Damien/arista-evpn-vxlan-clab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: Repository cleanup - Remove unnecessary files #16

Merged
Damien merged 15 commits from cleanup/repo-housekeeping into main 2025-11-30 19:07:22 +00:00
Conversation 0 Commits 15 Files Changed 15 -251
1 changed files with 0 additions and 251 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 07088bbc71 - Show all commits

251
BRANCH_SUMMARY.md
View File

@@ -1,251 +0,0 @@
# fix-bgp-and-mlag Branch Summary
## Overview
This branch contains critical fixes for VLAN tagging and host configuration that enable proper end-to-end connectivity in the EVPN VXLAN fabric.
## Root Cause Analysis
### Problem
Hosts were unable to communicate across the VXLAN fabric. Testing showed:
- Empty MAC tables on leaf switches
- No EVPN Type-2 routes being advertised
- Ping tests between hosts failed with 100% packet loss
### Root Cause
**VLAN tagging mismatch** between hosts and leaf switch port-channels:
- Hosts were sending **untagged Ethernet frames**
- Leaf port-channels were configured in **access mode** expecting **tagged VLAN frames**
- Result: Frames were dropped at the leaf ingress interface, never reaching VLAN 40 or 34
### Solution
**Host-side VLAN tagging**: Configure hosts to create VLAN subinterfaces (802.1Q) on top of bonded interfaces. This ensures frames carry the correct VLAN tag matching the leaf's access VLAN configuration.
---
## Changes Made
### 1. evpn-lab.clab.yml
**Modified:** Host device configuration
**Changes:**
- host1: Added VLAN 40 subinterface creation (bond0.40)
- host2: Added VLAN 34 subinterface creation (bond0.34)
- host3: Added VLAN 40 subinterface creation (bond0.40)
- host4: Added VLAN 78 subinterface creation (bond0.78)
**Before:**
```yaml
host1:
exec:
- ip link add bond0 type bond mode balance-rr
- ip link set eth1 master bond0
- ip link set eth2 master bond0
- ip link set bond0 up
- ip addr add 10.40.40.101/24 dev bond0 # ← Untagged!
```
**After:**
```yaml
host1:
exec:
- ip link add bond0 type bond mode balance-rr
- ip link set eth1 master bond0
- ip link set eth2 master bond0
- ip link set bond0 up
# VLAN tagging added:
- ip link add link bond0 name bond0.40 type vlan id 40
- ip link set bond0.40 up
- ip addr add 10.40.40.101/24 dev bond0.40 # ← Tagged with VLAN 40!
```
### 2. Documentation Files (New)
#### END_TO_END_TESTING.md
Comprehensive guide covering:
- Pre-test verification procedures
- L2 VXLAN connectivity testing (VLAN 40)
- L3 VXLAN connectivity testing (VRF gold)
- Complete test script for automation
- Detailed troubleshooting procedures
#### VLAN_TAGGING_FIX_EXPLANATION.md
Technical deep-dive covering:
- Problem explanation with diagrams
- Broken vs. fixed configuration comparison
- VLAN tagging mapping table
- Why this approach was chosen
- Testing verification steps
#### TESTING_CHECKLIST.md
Deployment validation checklist with:
- Deployment steps
- Pre-testing checks (9 checks total)
- Connectivity tests (9 tests total)
- Summary table
- Troubleshooting procedures
- Success criteria
---
## Technical Details
### VLAN Configuration Mapping
| Component | VLAN 40 (L2 VXLAN) | VLAN 34 (L3 VXLAN) | VLAN 78 (L3 VXLAN) |
|-----------|-------------------|-------------------|-------------------|
| **host1** | bond0.40 (10.40.40.101) | - | - |
| **host2** | - | bond0.34 (10.34.34.102) | - |
| **host3** | bond0.40 (10.40.40.103) | - | - |
| **host4** | - | - | bond0.78 (10.78.78.104) |
| **Leaf Port** | Access VLAN 40 | Access VLAN 34 | Access VLAN 78 |
| **VTEP** | 10.0.255.11 (Pair) | 10.0.255.12 (Pair) | 10.0.255.14 (Pair) |
| **VNI** | 110040 (L2) | 100001 (L3) | 100001 (L3) |
| **VRF** | default | gold | gold |
