diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-edge-no-default-policy.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-edge-no-default-policy.cfg
index d825fdb921c..3fdcb4e9db9 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-edge-no-default-policy.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-edge-no-default-policy.cfg
@@ -22,17 +22,27 @@ router path-selection
load-balance policy LB-CONTROL-PLANE-PROFILE
path-group INET
!
- load-balance policy LB-DEFAULT-AVT-POLICY-DEFAULT
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
path-group INET
!
- policy DEFAULT-AVT-POLICY-WITH-CP
+ policy DEFAULT-POLICY
default-match
- load-balance LB-DEFAULT-AVT-POLICY-DEFAULT
+ load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
+ policy DEFAULT-POLICY-WITH-CP
+ default-match
+ load-balance LB-DEFAULT-POLICY-DEFAULT
10 application-profile CONTROL-PLANE-APPLICATION-PROFILE
load-balance LB-CONTROL-PLANE-PROFILE
!
vrf default
- path-selection-policy DEFAULT-AVT-POLICY-WITH-CP
+ path-selection-policy DEFAULT-POLICY-WITH-CP
+ !
+ vrf IT
+ path-selection-policy DEFAULT-POLICY
+ !
+ vrf PROD
+ path-selection-policy DEFAULT-POLICY
!
spanning-tree mode none
!
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-custom-default-policy.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-custom-default-policy.cfg
new file mode 100644
index 00000000000..7e0eeffc1a7
--- /dev/null
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-custom-default-policy.cfg
@@ -0,0 +1,313 @@
+!RANCID-CONTENT-TYPE: arista
+!
+flow tracking hardware
+ tracker WAN-FLOW-TRACKER
+ record export on inactive timeout 70000
+ record export on interval 5000
+ exporter DPI-EXPORTER
+ collector 127.0.0.1
+ local interface Loopback0
+ template interval 5000
+ no shutdown
+!
+service routing protocols model multi-agent
+!
+hostname cv-pathfinder-edge-custom-default-policy
+!
+router adaptive-virtual-topology
+ topology role edge
+ region AVD_Land_West id 42
+ zone DEFAULT-ZONE id 1
+ site Site1 id 1
+ !
+ policy DEFAULT-POLICY
+ !
+ match application-profile VIDEO
+ avt profile DEFAULT-POLICY-VIDEO
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
+ policy DEFAULT-POLICY-WITH-CP
+ !
+ match application-profile CONTROL-PLANE-APPLICATION-PROFILE
+ avt profile CONTROL-PLANE-PROFILE
+ !
+ match application-profile VIDEO
+ avt profile DEFAULT-POLICY-VIDEO
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
+ profile CONTROL-PLANE-PROFILE
+ path-selection load-balance LB-CONTROL-PLANE-PROFILE
+ !
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
+ profile DEFAULT-POLICY-VIDEO
+ path-selection load-balance LB-DEFAULT-POLICY-VIDEO
+ !
+ profile DEFAULT-POLICY-WITH-CP-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-WITH-CP-DEFAULT
+ !
+ profile DEFAULT-POLICY-WITH-CP-VIDEO
+ path-selection load-balance LB-DEFAULT-POLICY-WITH-CP-VIDEO
+ !
+ vrf default
+ avt policy DEFAULT-POLICY-WITH-CP
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ avt profile DEFAULT-POLICY-VIDEO id 3
+ avt profile CONTROL-PLANE-PROFILE id 254
+ !
+ vrf PROD
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ avt profile DEFAULT-POLICY-VIDEO id 3
+!
+router path-selection
+ tcp mss ceiling ipv4 ingress
+ !
+ path-group INET id 101
+ ipsec profile CP-PROFILE
+ !
+ local interface Ethernet1
+ stun server-profile INET-cv-pathfinder-pathfinder-Ethernet1 INET-cv-pathfinder-pathfinder-Ethernet3
+ !
+ peer dynamic
+ !
+ peer static router-ip 192.168.144.1
+ name cv-pathfinder-pathfinder
+ ipv4 address 10.7.7.7
+ ipv4 address 10.9.9.9
+ !
+ path-group LTE id 102
+ ipsec profile CP-PROFILE
+ !
+ local interface Ethernet3
+ !
+ peer dynamic
+ !
+ path-group MPLS id 100
+ !
+ local interface Ethernet2
+ stun server-profile MPLS-cv-pathfinder-pathfinder-Ethernet2
+ !
+ peer dynamic
+ !
+ peer static router-ip 192.168.144.1
+ name cv-pathfinder-pathfinder
+ ipv4 address 172.16.0.1
+ !
+ load-balance policy LB-CONTROL-PLANE-PROFILE
+ path-group INET
+ path-group MPLS
+ !
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group INET
+ path-group LTE priority 42
+ !
+ load-balance policy LB-DEFAULT-POLICY-VIDEO
+ path-group INET
+ path-group MPLS
+!
+spanning-tree mode none
+!
+no enable password
+no aaa root
+!
+vrf instance IT
+!
+vrf instance MGMT
+!
+vrf instance PROD
+!
+ip security
+ !
+ ike policy CP-IKE-POLICY
+ local-id 192.168.255.1
+ !
+ sa policy DP-SA-POLICY
+ esp encryption aes128
+ pfs dh-group 14
+ !
+ sa policy CP-SA-POLICY
+ esp encryption aes128
+ pfs dh-group 14
+ !
+ profile DP-PROFILE
+ sa-policy DP-SA-POLICY
+ connection start
+ shared-key 7 ABCDEF1234567890666
+ dpd 10 50 clear
+ mode transport
+ !
+ profile CP-PROFILE
+ ike-policy CP-IKE-POLICY
+ sa-policy CP-SA-POLICY
+ connection start
+ shared-key 7 ABCDEF1234567890
+ dpd 10 50 clear
+ mode transport
+ !
+ key controller
+ profile DP-PROFILE
+!
+interface Dps1
+ description DPS Interface
+ mtu 9214
+ flow tracker hardware WAN-FLOW-TRACKER
+ ip address 192.168.255.1/32
+!
+interface Ethernet1
+ no shutdown
+ no switchport
+ flow tracker hardware WAN-FLOW-TRACKER
+ ip address dhcp
+ dhcp client accept default-route
+!
+interface Ethernet2
+ no shutdown
+ no switchport
+ flow tracker hardware WAN-FLOW-TRACKER
+ ip address 172.15.5.5/31
+!
+interface Ethernet3
+ no shutdown
+ no switchport
+ flow tracker hardware WAN-FLOW-TRACKER
+ ip address 172.20.20.20/31
+!
+interface Loopback0
+ description Router_ID
+ no shutdown
+ ip address 192.168.42.1/32
+!
+interface Vxlan1
+ description cv-pathfinder-edge-custom-default-policy_VTEP
+ vxlan source-interface Dps1
+ vxlan udp-port 4789
+ vxlan vrf default vni 1
+ vxlan vrf IT vni 100
+ vxlan vrf PROD vni 42
+!
+application traffic recognition
+ !
+ application ipv4 CONTROL-PLANE-APPLICATION
+ destination prefix field-set CONTROL-PLANE-APP-DEST-PREFIXES
+ !
+ application-profile CONTROL-PLANE-APPLICATION-PROFILE
+ application CONTROL-PLANE-APPLICATION
+ !
+ application-profile VIDEO
+ application CUSTOM-APPLICATION-1
+ application skype
+ !
+ field-set ipv4 prefix CONTROL-PLANE-APP-DEST-PREFIXES
+ 192.168.144.1/32
+!
+ip routing
+ip routing vrf IT
+no ip routing vrf MGMT
+ip routing vrf PROD
+!
+ip extcommunity-list ECL-EVPN-SOO permit soo 192.168.42.1:1
+!
+ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+ seq 10 permit 192.168.42.0/24 eq 32
+!
+route-map RM-CONN-2-BGP permit 10
+ match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+ set extcommunity soo 192.168.42.1:1 additive
+!
+route-map RM-EVPN-EXPORT-VRF-DEFAULT permit 10
+ match extcommunity ECL-EVPN-SOO
+!
+route-map RM-EVPN-SOO-IN deny 10
+ match extcommunity ECL-EVPN-SOO
+!
+route-map RM-EVPN-SOO-IN permit 20
+!
+route-map RM-EVPN-SOO-OUT permit 10
+ set extcommunity soo 192.168.42.1:1 additive
+!
+router bfd
+ multihop interval 300 min-rx 300 multiplier 3
+!
+router bgp 65000
+ router-id 192.168.42.1
+ maximum-paths 16
+ update wait-install
+ no bgp default ipv4-unicast
+ neighbor WAN-OVERLAY-PEERS peer group
+ neighbor WAN-OVERLAY-PEERS remote-as 65000
+ neighbor WAN-OVERLAY-PEERS update-source Dps1
+ neighbor WAN-OVERLAY-PEERS bfd
+ neighbor WAN-OVERLAY-PEERS bfd interval 1000 min-rx 1000 multiplier 10
+ neighbor WAN-OVERLAY-PEERS ttl maximum-hops 42
+ neighbor WAN-OVERLAY-PEERS password 7 htm4AZe9mIQOO1uiMuGgYQ==
+ neighbor WAN-OVERLAY-PEERS send-community
+ neighbor WAN-OVERLAY-PEERS maximum-routes 0
+ neighbor 192.168.144.1 peer group WAN-OVERLAY-PEERS
+ neighbor 192.168.144.1 description cv-pathfinder-pathfinder
+ redistribute connected route-map RM-CONN-2-BGP
+ !
+ address-family evpn
+ neighbor WAN-OVERLAY-PEERS route-map RM-EVPN-SOO-IN in
+ neighbor WAN-OVERLAY-PEERS route-map RM-EVPN-SOO-OUT out
+ neighbor WAN-OVERLAY-PEERS activate
+ !
+ address-family ipv4
+ no neighbor WAN-OVERLAY-PEERS activate
+ !
+ address-family ipv4 sr-te
+ neighbor WAN-OVERLAY-PEERS activate
+ !
+ address-family link-state
+ neighbor WAN-OVERLAY-PEERS activate
+ path-selection
+ !
+ address-family path-selection
+ bgp additional-paths receive
+ bgp additional-paths send any
+ neighbor WAN-OVERLAY-PEERS activate
+ !
+ vrf default
+ rd 192.168.42.1:1
+ route-target import evpn 1:1
+ route-target export evpn 1:1
+ route-target export evpn route-map RM-EVPN-EXPORT-VRF-DEFAULT
+ !
+ vrf IT
+ rd 192.168.42.1:100
+ route-target import evpn 100:100
+ route-target export evpn 100:100
+ router-id 192.168.42.1
+ redistribute connected
+ !
+ vrf PROD
+ rd 192.168.42.1:42
+ route-target import evpn 42:42
+ route-target export evpn 42:42
+ router-id 192.168.42.1
+ redistribute connected
+!
+router traffic-engineering
+!
+management api http-commands
+ protocol https
+ no shutdown
+ !
+ vrf MGMT
+ no shutdown
+!
+stun
+ client
+ server-profile INET-cv-pathfinder-pathfinder-Ethernet1
+ ip address 10.7.7.7
+ server-profile INET-cv-pathfinder-pathfinder-Ethernet3
+ ip address 10.9.9.9
+ server-profile MPLS-cv-pathfinder-pathfinder-Ethernet2
+ ip address 172.16.0.1
+!
+end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-no-common-path-group.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-no-common-path-group.cfg
index 6158d0b6fea..926d51313a3 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-no-common-path-group.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-no-common-path-group.cfg
@@ -41,6 +41,11 @@ router adaptive-virtual-topology
match application-profile default
avt profile DEFAULT-AVT-POLICY-DEFAULT
!
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
policy PROD-AVT-POLICY
!
match application-profile VOICE
@@ -61,6 +66,15 @@ router adaptive-virtual-topology
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ path-selection load-balance LB-DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ !
+ profile DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ path-selection load-balance LB-DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ !
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -70,6 +84,10 @@ router adaptive-virtual-topology
profile PROD-AVT-POLICY-VOICE
path-selection load-balance LB-PROD-AVT-POLICY-VOICE
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ !
vrf default
avt policy DEFAULT-AVT-POLICY-WITH-CP
avt profile DEFAULT-AVT-POLICY-DEFAULT id 1
@@ -104,6 +122,9 @@ router path-selection
!
load-balance policy LB-DEFAULT-AVT-POLICY-VIDEO
!
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group Satellite
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
!
load-balance policy LB-PROD-AVT-POLICY-VIDEO
@@ -346,7 +367,7 @@ router bgp 65000
route-target import evpn 666:666
route-target export evpn 666:666
router-id 192.168.42.2
- neighbor 172.17.0.2 remote-as 65000
+ neighbor 172.17.0.2 remote-as 65199
neighbor 172.17.0.2 peer group IPv4-UNDERLAY-PEERS
neighbor 172.17.0.2 description site-ha-disabled-leaf_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
redistribute connected
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-no-default-policy.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-no-default-policy.cfg
index b5acaaff67c..45ae7fda31c 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-no-default-policy.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-no-default-policy.cfg
@@ -20,24 +20,40 @@ router adaptive-virtual-topology
zone DEFAULT-ZONE id 1
site Site511 id 511
!
- policy DEFAULT-AVT-POLICY-WITH-CP
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
+ policy DEFAULT-POLICY-WITH-CP
!
match application-profile CONTROL-PLANE-APPLICATION-PROFILE
avt profile CONTROL-PLANE-PROFILE
!
match application-profile default
- avt profile DEFAULT-AVT-POLICY-DEFAULT
+ avt profile DEFAULT-POLICY-DEFAULT
!
profile CONTROL-PLANE-PROFILE
path-selection load-balance LB-CONTROL-PLANE-PROFILE
!
- profile DEFAULT-AVT-POLICY-DEFAULT
- path-selection load-balance LB-DEFAULT-AVT-POLICY-DEFAULT
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
+ profile DEFAULT-POLICY-WITH-CP-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-WITH-CP-DEFAULT
!
vrf default
- avt policy DEFAULT-AVT-POLICY-WITH-CP
- avt profile DEFAULT-AVT-POLICY-DEFAULT id 1
+ avt policy DEFAULT-POLICY-WITH-CP
+ avt profile DEFAULT-POLICY-DEFAULT id 1
avt profile CONTROL-PLANE-PROFILE id 254
+ !
+ vrf IT
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ !
+ vrf PROD
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
!
router path-selection
tcp mss ceiling ipv4 ingress
@@ -77,7 +93,7 @@ router path-selection
path-group INET
path-group MPLS
!
- load-balance policy LB-DEFAULT-AVT-POLICY-DEFAULT
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
path-group INET
path-group LTE
path-group MPLS
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge.cfg
index 418dfd971af..6cb722586d9 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge.cfg
@@ -41,6 +41,11 @@ router adaptive-virtual-topology
match application-profile default
avt profile DEFAULT-AVT-POLICY-DEFAULT
!
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
policy PROD-AVT-POLICY
!
match application-profile VOICE
@@ -61,6 +66,15 @@ router adaptive-virtual-topology
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ path-selection load-balance LB-DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ !
+ profile DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ path-selection load-balance LB-DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ !
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -70,6 +84,10 @@ router adaptive-virtual-topology
profile PROD-AVT-POLICY-VOICE
path-selection load-balance LB-PROD-AVT-POLICY-VOICE
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ !
vrf default
avt policy DEFAULT-AVT-POLICY-WITH-CP
avt profile DEFAULT-AVT-POLICY-DEFAULT id 1
@@ -133,6 +151,11 @@ router path-selection
path-group INET
path-group MPLS
!
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group INET
+ path-group LTE
+ path-group MPLS
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group MPLS priority 2
@@ -410,7 +433,7 @@ router bgp 65000
route-target import evpn 666:666
route-target export evpn 666:666
router-id 192.168.42.1
- neighbor 172.17.0.0 remote-as 65000
+ neighbor 172.17.0.0 remote-as 65199
neighbor 172.17.0.0 peer group IPv4-UNDERLAY-PEERS
neighbor 172.17.0.0 description site-ha-disabled-leaf_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
redistribute connected
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2A.cfg
index 246d3315fcd..0668bcb6263 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2A.cfg
@@ -41,6 +41,11 @@ router adaptive-virtual-topology
match application-profile default
avt profile DEFAULT-AVT-POLICY-DEFAULT
!
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
policy PROD-AVT-POLICY
!
match application-profile VOICE
@@ -61,6 +66,15 @@ router adaptive-virtual-topology
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ path-selection load-balance LB-DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ !
+ profile DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ path-selection load-balance LB-DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ !
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -70,6 +84,10 @@ router adaptive-virtual-topology
profile PROD-AVT-POLICY-VOICE
path-selection load-balance LB-PROD-AVT-POLICY-VOICE
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ !
vrf default
avt policy DEFAULT-AVT-POLICY-WITH-CP
avt profile DEFAULT-AVT-POLICY-DEFAULT id 1
@@ -128,6 +146,10 @@ router path-selection
path-group INET
path-group LAN_HA
!
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group INET
+ path-group LAN_HA
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -147,6 +169,8 @@ spanning-tree mode none
no enable password
no aaa root
!
+vrf instance ATTRACTED-VRF-FROM-UPLINK
+!
vrf instance IT
!
vrf instance MGMT
@@ -209,19 +233,27 @@ interface Ethernet52
flow tracker hardware WAN-FLOW-TRACKER
ip address 172.17.0.5/31
!
-interface Ethernet52.42
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.42_vrf_PROD
+interface Ethernet52.142
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.5/31
!
-interface Ethernet52.100
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.100_vrf_IT
+interface Ethernet52.666
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.5/31
+!
+interface Ethernet52.1000
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.1000_vrf_IT
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.5/31
!
@@ -233,19 +265,27 @@ interface Ethernet53
flow tracker hardware WAN-FLOW-TRACKER
ip address 172.17.0.7/31
!
-interface Ethernet53.42
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.42_vrf_PROD
+interface Ethernet53.142
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.7/31
!
-interface Ethernet53.100
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.100_vrf_IT
+interface Ethernet53.666
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.7/31
+!
+interface Ethernet53.1000
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.1000_vrf_IT
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.7/31
!
@@ -258,6 +298,7 @@ interface Vxlan1
description cv-pathfinder-edge2A_VTEP
vxlan source-interface Dps1
vxlan udp-port 4789
+ vxlan vrf ATTRACTED-VRF-FROM-UPLINK vni 166
vxlan vrf default vni 1
vxlan vrf IT vni 100
vxlan vrf PROD vni 42
@@ -306,6 +347,7 @@ application traffic recognition
42
!
ip routing
+ip routing vrf ATTRACTED-VRF-FROM-UPLINK
ip routing vrf IT
no ip routing vrf MGMT
ip routing vrf PROD
@@ -425,6 +467,19 @@ router bgp 65000
bgp additional-paths send any
neighbor WAN-OVERLAY-PEERS activate
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ rd 192.168.42.2:666
+ route-target import evpn 666:666
+ route-target export evpn 666:666
+ router-id 192.168.42.2
+ neighbor 172.17.0.4 remote-as 65199
+ neighbor 172.17.0.4 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.4 description site-ha-enabled-leaf2A_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ neighbor 172.17.0.6 remote-as 65199
+ neighbor 172.17.0.6 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.6 description site-ha-enabled-leaf2B_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ redistribute connected
+ !
vrf default
rd 192.168.42.2:1
route-target import evpn 1:1
@@ -432,29 +487,29 @@ router bgp 65000
route-target export evpn route-map RM-EVPN-EXPORT-VRF-DEFAULT
!
vrf IT
- rd 192.168.42.2:100
- route-target import evpn 100:100
- route-target export evpn 100:100
+ rd 192.168.42.2:1000
+ route-target import evpn 1000:1000
+ route-target export evpn 1000:1000
router-id 192.168.42.2
neighbor 172.17.0.4 remote-as 65199
neighbor 172.17.0.4 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.4 description site-ha-enabled-leaf2A_Ethernet1.100_vrf_IT
+ neighbor 172.17.0.4 description site-ha-enabled-leaf2A_Ethernet1.1000_vrf_IT
neighbor 172.17.0.6 remote-as 65199
neighbor 172.17.0.6 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.6 description site-ha-enabled-leaf2B_Ethernet1.100_vrf_IT
+ neighbor 172.17.0.6 description site-ha-enabled-leaf2B_Ethernet1.1000_vrf_IT
redistribute connected
!
vrf PROD
- rd 192.168.42.2:42
- route-target import evpn 42:42
- route-target export evpn 42:42
+ rd 192.168.42.2:142
+ route-target import evpn 142:142
+ route-target export evpn 142:142
router-id 192.168.42.2
neighbor 172.17.0.4 remote-as 65199
neighbor 172.17.0.4 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.4 description site-ha-enabled-leaf2A_Ethernet1.42_vrf_PROD
+ neighbor 172.17.0.4 description site-ha-enabled-leaf2A_Ethernet1.142_vrf_PROD
neighbor 172.17.0.6 remote-as 65199
neighbor 172.17.0.6 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.6 description site-ha-enabled-leaf2B_Ethernet1.42_vrf_PROD
+ neighbor 172.17.0.6 description site-ha-enabled-leaf2B_Ethernet1.142_vrf_PROD
redistribute connected
!
router traffic-engineering
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2B.cfg
index 36b51213649..48b2ca671c7 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2B.cfg
@@ -41,6 +41,11 @@ router adaptive-virtual-topology
match application-profile default
avt profile DEFAULT-AVT-POLICY-DEFAULT
!
