chore: remove docs/configuration-guide.md - redundant documentation

2025-11-30 18:35:14 +00:00
parent 0b5dfc039b
commit c56461b30b
1 changed files with 0 additions and 400 deletions
--- a/docs/configuration-guide.md
+++ b/docs/configuration-guide.md
@@ -1,400 +0,0 @@
 # Configuration Guide
 This guide walks through the key configuration concepts used in this EVPN-VXLAN lab.
 ## Table of Contents
 - [Architecture Overview](#architecture-overview)
 - [Underlay Configuration](#underlay-configuration)
 - [Overlay Configuration](#overlay-configuration)
 - [MLAG Configuration](#mlag-configuration)
 - [L2 VXLAN Configuration](#l2-vxlan-configuration)
 - [L3 VXLAN Configuration](#l3-vxlan-configuration)
 - [Best Practices](#best-practices)
 ## Architecture Overview
 ### Topology Design
 - **Spine-Leaf Architecture**: 2 Spines, 8 Leafs forming 4 VTEPs
 - **Underlay**: BGP with eBGP between Spine-Leaf, iBGP between MLAG pairs
 - **Overlay**: BGP EVPN for control plane
 - **Data Plane**: VXLAN encapsulation
 ### AS Number Scheme
 ```
 Spine:  AS 65000
 VTEP1:  AS 65001 (Leaf1/Leaf2)
 VTEP2:  AS 65002 (Leaf3/Leaf4)
 VTEP3:  AS 65003 (Leaf5/Leaf6)
 VTEP4:  AS 65004 (Leaf7/Leaf8)
 ```
 ### IP Addressing Plan
 ```
 Management:           172.16.0.0/24
 Router-ID Loopbacks:  10.0.250.0/24
 VTEP Loopbacks:       10.0.255.0/24
 Spine1 P2P Links:     10.0.1.0/24
 Spine2 P2P Links:     10.0.2.0/24
 MLAG iBGP Peering:    10.0.3.0/24
 MLAG Peer-Link:       10.0.199.0/24
 ```
 ## Underlay Configuration
 ### 1. Enable Multi-Agent Routing Protocol Model
 Required for EVPN to function properly:
 ```
 service routing protocols model multi-agent
 ```
 ### 2. Configure Loopback Interfaces
 Each device needs two loopbacks:
 ```
 ! Router-ID Loopback (unique per device)
 interface Loopback0
   ip address 10.0.250.x/32
 ! VTEP Loopback (shared within MLAG pair)
 interface Loopback1
   ip address 10.0.255.x/32
 ```
 ### 3. Configure Point-to-Point Interfaces
 Use /31 subnets for efficiency:
 ```
 interface Ethernet11
   description spine1
   no switchport
   ip address 10.0.1.1/31
   mtu 9214
 ```
 ### 4. Configure BGP Underlay
 #### On Spines:
 ```
 router bgp 65000
   router-id 10.0.250.1
   no bgp default ipv4-unicast
   distance bgp 20 200 200
   neighbor 10.0.1.1 remote-as 65001
   neighbor 10.0.1.3 remote-as 65001
   # ... more neighbors
   address-family ipv4
      neighbor 10.0.1.1 activate
      network 10.0.250.1/32
      maximum-paths 4 ecmp 64
 ```
 #### On Leafs:
 ```
 router bgp 65001
   router-id 10.0.250.11
   no bgp default ipv4-unicast
   distance bgp 20 200 200
   neighbor underlay peer group
   neighbor underlay remote-as 65000
   neighbor 10.0.1.0 peer group underlay
   neighbor 10.0.2.0 peer group underlay
   address-family ipv4
      neighbor underlay activate
      network 10.0.250.11/32
      network 10.0.255.11/32
      maximum-paths 4 ecmp 64
 ```
 ### Why These Settings?
 - **no bgp default ipv4-unicast**: Requires explicit activation per address family
 - **distance bgp 20 200 200**: eBGP=20, iBGP=200, Local=200 (prefer eBGP routes)
 - **maximum-paths 4 ecmp 64**: Enable ECMP with up to 4 paths
 - **mtu 9214**: Support jumbo frames for VXLAN overhead
 ## Overlay Configuration
 ### 1. Configure EVPN Neighbors
 #### On Leafs:
 ```
 router bgp 65001
   neighbor evpn peer group
   neighbor evpn remote-as 65000
   neighbor evpn update-source Loopback0
   neighbor evpn ebgp-multihop 3
   neighbor evpn send-community extended
   neighbor 10.0.250.1 peer group evpn
   neighbor 10.0.250.2 peer group evpn
   address-family evpn
      neighbor evpn activate
 ```
 #### On Spines:
 ```
 router bgp 65000
   neighbor evpn peer group
   neighbor evpn next-hop-unchanged
   neighbor evpn update-source Loopback0
   neighbor evpn ebgp-multihop 3
   neighbor evpn send-community extended
   neighbor 10.0.250.11 peer group evpn
   neighbor 10.0.250.11 remote-as 65001
   # ... more neighbors
   address-family evpn
      neighbor evpn activate
 ```
 ### Why These Settings?
 - **update-source Loopback0**: Use loopback for stable peering
 - **ebgp-multihop 3**: Allow multi-hop eBGP through underlay
 - **send-community extended**: Required for EVPN route-targets
 - **next-hop-unchanged**: On spines, preserve original next-hop for optimal routing
 ### 2. Configure VXLAN Interface
 ```
 interface Vxlan1
   vxlan source-interface Loopback1
   vxlan udp-port 4789
   vxlan learn-restrict any
 ```
 - **source-interface Loopback1**: Use VTEP loopback as source
 - **udp-port 4789**: Standard VXLAN port
 - **learn-restrict any**: Use EVPN control plane only (no data plane learning)
 ## MLAG Configuration
 ### 1. Configure MLAG VLANs
 ```
 vlan 4090
   name mlag-peer
   trunk group mlag-peer
 vlan 4091
   name mlag-ibgp
   trunk group mlag-peer
 ```
 ### 2. Configure MLAG SVIs
 ```
 interface Vlan4090
   description MLAG Peer-Link
   ip address 10.0.199.254/31
   no autostate
 interface Vlan4091
   description MLAG iBGP Peering
   ip address 10.0.3.0/31
   mtu 9214
 ```
 ### 3. Configure Peer-Link
 ```
 interface Ethernet10
   channel-group 999 mode active
 interface Port-Channel999
   switchport mode trunk
   switchport trunk group mlag-peer
   spanning-tree link-type point-to-point
 ```
 ### 4. Configure MLAG Domain
 ```
 mlag configuration
   domain-id leafs
   local-interface Vlan4090
   peer-address 10.0.199.255
   peer-link Port-Channel999
   dual-primary detection delay 10 action errdisable all-interfaces
   peer-address heartbeat 172.16.0.50 vrf mgmt
 ```
 ### 5. Configure iBGP Between MLAG Peers
 ```
 router bgp 65001
   neighbor underlay_ibgp peer group
   neighbor underlay_ibgp remote-as 65001
   neighbor underlay_ibgp next-hop-self
   neighbor 10.0.3.1 peer group underlay_ibgp
   address-family ipv4
      neighbor underlay_ibgp activate
 ```
 ### 6. Configure Virtual Router MAC
 ```
 ip virtual-router mac-address c001.cafe.babe
 ```
 This MAC is used for anycast gateway functionality across the MLAG pair.
