diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-edge-no-default-policy.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-edge-no-default-policy.cfg
index d825fdb921c..3fdcb4e9db9 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-edge-no-default-policy.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-edge-no-default-policy.cfg
@@ -22,17 +22,27 @@ router path-selection
load-balance policy LB-CONTROL-PLANE-PROFILE
path-group INET
!
- load-balance policy LB-DEFAULT-AVT-POLICY-DEFAULT
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
path-group INET
!
- policy DEFAULT-AVT-POLICY-WITH-CP
+ policy DEFAULT-POLICY
default-match
- load-balance LB-DEFAULT-AVT-POLICY-DEFAULT
+ load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
+ policy DEFAULT-POLICY-WITH-CP
+ default-match
+ load-balance LB-DEFAULT-POLICY-DEFAULT
10 application-profile CONTROL-PLANE-APPLICATION-PROFILE
load-balance LB-CONTROL-PLANE-PROFILE
!
vrf default
- path-selection-policy DEFAULT-AVT-POLICY-WITH-CP
+ path-selection-policy DEFAULT-POLICY-WITH-CP
+ !
+ vrf IT
+ path-selection-policy DEFAULT-POLICY
+ !
+ vrf PROD
+ path-selection-policy DEFAULT-POLICY
!
spanning-tree mode none
!
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-edge.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-edge.cfg
index 3d469bee206..3598aef9f82 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-edge.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-edge.cfg
@@ -26,37 +26,37 @@ router path-selection
load-balance policy LB-CONTROL-PLANE-PROFILE
path-group INET
!
- load-balance policy LB-DEFAULT-AVT-POLICY-IT
+ load-balance policy LB-DEFAULT-AUTOVPN-POLICY-IT
path-group INET priority 2
!
- load-balance policy LB-PROD-AVT-POLICY-DEFAULT
+ load-balance policy LB-PROD-AUTOVPN-POLICY-DEFAULT
path-group INET
!
- load-balance policy LB-PROD-AVT-POLICY-VIDEO
+ load-balance policy LB-PROD-AUTOVPN-POLICY-VIDEO
path-group INET
!
- load-balance policy LB-PROD-AVT-POLICY-VOICE
+ load-balance policy LB-PROD-AUTOVPN-POLICY-VOICE
path-group INET
!
- policy DEFAULT-AVT-POLICY-WITH-CP
+ policy DEFAULT-AUTOVPN-POLICY-WITH-CP
10 application-profile CONTROL-PLANE-APPLICATION-PROFILE
load-balance LB-CONTROL-PLANE-PROFILE
20 application-profile IT
- load-balance LB-DEFAULT-AVT-POLICY-IT
+ load-balance LB-DEFAULT-AUTOVPN-POLICY-IT
!
- policy PROD-AVT-POLICY
+ policy PROD-AUTOVPN-POLICY
default-match
- load-balance LB-PROD-AVT-POLICY-DEFAULT
+ load-balance LB-PROD-AUTOVPN-POLICY-DEFAULT
10 application-profile VOICE
- load-balance LB-PROD-AVT-POLICY-VOICE
+ load-balance LB-PROD-AUTOVPN-POLICY-VOICE
20 application-profile VIDEO
- load-balance LB-PROD-AVT-POLICY-VIDEO
+ load-balance LB-PROD-AUTOVPN-POLICY-VIDEO
!
vrf default
- path-selection-policy DEFAULT-AVT-POLICY-WITH-CP
+ path-selection-policy DEFAULT-AUTOVPN-POLICY-WITH-CP
!
vrf PROD
- path-selection-policy PROD-AVT-POLICY
+ path-selection-policy PROD-AUTOVPN-POLICY
!
spanning-tree mode none
!
@@ -108,7 +108,6 @@ interface Vxlan1
vxlan source-interface Dps1
vxlan udp-port 4789
vxlan vrf default vni 1
- vxlan vrf IT vni 100
vxlan vrf PROD vni 42
!
application traffic recognition
@@ -195,13 +194,6 @@ router bgp 65000
route-target export evpn 1:1
route-target export evpn route-map RM-EVPN-EXPORT-VRF-DEFAULT
!
- vrf IT
- rd 192.168.30.1:100
- route-target import evpn 100:100
- route-target export evpn 100:100
- router-id 192.168.30.1
- redistribute connected
- !
vrf PROD
rd 192.168.30.1:42
route-target import evpn 42:42
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-rr1.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-rr1.cfg
index c5950b75935..b2071126bf5 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-rr1.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-rr1.cfg
@@ -24,38 +24,38 @@ router path-selection
load-balance policy LB-CONTROL-PLANE-PROFILE
path-group INET
!
- load-balance policy LB-DEFAULT-AVT-POLICY-IT
+ load-balance policy LB-DEFAULT-AUTOVPN-POLICY-IT
path-group MPLS
path-group INET priority 2
!
- load-balance policy LB-PROD-AVT-POLICY-DEFAULT
+ load-balance policy LB-PROD-AUTOVPN-POLICY-DEFAULT
path-group INET
!
- load-balance policy LB-PROD-AVT-POLICY-VIDEO
+ load-balance policy LB-PROD-AUTOVPN-POLICY-VIDEO
path-group INET
!
- load-balance policy LB-PROD-AVT-POLICY-VOICE
+ load-balance policy LB-PROD-AUTOVPN-POLICY-VOICE
path-group INET
!
- policy DEFAULT-AVT-POLICY-WITH-CP
+ policy DEFAULT-AUTOVPN-POLICY-WITH-CP
10 application-profile CONTROL-PLANE-APPLICATION-PROFILE
load-balance LB-CONTROL-PLANE-PROFILE
20 application-profile IT
- load-balance LB-DEFAULT-AVT-POLICY-IT
+ load-balance LB-DEFAULT-AUTOVPN-POLICY-IT
!
- policy PROD-AVT-POLICY
+ policy PROD-AUTOVPN-POLICY
default-match
- load-balance LB-PROD-AVT-POLICY-DEFAULT
+ load-balance LB-PROD-AUTOVPN-POLICY-DEFAULT
10 application-profile VOICE
- load-balance LB-PROD-AVT-POLICY-VOICE
+ load-balance LB-PROD-AUTOVPN-POLICY-VOICE
20 application-profile VIDEO
- load-balance LB-PROD-AVT-POLICY-VIDEO
+ load-balance LB-PROD-AUTOVPN-POLICY-VIDEO
!
vrf default
- path-selection-policy DEFAULT-AVT-POLICY-WITH-CP
+ path-selection-policy DEFAULT-AUTOVPN-POLICY-WITH-CP
!
vrf PROD
- path-selection-policy PROD-AVT-POLICY
+ path-selection-policy PROD-AUTOVPN-POLICY
!
spanning-tree mode none
!
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-rr2.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-rr2.cfg
index a09fe714fe6..155793600c6 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-rr2.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-rr2.cfg
@@ -24,38 +24,38 @@ router path-selection
load-balance policy LB-CONTROL-PLANE-PROFILE
path-group INET
!
- load-balance policy LB-DEFAULT-AVT-POLICY-IT
+ load-balance policy LB-DEFAULT-AUTOVPN-POLICY-IT
path-group MPLS
path-group INET priority 2
!
- load-balance policy LB-PROD-AVT-POLICY-DEFAULT
+ load-balance policy LB-PROD-AUTOVPN-POLICY-DEFAULT
path-group INET
!
- load-balance policy LB-PROD-AVT-POLICY-VIDEO
+ load-balance policy LB-PROD-AUTOVPN-POLICY-VIDEO
path-group INET
!
- load-balance policy LB-PROD-AVT-POLICY-VOICE
+ load-balance policy LB-PROD-AUTOVPN-POLICY-VOICE
path-group INET
!
- policy DEFAULT-AVT-POLICY-WITH-CP
+ policy DEFAULT-AUTOVPN-POLICY-WITH-CP
10 application-profile CONTROL-PLANE-APPLICATION-PROFILE
load-balance LB-CONTROL-PLANE-PROFILE
20 application-profile IT
- load-balance LB-DEFAULT-AVT-POLICY-IT
+ load-balance LB-DEFAULT-AUTOVPN-POLICY-IT
!
- policy PROD-AVT-POLICY
+ policy PROD-AUTOVPN-POLICY
default-match
- load-balance LB-PROD-AVT-POLICY-DEFAULT
+ load-balance LB-PROD-AUTOVPN-POLICY-DEFAULT
10 application-profile VOICE
- load-balance LB-PROD-AVT-POLICY-VOICE
+ load-balance LB-PROD-AUTOVPN-POLICY-VOICE
20 application-profile VIDEO
- load-balance LB-PROD-AVT-POLICY-VIDEO
+ load-balance LB-PROD-AUTOVPN-POLICY-VIDEO
!
vrf default
- path-selection-policy DEFAULT-AVT-POLICY-WITH-CP
+ path-selection-policy DEFAULT-AUTOVPN-POLICY-WITH-CP
!
vrf PROD
- path-selection-policy PROD-AVT-POLICY
+ path-selection-policy PROD-AUTOVPN-POLICY
!
spanning-tree mode none
!
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-custom-default-policy.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-custom-default-policy.cfg
new file mode 100644
index 00000000000..df0f3dac3c0
--- /dev/null
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-custom-default-policy.cfg
@@ -0,0 +1,296 @@
+!RANCID-CONTENT-TYPE: arista
+!
+flow tracking hardware
+ tracker WAN-FLOW-TRACKER
+ record export on inactive timeout 70000
+ record export on interval 5000
+ exporter DPI-EXPORTER
+ collector 127.0.0.1
+ local interface Loopback0
+ template interval 5000
+ no shutdown
+!
+service routing protocols model multi-agent
+!
+hostname cv-pathfinder-edge-custom-default-policy
+!
+router adaptive-virtual-topology
+ topology role edge
+ region AVD_Land_West id 42
+ zone DEFAULT-ZONE id 1
+ site Site1 id 1
+ !
+ policy DEFAULT-POLICY
+ !
+ match application-profile VIDEO
+ avt profile DEFAULT-POLICY-VIDEO
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
+ policy DEFAULT-POLICY-WITH-CP
+ !
+ match application-profile CONTROL-PLANE-APPLICATION-PROFILE
+ avt profile CONTROL-PLANE-PROFILE
+ !
+ match application-profile VIDEO
+ avt profile DEFAULT-POLICY-VIDEO
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
+ profile CONTROL-PLANE-PROFILE
+ path-selection load-balance LB-CONTROL-PLANE-PROFILE
+ !
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
+ profile DEFAULT-POLICY-VIDEO
+ path-selection load-balance LB-DEFAULT-POLICY-VIDEO
+ !
+ vrf default
+ avt policy DEFAULT-POLICY-WITH-CP
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ avt profile DEFAULT-POLICY-VIDEO id 3
+ avt profile CONTROL-PLANE-PROFILE id 254
+ !
+ vrf PROD
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ avt profile DEFAULT-POLICY-VIDEO id 3
+!
+router path-selection
+ tcp mss ceiling ipv4 ingress
+ !
+ path-group INET id 101
+ ipsec profile CP-PROFILE
+ !
+ local interface Ethernet1
+ stun server-profile INET-cv-pathfinder-pathfinder-Ethernet1 INET-cv-pathfinder-pathfinder-Ethernet3
+ !
+ peer dynamic
+ !
+ peer static router-ip 192.168.144.1
+ name cv-pathfinder-pathfinder
+ ipv4 address 10.7.7.7
+ ipv4 address 10.9.9.9
+ !
+ path-group LTE id 102
+ ipsec profile CP-PROFILE
+ !
+ local interface Ethernet3
+ !
+ peer dynamic
+ !
+ path-group MPLS id 100
+ !
+ local interface Ethernet2
+ stun server-profile MPLS-cv-pathfinder-pathfinder-Ethernet2
+ !
+ peer dynamic
+ !
+ peer static router-ip 192.168.144.1
+ name cv-pathfinder-pathfinder
+ ipv4 address 172.16.0.1
+ !
+ load-balance policy LB-CONTROL-PLANE-PROFILE
+ path-group INET
+ path-group MPLS
+ !
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group INET
+ path-group LTE priority 42
+ !
+ load-balance policy LB-DEFAULT-POLICY-VIDEO
+ path-group INET
+ path-group MPLS
+!
+spanning-tree mode none
+!
+no enable password
+no aaa root
+!
+vrf instance MGMT
+!
+vrf instance PROD
+!
+ip security
+ !
+ ike policy CP-IKE-POLICY
+ local-id 192.168.255.1
+ !
+ sa policy DP-SA-POLICY
+ esp encryption aes256gcm128
+ pfs dh-group 14
+ !
+ sa policy CP-SA-POLICY
+ esp encryption aes256gcm128
+ pfs dh-group 14
+ !
+ profile DP-PROFILE
+ sa-policy DP-SA-POLICY
+ connection start
+ shared-key 7 ABCDEF1234567890666
+ dpd 10 50 clear
+ mode transport
+ !
+ profile CP-PROFILE
+ ike-policy CP-IKE-POLICY
+ sa-policy CP-SA-POLICY
+ connection start
+ shared-key 7 ABCDEF1234567890
+ dpd 10 50 clear
+ mode transport
+ !
+ key controller
+ profile DP-PROFILE
+!
+interface Dps1
+ description DPS Interface
+ mtu 9214
+ flow tracker hardware WAN-FLOW-TRACKER
+ ip address 192.168.255.1/32
+!
+interface Ethernet1
+ no shutdown
+ no switchport
+ flow tracker hardware WAN-FLOW-TRACKER
+ ip address dhcp
+ dhcp client accept default-route
+!
+interface Ethernet2
+ no shutdown
+ no switchport
+ flow tracker hardware WAN-FLOW-TRACKER
+ ip address 172.15.5.5/31
+!
+interface Ethernet3
+ no shutdown
+ no switchport
+ flow tracker hardware WAN-FLOW-TRACKER
+ ip address 172.20.20.20/31
+!
+interface Loopback0
+ description Router_ID
+ no shutdown
+ ip address 192.168.42.1/32
+!
+interface Vxlan1
+ description cv-pathfinder-edge-custom-default-policy_VTEP
+ vxlan source-interface Dps1
+ vxlan udp-port 4789
+ vxlan vrf default vni 1
+ vxlan vrf PROD vni 42
+!
+application traffic recognition
+ !
+ application ipv4 CONTROL-PLANE-APPLICATION
+ destination prefix field-set CONTROL-PLANE-APP-DEST-PREFIXES
+ !
+ application-profile CONTROL-PLANE-APPLICATION-PROFILE
+ application CONTROL-PLANE-APPLICATION
+ !
+ application-profile VIDEO
+ application CUSTOM-APPLICATION-1
+ application skype
+ !
+ field-set ipv4 prefix CONTROL-PLANE-APP-DEST-PREFIXES
+ 192.168.144.1/32
+!
+ip routing
+no ip routing vrf MGMT
+ip routing vrf PROD
+!
+ip extcommunity-list ECL-EVPN-SOO permit soo 192.168.42.1:1
+!
+ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+ seq 10 permit 192.168.42.0/24 eq 32
+!
+route-map RM-CONN-2-BGP permit 10
+ match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+ set extcommunity soo 192.168.42.1:1 additive
+!
+route-map RM-EVPN-EXPORT-VRF-DEFAULT permit 10
+ match extcommunity ECL-EVPN-SOO
+!
+route-map RM-EVPN-SOO-IN deny 10
+ match extcommunity ECL-EVPN-SOO
+!
+route-map RM-EVPN-SOO-IN permit 20
+!
+route-map RM-EVPN-SOO-OUT permit 10
+ set extcommunity soo 192.168.42.1:1 additive
+!
+router bfd
+ multihop interval 300 min-rx 300 multiplier 3
+!
+router bgp 65000
+ router-id 192.168.42.1
+ maximum-paths 16
+ update wait-install
+ no bgp default ipv4-unicast
+ neighbor WAN-OVERLAY-PEERS peer group
+ neighbor WAN-OVERLAY-PEERS remote-as 65000
+ neighbor WAN-OVERLAY-PEERS update-source Dps1
+ neighbor WAN-OVERLAY-PEERS bfd
+ neighbor WAN-OVERLAY-PEERS bfd interval 1000 min-rx 1000 multiplier 10
+ neighbor WAN-OVERLAY-PEERS ttl maximum-hops 42
+ neighbor WAN-OVERLAY-PEERS password 7 htm4AZe9mIQOO1uiMuGgYQ==
+ neighbor WAN-OVERLAY-PEERS send-community
+ neighbor WAN-OVERLAY-PEERS maximum-routes 0
+ neighbor 192.168.144.1 peer group WAN-OVERLAY-PEERS
+ neighbor 192.168.144.1 description cv-pathfinder-pathfinder
+ redistribute connected route-map RM-CONN-2-BGP
+ !
+ address-family evpn
+ neighbor WAN-OVERLAY-PEERS route-map RM-EVPN-SOO-IN in
+ neighbor WAN-OVERLAY-PEERS route-map RM-EVPN-SOO-OUT out
+ neighbor WAN-OVERLAY-PEERS activate
+ !
+ address-family ipv4
+ no neighbor WAN-OVERLAY-PEERS activate
+ !
+ address-family ipv4 sr-te
+ neighbor WAN-OVERLAY-PEERS activate
+ !
+ address-family link-state
+ neighbor WAN-OVERLAY-PEERS activate
+ path-selection
+ !
+ address-family path-selection
+ bgp additional-paths receive
+ bgp additional-paths send any
+ neighbor WAN-OVERLAY-PEERS activate
+ !
+ vrf default
+ rd 192.168.42.1:1
+ route-target import evpn 1:1
+ route-target export evpn 1:1
+ route-target export evpn route-map RM-EVPN-EXPORT-VRF-DEFAULT
+ !
+ vrf PROD
+ rd 192.168.42.1:42
+ route-target import evpn 42:42
+ route-target export evpn 42:42
+ router-id 192.168.42.1
+ redistribute connected
+!
+router traffic-engineering
+!
+management api http-commands
+ protocol https
+ no shutdown
+ !
+ vrf MGMT
+ no shutdown
+!
+stun
+ client
+ server-profile INET-cv-pathfinder-pathfinder-Ethernet1
+ ip address 10.7.7.7
+ server-profile INET-cv-pathfinder-pathfinder-Ethernet3
+ ip address 10.9.9.9
+ server-profile MPLS-cv-pathfinder-pathfinder-Ethernet2
+ ip address 172.16.0.1
+!
+end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-no-common-path-group.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-no-common-path-group.cfg
index 76202a265e2..de0d44b5e42 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-no-common-path-group.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-no-common-path-group.cfg
@@ -41,6 +41,11 @@ router adaptive-virtual-topology
match application-profile default
avt profile DEFAULT-AVT-POLICY-DEFAULT
!
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
policy PROD-AVT-POLICY
!
match application-profile VOICE
@@ -61,6 +66,9 @@ router adaptive-virtual-topology
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -70,6 +78,10 @@ router adaptive-virtual-topology
profile PROD-AVT-POLICY-VOICE
path-selection load-balance LB-PROD-AVT-POLICY-VOICE
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ !
vrf default
avt policy DEFAULT-AVT-POLICY-WITH-CP
avt profile DEFAULT-AVT-POLICY-DEFAULT id 1
@@ -104,6 +116,9 @@ router path-selection
!
load-balance policy LB-DEFAULT-AVT-POLICY-VIDEO
!
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group Satellite
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
!
load-balance policy LB-PROD-AVT-POLICY-VIDEO
@@ -117,6 +132,8 @@ spanning-tree mode none
no enable password
no aaa root
!
+vrf instance ATTRACTED-VRF-FROM-UPLINK
+!
vrf instance IT
!
vrf instance MGMT
@@ -175,19 +192,27 @@ interface Ethernet52
flow tracker hardware WAN-FLOW-TRACKER
ip address 172.17.0.3/31
!
-interface Ethernet52.42
- description P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet2.42_vrf_PROD
+interface Ethernet52.142
+ description P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet2.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.3/31
!
-interface Ethernet52.100
- description P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet2.100_vrf_IT
+interface Ethernet52.666
+ description P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.3/31
+!
+interface Ethernet52.1000
+ description P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet2.1000_vrf_IT
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.3/31
!
@@ -200,6 +225,7 @@ interface Vxlan1
description cv-pathfinder-edge-no-common-path-group_VTEP
vxlan source-interface Dps1
vxlan udp-port 4789
+ vxlan vrf ATTRACTED-VRF-FROM-UPLINK vni 166
vxlan vrf default vni 1
vxlan vrf IT vni 100
vxlan vrf PROD vni 42
@@ -247,6 +273,7 @@ application traffic recognition
42
!
ip routing
+ip routing vrf ATTRACTED-VRF-FROM-UPLINK
ip routing vrf IT
no ip routing vrf MGMT
ip routing vrf PROD
@@ -329,6 +356,16 @@ router bgp 65000
bgp additional-paths send any
neighbor WAN-OVERLAY-PEERS activate
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ rd 192.168.42.2:666
+ route-target import evpn 666:666
+ route-target export evpn 666:666
+ router-id 192.168.42.2
+ neighbor 172.17.0.2 remote-as 65199
+ neighbor 172.17.0.2 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.2 description site-ha-disabled-leaf_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ redistribute connected
+ !
vrf default
rd 192.168.42.2:1
route-target import evpn 1:1
@@ -336,23 +373,23 @@ router bgp 65000
route-target export evpn route-map RM-EVPN-EXPORT-VRF-DEFAULT
!
vrf IT
- rd 192.168.42.2:100
- route-target import evpn 100:100
- route-target export evpn 100:100
+ rd 192.168.42.2:1000
+ route-target import evpn 1000:1000
+ route-target export evpn 1000:1000
router-id 192.168.42.2
neighbor 172.17.0.2 remote-as 65199
neighbor 172.17.0.2 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.2 description site-ha-disabled-leaf_Ethernet2.100_vrf_IT
+ neighbor 172.17.0.2 description site-ha-disabled-leaf_Ethernet2.1000_vrf_IT
redistribute connected
!
vrf PROD
- rd 192.168.42.2:42
- route-target import evpn 42:42
- route-target export evpn 42:42
+ rd 192.168.42.2:142
+ route-target import evpn 142:142
+ route-target export evpn 142:142
router-id 192.168.42.2
neighbor 172.17.0.2 remote-as 65199
neighbor 172.17.0.2 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.2 description site-ha-disabled-leaf_Ethernet2.42_vrf_PROD
+ neighbor 172.17.0.2 description site-ha-disabled-leaf_Ethernet2.142_vrf_PROD
redistribute connected
!
router traffic-engineering
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-no-default-policy.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-no-default-policy.cfg
index e3e3fae0a5c..032cbbf33ec 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-no-default-policy.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge-no-default-policy.cfg
@@ -20,24 +20,37 @@ router adaptive-virtual-topology
zone DEFAULT-ZONE id 1
site Site511 id 511
!
- policy DEFAULT-AVT-POLICY-WITH-CP
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
+ policy DEFAULT-POLICY-WITH-CP
!
match application-profile CONTROL-PLANE-APPLICATION-PROFILE
avt profile CONTROL-PLANE-PROFILE
!
match application-profile default
- avt profile DEFAULT-AVT-POLICY-DEFAULT
+ avt profile DEFAULT-POLICY-DEFAULT
!
profile CONTROL-PLANE-PROFILE
path-selection load-balance LB-CONTROL-PLANE-PROFILE
!
- profile DEFAULT-AVT-POLICY-DEFAULT
- path-selection load-balance LB-DEFAULT-AVT-POLICY-DEFAULT
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
!
vrf default
- avt policy DEFAULT-AVT-POLICY-WITH-CP
- avt profile DEFAULT-AVT-POLICY-DEFAULT id 1
+ avt policy DEFAULT-POLICY-WITH-CP
+ avt profile DEFAULT-POLICY-DEFAULT id 1
avt profile CONTROL-PLANE-PROFILE id 254
+ !
+ vrf IT
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ !
+ vrf PROD
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
!
router path-selection
tcp mss ceiling ipv4 ingress
@@ -77,7 +90,7 @@ router path-selection
path-group INET
path-group MPLS
!
- load-balance policy LB-DEFAULT-AVT-POLICY-DEFAULT
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
path-group INET
path-group LTE
path-group MPLS
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge.cfg
index 769150fbaa1..117e8dfdd39 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge.cfg
@@ -41,6 +41,11 @@ router adaptive-virtual-topology
match application-profile default
avt profile DEFAULT-AVT-POLICY-DEFAULT
!
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
policy PROD-AVT-POLICY
!
match application-profile VOICE
@@ -61,6 +66,9 @@ router adaptive-virtual-topology
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -70,6 +78,10 @@ router adaptive-virtual-topology
profile PROD-AVT-POLICY-VOICE
path-selection load-balance LB-PROD-AVT-POLICY-VOICE
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ !
vrf default
avt policy DEFAULT-AVT-POLICY-WITH-CP
avt profile DEFAULT-AVT-POLICY-DEFAULT id 1
@@ -133,6 +145,11 @@ router path-selection
path-group INET
path-group MPLS
!
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group INET
+ path-group LTE
+ path-group MPLS
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group MPLS priority 2
@@ -153,6 +170,8 @@ spanning-tree mode none
no enable password
no aaa root
!
+vrf instance ATTRACTED-VRF-FROM-UPLINK
+!
vrf instance IT
!
vrf instance MGMT
@@ -223,19 +242,27 @@ interface Ethernet52
flow tracker hardware WAN-FLOW-TRACKER
ip address 172.17.0.1/31
!
-interface Ethernet52.42
- description P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet1.42_vrf_PROD
+interface Ethernet52.142
+ description P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet1.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.1/31
!
-interface Ethernet52.100
- description P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet1.100_vrf_IT
+interface Ethernet52.666
+ description P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.1/31
+!
+interface Ethernet52.1000
+ description P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet1.1000_vrf_IT
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.1/31
!