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
policy PROD-AVT-POLICY
!
match application-profile VOICE
@@ -61,6 +66,15 @@ router adaptive-virtual-topology
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ path-selection load-balance LB-DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ !
+ profile DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ path-selection load-balance LB-DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ !
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -70,6 +84,10 @@ router adaptive-virtual-topology
profile PROD-AVT-POLICY-VOICE
path-selection load-balance LB-PROD-AVT-POLICY-VOICE
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ !
vrf default
avt policy DEFAULT-AVT-POLICY-WITH-CP
avt profile DEFAULT-AVT-POLICY-DEFAULT id 1
@@ -126,6 +144,10 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group LAN_HA
+ path-group MPLS
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group LAN_HA
path-group MPLS priority 2
@@ -145,6 +167,8 @@ spanning-tree mode none
no enable password
no aaa root
!
+vrf instance ATTRACTED-VRF-FROM-UPLINK
+!
vrf instance IT
!
vrf instance MGMT
@@ -206,19 +230,27 @@ interface Ethernet52
flow tracker hardware WAN-FLOW-TRACKER
ip address 172.17.0.9/31
!
-interface Ethernet52.42
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.42_vrf_PROD
+interface Ethernet52.142
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.9/31
!
-interface Ethernet52.100
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.100_vrf_IT
+interface Ethernet52.666
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.9/31
+!
+interface Ethernet52.1000
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.1000_vrf_IT
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.9/31
!
@@ -230,19 +262,27 @@ interface Ethernet53
flow tracker hardware WAN-FLOW-TRACKER
ip address 172.17.0.11/31
!
-interface Ethernet53.42
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.42_vrf_PROD
+interface Ethernet53.142
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.11/31
!
-interface Ethernet53.100
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.100_vrf_IT
+interface Ethernet53.666
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.11/31
+!
+interface Ethernet53.1000
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.1000_vrf_IT
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.11/31
!
@@ -255,6 +295,7 @@ interface Vxlan1
description cv-pathfinder-edge2B_VTEP
vxlan source-interface Dps1
vxlan udp-port 4789
+ vxlan vrf ATTRACTED-VRF-FROM-UPLINK vni 166
vxlan vrf default vni 1
vxlan vrf IT vni 100
vxlan vrf PROD vni 42
@@ -303,6 +344,7 @@ application traffic recognition
42
!
ip routing
+ip routing vrf ATTRACTED-VRF-FROM-UPLINK
ip routing vrf IT
no ip routing vrf MGMT
ip routing vrf PROD
@@ -422,6 +464,19 @@ router bgp 65000
bgp additional-paths send any
neighbor WAN-OVERLAY-PEERS activate
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ rd 192.168.42.3:666
+ route-target import evpn 666:666
+ route-target export evpn 666:666
+ router-id 192.168.42.3
+ neighbor 172.17.0.8 remote-as 65199
+ neighbor 172.17.0.8 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.8 description site-ha-enabled-leaf2A_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ neighbor 172.17.0.10 remote-as 65199
+ neighbor 172.17.0.10 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.10 description site-ha-enabled-leaf2B_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ redistribute connected
+ !
vrf default
rd 192.168.42.3:1
route-target import evpn 1:1
@@ -429,29 +484,29 @@ router bgp 65000
route-target export evpn route-map RM-EVPN-EXPORT-VRF-DEFAULT
!
vrf IT
- rd 192.168.42.3:100
- route-target import evpn 100:100
- route-target export evpn 100:100
+ rd 192.168.42.3:1000
+ route-target import evpn 1000:1000
+ route-target export evpn 1000:1000
router-id 192.168.42.3
neighbor 172.17.0.8 remote-as 65199
neighbor 172.17.0.8 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.8 description site-ha-enabled-leaf2A_Ethernet2.100_vrf_IT
+ neighbor 172.17.0.8 description site-ha-enabled-leaf2A_Ethernet2.1000_vrf_IT
neighbor 172.17.0.10 remote-as 65199
neighbor 172.17.0.10 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.10 description site-ha-enabled-leaf2B_Ethernet2.100_vrf_IT
+ neighbor 172.17.0.10 description site-ha-enabled-leaf2B_Ethernet2.1000_vrf_IT
redistribute connected
!
vrf PROD
- rd 192.168.42.3:42
- route-target import evpn 42:42
- route-target export evpn 42:42
+ rd 192.168.42.3:142
+ route-target import evpn 142:142
+ route-target export evpn 142:142
router-id 192.168.42.3
neighbor 172.17.0.8 remote-as 65199
neighbor 172.17.0.8 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.8 description site-ha-enabled-leaf2A_Ethernet2.42_vrf_PROD
+ neighbor 172.17.0.8 description site-ha-enabled-leaf2A_Ethernet2.142_vrf_PROD
neighbor 172.17.0.10 remote-as 65199
neighbor 172.17.0.10 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.10 description site-ha-enabled-leaf2B_Ethernet2.42_vrf_PROD
+ neighbor 172.17.0.10 description site-ha-enabled-leaf2B_Ethernet2.142_vrf_PROD
redistribute connected
!
router traffic-engineering
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder.cfg
index e570e7a4064..0052572db92 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder.cfg
@@ -36,6 +36,11 @@ router adaptive-virtual-topology
match application-profile default
avt profile DEFAULT-AVT-POLICY-DEFAULT
!
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
policy PROD-AVT-POLICY
!
match application-profile VOICE
@@ -64,6 +69,15 @@ router adaptive-virtual-topology
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ path-selection load-balance LB-DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ !
+ profile DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ path-selection load-balance LB-DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ !
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -79,6 +93,10 @@ router adaptive-virtual-topology
profile TRANSIT-AVT-POLICY-VOICE
path-selection load-balance LB-TRANSIT-AVT-POLICY-VOICE
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ !
vrf default
avt policy DEFAULT-AVT-POLICY-WITH-CP
avt profile DEFAULT-AVT-POLICY-DEFAULT id 1
@@ -141,6 +159,11 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group INET
+ path-group LAN_HA
+ path-group MPLS
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder1.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder1.cfg
index 87cd1f7baa1..af1f5cb5c15 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder1.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder1.cfg
@@ -36,6 +36,11 @@ router adaptive-virtual-topology
match application-profile default
avt profile DEFAULT-AVT-POLICY-DEFAULT
!
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
policy PROD-AVT-POLICY
!
match application-profile VOICE
@@ -64,6 +69,15 @@ router adaptive-virtual-topology
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ path-selection load-balance LB-DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ !
+ profile DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ path-selection load-balance LB-DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ !
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -79,6 +93,10 @@ router adaptive-virtual-topology
profile TRANSIT-AVT-POLICY-VOICE
path-selection load-balance LB-TRANSIT-AVT-POLICY-VOICE
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ !
vrf default
avt policy DEFAULT-AVT-POLICY-WITH-CP
avt profile DEFAULT-AVT-POLICY-DEFAULT id 1
@@ -144,6 +162,10 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group INET
+ path-group LAN_HA
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder2.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder2.cfg
index d15b4856665..246f62d4511 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder2.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder2.cfg
@@ -36,6 +36,11 @@ router adaptive-virtual-topology
match application-profile default
avt profile DEFAULT-AVT-POLICY-DEFAULT
!
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
policy PROD-AVT-POLICY
!
match application-profile VOICE
@@ -64,6 +69,15 @@ router adaptive-virtual-topology
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ path-selection load-balance LB-DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ !
+ profile DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ path-selection load-balance LB-DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ !
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -79,6 +93,10 @@ router adaptive-virtual-topology
profile TRANSIT-AVT-POLICY-VOICE
path-selection load-balance LB-TRANSIT-AVT-POLICY-VOICE
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ !
vrf default
avt policy DEFAULT-AVT-POLICY-WITH-CP
avt profile DEFAULT-AVT-POLICY-DEFAULT id 1
@@ -151,6 +169,11 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group INET
+ path-group LAN_HA
+ path-group MPLS
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1A.cfg
index db3d028a045..91c34dacebe 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1A.cfg
@@ -41,6 +41,11 @@ router adaptive-virtual-topology
match application-profile default
avt profile DEFAULT-AVT-POLICY-DEFAULT
!
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
policy PROD-AVT-POLICY
!
match application-profile VOICE
@@ -69,6 +74,15 @@ router adaptive-virtual-topology
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ path-selection load-balance LB-DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ !
+ profile DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ path-selection load-balance LB-DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ !
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -84,6 +98,10 @@ router adaptive-virtual-topology
profile TRANSIT-AVT-POLICY-VOICE
path-selection load-balance LB-TRANSIT-AVT-POLICY-VOICE
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ !
vrf default
avt policy DEFAULT-AVT-POLICY-WITH-CP
avt profile DEFAULT-AVT-POLICY-DEFAULT id 1
@@ -157,6 +175,11 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group INET
+ path-group LAN_HA
+ path-group MPLS
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -189,6 +212,8 @@ spanning-tree mode none
no enable password
no aaa root
!
+vrf instance ATTRACTED-VRF-FROM-UPLINK
+!
vrf instance IT
!
vrf instance MGMT
@@ -269,19 +294,27 @@ interface Ethernet52
flow tracker hardware WAN-FLOW-TRACKER
ip address 172.17.0.1/31
!
-interface Ethernet52.42
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.42_vrf_PROD
+interface Ethernet52.142
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.1/31
!
-interface Ethernet52.100
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.100_vrf_IT
+interface Ethernet52.666
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.1/31
+!
+interface Ethernet52.1000
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.1000_vrf_IT
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.1/31
!
@@ -294,6 +327,7 @@ interface Vxlan1
description cv-pathfinder-transit1A_VTEP
vxlan source-interface Dps1
vxlan udp-port 4789
+ vxlan vrf ATTRACTED-VRF-FROM-UPLINK vni 166
vxlan vrf default vni 1
vxlan vrf IT vni 100
vxlan vrf PROD vni 42
@@ -343,6 +377,7 @@ application traffic recognition
42
!
ip routing
+ip routing vrf ATTRACTED-VRF-FROM-UPLINK
ip routing vrf IT
no ip routing vrf MGMT
ip routing vrf NOT-WAN-VRF
@@ -459,6 +494,16 @@ router bgp 65000
bgp additional-paths send any
neighbor WAN-OVERLAY-PEERS activate
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ rd 192.168.43.1:666
+ route-target import evpn 666:666
+ route-target export evpn 666:666
+ router-id 192.168.43.1
+ neighbor 172.17.0.0 remote-as 65199
+ neighbor 172.17.0.0 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.0 description site-ha-enabled-leaf1_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ redistribute connected
+ !
vrf default
rd 192.168.43.1:1
route-target import evpn 1:1
@@ -472,7 +517,11 @@ router bgp 65000
router-id 192.168.43.1
neighbor 172.17.0.0 remote-as 65199
neighbor 172.17.0.0 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.0 description site-ha-enabled-leaf1_Ethernet1.100_vrf_IT
+ neighbor 172.17.0.0 description site-ha-enabled-leaf1_Ethernet1.1000_vrf_IT
+ redistribute connected
+ !
+ vrf NOT-WAN-VRF
+ router-id 192.168.43.1
redistribute connected
!
vrf PROD
@@ -482,7 +531,7 @@ router bgp 65000
router-id 192.168.43.1
neighbor 172.17.0.0 remote-as 65199
neighbor 172.17.0.0 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.0 description site-ha-enabled-leaf1_Ethernet1.42_vrf_PROD
+ neighbor 172.17.0.0 description site-ha-enabled-leaf1_Ethernet1.142_vrf_PROD
redistribute connected
!
vrf TRANSIT
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1B.cfg
index b80503236d5..b5474e6cff4 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1B.cfg
@@ -41,6 +41,11 @@ router adaptive-virtual-topology
match application-profile default
avt profile DEFAULT-AVT-POLICY-DEFAULT
!
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
policy PROD-AVT-POLICY
!
match application-profile VOICE
@@ -69,6 +74,15 @@ router adaptive-virtual-topology
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ path-selection load-balance LB-DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ !
+ profile DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ path-selection load-balance LB-DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ !
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -84,6 +98,10 @@ router adaptive-virtual-topology
profile TRANSIT-AVT-POLICY-VOICE
path-selection load-balance LB-TRANSIT-AVT-POLICY-VOICE
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ !
vrf default
avt policy DEFAULT-AVT-POLICY-WITH-CP
avt profile DEFAULT-AVT-POLICY-DEFAULT id 1
@@ -157,6 +175,11 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group INET
+ path-group LAN_HA
+ path-group MPLS
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -189,10 +212,14 @@ spanning-tree mode none
no enable password
no aaa root
!
+vrf instance ATTRACTED-VRF-FROM-UPLINK
+!
vrf instance IT
!
vrf instance MGMT
!
+vrf instance NOT-WAN-VRF
+!
vrf instance PROD
!
vrf instance TRANSIT
@@ -267,19 +294,27 @@ interface Ethernet52
flow tracker hardware WAN-FLOW-TRACKER
ip address 172.17.0.3/31
!
-interface Ethernet52.42
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.42_vrf_PROD
+interface Ethernet52.142
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.3/31
!
-interface Ethernet52.100
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.100_vrf_IT
+interface Ethernet52.666
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.3/31
+!
+interface Ethernet52.1000
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.1000_vrf_IT
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.3/31
!
@@ -292,6 +327,7 @@ interface Vxlan1
description cv-pathfinder-transit1B_VTEP
vxlan source-interface Dps1
vxlan udp-port 4789
+ vxlan vrf ATTRACTED-VRF-FROM-UPLINK vni 166
vxlan vrf default vni 1
vxlan vrf IT vni 100
vxlan vrf PROD vni 42
@@ -341,8 +377,10 @@ application traffic recognition
42
!
ip routing
+ip routing vrf ATTRACTED-VRF-FROM-UPLINK
ip routing vrf IT
no ip routing vrf MGMT
+ip routing vrf NOT-WAN-VRF
ip routing vrf PROD
ip routing vrf TRANSIT
!
@@ -456,6 +494,16 @@ router bgp 65000
bgp additional-paths send any
neighbor WAN-OVERLAY-PEERS activate
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ rd 192.168.43.2:666
+ route-target import evpn 666:666
+ route-target export evpn 666:666
+ router-id 192.168.43.2
+ neighbor 172.17.0.2 remote-as 65199
+ neighbor 172.17.0.2 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.2 description site-ha-enabled-leaf1_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ redistribute connected
+ !
vrf default
rd 192.168.43.2:1
route-target import evpn 1:1
@@ -463,23 +511,27 @@ router bgp 65000
route-target export evpn route-map RM-EVPN-EXPORT-VRF-DEFAULT
!
vrf IT
- rd 192.168.43.2:100
- route-target import evpn 100:100
- route-target export evpn 100:100
+ rd 192.168.43.2:1000
+ route-target import evpn 1000:1000
+ route-target export evpn 1000:1000
router-id 192.168.43.2
neighbor 172.17.0.2 remote-as 65199
neighbor 172.17.0.2 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.2 description site-ha-enabled-leaf1_Ethernet2.100_vrf_IT
+ neighbor 172.17.0.2 description site-ha-enabled-leaf1_Ethernet2.1000_vrf_IT
+ redistribute connected
+ !
+ vrf NOT-WAN-VRF
+ router-id 192.168.43.2
redistribute connected
!
vrf PROD
- rd 192.168.43.2:42
- route-target import evpn 42:42
- route-target export evpn 42:42
+ rd 192.168.43.2:142
+ route-target import evpn 142:142
+ route-target export evpn 142:142
router-id 192.168.43.2
neighbor 172.17.0.2 remote-as 65199
neighbor 172.17.0.2 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.2 description site-ha-enabled-leaf1_Ethernet2.42_vrf_PROD
+ neighbor 172.17.0.2 description site-ha-enabled-leaf1_Ethernet2.142_vrf_PROD
redistribute connected
!
vrf TRANSIT
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-disabled-leaf.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-disabled-leaf.cfg
index 99554be20f1..c6ceb6e7ce8 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-disabled-leaf.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-disabled-leaf.cfg
@@ -176,7 +176,7 @@ router bgp 65199
redistribute learned
!
vlan 666
- rd 192.168.45.3:1666
+ rd 192.168.45.4:1666
route-target both 1666:1666
redistribute learned
!
@@ -188,10 +188,10 @@ router bgp 65199
neighbor IPv4-UNDERLAY-PEERS activate
!
vrf ATTRACTED-VRF-FROM-UPLINK
- rd 192.168.45.3:666
+ rd 192.168.45.4:666
route-target import evpn 666:666
route-target export evpn 666:666
- router-id 192.168.45.3
+ router-id 192.168.45.4
neighbor 172.17.0.1 remote-as 65000
neighbor 172.17.0.1 peer group IPv4-UNDERLAY-PEERS
neighbor 172.17.0.1 description cv-pathfinder-edge_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
@@ -206,17 +206,10 @@ router bgp 65199
route-target export evpn 1:1
!
vrf IT
-<<<<<<< HEAD
- rd 192.168.45.4:100
- route-target import evpn 100:100
- route-target export evpn 100:100
- router-id 192.168.45.4
-=======
- rd 192.168.45.3:1000
+ rd 192.168.45.4:1000
route-target import evpn 1000:1000
route-target export evpn 1000:1000
- router-id 192.168.45.3
->>>>>>> ff441f2cd (Feat(eos_designs): Add wan_vni for WAN VRF)
+ router-id 192.168.45.4
neighbor 172.17.0.1 remote-as 65000
neighbor 172.17.0.1 peer group IPv4-UNDERLAY-PEERS
neighbor 172.17.0.1 description cv-pathfinder-edge_Ethernet52.1000_vrf_IT
@@ -226,17 +219,10 @@ router bgp 65199
redistribute connected
!
vrf PROD
-<<<<<<< HEAD
- rd 192.168.45.4:42
- route-target import evpn 42:42
- route-target export evpn 42:42
- router-id 192.168.45.4
-=======
- rd 192.168.45.3:142
+ rd 192.168.45.4:142
route-target import evpn 142:142
route-target export evpn 142:142
- router-id 192.168.45.3
->>>>>>> ff441f2cd (Feat(eos_designs): Add wan_vni for WAN VRF)
+ router-id 192.168.45.4
neighbor 172.17.0.1 remote-as 65000
neighbor 172.17.0.1 peer group IPv4-UNDERLAY-PEERS
neighbor 172.17.0.1 description cv-pathfinder-edge_Ethernet52.142_vrf_PROD
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf1.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf1.cfg
index b09f8c9740f..684625f0f62 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf1.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf1.cfg
@@ -17,6 +17,11 @@ vlan 100
vlan 101
name VLAN101
!
+vlan 666
+ name VLAN666
+!
+vrf instance ATTRACTED-VRF-FROM-UPLINK
+!
vrf instance IT
!
vrf instance MGMT
@@ -30,19 +35,27 @@ interface Ethernet1
no switchport
ip address 172.17.0.0/31
!
-interface Ethernet1.42
- description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.42_vrf_PROD
+interface Ethernet1.142
+ description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.0/31
!
-interface Ethernet1.100
- description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.100_vrf_IT
+interface Ethernet1.666
+ description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.0/31
+!
+interface Ethernet1.1000
+ description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.1000_vrf_IT
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.0/31
!
@@ -53,19 +66,27 @@ interface Ethernet2
no switchport
ip address 172.17.0.2/31
!
-interface Ethernet2.42
- description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.42_vrf_PROD
+interface Ethernet2.142
+ description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.2/31
!
-interface Ethernet2.100
- description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.100_vrf_IT
+interface Ethernet2.666
+ description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.2/31
+!
+interface Ethernet2.1000
+ description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.1000_vrf_IT
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.2/31
!
@@ -85,19 +106,28 @@ interface Vlan100
vrf PROD
ip address virtual 10.0.100.1/24
!
+interface Vlan666
+ description VLAN666
+ shutdown
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address virtual 10.66.66.66/24
+!
interface Vxlan1
description site-ha-enabled-leaf1_VTEP
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 100 vni 1100
vxlan vlan 101 vni 1101
+ vxlan vlan 666 vni 1666
+ vxlan vrf ATTRACTED-VRF-FROM-UPLINK vni 666
vxlan vrf default vni 1
- vxlan vrf IT vni 100
- vxlan vrf PROD vni 42
+ vxlan vrf IT vni 1000
+ vxlan vrf PROD vni 142
!
ip virtual-router mac-address 00:1c:73:00:00:01
!
ip routing
+ip routing vrf ATTRACTED-VRF-FROM-UPLINK
ip routing vrf IT
no ip routing vrf MGMT
ip routing vrf PROD
@@ -144,6 +174,11 @@ router bgp 65199
route-target both 1101:1101
redistribute learned
!
+ vlan 666
+ rd 192.168.45.1:1666
+ route-target both 1666:1666
+ redistribute learned
+ !
address-family evpn
neighbor EVPN-OVERLAY-PEERS activate
!
