](## ".node_groups.[].nodes.[].ptp.domain") | Integer | | `127` | Min: 0
Max: 255 | | | [            priority1](## ".node_groups.[].nodes.[].ptp.priority1") | Integer | | | Min: 0
Max: 255 | default -> automatically set based on node_type.
| | [            priority2](## ".node_groups.[].nodes.[].ptp.priority2") | Integer | | | Min: 0
Max: 255 | default -> (node_id modulus 256).
| - | [            auto_clock_identity](## ".node_groups.[].nodes.[].ptp.auto_clock_identity") | Boolean | | `True` | | If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity.
default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + ":00:" + (PTP priority 2 as HEX).
| - | [            clock_identity_prefix](## ".node_groups.[].nodes.[].ptp.clock_identity_prefix") | String | | | | PTP clock idetentiy 3-byte prefix. i.e. "01:02:03".
By default the 3-byte prefix is "00:1C:73".
This can be overridden if auto_clock_identity is set to true (which is the default).
| + | [            auto_clock_identity](## ".node_groups.[].nodes.[].ptp.auto_clock_identity") | Boolean | | | | If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity.
default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + ":00:" + (PTP priority 2 as HEX).
| + | [            clock_identity_prefix](## ".node_groups.[].nodes.[].ptp.clock_identity_prefix") | String | | `00:1C:73` | | PTP clock idetentiy 3-byte prefix. i.e. "01:02:03".
By default the 3-byte prefix is "00:1C:73".
This can be overridden if auto_clock_identity is set to true (which is the default).
| | [            clock_identity](## ".node_groups.[].nodes.[].ptp.clock_identity") | String | | | | Set PTP clock identity manually. 6-byte value i.e. "01:02:03:04:05:06".
| | [            source_ip](## ".node_groups.[].nodes.[].ptp.source_ip") | String | | | | By default in EOS, PTP packets are sourced with an IP address from the routed port or from the relevant SVI, which is the recommended behaviour.
This can be set manually if required, for example, to a value of "10.1.2.3".
| | [            mode](## ".node_groups.[].nodes.[].ptp.mode") | String | | `boundary` | Valid Values:
- boundary | | @@ -88,14 +88,14 @@ | [                  follow_up](## ".node_groups.[].nodes.[].ptp.monitor.missing_message.sequence_ids.follow_up") | Integer | | `3` | Min: 2
Max: 255 | | | [                  sync](## ".node_groups.[].nodes.[].ptp.monitor.missing_message.sequence_ids.sync") | Integer | | `3` | Min: 2
Max: 255 | | | [      ptp](## ".node_groups.[].ptp") | Dictionary | | | | | - | [        enabled](## ".node_groups.[].ptp.enabled") | Boolean | | `False` | | | - | [        profile](## ".node_groups.[].ptp.profile") | String | | `aes67-r16-2016` | | Default available profiles are:
- "aes67"
- "aes67-r16-2016"
- "smpte2059-2" | + | [        enabled](## ".node_groups.[].ptp.enabled") | Boolean | | | | | + | [        profile](## ".node_groups.[].ptp.profile") | String | | | | Default available profiles are:
- "aes67"
- "aes67-r16-2016"
- "smpte2059-2" | | [        mlag](## ".node_groups.[].ptp.mlag") | Boolean | | `False` | | Configure PTP on the MLAG peer-link port-channel when PTP is enabled. By default PTP will not be configured on the MLAG peer-link port-channel. | | [        domain](## ".node_groups.[].ptp.domain") | Integer | | `127` | Min: 0
Max: 255 | | | [        priority1](## ".node_groups.[].ptp.priority1") | Integer | | | Min: 0
Max: 255 | default -> automatically set based on node_type.
| | [        priority2](## ".node_groups.[].ptp.priority2") | Integer | | | Min: 0
Max: 255 | default -> (node_id modulus 256).
| - | [        auto_clock_identity](## ".node_groups.[].ptp.auto_clock_identity") | Boolean | | `True` | | If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity.
default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + ":00:" + (PTP priority 2 as HEX).
| - | [        clock_identity_prefix](## ".node_groups.[].ptp.clock_identity_prefix") | String | | | | PTP clock idetentiy 3-byte prefix. i.e. "01:02:03".
By default the 3-byte prefix is "00:1C:73".
This can be overridden if auto_clock_identity is set to true (which is the default).
| + | [        auto_clock_identity](## ".node_groups.[].ptp.auto_clock_identity") | Boolean | | | | If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity.
default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + ":00:" + (PTP priority 2 as HEX).
| + | [        clock_identity_prefix](## ".node_groups.[].ptp.clock_identity_prefix") | String | | `00:1C:73` | | PTP clock idetentiy 3-byte prefix. i.e. "01:02:03".
By default the 3-byte prefix is "00:1C:73".
This can be overridden if auto_clock_identity is set to true (which is the default).
| | [        clock_identity](## ".node_groups.[].ptp.clock_identity") | String | | | | Set PTP clock identity manually. 6-byte value i.e. "01:02:03:04:05:06".
| | [        source_ip](## ".node_groups.[].ptp.source_ip") | String | | | | By default in EOS, PTP packets are sourced with an IP address from the routed port or from the relevant SVI, which is the recommended behaviour.
This can be set manually if required, for example, to a value of "10.1.2.3".
| | [        mode](## ".node_groups.[].ptp.mode") | String | | `boundary` | Valid Values:
- boundary | | @@ -127,14 +127,14 @@ | [  nodes](## ".nodes") | List, items: Dictionary | | | | Define variables per node. | | [    - name](## ".nodes.[].name") | String | Required, Unique | | | The Node Name is used as "hostname". | | [      ptp](## ".nodes.[].ptp") | Dictionary | | | | | - | [        enabled](## ".nodes.[].ptp.enabled") | Boolean | | `False` | | | - | [        profile](## ".nodes.[].ptp.profile") | String | | `aes67-r16-2016` | | Default available profiles are:
- "aes67"
- "aes67-r16-2016"
- "smpte2059-2" | + | [        enabled](## ".nodes.[].ptp.enabled") | Boolean | | | | | + | [        profile](## ".nodes.[].ptp.profile") | String | | | | Default available profiles are:
- "aes67"
- "aes67-r16-2016"
- "smpte2059-2" | | [        mlag](## ".nodes.[].ptp.mlag") | Boolean | | `False` | | Configure PTP on the MLAG peer-link port-channel when PTP is enabled. By default PTP will not be configured on the MLAG peer-link port-channel. | | [        domain](## ".nodes.[].ptp.domain") | Integer | | `127` | Min: 0
Max: 255 | | | [        priority1](## ".nodes.[].ptp.priority1") | Integer | | | Min: 0
Max: 255 | default -> automatically set based on node_type.
| | [        priority2](## ".nodes.[].ptp.priority2") | Integer | | | Min: 0
Max: 255 | default -> (node_id modulus 256).
| - | [        auto_clock_identity](## ".nodes.[].ptp.auto_clock_identity") | Boolean | | `True` | | If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity.
default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + ":00:" + (PTP priority 2 as HEX).
| - | [        clock_identity_prefix](## ".nodes.[].ptp.clock_identity_prefix") | String | | | | PTP clock idetentiy 3-byte prefix. i.e. "01:02:03".
By default the 3-byte prefix is "00:1C:73".
This can be overridden if auto_clock_identity is set to true (which is the default).
| + | [        auto_clock_identity](## ".nodes.[].ptp.auto_clock_identity") | Boolean | | | | If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity.
default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + ":00:" + (PTP priority 2 as HEX).
| + | [        clock_identity_prefix](## ".nodes.[].ptp.clock_identity_prefix") | String | | `00:1C:73` | | PTP clock idetentiy 3-byte prefix. i.e. "01:02:03".
By default the 3-byte prefix is "00:1C:73".
This can be overridden if auto_clock_identity is set to true (which is the default).
| | [        clock_identity](## ".nodes.[].ptp.clock_identity") | String | | | | Set PTP clock identity manually. 6-byte value i.e. "01:02:03:04:05:06".
| | [        source_ip](## ".nodes.[].ptp.source_ip") | String | | | | By default in EOS, PTP packets are sourced with an IP address from the routed port or from the relevant SVI, which is the recommended behaviour.
This can be set manually if required, for example, to a value of "10.1.2.3".
| | [        mode](## ".nodes.[].ptp.mode") | String | | `boundary` | Valid Values:
- boundary | | @@ -172,13 +172,13 @@ # Define variables for all nodes of this type. defaults: ptp: - enabled: + enabled: # Default available profiles are: # - "aes67" # - "aes67-r16-2016" # - "smpte2059-2" - profile: + profile: # Configure PTP on the MLAG peer-link port-channel when PTP is enabled. By default PTP will not be configured on the MLAG peer-link port-channel. mlag: @@ -192,12 +192,12 @@ # If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity. # default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + ":00:" + (PTP priority 2 as HEX). - auto_clock_identity: + auto_clock_identity: # PTP clock idetentiy 3-byte prefix. i.e. "01:02:03". # By default the 3-byte prefix is "00:1C:73". # This can be overridden if auto_clock_identity is set to true (which is the default). - clock_identity_prefix: + clock_identity_prefix: # Set PTP clock identity manually. 6-byte value i.e. "01:02:03:04:05:06". clock_identity: @@ -247,13 +247,13 @@ # The Node Name is used as "hostname". - name: ptp: - enabled: + enabled: # Default available profiles are: # - "aes67" # - "aes67-r16-2016" # - "smpte2059-2" - profile: + profile: # Configure PTP on the MLAG peer-link port-channel when PTP is enabled. By default PTP will not be configured on the MLAG peer-link port-channel. mlag: @@ -267,12 +267,12 @@ # If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity. # default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + ":00:" + (PTP priority 2 as HEX). - auto_clock_identity: + auto_clock_identity: # PTP clock idetentiy 3-byte prefix. i.e. "01:02:03". # By default the 3-byte prefix is "00:1C:73". # This can be overridden if auto_clock_identity is set to true (which is the default). - clock_identity_prefix: + clock_identity_prefix: # Set PTP clock identity manually. 6-byte value i.e. "01:02:03:04:05:06". clock_identity: @@ -309,13 +309,13 @@ follow_up: sync: ptp: - enabled: + enabled: # Default available profiles are: # - "aes67" # - "aes67-r16-2016" # - "smpte2059-2" - profile: + profile: # Configure PTP on the MLAG peer-link port-channel when PTP is enabled. By default PTP will not be configured on the MLAG peer-link port-channel. mlag: @@ -329,12 +329,12 @@ # If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity. # default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + ":00:" + (PTP priority 2 as HEX). - auto_clock_identity: + auto_clock_identity: # PTP clock idetentiy 3-byte prefix. i.e. "01:02:03". # By default the 3-byte prefix is "00:1C:73". # This can be overridden if auto_clock_identity is set to true (which is the default). - clock_identity_prefix: + clock_identity_prefix: # Set PTP clock identity manually. 6-byte value i.e. "01:02:03:04:05:06". clock_identity: @@ -377,13 +377,13 @@ # The Node Name is used as "hostname". - name: ptp: - enabled: + enabled: # Default available profiles are: # - "aes67" # - "aes67-r16-2016" # - "smpte2059-2" - profile: + profile: # Configure PTP on the MLAG peer-link port-channel when PTP is enabled. By default PTP will not be configured on the MLAG peer-link port-channel. mlag: @@ -397,12 +397,12 @@ # If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity. # default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + ":00:" + (PTP priority 2 as HEX). - auto_clock_identity: + auto_clock_identity: # PTP clock idetentiy 3-byte prefix. i.e. "01:02:03". # By default the 3-byte prefix is "00:1C:73". # This can be overridden if auto_clock_identity is set to true (which is the default). - clock_identity_prefix: + clock_identity_prefix: # Set PTP clock identity manually. 6-byte value i.e. "01:02:03:04:05:06". clock_identity: diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-uplink-configuration.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-uplink-configuration.md index 3b170ee80d2..da5f450011b 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-uplink-configuration.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-uplink-configuration.md @@ -15,7 +15,7 @@ | [        - name](## ".defaults.link_tracking.groups.[].name") | String | | | | Tracking group name. | | [          recovery_delay](## ".defaults.link_tracking.groups.[].recovery_delay") | Integer | | | Min: 0
Max: 3600 | default -> platform_settings_mlag_reload_delay -> 300. | | [          links_minimum](## ".defaults.link_tracking.groups.[].links_minimum") | Integer | | | Min: 1
Max: 100000 | | - | [    uplink_type](## ".defaults.uplink_type") | String | | `p2p` | Valid Values:
- p2p
- port-channel
- p2p-vrfs
- lan | Override the default `uplink_type` set at the `node_type_key` level.
`uplink_type` must be "p2p" if `vtep` or `underlay_router` is true for the `node_type_key` definition. | + | [    uplink_type](## ".defaults.uplink_type") | String | | | Valid Values:
- p2p
- port-channel
- p2p-vrfs
- lan | Override the default `uplink_type` set at the `node_type_key` level.
`uplink_type` must be "p2p" if `vtep` or `underlay_router` is true for the `node_type_key` definition. | | [    uplink_ipv4_pool](## ".defaults.uplink_ipv4_pool") | String | | | Format: ipv4_cidr | IPv4 subnet to use to connect to uplink switches. | | [    uplink_interfaces](## ".defaults.uplink_interfaces") | List, items: String | | | | Local uplink interfaces.
Each list item supports range syntax that can be expanded into a list of interfaces.
If uplink_interfaces is not defined, platform-specific defaults (defined under default_interfaces) will be used instead.
Please note that default_interfaces are not defined by default, you should define these yourself.
| | [      - <str>](## ".defaults.uplink_interfaces.[]") | String | | | Pattern: `Ethernet[\d/]+` | | @@ -52,7 +52,7 @@ | [              - name](## ".node_groups.[].nodes.[].link_tracking.groups.[].name") | String | | | | Tracking group name. | | [                recovery_delay](## ".node_groups.[].nodes.[].link_tracking.groups.[].recovery_delay") | Integer | | | Min: 0
Max: 3600 | default -> platform_settings_mlag_reload_delay -> 300. | | [                links_minimum](## ".node_groups.[].nodes.[].link_tracking.groups.[].links_minimum") | Integer | | | Min: 1
Max: 100000 | | - | [          uplink_type](## ".node_groups.[].nodes.[].uplink_type") | String | | `p2p` | Valid Values:
- p2p
- port-channel
- p2p-vrfs
- lan | Override the default `uplink_type` set at the `node_type_key` level.
`uplink_type` must be "p2p" if `vtep` or `underlay_router` is true for the `node_type_key` definition. | + | [          uplink_type](## ".node_groups.[].nodes.[].uplink_type") | String | | | Valid Values:
- p2p
- port-channel
- p2p-vrfs
- lan | Override the default `uplink_type` set at the `node_type_key` level.
`uplink_type` must be "p2p" if `vtep` or `underlay_router` is true for the `node_type_key` definition. | | [          uplink_ipv4_pool](## ".node_groups.[].nodes.[].uplink_ipv4_pool") | String | | | Format: ipv4_cidr | IPv4 subnet to use to connect to uplink switches. | | [          uplink_interfaces](## ".node_groups.[].nodes.[].uplink_interfaces") | List, items: String | | | | Local uplink interfaces.
Each list item supports range syntax that can be expanded into a list of interfaces.
If uplink_interfaces is not defined, platform-specific defaults (defined under default_interfaces) will be used instead.
Please note that default_interfaces are not defined by default, you should define these yourself.
| | [            - <str>](## ".node_groups.[].nodes.[].uplink_interfaces.[]") | String | | | Pattern: `Ethernet[\d/]+` | | @@ -81,7 +81,7 @@ | [          - name](## ".node_groups.[].link_tracking.groups.[].name") | String | | | | Tracking group name. | | [            recovery_delay](## ".node_groups.[].link_tracking.groups.[].recovery_delay") | Integer | | | Min: 0
Max: 3600 | default -> platform_settings_mlag_reload_delay -> 300. | | [            links_minimum](## ".node_groups.[].link_tracking.groups.[].links_minimum") | Integer | | | Min: 1
Max: 100000 | | - | [      uplink_type](## ".node_groups.[].uplink_type") | String | | `p2p` | Valid Values:
- p2p
- port-channel
- p2p-vrfs
- lan | Override the default `uplink_type` set at the `node_type_key` level.
`uplink_type` must be "p2p" if `vtep` or `underlay_router` is true for the `node_type_key` definition. | + | [      uplink_type](## ".node_groups.[].uplink_type") | String | | | Valid Values:
- p2p
- port-channel
- p2p-vrfs
- lan | Override the default `uplink_type` set at the `node_type_key` level.
`uplink_type` must be "p2p" if `vtep` or `underlay_router` is true for the `node_type_key` definition. | | [      uplink_ipv4_pool](## ".node_groups.[].uplink_ipv4_pool") | String | | | Format: ipv4_cidr | IPv4 subnet to use to connect to uplink switches. | | [      uplink_interfaces](## ".node_groups.[].uplink_interfaces") | List, items: String | | | | Local uplink interfaces.
Each list item supports range syntax that can be expanded into a list of interfaces.
If uplink_interfaces is not defined, platform-specific defaults (defined under default_interfaces) will be used instead.
Please note that default_interfaces are not defined by default, you should define these yourself.
| | [        - <str>](## ".node_groups.[].uplink_interfaces.[]") | String | | | Pattern: `Ethernet[\d/]+` | | @@ -116,7 +116,7 @@ | [          - name](## ".nodes.[].link_tracking.groups.[].name") | String | | | | Tracking group name. | | [            recovery_delay](## ".nodes.[].link_tracking.groups.[].recovery_delay") | Integer | | | Min: 0
Max: 3600 | default -> platform_settings_mlag_reload_delay -> 300. | | [            links_minimum](## ".nodes.[].link_tracking.groups.[].links_minimum") | Integer | | | Min: 1
Max: 100000 | | - | [      uplink_type](## ".nodes.[].uplink_type") | String | | `p2p` | Valid Values:
- p2p
- port-channel
- p2p-vrfs
- lan | Override the default `uplink_type` set at the `node_type_key` level.
`uplink_type` must be "p2p" if `vtep` or `underlay_router` is true for the `node_type_key` definition. | + | [      uplink_type](## ".nodes.[].uplink_type") | String | | | Valid Values:
- p2p
- port-channel
- p2p-vrfs
- lan | Override the default `uplink_type` set at the `node_type_key` level.
`uplink_type` must be "p2p" if `vtep` or `underlay_router` is true for the `node_type_key` definition. | | [      uplink_ipv4_pool](## ".nodes.[].uplink_ipv4_pool") | String | | | Format: ipv4_cidr | IPv4 subnet to use to connect to uplink switches. | | [      uplink_interfaces](## ".nodes.[].uplink_interfaces") | List, items: String | | | | Local uplink interfaces.
Each list item supports range syntax that can be expanded into a list of interfaces.
If uplink_interfaces is not defined, platform-specific defaults (defined under default_interfaces) will be used instead.
Please note that default_interfaces are not defined by default, you should define these yourself.
| | [        - <str>](## ".nodes.[].uplink_interfaces.[]") | String | | | Pattern: `Ethernet[\d/]+` | | @@ -167,7 +167,7 @@ # Override the default `uplink_type` set at the `node_type_key` level. # `uplink_type` must be "p2p" if `vtep` or `underlay_router` is true for the `node_type_key` definition. - uplink_type: + uplink_type: # IPv4 subnet to use to connect to uplink switches. uplink_ipv4_pool: @@ -303,7 +303,7 @@ # Override the default `uplink_type` set at the `node_type_key` level. # `uplink_type` must be "p2p" if `vtep` or `underlay_router` is true for the `node_type_key` definition. - uplink_type: + uplink_type: # IPv4 subnet to use to connect to uplink switches. uplink_ipv4_pool: @@ -416,7 +416,7 @@ # Override the default `uplink_type` set at the `node_type_key` level. # `uplink_type` must be "p2p" if `vtep` or `underlay_router` is true for the `node_type_key` definition. - uplink_type: + uplink_type: # IPv4 subnet to use to connect to uplink switches. uplink_ipv4_pool: @@ -545,7 +545,7 @@ # Override the default `uplink_type` set at the `node_type_key` level. # `uplink_type` must be "p2p" if `vtep` or `underlay_router` is true for the `node_type_key` definition. - uplink_type: + uplink_type: # IPv4 subnet to use to connect to uplink switches. uplink_ipv4_pool: diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-wan-configuration.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-wan-configuration.md index 6ead910b46a..0242bae6ba6 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-wan-configuration.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-wan-configuration.md @@ -14,7 +14,7 @@ | [    cv_pathfinder_region](## ".defaults.cv_pathfinder_region") | String | | | | The CV Pathfinder region name.
This key is required for WAN routers but optional for pathfinders.
The region name must be defined under 'cv_pathfinder_regions'. | | [    cv_pathfinder_site](## ".defaults.cv_pathfinder_site") | String | | | | The CV Pathfinder site name.
This key is required for WAN routers but optional for pathfinders.
For WAN routers and pathfinders with `cv_pathfinder_region`, the site name must be defined for the relevant region under 'cv_pathfinder_regions'.
For pathfinders without `cv_pathfinder_region` set, the site must be defined under `cv_pathfinder_global_sites`. | | [    wan_ha](## ".defaults.wan_ha") | Dictionary | | | | PREVIEW: This key is currently not supported

