Damien/fabric-orchestrator
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Compare commits

base: Damien:5a335b37e6ecd57cbbf1469d0238503c47b8cb13
Branches Tags
Damien:main
...
compare: Damien:14ebedadcb5fc3d2a0b1d80ecf95e56deb400041
Branches Tags
Damien:main

9 Commits
5a335b37e6 ... 14ebedadcb

Author SHA1 Message Date
Damien
14ebedadcb feat(objects): declare object files in .infrahub.yml — refs #52 2026-02-15 12:03:10 +01:00
Damien
825c5e4451 feat(objects): add 4 MLAG domains, 8 peer configs — refs #52 2026-02-15 12:03:07 +01:00
Damien
4a13a6a33d feat(objects): add VRF gold, route targets, device assignments — refs #52 2026-02-15 12:03:04 +01:00
Damien
17ff22f497 feat(objects): add BGP config, peer groups, 74 sessions, address families — refs #52 2026-02-15 12:03:00 +01:00
Damien
89f77b764e feat(objects): add VLANs, VNIs, VTEPs, mappings, EVPN instances — refs #52 2026-02-15 12:02:57 +01:00
Damien
537df72f85 feat(objects): add IP addresses (72 assignments: loopbacks, P2P, MLAG, VRF) — refs #52 2026-02-15 12:02:53 +01:00
Damien
dc382bf6de feat(objects): add interfaces (loopback, ethernet, LAG, VLAN SVIs) — refs #52 2026-02-15 12:02:50 +01:00
Damien
d3275d1ecc feat(objects): add 10 devices (2 spines, 8 leafs) — refs #52 2026-02-15 12:02:46 +01:00
Damien
009b6ebc75 feat(objects): add foundation objects (fabric, platform, site, ASNs) — refs #52 2026-02-15 12:02:40 +01:00
9 changed files with 2385 additions and 0 deletions
Expand all files Collapse all files

10
.infrahub.yml
View File

@@ -5,3 +5,13 @@ schemas:
menus:
- menus/fabric-menu.yml
object_files:
- objects/01-foundation.yml
- objects/02-devices.yml
- objects/03-interfaces.yml
- objects/04-ipam.yml
- objects/05-vlans-vxlan.yml
- objects/06-bgp.yml
- objects/07-vrfs.yml
- objects/08-mlag.yml

58
objects/01-foundation.yml Normal file
View File

@@ -0,0 +1,58 @@
# Foundation objects: Fabric, Platform, Site, Autonomous Systems
# Must be loaded first — referenced by all subsequent files
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: LocationSite
data:
- name: dc1
description: Primary data center
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraPlatform
data:
- name: arista_eos
description: Arista EOS
napalm_driver: eos
netmiko_device_type: arista_eos
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraAutonomousSystem
data:
- asn: 64999
description: External border peer
as_type: private
- asn: 65000
description: Spine AS
as_type: private
- asn: 65001
description: Leaf pair 1 (leaf1/leaf2)
as_type: private
- asn: 65002
description: Leaf pair 2 (leaf3/leaf4)
as_type: private
- asn: 65003
description: Leaf pair 3 (leaf5/leaf6)
as_type: private
- asn: 65004
description: Leaf pair 4 (leaf7/leaf8)
as_type: private
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraFabric
data:
- name: evpn-fabric
description: Arista EVPN-VXLAN reference fabric
underlay_protocol: ebgp
overlay_protocol: evpn
anycast_gateway_mac: "c001.cafe.babe"
spine_asn: "65000"
sites:
- dc1

83
objects/02-devices.yml Normal file
View File

@@ -0,0 +1,83 @@
# Devices: 2 spines + 8 leafs
# Depends on: 01-foundation (Platform, Site, AutonomousSystem)
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraDevice
data:
# Spines
- name: spine1
description: Spine1 - BGP EVPN Spine
role: spine
status: active
platform: arista_eos
site: dc1
asn: "65000"
- name: spine2
description: Spine2 - BGP EVPN Spine
role: spine
status: active
platform: arista_eos
site: dc1
asn: "65000"
# Leaf pair 1 (VTEP1)
- name: leaf1
description: Leaf1 - VTEP1
role: leaf
status: active
platform: arista_eos
site: dc1
asn: "65001"
- name: leaf2
description: Leaf2 - VTEP1
role: leaf
status: active
platform: arista_eos
site: dc1
asn: "65001"
# Leaf pair 2 (VTEP2)
- name: leaf3
description: Leaf3 - VTEP2
role: leaf
status: active
platform: arista_eos
site: dc1
asn: "65002"
- name: leaf4
description: Leaf4 - VTEP2
role: leaf
status: active
platform: arista_eos
site: dc1
asn: "65002"
# Leaf pair 3 (VTEP3)
- name: leaf5
description: Leaf5 - VTEP3
role: leaf
status: active
platform: arista_eos
site: dc1
asn: "65003"
- name: leaf6
description: Leaf6 - VTEP3
role: leaf
status: active
platform: arista_eos
site: dc1
asn: "65003"
# Leaf pair 4 (VTEP4)
- name: leaf7
description: Leaf7 - VTEP4
role: border_leaf
status: active
platform: arista_eos
site: dc1
asn: "65004"
- name: leaf8
description: Leaf8 - VTEP4
role: border_leaf
status: active
platform: arista_eos
site: dc1
asn: "65004"