@@ -248,6 +275,7 @@ interface Vxlan1
description cv-pathfinder-edge_VTEP
vxlan source-interface Dps1
vxlan udp-port 4789
+ vxlan vrf ATTRACTED-VRF-FROM-UPLINK vni 166
vxlan vrf default vni 1
vxlan vrf IT vni 100
vxlan vrf PROD vni 42
@@ -296,6 +324,7 @@ application traffic recognition
42
!
ip routing
+ip routing vrf ATTRACTED-VRF-FROM-UPLINK
ip routing vrf IT
no ip routing vrf MGMT
ip routing vrf PROD
@@ -393,6 +422,16 @@ router bgp 65000
bgp additional-paths send any
neighbor WAN-OVERLAY-PEERS activate
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ rd 192.168.42.1:666
+ route-target import evpn 666:666
+ route-target export evpn 666:666
+ router-id 192.168.42.1
+ neighbor 172.17.0.0 remote-as 65199
+ neighbor 172.17.0.0 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.0 description site-ha-disabled-leaf_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ redistribute connected
+ !
vrf default
rd 192.168.42.1:1
route-target import evpn 1:1
@@ -400,23 +439,23 @@ router bgp 65000
route-target export evpn route-map RM-EVPN-EXPORT-VRF-DEFAULT
!
vrf IT
- rd 192.168.42.1:100
- route-target import evpn 100:100
- route-target export evpn 100:100
+ rd 192.168.42.1:1000
+ route-target import evpn 1000:1000
+ route-target export evpn 1000:1000
router-id 192.168.42.1
neighbor 172.17.0.0 remote-as 65199
neighbor 172.17.0.0 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.0 description site-ha-disabled-leaf_Ethernet1.100_vrf_IT
+ neighbor 172.17.0.0 description site-ha-disabled-leaf_Ethernet1.1000_vrf_IT
redistribute connected
!
vrf PROD
- rd 192.168.42.1:42
- route-target import evpn 42:42
- route-target export evpn 42:42
+ rd 192.168.42.1:142
+ route-target import evpn 142:142
+ route-target export evpn 142:142
router-id 192.168.42.1
neighbor 172.17.0.0 remote-as 65199
neighbor 172.17.0.0 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.0 description site-ha-disabled-leaf_Ethernet1.42_vrf_PROD
+ neighbor 172.17.0.0 description site-ha-disabled-leaf_Ethernet1.142_vrf_PROD
redistribute connected
!
router traffic-engineering
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2A.cfg
index ef3df4dc994..78f52b2328e 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2A.cfg
@@ -41,6 +41,11 @@ router adaptive-virtual-topology
match application-profile default
avt profile DEFAULT-AVT-POLICY-DEFAULT
!
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
policy PROD-AVT-POLICY
!
match application-profile VOICE
@@ -61,6 +66,9 @@ router adaptive-virtual-topology
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -70,6 +78,10 @@ router adaptive-virtual-topology
profile PROD-AVT-POLICY-VOICE
path-selection load-balance LB-PROD-AVT-POLICY-VOICE
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ !
vrf default
avt policy DEFAULT-AVT-POLICY-WITH-CP
avt profile DEFAULT-AVT-POLICY-DEFAULT id 1
@@ -128,6 +140,10 @@ router path-selection
path-group INET
path-group LAN_HA
!
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group INET
+ path-group LAN_HA
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -147,6 +163,8 @@ spanning-tree mode none
no enable password
no aaa root
!
+vrf instance ATTRACTED-VRF-FROM-UPLINK
+!
vrf instance IT
!
vrf instance MGMT
@@ -209,19 +227,27 @@ interface Ethernet52
flow tracker hardware WAN-FLOW-TRACKER
ip address 172.17.0.5/31
!
-interface Ethernet52.42
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.42_vrf_PROD
+interface Ethernet52.142
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.5/31
!
-interface Ethernet52.100
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.100_vrf_IT
+interface Ethernet52.666
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.5/31
+!
+interface Ethernet52.1000
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.1000_vrf_IT
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.5/31
!
@@ -233,19 +259,27 @@ interface Ethernet53
flow tracker hardware WAN-FLOW-TRACKER
ip address 172.17.0.7/31
!
-interface Ethernet53.42
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.42_vrf_PROD
+interface Ethernet53.142
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.7/31
!
-interface Ethernet53.100
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.100_vrf_IT
+interface Ethernet53.666
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.7/31
+!
+interface Ethernet53.1000
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.1000_vrf_IT
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.7/31
!
@@ -258,6 +292,7 @@ interface Vxlan1
description cv-pathfinder-edge2A_VTEP
vxlan source-interface Dps1
vxlan udp-port 4789
+ vxlan vrf ATTRACTED-VRF-FROM-UPLINK vni 166
vxlan vrf default vni 1
vxlan vrf IT vni 100
vxlan vrf PROD vni 42
@@ -306,6 +341,7 @@ application traffic recognition
42
!
ip routing
+ip routing vrf ATTRACTED-VRF-FROM-UPLINK
ip routing vrf IT
no ip routing vrf MGMT
ip routing vrf PROD
@@ -425,6 +461,19 @@ router bgp 65000
bgp additional-paths send any
neighbor WAN-OVERLAY-PEERS activate
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ rd 192.168.42.2:666
+ route-target import evpn 666:666
+ route-target export evpn 666:666
+ router-id 192.168.42.2
+ neighbor 172.17.0.4 remote-as 65199
+ neighbor 172.17.0.4 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.4 description site-ha-enabled-leaf2A_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ neighbor 172.17.0.6 remote-as 65199
+ neighbor 172.17.0.6 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.6 description site-ha-enabled-leaf2B_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ redistribute connected
+ !
vrf default
rd 192.168.42.2:1
route-target import evpn 1:1
@@ -432,29 +481,29 @@ router bgp 65000
route-target export evpn route-map RM-EVPN-EXPORT-VRF-DEFAULT
!
vrf IT
- rd 192.168.42.2:100
- route-target import evpn 100:100
- route-target export evpn 100:100
+ rd 192.168.42.2:1000
+ route-target import evpn 1000:1000
+ route-target export evpn 1000:1000
router-id 192.168.42.2
neighbor 172.17.0.4 remote-as 65199
neighbor 172.17.0.4 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.4 description site-ha-enabled-leaf2A_Ethernet1.100_vrf_IT
+ neighbor 172.17.0.4 description site-ha-enabled-leaf2A_Ethernet1.1000_vrf_IT
neighbor 172.17.0.6 remote-as 65199
neighbor 172.17.0.6 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.6 description site-ha-enabled-leaf2B_Ethernet1.100_vrf_IT
+ neighbor 172.17.0.6 description site-ha-enabled-leaf2B_Ethernet1.1000_vrf_IT
redistribute connected
!
vrf PROD
- rd 192.168.42.2:42
- route-target import evpn 42:42
- route-target export evpn 42:42
+ rd 192.168.42.2:142
+ route-target import evpn 142:142
+ route-target export evpn 142:142
router-id 192.168.42.2
neighbor 172.17.0.4 remote-as 65199
neighbor 172.17.0.4 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.4 description site-ha-enabled-leaf2A_Ethernet1.42_vrf_PROD
+ neighbor 172.17.0.4 description site-ha-enabled-leaf2A_Ethernet1.142_vrf_PROD
neighbor 172.17.0.6 remote-as 65199
neighbor 172.17.0.6 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.6 description site-ha-enabled-leaf2B_Ethernet1.42_vrf_PROD
+ neighbor 172.17.0.6 description site-ha-enabled-leaf2B_Ethernet1.142_vrf_PROD
redistribute connected
!
router traffic-engineering
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2B.cfg
index 91e2bcdda82..b2ea913a1a2 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2B.cfg
@@ -41,6 +41,11 @@ router adaptive-virtual-topology
match application-profile default
avt profile DEFAULT-AVT-POLICY-DEFAULT
!
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
policy PROD-AVT-POLICY
!
match application-profile VOICE
@@ -61,6 +66,9 @@ router adaptive-virtual-topology
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -70,6 +78,10 @@ router adaptive-virtual-topology
profile PROD-AVT-POLICY-VOICE
path-selection load-balance LB-PROD-AVT-POLICY-VOICE
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ !
vrf default
avt policy DEFAULT-AVT-POLICY-WITH-CP
avt profile DEFAULT-AVT-POLICY-DEFAULT id 1
@@ -126,6 +138,10 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group LAN_HA
+ path-group MPLS
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group LAN_HA
path-group MPLS priority 2
@@ -145,6 +161,8 @@ spanning-tree mode none
no enable password
no aaa root
!
+vrf instance ATTRACTED-VRF-FROM-UPLINK
+!
vrf instance IT
!
vrf instance MGMT
@@ -206,19 +224,27 @@ interface Ethernet52
flow tracker hardware WAN-FLOW-TRACKER
ip address 172.17.0.9/31
!
-interface Ethernet52.42
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.42_vrf_PROD
+interface Ethernet52.142
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.9/31
!
-interface Ethernet52.100
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.100_vrf_IT
+interface Ethernet52.666
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.9/31
+!
+interface Ethernet52.1000
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.1000_vrf_IT
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.9/31
!
@@ -230,19 +256,27 @@ interface Ethernet53
flow tracker hardware WAN-FLOW-TRACKER
ip address 172.17.0.11/31
!
-interface Ethernet53.42
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.42_vrf_PROD
+interface Ethernet53.142
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.11/31
!
-interface Ethernet53.100
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.100_vrf_IT
+interface Ethernet53.666
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.11/31
+!
+interface Ethernet53.1000
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.1000_vrf_IT
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.11/31
!
@@ -255,6 +289,7 @@ interface Vxlan1
description cv-pathfinder-edge2B_VTEP
vxlan source-interface Dps1
vxlan udp-port 4789
+ vxlan vrf ATTRACTED-VRF-FROM-UPLINK vni 166
vxlan vrf default vni 1
vxlan vrf IT vni 100
vxlan vrf PROD vni 42
@@ -303,6 +338,7 @@ application traffic recognition
42
!
ip routing
+ip routing vrf ATTRACTED-VRF-FROM-UPLINK
ip routing vrf IT
no ip routing vrf MGMT
ip routing vrf PROD
@@ -422,6 +458,19 @@ router bgp 65000
bgp additional-paths send any
neighbor WAN-OVERLAY-PEERS activate
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ rd 192.168.42.3:666
+ route-target import evpn 666:666
+ route-target export evpn 666:666
+ router-id 192.168.42.3
+ neighbor 172.17.0.8 remote-as 65199
+ neighbor 172.17.0.8 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.8 description site-ha-enabled-leaf2A_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ neighbor 172.17.0.10 remote-as 65199
+ neighbor 172.17.0.10 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.10 description site-ha-enabled-leaf2B_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ redistribute connected
+ !
vrf default
rd 192.168.42.3:1
route-target import evpn 1:1
@@ -429,29 +478,29 @@ router bgp 65000
route-target export evpn route-map RM-EVPN-EXPORT-VRF-DEFAULT
!
vrf IT
- rd 192.168.42.3:100
- route-target import evpn 100:100
- route-target export evpn 100:100
+ rd 192.168.42.3:1000
+ route-target import evpn 1000:1000
+ route-target export evpn 1000:1000
router-id 192.168.42.3
neighbor 172.17.0.8 remote-as 65199
neighbor 172.17.0.8 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.8 description site-ha-enabled-leaf2A_Ethernet2.100_vrf_IT
+ neighbor 172.17.0.8 description site-ha-enabled-leaf2A_Ethernet2.1000_vrf_IT
neighbor 172.17.0.10 remote-as 65199
neighbor 172.17.0.10 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.10 description site-ha-enabled-leaf2B_Ethernet2.100_vrf_IT
+ neighbor 172.17.0.10 description site-ha-enabled-leaf2B_Ethernet2.1000_vrf_IT
redistribute connected
!
vrf PROD
- rd 192.168.42.3:42
- route-target import evpn 42:42
- route-target export evpn 42:42
+ rd 192.168.42.3:142
+ route-target import evpn 142:142
+ route-target export evpn 142:142
router-id 192.168.42.3
neighbor 172.17.0.8 remote-as 65199
neighbor 172.17.0.8 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.8 description site-ha-enabled-leaf2A_Ethernet2.42_vrf_PROD
+ neighbor 172.17.0.8 description site-ha-enabled-leaf2A_Ethernet2.142_vrf_PROD
neighbor 172.17.0.10 remote-as 65199
neighbor 172.17.0.10 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.10 description site-ha-enabled-leaf2B_Ethernet2.42_vrf_PROD
+ neighbor 172.17.0.10 description site-ha-enabled-leaf2B_Ethernet2.142_vrf_PROD
redistribute connected
!
router traffic-engineering
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder.cfg
index 42253134efb..31e25ff60cc 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder.cfg
@@ -36,6 +36,11 @@ router adaptive-virtual-topology
match application-profile default
avt profile DEFAULT-AVT-POLICY-DEFAULT
!
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
policy PROD-AVT-POLICY
!
match application-profile VOICE
@@ -50,7 +55,7 @@ router adaptive-virtual-topology
policy TRANSIT-AVT-POLICY
!
match application-profile VOICE
- avt profile TRANSIT-AVT-POLICY-VOICE
+ avt profile CUSTOM-VOICE-PROFILE-NAME
!
match application-profile default
avt profile TRANSIT-AVT-POLICY-DEFAULT
@@ -58,12 +63,18 @@ router adaptive-virtual-topology
profile CONTROL-PLANE-PROFILE
path-selection load-balance LB-CONTROL-PLANE-PROFILE
!
+ profile CUSTOM-VOICE-PROFILE-NAME
+ path-selection load-balance LB-CUSTOM-VOICE-PROFILE-NAME
+ !
profile DEFAULT-AVT-POLICY-DEFAULT
path-selection load-balance LB-DEFAULT-AVT-POLICY-DEFAULT
!
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -76,8 +87,9 @@ router adaptive-virtual-topology
profile TRANSIT-AVT-POLICY-DEFAULT
path-selection load-balance LB-TRANSIT-AVT-POLICY-DEFAULT
!
- profile TRANSIT-AVT-POLICY-VOICE
- path-selection load-balance LB-TRANSIT-AVT-POLICY-VOICE
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
!
vrf default
avt policy DEFAULT-AVT-POLICY-WITH-CP
@@ -99,7 +111,7 @@ router adaptive-virtual-topology
vrf TRANSIT
avt policy TRANSIT-AVT-POLICY
avt profile TRANSIT-AVT-POLICY-DEFAULT id 1
- avt profile TRANSIT-AVT-POLICY-VOICE id 42
+ avt profile CUSTOM-VOICE-PROFILE-NAME id 42
!
router path-selection
peer dynamic source stun
@@ -130,6 +142,11 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-CUSTOM-VOICE-PROFILE-NAME
+ path-group LAN_HA
+ path-group MPLS
+ path-group INET priority 2
+ !
load-balance policy LB-DEFAULT-AVT-POLICY-DEFAULT
path-group Equinix
path-group INET
@@ -141,6 +158,11 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group INET
+ path-group LAN_HA
+ path-group MPLS
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -163,11 +185,6 @@ router path-selection
path-group INET
path-group LAN_HA
path-group MPLS priority 2
- !
- load-balance policy LB-TRANSIT-AVT-POLICY-VOICE
- path-group LAN_HA
- path-group MPLS
- path-group INET priority 2
!
spanning-tree mode none
!
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder1.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder1.cfg
index d464fdcaed2..0da3bae91ac 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder1.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder1.cfg
@@ -36,6 +36,11 @@ router adaptive-virtual-topology
match application-profile default
avt profile DEFAULT-AVT-POLICY-DEFAULT
!
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
policy PROD-AVT-POLICY
!
match application-profile VOICE
@@ -50,7 +55,7 @@ router adaptive-virtual-topology
policy TRANSIT-AVT-POLICY
!
match application-profile VOICE
- avt profile TRANSIT-AVT-POLICY-VOICE
+ avt profile CUSTOM-VOICE-PROFILE-NAME
!
match application-profile default
avt profile TRANSIT-AVT-POLICY-DEFAULT
@@ -58,12 +63,18 @@ router adaptive-virtual-topology
profile CONTROL-PLANE-PROFILE
path-selection load-balance LB-CONTROL-PLANE-PROFILE
!
+ profile CUSTOM-VOICE-PROFILE-NAME
+ path-selection load-balance LB-CUSTOM-VOICE-PROFILE-NAME
+ !
profile DEFAULT-AVT-POLICY-DEFAULT
path-selection load-balance LB-DEFAULT-AVT-POLICY-DEFAULT
!
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -76,8 +87,9 @@ router adaptive-virtual-topology
profile TRANSIT-AVT-POLICY-DEFAULT
path-selection load-balance LB-TRANSIT-AVT-POLICY-DEFAULT
!
- profile TRANSIT-AVT-POLICY-VOICE
- path-selection load-balance LB-TRANSIT-AVT-POLICY-VOICE
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
!
vrf default
avt policy DEFAULT-AVT-POLICY-WITH-CP
@@ -99,7 +111,7 @@ router adaptive-virtual-topology
vrf TRANSIT
avt policy TRANSIT-AVT-POLICY
avt profile TRANSIT-AVT-POLICY-DEFAULT id 1
- avt profile TRANSIT-AVT-POLICY-VOICE id 42
+ avt profile CUSTOM-VOICE-PROFILE-NAME id 42
!
router path-selection
peer dynamic source stun
@@ -133,6 +145,11 @@ router path-selection
path-group INET
path-group LAN_HA
!
+ load-balance policy LB-CUSTOM-VOICE-PROFILE-NAME
+ path-group LAN_HA
+ path-group MPLS
+ path-group INET priority 2
+ !
load-balance policy LB-DEFAULT-AVT-POLICY-DEFAULT
path-group Equinix
path-group INET
@@ -144,6 +161,10 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group INET
+ path-group LAN_HA
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -166,11 +187,6 @@ router path-selection
path-group INET
path-group LAN_HA
path-group MPLS priority 2
- !
- load-balance policy LB-TRANSIT-AVT-POLICY-VOICE
- path-group LAN_HA
- path-group MPLS
- path-group INET priority 2
!
spanning-tree mode none
!
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder2.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder2.cfg
index dea76b2a487..17eb6146345 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder2.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder2.cfg
@@ -36,6 +36,11 @@ router adaptive-virtual-topology
match application-profile default
avt profile DEFAULT-AVT-POLICY-DEFAULT
!
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
policy PROD-AVT-POLICY
!
match application-profile VOICE
@@ -50,7 +55,7 @@ router adaptive-virtual-topology
policy TRANSIT-AVT-POLICY
!
match application-profile VOICE
- avt profile TRANSIT-AVT-POLICY-VOICE
+ avt profile CUSTOM-VOICE-PROFILE-NAME
!
match application-profile default
avt profile TRANSIT-AVT-POLICY-DEFAULT
@@ -58,12 +63,18 @@ router adaptive-virtual-topology
profile CONTROL-PLANE-PROFILE
path-selection load-balance LB-CONTROL-PLANE-PROFILE
!
+ profile CUSTOM-VOICE-PROFILE-NAME
+ path-selection load-balance LB-CUSTOM-VOICE-PROFILE-NAME
+ !
profile DEFAULT-AVT-POLICY-DEFAULT
path-selection load-balance LB-DEFAULT-AVT-POLICY-DEFAULT
!
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -76,8 +87,9 @@ router adaptive-virtual-topology
profile TRANSIT-AVT-POLICY-DEFAULT
path-selection load-balance LB-TRANSIT-AVT-POLICY-DEFAULT
!
- profile TRANSIT-AVT-POLICY-VOICE
- path-selection load-balance LB-TRANSIT-AVT-POLICY-VOICE
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
!
vrf default
avt policy DEFAULT-AVT-POLICY-WITH-CP
@@ -99,7 +111,7 @@ router adaptive-virtual-topology
vrf TRANSIT
avt policy TRANSIT-AVT-POLICY
avt profile TRANSIT-AVT-POLICY-DEFAULT id 1
- avt profile TRANSIT-AVT-POLICY-VOICE id 42
+ avt profile CUSTOM-VOICE-PROFILE-NAME id 42
!
router path-selection
peer dynamic source stun
@@ -140,6 +152,11 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-CUSTOM-VOICE-PROFILE-NAME
+ path-group LAN_HA
+ path-group MPLS
+ path-group INET priority 2
+ !
load-balance policy LB-DEFAULT-AVT-POLICY-DEFAULT
path-group Equinix
path-group INET
@@ -151,6 +168,11 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group INET
+ path-group LAN_HA
+ path-group MPLS
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -173,11 +195,6 @@ router path-selection
path-group INET
path-group LAN_HA
path-group MPLS priority 2
- !
- load-balance policy LB-TRANSIT-AVT-POLICY-VOICE
- path-group LAN_HA
- path-group MPLS
- path-group INET priority 2
!
spanning-tree mode none
!
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1A.cfg
index 1886468d384..b045b5fc4dc 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1A.cfg
@@ -41,6 +41,11 @@ router adaptive-virtual-topology
match application-profile default
avt profile DEFAULT-AVT-POLICY-DEFAULT
!
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
policy PROD-AVT-POLICY
!
match application-profile VOICE
@@ -55,7 +60,7 @@ router adaptive-virtual-topology
policy TRANSIT-AVT-POLICY
!
match application-profile VOICE
- avt profile TRANSIT-AVT-POLICY-VOICE
+ avt profile CUSTOM-VOICE-PROFILE-NAME
!
match application-profile default
avt profile TRANSIT-AVT-POLICY-DEFAULT
@@ -63,12 +68,18 @@ router adaptive-virtual-topology
profile CONTROL-PLANE-PROFILE
path-selection load-balance LB-CONTROL-PLANE-PROFILE
!
+ profile CUSTOM-VOICE-PROFILE-NAME
+ path-selection load-balance LB-CUSTOM-VOICE-PROFILE-NAME
+ !
profile DEFAULT-AVT-POLICY-DEFAULT
path-selection load-balance LB-DEFAULT-AVT-POLICY-DEFAULT
!
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -81,8 +92,9 @@ router adaptive-virtual-topology
profile TRANSIT-AVT-POLICY-DEFAULT
path-selection load-balance LB-TRANSIT-AVT-POLICY-DEFAULT
!
- profile TRANSIT-AVT-POLICY-VOICE
- path-selection load-balance LB-TRANSIT-AVT-POLICY-VOICE
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
!
vrf default
avt policy DEFAULT-AVT-POLICY-WITH-CP
@@ -104,7 +116,7 @@ router adaptive-virtual-topology
vrf TRANSIT
avt policy TRANSIT-AVT-POLICY
avt profile TRANSIT-AVT-POLICY-DEFAULT id 1
- avt profile TRANSIT-AVT-POLICY-VOICE id 42
+ avt profile CUSTOM-VOICE-PROFILE-NAME id 42
!
router path-selection
tcp mss ceiling ipv4 ingress
@@ -147,6 +159,11 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-CUSTOM-VOICE-PROFILE-NAME
+ path-group LAN_HA
+ path-group MPLS
+ path-group INET priority 2
+ !
load-balance policy LB-DEFAULT-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -157,6 +174,11 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group INET
+ path-group LAN_HA
+ path-group MPLS
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -178,21 +200,20 @@ router path-selection
path-group INET
path-group LAN_HA
path-group MPLS priority 2
- !
- load-balance policy LB-TRANSIT-AVT-POLICY-VOICE
- path-group LAN_HA
- path-group MPLS
- path-group INET priority 2
!
spanning-tree mode none
!
no enable password
no aaa root
!
+vrf instance ATTRACTED-VRF-FROM-UPLINK
+!
vrf instance IT
!
vrf instance MGMT
!
+vrf instance NOT-WAN-VRF
+!
vrf instance PROD
!
vrf instance TRANSIT
@@ -267,19 +288,27 @@ interface Ethernet52
flow tracker hardware WAN-FLOW-TRACKER
ip address 172.17.0.1/31
!
-interface Ethernet52.42
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.42_vrf_PROD
+interface Ethernet52.142
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.1/31
!
-interface Ethernet52.100
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.100_vrf_IT
+interface Ethernet52.666
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.1/31
+!
+interface Ethernet52.1000
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.1000_vrf_IT
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.1/31
!
@@ -292,6 +321,7 @@ interface Vxlan1
description cv-pathfinder-transit1A_VTEP
vxlan source-interface Dps1
vxlan udp-port 4789
+ vxlan vrf ATTRACTED-VRF-FROM-UPLINK vni 166
vxlan vrf default vni 1
vxlan vrf IT vni 100
vxlan vrf PROD vni 42
@@ -341,8 +371,10 @@ application traffic recognition
42
!
ip routing
+ip routing vrf ATTRACTED-VRF-FROM-UPLINK
ip routing vrf IT
no ip routing vrf MGMT
+ip routing vrf NOT-WAN-VRF
ip routing vrf PROD
ip routing vrf TRANSIT
!
@@ -456,6 +488,16 @@ router bgp 65000
bgp additional-paths send any
neighbor WAN-OVERLAY-PEERS activate
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ rd 192.168.43.1:666
+ route-target import evpn 666:666
+ route-target export evpn 666:666
+ router-id 192.168.43.1
+ neighbor 172.17.0.0 remote-as 65199
+ neighbor 172.17.0.0 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.0 description site-ha-enabled-leaf1_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ redistribute connected
+ !
vrf default
rd 192.168.43.1:1
route-target import evpn 1:1
@@ -463,23 +505,27 @@ router bgp 65000
route-target export evpn route-map RM-EVPN-EXPORT-VRF-DEFAULT
!
vrf IT
- rd 192.168.43.1:100
- route-target import evpn 100:100
- route-target export evpn 100:100
+ rd 192.168.43.1:1000
+ route-target import evpn 1000:1000
+ route-target export evpn 1000:1000
router-id 192.168.43.1
neighbor 172.17.0.0 remote-as 65199
neighbor 172.17.0.0 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.0 description site-ha-enabled-leaf1_Ethernet1.100_vrf_IT
+ neighbor 172.17.0.0 description site-ha-enabled-leaf1_Ethernet1.1000_vrf_IT
+ redistribute connected
+ !
+ vrf NOT-WAN-VRF
+ router-id 192.168.43.1
redistribute connected
!
vrf PROD
- rd 192.168.43.1:42
- route-target import evpn 42:42
- route-target export evpn 42:42
+ rd 192.168.43.1:142
+ route-target import evpn 142:142
+ route-target export evpn 142:142
router-id 192.168.43.1
neighbor 172.17.0.0 remote-as 65199
neighbor 172.17.0.0 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.0 description site-ha-enabled-leaf1_Ethernet1.42_vrf_PROD
+ neighbor 172.17.0.0 description site-ha-enabled-leaf1_Ethernet1.142_vrf_PROD
redistribute connected
!
vrf TRANSIT
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1B.cfg
index 2acbead43bb..753e3b32dcc 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1B.cfg
@@ -41,6 +41,11 @@ router adaptive-virtual-topology
match application-profile default
avt profile DEFAULT-AVT-POLICY-DEFAULT
!
+ policy DEFAULT-POLICY
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
policy PROD-AVT-POLICY
!
match application-profile VOICE
@@ -55,7 +60,7 @@ router adaptive-virtual-topology
policy TRANSIT-AVT-POLICY
!
match application-profile VOICE
- avt profile TRANSIT-AVT-POLICY-VOICE
+ avt profile CUSTOM-VOICE-PROFILE-NAME
!
match application-profile default
avt profile TRANSIT-AVT-POLICY-DEFAULT
@@ -63,12 +68,18 @@ router adaptive-virtual-topology
profile CONTROL-PLANE-PROFILE
path-selection load-balance LB-CONTROL-PLANE-PROFILE
!
+ profile CUSTOM-VOICE-PROFILE-NAME
+ path-selection load-balance LB-CUSTOM-VOICE-PROFILE-NAME
+ !
profile DEFAULT-AVT-POLICY-DEFAULT
path-selection load-balance LB-DEFAULT-AVT-POLICY-DEFAULT
!
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -81,8 +92,9 @@ router adaptive-virtual-topology
profile TRANSIT-AVT-POLICY-DEFAULT
path-selection load-balance LB-TRANSIT-AVT-POLICY-DEFAULT
!