The key is supported only if `wan_mode` == `cv-pathfinder`.
AutoVPN support is still to be determined.

Maximum 2 devices supported by group for HA. | - | [      enabled](## ".defaults.wan_ha.enabled") | Boolean | | `True` | | Enable / Disable auto CV-Pathfinder HA, when two nodes are defined in the same node_group. | + | [      enabled](## ".defaults.wan_ha.enabled") | Boolean | | | | Enable / Disable auto CV-Pathfinder HA, when two nodes are defined in the same node_group. | | [      ipsec](## ".defaults.wan_ha.ipsec") | Boolean | | `True` | | Enable / Disable IPsec over HA path-group when HA is enabled. | | [      mtu](## ".defaults.wan_ha.mtu") | Integer | | `9194` | Min: 68
Max: 65535 | Set MTU on WAN HA interfaces. | | [      ha_interfaces](## ".defaults.wan_ha.ha_interfaces") | List, items: String | | | | Local WAN HA interfaces
Overwrite the default behavior which is to pick all the `uplink_interfaces`.
Can be used to filter uplink interfaces when there are multiple uplinks.
Limitations:
Either all interfaces must be uplinks or all interfaces must not be uplinks.
Only one interface is supported for non uplinks. | @@ -36,7 +36,7 @@ | [          cv_pathfinder_region](## ".node_groups.[].nodes.[].cv_pathfinder_region") | String | | | | The CV Pathfinder region name.
This key is required for WAN routers but optional for pathfinders.
The region name must be defined under 'cv_pathfinder_regions'. | | [          cv_pathfinder_site](## ".node_groups.[].nodes.[].cv_pathfinder_site") | String | | | | The CV Pathfinder site name.
This key is required for WAN routers but optional for pathfinders.
For WAN routers and pathfinders with `cv_pathfinder_region`, the site name must be defined for the relevant region under 'cv_pathfinder_regions'.
For pathfinders without `cv_pathfinder_region` set, the site must be defined under `cv_pathfinder_global_sites`. | | [          wan_ha](## ".node_groups.[].nodes.[].wan_ha") | Dictionary | | | | PREVIEW: This key is currently not supported

The key is supported only if `wan_mode` == `cv-pathfinder`.
AutoVPN support is still to be determined.

Maximum 2 devices supported by group for HA. | - | [            enabled](## ".node_groups.[].nodes.[].wan_ha.enabled") | Boolean | | `True` | | Enable / Disable auto CV-Pathfinder HA, when two nodes are defined in the same node_group. | + | [            enabled](## ".node_groups.[].nodes.[].wan_ha.enabled") | Boolean | | | | Enable / Disable auto CV-Pathfinder HA, when two nodes are defined in the same node_group. | | [            ipsec](## ".node_groups.[].nodes.[].wan_ha.ipsec") | Boolean | | `True` | | Enable / Disable IPsec over HA path-group when HA is enabled. | | [            mtu](## ".node_groups.[].nodes.[].wan_ha.mtu") | Integer | | `9194` | Min: 68
Max: 65535 | Set MTU on WAN HA interfaces. | | [            ha_interfaces](## ".node_groups.[].nodes.[].wan_ha.ha_interfaces") | List, items: String | | | | Local WAN HA interfaces
Overwrite the default behavior which is to pick all the `uplink_interfaces`.
Can be used to filter uplink interfaces when there are multiple uplinks.
Limitations:
Either all interfaces must be uplinks or all interfaces must not be uplinks.
Only one interface is supported for non uplinks. | @@ -54,7 +54,7 @@ | [      cv_pathfinder_region](## ".node_groups.[].cv_pathfinder_region") | String | | | | The CV Pathfinder region name.
This key is required for WAN routers but optional for pathfinders.
The region name must be defined under 'cv_pathfinder_regions'. | | [      cv_pathfinder_site](## ".node_groups.[].cv_pathfinder_site") | String | | | | The CV Pathfinder site name.
This key is required for WAN routers but optional for pathfinders.
For WAN routers and pathfinders with `cv_pathfinder_region`, the site name must be defined for the relevant region under 'cv_pathfinder_regions'.
For pathfinders without `cv_pathfinder_region` set, the site must be defined under `cv_pathfinder_global_sites`. | | [      wan_ha](## ".node_groups.[].wan_ha") | Dictionary | | | | PREVIEW: This key is currently not supported

The key is supported only if `wan_mode` == `cv-pathfinder`.
AutoVPN support is still to be determined.