@@ -151,35 +186,48 @@ router bgp 65199
no neighbor EVPN-OVERLAY-PEERS activate
neighbor IPv4-UNDERLAY-PEERS activate
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ rd 192.168.45.1:666
+ route-target import evpn 666:666
+ route-target export evpn 666:666
+ router-id 192.168.45.1
+ neighbor 172.17.0.1 remote-as 65000
+ neighbor 172.17.0.1 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.1 description cv-pathfinder-transit1A_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ neighbor 172.17.0.3 remote-as 65000
+ neighbor 172.17.0.3 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.3 description cv-pathfinder-transit1B_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ redistribute connected
+ !
vrf default
rd 192.168.45.1:1
route-target import evpn 1:1
route-target export evpn 1:1
!
vrf IT
- rd 192.168.45.1:100
- route-target import evpn 100:100
- route-target export evpn 100:100
+ rd 192.168.45.1:1000
+ route-target import evpn 1000:1000
+ route-target export evpn 1000:1000
router-id 192.168.45.1
neighbor 172.17.0.1 remote-as 65000
neighbor 172.17.0.1 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.1 description cv-pathfinder-transit1A_Ethernet52.100_vrf_IT
+ neighbor 172.17.0.1 description cv-pathfinder-transit1A_Ethernet52.1000_vrf_IT
neighbor 172.17.0.3 remote-as 65000
neighbor 172.17.0.3 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.3 description cv-pathfinder-transit1B_Ethernet52.100_vrf_IT
+ neighbor 172.17.0.3 description cv-pathfinder-transit1B_Ethernet52.1000_vrf_IT
redistribute connected
!
vrf PROD
- rd 192.168.45.1:42
- route-target import evpn 42:42
- route-target export evpn 42:42
+ rd 192.168.45.1:142
+ route-target import evpn 142:142
+ route-target export evpn 142:142
router-id 192.168.45.1
neighbor 172.17.0.1 remote-as 65000
neighbor 172.17.0.1 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.1 description cv-pathfinder-transit1A_Ethernet52.42_vrf_PROD
+ neighbor 172.17.0.1 description cv-pathfinder-transit1A_Ethernet52.142_vrf_PROD
neighbor 172.17.0.3 remote-as 65000
neighbor 172.17.0.3 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.3 description cv-pathfinder-transit1B_Ethernet52.42_vrf_PROD
+ neighbor 172.17.0.3 description cv-pathfinder-transit1B_Ethernet52.142_vrf_PROD
redistribute connected
!
management api http-commands
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf2A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf2A.cfg
index 878901518be..882ee166fb1 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf2A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf2A.cfg
@@ -17,6 +17,11 @@ vlan 100
vlan 101
name VLAN101
!
+vlan 666
+ name VLAN666
+!
+vrf instance ATTRACTED-VRF-FROM-UPLINK
+!
vrf instance IT
!
vrf instance MGMT
@@ -30,19 +35,27 @@ interface Ethernet1
no switchport
ip address 172.17.0.4/31
!
-interface Ethernet1.42
- description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.42_vrf_PROD
+interface Ethernet1.142
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.4/31
!
-interface Ethernet1.100
- description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.100_vrf_IT
+interface Ethernet1.666
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.4/31
+!
+interface Ethernet1.1000
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.1000_vrf_IT
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.4/31
!
@@ -53,19 +66,27 @@ interface Ethernet2
no switchport
ip address 172.17.0.8/31
!
-interface Ethernet2.42
- description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.42_vrf_PROD
+interface Ethernet2.142
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.8/31
!
-interface Ethernet2.100
- description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.100_vrf_IT
+interface Ethernet2.666
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.8/31
+!
+interface Ethernet2.1000
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.1000_vrf_IT
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.8/31
!
@@ -85,19 +106,28 @@ interface Vlan100
vrf PROD
ip address virtual 10.0.100.1/24
!
+interface Vlan666
+ description VLAN666
+ shutdown
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address virtual 10.66.66.66/24
+!
interface Vxlan1
description site-ha-enabled-leaf2A_VTEP
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 100 vni 1100
vxlan vlan 101 vni 1101
+ vxlan vlan 666 vni 1666
+ vxlan vrf ATTRACTED-VRF-FROM-UPLINK vni 666
vxlan vrf default vni 1
- vxlan vrf IT vni 100
- vxlan vrf PROD vni 42
+ vxlan vrf IT vni 1000
+ vxlan vrf PROD vni 142
!
ip virtual-router mac-address 00:1c:73:00:00:01
!
ip routing
+ip routing vrf ATTRACTED-VRF-FROM-UPLINK
ip routing vrf IT
no ip routing vrf MGMT
ip routing vrf PROD
@@ -144,6 +174,11 @@ router bgp 65199
route-target both 1101:1101
redistribute learned
!
+ vlan 666
+ rd 192.168.45.2:1666
+ route-target both 1666:1666
+ redistribute learned
+ !
address-family evpn
neighbor EVPN-OVERLAY-PEERS activate
!
@@ -151,35 +186,48 @@ router bgp 65199
no neighbor EVPN-OVERLAY-PEERS activate
neighbor IPv4-UNDERLAY-PEERS activate
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ rd 192.168.45.2:666
+ route-target import evpn 666:666
+ route-target export evpn 666:666
+ router-id 192.168.45.2
+ neighbor 172.17.0.5 remote-as 65000
+ neighbor 172.17.0.5 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.5 description cv-pathfinder-edge2A_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ neighbor 172.17.0.9 remote-as 65000
+ neighbor 172.17.0.9 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.9 description cv-pathfinder-edge2B_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ redistribute connected
+ !
vrf default
rd 192.168.45.2:1
route-target import evpn 1:1
route-target export evpn 1:1
!
vrf IT
- rd 192.168.45.2:100
- route-target import evpn 100:100
- route-target export evpn 100:100
+ rd 192.168.45.2:1000
+ route-target import evpn 1000:1000
+ route-target export evpn 1000:1000
router-id 192.168.45.2
neighbor 172.17.0.5 remote-as 65000
neighbor 172.17.0.5 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.5 description cv-pathfinder-edge2A_Ethernet52.100_vrf_IT
+ neighbor 172.17.0.5 description cv-pathfinder-edge2A_Ethernet52.1000_vrf_IT
neighbor 172.17.0.9 remote-as 65000
neighbor 172.17.0.9 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.9 description cv-pathfinder-edge2B_Ethernet52.100_vrf_IT
+ neighbor 172.17.0.9 description cv-pathfinder-edge2B_Ethernet52.1000_vrf_IT
redistribute connected
!
vrf PROD
- rd 192.168.45.2:42
- route-target import evpn 42:42
- route-target export evpn 42:42
+ rd 192.168.45.2:142
+ route-target import evpn 142:142
+ route-target export evpn 142:142
router-id 192.168.45.2
neighbor 172.17.0.5 remote-as 65000
neighbor 172.17.0.5 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.5 description cv-pathfinder-edge2A_Ethernet52.42_vrf_PROD
+ neighbor 172.17.0.5 description cv-pathfinder-edge2A_Ethernet52.142_vrf_PROD
neighbor 172.17.0.9 remote-as 65000
neighbor 172.17.0.9 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.9 description cv-pathfinder-edge2B_Ethernet52.42_vrf_PROD
+ neighbor 172.17.0.9 description cv-pathfinder-edge2B_Ethernet52.142_vrf_PROD
redistribute connected
!
management api http-commands
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf2B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf2B.cfg
index a8ddf9a9f1e..4ca165e4543 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf2B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf2B.cfg
@@ -17,6 +17,11 @@ vlan 100
vlan 101
name VLAN101
!
+vlan 666
+ name VLAN666
+!
+vrf instance ATTRACTED-VRF-FROM-UPLINK
+!
vrf instance IT
!
vrf instance MGMT
@@ -30,19 +35,27 @@ interface Ethernet1
no switchport
ip address 172.17.0.6/31
!
-interface Ethernet1.42
- description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.42_vrf_PROD
+interface Ethernet1.142
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.6/31
!
-interface Ethernet1.100
- description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.100_vrf_IT
+interface Ethernet1.666
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.6/31
+!
+interface Ethernet1.1000
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.1000_vrf_IT
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.6/31
!
@@ -53,19 +66,27 @@ interface Ethernet2
no switchport
ip address 172.17.0.10/31
!
-interface Ethernet2.42
- description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.42_vrf_PROD
+interface Ethernet2.142
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.10/31
!
-interface Ethernet2.100
- description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.100_vrf_IT
+interface Ethernet2.666
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.666_vrf_ATTRACTED-VRF-FROM-UPLINK
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.10/31
+!
+interface Ethernet2.1000
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.1000_vrf_IT
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.10/31
!
@@ -85,19 +106,28 @@ interface Vlan100
vrf PROD
ip address virtual 10.0.100.1/24
!
+interface Vlan666
+ description VLAN666
+ shutdown
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address virtual 10.66.66.66/24
+!
interface Vxlan1
description site-ha-enabled-leaf2B_VTEP
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 100 vni 1100
vxlan vlan 101 vni 1101
+ vxlan vlan 666 vni 1666
+ vxlan vrf ATTRACTED-VRF-FROM-UPLINK vni 666
vxlan vrf default vni 1
- vxlan vrf IT vni 100
- vxlan vrf PROD vni 42
+ vxlan vrf IT vni 1000
+ vxlan vrf PROD vni 142
!
ip virtual-router mac-address 00:1c:73:00:00:01
!
ip routing
+ip routing vrf ATTRACTED-VRF-FROM-UPLINK
ip routing vrf IT
no ip routing vrf MGMT
ip routing vrf PROD
@@ -144,6 +174,11 @@ router bgp 65199
route-target both 1101:1101
redistribute learned
!
+ vlan 666
+ rd 192.168.45.3:1666
+ route-target both 1666:1666
+ redistribute learned
+ !
address-family evpn
neighbor EVPN-OVERLAY-PEERS activate
!
@@ -151,35 +186,48 @@ router bgp 65199
no neighbor EVPN-OVERLAY-PEERS activate
neighbor IPv4-UNDERLAY-PEERS activate
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ rd 192.168.45.3:666
+ route-target import evpn 666:666
+ route-target export evpn 666:666
+ router-id 192.168.45.3
+ neighbor 172.17.0.7 remote-as 65000
+ neighbor 172.17.0.7 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.7 description cv-pathfinder-edge2A_Ethernet53.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ neighbor 172.17.0.11 remote-as 65000
+ neighbor 172.17.0.11 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.11 description cv-pathfinder-edge2B_Ethernet53.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ redistribute connected
+ !
vrf default
rd 192.168.45.3:1
route-target import evpn 1:1
route-target export evpn 1:1
!
vrf IT
- rd 192.168.45.3:100
- route-target import evpn 100:100
- route-target export evpn 100:100
+ rd 192.168.45.3:1000
+ route-target import evpn 1000:1000
+ route-target export evpn 1000:1000
router-id 192.168.45.3
neighbor 172.17.0.7 remote-as 65000
neighbor 172.17.0.7 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.7 description cv-pathfinder-edge2A_Ethernet53.100_vrf_IT
+ neighbor 172.17.0.7 description cv-pathfinder-edge2A_Ethernet53.1000_vrf_IT
neighbor 172.17.0.11 remote-as 65000
neighbor 172.17.0.11 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.11 description cv-pathfinder-edge2B_Ethernet53.100_vrf_IT
+ neighbor 172.17.0.11 description cv-pathfinder-edge2B_Ethernet53.1000_vrf_IT
redistribute connected
!
vrf PROD
- rd 192.168.45.3:42
- route-target import evpn 42:42
- route-target export evpn 42:42
+ rd 192.168.45.3:142
+ route-target import evpn 142:142
+ route-target export evpn 142:142
router-id 192.168.45.3
neighbor 172.17.0.7 remote-as 65000
neighbor 172.17.0.7 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.7 description cv-pathfinder-edge2A_Ethernet53.42_vrf_PROD
+ neighbor 172.17.0.7 description cv-pathfinder-edge2A_Ethernet53.142_vrf_PROD
neighbor 172.17.0.11 remote-as 65000
neighbor 172.17.0.11 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.11 description cv-pathfinder-edge2B_Ethernet53.42_vrf_PROD
+ neighbor 172.17.0.11 description cv-pathfinder-edge2B_Ethernet53.142_vrf_PROD
redistribute connected
!
management api http-commands
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge-no-default-policy.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge-no-default-policy.yml
index feecb7d555e..47c53b9d1e8 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge-no-default-policy.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge-no-default-policy.yml
@@ -205,23 +205,30 @@ router_path_selection:
- 10.7.7.7
ipsec_profile: AUTOVPN
load_balance_policies:
- - name: LB-CONTROL-PLANE-PROFILE
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: LB-CONTROL-PLANE-PROFILE
path_groups:
- name: INET
policies:
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
+ default_match:
+ load_balance: LB-DEFAULT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-WITH-CP
rules:
- id: 10
application_profile: CONTROL-PLANE-APPLICATION-PROFILE
load_balance: LB-CONTROL-PLANE-PROFILE
default_match:
- load_balance: LB-DEFAULT-AVT-POLICY-DEFAULT
+ load_balance: LB-DEFAULT-POLICY-DEFAULT
vrfs:
+ - name: PROD
+ path_selection_policy: DEFAULT-POLICY
+ - name: IT
+ path_selection_policy: DEFAULT-POLICY
- name: default
- path_selection_policy: DEFAULT-AVT-POLICY-WITH-CP
+ path_selection_policy: DEFAULT-POLICY-WITH-CP
stun:
client:
server_profiles:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge.yml
index 85e8d9a0c28..60eace584af 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge.yml
@@ -217,6 +217,10 @@ router_path_selection:
- name: LB-CONTROL-PLANE-PROFILE
path_groups:
- name: INET
+ - name: LB-DEFAULT-AVT-POLICY-IT
+ path_groups:
+ - name: INET
+ priority: 2
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: INET
@@ -226,11 +230,15 @@ router_path_selection:
- name: LB-PROD-AVT-POLICY-DEFAULT
path_groups:
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-IT
- path_groups:
- - name: INET
- priority: 2
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ rules:
+ - id: 10
+ application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ load_balance: LB-CONTROL-PLANE-PROFILE
+ - id: 20
+ application_profile: IT
+ load_balance: LB-DEFAULT-AVT-POLICY-IT
- name: PROD-AVT-POLICY
rules:
- id: 10
@@ -241,14 +249,6 @@ router_path_selection:
load_balance: LB-PROD-AVT-POLICY-VIDEO
default_match:
load_balance: LB-PROD-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
- rules:
- - id: 10
- application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- load_balance: LB-CONTROL-PLANE-PROFILE
- - id: 20
- application_profile: IT
- load_balance: LB-DEFAULT-AVT-POLICY-IT
vrfs:
- name: default
path_selection_policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -263,9 +263,9 @@ stun:
ip_address: 10.8.8.8
application_traffic_recognition:
application_profiles:
+ - name: IT
- name: VOICE
- name: VIDEO
- - name: IT
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr1.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr1.yml
index c22906e19b1..5f48b0a9d69 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr1.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr1.yml
@@ -185,6 +185,11 @@ router_path_selection:
- name: LB-CONTROL-PLANE-PROFILE
path_groups:
- name: INET
+ - name: LB-DEFAULT-AVT-POLICY-IT
+ path_groups:
+ - name: MPLS
+ - name: INET
+ priority: 2
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: INET
@@ -194,12 +199,15 @@ router_path_selection:
- name: LB-PROD-AVT-POLICY-DEFAULT
path_groups:
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-IT
- path_groups:
- - name: MPLS
- - name: INET
- priority: 2
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ rules:
+ - id: 10
+ application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ load_balance: LB-CONTROL-PLANE-PROFILE
+ - id: 20
+ application_profile: IT
+ load_balance: LB-DEFAULT-AVT-POLICY-IT
- name: PROD-AVT-POLICY
rules:
- id: 10
@@ -210,14 +218,6 @@ router_path_selection:
load_balance: LB-PROD-AVT-POLICY-VIDEO
default_match:
load_balance: LB-PROD-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
- rules:
- - id: 10
- application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- load_balance: LB-CONTROL-PLANE-PROFILE
- - id: 20
- application_profile: IT
- load_balance: LB-DEFAULT-AVT-POLICY-IT
vrfs:
- name: default
path_selection_policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -229,9 +229,9 @@ stun:
- Ethernet1
application_traffic_recognition:
application_profiles:
+ - name: IT
- name: VOICE
- name: VIDEO
- - name: IT
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr2.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr2.yml
index 371e69060b1..930e4832503 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr2.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr2.yml
@@ -187,6 +187,11 @@ router_path_selection:
- name: LB-CONTROL-PLANE-PROFILE
path_groups:
- name: INET
+ - name: LB-DEFAULT-AVT-POLICY-IT
+ path_groups:
+ - name: MPLS
+ - name: INET
+ priority: 2
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: INET
@@ -196,12 +201,15 @@ router_path_selection:
- name: LB-PROD-AVT-POLICY-DEFAULT
path_groups:
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-IT
- path_groups:
- - name: MPLS
- - name: INET
- priority: 2
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ rules:
+ - id: 10
+ application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ load_balance: LB-CONTROL-PLANE-PROFILE
+ - id: 20
+ application_profile: IT
+ load_balance: LB-DEFAULT-AVT-POLICY-IT
- name: PROD-AVT-POLICY
rules:
- id: 10
@@ -212,14 +220,6 @@ router_path_selection:
load_balance: LB-PROD-AVT-POLICY-VIDEO
default_match:
load_balance: LB-PROD-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
- rules:
- - id: 10
- application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- load_balance: LB-CONTROL-PLANE-PROFILE
- - id: 20
- application_profile: IT
- load_balance: LB-DEFAULT-AVT-POLICY-IT
vrfs:
- name: default
path_selection_policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -231,9 +231,9 @@ stun:
- Ethernet1
application_traffic_recognition:
application_profiles:
+ - name: IT
- name: VOICE
- name: VIDEO
- - name: IT
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-custom-default-policy.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-custom-default-policy.yml
new file mode 100644
index 00000000000..e11ac010d8c
--- /dev/null
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-custom-default-policy.yml
@@ -0,0 +1,460 @@
+hostname: cv-pathfinder-edge-custom-default-policy
+is_deployed: true
+router_bgp:
+ as: '65000'
+ router_id: 192.168.42.1
+ bgp:
+ default:
+ ipv4_unicast: false
+ maximum_paths:
+ paths: 16
+ updates:
+ wait_install: true
+ redistribute_routes:
+ - source_protocol: connected
+ route_map: RM-CONN-2-BGP
+ peer_groups:
+ - name: WAN-OVERLAY-PEERS
+ type: wan
+ update_source: Dps1
+ bfd: true
+ password: htm4AZe9mIQOO1uiMuGgYQ==
+ send_community: all
+ maximum_routes: 0
+ remote_as: '65000'
+ ttl_maximum_hops: 42
+ bfd_timers:
+ interval: 1000
+ min_rx: 1000
+ multiplier: 10
+ address_family_evpn:
+ peer_groups:
+ - name: WAN-OVERLAY-PEERS
+ activate: true
+ route_map_in: RM-EVPN-SOO-IN
+ route_map_out: RM-EVPN-SOO-OUT
+ address_family_ipv4:
+ peer_groups:
+ - name: WAN-OVERLAY-PEERS
+ activate: false
+ address_family_ipv4_sr_te:
+ peer_groups:
+ - name: WAN-OVERLAY-PEERS
+ activate: true
+ address_family_link_state:
+ peer_groups:
+ - name: WAN-OVERLAY-PEERS
+ activate: true
+ path_selection:
+ roles:
+ producer: true
+ address_family_path_selection:
+ peer_groups:
+ - name: WAN-OVERLAY-PEERS
+ activate: true
+ bgp:
+ additional_paths:
+ receive: true
+ send:
+ any: true
+ neighbors:
+ - ip_address: 192.168.144.1
+ peer_group: WAN-OVERLAY-PEERS
+ peer: cv-pathfinder-pathfinder
+ description: cv-pathfinder-pathfinder
+ vrfs:
+ - name: default
+ rd: 192.168.42.1:1
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - '1:1'
+ export:
+ - address_family: evpn
+ route_targets:
+ - '1:1'
+ - route-map RM-EVPN-EXPORT-VRF-DEFAULT
+ - name: IT
+ router_id: 192.168.42.1
+ rd: 192.168.42.1:100
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - 100:100
+ export:
+ - address_family: evpn
+ route_targets:
+ - 100:100
+ redistribute_routes:
+ - source_protocol: connected
+ - name: PROD
+ router_id: 192.168.42.1
+ rd: 192.168.42.1:42
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - '42:42'
+ export:
+ - address_family: evpn
+ route_targets:
+ - '42:42'
+ redistribute_routes:
+ - source_protocol: connected
+service_routing_protocols_model: multi-agent
+ip_routing: true
+transceiver_qsfp_default_mode_4x10: false
+spanning_tree:
+ mode: none
+vrfs:
+- name: MGMT
+ ip_routing: false
+- name: IT
+ tenant: TenantA
+ ip_routing: true
+- name: PROD
+ tenant: TenantA
+ ip_routing: true
+management_api_http:
+ enable_vrfs:
+ - name: MGMT
+ enable_https: true
+ethernet_interfaces:
+- name: Ethernet1
+ peer_type: l3_interface
+ ip_address: dhcp
+ shutdown: false
+ type: routed
+ dhcp_client_accept_default_route: true
+ flow_tracker:
+ hardware: WAN-FLOW-TRACKER
+- name: Ethernet2
+ peer_type: l3_interface
+ ip_address: 172.15.5.5/31
+ shutdown: false
+ type: routed
+ flow_tracker:
+ hardware: WAN-FLOW-TRACKER
+- name: Ethernet3
+ peer_type: l3_interface
+ ip_address: 172.20.20.20/31
+ shutdown: false
+ type: routed
+ flow_tracker:
+ hardware: WAN-FLOW-TRACKER
+loopback_interfaces:
+- name: Loopback0
+ description: Router_ID
+ shutdown: false
+ ip_address: 192.168.42.1/32
+prefix_lists:
+- name: PL-LOOPBACKS-EVPN-OVERLAY
+ sequence_numbers:
+ - sequence: 10
+ action: permit 192.168.42.0/24 eq 32
+route_maps:
+- name: RM-CONN-2-BGP
+ sequence_numbers:
+ - sequence: 10
+ type: permit
+ match:
+ - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+ set:
+ - extcommunity soo 192.168.42.1:1 additive
+- name: RM-EVPN-SOO-IN
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - extcommunity ECL-EVPN-SOO
+ - sequence: 20
+ type: permit
+- name: RM-EVPN-SOO-OUT
+ sequence_numbers:
+ - sequence: 10
+ type: permit
+ set:
+ - extcommunity soo 192.168.42.1:1 additive
+- name: RM-EVPN-EXPORT-VRF-DEFAULT
+ sequence_numbers:
+ - sequence: 10
+ type: permit
+ match:
+ - extcommunity ECL-EVPN-SOO
+flow_tracking:
+ hardware:
+ trackers:
+ - name: WAN-FLOW-TRACKER
