Merge branch 'devel' into mpls_tunnel

.github/workflows/new-cvp-integration.yml

@@ -29,7 +29,7 @@ jobs:
       - name: Run molecule action
         env:
           CVAAS_AAWG_CI: ${{ secrets.CVAAS_AAWG_CI }}
-        uses: arista-netdevops-community/action-molecule-avd@v1.7
+        uses: arista-netdevops-community/action-molecule-avd@v1.8.1
         with:
           molecule_parentdir: 'ansible_collections/arista/avd'
           molecule_command: 'test'
@@ -62,7 +62,7 @@ jobs:
       - name: Run molecule action
         env:
           CVAAS_AAWG_CI: ${{ secrets.CVAAS_AAWG_CI }}
-        uses: arista-netdevops-community/action-molecule-avd@v1.7
+        uses: arista-netdevops-community/action-molecule-avd@v1.8.1
         with:
           molecule_parentdir: 'ansible_collections/arista/avd'
           molecule_command: 'test'

.github/workflows/pull-request-management.yml

@@ -141,7 +141,7 @@ jobs:
           echo "ANSIBLE_FORCE_COLOR=1" >> $GITHUB_ENV
       - uses: actions/checkout@v4
       - name: Run molecule action
-        uses: arista-netdevops-community/action-molecule-avd@v1.7
+        uses: arista-netdevops-community/action-molecule-avd@v1.8.1
         with:
           molecule_parentdir: 'ansible_collections/arista/avd'
           molecule_command: 'test'
@@ -176,7 +176,7 @@ jobs:
           echo "ANSIBLE_FORCE_COLOR=1" >> $GITHUB_ENV
       - uses: actions/checkout@v4
       - name: Run molecule action
-        uses: arista-netdevops-community/action-molecule-avd@v1.7
+        uses: arista-netdevops-community/action-molecule-avd@v1.8.1
         with:
           molecule_parentdir: 'ansible_collections/arista/avd'
           molecule_command: 'test'
@@ -247,7 +247,7 @@ jobs:
           cat ${{ matrix.pip_requirements }}
         if: matrix.pip_requirements == 'tmp-requirements-minimum.txt'
       - name: Run molecule action
-        uses: arista-netdevops-community/action-molecule-avd@v1.7
+        uses: arista-netdevops-community/action-molecule-avd@v1.8.1
         with:
           molecule_parentdir: 'ansible_collections/arista/avd'
           molecule_command: 'test'
@@ -286,7 +286,7 @@ jobs:
           echo "ANSIBLE_FORCE_COLOR=1" >> $GITHUB_ENV
       - uses: actions/checkout@v4
       - name: Run molecule action
-        uses: arista-netdevops-community/action-molecule-avd@v1.7
+        uses: arista-netdevops-community/action-molecule-avd@v1.8.1
         with:
           molecule_parentdir: 'ansible_collections/arista/avd'
           molecule_command: 'test'
@@ -326,7 +326,7 @@ jobs:
           echo "ANSIBLE_FORCE_COLOR=1" >> $GITHUB_ENV
       - uses: actions/checkout@v4
       - name: Run molecule action
-        uses: arista-netdevops-community/action-molecule-avd@v1.7
+        uses: arista-netdevops-community/action-molecule-avd@v1.8.1
         with:
           molecule_parentdir: 'ansible_collections/arista/avd'
           molecule_command: 'test'

ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-virtual-router-mac-address.md

@@ -0,0 +1,51 @@
+# ip-virtual-router-mac-address
+
+## Table of Contents
+
+- [Management](#management)
+  - [Management Interfaces](#management-interfaces)
+- [Routing](#routing)
+  - [Virtual Router MAC Address](#virtual-router-mac-address)
+
+## Management
+
+### Management Interfaces
+
+#### Management Interfaces Summary
+
+##### IPv4
+
+| Management Interface | Description | Type | VRF | IP Address | Gateway |
+| -------------------- | ----------- | ---- | --- | ---------- | ------- |
+| Management1 | oob_management | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 |
+
+##### IPv6
+
+| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway |
+| -------------------- | ----------- | ---- | --- | ------------ | ------------ |
+| Management1 | oob_management | oob | MGMT | - | - |
+
+#### Management Interfaces Device Configuration
+
+```eos
+!
+interface Management1
+   description oob_management
+   vrf MGMT
+   ip address 10.73.255.122/24
+```
+
+## Routing
+
+### Virtual Router MAC Address
+
+#### Virtual Router MAC Address Summary
+
+Virtual Router MAC Address: 00:1c:73:00:dc:01
+
+#### Virtual Router MAC Address Device Configuration
+
+```eos
+!
+ip virtual-router mac-address 00:1c:73:00:dc:01
+```

ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/prompt-2.md

@@ -0,0 +1,42 @@
+# prompt-2
+
+## Table of Contents
+
+- [Management](#management)
+  - [Management Interfaces](#management-interfaces)
+- [Prompt Device Configuration](#prompt-device-configuration)
+
+## Management
+
+### Management Interfaces
+
+#### Management Interfaces Summary
+
+##### IPv4
+
+| Management Interface | Description | Type | VRF | IP Address | Gateway |
+| -------------------- | ----------- | ---- | --- | ---------- | ------- |
+| Management1 | oob_management | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 |
+
+##### IPv6
+
+| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway |
+| -------------------- | ----------- | ---- | --- | ------------ | ------------ |
+| Management1 | oob_management | oob | MGMT | - | - |
+
+#### Management Interfaces Device Configuration
+
+```eos
+!
+interface Management1
+   description oob_management
+   vrf MGMT
+   ip address 10.73.255.122/24
+```
+
+## Prompt Device Configuration
+
+```eos
+!
+prompt Test
+```

ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/router-bgp-evpn.md

@@ -294,6 +294,7 @@ router bgp 65101
    vrf TENANT_A_PROJECT01
       rd 192.168.255.3:11
       evpn multicast
+         gateway dr election algorithm preference 10000
       default-route export evpn
       route-target import evpn 11:11
       route-target export evpn 11:11

ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-virtual-router-mac-address.cfg

@@ -0,0 +1,17 @@
+!RANCID-CONTENT-TYPE: arista
+!
+transceiver qsfp default-mode 4x10G
+!
+hostname ip-virtual-router-mac-address
+!
+no enable password
+no aaa root
+!
+interface Management1
+   description oob_management
+   vrf MGMT
+   ip address 10.73.255.122/24
+!
+ip virtual-router mac-address 00:1c:73:00:dc:01
+!
+end

ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/prompt-2.cfg

@@ -0,0 +1,17 @@
+!RANCID-CONTENT-TYPE: arista
+!
+prompt Test
+!
+transceiver qsfp default-mode 4x10G
+!
+hostname prompt-2
+!
+no enable password
+no aaa root
+!
+interface Management1
+   description oob_management
+   vrf MGMT
+   ip address 10.73.255.122/24
+!
+end

ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/router-bgp-evpn.cfg

@@ -143,6 +143,7 @@ router bgp 65101
    vrf TENANT_A_PROJECT01
       rd 192.168.255.3:11
       evpn multicast
+         gateway dr election algorithm preference 10000
       default-route export evpn
       route-target import evpn 11:11
       route-target export evpn 11:11

ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-virtual-router-mac-address.yml

@@ -0,0 +1,2 @@
+### IP Virtual Router MAC Address ###
+ip_virtual_router_mac_address: 00:1c:73:00:dc:01

ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/prompt-2.yml

@@ -0,0 +1,2 @@
+### Prompt without unsafe for pyavd coverage report
+prompt: Test

ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/router-bgp-evpn.yml

@@ -242,6 +242,9 @@ router_bgp:
       router_id: 192.168.255.3
       rd: "192.168.255.3:11"
       evpn_multicast: true
+      evpn_multicast_gateway_dr_election:
+        algorithm: preference
+        preference_value: 10000
       default_route_exports:
         - address_family: evpn
       route_targets:

ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/hosts.ini

@@ -57,6 +57,7 @@ ip-routing-fib
 ip-radius-source-interface
 ip-tacacs-source-interface
 ip-client-source-interfaces
+ip-virtual-router-mac-address
 ipv6-access-lists
 ipv6-dhcp-relay
 ipv6-neighbors
@@ -112,6 +113,7 @@ policy-maps-pbr
 port-channel-interfaces
 prefix-lists
 prompt
+prompt-2
 ptp
 qos
 queue-monitor-length

ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/router-bgp.md

@@ -625,6 +625,9 @@
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;evpn_multicast_address_family</samp>](## "router_bgp.vrfs.[].evpn_multicast_address_family") | Dictionary |  |  |  | Enable per-AF EVPN multicast settings. |
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ipv4</samp>](## "router_bgp.vrfs.[].evpn_multicast_address_family.ipv4") | Dictionary |  |  |  |  |
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;transit</samp>](## "router_bgp.vrfs.[].evpn_multicast_address_family.ipv4.transit") | Boolean |  |  |  | Enable EVPN multicast transit mode. |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;evpn_multicast_gateway_dr_election</samp>](## "router_bgp.vrfs.[].evpn_multicast_gateway_dr_election") | Dictionary |  |  |  |  |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;algorithm</samp>](## "router_bgp.vrfs.[].evpn_multicast_gateway_dr_election.algorithm") | String | Required |  | Valid Values:<br>- <code>hrw</code><br>- <code>modulus</code><br>- <code>preference</code> | DR election algorithms:<br>  hrw: Default selection based on highest random weight.<br>  modulus: Selection based on VLAN ID modulo number of candidates.<br>  preference: Selection based on a configured preference value. |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;preference_value</samp>](## "router_bgp.vrfs.[].evpn_multicast_gateway_dr_election.preference_value") | Integer |  |  | Min: 0<br>Max: 65535 | Required when `algorithm` is `preference`. |
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;default_route_exports</samp>](## "router_bgp.vrfs.[].default_route_exports") | List, items: Dictionary |  |  |  | Enable default-originate per VRF/address-family. |
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;address_family</samp>](## "router_bgp.vrfs.[].default_route_exports.[].address_family") | String | Required, Unique |  | Valid Values:<br>- <code>evpn</code><br>- <code>vpn-ipv4</code><br>- <code>vpn-ipv6</code> |  |
     | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;always</samp>](## "router_bgp.vrfs.[].default_route_exports.[].always") | Boolean |  |  |  |  |
@@ -2076,6 +2079,16 @@
 
               # Enable EVPN multicast transit mode.
               transit: <bool>
+          evpn_multicast_gateway_dr_election:
+
+            # DR election algorithms:
+            #   hrw: Default selection based on highest random weight.
+            #   modulus: Selection based on VLAN ID modulo number of candidates.
+            #   preference: Selection based on a configured preference value.
+            algorithm: <str; "hrw" | "modulus" | "preference"; required>
+
+            # Required when `algorithm` is `preference`.
+            preference_value: <int; 0-65535>
 
           # Enable default-originate per VRF/address-family.
           default_route_exports:

ansible_collections/arista/avd/roles/eos_designs/docs/how-to/wan.md

@@ -576,16 +576,12 @@ interface Ethernet3
 An internet-exit policy of type `zscaler` leverages the following AVD data model to generate the target configuration.
 
 AVD supports up to three tunnels (primary, secondary, tertiary).
-
-The target is for this data to be retrieved from Cloudvision through a lookup plugin for each device to determine what are the best tunnel(s) to use for a given location.
+AVD `eos_designs` will fetch Zscaler integration information from Cloudvision.
 
 ```yaml
-# Variables used by the lookup plugin to connect to Cloudvision
-cv_server: <cloudvision_ip>
-cv_token: <cloudvision_token>
-
-# Lookup plugin usage
-zscaler_endpoints: "{{ lookup('arista.avd.cv_zscaler_endpoints') }}"
+# Variables used by eos_designs to connect to Cloudvision
+cv_server:  <hostname or IP address of CloudVision host. Ex. "www.arista.io" for CVaaS>
+cv_token: <service account token as defined on CloudVision. This value should be using Ansible Vault>
 ```
 
 For each `zscaler` type Internet-policies, AVD uses the `cv_pathinfder_internet_exit_policies[name=<POLICY-NAME>].zscaler` dictionary and the `zscaler_endpoints` in combination with the `l3_interfaces.cv_pathfinder_internet_exit.policies[name=<POLICY-NAME>].tunnel_interface_numbers` to generate the internet-exit configuration.

