Damien/arista-evpn-vxlan-clab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Campus EVPN-VXLAN fabric configs and host interfaces

Browse Source 
- campus-spine1/2 (AS 66000): eBGP underlay + EVPN RR toward leafs
  and border leafs, addressing plan 10.1.x.x.
- campus-leaf1/2 (VTEP1, AS 66001, VTEP 10.1.255.11): VLAN 50
  (stretched L2 VXLAN, VNI 110050) and VLAN 60 (VRF gold anycast
  10.60.60.1, L3 VNI 100001).
- campus-leaf3/4 (VTEP2, AS 66002, VTEP 10.1.255.12): VLAN 50 and
  VLAN 70 (VRF gold anycast 10.60.70.1).
- border-leaf-campus1/2 (AS 66005, VTEP 10.1.255.21): MLAG pair,
  OSPF + eBGP to cores, VRF gold stitched via vxlan vrf gold
  vni 100001 with RT 1:100001.
- campus-access1/2: L2-only uplinks to campus leaf MLAG pairs,
  trunks VLAN 50+60 / 50+70.
- campus-host1/2 interface files: bond0 + VLAN sub-interfaces for
  the stretched L2 VLAN 50 and the VRF gold subnets.
This commit is contained in:
Damien Arnodo
2026-04-18 08:38:35 +00:00
parent 4b4c1852c4
commit 6e0dcce746
12 changed files with 1684 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

234
configs/border-leaf-campus1.cfg Normal file
View File

@@ -0,0 +1,234 @@
! Border-Leaf-Campus1 Configuration
! Campus Border Leaf - AS 66005 (MLAG pair with border-leaf-campus2)
! Provides egress from Campus EVPN-VXLAN fabric to Core L3 network
!
hostname border-leaf-campus1
!
! LLDP Management0
lldp management-address Management0
!
! enable gNMI API
management api gnmi
transport grpc default
provider eos-native
!
! admin/admin for ssh access
username admin privilege 15 role network-admin secret sha512 $6$xQktFrbdeqEhVzLM$.1wOJB25nw2fqYaSXDu6y4mo6AP9hngMCFe2vGDl84hWoz00Q.4unoEBqspNI0HEoRz.OZhdBHqQv12KABf0B0
!
! Enable IP routing
ip routing
!
! Enable routing protocols
service routing protocols model multi-agent
!
! VRF Definition
vrf instance gold
!
! VLANs
vlan 4090
name mlag-peer
trunk group mlag-peer
!
vlan 4091
name mlag-ibgp
trunk group mlag-peer
!
! Management interface
interface Management0
ip address 172.16.0.22/24
!
! MLAG Peer-link SVI
interface Vlan4090
description MLAG Peer-Link
ip address 10.1.199.254/31
no autostate
!
! iBGP Peering SVI
interface Vlan4091
description MLAG iBGP Peering
ip address 10.1.3.4/31
mtu 9214
!
! Loopbacks
interface Loopback0
description Router-ID
ip address 10.1.250.21/32
!
interface Loopback1
description VTEP
ip address 10.1.255.21/32
!
interface Loopback2
description VRF-Gold-health
vrf gold
ip address 10.1.250.221/32
!
! MLAG Peer-link
interface Ethernet10
description mlag peer link
channel-group 999 mode active
!
interface Port-Channel999
description MLAG Peer
switchport mode trunk
switchport trunk group mlag-peer
spanning-tree link-type point-to-point
!
! Underlay P2P interfaces to Campus Spines
interface Ethernet11
description campus-spine1
no switchport
ip address 10.1.1.9/31
mtu 9214
!
interface Ethernet12
description campus-spine2
no switchport
ip address 10.1.2.9/31
mtu 9214
!
! Uplink to Core1 (subinterfaced: .100 default VRF, .200 VRF gold)
interface Ethernet13
description core1
no switchport
mtu 9214
!
interface Ethernet13.100
description core1-underlay
encapsulation dot1q vlan 100
ip address 10.0.5.1/31
mtu 9214
!
interface Ethernet13.200
description core1-vrf-gold
encapsulation dot1q vlan 200
vrf gold
ip address 10.0.15.1/31
mtu 9214
!
! Uplink to Core2
interface Ethernet14
description core2
no switchport
mtu 9214
!
interface Ethernet14.100
description core2-underlay
encapsulation dot1q vlan 100
ip address 10.0.5.5/31
mtu 9214
!
interface Ethernet14.200
description core2-vrf-gold
encapsulation dot1q vlan 200
vrf gold
ip address 10.0.15.5/31
mtu 9214
!
! Spanning-tree
no spanning-tree vlan 4090
no spanning-tree vlan 4091
!
! Virtual MAC for Anycast Gateway
ip virtual-router mac-address c001.cafe.babe
!
! MLAG Configuration
mlag configuration
domain-id border-leafs-campus
local-interface Vlan4090
peer-address 10.1.199.255
peer-link Port-Channel999
dual-primary detection delay 10 action errdisable all-interfaces
peer-address heartbeat 172.16.0.23 vrf mgmt
!
! VXLAN Interface
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan learn-restrict any
vxlan vrf gold vni 100001
!
! IP Routing
ip routing
ip routing vrf gold
ip route 100.64.0.0/10 172.16.0.254
!
! OSPF for loopback reachability with Core (default VRF)
router ospf 1
router-id 10.1.250.21
passive-interface default
no passive-interface Ethernet13.100
no passive-interface Ethernet14.100
network 10.1.250.21/32 area 0
network 10.0.5.0/31 area 0
network 10.0.5.4/31 area 0
max-lsa 12000
!
! BGP Configuration
router bgp 66005
router-id 10.1.250.21
no bgp default ipv4-unicast
bgp log-neighbor-changes
distance bgp 20 200 200
maximum-paths 4 ecmp 64
!
! Underlay peer-group (to Campus spines)
neighbor underlay peer group
neighbor underlay remote-as 66000
neighbor underlay maximum-routes 12000 warning-only
neighbor 10.1.1.8 peer group underlay
neighbor 10.1.2.8 peer group underlay
!
! iBGP peer-group (to MLAG peer)
neighbor underlay_ibgp peer group
neighbor underlay_ibgp remote-as 66005
neighbor underlay_ibgp maximum-routes 12000 warning-only
neighbor underlay_ibgp next-hop-self
neighbor 10.1.3.5 peer group underlay_ibgp
!
! EVPN peer-group (to Campus spines)
neighbor evpn peer group
neighbor evpn remote-as 66000
neighbor evpn update-source Loopback0
neighbor evpn ebgp-multihop 3
neighbor evpn send-community extended
neighbor evpn maximum-routes 12000 warning-only
neighbor 10.1.250.1 peer group evpn
neighbor 10.1.250.2 peer group evpn
!
! eBGP to Core routers (default VRF)
neighbor core peer group
neighbor core remote-as 65500
neighbor core send-community extended
neighbor core maximum-routes 12000 warning-only
neighbor 10.0.5.0 peer group core
neighbor 10.0.5.4 peer group core
!
! IPv4 address family
address-family ipv4
neighbor underlay activate
neighbor underlay_ibgp activate
neighbor core activate
network 10.1.250.21/32
network 10.1.255.21/32
!
! EVPN address family
address-family evpn
neighbor evpn activate
!
! VRF Gold configuration
vrf gold
rd 10.1.250.21:1
route-target import evpn 1:100001
route-target export evpn 1:100001
router-id 10.1.250.21
neighbor 10.0.15.0 remote-as 65500
neighbor 10.0.15.0 send-community extended
neighbor 10.0.15.0 maximum-routes 12000 warning-only
neighbor 10.0.15.4 remote-as 65500
neighbor 10.0.15.4 send-community extended
neighbor 10.0.15.4 maximum-routes 12000 warning-only
redistribute connected
redistribute learned
!
end

