diff --git a/.github/workflows/new-cvp-integration.yml b/.github/workflows/new-cvp-integration.yml
index 6912091e871..733f90afc47 100644
--- a/.github/workflows/new-cvp-integration.yml
+++ b/.github/workflows/new-cvp-integration.yml
@@ -29,7 +29,7 @@ jobs:
- name: Run molecule action
env:
CVAAS_AAWG_CI: ${{ secrets.CVAAS_AAWG_CI }}
- uses: arista-netdevops-community/action-molecule-avd@v1.7
+ uses: arista-netdevops-community/action-molecule-avd@v1.8.1
with:
molecule_parentdir: 'ansible_collections/arista/avd'
molecule_command: 'test'
@@ -62,7 +62,7 @@ jobs:
- name: Run molecule action
env:
CVAAS_AAWG_CI: ${{ secrets.CVAAS_AAWG_CI }}
- uses: arista-netdevops-community/action-molecule-avd@v1.7
+ uses: arista-netdevops-community/action-molecule-avd@v1.8.1
with:
molecule_parentdir: 'ansible_collections/arista/avd'
molecule_command: 'test'
diff --git a/.github/workflows/pull-request-management.yml b/.github/workflows/pull-request-management.yml
index ea8ceaabca3..a9af5ba85bf 100644
--- a/.github/workflows/pull-request-management.yml
+++ b/.github/workflows/pull-request-management.yml
@@ -141,7 +141,7 @@ jobs:
echo "ANSIBLE_FORCE_COLOR=1" >> $GITHUB_ENV
- uses: actions/checkout@v4
- name: Run molecule action
- uses: arista-netdevops-community/action-molecule-avd@v1.7
+ uses: arista-netdevops-community/action-molecule-avd@v1.8.1
with:
molecule_parentdir: 'ansible_collections/arista/avd'
molecule_command: 'test'
@@ -176,7 +176,7 @@ jobs:
echo "ANSIBLE_FORCE_COLOR=1" >> $GITHUB_ENV
- uses: actions/checkout@v4
- name: Run molecule action
- uses: arista-netdevops-community/action-molecule-avd@v1.7
+ uses: arista-netdevops-community/action-molecule-avd@v1.8.1
with:
molecule_parentdir: 'ansible_collections/arista/avd'
molecule_command: 'test'
@@ -247,7 +247,7 @@ jobs:
cat ${{ matrix.pip_requirements }}
if: matrix.pip_requirements == 'tmp-requirements-minimum.txt'
- name: Run molecule action
- uses: arista-netdevops-community/action-molecule-avd@v1.7
+ uses: arista-netdevops-community/action-molecule-avd@v1.8.1
with:
molecule_parentdir: 'ansible_collections/arista/avd'
molecule_command: 'test'
@@ -286,7 +286,7 @@ jobs:
echo "ANSIBLE_FORCE_COLOR=1" >> $GITHUB_ENV
- uses: actions/checkout@v4
- name: Run molecule action
- uses: arista-netdevops-community/action-molecule-avd@v1.7
+ uses: arista-netdevops-community/action-molecule-avd@v1.8.1
with:
molecule_parentdir: 'ansible_collections/arista/avd'
molecule_command: 'test'
@@ -326,7 +326,7 @@ jobs:
echo "ANSIBLE_FORCE_COLOR=1" >> $GITHUB_ENV
- uses: actions/checkout@v4
- name: Run molecule action
- uses: arista-netdevops-community/action-molecule-avd@v1.7
+ uses: arista-netdevops-community/action-molecule-avd@v1.8.1
with:
molecule_parentdir: 'ansible_collections/arista/avd'
molecule_command: 'test'
diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-virtual-router-mac-address.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-virtual-router-mac-address.md
new file mode 100644
index 00000000000..091214ec5c0
--- /dev/null
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-virtual-router-mac-address.md
@@ -0,0 +1,51 @@
+# ip-virtual-router-mac-address
+
+## Table of Contents
+
+- [Management](#management)
+ - [Management Interfaces](#management-interfaces)
+- [Routing](#routing)
+ - [Virtual Router MAC Address](#virtual-router-mac-address)
+
+## Management
+
+### Management Interfaces
+
+#### Management Interfaces Summary
+
+##### IPv4
+
+| Management Interface | Description | Type | VRF | IP Address | Gateway |
+| -------------------- | ----------- | ---- | --- | ---------- | ------- |
+| Management1 | oob_management | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 |
+
+##### IPv6
+
+| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway |
+| -------------------- | ----------- | ---- | --- | ------------ | ------------ |
+| Management1 | oob_management | oob | MGMT | - | - |
+
+#### Management Interfaces Device Configuration
+
+```eos
+!
+interface Management1
+ description oob_management
+ vrf MGMT
+ ip address 10.73.255.122/24
+```
+
+## Routing
+
+### Virtual Router MAC Address
+
+#### Virtual Router MAC Address Summary
+
+Virtual Router MAC Address: 00:1c:73:00:dc:01
+
+#### Virtual Router MAC Address Device Configuration
+
+```eos
+!
