Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feat(eos_designs): Add flowtracking on WAN Router LAN uplinks #3679

Merged
merged 4 commits into from
Mar 1, 2024
Merged

Feat(eos_designs): Add flowtracking on WAN Router LAN uplinks #3679

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
a872920
Feat(eos_designs): Add flowtracking on WAN Router LAN uplinks
ClausHolbechArista Feb 29, 2024
6325dc2
Merge branch 'devel' into feat/eos_designs/wan-flowtracker-lan
ClausHolbechArista Mar 1, 2024
149162a
Update CI artifacts
ClausHolbechArista Mar 1, 2024
263f90d
Merge branch 'devel' into feat/eos_designs/wan-flowtracker-lan
ClausHolbechArista Mar 1, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
80 changes: 62 additions & 18 deletions ...ns/arista/avd/molecule/eos_designs_unit_tests/intended/configs/uplink_lan_wan_router1.cfg
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,31 +1,61 @@
!RANCID-CONTENT-TYPE: arista
!
flow tracking hardware
tracker WAN-FLOW-TRACKER
record export on inactive timeout 70000
record export on interval 5000
exporter DPI-EXPORTER
collector 127.0.0.1
local interface Loopback0
template interval 5000
no shutdown
!
service routing protocols model multi-agent
!
ip as-path access-list ASPATH-WAN permit 65100 any
!
hostname uplink_lan_wan_router1
!
router path-selection
tcp mss ceiling ipv4 ingress
!
load-balance policy LB-DEFAULT-POLICY-CONTROL-PLANE
!
load-balance policy LB-DEFAULT-POLICY-DEFAULT
router adaptive-virtual-topology
topology role edge
region region1 id 1
zone region1-ZONE id 1
site site1 id 1
!
policy DEFAULT-POLICY
default-match
load-balance LB-DEFAULT-POLICY-DEFAULT
!
match application-profile default
avt profile DEFAULT-POLICY-DEFAULT
!
policy DEFAULT-POLICY-WITH-CP
default-match
load-balance LB-DEFAULT-POLICY-DEFAULT
10 application-profile APP-PROFILE-CONTROL-PLANE
load-balance LB-DEFAULT-POLICY-CONTROL-PLANE
!
match application-profile APP-PROFILE-CONTROL-PLANE
avt profile DEFAULT-POLICY-CONTROL-PLANE
!
match application-profile default
avt profile DEFAULT-POLICY-DEFAULT
!
profile DEFAULT-POLICY-CONTROL-PLANE
path-selection load-balance LB-DEFAULT-POLICY-CONTROL-PLANE
!
profile DEFAULT-POLICY-DEFAULT
path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
!
vrf default
path-selection-policy DEFAULT-POLICY-WITH-CP
avt policy DEFAULT-POLICY-WITH-CP
avt profile DEFAULT-POLICY-DEFAULT id 1
avt profile DEFAULT-POLICY-CONTROL-PLANE id 254
!
vrf VRF1
path-selection-policy DEFAULT-POLICY
avt policy DEFAULT-POLICY
avt profile DEFAULT-POLICY-DEFAULT id 1
!
router path-selection
tcp mss ceiling ipv4 ingress
!
load-balance policy LB-DEFAULT-POLICY-CONTROL-PLANE
!
load-balance policy LB-DEFAULT-POLICY-DEFAULT
!
spanning-tree mode none
!
Expand All @@ -42,6 +72,8 @@ ip security
local-id 192.168.2.1
!
sa policy CP-SA-POLICY
esp encryption aes256gcm128
pfs dh-group 14
!
profile CP-PROFILE
ike-policy CP-IKE-POLICY
Expand All @@ -57,20 +89,23 @@ ip security
interface Dps1
description DPS Interface
mtu 9214
flow tracker hardware WAN-FLOW-TRACKER
ip address 192.168.2.1/32
!
interface Ethernet2
description UPLINK_LAN_L2LEAF_Ethernet1
no shutdown
mtu 9214
no switchport
flow tracker hardware WAN-FLOW-TRACKER
vrf VRF1
ip address 10.0.10.1/24
!
interface Ethernet2.100
description My vlan 100
no shutdown
encapsulation dot1q vlan 100
flow tracker hardware WAN-FLOW-TRACKER
vrf VRF1
ip address 10.0.100.1/24
ipv6 enable
Expand Down Expand Up @@ -104,14 +139,14 @@ no ip routing vrf MGMT
ip routing vrf VRF1
ipv6 unicast-routing vrf VRF1
!
ip extcommunity-list ECL-EVPN-SOO permit soo 192.168.1.1:0
ip extcommunity-list ECL-EVPN-SOO permit soo 192.168.1.1:1
!