234
configs/border-leaf-campus2.cfg Normal file
View File

@@ -0,0 +1,234 @@
! Border-Leaf-Campus2 Configuration
! Campus Border Leaf - AS 66005 (MLAG pair with border-leaf-campus1)
! Provides egress from Campus EVPN-VXLAN fabric to Core L3 network
!
hostname border-leaf-campus2
!
! LLDP Management0
lldp management-address Management0
!
! enable gNMI API
management api gnmi
transport grpc default
provider eos-native
!
! admin/admin for ssh access
username admin privilege 15 role network-admin secret sha512 $6$xQktFrbdeqEhVzLM$.1wOJB25nw2fqYaSXDu6y4mo6AP9hngMCFe2vGDl84hWoz00Q.4unoEBqspNI0HEoRz.OZhdBHqQv12KABf0B0
!
! Enable IP routing
ip routing
!
! Enable routing protocols
service routing protocols model multi-agent
!
! VRF Definition
vrf instance gold
!
! VLANs
vlan 4090
name mlag-peer
trunk group mlag-peer
!
vlan 4091
name mlag-ibgp
trunk group mlag-peer
!
! Management interface
interface Management0
ip address 172.16.0.23/24
!
! MLAG Peer-link SVI
interface Vlan4090
description MLAG Peer-Link
ip address 10.1.199.255/31
no autostate
!
! iBGP Peering SVI
interface Vlan4091
description MLAG iBGP Peering
ip address 10.1.3.5/31
mtu 9214
!
! Loopbacks
interface Loopback0
description Router-ID
ip address 10.1.250.22/32
!
interface Loopback1
description VTEP
ip address 10.1.255.21/32
!
interface Loopback2
description VRF-Gold-health
vrf gold
ip address 10.1.250.222/32
!
! MLAG Peer-link
interface Ethernet10
description mlag peer link
channel-group 999 mode active
!
interface Port-Channel999
description MLAG Peer
switchport mode trunk
switchport trunk group mlag-peer
spanning-tree link-type point-to-point
!
! Underlay P2P interfaces to Campus Spines
interface Ethernet11
description campus-spine1
no switchport
ip address 10.1.1.11/31
mtu 9214
!
interface Ethernet12
description campus-spine2
no switchport
ip address 10.1.2.11/31
mtu 9214
!
! Uplink to Core1 (subinterfaced: .100 default VRF, .200 VRF gold)
interface Ethernet13
description core1
no switchport
mtu 9214
!
interface Ethernet13.100
description core1-underlay
encapsulation dot1q vlan 100
ip address 10.0.5.3/31
mtu 9214
!
interface Ethernet13.200
description core1-vrf-gold
encapsulation dot1q vlan 200
vrf gold
ip address 10.0.15.3/31
mtu 9214
!
! Uplink to Core2
interface Ethernet14
description core2
no switchport
mtu 9214
!
interface Ethernet14.100
description core2-underlay
encapsulation dot1q vlan 100
ip address 10.0.5.7/31
mtu 9214
!
interface Ethernet14.200
description core2-vrf-gold
encapsulation dot1q vlan 200
vrf gold
ip address 10.0.15.7/31
mtu 9214
!
! Spanning-tree
no spanning-tree vlan 4090
no spanning-tree vlan 4091
!
! Virtual MAC for Anycast Gateway
ip virtual-router mac-address c001.cafe.babe
!
! MLAG Configuration
mlag configuration
domain-id border-leafs-campus
local-interface Vlan4090
peer-address 10.1.199.254
peer-link Port-Channel999
dual-primary detection delay 10 action errdisable all-interfaces
peer-address heartbeat 172.16.0.22 vrf mgmt
!
! VXLAN Interface
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan learn-restrict any
vxlan vrf gold vni 100001
!
! IP Routing
ip routing
ip routing vrf gold
ip route 100.64.0.0/10 172.16.0.254
!
! OSPF for loopback reachability with Core (default VRF)
router ospf 1
router-id 10.1.250.22
passive-interface default
no passive-interface Ethernet13.100
no passive-interface Ethernet14.100
network 10.1.250.22/32 area 0
network 10.0.5.2/31 area 0
network 10.0.5.6/31 area 0
max-lsa 12000
!
! BGP Configuration
router bgp 66005
router-id 10.1.250.22
no bgp default ipv4-unicast
bgp log-neighbor-changes
distance bgp 20 200 200
maximum-paths 4 ecmp 64
!
! Underlay peer-group (to Campus spines)
neighbor underlay peer group
neighbor underlay remote-as 66000
neighbor underlay maximum-routes 12000 warning-only
neighbor 10.1.1.10 peer group underlay
neighbor 10.1.2.10 peer group underlay
!
! iBGP peer-group (to MLAG peer)
neighbor underlay_ibgp peer group
neighbor underlay_ibgp remote-as 66005
neighbor underlay_ibgp maximum-routes 12000 warning-only
neighbor underlay_ibgp next-hop-self
neighbor 10.1.3.4 peer group underlay_ibgp
!
! EVPN peer-group (to Campus spines)
neighbor evpn peer group
neighbor evpn remote-as 66000
neighbor evpn update-source Loopback0
neighbor evpn ebgp-multihop 3
neighbor evpn send-community extended
neighbor evpn maximum-routes 12000 warning-only
neighbor 10.1.250.1 peer group evpn
neighbor 10.1.250.2 peer group evpn
!
! eBGP to Core routers (default VRF)
neighbor core peer group
neighbor core remote-as 65500
neighbor core send-community extended
neighbor core maximum-routes 12000 warning-only
neighbor 10.0.5.2 peer group core
neighbor 10.0.5.6 peer group core
!
! IPv4 address family
address-family ipv4
neighbor underlay activate
neighbor underlay_ibgp activate
neighbor core activate
network 10.1.250.22/32
network 10.1.255.21/32
!
! EVPN address family
address-family evpn
neighbor evpn activate
!
! VRF Gold configuration
vrf gold
rd 10.1.250.22:1
route-target import evpn 1:100001
route-target export evpn 1:100001
router-id 10.1.250.22
neighbor 10.0.15.2 remote-as 65500
neighbor 10.0.15.2 send-community extended
neighbor 10.0.15.2 maximum-routes 12000 warning-only
neighbor 10.0.15.6 remote-as 65500
neighbor 10.0.15.6 send-community extended
neighbor 10.0.15.6 maximum-routes 12000 warning-only
redistribute connected
redistribute learned
!
end

