From ed417b84d9c907e901b8526e5da3a62cb0e273df Mon Sep 17 00:00:00 2001 From: rebortg Date: Thu, 25 Nov 2021 20:51:44 +0100 Subject: blueprint: add L3VPN EVPN --- .../autotest/L3VPN_EVPN/L3VPN_EVPN.log | 333 +++++++++++++++++++++ .../autotest/L3VPN_EVPN/L3VPN_EVPN.rst | 254 ++++++++++++++++ .../autotest/L3VPN_EVPN/_include/PE1.conf | 96 ++++++ .../autotest/L3VPN_EVPN/_include/PE2.conf | 89 ++++++ .../autotest/L3VPN_EVPN/_include/PE3.conf | 89 ++++++ .../autotest/L3VPN_EVPN/_include/topology.png | Bin 0 -> 102832 bytes 6 files changed, 861 insertions(+) create mode 100644 docs/configexamples/autotest/L3VPN_EVPN/L3VPN_EVPN.log create mode 100644 docs/configexamples/autotest/L3VPN_EVPN/L3VPN_EVPN.rst create mode 100644 docs/configexamples/autotest/L3VPN_EVPN/_include/PE1.conf create mode 100644 docs/configexamples/autotest/L3VPN_EVPN/_include/PE2.conf create mode 100644 docs/configexamples/autotest/L3VPN_EVPN/_include/PE3.conf create mode 100644 docs/configexamples/autotest/L3VPN_EVPN/_include/topology.png (limited to 'docs/configexamples/autotest') diff --git a/docs/configexamples/autotest/L3VPN_EVPN/L3VPN_EVPN.log b/docs/configexamples/autotest/L3VPN_EVPN/L3VPN_EVPN.log new file mode 100644 index 00000000..5960361c --- /dev/null +++ b/docs/configexamples/autotest/L3VPN_EVPN/L3VPN_EVPN.log @@ -0,0 +1,333 @@ +2021-11-25 20:44:18,134 p=36449 u=rob n=ansible | PLAY [prepare node and Lab] **************************************************************************************************************************************** +2021-11-25 20:44:18,148 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : fail] *********************************************************************************************************************************** +2021-11-25 20:44:18,162 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:18,169 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:18,174 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:18,175 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:18,180 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:18,182 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : fail] *********************************************************************************************************************************** +2021-11-25 20:44:18,195 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:18,201 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:18,207 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:18,208 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:18,213 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:18,216 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : Login to EVE-NG and get Cookie] ********************************************************************************************************* +2021-11-25 20:44:18,234 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:18,240 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:18,243 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:18,247 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:19,328 p=36449 u=rob n=ansible | ok: [eveng] +2021-11-25 20:44:19,332 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : get template facts] ********************************************************************************************************************* +2021-11-25 20:44:19,362 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:19,370 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:19,372 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:19,378 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:19,883 p=36449 u=rob n=ansible | ok: [eveng] +2021-11-25 20:44:19,889 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : Register path status] ******************************************************************************************************************* +2021-11-25 20:44:19,919 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:19,926 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:19,927 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:19,933 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,246 p=36449 u=rob n=ansible | ok: [eveng] +2021-11-25 20:44:20,249 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : create path] **************************************************************************************************************************** +2021-11-25 20:44:20,266 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,273 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,280 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:20,282 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:20,286 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,289 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : Download iso] *************************************************************************************************************************** +2021-11-25 20:44:20,303 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,312 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,317 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:20,319 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:20,322 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,324 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : create virtioa.qcow2 file] ************************************************************************************************************** +2021-11-25 20:44:20,339 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,345 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,351 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:20,353 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:20,356 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,358 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : Login to EVE-NG and get Cookie] ********************************************************************************************************* +2021-11-25 20:44:20,379 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,385 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,386 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:20,387 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:20,390 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,392 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : create lab for node install] ************************************************************************************************************ +2021-11-25 20:44:20,405 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,413 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,419 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:20,420 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:20,423 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,425 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : open lab] ******************************************************************************************************************************* +2021-11-25 20:44:20,438 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,444 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,450 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:20,452 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:20,454 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,457 