632
objects/03-interfaces.yml Normal file
View File

@@ -0,0 +1,632 @@
# Interfaces: Loopback, Ethernet, LAG (Port-Channel), VLAN SVIs
# Depends on: 02-devices
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraInterfaceLoopback
data:
# Spine loopbacks (Lo0 only)
- device: spine1
name: Loopback0
description: Router-ID
enabled: true
- device: spine2
name: Loopback0
description: Router-ID
enabled: true
# Leaf loopbacks (Lo0 + Lo1)
- device: leaf1
name: Loopback0
description: Router-ID
enabled: true
- device: leaf1
name: Loopback1
description: VTEP
enabled: true
- device: leaf2
name: Loopback0
description: Router-ID
enabled: true
- device: leaf2
name: Loopback1
description: VTEP
enabled: true
- device: leaf3
name: Loopback0
description: Router-ID
enabled: true
- device: leaf3
name: Loopback1
description: VTEP
enabled: true
- device: leaf4
name: Loopback0
description: Router-ID
enabled: true
- device: leaf4
name: Loopback1
description: VTEP
enabled: true
- device: leaf5
name: Loopback0
description: Router-ID
enabled: true
- device: leaf5
name: Loopback1
description: VTEP
enabled: true
- device: leaf6
name: Loopback0
description: Router-ID
enabled: true
- device: leaf6
name: Loopback1
description: VTEP
enabled: true
- device: leaf7
name: Loopback0
description: Router-ID
enabled: true
- device: leaf7
name: Loopback1
description: VTEP
enabled: true
- device: leaf8
name: Loopback0
description: Router-ID
enabled: true
- device: leaf8
name: Loopback1
description: VTEP
enabled: true
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraInterfaceEthernet
data:
# ============================================================
# Spine1 Ethernet interfaces (underlay to leafs)
# ============================================================
- device: spine1
name: Ethernet1
description: leaf1
enabled: true
mtu: 9214
mode: routed
- device: spine1
name: Ethernet2
description: leaf2
enabled: true
mtu: 9214
mode: routed
- device: spine1
name: Ethernet3
description: leaf3
enabled: true
mtu: 9214
mode: routed
- device: spine1
name: Ethernet4
description: leaf4
enabled: true
mtu: 9214
mode: routed
- device: spine1
name: Ethernet5
description: leaf5
enabled: true
mtu: 9214
mode: routed
- device: spine1
name: Ethernet6
description: leaf6
enabled: true
mtu: 9214
mode: routed
- device: spine1
name: Ethernet7
description: leaf7
enabled: true
mtu: 9214
mode: routed
- device: spine1
name: Ethernet8
description: leaf8
enabled: true
mtu: 9214
mode: routed
# ============================================================
# Spine2 Ethernet interfaces (underlay to leafs)
# ============================================================
- device: spine2
name: Ethernet1
description: leaf1
enabled: true
mtu: 9214
mode: routed
- device: spine2
name: Ethernet2
description: leaf2
enabled: true
mtu: 9214
mode: routed
- device: spine2
name: Ethernet3
description: leaf3
enabled: true
mtu: 9214
mode: routed
- device: spine2
name: Ethernet4
description: leaf4
enabled: true
mtu: 9214
mode: routed
- device: spine2
name: Ethernet5
description: leaf5
enabled: true
mtu: 9214
mode: routed
- device: spine2
name: Ethernet6
description: leaf6
enabled: true
mtu: 9214
mode: routed
- device: spine2
name: Ethernet7
description: leaf7
enabled: true
mtu: 9214
mode: routed
- device: spine2
name: Ethernet8
description: leaf8
enabled: true
mtu: 9214
mode: routed
# ============================================================
# Leaf Ethernet interfaces
# Each leaf has: Ethernet1 (host), Ethernet10 (mlag peer-link),
# Ethernet11 (spine1), Ethernet12 (spine2)
# ============================================================
# Leaf1
- device: leaf1
name: Ethernet1
description: host1
enabled: true
mode: trunk
lag: ["leaf1", "Port-Channel1"]
- device: leaf1
name: Ethernet10
description: mlag peer link
enabled: true
mode: trunk
lag: ["leaf1", "Port-Channel999"]
- device: leaf1
name: Ethernet11
description: spine1
enabled: true
mtu: 9214
mode: routed
- device: leaf1
name: Ethernet12
description: spine2
enabled: true
mtu: 9214
mode: routed
# Leaf2
- device: leaf2
name: Ethernet1
description: host1
enabled: true
mode: trunk
lag: ["leaf2", "Port-Channel1"]
- device: leaf2
name: Ethernet10
description: mlag peer link
enabled: true
mode: trunk
lag: ["leaf2", "Port-Channel999"]
- device: leaf2
name: Ethernet11
description: spine1
enabled: true
mtu: 9214
mode: routed
- device: leaf2
name: Ethernet12
description: spine2
enabled: true
mtu: 9214
mode: routed
# Leaf3
- device: leaf3
name: Ethernet1
description: host2
enabled: true
mode: trunk
lag: ["leaf3", "Port-Channel1"]
- device: leaf3
name: Ethernet10
description: mlag peer link
enabled: true
mode: trunk
lag: ["leaf3", "Port-Channel999"]
- device: leaf3
name: Ethernet11
description: spine1
enabled: true
mtu: 9214
mode: routed
- device: leaf3
name: Ethernet12
description: spine2
enabled: true
mtu: 9214
mode: routed
# Leaf4
- device: leaf4
name: Ethernet1
description: host2
enabled: true
mode: trunk
lag: ["leaf4", "Port-Channel1"]
- device: leaf4
name: Ethernet10
description: mlag peer link
enabled: true
mode: trunk
lag: ["leaf4", "Port-Channel999"]
- device: leaf4
name: Ethernet11
description: spine1
enabled: true
mtu: 9214
mode: routed
- device: leaf4
name: Ethernet12
description: spine2
enabled: true
mtu: 9214
mode: routed
# Leaf5
- device: leaf5
name: Ethernet1
description: host3
enabled: true
mode: trunk
lag: ["leaf5", "Port-Channel1"]
- device: leaf5
name: Ethernet10
description: mlag peer link
enabled: true
mode: trunk
lag: ["leaf5", "Port-Channel999"]
- device: leaf5
name: Ethernet11
description: spine1
enabled: true
mtu: 9214
mode: routed
