diff options
Diffstat (limited to 'smoketest/configs')
| -rw-r--r-- | smoketest/configs/bgp-azure-ipsec-gateway (renamed from smoketest/configs/azure-bgp-gateway) | 870 | ||||
| -rw-r--r-- | smoketest/configs/bgp-evpn-l2vpn-leaf | 149 | ||||
| -rw-r--r-- | smoketest/configs/bgp-evpn-l2vpn-spine | 128 | ||||
| -rw-r--r-- | smoketest/configs/bgp-evpn-l3vpn-pe-router | 312 | ||||
| -rw-r--r-- | smoketest/configs/isis-small | 105 | ||||
| -rw-r--r-- | smoketest/configs/tunnel-broker | 15 | ||||
| -rw-r--r-- | smoketest/configs/vrf-bgp | 166 | ||||
| -rw-r--r-- | smoketest/configs/vrf-ospf | 145 |
8 files changed, 1444 insertions, 446 deletions
diff --git a/smoketest/configs/azure-bgp-gateway b/smoketest/configs/bgp-azure-ipsec-gateway index b3f5e9edc..0862531fd 100644 --- a/smoketest/configs/azure-bgp-gateway +++ b/smoketest/configs/bgp-azure-ipsec-gateway @@ -1,435 +1,435 @@ -firewall {
- all-ping enable
- broadcast-ping disable
- config-trap disable
- ipv6-receive-redirects disable
- ipv6-src-route disable
- ip-src-route disable
- log-martians disable
- options {
- interface vti31 {
- adjust-mss 1350
- }
- interface vti32 {
- adjust-mss 1350
- }
- interface vti41 {
- adjust-mss 1350
- }
- interface vti42 {
- adjust-mss 1350
- }
- interface vti51 {
- adjust-mss 1350
- }
- interface vti52 {
- adjust-mss 1350
- }
- }
- receive-redirects disable
- send-redirects enable
- source-validation disable
- syn-cookies enable
- twa-hazards-protection disable
-}
-high-availability {
- vrrp {
- group DMZ-VLAN-3962 {
- interface eth1
- preempt-delay 180
- priority 200
- virtual-address 192.168.34.36/27
- vrid 62
- }
- }
-}
-interfaces {
- ethernet eth0 {
- address 192.0.2.189/27
- duplex auto
- smp-affinity auto
- speed auto
- }
- ethernet eth1 {
- address 192.168.34.37/27
- duplex auto
- smp-affinity auto
- speed auto
- }
- loopback lo {
- }
- vti vti31 {
- }
- vti vti32 {
- }
- vti vti41 {
- }
- vti vti42 {
- }
- vti vti51 {
- }
- vti vti52 {
- }
-}
-policy {
- prefix-list AZURE-BGP-IPv4-in {
- description "Prefixes received from Azure"
- rule 100 {
- action permit
- le 32
- prefix 100.64.0.0/10
- }
- }
- prefix-list ONPREM-BGP-IPv4-out {
- description "Prefixes allowed to be announced into Azure"
- rule 100 {
- action permit
- prefix 10.0.0.0/8
- }
- rule 200 {
- action permit
- prefix 172.16.0.0/12
- }
- rule 300 {
- action permit
- prefix 192.168.0.0/16
- }
- }
-}
-protocols {
- bgp 65522 {
- address-family {
- ipv4-unicast {
- network 10.0.0.0/8 {
- }
- network 172.16.0.0/12 {
- }
- network 192.168.0.0/16 {
- }
- }
- }
- neighbor 100.66.8.36 {
- peer-group AZURE
- remote-as 64517
- }
- neighbor 100.66.8.37 {
- peer-group AZURE
- remote-as 64517
- }
- neighbor 100.66.24.36 {
- peer-group AZURE
- remote-as 64513
- }
- neighbor 100.66.24.37 {
- peer-group AZURE
- remote-as 64513
- }
- neighbor 100.66.40.36 {
- peer-group AZURE
- remote-as 64515
- }
- neighbor 100.66.40.37 {
- peer-group AZURE
- remote-as 64515
- }
- neighbor 192.168.34.38 {
- address-family {
- ipv4-unicast {
- nexthop-self
- soft-reconfiguration {
- inbound
- }
- }
- }
- capability {
- dynamic
- }
- password VyOSR0xx123
- remote-as 65522
- update-source eth1
- }
- peer-group AZURE {
- address-family {
- ipv4-unicast {
- maximum-prefix 50
- prefix-list {
- export ONPREM-BGP-IPv4-out
- import AZURE-BGP-IPv4-in
- }
- }
- }
- ebgp-multihop 2
- update-source eth1
- }
- timers {
- holdtime 30
- keepalive 5
- }
- }
- static {
- interface-route 100.66.8.36/32 {
- next-hop-interface vti31 {
- }
- next-hop-interface vti32 {
- }
- }
- interface-route 100.66.8.37/32 {
- next-hop-interface vti31 {
- }
- next-hop-interface vti32 {
- }
- }
- interface-route 100.66.24.36/32 {
- next-hop-interface vti41 {
- }
- next-hop-interface vti42 {
- }
- }
- interface-route 100.66.24.37/32 {
- next-hop-interface vti41 {
- }
- next-hop-interface vti42 {
- }
- }
- interface-route 100.66.40.36/32 {
- next-hop-interface vti51 {
- }
- next-hop-interface vti52 {
- }
- }
- interface-route 100.66.40.37/32 {
- next-hop-interface vti51 {
- }
- next-hop-interface vti52 {
- }
- }
- route 0.0.0.0/0 {
- next-hop 192.168.34.33 {
- }
- }
