Damien/arista-evpn-vxlan-clab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Extend lab with Core, Campus fabric, and clean device naming #41

Merged
Damien merged 16 commits from feat/extend-campus-core into main 2026-04-24 08:25:17 +00:00
Conversation 0 Commits 16 Files Changed 43 +4684 -900
Damien commented 2026-04-24 08:24:20 +00:00
Owner
Copy Link

Summary

  • Extend the original DC-only topology with two new domains: a Core (AS 65500, iBGP, VRF-gold transit) and a full Campus EVPN-VXLAN fabric (spines, leaf pairs, border leafs, access, hosts)
  • Wire DC ⇄ Core ⇄ Campus so tenant VRFs reach end-to-end; VRF gold is the inter-fabric transit and hosts on either side can ping across
  • Rename every device to an <area>-<role> scheme (dc-spine, dc-leaf, dc-border-leaf, dc-access, dc-server, campus-border-leaf), leaving campus/core unchanged where already correct
  • Update annotations with a full set of AS group boxes (one per AS: 65000, 65001-4, 65005, 65500, 66000, 66001-2, 66005)
  • Refresh README, TROUBLESHOOTING, END_TO_END_TESTING and the SVG diagram to match the new topology and names

Test plan

  • clab deploy -t evpn-lab.clab.yml brings up all 34 nodes with the new names
  • DC server ↔ DC server ping inside each tenant VRF
  • Campus host ↔ Campus host ping inside VRF gold
  • Campus host ↔ DC server ping across Core (VRF gold transit)
  • Default route learned on campus hosts via fabric
  • BGP EVPN sessions up on every VTEP; Type-5 routes present for gold
  • Topology viewer renders the AS group boxes around the correct node pairs
## Summary - Extend the original DC-only topology with two new domains: a **Core** (AS 65500, iBGP, VRF-gold transit) and a full **Campus EVPN-VXLAN fabric** (spines, leaf pairs, border leafs, access, hosts) - Wire DC ⇄ Core ⇄ Campus so tenant VRFs reach end-to-end; VRF gold is the inter-fabric transit and hosts on either side can ping across - Rename every device to an `<area>-<role>` scheme (`dc-spine`, `dc-leaf`, `dc-border-leaf`, `dc-access`, `dc-server`, `campus-border-leaf`), leaving campus/core unchanged where already correct - Update annotations with a full set of AS group boxes (one per AS: 65000, 65001-4, 65005, 65500, 66000, 66001-2, 66005) - Refresh README, TROUBLESHOOTING, END_TO_END_TESTING and the SVG diagram to match the new topology and names ## Test plan - [x] `clab deploy -t evpn-lab.clab.yml` brings up all 34 nodes with the new names - [x] DC server ↔ DC server ping inside each tenant VRF - [x] Campus host ↔ Campus host ping inside VRF gold - [x] Campus host ↔ DC server ping across Core (VRF gold transit) - [x] Default route learned on campus hosts via fabric - [x] BGP EVPN sessions up on every VTEP; Type-5 routes present for gold - [x] Topology viewer renders the AS group boxes around the correct node pairs
Damien added 15 commits 2026-04-24 08:24:21 +00:00
Extend topology with Core, Campus fabric and DC Border Leafs 5e4b39d05d 
Add node declarations and links for:
- DC Border Leaf MLAG pair (border-leaf-dc1/2)
- Core routers (core1, core2) interconnected via eth5
- Campus spines, leafs, border leafs, access switches and two hosts
- DC spine eth9/eth10 uplinks toward DC Border Leafs (underlay + EVPN)
Add DC Border Leaf configs (AS 65005, MLAG pair) d3b3c38ead 
Both border leafs share VTEP Loopback1 10.0.255.15 and peer with DC
spines in eBGP IPv4 + EVPN. Uplinks to core1/core2 use dot1q
subinterfaces (.100 default underlay, .200 VRF gold) with OSPF area 0
and eBGP to AS 65500. VRF gold extended via vxlan vrf gold vni 100001
with RD <Lo0>:1 and RT 1:100001.
Add Core router configs (AS 65500, iBGP + VRF gold transit) 4b4c1852c4 
core1/core2 provide L3 transit between DC and Campus fabrics. Each
physical link toward a Border Leaf is subinterfaced (.100 default,
.200 VRF gold). OSPF area 0 in default VRF, eBGP to DC BLs (65005)
and Campus BLs (66005), iBGP between core1 and core2 via Loopback0.
VRF gold uses redistribute connected and VRF-aware eBGP sessions on
.200 subinterfaces to stitch VRF gold end-to-end across fabrics.
Add Campus EVPN-VXLAN fabric configs and host interfaces 6e0dcce746 
- campus-spine1/2 (AS 66000): eBGP underlay + EVPN RR toward leafs
  and border leafs, addressing plan 10.1.x.x.
- campus-leaf1/2 (VTEP1, AS 66001, VTEP 10.1.255.11): VLAN 50
  (stretched L2 VXLAN, VNI 110050) and VLAN 60 (VRF gold anycast
  10.60.60.1, L3 VNI 100001).
- campus-leaf3/4 (VTEP2, AS 66002, VTEP 10.1.255.12): VLAN 50 and
  VLAN 70 (VRF gold anycast 10.60.70.1).
- border-leaf-campus1/2 (AS 66005, VTEP 10.1.255.21): MLAG pair,
  OSPF + eBGP to cores, VRF gold stitched via vxlan vrf gold
  vni 100001 with RT 1:100001.
- campus-access1/2: L2-only uplinks to campus leaf MLAG pairs,
  trunks VLAN 50+60 / 50+70.
- campus-host1/2 interface files: bond0 + VLAN sub-interfaces for
  the stretched L2 VLAN 50 and the VRF gold subnets.
Update docs and diagram for extended multi-fabric topology ff15e90b5c 
- README: rewritten node inventory, AS map, addressing plan
  (management, Lo0/Lo1, P2P, hosts), VNI/RD/RT tables, control-plane
  summary and end-to-end Campus <-> DC test procedures through the
  Core (VRF gold stitching).
- hosts/README: document the two new Campus host configurations.
- assets/arista-evpn-fabric.svg: new three-zone layout (Campus, Core,
  DC) with legend.
- evpn-lab.clab.yml.annotations.json: reposition nodes and add zone
  labels so the ContainerLab graph matches the extended topology.
Update campus host attachment pattern to single-attached access 2da238e3ae
Update cEOS version f7c44bc0fd
Fix VRF gold BGP IPv4 activation on cores and border leafs cb74dd118f 
With 'no bgp default ipv4-unicast' set at the router level, VRF gold
eBGP/iBGP neighbors were establishing but not exchanging any IPv4
prefixes, breaking inter-fabric transit between DC and Campus. Add an
explicit 'address-family ipv4' block with 'neighbor X activate' under
'vrf gold' on both cores and all four border leafs.