- device: leaf5
name: Ethernet12
description: spine2
enabled: true
mtu: 9214
mode: routed
# Leaf6
- device: leaf6
name: Ethernet1
description: host3
enabled: true
mode: trunk
lag: ["leaf6", "Port-Channel1"]
- device: leaf6
name: Ethernet10
description: mlag peer link
enabled: true
mode: trunk
lag: ["leaf6", "Port-Channel999"]
- device: leaf6
name: Ethernet11
description: spine1
enabled: true
mtu: 9214
mode: routed
- device: leaf6
name: Ethernet12
description: spine2
enabled: true
mtu: 9214
mode: routed
# Leaf7
- device: leaf7
name: Ethernet1
description: host4
enabled: true
mode: trunk
lag: ["leaf7", "Port-Channel1"]
- device: leaf7
name: Ethernet10
description: mlag peer link
enabled: true
mode: trunk
lag: ["leaf7", "Port-Channel999"]
- device: leaf7
name: Ethernet11
description: spine1
enabled: true
mtu: 9214
mode: routed
- device: leaf7
name: Ethernet12
description: spine2
enabled: true
mtu: 9214
mode: routed
# Leaf8
- device: leaf8
name: Ethernet1
description: host4
enabled: true
mode: trunk
lag: ["leaf8", "Port-Channel1"]
- device: leaf8
name: Ethernet10
description: mlag peer link
enabled: true
mode: trunk
lag: ["leaf8", "Port-Channel999"]
- device: leaf8
name: Ethernet11
description: spine1
enabled: true
mtu: 9214
mode: routed
- device: leaf8
name: Ethernet12
description: spine2
enabled: true
mtu: 9214
mode: routed
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraInterfaceLag
data:
# Port-Channel999 — MLAG peer-link (all leafs)
- device: leaf1
name: Port-Channel999
description: MLAG Peer
enabled: true
lacp_mode: active
- device: leaf2
name: Port-Channel999
description: MLAG Peer
enabled: true
lacp_mode: active
- device: leaf3
name: Port-Channel999
description: MLAG Peer
enabled: true
lacp_mode: active
- device: leaf4
name: Port-Channel999
description: MLAG Peer
enabled: true
lacp_mode: active
- device: leaf5
name: Port-Channel999
description: MLAG Peer
enabled: true
lacp_mode: active
- device: leaf6
name: Port-Channel999
description: MLAG Peer
enabled: true
lacp_mode: active
- device: leaf7
name: Port-Channel999
description: MLAG Peer
enabled: true
lacp_mode: active
- device: leaf8
name: Port-Channel999
description: MLAG Peer
enabled: true
lacp_mode: active
# Port-Channel1 — Host-facing MLAG LAG (all leafs)
- device: leaf1
name: Port-Channel1
description: host1
enabled: true
lacp_mode: active
mlag_id: 1
- device: leaf2
name: Port-Channel1
description: host1
enabled: true
lacp_mode: active
mlag_id: 1
- device: leaf3
name: Port-Channel1
description: host2
enabled: true
lacp_mode: active
mlag_id: 1
- device: leaf4
name: Port-Channel1
description: host2
enabled: true
lacp_mode: active
mlag_id: 1
- device: leaf5
name: Port-Channel1
description: host3
enabled: true
lacp_mode: active
mlag_id: 1
- device: leaf6
name: Port-Channel1
description: host3
enabled: true
lacp_mode: active
mlag_id: 1
- device: leaf7
name: Port-Channel1
description: host4
enabled: true
lacp_mode: active
mlag_id: 1
- device: leaf8
name: Port-Channel1
description: host4
enabled: true
lacp_mode: active
mlag_id: 1
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraInterfaceVlan
data:
# Vlan4090 — MLAG Peer-Link SVI (all leafs)
- device: leaf1
name: Vlan4090
description: MLAG Peer-Link
enabled: true
autostate: false
vlan: "4090"
- device: leaf2
name: Vlan4090
description: MLAG Peer-Link
enabled: true
autostate: false
vlan: "4090"
- device: leaf3
name: Vlan4090
description: MLAG Peer-Link
enabled: true
autostate: false
vlan: "4090"
- device: leaf4
name: Vlan4090
description: MLAG Peer-Link
enabled: true
autostate: false
vlan: "4090"
- device: leaf5
name: Vlan4090
description: MLAG Peer-Link
enabled: true
autostate: false
vlan: "4090"
- device: leaf6
name: Vlan4090
description: MLAG Peer-Link
enabled: true
autostate: false
vlan: "4090"
- device: leaf7
name: Vlan4090
description: MLAG Peer-Link
enabled: true
autostate: false
vlan: "4090"
- device: leaf8
name: Vlan4090
description: MLAG Peer-Link
enabled: true
autostate: false
vlan: "4090"
# Vlan4091 — MLAG iBGP Peering SVI (all leafs)
- device: leaf1
name: Vlan4091
description: MLAG iBGP Peering
enabled: true
mtu: 9214
vlan: "4091"
- device: leaf2
name: Vlan4091
description: MLAG iBGP Peering
enabled: true
mtu: 9214
vlan: "4091"
- device: leaf3
name: Vlan4091
description: MLAG iBGP Peering
enabled: true
mtu: 9214
vlan: "4091"
- device: leaf4
name: Vlan4091
description: MLAG iBGP Peering
enabled: true
mtu: 9214
vlan: "4091"
- device: leaf5
name: Vlan4091
description: MLAG iBGP Peering
enabled: true
mtu: 9214
vlan: "4091"
- device: leaf6
name: Vlan4091
description: MLAG iBGP Peering
enabled: true
mtu: 9214
vlan: "4091"
- device: leaf7
name: Vlan4091
description: MLAG iBGP Peering
enabled: true
mtu: 9214
vlan: "4091"
- device: leaf8
name: Vlan4091
description: MLAG iBGP Peering
enabled: true
mtu: 9214
vlan: "4091"
# Vlan34 — VRF gold subnet (leaf3/leaf4)
- device: leaf3
name: Vlan34
description: VRF gold subnet
enabled: true
virtual_router_address: "10.34.34.1"
vlan: "34"
- device: leaf4
name: Vlan34
description: VRF gold subnet
enabled: true
virtual_router_address: "10.34.34.1"
vlan: "34"
# Vlan78 — VRF gold subnet (leaf7/leaf8)
- device: leaf7
name: Vlan78
description: VRF gold subnet
enabled: true
virtual_router_address: "10.78.78.1"
vlan: "78"
- device: leaf8
name: Vlan78
description: VRF gold subnet
enabled: true
virtual_router_address: "10.78.78.1"
vlan: "78"
# Vlan900 — BGP border peering (leaf7/leaf8)
- device: leaf7
name: Vlan900
description: BGP border peering
enabled: true
vlan: "900"
- device: leaf8
name: Vlan900
description: BGP border peering
enabled: true
vlan: "900"