+ip virtual-router mac-address 00:1c:73:00:dc:01
+```
diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/prompt-2.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/prompt-2.md
new file mode 100644
index 00000000000..a311cb612e9
--- /dev/null
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/prompt-2.md
@@ -0,0 +1,42 @@
+# prompt-2
+
+## Table of Contents
+
+- [Management](#management)
+ - [Management Interfaces](#management-interfaces)
+- [Prompt Device Configuration](#prompt-device-configuration)
+
+## Management
+
+### Management Interfaces
+
+#### Management Interfaces Summary
+
+##### IPv4
+
+| Management Interface | Description | Type | VRF | IP Address | Gateway |
+| -------------------- | ----------- | ---- | --- | ---------- | ------- |
+| Management1 | oob_management | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 |
+
+##### IPv6
+
+| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway |
+| -------------------- | ----------- | ---- | --- | ------------ | ------------ |
+| Management1 | oob_management | oob | MGMT | - | - |
+
+#### Management Interfaces Device Configuration
+
+```eos
+!
+interface Management1
+ description oob_management
+ vrf MGMT
+ ip address 10.73.255.122/24
+```
+
+## Prompt Device Configuration
+
+```eos
+!
+prompt Test
+```
diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/router-bgp-evpn.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/router-bgp-evpn.md
index 820aa6cf7bc..80a41884d31 100644
--- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/router-bgp-evpn.md
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/router-bgp-evpn.md
@@ -294,6 +294,7 @@ router bgp 65101
vrf TENANT_A_PROJECT01
rd 192.168.255.3:11
evpn multicast
+ gateway dr election algorithm preference 10000
default-route export evpn
route-target import evpn 11:11
route-target export evpn 11:11
diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-virtual-router-mac-address.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-virtual-router-mac-address.cfg
new file mode 100644
index 00000000000..a050cb8d880
--- /dev/null
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-virtual-router-mac-address.cfg
@@ -0,0 +1,17 @@
+!RANCID-CONTENT-TYPE: arista
+!
+transceiver qsfp default-mode 4x10G
+!
+hostname ip-virtual-router-mac-address
+!
+no enable password
+no aaa root
+!
+interface Management1
+ description oob_management
+ vrf MGMT
+ ip address 10.73.255.122/24
+!
+ip virtual-router mac-address 00:1c:73:00:dc:01
+!
+end
diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/prompt-2.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/prompt-2.cfg
new file mode 100644
index 00000000000..79ca5ad48c6
--- /dev/null
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/prompt-2.cfg
@@ -0,0 +1,17 @@
+!RANCID-CONTENT-TYPE: arista
+!
+prompt Test
+!
+transceiver qsfp default-mode 4x10G
+!
+hostname prompt-2
+!
+no enable password
+no aaa root
+!
+interface Management1
+ description oob_management
+ vrf MGMT
+ ip address 10.73.255.122/24
+!
+end
diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/router-bgp-evpn.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/router-bgp-evpn.cfg
index c07488642dc..05e321d5bb1 100644
--- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/router-bgp-evpn.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/router-bgp-evpn.cfg
@@ -143,6 +143,7 @@ router bgp 65101
vrf TENANT_A_PROJECT01
rd 192.168.255.3:11
evpn multicast
+ gateway dr election algorithm preference 10000
default-route export evpn
route-target import evpn 11:11
route-target export evpn 11:11
diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-virtual-router-mac-address.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-virtual-router-mac-address.yml
new file mode 100644
index 00000000000..61c6b13012c
--- /dev/null
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-virtual-router-mac-address.yml
@@ -0,0 +1,2 @@
+### IP Virtual Router MAC Address ###
+ip_virtual_router_mac_address: 00:1c:73:00:dc:01
diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/prompt-2.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/prompt-2.yml
new file mode 100644
index 00000000000..364ea7db813
--- /dev/null
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/prompt-2.yml
@@ -0,0 +1,2 @@
+### Prompt without unsafe for pyavd coverage report
+prompt: Test
diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/router-bgp-evpn.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/router-bgp-evpn.yml
index 3fec1ba5eaf..b084a4fdb90 100644
--- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/router-bgp-evpn.yml
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/router-bgp-evpn.yml
@@ -242,6 +242,9 @@ router_bgp:
router_id: 192.168.255.3
rd: "192.168.255.3:11"
evpn_multicast: true
+ evpn_multicast_gateway_dr_election:
+ algorithm: preference
+ preference_value: 10000
default_route_exports:
- address_family: evpn
route_targets:
diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/hosts.ini b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/hosts.ini
index 3c25f8740bc..59b014b709d 100644
--- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/hosts.ini
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/hosts.ini
@@ -57,6 +57,7 @@ ip-routing-fib
ip-radius-source-interface
ip-tacacs-source-interface
ip-client-source-interfaces
+ip-virtual-router-mac-address
ipv6-access-lists
ipv6-dhcp-relay
ipv6-neighbors
@@ -112,6 +113,7 @@ policy-maps-pbr
port-channel-interfaces
prefix-lists
prompt
+prompt-2
ptp
qos
queue-monitor-length
diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/router-bgp.md b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/router-bgp.md
index 172a82695b5..f11713438f2 100644
--- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/router-bgp.md
+++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/router-bgp.md
@@ -625,6 +625,9 @@
| [ evpn_multicast_address_family](## "router_bgp.vrfs.[].evpn_multicast_address_family") | Dictionary | | | | Enable per-AF EVPN multicast settings. |
| [ ipv4](## "router_bgp.vrfs.[].evpn_multicast_address_family.ipv4") | Dictionary | | | | |
| [ transit](## "router_bgp.vrfs.[].evpn_multicast_address_family.ipv4.transit") | Boolean | | | | Enable EVPN multicast transit mode. |
+ | [ evpn_multicast_gateway_dr_election](## "router_bgp.vrfs.[].evpn_multicast_gateway_dr_election") | Dictionary | | | | |
+ | [ algorithm](## "router_bgp.vrfs.[].evpn_multicast_gateway_dr_election.algorithm") | String | Required | | Valid Values:
- hrw
- modulus
- preference | DR election algorithms:
hrw: Default selection based on highest random weight.