ansible_collections/arista/avd/roles/eos_designs/docs/tables/evpn-settings.md

@@ -16,7 +16,7 @@
     | [<samp>&nbsp;&nbsp;window</samp>](## "evpn_hostflap_detection.window") | Integer |  | `180` |  | Time (in seconds) to detect a MAC duplication issue. |
     | [<samp>&nbsp;&nbsp;expiry_timeout</samp>](## "evpn_hostflap_detection.expiry_timeout") | Integer |  |  |  | Time (in seconds) to purge a MAC duplication issue. |
     | [<samp>evpn_import_pruning</samp>](## "evpn_import_pruning") | Boolean |  | `False` |  | Enable VPN import pruning (Min. EOS 4.24.2F).<br>The Route Target extended communities carried by incoming VPN paths will be examined.<br>If none of those Route Targets have been configured for import, the path will be immediately discarded.<br> |
-    | [<samp>evpn_multicast</samp>](## "evpn_multicast") | Boolean |  | `False` |  | General Configuration required for EVPN Multicast. "evpn_l2_multicast" or "evpn_l3_multicast" must also be configured under the Network Services (tenants).<br>Requires "underlay_multicast: true" and IGMP snooping enabled globally (default).<br>For MLAG devices Route Distinguisher must be unique since this feature will create multi-vtep configuration.<br>Warning !!! For Trident3 based platforms i.e 7050X3, 7300X3, 720XP and 722XP<br>  The Following default platform setting will be configured: "platform trident forwarding-table partition flexible exact-match 16384 l2-shared 98304 l3-shared 131072"<br>  All forwarding agents will be restarted when this configuration is applied.<br>  You can tune the settings by overriding the default variable: "platform_settings[platforms].trident_forwarding_table_partition:"<br>  Please contact an Arista representative for help with determining the appropriate values for your environment.<br> |
+    | [<samp>evpn_multicast</samp>](## "evpn_multicast") | Boolean |  | `False` |  | General Configuration required for EVPN Multicast. "evpn_l2_multicast" or "evpn_l3_multicast" must also be configured under the Network Services (tenants).<br>Requires "underlay_multicast: true" and IGMP snooping enabled globally (default).<br>For MLAG devices Route Distinguisher must be unique since this feature will create multi-vtep configuration.<br>Warning !!! For Trident3 based platforms i.e 7050X3, 7300X3, 720XP.<br>  The Following default platform setting will be configured on 7050X3 and 7300X3: "platform trident forwarding-table partition flexible exact-match 16384 l2-shared 98304 l3-shared 131072"<br>  The Following default platform setting will be configured on 720XP: "flexible exact-match 16000 l2-shared 18000 l3-shared 22000"<br>  All forwarding agents will be restarted when this configuration is applied.<br>  You can tune the settings by overriding the default variable: "platform_settings[platforms].trident_forwarding_table_partition:"<br>  Please contact an Arista representative for help with determining the appropriate values for your environment.<br> |
     | [<samp>evpn_overlay_bgp_rtc</samp>](## "evpn_overlay_bgp_rtc") | Boolean |  | `False` |  | Enable Route Target Membership Constraint Address Family on EVPN overlay BGP peerings (Min. EOS 4.25.1F).<br>Requires use eBGP as overlay protocol.<br> |
     | [<samp>evpn_prevent_readvertise_to_server</samp>](## "evpn_prevent_readvertise_to_server") | Boolean |  | `False` |  | Configure route-map on eBGP sessions towards route-servers, where prefixes with the peer's ASN in the AS Path are filtered away.<br>This is very useful in large-scale networks, where convergence will be quicker by not returning all updates received<br>from Route-server-1 to Router-server-2 just for Route-server-2 to throw them away because of AS Path loop detection.<br> |
     | [<samp>evpn_rd_type</samp>](## "evpn_rd_type") <span style="color:red">removed</span> | Dictionary |  |  |  | <span style="color:red">This key was removed. Support was removed in AVD version 4.0.0. Use <samp>overlay_rd_type</samp> instead.</span> |
@@ -60,8 +60,9 @@
     # General Configuration required for EVPN Multicast. "evpn_l2_multicast" or "evpn_l3_multicast" must also be configured under the Network Services (tenants).
     # Requires "underlay_multicast: true" and IGMP snooping enabled globally (default).
     # For MLAG devices Route Distinguisher must be unique since this feature will create multi-vtep configuration.
-    # Warning !!! For Trident3 based platforms i.e 7050X3, 7300X3, 720XP and 722XP
-    #   The Following default platform setting will be configured: "platform trident forwarding-table partition flexible exact-match 16384 l2-shared 98304 l3-shared 131072"
+    # Warning !!! For Trident3 based platforms i.e 7050X3, 7300X3, 720XP.
+    #   The Following default platform setting will be configured on 7050X3 and 7300X3: "platform trident forwarding-table partition flexible exact-match 16384 l2-shared 98304 l3-shared 131072"
+    #   The Following default platform setting will be configured on 720XP: "flexible exact-match 16000 l2-shared 18000 l3-shared 22000"
     #   All forwarding agents will be restarted when this configuration is applied.
     #   You can tune the settings by overriding the default variable: "platform_settings[platforms].trident_forwarding_table_partition:"
     #   Please contact an Arista representative for help with determining the appropriate values for your environment.