- profile TRANSIT-AVT-POLICY-VOICE
- path-selection load-balance LB-TRANSIT-AVT-POLICY-VOICE
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ avt policy DEFAULT-POLICY
+ avt profile DEFAULT-POLICY-DEFAULT id 1
!
vrf default
avt policy DEFAULT-AVT-POLICY-WITH-CP
@@ -104,7 +116,7 @@ router adaptive-virtual-topology
vrf TRANSIT
avt policy TRANSIT-AVT-POLICY
avt profile TRANSIT-AVT-POLICY-DEFAULT id 1
- avt profile TRANSIT-AVT-POLICY-VOICE id 42
+ avt profile CUSTOM-VOICE-PROFILE-NAME id 42
!
router path-selection
tcp mss ceiling ipv4 ingress
@@ -147,6 +159,11 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-CUSTOM-VOICE-PROFILE-NAME
+ path-group LAN_HA
+ path-group MPLS
+ path-group INET priority 2
+ !
load-balance policy LB-DEFAULT-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -157,6 +174,11 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group INET
+ path-group LAN_HA
+ path-group MPLS
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -178,21 +200,20 @@ router path-selection
path-group INET
path-group LAN_HA
path-group MPLS priority 2
- !
- load-balance policy LB-TRANSIT-AVT-POLICY-VOICE
- path-group LAN_HA
- path-group MPLS
- path-group INET priority 2
!
spanning-tree mode none
!
no enable password
no aaa root
!
+vrf instance ATTRACTED-VRF-FROM-UPLINK
+!
vrf instance IT
!
vrf instance MGMT
!
+vrf instance NOT-WAN-VRF
+!
vrf instance PROD
!
vrf instance TRANSIT
@@ -267,19 +288,27 @@ interface Ethernet52
flow tracker hardware WAN-FLOW-TRACKER
ip address 172.17.0.3/31
!
-interface Ethernet52.42
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.42_vrf_PROD
+interface Ethernet52.142
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.3/31
!
-interface Ethernet52.100
- description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.100_vrf_IT
+interface Ethernet52.666
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.3/31
+!
+interface Ethernet52.1000
+ description P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.1000_vrf_IT
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.3/31
!
@@ -292,6 +321,7 @@ interface Vxlan1
description cv-pathfinder-transit1B_VTEP
vxlan source-interface Dps1
vxlan udp-port 4789
+ vxlan vrf ATTRACTED-VRF-FROM-UPLINK vni 166
vxlan vrf default vni 1
vxlan vrf IT vni 100
vxlan vrf PROD vni 42
@@ -341,8 +371,10 @@ application traffic recognition
42
!
ip routing
+ip routing vrf ATTRACTED-VRF-FROM-UPLINK
ip routing vrf IT
no ip routing vrf MGMT
+ip routing vrf NOT-WAN-VRF
ip routing vrf PROD
ip routing vrf TRANSIT
!
@@ -456,6 +488,16 @@ router bgp 65000
bgp additional-paths send any
neighbor WAN-OVERLAY-PEERS activate
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ rd 192.168.43.2:666
+ route-target import evpn 666:666
+ route-target export evpn 666:666
+ router-id 192.168.43.2
+ neighbor 172.17.0.2 remote-as 65199
+ neighbor 172.17.0.2 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.2 description site-ha-enabled-leaf1_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ redistribute connected
+ !
vrf default
rd 192.168.43.2:1
route-target import evpn 1:1
@@ -463,23 +505,27 @@ router bgp 65000
route-target export evpn route-map RM-EVPN-EXPORT-VRF-DEFAULT
!
vrf IT
- rd 192.168.43.2:100
- route-target import evpn 100:100
- route-target export evpn 100:100
+ rd 192.168.43.2:1000
+ route-target import evpn 1000:1000
+ route-target export evpn 1000:1000
router-id 192.168.43.2
neighbor 172.17.0.2 remote-as 65199
neighbor 172.17.0.2 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.2 description site-ha-enabled-leaf1_Ethernet2.100_vrf_IT
+ neighbor 172.17.0.2 description site-ha-enabled-leaf1_Ethernet2.1000_vrf_IT
+ redistribute connected
+ !
+ vrf NOT-WAN-VRF
+ router-id 192.168.43.2
redistribute connected
!
vrf PROD
- rd 192.168.43.2:42
- route-target import evpn 42:42
- route-target export evpn 42:42
+ rd 192.168.43.2:142
+ route-target import evpn 142:142
+ route-target export evpn 142:142
router-id 192.168.43.2
neighbor 172.17.0.2 remote-as 65199
neighbor 172.17.0.2 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.2 description site-ha-enabled-leaf1_Ethernet2.42_vrf_PROD
+ neighbor 172.17.0.2 description site-ha-enabled-leaf1_Ethernet2.142_vrf_PROD
redistribute connected
!
vrf TRANSIT
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-disabled-leaf.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-disabled-leaf.cfg
index 0a962cbfeda..c6ceb6e7ce8 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-disabled-leaf.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-disabled-leaf.cfg
@@ -17,6 +17,11 @@ vlan 100
vlan 101
name VLAN101
!
+vlan 666
+ name VLAN666
+!
+vrf instance ATTRACTED-VRF-FROM-UPLINK
+!
vrf instance IT
!
vrf instance MGMT
@@ -30,19 +35,27 @@ interface Ethernet1
no switchport
ip address 172.17.0.0/31
!
-interface Ethernet1.42
- description P2P_LINK_TO_CV-PATHFINDER-EDGE_Ethernet52.42_vrf_PROD
+interface Ethernet1.142
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE_Ethernet52.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.0/31
!
-interface Ethernet1.100
- description P2P_LINK_TO_CV-PATHFINDER-EDGE_Ethernet52.100_vrf_IT
+interface Ethernet1.666
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.0/31
+!
+interface Ethernet1.1000
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE_Ethernet52.1000_vrf_IT
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.0/31
!
@@ -53,19 +66,27 @@ interface Ethernet2
no switchport
ip address 172.17.0.2/31
!
-interface Ethernet2.42
- description P2P_LINK_TO_CV-PATHFINDER-EDGE-NO-COMMON-PATH-GROUP_Ethernet52.42_vrf_PROD
+interface Ethernet2.142
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE-NO-COMMON-PATH-GROUP_Ethernet52.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.2/31
!
-interface Ethernet2.100
- description P2P_LINK_TO_CV-PATHFINDER-EDGE-NO-COMMON-PATH-GROUP_Ethernet52.100_vrf_IT
+interface Ethernet2.666
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE-NO-COMMON-PATH-GROUP_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.2/31
+!
+interface Ethernet2.1000
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE-NO-COMMON-PATH-GROUP_Ethernet52.1000_vrf_IT
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.2/31
!
@@ -85,19 +106,29 @@ interface Vlan100
vrf PROD
ip address virtual 10.0.100.1/24
!
+interface Vlan666
+ description VLAN666
+ shutdown
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 10.66.66.1
+ ip address virtual 10.66.66.66/24
+!
interface Vxlan1
description site-ha-disabled-leaf_VTEP
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 100 vni 1100
vxlan vlan 101 vni 1101
+ vxlan vlan 666 vni 1666
+ vxlan vrf ATTRACTED-VRF-FROM-UPLINK vni 666
vxlan vrf default vni 1
- vxlan vrf IT vni 100
- vxlan vrf PROD vni 42
+ vxlan vrf IT vni 1000
+ vxlan vrf PROD vni 142
!
ip virtual-router mac-address 00:1c:73:00:00:01
!
ip routing
+ip routing vrf ATTRACTED-VRF-FROM-UPLINK
ip routing vrf IT
no ip routing vrf MGMT
ip routing vrf PROD
@@ -144,6 +175,11 @@ router bgp 65199
route-target both 1101:1101
redistribute learned
!
+ vlan 666
+ rd 192.168.45.4:1666
+ route-target both 1666:1666
+ redistribute learned
+ !
address-family evpn
neighbor EVPN-OVERLAY-PEERS activate
!
@@ -151,35 +187,48 @@ router bgp 65199
no neighbor EVPN-OVERLAY-PEERS activate
neighbor IPv4-UNDERLAY-PEERS activate
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ rd 192.168.45.4:666
+ route-target import evpn 666:666
+ route-target export evpn 666:666
+ router-id 192.168.45.4
+ neighbor 172.17.0.1 remote-as 65000
+ neighbor 172.17.0.1 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.1 description cv-pathfinder-edge_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ neighbor 172.17.0.3 remote-as 65000
+ neighbor 172.17.0.3 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.3 description cv-pathfinder-edge-no-common-path-group_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ redistribute connected
+ !
vrf default
rd 192.168.45.4:1
route-target import evpn 1:1
route-target export evpn 1:1
!
vrf IT
- rd 192.168.45.4:100
- route-target import evpn 100:100
- route-target export evpn 100:100
+ rd 192.168.45.4:1000
+ route-target import evpn 1000:1000
+ route-target export evpn 1000:1000
router-id 192.168.45.4
neighbor 172.17.0.1 remote-as 65000
neighbor 172.17.0.1 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.1 description cv-pathfinder-edge_Ethernet52.100_vrf_IT
+ neighbor 172.17.0.1 description cv-pathfinder-edge_Ethernet52.1000_vrf_IT
neighbor 172.17.0.3 remote-as 65000
neighbor 172.17.0.3 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.3 description cv-pathfinder-edge-no-common-path-group_Ethernet52.100_vrf_IT
+ neighbor 172.17.0.3 description cv-pathfinder-edge-no-common-path-group_Ethernet52.1000_vrf_IT
redistribute connected
!
vrf PROD
- rd 192.168.45.4:42
- route-target import evpn 42:42
- route-target export evpn 42:42
+ rd 192.168.45.4:142
+ route-target import evpn 142:142
+ route-target export evpn 142:142
router-id 192.168.45.4
neighbor 172.17.0.1 remote-as 65000
neighbor 172.17.0.1 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.1 description cv-pathfinder-edge_Ethernet52.42_vrf_PROD
+ neighbor 172.17.0.1 description cv-pathfinder-edge_Ethernet52.142_vrf_PROD
neighbor 172.17.0.3 remote-as 65000
neighbor 172.17.0.3 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.3 description cv-pathfinder-edge-no-common-path-group_Ethernet52.42_vrf_PROD
+ neighbor 172.17.0.3 description cv-pathfinder-edge-no-common-path-group_Ethernet52.142_vrf_PROD
redistribute connected
!
management api http-commands
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf1.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf1.cfg
index b09f8c9740f..684625f0f62 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf1.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf1.cfg
@@ -17,6 +17,11 @@ vlan 100
vlan 101
name VLAN101
!
+vlan 666
+ name VLAN666
+!
+vrf instance ATTRACTED-VRF-FROM-UPLINK
+!
vrf instance IT
!
vrf instance MGMT
@@ -30,19 +35,27 @@ interface Ethernet1
no switchport
ip address 172.17.0.0/31
!
-interface Ethernet1.42
- description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.42_vrf_PROD
+interface Ethernet1.142
+ description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.0/31
!
-interface Ethernet1.100
- description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.100_vrf_IT
+interface Ethernet1.666
+ description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.0/31
+!
+interface Ethernet1.1000
+ description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.1000_vrf_IT
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.0/31
!
@@ -53,19 +66,27 @@ interface Ethernet2
no switchport
ip address 172.17.0.2/31
!
-interface Ethernet2.42
- description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.42_vrf_PROD
+interface Ethernet2.142
+ description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.2/31
!
-interface Ethernet2.100
- description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.100_vrf_IT
+interface Ethernet2.666
+ description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.2/31
+!
+interface Ethernet2.1000
+ description P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.1000_vrf_IT
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.2/31
!
@@ -85,19 +106,28 @@ interface Vlan100
vrf PROD
ip address virtual 10.0.100.1/24
!
+interface Vlan666
+ description VLAN666
+ shutdown
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address virtual 10.66.66.66/24
+!
interface Vxlan1
description site-ha-enabled-leaf1_VTEP
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 100 vni 1100
vxlan vlan 101 vni 1101
+ vxlan vlan 666 vni 1666
+ vxlan vrf ATTRACTED-VRF-FROM-UPLINK vni 666
vxlan vrf default vni 1
- vxlan vrf IT vni 100
- vxlan vrf PROD vni 42
+ vxlan vrf IT vni 1000
+ vxlan vrf PROD vni 142
!
ip virtual-router mac-address 00:1c:73:00:00:01
!
ip routing
+ip routing vrf ATTRACTED-VRF-FROM-UPLINK
ip routing vrf IT
no ip routing vrf MGMT
ip routing vrf PROD
@@ -144,6 +174,11 @@ router bgp 65199
route-target both 1101:1101
redistribute learned
!
+ vlan 666
+ rd 192.168.45.1:1666
+ route-target both 1666:1666
+ redistribute learned
+ !
address-family evpn
neighbor EVPN-OVERLAY-PEERS activate
!
@@ -151,35 +186,48 @@ router bgp 65199
no neighbor EVPN-OVERLAY-PEERS activate
neighbor IPv4-UNDERLAY-PEERS activate
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ rd 192.168.45.1:666
+ route-target import evpn 666:666
+ route-target export evpn 666:666
+ router-id 192.168.45.1
+ neighbor 172.17.0.1 remote-as 65000
+ neighbor 172.17.0.1 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.1 description cv-pathfinder-transit1A_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ neighbor 172.17.0.3 remote-as 65000
+ neighbor 172.17.0.3 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.3 description cv-pathfinder-transit1B_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ redistribute connected
+ !
vrf default
rd 192.168.45.1:1
route-target import evpn 1:1
route-target export evpn 1:1
!
vrf IT
- rd 192.168.45.1:100
- route-target import evpn 100:100
- route-target export evpn 100:100
+ rd 192.168.45.1:1000
+ route-target import evpn 1000:1000
+ route-target export evpn 1000:1000
router-id 192.168.45.1
neighbor 172.17.0.1 remote-as 65000
neighbor 172.17.0.1 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.1 description cv-pathfinder-transit1A_Ethernet52.100_vrf_IT
+ neighbor 172.17.0.1 description cv-pathfinder-transit1A_Ethernet52.1000_vrf_IT
neighbor 172.17.0.3 remote-as 65000
neighbor 172.17.0.3 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.3 description cv-pathfinder-transit1B_Ethernet52.100_vrf_IT
+ neighbor 172.17.0.3 description cv-pathfinder-transit1B_Ethernet52.1000_vrf_IT
redistribute connected
!
vrf PROD
- rd 192.168.45.1:42
- route-target import evpn 42:42
- route-target export evpn 42:42
+ rd 192.168.45.1:142
+ route-target import evpn 142:142
+ route-target export evpn 142:142
router-id 192.168.45.1
neighbor 172.17.0.1 remote-as 65000
neighbor 172.17.0.1 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.1 description cv-pathfinder-transit1A_Ethernet52.42_vrf_PROD
+ neighbor 172.17.0.1 description cv-pathfinder-transit1A_Ethernet52.142_vrf_PROD
neighbor 172.17.0.3 remote-as 65000
neighbor 172.17.0.3 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.3 description cv-pathfinder-transit1B_Ethernet52.42_vrf_PROD
+ neighbor 172.17.0.3 description cv-pathfinder-transit1B_Ethernet52.142_vrf_PROD
redistribute connected
!
management api http-commands
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf2A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf2A.cfg
index 878901518be..882ee166fb1 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf2A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf2A.cfg
@@ -17,6 +17,11 @@ vlan 100
vlan 101
name VLAN101
!
+vlan 666
+ name VLAN666
+!
+vrf instance ATTRACTED-VRF-FROM-UPLINK
+!
vrf instance IT
!
vrf instance MGMT
@@ -30,19 +35,27 @@ interface Ethernet1
no switchport
ip address 172.17.0.4/31
!
-interface Ethernet1.42
- description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.42_vrf_PROD
+interface Ethernet1.142
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.4/31
!
-interface Ethernet1.100
- description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.100_vrf_IT
+interface Ethernet1.666
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.4/31
+!
+interface Ethernet1.1000
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.1000_vrf_IT
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.4/31
!
@@ -53,19 +66,27 @@ interface Ethernet2
no switchport
ip address 172.17.0.8/31
!
-interface Ethernet2.42
- description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.42_vrf_PROD
+interface Ethernet2.142
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.8/31
!
-interface Ethernet2.100
- description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.100_vrf_IT
+interface Ethernet2.666
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.8/31
+!
+interface Ethernet2.1000
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.1000_vrf_IT
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.8/31
!
@@ -85,19 +106,28 @@ interface Vlan100
vrf PROD
ip address virtual 10.0.100.1/24
!
+interface Vlan666
+ description VLAN666
+ shutdown
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address virtual 10.66.66.66/24
+!
interface Vxlan1
description site-ha-enabled-leaf2A_VTEP
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 100 vni 1100
vxlan vlan 101 vni 1101
+ vxlan vlan 666 vni 1666
+ vxlan vrf ATTRACTED-VRF-FROM-UPLINK vni 666
vxlan vrf default vni 1
- vxlan vrf IT vni 100
- vxlan vrf PROD vni 42
+ vxlan vrf IT vni 1000
+ vxlan vrf PROD vni 142
!
ip virtual-router mac-address 00:1c:73:00:00:01
!
ip routing
+ip routing vrf ATTRACTED-VRF-FROM-UPLINK
ip routing vrf IT
no ip routing vrf MGMT
ip routing vrf PROD
@@ -144,6 +174,11 @@ router bgp 65199
route-target both 1101:1101
redistribute learned
!
+ vlan 666
+ rd 192.168.45.2:1666
+ route-target both 1666:1666
+ redistribute learned
+ !
address-family evpn
neighbor EVPN-OVERLAY-PEERS activate
!
@@ -151,35 +186,48 @@ router bgp 65199
no neighbor EVPN-OVERLAY-PEERS activate
neighbor IPv4-UNDERLAY-PEERS activate
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ rd 192.168.45.2:666
+ route-target import evpn 666:666
+ route-target export evpn 666:666
+ router-id 192.168.45.2
+ neighbor 172.17.0.5 remote-as 65000
+ neighbor 172.17.0.5 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.5 description cv-pathfinder-edge2A_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ neighbor 172.17.0.9 remote-as 65000
+ neighbor 172.17.0.9 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.9 description cv-pathfinder-edge2B_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ redistribute connected
+ !
vrf default
rd 192.168.45.2:1
route-target import evpn 1:1
route-target export evpn 1:1
!
vrf IT
- rd 192.168.45.2:100
- route-target import evpn 100:100
- route-target export evpn 100:100
+ rd 192.168.45.2:1000
+ route-target import evpn 1000:1000
+ route-target export evpn 1000:1000
router-id 192.168.45.2
neighbor 172.17.0.5 remote-as 65000
neighbor 172.17.0.5 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.5 description cv-pathfinder-edge2A_Ethernet52.100_vrf_IT
+ neighbor 172.17.0.5 description cv-pathfinder-edge2A_Ethernet52.1000_vrf_IT
neighbor 172.17.0.9 remote-as 65000
neighbor 172.17.0.9 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.9 description cv-pathfinder-edge2B_Ethernet52.100_vrf_IT
+ neighbor 172.17.0.9 description cv-pathfinder-edge2B_Ethernet52.1000_vrf_IT
redistribute connected
!
vrf PROD
- rd 192.168.45.2:42
- route-target import evpn 42:42
- route-target export evpn 42:42
+ rd 192.168.45.2:142
+ route-target import evpn 142:142
+ route-target export evpn 142:142
router-id 192.168.45.2
neighbor 172.17.0.5 remote-as 65000
neighbor 172.17.0.5 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.5 description cv-pathfinder-edge2A_Ethernet52.42_vrf_PROD
+ neighbor 172.17.0.5 description cv-pathfinder-edge2A_Ethernet52.142_vrf_PROD
neighbor 172.17.0.9 remote-as 65000
neighbor 172.17.0.9 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.9 description cv-pathfinder-edge2B_Ethernet52.42_vrf_PROD
+ neighbor 172.17.0.9 description cv-pathfinder-edge2B_Ethernet52.142_vrf_PROD
redistribute connected
!
management api http-commands
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf2B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf2B.cfg
index a8ddf9a9f1e..4ca165e4543 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf2B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/site-ha-enabled-leaf2B.cfg
@@ -17,6 +17,11 @@ vlan 100
vlan 101
name VLAN101
!
+vlan 666
+ name VLAN666
+!
+vrf instance ATTRACTED-VRF-FROM-UPLINK
+!
vrf instance IT
!
vrf instance MGMT
@@ -30,19 +35,27 @@ interface Ethernet1
no switchport
ip address 172.17.0.6/31
!
-interface Ethernet1.42
- description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.42_vrf_PROD
+interface Ethernet1.142
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.6/31
!
-interface Ethernet1.100
- description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.100_vrf_IT
+interface Ethernet1.666
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.6/31
+!
+interface Ethernet1.1000
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.1000_vrf_IT
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.6/31
!
@@ -53,19 +66,27 @@ interface Ethernet2
no switchport
ip address 172.17.0.10/31
!
-interface Ethernet2.42
- description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.42_vrf_PROD
+interface Ethernet2.142
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.142_vrf_PROD
no shutdown
mtu 9214
- encapsulation dot1q vlan 42
+ encapsulation dot1q vlan 142
vrf PROD
ip address 172.17.0.10/31
!
-interface Ethernet2.100
- description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.100_vrf_IT
+interface Ethernet2.666
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.666_vrf_ATTRACTED-VRF-FROM-UPLINK
no shutdown
mtu 9214
- encapsulation dot1q vlan 100
+ encapsulation dot1q vlan 666
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address 172.17.0.10/31
+!
+interface Ethernet2.1000
+ description P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.1000_vrf_IT
+ no shutdown
+ mtu 9214
+ encapsulation dot1q vlan 1000
vrf IT
ip address 172.17.0.10/31
!
@@ -85,19 +106,28 @@ interface Vlan100
vrf PROD
ip address virtual 10.0.100.1/24
!
+interface Vlan666
+ description VLAN666
+ shutdown
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ ip address virtual 10.66.66.66/24
+!
interface Vxlan1
description site-ha-enabled-leaf2B_VTEP
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan vlan 100 vni 1100
vxlan vlan 101 vni 1101
+ vxlan vlan 666 vni 1666
+ vxlan vrf ATTRACTED-VRF-FROM-UPLINK vni 666
vxlan vrf default vni 1
- vxlan vrf IT vni 100
- vxlan vrf PROD vni 42
+ vxlan vrf IT vni 1000
+ vxlan vrf PROD vni 142
!
ip virtual-router mac-address 00:1c:73:00:00:01
!
ip routing
+ip routing vrf ATTRACTED-VRF-FROM-UPLINK
ip routing vrf IT
no ip routing vrf MGMT
ip routing vrf PROD
@@ -144,6 +174,11 @@ router bgp 65199
route-target both 1101:1101
redistribute learned
!
+ vlan 666
+ rd 192.168.45.3:1666
+ route-target both 1666:1666
+ redistribute learned
+ !
address-family evpn
neighbor EVPN-OVERLAY-PEERS activate
!
@@ -151,35 +186,48 @@ router bgp 65199
no neighbor EVPN-OVERLAY-PEERS activate
neighbor IPv4-UNDERLAY-PEERS activate
!