259
objects/04-ipam.yml Normal file
View File

@@ -0,0 +1,259 @@
# IP Addresses: Loopbacks, P2P underlay links, MLAG SVIs, VRF SVIs
# Depends on: 03-interfaces
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraIPAddress
data:
# ============================================================
# Loopback0 addresses (Router-ID) — /32
# ============================================================
- address: "10.0.250.1/32"
description: spine1 Router-ID
interface: ["spine1", "Loopback0"]
- address: "10.0.250.2/32"
description: spine2 Router-ID
interface: ["spine2", "Loopback0"]
- address: "10.0.250.11/32"
description: leaf1 Router-ID
interface: ["leaf1", "Loopback0"]
- address: "10.0.250.12/32"
description: leaf2 Router-ID
interface: ["leaf2", "Loopback0"]
- address: "10.0.250.13/32"
description: leaf3 Router-ID
interface: ["leaf3", "Loopback0"]
- address: "10.0.250.14/32"
description: leaf4 Router-ID
interface: ["leaf4", "Loopback0"]
- address: "10.0.250.15/32"
description: leaf5 Router-ID
interface: ["leaf5", "Loopback0"]
- address: "10.0.250.16/32"
description: leaf6 Router-ID
interface: ["leaf6", "Loopback0"]
- address: "10.0.250.17/32"
description: leaf7 Router-ID
interface: ["leaf7", "Loopback0"]
- address: "10.0.250.18/32"
description: leaf8 Router-ID
interface: ["leaf8", "Loopback0"]
# ============================================================
# Loopback1 addresses (VTEP) — /32
# ============================================================
- address: "10.0.255.11/32"
description: leaf1 VTEP (shared VTEP1)
interface: ["leaf1", "Loopback1"]
- address: "10.0.255.11/32"
description: leaf2 VTEP (shared VTEP1)
interface: ["leaf2", "Loopback1"]
- address: "10.0.255.12/32"
description: leaf3 VTEP (shared VTEP2)
interface: ["leaf3", "Loopback1"]
- address: "10.0.255.12/32"
description: leaf4 VTEP (shared VTEP2)
interface: ["leaf4", "Loopback1"]
- address: "10.0.255.13/32"
description: leaf5 VTEP (shared VTEP3)
interface: ["leaf5", "Loopback1"]
- address: "10.0.255.13/32"
description: leaf6 VTEP (shared VTEP3)
interface: ["leaf6", "Loopback1"]
- address: "10.0.255.14/32"
description: leaf7 VTEP (shared VTEP4)
interface: ["leaf7", "Loopback1"]
- address: "10.0.255.14/32"
description: leaf8 VTEP (shared VTEP4)
interface: ["leaf8", "Loopback1"]
# ============================================================
# Spine1 P2P underlay — /31
# ============================================================
- address: "10.0.1.0/31"
description: spine1 Ethernet1 to leaf1
interface: ["spine1", "Ethernet1"]
- address: "10.0.1.2/31"
description: spine1 Ethernet2 to leaf2
interface: ["spine1", "Ethernet2"]
- address: "10.0.1.4/31"
description: spine1 Ethernet3 to leaf3
interface: ["spine1", "Ethernet3"]
- address: "10.0.1.6/31"
description: spine1 Ethernet4 to leaf4
interface: ["spine1", "Ethernet4"]
- address: "10.0.1.8/31"
description: spine1 Ethernet5 to leaf5
interface: ["spine1", "Ethernet5"]
- address: "10.0.1.10/31"
description: spine1 Ethernet6 to leaf6
interface: ["spine1", "Ethernet6"]
- address: "10.0.1.12/31"
description: spine1 Ethernet7 to leaf7
interface: ["spine1", "Ethernet7"]
- address: "10.0.1.14/31"
description: spine1 Ethernet8 to leaf8
interface: ["spine1", "Ethernet8"]
# ============================================================
# Spine2 P2P underlay — /31
# ============================================================
- address: "10.0.2.0/31"
description: spine2 Ethernet1 to leaf1
interface: ["spine2", "Ethernet1"]
- address: "10.0.2.2/31"
description: spine2 Ethernet2 to leaf2
interface: ["spine2", "Ethernet2"]
- address: "10.0.2.4/31"
description: spine2 Ethernet3 to leaf3
interface: ["spine2", "Ethernet3"]
- address: "10.0.2.6/31"
description: spine2 Ethernet4 to leaf4
interface: ["spine2", "Ethernet4"]
- address: "10.0.2.8/31"
description: spine2 Ethernet5 to leaf5
interface: ["spine2", "Ethernet5"]
- address: "10.0.2.10/31"
description: spine2 Ethernet6 to leaf6
interface: ["spine2", "Ethernet6"]
- address: "10.0.2.12/31"
description: spine2 Ethernet7 to leaf7
interface: ["spine2", "Ethernet7"]
- address: "10.0.2.14/31"
description: spine2 Ethernet8 to leaf8
interface: ["spine2", "Ethernet8"]
# ============================================================
# Leaf P2P underlay (leaf side) — /31
# ============================================================
# Leaf1
- address: "10.0.1.1/31"
description: leaf1 Ethernet11 to spine1
interface: ["leaf1", "Ethernet11"]
- address: "10.0.2.1/31"
description: leaf1 Ethernet12 to spine2
interface: ["leaf1", "Ethernet12"]
# Leaf2
- address: "10.0.1.3/31"
description: leaf2 Ethernet11 to spine1
interface: ["leaf2", "Ethernet11"]
- address: "10.0.2.3/31"
description: leaf2 Ethernet12 to spine2
interface: ["leaf2", "Ethernet12"]
# Leaf3
- address: "10.0.1.5/31"
description: leaf3 Ethernet11 to spine1
interface: ["leaf3", "Ethernet11"]
- address: "10.0.2.5/31"
description: leaf3 Ethernet12 to spine2
interface: ["leaf3", "Ethernet12"]
# Leaf4
- address: "10.0.1.7/31"
description: leaf4 Ethernet11 to spine1
interface: ["leaf4", "Ethernet11"]
- address: "10.0.2.7/31"
description: leaf4 Ethernet12 to spine2
interface: ["leaf4", "Ethernet12"]
# Leaf5
- address: "10.0.1.9/31"
description: leaf5 Ethernet11 to spine1
interface: ["leaf5", "Ethernet11"]
- address: "10.0.2.9/31"
description: leaf5 Ethernet12 to spine2
interface: ["leaf5", "Ethernet12"]
# Leaf6
- address: "10.0.1.11/31"
description: leaf6 Ethernet11 to spine1
interface: ["leaf6", "Ethernet11"]
- address: "10.0.2.11/31"
description: leaf6 Ethernet12 to spine2
interface: ["leaf6", "Ethernet12"]
# Leaf7
- address: "10.0.1.13/31"
description: leaf7 Ethernet11 to spine1
interface: ["leaf7", "Ethernet11"]
- address: "10.0.2.13/31"
description: leaf7 Ethernet12 to spine2
interface: ["leaf7", "Ethernet12"]
# Leaf8
- address: "10.0.1.15/31"
description: leaf8 Ethernet11 to spine1
interface: ["leaf8", "Ethernet11"]
- address: "10.0.2.15/31"
description: leaf8 Ethernet12 to spine2
interface: ["leaf8", "Ethernet12"]
# ============================================================
# MLAG Peer-Link SVI (Vlan4090) — /31
# ============================================================
- address: "10.0.199.254/31"
description: leaf1 MLAG peer-link
interface: ["leaf1", "Vlan4090"]
- address: "10.0.199.255/31"
description: leaf2 MLAG peer-link
interface: ["leaf2", "Vlan4090"]
- address: "10.0.199.252/31"
description: leaf3 MLAG peer-link
interface: ["leaf3", "Vlan4090"]
- address: "10.0.199.253/31"
description: leaf4 MLAG peer-link
interface: ["leaf4", "Vlan4090"]
- address: "10.0.199.250/31"
description: leaf5 MLAG peer-link
interface: ["leaf5", "Vlan4090"]
- address: "10.0.199.251/31"
description: leaf6 MLAG peer-link
interface: ["leaf6", "Vlan4090"]
- address: "10.0.199.248/31"
description: leaf7 MLAG peer-link
interface: ["leaf7", "Vlan4090"]
- address: "10.0.199.249/31"
description: leaf8 MLAG peer-link
interface: ["leaf8", "Vlan4090"]
# ============================================================
# MLAG iBGP Peering SVI (Vlan4091) — /31
# ============================================================
- address: "10.0.3.0/31"
description: leaf1 MLAG iBGP peering
interface: ["leaf1", "Vlan4091"]
- address: "10.0.3.1/31"
description: leaf2 MLAG iBGP peering
interface: ["leaf2", "Vlan4091"]
- address: "10.0.3.2/31"
description: leaf3 MLAG iBGP peering
interface: ["leaf3", "Vlan4091"]
- address: "10.0.3.3/31"
description: leaf4 MLAG iBGP peering
interface: ["leaf4", "Vlan4091"]
- address: "10.0.3.4/31"
description: leaf5 MLAG iBGP peering
interface: ["leaf5", "Vlan4091"]
- address: "10.0.3.5/31"
description: leaf6 MLAG iBGP peering
interface: ["leaf6", "Vlan4091"]
- address: "10.0.3.6/31"
description: leaf7 MLAG iBGP peering
interface: ["leaf7", "Vlan4091"]
- address: "10.0.3.7/31"
description: leaf8 MLAG iBGP peering
interface: ["leaf8", "Vlan4091"]
# ============================================================
# VRF gold SVI addresses — /24
# ============================================================
# Vlan34 (leaf3/leaf4)
- address: "10.34.34.2/24"
description: leaf3 Vlan34 VRF gold
interface: ["leaf3", "Vlan34"]
- address: "10.34.34.3/24"
description: leaf4 Vlan34 VRF gold
interface: ["leaf4", "Vlan34"]
# Vlan78 (leaf7/leaf8)
- address: "10.78.78.2/24"
description: leaf7 Vlan78 VRF gold
interface: ["leaf7", "Vlan78"]
- address: "10.78.78.3/24"
description: leaf8 Vlan78 VRF gold
interface: ["leaf8", "Vlan78"]
# Vlan900 — BGP border (leaf7/leaf8)
- address: "10.90.90.2/29"
description: leaf7 Vlan900 BGP border
interface: ["leaf7", "Vlan900"]
- address: "10.90.90.3/29"
description: leaf8 Vlan900 BGP border
interface: ["leaf8", "Vlan900"]