+ record_export:
+ on_inactive_timeout: 70000
+ on_interval: 5000
+ exporters:
+ - name: DPI-EXPORTER
+ collector:
+ host: 127.0.0.1
+ local_interface: Loopback0
+ template_interval: 5000
+ shutdown: false
+ip_extcommunity_lists:
+- name: ECL-EVPN-SOO
+ entries:
+ - type: permit
+ extcommunities: soo 192.168.42.1:1
+ip_security:
+ ike_policies:
+ - name: CP-IKE-POLICY
+ local_id: 192.168.255.1
+ sa_policies:
+ - name: DP-SA-POLICY
+ esp:
+ encryption: aes128
+ pfs_dh_group: 14
+ - name: CP-SA-POLICY
+ esp:
+ encryption: aes128
+ pfs_dh_group: 14
+ profiles:
+ - name: DP-PROFILE
+ sa_policy: DP-SA-POLICY
+ connection: start
+ shared_key: ABCDEF1234567890666
+ dpd:
+ interval: 10
+ time: 50
+ action: clear
+ mode: transport
+ - name: CP-PROFILE
+ ike_policy: CP-IKE-POLICY
+ sa_policy: CP-SA-POLICY
+ connection: start
+ shared_key: ABCDEF1234567890
+ dpd:
+ interval: 10
+ time: 50
+ action: clear
+ mode: transport
+ key_controller:
+ profile: DP-PROFILE
+router_adaptive_virtual_topology:
+ topology_role: edge
+ region:
+ name: AVD_Land_West
+ id: 42
+ zone:
+ name: DEFAULT-ZONE
+ id: 1
+ site:
+ name: Site1
+ id: 1
+ profiles:
+ - name: CONTROL-PLANE-PROFILE
+ load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-POLICY-WITH-CP-VIDEO
+ load_balance_policy: LB-DEFAULT-POLICY-WITH-CP-VIDEO
+ - name: DEFAULT-POLICY-WITH-CP-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-WITH-CP-DEFAULT
+ - name: DEFAULT-POLICY-VIDEO
+ load_balance_policy: LB-DEFAULT-POLICY-VIDEO
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
+ vrfs:
+ - name: default
+ policy: DEFAULT-POLICY-WITH-CP
+ profiles:
+ - name: CONTROL-PLANE-PROFILE
+ id: 254
+ - name: DEFAULT-POLICY-VIDEO
+ id: 3
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
+ - name: PROD
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-VIDEO
+ id: 3
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
+ policies:
+ - name: DEFAULT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY
+ matches:
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-POLICY-DEFAULT
+router_bfd:
+ multihop:
+ interval: 300
+ min_rx: 300
+ multiplier: 3
+router_path_selection:
+ tcp_mss_ceiling:
+ ipv4_segment_size: auto
+ path_groups:
+ - name: INET
+ id: 101
+ local_interfaces:
+ - name: Ethernet1
+ stun:
+ server_profiles:
+ - INET-cv-pathfinder-pathfinder-Ethernet1
+ - INET-cv-pathfinder-pathfinder-Ethernet3
+ dynamic_peers:
+ enabled: true
+ static_peers:
+ - router_ip: 192.168.144.1
+ name: cv-pathfinder-pathfinder
+ ipv4_addresses:
+ - 10.7.7.7
+ - 10.9.9.9
+ ipsec_profile: CP-PROFILE
+ - name: MPLS
+ id: 100
+ local_interfaces:
+ - name: Ethernet2
+ stun:
+ server_profiles:
+ - MPLS-cv-pathfinder-pathfinder-Ethernet2
+ dynamic_peers:
+ enabled: true
+ static_peers:
+ - router_ip: 192.168.144.1
+ name: cv-pathfinder-pathfinder
+ ipv4_addresses:
+ - 172.16.0.1
+ - name: LTE
+ id: 102
+ local_interfaces:
+ - name: Ethernet3
+ dynamic_peers:
+ enabled: true
+ ipsec_profile: CP-PROFILE
+ load_balance_policies:
+ - name: LB-CONTROL-PLANE-PROFILE
+ path_groups:
+ - name: INET
+ - name: MPLS
+ - name: LB-DEFAULT-POLICY-VIDEO
+ path_groups:
+ - name: MPLS
+ - name: INET
+ - name: LB-DEFAULT-POLICY-DEFAULT
+ path_groups:
+ - name: INET
+ - name: LTE
+ priority: 42
+router_traffic_engineering:
+ enabled: true
+stun:
+ client:
+ server_profiles:
+ - name: INET-cv-pathfinder-pathfinder-Ethernet1
+ ip_address: 10.7.7.7
+ - name: INET-cv-pathfinder-pathfinder-Ethernet3
+ ip_address: 10.9.9.9
+ - name: MPLS-cv-pathfinder-pathfinder-Ethernet2
+ ip_address: 172.16.0.1
+application_traffic_recognition:
+ application_profiles:
+ - name: VIDEO
+ applications:
+ - name: CUSTOM-APPLICATION-1
+ - name: skype
+ - name: CONTROL-PLANE-APPLICATION-PROFILE
+ applications:
+ - name: CONTROL-PLANE-APPLICATION
+ applications:
+ ipv4_applications:
+ - name: CONTROL-PLANE-APPLICATION
+ dest_prefix_set_name: CONTROL-PLANE-APP-DEST-PREFIXES
+ field_sets:
+ ipv4_prefixes:
+ - name: CONTROL-PLANE-APP-DEST-PREFIXES
+ prefix_values:
+ - 192.168.144.1/32
+dps_interfaces:
+- name: Dps1
+ description: DPS Interface
+ mtu: 9214
+ ip_address: 192.168.255.1/32
+ flow_tracker:
+ hardware: WAN-FLOW-TRACKER
+vxlan_interface:
+ Vxlan1:
+ description: cv-pathfinder-edge-custom-default-policy_VTEP
+ vxlan:
+ udp_port: 4789
+ source_interface: Dps1
+ vrfs:
+ - name: default
+ vni: 1
+ - name: IT
+ vni: 100
+ - name: PROD
+ vni: 42
+metadata:
+ cv_tags:
+ device_tags:
+ - name: Role
+ value: edge
+ - name: Region
+ value: AVD_Land_West
+ - name: Zone
+ value: DEFAULT-ZONE
+ - name: Site
+ value: Site1
+ interface_tags:
+ - interface: Ethernet1
+ tags:
+ - name: Type
+ value: wan
+ - name: Carrier
+ value: ATT
+ - name: Circuit
+ value: '666'
+ - interface: Ethernet2
+ tags:
+ - name: Type
+ value: wan
+ - name: Carrier
+ value: Colt
+ - name: Circuit
+ value: '10555'
+ - interface: Ethernet3
+ tags:
+ - name: Type
+ value: wan
+ - name: Carrier
+ value: Comcast-5G
+ - name: Circuit
+ value: AF830
+ cv_pathfinder:
+ role: edge
+ vtep_ip: 192.168.255.1
+ region: AVD_Land_West
+ zone: DEFAULT-ZONE
+ site: Site1
+ interfaces:
+ - name: Ethernet1
+ carrier: ATT
+ circuit_id: '666'
+ pathgroup: INET
+ - name: Ethernet2
+ carrier: Colt
+ circuit_id: '10555'
+ pathgroup: MPLS
+ - name: Ethernet3
+ carrier: Comcast-5G
+ circuit_id: AF830
+ pathgroup: LTE
+ pathfinders:
+ - vtep_ip: 192.168.144.1
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-no-common-path-group.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-no-common-path-group.yml
index 0e335d14fe4..67513001fe1 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-no-common-path-group.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-no-common-path-group.yml
@@ -47,15 +47,9 @@ router_bgp:
neighbors:
- ip_address: 172.17.0.2
peer_group: IPv4-UNDERLAY-PEERS
-<<<<<<< HEAD
remote_as: '65199'
- description: site-ha-disabled-leaf_Ethernet2.100_vrf_IT
- rd: 192.168.42.2:100
-=======
- remote_as: '65000'
description: site-ha-disabled-leaf_Ethernet2.1000_vrf_IT
rd: 192.168.42.2:1000
->>>>>>> ff441f2cd (Feat(eos_designs): Add wan_vni for WAN VRF)
route_targets:
import:
- address_family: evpn
@@ -72,15 +66,9 @@ router_bgp:
neighbors:
- ip_address: 172.17.0.2
peer_group: IPv4-UNDERLAY-PEERS
-<<<<<<< HEAD
remote_as: '65199'
- description: site-ha-disabled-leaf_Ethernet2.42_vrf_PROD
- rd: 192.168.42.2:42
-=======
- remote_as: '65000'
description: site-ha-disabled-leaf_Ethernet2.142_vrf_PROD
rd: 192.168.42.2:142
->>>>>>> ff441f2cd (Feat(eos_designs): Add wan_vni for WAN VRF)
route_targets:
import:
- address_family: evpn
@@ -97,7 +85,7 @@ router_bgp:
neighbors:
- ip_address: 172.17.0.2
peer_group: IPv4-UNDERLAY-PEERS
- remote_as: '65000'
+ remote_as: '65199'
description: site-ha-disabled-leaf_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
rd: 192.168.42.2:666
route_targets:
@@ -355,6 +343,10 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ - name: DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
- name: PROD-AVT-POLICY-VOICE
load_balance_policy: LB-PROD-AVT-POLICY-VOICE
- name: PROD-AVT-POLICY-VIDEO
@@ -365,6 +357,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
- name: DEFAULT-AVT-POLICY-DEFAULT
load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -391,7 +385,20 @@ router_adaptive_virtual_topology:
id: 3
- name: DEFAULT-AVT-POLICY-DEFAULT
id: 1
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-AVT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY
matches:
- application_profile: VOICE
@@ -406,14 +413,10 @@ router_adaptive_virtual_topology:
avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
matches:
- - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- avt_profile: CONTROL-PLANE-PROFILE
- - application_profile: VIDEO
- avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -434,26 +437,29 @@ router_path_selection:
- name: LB-CONTROL-PLANE-PROFILE
path_groups:
- name: Satellite
+ - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: LB-DEFAULT-AVT-POLICY-DEFAULT
- name: LB-PROD-AVT-POLICY-VOICE
jitter: 42
- name: LB-PROD-AVT-POLICY-VIDEO
loss_rate: '42.0'
- name: LB-PROD-AVT-POLICY-DEFAULT
- - name: LB-DEFAULT-AVT-POLICY-VIDEO
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: LB-DEFAULT-POLICY-DEFAULT
+ path_groups:
+ - name: Satellite
router_traffic_engineering:
enabled: true
application_traffic_recognition:
application_profiles:
- - name: VOICE
- applications:
- - name: CUSTOM-VOICE-APPLICATION
- name: VIDEO
categories:
- name: VIDEO1
applications:
- name: CUSTOM-APPLICATION-1
- name: skype
+ - name: VOICE
+ applications:
+ - name: CUSTOM-VOICE-APPLICATION
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-no-default-policy.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-no-default-policy.yml
index 76167c1ad3c..0e57f388770 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-no-default-policy.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-no-default-policy.yml
@@ -251,23 +251,39 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
- - name: DEFAULT-AVT-POLICY-DEFAULT
- load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-WITH-CP-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-WITH-CP-DEFAULT
vrfs:
+ - name: PROD
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
+ - name: IT
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
- name: default
- policy: DEFAULT-AVT-POLICY-WITH-CP
+ policy: DEFAULT-POLICY-WITH-CP
profiles:
- name: CONTROL-PLANE-PROFILE
id: 254
- - name: DEFAULT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
id: 1
policies:
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
+ matches:
+ - application_profile: default
+ avt_profile: DEFAULT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-WITH-CP
matches:
- application_profile: CONTROL-PLANE-APPLICATION-PROFILE
avt_profile: CONTROL-PLANE-PROFILE
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -316,15 +332,15 @@ router_path_selection:
enabled: true
ipsec_profile: CP-PROFILE
load_balance_policies:
- - name: LB-CONTROL-PLANE-PROFILE
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: INET
- name: MPLS
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: LTE
+ - name: LB-CONTROL-PLANE-PROFILE
path_groups:
- name: INET
- name: MPLS
- - name: LTE
router_traffic_engineering:
enabled: true
stun:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge.yml
index d88debcb9c8..dd10a5846f7 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge.yml
@@ -57,15 +57,9 @@ router_bgp:
neighbors:
- ip_address: 172.17.0.0
peer_group: IPv4-UNDERLAY-PEERS
-<<<<<<< HEAD
remote_as: '65199'
- description: site-ha-disabled-leaf_Ethernet1.100_vrf_IT
- rd: 192.168.42.1:100
-=======
- remote_as: '65000'
description: site-ha-disabled-leaf_Ethernet1.1000_vrf_IT
rd: 192.168.42.1:1000
->>>>>>> ff441f2cd (Feat(eos_designs): Add wan_vni for WAN VRF)
route_targets:
import:
- address_family: evpn
@@ -82,15 +76,9 @@ router_bgp:
neighbors:
- ip_address: 172.17.0.0
peer_group: IPv4-UNDERLAY-PEERS
-<<<<<<< HEAD
remote_as: '65199'
- description: site-ha-disabled-leaf_Ethernet1.42_vrf_PROD
- rd: 192.168.42.1:42
-=======
- remote_as: '65000'
description: site-ha-disabled-leaf_Ethernet1.142_vrf_PROD
rd: 192.168.42.1:142
->>>>>>> ff441f2cd (Feat(eos_designs): Add wan_vni for WAN VRF)
route_targets:
import:
- address_family: evpn
@@ -107,7 +95,7 @@ router_bgp:
neighbors:
- ip_address: 172.17.0.0
peer_group: IPv4-UNDERLAY-PEERS
- remote_as: '65000'
+ remote_as: '65199'
description: site-ha-disabled-leaf_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
rd: 192.168.42.1:666
route_targets:
@@ -397,6 +385,10 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ - name: DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
- name: PROD-AVT-POLICY-VOICE
load_balance_policy: LB-PROD-AVT-POLICY-VOICE
- name: PROD-AVT-POLICY-VIDEO
@@ -407,6 +399,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
- name: DEFAULT-AVT-POLICY-DEFAULT
load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -433,7 +427,20 @@ router_adaptive_virtual_topology:
id: 3
- name: DEFAULT-AVT-POLICY-DEFAULT
id: 1
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-AVT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY
matches:
- application_profile: VOICE
@@ -448,14 +455,10 @@ router_adaptive_virtual_topology:
avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
matches:
- - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- avt_profile: CONTROL-PLANE-PROFILE
- - application_profile: VIDEO
- avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -508,6 +511,15 @@ router_path_selection:
path_groups:
- name: INET
- name: MPLS
+ - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ path_groups:
+ - name: MPLS
+ - name: INET
+ - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ path_groups:
+ - name: INET
+ - name: MPLS
+ priority: 42
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: MPLS
@@ -526,15 +538,11 @@ router_path_selection:
- name: INET
- name: MPLS
priority: 2
- - name: LB-DEFAULT-AVT-POLICY-VIDEO
- path_groups:
- - name: MPLS
- - name: INET
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: INET
- name: MPLS
- priority: 42
+ - name: LTE
router_traffic_engineering:
enabled: true
stun:
@@ -548,15 +556,15 @@ stun:
ip_address: 172.16.0.1
application_traffic_recognition:
application_profiles:
- - name: VOICE
- applications:
- - name: CUSTOM-VOICE-APPLICATION
- name: VIDEO
categories:
- name: VIDEO1
applications:
- name: CUSTOM-APPLICATION-1
- name: skype
+ - name: VOICE
+ applications:
+ - name: CUSTOM-VOICE-APPLICATION
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2A.yml
index 6ae477f1355..c1e8e43c377 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2A.yml
@@ -64,21 +64,21 @@ router_bgp:
- ip_address: 172.17.0.4
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf2A_Ethernet1.100_vrf_IT
+ description: site-ha-enabled-leaf2A_Ethernet1.1000_vrf_IT
- ip_address: 172.17.0.6
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf2B_Ethernet1.100_vrf_IT
- rd: 192.168.42.2:100
+ description: site-ha-enabled-leaf2B_Ethernet1.1000_vrf_IT
+ rd: 192.168.42.2:1000
route_targets:
import:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
export:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
redistribute_routes:
- source_protocol: connected
- name: PROD
@@ -87,21 +87,44 @@ router_bgp:
- ip_address: 172.17.0.4
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf2A_Ethernet1.42_vrf_PROD
+ description: site-ha-enabled-leaf2A_Ethernet1.142_vrf_PROD
- ip_address: 172.17.0.6
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf2B_Ethernet1.42_vrf_PROD
- rd: 192.168.42.2:42
+ description: site-ha-enabled-leaf2B_Ethernet1.142_vrf_PROD
+ rd: 192.168.42.2:142
route_targets:
import:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
export:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
+ redistribute_routes:
+ - source_protocol: connected
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ router_id: 192.168.42.2
+ neighbors:
+ - ip_address: 172.17.0.4
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65199'
+ description: site-ha-enabled-leaf2A_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ - ip_address: 172.17.0.6
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65199'
+ description: site-ha-enabled-leaf2B_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ rd: 192.168.42.2:666
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - 666:666
+ export:
+ - address_family: evpn
+ route_targets:
+ - 666:666
redistribute_routes:
- source_protocol: connected
- name: default
@@ -156,6 +179,9 @@ vrfs:
- name: PROD
tenant: TenantA
ip_routing: true
+- name: ATTRACTED-VRF-FROM-UPLINK
+ tenant: TenantC
+ ip_routing: true
management_api_http:
enable_vrfs:
- name: MGMT
@@ -172,26 +198,37 @@ ethernet_interfaces:
ip_address: 172.17.0.5/31
flow_tracker:
hardware: WAN-FLOW-TRACKER
-- name: Ethernet52.100
+- name: Ethernet52.1000
peer: site-ha-enabled-leaf2A
- peer_interface: Ethernet1.100
+ peer_interface: Ethernet1.1000
peer_type: l3leaf
vrf: IT
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.100_vrf_IT
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.5/31
-- name: Ethernet52.42
+- name: Ethernet52.142
peer: site-ha-enabled-leaf2A
- peer_interface: Ethernet1.42
+ peer_interface: Ethernet1.142
peer_type: l3leaf
vrf: PROD
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.42_vrf_PROD
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.142_vrf_PROD
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.5/31
+- name: Ethernet52.666
+ peer: site-ha-enabled-leaf2A
+ peer_interface: Ethernet1.666
+ peer_type: l3leaf
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.5/31
- name: Ethernet53
@@ -205,26 +242,37 @@ ethernet_interfaces:
ip_address: 172.17.0.7/31
flow_tracker:
hardware: WAN-FLOW-TRACKER
-- name: Ethernet53.100
+- name: Ethernet53.1000
peer: site-ha-enabled-leaf2B
- peer_interface: Ethernet1.100
+ peer_interface: Ethernet1.1000
peer_type: l3leaf
vrf: IT
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.100_vrf_IT
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.7/31
-- name: Ethernet53.42
+- name: Ethernet53.142
peer: site-ha-enabled-leaf2B
- peer_interface: Ethernet1.42
+ peer_interface: Ethernet1.142
peer_type: l3leaf
vrf: PROD
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.42_vrf_PROD
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.142_vrf_PROD
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.7/31
+- name: Ethernet53.666
+ peer: site-ha-enabled-leaf2B
+ peer_interface: Ethernet1.666
+ peer_type: l3leaf
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.7/31
- name: Ethernet1
@@ -410,6 +458,10 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ - name: DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
- name: PROD-AVT-POLICY-VOICE
load_balance_policy: LB-PROD-AVT-POLICY-VOICE
- name: PROD-AVT-POLICY-VIDEO
@@ -420,6 +472,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
- name: DEFAULT-AVT-POLICY-DEFAULT
load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -446,7 +500,20 @@ router_adaptive_virtual_topology:
id: 3
- name: DEFAULT-AVT-POLICY-DEFAULT
id: 1
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-AVT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY
matches:
- application_profile: VOICE
@@ -461,14 +528,10 @@ router_adaptive_virtual_topology:
avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
matches:
- - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- avt_profile: CONTROL-PLANE-PROFILE
- - application_profile: VIDEO
- avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -513,6 +576,14 @@ router_path_selection:
path_groups:
- name: LAN_HA
- name: INET
+ - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ path_groups:
+ - name: LAN_HA
+ - name: INET
+ - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ path_groups:
+ - name: LAN_HA
+ - name: INET
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
@@ -529,11 +600,7 @@ router_path_selection:
path_groups:
- name: LAN_HA
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-VIDEO
- path_groups:
- - name: LAN_HA
- - name: INET
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
@@ -548,15 +615,15 @@ stun:
ip_address: 10.9.9.9
application_traffic_recognition:
application_profiles:
- - name: VOICE
- applications:
- - name: CUSTOM-VOICE-APPLICATION
- name: VIDEO
categories:
- name: VIDEO1
applications:
- name: CUSTOM-APPLICATION-1
- name: skype
+ - name: VOICE
+ applications:
+ - name: CUSTOM-VOICE-APPLICATION
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
@@ -618,6 +685,8 @@ vxlan_interface:
vni: 100
- name: PROD
vni: 42
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 166
metadata:
cv_tags:
device_tags:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2B.yml
index 5a719d87e84..2403f7e6aa0 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2B.yml
@@ -64,21 +64,21 @@ router_bgp:
- ip_address: 172.17.0.8
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf2A_Ethernet2.100_vrf_IT
+ description: site-ha-enabled-leaf2A_Ethernet2.1000_vrf_IT
- ip_address: 172.17.0.10
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf2B_Ethernet2.100_vrf_IT
- rd: 192.168.42.3:100
+ description: site-ha-enabled-leaf2B_Ethernet2.1000_vrf_IT
+ rd: 192.168.42.3:1000
route_targets:
import:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
export:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
redistribute_routes:
- source_protocol: connected
- name: PROD
@@ -87,21 +87,44 @@ router_bgp:
- ip_address: 172.17.0.8
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf2A_Ethernet2.42_vrf_PROD
+ description: site-ha-enabled-leaf2A_Ethernet2.142_vrf_PROD
- ip_address: 172.17.0.10
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf2B_Ethernet2.42_vrf_PROD
- rd: 192.168.42.3:42
+ description: site-ha-enabled-leaf2B_Ethernet2.142_vrf_PROD
+ rd: 192.168.42.3:142
route_targets:
import:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
export:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
+ redistribute_routes:
+ - source_protocol: connected
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ router_id: 192.168.42.3
+ neighbors:
+ - ip_address: 172.17.0.8
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65199'
+ description: site-ha-enabled-leaf2A_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ - ip_address: 172.17.0.10
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65199'
+ description: site-ha-enabled-leaf2B_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ rd: 192.168.42.3:666
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - 666:666
+ export:
+ - address_family: evpn
+ route_targets:
+ - 666:666
redistribute_routes:
- source_protocol: connected
- name: default
@@ -156,6 +179,9 @@ vrfs:
- name: PROD
tenant: TenantA
ip_routing: true
+- name: ATTRACTED-VRF-FROM-UPLINK
+ tenant: TenantC
+ ip_routing: true
management_api_http:
enable_vrfs:
- name: MGMT
@@ -172,26 +198,37 @@ ethernet_interfaces:
ip_address: 172.17.0.9/31
flow_tracker:
hardware: WAN-FLOW-TRACKER
-- name: Ethernet52.100
+- name: Ethernet52.1000
peer: site-ha-enabled-leaf2A
- peer_interface: Ethernet2.100
+ peer_interface: Ethernet2.1000
peer_type: l3leaf
vrf: IT
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.100_vrf_IT
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.9/31
-- name: Ethernet52.42
+- name: Ethernet52.142
peer: site-ha-enabled-leaf2A
- peer_interface: Ethernet2.42
