blob: b71d2107e81b10cd5b71ae1e8fca81bec54c7779 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
|
!RANCID-CONTENT-TYPE: arista
!
vlan internal order ascending range 1006 1199
!
transceiver qsfp default-mode 4x10G
!
service routing protocols model multi-agent
!
hostname leaf3
ip name-server vrf default 8.8.8.8
ip name-server vrf default 192.168.2.1
dns domain atd.lab
!
spanning-tree mode mstp
no spanning-tree vlan-id 4093-4094
spanning-tree mst 0 priority 16384
!
no enable password
no aaa root
!
vlan 110
name Tenant_A_OP_Zone_1
!
vlan 160
name Tenant_A_VMOTION
!
vlan 3009
name MLAG_iBGP_Tenant_A_OP_Zone
trunk group LEAF_PEER_L3
!
vlan 4093
name LEAF_PEER_L3
trunk group LEAF_PEER_L3
!
vlan 4094
name MLAG_PEER
trunk group MLAG
!
vrf instance Tenant_A_OP_Zone
!
interface Port-Channel1
description MLAG_PEER_leaf4_Po1
no shutdown
switchport
switchport trunk allowed vlan 2-4094
switchport mode trunk
switchport trunk group LEAF_PEER_L3
switchport trunk group MLAG
!
interface Port-Channel4
description host2_PortChannel
no shutdown
switchport
switchport access vlan 110
mlag 4
!
interface Ethernet1
description MLAG_PEER_leaf4_Ethernet1
no shutdown
channel-group 1 mode active
!
interface Ethernet2
description P2P_LINK_TO_SPINE1_Ethernet4
no shutdown
mtu 1500
no switchport
ip address 172.30.255.9/31
!
interface Ethernet3
description P2P_LINK_TO_SPINE2_Ethernet4
no shutdown
mtu 1500
no switchport
ip address 172.30.255.11/31
!
interface Ethernet4
description host2_Eth1
no shutdown
channel-group 4 mode active
!
interface Ethernet5
description host2_Eth2
no shutdown
channel-group 4 mode active
!
interface Ethernet6
description MLAG_PEER_leaf4_Ethernet6
no shutdown
channel-group 1 mode active
!
interface Loopback0
description EVPN_Overlay_Peering
no shutdown
ip address 192.0.255.5/32
!
interface Loopback1
description VTEP_VXLAN_Tunnel_Source
no shutdown
ip address 192.0.254.5/32
!
interface Loopback100
description Tenant_A_OP_Zone_VTEP_DIAGNOSTICS
no shutdown
vrf Tenant_A_OP_Zone
ip address 10.255.1.5/32
!
interface Management1
description oob_management
no shutdown
ip address 192.168.0.14/24
!
interface Vlan110
description Tenant_A_OP_Zone_1
no shutdown
vrf Tenant_A_OP_Zone
ip address virtual 10.1.10.1/24
!
interface Vlan3009
description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone
no shutdown
mtu 1500
vrf Tenant_A_OP_Zone
ip address 10.255.251.4/31
!
interface Vlan4093
description MLAG_PEER_L3_PEERING
no shutdown
mtu 1500
ip address 10.255.251.4/31
!
interface Vlan4094
description MLAG_PEER
no shutdown
mtu 1500
no autostate
ip address 10.255.252.4/31
!
interface Vxlan1
description leaf3_VTEP
vxlan source-interface Loopback1
vxlan virtual-router encapsulation mac-address mlag-system-id
vxlan udp-port 4789
vxlan vlan 110 vni 10110
vxlan vlan 160 vni 55160
vxlan vrf Tenant_A_OP_Zone vni 10
!
ip virtual-router mac-address 00:1c:73:00:dc:01
!
ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.5
!
ip routing
ip routing vrf Tenant_A_OP_Zone
!
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.0.255.0/24 eq 32
seq 20 permit 192.0.254.0/24 eq 32
!
mlag configuration
domain-id pod2
local-interface Vlan4094
peer-address 10.255.252.5
peer-link Port-Channel1
reload-delay mlag 300
reload-delay non-mlag 330
!
ip route 0.0.0.0/0 192.168.0.1
!
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
!
router bfd
multihop interval 1200 min-rx 1200 multiplier 3
!
router bgp 65102
router-id 192.0.255.5
no bgp default ipv4-unicast
distance bgp 20 200 200
graceful-restart restart-time 300
graceful-restart
maximum-paths 4 ecmp 4
neighbor EVPN-OVERLAY-PEERS peer group
neighbor EVPN-OVERLAY-PEERS update-source Loopback0
neighbor EVPN-OVERLAY-PEERS bfd
neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3
neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==
neighbor EVPN-OVERLAY-PEERS send-community
neighbor EVPN-OVERLAY-PEERS maximum-routes 0
neighbor IPv4-UNDERLAY-PEERS peer group
neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==
neighbor IPv4-UNDERLAY-PEERS send-community
neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000
neighbor MLAG-IPv4-UNDERLAY-PEER peer group
neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102
neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self
neighbor MLAG-IPv4-UNDERLAY-PEER description leaf4
neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ==
neighbor MLAG-IPv4-UNDERLAY-PEER send-community
neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000
neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in
neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.5 description leaf4
neighbor 172.30.255.8 peer group IPv4-UNDERLAY-PEERS
neighbor 172.30.255.8 remote-as 65001
neighbor 172.30.255.8 description spine1_Ethernet4
neighbor 172.30.255.10 peer group IPv4-UNDERLAY-PEERS
neighbor 172.30.255.10 remote-as 65001
neighbor 172.30.255.10 description spine2_Ethernet4
neighbor 192.0.255.1 peer group EVPN-OVERLAY-PEERS
neighbor 192.0.255.1 remote-as 65001
neighbor 192.0.255.1 description spine1
neighbor 192.0.255.2 peer group EVPN-OVERLAY-PEERS
neighbor 192.0.255.2 remote-as 65001
neighbor 192.0.255.2 description spine2
redistribute connected route-map RM-CONN-2-BGP
!
vlan-aware-bundle Tenant_A_OP_Zone
rd 192.0.255.5:10
route-target both 10:10
redistribute learned
vlan 110
!
vlan-aware-bundle Tenant_A_VMOTION
rd 192.0.255.5:55160
route-target both 55160:55160
redistribute learned
vlan 160
!
address-family evpn
neighbor EVPN-OVERLAY-PEERS activate
!
address-family ipv4
no neighbor EVPN-OVERLAY-PEERS activate
neighbor IPv4-UNDERLAY-PEERS activate
neighbor MLAG-IPv4-UNDERLAY-PEER activate
!
vrf Tenant_A_OP_Zone
rd 192.0.255.5:10
route-target import evpn 10:10
route-target export evpn 10:10
router-id 192.0.255.5
neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER
redistribute connected
!
management api http-commands
protocol https
no shutdown
!
vrf default
no shutdown
!
end
|