### Why This Fix Works
1. **Linux VLAN Subinterfaces** send 802.1Q tagged frames
```
Frame format: [DA][SA][**VLAN Tag 40**][Type][Payload]
```
2. **Leaf Access Port** recognizes the VLAN tag
```
Receives frame with VLAN 40 → Matches configured access VLAN 40
```
3. **Frame is untagged** and forwarded within VLAN 40
```
Becomes untagged within VLAN → Normal switching/routing
```
4. **MAC learning** happens normally in VLAN 40
```
MAC table updated → EVPN Type-2 routes created
```
5. **Remote VTEP** receives encapsulated packet
```
VXLAN decapsulation → Frames forwarded in target VLAN on remote leaf
```
---
## Testing Procedure
### Quick Validation (5 minutes)
```bash
# Deploy lab
sudo containerlab deploy -t evpn-lab.clab.yml
# Wait 60 seconds for startup
sleep 60
# Test L2 connectivity
docker exec clab-arista-evpn-fabric-host1 ping -c 4 10.40.40.103
# Test L3 connectivity
docker exec clab-arista-evpn-fabric-host2 ping -c 4 10.78.78.104
```
### Full Validation (20 minutes)
Follow the TESTING_CHECKLIST.md for comprehensive validation
---
## Affected Functionality
### ✅ Now Working
- Host-to-host L2 VXLAN connectivity
- MAC learning via VXLAN
- EVPN Type-2 route advertisement
- Host-to-host L3 VXLAN connectivity (VRF gold)
- EVPN Type-5 route advertisement
- MLAG dual-active gateway functionality
### ✅ Already Working (Unchanged)
- Spine BGP underlay
- Leaf BGP underlay
- EVPN overlay adjacencies
- VXLAN VTEP formation
- VRF isolation
### ⚠️ No Changes Required (Pre-existing)
- Device startup configurations (except host updates)
- BGP routing policies
- Link configurations
- Physical topology
---
## Backward Compatibility
**Breaking Change:** Yes - Network topology
This fix requires a **complete lab redeployment** because:
1. Host network configurations have changed
2. Existing running containers will have incorrect interface configuration
3. Cannot be applied incrementally to running lab
**No breaking changes to:**
- Device configuration format
- BGP policies
- Routing protocols
- VXLAN encapsulation
- EVPN messages
---
## Deployment Checklist
- [ ] Verify on `fix-bgp-and-mlag` branch
- [ ] Review changes: `git diff main...fix-bgp-and-mlag`
- [ ] Destroy existing lab: `sudo containerlab destroy -t evpn-lab.clab.yml --cleanup`
- [ ] Deploy fixed lab: `sudo containerlab deploy -t evpn-lab.clab.yml`
- [ ] Wait 90 seconds for startup
- [ ] Run quick validation test (5 min)
- [ ] Run full testing checklist (20 min)
- [ ] Verify all tests pass
- [ ] Prepare pull request to merge to main
---
## Related Issues
This fix addresses the issue:
**"Fixes from fix-bgp-and-mlag branch integrated to main #1"**
Topics covered:
- L2 VXLAN end-to-end connectivity
- L3 VXLAN end-to-end connectivity
- VLAN tagging at host-to-switch boundary
- MLAG operation with VXLAN
- EVPN Type-2 and Type-5 route advertisement
---
## Future Improvements
Possible enhancements in subsequent branches:
1. Automated testing script to validate all checks
2. BGP policy testing (as-path, communities, etc.)
3. Failure scenario testing (link down, VTEP down)
4. Performance testing (throughput, latency)
5. Advanced EVPN features (RT-5, multi-homing, etc.)
---
## References
- `END_TO_END_TESTING.md` - Complete testing guide
- `VLAN_TAGGING_FIX_EXPLANATION.md` - Technical explanation
- `TESTING_CHECKLIST.md` - Validation checklist
- Original source document: Arista BGP EVPN Configuration Example
---
## Questions?
See the documentation files in this branch for detailed explanations:
1. Start with `VLAN_TAGGING_FIX_EXPLANATION.md` for understanding the problem
2. Move to `END_TO_END_TESTING.md` for comprehensive testing
3. Use `TESTING_CHECKLIST.md` for validation