Also drop 'redistribute learned' from the border leaf VRF gold stanza:
it is not a valid command in that context and was silently stripped by
EOS.
Force fabric default route on campus hosts 97fbc1cebe 
The 'ip route add default via <fabric-gw>' exec command silently failed
on campus-host1 and campus-host2 because the management DHCP on eth0
had already installed a default via 172.16.0.254. As a result, traffic
leaving the host for other fabric subnets was sent out the management
interface instead of the EVPN fabric, breaking end-to-end ping.

Switch to 'ip route replace' so the fabric gateway overrides whatever
default is installed at container start.
Move campus host config into /etc/network/interfaces 46c68b42bd 
Make hosts/campus-host{1,2}_interfaces the source of truth for the
campus host IP and default route, and have clab simply invoke 'ifup
eth1' at container start to apply it. Previously the bound interfaces
file was unused and the real config lived in the YAML exec block,
which was misleading.

BusyBox ifup in the network-multitool image needs 'address' plus
'netmask' rather than a CIDR, so split the address accordingly. Also
add 'post-up ip route replace default via <fabric-gw>' so the fabric
default overrides the management DHCP default even when one is already
installed.
Drop 'gateway' directive from campus host interfaces 8a725ab5fe 
BusyBox ifup translates 'gateway X' into 'ip route add default via X'
and aborts the whole ifup run with RC=1 when that command fails with
'File exists' — which always happens on first boot because the docker
management bridge has already installed its own default via eth0. As a
result the 'post-up ip route replace default' was never executed and
the host kept the management default.

Remove the 'gateway' line so ifup only runs the idempotent 'post-up ip
route replace default via <fabric-gw>' and the fabric default wins.
Rename devices to <area>-<role> scheme ef4211afe5 
DC fabric: spine/leaf/border-leaf/access/host -> dc-spine, dc-leaf,
dc-border-leaf, dc-access, dc-server. Campus border leafs flipped
from border-leaf-campus to campus-border-leaf for consistency. Core,
campus spines/leafs/access/hosts unchanged.

Updates topology, annotations, all configs (hostnames + peer
descriptions), host interface files, README, TROUBLESHOOTING,
END_TO_END_TESTING, and the SVG diagram.
Add AS group annotations for remaining fabrics ae4fd56635 
Complete the AS group boxes: add AS65000 (dc-spines),
AS65002/3/4 (dc-leaf pairs), AS66000 (campus-spines),
AS66001/2 (campus-leaf pairs), AS66005 (campus-border-leaf).
Update documentation and annotation 9bb168abe1
Update arista cEOS image version bd3dbc181c
Damien added 1 commit 2026-04-24 08:24:41 +00:00
update annotation 2e57976c56
Damien merged commit baa95a33c0 into main 2026-04-24 08:25:17 +00:00
Damien deleted branch feat/extend-campus-core 2026-04-24 08:25:21 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
containerlab
Containerlab topology et configs
 epic
Epic / Phase de projet
 generator
Infrahub Generator Python code
 resource-manager
Resource Manager / IPAM pools
 schema
Modifications de schéma Infrahub
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
Damien
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Damien/arista-evpn-vxlan-clab#41
Delete Branch "feat/extend-campus-core"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?