68
configs/campus-access1.cfg Normal file
View File

@@ -0,0 +1,68 @@
! Campus-Access1 Configuration
! L2-only access switch for Campus VTEP1 (campus-leaf1/leaf2)
!
hostname campus-access1
!
! LLDP Management0
lldp management-address Management0
!
! enable gNMI API
management api gnmi
transport grpc default
provider eos-native
!
! admin/admin for ssh access
username admin privilege 15 role network-admin secret sha512 $6$xQktFrbdeqEhVzLM$.1wOJB25nw2fqYaSXDu6y4mo6AP9hngMCFe2vGDl84hWoz00Q.4unoEBqspNI0HEoRz.OZhdBHqQv12KABf0B0
!
! VLANs
vlan 50
name test-l2-vxlan-campus
!
vlan 60
name vrf-gold-campus-subnet1
!
! Management interface
interface Management0
ip address 172.16.0.61/24
!
! Spanning-tree
spanning-tree mode mstp
spanning-tree edge-port bpduguard default
!
! Uplink to campus leaf MLAG pair (Port-Channel 10)
interface Ethernet1
description campus-leaf1-uplink
channel-group 10 mode active
!
interface Ethernet2
description campus-leaf2-uplink
channel-group 10 mode active
!
interface Port-Channel10
description uplink-to-campus-leaf-mlag
switchport mode trunk
switchport trunk allowed vlan 50,60
no shutdown
!
! Host-facing downlink (Port-Channel 1)
interface Ethernet3
description campus-host1
channel-group 1 mode active
!
interface Ethernet4
description campus-host1
channel-group 1 mode active
!
interface Port-Channel1
description campus-host1
switchport mode trunk
switchport trunk allowed vlan 50,60
port-channel lacp fallback timeout 5
port-channel lacp fallback individual
spanning-tree portfast
no shutdown
!
! Default route for management
ip route 0.0.0.0/0 172.16.0.254
!
end

68
configs/campus-access2.cfg Normal file
View File

@@ -0,0 +1,68 @@
! Campus-Access2 Configuration
! L2-only access switch for Campus VTEP2 (campus-leaf3/leaf4)
!
hostname campus-access2
!
! LLDP Management0
lldp management-address Management0
!
! enable gNMI API
management api gnmi
transport grpc default
provider eos-native
!
! admin/admin for ssh access
username admin privilege 15 role network-admin secret sha512 $6$xQktFrbdeqEhVzLM$.1wOJB25nw2fqYaSXDu6y4mo6AP9hngMCFe2vGDl84hWoz00Q.4unoEBqspNI0HEoRz.OZhdBHqQv12KABf0B0
!
! VLANs
vlan 50
name test-l2-vxlan-campus
!
vlan 70
name vrf-gold-campus-subnet2
!
! Management interface
interface Management0
ip address 172.16.0.62/24
!
! Spanning-tree
spanning-tree mode mstp
spanning-tree edge-port bpduguard default
!
! Uplink to campus leaf MLAG pair (Port-Channel 10)
interface Ethernet1
description campus-leaf3-uplink
channel-group 10 mode active
!
interface Ethernet2
description campus-leaf4-uplink
channel-group 10 mode active
!
interface Port-Channel10
description uplink-to-campus-leaf-mlag
switchport mode trunk
switchport trunk allowed vlan 50,70
no shutdown
!
! Host-facing downlink (Port-Channel 1)
interface Ethernet3
description campus-host2
channel-group 1 mode active
!
interface Ethernet4
description campus-host2
channel-group 1 mode active
!
interface Port-Channel1
description campus-host2
switchport mode trunk
switchport trunk allowed vlan 50,70
port-channel lacp fallback timeout 5
port-channel lacp fallback individual
spanning-tree portfast
no shutdown
!
! Default route for management
ip route 0.0.0.0/0 172.16.0.254
!
end