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.1.0/24 eq 32
!
route-map RM-BGP-UNDERLAY-PEERS-IN permit 40
description Mark prefixes originated from the LAN
set extcommunity soo 192.168.1.1:0 additive
set extcommunity soo 192.168.1.1:1 additive
!
route-map RM-BGP-UNDERLAY-PEERS-OUT permit 10
description Advertise local routes towards LAN
Expand All @@ -123,7 +158,7 @@ route-map RM-BGP-UNDERLAY-PEERS-OUT permit 20
!
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
set extcommunity soo 192.168.1.1:0 additive
set extcommunity soo 192.168.1.1:1 additive
!
route-map RM-EVPN-EXPORT-VRF-DEFAULT permit 10
match extcommunity ECL-EVPN-SOO
Expand All @@ -134,7 +169,7 @@ route-map RM-EVPN-SOO-IN deny 10
route-map RM-EVPN-SOO-IN permit 20
!
route-map RM-EVPN-SOO-OUT permit 10
set extcommunity soo 192.168.1.1:0 additive
set extcommunity soo 192.168.1.1:1 additive
!
router bfd
multihop interval 300 min-rx 300 multiplier 3
Expand Down Expand Up @@ -162,6 +197,13 @@ router bgp 65100
address-family ipv4
no neighbor WAN-OVERLAY-PEERS activate
!
address-family ipv4 sr-te
neighbor WAN-OVERLAY-PEERS activate
!
address-family link-state
neighbor WAN-OVERLAY-PEERS activate
path-selection
!
address-family path-selection
bgp additional-paths receive
bgp additional-paths send any
Expand All @@ -180,6 +222,8 @@ router bgp 65100
router-id 192.168.1.1
redistribute connected
!
router traffic-engineering
!
management api http-commands
protocol https
no shutdown
Expand Down
80 changes: 62 additions & 18 deletions ...ns/arista/avd/molecule/eos_designs_unit_tests/intended/configs/uplink_lan_wan_router2.cfg
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,31 +1,61 @@
!RANCID-CONTENT-TYPE: arista
!
flow tracking hardware
tracker WAN-FLOW-TRACKER
record export on inactive timeout 70000
record export on interval 5000
exporter DPI-EXPORTER
collector 127.0.0.1
local interface Loopback0
template interval 5000
no shutdown
!
service routing protocols model multi-agent
!
ip as-path access-list ASPATH-WAN permit 65100 any
!
hostname uplink_lan_wan_router2
!
router path-selection
tcp mss ceiling ipv4 ingress
!
load-balance policy LB-DEFAULT-POLICY-CONTROL-PLANE
!
load-balance policy LB-DEFAULT-POLICY-DEFAULT
router adaptive-virtual-topology
topology role edge
region region1 id 1
zone region1-ZONE id 1
site site2 id 2
!
policy DEFAULT-POLICY
default-match
load-balance LB-DEFAULT-POLICY-DEFAULT
!
match application-profile default
avt profile DEFAULT-POLICY-DEFAULT
!
policy DEFAULT-POLICY-WITH-CP
default-match
load-balance LB-DEFAULT-POLICY-DEFAULT
10 application-profile APP-PROFILE-CONTROL-PLANE
load-balance LB-DEFAULT-POLICY-CONTROL-PLANE
!
match application-profile APP-PROFILE-CONTROL-PLANE
avt profile DEFAULT-POLICY-CONTROL-PLANE
!
match application-profile default
avt profile DEFAULT-POLICY-DEFAULT
!