+ peer_interface: Ethernet2.142
peer_type: l3leaf
vrf: PROD
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.42_vrf_PROD
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.142_vrf_PROD
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.9/31
+- name: Ethernet52.666
+ peer: site-ha-enabled-leaf2A
+ peer_interface: Ethernet2.666
+ peer_type: l3leaf
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.9/31
- name: Ethernet53
@@ -205,26 +242,37 @@ ethernet_interfaces:
ip_address: 172.17.0.11/31
flow_tracker:
hardware: WAN-FLOW-TRACKER
-- name: Ethernet53.100
+- name: Ethernet53.1000
peer: site-ha-enabled-leaf2B
- peer_interface: Ethernet2.100
+ peer_interface: Ethernet2.1000
peer_type: l3leaf
vrf: IT
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.100_vrf_IT
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.11/31
-- name: Ethernet53.42
+- name: Ethernet53.142
peer: site-ha-enabled-leaf2B
- peer_interface: Ethernet2.42
+ peer_interface: Ethernet2.142
peer_type: l3leaf
vrf: PROD
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.42_vrf_PROD
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.142_vrf_PROD
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.11/31
+- name: Ethernet53.666
+ peer: site-ha-enabled-leaf2B
+ peer_interface: Ethernet2.666
+ peer_type: l3leaf
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.11/31
- name: Ethernet2
@@ -409,6 +457,10 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ - name: DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
- name: PROD-AVT-POLICY-VOICE
load_balance_policy: LB-PROD-AVT-POLICY-VOICE
- name: PROD-AVT-POLICY-VIDEO
@@ -419,6 +471,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
- name: DEFAULT-AVT-POLICY-DEFAULT
load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -445,7 +499,20 @@ router_adaptive_virtual_topology:
id: 3
- name: DEFAULT-AVT-POLICY-DEFAULT
id: 1
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-AVT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY
matches:
- application_profile: VOICE
@@ -460,14 +527,10 @@ router_adaptive_virtual_topology:
avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
matches:
- - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- avt_profile: CONTROL-PLANE-PROFILE
- - application_profile: VIDEO
- avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -509,6 +572,15 @@ router_path_selection:
path_groups:
- name: LAN_HA
- name: MPLS
+ - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ path_groups:
+ - name: LAN_HA
+ - name: MPLS
+ - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ path_groups:
+ - name: LAN_HA
+ - name: MPLS
+ priority: 42
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
@@ -524,15 +596,10 @@ router_path_selection:
- name: LAN_HA
- name: MPLS
priority: 2
- - name: LB-DEFAULT-AVT-POLICY-VIDEO
- path_groups:
- - name: LAN_HA
- - name: MPLS
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: MPLS
- priority: 42
router_traffic_engineering:
enabled: true
stun:
@@ -542,15 +609,15 @@ stun:
ip_address: 172.16.0.1
application_traffic_recognition:
application_profiles:
- - name: VOICE
- applications:
- - name: CUSTOM-VOICE-APPLICATION
- name: VIDEO
categories:
- name: VIDEO1
applications:
- name: CUSTOM-APPLICATION-1
- name: skype
+ - name: VOICE
+ applications:
+ - name: CUSTOM-VOICE-APPLICATION
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
@@ -612,6 +679,8 @@ vxlan_interface:
vni: 100
- name: PROD
vni: 42
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 166
metadata:
cv_tags:
device_tags:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder.yml
index 6ae24d73c62..3692622cdab 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder.yml
@@ -199,6 +199,10 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ - name: DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
- name: PROD-AVT-POLICY-VOICE
load_balance_policy: LB-PROD-AVT-POLICY-VOICE
- name: PROD-AVT-POLICY-VIDEO
@@ -213,6 +217,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-TRANSIT-AVT-POLICY-VOICE
- name: TRANSIT-AVT-POLICY-DEFAULT
load_balance_policy: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -246,7 +252,20 @@ router_adaptive_virtual_topology:
id: 42
- name: TRANSIT-AVT-POLICY-DEFAULT
id: 1
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-AVT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY
matches:
- application_profile: VOICE
@@ -267,14 +286,10 @@ router_adaptive_virtual_topology:
avt_profile: TRANSIT-AVT-POLICY-VOICE
- application_profile: default
avt_profile: TRANSIT-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
matches:
- - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- avt_profile: CONTROL-PLANE-PROFILE
- - application_profile: VIDEO
- avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -310,6 +325,18 @@ router_path_selection:
- name: LAN_HA
- name: INET
- name: MPLS
+ - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ path_groups:
+ - name: LAN_HA
+ - name: MPLS
+ - name: INET
+ - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ path_groups:
+ - name: LAN_HA
+ - name: INET
+ - name: Equinix
+ - name: MPLS
+ priority: 42
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
@@ -331,30 +358,23 @@ router_path_selection:
- name: INET
- name: MPLS
priority: 2
- - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: LB-TRANSIT-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
- name: MPLS
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ priority: 2
+ - name: LB-TRANSIT-AVT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
- - name: Equinix
- - name: MPLS
- priority: 42
- - name: LB-TRANSIT-AVT-POLICY-VOICE
- path_groups:
- - name: LAN_HA
- name: MPLS
- - name: INET
priority: 2
- - name: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
- name: MPLS
- priority: 2
router_traffic_engineering:
enabled: true
stun:
@@ -365,15 +385,15 @@ stun:
- Ethernet3
application_traffic_recognition:
application_profiles:
- - name: VOICE
- applications:
- - name: CUSTOM-VOICE-APPLICATION
- name: VIDEO
categories:
- name: VIDEO1
applications:
- name: CUSTOM-APPLICATION-1
- name: skype
+ - name: VOICE
+ applications:
+ - name: CUSTOM-VOICE-APPLICATION
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
@@ -636,3 +656,15 @@ metadata:
preference: preferred
- name: MPLS
preference: alternate
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 666
+ avts:
+ - id: 1
+ name: DEFAULT-POLICY-DEFAULT
+ pathgroups:
+ - name: LAN_HA
+ preference: preferred
+ - name: INET
+ preference: preferred
+ - name: MPLS
+ preference: preferred
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder1.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder1.yml
index 62c80cee7c1..603cad0990a 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder1.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder1.yml
@@ -213,6 +213,10 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ - name: DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
- name: PROD-AVT-POLICY-VOICE
load_balance_policy: LB-PROD-AVT-POLICY-VOICE
- name: PROD-AVT-POLICY-VIDEO
@@ -227,6 +231,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-TRANSIT-AVT-POLICY-VOICE
- name: TRANSIT-AVT-POLICY-DEFAULT
load_balance_policy: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -260,7 +266,20 @@ router_adaptive_virtual_topology:
id: 42
- name: TRANSIT-AVT-POLICY-DEFAULT
id: 1
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-AVT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY
matches:
- application_profile: VOICE
@@ -281,14 +300,10 @@ router_adaptive_virtual_topology:
avt_profile: TRANSIT-AVT-POLICY-VOICE
- application_profile: default
avt_profile: TRANSIT-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
matches:
- - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- avt_profile: CONTROL-PLANE-PROFILE
- - application_profile: VIDEO
- avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -329,6 +344,18 @@ router_path_selection:
path_groups:
- name: LAN_HA
- name: INET
+ - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ path_groups:
+ - name: LAN_HA
+ - name: MPLS
+ - name: INET
+ - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ path_groups:
+ - name: LAN_HA
+ - name: INET
+ - name: Equinix
+ - name: MPLS
+ priority: 42
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
@@ -350,18 +377,6 @@ router_path_selection:
- name: INET
- name: MPLS
priority: 2
- - name: LB-DEFAULT-AVT-POLICY-VIDEO
- path_groups:
- - name: LAN_HA
- - name: MPLS
- - name: INET
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
- path_groups:
- - name: LAN_HA
- - name: INET
- - name: Equinix
- - name: MPLS
- priority: 42
- name: LB-TRANSIT-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
@@ -374,6 +389,10 @@ router_path_selection:
- name: INET
- name: MPLS
priority: 2
+ - name: LB-DEFAULT-POLICY-DEFAULT
+ path_groups:
+ - name: LAN_HA
+ - name: INET
router_traffic_engineering:
enabled: true
stun:
@@ -382,15 +401,15 @@ stun:
- Ethernet1
application_traffic_recognition:
application_profiles:
- - name: VOICE
- applications:
- - name: CUSTOM-VOICE-APPLICATION
- name: VIDEO
categories:
- name: VIDEO1
applications:
- name: CUSTOM-APPLICATION-1
- name: skype
+ - name: VOICE
+ applications:
+ - name: CUSTOM-VOICE-APPLICATION
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
@@ -625,3 +644,13 @@ metadata:
preference: preferred
- name: MPLS
preference: alternate
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 666
+ avts:
+ - id: 1
+ name: DEFAULT-POLICY-DEFAULT
+ pathgroups:
+ - name: LAN_HA
+ preference: preferred
+ - name: INET
+ preference: preferred
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder2.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder2.yml
index 56ac5de0e5c..25db97564fb 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder2.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder2.yml
@@ -220,6 +220,10 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ - name: DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
- name: PROD-AVT-POLICY-VOICE
load_balance_policy: LB-PROD-AVT-POLICY-VOICE
- name: PROD-AVT-POLICY-VIDEO
@@ -234,6 +238,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-TRANSIT-AVT-POLICY-VOICE
- name: TRANSIT-AVT-POLICY-DEFAULT
load_balance_policy: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -267,7 +273,20 @@ router_adaptive_virtual_topology:
id: 42
- name: TRANSIT-AVT-POLICY-DEFAULT
id: 1
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-AVT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY
matches:
- application_profile: VOICE
@@ -288,14 +307,10 @@ router_adaptive_virtual_topology:
avt_profile: TRANSIT-AVT-POLICY-VOICE
- application_profile: default
avt_profile: TRANSIT-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
matches:
- - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- avt_profile: CONTROL-PLANE-PROFILE
- - application_profile: VIDEO
- avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -344,6 +359,18 @@ router_path_selection:
- name: LAN_HA
- name: INET
- name: MPLS
+ - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ path_groups:
+ - name: LAN_HA
+ - name: MPLS
+ - name: INET
+ - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ path_groups:
+ - name: LAN_HA
+ - name: INET
+ - name: Equinix
+ - name: MPLS
+ priority: 42
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
@@ -365,30 +392,23 @@ router_path_selection:
- name: INET
- name: MPLS
priority: 2
- - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: LB-TRANSIT-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
- name: MPLS
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ priority: 2
+ - name: LB-TRANSIT-AVT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
- - name: Equinix
- - name: MPLS
- priority: 42
- - name: LB-TRANSIT-AVT-POLICY-VOICE
- path_groups:
- - name: LAN_HA
- name: MPLS
- - name: INET
priority: 2
- - name: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
- name: MPLS
- priority: 2
router_traffic_engineering:
enabled: true
stun:
@@ -398,15 +418,15 @@ stun:
- Ethernet2
application_traffic_recognition:
application_profiles:
- - name: VOICE
- applications:
- - name: CUSTOM-VOICE-APPLICATION
- name: VIDEO
categories:
- name: VIDEO1
applications:
- name: CUSTOM-APPLICATION-1
- name: skype
+ - name: VOICE
+ applications:
+ - name: CUSTOM-VOICE-APPLICATION
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
@@ -656,3 +676,15 @@ metadata:
preference: preferred
- name: MPLS
preference: alternate
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 666
+ avts:
+ - id: 1
+ name: DEFAULT-POLICY-DEFAULT
+ pathgroups:
+ - name: LAN_HA
+ preference: preferred
+ - name: INET
+ preference: preferred
+ - name: MPLS
+ preference: preferred
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1A.yml
index a1c21c338be..b911ffc0806 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1A.yml
@@ -59,17 +59,17 @@ router_bgp:
- ip_address: 172.17.0.0
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf1_Ethernet1.100_vrf_IT
- rd: 192.168.43.1:100
+ description: site-ha-enabled-leaf1_Ethernet1.1000_vrf_IT
+ rd: 192.168.43.1:1000
route_targets:
import:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
export:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
redistribute_routes:
- source_protocol: connected
- name: PROD
@@ -78,17 +78,36 @@ router_bgp:
- ip_address: 172.17.0.0
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf1_Ethernet1.42_vrf_PROD
- rd: 192.168.43.1:42
+ description: site-ha-enabled-leaf1_Ethernet1.142_vrf_PROD
+ rd: 192.168.43.1:142
route_targets:
import:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
export:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
+ redistribute_routes:
+ - source_protocol: connected
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ router_id: 192.168.43.1
+ neighbors:
+ - ip_address: 172.17.0.0
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65199'
+ description: site-ha-enabled-leaf1_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ rd: 192.168.43.1:666
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - 666:666
+ export:
+ - address_family: evpn
+ route_targets:
+ - 666:666
redistribute_routes:
- source_protocol: connected
- name: default
@@ -103,6 +122,10 @@ router_bgp:
route_targets:
- '1:1'
- route-map RM-EVPN-EXPORT-VRF-DEFAULT
+ - name: NOT-WAN-VRF
+ router_id: 192.168.43.1
+ redistribute_routes:
+ - source_protocol: connected
- name: TRANSIT
router_id: 192.168.43.1
rd: 192.168.43.1:66
@@ -143,69 +166,6 @@ router_bgp:
receive: true
send:
any: true
-<<<<<<< HEAD:ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1A.yml
-=======
- neighbors:
- - ip_address: 192.168.144.1
- peer_group: WAN-OVERLAY-PEERS
- peer: cv-pathfinder-pathfinder
- description: cv-pathfinder-pathfinder
- vrfs:
- - name: default
- rd: 192.168.43.1:1
- route_targets:
- import:
- - address_family: evpn
- route_targets:
- - '1:1'
- export:
- - address_family: evpn
- route_targets:
- - '1:1'
- - route-map RM-EVPN-EXPORT-VRF-DEFAULT
- - name: IT
- router_id: 192.168.43.1
- rd: 192.168.43.1:1000
- route_targets:
- import:
- - address_family: evpn
- route_targets:
- - 1000:1000
- export:
- - address_family: evpn
- route_targets:
- - 1000:1000
- redistribute_routes:
- - source_protocol: connected
- - name: PROD
- router_id: 192.168.43.1
- rd: 192.168.43.1:142
- route_targets:
- import:
- - address_family: evpn
- route_targets:
- - 142:142
- export:
- - address_family: evpn
- route_targets:
- - 142:142
- redistribute_routes:
- - source_protocol: connected
- - name: TRANSIT
- router_id: 192.168.43.1
- rd: 192.168.43.1:66
- route_targets:
- import:
- - address_family: evpn
- route_targets:
- - 66:66
- export:
- - address_family: evpn
- route_targets:
- - 66:66
- redistribute_routes:
- - source_protocol: connected
->>>>>>> ff441f2cd (Feat(eos_designs): Add wan_vni for WAN VRF):ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit.yml
service_routing_protocols_model: multi-agent
ip_routing: true
transceiver_qsfp_default_mode_4x10: false
@@ -226,6 +186,9 @@ vrfs:
- name: TRANSIT
tenant: TenantB
ip_routing: true
+- name: ATTRACTED-VRF-FROM-UPLINK
+ tenant: TenantC
+ ip_routing: true
management_api_http:
enable_vrfs:
- name: MGMT
@@ -242,26 +205,37 @@ ethernet_interfaces:
ip_address: 172.17.0.1/31
flow_tracker:
hardware: WAN-FLOW-TRACKER
-- name: Ethernet52.100
+- name: Ethernet52.1000
peer: site-ha-enabled-leaf1
- peer_interface: Ethernet1.100
+ peer_interface: Ethernet1.1000
peer_type: l3leaf
vrf: IT
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.100_vrf_IT
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.1/31
-- name: Ethernet52.42
+- name: Ethernet52.142
peer: site-ha-enabled-leaf1
- peer_interface: Ethernet1.42
+ peer_interface: Ethernet1.142
peer_type: l3leaf
vrf: PROD
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.42_vrf_PROD
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.142_vrf_PROD
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.1/31
+- name: Ethernet52.666
+ peer: site-ha-enabled-leaf1
+ peer_interface: Ethernet1.666
+ peer_type: l3leaf
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.1/31
- name: Ethernet1.42
@@ -460,6 +434,10 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ - name: DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
- name: PROD-AVT-POLICY-VOICE
load_balance_policy: LB-PROD-AVT-POLICY-VOICE
- name: PROD-AVT-POLICY-VIDEO
@@ -474,6 +452,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-TRANSIT-AVT-POLICY-VOICE
- name: TRANSIT-AVT-POLICY-DEFAULT
load_balance_policy: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -507,7 +487,20 @@ router_adaptive_virtual_topology:
id: 42
- name: TRANSIT-AVT-POLICY-DEFAULT
id: 1
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-AVT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY
matches:
- application_profile: VOICE
@@ -528,14 +521,10 @@ router_adaptive_virtual_topology:
avt_profile: TRANSIT-AVT-POLICY-VOICE
- application_profile: default
avt_profile: TRANSIT-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
matches:
- - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- avt_profile: CONTROL-PLANE-PROFILE
- - application_profile: VIDEO
- avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -592,6 +581,17 @@ router_path_selection:
- name: LAN_HA
- name: INET
- name: MPLS
+ - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ path_groups:
+ - name: LAN_HA
+ - name: MPLS
+ - name: INET
+ - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ path_groups:
+ - name: LAN_HA
+ - name: INET
+ - name: MPLS
+ priority: 42
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
@@ -612,29 +612,23 @@ router_path_selection:
- name: INET
- name: MPLS
priority: 2
- - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: LB-TRANSIT-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
- name: MPLS
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ priority: 2
+ - name: LB-TRANSIT-AVT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
- name: MPLS
- priority: 42
- - name: LB-TRANSIT-AVT-POLICY-VOICE
- path_groups:
- - name: LAN_HA
- - name: MPLS
- - name: INET
priority: 2
- - name: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
- name: MPLS
- priority: 2
router_traffic_engineering:
enabled: true
stun:
@@ -648,15 +642,15 @@ stun:
ip_address: 172.16.0.1
application_traffic_recognition:
application_profiles:
- - name: VOICE
- applications:
- - name: CUSTOM-VOICE-APPLICATION
- name: VIDEO
categories:
- name: VIDEO1
applications:
- name: CUSTOM-APPLICATION-1
- name: skype
+ - name: VOICE
+ applications:
+ - name: CUSTOM-VOICE-APPLICATION
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
@@ -720,6 +714,8 @@ vxlan_interface:
vni: 42
- name: TRANSIT
vni: 66
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 166
metadata:
cv_tags:
device_tags:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1B.yml
index 8dfa33db598..447c2c43026 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1B.yml
@@ -59,17 +59,17 @@ router_bgp:
- ip_address: 172.17.0.2
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf1_Ethernet2.100_vrf_IT
- rd: 192.168.43.2:100
+ description: site-ha-enabled-leaf1_Ethernet2.1000_vrf_IT
+ rd: 192.168.43.2:1000
route_targets:
import:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
export:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
redistribute_routes:
- source_protocol: connected
- name: PROD
@@ -78,17 +78,36 @@ router_bgp:
- ip_address: 172.17.0.2
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf1_Ethernet2.42_vrf_PROD
- rd: 192.168.43.2:42
+ description: site-ha-enabled-leaf1_Ethernet2.142_vrf_PROD
+ rd: 192.168.43.2:142
route_targets:
import:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
export:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
+ redistribute_routes:
+ - source_protocol: connected
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ router_id: 192.168.43.2
+ neighbors:
+ - ip_address: 172.17.0.2
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65199'
+ description: site-ha-enabled-leaf1_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ rd: 192.168.43.2:666
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - 666:666
+ export:
+ - address_family: evpn
+ route_targets:
+ - 666:666
redistribute_routes:
- source_protocol: connected
- name: default
@@ -103,6 +122,10 @@ router_bgp:
route_targets:
- '1:1'
- route-map RM-EVPN-EXPORT-VRF-DEFAULT
+ - name: NOT-WAN-VRF
+ router_id: 192.168.43.2
+ redistribute_routes:
+ - source_protocol: connected
- name: TRANSIT
router_id: 192.168.43.2
rd: 192.168.43.2:66
@@ -157,9 +180,15 @@ vrfs:
- name: PROD
tenant: TenantA
ip_routing: true
+- name: NOT-WAN-VRF
+ tenant: TenantB
+ ip_routing: true
- name: TRANSIT
tenant: TenantB
ip_routing: true
+- name: ATTRACTED-VRF-FROM-UPLINK
+ tenant: TenantC
+ ip_routing: true
management_api_http:
enable_vrfs:
- name: MGMT
@@ -176,26 +205,37 @@ ethernet_interfaces:
ip_address: 172.17.0.3/31
flow_tracker:
hardware: WAN-FLOW-TRACKER
-- name: Ethernet52.100
+- name: Ethernet52.1000
peer: site-ha-enabled-leaf1
- peer_interface: Ethernet2.100
+ peer_interface: Ethernet2.1000
peer_type: l3leaf
vrf: IT
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.100_vrf_IT
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.3/31
-- name: Ethernet52.42
+- name: Ethernet52.142
peer: site-ha-enabled-leaf1
- peer_interface: Ethernet2.42
+ peer_interface: Ethernet2.142
