From 27d248d1e177d77d491384a0792f0f6f7ca3ab3e Mon Sep 17 00:00:00 2001 From: Carl Buchmann Date: Fri, 20 Jan 2023 15:10:39 -0500 Subject: [PATCH] Fix(eos_designs): Detect duplicate VLAN, VRF, VNI within network_services (#2411) (#2449) Co-authored-by: Claus Holbech --- .../intended/configs/DC1-BL1A.cfg | 30 +++---- .../intended/configs/DC1-BL1B.cfg | 30 +++---- .../intended/configs/DC1-LEAF2A.cfg | 30 +++---- .../intended/configs/DC1-LEAF2B.cfg | 28 +++---- .../configs/EVPN-MULTICAST-L3LEAF1A.cfg | 23 ++++-- .../configs/EVPN-MULTICAST-L3LEAF1B.cfg | 23 ++++-- .../configs/EVPN-MULTICAST-L3LEAF2A.cfg | 8 +- .../configs/EVPN-MULTICAST-L3LEAF3A.cfg | 8 +- .../configs/EVPN-MULTICAST-L3LEAF3B.cfg | 8 +- .../configs/IGMP-QUERIER-L3LEAF1A.cfg | 8 +- .../intended/structured_configs/DC1-BL1A.yml | 78 +++++++++---------- .../intended/structured_configs/DC1-BL1B.yml | 56 ++++++------- .../structured_configs/DC1-LEAF2A.yml | 34 ++++---- .../structured_configs/DC1-LEAF2B.yml | 32 ++++---- .../EVPN-MULTICAST-L3LEAF1A.yml | 35 ++++++--- .../EVPN-MULTICAST-L3LEAF1B.yml | 35 ++++++--- .../EVPN-MULTICAST-L3LEAF2A.yml | 8 +- .../EVPN-MULTICAST-L3LEAF3A.yml | 8 +- .../EVPN-MULTICAST-L3LEAF3B.yml | 8 +- .../IGMP-QUERIER-L3LEAF1A.yml | 8 +- .../DC1_TENANTS_NETWORKS/Tenant_A.yml | 6 +- .../group_vars/EVPN_MULTICAST_TESTS.yml | 2 +- .../group_vars/IGMP_QUERIER_TESTS.yml | 2 +- .../roles/eos_designs/doc/network-services.md | 3 +- .../python_modules/network_services/vlans.py | 28 ++++++- .../python_modules/network_services/vrfs.py | 20 ++++- .../network_services/vxlan_interface.py | 34 +++++++- 27 files changed, 354 insertions(+), 239 deletions(-) diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1A.cfg index 84eaa0eb880..b34c90d07db 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1A.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1A.cfg @@ -55,6 +55,8 @@ vlan 350 ! vrf instance MGMT ! +vrf instance Tenant_A_L3_VRF_Zone +! vrf instance Tenant_A_WAN_Zone ! vrf instance Tenant_B_OP_Zone @@ -63,8 +65,6 @@ vrf instance Tenant_B_WAN_Zone ! vrf instance Tenant_C_WAN_Zone ! -vrf instance Tenant_L3_VRF_Zone -! interface Ethernet1 description P2P_LINK_TO_DC1-SPINE1_Ethernet22 no shutdown @@ -116,7 +116,7 @@ interface Ethernet8 no shutdown mtu 9000 no switchport - vrf Tenant_L3_VRF_Zone + vrf Tenant_A_L3_VRF_Zone ip address 10.10.10.10/24 ! interface Ethernet9 @@ -124,7 +124,7 @@ interface Ethernet9 no shutdown mtu 9000 no switchport - vrf Tenant_L3_VRF_Zone + vrf Tenant_A_L3_VRF_Zone ip address 10.10.20.20/24 ! interface Ethernet10 @@ -132,7 +132,7 @@ interface Ethernet10 no shutdown mtu 9000 no switchport - vrf Tenant_L3_VRF_Zone + vrf Tenant_A_L3_VRF_Zone ip address 10.10.30.10/24 ! interface Ethernet11 @@ -140,7 +140,7 @@ interface Ethernet11 no shutdown mtu 9000 no switchport - vrf Tenant_L3_VRF_Zone + vrf Tenant_A_L3_VRF_Zone ip address 10.10.30.10/24 ! interface Ethernet4000 @@ -195,11 +195,11 @@ interface Vxlan1 vxlan vlan 150 vni 10150 vxlan vlan 250 vni 20250 vxlan vlan 350 vni 30350 + vxlan vrf Tenant_A_L3_VRF_Zone vni 15 vxlan vrf Tenant_A_WAN_Zone vni 14 vxlan vrf Tenant_B_OP_Zone vni 20 vxlan vrf Tenant_B_WAN_Zone vni 21 vxlan vrf Tenant_C_WAN_Zone vni 31 - vxlan vrf Tenant_L3_VRF_Zone vni 15 ! hardware tcam system profile vxlan-routing @@ -217,11 +217,11 @@ event-handler evpn-blacklist-recovery ! ip routing no ip routing vrf MGMT +ip routing vrf Tenant_A_L3_VRF_Zone ip routing vrf Tenant_A_WAN_Zone ip routing vrf Tenant_B_OP_Zone ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_WAN_Zone -ip routing vrf Tenant_L3_VRF_Zone ! ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 10 permit 192.168.255.0/24 eq 32 @@ -335,6 +335,13 @@ router bgp 65104 no neighbor EVPN-OVERLAY-PEERS activate neighbor UNDERLAY-PEERS activate ! + vrf Tenant_A_L3_VRF_Zone + rd 192.168.254.14:15 + route-target import evpn 65104:15 + route-target export evpn 65104:15 + router-id 192.168.255.14 + redistribute connected + ! vrf Tenant_A_WAN_Zone rd 192.168.254.14:14 route-target import evpn 65104:14 @@ -403,13 +410,6 @@ router bgp 65104 route-target export evpn 65104:31 router-id 192.168.255.14 redistribute connected - ! - vrf Tenant_L3_VRF_Zone - rd 192.168.254.14:15 - route-target import evpn 65104:15 - route-target export evpn 65104:15 - router-id 192.168.255.14 - redistribute connected ! router ospf 14 vrf Tenant_A_WAN_Zone router-id 192.168.255.14 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1B.cfg index e8a486fc688..998c3d07f0c 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1B.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-BL1B.cfg @@ -52,6 +52,8 @@ vlan 350 ! vrf instance MGMT ! +vrf instance Tenant_A_L3_VRF_Zone +! vrf instance Tenant_A_WAN_Zone ! vrf instance Tenant_B_OP_Zone @@ -60,8 +62,6 @@ vrf instance Tenant_B_WAN_Zone ! vrf instance Tenant_C_WAN_Zone ! -vrf instance Tenant_L3_VRF_Zone -! interface Ethernet1 description P2P_LINK_TO_DC1-SPINE1_Ethernet23 no shutdown @@ -107,7 +107,7 @@ interface Ethernet8 no shutdown mtu 9000 no switchport - vrf Tenant_L3_VRF_Zone + vrf Tenant_A_L3_VRF_Zone ip address 10.10.30.10/24 ! interface Ethernet9 @@ -115,7 +115,7 @@ interface Ethernet9 no shutdown mtu 9000 no switchport - vrf Tenant_L3_VRF_Zone + vrf Tenant_A_L3_VRF_Zone ip address 10.10.40.20/24 ! interface Ethernet10 @@ -123,7 +123,7 @@ interface Ethernet10 no shutdown mtu 9000 no switchport - vrf Tenant_L3_VRF_Zone + vrf Tenant_A_L3_VRF_Zone ip address 10.10.40.20/24 ! interface Ethernet11 @@ -131,7 +131,7 @@ interface Ethernet11 no shutdown mtu 9000 no switchport - vrf Tenant_L3_VRF_Zone + vrf Tenant_A_L3_VRF_Zone ip address 10.10.40.20/24 ! interface Ethernet4000 @@ -186,11 +186,11 @@ interface Vxlan1 vxlan vlan 150 vni 10150 vxlan vlan 250 vni 20250 vxlan vlan 350 vni 30350 + vxlan vrf Tenant_A_L3_VRF_Zone vni 15 vxlan vrf Tenant_A_WAN_Zone vni 14 vxlan vrf Tenant_B_OP_Zone vni 20 vxlan vrf Tenant_B_WAN_Zone vni 21 vxlan vrf Tenant_C_WAN_Zone vni 31 - vxlan vrf Tenant_L3_VRF_Zone vni 15 ! hardware tcam system profile vxlan-routing @@ -199,11 +199,11 @@ ip virtual-router mac-address 00:dc:00:00:00:0a ! ip routing no ip routing vrf MGMT +ip routing vrf Tenant_A_L3_VRF_Zone ip routing vrf Tenant_A_WAN_Zone ip routing vrf Tenant_B_OP_Zone ip routing vrf Tenant_B_WAN_Zone ip routing vrf Tenant_C_WAN_Zone -ip routing vrf Tenant_L3_VRF_Zone ! ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY seq 10 permit 192.168.255.0/24 eq 32 @@ -318,6 +318,13 @@ router bgp 65105 no neighbor EVPN-OVERLAY-PEERS activate neighbor UNDERLAY-PEERS activate ! + vrf Tenant_A_L3_VRF_Zone + rd 192.168.254.15:15 + route-target import evpn 65105:15 + route-target export evpn 65105:15 + router-id 192.168.255.15 + redistribute connected + ! vrf Tenant_A_WAN_Zone rd 192.168.254.15:14 route-target import evpn 65105:14 @@ -386,13 +393,6 @@ router bgp 65105 route-target export evpn 65105:31 router-id 192.168.255.15 redistribute connected - ! - vrf Tenant_L3_VRF_Zone - rd 192.168.254.15:15 - route-target import evpn 65105:15 - route-target export evpn 65105:15 - router-id 192.168.255.15 - redistribute connected ! router ospf 14 vrf Tenant_A_WAN_Zone router-id 192.168.255.15 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2A.cfg index f97c53d7986..b26a3e2b61f 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2A.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2A.cfg @@ -117,6 +117,8 @@ vrf instance Tenant_A_DB_Zone vrf instance Tenant_A_OP_Zone description Tenant_A_OP_Zone ! +vrf instance Tenant_A_OSPF +! vrf instance Tenant_A_WEB_Zone ! vrf instance Tenant_B_OP_Zone @@ -127,8 +129,6 @@ vrf instance Tenant_D_OP_Zone ! vrf instance Tenant_D_WAN_Zone ! -vrf instance Tenant_OSPF -! interface Port-Channel7 description DC1_L2LEAF1_Po1 no shutdown @@ -266,7 +266,7 @@ interface Ethernet21 interface Ethernet22 no shutdown no switchport - vrf Tenant_OSPF + vrf Tenant_A_OSPF ip address 10.0.0.1/30 ip ospf network point-to-point ip ospf area 0 @@ -274,7 +274,7 @@ interface Ethernet22 interface Ethernet23 no shutdown no switchport - vrf Tenant_OSPF + vrf Tenant_A_OSPF ip address 10.0.0.13/30 ip ospf network point-to-point ip ospf area 0 @@ -564,12 +564,12 @@ interface Vxlan1 vxlan vrf Tenant_A_APP_Zone vni 12 vxlan vrf Tenant_A_DB_Zone vni 13 vxlan vrf Tenant_A_OP_Zone vni 10 + vxlan vrf Tenant_A_OSPF vni 16 vxlan vrf Tenant_A_WEB_Zone vni 11 vxlan vrf Tenant_B_OP_Zone vni 20 vxlan vrf Tenant_C_OP_Zone vni 30 vxlan vrf Tenant_D_OP_Zone vni 40 vxlan vrf Tenant_D_WAN_Zone vni 41 - vxlan vrf Tenant_OSPF vni 30 ! hardware tcam system profile vxlan-routing @@ -583,12 +583,12 @@ no ip routing vrf MGMT ip routing vrf Tenant_A_APP_Zone ip routing vrf Tenant_A_DB_Zone ip routing vrf Tenant_A_OP_Zone +ip routing vrf Tenant_A_OSPF ip routing vrf Tenant_A_WEB_Zone ip routing vrf Tenant_B_OP_Zone ip routing vrf Tenant_C_OP_Zone ip routing vrf Tenant_D_OP_Zone ip routing vrf Tenant_D_WAN_Zone -ip routing vrf Tenant_OSPF ipv6 unicast-routing vrf Tenant_D_OP_Zone ipv6 unicast-routing vrf Tenant_D_WAN_Zone ! @@ -753,6 +753,14 @@ router bgp 65102 router-id 192.168.255.10 redistribute connected ! + vrf Tenant_A_OSPF + rd 65001:16 + route-target import evpn 100000:16 + route-target export evpn 100000:16 + router-id 192.168.255.10 + redistribute connected + redistribute ospf + ! vrf Tenant_A_WEB_Zone rd 65001:11 route-target import evpn 100000:11 @@ -788,16 +796,8 @@ router bgp 65102 route-target export evpn 100000:41 router-id 192.168.255.10 redistribute connected - ! - vrf Tenant_OSPF - rd 65001:30 - route-target import evpn 100000:30 - route-target export evpn 100000:30 - router-id 192.168.255.10 - redistribute connected - redistribute ospf ! -router ospf 30 vrf Tenant_OSPF +router ospf 16 vrf Tenant_A_OSPF router-id 192.168.255.10 passive-interface default no passive-interface Ethernet22 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2B.cfg index c7adb0946d4..1f9c9f89f1d 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2B.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-LEAF2B.cfg @@ -117,6 +117,8 @@ vrf instance Tenant_A_DB_Zone vrf instance Tenant_A_OP_Zone description Tenant_A_OP_Zone ! +vrf instance Tenant_A_OSPF +! vrf instance Tenant_A_WEB_Zone ! vrf instance Tenant_B_OP_Zone @@ -127,8 +129,6 @@ vrf instance Tenant_D_OP_Zone ! vrf instance Tenant_D_WAN_Zone ! -vrf instance Tenant_OSPF -! interface Port-Channel7 description DC1_L2LEAF1_Po1 no shutdown @@ -266,7 +266,7 @@ interface Ethernet21 interface Ethernet24 no shutdown no switchport - vrf Tenant_OSPF + vrf Tenant_A_OSPF ip address 10.0.0.5/30 ip ospf network point-to-point ip ospf area 0 @@ -528,12 +528,12 @@ interface Vxlan1 vxlan vrf Tenant_A_APP_Zone vni 12 vxlan vrf Tenant_A_DB_Zone vni 13 vxlan vrf Tenant_A_OP_Zone vni 10 + vxlan vrf Tenant_A_OSPF vni 16 vxlan vrf Tenant_A_WEB_Zone vni 11 vxlan vrf Tenant_B_OP_Zone vni 20 vxlan vrf Tenant_C_OP_Zone vni 30 vxlan vrf Tenant_D_OP_Zone vni 40 vxlan vrf Tenant_D_WAN_Zone vni 41 - vxlan vrf Tenant_OSPF vni 30 ! hardware tcam system profile vxlan-routing @@ -547,12 +547,12 @@ no ip routing vrf MGMT ip routing vrf Tenant_A_APP_Zone ip routing vrf Tenant_A_DB_Zone ip routing vrf Tenant_A_OP_Zone +ip routing vrf Tenant_A_OSPF ip routing vrf Tenant_A_WEB_Zone ip routing vrf Tenant_B_OP_Zone ip routing vrf Tenant_C_OP_Zone ip routing vrf Tenant_D_OP_Zone ip routing vrf Tenant_D_WAN_Zone -ip routing vrf Tenant_OSPF ipv6 unicast-routing vrf Tenant_D_OP_Zone ipv6 unicast-routing vrf Tenant_D_WAN_Zone ! @@ -716,6 +716,14 @@ router bgp 65102 router-id 192.168.255.11 redistribute connected ! + vrf Tenant_A_OSPF + rd 65001:16 + route-target import evpn 100000:16 + route-target export evpn 100000:16 + router-id 192.168.255.11 + redistribute connected + redistribute ospf + ! vrf Tenant_A_WEB_Zone rd 65001:11 route-target import evpn 100000:11 @@ -751,16 +759,8 @@ router bgp 65102 route-target export evpn 100000:41 router-id 192.168.255.11 redistribute connected - ! - vrf Tenant_OSPF - rd 65001:30 - route-target import evpn 100000:30 - route-target export evpn 100000:30 - router-id 192.168.255.11 - redistribute connected - redistribute ospf ! -router ospf 30 vrf Tenant_OSPF +router ospf 16 vrf Tenant_A_OSPF router-id 192.168.255.11 passive-interface default no passive-interface Ethernet24 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF1A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF1A.cfg index de97b8374cc..749c1c4652f 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF1A.