+ vrf ATTRACTED-VRF-FROM-UPLINK
+ rd 192.168.45.3:666
+ route-target import evpn 666:666
+ route-target export evpn 666:666
+ router-id 192.168.45.3
+ neighbor 172.17.0.7 remote-as 65000
+ neighbor 172.17.0.7 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.7 description cv-pathfinder-edge2A_Ethernet53.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ neighbor 172.17.0.11 remote-as 65000
+ neighbor 172.17.0.11 peer group IPv4-UNDERLAY-PEERS
+ neighbor 172.17.0.11 description cv-pathfinder-edge2B_Ethernet53.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ redistribute connected
+ !
vrf default
rd 192.168.45.3:1
route-target import evpn 1:1
route-target export evpn 1:1
!
vrf IT
- rd 192.168.45.3:100
- route-target import evpn 100:100
- route-target export evpn 100:100
+ rd 192.168.45.3:1000
+ route-target import evpn 1000:1000
+ route-target export evpn 1000:1000
router-id 192.168.45.3
neighbor 172.17.0.7 remote-as 65000
neighbor 172.17.0.7 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.7 description cv-pathfinder-edge2A_Ethernet53.100_vrf_IT
+ neighbor 172.17.0.7 description cv-pathfinder-edge2A_Ethernet53.1000_vrf_IT
neighbor 172.17.0.11 remote-as 65000
neighbor 172.17.0.11 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.11 description cv-pathfinder-edge2B_Ethernet53.100_vrf_IT
+ neighbor 172.17.0.11 description cv-pathfinder-edge2B_Ethernet53.1000_vrf_IT
redistribute connected
!
vrf PROD
- rd 192.168.45.3:42
- route-target import evpn 42:42
- route-target export evpn 42:42
+ rd 192.168.45.3:142
+ route-target import evpn 142:142
+ route-target export evpn 142:142
router-id 192.168.45.3
neighbor 172.17.0.7 remote-as 65000
neighbor 172.17.0.7 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.7 description cv-pathfinder-edge2A_Ethernet53.42_vrf_PROD
+ neighbor 172.17.0.7 description cv-pathfinder-edge2A_Ethernet53.142_vrf_PROD
neighbor 172.17.0.11 remote-as 65000
neighbor 172.17.0.11 peer group IPv4-UNDERLAY-PEERS
- neighbor 172.17.0.11 description cv-pathfinder-edge2B_Ethernet53.42_vrf_PROD
+ neighbor 172.17.0.11 description cv-pathfinder-edge2B_Ethernet53.142_vrf_PROD
redistribute connected
!
management api http-commands
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge-no-default-policy.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge-no-default-policy.yml
index feecb7d555e..47c53b9d1e8 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge-no-default-policy.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge-no-default-policy.yml
@@ -205,23 +205,30 @@ router_path_selection:
- 10.7.7.7
ipsec_profile: AUTOVPN
load_balance_policies:
- - name: LB-CONTROL-PLANE-PROFILE
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: LB-CONTROL-PLANE-PROFILE
path_groups:
- name: INET
policies:
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
+ default_match:
+ load_balance: LB-DEFAULT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-WITH-CP
rules:
- id: 10
application_profile: CONTROL-PLANE-APPLICATION-PROFILE
load_balance: LB-CONTROL-PLANE-PROFILE
default_match:
- load_balance: LB-DEFAULT-AVT-POLICY-DEFAULT
+ load_balance: LB-DEFAULT-POLICY-DEFAULT
vrfs:
+ - name: PROD
+ path_selection_policy: DEFAULT-POLICY
+ - name: IT
+ path_selection_policy: DEFAULT-POLICY
- name: default
- path_selection_policy: DEFAULT-AVT-POLICY-WITH-CP
+ path_selection_policy: DEFAULT-POLICY-WITH-CP
stun:
client:
server_profiles:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge.yml
index 85e8d9a0c28..f1da6644c08 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge.yml
@@ -68,20 +68,6 @@ router_bgp:
route_targets:
- '1:1'
- route-map RM-EVPN-EXPORT-VRF-DEFAULT
- - name: IT
- router_id: 192.168.30.1
- rd: 192.168.30.1:100
- route_targets:
- import:
- - address_family: evpn
- route_targets:
- - 100:100
- export:
- - address_family: evpn
- route_targets:
- - 100:100
- redistribute_routes:
- - source_protocol: connected
- name: PROD
router_id: 192.168.30.1
rd: 192.168.30.1:42
@@ -217,43 +203,43 @@ router_path_selection:
- name: LB-CONTROL-PLANE-PROFILE
path_groups:
- name: INET
- - name: LB-PROD-AVT-POLICY-VOICE
+ - name: LB-DEFAULT-AUTOVPN-POLICY-IT
path_groups:
- name: INET
- - name: LB-PROD-AVT-POLICY-VIDEO
+ priority: 2
+ - name: LB-PROD-AUTOVPN-POLICY-VOICE
path_groups:
- name: INET
- - name: LB-PROD-AVT-POLICY-DEFAULT
+ - name: LB-PROD-AUTOVPN-POLICY-VIDEO
path_groups:
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-IT
+ - name: LB-PROD-AUTOVPN-POLICY-DEFAULT
path_groups:
- name: INET
- priority: 2
policies:
- - name: PROD-AVT-POLICY
- rules:
- - id: 10
- application_profile: VOICE
- load_balance: LB-PROD-AVT-POLICY-VOICE
- - id: 20
- application_profile: VIDEO
- load_balance: LB-PROD-AVT-POLICY-VIDEO
- default_match:
- load_balance: LB-PROD-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-AUTOVPN-POLICY-WITH-CP
rules:
- id: 10
application_profile: CONTROL-PLANE-APPLICATION-PROFILE
load_balance: LB-CONTROL-PLANE-PROFILE
- id: 20
application_profile: IT
- load_balance: LB-DEFAULT-AVT-POLICY-IT
+ load_balance: LB-DEFAULT-AUTOVPN-POLICY-IT
+ - name: PROD-AUTOVPN-POLICY
+ rules:
+ - id: 10
+ application_profile: VOICE
+ load_balance: LB-PROD-AUTOVPN-POLICY-VOICE
+ - id: 20
+ application_profile: VIDEO
+ load_balance: LB-PROD-AUTOVPN-POLICY-VIDEO
+ default_match:
+ load_balance: LB-PROD-AUTOVPN-POLICY-DEFAULT
vrfs:
- name: default
- path_selection_policy: DEFAULT-AVT-POLICY-WITH-CP
+ path_selection_policy: DEFAULT-AUTOVPN-POLICY-WITH-CP
- name: PROD
- path_selection_policy: PROD-AVT-POLICY
+ path_selection_policy: PROD-AUTOVPN-POLICY
stun:
client:
server_profiles:
@@ -263,9 +249,9 @@ stun:
ip_address: 10.8.8.8
application_traffic_recognition:
application_profiles:
+ - name: IT
- name: VOICE
- name: VIDEO
- - name: IT
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
@@ -293,7 +279,5 @@ vxlan_interface:
vrfs:
- name: default
vni: 1
- - name: IT
- vni: 100
- name: PROD
vni: 42
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr1.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr1.yml
index c22906e19b1..e49f8ff3486 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr1.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr1.yml
@@ -185,53 +185,53 @@ router_path_selection:
- name: LB-CONTROL-PLANE-PROFILE
path_groups:
- name: INET
- - name: LB-PROD-AVT-POLICY-VOICE
+ - name: LB-DEFAULT-AUTOVPN-POLICY-IT
path_groups:
+ - name: MPLS
- name: INET
- - name: LB-PROD-AVT-POLICY-VIDEO
+ priority: 2
+ - name: LB-PROD-AUTOVPN-POLICY-VOICE
path_groups:
- name: INET
- - name: LB-PROD-AVT-POLICY-DEFAULT
+ - name: LB-PROD-AUTOVPN-POLICY-VIDEO
path_groups:
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-IT
+ - name: LB-PROD-AUTOVPN-POLICY-DEFAULT
path_groups:
- - name: MPLS
- name: INET
- priority: 2
policies:
- - name: PROD-AVT-POLICY
- rules:
- - id: 10
- application_profile: VOICE
- load_balance: LB-PROD-AVT-POLICY-VOICE
- - id: 20
- application_profile: VIDEO
- load_balance: LB-PROD-AVT-POLICY-VIDEO
- default_match:
- load_balance: LB-PROD-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-AUTOVPN-POLICY-WITH-CP
rules:
- id: 10
application_profile: CONTROL-PLANE-APPLICATION-PROFILE
load_balance: LB-CONTROL-PLANE-PROFILE
- id: 20
application_profile: IT
- load_balance: LB-DEFAULT-AVT-POLICY-IT
+ load_balance: LB-DEFAULT-AUTOVPN-POLICY-IT
+ - name: PROD-AUTOVPN-POLICY
+ rules:
+ - id: 10
+ application_profile: VOICE
+ load_balance: LB-PROD-AUTOVPN-POLICY-VOICE
+ - id: 20
+ application_profile: VIDEO
+ load_balance: LB-PROD-AUTOVPN-POLICY-VIDEO
+ default_match:
+ load_balance: LB-PROD-AUTOVPN-POLICY-DEFAULT
vrfs:
- name: default
- path_selection_policy: DEFAULT-AVT-POLICY-WITH-CP
+ path_selection_policy: DEFAULT-AUTOVPN-POLICY-WITH-CP
- name: PROD
- path_selection_policy: PROD-AVT-POLICY
+ path_selection_policy: PROD-AUTOVPN-POLICY
stun:
server:
local_interfaces:
- Ethernet1
application_traffic_recognition:
application_profiles:
+ - name: IT
- name: VOICE
- name: VIDEO
- - name: IT
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr2.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr2.yml
index 371e69060b1..78b3933f14f 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr2.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr2.yml
@@ -187,53 +187,53 @@ router_path_selection:
- name: LB-CONTROL-PLANE-PROFILE
path_groups:
- name: INET
- - name: LB-PROD-AVT-POLICY-VOICE
+ - name: LB-DEFAULT-AUTOVPN-POLICY-IT
path_groups:
+ - name: MPLS
- name: INET
- - name: LB-PROD-AVT-POLICY-VIDEO
+ priority: 2
+ - name: LB-PROD-AUTOVPN-POLICY-VOICE
path_groups:
- name: INET
- - name: LB-PROD-AVT-POLICY-DEFAULT
+ - name: LB-PROD-AUTOVPN-POLICY-VIDEO
path_groups:
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-IT
+ - name: LB-PROD-AUTOVPN-POLICY-DEFAULT
path_groups:
- - name: MPLS
- name: INET
- priority: 2
policies:
- - name: PROD-AVT-POLICY
- rules:
- - id: 10
- application_profile: VOICE
- load_balance: LB-PROD-AVT-POLICY-VOICE
- - id: 20
- application_profile: VIDEO
- load_balance: LB-PROD-AVT-POLICY-VIDEO
- default_match:
- load_balance: LB-PROD-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-AUTOVPN-POLICY-WITH-CP
rules:
- id: 10
application_profile: CONTROL-PLANE-APPLICATION-PROFILE
load_balance: LB-CONTROL-PLANE-PROFILE
- id: 20
application_profile: IT
- load_balance: LB-DEFAULT-AVT-POLICY-IT
+ load_balance: LB-DEFAULT-AUTOVPN-POLICY-IT
+ - name: PROD-AUTOVPN-POLICY
+ rules:
+ - id: 10
+ application_profile: VOICE
+ load_balance: LB-PROD-AUTOVPN-POLICY-VOICE
+ - id: 20
+ application_profile: VIDEO
+ load_balance: LB-PROD-AUTOVPN-POLICY-VIDEO
+ default_match:
+ load_balance: LB-PROD-AUTOVPN-POLICY-DEFAULT
vrfs:
- name: default
- path_selection_policy: DEFAULT-AVT-POLICY-WITH-CP
+ path_selection_policy: DEFAULT-AUTOVPN-POLICY-WITH-CP
- name: PROD
- path_selection_policy: PROD-AVT-POLICY
+ path_selection_policy: PROD-AUTOVPN-POLICY
stun:
server:
local_interfaces:
- Ethernet1
application_traffic_recognition:
application_profiles:
+ - name: IT
- name: VOICE
- name: VIDEO
- - name: IT
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-custom-default-policy.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-custom-default-policy.yml
new file mode 100644
index 00000000000..c6a064feb26
--- /dev/null
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-custom-default-policy.yml
@@ -0,0 +1,437 @@
+hostname: cv-pathfinder-edge-custom-default-policy
+is_deployed: true
+router_bgp:
+ as: '65000'
+ router_id: 192.168.42.1
+ bgp:
+ default:
+ ipv4_unicast: false
+ maximum_paths:
+ paths: 16
+ updates:
+ wait_install: true
+ redistribute_routes:
+ - source_protocol: connected
+ route_map: RM-CONN-2-BGP
+ peer_groups:
+ - name: WAN-OVERLAY-PEERS
+ type: wan
+ update_source: Dps1
+ bfd: true
+ password: htm4AZe9mIQOO1uiMuGgYQ==
+ send_community: all
+ maximum_routes: 0
+ remote_as: '65000'
+ ttl_maximum_hops: 42
+ bfd_timers:
+ interval: 1000
+ min_rx: 1000
+ multiplier: 10
+ address_family_evpn:
+ peer_groups:
+ - name: WAN-OVERLAY-PEERS
+ activate: true
+ route_map_in: RM-EVPN-SOO-IN
+ route_map_out: RM-EVPN-SOO-OUT
+ address_family_ipv4:
+ peer_groups:
+ - name: WAN-OVERLAY-PEERS
+ activate: false
+ address_family_ipv4_sr_te:
+ peer_groups:
+ - name: WAN-OVERLAY-PEERS
+ activate: true
+ address_family_link_state:
+ peer_groups:
+ - name: WAN-OVERLAY-PEERS
+ activate: true
+ path_selection:
+ roles:
+ producer: true
+ address_family_path_selection:
+ peer_groups:
+ - name: WAN-OVERLAY-PEERS
+ activate: true
+ bgp:
+ additional_paths:
+ receive: true
+ send:
+ any: true
+ neighbors:
+ - ip_address: 192.168.144.1
+ peer_group: WAN-OVERLAY-PEERS
+ peer: cv-pathfinder-pathfinder
+ description: cv-pathfinder-pathfinder
+ vrfs:
+ - name: default
+ rd: 192.168.42.1:1
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - '1:1'
+ export:
+ - address_family: evpn
+ route_targets:
+ - '1:1'
+ - route-map RM-EVPN-EXPORT-VRF-DEFAULT
+ - name: PROD
+ router_id: 192.168.42.1
+ rd: 192.168.42.1:42
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - '42:42'
+ export:
+ - address_family: evpn
+ route_targets:
+ - '42:42'
+ redistribute_routes:
+ - source_protocol: connected
+service_routing_protocols_model: multi-agent
+ip_routing: true
+transceiver_qsfp_default_mode_4x10: false
+spanning_tree:
+ mode: none
+vrfs:
+- name: MGMT
+ ip_routing: false
+- name: PROD
+ tenant: TenantA
+ ip_routing: true
+management_api_http:
+ enable_vrfs:
+ - name: MGMT
+ enable_https: true
+ethernet_interfaces:
+- name: Ethernet1
+ peer_type: l3_interface
+ ip_address: dhcp
+ shutdown: false
+ type: routed
+ dhcp_client_accept_default_route: true
+ flow_tracker:
+ hardware: WAN-FLOW-TRACKER
+- name: Ethernet2
+ peer_type: l3_interface
+ ip_address: 172.15.5.5/31
+ shutdown: false
+ type: routed
+ flow_tracker:
+ hardware: WAN-FLOW-TRACKER
+- name: Ethernet3
+ peer_type: l3_interface
+ ip_address: 172.20.20.20/31
+ shutdown: false
+ type: routed
+ flow_tracker:
+ hardware: WAN-FLOW-TRACKER
+loopback_interfaces:
+- name: Loopback0
+ description: Router_ID
+ shutdown: false
+ ip_address: 192.168.42.1/32
+prefix_lists:
+- name: PL-LOOPBACKS-EVPN-OVERLAY
+ sequence_numbers:
+ - sequence: 10
+ action: permit 192.168.42.0/24 eq 32
+route_maps:
+- name: RM-CONN-2-BGP
+ sequence_numbers:
+ - sequence: 10
+ type: permit
+ match:
+ - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+ set:
+ - extcommunity soo 192.168.42.1:1 additive
+- name: RM-EVPN-SOO-IN
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - extcommunity ECL-EVPN-SOO
+ - sequence: 20
+ type: permit
+- name: RM-EVPN-SOO-OUT
+ sequence_numbers:
+ - sequence: 10
+ type: permit
+ set:
+ - extcommunity soo 192.168.42.1:1 additive
+- name: RM-EVPN-EXPORT-VRF-DEFAULT
+ sequence_numbers:
+ - sequence: 10
+ type: permit
+ match:
+ - extcommunity ECL-EVPN-SOO
+flow_tracking:
+ hardware:
+ trackers:
+ - name: WAN-FLOW-TRACKER
+ record_export:
+ on_inactive_timeout: 70000
+ on_interval: 5000
+ exporters:
+ - name: DPI-EXPORTER
+ collector:
+ host: 127.0.0.1
+ local_interface: Loopback0
+ template_interval: 5000
+ shutdown: false
+ip_extcommunity_lists:
+- name: ECL-EVPN-SOO
+ entries:
+ - type: permit
+ extcommunities: soo 192.168.42.1:1
+ip_security:
+ ike_policies:
+ - name: CP-IKE-POLICY
+ local_id: 192.168.255.1
+ sa_policies:
+ - name: DP-SA-POLICY
+ esp:
+ encryption: aes256gcm128
+ pfs_dh_group: 14
+ - name: CP-SA-POLICY
+ esp:
+ encryption: aes256gcm128
+ pfs_dh_group: 14
+ profiles:
+ - name: DP-PROFILE
+ sa_policy: DP-SA-POLICY
+ connection: start
+ shared_key: ABCDEF1234567890666
+ dpd:
+ interval: 10
+ time: 50
+ action: clear
+ mode: transport
+ - name: CP-PROFILE
+ ike_policy: CP-IKE-POLICY
+ sa_policy: CP-SA-POLICY
+ connection: start
+ shared_key: ABCDEF1234567890
+ dpd:
+ interval: 10
+ time: 50
+ action: clear
+ mode: transport
+ key_controller:
+ profile: DP-PROFILE
+router_adaptive_virtual_topology:
+ topology_role: edge
+ region:
+ name: AVD_Land_West
+ id: 42
+ zone:
+ name: DEFAULT-ZONE
+ id: 1
+ site:
+ name: Site1
+ id: 1
+ profiles:
+ - name: CONTROL-PLANE-PROFILE
+ load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-POLICY-VIDEO
+ load_balance_policy: LB-DEFAULT-POLICY-VIDEO
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
+ vrfs:
+ - name: default
+ policy: DEFAULT-POLICY-WITH-CP
+ profiles:
+ - name: CONTROL-PLANE-PROFILE
+ id: 254
+ - name: DEFAULT-POLICY-VIDEO
+ id: 3
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
+ - name: PROD
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-VIDEO
+ id: 3
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
+ policies:
+ - name: DEFAULT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY
+ matches:
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-POLICY-DEFAULT
+router_bfd:
+ multihop:
+ interval: 300
+ min_rx: 300
+ multiplier: 3
+router_path_selection:
+ tcp_mss_ceiling:
+ ipv4_segment_size: auto
+ path_groups:
+ - name: INET
+ id: 101
+ local_interfaces:
+ - name: Ethernet1
+ stun:
+ server_profiles:
+ - INET-cv-pathfinder-pathfinder-Ethernet1
+ - INET-cv-pathfinder-pathfinder-Ethernet3
+ dynamic_peers:
+ enabled: true
+ static_peers:
+ - router_ip: 192.168.144.1
+ name: cv-pathfinder-pathfinder
+ ipv4_addresses:
+ - 10.7.7.7
+ - 10.9.9.9
+ ipsec_profile: CP-PROFILE
+ - name: MPLS
+ id: 100
+ local_interfaces:
+ - name: Ethernet2
+ stun:
+ server_profiles:
+ - MPLS-cv-pathfinder-pathfinder-Ethernet2
+ dynamic_peers:
+ enabled: true
+ static_peers:
+ - router_ip: 192.168.144.1
+ name: cv-pathfinder-pathfinder
+ ipv4_addresses:
+ - 172.16.0.1
+ - name: LTE
+ id: 102
+ local_interfaces:
+ - name: Ethernet3
+ dynamic_peers:
+ enabled: true
+ ipsec_profile: CP-PROFILE
+ load_balance_policies:
+ - name: LB-CONTROL-PLANE-PROFILE
+ path_groups:
+ - name: INET
+ - name: MPLS
+ - name: LB-DEFAULT-POLICY-VIDEO
+ path_groups:
+ - name: MPLS
+ - name: INET
+ - name: LB-DEFAULT-POLICY-DEFAULT
+ path_groups:
+ - name: INET
+ - name: LTE
+ priority: 42
+router_traffic_engineering:
+ enabled: true
+stun:
+ client:
+ server_profiles:
+ - name: INET-cv-pathfinder-pathfinder-Ethernet1
+ ip_address: 10.7.7.7
+ - name: INET-cv-pathfinder-pathfinder-Ethernet3
+ ip_address: 10.9.9.9
+ - name: MPLS-cv-pathfinder-pathfinder-Ethernet2
+ ip_address: 172.16.0.1
+application_traffic_recognition:
+ application_profiles:
+ - name: VIDEO
+ applications:
+ - name: CUSTOM-APPLICATION-1
+ - name: skype
+ - name: CONTROL-PLANE-APPLICATION-PROFILE
+ applications:
+ - name: CONTROL-PLANE-APPLICATION
+ applications:
+ ipv4_applications:
+ - name: CONTROL-PLANE-APPLICATION
+ dest_prefix_set_name: CONTROL-PLANE-APP-DEST-PREFIXES
+ field_sets:
+ ipv4_prefixes:
+ - name: CONTROL-PLANE-APP-DEST-PREFIXES
+ prefix_values:
+ - 192.168.144.1/32
+dps_interfaces:
+- name: Dps1
+ description: DPS Interface
+ mtu: 9214
+ ip_address: 192.168.255.1/32
+ flow_tracker:
+ hardware: WAN-FLOW-TRACKER
+vxlan_interface:
+ Vxlan1:
+ description: cv-pathfinder-edge-custom-default-policy_VTEP
+ vxlan:
+ udp_port: 4789
+ source_interface: Dps1
+ vrfs:
+ - name: default
+ vni: 1
+ - name: PROD
+ vni: 42
+metadata:
+ cv_tags:
+ device_tags:
+ - name: Role
+ value: edge
+ - name: Region
+ value: AVD_Land_West
+ - name: Zone
+ value: DEFAULT-ZONE
+ - name: Site
+ value: Site1
+ interface_tags:
+ - interface: Ethernet1
+ tags:
+ - name: Type
+ value: wan
+ - name: Carrier
+ value: ATT
+ - name: Circuit
+ value: '666'
+ - interface: Ethernet2
+ tags:
+ - name: Type
+ value: wan
+ - name: Carrier
+ value: Colt
+ - name: Circuit
+ value: '10555'
+ - interface: Ethernet3
+ tags:
+ - name: Type
+ value: wan
+ - name: Carrier
+ value: Comcast-5G
+ - name: Circuit
+ value: AF830
+ cv_pathfinder:
+ role: edge
+ vtep_ip: 192.168.255.1
+ region: AVD_Land_West
+ zone: DEFAULT-ZONE
+ site: Site1
+ interfaces:
+ - name: Ethernet1
+ carrier: ATT
+ circuit_id: '666'
+ pathgroup: INET
+ - name: Ethernet2
+ carrier: Colt
+ circuit_id: '10555'
+ pathgroup: MPLS
+ - name: Ethernet3
+ carrier: Comcast-5G
+ circuit_id: AF830
+ pathgroup: LTE
+ pathfinders:
+ - vtep_ip: 192.168.144.1
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-no-common-path-group.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-no-common-path-group.yml
index 7fae06ff44c..14e64f1b64e 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-no-common-path-group.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-no-common-path-group.yml
@@ -48,17 +48,17 @@ router_bgp:
- ip_address: 172.17.0.2
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-disabled-leaf_Ethernet2.100_vrf_IT
- rd: 192.168.42.2:100
+ description: site-ha-disabled-leaf_Ethernet2.1000_vrf_IT
+ rd: 192.168.42.2:1000
route_targets:
import:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
export:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
redistribute_routes:
- source_protocol: connected
- name: PROD
@@ -67,17 +67,36 @@ router_bgp:
- ip_address: 172.17.0.2
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-disabled-leaf_Ethernet2.42_vrf_PROD
- rd: 192.168.42.2:42
+ description: site-ha-disabled-leaf_Ethernet2.142_vrf_PROD
+ rd: 192.168.42.2:142
route_targets:
import:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
export:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
+ redistribute_routes:
+ - source_protocol: connected
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ router_id: 192.168.42.2
+ neighbors:
+ - ip_address: 172.17.0.2
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65199'
+ description: site-ha-disabled-leaf_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ rd: 192.168.42.2:666
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - 666:666
+ export:
+ - address_family: evpn
+ route_targets:
+ - 666:666
redistribute_routes:
- source_protocol: connected
- name: default
@@ -132,6 +151,9 @@ vrfs:
- name: PROD
tenant: TenantA
ip_routing: true
+- name: ATTRACTED-VRF-FROM-UPLINK
+ tenant: TenantC
+ ip_routing: true
management_api_http:
enable_vrfs:
- name: MGMT
@@ -148,26 +170,37 @@ ethernet_interfaces:
ip_address: 172.17.0.3/31
flow_tracker:
hardware: WAN-FLOW-TRACKER
-- name: Ethernet52.100
+- name: Ethernet52.1000
peer: site-ha-disabled-leaf
- peer_interface: Ethernet2.100
+ peer_interface: Ethernet2.1000
peer_type: l3leaf
vrf: IT
- description: P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet2.100_vrf_IT
+ description: P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet2.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.3/31
-- name: Ethernet52.42
+- name: Ethernet52.142
peer: site-ha-disabled-leaf
- peer_interface: Ethernet2.42
+ peer_interface: Ethernet2.142
peer_type: l3leaf
vrf: PROD
- description: P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet2.42_vrf_PROD
+ description: P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet2.142_vrf_PROD
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.3/31
+- name: Ethernet52.666
+ peer: site-ha-disabled-leaf
+ peer_interface: Ethernet2.666
+ peer_type: l3leaf
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.3/31
- name: Ethernet1
@@ -310,16 +343,18 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-AVT-POLICY-VIDEO
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: DEFAULT-AVT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY-VOICE
load_balance_policy: LB-PROD-AVT-POLICY-VOICE
- name: PROD-AVT-POLICY-VIDEO
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-VIDEO
- load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
- - name: DEFAULT-AVT-POLICY-DEFAULT
- load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -346,7 +381,20 @@ router_adaptive_virtual_topology:
id: 3
- name: DEFAULT-AVT-POLICY-DEFAULT
id: 1
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-AVT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY
matches:
- application_profile: VOICE
@@ -361,14 +409,10 @@ router_adaptive_virtual_topology:
avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
matches:
- - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- avt_profile: CONTROL-PLANE-PROFILE
- - application_profile: VIDEO
- avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -389,26 +433,29 @@ router_path_selection:
- name: LB-CONTROL-PLANE-PROFILE
path_groups:
- name: Satellite
+ - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: LB-DEFAULT-AVT-POLICY-DEFAULT
- name: LB-PROD-AVT-POLICY-VOICE
jitter: 42
- name: LB-PROD-AVT-POLICY-VIDEO
loss_rate: '42.0'
- name: LB-PROD-AVT-POLICY-DEFAULT
- - name: LB-DEFAULT-AVT-POLICY-VIDEO
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: LB-DEFAULT-POLICY-DEFAULT
+ path_groups:
+ - name: Satellite
router_traffic_engineering:
enabled: true
application_traffic_recognition:
application_profiles:
- - name: VOICE
- applications:
- - name: CUSTOM-VOICE-APPLICATION
- name: VIDEO
categories:
- name: VIDEO1
applications:
- name: CUSTOM-APPLICATION-1
- name: skype
+ - name: VOICE
+ applications:
+ - name: CUSTOM-VOICE-APPLICATION
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
@@ -468,6 +515,8 @@ vxlan_interface:
vni: 100
- name: PROD
vni: 42
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 166
metadata:
cv_tags:
device_tags:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-no-default-policy.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-no-default-policy.yml
index b60456a0aac..9d5f17db50e 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-no-default-policy.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge-no-default-policy.yml
@@ -251,23 +251,37 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
- - name: DEFAULT-AVT-POLICY-DEFAULT
- load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
+ - name: PROD
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
+ - name: IT
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
- name: default
- policy: DEFAULT-AVT-POLICY-WITH-CP
+ policy: DEFAULT-POLICY-WITH-CP
profiles:
- name: CONTROL-PLANE-PROFILE
id: 254
- - name: DEFAULT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
id: 1
policies:
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
+ matches:
+ - application_profile: default
+ avt_profile: DEFAULT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-WITH-CP
matches:
- application_profile: CONTROL-PLANE-APPLICATION-PROFILE
avt_profile: CONTROL-PLANE-PROFILE
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -316,15 +330,15 @@ router_path_selection:
enabled: true
ipsec_profile: CP-PROFILE
load_balance_policies:
- - name: LB-CONTROL-PLANE-PROFILE
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: INET
- name: MPLS
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: LTE
+ - name: LB-CONTROL-PLANE-PROFILE
path_groups:
- name: INET
- name: MPLS
- - name: LTE
router_traffic_engineering:
enabled: true
stun:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge.yml
index 1d9500b6d8e..94ddc4908c5 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge.yml
@@ -58,17 +58,17 @@ router_bgp:
- ip_address: 172.17.0.0
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-disabled-leaf_Ethernet1.100_vrf_IT
- rd: 192.168.42.1:100
+ description: site-ha-disabled-leaf_Ethernet1.1000_vrf_IT
+ rd: 192.168.42.1:1000
route_targets:
import:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
export:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
redistribute_routes:
- source_protocol: connected
- name: PROD
@@ -77,17 +77,36 @@ router_bgp:
- ip_address: 172.17.0.0
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-disabled-leaf_Ethernet1.42_vrf_PROD
- rd: 192.168.42.1:42
+ description: site-ha-disabled-leaf_Ethernet1.142_vrf_PROD
+ rd: 192.168.42.1:142
route_targets:
import:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
export:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
+ redistribute_routes:
+ - source_protocol: connected
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ router_id: 192.168.42.1
+ neighbors:
+ - ip_address: 172.17.0.0
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65199'
+ description: site-ha-disabled-leaf_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ rd: 192.168.42.1:666
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - 666:666
+ export:
+ - address_family: evpn
+ route_targets:
+ - 666:666
redistribute_routes:
- source_protocol: connected
- name: default
@@ -142,6 +161,9 @@ vrfs:
- name: PROD
tenant: TenantA
ip_routing: true
+- name: ATTRACTED-VRF-FROM-UPLINK
+ tenant: TenantC
+ ip_routing: true
management_api_http:
enable_vrfs:
- name: MGMT
@@ -158,26 +180,37 @@ ethernet_interfaces:
ip_address: 172.17.0.1/31
flow_tracker:
hardware: WAN-FLOW-TRACKER
-- name: Ethernet52.100
+- name: Ethernet52.1000
peer: site-ha-disabled-leaf
- peer_interface: Ethernet1.100
+ peer_interface: Ethernet1.1000
peer_type: l3leaf
vrf: IT
- description: P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet1.100_vrf_IT
+ description: P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet1.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.1/31
-- name: Ethernet52.42
+- name: Ethernet52.142
peer: site-ha-disabled-leaf
- peer_interface: Ethernet1.42
+ peer_interface: Ethernet1.142
peer_type: l3leaf
vrf: PROD
- description: P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet1.42_vrf_PROD
+ description: P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet1.142_vrf_PROD
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.1/31
+- name: Ethernet52.666
+ peer: site-ha-disabled-leaf
+ peer_interface: Ethernet1.666
+ peer_type: l3leaf
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_SITE-HA-DISABLED-LEAF_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.1/31
- name: Ethernet1
@@ -352,16 +385,18 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-AVT-POLICY-VIDEO
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: DEFAULT-AVT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY-VOICE
load_balance_policy: LB-PROD-AVT-POLICY-VOICE
- name: PROD-AVT-POLICY-VIDEO
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-VIDEO
- load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
- - name: DEFAULT-AVT-POLICY-DEFAULT
- load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -388,7 +423,20 @@ router_adaptive_virtual_topology:
id: 3
- name: DEFAULT-AVT-POLICY-DEFAULT
id: 1
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-AVT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY
matches:
- application_profile: VOICE
@@ -403,14 +451,10 @@ router_adaptive_virtual_topology:
avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
matches:
- - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- avt_profile: CONTROL-PLANE-PROFILE
- - application_profile: VIDEO
- avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -463,6 +507,15 @@ router_path_selection:
path_groups:
- name: INET
- name: MPLS
+ - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ path_groups:
+ - name: MPLS
+ - name: INET
+ - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ path_groups:
+ - name: INET
+ - name: MPLS
+ priority: 42
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: MPLS
@@ -481,15 +534,11 @@ router_path_selection:
- name: INET
- name: MPLS
priority: 2
- - name: LB-DEFAULT-AVT-POLICY-VIDEO
- path_groups:
- - name: MPLS
- - name: INET
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: INET
- name: MPLS
- priority: 42
+ - name: LTE
router_traffic_engineering:
enabled: true
stun:
@@ -503,15 +552,15 @@ stun:
ip_address: 172.16.0.1
application_traffic_recognition:
application_profiles:
- - name: VOICE
- applications:
- - name: CUSTOM-VOICE-APPLICATION
- name: VIDEO
categories:
- name: VIDEO1
applications:
- name: CUSTOM-APPLICATION-1
- name: skype
+ - name: VOICE
+ applications:
+ - name: CUSTOM-VOICE-APPLICATION
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
@@ -573,6 +622,8 @@ vxlan_interface:
vni: 100
- name: PROD
vni: 42
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 166
metadata:
cv_tags:
device_tags:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2A.yml
index 5964d9e5808..d6c77815158 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2A.yml
@@ -64,21 +64,21 @@ router_bgp:
- ip_address: 172.17.0.4
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf2A_Ethernet1.100_vrf_IT
+ description: site-ha-enabled-leaf2A_Ethernet1.1000_vrf_IT
- ip_address: 172.17.0.6
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf2B_Ethernet1.100_vrf_IT
- rd: 192.168.42.2:100
+ description: site-ha-enabled-leaf2B_Ethernet1.1000_vrf_IT
+ rd: 192.168.42.2:1000
route_targets:
import:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
export:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
redistribute_routes:
- source_protocol: connected
- name: PROD
@@ -87,21 +87,44 @@ router_bgp:
- ip_address: 172.17.0.4
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf2A_Ethernet1.42_vrf_PROD
+ description: site-ha-enabled-leaf2A_Ethernet1.142_vrf_PROD
- ip_address: 172.17.0.6
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf2B_Ethernet1.42_vrf_PROD
- rd: 192.168.42.2:42
+ description: site-ha-enabled-leaf2B_Ethernet1.142_vrf_PROD
+ rd: 192.168.42.2:142
route_targets:
import:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
export:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
+ redistribute_routes:
+ - source_protocol: connected
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ router_id: 192.168.42.2
+ neighbors:
+ - ip_address: 172.17.0.4
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65199'
+ description: site-ha-enabled-leaf2A_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ - ip_address: 172.17.0.6
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65199'
+ description: site-ha-enabled-leaf2B_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ rd: 192.168.42.2:666
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - 666:666
+ export:
+ - address_family: evpn
+ route_targets:
+ - 666:666
redistribute_routes:
- source_protocol: connected
- name: default
@@ -156,6 +179,9 @@ vrfs:
- name: PROD
tenant: TenantA
ip_routing: true
+- name: ATTRACTED-VRF-FROM-UPLINK
+ tenant: TenantC
+ ip_routing: true
management_api_http:
enable_vrfs:
- name: MGMT
@@ -172,26 +198,37 @@ ethernet_interfaces:
ip_address: 172.17.0.5/31
flow_tracker:
hardware: WAN-FLOW-TRACKER
-- name: Ethernet52.100
+- name: Ethernet52.1000
peer: site-ha-enabled-leaf2A
- peer_interface: Ethernet1.100
+ peer_interface: Ethernet1.1000
peer_type: l3leaf
vrf: IT
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.100_vrf_IT
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.5/31
-- name: Ethernet52.42
+- name: Ethernet52.142
peer: site-ha-enabled-leaf2A
- peer_interface: Ethernet1.42
+ peer_interface: Ethernet1.142
peer_type: l3leaf
vrf: PROD
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.42_vrf_PROD
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.142_vrf_PROD
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.5/31
+- name: Ethernet52.666
+ peer: site-ha-enabled-leaf2A
+ peer_interface: Ethernet1.666
+ peer_type: l3leaf
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.5/31
- name: Ethernet53
@@ -205,26 +242,37 @@ ethernet_interfaces:
ip_address: 172.17.0.7/31
flow_tracker:
hardware: WAN-FLOW-TRACKER
-- name: Ethernet53.100
+- name: Ethernet53.1000
peer: site-ha-enabled-leaf2B
- peer_interface: Ethernet1.100
+ peer_interface: Ethernet1.1000
peer_type: l3leaf
vrf: IT
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.100_vrf_IT
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.7/31
-- name: Ethernet53.42
+- name: Ethernet53.142
peer: site-ha-enabled-leaf2B
- peer_interface: Ethernet1.42
+ peer_interface: Ethernet1.142
peer_type: l3leaf
vrf: PROD
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.42_vrf_PROD
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.142_vrf_PROD
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.7/31
+- name: Ethernet53.666
+ peer: site-ha-enabled-leaf2B
+ peer_interface: Ethernet1.666
+ peer_type: l3leaf
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.7/31
- name: Ethernet1
@@ -410,16 +458,18 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-AVT-POLICY-VIDEO
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: DEFAULT-AVT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY-VOICE
load_balance_policy: LB-PROD-AVT-POLICY-VOICE
- name: PROD-AVT-POLICY-VIDEO
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-VIDEO
- load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
- - name: DEFAULT-AVT-POLICY-DEFAULT
- load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -446,7 +496,20 @@ router_adaptive_virtual_topology:
id: 3
- name: DEFAULT-AVT-POLICY-DEFAULT
id: 1
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-AVT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY
matches:
- application_profile: VOICE
@@ -461,14 +524,10 @@ router_adaptive_virtual_topology:
avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
matches:
- - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- avt_profile: CONTROL-PLANE-PROFILE
- - application_profile: VIDEO
- avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -513,6 +572,14 @@ router_path_selection:
path_groups:
- name: LAN_HA
- name: INET
+ - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ path_groups:
+ - name: LAN_HA
+ - name: INET
+ - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ path_groups:
+ - name: LAN_HA
+ - name: INET
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
@@ -529,11 +596,7 @@ router_path_selection:
path_groups:
- name: LAN_HA
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-VIDEO
- path_groups:
- - name: LAN_HA
- - name: INET
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
@@ -548,15 +611,15 @@ stun:
ip_address: 10.9.9.9
application_traffic_recognition:
application_profiles:
- - name: VOICE
- applications:
- - name: CUSTOM-VOICE-APPLICATION
- name: VIDEO
categories:
- name: VIDEO1
applications:
- name: CUSTOM-APPLICATION-1
- name: skype
+ - name: VOICE
+ applications:
+ - name: CUSTOM-VOICE-APPLICATION
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
@@ -618,6 +681,8 @@ vxlan_interface:
vni: 100
- name: PROD
vni: 42
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 166
metadata:
cv_tags:
device_tags:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2B.yml
index 91d5f58f05d..40e433908c5 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2B.yml
@@ -64,21 +64,21 @@ router_bgp:
- ip_address: 172.17.0.8
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf2A_Ethernet2.100_vrf_IT
+ description: site-ha-enabled-leaf2A_Ethernet2.1000_vrf_IT
- ip_address: 172.17.0.10
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf2B_Ethernet2.100_vrf_IT
- rd: 192.168.42.3:100
+ description: site-ha-enabled-leaf2B_Ethernet2.1000_vrf_IT
+ rd: 192.168.42.3:1000
route_targets:
import:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
export:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
redistribute_routes:
- source_protocol: connected
- name: PROD
@@ -87,21 +87,44 @@ router_bgp:
- ip_address: 172.17.0.8
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf2A_Ethernet2.42_vrf_PROD
+ description: site-ha-enabled-leaf2A_Ethernet2.142_vrf_PROD
- ip_address: 172.17.0.10
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf2B_Ethernet2.42_vrf_PROD
- rd: 192.168.42.3:42
+ description: site-ha-enabled-leaf2B_Ethernet2.142_vrf_PROD
+ rd: 192.168.42.3:142
route_targets:
import:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
export:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
+ redistribute_routes:
+ - source_protocol: connected
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ router_id: 192.168.42.3
+ neighbors:
+ - ip_address: 172.17.0.8
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65199'
+ description: site-ha-enabled-leaf2A_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ - ip_address: 172.17.0.10
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65199'
+ description: site-ha-enabled-leaf2B_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ rd: 192.168.42.3:666
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - 666:666
+ export:
+ - address_family: evpn
+ route_targets:
+ - 666:666
redistribute_routes:
- source_protocol: connected
- name: default
@@ -156,6 +179,9 @@ vrfs:
- name: PROD
tenant: TenantA
ip_routing: true
+- name: ATTRACTED-VRF-FROM-UPLINK
+ tenant: TenantC
+ ip_routing: true
management_api_http:
enable_vrfs:
- name: MGMT
@@ -172,26 +198,37 @@ ethernet_interfaces:
ip_address: 172.17.0.9/31
flow_tracker:
hardware: WAN-FLOW-TRACKER
-- name: Ethernet52.100
+- name: Ethernet52.1000
peer: site-ha-enabled-leaf2A
- peer_interface: Ethernet2.100
+ peer_interface: Ethernet2.1000
peer_type: l3leaf
vrf: IT
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.100_vrf_IT
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.9/31
-- name: Ethernet52.42
+- name: Ethernet52.142
peer: site-ha-enabled-leaf2A
- peer_interface: Ethernet2.42
+ peer_interface: Ethernet2.142
peer_type: l3leaf
vrf: PROD
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.42_vrf_PROD
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.142_vrf_PROD
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.9/31
+- name: Ethernet52.666
+ peer: site-ha-enabled-leaf2A
+ peer_interface: Ethernet2.666
+ peer_type: l3leaf
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2A_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.9/31
- name: Ethernet53
@@ -205,26 +242,37 @@ ethernet_interfaces:
ip_address: 172.17.0.11/31
flow_tracker:
hardware: WAN-FLOW-TRACKER
-- name: Ethernet53.100
+- name: Ethernet53.1000
peer: site-ha-enabled-leaf2B
- peer_interface: Ethernet2.100
+ peer_interface: Ethernet2.1000
peer_type: l3leaf
vrf: IT
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.100_vrf_IT
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.11/31
-- name: Ethernet53.42
+- name: Ethernet53.142
peer: site-ha-enabled-leaf2B
- peer_interface: Ethernet2.42
+ peer_interface: Ethernet2.142
peer_type: l3leaf
vrf: PROD
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.42_vrf_PROD
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.142_vrf_PROD
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.11/31
+- name: Ethernet53.666
+ peer: site-ha-enabled-leaf2B
+ peer_interface: Ethernet2.666
+ peer_type: l3leaf
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF2B_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.11/31
- name: Ethernet2
@@ -409,16 +457,18 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-AVT-POLICY-VIDEO
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: DEFAULT-AVT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY-VOICE
load_balance_policy: LB-PROD-AVT-POLICY-VOICE
- name: PROD-AVT-POLICY-VIDEO
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-VIDEO
- load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
- - name: DEFAULT-AVT-POLICY-DEFAULT
- load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -445,7 +495,20 @@ router_adaptive_virtual_topology:
id: 3
- name: DEFAULT-AVT-POLICY-DEFAULT
id: 1
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-AVT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY
matches:
- application_profile: VOICE
@@ -460,14 +523,10 @@ router_adaptive_virtual_topology:
avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
matches:
- - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- avt_profile: CONTROL-PLANE-PROFILE
- - application_profile: VIDEO
- avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -509,6 +568,15 @@ router_path_selection:
path_groups:
- name: LAN_HA
- name: MPLS
+ - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ path_groups:
+ - name: LAN_HA
+ - name: MPLS
+ - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ path_groups:
+ - name: LAN_HA
+ - name: MPLS
+ priority: 42
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
@@ -524,15 +592,10 @@ router_path_selection:
- name: LAN_HA
- name: MPLS
priority: 2
- - name: LB-DEFAULT-AVT-POLICY-VIDEO
- path_groups:
- - name: LAN_HA
- - name: MPLS
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: MPLS
- priority: 42
router_traffic_engineering:
enabled: true
stun:
@@ -542,15 +605,15 @@ stun:
ip_address: 172.16.0.1
application_traffic_recognition:
application_profiles:
- - name: VOICE
- applications:
- - name: CUSTOM-VOICE-APPLICATION
- name: VIDEO
categories:
- name: VIDEO1
applications:
- name: CUSTOM-APPLICATION-1
- name: skype
+ - name: VOICE
+ applications:
+ - name: CUSTOM-VOICE-APPLICATION
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
@@ -612,6 +675,8 @@ vxlan_interface:
vni: 100
- name: PROD
vni: 42
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 166
metadata:
cv_tags:
device_tags:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder.yml
index d33265c26be..b01d0bbd34e 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder.yml
@@ -199,20 +199,22 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-AVT-POLICY-VIDEO
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: DEFAULT-AVT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY-VOICE
load_balance_policy: LB-PROD-AVT-POLICY-VOICE
- name: PROD-AVT-POLICY-VIDEO
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-VIDEO
- load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
- - name: DEFAULT-AVT-POLICY-DEFAULT
- load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
- - name: TRANSIT-AVT-POLICY-VOICE
- load_balance_policy: LB-TRANSIT-AVT-POLICY-VOICE
+ - name: CUSTOM-VOICE-PROFILE-NAME
+ load_balance_policy: LB-CUSTOM-VOICE-PROFILE-NAME
- name: TRANSIT-AVT-POLICY-DEFAULT
load_balance_policy: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -242,11 +244,24 @@ router_adaptive_virtual_topology:
- name: TRANSIT
policy: TRANSIT-AVT-POLICY
profiles:
- - name: TRANSIT-AVT-POLICY-VOICE
+ - name: CUSTOM-VOICE-PROFILE-NAME
id: 42
- name: TRANSIT-AVT-POLICY-DEFAULT
id: 1
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-AVT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY
matches:
- application_profile: VOICE
@@ -264,17 +279,13 @@ router_adaptive_virtual_topology:
- name: TRANSIT-AVT-POLICY
matches:
- application_profile: VOICE
- avt_profile: TRANSIT-AVT-POLICY-VOICE
+ avt_profile: CUSTOM-VOICE-PROFILE-NAME
- application_profile: default
avt_profile: TRANSIT-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
matches:
- - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- avt_profile: CONTROL-PLANE-PROFILE
- - application_profile: VIDEO
- avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -310,6 +321,18 @@ router_path_selection:
- name: LAN_HA
- name: INET
- name: MPLS
+ - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ path_groups:
+ - name: LAN_HA
+ - name: MPLS
+ - name: INET
+ - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ path_groups:
+ - name: LAN_HA
+ - name: INET
+ - name: Equinix
+ - name: MPLS
+ priority: 42
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
@@ -331,30 +354,23 @@ router_path_selection:
- name: INET
- name: MPLS
priority: 2
- - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: LB-CUSTOM-VOICE-PROFILE-NAME
path_groups:
- name: LAN_HA
- name: MPLS
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ priority: 2
+ - name: LB-TRANSIT-AVT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
- - name: Equinix
- - name: MPLS
- priority: 42
- - name: LB-TRANSIT-AVT-POLICY-VOICE
- path_groups:
- - name: LAN_HA
- name: MPLS
- - name: INET
priority: 2
- - name: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
- name: MPLS
- priority: 2
router_traffic_engineering:
enabled: true
stun:
@@ -365,15 +381,15 @@ stun:
- Ethernet3
application_traffic_recognition:
application_profiles:
- - name: VOICE
- applications:
- - name: CUSTOM-VOICE-APPLICATION
- name: VIDEO
categories:
- name: VIDEO1
applications:
- name: CUSTOM-APPLICATION-1
- name: skype
+ - name: VOICE
+ applications:
+ - name: CUSTOM-VOICE-APPLICATION
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
@@ -559,7 +575,7 @@ metadata:
- name: MPLS
preference: alternate
- name: PROD
- vni: 42
+ vni: 142
avts:
- constraints:
jitter: 42
@@ -593,7 +609,7 @@ metadata:
- name: MPLS
preference: alternate
- name: IT
- vni: 100
+ vni: 1000
avts:
- id: 3
name: DEFAULT-AVT-POLICY-VIDEO
@@ -619,7 +635,7 @@ metadata:
vni: 66
avts:
- id: 42
- name: TRANSIT-AVT-POLICY-VOICE
+ name: CUSTOM-VOICE-PROFILE-NAME
pathgroups:
- name: LAN_HA
preference: preferred
@@ -636,3 +652,15 @@ metadata:
preference: preferred
- name: MPLS
preference: alternate
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 666
+ avts:
+ - id: 1
+ name: DEFAULT-POLICY-DEFAULT
+ pathgroups:
+ - name: LAN_HA
+ preference: preferred
+ - name: INET
+ preference: preferred
+ - name: MPLS
+ preference: preferred
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder1.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder1.yml
index 254f5c4ca29..b92a0631be1 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder1.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder1.yml
@@ -213,20 +213,22 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-AVT-POLICY-VIDEO
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: DEFAULT-AVT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY-VOICE
load_balance_policy: LB-PROD-AVT-POLICY-VOICE
- name: PROD-AVT-POLICY-VIDEO
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-VIDEO
- load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
- - name: DEFAULT-AVT-POLICY-DEFAULT
- load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
- - name: TRANSIT-AVT-POLICY-VOICE
- load_balance_policy: LB-TRANSIT-AVT-POLICY-VOICE
+ - name: CUSTOM-VOICE-PROFILE-NAME
+ load_balance_policy: LB-CUSTOM-VOICE-PROFILE-NAME
- name: TRANSIT-AVT-POLICY-DEFAULT
load_balance_policy: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -256,11 +258,24 @@ router_adaptive_virtual_topology:
- name: TRANSIT
policy: TRANSIT-AVT-POLICY
profiles:
- - name: TRANSIT-AVT-POLICY-VOICE
+ - name: CUSTOM-VOICE-PROFILE-NAME
id: 42
- name: TRANSIT-AVT-POLICY-DEFAULT
id: 1
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-AVT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY
matches:
- application_profile: VOICE
@@ -278,17 +293,13 @@ router_adaptive_virtual_topology:
- name: TRANSIT-AVT-POLICY
matches:
- application_profile: VOICE
- avt_profile: TRANSIT-AVT-POLICY-VOICE
+ avt_profile: CUSTOM-VOICE-PROFILE-NAME
- application_profile: default
avt_profile: TRANSIT-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
matches:
- - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- avt_profile: CONTROL-PLANE-PROFILE
- - application_profile: VIDEO
- avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -329,6 +340,18 @@ router_path_selection:
path_groups:
- name: LAN_HA
- name: INET
+ - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ path_groups:
+ - name: LAN_HA
+ - name: MPLS
+ - name: INET
+ - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ path_groups:
+ - name: LAN_HA
+ - name: INET
+ - name: Equinix
+ - name: MPLS
+ priority: 42
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
@@ -350,30 +373,22 @@ router_path_selection:
- name: INET
- name: MPLS
priority: 2
- - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: LB-CUSTOM-VOICE-PROFILE-NAME
path_groups:
- name: LAN_HA
- name: MPLS
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ priority: 2
+ - name: LB-TRANSIT-AVT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
- - name: Equinix
- - name: MPLS
- priority: 42
- - name: LB-TRANSIT-AVT-POLICY-VOICE
- path_groups:
- - name: LAN_HA
- name: MPLS
- - name: INET
priority: 2
- - name: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
- - name: MPLS
- priority: 2
router_traffic_engineering:
enabled: true
stun:
@@ -382,15 +397,15 @@ stun:
- Ethernet1
application_traffic_recognition:
application_profiles:
- - name: VOICE
- applications:
- - name: CUSTOM-VOICE-APPLICATION
- name: VIDEO
categories:
- name: VIDEO1
applications:
- name: CUSTOM-APPLICATION-1
- name: skype
+ - name: VOICE
+ applications:
+ - name: CUSTOM-VOICE-APPLICATION
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
@@ -548,7 +563,7 @@ metadata:
- name: MPLS
preference: alternate
- name: PROD
- vni: 42
+ vni: 142
avts:
- constraints:
jitter: 42
@@ -582,7 +597,7 @@ metadata:
- name: MPLS
preference: alternate
- name: IT
- vni: 100
+ vni: 1000
avts:
- id: 3
name: DEFAULT-AVT-POLICY-VIDEO
@@ -608,7 +623,7 @@ metadata:
vni: 66
avts:
- id: 42
- name: TRANSIT-AVT-POLICY-VOICE
+ name: CUSTOM-VOICE-PROFILE-NAME
pathgroups:
- name: LAN_HA
preference: preferred
@@ -625,3 +640,13 @@ metadata:
preference: preferred
- name: MPLS
preference: alternate
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 666
+ avts:
+ - id: 1
+ name: DEFAULT-POLICY-DEFAULT
+ pathgroups:
+ - name: LAN_HA
+ preference: preferred
+ - name: INET
+ preference: preferred
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder2.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder2.yml
index 508a753cf25..3a189120166 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder2.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder2.yml
@@ -220,20 +220,22 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-AVT-POLICY-VIDEO
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: DEFAULT-AVT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY-VOICE
load_balance_policy: LB-PROD-AVT-POLICY-VOICE
- name: PROD-AVT-POLICY-VIDEO
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-VIDEO
- load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
- - name: DEFAULT-AVT-POLICY-DEFAULT
- load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
- - name: TRANSIT-AVT-POLICY-VOICE
- load_balance_policy: LB-TRANSIT-AVT-POLICY-VOICE
+ - name: CUSTOM-VOICE-PROFILE-NAME
+ load_balance_policy: LB-CUSTOM-VOICE-PROFILE-NAME
- name: TRANSIT-AVT-POLICY-DEFAULT
load_balance_policy: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -263,11 +265,24 @@ router_adaptive_virtual_topology:
- name: TRANSIT
policy: TRANSIT-AVT-POLICY
profiles:
- - name: TRANSIT-AVT-POLICY-VOICE
+ - name: CUSTOM-VOICE-PROFILE-NAME
id: 42
- name: TRANSIT-AVT-POLICY-DEFAULT
id: 1
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-AVT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY
matches:
- application_profile: VOICE