ansible_collections/arista/avd/roles/eos_designs/docs/tables/management-interface-settings.md

@@ -7,7 +7,7 @@
 
     | Variable | Type | Required | Default | Value Restrictions | Description |
     | -------- | ---- | -------- | ------- | ------------------ | ----------- |
-    | [<samp>default_mgmt_method</samp>](## "default_mgmt_method") | String |  | `oob` | Valid Values:<br>- <code>oob</code><br>- <code>inband</code><br>- <code>none</code> | `default_mgmt_method` controls the default VRF and source interface used for the following management and monitoring protocols configured with `eos_designs`:<br>  - `cv_settings`<br>  - `dns_settings`<br>  - `ntp_settings`<br>  - `sflow_settings`<br><br>`oob` means the protocols will be configured with the VRF set by `mgmt_interface_vrf` and `mgmt_interface` as the source interface.<br>`inband` means the protocols will be configured with the VRF set by `inband_mgmt_vrf` and `inband_mgmt_interface` as the source interface.<br>`none` means the VRF and or interface must be manually set for each protocol.<br>This can be overridden under the settings for each protocol.<br> |
+    | [<samp>default_mgmt_method</samp>](## "default_mgmt_method") | String |  | `oob` | Valid Values:<br>- <code>oob</code><br>- <code>inband</code><br>- <code>none</code> | `default_mgmt_method` controls the default VRF and source interface used for the following management and monitoring protocols configured with `eos_designs`:<br>  - `ntp_settings`<br>  - `sflow_settings`<br><br>`oob` means the protocols will be configured with the VRF set by `mgmt_interface_vrf` and `mgmt_interface` as the source interface.<br>`inband` means the protocols will be configured with the VRF set by `inband_mgmt_vrf` and `inband_mgmt_interface` as the source interface.<br>`none` means the VRF and or interface must be manually set for each protocol.<br>This can be overridden under the settings for each protocol.<br> |
     | [<samp>mgmt_destination_networks</samp>](## "mgmt_destination_networks") | List, items: String |  |  |  | List of IPv4 prefixes to configure as static routes towards the OOB Management interface gateway.<br>Replaces the default route. |
     | [<samp>&nbsp;&nbsp;-&nbsp;&lt;str&gt;</samp>](## "mgmt_destination_networks.[]") | String |  |  |  | IPv4_address/Mask. |
     | [<samp>mgmt_gateway</samp>](## "mgmt_gateway") | String |  |  |  | OOB Management interface gateway in IPv4 format.<br>Used as next-hop for default gateway or static routes defined under 'mgmt_destination_networks'.<br> |
@@ -20,8 +20,6 @@
 
     ```yaml
     # `default_mgmt_method` controls the default VRF and source interface used for the following management and monitoring protocols configured with `eos_designs`:
-    #   - `cv_settings`
-    #   - `dns_settings`
     #   - `ntp_settings`
     #   - `sflow_settings`
     #

ansible_collections/arista/avd/roles/eos_designs/docs/tables/platform-settings.md

@@ -139,8 +139,8 @@
           reload_delay:
             mlag: 300
             non_mlag: 330
-          trident_forwarding_table_partition: flexible exact-match 16384 l2-shared 98304 l3-shared
-            131072
+          trident_forwarding_table_partition: flexible exact-match 16000 l2-shared 18000 l3-shared
+            22000
         - feature_support:
             poe: true
             queue_monitor_length_notify: false