167
objects/05-vlans-vxlan.yml Normal file
View File

@@ -0,0 +1,167 @@
# VLANs, VNIs, VTEPs, VLAN-VNI mappings, EVPN instances
# Depends on: 02-devices, 03-interfaces
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraVLAN
data:
- vlan_id: 34
name: vrf-gold-subnet
description: VRF gold L3 subnet (leaf3/leaf4)
status: active
vlan_type: standard
- vlan_id: 40
name: test-l2-vxlan
description: L2 VXLAN test VLAN
status: active
vlan_type: standard
- vlan_id: 78
name: vrf-gold-subnet
description: VRF gold L3 subnet (leaf7/leaf8)
status: active
vlan_type: standard
- vlan_id: 900
name: bgp-border
description: BGP border peering VLAN
status: active
vlan_type: standard
- vlan_id: 4090
name: mlag-peer
description: MLAG peer-link control
status: active
vlan_type: mlag_peer
trunk_groups:
- mlag-peer
stp_enabled: false
- vlan_id: 4091
name: mlag-ibgp
description: MLAG iBGP peering
status: active
vlan_type: mlag_ibgp
trunk_groups:
- mlag-peer
stp_enabled: false
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraVNI
data:
- vni: 110040
description: L2VNI for VLAN 40 (test-l2-vxlan)
vni_type: l2vni
vlan: "40"
- vni: 100001
description: L3VNI for VRF gold
vni_type: l3vni
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraVTEP
data:
# VTEP on leaf1 (shared VTEP1 IP 10.0.255.11)
- device: leaf1
source_address: "10.0.255.11"
udp_port: 4789
learn_restrict: any
source_interface: ["leaf1", "Loopback1"]
# VTEP on leaf2 (shared VTEP1 IP 10.0.255.11)
- device: leaf2
source_address: "10.0.255.11"
udp_port: 4789
learn_restrict: any
source_interface: ["leaf2", "Loopback1"]
# VTEP on leaf3 (shared VTEP2 IP 10.0.255.12)
- device: leaf3
source_address: "10.0.255.12"
udp_port: 4789
learn_restrict: any
source_interface: ["leaf3", "Loopback1"]
# VTEP on leaf4 (shared VTEP2 IP 10.0.255.12)
- device: leaf4
source_address: "10.0.255.12"
udp_port: 4789
learn_restrict: any
source_interface: ["leaf4", "Loopback1"]
# VTEP on leaf5 (shared VTEP3 IP 10.0.255.13)
- device: leaf5
source_address: "10.0.255.13"
udp_port: 4789
learn_restrict: any
source_interface: ["leaf5", "Loopback1"]
# VTEP on leaf6 (shared VTEP3 IP 10.0.255.13)
- device: leaf6
source_address: "10.0.255.13"
udp_port: 4789
learn_restrict: any
source_interface: ["leaf6", "Loopback1"]
# VTEP on leaf7 (shared VTEP4 IP 10.0.255.14)
- device: leaf7
source_address: "10.0.255.14"
udp_port: 4789
learn_restrict: any
source_interface: ["leaf7", "Loopback1"]
# VTEP on leaf8 (shared VTEP4 IP 10.0.255.14)
- device: leaf8
source_address: "10.0.255.14"
udp_port: 4789
learn_restrict: any
source_interface: ["leaf8", "Loopback1"]
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraVlanVniMapping
data:
# VLAN 40 <-> VNI 110040 on leaf1/2/5/6 (L2 VXLAN leafs)
- vtep: leaf1
vlan: "40"
vni: "110040"
description: "VLAN 40 <-> VNI 110040"
- vtep: leaf2
vlan: "40"
vni: "110040"
description: "VLAN 40 <-> VNI 110040"
- vtep: leaf5
vlan: "40"
vni: "110040"
description: "VLAN 40 <-> VNI 110040"
- vtep: leaf6
vlan: "40"
vni: "110040"
description: "VLAN 40 <-> VNI 110040"
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraEVPNInstance
data:
# EVPN instance for VLAN 40 on L2 VXLAN leafs
# leaf1: rd 65001:110040, rt both 40:110040
- device: leaf1
vlan: "40"
route_distinguisher: "65001:110040"
route_target_import: "40:110040"
route_target_export: "40:110040"
redistribute_learned: true
- device: leaf2
vlan: "40"
route_distinguisher: "65001:110040"
route_target_import: "40:110040"
route_target_export: "40:110040"
redistribute_learned: true
# leaf5/6: rd 65003:110040, rt both 40:110040
- device: leaf5
vlan: "40"
route_distinguisher: "65003:110040"
route_target_import: "40:110040"
route_target_export: "40:110040"
redistribute_learned: true
- device: leaf6
vlan: "40"
route_distinguisher: "65003:110040"
route_target_import: "40:110040"
route_target_export: "40:110040"
redistribute_learned: true