modulus: Selection based on VLAN ID modulo number of candidates.
preference: Selection based on a configured preference value. |
+ | [ preference_value](## "router_bgp.vrfs.[].evpn_multicast_gateway_dr_election.preference_value") | Integer | | | Min: 0
Max: 65535 | Required when `algorithm` is `preference`. |
| [ default_route_exports](## "router_bgp.vrfs.[].default_route_exports") | List, items: Dictionary | | | | Enable default-originate per VRF/address-family. |
| [ - address_family](## "router_bgp.vrfs.[].default_route_exports.[].address_family") | String | Required, Unique | | Valid Values:
- evpn
- vpn-ipv4
- vpn-ipv6 | |
| [ always](## "router_bgp.vrfs.[].default_route_exports.[].always") | Boolean | | | | |
@@ -2076,6 +2079,16 @@
# Enable EVPN multicast transit mode.
transit:
+ evpn_multicast_gateway_dr_election:
+
+ # DR election algorithms:
+ # hrw: Default selection based on highest random weight.
+ # modulus: Selection based on VLAN ID modulo number of candidates.
+ # preference: Selection based on a configured preference value.
+ algorithm:
+
+ # Required when `algorithm` is `preference`.
+ preference_value:
# Enable default-originate per VRF/address-family.
default_route_exports:
diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/how-to/wan.md b/ansible_collections/arista/avd/roles/eos_designs/docs/how-to/wan.md
index 302c036f063..2cafff1fe47 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/docs/how-to/wan.md
+++ b/ansible_collections/arista/avd/roles/eos_designs/docs/how-to/wan.md
@@ -576,16 +576,12 @@ interface Ethernet3
An internet-exit policy of type `zscaler` leverages the following AVD data model to generate the target configuration.
AVD supports up to three tunnels (primary, secondary, tertiary).
-
-The target is for this data to be retrieved from Cloudvision through a lookup plugin for each device to determine what are the best tunnel(s) to use for a given location.
+AVD `eos_designs` will fetch Zscaler integration information from Cloudvision.
```yaml
-# Variables used by the lookup plugin to connect to Cloudvision
-cv_server:
-cv_token:
-
-# Lookup plugin usage
-zscaler_endpoints: "{{ lookup('arista.avd.cv_zscaler_endpoints') }}"
+# Variables used by eos_designs to connect to Cloudvision
+cv_server:
+cv_token:
```
For each `zscaler` type Internet-policies, AVD uses the `cv_pathinfder_internet_exit_policies[name=].zscaler` dictionary and the `zscaler_endpoints` in combination with the `l3_interfaces.cv_pathfinder_internet_exit.policies[name=].tunnel_interface_numbers` to generate the internet-exit configuration.
diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/evpn-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/evpn-settings.md
index c597fe72c99..8fe82029c44 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/evpn-settings.md
+++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/evpn-settings.md
@@ -16,7 +16,7 @@
| [ window](## "evpn_hostflap_detection.window") | Integer | | `180` | | Time (in seconds) to detect a MAC duplication issue. |
| [ expiry_timeout](## "evpn_hostflap_detection.expiry_timeout") | Integer | | | | Time (in seconds) to purge a MAC duplication issue. |
| [evpn_import_pruning](## "evpn_import_pruning") | Boolean | | `False` | | Enable VPN import pruning (Min. EOS 4.24.2F).
The Route Target extended communities carried by incoming VPN paths will be examined.
If none of those Route Targets have been configured for import, the path will be immediately discarded.
|
- | [evpn_multicast](## "evpn_multicast") | Boolean | | `False` | | General Configuration required for EVPN Multicast. "evpn_l2_multicast" or "evpn_l3_multicast" must also be configured under the Network Services (tenants).
Requires "underlay_multicast: true" and IGMP snooping enabled globally (default).