peer_type: l3leaf
vrf: PROD
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.42_vrf_PROD
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.142_vrf_PROD
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.3/31
+- name: Ethernet52.666
+ peer: site-ha-enabled-leaf1
+ peer_interface: Ethernet2.666
+ peer_type: l3leaf
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.3/31
- name: Ethernet1.42
@@ -394,6 +434,10 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-WITH-CP-VIDEO
+ - name: DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-WITH-CP-DEFAULT
- name: PROD-AVT-POLICY-VOICE
load_balance_policy: LB-PROD-AVT-POLICY-VOICE
- name: PROD-AVT-POLICY-VIDEO
@@ -408,6 +452,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-TRANSIT-AVT-POLICY-VOICE
- name: TRANSIT-AVT-POLICY-DEFAULT
load_balance_policy: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -441,7 +487,20 @@ router_adaptive_virtual_topology:
id: 42
- name: TRANSIT-AVT-POLICY-DEFAULT
id: 1
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-AVT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY
matches:
- application_profile: VOICE
@@ -462,14 +521,10 @@ router_adaptive_virtual_topology:
avt_profile: TRANSIT-AVT-POLICY-VOICE
- application_profile: default
avt_profile: TRANSIT-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
matches:
- - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- avt_profile: CONTROL-PLANE-PROFILE
- - application_profile: VIDEO
- avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -526,6 +581,17 @@ router_path_selection:
- name: LAN_HA
- name: INET
- name: MPLS
+ - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ path_groups:
+ - name: LAN_HA
+ - name: MPLS
+ - name: INET
+ - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ path_groups:
+ - name: LAN_HA
+ - name: INET
+ - name: MPLS
+ priority: 42
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
@@ -546,29 +612,23 @@ router_path_selection:
- name: INET
- name: MPLS
priority: 2
- - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: LB-TRANSIT-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
- name: MPLS
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ priority: 2
+ - name: LB-TRANSIT-AVT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
- name: MPLS
- priority: 42
- - name: LB-TRANSIT-AVT-POLICY-VOICE
- path_groups:
- - name: LAN_HA
- - name: MPLS
- - name: INET
priority: 2
- - name: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
- name: MPLS
- priority: 2
router_traffic_engineering:
enabled: true
stun:
@@ -582,15 +642,15 @@ stun:
ip_address: 172.16.0.1
application_traffic_recognition:
application_profiles:
- - name: VOICE
- applications:
- - name: CUSTOM-VOICE-APPLICATION
- name: VIDEO
categories:
- name: VIDEO1
applications:
- name: CUSTOM-APPLICATION-1
- name: skype
+ - name: VOICE
+ applications:
+ - name: CUSTOM-VOICE-APPLICATION
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
@@ -654,6 +714,8 @@ vxlan_interface:
vni: 42
- name: TRANSIT
vni: 66
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 166
metadata:
cv_tags:
device_tags:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-disabled-leaf.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-disabled-leaf.yml
index e396481e781..b95fe408e58 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-disabled-leaf.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-disabled-leaf.yml
@@ -54,13 +54,8 @@ router_bgp:
- ip_address: 172.17.0.3
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
-<<<<<<< HEAD
- description: cv-pathfinder-edge-no-common-path-group_Ethernet52.100_vrf_IT
- rd: 192.168.45.4:100
-=======
description: cv-pathfinder-edge-no-common-path-group_Ethernet52.1000_vrf_IT
- rd: 192.168.45.3:1000
->>>>>>> ff441f2cd (Feat(eos_designs): Add wan_vni for WAN VRF)
+ rd: 192.168.45.4:1000
route_targets:
import:
- address_family: evpn
@@ -82,13 +77,8 @@ router_bgp:
- ip_address: 172.17.0.3
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
-<<<<<<< HEAD
- description: cv-pathfinder-edge-no-common-path-group_Ethernet52.42_vrf_PROD
- rd: 192.168.45.4:42
-=======
description: cv-pathfinder-edge-no-common-path-group_Ethernet52.142_vrf_PROD
- rd: 192.168.45.3:142
->>>>>>> ff441f2cd (Feat(eos_designs): Add wan_vni for WAN VRF)
+ rd: 192.168.45.4:142
route_targets:
import:
- address_family: evpn
@@ -101,7 +91,7 @@ router_bgp:
redistribute_routes:
- source_protocol: connected
- name: ATTRACTED-VRF-FROM-UPLINK
- router_id: 192.168.45.3
+ router_id: 192.168.45.4
neighbors:
- ip_address: 172.17.0.1
peer_group: IPv4-UNDERLAY-PEERS
@@ -111,7 +101,7 @@ router_bgp:
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
description: cv-pathfinder-edge-no-common-path-group_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
- rd: 192.168.45.3:666
+ rd: 192.168.45.4:666
route_targets:
import:
- address_family: evpn
@@ -157,7 +147,7 @@ router_bgp:
- learned
- id: 666
tenant: TenantC
- rd: 192.168.45.3:1666
+ rd: 192.168.45.4:1666
route_targets:
both:
- 1666:1666
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf1.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf1.yml
index 7a35d7e79bd..16ebd6286ba 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf1.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf1.yml
@@ -50,21 +50,21 @@ router_bgp:
- ip_address: 172.17.0.1
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-transit1A_Ethernet52.100_vrf_IT
+ description: cv-pathfinder-transit1A_Ethernet52.1000_vrf_IT
- ip_address: 172.17.0.3
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-transit1B_Ethernet52.100_vrf_IT
- rd: 192.168.45.1:100
+ description: cv-pathfinder-transit1B_Ethernet52.1000_vrf_IT
+ rd: 192.168.45.1:1000
route_targets:
import:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
export:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
redistribute_routes:
- source_protocol: connected
- name: PROD
@@ -73,21 +73,44 @@ router_bgp:
- ip_address: 172.17.0.1
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-transit1A_Ethernet52.42_vrf_PROD
+ description: cv-pathfinder-transit1A_Ethernet52.142_vrf_PROD
- ip_address: 172.17.0.3
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-transit1B_Ethernet52.42_vrf_PROD
- rd: 192.168.45.1:42
+ description: cv-pathfinder-transit1B_Ethernet52.142_vrf_PROD
+ rd: 192.168.45.1:142
route_targets:
import:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
export:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
+ redistribute_routes:
+ - source_protocol: connected
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ router_id: 192.168.45.1
+ neighbors:
+ - ip_address: 172.17.0.1
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65000'
+ description: cv-pathfinder-transit1A_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ - ip_address: 172.17.0.3
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65000'
+ description: cv-pathfinder-transit1B_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ rd: 192.168.45.1:666
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - 666:666
+ export:
+ - address_family: evpn
+ route_targets:
+ - 666:666
redistribute_routes:
- source_protocol: connected
- name: default
@@ -122,6 +145,14 @@ router_bgp:
- 1101:1101
redistribute_routes:
- learned
+ - id: 666
+ tenant: TenantC
+ rd: 192.168.45.1:1666
+ route_targets:
+ both:
+ - 1666:1666
+ redistribute_routes:
+ - learned
service_routing_protocols_model: multi-agent
ip_routing: true
vlan_internal_order:
@@ -138,6 +169,9 @@ vrfs:
- name: PROD
tenant: TenantA
ip_routing: true
+- name: ATTRACTED-VRF-FROM-UPLINK
+ tenant: TenantC
+ ip_routing: true
management_api_http:
enable_vrfs:
- name: MGMT
@@ -152,26 +186,37 @@ ethernet_interfaces:
mtu: 9214
type: routed
ip_address: 172.17.0.0/31
-- name: Ethernet1.100
+- name: Ethernet1.1000
peer: cv-pathfinder-transit1A
- peer_interface: Ethernet52.100
+ peer_interface: Ethernet52.1000
peer_type: wan_transit
vrf: IT
- description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.100_vrf_IT
+ description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.0/31
-- name: Ethernet1.42
+- name: Ethernet1.142
peer: cv-pathfinder-transit1A
- peer_interface: Ethernet52.42
+ peer_interface: Ethernet52.142
peer_type: wan_transit
vrf: PROD
- description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.42_vrf_PROD
+ description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.142_vrf_PROD
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.0/31
+- name: Ethernet1.666
+ peer: cv-pathfinder-transit1A
+ peer_interface: Ethernet52.666
+ peer_type: wan_transit
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.0/31
- name: Ethernet2
@@ -183,26 +228,37 @@ ethernet_interfaces:
mtu: 9214
type: routed
ip_address: 172.17.0.2/31
-- name: Ethernet2.100
+- name: Ethernet2.1000
peer: cv-pathfinder-transit1B
- peer_interface: Ethernet52.100
+ peer_interface: Ethernet52.1000
peer_type: wan_transit
vrf: IT
- description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.100_vrf_IT
+ description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.2/31
-- name: Ethernet2.42
+- name: Ethernet2.142
peer: cv-pathfinder-transit1B
- peer_interface: Ethernet52.42
+ peer_interface: Ethernet52.142
peer_type: wan_transit
vrf: PROD
- description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.42_vrf_PROD
+ description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.142_vrf_PROD
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.2/31
+- name: Ethernet2.666
+ peer: cv-pathfinder-transit1B
+ peer_interface: Ethernet52.666
+ peer_type: wan_transit
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.2/31
loopback_interfaces:
@@ -240,6 +296,9 @@ vlans:
- id: 101
name: VLAN101
tenant: TenantA
+- id: 666
+ name: VLAN666
+ tenant: TenantC
ip_igmp_snooping:
globally_enabled: true
ip_virtual_router_mac_address: 00:1c:73:00:00:01
@@ -250,6 +309,12 @@ vlan_interfaces:
shutdown: true
ip_address_virtual: 10.0.100.1/24
vrf: PROD
+- name: Vlan666
+ tenant: TenantC
+ description: VLAN666
+ shutdown: true
+ ip_address_virtual: 10.66.66.66/24
+ vrf: ATTRACTED-VRF-FROM-UPLINK
vxlan_interface:
Vxlan1:
description: site-ha-enabled-leaf1_VTEP
@@ -261,10 +326,14 @@ vxlan_interface:
vni: 1100
- id: 101
vni: 1101
+ - id: 666
+ vni: 1666
vrfs:
- name: default
vni: 1
- name: IT
- vni: 100
+ vni: 1000
- name: PROD
- vni: 42
+ vni: 142
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 666
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf2A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf2A.yml
index b58d641ae53..f47ddbdc813 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf2A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf2A.yml
@@ -50,21 +50,21 @@ router_bgp:
- ip_address: 172.17.0.5
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge2A_Ethernet52.100_vrf_IT
+ description: cv-pathfinder-edge2A_Ethernet52.1000_vrf_IT
- ip_address: 172.17.0.9
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge2B_Ethernet52.100_vrf_IT
- rd: 192.168.45.2:100
+ description: cv-pathfinder-edge2B_Ethernet52.1000_vrf_IT
+ rd: 192.168.45.2:1000
route_targets:
import:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
export:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
redistribute_routes:
- source_protocol: connected
- name: PROD
@@ -73,21 +73,44 @@ router_bgp:
- ip_address: 172.17.0.5
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge2A_Ethernet52.42_vrf_PROD
+ description: cv-pathfinder-edge2A_Ethernet52.142_vrf_PROD
- ip_address: 172.17.0.9
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge2B_Ethernet52.42_vrf_PROD
- rd: 192.168.45.2:42
+ description: cv-pathfinder-edge2B_Ethernet52.142_vrf_PROD
+ rd: 192.168.45.2:142
route_targets:
import:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
export:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
+ redistribute_routes:
+ - source_protocol: connected
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ router_id: 192.168.45.2
+ neighbors:
+ - ip_address: 172.17.0.5
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65000'
+ description: cv-pathfinder-edge2A_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ - ip_address: 172.17.0.9
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65000'
+ description: cv-pathfinder-edge2B_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ rd: 192.168.45.2:666
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - 666:666
+ export:
+ - address_family: evpn
+ route_targets:
+ - 666:666
redistribute_routes:
- source_protocol: connected
- name: default
@@ -122,6 +145,14 @@ router_bgp:
- 1101:1101
redistribute_routes:
- learned
+ - id: 666
+ tenant: TenantC
+ rd: 192.168.45.2:1666
+ route_targets:
+ both:
+ - 1666:1666
+ redistribute_routes:
+ - learned
service_routing_protocols_model: multi-agent
ip_routing: true
vlan_internal_order:
@@ -138,6 +169,9 @@ vrfs:
- name: PROD
tenant: TenantA
ip_routing: true
+- name: ATTRACTED-VRF-FROM-UPLINK
+ tenant: TenantC
+ ip_routing: true
management_api_http:
enable_vrfs:
- name: MGMT
@@ -152,26 +186,37 @@ ethernet_interfaces:
mtu: 9214
type: routed
ip_address: 172.17.0.4/31
-- name: Ethernet1.100
+- name: Ethernet1.1000
peer: cv-pathfinder-edge2A
- peer_interface: Ethernet52.100
+ peer_interface: Ethernet52.1000
peer_type: wan_edge
vrf: IT
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.100_vrf_IT
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.4/31
-- name: Ethernet1.42
+- name: Ethernet1.142
peer: cv-pathfinder-edge2A
- peer_interface: Ethernet52.42
+ peer_interface: Ethernet52.142
peer_type: wan_edge
vrf: PROD
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.42_vrf_PROD
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.142_vrf_PROD
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.4/31
+- name: Ethernet1.666
+ peer: cv-pathfinder-edge2A
+ peer_interface: Ethernet52.666
+ peer_type: wan_edge
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.4/31
- name: Ethernet2
@@ -183,26 +228,37 @@ ethernet_interfaces:
mtu: 9214
type: routed
ip_address: 172.17.0.8/31
-- name: Ethernet2.100
+- name: Ethernet2.1000
peer: cv-pathfinder-edge2B
- peer_interface: Ethernet52.100
+ peer_interface: Ethernet52.1000
peer_type: wan_edge
vrf: IT
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.100_vrf_IT
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.8/31
-- name: Ethernet2.42
+- name: Ethernet2.142
peer: cv-pathfinder-edge2B
- peer_interface: Ethernet52.42
+ peer_interface: Ethernet52.142
peer_type: wan_edge
vrf: PROD
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.42_vrf_PROD
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.142_vrf_PROD
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.8/31
+- name: Ethernet2.666
+ peer: cv-pathfinder-edge2B
+ peer_interface: Ethernet52.666
+ peer_type: wan_edge
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.8/31
loopback_interfaces:
@@ -240,6 +296,9 @@ vlans:
- id: 101
name: VLAN101
tenant: TenantA
+- id: 666
+ name: VLAN666
+ tenant: TenantC
ip_igmp_snooping:
globally_enabled: true
ip_virtual_router_mac_address: 00:1c:73:00:00:01
@@ -250,6 +309,12 @@ vlan_interfaces:
shutdown: true
ip_address_virtual: 10.0.100.1/24
vrf: PROD
+- name: Vlan666
+ tenant: TenantC
+ description: VLAN666
+ shutdown: true
+ ip_address_virtual: 10.66.66.66/24
+ vrf: ATTRACTED-VRF-FROM-UPLINK
vxlan_interface:
Vxlan1:
description: site-ha-enabled-leaf2A_VTEP
@@ -261,10 +326,14 @@ vxlan_interface:
vni: 1100
- id: 101
vni: 1101
+ - id: 666
+ vni: 1666
vrfs:
- name: default
vni: 1
- name: IT
- vni: 100
+ vni: 1000
- name: PROD
- vni: 42
+ vni: 142
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 666
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf2B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf2B.yml
index b9be0d8ac7b..d19d3a8073b 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf2B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf2B.yml
@@ -50,21 +50,21 @@ router_bgp:
- ip_address: 172.17.0.7
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge2A_Ethernet53.100_vrf_IT
+ description: cv-pathfinder-edge2A_Ethernet53.1000_vrf_IT
- ip_address: 172.17.0.11
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge2B_Ethernet53.100_vrf_IT
- rd: 192.168.45.3:100
+ description: cv-pathfinder-edge2B_Ethernet53.1000_vrf_IT
+ rd: 192.168.45.3:1000
route_targets:
import:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
export:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
redistribute_routes:
- source_protocol: connected
- name: PROD
@@ -73,21 +73,44 @@ router_bgp:
- ip_address: 172.17.0.7
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge2A_Ethernet53.42_vrf_PROD
+ description: cv-pathfinder-edge2A_Ethernet53.142_vrf_PROD
- ip_address: 172.17.0.11
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge2B_Ethernet53.42_vrf_PROD
- rd: 192.168.45.3:42
+ description: cv-pathfinder-edge2B_Ethernet53.142_vrf_PROD
+ rd: 192.168.45.3:142
route_targets:
import:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
export:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
+ redistribute_routes:
+ - source_protocol: connected
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ router_id: 192.168.45.3
+ neighbors:
+ - ip_address: 172.17.0.7
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65000'
+ description: cv-pathfinder-edge2A_Ethernet53.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ - ip_address: 172.17.0.11
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65000'
+ description: cv-pathfinder-edge2B_Ethernet53.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ rd: 192.168.45.3:666
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - 666:666
+ export:
+ - address_family: evpn
+ route_targets:
+ - 666:666
redistribute_routes:
- source_protocol: connected
- name: default
@@ -122,6 +145,14 @@ router_bgp:
- 1101:1101
redistribute_routes:
- learned
+ - id: 666
+ tenant: TenantC
+ rd: 192.168.45.3:1666
+ route_targets:
+ both:
+ - 1666:1666
+ redistribute_routes:
+ - learned
service_routing_protocols_model: multi-agent
ip_routing: true
vlan_internal_order:
@@ -138,6 +169,9 @@ vrfs:
- name: PROD
tenant: TenantA
ip_routing: true
+- name: ATTRACTED-VRF-FROM-UPLINK
+ tenant: TenantC
+ ip_routing: true
management_api_http:
enable_vrfs:
- name: MGMT
@@ -152,26 +186,37 @@ ethernet_interfaces:
mtu: 9214
type: routed
ip_address: 172.17.0.6/31
-- name: Ethernet1.100
+- name: Ethernet1.1000
peer: cv-pathfinder-edge2A
- peer_interface: Ethernet53.100
+ peer_interface: Ethernet53.1000
peer_type: wan_edge
vrf: IT
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.100_vrf_IT
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.6/31
-- name: Ethernet1.42
+- name: Ethernet1.142
peer: cv-pathfinder-edge2A
- peer_interface: Ethernet53.42
+ peer_interface: Ethernet53.142
peer_type: wan_edge
vrf: PROD
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.42_vrf_PROD
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.142_vrf_PROD
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.6/31
+- name: Ethernet1.666
+ peer: cv-pathfinder-edge2A
+ peer_interface: Ethernet53.666
+ peer_type: wan_edge
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.6/31
- name: Ethernet2
@@ -183,26 +228,37 @@ ethernet_interfaces:
mtu: 9214
type: routed
ip_address: 172.17.0.10/31
-- name: Ethernet2.100
+- name: Ethernet2.1000
peer: cv-pathfinder-edge2B
- peer_interface: Ethernet53.100
+ peer_interface: Ethernet53.1000
peer_type: wan_edge
vrf: IT
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.100_vrf_IT
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.10/31
-- name: Ethernet2.42
+- name: Ethernet2.142
peer: cv-pathfinder-edge2B
- peer_interface: Ethernet53.42
+ peer_interface: Ethernet53.142
peer_type: wan_edge
vrf: PROD
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.42_vrf_PROD
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.142_vrf_PROD
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.10/31
+- name: Ethernet2.666
+ peer: cv-pathfinder-edge2B
+ peer_interface: Ethernet53.666
+ peer_type: wan_edge
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.666_vrf_ATTRACTED-VRF-FROM-UPLINK
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.10/31
loopback_interfaces:
@@ -240,6 +296,9 @@ vlans:
- id: 101
name: VLAN101
tenant: TenantA
+- id: 666
+ name: VLAN666
+ tenant: TenantC
ip_igmp_snooping:
globally_enabled: true
ip_virtual_router_mac_address: 00:1c:73:00:00:01
@@ -250,6 +309,12 @@ vlan_interfaces:
shutdown: true
ip_address_virtual: 10.0.100.1/24
vrf: PROD
+- name: Vlan666
+ tenant: TenantC
+ description: VLAN666
+ shutdown: true
+ ip_address_virtual: 10.66.66.66/24
+ vrf: ATTRACTED-VRF-FROM-UPLINK
vxlan_interface:
Vxlan1:
description: site-ha-enabled-leaf2B_VTEP
@@ -261,10 +326,14 @@ vxlan_interface:
vni: 1100
- id: 101
vni: 1101
+ - id: 666
+ vni: 1666
vrfs:
- name: default
vni: 1
- name: IT
- vni: 100
+ vni: 1000
- name: PROD
- vni: 42
+ vni: 142
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 666
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/AUTOVPN_TESTS.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/AUTOVPN_TESTS.yml
index 6f07482fdf4..e99200f7d8b 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/AUTOVPN_TESTS.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/AUTOVPN_TESTS.yml
@@ -100,18 +100,14 @@ tenants:
vrfs:
- name: default
vrf_id: 1
- # Testing VRF default without wan_vni set to check it is inserted and
- # does not explode
- name: PROD
vrf_id: 42
- wan_vni: 42
svis:
- id: 100
name: VLAN100
ip_address_virtual: 10.0.100.1/24
- name: IT
vrf_id: 100
- wan_vni: 100
l2vlans:
- id: 101
name: VLAN101
@@ -120,8 +116,10 @@ wan_virtual_topologies:
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY
+ wan_vni: 1
- name: PROD
policy: PROD-AVT-POLICY
+ wan_vni: 42
policies:
- name: PROD-AVT-POLICY
default_virtual_topology:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CV_PATHFINDER_TESTS.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CV_PATHFINDER_TESTS.yml
index 0bfff5c5bff..da86d9a8eab 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CV_PATHFINDER_TESTS.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CV_PATHFINDER_TESTS.yml
@@ -282,7 +282,6 @@ tenants:
vrfs:
- name: default
vrf_id: 1
- wan_vni: 1
# Checking static route on VRF default is redistributed in a route-map
static_routes:
- destination_address_prefix: 66.66.66.0/24
@@ -291,14 +290,12 @@ tenants:
- name: PROD
# Showing that wan_vni and vrf_id can be different. `vrf_id` influences the subinterface id.
vrf_id: 142
- wan_vni: 42
svis:
- id: 100
name: VLAN100
ip_address_virtual: 10.0.100.1/24
- name: IT
vrf_id: 1000
- wan_vni: 100
l2vlans:
- id: 101
name: VLAN101
@@ -306,10 +303,8 @@ tenants:
vrfs:
- name: default
vrf_id: 1
- wan_vni: 1
- name: TRANSIT
vrf_id: 66
- wan_vni: 66
# Test that a VRF with address_families: [] on a WAN router is not configured on Vxlan1 interface nor BGP
- name: NOT-WAN-VRF
vrf_id: 13
@@ -320,7 +315,6 @@ tenants:
# Test adding a VRF on an uplink switch and seeing it configured on the WAN routers
- name: ATTRACTED-VRF-FROM-UPLINK
vrf_id: 666
- wan_vni: 166
svis:
- id: 666
name: VLAN666
@@ -333,14 +327,20 @@ wan_virtual_topologies:
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY
+ wan_vni: 1
- name: PROD
policy: PROD-AVT-POLICY
+ wan_vni: 42
# Testing reusing the same policy as default VRF
- name: IT
policy: DEFAULT-AVT-POLICY
+ wan_vni: 100
# Testing a VRF only on transit and not edge
- name: TRANSIT
policy: TRANSIT-AVT-POLICY
+ wan_vni: 66
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ wan_vni: 166
policies:
- name: PROD-AVT-POLICY
default_virtual_topology:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/autovpn-edge-no-default-policy.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/autovpn-edge-no-default-policy.yml
index 11cd0abc476..1d493abc67e 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/autovpn-edge-no-default-policy.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/autovpn-edge-no-default-policy.yml
@@ -73,10 +73,12 @@ tenants:
vrf_id: 1
- name: PROD
vrf_id: 42
- wan_vni: 42
- name: IT
vrf_id: 100
- wan_vni: 100
-# empty
-wan_virtual_topologies: null
+wan_virtual_topologies:
+ vrfs:
+ - name: PROD
+ wan_vni: 42
+ - name: IT
+ wan_vni: 100
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/cv-pathfinder-edge-custom-default-policy.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/cv-pathfinder-edge-custom-default-policy.yml
new file mode 100644
index 00000000000..7256102f066
--- /dev/null
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/cv-pathfinder-edge-custom-default-policy.yml
@@ -0,0 +1,145 @@
+---
+# Testing CV pathfinder edge with no policy in VRF default to make sure the correct
+# default policy is auto generated by AVD
+wan_mode: cv-pathfinder
+# Disabling underlay for tests
+underlay_routing_protocol: none
+
+bgp_as: 65000
+
+cv_pathfinder_regions:
+ - name: AVD_Land_West
+ id: 42
+ description: AVD Region
+ sites:
+ - name: Site1
+ id: 1
+ location: one place
+
+bgp_peer_groups:
+ wan_overlay_peers:
+ password: "htm4AZe9mIQOO1uiMuGgYQ=="
+ # Overwriting TTL
+ ttl_maximum_hops: 42
+ listen_range_prefixes:
+ - 192.168.255.0/24
+
+wan_route_servers:
+ - hostname: cv-pathfinder-pathfinder
+
+wan_ipsec_profiles:
+ control_plane:
+ shared_key: ABCDEF1234567890
+ data_plane:
+ shared_key: ABCDEF1234567890666
+
+default_node_types:
+ - node_type: wan_edge
+ match_hostnames:
+ - "cv-pathfinder-edge.*"
+
+wan_edge:
+ defaults:
+ loopback_ipv4_pool: 192.168.42.0/24
+ vtep_loopback_ipv4_pool: 192.168.255.0/24
+ filter:
+ always_include_vrfs_in_tenants: [TenantA]
+ nodes:
+ - name: cv-pathfinder-edge-custom-default-policy
+ cv_pathfinder_region: AVD_Land_West
+ cv_pathfinder_site: Site1
+ id: 1
+ l3_interfaces:
+ - name: Ethernet1
+ wan_carrier: ATT
+ wan_circuit_id: 666
+ dhcp_accept_default_route: true
+ ip_address: dhcp
+ - name: Ethernet2
+ wan_carrier: Colt
+ wan_circuit_id: 10555
+ ip_address: 172.15.5.5/31
+ - name: Ethernet3
+ wan_carrier: Comcast-5G
+ wan_circuit_id: AF830
+ ip_address: 172.20.20.20/31
+ connected_to_pathfinder: False
+
+wan_path_groups:
+ - name: MPLS
+ ipsec: false
+ # TODO remove one once auto-id is implemented - for now required in schema
+ id: 100
+ - name: INET
+ id: 101
+ - name: LTE
+ id: 102
+ - name: Equinix
+ id: 103
+ - name: Satellite
+ id: 104
+
+wan_carriers:
+ - name: Comcast
+ path_group: INET
+ - name: ATT
+ path_group: INET
+ - name: Bouygues_Telecom
+ path_group: INET
+ - name: SFR
+ path_group: INET
+ - name: Orange
+ path_group: INET
+ - name: Another-ISP
+ path_group: INET
+ - name: Colt
+ path_group: MPLS
+ - name: ATT-MPLS
+ path_group: MPLS
+ - name: Comcast-5G
+ path_group: LTE
+ - name: Inmrasat
+ path_group: Satellite
+
+tenants:
+ - name: TenantA
+ vrfs:
+ - name: default
+ vrf_id: 1
+ - name: PROD
+ vrf_id: 42
+ - name: IT
+ vrf_id: 100
+
+wan_virtual_topologies:
+ vrfs:
+ # No policy for default or PROD, going to use DEFAULT-POLICY
+ # overwrite DEFAULT-POLICY below
+ - name: default
+ wan_vni: 1
+ - name: PROD
+ wan_vni: 42
+ policies:
+ # Name of the DEFAULT-POLICY being overwritten
+ - name: DEFAULT-POLICY
+ default_virtual_topology:
+ path_groups:
+ - names: [INET]
+ - names: [LTE]
+ preference: 42
+ application_virtual_topologies:
+ - application_profile: VIDEO
+ path_groups:
+ - names: [MPLS, INET]
+ preference: preferred
+ id: 3
+
+application_classification:
+ application_profiles:
+ - name: VIDEO
+ # Testing categories filtering
+ applications:
+ # Testing applications in application-profiles filtering
+ - name: CUSTOM-APPLICATION-1
+ # Builtin application that should not raise
+ - name: skype
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/cv-pathfinder-edge-no-default-policy.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/cv-pathfinder-edge-no-default-policy.yml
index e687bf965ec..d63909e999d 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/cv-pathfinder-edge-no-default-policy.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/cv-pathfinder-edge-no-default-policy.yml
@@ -116,9 +116,12 @@ tenants:
vrf_id: 1
- name: PROD
vrf_id: 42
- wan_vni: 42
- name: IT
vrf_id: 100
- wan_vni: 100
-wan_virtual_topologies: null
+wan_virtual_topologies:
+ vrfs:
+ - name: PROD
+ wan_vni: 42
+ - name: IT
+ wan_vni: 100
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml
index 66f65060948..003e35e604b 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml
@@ -319,6 +319,7 @@ all:
hosts:
autovpn-edge-no-default-policy:
cv-pathfinder-edge-no-default-policy:
+ cv-pathfinder-edge-custom-default-policy:
UPLINK_P2P_VRFS_TESTS:
hosts:
UPLINK_P2P_VRFS_TESTS_SPINE1:
diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md
index 1e33a32bbb1..a7fc699e0b9 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md
+++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md
@@ -17,7 +17,6 @@
| [ - <str>](## ".[].vrfs.[].address_families.[]") | String | | | Valid Values:
- evpn
- vpn-ipv4
- vpn-ipv6 | |
| [ description](## ".[].vrfs.[].description") | String | | | | VRF description. |
| [ vrf_vni](## ".[].vrfs.[].vrf_vni") | Integer | | | Min: 1
Max: 16777215 | Required if "vrf_id" is not set.
The VRF VNI range is not limited, but if vrf_id is not set, "vrf_vni" is used for calculating MLAG iBGP peering vlan id.
"vrf_vni" may also be used for VRF RD/RT ID. See "overlay_rd_type" and "overlay_rt_type" for details.
See "mlag_ibgp_peering_vrfs.base_vlan" for details.
If vrf_vni > 10000 make sure to adjust "mac_vrf_vni_base" accordingly to avoid overlap.
|
- | [ wan_vni](## ".[].vrfs.[].wan_vni") | Integer | | | Min: 1
Max: 255 | Required for VRFs carried over AutoVPN or CV Pathfinder WAN.
A VRF can have a different VNI in the Datacenters and in the WAN.
Note that if no VRF default is configured for WAN, AVD will automatically inject the VRF default with
`wan_vni` set to `1`.
In addition either `vrf_id` or `vrf_vni` must be set to enforce consistant route-targets across domains.
|
| [ vrf_id](## ".[].vrfs.[].vrf_id") | Integer | | | | Required if "vrf_vni" is not set.
"vrf_id" is used as default value for "vrf_vni" and "ospf.process_id" unless those are set.
"vrf_id" may also be used for VRF RD/RT ID. See "overlay_rd_type" and "overlay_rt_type" for details.
"vrf_id" is preferred over "vrf_vni" for MLAG iBGP peering vlan, see "mlag_ibgp_peering_vrfs.base_vlan" for details.
|
| [ rd_override](## ".[].vrfs.[].rd_override") | String | | | | By default, the VRF RD will be derived from the pattern defined in `overlay_rd_type`.
The rd_override allows us to override this value and statically define it.
rd_override supports two formats:
- A single number will be used in the RD assigned number subfield (second part of the RD).
- A full RD string with colon seperator which will override the full RD.
|
| [ rt_override](## ".[].vrfs.[].rt_override") | String | | | | By default, the VRF RT will be derived from the pattern defined in `overlay_rt_type`.
The rt_override allows us to override this value and statically define it.
rt_override supports two formats:
- A single number will be used in the RT assigned number subfield (second part of the RT).
- A full RT string with colon seperator which will override the full RT.
|
@@ -116,14 +115,6 @@
# If vrf_vni > 10000 make sure to adjust "mac_vrf_vni_base" accordingly to avoid overlap.
vrf_vni:
- # Required for VRFs carried over AutoVPN or CV Pathfinder WAN.
-
- # A VRF can have a different VNI in the Datacenters and in the WAN.
- # Note that if no VRF default is configured for WAN, AVD will automatically inject the VRF default with
- # `wan_vni` set to `1`.
- # In addition either `vrf_id` or `vrf_vni` must be set to enforce consistant route-targets across domains.
- wan_vni:
-
# Required if "vrf_vni" is not set.
# "vrf_id" is used as default value for "vrf_vni" and "ospf.process_id" unless those are set.
# "vrf_id" may also be used for VRF RD/RT ID. See "overlay_rd_type" and "overlay_rt_type" for details.
diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-virtual-topologies.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-virtual-topologies.md
index abc5a6b4b1d..a2eaed817c2 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-virtual-topologies.md
+++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-virtual-topologies.md
@@ -10,7 +10,8 @@
| [wan_virtual_topologies](## "wan_virtual_topologies") | Dictionary | | | | PREVIEW: WAN Preview
Configure Virtual Topologies for CV Pathfinder and AutoVPN.
Auto create a control plane profile/policy/application and enforce it being first in the default VRF. |
| [ vrfs](## "wan_virtual_topologies.vrfs") | List, items: Dictionary | | | | Map a VRF that exists in network_services to an AVT policy.
TODO: missing default VRF behavior |
| [ - name](## "wan_virtual_topologies.vrfs.[].name") | String | Required, Unique | | | VRF name. |
- | [ policy](## "wan_virtual_topologies.vrfs.[].policy") | String | | | | Name of the AVT policy to apply to this VRF. |
+ | [ policy](## "wan_virtual_topologies.vrfs.[].policy") | String | | `DEFAULT-POLICY` | | Name of the policy to apply to this VRF.
It is possible to overwrite the default policy for all VRFs using it
by redefining it in the `wan_virtual_topologies.policies` list using the
default name `DEFAULT-POLICY`. |
+ | [ wan_vni](## "wan_virtual_topologies.vrfs.[].wan_vni") | Integer | Required | | Min: 1
Max: 255 | Required for VRFs carried over AutoVPN or CV Pathfinder WAN.
A VRF can have a different VNI in the Datacenters and in the WAN.
Note that if no VRF default is configured for WAN, AVD will automatically inject the VRF default with
`wan_vni` set to `1`.
In addition either `vrf_id` or `vrf_vni` must be set to enforce consistant route-targets across domains.
|
| [ control_plane_virtual_topology](## "wan_virtual_topologies.control_plane_virtual_topology") | Dictionary | | | | Always injected into the default VRF policy as the first entry.
By default, if no path-groups are specified, all locally available path-groups
are used in the generated load-balance policy.
ID is hardcoded to 254 for the AVT profile in CV Pathfinder mode. |
| [ name](## "wan_virtual_topologies.control_plane_virtual_topology.name") | String | | | | Optional name, if not set `CONTROL-PLANE-PROFILE` is used. |
| [ traffic_class](## "wan_virtual_topologies.control_plane_virtual_topology.traffic_class") | Integer | | | Min: 0
Max: 7 | Set traffic-class for matched traffic. |
@@ -70,8 +71,19 @@
# VRF name.
- name:
- # Name of the AVT policy to apply to this VRF.
- policy:
+ # Name of the policy to apply to this VRF.
+ # It is possible to overwrite the default policy for all VRFs using it
+ # by redefining it in the `wan_virtual_topologies.policies` list using the
+ # default name `DEFAULT-POLICY`.
+ policy:
+
+ # Required for VRFs carried over AutoVPN or CV Pathfinder WAN.
+
+ # A VRF can have a different VNI in the Datacenters and in the WAN.
+ # Note that if no VRF default is configured for WAN, AVD will automatically inject the VRF default with
+ # `wan_vni` set to `1`.
+ # In addition either `vrf_id` or `vrf_vni` must be set to enforce consistant route-targets across domains.
+ wan_vni:
# Always injected into the default VRF policy as the first entry.
diff --git a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/router_adaptive_virtual_topology.py b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/router_adaptive_virtual_topology.py
index af825f90d8c..3af8ca258b9 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/router_adaptive_virtual_topology.py
+++ b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/router_adaptive_virtual_topology.py
@@ -41,17 +41,15 @@ def _cv_pathfinder_wan_vrfs(self) -> list:
wan_vrfs = []
for vrf in self._filtered_wan_vrfs:
- wan_vrf = vrf.copy()
+ wan_vrf = {"name": vrf["name"], "policy": vrf["policy"]}
# Need to allocate an ID for each profile in the policy, for now picked up from the input.
policy = get_item(
self._augmented_cv_pathfinder_policies,
"name",
- wan_vrf[self._wan_policy_key],
+ wan_vrf["policy"],
required=True,
- custom_error_msg=(
- f"The policy {wan_vrf[self._wan_policy_key]} used in vrf {wan_vrf['name']} is not configured under 'wan_virtual_topologies.policies'."
- ),
+ custom_error_msg=(f"The policy {wan_vrf['policy']} used in vrf {wan_vrf['name']} is not configured under 'wan_virtual_topologies.policies'."),
)
for match in policy.get("matches", []):
@@ -70,8 +68,6 @@ def _cv_pathfinder_wan_vrfs(self) -> list:
def _augmented_cv_pathfinder_policies(self) -> list:
"""
Return a list of augmented CV_Pathfinder Policies with an `_id` key to be used when rendering VRFs.