- route 51.105.0.0/16 {
- next-hop 192.0.2.161 {
- }
- }
- route 52.143.0.0/16 {
- next-hop 192.0.2.161 {
- }
- }
- route 195.137.175.0/24 {
- next-hop 192.0.2.161 {
- }
- }
- route 212.23.159.0/26 {
- next-hop 192.0.2.161 {
- }
- }
- }
-}
-service {
- ssh {
- disable-host-validation
- port 22
- }
-}
-system {
- config-management {
- commit-revisions 100
- }
- console {
- device ttyS0 {
- speed 115200
- }
- }
- domain-name vyos.net
- flow-accounting {
- interface eth1
- interface vti31
- interface vti32
- interface vti41
- interface vti42
- interface vti51
- interface vti52
- netflow {
- server 10.0.1.1 {
- port 2055
- }
- source-ip 192.168.34.37
- version 10
- }
- syslog-facility daemon
- }
- host-name azure-gw-01
- login {
- radius-server 192.0.2.253 {
- port 1812
- secret secret1234
- timeout 2
- }
- radius-server 192.0.2.254 {
- port 1812
- secret secret1234
- timeout 2
- }
- radius-source-address 192.168.34.37
- user vyos {
- authentication {
- encrypted-password $6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0
- plaintext-password ""
- }
- }
- }
- name-server 192.0.2.254
- ntp {
- server 192.0.2.254 {
- }
- }
- syslog {
- global {
- archive {
- file 10
- size 20480
- }
- facility all {
- level info
- }
- facility protocols {
- level debug
- }
- }
- host 10.0.9.188 {
- facility all {
- level info
- protocol udp
- }
- }
- }
- time-zone Europe/Berlin
-}
-vpn {
- ipsec {
- esp-group ESP-AZURE {
- compression disable
- lifetime 27000
- mode tunnel
- pfs disable
- proposal 1 {
- encryption aes256
- hash sha1
- }
- }
- ike-group IKE-AZURE {
- close-action none
- dead-peer-detection {
- action restart
- interval 2
- timeout 15
- }
- ikev2-reauth no
- key-exchange ikev2
- lifetime 27000
- proposal 1 {
- dh-group 2
- encryption aes256
- hash sha1
- }
- }
- ipsec-interfaces {
- interface eth0
- }
- logging {
- log-level 2
- log-modes ike
- }
- site-to-site {
- peer 51.105.0.2 {
- authentication {
- mode pre-shared-secret
- pre-shared-secret averysecretpsktowardsazure
- }
- connection-type respond
- ike-group IKE-AZURE
- ikev2-reauth inherit
- local-address 192.0.2.189
- vti {
- bind vti51
- esp-group ESP-AZURE
- }
- }
- peer 51.105.0.3 {
- authentication {
- mode pre-shared-secret
- pre-shared-secret averysecretpsktowardsazure
- }
- connection-type respond
- ike-group IKE-AZURE
- ikev2-reauth inherit
- local-address 192.0.2.189
- vti {
- bind vti52
- esp-group ESP-AZURE
- }
- }
- peer 51.105.0.246 {
- authentication {
- mode pre-shared-secret
- pre-shared-secret averysecretpsktowardsazure
- }
- connection-type respond
- ike-group IKE-AZURE
- ikev2-reauth inherit
- local-address 192.0.2.189
- vti {
- bind vti32
- esp-group ESP-AZURE
- }
- }
- peer 51.105.0.247 {
- authentication {
- mode pre-shared-secret
- pre-shared-secret averysecretpsktowardsazure
- }
- connection-type respond
- ike-group IKE-AZURE
- ikev2-reauth inherit
- local-address 192.0.2.189
- vti {
- bind vti31
- esp-group ESP-AZURE
- }
- }
- peer 51.105.0.18 {
- authentication {
- mode pre-shared-secret
- pre-shared-secret averysecretpsktowardsazure
- }
- connection-type respond
- ike-group IKE-AZURE
- ikev2-reauth inherit
- local-address 192.0.2.189
- vti {
- bind vti42
- esp-group ESP-AZURE
- }
- }
- peer 51.105.0.19 {
- authentication {
- mode pre-shared-secret
- pre-shared-secret averysecretpsktowardsazure
- }
- connection-type respond
- ike-group IKE-AZURE
- ikev2-reauth inherit
- local-address 192.0.2.189
- vti {
- bind vti41
- esp-group ESP-AZURE
- }
- }
- }
- }
-}
-
-
-/* Warning: Do not remove the following line. */
-/* === vyatta-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack-sync@1:conntrack@1:dhcp-relay@2:dhcp-server@5:dns-forwarding@1:firewall@5:ipsec@5:l2tp@1:mdns@1:nat@4:ntp@1:pptp@1:qos@1:quagga@6:snmp@1:ssh@1:system@9:vrrp@2:wanloadbalance@3:webgui@1:webproxy@1:webproxy@2:zone-policy@1" === */
-/* Release version: 1.2.5 */