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : set_fact] ******************************************************************************************************************************* +2021-11-25 20:44:20,468 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,475 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,482 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:20,483 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:20,486 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,488 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : add node to lab] ************************************************************************************************************************ +2021-11-25 20:44:20,501 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,508 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,514 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:20,516 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:20,519 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,521 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : start node] ***************************************************************************************************************************** +2021-11-25 20:44:20,534 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,542 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,548 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:20,550 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:20,553 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,555 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : get node infos] ************************************************************************************************************************* +2021-11-25 20:44:20,568 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,576 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,581 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:20,583 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:20,586 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,590 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : set_fact] ******************************************************************************************************************************* +2021-11-25 20:44:20,602 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,610 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,616 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:20,618 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:20,620 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,623 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : copy file] ****************************************************************************************************************************** +2021-11-25 20:44:20,641 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,647 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,648 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:20,649 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:20,652 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,655 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : run expect script] ********************************************************************************************************************** +2021-11-25 20:44:20,669 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,675 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,683 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:20,685 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:20,688 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,690 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : Login to EVE-NG and get Cookie (due timeout)] ******************************************************************************************* +2021-11-25 20:44:20,704 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,711 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,716 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:20,718 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:20,721 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,723 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : stop node] ****************************************************************************************************************************** +2021-11-25 20:44:20,737 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,746 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,752 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:20,754 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:20,757 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,761 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : Pause to wait node is shutdown] ********************************************************************************************************* +2021-11-25 20:44:20,772 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,774 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : delete iso] ***************************************************************************************************************************** +2021-11-25 20:44:20,789 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,795 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,800 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:20,802 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:20,807 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,809 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : commit virtioa.qcow2] ******************************************************************************************************************* +2021-11-25 20:44:20,823 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,828 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,834 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:20,836 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:20,840 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,843 p=36449 u=rob n=ansible | TASK [eve-ng-create-node : delete lab for node install] ************************************************************************************************************ +2021-11-25 20:44:20,854 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,862 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,867 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:44:20,869 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:44:20,873 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:44:20,882 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : include L3VPN_EVPN lab_config.yml] ********************************************************************************************************* +2021-11-25 20:44:20,898 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:44:20,904 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:44:20,924 p=36449 u=rob n=ansible | included: /Users/rob/git/_vyos/vyos-eveng/labs/L3VPN_EVPN/lab_config.yml for PE1, PE2, PE3 +2021-11-25 20:44:20,937 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : setup vyos] ******************************************************************************************************************************** +2021-11-25 20:44:21,863 p=36655 u=rob n=ansible | network_os is set to vyos +2021-11-25 20:44:21,863 p=36653 u=rob n=ansible | network_os is set to vyos +2021-11-25 20:44:21,862 