Maximum 2 devices supported by group for HA. | - | [        enabled](## ".node_groups.[].wan_ha.enabled") | Boolean | | `True` | | Enable / Disable auto CV-Pathfinder HA, when two nodes are defined in the same node_group. | + | [        enabled](## ".node_groups.[].wan_ha.enabled") | Boolean | | | | Enable / Disable auto CV-Pathfinder HA, when two nodes are defined in the same node_group. | | [        ipsec](## ".node_groups.[].wan_ha.ipsec") | Boolean | | `True` | | Enable / Disable IPsec over HA path-group when HA is enabled. | | [        mtu](## ".node_groups.[].wan_ha.mtu") | Integer | | `9194` | Min: 68
Max: 65535 | Set MTU on WAN HA interfaces. | | [        ha_interfaces](## ".node_groups.[].wan_ha.ha_interfaces") | List, items: String | | | | Local WAN HA interfaces
Overwrite the default behavior which is to pick all the `uplink_interfaces`.
Can be used to filter uplink interfaces when there are multiple uplinks.
Limitations:
Either all interfaces must be uplinks or all interfaces must not be uplinks.
Only one interface is supported for non uplinks. | @@ -74,7 +74,7 @@ | [      cv_pathfinder_region](## ".nodes.[].cv_pathfinder_region") | String | | | | The CV Pathfinder region name.
This key is required for WAN routers but optional for pathfinders.
The region name must be defined under 'cv_pathfinder_regions'. | | [      cv_pathfinder_site](## ".nodes.[].cv_pathfinder_site") | String | | | | The CV Pathfinder site name.
This key is required for WAN routers but optional for pathfinders.
For WAN routers and pathfinders with `cv_pathfinder_region`, the site name must be defined for the relevant region under 'cv_pathfinder_regions'.
For pathfinders without `cv_pathfinder_region` set, the site must be defined under `cv_pathfinder_global_sites`. | | [      wan_ha](## ".nodes.[].wan_ha") | Dictionary | | | | PREVIEW: This key is currently not supported

The key is supported only if `wan_mode` == `cv-pathfinder`.
AutoVPN support is still to be determined.

Maximum 2 devices supported by group for HA. | - | [        enabled](## ".nodes.[].wan_ha.enabled") | Boolean | | `True` | | Enable / Disable auto CV-Pathfinder HA, when two nodes are defined in the same node_group. | + | [        enabled](## ".nodes.[].wan_ha.enabled") | Boolean | | | | Enable / Disable auto CV-Pathfinder HA, when two nodes are defined in the same node_group. | | [        ipsec](## ".nodes.[].wan_ha.ipsec") | Boolean | | `True` | | Enable / Disable IPsec over HA path-group when HA is enabled. | | [        mtu](## ".nodes.[].wan_ha.mtu") | Integer | | `9194` | Min: 68
Max: 65535 | Set MTU on WAN HA interfaces. | | [        ha_interfaces](## ".nodes.[].wan_ha.ha_interfaces") | List, items: String | | | | Local WAN HA interfaces
Overwrite the default behavior which is to pick all the `uplink_interfaces`.
Can be used to filter uplink interfaces when there are multiple uplinks.
Limitations:
Either all interfaces must be uplinks or all interfaces must not be uplinks.
Only one interface is supported for non uplinks. | @@ -131,7 +131,7 @@ wan_ha: # Enable / Disable auto CV-Pathfinder HA, when two nodes are defined in the same node_group. - enabled: + enabled: # Enable / Disable IPsec over HA path-group when HA is enabled. ipsec: @@ -222,7 +222,7 @@ wan_ha: # Enable / Disable auto CV-Pathfinder HA, when two nodes are defined in the same node_group. - enabled: + enabled: # Enable / Disable IPsec over HA path-group when HA is enabled. ipsec: @@ -300,7 +300,7 @@ wan_ha: # Enable / Disable auto CV-Pathfinder HA, when two nodes are defined in the same node_group. - enabled: + enabled: # Enable / Disable IPsec over HA path-group when HA is enabled. ipsec: @@ -384,7 +384,7 @@ wan_ha: # Enable / Disable auto CV-Pathfinder HA, when two nodes are defined in the same node_group. - enabled: + enabled: # Enable / Disable IPsec over HA path-group when HA is enabled. ipsec: diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/overlay-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/overlay-settings.md index 95b5ae2f2df..6ab5430e6d3 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/overlay-settings.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/overlay-settings.md @@ -17,15 +17,15 @@ | [overlay_mlag_rfc5549](## "overlay_mlag_rfc5549") | Boolean | | `False` | | IPv6 Unnumbered for MLAG iBGP connections.
Requires "underlay_rfc5549: true".
| | [overlay_rd_type](## "overlay_rd_type") | Dictionary | | | | Configuration options for the Administrator subfield (first part of RD) and the Assigned Number subfield (second part of RD).

By default Route Distinguishers (RD) are set to:
- `:` for VLANs and VLAN-Aware Bundles with L2 vlans.
- `:` for VLAN-Aware Bundles with SVIs.
- `:` for VLAN-Aware Bundles defined under 'evpn_vlan_bundles'.
- `:` for VRFs.

Note:
RD is a 48-bit value which is split into <16-bit>:<32-bit> or <32-bit>:<16-bit>.
When using loopback or 32-bit ASN/number the assigned number can only be a 16-bit number. This may be a problem with large VNIs.
For 16-bit ASN/number the assigned number can be a 32-bit number.
| | [  admin_subfield](## "overlay_rd_type.admin_subfield") | String | | `router_id` | | The method for deriving RD Administrator subfield (first part of RD):
- 'router_id' means the IP address of Loopback0.
- 'vtep_loopback' means the IP address of the VTEP loopback interface.
- 'bgp_as' means the AS number of the device.
- 'switch_id' means the 'id' value of the device.
- Any without mask.
- Integer between <0-65535>.
- Integer between <0-4294967295>.
- 'overlay_loopback_ip' means the IP address of Loopback0. (deprecated - use 'router_id' instead)
| - | [  admin_subfield_offset](## "overlay_rd_type.admin_subfield_offset") | String | | | | Offset can only be used if admin_subfield is an integer between <0-4294967295> or 'switch_id'.
Total value of admin_subfield + admin_subfield_offset must be <= 4294967295.
| + | [  admin_subfield_offset](## "overlay_rd_type.admin_subfield_offset") | Integer | | `0` | | Offset can only be used if admin_subfield is an integer between <0-4294967295> or 'switch_id'.
Total value of admin_subfield + admin_subfield_offset must be <= 4294967295.
| | [  vrf_admin_subfield](## "overlay_rd_type.vrf_admin_subfield") | String | | | | The method for deriving RD Administrator subfield (first part of RD) for VRF services:
- 'router_id' means the IP address of Loopback0.
- 'vtep_loopback' means the IP address of the VTEP loopback interface.
- 'bgp_as' means the AS number of the device.
- 'switch_id' means the 'id' value of the device.
- Any without mask.
- Integer between <0-65535>.
- Integer between <0-4294967295>.
- 'overlay_loopback_ip' means the IP address of Loopback0. (deprecated - use 'router_id' instead)

'vrf_admin_subfield' takes precedence for VRF RDs if set. Otherwise the 'admin_subfield' value will be used.
| - | [  vrf_admin_subfield_offset](## "overlay_rd_type.vrf_admin_subfield_offset") | String | | | | Offset can only be used if 'vrf_admin_subfield' is an integer between <0-4294967295> or 'switch_id'.
Total value of 'vrf_admin_subfield' + 'vrf_admin_subfield_offset' must be <= 4294967295.
| + | [  vrf_admin_subfield_offset](## "overlay_rd_type.vrf_admin_subfield_offset") | Integer | | | | Offset can only be used if 'vrf_admin_subfield' is an integer between <0-4294967295> or 'switch_id'.
Total value of 'vrf_admin_subfield' + 'vrf_admin_subfield_offset' must be <= 4294967295.

'vrf_admin_subfield_offset' takes precedence for VRF RDs if set. Otherwise the 'admin_subfield_offset' value will be used.
| | [  vlan_assigned_number_subfield](## "overlay_rd_type.vlan_assigned_number_subfield") | String | | `mac_vrf_id` | Valid Values:
- mac_vrf_id
- mac_vrf_vni
- vlan_id | The method for deriving RD Assigned Number subfield for VLAN services (second part of RD):
- 'mac_vrf_id' means `(mac_vrf_id_base or mac_vrf_vni_base) + vlan_id`.
- 'mac_vrf_vni' means `(mac_vrf_vni_base or mac_vrf_id_base) + vlan_id`.
- 'vlan_id' will only use the 'vlan_id' and ignores all base values.

These methods can be overridden per VLAN if either 'rd_override', 'rt_override' or 'vni_override' is set (preferred in this order).
| - | [overlay_routing_protocol](## "overlay_routing_protocol") | String | | `ebgp` | Value is converted to lower case.
Valid Values:
- ebgp
- ibgp
- cvx
- her
- none | - The following overlay routing protocols are supported:
- eBGP: Configures fabric with eBGP, default for l3ls-evpn design.
- iBGP: Configured fabric with iBGP, only supported with OSPF or ISIS variants in underlay, default for mpls design.
- CVX: Configures fabric to leverage CloudVision eXchange as the overlay controller.
- HER: Configures fabric with Head-End Replication, configures static VXLAN flood-lists instead of using a dynamic overlay protocol.
- none: No overlay configuration will be generated, default for l2ls design.
| + | [overlay_routing_protocol](## "overlay_routing_protocol") | String | | | Value is converted to lower case.
Valid Values:
- ebgp
- ibgp
- cvx
- her
- none | - The following overlay routing protocols are supported:
- ebgp: Configures fabric with eBGP, default for l3ls-evpn design.
- ibgp: Configured fabric with iBGP, only supported with OSPF or ISIS variants in underlay, default for mpls design.
- cvx: Configures fabric to leverage CloudVision eXchange as the overlay controller.
- her: Configures fabric with Head-End Replication, configures static VXLAN flood-lists instead of using a dynamic overlay protocol.
- none: No overlay configuration will be generated, default for l2ls design.

If not set, the default_overlay_routing_protocol defined under the node_type_keys will be used (default is "ebgp").
| | [overlay_routing_protocol_address_family](## "overlay_routing_protocol_address_family") | String | | `ipv4` | Valid Values:
- ipv4
- ipv6 | When set to `ipv6`, enable overlay EVPN peering with IPv6 addresses.
This feature depends on underlay_ipv6 variable. As of today, only RFC5549 is capable to transport IPv6 in the underlay.
| | [overlay_rt_type](## "overlay_rt_type") | Dictionary | | | | Configuration options for the Administrator subfield (first part of RT) and the Assigned Number subfield (second part of RT).

By default Route Targets (RT) are set to:
- `<(mac_vrf_id_base or mac_vrf_vni_base) + vlan_id>:<(mac_vrf_id_base or mac_vrf_vni_base) + vlan_id>` for VLANs and VLAN-Aware Bundles with L2 vlans.
- `:` for VLAN-Aware Bundles with SVIs.
- `:` for VLAN-Aware Bundles defined under 'evpn_vlan_bundles'.
- `:` for VRFs.

Notes:
RT is a 48-bit value which is split into <16-bit>:<32-bit> or <32-bit>:<16-bit>.
When using 32-bit ASN/number the VNI can only be a 16-bit number. Alternatively use vlan_id/vrf_id as assigned number.
For 16-bit ASN/number the assigned number can be a 32-bit number.
| | [  admin_subfield](## "overlay_rt_type.admin_subfield") | String | | `vrf_id` | | The method for deriving RT Administrator subfield (first part of RT):
- 'vrf_id' means `(mac_vrf_id_base or mac_vrf_vni_base) + vlan_id` for VLANs, `(vrf_id or vrf_vni)` for VRFs and `id` for bundles defined under 'evpn_vlan_bundles'.
- 'vrf_vni' means `(mac_vrf_vni_base or mac_vrf_id_base) + vlan_id` for VLANs, `(vrf_vni or vrf_id)` for VRFs and `id` for bundles defined under 'evpn_vlan_bundles'.
- 'id' means `vlan_id` for VLANs, `(vrf_id or vrf_vni)` for VRFs and `id` for bundles defined under 'evpn_vlan_bundles'.
- 'bgp_as' means the AS number of the device.
- Integer between <0-65535>.
- Integer between <0-4294967295>.

The 'vrf_id' and 'vrf_vni' methods can be overridden per VLAN if either 'rt_override' or 'vni_override' is set (preferred in this order).
The 'vrf_id', 'vrf_vni' and 'id' methods can be overridden per bundle defined under `evpn_vlan_bundles` using 'rt_override'.
| - | [  vrf_admin_subfield](## "overlay_rt_type.vrf_admin_subfield") | String | | `vrf_id` | | The method for deriving RT Administrator subfield (first part of RT) for VRF services:
- 'id' means `(vrf_id or vrf_vni)`.
- 'vrf_id' means `(vrf_id or vrf_vni)`.
- 'vrf_vni' means `(vrf_vni or vrf_id)`.
- 'bgp_as' means the AS number of the device.
- Integer between <0-65535>.
- Integer between <0-4294967295>.

'vrf_admin_subfield' takes precedence for VRF RDs if set. Otherwise the 'admin_subfield' value will be used.
| + | [  vrf_admin_subfield](## "overlay_rt_type.vrf_admin_subfield") | String | | | | The method for deriving RT Administrator subfield (first part of RT) for VRF services:
- 'id' means `(vrf_id or vrf_vni)`.
- 'vrf_id' means `(vrf_id or vrf_vni)`.
- 'vrf_vni' means `(vrf_vni or vrf_id)`.
- 'bgp_as' means the AS number of the device.
- Integer between <0-65535>.
- Integer between <0-4294967295>.

'vrf_admin_subfield' takes precedence for VRF RDs if set. Otherwise the 'admin_subfield' value will be used.
| | [  vlan_assigned_number_subfield](## "overlay_rt_type.vlan_assigned_number_subfield") | String | | `mac_vrf_id` | Valid Values:
- mac_vrf_id
- mac_vrf_vni
- vlan_id | The method for deriving RT Assigned Number subfield for VLAN services (second part of RT):
- 'mac_vrf_id' means `(mac_vrf_id_base or mac_vrf_vni_base) + vlan_id`.
- 'mac_vrf_vni' means `(mac_vrf_vni_base or mac_vrf_id_base) + vlan_id`.
- 'vlan_id' will only use the 'vlan_id' and ignores all base values.