 ## L2 VXLAN Configuration
 For extending Layer 2 domains across the fabric:
 ### 1. Create VLAN
 ```
 vlan 40
   name test-l2-vxlan
 ```
 ### 2. Map VLAN to VNI
 ```
 interface Vxlan1
   vxlan vlan 40 vni 110040
 ```
 ### 3. Configure BGP EVPN for VLAN
 ```
 router bgp 65001
   vlan 40
      rd 65001:110040
      route-target both 40:110040
      redistribute learned
 ```
 ### Key Concepts
 - **VNI (VXLAN Network Identifier)**: 24-bit segment ID (110040)
 - **RD (Route Distinguisher)**: Makes routes unique (AS:VNI format)
 - **RT (Route Target)**: Controls route import/export (VLAN:VNI format)
 - **redistribute learned**: Advertise locally learned MAC addresses
 ## L3 VXLAN Configuration
 For routing between VRFs across the fabric:
 ### 1. Create VRF
 ```
 vrf instance gold
 ip routing vrf gold
 ```
 ### 2. Map VRF to VNI
 ```
 interface Vxlan1
   vxlan vrf gold vni 100001
 ```
 ### 3. Configure VRF VLAN Interface
 ```
 vlan 34
   name vrf-gold-subnet
 interface Vlan34
   vrf gold
   ip address 10.34.34.2/24
   ip virtual-router address 10.34.34.1
 ```
 ### 4. Configure BGP for VRF
 ```
 router bgp 65002
   vrf gold
      rd 10.0.250.13:1
      route-target import evpn 1:100001
      route-target export evpn 1:100001
      redistribute connected
 ```
 ### Key Concepts
 - **VRF**: Virtual Routing and Forwarding instance
 - **L3 VNI**: VNI for routing between VRFs
 - **Anycast Gateway**: Same gateway IP/MAC on both MLAG peers
 - **Type-5 Routes**: EVPN IP prefix routes for inter-subnet routing
 ## Best Practices
 ### IP Addressing
 1. Use consistent /31 for P2P links
 2. Reserve /32 blocks for loopbacks
 3. Use non-overlapping private address space
 ### BGP Configuration
 1. Always use peer groups for scalability
 2. Set appropriate maximum-routes limits
 3. Enable logging for troubleshooting
 4. Use `distance bgp 20 200 200` for predictable behavior
 ### VXLAN/EVPN
 1. Use meaningful VNI numbers (e.g., 1XXYYY where XX is VLAN/VRF)
 2. Keep RD unique per device
 3. Keep RT consistent across devices in same domain
 4. Enable `vxlan learn-restrict any` to avoid data-plane learning
 ### MLAG
 1. Always configure dual-active detection
 2. Use trunk groups to isolate MLAG VLANs
 3. Configure iBGP between peers for redundancy
 4. Use consistent domain-id across pairs
 ### MTU
 1. Set MTU to 9214 on underlay links for VXLAN overhead
 2. Ensure consistent MTU across the fabric
 3. Account for 50-byte VXLAN header overhead
 ### Security
 1. Change default passwords immediately
 2. Configure management VRF
 3. Use authentication for BGP peers (not shown in lab configs)
 4. Implement prefix-lists and route-maps in production
 ## Verification Checklist
 After configuration, verify:
 - [ ] All BGP neighbors established
 - [ ] Loopbacks reachable via underlay
 - [ ] EVPN routes being exchanged
 - [ ] MLAG state is Active
 - [ ] VXLAN interface is up
 - [ ] Remote VTEPs discovered
 - [ ] MAC addresses learned via EVPN
 - [ ] VRF routing working end-to-end
 Refer to [validation-commands.md](validation-commands.md) for detailed verification steps.
 ## Troubleshooting Tips
 1. **No BGP neighbors**: Check IP connectivity and firewall rules
 2. **No EVPN routes**: Verify `send-community extended` is configured
 3. **No MAC learning**: Check VNI mapping and route-targets
 4. **MLAG not working**: Verify peer-link and domain-id match
 5. **No VXLAN traffic**: Check MTU and VNI configuration
 ## References
 - [Arista EVPN Design Guide](https://www.arista.com/en/solutions/design-guides)
 - [RFC 7432 - BGP MPLS-Based Ethernet VPN](https://tools.ietf.org/html/rfc7432)
 - [RFC 8365 - A Network Virtualization Overlay Solution Using EVPN](https://tools.ietf.org/html/rfc8365)
 - [Original Blog Post](https://overlaid.net/2019/01/27/arista-bgp-evpn-configuration-example/)