p=36654 u=rob n=ansible | network_os is set to vyos +2021-11-25 20:44:22,846 p=36667 u=rob n=p=36667 u=rob | paramiko [PE1] | Connected (version 2.0, client OpenSSH_8.4p1) +2021-11-25 20:44:22,939 p=36667 u=rob n=p=36667 u=rob | paramiko [PE1] | Auth banner: b'Welcome to VyOS\n' +2021-11-25 20:44:22,940 p=36667 u=rob n=p=36667 u=rob | paramiko [PE1] | Authentication (publickey) successful! +2021-11-25 20:44:23,343 p=36664 u=rob n=p=36664 u=rob | paramiko [PE2] | Connected (version 2.0, client OpenSSH_8.4p1) +2021-11-25 20:44:23,347 p=36666 u=rob n=p=36666 u=rob | paramiko [PE3] | Connected (version 2.0, client OpenSSH_8.4p1) +2021-11-25 20:44:23,433 p=36664 u=rob n=p=36664 u=rob | paramiko [PE2] | Auth banner: b'Welcome to VyOS\n' +2021-11-25 20:44:23,433 p=36666 u=rob n=p=36666 u=rob | paramiko [PE3] | Auth banner: b'Welcome to VyOS\n' +2021-11-25 20:44:23,434 p=36664 u=rob n=p=36664 u=rob | paramiko [PE2] | Authentication (publickey) successful! +2021-11-25 20:44:23,434 p=36666 u=rob n=p=36666 u=rob | paramiko [PE3] | Authentication (publickey) successful! +2021-11-25 20:44:55,367 p=36449 u=rob n=ansible | [WARNING]: To ensure idempotency and correct diff the input configuration lines should be similar to how they appear if present in the running configuration on +device including the indentation + +2021-11-25 20:44:55,368 p=36449 u=rob n=ansible | changed: [PE2] +2021-11-25 20:44:55,786 p=36449 u=rob n=ansible | changed: [PE3] +2021-11-25 20:44:56,202 p=36449 u=rob n=ansible | changed: [PE1] +2021-11-25 20:44:56,206 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : wait, b/c the ping often failed without a short break] ************************************************************************************* +2021-11-25 20:44:56,216 p=36734 u=rob n=ansible | Pausing for 30 seconds +2021-11-25 20:44:56,216 p=36734 u=rob n=ansible | (ctrl+C then 'C' = continue early, ctrl+C then 'A' = abort) +2021-11-25 20:45:26,224 p=36449 u=rob n=ansible | ok: [eveng] +2021-11-25 20:45:26,231 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : do ping test] ****************************************************************************************************************************** +2021-11-25 20:45:26,266 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:45:26,274 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:31,691 p=36449 u=rob n=ansible | ok: [PE1] => (item=172.29.255.2) +2021-11-25 20:45:31,700 p=36449 u=rob n=ansible | ok: [PE3] => (item=172.29.255.2) +2021-11-25 20:45:31,713 p=36449 u=rob n=ansible | ok: [PE2] => (item=172.29.255.1) +2021-11-25 20:45:36,178 p=36449 u=rob n=ansible | ok: [PE1] => (item=172.29.255.3) +2021-11-25 20:45:36,179 p=36449 u=rob n=ansible | ok: [PE3] => (item=172.29.255.1) +2021-11-25 20:45:36,180 p=36449 u=rob n=ansible | ok: [PE2] => (item=172.29.255.3) +2021-11-25 20:45:36,184 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : execute test commands] ********************************************************************************************************************* +2021-11-25 20:45:36,203 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:45:36,211 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:37,542 p=36449 u=rob n=ansible | ok: [PE2] => (item={'desc': 'PING vyos-oobm with VRF', 'command': 'ping 10.100.0.1 vrf mgmt count 1', 'wait_for': ["result[0] contains '1 packets transmitted, 1 received'"]}) +2021-11-25 20:45:37,543 p=36449 u=rob n=ansible | ok: [PE3] => (item={'desc': 'PING vyos-oobm with VRF', 'command': 'ping 10.100.0.1 vrf mgmt count 1', 'wait_for': ["result[0] contains '1 packets transmitted, 1 received'"]}) +2021-11-25 20:45:37,544 p=36449 u=rob n=ansible | ok: [PE1] => (item={'desc': 'PING vyos-oobm with VRF', 'command': 'ping 10.100.0.1 vrf mgmt count 1', 'wait_for': ["result[0] contains '1 packets transmitted, 1 received'"]}) +2021-11-25 20:45:37,894 p=36449 u=rob n=ansible | ok: [PE1] => (item={'desc': 'PING blue site 2', 'command': 'ping 10.1.2.10 vrf blue count 1', 'wait_for': ["result[0] contains '1 packets transmitted, 1 received'"]}) +2021-11-25 20:45:38,224 p=36449 u=rob n=ansible | ok: [PE1] => (item={'desc': 'PING red site 2', 'command': 'ping 10.2.2.10 vrf red count 1', 'wait_for': ["result[0] contains '1 packets transmitted, 1 received'"]}) +2021-11-25 20:45:38,558 p=36449 u=rob n=ansible | ok: [PE1] => (item={'desc': 'PING green site 3', 'command': 'ping 10.3.3.10 vrf green count 1', 'wait_for': ["result[0] contains '1 packets transmitted, 1 received'"]}) +2021-11-25 20:45:38,561 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : register stdout commands] ****************************************************************************************************************** +2021-11-25 20:45:38,577 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:45:38,585 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:38,601 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:39,908 p=36449 u=rob n=ansible | ok: [PE2] => (item={'name': 'bgp_evpn_net', 'command': 'show bgp l2vpn evpn 10.3.1.10'}) +2021-11-25 20:45:39,910 p=36449 u=rob n=ansible | ok: [PE1] => (item={'name': 'vrf_all', 'command': 'show ip route vrf all'}) +2021-11-25 20:45:40,340 p=36449 u=rob n=ansible | ok: [PE1] => (item={'name': 'bgp_evpn', 'command': 'show bgp l2vpn evpn'}) +2021-11-25 20:45:40,344 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : Set variables] ***************************************************************************************************************************** +2021-11-25 20:45:40,361 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:45:40,369 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:40,382 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:41,243 p=36449 u=rob n=ansible | ok: [PE1] +2021-11-25 20:45:41,244 p=36449 u=rob n=ansible | ok: [PE2] +2021-11-25 20:45:41,254 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : make sure tmp dir exist] ******************************************************************************************************************* +2021-11-25 20:45:41,282 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:45:41,293 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:41,301 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:45:41,302 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:45:41,308 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:41,312 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : Download upgrade_iso] ********************************************************************************************************************** +2021-11-25 20:45:41,331 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:45:41,338 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:41,347 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:45:41,349 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:45:41,351 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:41,358 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : Copy iso to host] ************************************************************************************************************************** +2021-11-25 20:45:41,374 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:45:41,380 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:41,387 