These methods can be overridden per VLAN if either 'rt_override' or 'vni_override' is set (preferred in this order).
| | [router_id_loopback_description](## "router_id_loopback_description") | String | | `ROUTER_ID` | | Customize the description on Router ID interface Loopback0. | | [vtep_loopback_description](## "vtep_loopback_description") | String | | `VXLAN_TUNNEL_SOURCE` | | Customize the description on the VTEP interface, typically Loopback1. | @@ -104,7 +104,7 @@ # Offset can only be used if admin_subfield is an integer between <0-4294967295> or 'switch_id'. # Total value of admin_subfield + admin_subfield_offset must be <= 4294967295. - admin_subfield_offset: + admin_subfield_offset: # The method for deriving RD Administrator subfield (first part of RD) for VRF services: # - 'router_id' means the IP address of Loopback0. @@ -121,7 +121,9 @@ # Offset can only be used if 'vrf_admin_subfield' is an integer between <0-4294967295> or 'switch_id'. # Total value of 'vrf_admin_subfield' + 'vrf_admin_subfield_offset' must be <= 4294967295. - vrf_admin_subfield_offset: + # + # 'vrf_admin_subfield_offset' takes precedence for VRF RDs if set. Otherwise the 'admin_subfield_offset' value will be used. + vrf_admin_subfield_offset: # The method for deriving RD Assigned Number subfield for VLAN services (second part of RD): # - 'mac_vrf_id' means `(mac_vrf_id_base or mac_vrf_vni_base) + vlan_id`. @@ -132,12 +134,14 @@ vlan_assigned_number_subfield: # - The following overlay routing protocols are supported: - # - eBGP: Configures fabric with eBGP, default for l3ls-evpn design. - # - iBGP: Configured fabric with iBGP, only supported with OSPF or ISIS variants in underlay, default for mpls design. - # - CVX: Configures fabric to leverage CloudVision eXchange as the overlay controller. - # - HER: Configures fabric with Head-End Replication, configures static VXLAN flood-lists instead of using a dynamic overlay protocol. + # - ebgp: Configures fabric with eBGP, default for l3ls-evpn design. + # - ibgp: Configured fabric with iBGP, only supported with OSPF or ISIS variants in underlay, default for mpls design. + # - cvx: Configures fabric to leverage CloudVision eXchange as the overlay controller. + # - her: Configures fabric with Head-End Replication, configures static VXLAN flood-lists instead of using a dynamic overlay protocol. # - none: No overlay configuration will be generated, default for l2ls design. - overlay_routing_protocol: + # + # If not set, the default_overlay_routing_protocol defined under the node_type_keys will be used (default is "ebgp"). + overlay_routing_protocol: # When set to `ipv6`, enable overlay EVPN peering with IPv6 addresses. # This feature depends on underlay_ipv6 variable. As of today, only RFC5549 is capable to transport IPv6 in the underlay. @@ -178,7 +182,7 @@ # - Integer between <0-4294967295>. # # 'vrf_admin_subfield' takes precedence for VRF RDs if set. Otherwise the 'admin_subfield' value will be used. - vrf_admin_subfield: + vrf_admin_subfield: # The method for deriving RT Assigned Number subfield for VLAN services (second part of RT): # - 'mac_vrf_id' means `(mac_vrf_id_base or mac_vrf_vni_base) + vlan_id`. diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/ptp_settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/ptp_settings.md index c7b416afa5d..722fee73799 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/ptp_settings.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/ptp_settings.md @@ -20,7 +20,7 @@ | [ptp_settings](## "ptp_settings") | Dictionary | | | | Common PTP settings. | | [  enabled](## "ptp_settings.enabled") | Boolean | | | | | | [  profile](## "ptp_settings.profile") | String | | `aes67-r16-2016` | | Default available profiles are:
- "aes67"
- "aes67-r16-2016"
- "smpte2059-2" | - | [  domain](## "ptp_settings.domain") | Integer | | | Min: 0
Max: 255 | | + | [  domain](## "ptp_settings.domain") | Integer | | `127` | Min: 0
Max: 255 | | | [  auto_clock_identity](## "ptp_settings.auto_clock_identity") | Boolean | | `True` | | | === "YAML" @@ -51,7 +51,7 @@ # - "aes67-r16-2016" # - "smpte2059-2" profile: - domain: + domain: auto_clock_identity: ``` diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-virtual-topologies.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-virtual-topologies.md index 8cfdbda184d..4a02cd81373 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-virtual-topologies.md +++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-virtual-topologies.md @@ -28,7 +28,7 @@ | [        preference](## "wan_virtual_topologies.control_plane_virtual_topology.path_groups.[].preference") | String | | | | Valid values are 1-65535 | "preferred" | "alternate".

"preferred" is converted to priority 1.
"alternate" is converted to priority 2.

If not set, each path-group in `names` will be attributed its `default_preference`. | | [    internet_exit](## "wan_virtual_topologies.control_plane_virtual_topology.internet_exit") | Dictionary | | | | | | [      policy](## "wan_virtual_topologies.control_plane_virtual_topology.internet_exit.policy") | String | | | | PREVIEW: This key is in preview mode.

Internet-exit policy name associated with this virtual_topology.
The policy must be defined under `cv_pathfinder_internet_exit_policies`. | - | [  policies](## "wan_virtual_topologies.policies") | List, items: Dictionary | | | | List of virtual toplogies policies.

For AutoVPN, each item in the list creates:
* one policy with:
* one `match` entry per `application_virtual_topologies` item
they are indexed using `10 * ` where `list_index` starts at `1`.
* one `default-match`
* one load-balance policy per `application_virtual_topologies` and one for the `default_virtual_topology`.
* if the policy is associated with the default VRF, a special control-plane rule is injected
in the policy with index `1` referring to a control-plane load-balance policy as defined under
`control_plane_virtual_topology` or if not set, the default one.

For CV Pathfinder, each item in the list creates:
* one policy with:
* one `match` entry per `application_virtual_topologies` item ordered as in the data.
* one last match entry for the `default` application-profile using `default_virtual_topology` information.
* one profile per `application_virtual_topologies` item.
* one profile for the `default_virtual_topology`.
* one load-balance policy per `application_virtual_topologies`.
* one load_balance policy for the `default_virtual_topology`.
* if the policy is associated with the default VRF, a special control-plane profile is configured
and injected first in the policy assigned to the `default` VRF. This profile points to a
control-plane load-balance policy as defined under `control_plane_virtual_topology` or if not set, the default one. | + | [  policies](## "wan_virtual_topologies.policies") | List, items: Dictionary | | | | List of virtual topologies policies.

For AutoVPN, each item in the list creates:
* one policy with:
* one `match` entry per `application_virtual_topologies` item
they are indexed using `10 * ` where `list_index` starts at `1`.
* one `default-match`
* one load-balance policy per `application_virtual_topologies` and one for the `default_virtual_topology`.
* if the policy is associated with the default VRF, a special control-plane rule is injected
in the policy with index `1` referring to a control-plane load-balance policy as defined under
`control_plane_virtual_topology` or if not set, the default one.