@@ -285,17 +300,13 @@ router_adaptive_virtual_topology:
- name: TRANSIT-AVT-POLICY
matches:
- application_profile: VOICE
- avt_profile: TRANSIT-AVT-POLICY-VOICE
+ avt_profile: CUSTOM-VOICE-PROFILE-NAME
- application_profile: default
avt_profile: TRANSIT-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
matches:
- - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- avt_profile: CONTROL-PLANE-PROFILE
- - application_profile: VIDEO
- avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -344,6 +355,18 @@ router_path_selection:
- name: LAN_HA
- name: INET
- name: MPLS
+ - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ path_groups:
+ - name: LAN_HA
+ - name: MPLS
+ - name: INET
+ - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ path_groups:
+ - name: LAN_HA
+ - name: INET
+ - name: Equinix
+ - name: MPLS
+ priority: 42
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
@@ -365,30 +388,23 @@ router_path_selection:
- name: INET
- name: MPLS
priority: 2
- - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: LB-CUSTOM-VOICE-PROFILE-NAME
path_groups:
- name: LAN_HA
- name: MPLS
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ priority: 2
+ - name: LB-TRANSIT-AVT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
- - name: Equinix
- - name: MPLS
- priority: 42
- - name: LB-TRANSIT-AVT-POLICY-VOICE
- path_groups:
- - name: LAN_HA
- name: MPLS
- - name: INET
priority: 2
- - name: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
- name: MPLS
- priority: 2
router_traffic_engineering:
enabled: true
stun:
@@ -398,15 +414,15 @@ stun:
- Ethernet2
application_traffic_recognition:
application_profiles:
- - name: VOICE
- applications:
- - name: CUSTOM-VOICE-APPLICATION
- name: VIDEO
categories:
- name: VIDEO1
applications:
- name: CUSTOM-APPLICATION-1
- name: skype
+ - name: VOICE
+ applications:
+ - name: CUSTOM-VOICE-APPLICATION
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
@@ -579,7 +595,7 @@ metadata:
- name: MPLS
preference: alternate
- name: PROD
- vni: 42
+ vni: 142
avts:
- constraints:
jitter: 42
@@ -613,7 +629,7 @@ metadata:
- name: MPLS
preference: alternate
- name: IT
- vni: 100
+ vni: 1000
avts:
- id: 3
name: DEFAULT-AVT-POLICY-VIDEO
@@ -639,7 +655,7 @@ metadata:
vni: 66
avts:
- id: 42
- name: TRANSIT-AVT-POLICY-VOICE
+ name: CUSTOM-VOICE-PROFILE-NAME
pathgroups:
- name: LAN_HA
preference: preferred
@@ -656,3 +672,15 @@ metadata:
preference: preferred
- name: MPLS
preference: alternate
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 666
+ avts:
+ - id: 1
+ name: DEFAULT-POLICY-DEFAULT
+ pathgroups:
+ - name: LAN_HA
+ preference: preferred
+ - name: INET
+ preference: preferred
+ - name: MPLS
+ preference: preferred
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1A.yml
index 7351831760c..f1373dab55c 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1A.yml
@@ -59,17 +59,17 @@ router_bgp:
- ip_address: 172.17.0.0
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf1_Ethernet1.100_vrf_IT
- rd: 192.168.43.1:100
+ description: site-ha-enabled-leaf1_Ethernet1.1000_vrf_IT
+ rd: 192.168.43.1:1000
route_targets:
import:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
export:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
redistribute_routes:
- source_protocol: connected
- name: PROD
@@ -78,17 +78,36 @@ router_bgp:
- ip_address: 172.17.0.0
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf1_Ethernet1.42_vrf_PROD
- rd: 192.168.43.1:42
+ description: site-ha-enabled-leaf1_Ethernet1.142_vrf_PROD
+ rd: 192.168.43.1:142
route_targets:
import:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
export:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
+ redistribute_routes:
+ - source_protocol: connected
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ router_id: 192.168.43.1
+ neighbors:
+ - ip_address: 172.17.0.0
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65199'
+ description: site-ha-enabled-leaf1_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ rd: 192.168.43.1:666
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - 666:666
+ export:
+ - address_family: evpn
+ route_targets:
+ - 666:666
redistribute_routes:
- source_protocol: connected
- name: default
@@ -103,6 +122,10 @@ router_bgp:
route_targets:
- '1:1'
- route-map RM-EVPN-EXPORT-VRF-DEFAULT
+ - name: NOT-WAN-VRF
+ router_id: 192.168.43.1
+ redistribute_routes:
+ - source_protocol: connected
- name: TRANSIT
router_id: 192.168.43.1
rd: 192.168.43.1:66
@@ -157,9 +180,15 @@ vrfs:
- name: PROD
tenant: TenantA
ip_routing: true
+- name: NOT-WAN-VRF
+ tenant: TenantB
+ ip_routing: true
- name: TRANSIT
tenant: TenantB
ip_routing: true
+- name: ATTRACTED-VRF-FROM-UPLINK
+ tenant: TenantC
+ ip_routing: true
management_api_http:
enable_vrfs:
- name: MGMT
@@ -176,26 +205,37 @@ ethernet_interfaces:
ip_address: 172.17.0.1/31
flow_tracker:
hardware: WAN-FLOW-TRACKER
-- name: Ethernet52.100
+- name: Ethernet52.1000
peer: site-ha-enabled-leaf1
- peer_interface: Ethernet1.100
+ peer_interface: Ethernet1.1000
peer_type: l3leaf
vrf: IT
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.100_vrf_IT
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.1/31
-- name: Ethernet52.42
+- name: Ethernet52.142
peer: site-ha-enabled-leaf1
- peer_interface: Ethernet1.42
+ peer_interface: Ethernet1.142
peer_type: l3leaf
vrf: PROD
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.42_vrf_PROD
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.142_vrf_PROD
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.1/31
+- name: Ethernet52.666
+ peer: site-ha-enabled-leaf1
+ peer_interface: Ethernet1.666
+ peer_type: l3leaf
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet1.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.1/31
- name: Ethernet1.42
@@ -394,20 +434,22 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-AVT-POLICY-VIDEO
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: DEFAULT-AVT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY-VOICE
load_balance_policy: LB-PROD-AVT-POLICY-VOICE
- name: PROD-AVT-POLICY-VIDEO
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-VIDEO
- load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
- - name: DEFAULT-AVT-POLICY-DEFAULT
- load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
- - name: TRANSIT-AVT-POLICY-VOICE
- load_balance_policy: LB-TRANSIT-AVT-POLICY-VOICE
+ - name: CUSTOM-VOICE-PROFILE-NAME
+ load_balance_policy: LB-CUSTOM-VOICE-PROFILE-NAME
- name: TRANSIT-AVT-POLICY-DEFAULT
load_balance_policy: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -437,11 +479,24 @@ router_adaptive_virtual_topology:
- name: TRANSIT
policy: TRANSIT-AVT-POLICY
profiles:
- - name: TRANSIT-AVT-POLICY-VOICE
+ - name: CUSTOM-VOICE-PROFILE-NAME
id: 42
- name: TRANSIT-AVT-POLICY-DEFAULT
id: 1
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-AVT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY
matches:
- application_profile: VOICE
@@ -459,17 +514,13 @@ router_adaptive_virtual_topology:
- name: TRANSIT-AVT-POLICY
matches:
- application_profile: VOICE
- avt_profile: TRANSIT-AVT-POLICY-VOICE
+ avt_profile: CUSTOM-VOICE-PROFILE-NAME
- application_profile: default
avt_profile: TRANSIT-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
matches:
- - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- avt_profile: CONTROL-PLANE-PROFILE
- - application_profile: VIDEO
- avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -526,6 +577,17 @@ router_path_selection:
- name: LAN_HA
- name: INET
- name: MPLS
+ - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ path_groups:
+ - name: LAN_HA
+ - name: MPLS
+ - name: INET
+ - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ path_groups:
+ - name: LAN_HA
+ - name: INET
+ - name: MPLS
+ priority: 42
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
@@ -546,29 +608,23 @@ router_path_selection:
- name: INET
- name: MPLS
priority: 2
- - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: LB-CUSTOM-VOICE-PROFILE-NAME
path_groups:
- name: LAN_HA
- name: MPLS
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ priority: 2
+ - name: LB-TRANSIT-AVT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
- name: MPLS
- priority: 42
- - name: LB-TRANSIT-AVT-POLICY-VOICE
- path_groups:
- - name: LAN_HA
- - name: MPLS
- - name: INET
priority: 2
- - name: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
- name: MPLS
- priority: 2
router_traffic_engineering:
enabled: true
stun:
@@ -582,15 +638,15 @@ stun:
ip_address: 172.16.0.1
application_traffic_recognition:
application_profiles:
- - name: VOICE
- applications:
- - name: CUSTOM-VOICE-APPLICATION
- name: VIDEO
categories:
- name: VIDEO1
applications:
- name: CUSTOM-APPLICATION-1
- name: skype
+ - name: VOICE
+ applications:
+ - name: CUSTOM-VOICE-APPLICATION
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
@@ -654,6 +710,8 @@ vxlan_interface:
vni: 42
- name: TRANSIT
vni: 66
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 166
metadata:
cv_tags:
device_tags:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1B.yml
index 3fea46d1d25..1fd0efcb527 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1B.yml
@@ -59,17 +59,17 @@ router_bgp:
- ip_address: 172.17.0.2
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf1_Ethernet2.100_vrf_IT
- rd: 192.168.43.2:100
+ description: site-ha-enabled-leaf1_Ethernet2.1000_vrf_IT
+ rd: 192.168.43.2:1000
route_targets:
import:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
export:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
redistribute_routes:
- source_protocol: connected
- name: PROD
@@ -78,17 +78,36 @@ router_bgp:
- ip_address: 172.17.0.2
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65199'
- description: site-ha-enabled-leaf1_Ethernet2.42_vrf_PROD
- rd: 192.168.43.2:42
+ description: site-ha-enabled-leaf1_Ethernet2.142_vrf_PROD
+ rd: 192.168.43.2:142
route_targets:
import:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
export:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
+ redistribute_routes:
+ - source_protocol: connected
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ router_id: 192.168.43.2
+ neighbors:
+ - ip_address: 172.17.0.2
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65199'
+ description: site-ha-enabled-leaf1_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ rd: 192.168.43.2:666
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - 666:666
+ export:
+ - address_family: evpn
+ route_targets:
+ - 666:666
redistribute_routes:
- source_protocol: connected
- name: default
@@ -103,6 +122,10 @@ router_bgp:
route_targets:
- '1:1'
- route-map RM-EVPN-EXPORT-VRF-DEFAULT
+ - name: NOT-WAN-VRF
+ router_id: 192.168.43.2
+ redistribute_routes:
+ - source_protocol: connected
- name: TRANSIT
router_id: 192.168.43.2
rd: 192.168.43.2:66
@@ -157,9 +180,15 @@ vrfs:
- name: PROD
tenant: TenantA
ip_routing: true
+- name: NOT-WAN-VRF
+ tenant: TenantB
+ ip_routing: true
- name: TRANSIT
tenant: TenantB
ip_routing: true
+- name: ATTRACTED-VRF-FROM-UPLINK
+ tenant: TenantC
+ ip_routing: true
management_api_http:
enable_vrfs:
- name: MGMT
@@ -176,26 +205,37 @@ ethernet_interfaces:
ip_address: 172.17.0.3/31
flow_tracker:
hardware: WAN-FLOW-TRACKER
-- name: Ethernet52.100
+- name: Ethernet52.1000
peer: site-ha-enabled-leaf1
- peer_interface: Ethernet2.100
+ peer_interface: Ethernet2.1000
peer_type: l3leaf
vrf: IT
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.100_vrf_IT
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.3/31
-- name: Ethernet52.42
+- name: Ethernet52.142
peer: site-ha-enabled-leaf1
- peer_interface: Ethernet2.42
+ peer_interface: Ethernet2.142
peer_type: l3leaf
vrf: PROD
- description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.42_vrf_PROD
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.142_vrf_PROD
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.3/31
+- name: Ethernet52.666
+ peer: site-ha-enabled-leaf1
+ peer_interface: Ethernet2.666
+ peer_type: l3leaf
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_SITE-HA-ENABLED-LEAF1_Ethernet2.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.3/31
- name: Ethernet1.42
@@ -394,20 +434,22 @@ router_adaptive_virtual_topology:
profiles:
- name: CONTROL-PLANE-PROFILE
load_balance_policy: LB-CONTROL-PLANE-PROFILE
+ - name: DEFAULT-AVT-POLICY-VIDEO
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: DEFAULT-AVT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY-VOICE
load_balance_policy: LB-PROD-AVT-POLICY-VOICE
- name: PROD-AVT-POLICY-VIDEO
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-VIDEO
- load_balance_policy: LB-DEFAULT-AVT-POLICY-VIDEO
- - name: DEFAULT-AVT-POLICY-DEFAULT
- load_balance_policy: LB-DEFAULT-AVT-POLICY-DEFAULT
- - name: TRANSIT-AVT-POLICY-VOICE
- load_balance_policy: LB-TRANSIT-AVT-POLICY-VOICE
+ - name: CUSTOM-VOICE-PROFILE-NAME
+ load_balance_policy: LB-CUSTOM-VOICE-PROFILE-NAME
- name: TRANSIT-AVT-POLICY-DEFAULT
load_balance_policy: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY-WITH-CP
@@ -437,11 +479,24 @@ router_adaptive_virtual_topology:
- name: TRANSIT
policy: TRANSIT-AVT-POLICY
profiles:
- - name: TRANSIT-AVT-POLICY-VOICE
+ - name: CUSTOM-VOICE-PROFILE-NAME
id: 42
- name: TRANSIT-AVT-POLICY-DEFAULT
id: 1
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ policy: DEFAULT-POLICY
+ profiles:
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
policies:
+ - name: DEFAULT-AVT-POLICY-WITH-CP
+ matches:
+ - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
+ avt_profile: CONTROL-PLANE-PROFILE
+ - application_profile: VIDEO
+ avt_profile: DEFAULT-AVT-POLICY-VIDEO
+ - application_profile: default
+ avt_profile: DEFAULT-AVT-POLICY-DEFAULT
- name: PROD-AVT-POLICY
matches:
- application_profile: VOICE
@@ -459,17 +514,13 @@ router_adaptive_virtual_topology:
- name: TRANSIT-AVT-POLICY
matches:
- application_profile: VOICE
- avt_profile: TRANSIT-AVT-POLICY-VOICE
+ avt_profile: CUSTOM-VOICE-PROFILE-NAME
- application_profile: default
avt_profile: TRANSIT-AVT-POLICY-DEFAULT
- - name: DEFAULT-AVT-POLICY-WITH-CP
+ - name: DEFAULT-POLICY
matches:
- - application_profile: CONTROL-PLANE-APPLICATION-PROFILE
- avt_profile: CONTROL-PLANE-PROFILE
- - application_profile: VIDEO
- avt_profile: DEFAULT-AVT-POLICY-VIDEO
- application_profile: default
- avt_profile: DEFAULT-AVT-POLICY-DEFAULT
+ avt_profile: DEFAULT-POLICY-DEFAULT
router_bfd:
multihop:
interval: 300
@@ -526,6 +577,17 @@ router_path_selection:
- name: LAN_HA
- name: INET
- name: MPLS
+ - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ path_groups:
+ - name: LAN_HA
+ - name: MPLS
+ - name: INET
+ - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ path_groups:
+ - name: LAN_HA
+ - name: INET
+ - name: MPLS
+ priority: 42
- name: LB-PROD-AVT-POLICY-VOICE
path_groups:
- name: LAN_HA
@@ -546,29 +608,23 @@ router_path_selection:
- name: INET
- name: MPLS
priority: 2
- - name: LB-DEFAULT-AVT-POLICY-VIDEO
+ - name: LB-CUSTOM-VOICE-PROFILE-NAME
path_groups:
- name: LAN_HA
- name: MPLS
- name: INET
- - name: LB-DEFAULT-AVT-POLICY-DEFAULT
+ priority: 2
+ - name: LB-TRANSIT-AVT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
- name: MPLS
- priority: 42
- - name: LB-TRANSIT-AVT-POLICY-VOICE
- path_groups:
- - name: LAN_HA
- - name: MPLS
- - name: INET
priority: 2
- - name: LB-TRANSIT-AVT-POLICY-DEFAULT
+ - name: LB-DEFAULT-POLICY-DEFAULT
path_groups:
- name: LAN_HA
- name: INET
- name: MPLS
- priority: 2
router_traffic_engineering:
enabled: true
stun:
@@ -582,15 +638,15 @@ stun:
ip_address: 172.16.0.1
application_traffic_recognition:
application_profiles:
- - name: VOICE
- applications:
- - name: CUSTOM-VOICE-APPLICATION
- name: VIDEO
categories:
- name: VIDEO1
applications:
- name: CUSTOM-APPLICATION-1
- name: skype
+ - name: VOICE
+ applications:
+ - name: CUSTOM-VOICE-APPLICATION
- name: CONTROL-PLANE-APPLICATION-PROFILE
applications:
- name: CONTROL-PLANE-APPLICATION
@@ -654,6 +710,8 @@ vxlan_interface:
vni: 42
- name: TRANSIT
vni: 66
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 166
metadata:
cv_tags:
device_tags:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-disabled-leaf.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-disabled-leaf.yml
index c74f5391842..eabe84f71e7 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-disabled-leaf.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-disabled-leaf.yml
@@ -50,21 +50,21 @@ router_bgp:
- ip_address: 172.17.0.1
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge_Ethernet52.100_vrf_IT
+ description: cv-pathfinder-edge_Ethernet52.1000_vrf_IT
- ip_address: 172.17.0.3
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge-no-common-path-group_Ethernet52.100_vrf_IT
- rd: 192.168.45.4:100
+ description: cv-pathfinder-edge-no-common-path-group_Ethernet52.1000_vrf_IT
+ rd: 192.168.45.4:1000
route_targets:
import:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
export:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
redistribute_routes:
- source_protocol: connected
- name: PROD
@@ -73,21 +73,44 @@ router_bgp:
- ip_address: 172.17.0.1
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge_Ethernet52.42_vrf_PROD
+ description: cv-pathfinder-edge_Ethernet52.142_vrf_PROD
- ip_address: 172.17.0.3
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge-no-common-path-group_Ethernet52.42_vrf_PROD
- rd: 192.168.45.4:42
+ description: cv-pathfinder-edge-no-common-path-group_Ethernet52.142_vrf_PROD
+ rd: 192.168.45.4:142
route_targets:
import:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
export:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
+ redistribute_routes:
+ - source_protocol: connected
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ router_id: 192.168.45.4
+ neighbors:
+ - ip_address: 172.17.0.1
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65000'
+ description: cv-pathfinder-edge_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ - ip_address: 172.17.0.3
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65000'
+ description: cv-pathfinder-edge-no-common-path-group_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ rd: 192.168.45.4:666
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - 666:666
+ export:
+ - address_family: evpn
+ route_targets:
+ - 666:666
redistribute_routes:
- source_protocol: connected
- name: default
@@ -122,6 +145,14 @@ router_bgp:
- 1101:1101
redistribute_routes:
- learned
+ - id: 666
+ tenant: TenantC
+ rd: 192.168.45.4:1666
+ route_targets:
+ both:
+ - 1666:1666
+ redistribute_routes:
+ - learned
service_routing_protocols_model: multi-agent
ip_routing: true
vlan_internal_order:
@@ -138,6 +169,9 @@ vrfs:
- name: PROD
tenant: TenantA
ip_routing: true
+- name: ATTRACTED-VRF-FROM-UPLINK
+ tenant: TenantC
+ ip_routing: true
management_api_http:
enable_vrfs:
- name: MGMT
@@ -152,26 +186,37 @@ ethernet_interfaces:
mtu: 9214
type: routed
ip_address: 172.17.0.0/31
-- name: Ethernet1.100
+- name: Ethernet1.1000
peer: cv-pathfinder-edge
- peer_interface: Ethernet52.100
+ peer_interface: Ethernet52.1000
peer_type: wan_router
vrf: IT
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE_Ethernet52.100_vrf_IT
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE_Ethernet52.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.0/31
-- name: Ethernet1.42
+- name: Ethernet1.142
peer: cv-pathfinder-edge
- peer_interface: Ethernet52.42
+ peer_interface: Ethernet52.142
peer_type: wan_router
vrf: PROD
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE_Ethernet52.42_vrf_PROD
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE_Ethernet52.142_vrf_PROD
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.0/31
+- name: Ethernet1.666
+ peer: cv-pathfinder-edge
+ peer_interface: Ethernet52.666
+ peer_type: wan_router
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.0/31
- name: Ethernet2
@@ -183,26 +228,37 @@ ethernet_interfaces:
mtu: 9214
type: routed
ip_address: 172.17.0.2/31
-- name: Ethernet2.100
+- name: Ethernet2.1000
peer: cv-pathfinder-edge-no-common-path-group
- peer_interface: Ethernet52.100
+ peer_interface: Ethernet52.1000
peer_type: wan_router
vrf: IT
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE-NO-COMMON-PATH-GROUP_Ethernet52.100_vrf_IT
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE-NO-COMMON-PATH-GROUP_Ethernet52.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.2/31
-- name: Ethernet2.42
+- name: Ethernet2.142
peer: cv-pathfinder-edge-no-common-path-group
- peer_interface: Ethernet52.42
+ peer_interface: Ethernet52.142
peer_type: wan_router
vrf: PROD
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE-NO-COMMON-PATH-GROUP_Ethernet52.42_vrf_PROD
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE-NO-COMMON-PATH-GROUP_Ethernet52.142_vrf_PROD
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.2/31
+- name: Ethernet2.666
+ peer: cv-pathfinder-edge-no-common-path-group
+ peer_interface: Ethernet52.666
+ peer_type: wan_router
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE-NO-COMMON-PATH-GROUP_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.2/31
loopback_interfaces:
@@ -240,6 +296,9 @@ vlans:
- id: 101
name: VLAN101
tenant: TenantA
+- id: 666
+ name: VLAN666
+ tenant: TenantC
ip_igmp_snooping:
globally_enabled: true
ip_virtual_router_mac_address: 00:1c:73:00:00:01
@@ -250,6 +309,13 @@ vlan_interfaces:
shutdown: true
ip_address_virtual: 10.0.100.1/24
vrf: PROD
+- name: Vlan666
+ tenant: TenantC
+ description: VLAN666
+ shutdown: true
+ ip_address: 10.66.66.1
+ ip_address_virtual: 10.66.66.66/24
+ vrf: ATTRACTED-VRF-FROM-UPLINK
vxlan_interface:
Vxlan1:
description: site-ha-disabled-leaf_VTEP
@@ -261,10 +327,14 @@ vxlan_interface:
vni: 1100
- id: 101
vni: 1101
+ - id: 666
+ vni: 1666
vrfs:
- name: default
vni: 1
- name: IT
- vni: 100
+ vni: 1000
- name: PROD
- vni: 42
+ vni: 142
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 666
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf1.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf1.yml
index dec88182867..e9c41ba5bf6 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf1.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf1.yml
@@ -50,21 +50,21 @@ router_bgp:
- ip_address: 172.17.0.1
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-transit1A_Ethernet52.100_vrf_IT
+ description: cv-pathfinder-transit1A_Ethernet52.1000_vrf_IT
- ip_address: 172.17.0.3
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-transit1B_Ethernet52.100_vrf_IT
- rd: 192.168.45.1:100
+ description: cv-pathfinder-transit1B_Ethernet52.1000_vrf_IT
+ rd: 192.168.45.1:1000
route_targets:
import:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
export:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
redistribute_routes:
- source_protocol: connected
- name: PROD
@@ -73,21 +73,44 @@ router_bgp:
- ip_address: 172.17.0.1
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-transit1A_Ethernet52.42_vrf_PROD
+ description: cv-pathfinder-transit1A_Ethernet52.142_vrf_PROD
- ip_address: 172.17.0.3
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-transit1B_Ethernet52.42_vrf_PROD
- rd: 192.168.45.1:42
+ description: cv-pathfinder-transit1B_Ethernet52.142_vrf_PROD
+ rd: 192.168.45.1:142
route_targets:
import:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
export:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
+ redistribute_routes:
+ - source_protocol: connected
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ router_id: 192.168.45.1
+ neighbors:
+ - ip_address: 172.17.0.1
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65000'
+ description: cv-pathfinder-transit1A_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ - ip_address: 172.17.0.3
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65000'
+ description: cv-pathfinder-transit1B_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ rd: 192.168.45.1:666
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - 666:666
+ export:
+ - address_family: evpn
+ route_targets:
+ - 666:666
redistribute_routes:
- source_protocol: connected
- name: default
@@ -122,6 +145,14 @@ router_bgp:
- 1101:1101
redistribute_routes:
- learned
+ - id: 666
+ tenant: TenantC
+ rd: 192.168.45.1:1666
+ route_targets:
+ both:
+ - 1666:1666
+ redistribute_routes:
+ - learned
service_routing_protocols_model: multi-agent
ip_routing: true
vlan_internal_order:
@@ -138,6 +169,9 @@ vrfs:
- name: PROD
tenant: TenantA
ip_routing: true
+- name: ATTRACTED-VRF-FROM-UPLINK
+ tenant: TenantC
+ ip_routing: true
management_api_http:
enable_vrfs:
- name: MGMT
@@ -152,26 +186,37 @@ ethernet_interfaces:
mtu: 9214
type: routed
ip_address: 172.17.0.0/31
-- name: Ethernet1.100
+- name: Ethernet1.1000
peer: cv-pathfinder-transit1A
- peer_interface: Ethernet52.100
+ peer_interface: Ethernet52.1000
peer_type: wan_router
vrf: IT
- description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.100_vrf_IT
+ description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.0/31
-- name: Ethernet1.42
+- name: Ethernet1.142
peer: cv-pathfinder-transit1A
- peer_interface: Ethernet52.42
+ peer_interface: Ethernet52.142
peer_type: wan_router
vrf: PROD
- description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.42_vrf_PROD
+ description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.142_vrf_PROD
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.0/31
+- name: Ethernet1.666
+ peer: cv-pathfinder-transit1A
+ peer_interface: Ethernet52.666
+ peer_type: wan_router
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1A_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.0/31
- name: Ethernet2
@@ -183,26 +228,37 @@ ethernet_interfaces:
mtu: 9214
type: routed
ip_address: 172.17.0.2/31
-- name: Ethernet2.100
+- name: Ethernet2.1000
peer: cv-pathfinder-transit1B
- peer_interface: Ethernet52.100
+ peer_interface: Ethernet52.1000
peer_type: wan_router
vrf: IT
- description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.100_vrf_IT
+ description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.2/31
-- name: Ethernet2.42
+- name: Ethernet2.142
peer: cv-pathfinder-transit1B
- peer_interface: Ethernet52.42
+ peer_interface: Ethernet52.142
peer_type: wan_router
vrf: PROD
- description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.42_vrf_PROD
+ description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.142_vrf_PROD
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.2/31
+- name: Ethernet2.666
+ peer: cv-pathfinder-transit1B
+ peer_interface: Ethernet52.666
+ peer_type: wan_router
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_CV-PATHFINDER-TRANSIT1B_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.2/31
