Damien/arista-evpn-vxlan-clab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
95 Commits 1 Branch 0 Tags
9bb168abe181d97859c8c17898d667251beab16f
Commit Graph

8 Commits

Author SHA1 Message Date
Damien
ef4211afe5 Rename devices to <area>-<role> scheme 
DC fabric: spine/leaf/border-leaf/access/host -> dc-spine, dc-leaf,
dc-border-leaf, dc-access, dc-server. Campus border leafs flipped
from border-leaf-campus to campus-border-leaf for consistency. Core,
campus spines/leafs/access/hosts unchanged.

Updates topology, annotations, all configs (hostnames + peer
descriptions), host interface files, README, TROUBLESHOOTING,
END_TO_END_TESTING, and the SVG diagram.
 2026-04-24 07:43:02 +00:00
Damien
8a725ab5fe Drop 'gateway' directive from campus host interfaces 
BusyBox ifup translates 'gateway X' into 'ip route add default via X'
and aborts the whole ifup run with RC=1 when that command fails with
'File exists' — which always happens on first boot because the docker
management bridge has already installed its own default via eth0. As a
result the 'post-up ip route replace default' was never executed and
the host kept the management default.

Remove the 'gateway' line so ifup only runs the idempotent 'post-up ip
route replace default via <fabric-gw>' and the fabric default wins.
 2026-04-23 16:45:54 +00:00
Damien
46c68b42bd Move campus host config into /etc/network/interfaces 
Make hosts/campus-host{1,2}_interfaces the source of truth for the
campus host IP and default route, and have clab simply invoke 'ifup
eth1' at container start to apply it. Previously the bound interfaces
file was unused and the real config lived in the YAML exec block,
which was misleading.

BusyBox ifup in the network-multitool image needs 'address' plus
'netmask' rather than a CIDR, so split the address accordingly. Also
add 'post-up ip route replace default via <fabric-gw>' so the fabric
default overrides the management DHCP default even when one is already
installed.
 2026-04-23 16:20:29 +00:00
Damien
2da238e3ae Update campus host attachment pattern to single-attached access 2026-04-18 18:44:34 +00:00
Damien
ff15e90b5c Update docs and diagram for extended multi-fabric topology 
- README: rewritten node inventory, AS map, addressing plan
  (management, Lo0/Lo1, P2P, hosts), VNI/RD/RT tables, control-plane
  summary and end-to-end Campus <-> DC test procedures through the
  Core (VRF gold stitching).
- hosts/README: document the two new Campus host configurations.
- assets/arista-evpn-fabric.svg: new three-zone layout (Campus, Core,
  DC) with legend.
- evpn-lab.clab.yml.annotations.json: reposition nodes and add zone
  labels so the ContainerLab graph matches the extended topology.
 2026-04-18 08:38:44 +00:00
Damien
6e0dcce746 Add Campus EVPN-VXLAN fabric configs and host interfaces 
- campus-spine1/2 (AS 66000): eBGP underlay + EVPN RR toward leafs
  and border leafs, addressing plan 10.1.x.x.
- campus-leaf1/2 (VTEP1, AS 66001, VTEP 10.1.255.11): VLAN 50
  (stretched L2 VXLAN, VNI 110050) and VLAN 60 (VRF gold anycast
  10.60.60.1, L3 VNI 100001).
- campus-leaf3/4 (VTEP2, AS 66002, VTEP 10.1.255.12): VLAN 50 and
  VLAN 70 (VRF gold anycast 10.60.70.1).
- border-leaf-campus1/2 (AS 66005, VTEP 10.1.255.21): MLAG pair,
  OSPF + eBGP to cores, VRF gold stitched via vxlan vrf gold
  vni 100001 with RT 1:100001.
- campus-access1/2: L2-only uplinks to campus leaf MLAG pairs,
  trunks VLAN 50+60 / 50+70.
- campus-host1/2 interface files: bond0 + VLAN sub-interfaces for
  the stretched L2 VLAN 50 and the VRF gold subnets.
 2026-04-18 08:38:35 +00:00
Damien Arnodo
db54e56b41 chore: Repository cleanup - Remove unnecessary files (#16) 
## Summary

Repository cleanup to remove unnecessary files and streamline documentation after the successful EVPN-VXLAN lab implementation.