For CV Pathfinder, each item in the list creates:
* one policy with:
* one `match` entry per `application_virtual_topologies` item ordered as in the data.
* one last match entry for the `default` application-profile using `default_virtual_topology` information.
* one profile per `application_virtual_topologies` item.
* one profile for the `default_virtual_topology`.
* one load-balance policy per `application_virtual_topologies`.
* one load_balance policy for the `default_virtual_topology`.
* if the policy is associated with the default VRF, a special control-plane profile is configured
and injected first in the policy assigned to the `default` VRF. This profile points to a
control-plane load-balance policy as defined under `control_plane_virtual_topology` or if not set, the default one. | | [    - name](## "wan_virtual_topologies.policies.[].name") | String | Required, Unique | | | Name of the AVT policy. | | [      application_virtual_topologies](## "wan_virtual_topologies.policies.[].application_virtual_topologies") | List, items: Dictionary | | | | List of application specific virtual topologies. | | [        - application_profile](## "wan_virtual_topologies.policies.[].application_virtual_topologies.[].application_profile") | String | Required, Unique | | | The application profile to use for this virtual topology. It must be a defined `application_classification.application_profile`. | @@ -152,7 +152,7 @@ # The policy must be defined under `cv_pathfinder_internet_exit_policies`. policy: - # List of virtual toplogies policies. + # List of virtual topologies policies. # # For AutoVPN, each item in the list creates: # * one policy with: diff --git a/python-avd/pyavd/_eos_cli_config_gen/j2templates/documentation/ip-extcommunity-lists-regexp.j2 b/python-avd/pyavd/_eos_cli_config_gen/j2templates/documentation/ip-extcommunity-lists-regexp.j2 index f04fbd2ec9e..35e66040e59 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/j2templates/documentation/ip-extcommunity-lists-regexp.j2 +++ b/python-avd/pyavd/_eos_cli_config_gen/j2templates/documentation/ip-extcommunity-lists-regexp.j2 @@ -15,7 +15,7 @@ {% for ip_extcommunity_list in ip_extcommunity_lists_regexp | arista.avd.natural_sort('name') %} {% for entry in ip_extcommunity_list.entries | arista.avd.default([]) %} {% if entry.type is arista.avd.defined and entry.regexp is arista.avd.defined %} -| {{ ip_extcommunity_list.name }} | {{ entry.type }} | {{ entry.regexp }} | +| {{ ip_extcommunity_list.name }} | {{ entry.type }} | `{{ entry.regexp }}` | {% endif %} {% endfor %} {% endfor %} diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml index 05a5cd2ae87..5a062edb0b2 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml @@ -569,6 +569,7 @@ keys: description: Application name. application_profiles: type: list + primary_key: name description: Group of applications. items: type: dict @@ -1771,7 +1772,7 @@ keys: type: str start_limit_infinite: type: bool - description: Set captive-portal start limit to infinte. + description: Set captive-portal start limit to infinite. access_list_ipv4: type: str description: Standard access-list name. @@ -2167,7 +2168,7 @@ keys: deprecation: warning: true remove_in_version: 6.0.0 - url: https://avd.arista.com/stable/docs/release-notes/5.x.x.html#removal-of-type-key-dependency-for-rendering-ethernetport-channel-interfaces-configuration-and-documentation + url: https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#removal-of-type-key-dependency-for-rendering-ethernetport-channel-interfaces-configuration-and-documentation valid_values: - routed - switched @@ -4521,7 +4522,7 @@ keys: deprecation: warning: true remove_in_version: 6.0.0 - url: https://avd.arista.com/devel/docs/porting-guides/5.x.x.html#default-eos-configuration-is-no-longer-automatically-generated + url: https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#default-eos-configuration-is-no-longer-automatically-generated generate_device_documentation: type: bool documentation_options: @@ -6415,7 +6416,7 @@ keys: type: str convert_types: - int - description: 'Severity of facility. Below are the supported severites. + description: 'Severity of facility. Below are the supported severities. emergencies System is unusable (severity=0) @@ -8403,7 +8404,7 @@ keys: mask: type: str description: 16 bit hexadecimal mask for TCP/UDP or IP ID with - atmost 2 unset bits. + at most 2 unset bits. marker_vxlan: type: dict keys: @@ -9249,7 +9250,7 @@ keys: deprecation: warning: true remove_in_version: 6.0.0 - url: https://avd.arista.com/stable/docs/release-notes/5.x.x.html#removal-of-type-key-dependency-for-rendering-ethernetport-channel-interfaces-configuration-and-documentation + url: https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#removal-of-type-key-dependency-for-rendering-ethernetport-channel-interfaces-configuration-and-documentation valid_values: - routed - switched @@ -9488,7 +9489,6 @@ keys: new_key: switchport.trunk.native_vlan native_vlan_tag: type: bool - default: false description: If setting both native_vlan and native_vlan_tag, native_vlan_tag takes precedence. deprecation: @@ -9580,10 +9580,9 @@ keys: new_key: switchport.trunk.groups lacp_fallback_timeout: type: int - description: Timeout in seconds. + description: Timeout in seconds. EOS default is 90 seconds. convert_types: - str - default: 90 min: 0 max: 300 lacp_fallback_mode: diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/application_traffic_recognition.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/application_traffic_recognition.schema.yml index 51aa090dfbf..9b69dd5585d 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/application_traffic_recognition.schema.yml +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/application_traffic_recognition.schema.yml @@ -124,6 +124,7 @@ keys: description: Application name. application_profiles: type: list + primary_key: name description: Group of applications. items: type: dict diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/dot1x.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/dot1x.schema.yml index b14301768b3..cff6f1d0051 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/dot1x.schema.yml +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/dot1x.schema.yml @@ -235,7 +235,7 @@ keys: type: str start_limit_infinite: type: bool - description: Set captive-portal start limit to infinte. + description: Set captive-portal start limit to infinite. access_list_ipv4: type: str description: Standard access-list name. diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/ethernet_interfaces.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/ethernet_interfaces.schema.yml index 69325594e6a..1b0fd9242e9 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/ethernet_interfaces.schema.yml +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/ethernet_interfaces.schema.yml @@ -137,7 +137,7 @@ keys: deprecation: warning: true remove_in_version: 6.0.0 - url: https://avd.arista.com/stable/docs/release-notes/5.x.x.html#removal-of-type-key-dependency-for-rendering-ethernetport-channel-interfaces-configuration-and-documentation + url: https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#removal-of-type-key-dependency-for-rendering-ethernetport-channel-interfaces-configuration-and-documentation valid_values: ["routed", "switched", "l3dot1q", "l2dot1q", "port-channel-member"] description: | l3dot1q and l2dot1q are used for sub-interfaces. The parent interface should be defined as routed. diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/generate_default_config.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/generate_default_config.schema.yml index a78729364b6..85d2706a4b9 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/generate_default_config.schema.yml +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/generate_default_config.schema.yml @@ -24,4 +24,4 @@ keys: deprecation: warning: true remove_in_version: 6.0.0 - url: https://avd.arista.com/devel/docs/porting-guides/5.x.x.html#default-eos-configuration-is-no-longer-automatically-generated + url: https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#default-eos-configuration-is-no-longer-automatically-generated diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/logging.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/logging.schema.yml index a70e5970611..8122cc36e2c 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/logging.schema.yml +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/logging.schema.yml @@ -162,7 +162,7 @@ keys: convert_types: - int description: |- - Severity of facility. Below are the supported severites. + Severity of facility. Below are the supported severities. emergencies System is unusable (severity=0) alerts Immediate action needed (severity=1) critical Critical conditions (severity=2) diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_telemetry_postcard_policy.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_telemetry_postcard_policy.schema.yml index 04e3ba9eac2..0ce7b852c8d 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_telemetry_postcard_policy.schema.yml +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_telemetry_postcard_policy.schema.yml @@ -57,7 +57,7 @@ keys: - str mask: type: str - description: 16 bit hexadecimal mask for TCP/UDP or IP ID with atmost 2 unset bits. + description: 16 bit hexadecimal mask for TCP/UDP or IP ID with at most 2 unset bits. marker_vxlan: type: dict keys: diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/port_channel_interfaces.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/port_channel_interfaces.schema.yml index 80430b9ee2b..0ef06dccf2d 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/port_channel_interfaces.schema.yml +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/port_channel_interfaces.schema.yml @@ -69,7 +69,7 @@ keys: deprecation: warning: true remove_in_version: 6.0.0 - url: https://avd.arista.com/stable/docs/release-notes/5.x.x.html#removal-of-type-key-dependency-for-rendering-ethernetport-channel-interfaces-configuration-and-documentation + url: https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#removal-of-type-key-dependency-for-rendering-ethernetport-channel-interfaces-configuration-and-documentation valid_values: - routed - switched @@ -301,7 +301,6 @@ keys: new_key: switchport.trunk.native_vlan native_vlan_tag: type: bool - default: false description: If setting both native_vlan and native_vlan_tag, native_vlan_tag takes precedence. deprecation: warning: true @@ -390,10 +389,9 @@ keys: new_key: switchport.trunk.groups lacp_fallback_timeout: type: int - description: Timeout in seconds. + description: Timeout in seconds. EOS default is 90 seconds. convert_types: - str - default: 90 min: 0 max: 300 lacp_fallback_mode: diff --git a/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml b/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml index ea1ae67e914..75b4f699ca1 100644 --- a/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml @@ -455,11 +455,13 @@ keys: documentation_options: table: bgp-settings type: bool + default: true $ref: eos_cli_config_gen#/keys/router_bgp/keys/updates/keys/wait_install bgp_update_wait_for_convergence: documentation_options: table: bgp-settings type: bool + default: false $ref: eos_cli_config_gen#/keys/router_bgp/keys/updates/keys/wait_for_convergence connected_endpoints_keys: documentation_options: @@ -637,7 +639,7 @@ keys: The keys will be generated as a hash of `salt__`. - Since this salt can be used to deduct the encryption key, it is recommeneded + Since this salt can be used to deduct the encryption key, it is recommended to use vault.' domain_name: type: str @@ -1086,7 +1088,7 @@ keys: warning: true removed: false remove_in_version: 6.0.0 - url: https://avd.arista.com/stable/docs/release-notes/5.x.x.html#deprecation_of_design.type + url: https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#deprecation-of-designtype type: dict keys: type: @@ -1379,11 +1381,11 @@ keys: fabric_evpn_encapsulation: documentation_options: table: evpn-settings - description: Should be set to mpls for evpn-mpls scenario. + description: Should be set to mpls for evpn-mpls scenario. This overrides the + evpn_encapsulation setting under node_type_keys. valid_values: - vxlan - mpls - default: vxlan type: str fabric_flow_tracking: documentation_options: @@ -1399,40 +1401,51 @@ keys: uplinks: description: Enable flow-tracking on all fabric uplinks. type: dict - $ref: eos_designs#/$defs/flow_tracking_link + keys: + enabled: + type: bool + default: false + name: + type: str + description: Flow tracker name as defined in flow_tracking_settings. + default: FLOW-TRACKER downlinks: description: Enable flow-tracking on all fabric downlinks. type: dict - $ref: eos_designs#/$defs/flow_tracking_link + $ref: eos_designs#/keys/fabric_flow_tracking/keys/uplinks endpoints: description: Enable flow-tracking on all endpoints ports. type: dict - $ref: eos_designs#/$defs/flow_tracking_link + $ref: eos_designs#/keys/fabric_flow_tracking/keys/uplinks l3_edge: description: Enable flow-tracking on all p2p_links defined under l3_edge. type: dict - $ref: eos_designs#/$defs/flow_tracking_link + $ref: eos_designs#/keys/fabric_flow_tracking/keys/uplinks core_interfaces: description: Enable flow-tracking on all p2p_links defined under core_interfaces. type: dict - $ref: eos_designs#/$defs/flow_tracking_link + $ref: eos_designs#/keys/fabric_flow_tracking/keys/uplinks mlag_interfaces: description: Enable flow-tracking on all MLAG peer interfaces. type: dict - $ref: eos_designs#/$defs/flow_tracking_link + $ref: eos_designs#/keys/fabric_flow_tracking/keys/uplinks l3_interfaces: description: Enable flow-tracking on all node.l3_interfaces and network-services tenants.vrfs.l3_interfaces. type: dict - $ref: eos_designs#/$defs/flow_tracking_link + $ref: eos_designs#/keys/fabric_flow_tracking/keys/uplinks dps_interfaces: description: Enable flow-tracking on all dps_interfaces. type: dict - $ref: eos_designs#/$defs/flow_tracking_link + $ref: eos_designs#/keys/fabric_flow_tracking/keys/uplinks + keys: + enabled: + type: bool + default: true direct_wan_ha_links: description: Enable flow-tracking on all direct WAN HA links. type: dict - $ref: eos_designs#/$defs/flow_tracking_link + $ref: eos_designs#/keys/fabric_flow_tracking/keys/uplinks fabric_ip_addressing: type: dict keys: @@ -1443,17 +1456,17 @@ keys: type: str default: first_id description: "This variable defines the Multi-chassis Link Aggregation - (MLAG) algorithm used.\nEach MLAG link will have a /31* subnet with + (MLAG) algorithm used.\nEach MLAG link will have a /31\xB9 subnet with each subnet allocated from the relevant MLAG pool via a calculated offset.\nThe offset is calculated using one of the following algorithms:\n - first_id: `(mlag_primary_id - 1) * 2` where `mlag_primary_id` is the ID of the first node defined under the node_group.\n This allocation method - will skip every other /31* subnet making it less space efficient than - `odd_id`.\n - odd_id: `(odd_id - 1) / 2`. Requires the node_group to - have a node with an odd ID and a node with an even ID.\n - same_subnet: + will skip every other /31\xB9 subnet making it less space efficient + than `odd_id`.\n - odd_id: `(odd_id - 1) / 2`. Requires the node_group + to have a node with an odd ID and a node with an even ID.\n - same_subnet: the offset will always be zero.\n This allocation method will cause - every MLAG link to be addressed with the same /31* subnet.\n\\* - The - prefix length is configurable with a default of /31." + every MLAG link to be addressed with the same /31\xB9 subnet.