195
configs/campus-leaf1.cfg Normal file
View File

@@ -0,0 +1,195 @@
! Campus-Leaf1 Configuration
! Campus VTEP1 - AS 66001 (MLAG pair with campus-leaf2)
!
hostname campus-leaf1
!
! LLDP Management0
lldp management-address Management0
!
! enable gNMI API
management api gnmi
transport grpc default
provider eos-native
!
! admin/admin for ssh access
username admin privilege 15 role network-admin secret sha512 $6$xQktFrbdeqEhVzLM$.1wOJB25nw2fqYaSXDu6y4mo6AP9hngMCFe2vGDl84hWoz00Q.4unoEBqspNI0HEoRz.OZhdBHqQv12KABf0B0
!
! Enable IP routing
ip routing
!
! Enable routing protocols
service routing protocols model multi-agent
!
! VRF Definition
vrf instance gold
!
! VLANs
vlan 50
name test-l2-vxlan-campus
!
vlan 60
name vrf-gold-campus-subnet1
!
vlan 4090
name mlag-peer
trunk group mlag-peer
!
vlan 4091
name mlag-ibgp
trunk group mlag-peer
!
! Management interface
interface Management0
ip address 172.16.0.51/24
!
! MLAG Peer-link SVI
interface Vlan4090
description MLAG Peer-Link
ip address 10.1.199.252/31
no autostate
!
! iBGP Peering SVI
interface Vlan4091
description MLAG iBGP Peering
ip address 10.1.3.0/31
mtu 9214
!
! VRF VLAN Interface
interface Vlan60
vrf gold
ip address 10.60.60.2/24
ip virtual-router address 10.60.60.1
!
! Loopbacks
interface Loopback0
description Router-ID
ip address 10.1.250.11/32
!
interface Loopback1
description VTEP
ip address 10.1.255.11/32
!
! MLAG Peer-link
interface Ethernet10
description mlag peer link
channel-group 999 mode active
!
interface Port-Channel999
description MLAG Peer
switchport mode trunk
switchport trunk group mlag-peer
spanning-tree link-type point-to-point
!
! Underlay P2P interfaces to Campus Spines
interface Ethernet11
description campus-spine1
no switchport
ip address 10.1.1.1/31
mtu 9214
!
interface Ethernet12
description campus-spine2
no switchport
ip address 10.1.2.1/31
mtu 9214
!
! Access-facing interface (MLAG with LACP)
interface Ethernet1
description campus-access1
channel-group 1 mode active
!
interface Port-Channel1
description campus-access1
switchport mode trunk
switchport trunk allowed vlan 50,60
mlag 1
port-channel lacp fallback timeout 5
port-channel lacp fallback individual
no shutdown
!
! Spanning-tree
no spanning-tree vlan 4090
no spanning-tree vlan 4091
!
! Virtual MAC for Anycast Gateway
ip virtual-router mac-address c001.cafe.babe
!
! MLAG Configuration
mlag configuration
domain-id campus-leafs
local-interface Vlan4090
peer-address 10.1.199.253
peer-link Port-Channel999
dual-primary detection delay 10 action errdisable all-interfaces
peer-address heartbeat 172.16.0.52 vrf mgmt
!
! VXLAN Interface
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan learn-restrict any
vxlan vlan 50 vni 110050
vxlan vrf gold vni 100001
!
! IP Routing
ip routing
ip routing vrf gold
ip route 100.64.0.0/10 172.16.0.254
!
! BGP Configuration
router bgp 66001
router-id 10.1.250.11
no bgp default ipv4-unicast
bgp log-neighbor-changes
distance bgp 20 200 200
maximum-paths 4 ecmp 64
!
! Underlay peer-group
neighbor underlay peer group
neighbor underlay remote-as 66000
neighbor underlay maximum-routes 12000 warning-only
neighbor 10.1.1.0 peer group underlay
neighbor 10.1.2.0 peer group underlay
!
! iBGP peer-group
neighbor underlay_ibgp peer group
neighbor underlay_ibgp remote-as 66001
neighbor underlay_ibgp maximum-routes 12000 warning-only
neighbor underlay_ibgp next-hop-self
neighbor 10.1.3.1 peer group underlay_ibgp
!
! EVPN peer-group
neighbor evpn peer group
neighbor evpn remote-as 66000
neighbor evpn update-source Loopback0
neighbor evpn ebgp-multihop 3
neighbor evpn send-community extended
neighbor evpn maximum-routes 12000 warning-only
neighbor 10.1.250.1 peer group evpn
neighbor 10.1.250.2 peer group evpn
!
! VLAN 50 for L2 VXLAN (stretched across Campus VTEPs)
vlan 50
rd 66001:110050
route-target both 50:110050
redistribute learned
!
! IPv4 address family
address-family ipv4
neighbor underlay activate
neighbor underlay_ibgp activate
network 10.1.250.11/32
network 10.1.255.11/32
!
! EVPN address family
address-family evpn
neighbor evpn activate
!
! VRF Gold configuration
vrf gold
rd 10.1.250.11:1
route-target import evpn 1:100001
route-target export evpn 1:100001
redistribute connected
!
end