profile DEFAULT-POLICY-CONTROL-PLANE
path-selection load-balance LB-DEFAULT-POLICY-CONTROL-PLANE
!
profile DEFAULT-POLICY-DEFAULT
path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
!
vrf default
path-selection-policy DEFAULT-POLICY-WITH-CP
avt policy DEFAULT-POLICY-WITH-CP
avt profile DEFAULT-POLICY-DEFAULT id 1
avt profile DEFAULT-POLICY-CONTROL-PLANE id 254
!
vrf VRF1
path-selection-policy DEFAULT-POLICY
avt policy DEFAULT-POLICY
avt profile DEFAULT-POLICY-DEFAULT id 1
!
router path-selection
tcp mss ceiling ipv4 ingress
!
load-balance policy LB-DEFAULT-POLICY-CONTROL-PLANE
!
load-balance policy LB-DEFAULT-POLICY-DEFAULT
!
spanning-tree mode none
!
Expand All @@ -42,6 +72,8 @@ ip security
local-id 192.168.2.2
!
sa policy CP-SA-POLICY
esp encryption aes256gcm128
pfs dh-group 14
!
profile CP-PROFILE
ike-policy CP-IKE-POLICY
Expand All @@ -57,6 +89,7 @@ ip security
interface Dps1
description DPS Interface
mtu 9214
flow tracker hardware WAN-FLOW-TRACKER
ip address 192.168.2.2/32
!
interface Ethernet2
Expand All @@ -70,13 +103,15 @@ interface Ethernet2.10
no shutdown
mtu 9214
encapsulation dot1q vlan 10
flow tracker hardware WAN-FLOW-TRACKER
vrf VRF1
ip address 10.0.10.1/24
!
interface Ethernet2.100
description My vlan 100
no shutdown
encapsulation dot1q vlan 100
flow tracker hardware WAN-FLOW-TRACKER
vrf VRF1
ip address 10.0.100.1/24
ipv6 enable
Expand Down Expand Up @@ -110,14 +145,14 @@ no ip routing vrf MGMT
ip routing vrf VRF1
ipv6 unicast-routing vrf VRF1
!
ip extcommunity-list ECL-EVPN-SOO permit soo 192.168.1.2:0
ip extcommunity-list ECL-EVPN-SOO permit soo 192.168.1.2:2
!
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.1.0/24 eq 32
!
route-map RM-BGP-UNDERLAY-PEERS-IN permit 40
description Mark prefixes originated from the LAN
set extcommunity soo 192.168.1.2:0 additive
set extcommunity soo 192.168.1.2:2 additive
!
route-map RM-BGP-UNDERLAY-PEERS-OUT permit 10
description Advertise local routes towards LAN
Expand All @@ -129,7 +164,7 @@ route-map RM-BGP-UNDERLAY-PEERS-OUT permit 20
!
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
set extcommunity soo 192.168.1.2:0 additive
set extcommunity soo 192.168.1.2:2 additive
!
route-map RM-EVPN-EXPORT-VRF-DEFAULT permit 10
match extcommunity ECL-EVPN-SOO
Expand All @@ -140,7 +175,7 @@ route-map RM-EVPN-SOO-IN deny 10
route-map RM-EVPN-SOO-IN permit 20
!
route-map RM-EVPN-SOO-OUT permit 10
set extcommunity soo 192.168.1.2:0 additive
set extcommunity soo 192.168.1.2:2 additive
!
router bfd
multihop interval 300 min-rx 300 multiplier 3
Expand Down Expand Up @@ -168,6 +203,13 @@ router bgp 65100
address-family ipv4
no neighbor WAN-OVERLAY-PEERS activate
!
address-family ipv4 sr-te
neighbor WAN-OVERLAY-PEERS activate
!
address-family link-state
neighbor WAN-OVERLAY-PEERS activate
path-selection
!
address-family path-selection
bgp additional-paths receive
bgp additional-paths send any
Expand All @@ -186,6 +228,8 @@ router bgp 65100
router-id 192.168.1.2
redistribute connected
!
router traffic-engineering
!
management api http-commands
protocol https
no shutdown
Expand Down
Loading
Loading