\n\xB9 + The prefix length is configurable with a default of /31." valid_values: - first_id - odd_id @@ -1962,6 +1975,7 @@ keys: table: isis-settings description: Number of path to configure in ECMP for ISIS. type: int + default: 4 convert_types: - str isis_system_id_format: @@ -2334,7 +2348,7 @@ keys: warning: true removed: true remove_in_version: 5.0.0 - url: https://avd.arista.com/devel/porting-guides/5.x.x.html#new-improved-logic-for-bgp-configuration-of-network-services-vrfs + url: https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#bgp-is-now-configured-for-network-services-vrfs-even-if-evpn-is-not-part-of-the-address-families custom_node_type_keys: $ref: eos_designs#/keys/node_type_keys default: null @@ -2440,6 +2454,8 @@ keys: ' default_overlay_address_families: type: list + default: + - evpn items: type: str convert_to_lower_case: true @@ -2452,6 +2468,7 @@ keys: ' default_evpn_encapsulation: type: str + default: vxlan convert_to_lower_case: true valid_values: - mpls @@ -2567,6 +2584,7 @@ keys: description: Custom Python Module to import for IP addressing. python_class_name: type: str + default: AvdIpAddressing description: Name of Custom Python Class to import for IP addressing. router_id: type: str @@ -2618,6 +2636,7 @@ keys: description: Custom Python Module to import for interface descriptions. python_class_name: type: str + default: AvdInterfaceDescriptions description: Name of Custom Python Class to import for interface descriptions. underlay_ethernet_interfaces: type: str @@ -2875,9 +2894,10 @@ keys: ' default: router_id admin_subfield_offset: - type: str + type: int + default: 0 convert_types: - - int + - str description: 'Offset can only be used if admin_subfield is an integer between <0-4294967295> or ''switch_id''. @@ -2914,15 +2934,19 @@ keys: ' vrf_admin_subfield_offset: - type: str + type: int convert_types: - - int + - str description: 'Offset can only be used if ''vrf_admin_subfield'' is an integer between <0-4294967295> or ''switch_id''. Total value of ''vrf_admin_subfield'' + ''vrf_admin_subfield_offset'' must be <= 4294967295. + + ''vrf_admin_subfield_offset'' takes precedence for VRF RDs if set. Otherwise + the ''admin_subfield_offset'' value will be used. + ' vlan_assigned_number_subfield: type: str @@ -2948,13 +2972,15 @@ keys: overlay_routing_protocol: documentation_options: table: overlay-settings - description: "- The following overlay routing protocols are supported:\n - eBGP: - Configures fabric with eBGP, default for l3ls-evpn design.\n - iBGP: Configured + description: "- The following overlay routing protocols are supported:\n - ebgp: + Configures fabric with eBGP, default for l3ls-evpn design.\n - ibgp: Configured fabric with iBGP, only supported with OSPF or ISIS variants in underlay, default - for mpls design.\n - CVX: Configures fabric to leverage CloudVision eXchange - as the overlay controller.\n - HER: Configures fabric with Head-End Replication, + for mpls design.\n - cvx: Configures fabric to leverage CloudVision eXchange + as the overlay controller.\n - her: Configures fabric with Head-End Replication, configures static VXLAN flood-lists instead of using a dynamic overlay protocol.\n - \ - none: No overlay configuration will be generated, default for l2ls design.\n" + \ - none: No overlay configuration will be generated, default for l2ls design.\n\n + \ If not set, the default_overlay_routing_protocol defined under the node_type_keys + will be used (default is \"ebgp\").\n" type: str valid_values: - ebgp @@ -2962,7 +2988,6 @@ keys: - cvx - her - none - default: ebgp convert_to_lower_case: true overlay_routing_protocol_address_family: documentation_options: @@ -3068,7 +3093,6 @@ keys: ''admin_subfield'' value will be used. ' - default: vrf_id vlan_assigned_number_subfield: type: str valid_values: @@ -3592,6 +3616,7 @@ keys: \ - \"smpte2059-2\"" domain: type: int + default: 127 $ref: eos_cli_config_gen#/keys/ptp/keys/domain auto_clock_identity: type: bool @@ -3950,6 +3975,7 @@ keys: keys: mgmt_interface: type: bool + default: false description: 'Configure an IP Domain Lookup source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`. @@ -3958,6 +3984,7 @@ keys: var.' inband_mgmt_interface: type: bool + default: false description: 'Configure an IP Domain Lookup source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`. @@ -3969,6 +3996,7 @@ keys: keys: mgmt_interface: type: bool + default: false description: 'Configure an IP HTTP Client source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`. @@ -3977,6 +4005,7 @@ keys: var.' inband_mgmt_interface: type: bool + default: false description: 'Configure an IP HTTP Client source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`. @@ -3988,6 +4017,7 @@ keys: keys: mgmt_interface: type: bool + default: false description: 'Configure an IP Radius source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`. @@ -3996,6 +4026,7 @@ keys: var.' inband_mgmt_interface: type: bool + default: false description: 'Configure an IP Radius source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`. @@ -4007,6 +4038,7 @@ keys: keys: mgmt_interface: type: bool + default: false description: 'Configure a SNMP local-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`. @@ -4015,6 +4047,7 @@ keys: var.' inband_mgmt_interface: type: bool + default: false description: 'Configure a SNMP local-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`. @@ -4026,6 +4059,7 @@ keys: keys: mgmt_interface: type: bool + default: false description: 'Configure an IP SSH Client source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`. @@ -4034,6 +4068,7 @@ keys: var.' inband_mgmt_interface: type: bool + default: false description: 'Configure an IP SSH Client source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`. @@ -4045,6 +4080,7 @@ keys: keys: mgmt_interface: type: bool + default: false description: 'Configure an IP Tacacs source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`. @@ -4053,6 +4089,7 @@ keys: var.' inband_mgmt_interface: type: bool + default: false description: 'Configure an IP Tacacs source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`. @@ -4876,7 +4913,7 @@ keys: or destined to the WAN route servers.' policies: type: list - description: "List of virtual toplogies policies.\n\nFor AutoVPN, each item + description: "List of virtual topologies policies.\n\nFor AutoVPN, each item in the list creates:\n * one policy with:\n * one `match` entry per `application_virtual_topologies` item\n they are indexed using `10 * ` where `list_index` starts at `1`.\n * one `default-match`\n @@ -5037,6 +5074,7 @@ dynamic_keys: custom_node_type_keys.key: $ref: eos_designs#/$defs/node_type type: dict + display_name: Custom Node Types documentation_options: hide_keys: true network_services_keys.name: @@ -5048,6 +5086,7 @@ dynamic_keys: node_type_keys.key: $ref: eos_designs#/$defs/node_type type: dict + display_name: Node Types documentation_options: table: node-type-structure $defs: @@ -5844,6 +5883,7 @@ $defs: documentation_options: table: network-services-vrfs-settings type: bool + default: true description: 'MLAG iBGP peering per VRF. By default an iBGP peering is configured per VRF between MLAG peers on @@ -5975,6 +6015,7 @@ $defs: description: IPv4_address/Mask. underlay_l2_multicast_group_ipv4_pool_offset: type: int + default: 0 convert_types: - str fast_leave: @@ -6026,6 +6067,7 @@ $defs: required: true evpn_underlay_l3_multicast_group_ipv4_pool_offset: type: int + default: 0 convert_types: - str evpn_peg: @@ -6116,13 +6158,14 @@ $defs: description: Default IP address of Loopback0. version: type: int + description: IGMP Version (By default EOS uses IGMP version 2 for IGMP + querier). convert_types: - str valid_values: - 1 - 2 - 3 - default: 2 evpn_l2_multi_domain: type: bool default: true @@ -6163,6 +6206,8 @@ $defs: - int address_families: type: list + default: + - evpn items: type: str valid_values: @@ -6267,21 +6312,20 @@ $defs: By default an iBGP peering is configured per VRF between MLAG peers on separate VLANs. - Setting `enable_mlag_ibgp_peering_vrfs: false` under a VRF will - change this default and/or override the tenant-wide setting. + Setting `enable_mlag_ibgp_peering_vrfs: false` under a VRF overrides + the tenant-wide setting. ' redistribute_mlag_ibgp_peering_vrfs: type: bool - default: false description: 'Redistribute the connected subnet for the MLAG iBGP peering per VRF into overlay BGP. By default the iBGP peering subnet is not redistributed into the overlay routing protocol per VRF. - Setting `redistribute_mlag_ibgp_peering_vrfs: true` under a VRF - will change this default and/or override the tenant-wide setting. + Setting `redistribute_mlag_ibgp_peering_vrfs` under a VRF overrides + the tenant-wide setting. ' mlag_ibgp_peering_vlan: @@ -6342,10 +6386,11 @@ $defs: can be set per POD to avoid overlaps. This only takes effect when loopback_ip_range is not defined, - ptional (loopback is not created unless loopback_ip_range or + optional (loopback is not created unless loopback_ip_range or loopback_ip_pools are set). ' + primary_key: pod items: type: dict keys: @@ -6901,7 +6946,7 @@ $defs: type: bool default: true description: Enable or disable the redistribution of all connected - routes to BGP in the VRF. + routes to BGP in the VRF. Note this is not applicable to VRF `default`. bgp_peers: documentation_options: table: network-services-vrfs-bgp-settings @@ -7250,6 +7295,8 @@ $defs: settings. ' + default: + - all items: type: str default: all @@ -7308,8 +7355,8 @@ $defs: documentation_options: table: network-services-multicast-settings type: bool - default: true - description: Activate or deactivate IGMP snooping. + description: Enable or disable IGMP snooping (Enabled by default on + EOS). igmp_snooping_querier: documentation_options: table: network-services-multicast-settings @@ -7335,13 +7382,14 @@ $defs: ' version: type: int + description: IGMP Version (By default EOS uses IGMP version 2 + for IGMP querier). convert_types: - str valid_values: - 1 - 2 - 3 - default: 2 fast_leave: type: bool description: Enable IGMP snooping fast-leave feature. @@ -7643,7 +7691,11 @@ $defs: documentation_options: table: node-type-uplink-configuration type: str - $ref: eos_designs#/keys/node_type_keys/items/keys/uplink_type + valid_values: + - p2p + - port-channel + - p2p-vrfs + - lan description: 'Override the default `uplink_type` set at the `node_type_key` level. @@ -7944,7 +7996,7 @@ $defs: - level-1-2 - level-1 - level-2 - default: level-2 + description: Overrides `isis_default_is_type`. node_sid_base: documentation_options: table: node-type-isis-configuration @@ -8173,7 +8225,6 @@ $defs: table: node-type-evpn-services-configuration description: Activate or deactivate IGMP snooping on device level. type: bool - default: true evpn_gateway: documentation_options: table: node-type-evpn-multi-domain-gateway-configuration @@ -8202,6 +8253,7 @@ $defs: ' type: list + primary_key: hostname items: type: dict keys: @@ -8285,7 +8337,6 @@ $defs: type: str convert_types: - int - default: none address_families: description: IPVPN address families to enable for remote peers. type: list @@ -8295,13 +8346,13 @@ $defs: - vpn-ipv4 remote_peers: type: list + primary_key: hostname items: type: dict keys: hostname: description: Hostname of remote IPVPN Peer. type: str - required: true ip_address: description: Peering IP of remote IPVPN Peer. type: str @@ -8693,7 +8744,7 @@ $defs: not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.' type: str - default: Inband Management + default: INBAND_MGMT inband_mgmt_vrf: documentation_options: table: node-type-inband-management-configuration @@ -8787,12 +8838,10 @@ $defs: keys: enabled: type: bool - default: false profile: type: str description: "Default available profiles are:\n - \"aes67\"\n - \"aes67-r16-2016\"\n - \"smpte2059-2\"" - default: aes67-r16-2016 mlag: description: Configure PTP on the MLAG peer-link port-channel when PTP is enabled. By default PTP will not be configured on the MLAG @@ -8826,7 +8875,6 @@ $defs: ' auto_clock_identity: type: bool - default: true description: 'If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity. @@ -8837,6 +8885,7 @@ $defs: ' clock_identity_prefix: type: str + default: 00:1C:73 description: 'PTP clock idetentiy 3-byte prefix. i.e. "01:02:03". By default the 3-byte prefix is "00:1C:73". @@ -9053,7 +9102,6 @@ $defs: keys: enabled: type: bool - default: true description: Enable / Disable auto CV-Pathfinder HA, when two nodes are defined in the same node_group. ipsec: @@ -9503,7 +9551,7 @@ $defs: description: Add this interface to underlay routing protocol. isis_hello_padding: type: bool - default: false + default: true isis_metric: type: int convert_types: @@ -9522,6 +9570,12 @@ $defs: isis_authentication_key: type: str description: Type-7 encrypted password. + isis_network_type: + type: str + default: point-to-point + valid_values: + - point-to-point + - broadcast mpls_ip: type: bool description: MPLS parameters. Default value is true if switch.mpls_lsr is @@ -9537,7 +9591,6 @@ $defs: description: MTU for this P2P link. Default value same as p2p_uplinks_mtu. bfd: type: bool - default: false description: Enable BFD (only considered for BGP). ptp: description: PTP parameters. @@ -9858,7 +9911,7 @@ $defs: documentation_options: table: network-services-multicast-settings type: bool - description: Enable IGMP Snooping (Enabled by default on EOS). + description: Enable or disable IGMP snooping (Enabled by default on EOS). igmp_snooping_querier: documentation_options: table: network-services-multicast-settings @@ -9915,7 +9968,7 @@ $defs: type: bool point_to_point: type: bool - default: true + default: false area: type: str convert_types: diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/bgp_update_wait_install.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/bgp_update_wait_install.schema.yml index 10111c2f4f7..e71248e19c9 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/bgp_update_wait_install.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/bgp_update_wait_install.schema.yml @@ -10,4 +10,5 @@ keys: documentation_options: table: bgp-settings type: bool + default: true $ref: "eos_cli_config_gen#/keys/router_bgp/keys/updates/keys/wait_install" diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/bgp_wait_for_convergence.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/bgp_wait_for_convergence.schema.yml index 260dec787d0..159261e9907 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/bgp_wait_for_convergence.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/bgp_wait_for_convergence.schema.yml @@ -10,4 +10,5 @@ keys: documentation_options: table: bgp-settings type: bool + default: false $ref: "eos_cli_config_gen#/keys/router_bgp/keys/updates/keys/wait_for_convergence" diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/custom_node_type.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/custom_node_type.schema.yml index 129134c7030..a5b37d34957 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/custom_node_type.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/custom_node_type.schema.yml @@ -9,5 +9,6 @@ dynamic_keys: "custom_node_type_keys.key": $ref: "eos_designs#/$defs/node_type" type: dict + display_name: Custom Node Types documentation_options: hide_keys: true diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/cv_pathfinder_internet_exit_policies.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/cv_pathfinder_internet_exit_policies.schema.yml index f59ecd1710b..c1fa4cc9895 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/cv_pathfinder_internet_exit_policies.