Closes #15

---

## Changes

### Files Removed (13 files total)

**Scripts folder:**
- `scripts/deploy.sh`
- `scripts/test-connectivity.sh`
- `scripts/cleanup.sh`

**Root-level markdown files:**
- `BRANCH_SUMMARY.md`
- `BUGFIX_EVPN_ACTIVATION.md`
- `DEPLOYMENT_GUIDE.md`
- `FIXES_APPLIED.md`
- `TESTING_CHECKLIST.md`
- `VLAN_TAGGING_FIX_EXPLANATION.md`

**docs/ folder (entire folder removed):**
- `docs/HOST_INTERFACE_CONFIGURATION.md`
- `docs/configuration-guide.md`
- `docs/quick-reference.md`
- `docs/validation-commands.md`

### Files Updated
- `hosts/README.md` - Fixed broken links
- `README.md` - Updated repository structure section

---

## Final Repository Structure

```
├── .gitignore
├── README.md                    # Main documentation
├── TROUBLESHOOTING.md           # Troubleshooting guide
├── END_TO_END_TESTING.md        # Testing procedures
├── evpn-lab.clab.yml            # ContainerLab topology
├── configs/                     # Switch configurations (10 files)
└── hosts/                       # Host interface configs (5 files)
```

---

## Testing

- [x] Lab redeployed successfully with `containerlab deploy -t evpn-lab.clab.yml`
- [x] L2 VXLAN connectivity verified (host1 ↔ host3)
- [x] L3 VXLAN connectivity verified (host2 ↔ host4)
- [x] All BGP EVPN sessions established
- [x] MLAG pairs operational

Reviewed-on: #16
 2025-11-30 19:07:22 +00:00
Damien
1080bf07bb Complete Lab Fixes - L2 and L3 VXLAN Fully Operational (#14) 
## Summary

This PR merges all fixes and improvements from the troubleshooting journey to make the Arista EVPN-VXLAN lab fully operational with both L2 and L3 VXLAN connectivity.

## What's Changed

### 🎯 Major Achievements
-  **L2 VXLAN fully operational** - host1 ↔ host3 connectivity verified
-  **L3 VXLAN fully operational** - host2 ↔ host4 connectivity verified (VRF gold)
-  **LACP bonding working** - dual-homed hosts with proper Port-Channel negotiation
-  **All BGP/EVPN sessions established** - complete underlay and overlay working

### 🔧 Infrastructure Fixes

#### BGP & Routing
- Added `ip routing` command to all spine and leaf switches
- Fixed duplicate BGP network statements on leaf3, leaf4, leaf7, leaf8
- Activated EVPN neighbors on spine switches
- Added loopback network advertisements to BGP

#### MLAG Configuration
- Configured MLAG peer-link in trunk mode (not access) for VLAN 4090/4091
- Added dual-active detection via management interface
- Configured virtual router MAC for MLAG pairs

#### Switch Port Configuration
- Port-Channel1 configured in **trunk mode** on all leaf switches
- Added `switchport trunk allowed vlan` for host VLANs (34, 40, 78)
- Removed `no shutdown` from Port-Channel interfaces

### 🖥️ Host Networking - Complete Redesign

#### Image Change
- **Old:** `alpine:latest` (had bonding syntax issues)
- **New:** `ghcr.io/hellt/network-multitool` (networking tools pre-installed)

#### LACP Bonding Configuration
Proper LACP setup following network-multitool best practices:
```yaml
- ip link add bond0 type bond mode 802.3ad
- ip link set dev bond0 type bond xmit_hash_policy layer3+4
- ip link set dev eth1 down
- ip link set dev eth2 down
- ip link set eth1 master bond0
- ip link set eth2 master bond0
- ip link set dev eth1 up
- ip link set dev eth2 up
- ip link set dev bond0 type bond lacp_rate fast
- ip link set dev bond0 up
```

#### VLAN Configuration
- **L2 VXLAN hosts (host1, host3):** VLAN 40 tagged on bond0
- **L3 VXLAN hosts (host2, host4):** VLANs 34 and 78 tagged on bond0