+firewall { + all-ping enable + broadcast-ping disable + config-trap disable + ipv6-receive-redirects disable + ipv6-src-route disable + ip-src-route disable + log-martians disable + options { + interface vti31 { + adjust-mss 1350 + } + interface vti32 { + adjust-mss 1350 + } + interface vti41 { + adjust-mss 1350 + } + interface vti42 { + adjust-mss 1350 + } + interface vti51 { + adjust-mss 1350 + } + interface vti52 { + adjust-mss 1350 + } + } + receive-redirects disable + send-redirects enable + source-validation disable + syn-cookies enable + twa-hazards-protection disable +} +high-availability { + vrrp { + group DMZ-VLAN-3962 { + interface eth1 + preempt-delay 180 + priority 200 + virtual-address 192.168.34.36/27 + vrid 62 + } + } +} +interfaces { + ethernet eth0 { + address 192.0.2.189/27 + duplex auto + smp-affinity auto + speed auto + } + ethernet eth1 { + address 192.168.34.37/27 + duplex auto + smp-affinity auto + speed auto + } + loopback lo { + } + vti vti31 { + } + vti vti32 { + } + vti vti41 { + } + vti vti42 { + } + vti vti51 { + } + vti vti52 { + } +} +policy { + prefix-list AZURE-BGP-IPv4-in { + description "Prefixes received from Azure" + rule 100 { + action permit + le 32 + prefix 100.64.0.0/10 + } + } + prefix-list ONPREM-BGP-IPv4-out { + description "Prefixes allowed to be announced into Azure" + rule 100 { + action permit + prefix 10.0.0.0/8 + } + rule 200 { + action permit + prefix 172.16.0.0/12 + } + rule 300 { + action permit + prefix 192.168.0.0/16 + } + } +} +protocols { + bgp 65522 { + address-family { + ipv4-unicast { + network 10.0.0.0/8 { + } + network 172.16.0.0/12 { + } + network 192.168.0.0/16 { + } + } + } + neighbor 100.66.8.36 { + peer-group AZURE + remote-as 64517 + } + neighbor 100.66.8.37 { + peer-group AZURE + remote-as 64517 + } + neighbor 100.66.24.36 { + peer-group AZURE + remote-as 64513 + } + neighbor 100.66.24.37 { + peer-group AZURE + remote-as 64513 + } + neighbor 100.66.40.36 { + peer-group AZURE + remote-as 64515 + } + neighbor 100.66.40.37 { + peer-group AZURE + remote-as 64515 + } + neighbor 192.168.34.38 { + address-family { + ipv4-unicast { + nexthop-self + soft-reconfiguration { + inbound + } + } + } + capability { + dynamic + } + password VyOSR0xx123 + remote-as 65522 + update-source eth1 + } + peer-group AZURE { + address-family { + ipv4-unicast { + maximum-prefix 50 + prefix-list { + export ONPREM-BGP-IPv4-out + import AZURE-BGP-IPv4-in + } + } + } + ebgp-multihop 2 + update-source eth1 + } + timers { + holdtime 30 + keepalive 5 + } + } + static { + interface-route 100.66.8.36/32 { + next-hop-interface vti31 { + } + next-hop-interface vti32 { + } + } + interface-route 100.66.8.37/32 { + next-hop-interface vti31 { + } + next-hop-interface vti32 { + } + } + interface-route 100.66.24.36/32 { + next-hop-interface vti41 { + } + next-hop-interface vti42 { + } + } + interface-route 100.66.24.37/32 { + next-hop-interface vti41 { + } + next-hop-interface vti42 { + } + } + interface-route 100.66.40.36/32 { + next-hop-interface vti51 { + } + next-hop-interface vti52 { + } + } + interface-route 100.66.40.37/32 { + next-hop-interface vti51 { + } + next-hop-interface vti52 { + } + } + route 0.0.0.0/0 { + next-hop 192.168.34.33 { + } + } + route 51.105.0.0/16 { + next-hop 192.0.2.161 { + } + } + route 52.143.0.0/16 { + next-hop 192.0.2.161 { + } + } + route 195.137.175.0/24 { + next-hop 192.0.2.161 { + } + } + route 212.23.159.0/26 { + next-hop 192.0.2.161 { + } + } + } +} +service { + ssh { + disable-host-validation + port 22 + } +} +system { + config-management { + commit-revisions 100 + } + console { + device ttyS0 { + speed 115200 + } + } + domain-name vyos.net + flow-accounting { + interface eth1 + interface vti31 + interface vti32 + interface vti41 + interface vti42 + interface vti51 + interface vti52 + netflow { + server 10.0.1.1 { + port 2055 + } + source-ip 192.168.34.37 + version 10 + } + syslog-facility daemon + } + host-name azure-gw-01 + login { + radius-server 192.0.2.253 { + port 1812 + secret secret1234 + timeout 2 + } + radius-server 192.0.2.254 { + port 1812 + secret secret1234 + timeout 2 + } + radius-source-address 192.168.34.37 + user vyos { + authentication { + encrypted-password $6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0 + plaintext-password "" + } + } + } + name-server 192.0.2.254 + ntp { + server 192.0.2.254 { + } + } + syslog { + global { + archive { + file 10 + size 20480 + } + facility all { + level info + } + facility protocols { + level debug + } + } + host 10.0.9.188 { + facility all { + level info + protocol udp + } + } + } + time-zone Europe/Berlin +} +vpn { + ipsec { + esp-group ESP-AZURE { + compression disable + lifetime 27000 + mode tunnel + pfs disable + proposal 1 { + encryption aes256 + hash sha1 + } + } + ike-group IKE-AZURE { + close-action none + dead-peer-detection { + action restart + interval 2 + timeout 15 + } + ikev2-reauth no + key-exchange ikev2 + lifetime 27000 + proposal 1 { + dh-group 2 + encryption aes256 + hash sha1 + } + } + ipsec-interfaces { + interface eth0 + } + logging { + log-level 2 + log-modes ike + } + site-to-site { + peer 51.105.0.2 { + authentication { + mode pre-shared-secret + pre-shared-secret averysecretpsktowardsazure + } + connection-type respond + ike-group IKE-AZURE + ikev2-reauth inherit + local-address 192.0.2.189 + vti { + bind vti51 + esp-group ESP-AZURE + } + } + peer 51.105.0.3 { + authentication { + mode pre-shared-secret + pre-shared-secret averysecretpsktowardsazure + } + connection-type respond + ike-group IKE-AZURE + ikev2-reauth inherit + local-address 192.0.2.189 + vti { + bind vti52 + esp-group ESP-AZURE + } + } + peer 51.105.0.246 { + authentication { + mode pre-shared-secret + pre-shared-secret averysecretpsktowardsazure + } + connection-type respond + ike-group IKE-AZURE + ikev2-reauth inherit + local-address 192.0.2.189 + vti { + bind vti32 + esp-group ESP-AZURE + } + } + peer 51.105.0.247 { + authentication { + mode pre-shared-secret + pre-shared-secret averysecretpsktowardsazure + } + connection-type respond + ike-group IKE-AZURE + ikev2-reauth inherit + local-address 192.0.2.189 + vti { + bind vti31 + esp-group ESP-AZURE + } + } + peer 51.105.0.18 { + authentication { + mode pre-shared-secret + pre-shared-secret averysecretpsktowardsazure + } + connection-type respond + ike-group IKE-AZURE + ikev2-reauth inherit + local-address 192.0.2.189 + vti { + bind vti42 + esp-group ESP-AZURE + } + } + peer 51.105.0.19 { + authentication { + mode pre-shared-secret + pre-shared-secret averysecretpsktowardsazure + } + connection-type respond + ike-group IKE-AZURE + ikev2-reauth inherit + local-address 192.0.2.189 + vti { + bind vti41 + esp-group ESP-AZURE + } + } + } + } +} + + +/* Warning: Do not remove the following line. */ +/* === vyatta-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack-sync@1:conntrack@1:dhcp-relay@2:dhcp-server@5:dns-forwarding@1:firewall@5:ipsec@5:l2tp@1:mdns@1:nat@4:ntp@1:pptp@1:qos@1:quagga@6:snmp@1:ssh@1:system@9:vrrp@2:wanloadbalance@3:webgui@1:webproxy@1:webproxy@2:zone-policy@1" === */ +/* Release version: 1.2.5 */ diff --git a/smoketest/configs/bgp-evpn-l2vpn-leaf b/smoketest/configs/bgp-evpn-l2vpn-leaf new file mode 100644 index 000000000..020490186 --- /dev/null +++ b/smoketest/configs/bgp-evpn-l2vpn-leaf @@ -0,0 +1,149 @@ +interfaces { + bridge br100 { + member { + interface eth3 { + } + interface vxlan100 { + } + } + } + dummy dum0 { + address 172.29.0.1/32 + } + ethernet eth0 { + description "Out-of-Band Managament Port" + address 2001:db8::41/64 + address 192.0.2.41/27 + vrf MGMT + } + ethernet eth1 { + address 172.29.1.1/31 + mtu 1600 + } + ethernet eth2 { + address 172.29.2.1/31 + mtu 1600 + } + ethernet eth3 { + } + loopback lo { + } + vxlan vxlan100 { + mtu 1500 + parameters { + nolearning + } + port 4789 + source-address 172.29.0.1 + vni 100 + } +} +protocols { + bgp 65010 { + address-family { + ipv4-unicast { + maximum-paths { + ibgp 4 + } + redistribute { + connected { + } + } + } + l2vpn-evpn { + advertise-all-vni + } + } + neighbor 172.29.1.0 { + peer-group evpn + } + neighbor 172.29.2.0 { + peer-group evpn + } + parameters { + log-neighbor-changes + } + peer-group evpn { + address-family { + ipv4-unicast { + nexthop-self { + } + } + l2vpn-evpn { + nexthop-self { + } + } + } + remote-as 65010 + } + } + vrf MGMT { + static { + route 0.0.0.0/0 { + next-hop 192.0.2.62 { + } + } + route6 ::/0 { + next-hop 2001:db8::1 { + } + } + } + } +} +service { + lldp { + interface all { + } + } + ssh { + disable-host-validation + vrf MGMT + } +} +system { + config-management { + commit-revisions 100 + } + console { + device ttyS0 { + speed 115200 + } + } + host-name vyos + login { + user vyos { + authentication { + encrypted-password $6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0 + plaintext-password "" + } + } + } + ntp { + listen-address 192.0.2.41 + listen-address 2001:db8::41 + server 0.de.pool.ntp.org { + prefer + } + vrf MGMT + } + syslog { + global { + facility all { + level info + } + facility protocols { + level debug + } + } + } +} +vrf { + name MGMT { + table 1000 + } +} + + +// Warning: Do not remove the following line. +// vyos-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack@2:conntrack-sync@1:dhcp-relay@2:dhcp-server@5:dhcpv6-server@1:dns-forwarding@3:firewall@5:https@2:interfaces@20:ipoe-server@1:ipsec@5:l2tp@3:lldp@1:mdns@1:nat@5:nat66@1:ntp@1:pppoe-server@5:pptp@2:qos@1:quagga@8:rpki@1:salt@1:snmp@2:ssh@2:sstp@3:system@20:vrrp@2:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2:zone-policy@1" +// Release version: 1.4-rolling-202103091038 diff --git a/smoketest/configs/bgp-evpn-l2vpn-spine b/smoketest/configs/bgp-evpn-l2vpn-spine new file mode 100644 index 000000000..5dafc2f77 --- /dev/null +++ b/smoketest/configs/bgp-evpn-l2vpn-spine @@ -0,0 +1,128 @@ +interfaces { + ethernet eth0 { + description "Out-of-Band Managament Port" + address 192.0.2.51/27 + address 2001:db8::51/64 + vrf MGMT + } + ethernet eth1 { + address 172.29.1.0/31 + mtu 1600 + } + ethernet eth2 { + address 172.29.1.2/31 + mtu 1600 + } + ethernet eth3 { + address 172.29.1.4/31 + mtu 1600 + } + loopback lo { + } +} +protocols { + bgp 65010 { + address-family { + ipv4-unicast { + maximum-paths { + ibgp 4 + } + redistribute { + connected { + } + } + } + } + listen { + range 172.29.1.0/24 { + peer-group evpn + } + } + parameters { + log-neighbor-changes + } + peer-group evpn { + address-family { + ipv4-unicast { + route-reflector-client + } + l2vpn-evpn { + route-reflector-client + } + } + capability { + dynamic + } + remote-as 65010 + } + } + vrf MGMT { + static { + route 0.0.0.0/0 { + next-hop 192.0.2.62 { + } + } + route6 ::/0 { + next-hop 2001:db8::1 { + } + } + } + } +} +service { + lldp { + interface all { + } + } + ssh { + disable-host-validation + vrf MGMT + } +} +system { + config-management { + commit-revisions 100 + } + console { + device ttyS0 { + speed 115200 + } + } + host-name vyos + login { + user vyos { + authentication { + encrypted-password $6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0 + plaintext-password "" + } + } + } + ntp { + listen-address 192.0.2.51 + listen-address 2001:db8::51 + server 0.de.pool.ntp.org { + prefer + } + vrf MGMT + } + syslog { + global { + facility all { + level info + } + facility protocols { + level debug + } + } + } +} +vrf { + name MGMT { + table 1000 + } +} + + +// Warning: Do not remove the following line. +// vyos-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack@2:conntrack-sync@1:dhcp-relay@2:dhcp-server@5:dhcpv6-server@1:dns-forwarding@3:firewall@5:https@2:interfaces@20:ipoe-server@1:ipsec@5:l2tp@3:lldp@1:mdns@1:nat@5:nat66@1:ntp@1:pppoe-server@5:pptp@2:qos@1:quagga@8:rpki@1:salt@1:snmp@2:ssh@2:sstp@3:system@20:vrrp@2:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2:zone-policy@1" +// Release version: 1.4-rolling-202103091038 diff --git a/smoketest/configs/bgp-evpn-l3vpn-pe-router b/smoketest/configs/bgp-evpn-l3vpn-pe-router new file mode 100644 index 000000000..b1ca7fae3 --- /dev/null +++ b/smoketest/configs/bgp-evpn-l3vpn-pe-router @@ -0,0 +1,312 @@ +interfaces { + bridge br2000 { + address 10.1.1.1/24 + description "customer blue" + member { + interface eth4 { + } + interface vxlan2000 { + } + } + vrf blue + } + bridge br3000 { + address 10.2.1.1/24 + description "customer red" + member { + interface eth5 { + } + interface vxlan3000 { + } + } + vrf red + } + bridge br4000 { + address 10.3.1.1/24 + description "customer green" + member { + interface eth6 { + } + interface vxlan4000 { + } + } + vrf green + } + dummy dum0 { + address 172.29.255.1/32 + } + ethernet