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF1A.cfg @@ -152,6 +152,10 @@ vlan 3021 name MLAG_iBGP_MULTICAST_ENABLED_3_DISABLED_4 trunk group LEAF_PEER_L3 ! +vlan 3022 + name MLAG_iBGP_MULTICAST_DISABLED_5_6 + trunk group LEAF_PEER_L3 +! vlan 3030 name MLAG_iBGP_TEN_C_L3_MULTICAST_ENABLED_130_131 trunk group LEAF_PEER_L3 @@ -591,6 +595,13 @@ interface Vlan3021 vrf MULTICAST_ENABLED_3_DISABLED_4 ip address 10.255.251.0/31 ! +interface Vlan3022 + description MLAG_PEER_L3_iBGP: vrf MULTICAST_DISABLED_5_6 + no shutdown + mtu 9000 + vrf MULTICAST_DISABLED_5_6 + ip address 10.255.251.0/31 +! interface Vlan3030 description MLAG_PEER_L3_iBGP: vrf TEN_C_L3_MULTICAST_ENABLED_130_131 no shutdown @@ -705,7 +716,7 @@ interface Vxlan1 vxlan vlan 331 vni 10331 vxlan vlan 550 vni 10550 vxlan vlan 4092 vni 14092 - vxlan vrf MULTICAST_DISABLED_5_6 vni 22 + vxlan vrf MULTICAST_DISABLED_5_6 vni 23 vxlan vrf MULTICAST_DISABLED_310_311 vni 13 vxlan vrf MULTICAST_ENABLED_1_2 vni 21 vxlan vrf MULTICAST_ENABLED_3_DISABLED_4 vni 22 @@ -823,8 +834,8 @@ router bgp 65101 redistribute connected route-map RM-CONN-2-BGP ! vlan-aware-bundle MULTICAST_DISABLED_5_6 - rd 192.168.255.3:22 - route-target both 22:22 + rd 192.168.255.3:23 + route-target both 23:23 redistribute learned vlan 5-6 ! @@ -965,9 +976,9 @@ router bgp 65101 neighbor MLAG-IPv4-UNDERLAY-PEER activate ! vrf MULTICAST_DISABLED_5_6 - rd 192.168.255.3:22 - route-target import evpn 22:22 - route-target export evpn 22:22 + rd 192.168.255.3:23 + route-target import evpn 23:23 + route-target export evpn 23:23 router-id 192.168.255.3 neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF1B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF1B.cfg index 622d5873635..578ee9625c7 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF1B.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF1B.cfg @@ -152,6 +152,10 @@ vlan 3021 name MLAG_iBGP_MULTICAST_ENABLED_3_DISABLED_4 trunk group LEAF_PEER_L3 ! +vlan 3022 + name MLAG_iBGP_MULTICAST_DISABLED_5_6 + trunk group LEAF_PEER_L3 +! vlan 3030 name MLAG_iBGP_TEN_C_L3_MULTICAST_ENABLED_130_131 trunk group LEAF_PEER_L3 @@ -591,6 +595,13 @@ interface Vlan3021 vrf MULTICAST_ENABLED_3_DISABLED_4 ip address 10.255.251.1/31 ! +interface Vlan3022 + description MLAG_PEER_L3_iBGP: vrf MULTICAST_DISABLED_5_6 + no shutdown + mtu 9000 + vrf MULTICAST_DISABLED_5_6 + ip address 10.255.251.1/31 +! interface Vlan3030 description MLAG_PEER_L3_iBGP: vrf TEN_C_L3_MULTICAST_ENABLED_130_131 no shutdown @@ -705,7 +716,7 @@ interface Vxlan1 vxlan vlan 331 vni 10331 vxlan vlan 550 vni 10550 vxlan vlan 4092 vni 14092 - vxlan vrf MULTICAST_DISABLED_5_6 vni 22 + vxlan vrf MULTICAST_DISABLED_5_6 vni 23 vxlan vrf MULTICAST_DISABLED_310_311 vni 13 vxlan vrf MULTICAST_ENABLED_1_2 vni 21 vxlan vrf MULTICAST_ENABLED_3_DISABLED_4 vni 22 @@ -823,8 +834,8 @@ router bgp 65101 redistribute connected route-map RM-CONN-2-BGP ! vlan-aware-bundle MULTICAST_DISABLED_5_6 - rd 192.168.255.4:22 - route-target both 22:22 + rd 192.168.255.4:23 + route-target both 23:23 redistribute learned vlan 5-6 ! @@ -965,9 +976,9 @@ router bgp 65101 neighbor MLAG-IPv4-UNDERLAY-PEER activate ! vrf MULTICAST_DISABLED_5_6 - rd 192.168.255.4:22 - route-target import evpn 22:22 - route-target export evpn 22:22 + rd 192.168.255.4:23 + route-target import evpn 23:23 + route-target export evpn 23:23 router-id 192.168.255.4 neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER redistribute connected diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF2A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF2A.cfg index 739e0915e13..0d9fa41a55f 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF2A.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF2A.cfg @@ -468,7 +468,7 @@ interface Vxlan1 vxlan vlan 331 vni 10331 vxlan vlan 550 vni 10550 vxlan vlan 4092 vni 14092 - vxlan vrf MULTICAST_DISABLED_5_6 vni 22 + vxlan vrf MULTICAST_DISABLED_5_6 vni 23 vxlan vrf MULTICAST_DISABLED_310_311 vni 13 vxlan vrf MULTICAST_ENABLED_1_2 vni 21 vxlan vrf MULTICAST_ENABLED_3_DISABLED_4 vni 22 @@ -741,9 +741,9 @@ router bgp 65103 neighbor IPv4-UNDERLAY-PEERS activate ! vrf MULTICAST_DISABLED_5_6 - rd 192.168.255.5:22 - route-target import evpn 22:22 - route-target export evpn 22:22 + rd 192.168.255.5:23 + route-target import evpn 23:23 + route-target export evpn 23:23 router-id 192.168.255.5 redistribute connected ! diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF3A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF3A.cfg index 7a84104c864..f73a3b64cc7 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF3A.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF3A.cfg @@ -490,7 +490,7 @@ interface Vxlan1 vxlan vlan 331 vni 10331 vxlan vlan 550 vni 10550 vxlan vlan 4092 vni 14092 - vxlan vrf MULTICAST_DISABLED_5_6 vni 22 + vxlan vrf MULTICAST_DISABLED_5_6 vni 23 vxlan vrf MULTICAST_DISABLED_310_311 vni 13 vxlan vrf MULTICAST_ENABLED_1_2 vni 21 vxlan vrf MULTICAST_ENABLED_3_DISABLED_4 vni 22 @@ -763,9 +763,9 @@ router bgp 65104 neighbor IPv4-UNDERLAY-PEERS activate ! vrf MULTICAST_DISABLED_5_6 - rd 192.168.255.6:22 - route-target import evpn 22:22 - route-target export evpn 22:22 + rd 192.168.255.6:23 + route-target import evpn 23:23 + route-target export evpn 23:23 router-id 192.168.255.6 redistribute connected ! diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF3B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF3B.cfg index b3537b2b473..19629babfdf 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF3B.