980
objects/06-bgp.yml Normal file
View File

@@ -0,0 +1,980 @@
# BGP: RouterConfig, PeerGroups, Sessions, AddressFamilies
# Depends on: 01-foundation (ASNs), 02-devices, 04-ipam
#
# Spine BGP: no named peer-groups in config (neighbors defined directly),
# but evpn peer-group is defined. Underlay neighbors are direct.
# Leaf BGP: underlay, underlay_ibgp, evpn peer-groups.
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraBGPRouterConfig
data:
# ============================================================
# Spine1 BGP — AS 65000, router-id 10.0.250.1
# ============================================================
- device: spine1
router_id: "10.0.250.1"
local_asn: "65000"
default_ipv4_unicast: false
log_neighbor_changes: true
ecmp_max_paths: 4
ecmp_max_ecmp: 64
ebgp_distance: 20
ibgp_distance: 200
local_distance: 200
# ============================================================
# Spine2 BGP — AS 65000, router-id 10.0.250.2
# ============================================================
- device: spine2
router_id: "10.0.250.2"
local_asn: "65000"
default_ipv4_unicast: false
log_neighbor_changes: true
ecmp_max_paths: 4
ecmp_max_ecmp: 64
ebgp_distance: 20
ibgp_distance: 200
local_distance: 200
# ============================================================
# Leaf1 BGP — AS 65001, router-id 10.0.250.11
# ============================================================
- device: leaf1
router_id: "10.0.250.11"
local_asn: "65001"
default_ipv4_unicast: false
log_neighbor_changes: true
ecmp_max_paths: 4
ecmp_max_ecmp: 64
ebgp_distance: 20
ibgp_distance: 200
local_distance: 200
# ============================================================
# Leaf2 BGP — AS 65001, router-id 10.0.250.12
# ============================================================
- device: leaf2
router_id: "10.0.250.12"
local_asn: "65001"
default_ipv4_unicast: false
log_neighbor_changes: true
ecmp_max_paths: 4
ecmp_max_ecmp: 64
ebgp_distance: 20
ibgp_distance: 200
local_distance: 200
# ============================================================
# Leaf3 BGP — AS 65002, router-id 10.0.250.13
# ============================================================
- device: leaf3
router_id: "10.0.250.13"
local_asn: "65002"
default_ipv4_unicast: false
log_neighbor_changes: true
ecmp_max_paths: 4
ecmp_max_ecmp: 64
ebgp_distance: 20
ibgp_distance: 200
local_distance: 200
# ============================================================
# Leaf4 BGP — AS 65002, router-id 10.0.250.14
# ============================================================
- device: leaf4
router_id: "10.0.250.14"
local_asn: "65002"
default_ipv4_unicast: false
log_neighbor_changes: true
ecmp_max_paths: 4
ecmp_max_ecmp: 64
ebgp_distance: 20
ibgp_distance: 200
local_distance: 200
# ============================================================
# Leaf5 BGP — AS 65003, router-id 10.0.250.15
# ============================================================
- device: leaf5
router_id: "10.0.250.15"
local_asn: "65003"
default_ipv4_unicast: false
log_neighbor_changes: true
ecmp_max_paths: 4
ecmp_max_ecmp: 64
ebgp_distance: 20
ibgp_distance: 200
local_distance: 200
# ============================================================
# Leaf6 BGP — AS 65003, router-id 10.0.250.16
# ============================================================
- device: leaf6
router_id: "10.0.250.16"
local_asn: "65003"
default_ipv4_unicast: false
log_neighbor_changes: true
ecmp_max_paths: 4
ecmp_max_ecmp: 64
ebgp_distance: 20
ibgp_distance: 200
local_distance: 200
# ============================================================
# Leaf7 BGP — AS 65004, router-id 10.0.250.17
# ============================================================
- device: leaf7
router_id: "10.0.250.17"
local_asn: "65004"
default_ipv4_unicast: false
log_neighbor_changes: true
ecmp_max_paths: 4
ecmp_max_ecmp: 64
ebgp_distance: 20
ibgp_distance: 200
local_distance: 200
# ============================================================
# Leaf8 BGP — AS 65004, router-id 10.0.250.18
# ============================================================
- device: leaf8
router_id: "10.0.250.18"
local_asn: "65004"
default_ipv4_unicast: false
log_neighbor_changes: true
ecmp_max_paths: 4
ecmp_max_ecmp: 64
ebgp_distance: 20
ibgp_distance: 200
local_distance: 200
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraBGPPeerGroup
data:
# ============================================================
# Spine peer-groups (evpn only — underlay neighbors are direct)
# ============================================================
# Spine1 — evpn peer-group
- bgp_config: spine1
name: evpn
description: EVPN overlay to leaf loopbacks
peer_group_type: evpn
update_source: Loopback0
ebgp_multihop: 3
send_community: extended
next_hop_unchanged: true
maximum_routes: 12000
maximum_routes_warning_only: true
# Spine2 — evpn peer-group
- bgp_config: spine2
name: evpn
description: EVPN overlay to leaf loopbacks
peer_group_type: evpn
update_source: Loopback0
ebgp_multihop: 3
send_community: extended
next_hop_unchanged: true
maximum_routes: 12000
maximum_routes_warning_only: true
# ============================================================
# Leaf peer-groups (underlay, underlay_ibgp, evpn)
# ============================================================
# Leaf1
- bgp_config: leaf1
name: underlay
description: Underlay eBGP to spines
peer_group_type: underlay
remote_asn: "65000"
maximum_routes: 12000
maximum_routes_warning_only: true
- bgp_config: leaf1
name: underlay_ibgp
description: MLAG iBGP peering
peer_group_type: underlay_ibgp
remote_asn: "65001"
next_hop_self: true
maximum_routes: 12000
maximum_routes_warning_only: true
- bgp_config: leaf1
name: evpn
description: EVPN overlay to spines
peer_group_type: evpn
remote_asn: "65000"
update_source: Loopback0
ebgp_multihop: 3
send_community: extended
maximum_routes: 12000
maximum_routes_warning_only: true
# Leaf2
- bgp_config: leaf2
name: underlay
description: Underlay eBGP to spines
peer_group_type: underlay
remote_asn: "65000"
maximum_routes: 12000
maximum_routes_warning_only: true
- bgp_config: leaf2
name: underlay_ibgp
description: MLAG iBGP peering
peer_group_type: underlay_ibgp
remote_asn: "65001"
next_hop_self: true
maximum_routes: 12000
maximum_routes_warning_only: true
- bgp_config: leaf2
name: evpn
description: EVPN overlay to spines
peer_group_type: evpn
remote_asn: "65000"
update_source: Loopback0
ebgp_multihop: 3
send_community: extended
maximum_routes: 12000
maximum_routes_warning_only: true
# Leaf3
- bgp_config: leaf3
name: underlay
description: Underlay eBGP to spines
peer_group_type: underlay
remote_asn: "65000"
maximum_routes: 12000
maximum_routes_warning_only: true
- bgp_config: leaf3
name: underlay_ibgp
description: MLAG iBGP peering
peer_group_type: underlay_ibgp
remote_asn: "65002"
next_hop_self: true
maximum_routes: 12000