For MLAG devices Route Distinguisher must be unique since this feature will create multi-vtep configuration.
Warning !!! For Trident3 based platforms i.e 7050X3, 7300X3, 720XP and 722XP
The Following default platform setting will be configured: "platform trident forwarding-table partition flexible exact-match 16384 l2-shared 98304 l3-shared 131072"
All forwarding agents will be restarted when this configuration is applied.
You can tune the settings by overriding the default variable: "platform_settings[platforms].trident_forwarding_table_partition:"
Please contact an Arista representative for help with determining the appropriate values for your environment.
|
+ | [evpn_multicast](## "evpn_multicast") | Boolean | | `False` | | General Configuration required for EVPN Multicast. "evpn_l2_multicast" or "evpn_l3_multicast" must also be configured under the Network Services (tenants).
Requires "underlay_multicast: true" and IGMP snooping enabled globally (default).
For MLAG devices Route Distinguisher must be unique since this feature will create multi-vtep configuration.
Warning !!! For Trident3 based platforms i.e 7050X3, 7300X3, 720XP.
The Following default platform setting will be configured on 7050X3 and 7300X3: "platform trident forwarding-table partition flexible exact-match 16384 l2-shared 98304 l3-shared 131072"
The Following default platform setting will be configured on 720XP: "flexible exact-match 16000 l2-shared 18000 l3-shared 22000"
All forwarding agents will be restarted when this configuration is applied.
You can tune the settings by overriding the default variable: "platform_settings[platforms].trident_forwarding_table_partition:"
Please contact an Arista representative for help with determining the appropriate values for your environment.
|
| [evpn_overlay_bgp_rtc](## "evpn_overlay_bgp_rtc") | Boolean | | `False` | | Enable Route Target Membership Constraint Address Family on EVPN overlay BGP peerings (Min. EOS 4.25.1F).
Requires use eBGP as overlay protocol.
|
| [evpn_prevent_readvertise_to_server](## "evpn_prevent_readvertise_to_server") | Boolean | | `False` | | Configure route-map on eBGP sessions towards route-servers, where prefixes with the peer's ASN in the AS Path are filtered away.
This is very useful in large-scale networks, where convergence will be quicker by not returning all updates received
from Route-server-1 to Router-server-2 just for Route-server-2 to throw them away because of AS Path loop detection.
|
| [evpn_rd_type](## "evpn_rd_type") removed | Dictionary | | | | This key was removed. Support was removed in AVD version 4.0.0. Use overlay_rd_type instead. |
@@ -60,8 +60,9 @@
# General Configuration required for EVPN Multicast. "evpn_l2_multicast" or "evpn_l3_multicast" must also be configured under the Network Services (tenants).
# Requires "underlay_multicast: true" and IGMP snooping enabled globally (default).
# For MLAG devices Route Distinguisher must be unique since this feature will create multi-vtep configuration.
- # Warning !!! For Trident3 based platforms i.e 7050X3, 7300X3, 720XP and 722XP
- # The Following default platform setting will be configured: "platform trident forwarding-table partition flexible exact-match 16384 l2-shared 98304 l3-shared 131072"
+ # Warning !!! For Trident3 based platforms i.e 7050X3, 7300X3, 720XP.
+ # The Following default platform setting will be configured on 7050X3 and 7300X3: "platform trident forwarding-table partition flexible exact-match 16384 l2-shared 98304 l3-shared 131072"
+ # The Following default platform setting will be configured on 720XP: "flexible exact-match 16000 l2-shared 18000 l3-shared 22000"
# All forwarding agents will be restarted when this configuration is applied.
# You can tune the settings by overriding the default variable: "platform_settings[platforms].trident_forwarding_table_partition:"
# Please contact an Arista representative for help with determining the appropriate values for your environment.
diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/management-interface-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/management-interface-settings.md
index 4a1c7f35d11..a167532c024 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/management-interface-settings.md
+++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/management-interface-settings.md
@@ -7,7 +7,7 @@
| Variable | Type | Required | Default | Value Restrictions | Description |
| -------- | ---- | -------- | ------- | ------------------ | ----------- |
- | [default_mgmt_method](## "default_mgmt_method") | String | | `oob` | Valid Values:
- oob
- inband
- none | `default_mgmt_method` controls the default VRF and source interface used for the following management and monitoring protocols configured with `eos_designs`:
- `cv_settings`
- `dns_settings`
- `ntp_settings`
- `sflow_settings`
`oob` means the protocols will be configured with the VRF set by `mgmt_interface_vrf` and `mgmt_interface` as the source interface.
`inband` means the protocols will be configured with the VRF set by `inband_mgmt_vrf` and `inband_mgmt_interface` as the source interface.
`none` means the VRF and or interface must be manually set for each protocol.