-
- Insert the policy for default VRF using {name}-WITH-CP
"""
if not self.shared_utils.cv_pathfinder_role:
return []
@@ -87,8 +83,6 @@ def _augmented_cv_pathfinder_policies(self) -> list:
}
if get(avt_policy, "is_default", default=False):
- # Update policy name
- cv_pathfinder_policy["name"] = f"{cv_pathfinder_policy['name']}-WITH-CP"
cv_pathfinder_policy["matches"].append(
{
"application_profile": self._wan_control_plane_application_profile,
@@ -98,6 +92,8 @@ def _augmented_cv_pathfinder_policies(self) -> list:
"_id": 254,
}
)
+ # Eurk
+ avt_policy['name'] = avt_policy['original_name']
for application_virtual_topology in get(avt_policy, "application_virtual_topologies", []):
application_profile = get(application_virtual_topology, "application_profile", required=True)
diff --git a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/router_path_selection.py b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/router_path_selection.py
index c6443c9741e..b7402d2350e 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/router_path_selection.py
+++ b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/router_path_selection.py
@@ -30,16 +30,17 @@ def router_path_selection(self) -> dict | None:
"load_balance_policies": self._wan_load_balance_policies,
}
- # When running CV Pathfinder, only load balance policies
- if self.shared_utils.cv_pathfinder_role:
- return strip_empties_from_dict(router_path_selection)
-
- router_path_selection.update(
- {
- "policies": self._autovpn_policies,
- "vrfs": self._filtered_wan_vrfs,
- }
- )
+ # When running CV Pathfinder, only load balance policies are configured
+ # for AutoVPN, need also vrfs and policies.
+ if self.shared_utils.wan_mode == "autovpn":
+ vrfs = [{"name": vrf["name"], "path_selection_policy": vrf["policy"]} for vrf in self._filtered_wan_vrfs]
+
+ router_path_selection.update(
+ {
+ "policies": self._autovpn_policies,
+ "vrfs": vrfs,
+ }
+ )
return strip_empties_from_dict(router_path_selection)
@@ -60,8 +61,6 @@ def _autovpn_policies(self) -> list:
}
if get(policy, "is_default", default=False):
- # Update policy name
- autovpn_policy["name"] = f"{autovpn_policy['name']}-WITH-CP"
autovpn_policy.setdefault("rules", []).append(
{
"id": 10,
@@ -70,6 +69,8 @@ def _autovpn_policies(self) -> list:
}
)
rule_id_offset = 1
+ # Eurk
+ policy['name'] = policy['original_name']
for rule_id, application_virtual_topology in enumerate(get(policy, "application_virtual_topologies", []), start=1):
name = get(application_virtual_topology, "name", default=f"{policy['name']}-{application_virtual_topology['application_profile']}")
diff --git a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/utils.py b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/utils.py
index 3cfab23e4bc..97a1b1c9433 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/utils.py
+++ b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/utils.py
@@ -205,13 +205,6 @@ def _wan_control_plane_application_profile(self) -> str:
"""
return "CONTROL-PLANE-APPLICATION-PROFILE"
- @cached_property
- def _wan_policy_key(self) -> str:
- """
- The key for policies is different for AutoVPN and CV Pathfinder
- """
- return "policy" if self.shared_utils.wan_mode == "cv-pathfinder" else "path_selection_policy"
-
def _generate_wan_load_balance_policy(self, name: str, input_dict: dict, context_path: str) -> dict:
"""
Generate and return a router path-selection load-balance policy. If HA is enabled, inject the HA path-group with priority 1.
@@ -306,15 +299,21 @@ def _wan_load_balance_policies(self) -> list:
default={"path_groups": [{"names": self._local_path_groups_connected_to_pathfinder}]},
)
- wan_load_balance_policies = [
- self._generate_wan_load_balance_policy(f"LB-{self._wan_control_plane_profile}", control_plane_virtual_topology, self._default_vrf_policy["name"])
- ]
+ wan_load_balance_policies = []
+
for policy in self._filtered_wan_policies:
+ policy_name = policy["name"]
+ if get(policy, "is_default", default=False):
+ # for the default policy, need to render the control_plane_virtual_topology
+ wan_load_balance_policies.append(
+ self._generate_wan_load_balance_policy(f"LB-{self._wan_control_plane_profile}", control_plane_virtual_topology, policy["original_name"])
+ )
+ policy_name = policy["original_name"]
for application_virtual_topology in get(policy, "application_virtual_topologies", []):
# TODO add internet exit once supported
- name = get(application_virtual_topology, "name", default=f"{policy['name']}-{application_virtual_topology['application_profile']}")
+ name = get(application_virtual_topology, "name", default=f"{policy_name}-{application_virtual_topology['application_profile']}")
context_path = (
- f"wan_virtual_topologies.policies[{policy['name']}].application_virtual_topologies[{application_virtual_topology['application_profile']}]"
+ f"wan_virtual_topologies.policies[{policy_name}].application_virtual_topologies[{application_virtual_topology['application_profile']}]"
)
append_if_not_duplicate(
list_of_dicts=wan_load_balance_policies,
@@ -325,11 +324,11 @@ def _wan_load_balance_policies(self) -> list:
)
default_virtual_topology = get(
- policy, "default_virtual_topology", required=True, org_key=f"wan_virtual_topologies.policies[{policy['name']}].default_virtual_toplogy"
+ policy, "default_virtual_topology", required=True, org_key=f"wan_virtual_topologies.policies[{policy_name}].default_virtual_toplogy"
)
if not get(default_virtual_topology, "drop_unmatched", default=False):
- name = get(default_virtual_topology, "name", default=f"{policy['name']}-DEFAULT")
- context_path = f"wan_virtual_topologies.policies[{policy['name']}].default_virtual_topology"
+ name = get(default_virtual_topology, "name", default=f"{policy_name}-DEFAULT")
+ context_path = f"wan_virtual_topologies.policies[{policy_name}].default_virtual_topology"
# Verify that path_groups are set or raise
get(
@@ -356,13 +355,15 @@ def _filtered_wan_vrfs(self) -> list:
"""
wan_vrfs = []
- for avt_vrf in get(self._hostvars, "wan_virtual_topologies.vrfs", []):
- vrf_name = avt_vrf["name"]
+ for vrf in get(self._hostvars, "wan_virtual_topologies.vrfs", []):
+ vrf_name = vrf["name"]
if vrf_name in self.shared_utils.vrfs or self.shared_utils.is_wan_server:
- # TODO check that the policy exists or raise
wan_vrf = {
"name": vrf_name,
- self._wan_policy_key: get(avt_vrf, "policy", required=True),
+ "policy": get(vrf, "policy", default="DEFAULT-POLICY"),
+ "wan_vni": get(
+ vrf, "wan_vni", required=True, org_key=f"Required `wan_vni` is missing for VRF {vrf_name} under `wan_virtual_topologies.vrfs`."
+ ),
}
wan_vrfs.append(wan_vrf)
@@ -372,68 +373,67 @@ def _filtered_wan_vrfs(self) -> list:
wan_vrfs.append(
{
"name": "default",
- self._wan_policy_key: f"{self._default_vrf_policy['name']}-WITH-CP",
+ "policy": f"{self._default_avt_policy['name']}-WITH-CP",
+ "wan_vni": 1,
+ "original_policy": self._default_avt_policy["name"],
}
)
else:
- vrf_default[self._wan_policy_key] = f"{vrf_default[self._wan_policy_key]}-WITH-CP"
+ vrf_default["original_policy"] = vrf_default["policy"]
+ vrf_default["policy"] = f"{vrf_default['policy']}-WITH-CP"
return wan_vrfs
+ @cached_property
+ def _wan_policies(self) -> list:
+ """ """
+ policies = get(self._hostvars, "wan_virtual_topologies.policies", default=[])
+ # If not overwritten, inject the DEFAULT-POLICY in case it is required for one of the VRFs
+ if get_item(policies, "name", "DEFAULT-POLICY") is None:
+ policies.append(self._default_avt_policy)
+
+ return policies
+
@cached_property
def _filtered_wan_policies(self) -> list:
"""
Loop through all the VRFs defined under `wan_virtual_topologies.vrfs` and returns a list of policies to configure on this device.
-
inject the default_vrf_policy
"""
- policies = get(self._hostvars, "wan_virtual_topologies.policies", default=[])
- # Need to handle VRF default differently
- filtered_policies = [
- get_item(
- policies,
+ # to track the names already injected
+ filtered_policy_names = []
+ filtered_policies = []
+ for vrf in self._filtered_wan_vrfs:
+ # Need to handle VRF default differently and lookup for the original policy
+ lookup_name = get(vrf, "original_policy", default=vrf["policy"])
+ vrf_policy = get_item(
+ self._wan_policies,
"name",
- wan_vrf[self._wan_policy_key],
+ lookup_name,
required=True,
custom_error_msg=(
- f"The policy {wan_vrf[self._wan_policy_key]} applied to vrf {wan_vrf['name']} under `wan_virtual_topologies.vrfs` is not "
+ f"The policy {lookup_name} applied to vrf {vrf['name']} under `wan_virtual_topologies.vrfs` is not "
"defined under `wan_virtual_topologies.policies`."
),
)
- for wan_vrf in self._filtered_wan_vrfs
- if wan_vrf["name"] != "default"
- ]
- filtered_policies.append(self._default_vrf_policy)
+
+ if vrf["name"] == "default":
+ vrf_policy = vrf_policy.copy()
+ vrf_policy["is_default"] = True
+ vrf_policy["original_name"] = lookup_name
+ vrf_policy["name"] = f"{vrf_policy['name']}-WITH-CP"
+
+ if vrf_policy["name"] not in filtered_policy_names:
+ filtered_policy_names.append(vrf_policy["name"])
+ filtered_policies.append(vrf_policy)
+
return filtered_policies
@cached_property
- def _default_vrf_policy(self) -> dict:
+ def _default_avt_policy(self) -> dict:
"""
- Retrieves the name of the policy used for the default VRF and appending -WITH-CP to its name.
-
- If not policy is defined for VRF default under 'wan_virtual_topologies.vrfs', use a default policy named DEFAULT-AVT-POLICY-WITH-CP where all
- traffic is matched in the default category and distributed amongst all path-groups.
+ If no policy is defined for a VRF under 'wan_virtual_topologies.vrfs', a default policy named DEFAULT-POLICY is used
+ where all traffic is matched in the default category and distributed amongst all path-groups.
"""
- vrfs = get(self._hostvars, "wan_virtual_topologies.vrfs", [])
- default_vrf = get_item(vrfs, "name", "default", default={})
-
- if (vrf_default_policy := get(default_vrf, "policy")) is not None:
- policies = get(self._hostvars, "wan_virtual_topologies.policies", default=[])
- # copy is safe here as we change only the name
- default_policy = get_item(
- policies,
- "name",
- vrf_default_policy,
- required=True,
- custom_error_msg=(
- f"The policy {vrf_default_policy} defined for vrf default under 'wan_virtual_topologies.vrfs' "
- "is not defined under 'wan_virtual_topologies.policies'."
- ),
- ).copy()
- else:
- wan_local_path_group_names = [path_group["name"] for path_group in self.shared_utils.wan_local_path_groups]
- default_policy = {"name": "DEFAULT-AVT-POLICY", "default_virtual_topology": {"path_groups": [{"names": wan_local_path_group_names}]}}
-
- default_policy["is_default"] = True
-
- return default_policy
+ wan_local_path_group_names = [path_group["name"] for path_group in self.shared_utils.wan_local_path_groups]
+ return {"name": "DEFAULT-POLICY", "default_virtual_topology": {"path_groups": [{"names": wan_local_path_group_names}]}}
diff --git a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vxlan_interface.py b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vxlan_interface.py
index 5e142ac4cec..7c1d5760673 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vxlan_interface.py
+++ b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vxlan_interface.py
@@ -9,7 +9,7 @@
from ansible_collections.arista.avd.plugins.filter.natural_sort import natural_sort
from ansible_collections.arista.avd.plugins.filter.range_expand import range_expand
from ansible_collections.arista.avd.plugins.plugin_utils.errors import AristaAvdError, AristaAvdMissingVariableError
-from ansible_collections.arista.avd.plugins.plugin_utils.utils import append_if_not_duplicate, default, get, unique
+from ansible_collections.arista.avd.plugins.plugin_utils.utils import append_if_not_duplicate, default, get, unique, get_item
from .utils import UtilsMixin
@@ -100,6 +100,16 @@ def vxlan_interface(self) -> dict | None:
}
}
+ def _get_wan_vrf(self, name: str) -> dict | None:
+ """
+ Retrieve the VRF object from `wan_virtual_topologies.vrfs` list.
+ Return None if not found
+ """
+ if not self.shared_utils.is_wan_router:
+ return None
+ wan_vrfs = get(self._hostvars, "wan_virtual_topologies.vrfs", default=[])
+ return get_item(wan_vrfs, "name", name)
+
def _get_vxlan_interface_config_for_vrf(self, vrf: dict, tenant: dict, vrfs: list, vlans: list, vnis: list) -> None:
"""
In place updates of the vlans, vnis and vrfs list
@@ -132,9 +142,9 @@ def _get_vxlan_interface_config_for_vrf(self, vrf: dict, tenant: dict, vrfs: lis
if "evpn" not in vrf.get("address_families", ["evpn"]):
return
- if self.shared_utils.is_wan_router:
+ if (wan_vrf := self._get_wan_vrf(vrf_name)) is not None:
vni = get(
- vrf,
+ wan_vrf,
"wan_vni",
required=True,
# TODO when adding VRF filter, change the error message
@@ -144,7 +154,7 @@ def _get_vxlan_interface_config_for_vrf(self, vrf: dict, tenant: dict, vrfs: lis
# "If not intended on the WAN router, use the VRF filter"
# )
org_key=(
- f"VRF {vrf_name} in tenant {tenant['name']} does not have a `wan_vni` defined. "
+ f"VRF {vrf_name} in tenant {tenant['name']} does not have a `wan_vni` defined under `wan_virtual_topologies.vrfs`. "
"If this VRF was not intended to be extended over WAN, set 'address_families: []' under the VRF definition."
),
)
diff --git a/ansible_collections/arista/avd/roles/eos_designs/schemas/eos_designs.jsonschema.json b/ansible_collections/arista/avd/roles/eos_designs/schemas/eos_designs.jsonschema.json
index 1375d737b79..44165a4802d 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/schemas/eos_designs.jsonschema.json
+++ b/ansible_collections/arista/avd/roles/eos_designs/schemas/eos_designs.jsonschema.json
@@ -24894,17 +24894,26 @@
},
"policy": {
"type": "string",
- "description": "Name of the AVT policy to apply to this VRF.",
+ "description": "Name of the policy to apply to this VRF.\nIt is possible to overwrite the default policy for all VRFs using it\nby redefining it in the `wan_virtual_topologies.policies` list using the\ndefault name `DEFAULT-POLICY`.",
+ "default": "DEFAULT-POLICY",
"title": "Policy"
+ },
+ "wan_vni": {
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 255,
+ "description": "Required for VRFs carried over AutoVPN or CV Pathfinder WAN.\n\nA VRF can have a different VNI in the Datacenters and in the WAN.\nNote that if no VRF default is configured for WAN, AVD will automatically inject the VRF default with\n`wan_vni` set to `1`.\nIn addition either `vrf_id` or `vrf_vni` must be set to enforce consistant route-targets across domains.\n",
+ "title": "Wan Vni"
}
},
+ "required": [
+ "wan_vni",
+ "name"
+ ],
"additionalProperties": false,
"patternProperties": {
"^_.+$": {}
- },
- "required": [
- "name"
- ]
+ }
},
"title": "VRFs"
},
diff --git a/ansible_collections/arista/avd/roles/eos_designs/schemas/eos_designs.schema.yml b/ansible_collections/arista/avd/roles/eos_designs/schemas/eos_designs.schema.yml
index 5915f193e70..8dee514aa55 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/schemas/eos_designs.schema.yml
+++ b/ansible_collections/arista/avd/roles/eos_designs/schemas/eos_designs.schema.yml
@@ -3716,7 +3716,38 @@ keys:
description: VRF name.
policy:
type: str
- description: Name of the AVT policy to apply to this VRF.
+ description: 'Name of the policy to apply to this VRF.
+
+ It is possible to overwrite the default policy for all VRFs using
+ it
+
+ by redefining it in the `wan_virtual_topologies.policies` list using
+ the
+
+ default name `DEFAULT-POLICY`.'
+ default: DEFAULT-POLICY
+ wan_vni:
+ type: int
+ convert_types:
+ - str
+ min: 1
+ max: 255
+ required: true
+ description: 'Required for VRFs carried over AutoVPN or CV Pathfinder
+ WAN.
+
+
+ A VRF can have a different VNI in the Datacenters and in the WAN.
+
+ Note that if no VRF default is configured for WAN, AVD will automatically
+ inject the VRF default with
+
+ `wan_vni` set to `1`.
+
+ In addition either `vrf_id` or `vrf_vni` must be set to enforce consistant
+ route-targets across domains.
+
+ '
control_plane_virtual_topology:
type: dict
description: 'Always injected into the default VRF policy as the first entry.
@@ -4982,27 +5013,6 @@ $defs:
If vrf_vni > 10000 make sure to adjust "mac_vrf_vni_base" accordingly
to avoid overlap.
- '
- wan_vni:
- type: int
- convert_types:
- - str
- min: 1
- max: 255
- description: 'Required for VRFs carried over AutoVPN or CV Pathfinder
- WAN.
-
-
- A VRF can have a different VNI in the Datacenters and in the WAN.
-
- Note that if no VRF default is configured for WAN, AVD will automatically
- inject the VRF default with
-
- `wan_vni` set to `1`.
-
- In addition either `vrf_id` or `vrf_vni` must be set to enforce
- consistant route-targets across domains.
-
'
vrf_id:
type: int
diff --git a/ansible_collections/arista/avd/roles/eos_designs/schemas/schema_fragments/defs_network_services.schema.yml b/ansible_collections/arista/avd/roles/eos_designs/schemas/schema_fragments/defs_network_services.schema.yml
index e0e0f67740e..ddd87f6be5e 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/schemas/schema_fragments/defs_network_services.schema.yml
+++ b/ansible_collections/arista/avd/roles/eos_designs/schemas/schema_fragments/defs_network_services.schema.yml
@@ -280,19 +280,6 @@ $defs:
"vrf_vni" may also be used for VRF RD/RT ID. See "overlay_rd_type" and "overlay_rt_type" for details.
See "mlag_ibgp_peering_vrfs.base_vlan" for details.
If vrf_vni > 10000 make sure to adjust "mac_vrf_vni_base" accordingly to avoid overlap.
- wan_vni:
- type: int
- convert_types:
- - str
- min: 1
- max: 255
- description: |
- Required for VRFs carried over AutoVPN or CV Pathfinder WAN.
-
- A VRF can have a different VNI in the Datacenters and in the WAN.
- Note that if no VRF default is configured for WAN, AVD will automatically inject the VRF default with
- `wan_vni` set to `1`.
- In addition either `vrf_id` or `vrf_vni` must be set to enforce consistant route-targets across domains.
vrf_id:
type: int
convert_types:
diff --git a/ansible_collections/arista/avd/roles/eos_designs/schemas/schema_fragments/wan_virtual_topologies.schema.yml b/ansible_collections/arista/avd/roles/eos_designs/schemas/schema_fragments/wan_virtual_topologies.schema.yml
index 8f7557ed9f7..b4f5b51ae4f 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/schemas/schema_fragments/wan_virtual_topologies.schema.yml
+++ b/ansible_collections/arista/avd/roles/eos_designs/schemas/schema_fragments/wan_virtual_topologies.schema.yml
@@ -31,7 +31,33 @@ keys:
description: VRF name.
policy:
type: str
- description: Name of the AVT policy to apply to this VRF.
+ description: |-
+ Name of the policy to apply to this VRF.
+ It is possible to overwrite the default policy for all VRFs using it
+ by redefining it in the `wan_virtual_topologies.policies` list using the
+ default name `DEFAULT-POLICY`.
+ default: DEFAULT-POLICY
+ wan_vni:
+ # The `wan_vni` is under here rather than `tenants.vrfs` as it as
+ # initially planned for 2 reasons:
+ # 1. This allow to keep a consistent WAN VNI ID in a more
+ # effective way, as otherwise this wan_vni key would have had
+ # to be aligned in every tenant where the VRF is defined.
+ # 2. This is used in the WAN metadata for pathfinder nodes to pick
+ # up WAN VRFs and their VNI.
+ type: int
+ convert_types:
+ - str
+ min: 1
+ max: 255
+ required: true
+ description: |
+ Required for VRFs carried over AutoVPN or CV Pathfinder WAN.
+
+ A VRF can have a different VNI in the Datacenters and in the WAN.
+ Note that if no VRF default is configured for WAN, AVD will automatically inject the VRF default with
+ `wan_vni` set to `1`.
+ In addition either `vrf_id` or `vrf_vni` must be set to enforce consistant route-targets across domains.
control_plane_virtual_topology:
type: dict
description: |-