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF3B.cfg @@ -490,7 +490,7 @@ interface Vxlan1 vxlan vlan 331 vni 10331 vxlan vlan 550 vni 10550 vxlan vlan 4092 vni 14092 - vxlan vrf MULTICAST_DISABLED_5_6 vni 22 + vxlan vrf MULTICAST_DISABLED_5_6 vni 23 vxlan vrf MULTICAST_DISABLED_310_311 vni 13 vxlan vrf MULTICAST_ENABLED_1_2 vni 21 vxlan vrf MULTICAST_ENABLED_3_DISABLED_4 vni 22 @@ -763,9 +763,9 @@ router bgp 65105 neighbor IPv4-UNDERLAY-PEERS activate ! vrf MULTICAST_DISABLED_5_6 - rd 192.168.255.7:22 - route-target import evpn 22:22 - route-target export evpn 22:22 + rd 192.168.255.7:23 + route-target import evpn 23:23 + route-target export evpn 23:23 router-id 192.168.255.7 redistribute connected ! diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/IGMP-QUERIER-L3LEAF1A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/IGMP-QUERIER-L3LEAF1A.cfg index 24905d4b9a3..47c2d68e504 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/IGMP-QUERIER-L3LEAF1A.cfg +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/IGMP-QUERIER-L3LEAF1A.cfg @@ -217,7 +217,7 @@ interface Vxlan1 vxlan vlan 123 vni 40123 vxlan vrf IGMP_QUERIER_TEST_1 vni 11 vxlan vrf IGMP_QUERIER_TEST_2 vni 21 - vxlan vrf IGMP_QUERIER_TEST_3 vni 21 + vxlan vrf IGMP_QUERIER_TEST_3 vni 41 ! ip virtual-router mac-address 00:dc:00:00:00:0a ! @@ -360,9 +360,9 @@ router bgp 65101 redistribute connected ! vrf IGMP_QUERIER_TEST_3 - rd 192.168.255.1:21 - route-target import evpn 21:21 - route-target export evpn 21:21 + rd 192.168.255.1:41 + route-target import evpn 41:41 + route-target export evpn 41:41 router-id 192.168.255.1 redistribute connected ! diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1A.yml index ad5b7909e10..46e13baab91 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1A.yml @@ -97,6 +97,18 @@ router_bgp: EVPN-OVERLAY-CORE: activate: true vrfs: + Tenant_A_L3_VRF_Zone: + router_id: 192.168.255.14 + rd: 192.168.254.14:15 + route_targets: + import: + evpn: + - '65104:15' + export: + evpn: + - '65104:15' + redistribute_routes: + - connected Tenant_A_WAN_Zone: router_id: 192.168.255.14 rd: 192.168.254.14:14 @@ -165,18 +177,6 @@ router_bgp: activate: true fd5a:fe45:8831:06c5::b: activate: true - Tenant_L3_VRF_Zone: - router_id: 192.168.255.14 - rd: 192.168.254.14:15 - route_targets: - import: - evpn: - - '65104:15' - export: - evpn: - - '65104:15' - redistribute_routes: - - connected Tenant_B_OP_Zone: router_id: 192.168.255.14 rd: 192.168.254.14:20 @@ -328,10 +328,10 @@ clock: vrfs: MGMT: ip_routing: false - Tenant_A_WAN_Zone: + Tenant_A_L3_VRF_Zone: tenant: Tenant_A ip_routing: true - Tenant_L3_VRF_Zone: + Tenant_A_WAN_Zone: tenant: Tenant_A ip_routing: true Tenant_B_OP_Zone: @@ -407,25 +407,6 @@ ethernet_interfaces: mtu: 1500 type: routed ip_address: 172.31.254.167/31 - Ethernet7: - peer_type: l3_interface - ip_address: 10.10.10.10/24 - mtu: 9000 - shutdown: false - description: test - type: routed - vrf: Tenant_A_WAN_Zone - ospf_area: 0 - ospf_network_point_to_point: true - ospf_cost: 100 - ospf_authentication: message-digest - ospf_message_digest_keys: - 1: - hash_algorithm: sha1 - key: AQQvKeimxJu+uGQ/yYvv9w== - 2: - hash_algorithm: sha512 - key: AQQvKeimxJu+uGQ/yYvv9w== Ethernet8: peer_type: l3_interface ip_address: 10.10.10.10/24 @@ -433,7 +414,7 @@ ethernet_interfaces: shutdown: false description: test type: routed - vrf: Tenant_L3_VRF_Zone + vrf: Tenant_A_L3_VRF_Zone Ethernet9: peer_type: l3_interface ip_address: 10.10.20.20/24 @@ -441,7 +422,7 @@ ethernet_interfaces: shutdown: false description: test type: routed - vrf: Tenant_L3_VRF_Zone + vrf: Tenant_A_L3_VRF_Zone Ethernet10: peer_type: l3_interface ip_address: 10.10.30.10/24 @@ -449,7 +430,7 @@ ethernet_interfaces: shutdown: false description: test-DC1-BL1A type: routed - vrf: Tenant_L3_VRF_Zone + vrf: Tenant_A_L3_VRF_Zone Ethernet11: peer_type: l3_interface ip_address: 10.10.30.10/24 @@ -457,7 +438,26 @@ ethernet_interfaces: shutdown: false description: DC1-BL1A descriptions preferred over single description type: routed - vrf: Tenant_L3_VRF_Zone + vrf: Tenant_A_L3_VRF_Zone + Ethernet7: + peer_type: l3_interface + ip_address: 10.10.10.10/24 + mtu: 9000 + shutdown: false + description: test + type: routed + vrf: Tenant_A_WAN_Zone + ospf_area: 0 + ospf_network_point_to_point: true + ospf_cost: 100 + ospf_authentication: message-digest + ospf_message_digest_keys: + 1: + hash_algorithm: sha1 + key: AQQvKeimxJu+uGQ/yYvv9w== + 2: + hash_algorithm: sha512 + key: AQQvKeimxJu+uGQ/yYvv9w== Ethernet4000: description: My test ip_address: 10.3.2.1/21 @@ -576,10 +576,10 @@ vxlan_interface: 350: vni: 30350 vrfs: + Tenant_A_L3_VRF_Zone: + vni: 15 Tenant_A_WAN_Zone: vni: 14 - Tenant_L3_VRF_Zone: - vni: 15 Tenant_B_OP_Zone: vni: 20 Tenant_B_WAN_Zone: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1B.yml index 7151581e35d..d4a3d9c1deb 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1B.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-BL1B.yml @@ -101,6 +101,18 @@ router_bgp: EVPN-OVERLAY-CORE: activate: true vrfs: + Tenant_A_L3_VRF_Zone: + router_id: 192.168.255.15 + rd: 192.168.254.15:15 + route_targets: + import: + evpn: + - '65105:15' + export: + evpn: + - '65105:15' + redistribute_routes: + - connected Tenant_A_WAN_Zone: router_id: 192.168.255.15 rd: 192.168.254.15:14 @@ -169,18 +181,6 @@ router_bgp: activate: true fd5a:fe45:8831:06c5::b: activate: true - Tenant_L3_VRF_Zone: - router_id: 192.168.255.15 - rd: 192.168.254.15:15 - route_targets: - import: - evpn: - - '65105:15' - export: - evpn: - - '65105:15' - redistribute_routes: - - connected Tenant_B_OP_Zone: router_id: 192.168.255.15 rd: 192.168.254.15:20 @@ -321,10 +321,10 @@ local_users: vrfs: MGMT: ip_routing: false - Tenant_A_WAN_Zone: + Tenant_A_L3_VRF_Zone: tenant: Tenant_A ip_routing: true - Tenant_L3_VRF_Zone: + Tenant_A_WAN_Zone: tenant: Tenant_A ip_routing: true Tenant_B_OP_Zone: @@ -396,14 +396,6 @@ ethernet_interfaces: mtu: 1500 type: routed ip_address: 172.31.254.199/31 - Ethernet7: - peer_type: l3_interface - ip_address: 10.10.20.20/24 - mtu: 9000 - shutdown: false - description: test - type: routed - vrf: Tenant_A_WAN_Zone Ethernet8: peer_type: l3_interface ip_address: 10.10.30.10/24 @@ -411,7 +403,7 @@ ethernet_interfaces: shutdown: false description: test type: routed - vrf: Tenant_L3_VRF_Zone + vrf: Tenant_A_L3_VRF_Zone Ethernet9: peer_type: l3_interface ip_address: 10.10.40.20/24 @@ -419,7 +411,7 @@ ethernet_interfaces: shutdown: false description: test type: routed - vrf: Tenant_L3_VRF_Zone + vrf: Tenant_A_L3_VRF_Zone Ethernet10: peer_type: l3_interface ip_address: 10.10.40.20/24 @@ -427,7 +419,7 @@ ethernet_interfaces: shutdown: false description: test-DC1-BL1B type: routed - vrf: Tenant_L3_VRF_Zone + vrf: Tenant_A_L3_VRF_Zone Ethernet11: peer_type: l3_interface ip_address: 10.10.40.20/24 @@ -435,7 +427,15 @@ ethernet_interfaces: shutdown: false description: DC1-BL1B descriptions preferred over single description type: routed - vrf: Tenant_L3_VRF_Zone + vrf: Tenant_A_L3_VRF_Zone + Ethernet7: + peer_type: l3_interface + ip_address: 10.10.20.20/24 + mtu: 9000 + shutdown: false + description: test + type: routed + vrf: Tenant_A_WAN_Zone Ethernet4000: description: My second test ip_address: 10.1.2.3/12 @@ -553,10 +553,10 @@ vxlan_interface: 350: vni: 30350 vrfs: + Tenant_A_L3_VRF_Zone: + vni: 15 Tenant_A_WAN_Zone: vni: 14 - Tenant_L3_VRF_Zone: - vni: 15 Tenant_B_OP_Zone: vni: 20 Tenant_B_WAN_Zone: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2A.yml index 773958e23be..fffdfe6d0a7 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2A.yml @@ -123,31 +123,31 @@ router_bgp: - '100000:9' redistribute_routes: - connected - Tenant_A_WEB_Zone: + Tenant_A_OSPF: router_id: 192.168.255.10 - rd: '65001:11' + rd: '65001:16' route_targets: import: evpn: - - '100000:11' + - '100000:16' export: evpn: - - '100000:11' + - '100000:16' redistribute_routes: - connected - Tenant_OSPF: + - ospf + Tenant_A_WEB_Zone: router_id: 192.168.255.10 - rd: '65001:30' + rd: '65001:11' route_targets: import: evpn: - - '100000:30' + - '100000:11' export: evpn: - - '100000:30' + - '100000:11' redistribute_routes: - connected - - ospf Tenant_B_OP_Zone: router_id: 192.168.255.10 rd: '65001:20' @@ -360,10 +360,10 @@ vrfs: tenant: Tenant_A ip_routing: true description: Tenant_A_OP_Zone - Tenant_A_WEB_Zone: + Tenant_A_OSPF: tenant: Tenant_A ip_routing: true - Tenant_OSPF: + Tenant_A_WEB_Zone: tenant: Tenant_A ip_routing: true Tenant_B_OP_Zone: @@ -545,7 +545,7 @@ ethernet_interfaces: ip_address: 10.0.0.1/30 shutdown: false type: routed - vrf: Tenant_OSPF + vrf: Tenant_A_OSPF ospf_area: 0 ospf_network_point_to_point: true Ethernet23: @@ -553,7 +553,7 @@ ethernet_interfaces: ip_address: 10.0.0.13/30 shutdown: false type: routed - vrf: Tenant_OSPF + vrf: Tenant_A_OSPF ospf_area: 0 ospf_network_point_to_point: true Ethernet10: @@ -1058,8 +1058,8 @@ ipv6_static_routes: vrf: Tenant_D_OP_Zone router_ospf: process_ids: - 30: - vrf: Tenant_OSPF + 16: + vrf: Tenant_A_OSPF passive_interface_default: true router_id: 192.168.255.10 no_passive_interfaces: @@ -1125,10 +1125,10 @@ vxlan_interface: vni: 13 Tenant_A_OP_Zone: vni: 10 + Tenant_A_OSPF: + vni: 16 Tenant_A_WEB_Zone: vni: 11 - Tenant_OSPF: - vni: 30 Tenant_B_OP_Zone: vni: 20 Tenant_C_OP_Zone: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2B.yml index dc0e52d2fbd..5bca59d2230 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2B.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-LEAF2B.yml @@ -123,31 +123,31 @@ router_bgp: - '100000:9' redistribute_routes: - connected - Tenant_A_WEB_Zone: + Tenant_A_OSPF: router_id: 192.168.255.11 - rd: '65001:11' + rd: '65001:16' route_targets: import: evpn: - - '100000:11' + - '100000:16' export: evpn: - - '100000:11' + - '100000:16' redistribute_routes: - connected - Tenant_OSPF: + - ospf + Tenant_A_WEB_Zone: router_id: 192.168.255.11 - rd: '65001:30' + rd: '65001:11' route_targets: import: evpn: - - '100000:30' + - '100000:11' export: evpn: - - '100000:30' + - '100000:11' redistribute_routes: - connected - - ospf Tenant_B_OP_Zone: router_id: 192.168.255.11 rd: '65001:20' @@ -360,10 +360,10 @@ vrfs: tenant: Tenant_A ip_routing: true description: Tenant_A_OP_Zone - Tenant_A_WEB_Zone: + Tenant_A_OSPF: tenant: Tenant_A ip_routing: true - Tenant_OSPF: + Tenant_A_WEB_Zone: tenant: Tenant_A ip_routing: true Tenant_B_OP_Zone: @@ -545,7 +545,7 @@ ethernet_interfaces: ip_address: 10.0.0.5/30 shutdown: false type: routed - vrf: Tenant_OSPF + vrf: Tenant_A_OSPF ospf_area: 0 ospf_network_point_to_point: true Ethernet10: @@ -999,8 +999,8 @@ ipv6_static_routes: vrf: Tenant_D_OP_Zone router_ospf: process_ids: - 30: - vrf: Tenant_OSPF + 16: + vrf: Tenant_A_OSPF passive_interface_default: true router_id: 192.168.255.11 no_passive_interfaces: @@ -1065,10 +1065,10 @@ vxlan_interface: vni: 13 Tenant_A_OP_Zone: vni: 10 + Tenant_A_OSPF: + vni: 16 Tenant_A_WEB_Zone: vni: 11 - Tenant_OSPF: - vni: 30 Tenant_B_OP_Zone: vni: 20 Tenant_C_OP_Zone: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF1A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF1A.yml index ca2dea5f4e2..4e775643d52 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF1A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF1A.yml @@ -98,14 +98,14 @@ router_bgp: peer_group: MLAG-IPv4-UNDERLAY-PEER MULTICAST_DISABLED_5_6: router_id: 192.168.255.3 - rd: 192.168.255.3:22 + rd: 192.168.255.3:23 route_targets: import: evpn: - - '22:22' + - '23:23' export: evpn: - - '22:22' + - '23:23' redistribute_routes: - connected neighbors: @@ -348,10 +348,10 @@ router_bgp: - igmp vlan: '4092' MULTICAST_DISABLED_5_6: - rd: 192.168.255.3:22 + rd: 192.168.255.3:23 route_targets: both: - - '22:22' + - '23:23' redistribute_routes: - learned vlan: 5-6 @@ -647,9 +647,9 @@ vlans: 6: tenant: Tenant_B name: MULTICAST_DISABLED_6 - 3021: + 3022: tenant: Tenant_B - name: MLAG_iBGP_MULTICAST_ENABLED_3_DISABLED_4 + name: MLAG_iBGP_MULTICAST_DISABLED_5_6 trunk_groups: - LEAF_PEER_L3 1: @@ -669,6 +669,11 @@ vlans: 4: tenant: Tenant_B name: MULTICAST_DISABLED_4 + 3021: + tenant: Tenant_B + name: MLAG_iBGP_MULTICAST_ENABLED_3_DISABLED_4 + trunk_groups: + - LEAF_PEER_L3 7: tenant: Tenant_B name: MULTICAST_DISABLED_7 @@ -868,12 +873,12 @@ vlan_interfaces: shutdown: false ip_address_virtual: 10.0.6.1/24 vrf: MULTICAST_DISABLED_5_6 - Vlan3021: + Vlan3022: tenant: Tenant_B type: underlay_peering shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf MULTICAST_ENABLED_3_DISABLED_4' - vrf: MULTICAST_ENABLED_3_DISABLED_4 + description: 'MLAG_PEER_L3_iBGP: vrf MULTICAST_DISABLED_5_6' + vrf: MULTICAST_DISABLED_5_6 mtu: 9000 ip_address: 10.255.251.0/31 Vlan1: @@ -916,6 +921,14 @@ vlan_interfaces: shutdown: false ip_address_virtual: 10.0.4.1/24 vrf: MULTICAST_ENABLED_3_DISABLED_4 + Vlan3021: + tenant: Tenant_B + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf MULTICAST_ENABLED_3_DISABLED_4' + vrf: MULTICAST_ENABLED_3_DISABLED_4 + mtu: 9000 + ip_address: 10.255.251.0/31 Vlan330: tenant: Tenant_C tags: @@ -1456,7 +1469,7 @@ vxlan_interface: MULTICAST_ENABLED_210_DISABLED_211: vni: 12 MULTICAST_DISABLED_5_6: - vni: 22 + vni: 23 MULTICAST_ENABLED_1_2: vni: 21 MULTICAST_ENABLED_3_DISABLED_4: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF1B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF1B.yml index f7be0767918..62d74ab1d68 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF1B.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF1B.yml @@ -98,14 +98,14 @@ router_bgp: peer_group: MLAG-IPv4-UNDERLAY-PEER MULTICAST_DISABLED_5_6: router_id: 192.168.255.4 - rd: 192.168.255.4:22 + rd: 192.168.255.4:23 route_targets: import: evpn: - - '22:22' + - '23:23' export: evpn: - - '22:22' + - '23:23' redistribute_routes: - connected neighbors: @@ -348,10 +348,10 @@ router_bgp: - igmp vlan: '4092' MULTICAST_DISABLED_5_6: - rd: 192.168.255.4:22 + rd: 192.168.255.4:23 route_targets: both: - - '22:22' + - '23:23' redistribute_routes: - learned vlan: 5-6 @@ -647,9 +647,9 @@ vlans: 6: tenant: Tenant_B name: MULTICAST_DISABLED_6 - 3021: + 3022: tenant: Tenant_B - name: MLAG_iBGP_MULTICAST_ENABLED_3_DISABLED_4 + name: MLAG_iBGP_MULTICAST_DISABLED_5_6 trunk_groups: - LEAF_PEER_L3 1: @@ -669,6 +669,11 @@ vlans: 4: tenant: Tenant_B name: MULTICAST_DISABLED_4 + 3021: + tenant: Tenant_B + name: MLAG_iBGP_MULTICAST_ENABLED_3_DISABLED_4 + trunk_groups: + - LEAF_PEER_L3 7: tenant: Tenant_B name: MULTICAST_DISABLED_7 @@ -868,12 +873,12 @@ vlan_interfaces: shutdown: false ip_address_virtual: 10.0.6.1/24 vrf: MULTICAST_DISABLED_5_6 - Vlan3021: + Vlan3022: tenant: Tenant_B type: underlay_peering shutdown: false - description: 'MLAG_PEER_L3_iBGP: vrf MULTICAST_ENABLED_3_DISABLED_4' - vrf: MULTICAST_ENABLED_3_DISABLED_4 + description: 'MLAG_PEER_L3_iBGP: vrf MULTICAST_DISABLED_5_6' + vrf: MULTICAST_DISABLED_5_6 mtu: 9000 ip_address: 10.255.251.1/31 Vlan1: @@ -916,6 +921,14 @@ vlan_interfaces: shutdown: false ip_address_virtual: 10.0.4.1/24 vrf: MULTICAST_ENABLED_3_DISABLED_4 + Vlan3021: + tenant: Tenant_B + type: underlay_peering + shutdown: false + description: 'MLAG_PEER_L3_iBGP: vrf MULTICAST_ENABLED_3_DISABLED_4' + vrf: MULTICAST_ENABLED_3_DISABLED_4 + mtu: 9000 + ip_address: 10.255.251.1/31 Vlan330: tenant: Tenant_C tags: @@ -1456,7 +1469,7 @@ vxlan_interface: MULTICAST_ENABLED_210_DISABLED_211: vni: 12 MULTICAST_DISABLED_5_6: - vni: 22 + vni: 23 MULTICAST_ENABLED_1_2: vni: 21 MULTICAST_ENABLED_3_DISABLED_4: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF2A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF2A.yml index 56c76a8adaf..6297c1cc6d9 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF2A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF2A.yml @@ -76,14 +76,14 @@ router_bgp: - connected MULTICAST_DISABLED_5_6: router_id: 192.168.255.5 - rd: 192.168.255.5:22 + rd: 192.168.255.5:23 route_targets: import: evpn: - - '22:22' + - '23:23' export: evpn: - - '22:22' + - '23:23' redistribute_routes: - connected MULTICAST_ENABLED_1_2: @@ -1170,7 +1170,7 @@ vxlan_interface: MULTICAST_ENABLED_210_DISABLED_211: vni: 12 MULTICAST_DISABLED_5_6: - vni: 22 + vni: 23 MULTICAST_ENABLED_1_2: vni: 21 MULTICAST_ENABLED_3_DISABLED_4: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF3A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF3A.yml index 42847d16ad8..10ba4a3652a 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF3A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF3A.yml @@ -76,14 +76,14 @@ router_bgp: - connected MULTICAST_DISABLED_5_6: router_id: 192.168.255.6 - rd: 192.168.255.6:22 + rd: 192.168.255.6:23 route_targets: import: evpn: - - '22:22' + - '23:23' export: evpn: - - '22:22' + - '23:23' redistribute_routes: - connected MULTICAST_ENABLED_1_2: @@ -1202,7 +1202,7 @@ vxlan_interface: MULTICAST_ENABLED_210_DISABLED_211: vni: 12 MULTICAST_DISABLED_5_6: - vni: 22 + vni: 23 MULTICAST_ENABLED_1_2: vni: 21 MULTICAST_ENABLED_3_DISABLED_4: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF3B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF3B.yml index c3344b6276b..8a41a93e882 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF3B.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF3B.yml @@ -76,14 +76,14 @@ router_bgp: - connected MULTICAST_DISABLED_5_6: router_id: 192.168.255.7 - rd: 192.168.255.7:22 + rd: 192.168.255.7:23 route_targets: import: evpn: - - '22:22' + - '23:23' export: evpn: - - '22:22' + - '23:23' redistribute_routes: - connected MULTICAST_ENABLED_1_2: @@ -1202,7 +1202,7 @@ vxlan_interface: MULTICAST_ENABLED_210_DISABLED_211: vni: 12 MULTICAST_DISABLED_5_6: - vni: 22 + vni: 23 MULTICAST_ENABLED_1_2: vni: 21 MULTICAST_ENABLED_3_DISABLED_4: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/IGMP-QUERIER-L3LEAF1A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/IGMP-QUERIER-L3LEAF1A.yml index 8678dd4c32a..3c2bc71c0a1 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/IGMP-QUERIER-L3LEAF1A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/IGMP-QUERIER-L3LEAF1A.yml @@ -55,14 +55,14 @@ router_bgp: - connected IGMP_QUERIER_TEST_3: router_id: 192.168.255.1 - rd: 192.168.255.1:21 + rd: 192.168.255.1:41 route_targets: import: evpn: - - '21:21' + - '41:41' export: evpn: - - '21:21' + - '41:41' redistribute_routes: - connected vlans: @@ -532,4 +532,4 @@ vxlan_interface: IGMP_QUERIER_TEST_2: vni: 21 IGMP_QUERIER_TEST_3: - vni: 21 + vni: 41 diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_A.yml index 1446fe88077..74057d60d05 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_A.