This can be overridden under the settings for each protocol.
|
+ | [default_mgmt_method](## "default_mgmt_method") | String | | `oob` | Valid Values:
- oob
- inband
- none | `default_mgmt_method` controls the default VRF and source interface used for the following management and monitoring protocols configured with `eos_designs`:
- `ntp_settings`
- `sflow_settings`
`oob` means the protocols will be configured with the VRF set by `mgmt_interface_vrf` and `mgmt_interface` as the source interface.
`inband` means the protocols will be configured with the VRF set by `inband_mgmt_vrf` and `inband_mgmt_interface` as the source interface.
`none` means the VRF and or interface must be manually set for each protocol.
This can be overridden under the settings for each protocol.
|
| [mgmt_destination_networks](## "mgmt_destination_networks") | List, items: String | | | | List of IPv4 prefixes to configure as static routes towards the OOB Management interface gateway.
Replaces the default route. |
| [ - <str>](## "mgmt_destination_networks.[]") | String | | | | IPv4_address/Mask. |
| [mgmt_gateway](## "mgmt_gateway") | String | | | | OOB Management interface gateway in IPv4 format.
Used as next-hop for default gateway or static routes defined under 'mgmt_destination_networks'.
|
@@ -20,8 +20,6 @@
```yaml
# `default_mgmt_method` controls the default VRF and source interface used for the following management and monitoring protocols configured with `eos_designs`:
- # - `cv_settings`
- # - `dns_settings`
# - `ntp_settings`
# - `sflow_settings`
#
diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/platform-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/platform-settings.md
index d6babc2f87d..1de6f9c3293 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/platform-settings.md
+++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/platform-settings.md
@@ -139,8 +139,8 @@
reload_delay:
mlag: 300
non_mlag: 330
- trident_forwarding_table_partition: flexible exact-match 16384 l2-shared 98304 l3-shared
- 131072
+ trident_forwarding_table_partition: flexible exact-match 16000 l2-shared 18000 l3-shared
+ 22000
- feature_support:
poe: true
queue_monitor_length_notify: false
diff --git a/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/router-bgp.j2 b/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/router-bgp.j2
index 4391c12cd14..55f42568851 100644
--- a/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/router-bgp.j2
+++ b/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/router-bgp.j2
@@ -1473,6 +1473,15 @@ router bgp {{ router_bgp.as }}
{% endif %}
{% if vrf.evpn_multicast is arista.avd.defined(true) %}
evpn multicast
+{% if vrf.evpn_multicast_gateway_dr_election.algorithm is arista.avd.defined %}
+{% if vrf.evpn_multicast_gateway_dr_election.algorithm == "preference" %}
+{% if vrf.evpn_multicast_gateway_dr_election.preference_value is arista.avd.defined %}
+ gateway dr election algorithm preference {{ vrf.evpn_multicast_gateway_dr_election.preference_value }}
+{% endif %}
+{% else %}
+ gateway dr election algorithm {{ vrf.evpn_multicast_gateway_dr_election.algorithm }}
+{% endif %}
+{% endif %}
{% if vrf.evpn_multicast_address_family.ipv4 is arista.avd.defined
and vrf.evpn_multicast_address_family.ipv4.transit is arista.avd.defined(true) %}
address-family ipv4
diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.jsonschema.json b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.jsonschema.json
index cf645f33cf4..4f6710fb87c 100644
--- a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.jsonschema.json
+++ b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.jsonschema.json
@@ -22054,6 +22054,36 @@
},
"title": "EVPN Multicast Address Family"
},
+ "evpn_multicast_gateway_dr_election": {
+ "type": "object",
+ "properties": {
+ "algorithm": {
+ "type": "string",
+ "description": "DR election algorithms:\n hrw: Default selection based on highest random weight.\n modulus: Selection based on VLAN ID modulo number of candidates.\n preference: Selection based on a configured preference value.",
+ "enum": [
+ "hrw",
+ "modulus",
+ "preference"
+ ],
+ "title": "Algorithm"
+ },
+ "preference_value": {
+ "type": "integer",
+ "description": "Required when `algorithm` is `preference`.",
+ "minimum": 0,
+ "maximum": 65535,
+ "title": "Preference Value"
+ }
+ },
+ "required": [
+ "algorithm"
+ ],
+ "additionalProperties": false,
+ "patternProperties": {
+ "^_.+$": {}
+ },
+ "title": "EVPN Multicast Gateway DR Election"
+ },
"default_route_exports": {
"type": "array",
"description": "Enable default-originate per VRF/address-family.",
diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml
index 6b1d7519180..f13704ad8b4 100644
--- a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml
+++ b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml
@@ -13134,6 +13134,27 @@ keys:
transit:
type: bool
description: Enable EVPN multicast transit mode.
+ evpn_multicast_gateway_dr_election:
+ type: dict
+ keys:
+ algorithm:
+ type: str
+ required: true
+ description: "DR election algorithms:\n hrw: Default selection
+ based on highest random weight.\n modulus: Selection based on
+ VLAN ID modulo number of candidates.\n preference: Selection
+ based on a configured preference value."
+ valid_values:
+ - hrw
+ - modulus
+ - preference
+ preference_value:
+ type: int
+ description: Required when `algorithm` is `preference`.