maximum_routes_warning_only: true
- bgp_config: leaf3
name: evpn
description: EVPN overlay to spines
peer_group_type: evpn
remote_asn: "65000"
update_source: Loopback0
ebgp_multihop: 3
send_community: extended
maximum_routes: 12000
maximum_routes_warning_only: true
# Leaf4
- bgp_config: leaf4
name: underlay
description: Underlay eBGP to spines
peer_group_type: underlay
remote_asn: "65000"
maximum_routes: 12000
maximum_routes_warning_only: true
- bgp_config: leaf4
name: underlay_ibgp
description: MLAG iBGP peering
peer_group_type: underlay_ibgp
remote_asn: "65002"
next_hop_self: true
maximum_routes: 12000
maximum_routes_warning_only: true
- bgp_config: leaf4
name: evpn
description: EVPN overlay to spines
peer_group_type: evpn
remote_asn: "65000"
update_source: Loopback0
ebgp_multihop: 3
send_community: extended
maximum_routes: 12000
maximum_routes_warning_only: true
# Leaf5
- bgp_config: leaf5
name: underlay
description: Underlay eBGP to spines
peer_group_type: underlay
remote_asn: "65000"
maximum_routes: 12000
maximum_routes_warning_only: true
- bgp_config: leaf5
name: underlay_ibgp
description: MLAG iBGP peering
peer_group_type: underlay_ibgp
remote_asn: "65003"
next_hop_self: true
maximum_routes: 12000
maximum_routes_warning_only: true
- bgp_config: leaf5
name: evpn
description: EVPN overlay to spines
peer_group_type: evpn
remote_asn: "65000"
update_source: Loopback0
ebgp_multihop: 3
send_community: extended
maximum_routes: 12000
maximum_routes_warning_only: true
# Leaf6
- bgp_config: leaf6
name: underlay
description: Underlay eBGP to spines
peer_group_type: underlay
remote_asn: "65000"
maximum_routes: 12000
maximum_routes_warning_only: true
- bgp_config: leaf6
name: underlay_ibgp
description: MLAG iBGP peering
peer_group_type: underlay_ibgp
remote_asn: "65003"
next_hop_self: true
maximum_routes: 12000
maximum_routes_warning_only: true
- bgp_config: leaf6
name: evpn
description: EVPN overlay to spines
peer_group_type: evpn
remote_asn: "65000"
update_source: Loopback0
ebgp_multihop: 3
send_community: extended
maximum_routes: 12000
maximum_routes_warning_only: true
# Leaf7
- bgp_config: leaf7
name: underlay
description: Underlay eBGP to spines
peer_group_type: underlay
remote_asn: "65000"
maximum_routes: 12000
maximum_routes_warning_only: true
- bgp_config: leaf7
name: underlay_ibgp
description: MLAG iBGP peering
peer_group_type: underlay_ibgp
remote_asn: "65004"
next_hop_self: true
maximum_routes: 12000
maximum_routes_warning_only: true
- bgp_config: leaf7
name: evpn
description: EVPN overlay to spines
peer_group_type: evpn
remote_asn: "65000"
update_source: Loopback0
ebgp_multihop: 3
send_community: extended
maximum_routes: 12000
maximum_routes_warning_only: true
# Leaf8
- bgp_config: leaf8
name: underlay
description: Underlay eBGP to spines
peer_group_type: underlay
remote_asn: "65000"
maximum_routes: 12000
maximum_routes_warning_only: true
- bgp_config: leaf8
name: underlay_ibgp
description: MLAG iBGP peering
peer_group_type: underlay_ibgp
remote_asn: "65004"
next_hop_self: true
maximum_routes: 12000
maximum_routes_warning_only: true
- bgp_config: leaf8
name: evpn
description: EVPN overlay to spines
peer_group_type: evpn
remote_asn: "65000"
update_source: Loopback0
ebgp_multihop: 3
send_community: extended
maximum_routes: 12000
maximum_routes_warning_only: true
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraBGPSession
data:
# ============================================================
# Spine1 sessions
# ============================================================
# Spine1 underlay (direct neighbors, no peer-group — use remote_asn)
- bgp_config: spine1
peer_address: "10.0.1.1"
description: "underlay to leaf1"
remote_asn: "65001"
peer_device: leaf1
- bgp_config: spine1
peer_address: "10.0.1.3"
description: "underlay to leaf2"
remote_asn: "65001"
peer_device: leaf2
- bgp_config: spine1
peer_address: "10.0.1.5"
description: "underlay to leaf3"
remote_asn: "65002"
peer_device: leaf3
- bgp_config: spine1
peer_address: "10.0.1.7"
description: "underlay to leaf4"
remote_asn: "65002"
peer_device: leaf4
- bgp_config: spine1
peer_address: "10.0.1.9"
description: "underlay to leaf5"
remote_asn: "65003"
peer_device: leaf5
- bgp_config: spine1
peer_address: "10.0.1.11"
description: "underlay to leaf6"
remote_asn: "65003"
peer_device: leaf6
- bgp_config: spine1
peer_address: "10.0.1.13"
description: "underlay to leaf7"
remote_asn: "65004"
peer_device: leaf7
- bgp_config: spine1
peer_address: "10.0.1.15"
description: "underlay to leaf8"
remote_asn: "65004"
peer_device: leaf8
# Spine1 EVPN (via evpn peer-group)
- bgp_config: spine1
peer_address: "10.0.250.11"
description: "EVPN to leaf1"
peer_group: ["10.0.250.1", "evpn"]
remote_asn: "65001"
peer_device: leaf1
- bgp_config: spine1
peer_address: "10.0.250.12"
description: "EVPN to leaf2"
peer_group: ["10.0.250.1", "evpn"]
remote_asn: "65001"
peer_device: leaf2
- bgp_config: spine1
peer_address: "10.0.250.13"
description: "EVPN to leaf3"
peer_group: ["10.0.250.1", "evpn"]
remote_asn: "65002"
peer_device: leaf3
- bgp_config: spine1
peer_address: "10.0.250.14"
description: "EVPN to leaf4"
peer_group: ["10.0.250.1", "evpn"]
remote_asn: "65002"
peer_device: leaf4
- bgp_config: spine1
peer_address: "10.0.250.15"
description: "EVPN to leaf5"
peer_group: ["10.0.250.1", "evpn"]
remote_asn: "65003"
peer_device: leaf5
- bgp_config: spine1
peer_address: "10.0.250.16"
description: "EVPN to leaf6"
peer_group: ["10.0.250.1", "evpn"]
remote_asn: "65003"
peer_device: leaf6
- bgp_config: spine1
peer_address: "10.0.250.17"
description: "EVPN to leaf7"
peer_group: ["10.0.250.1", "evpn"]
remote_asn: "65004"
peer_device: leaf7
- bgp_config: spine1
peer_address: "10.0.250.18"
description: "EVPN to leaf8"
peer_group: ["10.0.250.1", "evpn"]
remote_asn: "65004"
peer_device: leaf8
# ============================================================
# Spine2 sessions
# ============================================================
# Spine2 underlay
- bgp_config: spine2
peer_address: "10.0.2.1"
description: "underlay to leaf1"
remote_asn: "65001"
peer_device: leaf1
- bgp_config: spine2
peer_address: "10.0.2.3"
description: "underlay to leaf2"
remote_asn: "65001"
peer_device: leaf2
- bgp_config: spine2
peer_address: "10.0.2.5"
description: "underlay to leaf3"
remote_asn: "65002"
peer_device: leaf3
- bgp_config: spine2
peer_address: "10.0.2.7"
description: "underlay to leaf4"
remote_asn: "65002"
peer_device: leaf4
- bgp_config: spine2
peer_address: "10.0.2.9"
description: "underlay to leaf5"
remote_asn: "65003"
peer_device: leaf5
- bgp_config: spine2
peer_address: "10.0.2.11"
description: "underlay to leaf6"
remote_asn: "65003"
peer_device: leaf6
- bgp_config: spine2
peer_address: "10.0.2.13"
description: "underlay to leaf7"
remote_asn: "65004"
peer_device: leaf7