#### Routing Strategy
- Kept management default route (172.16.0.254 via eth0)
- Added **specific routes** for L3 VXLAN networks instead of default routes:
  - host2: `ip route add 10.78.78.0/24 via 10.34.34.1`
  - host4: `ip route add 10.34.34.0/24 via 10.78.78.1`

### 📁 Files Changed

#### Switch Configurations (Updated)
- `configs/spine1.cfg` - Added ip routing, EVPN activation
- `configs/spine2.cfg` - Added ip routing, EVPN activation
- `configs/leaf1.cfg` - Port-Channel trunk mode, VLAN config
- `configs/leaf2.cfg` - Port-Channel trunk mode, VLAN config
- `configs/leaf3.cfg` - Added ip routing, loopback ads, Port-Channel config
- `configs/leaf4.cfg` - Added ip routing, loopback ads, Port-Channel config
- `configs/leaf5.cfg` - Port-Channel trunk mode, VLAN config
- `configs/leaf6.cfg` - Port-Channel trunk mode, VLAN config
- `configs/leaf7.cfg` - Added ip routing, loopback ads, Port-Channel config
- `configs/leaf8.cfg` - Added ip routing, loopback ads, Port-Channel config

#### Topology (Updated)
- `evpn-lab.clab.yml` - Updated all host configurations with network-multitool image and proper LACP/VLAN setup

#### Documentation (New)
- `hosts/README.md` - Host interface configuration guide
- `hosts/host1_interfaces` - Interface file for host1 (not currently used, kept for reference)
- `hosts/host2_interfaces` - Interface file for host2 (not currently used, kept for reference)
- `hosts/host3_interfaces` - Interface file for host3 (not currently used, kept for reference)
- `hosts/host4_interfaces` - Interface file for host4 (not currently used, kept for reference)

## Testing & Verification

###  L2 VXLAN (VLAN 40)
```
host1 (10.40.40.101) → host3 (10.40.40.103)
- Connectivity: VERIFIED ✓
- VXLAN tunnel: VTEP1 ↔ VTEP3
- MAC learning: Working via EVPN Type-2
```

###  L3 VXLAN (VRF gold)
```
host2 (10.34.34.102) → host4 (10.78.78.104)
- Connectivity: VERIFIED ✓
- Ping results: 0% packet loss, TTL=62
- Routing: Via EVPN Type-5 through fabric
```

###  Infrastructure Status
- BGP Underlay: All sessions ESTAB
- EVPN Overlay: All neighbors ESTAB
- MLAG: All 4 pairs operational
- Port-Channels: LACP negotiated on all hosts

## Related Issues

Fixes #1 - Lab deployment and configuration fixes
Fixes #2 - BGP EVPN neighbors stuck in Connect state
Fixes #3 - Ready for deployment with EVPN activation
Fixes #4 - Lab convergence in progress
Fixes #5 - BGP EVPN neighbors stuck in Active state
Fixes #11 - Host LACP bonding configuration
Fixes #13 - L3 VXLAN default route issue

## Key Technical Learnings

1. **Arista EOS requires explicit `ip routing`** before BGP can function
2. **MLAG peer-link must be trunk mode** to allow VLAN 4090/4091 traversal
3. **VLAN tagging location matters** - hosts tag, switches use trunk mode
4. **network-multitool image** superior to Alpine for LACP bonding
5. **Specific routes better than default routes** when management network present
6. **LACP rate fast** ensures quick negotiation with Arista switches

## Deployment

After merging, deploy with:
```bash
cd ~/arista-evpn-vxlan-clab
sudo containerlab destroy -t evpn-lab.clab.yml --cleanup
sudo containerlab deploy -t evpn-lab.clab.yml
```

No manual post-deployment configuration needed - everything works from initial deployment!

## Breaking Changes

⚠️ **Host image changed** from `alpine:latest` to `ghcr.io/hellt/network-multitool`
⚠️ **Host configuration completely redesigned** - old exec commands replaced

## Reviewers

@Damien - Please review and merge when ready

---

**This PR represents the complete troubleshooting journey and brings the lab to production-ready status with full L2 and L3 VXLAN functionality.** 🚀

Reviewed-on: #14
Co-authored-by: Damien <damien@arnodo.fr>
Co-committed-by: Damien <damien@arnodo.fr>
 2025-11-30 10:24:29 +00:00