loopback_interfaces:
@@ -240,6 +296,9 @@ vlans:
- id: 101
name: VLAN101
tenant: TenantA
+- id: 666
+ name: VLAN666
+ tenant: TenantC
ip_igmp_snooping:
globally_enabled: true
ip_virtual_router_mac_address: 00:1c:73:00:00:01
@@ -250,6 +309,12 @@ vlan_interfaces:
shutdown: true
ip_address_virtual: 10.0.100.1/24
vrf: PROD
+- name: Vlan666
+ tenant: TenantC
+ description: VLAN666
+ shutdown: true
+ ip_address_virtual: 10.66.66.66/24
+ vrf: ATTRACTED-VRF-FROM-UPLINK
vxlan_interface:
Vxlan1:
description: site-ha-enabled-leaf1_VTEP
@@ -261,10 +326,14 @@ vxlan_interface:
vni: 1100
- id: 101
vni: 1101
+ - id: 666
+ vni: 1666
vrfs:
- name: default
vni: 1
- name: IT
- vni: 100
+ vni: 1000
- name: PROD
- vni: 42
+ vni: 142
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 666
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf2A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf2A.yml
index 06271e147d7..b694e31dd7a 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf2A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf2A.yml
@@ -50,21 +50,21 @@ router_bgp:
- ip_address: 172.17.0.5
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge2A_Ethernet52.100_vrf_IT
+ description: cv-pathfinder-edge2A_Ethernet52.1000_vrf_IT
- ip_address: 172.17.0.9
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge2B_Ethernet52.100_vrf_IT
- rd: 192.168.45.2:100
+ description: cv-pathfinder-edge2B_Ethernet52.1000_vrf_IT
+ rd: 192.168.45.2:1000
route_targets:
import:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
export:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
redistribute_routes:
- source_protocol: connected
- name: PROD
@@ -73,21 +73,44 @@ router_bgp:
- ip_address: 172.17.0.5
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge2A_Ethernet52.42_vrf_PROD
+ description: cv-pathfinder-edge2A_Ethernet52.142_vrf_PROD
- ip_address: 172.17.0.9
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge2B_Ethernet52.42_vrf_PROD
- rd: 192.168.45.2:42
+ description: cv-pathfinder-edge2B_Ethernet52.142_vrf_PROD
+ rd: 192.168.45.2:142
route_targets:
import:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
export:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
+ redistribute_routes:
+ - source_protocol: connected
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ router_id: 192.168.45.2
+ neighbors:
+ - ip_address: 172.17.0.5
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65000'
+ description: cv-pathfinder-edge2A_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ - ip_address: 172.17.0.9
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65000'
+ description: cv-pathfinder-edge2B_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ rd: 192.168.45.2:666
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - 666:666
+ export:
+ - address_family: evpn
+ route_targets:
+ - 666:666
redistribute_routes:
- source_protocol: connected
- name: default
@@ -122,6 +145,14 @@ router_bgp:
- 1101:1101
redistribute_routes:
- learned
+ - id: 666
+ tenant: TenantC
+ rd: 192.168.45.2:1666
+ route_targets:
+ both:
+ - 1666:1666
+ redistribute_routes:
+ - learned
service_routing_protocols_model: multi-agent
ip_routing: true
vlan_internal_order:
@@ -138,6 +169,9 @@ vrfs:
- name: PROD
tenant: TenantA
ip_routing: true
+- name: ATTRACTED-VRF-FROM-UPLINK
+ tenant: TenantC
+ ip_routing: true
management_api_http:
enable_vrfs:
- name: MGMT
@@ -152,26 +186,37 @@ ethernet_interfaces:
mtu: 9214
type: routed
ip_address: 172.17.0.4/31
-- name: Ethernet1.100
+- name: Ethernet1.1000
peer: cv-pathfinder-edge2A
- peer_interface: Ethernet52.100
+ peer_interface: Ethernet52.1000
peer_type: wan_router
vrf: IT
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.100_vrf_IT
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.4/31
-- name: Ethernet1.42
+- name: Ethernet1.142
peer: cv-pathfinder-edge2A
- peer_interface: Ethernet52.42
+ peer_interface: Ethernet52.142
peer_type: wan_router
vrf: PROD
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.42_vrf_PROD
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.142_vrf_PROD
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.4/31
+- name: Ethernet1.666
+ peer: cv-pathfinder-edge2A
+ peer_interface: Ethernet52.666
+ peer_type: wan_router
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.4/31
- name: Ethernet2
@@ -183,26 +228,37 @@ ethernet_interfaces:
mtu: 9214
type: routed
ip_address: 172.17.0.8/31
-- name: Ethernet2.100
+- name: Ethernet2.1000
peer: cv-pathfinder-edge2B
- peer_interface: Ethernet52.100
+ peer_interface: Ethernet52.1000
peer_type: wan_router
vrf: IT
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.100_vrf_IT
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.8/31
-- name: Ethernet2.42
+- name: Ethernet2.142
peer: cv-pathfinder-edge2B
- peer_interface: Ethernet52.42
+ peer_interface: Ethernet52.142
peer_type: wan_router
vrf: PROD
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.42_vrf_PROD
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.142_vrf_PROD
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.8/31
+- name: Ethernet2.666
+ peer: cv-pathfinder-edge2B
+ peer_interface: Ethernet52.666
+ peer_type: wan_router
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet52.666_vrf_ATTRACTED-VRF-FROM-UPLINK
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.8/31
loopback_interfaces:
@@ -240,6 +296,9 @@ vlans:
- id: 101
name: VLAN101
tenant: TenantA
+- id: 666
+ name: VLAN666
+ tenant: TenantC
ip_igmp_snooping:
globally_enabled: true
ip_virtual_router_mac_address: 00:1c:73:00:00:01
@@ -250,6 +309,12 @@ vlan_interfaces:
shutdown: true
ip_address_virtual: 10.0.100.1/24
vrf: PROD
+- name: Vlan666
+ tenant: TenantC
+ description: VLAN666
+ shutdown: true
+ ip_address_virtual: 10.66.66.66/24
+ vrf: ATTRACTED-VRF-FROM-UPLINK
vxlan_interface:
Vxlan1:
description: site-ha-enabled-leaf2A_VTEP
@@ -261,10 +326,14 @@ vxlan_interface:
vni: 1100
- id: 101
vni: 1101
+ - id: 666
+ vni: 1666
vrfs:
- name: default
vni: 1
- name: IT
- vni: 100
+ vni: 1000
- name: PROD
- vni: 42
+ vni: 142
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 666
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf2B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf2B.yml
index 603d8f81a71..a47eeb13c11 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf2B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/site-ha-enabled-leaf2B.yml
@@ -50,21 +50,21 @@ router_bgp:
- ip_address: 172.17.0.7
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge2A_Ethernet53.100_vrf_IT
+ description: cv-pathfinder-edge2A_Ethernet53.1000_vrf_IT
- ip_address: 172.17.0.11
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge2B_Ethernet53.100_vrf_IT
- rd: 192.168.45.3:100
+ description: cv-pathfinder-edge2B_Ethernet53.1000_vrf_IT
+ rd: 192.168.45.3:1000
route_targets:
import:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
export:
- address_family: evpn
route_targets:
- - 100:100
+ - 1000:1000
redistribute_routes:
- source_protocol: connected
- name: PROD
@@ -73,21 +73,44 @@ router_bgp:
- ip_address: 172.17.0.7
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge2A_Ethernet53.42_vrf_PROD
+ description: cv-pathfinder-edge2A_Ethernet53.142_vrf_PROD
- ip_address: 172.17.0.11
peer_group: IPv4-UNDERLAY-PEERS
remote_as: '65000'
- description: cv-pathfinder-edge2B_Ethernet53.42_vrf_PROD
- rd: 192.168.45.3:42
+ description: cv-pathfinder-edge2B_Ethernet53.142_vrf_PROD
+ rd: 192.168.45.3:142
route_targets:
import:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
export:
- address_family: evpn
route_targets:
- - '42:42'
+ - 142:142
+ redistribute_routes:
+ - source_protocol: connected
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ router_id: 192.168.45.3
+ neighbors:
+ - ip_address: 172.17.0.7
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65000'
+ description: cv-pathfinder-edge2A_Ethernet53.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ - ip_address: 172.17.0.11
+ peer_group: IPv4-UNDERLAY-PEERS
+ remote_as: '65000'
+ description: cv-pathfinder-edge2B_Ethernet53.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ rd: 192.168.45.3:666
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - 666:666
+ export:
+ - address_family: evpn
+ route_targets:
+ - 666:666
redistribute_routes:
- source_protocol: connected
- name: default
@@ -122,6 +145,14 @@ router_bgp:
- 1101:1101
redistribute_routes:
- learned
+ - id: 666
+ tenant: TenantC
+ rd: 192.168.45.3:1666
+ route_targets:
+ both:
+ - 1666:1666
+ redistribute_routes:
+ - learned
service_routing_protocols_model: multi-agent
ip_routing: true
vlan_internal_order:
@@ -138,6 +169,9 @@ vrfs:
- name: PROD
tenant: TenantA
ip_routing: true
+- name: ATTRACTED-VRF-FROM-UPLINK
+ tenant: TenantC
+ ip_routing: true
management_api_http:
enable_vrfs:
- name: MGMT
@@ -152,26 +186,37 @@ ethernet_interfaces:
mtu: 9214
type: routed
ip_address: 172.17.0.6/31
-- name: Ethernet1.100
+- name: Ethernet1.1000
peer: cv-pathfinder-edge2A
- peer_interface: Ethernet53.100
+ peer_interface: Ethernet53.1000
peer_type: wan_router
vrf: IT
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.100_vrf_IT
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.6/31
-- name: Ethernet1.42
+- name: Ethernet1.142
peer: cv-pathfinder-edge2A
- peer_interface: Ethernet53.42
+ peer_interface: Ethernet53.142
peer_type: wan_router
vrf: PROD
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.42_vrf_PROD
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.142_vrf_PROD
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.6/31
+- name: Ethernet1.666
+ peer: cv-pathfinder-edge2A
+ peer_interface: Ethernet53.666
+ peer_type: wan_router
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2A_Ethernet53.666_vrf_ATTRACTED-VRF-FROM-UPLINK
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.6/31
- name: Ethernet2
@@ -183,26 +228,37 @@ ethernet_interfaces:
mtu: 9214
type: routed
ip_address: 172.17.0.10/31
-- name: Ethernet2.100
+- name: Ethernet2.1000
peer: cv-pathfinder-edge2B
- peer_interface: Ethernet53.100
+ peer_interface: Ethernet53.1000
peer_type: wan_router
vrf: IT
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.100_vrf_IT
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.1000_vrf_IT
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 100
+ encapsulation_dot1q_vlan: 1000
mtu: 9214
ip_address: 172.17.0.10/31
-- name: Ethernet2.42
+- name: Ethernet2.142
peer: cv-pathfinder-edge2B
- peer_interface: Ethernet53.42
+ peer_interface: Ethernet53.142
peer_type: wan_router
vrf: PROD
- description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.42_vrf_PROD
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.142_vrf_PROD
+ shutdown: false
+ type: l3dot1q
+ encapsulation_dot1q_vlan: 142
+ mtu: 9214
+ ip_address: 172.17.0.10/31
+- name: Ethernet2.666
+ peer: cv-pathfinder-edge2B
+ peer_interface: Ethernet53.666
+ peer_type: wan_router
+ vrf: ATTRACTED-VRF-FROM-UPLINK
+ description: P2P_LINK_TO_CV-PATHFINDER-EDGE2B_Ethernet53.666_vrf_ATTRACTED-VRF-FROM-UPLINK
shutdown: false
type: l3dot1q
- encapsulation_dot1q_vlan: 42
+ encapsulation_dot1q_vlan: 666
mtu: 9214
ip_address: 172.17.0.10/31
loopback_interfaces:
@@ -240,6 +296,9 @@ vlans:
- id: 101
name: VLAN101
tenant: TenantA
+- id: 666
+ name: VLAN666
+ tenant: TenantC
ip_igmp_snooping:
globally_enabled: true
ip_virtual_router_mac_address: 00:1c:73:00:00:01
@@ -250,6 +309,12 @@ vlan_interfaces:
shutdown: true
ip_address_virtual: 10.0.100.1/24
vrf: PROD
+- name: Vlan666
+ tenant: TenantC
+ description: VLAN666
+ shutdown: true
+ ip_address_virtual: 10.66.66.66/24
+ vrf: ATTRACTED-VRF-FROM-UPLINK
vxlan_interface:
Vxlan1:
description: site-ha-enabled-leaf2B_VTEP
@@ -261,10 +326,14 @@ vxlan_interface:
vni: 1100
- id: 101
vni: 1101
+ - id: 666
+ vni: 1666
vrfs:
- name: default
vni: 1
- name: IT
- vni: 100
+ vni: 1000
- name: PROD
- vni: 42
+ vni: 142
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vni: 666
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/AUTOVPN_TESTS.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/AUTOVPN_TESTS.yml
index b26073878db..ff058686c41 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/AUTOVPN_TESTS.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/AUTOVPN_TESTS.yml
@@ -108,6 +108,7 @@ tenants:
ip_address_virtual: 10.0.100.1/24
- name: IT
vrf_id: 100
+ address_families: []
l2vlans:
- id: 101
name: VLAN101
@@ -115,11 +116,13 @@ tenants:
wan_virtual_topologies:
vrfs:
- name: default
- policy: DEFAULT-AVT-POLICY
+ policy: DEFAULT-AUTOVPN-POLICY
+ wan_vni: 1
- name: PROD
- policy: PROD-AVT-POLICY
+ policy: PROD-AUTOVPN-POLICY
+ wan_vni: 42
policies:
- - name: PROD-AVT-POLICY
+ - name: PROD-AUTOVPN-POLICY
default_virtual_topology:
path_groups:
- names: [INET]
@@ -133,7 +136,7 @@ wan_virtual_topologies:
path_groups:
- names: [INET]
preference: preferred
- - name: DEFAULT-AVT-POLICY
+ - name: DEFAULT-AUTOVPN-POLICY
default_virtual_topology:
drop_unmatched: true
application_virtual_topologies:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CV_PATHFINDER_TESTS.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CV_PATHFINDER_TESTS.yml
index 8baae396b42..c4694eb5a19 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CV_PATHFINDER_TESTS.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CV_PATHFINDER_TESTS.yml
@@ -278,18 +278,20 @@ tenants:
vrfs:
- name: default
vrf_id: 1
+ # Checking static route on VRF default is redistributed in a route-map
static_routes:
- destination_address_prefix: 66.66.66.0/24
gateway: 172.17.0.0
nodes: [cv-pathfinder-edge]
- name: PROD
- vrf_id: 42
+ # Showing that wan_vni and vrf_id can be different. `vrf_id` influences the subinterface id.
+ vrf_id: 142
svis:
- id: 100
name: VLAN100
ip_address_virtual: 10.0.100.1/24
- name: IT
- vrf_id: 100
+ vrf_id: 1000
l2vlans:
- id: 101
name: VLAN101
@@ -299,19 +301,42 @@ tenants:
vrf_id: 1
- name: TRANSIT
vrf_id: 66
+ # Test that a VRF with address_families: [] on a WAN router is not configured on Vxlan1 interface nor BGP
+ - name: NOT-WAN-VRF
+ vrf_id: 13
+ address_families: []
+ - name: TenantC
+ mac_vrf_vni_base: 1000
+ vrfs:
+ # Test adding a VRF on an uplink switch and seeing it configured on the WAN routers
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ vrf_id: 666
+ svis:
+ - id: 666
+ name: VLAN666
+ ip_address_virtual: 10.66.66.66/24
+ nodes:
+ - node: site-ha-disabled-leaf
+ ip_address: 10.66.66.1
wan_virtual_topologies:
vrfs:
- name: default
policy: DEFAULT-AVT-POLICY
+ wan_vni: 1
- name: PROD
policy: PROD-AVT-POLICY
+ wan_vni: 42
# Testing reusing the same policy as default VRF
- name: IT
policy: DEFAULT-AVT-POLICY
+ wan_vni: 100
# Testing a VRF only on transit and not edge
- name: TRANSIT
policy: TRANSIT-AVT-POLICY
+ wan_vni: 66
+ - name: ATTRACTED-VRF-FROM-UPLINK
+ wan_vni: 166
policies:
- name: PROD-AVT-POLICY
default_virtual_topology:
@@ -361,6 +386,7 @@ wan_virtual_topologies:
preference: alternate
application_virtual_topologies:
- application_profile: VOICE
+ name: CUSTOM-VOICE-PROFILE-NAME
path_groups:
- names: [MPLS]
preference: preferred
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/autovpn-edge-no-default-policy.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/autovpn-edge-no-default-policy.yml
index f135020f201..3ba5dfe7547 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/autovpn-edge-no-default-policy.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/autovpn-edge-no-default-policy.yml
@@ -76,5 +76,9 @@ tenants:
- name: IT
vrf_id: 100
-# empty
-wan_virtual_topologies: null
+wan_virtual_topologies:
+ vrfs:
+ - name: PROD
+ wan_vni: 42
+ - name: IT
+ wan_vni: 100
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/cv-pathfinder-edge-custom-default-policy.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/cv-pathfinder-edge-custom-default-policy.yml
new file mode 100644
index 00000000000..d9698ef5437
--- /dev/null
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/cv-pathfinder-edge-custom-default-policy.yml
@@ -0,0 +1,146 @@
+---
+# Testing CV pathfinder edge with no policy in VRF default to make sure the correct
+# default policy is auto generated by AVD
+wan_mode: cv-pathfinder
+# Disabling underlay for tests
+underlay_routing_protocol: none
+
+bgp_as: 65000
+
+cv_pathfinder_regions:
+ - name: AVD_Land_West
+ id: 42
+ description: AVD Region
+ sites:
+ - name: Site1
+ id: 1
+ location: one place
+
+bgp_peer_groups:
+ wan_overlay_peers:
+ password: "htm4AZe9mIQOO1uiMuGgYQ=="
+ # Overwriting TTL
+ ttl_maximum_hops: 42
+ listen_range_prefixes:
+ - 192.168.255.0/24
+
+wan_route_servers:
+ - hostname: cv-pathfinder-pathfinder
+
+wan_ipsec_profiles:
+ control_plane:
+ shared_key: ABCDEF1234567890
+ data_plane:
+ shared_key: ABCDEF1234567890666
+
+default_node_types:
+ - node_type: wan_router
+ match_hostnames:
+ - "cv-pathfinder-edge.*"
+
+wan_router:
+ defaults:
+ loopback_ipv4_pool: 192.168.42.0/24
+ vtep_loopback_ipv4_pool: 192.168.255.0/24
+ filter:
+ always_include_vrfs_in_tenants: [TenantA]
+ deny_vrfs: [IT]
+ nodes:
+ - name: cv-pathfinder-edge-custom-default-policy
+ cv_pathfinder_region: AVD_Land_West
+ cv_pathfinder_site: Site1
+ id: 1
+ l3_interfaces:
+ - name: Ethernet1
+ wan_carrier: ATT
+ wan_circuit_id: 666
+ dhcp_accept_default_route: true
+ ip_address: dhcp
+ - name: Ethernet2
+ wan_carrier: Colt
+ wan_circuit_id: 10555
+ ip_address: 172.15.5.5/31
+ - name: Ethernet3
+ wan_carrier: Comcast-5G
+ wan_circuit_id: AF830
+ ip_address: 172.20.20.20/31
+ connected_to_pathfinder: False
+
+wan_path_groups:
+ - name: MPLS
+ ipsec: false
+ # TODO remove one once auto-id is implemented - for now required in schema
+ id: 100
+ - name: INET
+ id: 101
+ - name: LTE
+ id: 102
+ - name: Equinix
+ id: 103
+ - name: Satellite
+ id: 104
+
+wan_carriers:
+ - name: Comcast
+ path_group: INET
+ - name: ATT
+ path_group: INET
+ - name: Bouygues_Telecom
+ path_group: INET
+ - name: SFR
+ path_group: INET
+ - name: Orange
+ path_group: INET
+ - name: Another-ISP
+ path_group: INET
+ - name: Colt
+ path_group: MPLS
+ - name: ATT-MPLS
+ path_group: MPLS
+ - name: Comcast-5G
+ path_group: LTE
+ - name: Inmrasat
+ path_group: Satellite
+
+tenants:
+ - name: TenantA
+ vrfs:
+ - name: default
+ vrf_id: 1
+ - name: PROD
+ vrf_id: 42
+ - name: IT
+ vrf_id: 100
+
+wan_virtual_topologies:
+ vrfs:
+ # No policy for default or PROD, going to use DEFAULT-POLICY
+ # overwrite DEFAULT-POLICY below
+ - name: default
+ wan_vni: 1
+ - name: PROD
+ wan_vni: 42
+ policies:
+ # Name of the DEFAULT-POLICY being overwritten
+ - name: DEFAULT-POLICY
+ default_virtual_topology:
+ path_groups:
+ - names: [INET]
+ - names: [LTE]
+ preference: 42
+ application_virtual_topologies:
+ - application_profile: VIDEO
+ path_groups:
+ - names: [MPLS, INET]
+ preference: preferred
+ id: 3
+
+application_classification:
+ application_profiles:
+ - name: VIDEO
+ # Testing categories filtering
+ applications:
+ # Testing applications in application-profiles filtering
+ - name: CUSTOM-APPLICATION-1
+ # Builtin application that should not raise
+ - name: skype
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/cv-pathfinder-edge-no-default-policy.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/cv-pathfinder-edge-no-default-policy.yml
index f46cdb3efff..e7e0cbb0e40 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/cv-pathfinder-edge-no-default-policy.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/cv-pathfinder-edge-no-default-policy.yml
@@ -119,4 +119,9 @@ tenants:
- name: IT
vrf_id: 100
-wan_virtual_topologies: null
+wan_virtual_topologies:
+ vrfs:
+ - name: PROD
+ wan_vni: 42
+ - name: IT
+ wan_vni: 100
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml
index a5f10361f8c..be7744c1d22 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml
@@ -320,6 +320,7 @@ all:
hosts:
autovpn-edge-no-default-policy:
cv-pathfinder-edge-no-default-policy:
+ cv-pathfinder-edge-custom-default-policy:
UPLINK_P2P_VRFS_TESTS:
hosts:
UPLINK_P2P_VRFS_TESTS_SPINE1:
diff --git a/ansible_collections/arista/avd/plugins/plugin_utils/eos_designs_facts/wan.py b/ansible_collections/arista/avd/plugins/plugin_utils/eos_designs_facts/wan.py
index 684fa81d8e4..cbc0f88edf6 100644
--- a/ansible_collections/arista/avd/plugins/plugin_utils/eos_designs_facts/wan.py
+++ b/ansible_collections/arista/avd/plugins/plugin_utils/eos_designs_facts/wan.py
@@ -6,6 +6,8 @@
from functools import cached_property
from typing import TYPE_CHECKING
+from ansible_collections.arista.avd.plugins.filter.natural_sort import natural_sort
+
if TYPE_CHECKING:
from .eos_designs_facts import EosDesignsFacts
@@ -30,3 +32,31 @@ def wan_path_groups(self: EosDesignsFacts) -> list | None:
return None
return self.shared_utils.wan_local_path_groups
+
+ @cached_property
+ def wan_router_uplink_vrfs(self: EosDesignsFacts) -> list[str] | None:
+ """
+ Exposed in avd_switch_facts
+
+ Return the list of VRF names present on uplink switches.
+ These VRFs will be attracted (configured) on WAN "clients" (edge/transit) unless filtered.
+
+ Note that if the attracted VRFs do not have 'wan_vni' set, the code for interface Vxlan1 will raise an error.
+ """
+ if not self.shared_utils.is_wan_client or self.shared_utils.uplink_type != "p2p-vrfs":
+ return None
+
+ # Partially recreating logic from 'uplinks', but since this fact is used to build 'filtered_tenants',
+ # which in turn is used to build 'uplinks', we cannot reuse 'uplinks' (recursion)
+
+ # Since uplinks logic silently skips extra entries in uplink vars, we only need to parse shortest list.
+ min_length = min(len(self._uplink_switch_interfaces), len(self._uplink_interfaces), len(self.shared_utils.uplink_switches))
+ # Using set to only get unique uplink switches
+ unique_uplink_switches = set(self.shared_utils.uplink_switches[:min_length])
+
+ vrfs = set()
+ for uplink_switch in unique_uplink_switches:
+ uplink_switch_facts = self.shared_utils.get_peer_facts(uplink_switch)
+ vrfs.update(uplink_switch_facts.shared_utils.vrfs)
+
+ return natural_sort(vrfs) or None
diff --git a/ansible_collections/arista/avd/plugins/plugin_utils/eos_designs_shared_utils/filtered_tenants.py b/ansible_collections/arista/avd/plugins/plugin_utils/eos_designs_shared_utils/filtered_tenants.py
index 03497d2e6df..4ca5eebb2f5 100644
--- a/ansible_collections/arista/avd/plugins/plugin_utils/eos_designs_shared_utils/filtered_tenants.py
+++ b/ansible_collections/arista/avd/plugins/plugin_utils/eos_designs_shared_utils/filtered_tenants.py
@@ -171,16 +171,32 @@ def is_accepted_vrf(self: SharedUtils, vrf: dict) -> bool:
not self.filter_deny_vrfs or vrf["name"] not in self.filter_deny_vrfs
)
+ def is_forced_vrf(self: SharedUtils, vrf: dict) -> bool:
+ """
+ Returns True if the given VRF name should be configured even without any loopbacks or SVIs etc.
+
+ There can be various causes for this:
+ - The VRF is part of a tenant set under 'always_include_vrfs_in_tenants'
+ - 'always_include_vrfs_in_tenants' is set to ['all']
+ - This is a WAN router and the VRF present on the uplink switch.
+ Note that if the attracted VRF does not have a wan_vni configured, the code for interface Vxlan1 will raise an error.
+ """
+ if "all" in self.always_include_vrfs_in_tenants or vrf["tenant"] in self.always_include_vrfs_in_tenants:
+ return True
+
+ if self.is_wan_client and vrf["name"] in (self.get_switch_fact("wan_router_uplink_vrfs", required=False) or []):
+ return True
+
+ return False
+
def filtered_vrfs(self: SharedUtils, tenant: dict) -> list[dict]:
"""
Return sorted and filtered vrf list from given tenant.
- Filtering based on svi tags, l3interfaces and filter.always_include_vrfs_in_tenants.
+ Filtering based on svi tags, l3interfaces, loopbacks or self.is_forced_vrf() check.
Keys of VRF data model will be converted to lists.
"""
filtered_vrfs = []
- always_include_vrfs_in_tenants = get(self.switch_data_combined, "filter.always_include_vrfs_in_tenants", default=[])
-
vrfs: list[dict] = natural_sort(convert_dicts(tenant.get("vrfs", []), "name"), "name")
for original_vrf in vrfs:
if not self.is_accepted_vrf(original_vrf):
@@ -254,13 +270,7 @@ def filtered_vrfs(self: SharedUtils, tenant: dict) -> list[dict]:
)
]
- if (
- vrf["svis"]
- or vrf["l3_interfaces"]
- or vrf["loopbacks"]
- or "all" in always_include_vrfs_in_tenants
- or tenant["name"] in always_include_vrfs_in_tenants
- ):
+ if vrf["svis"] or vrf["l3_interfaces"] or vrf["loopbacks"] or self.is_forced_vrf(vrf):
filtered_vrfs.append(vrf)
return filtered_vrfs
diff --git a/ansible_collections/arista/avd/plugins/plugin_utils/eos_designs_shared_utils/misc.py b/ansible_collections/arista/avd/plugins/plugin_utils/eos_designs_shared_utils/misc.py
index 7a0e8186995..4aaee270ed7 100644
--- a/ansible_collections/arista/avd/plugins/plugin_utils/eos_designs_shared_utils/misc.py
+++ b/ansible_collections/arista/avd/plugins/plugin_utils/eos_designs_shared_utils/misc.py
@@ -79,6 +79,10 @@ def filter_deny_vrfs(self: SharedUtils) -> list:
def filter_tenants(self: SharedUtils) -> list:
return get(self.switch_data_combined, "filter.tenants", default=["all"])
+ @cached_property
+ def always_include_vrfs_in_tenants(self: SharedUtils) -> list:
+ return get(self.switch_data_combined, "filter.always_include_vrfs_in_tenants", default=[])
+
@cached_property
def igmp_snooping_enabled(self: SharedUtils) -> bool:
default_igmp_snooping_enabled = get(self.hostvars, "default_igmp_snooping_enabled", default=True)
diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-virtual-topologies.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-virtual-topologies.md
index 11443fcc415..0d7766d9126 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-virtual-topologies.md
+++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-virtual-topologies.md
@@ -10,7 +10,8 @@
| [wan_virtual_topologies](## "wan_virtual_topologies") | Dictionary | | | | PREVIEW: WAN Preview
Configure Virtual Topologies for CV Pathfinder and AutoVPN.
Auto create a control plane profile/policy/application and enforce it being first in the default VRF. |
| [ vrfs](## "wan_virtual_topologies.vrfs") | List, items: Dictionary | | | | Map a VRF that exists in network_services to an AVT policy.
TODO: missing default VRF behavior |
| [ - name](## "wan_virtual_topologies.vrfs.[].name") | String | Required, Unique | | | VRF name. |
- | [ policy](## "wan_virtual_topologies.vrfs.[].policy") | String | | | | Name of the AVT policy to apply to this VRF. |
+ | [ policy](## "wan_virtual_topologies.vrfs.[].policy") | String | | `DEFAULT-POLICY` | | Name of the policy to apply to this VRF.