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:45:41,388 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:45:41,393 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:41,396 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : upgrade vyos] ****************************************************************************************************************************** +2021-11-25 20:45:41,411 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:45:41,448 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:41,449 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:45:41,449 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:45:41,453 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:41,455 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : Reboot vyos] ******************************************************************************************************************************* +2021-11-25 20:45:41,470 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:45:41,476 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:41,483 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:45:41,484 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:45:41,489 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:41,491 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : wait while shutdown] *********************************************************************************************************************** +2021-11-25 20:45:41,499 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:45:41,501 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : Wait for vyos nodes] *********************************************************************************************************************** +2021-11-25 20:45:41,516 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:45:41,522 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:41,528 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:45:41,530 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:45:41,532 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:41,536 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : clear tmp dir] ***************************************************************************************************************************** +2021-11-25 20:45:41,543 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:45:41,546 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : wait, b/c the ping often failed without a short break] ************************************************************************************* +2021-11-25 20:45:41,554 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:45:41,556 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : do ping test] ****************************************************************************************************************************** +2021-11-25 20:45:41,570 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:45:41,575 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:41,583 p=36449 u=rob n=ansible | skipping: [PE1] => (item=172.29.255.2) +2021-11-25 20:45:41,584 p=36449 u=rob n=ansible | skipping: [PE1] => (item=172.29.255.3) +2021-11-25 20:45:41,587 p=36449 u=rob n=ansible | skipping: [PE2] => (item=172.29.255.1) +2021-11-25 20:45:41,588 p=36449 u=rob n=ansible | skipping: [PE2] => (item=172.29.255.3) +2021-11-25 20:45:41,593 p=36449 u=rob n=ansible | skipping: [PE3] => (item=172.29.255.2) +2021-11-25 20:45:41,593 p=36449 u=rob n=ansible | skipping: [PE3] => (item=172.29.255.1) +2021-11-25 20:45:41,596 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : execute test commands] ********************************************************************************************************************* +2021-11-25 20:45:41,608 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:45:41,616 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:41,625 p=36449 u=rob n=ansible | skipping: [PE1] => (item={'desc': 'PING vyos-oobm with VRF', 'command': 'ping 10.100.0.1 vrf mgmt count 1', 'wait_for': ["result[0] contains '1 packets transmitted, 1 received'"]}) +2021-11-25 20:45:41,626 p=36449 u=rob n=ansible | skipping: [PE1] => (item={'desc': 'PING blue site 2', 'command': 'ping 10.1.2.10 vrf blue count 1', 'wait_for': ["result[0] contains '1 packets transmitted, 1 received'"]}) +2021-11-25 20:45:41,627 p=36449 u=rob n=ansible | skipping: [PE1] => (item={'desc': 'PING red site 2', 'command': 'ping 10.2.2.10 vrf red count 1', 'wait_for': ["result[0] contains '1 packets transmitted, 1 received'"]}) +2021-11-25 20:45:41,628 p=36449 u=rob n=ansible | skipping: [PE1] => (item={'desc': 'PING green site 3', 'command': 'ping 10.3.3.10 vrf green count 1', 'wait_for': ["result[0] contains '1 packets transmitted, 1 received'"]}) +2021-11-25 20:45:41,628 p=36449 u=rob n=ansible | skipping: [PE2] => (item={'desc': 'PING vyos-oobm with VRF', 'command': 'ping 10.100.0.1 vrf mgmt count 1', 'wait_for': ["result[0] contains '1 packets transmitted, 1 received'"]}) +2021-11-25 20:45:41,634 p=36449 u=rob n=ansible | skipping: [PE3] => (item={'desc': 'PING vyos-oobm with VRF', 'command': 'ping 10.100.0.1 vrf mgmt count 1', 'wait_for': ["result[0] contains '1 packets transmitted, 1 received'"]}) +2021-11-25 20:45:41,637 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : register stdout commands] ****************************************************************************************************************** +2021-11-25 20:45:41,650 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:45:41,656 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:41,665 p=36449 u=rob n=ansible | skipping: [PE1] => (item={'name': 'vrf_all', 'command': 'show ip route vrf all'}) +2021-11-25 20:45:41,666 p=36449 u=rob n=ansible | skipping: [PE1] => (item={'name': 'bgp_evpn', 'command': 'show bgp l2vpn evpn'}) +2021-11-25 20:45:41,668 p=36449 u=rob n=ansible | skipping: [PE2] => (item={'name': 'bgp_evpn_net', 'command': 'show bgp l2vpn evpn 10.3.1.10'}) +2021-11-25 20:45:41,669 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:41,671 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : Set variables] ***************************************************************************************************************************** +2021-11-25 20:45:41,686 p=36449 u=rob n=ansible | skipping: [eveng] +2021-11-25 20:45:41,692 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:41,698 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:45:41,699 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:45:41,702 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:41,706 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : make sure output dir exist] **************************************************************************************************************** +2021-11-25 20:45:41,727 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:41,734 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:45:41,736 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:45:41,740 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:41,885 p=36449 u=rob n=ansible | changed: [eveng -> localhost] +2021-11-25 20:45:41,889 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : make sure output include dir exist] ******************************************************************************************************** +2021-11-25 20:45:41,912 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:41,920 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:45:41,921 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:45:41,926 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:42,020 p=36449 u=rob n=ansible | changed: [eveng -> localhost] +2021-11-25 20:45:42,022 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : Get timestamp from the system] ************************************************************************************************************* +2021-11-25 20:45:42,042 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:42,048 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:45:42,049 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:45:42,053 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:42,696 p=36449 u=rob n=ansible | changed: [eveng] +2021-11-25 20:45:42,701 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : Set variables] ***************************************************************************************************************************** +2021-11-25 20:45:42,719 p=36449 u=rob n=ansible | ok: [eveng] +2021-11-25 20:45:42,729 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:42,737 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:45:42,738 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:45:42,744 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:42,748 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : generate lab rst file] ********************************************************************************************************************* +2021-11-25 20:45:42,775 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:42,783 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:45:42,783 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:45:42,789 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:43,098 p=36449 u=rob n=ansible | changed: [eveng -> localhost] +2021-11-25 20:45:43,102 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : find all *.conf files in Lab] ************************************************************************************************************** +2021-11-25 20:45:43,125 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:43,132 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:45:43,134 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:45:43,140 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:43,295 p=36449 u=rob n=ansible | ok: [eveng -> localhost] +2021-11-25 20:45:43,305 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : copy all *.conf files] ********************************************************************************************************************* +2021-11-25 20:45:43,331 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:43,342 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:45:43,343 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:45:43,348 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:43,547 p=36449 u=rob n=ansible | changed: [eveng -> localhost] => (item={'path': 'labs/L3VPN_EVPN/PE2.conf', 'mode': '0644', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 501, 'gid': 20, 'size': 3858, 'inode': 27347425, 'dev': 16777233, 'nlink': 1, 'atime': 1635714231.5326006, 'mtime': 1635258045.4020927, 'ctime': 1635258045.4020927, 'gr_name': 'staff', 'pw_name': 'rob', 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': True, 'xgrp': False, 'woth': False, 'roth': True, 'xoth': False, 'isuid': False, 'isgid': False}) +2021-11-25 20:45:43,758 p=36449 u=rob n=ansible | changed: [eveng -> localhost] => (item={'path': 'labs/L3VPN_EVPN/PE3.conf', 'mode': '0644', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 501, 'gid': 20, 'size': 3864, 'inode': 27347426, 'dev': 16777233, 'nlink': 1, 'atime': 1635714231.532629, 'mtime': 1635354277.2700772, 'ctime': 1635354277.2700772, 'gr_name': 'staff', 'pw_name': 'rob', 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': True, 'xgrp': False, 'woth': False, 'roth': True, 'xoth': False, 'isuid': False, 'isgid': False}) +2021-11-25 20:45:43,963 p=36449 u=rob n=ansible | changed: [eveng -> localhost] => (item={'path': 'labs/L3VPN_EVPN/PE1.conf', 'mode': '0644', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 501, 'gid': 20, 'size': 4174, 'inode': 27347424, 'dev': 16777233, 'nlink': 1, 'atime': 1635714231.5325506, 'mtime': 1635251323.5978112, 'ctime': 1635251323.5978112, 'gr_name': 'staff', 'pw_name': 'rob', 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': True, 'xgrp': False, 'woth': False, 'roth': True, 'xoth': False, 'isuid': False, 'isgid': False}) +2021-11-25 20:45:43,968 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : find all *.png files in Lab] *************************************************************************************************************** +2021-11-25 20:45:43,991 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:43,998 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:45:43,999 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:45:44,003 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:44,092 p=36449 u=rob n=ansible | ok: [eveng -> localhost] +2021-11-25 20:45:44,097 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : copy all *.png files] ********************************************************************************************************************** +2021-11-25 20:45:44,125 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:44,133 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:45:44,135 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:45:44,140 p=36449 u=rob n=ansible | skipping: [PE3] +2021-11-25 20:45:44,327 p=36449 u=rob n=ansible | changed: [eveng -> localhost] => (item={'path': 'labs/L3VPN_EVPN/topology.png', 'mode': '0644', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 501, 'gid': 20, 'size': 102832, 'inode': 28103837, 'dev': 16777233, 'nlink': 1, 'atime': 1635714231.530433, 'mtime': 1635253341.3638003, 'ctime': 1635279392.2937582, 'gr_name': 'staff', 'pw_name': 'rob', 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': True, 'xgrp': False, 'woth': False, 'roth': True, 'xoth': False, 'isuid': False, 'isgid': False}) +2021-11-25 20:45:44,331 p=36449 u=rob n=ansible | TASK [eve-ng-lab-test : copy ansible log files] ******************************************************************************************************************** +2021-11-25 20:45:44,353 p=36449 u=rob n=ansible | skipping: [vyos-oobm] +2021-11-25 20:45:44,361 p=36449 u=rob n=ansible | skipping: [PE1] +2021-11-25 20:45:44,362 p=36449 u=rob n=ansible | skipping: [PE2] +2021-11-25 20:45:44,366 p=36449 u=rob n=ansible | skipping: [PE3] diff --git a/docs/configexamples/autotest/L3VPN_EVPN/L3VPN_EVPN.rst b/docs/configexamples/autotest/L3VPN_EVPN/L3VPN_EVPN.rst new file mode 100644 index 00000000..20630160 --- /dev/null +++ b/docs/configexamples/autotest/L3VPN_EVPN/L3VPN_EVPN.rst @@ -0,0 +1,254 @@ + +#################### +L3VPN EVPN with VyOS +#################### + +| Testdate: 2021-11-25 +| Version: 1.4-rolling-202111240711 + +I spun up a new lab in EVE-NG, which represents this as the +"Foo Bar - Service Provider Inc." that has 3 points of presence (PoP) in random +datacenters/sites named PE1, PE2, and PE3. Each PoP aggregates at least two +customers. + +I named the customers blue, red and green which is common practice in +VRF (Virtual Routing and Forwarding) documentation scenarios. + +* PE1 is located in an industrial area that holds multiple office buildings. + All customers have a site in this area. +* PE2 is located in a smaller area where by coincidence two customers + (blue and red) share an office building. +* PE3 is located in a smaller area where by coincidence two customers + (blue and green) are located. + +************** +Management VRF +************** + +A brief excursion into VRFs: This has been one of the longest-standing feature +requests of VyOS (dating back to 2016) which can be described as +"a VLAN for layer 2 is what a VRF is for layer 3". +With VRFs, a router/system can hold multiple, isolated routing tables on the +same system. If you wonder what's the difference between multiple tables that +people used for policy-based routing since forever, it's that a VRF also +isolates connected routes rather than just static and dynamically learned +routes, so it allows NICs in different VRFs to use conflicting network +ranges without issues. + +VyOS 1.3 added initial support for VRFs (including IPv4/IPv6 static routing) +and VyOS 1.4 now enables full dynamic routing protocol support for +OSPF, IS-IS, and BGP for individual VRFs. + +The lab I built is using a VRF (called **mgmt**) to provide out-of-band +SSH access to the PE (Provider Edge) routers. + +.. literalinclude:: _include/PE1.conf + :language: none + :lines: 1-6 + + +******** +Topology +******** + +We use the following network topology in this example: + +.. image:: _include/topology.png + :alt: L3VPN EVPN with VyOS topology image + + +************ +Core network +************ + +I chose to run OSPF as the IGP (Interior Gateway Protocol). +All required BGP sessions are established via a dummy interfaces +(similar to the loopback, but in Linux you can have only one loopback, +while there can be many dummy interfaces) on the PE routers. In case of a link +failure, traffic is diverted in the other direction in this triangle setup and +BGP sessions will not go down. One could even enable +BFD (Bidirectional Forwarding Detection) on the links for a faster +failover and resilience in the network. + +Regular VyOS users will notice that the BGP syntax has changed in VyOS 1.4 from +even the prior post about this subject. This is due to T1711, where it was +finally decided to get rid of the redundant BGP ASN (Autonomous System Number) +specification on the CLI and move it to a single leaf node +(set protocols bgp local-as). + +It's important to note that all your existing configurations will be migrated +automatically on image upgrade. Nothing to do on your side. + +PE1 + +.. literalinclude:: _include/PE1.conf + :language: none + :lines: 8-38 + +PE2 + +.. literalinclude:: _include/PE2.conf + :language: none + :lines: 8-38 + +PE3 + +.. literalinclude:: _include/PE3.conf + :language: none + :lines: 8-38 + + +********************** +Tenant networks (VRFs) +********************** + +Once all routers can be safely remotely managed and the core network is +operational, we can now setup the tenant networks. + +Every tenant is assigned an individual VRF that would support overlapping +address ranges for customers blue, red and green. In our example, +we do not use overlapping ranges to make it easier when showing debug commands. + +Thus you can easily match it to one of the devices/networks below. + +Every router that provides access to a customer network needs to have the +customer network (VRF + VNI) configured. To make our own lives easier, +we utilize the same VRF table id (local routing table number) and +VNI (Virtual Network Identifier) per tenant on all our routers. + +* blue uses local routing table id and VNI 2000 +* red uses local routing table id and VNI 3000 +* green uses local routing table id and VNI 4000 + +PE1 + +.. literalinclude:: _include/PE1.conf + :language: none + :lines: 40-96 + +PE2 + +.. literalinclude:: _include/PE2.conf + :language: none + :lines: 40-89 + +PE3 + +.. literalinclude:: _include/PE3.conf + :language: none + :lines: 40-89 + +********************* +Testing and debugging +********************* + +You managed to come this far, now we want to see the network and routing +tables in action. + +Show routes for all VRFs + + +.. code-block:: none + + vyos@PE1:~$ show ip route vrf all + Codes: K - kernel route, C - connected, S - static, R - RIP, + O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, + T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, + F - PBR, f - OpenFabric, + > - selected route, * - FIB route, q - queued, r - rejected, b - backup + + VRF blue: + K>* 0.0.0.0/0 [255/8192] unreachable (ICMP unreachable), 00:00:59 + C>* 10.1.1.0/24 is directly connected, br2000, 00:00:58 + B>* 10.1.2.0/24 [200/0] via 172.29.255.2, br2000 onlink, weight 1, 00:00:34 + B>* 10.1.3.0/24 [200/0] via 172.29.255.3, br2000 onlink, weight 1, 00:00:34 + + VRF default: + O 172.29.0.2/31 [110/1] is directly connected, eth1, weight 1, 00:00:55 + C>* 172.29.0.2/31 is directly connected, eth1, 00:00:58 + O>* 172.29.0.4/31 [110/2] via 172.29.0.3, eth1, weight 1, 00:00:31 + * via 172.29.0.7, eth3, weight 1, 00:00:31 + O 172.29.0.6/31 [110/1] is directly connected, eth3, weight 1, 00:00:55 + C>* 172.29.0.6/31 is directly connected, eth3, 00:00:58 + C>* 172.29.255.1/32 is directly connected, dum0, 00:00:59 + O>* 172.29.255.2/32 [110/20] via 172.29.0.3, eth1, weight 1, 00:00:35 + O>* 172.29.255.3/32 [110/20] via 172.29.0.7, eth3, weight 1, 00:00:30 + + VRF green: + K>* 0.0.0.0/0 [255/8192] unreachable (ICMP unreachable), 00:00:59 + C>* 10.3.1.0/24 is directly connected, br4000, 00:00:58 + B>* 10.3.3.0/24 [200/0] via 172.29.255.3, br4000 onlink, weight 1, 00:00:34 + + VRF mgmt: + S>* 0.0.0.0/0 [210/0] via 10.100.0.1, eth0, weight 1, 00:01:56 + K * 0.0.0.0/0 [255/8192] unreachable (ICMP unreachable), 00:01:59 + C>* 10.100.0.0/24 is directly connected, eth0, 00:01:57 + + VRF red: + K>* 0.0.0.0/0 [255/8192] unreachable (ICMP unreachable), 00:00:59 + C>* 10.2.1.0/24 is directly connected, br3000, 00:00:58 + B>* 10.2.2.0/24 [200/0] via 172.29.255.2, br3000 onlink, weight 1, 00:00:34 + +Information about Ethernet Virtual Private Networks + + +.. code-block:: none + + vyos@PE1:~$ show bgp l2vpn evpn + BGP table version is 1, local router ID is 172.29.255.1 + Status codes: s suppressed, d damped, h history, * valid, > best, i - internal + Origin codes: i - IGP, e - EGP, ? - incomplete + EVPN type-1 prefix: [1]:[ESI]:[EthTag]:[IPlen]:[VTEP-IP] + EVPN type-2 prefix: [2]:[EthTag]:[MAClen]:[MAC]:[IPlen]:[IP] + EVPN type-3 prefix: [3]:[EthTag]:[IPlen]:[OrigIP] + EVPN type-4 prefix: [4]:[ESI]:[IPlen]:[OrigIP] + EVPN type-5 prefix: [5]:[EthTag]:[IPlen]:[IP] + + Network Next Hop Metric LocPrf Weight Path + Route Distinguisher: 10.1.1.1:5 + *> [5]:[0]:[24]:[10.1.1.0] + 172.29.255.1 0 32768 ? + ET:8 RT:100:2000 Rmac:50:00:00:01:00:04 + Route Distinguisher: 10.1.2.1:4 + *>i[5]:[0]:[24]:[10.1.2.0] + 172.29.255.2 0 100 0 ? + RT:100:2000 ET:8 Rmac:4a:da:66:c7:5a:54 + Route Distinguisher: 10.1.3.1:4 + *>i[5]:[0]:[24]:[10.1.3.0] + 172.29.255.3 0 100 0 ? + RT:100:2000 ET:8 Rmac:50:00:00:03:00:04 + Route Distinguisher: 10.2.1.1:6 + *> [5]:[0]:[24]:[10.2.1.0] + 172.29.255.1 0 32768 ? + ET:8 RT:100:3000 Rmac:50:00:00:01:00:05 + Route Distinguisher: 10.2.2.1:5 + *>i[5]:[0]:[24]:[10.2.2.0] + 172.29.255.2 0 100 0 ? + RT:100:3000 ET:8 Rmac:1a:c4:c5:ec:b3:e6 + Route Distinguisher: 10.3.1.1:7 + *> [5]:[0]:[24]:[10.3.1.0] + 172.29.255.1 0 32768 ? + ET:8 RT:100:4000 Rmac:50:00:00:01:00:06 + Route Distinguisher: 10.3.3.1:6 + *>i[5]:[0]:[24]:[10.3.3.0] + 172.29.255.3 0 100 0 ? + RT:100:4000 ET:8 Rmac:0a:61:a1:5c:7b:14 + + Displayed 7 out of 7 total prefixes + +If we need to retrieve information about a specific host/network inside +the EVPN network we need to run + + +.. code-block:: none + + vyos@PE2:~$ show bgp l2vpn evpn 10.3.1.10 + BGP routing table entry for 10.3.1.1:7:[5]:[0]:[24]:[10.3.1.0] + Paths: (1 available, best #1) + Not advertised to any peer + Route [5]:[0]:[24]:[10.3.1.0] VNI 4000 + Local + 172.29.255.1 (metric 20) from 172.29.255.1 (172.29.255.1) + Origin incomplete, metric 0, localpref 100, valid, internal, best (First path received) + Extended Community: RT:100:4000 ET:8 Rmac:50:00:00:01:00:06 + Last update: Thu Nov 25 19:45:06 2021 diff --git a/docs/configexamples/autotest/L3VPN_EVPN/_include/PE1.conf b/docs/configexamples/autotest/L3VPN_EVPN/_include/PE1.conf new file mode 100644 index 00000000..6d161f89 --- /dev/null +++ b/docs/configexamples/autotest/L3VPN_EVPN/_include/PE1.conf @@ -0,0 +1,96 @@ +set system host-name PE1 +set interfaces ethernet eth0 address 'dhcp' +set interfaces ethernet eth0 description 'out-of-band management' +set interfaces ethernet eth0 vrf 'mgmt' +set service ssh vrf 'mgmt' +set vrf name mgmt table '1000' + +set interfaces dummy dum0 address '172.29.255.1/32' + +set interfaces ethernet eth1 address '172.29.0.2/31' +set interfaces ethernet eth1 description 'link to pe2' +set interfaces ethernet eth1 mtu '1600' +set interfaces ethernet eth3 address '172.29.0.6/31' +set interfaces ethernet eth3 description 'link to pe3' +set interfaces ethernet eth3 mtu '1600' + +set protocols ospf area 0 network '172.29.0.2/31' +set protocols ospf area 0 network '172.29.0.6/31' +set protocols ospf interface eth1 network 'point-to-point' +set protocols ospf interface eth3 network 'point-to-point' +set protocols ospf log-adjacency-changes detail +set protocols ospf parameters abr-type 'cisco' +set protocols ospf parameters router-id '172.29.255.1' +set protocols ospf passive-interface 'default' +set protocols ospf passive-interface-exclude 'eth1' +set protocols ospf passive-interface-exclude 'eth3' +set protocols ospf redistribute connected + +set protocols bgp address-family l2vpn-evpn advertise ipv4 unicast +set protocols bgp address-family l2vpn-evpn advertise-all-vni +set protocols bgp local-as '100' +set protocols bgp neighbor 172.29.255.2 peer-group 'ibgp' +set protocols bgp neighbor 172.29.255.3 peer-group 'ibgp' +set protocols bgp parameters log-neighbor-changes +set protocols bgp parameters router-id '172.29.255.1' +set protocols bgp peer-group ibgp address-family l2vpn-evpn +set protocols bgp peer-group ibgp remote-as '100' +set protocols bgp peer-group ibgp update-source 'dum0' + +set interfaces vxlan vxlan2000 mtu '1500' +set interfaces vxlan vxlan2000 parameters nolearning +set interfaces vxlan vxlan2000 port '4789' +set interfaces vxlan vxlan2000 source-address '172.29.255.1' +set interfaces vxlan vxlan2000 vni '2000' + +set vrf name blue protocols bgp address-family ipv4-unicast redistribute connected +set vrf name blue protocols bgp address-family l2vpn-evpn advertise ipv4 unicast +set vrf name blue protocols bgp local-as '100' +set vrf name blue table '2000' +set vrf name blue vni '2000' + +set interfaces vxlan vxlan3000 mtu '1500' +set interfaces vxlan vxlan3000 parameters nolearning +set interfaces vxlan vxlan3000 port '4789' +set interfaces vxlan vxlan3000 source-address '172.29.255.1' +set interfaces vxlan vxlan3000 vni '3000' + +set vrf name red protocols bgp address-family ipv4-unicast redistribute connected +set vrf name red protocols bgp address-family l2vpn-evpn advertise ipv4 unicast +set vrf name red protocols bgp local-as '100' +set vrf name red table '3000' +set vrf name red vni '3000' + +set interfaces vxlan vxlan4000 mtu '1500' +set interfaces vxlan vxlan4000 parameters nolearning +set interfaces vxlan vxlan4000 port '4789' +set interfaces vxlan vxlan4000 source-address '172.29.255.1' +set interfaces vxlan vxlan4000 vni '4000' + +set vrf name green protocols bgp address-family ipv4-unicast redistribute connected +set vrf name green protocols bgp address-family l2vpn-evpn advertise ipv4 unicast +set vrf name green protocols bgp local-as '100' +set vrf name green table '4000' +set vrf name green vni '4000' + +set interfaces bridge br2000 address '10.1.1.1/24' +set interfaces bridge br2000 description 'customer blue' +set interfaces bridge br2000 member interface eth4 +set interfaces bridge br2000 member interface vxlan2000 +set interfaces bridge br2000 vrf 'blue' + +set interfaces bridge br3000 address '10.2.1.1/24' +set interfaces bridge br3000 description 'customer red' +set interfaces bridge br3000 member interface eth5 +set interfaces bridge br3000 member interface vxlan3000 +set interfaces bridge br3000 vrf 'red' + +set interfaces bridge br4000 address '10.3.1.1/24' +set interfaces bridge br4000 description 'customer green' +set interfaces bridge br4000 member interface eth6 +set interfaces bridge br4000 member interface vxlan4000 +set interfaces bridge br4000 vrf 'green' + +set interfaces ethernet eth4 description 'customer blue' +set interfaces ethernet eth5 description 'customer red' +set interfaces ethernet eth6 description 'customer green' \ No newline at end of file diff --git a/docs/configexamples/autotest/L3VPN_EVPN/_include/PE2.conf b/docs/configexamples/autotest/L3VPN_EVPN/_include/PE2.conf new file mode 100644 index 00000000..3f25f193 --- /dev/null +++ b/docs/configexamples/autotest/L3VPN_EVPN/_include/PE2.conf @@ -0,0 +1,89 @@ +set system host-name PE2 +set interfaces ethernet eth0 address 'dhcp' +set interfaces ethernet eth0 description 'out-of-band management' +set interfaces ethernet eth0 vrf 'mgmt' +set service ssh vrf 'mgmt' +set vrf name mgmt table '1000' + +set interfaces dummy dum0 address '172.29.255.2/32' + +set interfaces ethernet eth1 address '172.29.0.3/31' +set interfaces ethernet eth1 description 'link to pe1' +set interfaces ethernet eth1 mtu '1600' +set interfaces ethernet eth2 address '172.29.0.4/31' +set interfaces ethernet eth2 description 'link to pe3' +set interfaces ethernet eth2 mtu '1600' + +set protocols ospf area 0 network '172.29.0.2/31' +set protocols ospf area 0 network '172.29.0.4/31' +set protocols ospf interface eth1 network 'point-to-point' +set protocols ospf interface eth2 network 'point-to-point' +set protocols ospf log-adjacency-changes detail +set protocols ospf parameters abr-type 'cisco' +set protocols ospf parameters router-id '172.29.255.2' +set protocols ospf passive-interface 'default' +set protocols ospf passive-interface-exclude 'eth1' +set protocols ospf passive-interface-exclude 'eth2' +set protocols ospf redistribute connected + +set protocols bgp address-family l2vpn-evpn advertise ipv4 unicast +set protocols bgp address-family l2vpn-evpn advertise-all-vni +set protocols bgp local-as '100' +set protocols bgp neighbor 172.29.255.1 peer-group 'ibgp' +set protocols bgp neighbor 172.29.255.3 peer-group 'ibgp' +set protocols bgp parameters log-neighbor-changes +set protocols bgp parameters router-id '172.29.255.2' +set protocols bgp peer-group ibgp address-family l2vpn-evpn +set protocols bgp peer-group ibgp remote-as '100' +set protocols bgp peer-group ibgp update-source 'dum0' + +set interfaces vxlan vxlan2000 mtu '1500' +set interfaces vxlan vxlan2000 parameters nolearning +set interfaces vxlan vxlan2000 port '4789' +set interfaces vxlan vxlan2000 source-address '172.29.255.2' +set interfaces vxlan vxlan2000 vni '2000' + +set vrf name blue protocols bgp address-family ipv4-unicast redistribute connected +set vrf name blue protocols bgp address-family l2vpn-evpn advertise ipv4 unicast +set vrf name blue protocols bgp local-as '100' +set vrf name blue table '2000' +set vrf name blue vni '2000' + +set interfaces vxlan vxlan3000 mtu '1500' +set interfaces vxlan vxlan3000 parameters nolearning +set interfaces vxlan vxlan3000 port '4789' +set interfaces vxlan vxlan3000 source-address '172.29.255.2' +set interfaces vxlan vxlan3000 vni '3000' + +set vrf name red protocols bgp address-family ipv4-unicast redistribute connected +set vrf name red protocols bgp address-family l2vpn-evpn advertise ipv4 unicast +set vrf name red protocols bgp local-as '100' +set vrf name red table '3000' +set vrf name red vni '3000' + +set interfaces vxlan vxlan4000 mtu '1500' +set interfaces vxlan vxlan4000 parameters nolearning +set interfaces vxlan vxlan4000 port '4789' +set interfaces vxlan vxlan4000 source-address '172.29.255.2' +set interfaces vxlan vxlan4000 vni '4000' + +set vrf name green protocols bgp address-family ipv4-unicast redistribute connected +set vrf name green protocols bgp address-family l2vpn-evpn advertise ipv4 unicast +set vrf name green protocols bgp local-as '100' +set vrf name green table '4000' +set vrf name green vni '4000' + +set interfaces bridge br2000 address '10.1.2.1/24' +set interfaces bridge br2000 description 'customer blue' +set interfaces bridge br2000 member interface eth4 +set interfaces bridge br2000 member interface vxlan2000 +set interfaces bridge br2000 vrf 'blue' + +set interfaces bridge br3000 address '10.2.2.1/24' +set interfaces bridge br3000 description 'customer red' +set interfaces bridge br3000 member interface eth5 +set interfaces bridge br3000 member interface vxlan3000 +set interfaces bridge br3000 vrf 'red' + +set interfaces ethernet eth4 description 'customer blue' +set interfaces ethernet eth5 description 'customer red' \ No newline at end of file diff --git a/docs/configexamples/autotest/L3VPN_EVPN/_include/PE3.conf b/docs/configexamples/autotest/L3VPN_EVPN/_include/PE3.conf new file mode 100644 index 00000000..a1bdd97e --- /dev/null +++ b/docs/configexamples/autotest/L3VPN_EVPN/_include/PE3.conf @@ -0,0 +1,89 @@ +set system host-name PE3 +set interfaces ethernet eth0 address 'dhcp' +set interfaces ethernet eth0 description 'out-of-band management' +set interfaces ethernet eth0 vrf 'mgmt' +set service ssh vrf 'mgmt' +set vrf name mgmt table '1000' + +set interfaces dummy dum0 address '172.29.255.3/32' + +set interfaces ethernet eth2 address '172.29.0.5/31' +set interfaces ethernet eth2 description 'link to pe2' +set interfaces ethernet eth2 mtu '1600' +set interfaces ethernet eth3 address '172.29.0.7/31' +set interfaces ethernet eth3 description 'link to pe1' +set interfaces ethernet eth3 mtu '1600' + +set protocols ospf area 0 network '172.29.0.4/31' +set protocols ospf area 0 network '172.29.0.6/31' +set protocols ospf interface eth2 network 'point-to-point' +set protocols ospf interface eth3 network 'point-to-point' +set protocols ospf log-adjacency-changes detail +set protocols ospf parameters abr-type 'cisco' +set protocols ospf parameters router-id '172.29.255.3' +set protocols ospf passive-interface 'default' +set protocols ospf passive-interface-exclude 'eth3' +set protocols ospf passive-interface-exclude 'eth2' +set protocols ospf redistribute connected + +set protocols bgp address-family l2vpn-evpn advertise ipv4 unicast +set protocols bgp address-family l2vpn-evpn advertise-all-vni +set protocols bgp local-as '100' +set protocols bgp neighbor 172.29.255.1 peer-group 'ibgp' +set protocols bgp neighbor 172.29.255.2 peer-group 'ibgp' +set protocols bgp parameters log-neighbor-changes +set protocols bgp parameters router-id '172.29.255.3' +set protocols bgp peer-group ibgp address-family l2vpn-evpn +set protocols bgp peer-group ibgp remote-as '100' +set protocols bgp peer-group ibgp update-source 'dum0' + +set interfaces vxlan vxlan2000 mtu '1500' +set interfaces vxlan vxlan2000 parameters nolearning +set interfaces vxlan vxlan2000 port '4789' +set interfaces vxlan vxlan2000 source-address '172.29.255.3' +set interfaces vxlan vxlan2000 vni '2000' + +set vrf name blue protocols bgp address-family ipv4-unicast redistribute connected +set vrf name blue protocols bgp address-family l2vpn-evpn advertise ipv4 unicast +set vrf name blue protocols bgp local-as '100' +set vrf name blue table '2000' +set vrf name blue vni '2000' + +set interfaces vxlan vxlan3000 mtu '1500' +set interfaces vxlan vxlan3000 parameters nolearning +set interfaces vxlan vxlan3000 port '4789' +set interfaces vxlan vxlan3000 source-address '172.29.255.3' +set interfaces vxlan vxlan3000 vni '3000' + +set vrf name red protocols bgp address-family ipv4-unicast redistribute connected +set vrf name red protocols bgp address-family l2vpn-evpn advertise ipv4 unicast +set vrf name red protocols bgp local-as '100' +set vrf name red table '3000' +set vrf name red vni '3000' + +set interfaces vxlan vxlan4000 mtu '1500' +set interfaces vxlan vxlan4000 parameters nolearning +set interfaces vxlan vxlan4000 port '4789' +set interfaces vxlan vxlan4000 source-address '172.29.255.3' +set interfaces vxlan vxlan4000 vni '4000' + +set vrf name green protocols bgp address-family ipv4-unicast redistribute connected +set vrf name green protocols bgp address-family l2vpn-evpn advertise ipv4 unicast +set vrf name green protocols bgp local-as '100' +set vrf name green table '4000' +set vrf name green vni '4000' + +set interfaces bridge br2000 address '10.1.3.1/24' +set interfaces bridge br2000 description 'customer blue' +set interfaces bridge br2000 member interface eth4 +set interfaces bridge br2000 member interface vxlan2000 +set interfaces bridge br2000 vrf 'blue' + +set interfaces bridge br4000 address '10.3.3.1/24' +set interfaces bridge br4000 description 'customer green' +set interfaces bridge br4000 member interface eth6 +set interfaces bridge br4000 member interface vxlan4000 +set interfaces bridge br4000 vrf 'green' + +set interfaces ethernet eth4 description 'customer blue' +set interfaces ethernet eth6 description 'customer green' \ No newline at end of file diff --git a/docs/configexamples/autotest/L3VPN_EVPN/_include/topology.png b/docs/configexamples/autotest/L3VPN_EVPN/_include/topology.png new file mode 100644 index 00000000..18ecaabb Binary files /dev/null and b/docs/configexamples/autotest/L3VPN_EVPN/_include/topology.png differ -- cgit v1.2.3