195
configs/campus-leaf2.cfg Normal file
View File

@@ -0,0 +1,195 @@
! Campus-Leaf2 Configuration
! Campus VTEP1 - AS 66001 (MLAG pair with campus-leaf1)
!
hostname campus-leaf2
!
! LLDP Management0
lldp management-address Management0
!
! enable gNMI API
management api gnmi
transport grpc default
provider eos-native
!
! admin/admin for ssh access
username admin privilege 15 role network-admin secret sha512 $6$xQktFrbdeqEhVzLM$.1wOJB25nw2fqYaSXDu6y4mo6AP9hngMCFe2vGDl84hWoz00Q.4unoEBqspNI0HEoRz.OZhdBHqQv12KABf0B0
!
! Enable IP routing
ip routing
!
! Enable routing protocols
service routing protocols model multi-agent
!
! VRF Definition
vrf instance gold
!
! VLANs
vlan 50
name test-l2-vxlan-campus
!
vlan 60
name vrf-gold-campus-subnet1
!
vlan 4090
name mlag-peer
trunk group mlag-peer
!
vlan 4091
name mlag-ibgp
trunk group mlag-peer
!
! Management interface
interface Management0
ip address 172.16.0.52/24
!
! MLAG Peer-link SVI
interface Vlan4090
description MLAG Peer-Link
ip address 10.1.199.253/31
no autostate
!
! iBGP Peering SVI
interface Vlan4091
description MLAG iBGP Peering
ip address 10.1.3.1/31
mtu 9214
!
! VRF VLAN Interface
interface Vlan60
vrf gold
ip address 10.60.60.3/24
ip virtual-router address 10.60.60.1
!
! Loopbacks
interface Loopback0
description Router-ID
ip address 10.1.250.12/32
!
interface Loopback1
description VTEP
ip address 10.1.255.11/32
!
! MLAG Peer-link
interface Ethernet10
description mlag peer link
channel-group 999 mode active
!
interface Port-Channel999
description MLAG Peer
switchport mode trunk
switchport trunk group mlag-peer
spanning-tree link-type point-to-point
!
! Underlay P2P interfaces to Campus Spines
interface Ethernet11
description campus-spine1
no switchport
ip address 10.1.1.3/31
mtu 9214
!
interface Ethernet12
description campus-spine2
no switchport
ip address 10.1.2.3/31
mtu 9214
!
! Access-facing interface (MLAG with LACP)
interface Ethernet1
description campus-access1
channel-group 1 mode active
!
interface Port-Channel1
description campus-access1
switchport mode trunk
switchport trunk allowed vlan 50,60
mlag 1
port-channel lacp fallback timeout 5
port-channel lacp fallback individual
no shutdown
!
! Spanning-tree
no spanning-tree vlan 4090
no spanning-tree vlan 4091
!
! Virtual MAC for Anycast Gateway
ip virtual-router mac-address c001.cafe.babe
!
! MLAG Configuration
mlag configuration
domain-id campus-leafs
local-interface Vlan4090
peer-address 10.1.199.252
peer-link Port-Channel999
dual-primary detection delay 10 action errdisable all-interfaces
peer-address heartbeat 172.16.0.51 vrf mgmt
!
! VXLAN Interface
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan learn-restrict any
vxlan vlan 50 vni 110050
vxlan vrf gold vni 100001
!
! IP Routing
ip routing
ip routing vrf gold
ip route 100.64.0.0/10 172.16.0.254
!
! BGP Configuration
router bgp 66001
router-id 10.1.250.12
no bgp default ipv4-unicast
bgp log-neighbor-changes
distance bgp 20 200 200
maximum-paths 4 ecmp 64
!
! Underlay peer-group
neighbor underlay peer group
neighbor underlay remote-as 66000
neighbor underlay maximum-routes 12000 warning-only
neighbor 10.1.1.2 peer group underlay
neighbor 10.1.2.2 peer group underlay
!
! iBGP peer-group
neighbor underlay_ibgp peer group
neighbor underlay_ibgp remote-as 66001
neighbor underlay_ibgp maximum-routes 12000 warning-only
neighbor underlay_ibgp next-hop-self
neighbor 10.1.3.0 peer group underlay_ibgp
!
! EVPN peer-group
neighbor evpn peer group
neighbor evpn remote-as 66000
neighbor evpn update-source Loopback0
neighbor evpn ebgp-multihop 3
neighbor evpn send-community extended
neighbor evpn maximum-routes 12000 warning-only
neighbor 10.1.250.1 peer group evpn
neighbor 10.1.250.2 peer group evpn
!
! VLAN 50 for L2 VXLAN (stretched across Campus VTEPs)
vlan 50
rd 66001:110050
route-target both 50:110050
redistribute learned
!
! IPv4 address family
address-family ipv4
neighbor underlay activate
neighbor underlay_ibgp activate
network 10.1.250.12/32
network 10.1.255.11/32
!
! EVPN address family
address-family evpn
neighbor evpn activate
!
! VRF Gold configuration
vrf gold
rd 10.1.250.12:1
route-target import evpn 1:100001
route-target export evpn 1:100001
redistribute connected
!
end

