From 07088bbc713e66a71cc65ae6a8033756f2053bec Mon Sep 17 00:00:00 2001 From: Damien Arnodo Date: Sun, 30 Nov 2025 18:33:48 +0000 Subject: [PATCH] chore: remove BRANCH_SUMMARY.md - no longer needed after merge --- BRANCH_SUMMARY.md | 251 ---------------------------------------------- 1 file changed, 251 deletions(-) delete mode 100644 BRANCH_SUMMARY.md diff --git a/BRANCH_SUMMARY.md b/BRANCH_SUMMARY.md deleted file mode 100644 index ba6ac77..0000000 --- a/BRANCH_SUMMARY.md +++ /dev/null @@ -1,251 +0,0 @@ -# fix-bgp-and-mlag Branch Summary - -## Overview -This branch contains critical fixes for VLAN tagging and host configuration that enable proper end-to-end connectivity in the EVPN VXLAN fabric. - -## Root Cause Analysis - -### Problem -Hosts were unable to communicate across the VXLAN fabric. Testing showed: -- Empty MAC tables on leaf switches -- No EVPN Type-2 routes being advertised -- Ping tests between hosts failed with 100% packet loss - -### Root Cause -**VLAN tagging mismatch** between hosts and leaf switch port-channels: -- Hosts were sending **untagged Ethernet frames** -- Leaf port-channels were configured in **access mode** expecting **tagged VLAN frames** -- Result: Frames were dropped at the leaf ingress interface, never reaching VLAN 40 or 34 - -### Solution -**Host-side VLAN tagging**: Configure hosts to create VLAN subinterfaces (802.1Q) on top of bonded interfaces. This ensures frames carry the correct VLAN tag matching the leaf's access VLAN configuration. - ---- - -## Changes Made - -### 1. evpn-lab.clab.yml -**Modified:** Host device configuration -**Changes:** -- host1: Added VLAN 40 subinterface creation (bond0.40) -- host2: Added VLAN 34 subinterface creation (bond0.34) -- host3: Added VLAN 40 subinterface creation (bond0.40) -- host4: Added VLAN 78 subinterface creation (bond0.78) - -**Before:** -```yaml -host1: - exec: - - ip link add bond0 type bond mode balance-rr - - ip link set eth1 master bond0 - - ip link set eth2 master bond0 - - ip link set bond0 up - - ip addr add 10.40.40.101/24 dev bond0 # ← Untagged! -``` - -**After:** -```yaml -host1: - exec: - - ip link add bond0 type bond mode balance-rr - - ip link set eth1 master bond0 - - ip link set eth2 master bond0 - - ip link set bond0 up - # VLAN tagging added: - - ip link add link bond0 name bond0.40 type vlan id 40 - - ip link set bond0.40 up - - ip addr add 10.40.40.101/24 dev bond0.40 # ← Tagged with VLAN 40! -``` - -### 2. Documentation Files (New) - -#### END_TO_END_TESTING.md -Comprehensive guide covering: -- Pre-test verification procedures -- L2 VXLAN connectivity testing (VLAN 40) -- L3 VXLAN connectivity testing (VRF gold) -- Complete test script for automation -- Detailed troubleshooting procedures - -#### VLAN_TAGGING_FIX_EXPLANATION.md -Technical deep-dive covering: -- Problem explanation with diagrams -- Broken vs. fixed configuration comparison -- VLAN tagging mapping table -- Why this approach was chosen -- Testing verification steps - -#### TESTING_CHECKLIST.md -Deployment validation checklist with: -- Deployment steps -- Pre-testing checks (9 checks total) -- Connectivity tests (9 tests total) -- Summary table -- Troubleshooting procedures -- Success criteria - ---- - -## Technical Details - -### VLAN Configuration Mapping - -| Component | VLAN 40 (L2 VXLAN) | VLAN 34 (L3 VXLAN) | VLAN 78 (L3 VXLAN) | -|-----------|-------------------|-------------------|-------------------| -| **host1** | bond0.40 (10.40.40.101) | - | - | -| **host2** | - | bond0.34 (10.34.34.102) | - | -| **host3** | bond0.40 (10.40.40.103) | - | - | -| **host4** | - | - | bond0.78 (10.78.78.104) | -| **Leaf Port** | Access VLAN 40 | Access VLAN 34 | Access VLAN 78 | -| **VTEP** | 10.0.255.11 (Pair) | 10.0.255.12 (Pair) | 10.0.255.14 (Pair) | -| **VNI** | 110040 (L2) | 100001 (L3) | 100001 (L3) | -| **VRF** | default | gold | gold | - -### Why This Fix Works - -1. **Linux VLAN Subinterfaces** send 802.1Q tagged frames - ``` - Frame format: [DA][SA][**VLAN Tag 40**][Type][Payload] - ``` - -2. **Leaf Access Port** recognizes the VLAN tag - ``` - Receives frame with VLAN 40 → Matches configured access VLAN 40 - ``` - -3. **Frame is untagged** and forwarded within VLAN 40 - ``` - Becomes untagged within VLAN → Normal switching/routing - ``` - -4. **MAC learning** happens normally in VLAN 40 - ``` - MAC table updated → EVPN Type-2 routes created - ``` - -5. **Remote VTEP** receives encapsulated packet - ``` - VXLAN decapsulation → Frames forwarded in target VLAN on remote leaf - ``` - ---- - -## Testing Procedure - -### Quick Validation (5 minutes) -```bash -# Deploy lab -sudo containerlab deploy -t evpn-lab.clab.yml - -# Wait 60 seconds for startup -sleep 60 - -# Test L2 connectivity -docker exec clab-arista-evpn-fabric-host1 ping -c 4 10.40.40.103 - -# Test L3 connectivity -docker exec clab-arista-evpn-fabric-host2 ping -c 4 10.78.78.104 -``` - -### Full Validation (20 minutes) -Follow the TESTING_CHECKLIST.md for comprehensive validation - ---- - -## Affected Functionality - -### ✅ Now Working -- Host-to-host L2 VXLAN connectivity -- MAC learning via VXLAN -- EVPN Type-2 route advertisement -- Host-to-host L3 VXLAN connectivity (VRF gold) -- EVPN Type-5 route advertisement -- MLAG dual-active gateway functionality - -### ✅ Already Working (Unchanged) -- Spine BGP underlay -- Leaf BGP underlay -- EVPN overlay adjacencies -- VXLAN VTEP formation -- VRF isolation - -### ⚠️ No Changes Required (Pre-existing) -- Device startup configurations (except host updates) -- BGP routing policies -- Link configurations -- Physical topology - ---- - -## Backward Compatibility - -**Breaking Change:** Yes - Network topology - -This fix requires a **complete lab redeployment** because: -1. Host network configurations have changed -2. Existing running containers will have incorrect interface configuration -3. Cannot be applied incrementally to running lab - -**No breaking changes to:** -- Device configuration format -- BGP policies -- Routing protocols -- VXLAN encapsulation -- EVPN messages - ---- - -## Deployment Checklist - -- [ ] Verify on `fix-bgp-and-mlag` branch -- [ ] Review changes: `git diff main...fix-bgp-and-mlag` -- [ ] Destroy existing lab: `sudo containerlab destroy -t evpn-lab.clab.yml --cleanup` -- [ ] Deploy fixed lab: `sudo containerlab deploy -t evpn-lab.clab.yml` -- [ ] Wait 90 seconds for startup -- [ ] Run quick validation test (5 min) -- [ ] Run full testing checklist (20 min) -- [ ] Verify all tests pass -- [ ] Prepare pull request to merge to main - ---- - -## Related Issues - -This fix addresses the issue: -**"Fixes from fix-bgp-and-mlag branch integrated to main #1"** - -Topics covered: -- L2 VXLAN end-to-end connectivity -- L3 VXLAN end-to-end connectivity -- VLAN tagging at host-to-switch boundary -- MLAG operation with VXLAN -- EVPN Type-2 and Type-5 route advertisement - ---- - -## Future Improvements - -Possible enhancements in subsequent branches: -1. Automated testing script to validate all checks -2. BGP policy testing (as-path, communities, etc.) -3. Failure scenario testing (link down, VTEP down) -4. Performance testing (throughput, latency) -5. Advanced EVPN features (RT-5, multi-homing, etc.) - ---- - -## References - -- `END_TO_END_TESTING.md` - Complete testing guide -- `VLAN_TAGGING_FIX_EXPLANATION.md` - Technical explanation -- `TESTING_CHECKLIST.md` - Validation checklist -- Original source document: Arista BGP EVPN Configuration Example - ---- - -## Questions? - -See the documentation files in this branch for detailed explanations: -1. Start with `VLAN_TAGGING_FIX_EXPLANATION.md` for understanding the problem -2. Move to `END_TO_END_TESTING.md` for comprehensive testing -3. Use `TESTING_CHECKLIST.md` for validation