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/cv_pathfinder_internet_exit_policies.schema.yml @@ -43,7 +43,7 @@ keys: description: |- "Salt" used for auto generation of encryption keys for IPsec tunnels to Zscaler. The keys will be generated as a hash of `salt__`. - Since this salt can be used to deduct the encryption key, it is recommeneded to use vault. + Since this salt can be used to deduct the encryption key, it is recommended to use vault. domain_name: type: str required: true diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml index eccae09ae29..eef013b5316 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml @@ -62,6 +62,7 @@ $defs: documentation_options: table: network-services-vrfs-settings type: bool + default: True description: | MLAG iBGP peering per VRF. By default an iBGP peering is configured per VRF between MLAG peers on separate VLANs. @@ -166,6 +167,7 @@ $defs: description: IPv4_address/Mask. underlay_l2_multicast_group_ipv4_pool_offset: type: int + default: 0 convert_types: - str fast_leave: @@ -206,6 +208,7 @@ $defs: required: true evpn_underlay_l3_multicast_group_ipv4_pool_offset: type: int + default: 0 convert_types: - str evpn_peg: @@ -276,13 +279,13 @@ $defs: description: Default IP address of Loopback0. version: type: int + description: IGMP Version (By default EOS uses IGMP version 2 for IGMP querier). convert_types: - str valid_values: - 1 - 2 - 3 - default: 2 evpn_l2_multi_domain: type: bool default: true @@ -310,6 +313,7 @@ $defs: - int address_families: type: list + default: ["evpn"] items: type: str valid_values: @@ -392,14 +396,13 @@ $defs: description: | MLAG iBGP peering per VRF. By default an iBGP peering is configured per VRF between MLAG peers on separate VLANs. - Setting `enable_mlag_ibgp_peering_vrfs: false` under a VRF will change this default and/or override the tenant-wide setting. + Setting `enable_mlag_ibgp_peering_vrfs: false` under a VRF overrides the tenant-wide setting. redistribute_mlag_ibgp_peering_vrfs: type: bool - default: false description: | Redistribute the connected subnet for the MLAG iBGP peering per VRF into overlay BGP. By default the iBGP peering subnet is not redistributed into the overlay routing protocol per VRF. - Setting `redistribute_mlag_ibgp_peering_vrfs: true` under a VRF will change this default and/or override the tenant-wide setting. + Setting `redistribute_mlag_ibgp_peering_vrfs` under a VRF overrides the tenant-wide setting. mlag_ibgp_peering_vlan: type: int convert_types: @@ -445,7 +448,8 @@ $defs: type: list description: | For inventories with multiple PODs a loopback range can be set per POD to avoid overlaps. - This only takes effect when loopback_ip_range is not defined, ptional (loopback is not created unless loopback_ip_range or loopback_ip_pools are set). + This only takes effect when loopback_ip_range is not defined, optional (loopback is not created unless loopback_ip_range or loopback_ip_pools are set). + primary_key: pod items: type: dict keys: @@ -918,7 +922,7 @@ $defs: redistribute_connected: type: bool default: true - description: Enable or disable the redistribution of all connected routes to BGP in the VRF. + description: Enable or disable the redistribution of all connected routes to BGP in the VRF. Note this is not applicable to VRF `default`. bgp_peers: documentation_options: table: network-services-vrfs-bgp-settings @@ -1209,6 +1213,7 @@ $defs: Tags leveraged for networks services filtering. Tags are matched against filter.tags defined under node type settings. Tags are also matched against the node_group name under node type settings. + default: ['all'] items: type: str default: all @@ -1251,8 +1256,7 @@ $defs: documentation_options: table: network-services-multicast-settings type: bool - default: true - description: Activate or deactivate IGMP snooping. + description: Enable or disable IGMP snooping (Enabled by default on EOS). igmp_snooping_querier: documentation_options: table: network-services-multicast-settings @@ -1271,13 +1275,13 @@ $defs: If not set, IP address of "Loopback0" will be used. version: type: int + description: IGMP Version (By default EOS uses IGMP version 2 for IGMP querier). convert_types: - str valid_values: - 1 - 2 - 3 - default: 2 fast_leave: type: bool description: Enable IGMP snooping fast-leave feature. diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_node_type.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_node_type.schema.yml index f4ecb733760..b0fcba344c5 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_node_type.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_node_type.schema.yml @@ -169,7 +169,11 @@ $defs: documentation_options: table: node-type-uplink-configuration type: str - $ref: "eos_designs#/keys/node_type_keys/items/keys/uplink_type" + valid_values: + - p2p + - port-channel + - p2p-vrfs + - lan description: |- Override the default `uplink_type` set at the `node_type_key` level. `uplink_type` must be "p2p" if `vtep` or `underlay_router` is true for the `node_type_key` definition. @@ -405,7 +409,7 @@ $defs: - level-1-2 - level-1 - level-2 - default: level-2 + description: Overrides `isis_default_is_type`. node_sid_base: documentation_options: table: node-type-isis-configuration @@ -595,7 +599,6 @@ $defs: table: node-type-evpn-services-configuration description: Activate or deactivate IGMP snooping on device level. type: bool - default: true evpn_gateway: documentation_options: table: node-type-evpn-multi-domain-gateway-configuration @@ -612,6 +615,7 @@ $defs: If the hostname can be found in the inventory, ip_address and BGP ASN will be automatically populated. Manual override takes precedence. If the peer's hostname can not be found in the inventory, ip_address and bgp_as must be defined. type: list + primary_key: hostname items: type: dict keys: @@ -684,7 +688,6 @@ $defs: type: str convert_types: - int - default: none address_families: description: IPVPN address families to enable for remote peers. type: list @@ -693,13 +696,13 @@ $defs: default: [vpn-ipv4] remote_peers: type: list + primary_key: hostname items: type: dict keys: hostname: description: Hostname of remote IPVPN Peer. type: str - required: true ip_address: description: Peering IP of remote IPVPN Peer. type: str @@ -981,7 +984,7 @@ $defs: Name configured on the Inband Management VLAN. This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed. type: str - default: Inband Management + default: INBAND_MGMT inband_mgmt_vrf: documentation_options: table: node-type-inband-management-configuration @@ -1064,7 +1067,6 @@ $defs: keys: enabled: type: bool - default: false profile: type: str description: |- @@ -1072,7 +1074,6 @@ $defs: - "aes67" - "aes67-r16-2016" - "smpte2059-2" - default: "aes67-r16-2016" mlag: description: Configure PTP on the MLAG peer-link port-channel when PTP is enabled. By default PTP will not be configured on the MLAG peer-link port-channel. type: bool @@ -1102,12 +1103,12 @@ $defs: default -> (node_id modulus 256). auto_clock_identity: type: bool - default: true description: | If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity. default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + ":00:" + (PTP priority 2 as HEX). clock_identity_prefix: type: str + default: "00:1C:73" description: | PTP clock idetentiy 3-byte prefix. i.e. "01:02:03". By default the 3-byte prefix is "00:1C:73". @@ -1302,7 +1303,6 @@ $defs: keys: enabled: type: bool - default: true description: Enable / Disable auto CV-Pathfinder HA, when two nodes are defined in the same node_group. ipsec: type: bool diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_p2p_links.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_p2p_links.schema.yml index ff623df2523..88e455074c7 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_p2p_links.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_p2p_links.schema.yml @@ -85,7 +85,7 @@ $defs: description: Add this interface to underlay routing protocol. isis_hello_padding: type: bool - default: false + default: true isis_metric: type: int convert_types: @@ -104,6 +104,12 @@ $defs: isis_authentication_key: type: str description: Type-7 encrypted password. + isis_network_type: + type: str + default: point-to-point + valid_values: + - point-to-point + - broadcast mpls_ip: type: bool description: MPLS parameters. Default value is true if switch.mpls_lsr is true. @@ -117,7 +123,6 @@ $defs: description: MTU for this P2P link. Default value same as p2p_uplinks_mtu. bfd: type: bool - default: false description: Enable BFD (only considered for BGP). ptp: description: PTP parameters. diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_svi_settings.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_svi_settings.schema.yml index e44abd982a5..72fe78e88d7 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_svi_settings.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_svi_settings.schema.yml @@ -174,7 +174,7 @@ $defs: documentation_options: table: network-services-multicast-settings type: bool - description: Enable IGMP Snooping (Enabled by default on EOS). + description: Enable or disable IGMP snooping (Enabled by default on EOS). igmp_snooping_querier: documentation_options: table: network-services-multicast-settings @@ -226,7 +226,7 @@ $defs: type: bool point_to_point: type: bool - default: true + default: false area: type: str convert_types: diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/design.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/design.schema.yml index 805b7831614..a4a0b901701 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/design.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/design.schema.yml @@ -13,7 +13,7 @@ keys: warning: true removed: false remove_in_version: 6.0.0 - url: https://avd.arista.com/stable/docs/release-notes/5.x.x.html#deprecation_of_design.type + url: https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#deprecation-of-designtype type: dict keys: type: diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/fabric_evpn_encapsulation.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/fabric_evpn_encapsulation.schema.yml index 53be7739a81..6bba5d2328d 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/fabric_evpn_encapsulation.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/fabric_evpn_encapsulation.schema.yml @@ -9,7 +9,6 @@ keys: fabric_evpn_encapsulation: documentation_options: table: evpn-settings - description: Should be set to mpls for evpn-mpls scenario. + description: Should be set to mpls for evpn-mpls scenario. This overrides the evpn_encapsulation setting under node_type_keys. valid_values: ["vxlan", "mpls"] - default: "vxlan" type: str diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/fabric_flow_tracking.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/fabric_flow_tracking.schema.yml index 4767d334ea5..5b25f4a1e1d 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/fabric_flow_tracking.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/fabric_flow_tracking.schema.yml @@ -18,36 +18,47 @@ keys: uplinks: description: Enable flow-tracking on all fabric uplinks. type: dict - $ref: eos_designs#/$defs/flow_tracking_link + keys: + enabled: + type: bool + default: false + name: + type: str + description: Flow tracker name as defined in flow_tracking_settings. + default: FLOW-TRACKER downlinks: description: Enable flow-tracking on all fabric downlinks. type: dict - $ref: eos_designs#/$defs/flow_tracking_link + $ref: eos_designs#/keys/fabric_flow_tracking/keys/uplinks endpoints: description: Enable flow-tracking on all endpoints ports. type: dict - $ref: eos_designs#/$defs/flow_tracking_link + $ref: eos_designs#/keys/fabric_flow_tracking/keys/uplinks l3_edge: description: Enable flow-tracking on all p2p_links defined under l3_edge. type: dict - $ref: eos_designs#/$defs/flow_tracking_link + $ref: eos_designs#/keys/fabric_flow_tracking/keys/uplinks core_interfaces: description: Enable flow-tracking on all p2p_links defined under core_interfaces. type: dict - $ref: eos_designs#/$defs/flow_tracking_link + $ref: eos_designs#/keys/fabric_flow_tracking/keys/uplinks mlag_interfaces: description: Enable flow-tracking on all MLAG peer interfaces. type: dict - $ref: eos_designs#/$defs/flow_tracking_link + $ref: eos_designs#/keys/fabric_flow_tracking/keys/uplinks l3_interfaces: description: Enable flow-tracking on all node.l3_interfaces and network-services tenants.vrfs.l3_interfaces. type: dict - $ref: eos_designs#/$defs/flow_tracking_link + $ref: eos_designs#/keys/fabric_flow_tracking/keys/uplinks dps_interfaces: description: Enable flow-tracking on all dps_interfaces. type: dict - $ref: eos_designs#/$defs/flow_tracking_link + $ref: eos_designs#/keys/fabric_flow_tracking/keys/uplinks + keys: + enabled: + type: bool + default: true direct_wan_ha_links: description: Enable flow-tracking on all direct WAN HA links. type: dict - $ref: eos_designs#/$defs/flow_tracking_link + $ref: eos_designs#/keys/fabric_flow_tracking/keys/uplinks diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/fabric_ip_addressing.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/fabric_ip_addressing.schema.yml index c196b9a7000..ba6b71a9ff2 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/fabric_ip_addressing.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/fabric_ip_addressing.schema.yml @@ -17,14 +17,14 @@ keys: default: "first_id" description: |- This variable defines the Multi-chassis Link Aggregation (MLAG) algorithm used. - Each MLAG link will have a /31* subnet with each subnet allocated from the relevant MLAG pool via a calculated offset. + Each MLAG link will have a /31¹ subnet with each subnet allocated from the relevant MLAG pool via a calculated offset. The offset is calculated using one of the following algorithms: - first_id: `(mlag_primary_id - 1) * 2` where `mlag_primary_id` is the ID of the first node defined under the node_group. - This allocation method will skip every other /31* subnet making it less space efficient than `odd_id`. + This allocation method will skip every other /31¹ subnet making it less space efficient than `odd_id`. - odd_id: `(odd_id - 1) / 2`. Requires the node_group to have a node with an odd ID and a node with an even ID. - same_subnet: the offset will always be zero. - This allocation method will cause every MLAG link to be addressed with the same /31* subnet. - \* - The prefix length is configurable with a default of /31. + This allocation method will cause every MLAG link to be addressed with the same /31¹ subnet. + ¹ The prefix length is configurable with a default of /31. valid_values: - "first_id" - "odd_id" diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/isis_maximum_paths.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/isis_maximum_paths.schema.yml index 02f00c3adfd..0d2a02686e6 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/isis_maximum_paths.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/isis_maximum_paths.schema.yml @@ -11,5 +11,6 @@ keys: table: isis-settings description: Number of path to configure in ECMP for ISIS. type: int + default: 4 convert_types: - str diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/new_network_services_bgp_vrf_config.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/new_network_services_bgp_vrf_config.schema.yml index 6cedb6cdd6f..ff1875e38ca 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/new_network_services_bgp_vrf_config.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/new_network_services_bgp_vrf_config.schema.yml @@ -16,4 +16,4 @@ keys: warning: true removed: true remove_in_version: 5.0.0 - url: https://avd.arista.com/devel/porting-guides/5.x.x.html#new-improved-logic-for-bgp-configuration-of-network-services-vrfs + url: https://avd.arista.com/5.x/docs/porting-guides/5.x.x.html#bgp-is-now-configured-for-network-services-vrfs-even-if-evpn-is-not-part-of-the-address-families diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/node_type.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/node_type.schema.yml index 7b200c4b3cd..5052167a88e 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/node_type.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/node_type.schema.yml @@ -9,5 +9,6 @@ dynamic_keys: "node_type_keys.key": $ref: "eos_designs#/$defs/node_type" type: dict + display_name: Node Types documentation_options: table: node-type-structure diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/node_type_keys.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/node_type_keys.schema.yml index f2771b0ad21..239453dd715 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/node_type_keys.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/node_type_keys.schema.yml @@ -93,6 +93,7 @@ keys: Acting role in overlay control plane. default_overlay_address_families: type: list + default: ["evpn"] items: type: str convert_to_lower_case: true @@ -104,6 +105,7 @@ keys: Set the default overlay address families. default_evpn_encapsulation: type: str + default: vxlan convert_to_lower_case: true valid_values: - "mpls" @@ -196,6 +198,7 @@ keys: description: Custom Python Module to import for IP addressing. python_class_name: type: str + default: AvdIpAddressing description: Name of Custom Python Class to import for IP addressing. router_id: type: str @@ -244,6 +247,7 @@ keys: description: Custom Python Module to import for interface descriptions. python_class_name: type: str + default: AvdInterfaceDescriptions description: Name of Custom Python Class to import for interface descriptions. underlay_ethernet_interfaces: type: str diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/overlay_rd_type.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/overlay_rd_type.schema.yml index 5df3c89f969..75cc0f0d656 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/overlay_rd_type.