eth0 { + address 192.0.2.59/27 + address 2001:db8:ffff::59/64 + description "out-of-band management" + vrf mgmt + } + ethernet eth1 { + address 172.29.0.2/31 + description "link to pe2" + mtu 1600 + } + ethernet eth2 { + disable + } + ethernet eth3 { + address 172.29.0.6/31 + description "link to pe3" + mtu 1600 + } + ethernet eth4 { + description "customer blue" + } + ethernet eth5 { + description "customer red" + } + ethernet eth6 { + description "customer green" + } + loopback lo { + } + vxlan vxlan2000 { + mtu 1500 + parameters { + nolearning + } + port 4789 + source-address 172.29.255.1 + vni 2000 + } + vxlan vxlan3000 { + mtu 1500 + parameters { + nolearning + } + port 4789 + source-address 172.29.255.1 + vni 3000 + } + vxlan vxlan4000 { + mtu 1500 + parameters { + nolearning + } + port 4789 + source-address 172.29.255.1 + vni 4000 + } +} +protocols { + bgp { + address-family { + l2vpn-evpn { + advertise { + ipv4 { + unicast { + } + } + } + advertise-all-vni + } + } + local-as 100 + neighbor 172.29.255.2 { + peer-group ibgp + } + neighbor 172.29.255.3 { + peer-group ibgp + } + parameters { + default { + no-ipv4-unicast + } + log-neighbor-changes + router-id 172.29.255.1 + } + peer-group ibgp { + address-family { + l2vpn-evpn { + } + } + remote-as 100 + update-source dum0 + } + } + ospf { + area 0 { + network 172.29.0.2/31 + network 172.29.0.6/31 + } + interface eth1 { + network point-to-point + } + interface eth3 { + network point-to-point + } + log-adjacency-changes { + detail + } + parameters { + abr-type cisco + router-id 172.29.255.1 + } + passive-interface default + passive-interface-exclude eth1 + passive-interface-exclude eth3 + redistribute { + connected { + } + } + } +} +service { + lldp { + interface all { + } + } + ssh { + disable-host-validation + port 22 + vrf mgmt + } +} +system { + config-management { + commit-revisions 100 + } + console { + device ttyS0 { + speed 115200 + } + } + domain-name vyos.net + host-name vyos + login { + user vyos { + authentication { + encrypted-password $6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0 + plaintext-password "" + } + } + } + name-server 192.0.2.251 + name-server 192.0.2.252 + name-server 2001:db8::1 + ntp { + listen-address 192.0.2.59 + listen-address 2001:db8:ffff::59 + server 192.0.2.251 { + } + server 192.0.2.252 { + } + server 2001:db8::251 { + } + server 2001:db8::252 { + } + vrf mgmt + } + syslog { + global { + facility all { + level info + } + facility protocols { + level debug + } + } + } +} +vrf { + name blue { + protocols { + bgp { + address-family { + ipv4-unicast { + redistribute { + connected { + } + } + } + l2vpn-evpn { + advertise { + ipv4 { + unicast { + } + } + } + } + } + local-as 100 + } + } + table 2000 + vni 2000 + } + name green { + protocols { + bgp { + address-family { + ipv4-unicast { + redistribute { + connected { + } + } + } + l2vpn-evpn { + advertise { + ipv4 { + unicast { + } + } + } + } + } + local-as 100 + } + } + table 4000 + vni 4000 + } + name mgmt { + protocols { + static { + route 0.0.0.0/0 { + next-hop 192.0.2.62 { + } + } + route6 ::/0 { + next-hop 2001:db8:ffff::1 { + } + } + } + } + table 1000 + } + name red { + protocols { + bgp { + address-family { + ipv4-unicast { + redistribute { + connected { + } + } + } + l2vpn-evpn { + advertise { + ipv4 { + unicast { + } + } + } + } + } + local-as 100 + } + } + table 3000 + vni 3000 + } +} + + +// Warning: Do not remove the following line. +// vyos-config-version: "bgp@1:broadcast-relay@1:cluster@1:config-management@1:conntrack@2:conntrack-sync@1:dhcp-relay@2:dhcp-server@5:dhcpv6-server@1:dns-forwarding@3:firewall@5:https@2:interfaces@20:ipoe-server@1:ipsec@5:isis@1:l2tp@3:lldp@1:mdns@1:nat@5:nat66@1:ntp@1:pppoe-server@5:pptp@2:qos@1:quagga@9:rpki@1:salt@1:snmp@2:ssh@2:sstp@3:system@20:vrf@2:vrrp@2:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2:zone-policy@1" +// Release version: 1.4-rolling-202104091411 diff --git a/smoketest/configs/isis-small b/smoketest/configs/isis-small new file mode 100644 index 000000000..2c42ac9c4 --- /dev/null +++ b/smoketest/configs/isis-small @@ -0,0 +1,105 @@ +interfaces { + dummy dum0 { + address 203.0.113.1/24 + } + ethernet eth0 { + duplex auto + speed auto + } + ethernet eth1 { + address 192.0.2.1/24 + duplex auto + speed auto + } + ethernet eth2 { + duplex auto + speed auto + } + ethernet eth3 { + duplex auto + speed auto + } +} +policy { + prefix-list EXPORT-ISIS { + rule 10 { + action permit + prefix 203.0.113.0/24 + } + } + route-map EXPORT-ISIS { + rule 10 { + action permit + match { + ip { + address { + prefix-list EXPORT-ISIS + } + } + } + } + } +} +protocols { + isis FOO { + interface eth1 { + bfd + } + net 49.0001.1921.6800.1002.00 + redistribute { + ipv4 { + connected { + level-2 { + route-map EXPORT-ISIS + } + } + } + } + } +} +system { + config-management { + commit-revisions 200 + } + console { + device ttyS0 { + speed 115200 + } + } + domain-name vyos.io + host-name vyos + login { + user vyos { + authentication { + encrypted-password $6$2Ta6TWHd/U$NmrX0x9kexCimeOcYK1MfhMpITF9ELxHcaBU/znBq.X2ukQOj61fVI2UYP/xBzP4QtiTcdkgs7WOQMHWsRymO/ + plaintext-password "" + } + level admin + } + } + ntp { + server 0.pool.ntp.org { + } + server 1.pool.ntp.org { + } + server 2.pool.ntp.org { + } + } + syslog { + global { + facility all { + level info + } + facility protocols { + level debug + } + } + } + time-zone Europe/Berlin +} + + +// Warning: Do not remove the following line. +// vyos-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack@1:conntrack-sync@1:dhcp-relay@2:dhcp-server@5:dhcpv6-server@1:dns-forwarding@3:firewall@5:https@2:interfaces@18:ipoe-server@1:ipsec@5:l2tp@3:lldp@1:mdns@1:nat@5:ntp@1:pppoe-server@5:pptp@2:qos@1:quagga@7:rpki@1:salt@1:snmp@2:ssh@2:sstp@3:system@20:vrrp@2:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2:zone-policy@1" +// Release version: 1.3.0-rc1 + diff --git a/smoketest/configs/tunnel-broker b/smoketest/configs/tunnel-broker index b52ba2541..d4a5c2dfc 100644 --- a/smoketest/configs/tunnel-broker +++ b/smoketest/configs/tunnel-broker @@ -21,40 +21,34 @@ interfaces { address 172.18.202.10/24 } l2tpv3 l2tpeth10 { - description "L2 VPN Tunnel" destination-port 5010 encapsulation ip local-ip 172.18.202.10 - mtu 1500 peer-session-id 110 peer-tunnel-id 10 - remote-ip 172.18.254.201 + remote-ip 172.18.202.110 session-id 110 source-port 5010 tunnel-id 10 } l2tpv3 l2tpeth20 { - description "L2 VPN Tunnel" destination-port 5020 encapsulation ip local-ip 172.18.202.10 - mtu 1500 peer-session-id 120 peer-tunnel-id 20 - remote-ip 172.18.254.202 + remote-ip 172.18.202.120 session-id 120 source-port 5020 tunnel-id 20 } l2tpv3 l2tpeth30 { - description "L2 VPN Tunnel" destination-port 5030 encapsulation ip local-ip 172.18.202.10 - mtu 1500 peer-session-id 130 peer-tunnel-id 30 - remote-ip 172.18.254.203 + remote-ip 172.18.202.130 session-id 130 source-port 5030 tunnel-id 30 @@ -93,8 +87,7 @@ interfaces { protocols { static { route 0.0.0.0/0 { - next-hop 172.18.202.1 { - distance 10 + next-hop 172.18.202.254 { } } } diff --git a/smoketest/configs/vrf-bgp b/smoketest/configs/vrf-bgp new file mode 100644 index 000000000..4ad372a36 --- /dev/null +++ b/smoketest/configs/vrf-bgp @@ -0,0 +1,166 @@ +interfaces { + ethernet eth0 { + address 192.0.2.1/24 + } + ethernet eth1 { + vrf black + } + ethernet eth2 { + vrf black + } +} +protocols { + ospf { + area 0 { + network 192.0.2.0/24 + } + interface eth0 { + authentication { + md5 { + key-id 10 { + md5-key ospfkey + } + } + } + } + log-adjacency-changes { + } + parameters { + abr-type cisco + router-id 1.2.3.4 + } + passive-interface default + passive-interface-exclude eth0 + } +} +system { + config-management { + commit-revisions 100 + } + console { + device ttyS0 { + speed 115200 + } + } + host-name vyos + login { + user vyos { + authentication { + encrypted-password $6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0 + plaintext-password "" + } + } + } + nt + ntp { + server 0.pool.ntp.org { + } + server 1.pool.ntp.org { + } + server 2.pool.ntp.org { + } + } + syslog { + global { + facility all { + level info + } + facility protocols { + level debug + } + } + } + time-zone Europe/Berlin +} +vrf { + name black { + protocols { + bgp 65000 { + address-family { + ipv4-unicast { + network 10.0.150.0/23 { + } + } + ipv6-unicast { + network 2001:db8:200::/40 { + } + } + } + neighbor 10.0.151.222 { + disable-send-community { + extended + standard + } + address-family { + ipv4-unicast { + default-originate { + } + soft-reconfiguration { + inbound + } + } + } + capability { + dynamic + } + remote-as 65010 + } + neighbor 10.0.151.252 { + peer-group VYOSv4 + } + neighbor 10.0.151.254 { + peer-group VYOSv4 + } + neighbor 2001:db8:200:ffff::3 { + peer-group VYOSv6 + } + neighbor 2001:db8:200:ffff::a { + peer-group VYOSv6 + } + neighbor 2001:db8:200:ff::101:2 { + remote-as 65010 + } + parameters { + default { + no-ipv4-unicast + } + log-neighbor-changes + router-id 10.0.151.251 + } + peer-group VYOSv4 { + address-family { + ipv4-unicast { + nexthop-self { + } + } + } + capability { + dynamic + } + remote-as 65000 + update-source dum0 + } + peer-group VYOSv6 { + address-family { + ipv6-unicast { + nexthop-self { + } + } + } + capability { + dynamic + } + remote-as 65000 + update-source dum0 + } + } + + } + table 2000 + } +} + + +// Warning: Do not remove the following line. +// vyos-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack@2:conntrack-sync@1:dhcp-relay@2:dhcp-server@5:dhcpv6-server@1:dns-forwarding@3:firewall@5:https@2:interfaces@20:ipoe-server@1:ipsec@5:l2tp@3:lldp@1:mdns@1:nat@5:nat66@1:ntp@1:pppoe-server@5:pptp@2:qos@1:quagga@9:rpki@1:salt@1:snmp@2:ssh@2:sstp@3:system@20:vrf@2:vrrp@2:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2:zone-policy@1" +// Release version: 1.4-rolling-202103130218 diff --git a/smoketest/configs/vrf-ospf b/smoketest/configs/vrf-ospf new file mode 100644 index 000000000..7855e86bf --- /dev/null +++ b/smoketest/configs/vrf-ospf @@ -0,0 +1,145 @@ +interfaces { + ethernet eth0 { + address 192.0.2.1/24 + } + ethernet eth1 { + vrf red + } + ethernet eth2 { + vrf blue + } +} +protocols { + ospf { + area 0 { + network 192.0.2.0/24 + } + interface eth0 { + authentication { + md5 { + key-id 10 { + md5-key ospfkey + } + } + } + } + log-adjacency-changes { + } + parameters { + abr-type cisco + router-id 1.2.3.4 + } + passive-interface default + passive-interface-exclude eth0 + } +} +system { + config-management { + commit-revisions 100 + } + console { + device ttyS0 { + speed 115200 + } + } + host-name vyos + login { + user vyos { + authentication { + encrypted-password $6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0 + plaintext-password "" + } + } + } + nt + ntp { + server 0.pool.ntp.org { + } + server 1.pool.ntp.org { + } + server 2.pool.ntp.org { + } + } + syslog { + global { + facility all { + level info + } + facility protocols { + level debug + } + } + } + time-zone Europe/Berlin +} +vrf { + name blue { + protocols { + ospf { + area 0 { + network 172.18.201.0/24 + } + interface eth2 { + authentication { + md5 { + key-id 30 { + md5-key vyoskey456 + } + } + } + dead-interval 40 + hello-interval 10 + priority 1 + retransmit-interval 5 + transmit-delay 1 + } + log-adjacency-changes { + } + parameters { + abr-type cisco + router-id 5.6.7.8 + } + passive-interface default + passive-interface-exclude eth2 + } + } + table 2000 + } + name red { + protocols { + ospf { + area 0 { + network 172.18.202.0/24 + } + interface eth1 { + authentication { + md5 { + key-id 20 { + md5-key vyoskey123 + } + } + } + dead-interval 40 + hello-interval 10 + priority 1 + retransmit-interval 5 + transmit-delay 1 + } + log-adjacency-changes { + } + parameters { + abr-type cisco + router-id 9.10.11.12 + } + passive-interface default + passive-interface-exclude eth1 + } + } + table 1000 + } +} + + +// Warning: Do not remove the following line. +// vyos-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack@2:conntrack-sync@1:dhcp-relay@2:dhcp-server@5:dhcpv6-server@1:dns-forwarding@3:firewall@5:https@2:interfaces@20:ipoe-server@1:ipsec@5:l2tp@3:lldp@1:mdns@1:nat@5:nat66@1:ntp@1:pppoe-server@5:pptp@2:qos@1:quagga@9:rpki@1:salt@1:snmp@2:ssh@2:sstp@3:system@20:vrf@2:vrrp@2:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2:zone-policy@1" +// Release version: 1.4-rolling-202103130218 |