+ min: 0
+ max: 65535
+ convert_types:
+ - str
default_route_exports:
type: list
primary_key: address_family
diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/router_bgp.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/router_bgp.schema.yml
index 07e9e5f3a32..cc249514a92 100644
--- a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/router_bgp.schema.yml
+++ b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/router_bgp.schema.yml
@@ -2415,6 +2415,28 @@ keys:
transit:
type: bool
description: Enable EVPN multicast transit mode.
+ evpn_multicast_gateway_dr_election:
+ type: dict
+ keys:
+ algorithm:
+ type: str
+ required: true
+ description: |-
+ DR election algorithms:
+ hrw: Default selection based on highest random weight.
+ modulus: Selection based on VLAN ID modulo number of candidates.
+ preference: Selection based on a configured preference value.
+ valid_values:
+ - hrw
+ - modulus
+ - preference
+ preference_value:
+ type: int
+ description: Required when `algorithm` is `preference`.
+ min: 0
+ max: 65535
+ convert_types:
+ - str
default_route_exports:
type: list
primary_key: address_family
diff --git a/python-avd/pyavd/_eos_designs/schema/eos_designs.jsonschema.json b/python-avd/pyavd/_eos_designs/schema/eos_designs.jsonschema.json
index 74e07a4f8c2..6074177e863 100644
--- a/python-avd/pyavd/_eos_designs/schema/eos_designs.jsonschema.json
+++ b/python-avd/pyavd/_eos_designs/schema/eos_designs.jsonschema.json
@@ -5973,7 +5973,7 @@
},
"default_mgmt_method": {
"type": "string",
- "description": "`default_mgmt_method` controls the default VRF and source interface used for the following management and monitoring protocols configured with `eos_designs`:\n - `cv_settings`\n - `dns_settings`\n - `ntp_settings`\n - `sflow_settings`\n\n`oob` means the protocols will be configured with the VRF set by `mgmt_interface_vrf` and `mgmt_interface` as the source interface.\n`inband` means the protocols will be configured with the VRF set by `inband_mgmt_vrf` and `inband_mgmt_interface` as the source interface.\n`none` means the VRF and or interface must be manually set for each protocol.\nThis can be overridden under the settings for each protocol.\n",
+ "description": "`default_mgmt_method` controls the default VRF and source interface used for the following management and monitoring protocols configured with `eos_designs`:\n - `ntp_settings`\n - `sflow_settings`\n\n`oob` means the protocols will be configured with the VRF set by `mgmt_interface_vrf` and `mgmt_interface` as the source interface.\n`inband` means the protocols will be configured with the VRF set by `inband_mgmt_vrf` and `inband_mgmt_interface` as the source interface.\n`none` means the VRF and or interface must be manually set for each protocol.\nThis can be overridden under the settings for each protocol.\n",
"enum": [
"oob",
"inband",
@@ -6402,7 +6402,7 @@
},
"evpn_multicast": {
"type": "boolean",
- "description": "General Configuration required for EVPN Multicast. \"evpn_l2_multicast\" or \"evpn_l3_multicast\" must also be configured under the Network Services (tenants).\nRequires \"underlay_multicast: true\" and IGMP snooping enabled globally (default).\nFor MLAG devices Route Distinguisher must be unique since this feature will create multi-vtep configuration.\nWarning !!! For Trident3 based platforms i.e 7050X3, 7300X3, 720XP and 722XP\n The Following default platform setting will be configured: \"platform trident forwarding-table partition flexible exact-match 16384 l2-shared 98304 l3-shared 131072\"\n All forwarding agents will be restarted when this configuration is applied.\n You can tune the settings by overriding the default variable: \"platform_settings[platforms].trident_forwarding_table_partition:\"\n Please contact an Arista representative for help with determining the appropriate values for your environment.\n",
+ "description": "General Configuration required for EVPN Multicast. \"evpn_l2_multicast\" or \"evpn_l3_multicast\" must also be configured under the Network Services (tenants).\nRequires \"underlay_multicast: true\" and IGMP snooping enabled globally (default).\nFor MLAG devices Route Distinguisher must be unique since this feature will create multi-vtep configuration.\nWarning !!! For Trident3 based platforms i.e 7050X3, 7300X3, 720XP.\n The Following default platform setting will be configured on 7050X3 and 7300X3: \"platform trident forwarding-table partition flexible exact-match 16384 l2-shared 98304 l3-shared 131072\"\n The Following default platform setting will be configured on 720XP: \"flexible exact-match 16000 l2-shared 18000 l3-shared 22000\"\n All forwarding agents will be restarted when this configuration is applied.\n You can tune the settings by overriding the default variable: \"platform_settings[platforms].trident_forwarding_table_partition:\"\n Please contact an Arista representative for help with determining the appropriate values for your environment.\n",
"default": false,
"title": "EVPN Multicast"
},
@@ -39962,6 +39962,36 @@
},
"title": "EVPN Multicast Address Family"
},
+ "evpn_multicast_gateway_dr_election": {
+ "type": "object",
+ "properties": {
+ "algorithm": {
+ "type": "string",
+ "description": "DR election algorithms:\n hrw: Default selection based on highest random weight.\n modulus: Selection based on VLAN ID modulo number of candidates.\n preference: Selection based on a configured preference value.",