195
configs/campus-leaf3.cfg Normal file
View File

@@ -0,0 +1,195 @@
! Campus-Leaf3 Configuration
! Campus VTEP2 - AS 66002 (MLAG pair with campus-leaf4)
!
hostname campus-leaf3
!
! LLDP Management0
lldp management-address Management0
!
! enable gNMI API
management api gnmi
transport grpc default
provider eos-native
!
! admin/admin for ssh access
username admin privilege 15 role network-admin secret sha512 $6$xQktFrbdeqEhVzLM$.1wOJB25nw2fqYaSXDu6y4mo6AP9hngMCFe2vGDl84hWoz00Q.4unoEBqspNI0HEoRz.OZhdBHqQv12KABf0B0
!
! Enable IP routing
ip routing
!
! Enable routing protocols
service routing protocols model multi-agent
!
! VRF Definition
vrf instance gold
!
! VLANs
vlan 50
name test-l2-vxlan-campus
!
vlan 70
name vrf-gold-campus-subnet2
!
vlan 4090
name mlag-peer
trunk group mlag-peer
!
vlan 4091
name mlag-ibgp
trunk group mlag-peer
!
! Management interface
interface Management0
ip address 172.16.0.53/24
!
! MLAG Peer-link SVI
interface Vlan4090
description MLAG Peer-Link
ip address 10.1.199.250/31
no autostate
!
! iBGP Peering SVI
interface Vlan4091
description MLAG iBGP Peering
ip address 10.1.3.2/31
mtu 9214
!
! VRF VLAN Interface
interface Vlan70
vrf gold
ip address 10.60.70.2/24
ip virtual-router address 10.60.70.1
!
! Loopbacks
interface Loopback0
description Router-ID
ip address 10.1.250.13/32
!
interface Loopback1
description VTEP
ip address 10.1.255.12/32
!
! MLAG Peer-link
interface Ethernet10
description mlag peer link
channel-group 999 mode active
!
interface Port-Channel999
description MLAG Peer
switchport mode trunk
switchport trunk group mlag-peer
spanning-tree link-type point-to-point
!
! Underlay P2P interfaces to Campus Spines
interface Ethernet11
description campus-spine1
no switchport
ip address 10.1.1.5/31
mtu 9214
!
interface Ethernet12
description campus-spine2
no switchport
ip address 10.1.2.5/31
mtu 9214
!
! Access-facing interface (MLAG with LACP)
interface Ethernet1
description campus-access2
channel-group 1 mode active
!
interface Port-Channel1
description campus-access2
switchport mode trunk
switchport trunk allowed vlan 50,70
mlag 1
port-channel lacp fallback timeout 5
port-channel lacp fallback individual
no shutdown
!
! Spanning-tree
no spanning-tree vlan 4090
no spanning-tree vlan 4091
!
! Virtual MAC for Anycast Gateway
ip virtual-router mac-address c001.cafe.babe
!
! MLAG Configuration
mlag configuration
domain-id campus-leafs
local-interface Vlan4090
peer-address 10.1.199.251
peer-link Port-Channel999
dual-primary detection delay 10 action errdisable all-interfaces
peer-address heartbeat 172.16.0.54 vrf mgmt
!
! VXLAN Interface
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan learn-restrict any
vxlan vlan 50 vni 110050
vxlan vrf gold vni 100001
!
! IP Routing
ip routing
ip routing vrf gold
ip route 100.64.0.0/10 172.16.0.254
!
! BGP Configuration
router bgp 66002
router-id 10.1.250.13
no bgp default ipv4-unicast
bgp log-neighbor-changes
distance bgp 20 200 200
maximum-paths 4 ecmp 64
!
! Underlay peer-group
neighbor underlay peer group
neighbor underlay remote-as 66000
neighbor underlay maximum-routes 12000 warning-only
neighbor 10.1.1.4 peer group underlay
neighbor 10.1.2.4 peer group underlay
!
! iBGP peer-group
neighbor underlay_ibgp peer group
neighbor underlay_ibgp remote-as 66002
neighbor underlay_ibgp maximum-routes 12000 warning-only
neighbor underlay_ibgp next-hop-self
neighbor 10.1.3.3 peer group underlay_ibgp
!
! EVPN peer-group
neighbor evpn peer group
neighbor evpn remote-as 66000
neighbor evpn update-source Loopback0
neighbor evpn ebgp-multihop 3
neighbor evpn send-community extended
neighbor evpn maximum-routes 12000 warning-only
neighbor 10.1.250.1 peer group evpn
neighbor 10.1.250.2 peer group evpn
!
! VLAN 50 for L2 VXLAN (stretched across Campus VTEPs)
vlan 50
rd 66002:110050
route-target both 50:110050
redistribute learned
!
! IPv4 address family
address-family ipv4
neighbor underlay activate
neighbor underlay_ibgp activate
network 10.1.250.13/32
network 10.1.255.12/32
!
! EVPN address family
address-family evpn
neighbor evpn activate
!
! VRF Gold configuration
vrf gold
rd 10.1.250.13:1
route-target import evpn 1:100001
route-target export evpn 1:100001
redistribute connected
!
end