It is possible to overwrite the default policy for all VRFs using it
by redefining it in the `wan_virtual_topologies.policies` list using the
default name `DEFAULT-POLICY`. |
+ | [ wan_vni](## "wan_virtual_topologies.vrfs.[].wan_vni") | Integer | Required | | Min: 1
Max: 255 | Required for VRFs carried over AutoVPN or CV Pathfinder WAN.
A VRF can have different VNIs between the Datacenters and the WAN.
Note that if no VRF default is configured for WAN, AVD will automatically inject the VRF default with
`wan_vni` set to `1`.
In addition either `vrf_id` or `vrf_vni` must be set to enforce consistent route-targets across domains. |
| [ control_plane_virtual_topology](## "wan_virtual_topologies.control_plane_virtual_topology") | Dictionary | | | | Always injected into the default VRF policy as the first entry.
By default, if no path-groups are specified, all locally available path-groups
are used in the generated load-balance policy.
ID is hardcoded to 254 for the AVT profile in CV Pathfinder mode. |
| [ name](## "wan_virtual_topologies.control_plane_virtual_topology.name") | String | | | | Optional name, if not set `CONTROL-PLANE-PROFILE` is used. |
| [ traffic_class](## "wan_virtual_topologies.control_plane_virtual_topology.traffic_class") | Integer | | | Min: 0
Max: 7 | Set traffic-class for matched traffic. |
@@ -70,8 +71,19 @@
# VRF name.
- name:
- # Name of the AVT policy to apply to this VRF.
- policy:
+ # Name of the policy to apply to this VRF.
+ # It is possible to overwrite the default policy for all VRFs using it
+ # by redefining it in the `wan_virtual_topologies.policies` list using the
+ # default name `DEFAULT-POLICY`.
+ policy:
+
+ # Required for VRFs carried over AutoVPN or CV Pathfinder WAN.
+ #
+ # A VRF can have different VNIs between the Datacenters and the WAN.
+ # Note that if no VRF default is configured for WAN, AVD will automatically inject the VRF default with
+ # `wan_vni` set to `1`.
+ # In addition either `vrf_id` or `vrf_vni` must be set to enforce consistent route-targets across domains.
+ wan_vni:
# Always injected into the default VRF policy as the first entry.
#
diff --git a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/application_traffic_recognition.py b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/application_traffic_recognition.py
index 2071e29e8ab..e69daa2f90d 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/application_traffic_recognition.py
+++ b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/application_traffic_recognition.py
@@ -142,7 +142,6 @@ def _filtered_application_classification(self) -> dict:
input_application_classification = get(self._hostvars, "application_classification", {})
# Application profiles first
application_profiles = []
- # TODO inject "application_profile": "CONTROL-PLANE-APPLICATION-PROFILE",
def _append_object_to_list_of_dicts(path: str, obj_name: str, list_of_dicts: list, message: str | None = None, required=True) -> None:
"""
diff --git a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/router_adaptive_virtual_topology.py b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/router_adaptive_virtual_topology.py
index 34eddfa0e6d..93b2aa55869 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/router_adaptive_virtual_topology.py
+++ b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/router_adaptive_virtual_topology.py
@@ -41,17 +41,15 @@ def _cv_pathfinder_wan_vrfs(self) -> list:
wan_vrfs = []
for vrf in self._filtered_wan_vrfs:
- wan_vrf = vrf.copy()
+ wan_vrf = {"name": vrf["name"], "policy": vrf["policy"]}
# Need to allocate an ID for each profile in the policy, for now picked up from the input.
policy = get_item(
self._augmented_cv_pathfinder_policies,
"name",
- wan_vrf[self._wan_policy_key],
+ wan_vrf["policy"],
required=True,
- custom_error_msg=(
- f"The policy {wan_vrf[self._wan_policy_key]} used in vrf {wan_vrf['name']} is not configured under 'wan_virtual_topologies.policies'."
- ),
+ custom_error_msg=(f"The policy {wan_vrf['policy']} used in vrf {wan_vrf['name']} is not configured under 'wan_virtual_topologies.policies'."),
)
for match in policy.get("matches", []):
@@ -70,8 +68,6 @@ def _cv_pathfinder_wan_vrfs(self) -> list:
def _augmented_cv_pathfinder_policies(self) -> list:
"""
Return a list of augmented CV_Pathfinder Policies with an `_id` key to be used when rendering VRFs.
-
- Insert the policy for default VRF using {name}-WITH-CP
"""
if not self.shared_utils.is_cv_pathfinder_router:
return []
@@ -87,8 +83,6 @@ def _augmented_cv_pathfinder_policies(self) -> list:
}
if get(avt_policy, "is_default", default=False):
- # Update policy name
- cv_pathfinder_policy["name"] = f"{cv_pathfinder_policy['name']}-WITH-CP"
cv_pathfinder_policy["matches"].append(
{
"application_profile": self._wan_control_plane_application_profile,
@@ -107,7 +101,7 @@ def _augmented_cv_pathfinder_policies(self) -> list:
"avt_profile": get(
application_virtual_topology,
"name",
- default=self._default_profile_name(avt_policy["name"], application_virtual_topology["application_profile"]),
+ default=self._default_profile_name(avt_policy["profile_prefix"], application_virtual_topology["application_profile"]),
),
"traffic_class": get(application_virtual_topology, "traffic_class"),
"dscp": get(application_virtual_topology, "dscp"),
@@ -122,7 +116,7 @@ def _augmented_cv_pathfinder_policies(self) -> list:
cv_pathfinder_policy["matches"].append(
{
"application_profile": application_profile,
- "avt_profile": get(default_virtual_topology, "name", default=self._default_profile_name(avt_policy["name"], "DEFAULT")),
+ "avt_profile": get(default_virtual_topology, "name", default=self._default_profile_name(avt_policy["profile_prefix"], "DEFAULT")),
"traffic_class": get(default_virtual_topology, "traffic_class"),
"dscp": get(default_virtual_topology, "dscp"),
# Storing id as _id to avoid schema validation and be able to pick up in VRFs
@@ -156,7 +150,7 @@ def _cv_pathfinder_profiles(self) -> list:
if not self.shared_utils.is_cv_pathfinder_router:
return []
- # Control Plan profile
+ # Control Plane profile
cv_pathfinder_profiles = [
{"name": self._wan_control_plane_profile, "load_balance_policy": self.shared_utils.generate_lb_policy_name(self._wan_control_plane_profile)}
]
@@ -165,7 +159,7 @@ def _cv_pathfinder_profiles(self) -> list:
name = get(
application_virtual_topology,
"name",
- default=self._default_profile_name(avt_policy["name"], application_virtual_topology["application_profile"]),
+ default=self._default_profile_name(avt_policy["profile_prefix"], application_virtual_topology["application_profile"]),
)
append_if_not_duplicate(
list_of_dicts=cv_pathfinder_profiles,
@@ -182,7 +176,7 @@ def _cv_pathfinder_profiles(self) -> list:
name = get(
default_virtual_topology,
"name",
- default=self._default_profile_name(avt_policy["name"], "DEFAULT"),
+ default=self._default_profile_name(avt_policy["profile_prefix"], "DEFAULT"),
)
append_if_not_duplicate(
list_of_dicts=cv_pathfinder_profiles,
diff --git a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/router_path_selection.py b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/router_path_selection.py
index f5377469dfd..361f0624ead 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/router_path_selection.py
+++ b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/router_path_selection.py
@@ -30,16 +30,17 @@ def router_path_selection(self) -> dict | None:
"load_balance_policies": self._wan_load_balance_policies,
}
- # When running CV Pathfinder, only load balance policies
- if self.shared_utils.is_cv_pathfinder_router:
- return strip_empties_from_dict(router_path_selection)
-
- router_path_selection.update(
- {
- "policies": self._autovpn_policies,
- "vrfs": self._filtered_wan_vrfs,
- }
- )
+ # When running CV Pathfinder, only load balance policies are configured
+ # for AutoVPN, need also vrfs and policies.
+ if self.shared_utils.wan_mode == "autovpn":
+ vrfs = [{"name": vrf["name"], "path_selection_policy": vrf["policy"]} for vrf in self._filtered_wan_vrfs]
+
+ router_path_selection.update(
+ {
+ "policies": self._autovpn_policies,
+ "vrfs": vrfs,
+ }
+ )
return strip_empties_from_dict(router_path_selection)
@@ -57,8 +58,6 @@ def _autovpn_policies(self) -> list:
}
if get(policy, "is_default", default=False):
- # Update policy name
- autovpn_policy["name"] = f"{autovpn_policy['name']}-WITH-CP"
autovpn_policy.setdefault("rules", []).append(
{
"id": 10,
@@ -72,7 +71,7 @@ def _autovpn_policies(self) -> list:
name = get(
application_virtual_topology,
"name",
- default=self._default_profile_name(policy["name"], application_virtual_topology["application_profile"]),
+ default=self._default_profile_name(policy["profile_prefix"], application_virtual_topology["application_profile"]),
)
application_profile = get(application_virtual_topology, "application_profile", required=True)
autovpn_policy.setdefault("rules", []).append(
@@ -87,7 +86,7 @@ def _autovpn_policies(self) -> list:
name = get(
default_virtual_topology,
"name",
- default=self._default_profile_name(policy["name"], "DEFAULT"),
+ default=self._default_profile_name(policy["profile_prefix"], "DEFAULT"),
)
autovpn_policy["default_match"] = {"load_balance": self.shared_utils.generate_lb_policy_name(name)}
diff --git a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/utils.py b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/utils.py
index 76231f197a4..55074225233 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/utils.py
+++ b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/utils.py
@@ -6,6 +6,7 @@
import ipaddress
from functools import cached_property
+from ansible_collections.arista.avd.plugins.filter.natural_sort import natural_sort
from ansible_collections.arista.avd.plugins.plugin_utils.eos_designs_shared_utils import SharedUtils
from ansible_collections.arista.avd.plugins.plugin_utils.errors import AristaAvdError, AristaAvdMissingVariableError
from ansible_collections.arista.avd.plugins.plugin_utils.utils import append_if_not_duplicate, default, get, get_item
@@ -120,7 +121,7 @@ def _vrf_default_ipv4_static_routes(self) -> dict:
redistribute_in_overlay = False
return {
- "static_routes": list(vrf_default_ipv4_static_routes),
+ "static_routes": natural_sort(vrf_default_ipv4_static_routes),
"redistribute_in_underlay": redistribute_in_underlay,
"redistribute_in_overlay": redistribute_in_overlay,
}
@@ -204,13 +205,6 @@ def _wan_control_plane_application_profile(self) -> str:
"""
return "CONTROL-PLANE-APPLICATION-PROFILE"
- @cached_property
- def _wan_policy_key(self) -> str:
- """
- The key for policies is different for AutoVPN and CV Pathfinder
- """
- return "policy" if self.shared_utils.wan_mode == "cv-pathfinder" else "path_selection_policy"
-
def _generate_wan_load_balance_policy(self, name: str, input_dict: dict, context_path: str) -> dict:
"""
Generate and return a router path-selection load-balance policy. If HA is enabled, inject the HA path-group with priority 1.
@@ -305,23 +299,29 @@ def _wan_load_balance_policies(self) -> list:
default={"path_groups": [{"names": self._local_path_groups_connected_to_pathfinder}]},
)
- wan_load_balance_policies = [
- self._generate_wan_load_balance_policy(
- self.shared_utils.generate_lb_policy_name(self._wan_control_plane_profile),
- control_plane_virtual_topology,
- self._default_vrf_policy["name"],
- )
- ]
+ wan_load_balance_policies = []
+
for policy in self._filtered_wan_policies:
+ if get(policy, "is_default", default=False):
+ # for the default policy, need to render the control_plane_virtual_topology
+ wan_load_balance_policies.append(
+ self._generate_wan_load_balance_policy(
+ self.shared_utils.generate_lb_policy_name(self._wan_control_plane_profile),
+ control_plane_virtual_topology,
+ policy["name"],
+ )
+ )
+
for application_virtual_topology in get(policy, "application_virtual_topologies", []):
# TODO add internet exit once supported
name = get(
application_virtual_topology,
"name",
- default=self._default_profile_name(policy["name"], application_virtual_topology["application_profile"]),
+ default=self._default_profile_name(policy["profile_prefix"], application_virtual_topology["application_profile"]),
)
context_path = (
- f"wan_virtual_topologies.policies[{policy['name']}].application_virtual_topologies[{application_virtual_topology['application_profile']}]"
+ f"wan_virtual_topologies.policies[{policy['profile_prefix']}]."
+ f"application_virtual_topologies[{application_virtual_topology['application_profile']}]"
)
append_if_not_duplicate(
list_of_dicts=wan_load_balance_policies,
@@ -334,11 +334,14 @@ def _wan_load_balance_policies(self) -> list:
)
default_virtual_topology = get(
- policy, "default_virtual_topology", required=True, org_key=f"wan_virtual_topologies.policies[{policy['name']}].default_virtual_toplogy"
+ policy,
+ "default_virtual_topology",
+ required=True,
+ org_key=f"wan_virtual_topologies.policies[{policy['profile_prefix']}].default_virtual_toplogy",
)
if not get(default_virtual_topology, "drop_unmatched", default=False):
- name = get(default_virtual_topology, "name", default=self._default_profile_name(policy["name"], "DEFAULT"))
- context_path = f"wan_virtual_topologies.policies[{policy['name']}].default_virtual_topology"
+ name = get(default_virtual_topology, "name", default=self._default_profile_name(policy["profile_prefix"], "DEFAULT"))
+ context_path = f"wan_virtual_topologies.policies[{policy['profile_prefix']}].default_virtual_topology"
# Verify that path_groups are set or raise
get(
@@ -365,13 +368,15 @@ def _filtered_wan_vrfs(self) -> list:
"""
wan_vrfs = []
- for avt_vrf in get(self._hostvars, "wan_virtual_topologies.vrfs", []):
- vrf_name = avt_vrf["name"]
+ for vrf in get(self._hostvars, "wan_virtual_topologies.vrfs", []):
+ vrf_name = vrf["name"]
if vrf_name in self.shared_utils.vrfs or self.shared_utils.is_wan_server:
- # TODO check that the policy exists or raise
wan_vrf = {
"name": vrf_name,
- self._wan_policy_key: get(avt_vrf, "policy", required=True),
+ "policy": get(vrf, "policy", default=self._default_wan_policy["name"]),
+ "wan_vni": get(
+ vrf, "wan_vni", required=True, org_key=f"Required `wan_vni` is missing for VRF {vrf_name} under `wan_virtual_topologies.vrfs`."
+ ),
}
wan_vrfs.append(wan_vrf)
@@ -381,71 +386,71 @@ def _filtered_wan_vrfs(self) -> list:
wan_vrfs.append(
{
"name": "default",
- self._wan_policy_key: f"{self._default_vrf_policy['name']}-WITH-CP",
+ "policy": f"{self._default_wan_policy['name']}-WITH-CP",
+ "wan_vni": 1,
+ "original_policy": self._default_wan_policy["name"],
}
)
else:
- vrf_default[self._wan_policy_key] = f"{vrf_default[self._wan_policy_key]}-WITH-CP"
+ vrf_default["original_policy"] = vrf_default["policy"]
+ vrf_default["policy"] = f"{vrf_default['policy']}-WITH-CP"
return wan_vrfs
+ @cached_property
+ def _wan_policies(self) -> list:
+ """ """
+ policies = get(self._hostvars, "wan_virtual_topologies.policies", default=[])
+ # If not overwritten, inject the default policy in case it is required for one of the VRFs
+ if get_item(policies, "name", self._default_wan_policy["name"]) is None:
+ policies.append(self._default_wan_policy)
+
+ return policies
+
@cached_property
def _filtered_wan_policies(self) -> list:
"""
Loop through all the VRFs defined under `wan_virtual_topologies.vrfs` and returns a list of policies to configure on this device.
-
inject the default_vrf_policy
"""
- policies = get(self._hostvars, "wan_virtual_topologies.policies", default=[])
- # Need to handle VRF default differently
- filtered_policies = [
- get_item(
- policies,
+ # to track the names already injected
+ filtered_policy_names = []
+ filtered_policies = []
+ for vrf in self._filtered_wan_vrfs:
+ # Need to handle VRF default differently and lookup for the original policy
+ lookup_name = get(vrf, "original_policy", default=vrf["policy"])
+ vrf_policy = get_item(
+ self._wan_policies,
"name",
- wan_vrf[self._wan_policy_key],
+ lookup_name,
required=True,
custom_error_msg=(
- f"The policy {wan_vrf[self._wan_policy_key]} applied to vrf {wan_vrf['name']} under `wan_virtual_topologies.vrfs` is not "
+ f"The policy {lookup_name} applied to vrf {vrf['name']} under `wan_virtual_topologies.vrfs` is not "
"defined under `wan_virtual_topologies.policies`."
),
- )
- for wan_vrf in self._filtered_wan_vrfs
- if wan_vrf["name"] != "default"
- ]
- filtered_policies.append(self._default_vrf_policy)
+ ).copy()
+
+ if vrf["name"] == "default":
+ vrf_policy["is_default"] = True
+ vrf_policy["profile_prefix"] = lookup_name
+ vrf_policy["name"] = f"{vrf_policy['name']}-WITH-CP"
+ else:
+ vrf_policy["profile_prefix"] = vrf_policy["name"]
+
+ if vrf_policy["name"] not in filtered_policy_names:
+ filtered_policy_names.append(vrf_policy["name"])
+ filtered_policies.append(vrf_policy)
+
return filtered_policies
@cached_property
- def _default_vrf_policy(self) -> dict:
+ def _default_wan_policy(self) -> dict:
"""
- Retrieves the name of the policy used for the default VRF and appending -WITH-CP to its name.
-
- If not policy is defined for VRF default under 'wan_virtual_topologies.vrfs', use a default policy named DEFAULT-AVT-POLICY-WITH-CP where all
- traffic is matched in the default category and distributed amongst all path-groups.
+ If no policy is defined for a VRF under 'wan_virtual_topologies.vrfs', a default policy named DEFAULT-POLICY is used
+ where all traffic is matched in the default category and distributed amongst all path-groups.
"""
- vrfs = get(self._hostvars, "wan_virtual_topologies.vrfs", [])
- default_vrf = get_item(vrfs, "name", "default", default={})
-
- if (vrf_default_policy := get(default_vrf, "policy")) is not None:
- policies = get(self._hostvars, "wan_virtual_topologies.policies", default=[])
- # copy is safe here as we change only the name
- default_policy = get_item(
- policies,
- "name",
- vrf_default_policy,
- required=True,
- custom_error_msg=(
- f"The policy {vrf_default_policy} defined for vrf default under 'wan_virtual_topologies.vrfs' "
- "is not defined under 'wan_virtual_topologies.policies'."
- ),
- ).copy()
- else:
- wan_local_path_group_names = [path_group["name"] for path_group in self.shared_utils.wan_local_path_groups]
- default_policy = {"name": "DEFAULT-AVT-POLICY", "default_virtual_topology": {"path_groups": [{"names": wan_local_path_group_names}]}}
-
- default_policy["is_default"] = True
-
- return default_policy
+ wan_local_path_group_names = [path_group["name"] for path_group in self.shared_utils.wan_local_path_groups]
+ return {"name": "DEFAULT-POLICY", "default_virtual_topology": {"path_groups": [{"names": wan_local_path_group_names}]}}
def _default_profile_name(self, profile_name: str, application_profile: str) -> str:
"""
diff --git a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vxlan_interface.py b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vxlan_interface.py
index 42e40136987..81a09302ff3 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vxlan_interface.py
+++ b/ansible_collections/arista/avd/roles/eos_designs/python_modules/network_services/vxlan_interface.py
@@ -9,7 +9,7 @@
from ansible_collections.arista.avd.plugins.filter.natural_sort import natural_sort
from ansible_collections.arista.avd.plugins.filter.range_expand import range_expand
from ansible_collections.arista.avd.plugins.plugin_utils.errors import AristaAvdError, AristaAvdMissingVariableError
-from ansible_collections.arista.avd.plugins.plugin_utils.utils import append_if_not_duplicate, default, get, unique
+from ansible_collections.arista.avd.plugins.plugin_utils.utils import append_if_not_duplicate, default, get, get_item, unique
from .utils import UtilsMixin
@@ -132,10 +132,23 @@ def _get_vxlan_interface_config_for_vrf(self, vrf: dict, tenant: dict, vrfs: lis
if "evpn" not in vrf.get("address_families", ["evpn"]):
return
- vni = default(
- vrf.get("vrf_vni"),
- vrf.get("vrf_id"),
- )
+ if self.shared_utils.is_wan_router:
+ # Every VRF with EVPN on a WAN router must have a wan_vni defined.
+ error_message = (
+ f"The VRF '{vrf_name}' does not have a `wan_vni` defined under 'wan_virtual_topologies'. "
+ "If this VRF was not intended to be extended over the WAN, but still required to be configured on the WAN router, "
+ "set 'address_families: []' under the VRF definition. If this VRF was not intended to be configured on the WAN router, "
+ "use the VRF filter 'deny_vrfs' under the node settings."
+ )
+ wan_vrf = get_item(self._filtered_wan_vrfs, "name", vrf_name, required=True, custom_error_msg=error_message)
+ vni = get(wan_vrf, "wan_vni", required=True, org_key=error_message)
+ else:
+ vni = default(
+ vrf.get("vrf_vni"),
+ vrf.get("vrf_id"),
+ )
+
+ # NOTE: this can never be None here, it would be caught previously in the code
id = default(
vrf.get("vrf_id"),
vrf.get("vrf_vni"),
@@ -145,10 +158,6 @@ def _get_vxlan_interface_config_for_vrf(self, vrf: dict, tenant: dict, vrfs: lis
# This is legacy behavior so we will leave stricter enforcement to the schema
vrf_data = {"name": vrf_name, "vni": vni}
- # TODO need to handle this better from a design point of view
- if self.shared_utils.is_wan_router and vni > 255:
- raise AristaAvdError("VNI for WAN with DPS use cases cannot be > 255, got '{vni}' for vrf '{vrf_name}' in tenant '{tenant['name']}'.")
-
if get(vrf, "_evpn_l3_multicast_enabled"):
underlay_l3_multicast_group_ipv4_pool = get(
tenant,
diff --git a/ansible_collections/arista/avd/roles/eos_designs/schemas/eos_designs.jsonschema.json b/ansible_collections/arista/avd/roles/eos_designs/schemas/eos_designs.jsonschema.json
index bcf95fe2866..d9917a37743 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/schemas/eos_designs.jsonschema.json
+++ b/ansible_collections/arista/avd/roles/eos_designs/schemas/eos_designs.jsonschema.json
@@ -24884,17 +24884,26 @@
},
"policy": {
"type": "string",
- "description": "Name of the AVT policy to apply to this VRF.",
+ "description": "Name of the policy to apply to this VRF.\nIt is possible to overwrite the default policy for all VRFs using it\nby redefining it in the `wan_virtual_topologies.policies` list using the\ndefault name `DEFAULT-POLICY`.",
+ "default": "DEFAULT-POLICY",
"title": "Policy"
+ },
+ "wan_vni": {
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 255,
+ "description": "Required for VRFs carried over AutoVPN or CV Pathfinder WAN.\n\nA VRF can have different VNIs between the Datacenters and the WAN.\nNote that if no VRF default is configured for WAN, AVD will automatically inject the VRF default with\n`wan_vni` set to `1`.\nIn addition either `vrf_id` or `vrf_vni` must be set to enforce consistent route-targets across domains.",
+ "title": "Wan Vni"
}
},
+ "required": [
+ "wan_vni",
+ "name"
+ ],
"additionalProperties": false,
"patternProperties": {
"^_.+$": {}
- },
- "required": [
- "name"
- ]
+ }
},
"title": "VRFs"
},
diff --git a/ansible_collections/arista/avd/roles/eos_designs/schemas/eos_designs.schema.yml b/ansible_collections/arista/avd/roles/eos_designs/schemas/eos_designs.schema.yml
index 41cf030c55d..c9fc127865b 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/schemas/eos_designs.schema.yml
+++ b/ansible_collections/arista/avd/roles/eos_designs/schemas/eos_designs.schema.yml
@@ -3722,7 +3722,36 @@ keys:
description: VRF name.
policy:
type: str
- description: Name of the AVT policy to apply to this VRF.
+ description: 'Name of the policy to apply to this VRF.
+
+ It is possible to overwrite the default policy for all VRFs using
+ it
+
+ by redefining it in the `wan_virtual_topologies.policies` list using
+ the
+
+ default name `DEFAULT-POLICY`.'
+ default: DEFAULT-POLICY
+ wan_vni:
+ type: int
+ convert_types:
+ - str
+ min: 1
+ max: 255
+ required: true
+ description: 'Required for VRFs carried over AutoVPN or CV Pathfinder
+ WAN.
+
+
+ A VRF can have different VNIs between the Datacenters and the WAN.
+
+ Note that if no VRF default is configured for WAN, AVD will automatically
+ inject the VRF default with
+
+ `wan_vni` set to `1`.
+
+ In addition either `vrf_id` or `vrf_vni` must be set to enforce consistent
+ route-targets across domains.'
control_plane_virtual_topology:
type: dict
description: 'Always injected into the default VRF policy as the first entry.
diff --git a/ansible_collections/arista/avd/roles/eos_designs/schemas/schema_fragments/wan_virtual_topologies.schema.yml b/ansible_collections/arista/avd/roles/eos_designs/schemas/schema_fragments/wan_virtual_topologies.schema.yml
index bbe6fbf0911..2037a7eee4e 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/schemas/schema_fragments/wan_virtual_topologies.schema.yml
+++ b/ansible_collections/arista/avd/roles/eos_designs/schemas/schema_fragments/wan_virtual_topologies.schema.yml
@@ -31,7 +31,33 @@ keys:
description: VRF name.
policy:
type: str
- description: Name of the AVT policy to apply to this VRF.
+ description: |-
+ Name of the policy to apply to this VRF.
+ It is possible to overwrite the default policy for all VRFs using it
+ by redefining it in the `wan_virtual_topologies.policies` list using the
+ default name `DEFAULT-POLICY`.
+ default: DEFAULT-POLICY
+ wan_vni:
+ # The `wan_vni` is under here rather than `tenants.vrfs` as it as
+ # initially planned for 2 reasons:
+ # 1. This allow to keep a consistent WAN VNI ID in a more
+ # effective way, as otherwise this wan_vni key would have had
+ # to be aligned in every tenant where the VRF is defined.
+ # 2. This is used in the WAN metadata for pathfinder nodes to pick
+ # up WAN VRFs and their VNI.
+ type: int
+ convert_types:
+ - str
+ min: 1
+ max: 255
+ required: true
+ description: |-
+ Required for VRFs carried over AutoVPN or CV Pathfinder WAN.
+
+ A VRF can have different VNIs between the Datacenters and the WAN.
+ Note that if no VRF default is configured for WAN, AVD will automatically inject the VRF default with
+ `wan_vni` set to `1`.
+ In addition either `vrf_id` or `vrf_vni` must be set to enforce consistent route-targets across domains.
control_plane_virtual_topology:
type: dict
description: |-