+ "enum": [
+ "hrw",
+ "modulus",
+ "preference"
+ ],
+ "title": "Algorithm"
+ },
+ "preference_value": {
+ "type": "integer",
+ "description": "Required when `algorithm` is `preference`.",
+ "minimum": 0,
+ "maximum": 65535,
+ "title": "Preference Value"
+ }
+ },
+ "required": [
+ "algorithm"
+ ],
+ "additionalProperties": false,
+ "patternProperties": {
+ "^_.+$": {}
+ },
+ "title": "EVPN Multicast Gateway DR Election"
+ },
"default_route_exports": {
"type": "array",
"description": "Enable default-originate per VRF/address-family.",
@@ -49491,7 +49521,7 @@
"mlag": 300,
"non_mlag": 330
},
- "trident_forwarding_table_partition": "flexible exact-match 16384 l2-shared 98304 l3-shared 131072"
+ "trident_forwarding_table_partition": "flexible exact-match 16000 l2-shared 18000 l3-shared 22000"
},
{
"platforms": [
diff --git a/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml b/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml
index 19b1803bd43..561b8f84f37 100644
--- a/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml
+++ b/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml
@@ -972,12 +972,12 @@ keys:
type: str
description: "`default_mgmt_method` controls the default VRF and source interface
used for the following management and monitoring protocols configured with `eos_designs`:\n
- \ - `cv_settings`\n - `dns_settings`\n - `ntp_settings`\n - `sflow_settings`\n\n`oob`
- means the protocols will be configured with the VRF set by `mgmt_interface_vrf`
- and `mgmt_interface` as the source interface.\n`inband` means the protocols
- will be configured with the VRF set by `inband_mgmt_vrf` and `inband_mgmt_interface`
- as the source interface.\n`none` means the VRF and or interface must be manually
- set for each protocol.\nThis can be overridden under the settings for each protocol.\n"
+ \ - `ntp_settings`\n - `sflow_settings`\n\n`oob` means the protocols will be
+ configured with the VRF set by `mgmt_interface_vrf` and `mgmt_interface` as
+ the source interface.\n`inband` means the protocols will be configured with
+ the VRF set by `inband_mgmt_vrf` and `inband_mgmt_interface` as the source interface.\n`none`
+ means the VRF and or interface must be manually set for each protocol.\nThis
+ can be overridden under the settings for each protocol.\n"
valid_values:
- oob
- inband
@@ -1159,11 +1159,13 @@ keys:
(tenants).\nRequires \"underlay_multicast: true\" and IGMP snooping enabled
globally (default).\nFor MLAG devices Route Distinguisher must be unique since
this feature will create multi-vtep configuration.\nWarning !!! For Trident3
- based platforms i.e 7050X3, 7300X3, 720XP and 722XP\n The Following default
- platform setting will be configured: \"platform trident forwarding-table partition
- flexible exact-match 16384 l2-shared 98304 l3-shared 131072\"\n All forwarding
- agents will be restarted when this configuration is applied.\n You can tune
- the settings by overriding the default variable: \"platform_settings[platforms].trident_forwarding_table_partition:\"\n
+ based platforms i.e 7050X3, 7300X3, 720XP.\n The Following default platform
+ setting will be configured on 7050X3 and 7300X3: \"platform trident forwarding-table
+ partition flexible exact-match 16384 l2-shared 98304 l3-shared 131072\"\n The
+ Following default platform setting will be configured on 720XP: \"flexible exact-match
+ 16000 l2-shared 18000 l3-shared 22000\"\n All forwarding agents will be restarted
+ when this configuration is applied.\n You can tune the settings by overriding
+ the default variable: \"platform_settings[platforms].trident_forwarding_table_partition:\"\n
\ Please contact an Arista representative for help with determining the appropriate
values for your environment.\n"
default: false
@@ -2970,8 +2972,8 @@ keys:
reload_delay:
mlag: 300
non_mlag: 330
- trident_forwarding_table_partition: flexible exact-match 16384 l2-shared 98304
- l3-shared 131072
+ trident_forwarding_table_partition: flexible exact-match 16000 l2-shared 18000
+ l3-shared 22000
- platforms:
- '750'
- '755'
diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/default_mgmt_method.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/default_mgmt_method.schema.yml
index ade6d33ce1b..f4822bb273f 100644
--- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/default_mgmt_method.schema.yml
+++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/default_mgmt_method.schema.yml
@@ -12,8 +12,6 @@ keys:
type: str
description: |
`default_mgmt_method` controls the default VRF and source interface used for the following management and monitoring protocols configured with `eos_designs`:
- - `cv_settings`
- - `dns_settings`
- `ntp_settings`
- `sflow_settings`
diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/evpn_multicast.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/evpn_multicast.schema.yml
index b081dba1887..7dae7964a2a 100644
--- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/evpn_multicast.schema.yml
+++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/evpn_multicast.schema.yml
@@ -14,8 +14,9 @@ keys:
General Configuration required for EVPN Multicast. "evpn_l2_multicast" or "evpn_l3_multicast" must also be configured under the Network Services (tenants).