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_A.yml @@ -199,7 +199,7 @@ Tenant_A: address_family: evpn route_target: '65000:789' # nodes not set - so all devices should get this additional route target - Tenant_L3_VRF_Zone: + Tenant_A_L3_VRF_Zone: vrf_vni: 15 l3_interfaces: - interfaces: [Ethernet8, Ethernet9, Ethernet8, Ethernet9] @@ -222,8 +222,8 @@ Tenant_A: description: "Single description" descriptions: ["DC1-BL1A descriptions preferred over single description", "DC1-BL1B descriptions preferred over single description"] # no description nor desciptions is tested in Tenant_OSPF below - Tenant_OSPF: - vrf_id: 30 + Tenant_A_OSPF: + vrf_id: 16 ospf: enabled: true l3_interfaces: diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/EVPN_MULTICAST_TESTS.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/EVPN_MULTICAST_TESTS.yml index 4b4150dd3f7..ab0d7af6f72 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/EVPN_MULTICAST_TESTS.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/EVPN_MULTICAST_TESTS.yml @@ -170,7 +170,7 @@ tenants: ip_address_virtual: 10.0.4.1/24 MULTICAST_DISABLED_5_6: description: "MULTICAST_DISABLED_5_6" - vrf_vni: 22 + vrf_vni: 23 svis: # Expected results: # - vlan 5 and 6 not configured with multicast diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/IGMP_QUERIER_TESTS.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/IGMP_QUERIER_TESTS.yml index 83850fa5d32..5717c4acdbe 100644 --- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/IGMP_QUERIER_TESTS.yml +++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/IGMP_QUERIER_TESTS.yml @@ -129,7 +129,7 @@ tenants: vrfs: IGMP_QUERIER_TEST_3: description: "IGMP_QUERIER_TEST_3" - vrf_vni: 21 + vrf_vni: 41 svis: # Expected results: # igmp querier enabled, querier address set to loopback 0 address 192.168.255.1, and version not set (would default to EOS default -> 2) diff --git a/ansible_collections/arista/avd/roles/eos_designs/doc/network-services.md b/ansible_collections/arista/avd/roles/eos_designs/doc/network-services.md index 58e43c2fc51..114322ce574 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/doc/network-services.md +++ b/ansible_collections/arista/avd/roles/eos_designs/doc/network-services.md @@ -5,7 +5,8 @@ - e.g. Tenants can be organizations or departments. - The tenant shares a common vni range for mac vrf assignment. - The filtering model allows for granular deployment of network service to the fabric leveraging the tenant name and tags applied to the service definition. - - This allows for the re-use of SVIs and VLANs across the fabric. + - This allows for the re-use of SVI/VLAN IDs across the fabric. + - An error will be returned at runtime in case of duplicate SVI/VLAN IDs, VRF names or VNIs targeted towards the same device. ## Variables and Options diff --git a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vlans.py b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vlans.py index 77c37e3c6de..59d7742978d 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vlans.py +++ b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vlans.py @@ -1,6 +1,9 @@ from __future__ import annotations from functools import cached_property +from typing import NoReturn + +from ansible_collections.arista.avd.plugins.plugin_utils.errors import AristaAvdError from .utils import UtilsMixin @@ -14,9 +17,12 @@ class VlansMixin(UtilsMixin): @cached_property def vlans(self) -> dict | None: """ - Return structured config for vlans + Return structured config for vlans. + + Consist of svis, mlag peering vlans and l2vlans from filtered tenants. - Consist of svis, mlag peering vlans and l2vlans from filtered tenants + This function also detects duplicate vlans and raise an error in case of duplicates between + SVIs in all VRFs and L2VLANs deployed on this device. """ if not self._network_services_l2: @@ -27,6 +33,9 @@ def vlans(self) -> dict | None: for vrf in tenant["vrfs"]: for svi in vrf["svis"]: vlan_id = int(svi["id"]) + if vlan_id in vlans: + self._raise_duplicate_vlan_error(vlan_id, f"SVI in VRF '{vrf['name']}'", tenant["name"], vlans[vlan_id]) + vlans[vlan_id] = self._get_vlan_config(svi, tenant) # MLAG IBGP Peering VLANs per VRF @@ -34,6 +43,11 @@ def vlans(self) -> dict | None: if (vlan_id := self._mlag_ibgp_peering_vlan_vrf(vrf, tenant)) is None: continue + if vlan_id in vlans: + self._raise_duplicate_vlan_error( + vlan_id, f"MLAG Peering VLAN in vrf '{vrf['name']}' (check for duplicate VRF VNI/ID)", tenant["name"], vlans[vlan_id] + ) + vlans[vlan_id] = { "tenant": tenant["name"], "name": f"MLAG_iBGP_{vrf['name']}", @@ -43,6 +57,9 @@ def vlans(self) -> dict | None: # L2 Vlans per Tenant for l2vlan in tenant["l2vlans"]: vlan_id = int(l2vlan["id"]) + if vlan_id in vlans: + self._raise_duplicate_vlan_error(vlan_id, "L2VLAN", tenant["name"], vlans[vlan_id]) + vlans[vlan_id] = self._get_vlan_config(l2vlan, tenant) if vlans: @@ -71,3 +88,10 @@ def _get_vlan_config(self, vlan, tenant) -> dict: vlans_vlan["trunk_groups"] = trunk_groups return vlans_vlan + + def _raise_duplicate_vlan_error(self, vlan_id: int, context: str, tenant_name: str, duplicate_vlan_config: dict) -> NoReturn: + msg = f"Duplicate VLAN ID '{vlan_id}' found in Tenant '{tenant_name}' during configuration of {context}." + if (duplicate_vlan_tenant := duplicate_vlan_config["tenant"]) != tenant_name: + msg = f"{msg} Other VLAN is in Tenant '{duplicate_vlan_tenant}'." + + raise AristaAvdError(msg) diff --git a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vrfs.py b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vrfs.py index d78065dda28..6a522439a3e 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vrfs.py +++ b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vrfs.py @@ -1,6 +1,9 @@ from __future__ import annotations from functools import cached_property +from typing import NoReturn + +from ansible_collections.arista.avd.plugins.plugin_utils.errors import AristaAvdError from .utils import UtilsMixin @@ -14,9 +17,12 @@ class VrfsMixin(UtilsMixin): @cached_property def vrfs(self) -> dict | None: """ - Return structured config for vrfs + Return structured config for vrfs. + + Used for creating VRFs except VRF "default". - Used for creating VRFs except VRF "default" + This function also detects duplicate vrfs and raise an error in case of duplicates between + all Tenants deployed on this device. """ if not self._network_services_l3: @@ -29,6 +35,9 @@ def vrfs(self) -> dict | None: if vrf_name == "default": continue + if vrf_name in vrfs: + self._raise_duplicate_vrf_error(vrf_name, tenant["name"], vrfs[vrf_name]) + new_vrf = { "tenant": tenant["name"], "ip_routing": True, @@ -63,3 +72,10 @@ def _has_ipv6(self, vrf) -> bool: return True return False + + def _raise_duplicate_vrf_error(self, vrf_name: str, tenant_name: str, duplicate_vrf_config: dict) -> NoReturn: + msg = f"Duplicate VRF '{vrf_name}' found in Tenant '{tenant_name}'." + if (duplicate_vlan_tenant := duplicate_vrf_config["tenant"]) != tenant_name: + msg = f"{msg} Other VRF is in Tenant '{duplicate_vlan_tenant}'." + + raise AristaAvdError(msg) diff --git a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vxlan_interface.py b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vxlan_interface.py index 5ec66dda380..a43b450262b 100644 --- a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vxlan_interface.py +++ b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vxlan_interface.py @@ -1,9 +1,11 @@ from __future__ import annotations from functools import cached_property +from typing import NoReturn from ansible_collections.arista.avd.plugins.filter.natural_sort import natural_sort from ansible_collections.arista.avd.plugins.filter.range_expand import range_expand +from ansible_collections.arista.avd.plugins.plugin_utils.errors import AristaAvdError from ansible_collections.arista.avd.plugins.plugin_utils.utils import default, get, unique from ansible_collections.arista.avd.roles.eos_designs.python_modules.ip_addressing import AvdIpAddressing @@ -27,6 +29,9 @@ def vxlan_interface(self) -> dict | None: Returns structured config for vxlan_interface Only used for VTEPs + + This function also detects duplicate VNIs and raise an error in case of duplicates between + all Network Services deployed on this device. """ if not self._overlay_vtep: return None @@ -49,15 +54,21 @@ def vxlan_interface(self) -> dict | None: vlans = {} vrfs = {} + # vnis is a dict of {: }. Only used to detect duplicates. + vnis = {} for tenant in self._filtered_tenants: for vrf in tenant["vrfs"]: for svi in vrf["svis"]: if vlan := self._get_vxlan_interface_config_for_vlan(svi, tenant): vlan_id = int(svi["id"]) + if (vni := vlan["vni"]) in vnis: + self._raise_duplicate_vni_error(vni, f"SVI '{vlan_id} in vrf '{vrf['name']}'", tenant["name"], vnis[vni]) + + vnis[vni] = tenant["name"] vlans[vlan_id] = vlan if self._network_services_l3 and self._overlay_evpn: - key = vrf["name"] + vrf_name = vrf["name"] vni = default( vrf.get("vrf_vni"), vrf.get("vrf_id"), @@ -65,7 +76,11 @@ def vxlan_interface(self) -> dict | None: if vni is not None: # Silently ignore if we cannot set a VNI # This is legacy behavior so we will leave stricter enforcement to the schema - vrfs[key] = {"vni": vni} + if vni in vnis: + self._raise_duplicate_vni_error(vni, f"VRF '{vrf_name}'", tenant["name"], vnis[vni]) + + vnis[vni] = tenant["name"] + vrfs[vrf_name] = {"vni": vni} if get(vrf, "_evpn_l3_multicast_enabled"): underlay_l3_multicast_group_ipv4_pool = get( @@ -78,11 +93,15 @@ def vxlan_interface(self) -> dict | None: tenant, "evpn_l3_multicast.evpn_underlay_l3_multicast_group_ipv4_pool_offset", default=0 ) offset = vni - 1 + underlay_l3_mcast_group_ipv4_pool_offset - vrfs[key]["multicast_group"] = self._avd_ip_addressing._ip(underlay_l3_multicast_group_ipv4_pool, 32, offset, 0) + vrfs[vrf_name]["multicast_group"] = self._avd_ip_addressing._ip(underlay_l3_multicast_group_ipv4_pool, 32, offset, 0) for l2vlan in tenant["l2vlans"]: if vlan := self._get_vxlan_interface_config_for_vlan(l2vlan, tenant): vlan_id = int(l2vlan["id"]) + if (vni := vlan["vni"]) in vnis: + self._raise_duplicate_vni_error(vni, f"L2VLAN '{vlan_id}'", tenant["name"], vnis[vni]) + + vnis[vni] = tenant["name"] vlans[vlan_id] = vlan if vlans: @@ -111,7 +130,7 @@ def _get_vxlan_interface_config_for_vlan(self, vlan, tenant) -> dict: vxlan_interface_vlan = {} vlan_id = int(vlan["id"]) if (vni_override := vlan.get("vni_override")) is not None: - vxlan_interface_vlan["vni"] = vni_override + vxlan_interface_vlan["vni"] = int(vni_override) else: mac_vrf_vni_base = int(get(tenant, "mac_vrf_vni_base", required=True, org_key=f"'mac_vrf_vni_base' for Tenant: {tenant['name']}")) vxlan_interface_vlan["vni"] = mac_vrf_vni_base + vlan_id @@ -180,3 +199,10 @@ def _overlay_her_flood_lists(self) -> dict[list]: overlay_her_flood_lists.setdefault(int(vlan), []).append(vtep_ip) return overlay_her_flood_lists + + def _raise_duplicate_vni_error(self, vni: int, context: str, tenant_name: str, duplicate_vni_tenant: str) -> NoReturn: + msg = f"Duplicate VXLAN VNI '{vni}' found in Tenant '{tenant_name}' during configuration of {context}." + if duplicate_vni_tenant != tenant_name: + msg = f"{msg} Other VNI is in Tenant '{duplicate_vni_tenant}'." + + raise AristaAvdError(msg)