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/overlay_rd_type.schema.yml @@ -40,9 +40,10 @@ keys: - 'overlay_loopback_ip' means the IP address of Loopback0. (deprecated - use 'router_id' instead) default: router_id admin_subfield_offset: - type: str + type: int + default: 0 convert_types: - - int + - str description: | Offset can only be used if admin_subfield is an integer between <0-4294967295> or 'switch_id'. Total value of admin_subfield + admin_subfield_offset must be <= 4294967295. @@ -63,12 +64,14 @@ keys: 'vrf_admin_subfield' takes precedence for VRF RDs if set. Otherwise the 'admin_subfield' value will be used. vrf_admin_subfield_offset: - type: str + type: int convert_types: - - int + - str description: | Offset can only be used if 'vrf_admin_subfield' is an integer between <0-4294967295> or 'switch_id'. Total value of 'vrf_admin_subfield' + 'vrf_admin_subfield_offset' must be <= 4294967295. + + 'vrf_admin_subfield_offset' takes precedence for VRF RDs if set. Otherwise the 'admin_subfield_offset' value will be used. vlan_assigned_number_subfield: type: str valid_values: diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/overlay_routing_protocol.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/overlay_routing_protocol.schema.yml index 90f4cae3f3f..9dfebbed89c 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/overlay_routing_protocol.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/overlay_routing_protocol.schema.yml @@ -11,11 +11,13 @@ keys: table: overlay-settings description: | - The following overlay routing protocols are supported: - - eBGP: Configures fabric with eBGP, default for l3ls-evpn design. - - iBGP: Configured fabric with iBGP, only supported with OSPF or ISIS variants in underlay, default for mpls design. - - CVX: Configures fabric to leverage CloudVision eXchange as the overlay controller. - - HER: Configures fabric with Head-End Replication, configures static VXLAN flood-lists instead of using a dynamic overlay protocol. + - ebgp: Configures fabric with eBGP, default for l3ls-evpn design. + - ibgp: Configured fabric with iBGP, only supported with OSPF or ISIS variants in underlay, default for mpls design. + - cvx: Configures fabric to leverage CloudVision eXchange as the overlay controller. + - her: Configures fabric with Head-End Replication, configures static VXLAN flood-lists instead of using a dynamic overlay protocol. - none: No overlay configuration will be generated, default for l2ls design. + + If not set, the default_overlay_routing_protocol defined under the node_type_keys will be used (default is "ebgp"). type: str valid_values: - "ebgp" @@ -23,5 +25,4 @@ keys: - "cvx" - "her" - "none" - default: "ebgp" convert_to_lower_case: true diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/overlay_rt_type.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/overlay_rt_type.schema.yml index 8dfba945b9f..4a12c6006c2 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/overlay_rt_type.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/overlay_rt_type.schema.yml @@ -54,7 +54,6 @@ keys: - Integer between <0-4294967295>. 'vrf_admin_subfield' takes precedence for VRF RDs if set. Otherwise the 'admin_subfield' value will be used. - default: vrf_id vlan_assigned_number_subfield: type: str valid_values: diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/ptp_settings.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/ptp_settings.schema.yml index 9e35c57aa4c..76e01fb7703 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/ptp_settings.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/ptp_settings.schema.yml @@ -24,6 +24,7 @@ keys: - "smpte2059-2" domain: type: int + default: 127 $ref: "eos_cli_config_gen#/keys/ptp/keys/domain" auto_clock_identity: type: bool diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/source_interfaces.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/source_interfaces.schema.yml index 808fca3229e..380aa9e9d1a 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/source_interfaces.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/source_interfaces.schema.yml @@ -22,11 +22,13 @@ keys: keys: mgmt_interface: type: bool + default: false description: |- Configure an IP Domain Lookup source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`. `mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. inband_mgmt_interface: type: bool + default: false description: |- Configure an IP Domain Lookup source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`. `inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. @@ -36,11 +38,13 @@ keys: keys: mgmt_interface: type: bool + default: false description: |- Configure an IP HTTP Client source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`. `mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. inband_mgmt_interface: type: bool + default: false description: |- Configure an IP HTTP Client source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`. `inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. @@ -50,11 +54,13 @@ keys: keys: mgmt_interface: type: bool + default: false description: |- Configure an IP Radius source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`. `mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. inband_mgmt_interface: type: bool + default: false description: |- Configure an IP Radius source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`. `inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. @@ -64,11 +70,13 @@ keys: keys: mgmt_interface: type: bool + default: false description: |- Configure a SNMP local-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`. `mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. inband_mgmt_interface: type: bool + default: false description: |- Configure a SNMP local-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`. `inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. @@ -78,11 +86,13 @@ keys: keys: mgmt_interface: type: bool + default: false description: |- Configure an IP SSH Client source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`. `mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. inband_mgmt_interface: type: bool + default: false description: |- Configure an IP SSH Client source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`. `inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. @@ -92,11 +102,13 @@ keys: keys: mgmt_interface: type: bool + default: false description: |- Configure an IP Tacacs source-interface with the interface set by `mgmt_interface` for the VRF set by `mgmt_interface_vrf`. `mgmt_interface` is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var. inband_mgmt_interface: type: bool + default: false description: |- Configure an IP Tacacs source-interface with the interface set by `inband_mgmt_interface` for the VRF set by `inband_mgmt_vrf`. `inband_mgmt_interface` is typically a loopback or SVI interface, and can be set under the node settings. diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/wan_virtual_topologies.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/wan_virtual_topologies.schema.yml index eaebab180fc..b9136c5e6c6 100644 --- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/wan_virtual_topologies.schema.yml +++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/wan_virtual_topologies.schema.yml @@ -82,7 +82,7 @@ keys: policies: type: list description: |- - List of virtual toplogies policies. + List of virtual topologies policies. For AutoVPN, each item in the list creates: * one policy with: diff --git a/python-avd/pyavd/_eos_designs/shared_utils/inband_management.py b/python-avd/pyavd/_eos_designs/shared_utils/inband_management.py index e194a4990d0..5b5e57eeb5a 100644 --- a/python-avd/pyavd/_eos_designs/shared_utils/inband_management.py +++ b/python-avd/pyavd/_eos_designs/shared_utils/inband_management.py @@ -9,6 +9,7 @@ from pyavd._errors import AristaAvdError, AristaAvdInvalidInputsError from pyavd._utils import default, get +from pyavd.j2filters import natural_sort if TYPE_CHECKING: from . import SharedUtils @@ -187,3 +188,32 @@ def inband_ztp(self: SharedUtils) -> bool | None: @cached_property def inband_ztp_lacp_fallback_delay(self: SharedUtils) -> int | None: return default(get(self.switch_data_combined, "inband_ztp_lacp_fallback_delay"), 30) + + @cached_property + def inband_management_parent_vlans(self: SharedUtils) -> dict: + if not self.underlay_router: + return {} + + svis = {} + subnets = [] + ipv6_subnets = [] + peers = natural_sort(get(self.hostvars, f"avd_topology_peers..{self.hostname}", separator="..", default=[])) + for peer in peers: + peer_facts = self.get_peer_facts(peer, required=True) + if (vlan := peer_facts.get("inband_mgmt_vlan")) is None: + continue + + subnet = peer_facts.get("inband_mgmt_subnet") + ipv6_subnet = peer_facts.get("inband_mgmt_ipv6_subnet") + if vlan not in svis: + svis[vlan] = {"ipv4": None, "ipv6": None} + + if subnet not in subnets: + subnets.append(subnet) + svis[vlan]["ipv4"] = subnet + + if ipv6_subnet not in ipv6_subnets: + ipv6_subnets.append(ipv6_subnet) + svis[vlan]["ipv6"] = ipv6_subnet + + return svis diff --git a/python-avd/pyavd/_eos_designs/structured_config/inband_management/__init__.py b/python-avd/pyavd/_eos_designs/structured_config/inband_management/__init__.py index c53f3bb439e..1bbd5dfb43c 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/inband_management/__init__.py +++ b/python-avd/pyavd/_eos_designs/structured_config/inband_management/__init__.py @@ -8,14 +8,15 @@ from pyavd._eos_designs.avdfacts import AvdFacts from pyavd._errors import AristaAvdInvalidInputsError -from pyavd._utils import get, strip_empties_from_dict -from pyavd.j2filters import natural_sort +from pyavd._utils import strip_empties_from_dict class AvdStructuredConfigInbandManagement(AvdFacts): @cached_property def vlans(self) -> list | None: - if not self._inband_management_parent_vlans and not (self.shared_utils.configure_inband_mgmt or self.shared_utils.configure_inband_mgmt_ipv6): + if not self.shared_utils.inband_management_parent_vlans and not ( + self.shared_utils.configure_inband_mgmt or self.shared_utils.configure_inband_mgmt_ipv6 + ): return None vlan_cfg = { @@ -26,36 +27,33 @@ def vlans(self) -> list | None: if self.shared_utils.configure_inband_mgmt or self.shared_utils.configure_inband_mgmt_ipv6: return [{"id": self.shared_utils.inband_mgmt_vlan, **vlan_cfg}] - if self._inband_management_parent_vlans: - return [{"id": svi, **vlan_cfg} for svi in self._inband_management_parent_vlans] - - return None + return [{"id": svi, **vlan_cfg} for svi in self.shared_utils.inband_management_parent_vlans] @cached_property def vlan_interfaces(self) -> list | None: """VLAN interfaces can be our own management interface and/or SVIs created on behalf of child switches using us as uplink_switch.""" - if not self._inband_management_parent_vlans and not (self.shared_utils.configure_inband_mgmt or self.shared_utils.configure_inband_mgmt_ipv6): + if not self.shared_utils.inband_management_parent_vlans and not ( + self.shared_utils.configure_inband_mgmt or self.shared_utils.configure_inband_mgmt_ipv6 + ): return None if self.shared_utils.configure_inband_mgmt or self.shared_utils.configure_inband_mgmt_ipv6: return [self.get_local_inband_mgmt_interface_cfg()] - if self._inband_management_parent_vlans: - return [self.get_parent_svi_cfg(vlan, subnet["ipv4"], subnet["ipv6"]) for vlan, subnet in self._inband_management_parent_vlans.items()] - return None + return [self.get_parent_svi_cfg(vlan, subnet["ipv4"], subnet["ipv6"]) for vlan, subnet in self.shared_utils.inband_management_parent_vlans.items()] @cached_property def _inband_mgmt_ipv6_parent(self) -> bool: - if self._inband_management_parent_vlans: - for subnet in self._inband_management_parent_vlans.values(): + if self.shared_utils.inband_management_parent_vlans: + for subnet in self.shared_utils.inband_management_parent_vlans.values(): if subnet["ipv6"]: return True return False @cached_property def _inband_mgmt_ipv4_parent(self) -> bool: - if self._inband_management_parent_vlans: - for subnet in self._inband_management_parent_vlans.values(): + if self.shared_utils.inband_management_parent_vlans: + for subnet in self.shared_utils.inband_management_parent_vlans.values(): if subnet["ipv4"]: return True return False @@ -95,14 +93,14 @@ def vrfs(self) -> list | None: if self.shared_utils.inband_mgmt_vrf is None: return None - if not self._inband_management_parent_vlans and not self.shared_utils.configure_inband_mgmt: + if not self.shared_utils.inband_management_parent_vlans and not self.shared_utils.configure_inband_mgmt: return None return [{"name": self.shared_utils.inband_mgmt_vrf}] @cached_property def ip_virtual_router_mac_address(self) -> str | None: - if not self._inband_management_parent_vlans: + if not self.shared_utils.inband_management_parent_vlans: return None if self.shared_utils.virtual_router_mac_address is None: @@ -112,7 +110,7 @@ def ip_virtual_router_mac_address(self) -> str | None: @cached_property def router_bgp(self) -> dict | None: - if not self._inband_management_parent_vlans: + if not self.shared_utils.inband_management_parent_vlans: return None if self.shared_utils.inband_mgmt_vrf is not None: @@ -125,7 +123,7 @@ def router_bgp(self) -> dict | None: @cached_property def prefix_lists(self) -> list | None: - if not self._inband_management_parent_vlans: + if not self.shared_utils.inband_management_parent_vlans: return None if self.shared_utils.inband_mgmt_vrf is not None: @@ -148,7 +146,7 @@ def prefix_lists(self) -> list | None: "sequence": (index + 1) * 10, "action": f"permit {subnet['ipv4']}", } - for index, subnet in enumerate(self._inband_management_parent_vlans.values()) + for index, subnet in enumerate(self.shared_utils.inband_management_parent_vlans.values()) ] return [ { @@ -159,7 +157,7 @@ def prefix_lists(self) -> list | None: @cached_property def ipv6_prefix_lists(self) -> list | None: - if not self._inband_management_parent_vlans: + if not self.shared_utils.inband_management_parent_vlans: return None if self.shared_utils.inband_mgmt_vrf is not None: @@ -179,7 +177,7 @@ def ipv6_prefix_lists(self) -> list | None: "sequence": (index + 1) * 10, "action": f"permit {subnet['ipv6']}", } - for index, subnet in enumerate(self._inband_management_parent_vlans.values()) + for index, subnet in enumerate(self.shared_utils.inband_management_parent_vlans.values()) ] return [ { @@ -190,7 +188,7 @@ def ipv6_prefix_lists(self) -> list | None: @cached_property def route_maps(self) -> list | None: - if not self._inband_management_parent_vlans: + if not self.shared_utils.inband_management_parent_vlans: return None if self.shared_utils.inband_mgmt_vrf is not None: @@ -215,35 +213,6 @@ def route_maps(self) -> list | None: return [route_map] - @cached_property - def _inband_management_parent_vlans(self) -> dict: - if not self.shared_utils.underlay_router: - return {} - - svis = {} - subnets = [] - ipv6_subnets = [] - peers = natural_sort(get(self._hostvars, f"avd_topology_peers..{self.shared_utils.hostname}", separator="..", default=[])) - for peer in peers: - peer_facts = self.shared_utils.get_peer_facts(peer, required=True) - if (vlan := peer_facts.get("inband_mgmt_vlan")) is None: - continue - - subnet = peer_facts.get("inband_mgmt_subnet") - ipv6_subnet = peer_facts.get("inband_mgmt_ipv6_subnet") - if vlan not in svis: - svis[vlan] = {"ipv4": None, "ipv6": None} - - if subnet not in subnets: - subnets.append(subnet) - svis[vlan]["ipv4"] = subnet - - if ipv6_subnet not in ipv6_subnets: - ipv6_subnets.append(ipv6_subnet) - svis[vlan]["ipv6"] = ipv6_subnet - - return svis - def get_local_inband_mgmt_interface_cfg(self) -> dict: return strip_empties_from_dict( { diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py index b2e486a8c8e..830e4e9bff1 100644 --- a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py +++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_bgp.py @@ -178,6 +178,9 @@ def _router_bgp_vrfs(self: AvdStructuredConfigNetworkServices) -> dict: ): bgp_vrf["redistribute"].update({"static": {"enabled": True}}) + if self.shared_utils.inband_mgmt_vrf == vrf_name and self.shared_utils.inband_management_parent_vlans: + bgp_vrf["redistribute"].update({"attached_host": {"enabled": True}}) + else: # VRF default if bgp_vrf: