From d147870aaa2a008829293100b4c48ff3b1f4dd60 Mon Sep 17 00:00:00 2001 From: Mitch Vaughan Date: Mon, 7 Oct 2024 18:13:38 +0000 Subject: [PATCH 1/2] avpn dg - evpn l2 vxlan mpls gw configs --- .../clab/configs/DC1-BORDER1.cfg | 47 +++++++++++++- .../clab/configs/DC1-BORDER2.cfg | 47 +++++++++++++- .../clab/configs/DC2-BORDER1.cfg | 47 +++++++++++++- .../clab/configs/DC2-BORDER2.cfg | 47 +++++++++++++- .../zbackend-infra/clab/configs/DCI-MPLS.cfg | 65 ++++++++++++++++++- 5 files changed, 244 insertions(+), 9 deletions(-) diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-BORDER1.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-BORDER1.cfg index b5fa531..94f99aa 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-BORDER1.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-BORDER1.cfg @@ -62,10 +62,17 @@ interface Ethernet1 interface Ethernet2 description DCI-MPLS no switchport + ip address unnumbered Loopback0 + isis enable 100 + isis circuit-type level-2 + isis network point-to-point ! interface Loopback0 description Globally Unique Address ip address 10.0.1.4/32 + node-segment ipv4 index 14 + isis enable 100 + isis circuit-type level-2 ! interface Loopback1 description Shared VTEP IP @@ -117,6 +124,8 @@ ip route vrf MGMT 0.0.0.0/0 172.100.100.1 ! arp aging timeout default 1500 ! +mpls ip +! route-map RM-CONN-2-BGP permit 10 match ip address prefix-list PL-LOOPBACKS ! @@ -130,6 +139,7 @@ router bgp 65102 graceful-restart restart-time 300 graceful-restart maximum-paths 4 + bgp bestpath d-path neighbor default send-community neighbor IPv4-UNDERLAY-PEERS peer group neighbor IPv4-UNDERLAY-PEERS remote-as 65100 @@ -139,13 +149,19 @@ router bgp 65102 neighbor LOCAL-EVPN-PEERS update-source Loopback0 neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor REMOTE-BACKBONE-PEERS peer group + neighbor REMOTE-BACKBONE-PEERS remote-as 65500 + neighbor REMOTE-BACKBONE-PEERS local-as 65500 no-prepend replace-as + neighbor REMOTE-BACKBONE-PEERS update-source Loopback0 + neighbor 10.0.0.99 peer group REMOTE-BACKBONE-PEERS neighbor 10.0.1.201 peer group LOCAL-EVPN-PEERS neighbor 172.20.1.6 peer group IPv4-UNDERLAY-PEERS redistribute connected route-map RM-CONN-2-BGP ! vlan 10 - rd 10.0.1.4:10010 - route-target both 10010:10010 + rd evpn domain all 10.0.1.4:10010 + route-target import evpn domain all 10010:10010 + route-target export evpn domain all 10010:10010 redistribute learned ! vlan 20 @@ -160,11 +176,29 @@ router bgp 65102 ! address-family evpn neighbor LOCAL-EVPN-PEERS activate + neighbor LOCAL-EVPN-PEERS encapsulation vxlan + neighbor REMOTE-BACKBONE-PEERS activate + neighbor REMOTE-BACKBONE-PEERS encapsulation mpls next-hop-self source-interface Loopback0 + neighbor REMOTE-BACKBONE-PEERS domain remote + domain identifier 1:1 + domain identifier 2:2 remote route import match-failure action discard + layer-2 fec in-place update + ! + evpn ethernet-segment domain local + identifier 0011:1111:1111:1111:aaaa + route-target import 11:11:11:11:11:aa + ! + evpn ethernet-segment domain remote + identifier 0011:1111:1111:1111:bbbb + route-target import 11:11:11:11:11:bb ! address-family ipv4 neighbor IPv4-UNDERLAY-PEERS activate ! + address-family vpn-ipv4 + neighbor REMOTE-BACKBONE-PEERS activate + ! vrf DEV rd 10.0.1.4:52 route-target import evpn 52:52 @@ -175,6 +209,15 @@ router bgp 65102 route-target import evpn 51:51 route-target export evpn 51:51 ! +router isis 100 + net 49.1111.0000.0001.0004.00 + is-type level-2 + ! + address-family ipv4 unicast + ! + segment-routing mpls + no shutdown +! router multicast ipv4 software-forwarding kernel diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-BORDER2.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-BORDER2.cfg index 516af7e..3212f72 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-BORDER2.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-BORDER2.cfg @@ -62,10 +62,17 @@ interface Ethernet1 interface Ethernet2 description DCI-MPLS no switchport + ip address unnumbered Loopback0 + isis enable 100 + isis circuit-type level-2 + isis network point-to-point ! interface Loopback0 description Globally Unique Address ip address 10.0.1.5/32 + node-segment ipv4 index 15 + isis enable 100 + isis circuit-type level-2 ! interface Loopback1 description Shared VTEP IP @@ -117,6 +124,8 @@ ip route vrf MGMT 0.0.0.0/0 172.100.100.1 ! arp aging timeout default 1500 ! +mpls ip +! route-map RM-CONN-2-BGP permit 10 match ip address prefix-list PL-LOOPBACKS ! @@ -130,6 +139,7 @@ router bgp 65103 graceful-restart restart-time 300 graceful-restart maximum-paths 4 + bgp bestpath d-path neighbor default send-community neighbor IPv4-UNDERLAY-PEERS peer group neighbor IPv4-UNDERLAY-PEERS remote-as 65100 @@ -139,13 +149,19 @@ router bgp 65103 neighbor LOCAL-EVPN-PEERS update-source Loopback0 neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor REMOTE-BACKBONE-PEERS peer group + neighbor REMOTE-BACKBONE-PEERS remote-as 65500 + neighbor REMOTE-BACKBONE-PEERS local-as 65500 no-prepend replace-as + neighbor REMOTE-BACKBONE-PEERS update-source Loopback0 + neighbor 10.0.0.99 peer group REMOTE-BACKBONE-PEERS neighbor 10.0.1.201 peer group LOCAL-EVPN-PEERS neighbor 172.20.1.8 peer group IPv4-UNDERLAY-PEERS redistribute connected route-map RM-CONN-2-BGP ! vlan 10 - rd 10.0.1.5:10010 - route-target both 10010:10010 + rd evpn domain all 10.0.1.5:10010 + route-target import evpn domain all 10010:10010 + route-target export evpn domain all 10010:10010 redistribute learned ! vlan 20 @@ -155,11 +171,29 @@ router bgp 65103 ! address-family evpn neighbor LOCAL-EVPN-PEERS activate + neighbor LOCAL-EVPN-PEERS encapsulation vxlan + neighbor REMOTE-BACKBONE-PEERS activate + neighbor REMOTE-BACKBONE-PEERS encapsulation mpls next-hop-self source-interface Loopback0 + neighbor REMOTE-BACKBONE-PEERS domain remote + domain identifier 1:1 + domain identifier 2:2 remote route import match-failure action discard + layer-2 fec in-place update + ! + evpn ethernet-segment domain local + identifier 0011:1111:1111:1111:aaaa + route-target import 11:11:11:11:11:aa + ! + evpn ethernet-segment domain remote + identifier 0011:1111:1111:1111:bbbb + route-target import 11:11:11:11:11:bb ! address-family ipv4 neighbor IPv4-UNDERLAY-PEERS activate ! + address-family vpn-ipv4 + neighbor REMOTE-BACKBONE-PEERS activate + ! vrf DEV rd 10.0.1.5:52 route-target import evpn 52:52 @@ -170,6 +204,15 @@ router bgp 65103 route-target import evpn 51:51 route-target export evpn 51:51 ! +router isis 100 + net 49.1111.0000.0001.0005.00 + is-type level-2 + ! + address-family ipv4 unicast + ! + segment-routing mpls + no shutdown +! router multicast ipv4 software-forwarding kernel diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-BORDER1.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-BORDER1.cfg index d64a7f2..ca36801 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-BORDER1.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-BORDER1.cfg @@ -62,10 +62,17 @@ interface Ethernet1 interface Ethernet2 description DCI-MPLS no switchport + ip address unnumbered Loopback0 + isis enable 100 + isis circuit-type level-2 + isis network point-to-point ! interface Loopback0 description Globally Unique Address ip address 10.0.2.4/32 + node-segment ipv4 index 24 + isis enable 100 + isis circuit-type level-2 ! interface Loopback1 description VTEP IP @@ -117,6 +124,8 @@ ip route vrf MGMT 0.0.0.0/0 172.100.100.1 ! arp aging timeout default 1500 ! +mpls ip +! route-map RM-CONN-2-BGP permit 10 match ip address prefix-list PL-LOOPBACKS ! @@ -130,6 +139,7 @@ router bgp 65202 graceful-restart restart-time 300 graceful-restart maximum-paths 4 + bgp bestpath d-path neighbor default send-community neighbor IPv4-UNDERLAY-PEERS peer group neighbor IPv4-UNDERLAY-PEERS remote-as 65200 @@ -139,13 +149,19 @@ router bgp 65202 neighbor LOCAL-EVPN-PEERS update-source Loopback0 neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor REMOTE-BACKBONE-PEERS peer group + neighbor REMOTE-BACKBONE-PEERS remote-as 65500 + neighbor REMOTE-BACKBONE-PEERS local-as 65500 no-prepend replace-as + neighbor REMOTE-BACKBONE-PEERS update-source Loopback0 + neighbor 10.0.0.99 peer group REMOTE-BACKBONE-PEERS neighbor 10.0.2.201 peer group LOCAL-EVPN-PEERS neighbor 172.20.2.6 peer group IPv4-UNDERLAY-PEERS redistribute connected route-map RM-CONN-2-BGP ! vlan 10 - rd 10.0.2.4:10010 - route-target both 10010:10010 + rd evpn domain all 10.0.2.4:10010 + route-target import evpn domain all 10010:10010 + route-target export evpn domain all 10010:10010 redistribute learned ! vlan 40 @@ -160,11 +176,29 @@ router bgp 65202 ! address-family evpn neighbor LOCAL-EVPN-PEERS activate + neighbor LOCAL-EVPN-PEERS encapsulation vxlan + neighbor REMOTE-BACKBONE-PEERS activate + neighbor REMOTE-BACKBONE-PEERS encapsulation mpls next-hop-self source-interface Loopback0 + neighbor REMOTE-BACKBONE-PEERS domain remote + domain identifier 2:2 + domain identifier 1:1 remote route import match-failure action discard + layer-2 fec in-place update + ! + evpn ethernet-segment domain local + identifier 0022:2222:2222:2222:aaaa + route-target import 22:22:22:22:22:aa + ! + evpn ethernet-segment domain remote + identifier 0022:2222:2222:2222:bbbb + route-target import 22:22:22:22:22:bb ! address-family ipv4 neighbor IPv4-UNDERLAY-PEERS activate ! + address-family vpn-ipv4 + neighbor REMOTE-BACKBONE-PEERS activate + ! vrf DEV rd 10.0.2.4:52 route-target import evpn 52:52 @@ -175,6 +209,15 @@ router bgp 65202 route-target import evpn 51:51 route-target export evpn 51:51 ! +router isis 100 + net 49.1111.0000.0002.0004.00 + is-type level-2 + ! + address-family ipv4 unicast + ! + segment-routing mpls + no shutdown +! router multicast ipv4 software-forwarding kernel diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-BORDER2.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-BORDER2.cfg index 9d4daa3..2c1a22c 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-BORDER2.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-BORDER2.cfg @@ -63,10 +63,17 @@ interface Ethernet1 interface Ethernet2 description DCI-MPLS no switchport + ip address unnumbered Loopback0 + isis enable 100 + isis circuit-type level-2 + isis network point-to-point ! interface Loopback0 description Globally Unique Address ip address 10.0.2.5/32 + node-segment ipv4 index 25 + isis enable 100 + isis circuit-type level-2 ! interface Loopback1 description VTEP IP @@ -118,6 +125,8 @@ ip route vrf MGMT 0.0.0.0/0 172.100.100.1 ! arp aging timeout default 1500 ! +mpls ip +! route-map RM-CONN-2-BGP permit 10 match ip address prefix-list PL-LOOPBACKS ! @@ -131,6 +140,7 @@ router bgp 65203 graceful-restart restart-time 300 graceful-restart maximum-paths 4 + bgp bestpath d-path neighbor default send-community neighbor IPv4-UNDERLAY-PEERS peer group neighbor IPv4-UNDERLAY-PEERS remote-as 65200 @@ -140,13 +150,19 @@ router bgp 65203 neighbor LOCAL-EVPN-PEERS update-source Loopback0 neighbor LOCAL-EVPN-PEERS ebgp-multihop 3 neighbor LOCAL-EVPN-PEERS password 7 WzKnNSduqwPYvUePYIh40g== + neighbor REMOTE-BACKBONE-PEERS peer group + neighbor REMOTE-BACKBONE-PEERS remote-as 65500 + neighbor REMOTE-BACKBONE-PEERS local-as 65500 no-prepend replace-as + neighbor REMOTE-BACKBONE-PEERS update-source Loopback0 + neighbor 10.0.0.99 peer group REMOTE-BACKBONE-PEERS neighbor 10.0.2.201 peer group LOCAL-EVPN-PEERS neighbor 172.20.2.8 peer group IPv4-UNDERLAY-PEERS redistribute connected route-map RM-CONN-2-BGP ! vlan 10 - rd 10.0.2.5:10010 - route-target both 10010:10010 + rd evpn domain all 10.0.2.5:10010 + route-target import evpn domain all 10010:10010 + route-target export evpn domain all 10010:10010 redistribute learned ! vlan 40 @@ -161,11 +177,29 @@ router bgp 65203 ! address-family evpn neighbor LOCAL-EVPN-PEERS activate + neighbor LOCAL-EVPN-PEERS encapsulation vxlan + neighbor REMOTE-BACKBONE-PEERS activate + neighbor REMOTE-BACKBONE-PEERS encapsulation mpls next-hop-self source-interface Loopback0 + neighbor REMOTE-BACKBONE-PEERS domain remote + domain identifier 2:2 + domain identifier 1:1 remote route import match-failure action discard + layer-2 fec in-place update + ! + evpn ethernet-segment domain local + identifier 0022:2222:2222:2222:aaaa + route-target import 22:22:22:22:22:aa + ! + evpn ethernet-segment domain remote + identifier 0022:2222:2222:2222:bbbb + route-target import 22:22:22:22:22:bb ! address-family ipv4 neighbor IPv4-UNDERLAY-PEERS activate ! + address-family vpn-ipv4 + neighbor REMOTE-BACKBONE-PEERS activate + ! vrf DEV rd 10.0.2.5:52 route-target import evpn 52:52 @@ -176,6 +210,15 @@ router bgp 65203 route-target import evpn 51:51 route-target export evpn 51:51 ! +router isis 100 + net 49.1111.0000.0002.0005.00 + is-type level-2 + ! + address-family ipv4 unicast + ! + segment-routing mpls + no shutdown +! router multicast ipv4 software-forwarding kernel diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DCI-MPLS.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DCI-MPLS.cfg index 3e46cb4..535fd3b 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DCI-MPLS.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DCI-MPLS.cfg @@ -11,6 +11,8 @@ management api http-commands vrf MGMT no shutdown ! +switchport default mode routed +! no service interface inactive port-id allocation disabled ! transceiver qsfp default-mode 4x10G @@ -23,7 +25,7 @@ service routing protocols model multi-agent hostname DCI-MPLS ip name-server vrf MGMT 8.8.8.8 ! -spanning-tree mode mstp +spanning-tree mode none ! system l1 unsupported speed action error @@ -34,22 +36,83 @@ vrf instance MGMT aaa authorization exec default local ! interface Ethernet1 + no switchport + ip address unnumbered Loopback0 + isis enable 100 + isis circuit-type level-2 + isis network point-to-point ! interface Ethernet2 + no switchport + ip address unnumbered Loopback0 + isis enable 100 + isis circuit-type level-2 + isis network point-to-point ! interface Ethernet3 + no switchport + ip address unnumbered Loopback0 + isis enable 100 + isis circuit-type level-2 + isis network point-to-point ! interface Ethernet4 + no switchport + ip address unnumbered Loopback0 + isis enable 100 + isis circuit-type level-2 + isis network point-to-point +! +interface Loopback0 + ip address 10.0.0.99/32 + node-segment ipv4 index 99 + isis enable 100 + isis circuit-type level-2 ! interface Management0 vrf MGMT ip address 172.100.100.119/24 ! +mac address-table aging-time 1800 +! ip routing no ip routing vrf MGMT ! ip route vrf MGMT 0.0.0.0/0 172.100.100.1 ! +arp aging timeout default 1500 +! +mpls ip +! +router bgp 65500 + router-id 10.0.0.99 + no bgp default ipv4-unicast + distance bgp 20 200 200 + graceful-restart restart-time 300 + graceful-restart + maximum-paths 4 + bgp listen range 10.0.0.0/8 peer-group MPLS-DCI-PEERS remote-as 65500 + neighbor default send-community + neighbor MPLS-DCI-PEERS peer group + neighbor MPLS-DCI-PEERS update-source Loopback0 + neighbor MPLS-DCI-PEERS route-reflector-client + ! + address-family evpn + neighbor default encapsulation mpls next-hop-self source-interface Loopback0 + neighbor MPLS-DCI-PEERS activate + ! + address-family vpn-ipv4 + neighbor MPLS-DCI-PEERS activate +! +router isis 100 + net 49.1111.0000.0000.0099.00 + is-type level-2 + ! + address-family ipv4 unicast + ! + segment-routing mpls + no shutdown +! router multicast ipv4 software-forwarding kernel From 22c27b18f2d4ca4df766171ea8e81577c867840b Mon Sep 17 00:00:00 2001 From: Mitch Vaughan Date: Mon, 7 Oct 2024 22:02:40 +0000 Subject: [PATCH 2/2] update device configs for avpn dg --- .../clab/configs/DC1-BORDER1.cfg | 52 ++++++++++++++--- .../clab/configs/DC1-BORDER2.cfg | 52 ++++++++++++++--- .../zbackend-infra/clab/configs/DC1-LEAF.cfg | 4 +- .../zbackend-infra/clab/configs/DC1-R1.cfg | 56 ++++++++++++------- .../zbackend-infra/clab/configs/DC1-R2.cfg | 56 ++++++++++++------- .../zbackend-infra/clab/configs/DC1-SPINE.cfg | 4 +- .../clab/configs/DC2-BORDER1.cfg | 52 ++++++++++++++--- .../clab/configs/DC2-BORDER2.cfg | 52 ++++++++++++++--- .../zbackend-infra/clab/configs/DC2-LEAF.cfg | 4 +- .../zbackend-infra/clab/configs/DC2-R1.cfg | 56 ++++++++++++------- .../zbackend-infra/clab/configs/DC2-R2.cfg | 56 ++++++++++++------- .../zbackend-infra/clab/configs/DC2-SPINE.cfg | 4 +- .../zbackend-infra/clab/configs/DCI-MPLS.cfg | 8 +-- .../zbackend-infra/clab/configs/INTERNET.cfg | 4 +- .../zbackend-infra/clab/configs/S1-R1.cfg | 2 - .../zbackend-infra/clab/configs/S1-R2.cfg | 2 - .../zbackend-infra/clab/configs/S1-SW1.cfg | 4 +- .../zbackend-infra/clab/configs/S2-R1.cfg | 2 - .../zbackend-infra/clab/configs/S2-SW1.cfg | 4 +- 19 files changed, 329 insertions(+), 145 deletions(-) diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-BORDER1.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-BORDER1.cfg index 94f99aa..8a4906a 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-BORDER1.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-BORDER1.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: DC1-BORDER1 (cEOSLab, EOS-4.32.2F-38195967.4322F (engineering build)) ! no aaa root ! @@ -113,6 +111,10 @@ ip routing vrf DEV no ip routing vrf MGMT ip routing vrf PROD ! +ip prefix-list PL-GW-PEER-LOOPS + seq 10 permit 10.0.1.4/32 + seq 20 permit 10.0.1.5/32 +! ip prefix-list PL-LOOPBACKS seq 10 permit 10.0.0.0/16 eq 32 seq 20 permit 10.1.0.0/16 eq 32 @@ -153,6 +155,7 @@ router bgp 65102 neighbor REMOTE-BACKBONE-PEERS remote-as 65500 neighbor REMOTE-BACKBONE-PEERS local-as 65500 no-prepend replace-as neighbor REMOTE-BACKBONE-PEERS update-source Loopback0 + neighbor REMOTE-BACKBONE-PEERS bfd neighbor 10.0.0.99 peer group REMOTE-BACKBONE-PEERS neighbor 10.0.1.201 peer group LOCAL-EVPN-PEERS neighbor 172.20.1.6 peer group IPv4-UNDERLAY-PEERS @@ -176,13 +179,15 @@ router bgp 65102 ! address-family evpn neighbor LOCAL-EVPN-PEERS activate - neighbor LOCAL-EVPN-PEERS encapsulation vxlan + neighbor LOCAL-EVPN-PEERS encapsulation vxlan neighbor REMOTE-BACKBONE-PEERS activate + neighbor REMOTE-BACKBONE-PEERS rcf in AS65500_EVPN_IN() neighbor REMOTE-BACKBONE-PEERS encapsulation mpls next-hop-self source-interface Loopback0 neighbor REMOTE-BACKBONE-PEERS domain remote domain identifier 1:1 domain identifier 2:2 remote route import match-failure action discard + neighbor default next-hop-self received-evpn-routes route-type ip-prefix inter-domain layer-2 fec in-place update ! evpn ethernet-segment domain local @@ -196,9 +201,6 @@ router bgp 65102 address-family ipv4 neighbor IPv4-UNDERLAY-PEERS activate ! - address-family vpn-ipv4 - neighbor REMOTE-BACKBONE-PEERS activate - ! vrf DEV rd 10.0.1.4:52 route-target import evpn 52:52 @@ -209,6 +211,42 @@ router bgp 65102 route-target import evpn 51:51 route-target export evpn 51:51 ! +router general + control-functions + code + ############################## + ##### Reusable Functions ##### + ############################## + function IS_LOOPBACK() { + return prefix match prefix_list_v4 PL-LOOPBACKS; + } + function IS_UNDERLAY() { + return prefix match prefix_list_v4 PL-P2P-UNDERLAY; + } + function IS_IMET_ROUTE() { + return evpn.route_type is EVPN_IMET; + } + function FROM_EVPN_GW_PEER() { + return next_hop match prefix_list_v4 PL-GW-PEER-LOOPS; + } + ############################## + ##### Main Functions ##### + ############################## + function CONN_2_BGP() { + if IS_LOOPBACK() or IS_UNDERLAY() { + return true; + } + return false; + } + function AS65500_EVPN_IN() { + if IS_IMET_ROUTE() and FROM_EVPN_GW_PEER() { + return false; + } + return true; + } + # + EOF +! router isis 100 net 49.1111.0000.0001.0004.00 is-type level-2 @@ -229,4 +267,4 @@ management ssh vrf MGMT no shutdown ! -end \ No newline at end of file +end diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-BORDER2.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-BORDER2.cfg index 3212f72..d50510c 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-BORDER2.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-BORDER2.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: DC1-BORDER2 (cEOSLab, EOS-4.32.2F-38195967.4322F (engineering build)) ! no aaa root ! @@ -113,6 +111,10 @@ ip routing vrf DEV no ip routing vrf MGMT ip routing vrf PROD ! +ip prefix-list PL-GW-PEER-LOOPS + seq 10 permit 10.0.1.4/32 + seq 20 permit 10.0.1.5/32 +! ip prefix-list PL-LOOPBACKS seq 10 permit 10.0.0.0/16 eq 32 seq 20 permit 10.1.0.0/16 eq 32 @@ -153,6 +155,7 @@ router bgp 65103 neighbor REMOTE-BACKBONE-PEERS remote-as 65500 neighbor REMOTE-BACKBONE-PEERS local-as 65500 no-prepend replace-as neighbor REMOTE-BACKBONE-PEERS update-source Loopback0 + neighbor REMOTE-BACKBONE-PEERS bfd neighbor 10.0.0.99 peer group REMOTE-BACKBONE-PEERS neighbor 10.0.1.201 peer group LOCAL-EVPN-PEERS neighbor 172.20.1.8 peer group IPv4-UNDERLAY-PEERS @@ -171,13 +174,15 @@ router bgp 65103 ! address-family evpn neighbor LOCAL-EVPN-PEERS activate - neighbor LOCAL-EVPN-PEERS encapsulation vxlan + neighbor LOCAL-EVPN-PEERS encapsulation vxlan neighbor REMOTE-BACKBONE-PEERS activate + neighbor REMOTE-BACKBONE-PEERS rcf in AS65500_EVPN_IN() neighbor REMOTE-BACKBONE-PEERS encapsulation mpls next-hop-self source-interface Loopback0 neighbor REMOTE-BACKBONE-PEERS domain remote domain identifier 1:1 domain identifier 2:2 remote route import match-failure action discard + neighbor default next-hop-self received-evpn-routes route-type ip-prefix inter-domain layer-2 fec in-place update ! evpn ethernet-segment domain local @@ -191,9 +196,6 @@ router bgp 65103 address-family ipv4 neighbor IPv4-UNDERLAY-PEERS activate ! - address-family vpn-ipv4 - neighbor REMOTE-BACKBONE-PEERS activate - ! vrf DEV rd 10.0.1.5:52 route-target import evpn 52:52 @@ -204,6 +206,42 @@ router bgp 65103 route-target import evpn 51:51 route-target export evpn 51:51 ! +router general + control-functions + code + ############################## + ##### Reusable Functions ##### + ############################## + function IS_LOOPBACK() { + return prefix match prefix_list_v4 PL-LOOPBACKS; + } + function IS_UNDERLAY() { + return prefix match prefix_list_v4 PL-P2P-UNDERLAY; + } + function IS_IMET_ROUTE() { + return evpn.route_type is EVPN_IMET; + } + function FROM_EVPN_GW_PEER() { + return next_hop match prefix_list_v4 PL-GW-PEER-LOOPS; + } + ############################## + ##### Main Functions ##### + ############################## + function CONN_2_BGP() { + if IS_LOOPBACK() or IS_UNDERLAY() { + return true; + } + return false; + } + function AS65500_EVPN_IN() { + if IS_IMET_ROUTE() and FROM_EVPN_GW_PEER() { + return false; + } + return true; + } + # + EOF +! router isis 100 net 49.1111.0000.0001.0005.00 is-type level-2 @@ -224,4 +262,4 @@ management ssh vrf MGMT no shutdown ! -end \ No newline at end of file +end diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-LEAF.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-LEAF.cfg index 899a4f7..4894c1f 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-LEAF.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-LEAF.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: DC1-LEAF (cEOSLab, EOS-4.32.2F-38195967.4322F (engineering build)) ! no aaa root ! @@ -202,4 +200,4 @@ management ssh vrf MGMT no shutdown ! -end \ No newline at end of file +end diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-R1.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-R1.cfg index d88e9df..9c2f72a 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-R1.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-R1.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: DC1-R1 (vEOS, EOS-4.33.1F-38850339.eostrunkshipping (engineering build)) ! no aaa root ! @@ -190,6 +188,7 @@ router bgp 65000 neighbor LOCAL-EVPN-PEERS activate neighbor LOCAL-EVPN-PEERS encapsulation vxlan neighbor WAN-OVERLAY-PEERS activate + neighbor WAN-OVERLAY-PEERS rcf in AS65000_EVPN_IN() neighbor WAN-OVERLAY-PEERS encapsulation path-selection neighbor WAN-OVERLAY-PEERS domain remote route import match-failure action discard @@ -223,25 +222,40 @@ router bgp 65000 router general control-functions code - ############################## - ##### Reusable Functions ##### - ############################## - function IS_LOOPBACK() { - return prefix match prefix_list_v4 PL-LOOPBACKS; - } - function IS_UNDERLAY() { - return prefix match prefix_list_v4 PL-P2P-UNDERLAY; - } - ############################## - ##### Main Functions ##### - ############################## - function CONN_2_BGP() { - if IS_LOOPBACK() or IS_UNDERLAY() { - return true; - } - return false; - } - # + ############################## + ##### Reusable Functions ##### + ############################## + function IS_LOOPBACK() { + return prefix match prefix_list_v4 PL-LOOPBACKS; + } + function IS_UNDERLAY() { + return prefix match prefix_list_v4 PL-P2P-UNDERLAY; + } + function ORIGINATED_IN_DC1() { + return as_path.origin_as in {65100 to 65199}; + } + function ORIGINATED_IN_DC2() { + return as_path.origin_as in {65200 to 65299}; + } + ############################## + ##### Main Functions ##### + ############################## + function CONN_2_BGP() { + if IS_LOOPBACK() or IS_UNDERLAY() { + return true; + } + return false; + } + function AS65000_EVPN_IN() { + if ORIGINATED_IN_DC1() { + return false; + } + if ORIGINATED_IN_DC2() { + local_preference = 50; + } + return true; + } + # EOF ! stun diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-R2.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-R2.cfg index 19caea1..5f5f416 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-R2.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-R2.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: DC1-R2 (vEOS, EOS-4.33.1F-38850339.eostrunkshipping (engineering build)) ! no aaa root ! @@ -180,6 +178,7 @@ router bgp 65000 neighbor LOCAL-EVPN-PEERS activate neighbor LOCAL-EVPN-PEERS encapsulation vxlan neighbor WAN-OVERLAY-PEERS activate + neighbor WAN-OVERLAY-PEERS rcf in AS65000_EVPN_IN() neighbor WAN-OVERLAY-PEERS encapsulation path-selection neighbor WAN-OVERLAY-PEERS domain remote route import match-failure action discard @@ -213,25 +212,40 @@ router bgp 65000 router general control-functions code - ############################## - ##### Reusable Functions ##### - ############################## - function IS_LOOPBACK() { - return prefix match prefix_list_v4 PL-LOOPBACKS; - } - function IS_UNDERLAY() { - return prefix match prefix_list_v4 PL-P2P-UNDERLAY; - } - ############################## - ##### Main Functions ##### - ############################## - function CONN_2_BGP() { - if IS_LOOPBACK() or IS_UNDERLAY() { - return true; - } - return false; - } - # + ############################## + ##### Reusable Functions ##### + ############################## + function IS_LOOPBACK() { + return prefix match prefix_list_v4 PL-LOOPBACKS; + } + function IS_UNDERLAY() { + return prefix match prefix_list_v4 PL-P2P-UNDERLAY; + } + function ORIGINATED_IN_DC1() { + return as_path.origin_as in {65100 to 65199}; + } + function ORIGINATED_IN_DC2() { + return as_path.origin_as in {65200 to 65299}; + } + ############################## + ##### Main Functions ##### + ############################## + function CONN_2_BGP() { + if IS_LOOPBACK() or IS_UNDERLAY() { + return true; + } + return false; + } + function AS65000_EVPN_IN() { + if ORIGINATED_IN_DC1() { + return false; + } + if ORIGINATED_IN_DC2() { + local_preference = 50; + } + return true; + } + # EOF ! stun diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-SPINE.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-SPINE.cfg index 460ace3..2134c4b 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-SPINE.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC1-SPINE.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: DC1-SPINE (cEOSLab, EOS-4.32.2F-38195967.4322F (engineering build)) ! no aaa root ! @@ -154,4 +152,4 @@ management ssh vrf MGMT no shutdown ! -end \ No newline at end of file +end diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-BORDER1.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-BORDER1.cfg index ca36801..6571886 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-BORDER1.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-BORDER1.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: DC2-BORDER1 (cEOSLab, EOS-4.32.2F-38195967.4322F (engineering build)) ! no aaa root ! @@ -113,6 +111,10 @@ ip routing vrf DEV no ip routing vrf MGMT ip routing vrf PROD ! +ip prefix-list PL-GW-PEER-LOOPS + seq 10 permit 10.0.2.4/32 + seq 20 permit 10.0.2.5/32 +! ip prefix-list PL-LOOPBACKS seq 10 permit 10.0.0.0/16 eq 32 seq 20 permit 10.1.0.0/16 eq 32 @@ -153,6 +155,7 @@ router bgp 65202 neighbor REMOTE-BACKBONE-PEERS remote-as 65500 neighbor REMOTE-BACKBONE-PEERS local-as 65500 no-prepend replace-as neighbor REMOTE-BACKBONE-PEERS update-source Loopback0 + neighbor REMOTE-BACKBONE-PEERS bfd neighbor 10.0.0.99 peer group REMOTE-BACKBONE-PEERS neighbor 10.0.2.201 peer group LOCAL-EVPN-PEERS neighbor 172.20.2.6 peer group IPv4-UNDERLAY-PEERS @@ -176,13 +179,15 @@ router bgp 65202 ! address-family evpn neighbor LOCAL-EVPN-PEERS activate - neighbor LOCAL-EVPN-PEERS encapsulation vxlan + neighbor LOCAL-EVPN-PEERS encapsulation vxlan neighbor REMOTE-BACKBONE-PEERS activate + neighbor REMOTE-BACKBONE-PEERS rcf in AS65500_EVPN_IN() neighbor REMOTE-BACKBONE-PEERS encapsulation mpls next-hop-self source-interface Loopback0 neighbor REMOTE-BACKBONE-PEERS domain remote domain identifier 2:2 domain identifier 1:1 remote route import match-failure action discard + neighbor default next-hop-self received-evpn-routes route-type ip-prefix inter-domain layer-2 fec in-place update ! evpn ethernet-segment domain local @@ -196,9 +201,6 @@ router bgp 65202 address-family ipv4 neighbor IPv4-UNDERLAY-PEERS activate ! - address-family vpn-ipv4 - neighbor REMOTE-BACKBONE-PEERS activate - ! vrf DEV rd 10.0.2.4:52 route-target import evpn 52:52 @@ -209,6 +211,42 @@ router bgp 65202 route-target import evpn 51:51 route-target export evpn 51:51 ! +router general + control-functions + code + ############################## + ##### Reusable Functions ##### + ############################## + function IS_LOOPBACK() { + return prefix match prefix_list_v4 PL-LOOPBACKS; + } + function IS_UNDERLAY() { + return prefix match prefix_list_v4 PL-P2P-UNDERLAY; + } + function IS_IMET_ROUTE() { + return evpn.route_type is EVPN_IMET; + } + function FROM_EVPN_GW_PEER() { + return next_hop match prefix_list_v4 PL-GW-PEER-LOOPS; + } + ############################## + ##### Main Functions ##### + ############################## + function CONN_2_BGP() { + if IS_LOOPBACK() or IS_UNDERLAY() { + return true; + } + return false; + } + function AS65500_EVPN_IN() { + if IS_IMET_ROUTE() and FROM_EVPN_GW_PEER() { + return false; + } + return true; + } + # + EOF +! router isis 100 net 49.1111.0000.0002.0004.00 is-type level-2 @@ -229,4 +267,4 @@ management ssh vrf MGMT no shutdown ! -end \ No newline at end of file +end diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-BORDER2.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-BORDER2.cfg index 2c1a22c..a3a66e4 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-BORDER2.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-BORDER2.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: DC2-BORDER2 (cEOSLab, EOS-4.32.2F-38195967.4322F (engineering build)) ! no aaa root ! @@ -114,6 +112,10 @@ ip routing vrf DEV no ip routing vrf MGMT ip routing vrf PROD ! +ip prefix-list PL-GW-PEER-LOOPS + seq 10 permit 10.0.2.4/32 + seq 20 permit 10.0.2.5/32 +! ip prefix-list PL-LOOPBACKS seq 10 permit 10.0.0.0/16 eq 32 seq 20 permit 10.1.0.0/16 eq 32 @@ -154,6 +156,7 @@ router bgp 65203 neighbor REMOTE-BACKBONE-PEERS remote-as 65500 neighbor REMOTE-BACKBONE-PEERS local-as 65500 no-prepend replace-as neighbor REMOTE-BACKBONE-PEERS update-source Loopback0 + neighbor REMOTE-BACKBONE-PEERS bfd neighbor 10.0.0.99 peer group REMOTE-BACKBONE-PEERS neighbor 10.0.2.201 peer group LOCAL-EVPN-PEERS neighbor 172.20.2.8 peer group IPv4-UNDERLAY-PEERS @@ -177,13 +180,15 @@ router bgp 65203 ! address-family evpn neighbor LOCAL-EVPN-PEERS activate - neighbor LOCAL-EVPN-PEERS encapsulation vxlan + neighbor LOCAL-EVPN-PEERS encapsulation vxlan neighbor REMOTE-BACKBONE-PEERS activate + neighbor REMOTE-BACKBONE-PEERS rcf in AS65500_EVPN_IN() neighbor REMOTE-BACKBONE-PEERS encapsulation mpls next-hop-self source-interface Loopback0 neighbor REMOTE-BACKBONE-PEERS domain remote domain identifier 2:2 domain identifier 1:1 remote route import match-failure action discard + neighbor default next-hop-self received-evpn-routes route-type ip-prefix inter-domain layer-2 fec in-place update ! evpn ethernet-segment domain local @@ -197,9 +202,6 @@ router bgp 65203 address-family ipv4 neighbor IPv4-UNDERLAY-PEERS activate ! - address-family vpn-ipv4 - neighbor REMOTE-BACKBONE-PEERS activate - ! vrf DEV rd 10.0.2.5:52 route-target import evpn 52:52 @@ -210,6 +212,42 @@ router bgp 65203 route-target import evpn 51:51 route-target export evpn 51:51 ! +router general + control-functions + code + ############################## + ##### Reusable Functions ##### + ############################## + function IS_LOOPBACK() { + return prefix match prefix_list_v4 PL-LOOPBACKS; + } + function IS_UNDERLAY() { + return prefix match prefix_list_v4 PL-P2P-UNDERLAY; + } + function IS_IMET_ROUTE() { + return evpn.route_type is EVPN_IMET; + } + function FROM_EVPN_GW_PEER() { + return next_hop match prefix_list_v4 PL-GW-PEER-LOOPS; + } + ############################## + ##### Main Functions ##### + ############################## + function CONN_2_BGP() { + if IS_LOOPBACK() or IS_UNDERLAY() { + return true; + } + return false; + } + function AS65500_EVPN_IN() { + if IS_IMET_ROUTE() and FROM_EVPN_GW_PEER() { + return false; + } + return true; + } + # + EOF +! router isis 100 net 49.1111.0000.0002.0005.00 is-type level-2 @@ -230,4 +268,4 @@ management ssh vrf MGMT no shutdown ! -end \ No newline at end of file +end diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-LEAF.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-LEAF.cfg index ff436c2..f6dc48a 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-LEAF.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-LEAF.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: DC2-LEAF (cEOSLab, EOS-4.32.2F-38195967.4322F (engineering build)) ! no aaa root ! @@ -202,4 +200,4 @@ management ssh vrf MGMT no shutdown ! -end \ No newline at end of file +end diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-R1.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-R1.cfg index 7e2a97f..2b26d7e 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-R1.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-R1.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: DC2-R1 (vEOS, EOS-4.33.1F-38850339.eostrunkshipping (engineering build)) ! no aaa root ! @@ -190,6 +188,7 @@ router bgp 65000 neighbor LOCAL-EVPN-PEERS activate neighbor LOCAL-EVPN-PEERS encapsulation vxlan neighbor WAN-OVERLAY-PEERS activate + neighbor WAN-OVERLAY-PEERS rcf in AS65000_EVPN_IN() neighbor WAN-OVERLAY-PEERS encapsulation path-selection neighbor WAN-OVERLAY-PEERS domain remote route import match-failure action discard @@ -223,25 +222,40 @@ router bgp 65000 router general control-functions code - ############################## - ##### Reusable Functions ##### - ############################## - function IS_LOOPBACK() { - return prefix match prefix_list_v4 PL-LOOPBACKS; - } - function IS_UNDERLAY() { - return prefix match prefix_list_v4 PL-P2P-UNDERLAY; - } - ############################## - ##### Main Functions ##### - ############################## - function CONN_2_BGP() { - if IS_LOOPBACK() or IS_UNDERLAY() { - return true; - } - return false; - } - # + ############################## + ##### Reusable Functions ##### + ############################## + function IS_LOOPBACK() { + return prefix match prefix_list_v4 PL-LOOPBACKS; + } + function IS_UNDERLAY() { + return prefix match prefix_list_v4 PL-P2P-UNDERLAY; + } + function ORIGINATED_IN_DC1() { + return as_path.origin_as in {65100 to 65199}; + } + function ORIGINATED_IN_DC2() { + return as_path.origin_as in {65200 to 65299}; + } + ############################## + ##### Main Functions ##### + ############################## + function CONN_2_BGP() { + if IS_LOOPBACK() or IS_UNDERLAY() { + return true; + } + return false; + } + function AS65000_EVPN_IN() { + if ORIGINATED_IN_DC1() { + local_preference = 50; + } + if ORIGINATED_IN_DC2() { + return false; + } + return true; + } + # EOF ! stun diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-R2.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-R2.cfg index 2542339..fd77043 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-R2.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-R2.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: DC2-R2 (vEOS, EOS-4.33.1F-38850339.eostrunkshipping (engineering build)) ! no aaa root ! @@ -180,6 +178,7 @@ router bgp 65000 neighbor LOCAL-EVPN-PEERS activate neighbor LOCAL-EVPN-PEERS encapsulation vxlan neighbor WAN-OVERLAY-PEERS activate + neighbor WAN-OVERLAY-PEERS rcf in AS65000_EVPN_IN() neighbor WAN-OVERLAY-PEERS encapsulation path-selection neighbor WAN-OVERLAY-PEERS domain remote route import match-failure action discard @@ -211,25 +210,40 @@ router bgp 65000 router general control-functions code - ############################## - ##### Reusable Functions ##### - ############################## - function IS_LOOPBACK() { - return prefix match prefix_list_v4 PL-LOOPBACKS; - } - function IS_UNDERLAY() { - return prefix match prefix_list_v4 PL-P2P-UNDERLAY; - } - ############################## - ##### Main Functions ##### - ############################## - function CONN_2_BGP() { - if IS_LOOPBACK() or IS_UNDERLAY() { - return true; - } - return false; - } - # + ############################## + ##### Reusable Functions ##### + ############################## + function IS_LOOPBACK() { + return prefix match prefix_list_v4 PL-LOOPBACKS; + } + function IS_UNDERLAY() { + return prefix match prefix_list_v4 PL-P2P-UNDERLAY; + } + function ORIGINATED_IN_DC1() { + return as_path.origin_as in {65100 to 65199}; + } + function ORIGINATED_IN_DC2() { + return as_path.origin_as in {65200 to 65299}; + } + ############################## + ##### Main Functions ##### + ############################## + function CONN_2_BGP() { + if IS_LOOPBACK() or IS_UNDERLAY() { + return true; + } + return false; + } + function AS65000_EVPN_IN() { + if ORIGINATED_IN_DC1() { + local_preference = 50; + } + if ORIGINATED_IN_DC2() { + return false; + } + return true; + } + # EOF ! stun diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-SPINE.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-SPINE.cfg index ad902fe..cca65c6 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-SPINE.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DC2-SPINE.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: DC2-SPINE (cEOSLab, EOS-4.32.2F-38195967.4322F (engineering build)) ! no aaa root ! @@ -154,4 +152,4 @@ management ssh vrf MGMT no shutdown ! -end \ No newline at end of file +end diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DCI-MPLS.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DCI-MPLS.cfg index 535fd3b..44ace93 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/DCI-MPLS.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/DCI-MPLS.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: DCI-MPLS (cEOSLab, EOS-4.32.2F-38195967.4322F (engineering build)) ! no aaa root ! @@ -95,14 +93,12 @@ router bgp 65500 neighbor default send-community neighbor MPLS-DCI-PEERS peer group neighbor MPLS-DCI-PEERS update-source Loopback0 + neighbor MPLS-DCI-PEERS bfd neighbor MPLS-DCI-PEERS route-reflector-client ! address-family evpn neighbor default encapsulation mpls next-hop-self source-interface Loopback0 neighbor MPLS-DCI-PEERS activate - ! - address-family vpn-ipv4 - neighbor MPLS-DCI-PEERS activate ! router isis 100 net 49.1111.0000.0000.0099.00 @@ -124,4 +120,4 @@ management ssh vrf MGMT no shutdown ! -end \ No newline at end of file +end diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/INTERNET.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/INTERNET.cfg index 7dcfd50..5b928fd 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/INTERNET.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/INTERNET.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: INTERNET (cEOSLab, EOS-4.32.2F-38195967.4322F (engineering build)) ! no aaa root ! @@ -93,4 +91,4 @@ management ssh vrf MGMT no shutdown ! -end \ No newline at end of file +end diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/S1-R1.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/S1-R1.cfg index 1a80396..f7a936e 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/S1-R1.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/S1-R1.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: S1-R1 (vEOS, EOS-4.33.1F-38850339.eostrunkshipping (engineering build)) ! no aaa root ! diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/S1-R2.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/S1-R2.cfg index 6a3911d..481ba81 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/S1-R2.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/S1-R2.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: S1-R2 (vEOS, EOS-4.33.1F-38850339.eostrunkshipping (engineering build)) ! no aaa root ! diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/S1-SW1.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/S1-SW1.cfg index 82ed1b3..eb98671 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/S1-SW1.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/S1-SW1.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: S1-SW1 (cEOSLab, EOS-4.32.2F-38195967.4322F (engineering build)) ! no aaa root ! @@ -135,4 +133,4 @@ management ssh vrf MGMT no shutdown ! -end \ No newline at end of file +end diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/S2-R1.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/S2-R1.cfg index b550a09..ad00eb1 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/S2-R1.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/S2-R1.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: S2-R1 (vEOS, EOS-4.33.1F-38850339.eostrunkshipping (engineering build)) ! no aaa root ! diff --git a/tech-library/wan/autovpn/zbackend-infra/clab/configs/S2-SW1.cfg b/tech-library/wan/autovpn/zbackend-infra/clab/configs/S2-SW1.cfg index 7b5efc7..76610cf 100644 --- a/tech-library/wan/autovpn/zbackend-infra/clab/configs/S2-SW1.cfg +++ b/tech-library/wan/autovpn/zbackend-infra/clab/configs/S2-SW1.cfg @@ -1,5 +1,3 @@ -! Command: show running-config -! device: S2-SW1 (cEOSLab, EOS-4.32.2F-38195967.4322F (engineering build)) ! no aaa root ! @@ -82,4 +80,4 @@ management ssh vrf MGMT no shutdown ! -end \ No newline at end of file +end