Requires "underlay_multicast: true" and IGMP snooping enabled globally (default).
For MLAG devices Route Distinguisher must be unique since this feature will create multi-vtep configuration.
- Warning !!! For Trident3 based platforms i.e 7050X3, 7300X3, 720XP and 722XP
- The Following default platform setting will be configured: "platform trident forwarding-table partition flexible exact-match 16384 l2-shared 98304 l3-shared 131072"
+ Warning !!! For Trident3 based platforms i.e 7050X3, 7300X3, 720XP.
+ The Following default platform setting will be configured on 7050X3 and 7300X3: "platform trident forwarding-table partition flexible exact-match 16384 l2-shared 98304 l3-shared 131072"
+ The Following default platform setting will be configured on 720XP: "flexible exact-match 16000 l2-shared 18000 l3-shared 22000"
All forwarding agents will be restarted when this configuration is applied.
You can tune the settings by overriding the default variable: "platform_settings[platforms].trident_forwarding_table_partition:"
Please contact an Arista representative for help with determining the appropriate values for your environment.
diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/platform_settings.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/platform_settings.schema.yml
index 8d779c31740..975a64d376a 100644
--- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/platform_settings.schema.yml
+++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/platform_settings.schema.yml
@@ -136,7 +136,7 @@ keys:
reload_delay:
mlag: 300
non_mlag: 330
- trident_forwarding_table_partition: flexible exact-match 16384 l2-shared 98304 l3-shared 131072
+ trident_forwarding_table_partition: flexible exact-match 16000 l2-shared 18000 l3-shared 22000
- platforms:
- '750'
- '755'
diff --git a/python-avd/pyavd/_eos_designs/shared_utils/platform.py b/python-avd/pyavd/_eos_designs/shared_utils/platform.py
index 8b42342f690..2351392dd26 100644
--- a/python-avd/pyavd/_eos_designs/shared_utils/platform.py
+++ b/python-avd/pyavd/_eos_designs/shared_utils/platform.py
@@ -37,7 +37,7 @@
},
{
"platforms": ["720XP"],
- "trident_forwarding_table_partition": "flexible exact-match 16384 l2-shared 98304 l3-shared 131072",
+ "trident_forwarding_table_partition": "flexible exact-match 16000 l2-shared 18000 l3-shared 22000",
"reload_delay": {
"mlag": 300,
"non_mlag": 330,
diff --git a/python-avd/pyavd/_utils/password_utils/password_utils.py b/python-avd/pyavd/_utils/password_utils/password_utils.py
index 70c261f1057..b6c6e074b97 100644
--- a/python-avd/pyavd/_utils/password_utils/password_utils.py
+++ b/python-avd/pyavd/_utils/password_utils/password_utils.py
@@ -12,7 +12,13 @@
import base64
from cryptography.hazmat.backends import default_backend
-from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
+from cryptography.hazmat.primitives.ciphers import Cipher, modes
+
+# Starting cyryptography 43.0.0, TripleDES cipher has been moved to cryptography.hazmat.decrepit module
+try:
+ from cryptography.hazmat.decrepit.ciphers.algorithms import TripleDES
+except ImportError:
+ from cryptography.hazmat.primitives.ciphers.algorithms import TripleDES
SEED = b"\xd5\xa8\xc9\x1e\xf5\xd5\x8a\x23"
@@ -186,7 +192,7 @@ def cbc_encrypt(key: bytes, data: bytes) -> bytes:
ciphertext = ENC_SIG + bytes([padding * 16 + 0xE]) + data + bytes(padding)
# Accepting SonarLint issue: The insecure algorithm is ok since this simply matches the algorithm of EOS.
- cipher = Cipher(algorithms.TripleDES(hashed_key), modes.CBC(bytes(8)), default_backend()) # NOSONAR
+ cipher = Cipher(TripleDES(hashed_key), modes.CBC(bytes(8)), default_backend()) # NOSONAR
encryptor = cipher.encryptor()
result = encryptor.update(ciphertext)
encryptor.finalize()
@@ -213,7 +219,7 @@ def cbc_decrypt(key: bytes, data: bytes) -> bytes:
hashed_key = hashkey(key)
# Accepting SonarLint issue: Insecure algorithm is ok since this is simply matching the algorithm of EOS.
- cipher = Cipher(algorithms.TripleDES(hashed_key), modes.CBC(bytes(8)), default_backend()) # NOSONAR
+ cipher = Cipher(TripleDES(hashed_key), modes.CBC(bytes(8)), default_backend()) # NOSONAR
decryptor = cipher.decryptor()
result = decryptor.update(data)
decryptor.finalize()