195
configs/campus-leaf4.cfg Normal file
View File

@@ -0,0 +1,195 @@
! Campus-Leaf4 Configuration
! Campus VTEP2 - AS 66002 (MLAG pair with campus-leaf3)
!
hostname campus-leaf4
!
! LLDP Management0
lldp management-address Management0
!
! enable gNMI API
management api gnmi
transport grpc default
provider eos-native
!
! admin/admin for ssh access
username admin privilege 15 role network-admin secret sha512 $6$xQktFrbdeqEhVzLM$.1wOJB25nw2fqYaSXDu6y4mo6AP9hngMCFe2vGDl84hWoz00Q.4unoEBqspNI0HEoRz.OZhdBHqQv12KABf0B0
!
! Enable IP routing
ip routing
!
! Enable routing protocols
service routing protocols model multi-agent
!
! VRF Definition
vrf instance gold
!
! VLANs
vlan 50
name test-l2-vxlan-campus
!
vlan 70
name vrf-gold-campus-subnet2
!
vlan 4090
name mlag-peer
trunk group mlag-peer
!
vlan 4091
name mlag-ibgp
trunk group mlag-peer
!
! Management interface
interface Management0
ip address 172.16.0.54/24
!
! MLAG Peer-link SVI
interface Vlan4090
description MLAG Peer-Link
ip address 10.1.199.251/31
no autostate
!
! iBGP Peering SVI
interface Vlan4091
description MLAG iBGP Peering
ip address 10.1.3.3/31
mtu 9214
!
! VRF VLAN Interface
interface Vlan70
vrf gold
ip address 10.60.70.3/24
ip virtual-router address 10.60.70.1
!
! Loopbacks
interface Loopback0
description Router-ID
ip address 10.1.250.14/32
!
interface Loopback1
description VTEP
ip address 10.1.255.12/32
!
! MLAG Peer-link
interface Ethernet10
description mlag peer link
channel-group 999 mode active
!
interface Port-Channel999
description MLAG Peer
switchport mode trunk
switchport trunk group mlag-peer
spanning-tree link-type point-to-point
!
! Underlay P2P interfaces to Campus Spines
interface Ethernet11
description campus-spine1
no switchport
ip address 10.1.1.7/31
mtu 9214
!
interface Ethernet12
description campus-spine2
no switchport
ip address 10.1.2.7/31
mtu 9214
!
! Access-facing interface (MLAG with LACP)
interface Ethernet1
description campus-access2
channel-group 1 mode active
!
interface Port-Channel1
description campus-access2
switchport mode trunk
switchport trunk allowed vlan 50,70
mlag 1
port-channel lacp fallback timeout 5
port-channel lacp fallback individual
no shutdown
!
! Spanning-tree
no spanning-tree vlan 4090
no spanning-tree vlan 4091
!
! Virtual MAC for Anycast Gateway
ip virtual-router mac-address c001.cafe.babe
!
! MLAG Configuration
mlag configuration
domain-id campus-leafs
local-interface Vlan4090
peer-address 10.1.199.250
peer-link Port-Channel999
dual-primary detection delay 10 action errdisable all-interfaces
peer-address heartbeat 172.16.0.53 vrf mgmt
!
! VXLAN Interface
interface Vxlan1
vxlan source-interface Loopback1
vxlan udp-port 4789
vxlan learn-restrict any
vxlan vlan 50 vni 110050
vxlan vrf gold vni 100001
!
! IP Routing
ip routing
ip routing vrf gold
ip route 100.64.0.0/10 172.16.0.254
!
! BGP Configuration
router bgp 66002
router-id 10.1.250.14
no bgp default ipv4-unicast
bgp log-neighbor-changes
distance bgp 20 200 200
maximum-paths 4 ecmp 64
!
! Underlay peer-group
neighbor underlay peer group
neighbor underlay remote-as 66000
neighbor underlay maximum-routes 12000 warning-only
neighbor 10.1.1.6 peer group underlay
neighbor 10.1.2.6 peer group underlay
!
! iBGP peer-group
neighbor underlay_ibgp peer group
neighbor underlay_ibgp remote-as 66002
neighbor underlay_ibgp maximum-routes 12000 warning-only
neighbor underlay_ibgp next-hop-self
neighbor 10.1.3.2 peer group underlay_ibgp
!
! EVPN peer-group
neighbor evpn peer group
neighbor evpn remote-as 66000
neighbor evpn update-source Loopback0
neighbor evpn ebgp-multihop 3
neighbor evpn send-community extended
neighbor evpn maximum-routes 12000 warning-only
neighbor 10.1.250.1 peer group evpn
neighbor 10.1.250.2 peer group evpn
!
! VLAN 50 for L2 VXLAN (stretched across Campus VTEPs)
vlan 50
rd 66002:110050
route-target both 50:110050
redistribute learned
!
! IPv4 address family
address-family ipv4
neighbor underlay activate
neighbor underlay_ibgp activate
network 10.1.250.14/32
network 10.1.255.12/32
!
! EVPN address family
address-family evpn
neighbor evpn activate
!
! VRF Gold configuration
vrf gold
rd 10.1.250.14:1
route-target import evpn 1:100001
route-target export evpn 1:100001
redistribute connected
!
end

124
configs/campus-spine1.cfg Normal file
View File

@@ -0,0 +1,124 @@
! Campus-Spine1 Configuration
! Campus BGP EVPN Spine - AS 66000
!
hostname campus-spine1
!
! LLDP Management0
lldp management-address Management0
!
! enable gNMI API
management api gnmi
transport grpc default
provider eos-native
!
! admin/admin for ssh access
username admin privilege 15 role network-admin secret sha512 $6$xQktFrbdeqEhVzLM$.1wOJB25nw2fqYaSXDu6y4mo6AP9hngMCFe2vGDl84hWoz00Q.4unoEBqspNI0HEoRz.OZhdBHqQv12KABf0B0
!
! Enable IP routing
ip routing
ip route 100.64.0.0/10 172.16.0.254
!
! Enable routing protocols
service routing protocols model multi-agent
!
! Management interface
interface Management0
ip address 172.16.0.20/24
!
! Loopback for BGP Router-ID
interface Loopback0
ip address 10.1.250.1/32
!
! Underlay P2P interfaces to Campus Leafs
interface Ethernet1
description campus-leaf1
no switchport
ip address 10.1.1.0/31
mtu 9214
!
interface Ethernet2
description campus-leaf2
no switchport
ip address 10.1.1.2/31
mtu 9214
!
interface Ethernet3
description campus-leaf3
no switchport
ip address 10.1.1.4/31
mtu 9214
!
interface Ethernet4
description campus-leaf4
no switchport
ip address 10.1.1.6/31
mtu 9214
!
! Underlay P2P interfaces to Campus Border Leafs
interface Ethernet5
description border-leaf-campus1
no switchport
ip address 10.1.1.8/31
mtu 9214
!
interface Ethernet6
description border-leaf-campus2
no switchport
ip address 10.1.1.10/31
mtu 9214
!
! BGP Configuration
router bgp 66000
router-id 10.1.250.1
no bgp default ipv4-unicast
bgp log-neighbor-changes
distance bgp 20 200 200
maximum-paths 4 ecmp 64
!
! Underlay IPv4 neighbors
neighbor 10.1.1.1 remote-as 66001
neighbor 10.1.1.3 remote-as 66001
neighbor 10.1.1.5 remote-as 66002
neighbor 10.1.1.7 remote-as 66002
neighbor 10.1.1.9 remote-as 66005
neighbor 10.1.1.11 remote-as 66005
!
! EVPN peer-group configuration
neighbor evpn peer group
neighbor evpn next-hop-unchanged
neighbor evpn update-source Loopback0
neighbor evpn ebgp-multihop 3
neighbor evpn send-community extended
neighbor evpn maximum-routes 12000 warning-only
!
! EVPN neighbors (to campus leaf loopbacks)
neighbor 10.1.250.11 peer group evpn
neighbor 10.1.250.11 remote-as 66001
neighbor 10.1.250.12 peer group evpn
neighbor 10.1.250.12 remote-as 66001
neighbor 10.1.250.13 peer group evpn
neighbor 10.1.250.13 remote-as 66002
neighbor 10.1.250.14 peer group evpn
neighbor 10.1.250.14 remote-as 66002
!
! EVPN neighbors (to campus border-leaf loopbacks)
neighbor 10.1.250.21 peer group evpn
neighbor 10.1.250.21 remote-as 66005
neighbor 10.1.250.22 peer group evpn
neighbor 10.1.250.22 remote-as 66005
!
! IPv4 address family
address-family ipv4
neighbor 10.1.1.1 activate
neighbor 10.1.1.3 activate
neighbor 10.1.1.5 activate
neighbor 10.1.1.7 activate
neighbor 10.1.1.9 activate
neighbor 10.1.1.11 activate
network 10.1.250.1/32
!
! EVPN address family
address-family evpn
neighbor evpn activate
!
end

124
configs/campus-spine2.cfg Normal file
View File

@@ -0,0 +1,124 @@
! Campus-Spine2 Configuration
! Campus BGP EVPN Spine - AS 66000
!
hostname campus-spine2
!
! LLDP Management0
lldp management-address Management0
!
! enable gNMI API
management api gnmi
transport grpc default
provider eos-native
!
! admin/admin for ssh access
username admin privilege 15 role network-admin secret sha512 $6$xQktFrbdeqEhVzLM$.1wOJB25nw2fqYaSXDu6y4mo6AP9hngMCFe2vGDl84hWoz00Q.4unoEBqspNI0HEoRz.OZhdBHqQv12KABf0B0
!
! Enable IP routing
ip routing
ip route 100.64.0.0/10 172.16.0.254
!
! Enable routing protocols
service routing protocols model multi-agent
!
! Management interface
interface Management0
ip address 172.16.0.21/24
!
! Loopback for BGP Router-ID
interface Loopback0
ip address 10.1.250.2/32
!
! Underlay P2P interfaces to Campus Leafs
interface Ethernet1
description campus-leaf1
no switchport
ip address 10.1.2.0/31
mtu 9214
!
interface Ethernet2
description campus-leaf2
no switchport
ip address 10.1.2.2/31
mtu 9214
!
interface Ethernet3
description campus-leaf3
no switchport
ip address 10.1.2.4/31
mtu 9214
!
interface Ethernet4
description campus-leaf4
no switchport
ip address 10.1.2.6/31
mtu 9214
!
! Underlay P2P interfaces to Campus Border Leafs
interface Ethernet5
description border-leaf-campus1
no switchport
ip address 10.1.2.8/31
mtu 9214
!
interface Ethernet6
description border-leaf-campus2
no switchport
ip address 10.1.2.10/31
mtu 9214
!
! BGP Configuration
router bgp 66000
router-id 10.1.250.2
no bgp default ipv4-unicast
bgp log-neighbor-changes
distance bgp 20 200 200
maximum-paths 4 ecmp 64
!
! Underlay IPv4 neighbors
neighbor 10.1.2.1 remote-as 66001
neighbor 10.1.2.3 remote-as 66001
neighbor 10.1.2.5 remote-as 66002
neighbor 10.1.2.7 remote-as 66002
neighbor 10.1.2.9 remote-as 66005
neighbor 10.1.2.11 remote-as 66005
!
! EVPN peer-group configuration
neighbor evpn peer group
neighbor evpn next-hop-unchanged
neighbor evpn update-source Loopback0
neighbor evpn ebgp-multihop 3
neighbor evpn send-community extended
neighbor evpn maximum-routes 12000 warning-only
!
! EVPN neighbors (to campus leaf loopbacks)
neighbor 10.1.250.11 peer group evpn
neighbor 10.1.250.11 remote-as 66001
neighbor 10.1.250.12 peer group evpn
neighbor 10.1.250.12 remote-as 66001
neighbor 10.1.250.13 peer group evpn
neighbor 10.1.250.13 remote-as 66002
neighbor 10.1.250.14 peer group evpn
neighbor 10.1.250.14 remote-as 66002
!
! EVPN neighbors (to campus border-leaf loopbacks)
neighbor 10.1.250.21 peer group evpn
neighbor 10.1.250.21 remote-as 66005
neighbor 10.1.250.22 peer group evpn
neighbor 10.1.250.22 remote-as 66005
!
! IPv4 address family
address-family ipv4
neighbor 10.1.2.1 activate
neighbor 10.1.2.3 activate
neighbor 10.1.2.5 activate
neighbor 10.1.2.7 activate
neighbor 10.1.2.9 activate
neighbor 10.1.2.11 activate
network 10.1.250.2/32
!
! EVPN address family
address-family evpn
neighbor evpn activate
!
end

26
hosts/campus-host1_interfaces Normal file
View File

@@ -0,0 +1,26 @@
auto lo
iface lo inet loopback
auto bond0
iface bond0 inet manual
use bond
bond-slaves eth1 eth2
bond-mode 802.3ad
bond-miimon 100
bond-lacp-rate fast
up ip link set $IFACE up
auto bond0.50
iface bond0.50 inet static
address 10.50.50.101
netmask 255.255.255.0
vlan-raw-device bond0
up ip link set $IFACE up
auto bond0.60
iface bond0.60 inet static
address 10.60.60.101
netmask 255.255.255.0
gateway 10.60.60.1
vlan-raw-device bond0
up ip link set $IFACE up

26
hosts/campus-host2_interfaces Normal file
View File

@@ -0,0 +1,26 @@
auto lo
iface lo inet loopback
auto bond0
iface bond0 inet manual
use bond
bond-slaves eth1 eth2
bond-mode 802.3ad
bond-miimon 100
bond-lacp-rate fast
up ip link set $IFACE up
auto bond0.50
iface bond0.50 inet static
address 10.50.50.102
netmask 255.255.255.0
vlan-raw-device bond0
up ip link set $IFACE up
auto bond0.70
iface bond0.70 inet static
address 10.60.70.102
netmask 255.255.255.0
gateway 10.60.70.1
vlan-raw-device bond0
up ip link set $IFACE up