- bgp_config: spine2
peer_address: "10.0.2.15"
description: "underlay to leaf8"
remote_asn: "65004"
peer_device: leaf8
# Spine2 EVPN
- bgp_config: spine2
peer_address: "10.0.250.11"
description: "EVPN to leaf1"
peer_group: ["10.0.250.2", "evpn"]
remote_asn: "65001"
peer_device: leaf1
- bgp_config: spine2
peer_address: "10.0.250.12"
description: "EVPN to leaf2"
peer_group: ["10.0.250.2", "evpn"]
remote_asn: "65001"
peer_device: leaf2
- bgp_config: spine2
peer_address: "10.0.250.13"
description: "EVPN to leaf3"
peer_group: ["10.0.250.2", "evpn"]
remote_asn: "65002"
peer_device: leaf3
- bgp_config: spine2
peer_address: "10.0.250.14"
description: "EVPN to leaf4"
peer_group: ["10.0.250.2", "evpn"]
remote_asn: "65002"
peer_device: leaf4
- bgp_config: spine2
peer_address: "10.0.250.15"
description: "EVPN to leaf5"
peer_group: ["10.0.250.2", "evpn"]
remote_asn: "65003"
peer_device: leaf5
- bgp_config: spine2
peer_address: "10.0.250.16"
description: "EVPN to leaf6"
peer_group: ["10.0.250.2", "evpn"]
remote_asn: "65003"
peer_device: leaf6
- bgp_config: spine2
peer_address: "10.0.250.17"
description: "EVPN to leaf7"
peer_group: ["10.0.250.2", "evpn"]
remote_asn: "65004"
peer_device: leaf7
- bgp_config: spine2
peer_address: "10.0.250.18"
description: "EVPN to leaf8"
peer_group: ["10.0.250.2", "evpn"]
remote_asn: "65004"
peer_device: leaf8
# ============================================================
# Leaf1 sessions
# ============================================================
- bgp_config: leaf1
peer_address: "10.0.1.0"
description: "underlay to spine1"
peer_group: ["10.0.250.11", "underlay"]
peer_device: spine1
- bgp_config: leaf1
peer_address: "10.0.2.0"
description: "underlay to spine2"
peer_group: ["10.0.250.11", "underlay"]
peer_device: spine2
- bgp_config: leaf1
peer_address: "10.0.3.1"
description: "iBGP to leaf2"
peer_group: ["10.0.250.11", "underlay_ibgp"]
peer_device: leaf2
- bgp_config: leaf1
peer_address: "10.0.250.1"
description: "EVPN to spine1"
peer_group: ["10.0.250.11", "evpn"]
peer_device: spine1
- bgp_config: leaf1
peer_address: "10.0.250.2"
description: "EVPN to spine2"
peer_group: ["10.0.250.11", "evpn"]
peer_device: spine2
# ============================================================
# Leaf2 sessions
# ============================================================
- bgp_config: leaf2
peer_address: "10.0.1.2"
description: "underlay to spine1"
peer_group: ["10.0.250.12", "underlay"]
peer_device: spine1
- bgp_config: leaf2
peer_address: "10.0.2.2"
description: "underlay to spine2"
peer_group: ["10.0.250.12", "underlay"]
peer_device: spine2
- bgp_config: leaf2
peer_address: "10.0.3.0"
description: "iBGP to leaf1"
peer_group: ["10.0.250.12", "underlay_ibgp"]
peer_device: leaf1
- bgp_config: leaf2
peer_address: "10.0.250.1"
description: "EVPN to spine1"
peer_group: ["10.0.250.12", "evpn"]
peer_device: spine1
- bgp_config: leaf2
peer_address: "10.0.250.2"
description: "EVPN to spine2"
peer_group: ["10.0.250.12", "evpn"]
peer_device: spine2
# ============================================================
# Leaf3 sessions
# ============================================================
- bgp_config: leaf3
peer_address: "10.0.1.4"
description: "underlay to spine1"
peer_group: ["10.0.250.13", "underlay"]
peer_device: spine1
- bgp_config: leaf3
peer_address: "10.0.2.4"
description: "underlay to spine2"
peer_group: ["10.0.250.13", "underlay"]
peer_device: spine2
- bgp_config: leaf3
peer_address: "10.0.3.3"
description: "iBGP to leaf4"
peer_group: ["10.0.250.13", "underlay_ibgp"]
peer_device: leaf4
- bgp_config: leaf3
peer_address: "10.0.250.1"
description: "EVPN to spine1"
peer_group: ["10.0.250.13", "evpn"]
peer_device: spine1
- bgp_config: leaf3
peer_address: "10.0.250.2"
description: "EVPN to spine2"
peer_group: ["10.0.250.13", "evpn"]
peer_device: spine2
# ============================================================
# Leaf4 sessions
# ============================================================
- bgp_config: leaf4
peer_address: "10.0.1.6"
description: "underlay to spine1"
peer_group: ["10.0.250.14", "underlay"]
peer_device: spine1
- bgp_config: leaf4
peer_address: "10.0.2.6"
description: "underlay to spine2"
peer_group: ["10.0.250.14", "underlay"]
peer_device: spine2
- bgp_config: leaf4
peer_address: "10.0.3.2"
description: "iBGP to leaf3"
peer_group: ["10.0.250.14", "underlay_ibgp"]
peer_device: leaf3
- bgp_config: leaf4
peer_address: "10.0.250.1"
description: "EVPN to spine1"
peer_group: ["10.0.250.14", "evpn"]
peer_device: spine1
- bgp_config: leaf4
peer_address: "10.0.250.2"
description: "EVPN to spine2"
peer_group: ["10.0.250.14", "evpn"]
peer_device: spine2
# ============================================================
# Leaf5 sessions
# ============================================================
- bgp_config: leaf5
peer_address: "10.0.1.8"
description: "underlay to spine1"
peer_group: ["10.0.250.15", "underlay"]
peer_device: spine1
- bgp_config: leaf5
peer_address: "10.0.2.8"
description: "underlay to spine2"
peer_group: ["10.0.250.15", "underlay"]
peer_device: spine2
- bgp_config: leaf5
peer_address: "10.0.3.5"
description: "iBGP to leaf6"
peer_group: ["10.0.250.15", "underlay_ibgp"]
peer_device: leaf6
- bgp_config: leaf5
peer_address: "10.0.250.1"
description: "EVPN to spine1"
peer_group: ["10.0.250.15", "evpn"]
peer_device: spine1
- bgp_config: leaf5
peer_address: "10.0.250.2"
description: "EVPN to spine2"
peer_group: ["10.0.250.15", "evpn"]
peer_device: spine2
# ============================================================
# Leaf6 sessions
# ============================================================
- bgp_config: leaf6
peer_address: "10.0.1.10"
description: "underlay to spine1"
peer_group: ["10.0.250.16", "underlay"]
peer_device: spine1
- bgp_config: leaf6
peer_address: "10.0.2.10"
description: "underlay to spine2"
peer_group: ["10.0.250.16", "underlay"]
peer_device: spine2
- bgp_config: leaf6
peer_address: "10.0.3.4"
description: "iBGP to leaf5"
peer_group: ["10.0.250.16", "underlay_ibgp"]
peer_device: leaf5
- bgp_config: leaf6
peer_address: "10.0.250.1"
description: "EVPN to spine1"
peer_group: ["10.0.250.16", "evpn"]
peer_device: spine1
- bgp_config: leaf6
peer_address: "10.0.250.2"
description: "EVPN to spine2"
peer_group: ["10.0.250.16", "evpn"]
peer_device: spine2
# ============================================================
# Leaf7 sessions (+ VRF gold border session)
# ============================================================
- bgp_config: leaf7
peer_address: "10.0.1.12"
description: "underlay to spine1"
peer_group: ["10.0.250.17", "underlay"]
peer_device: spine1
- bgp_config: leaf7
peer_address: "10.0.2.12"
description: "underlay to spine2"
peer_group: ["10.0.250.17", "underlay"]
peer_device: spine2
- bgp_config: leaf7
peer_address: "10.0.3.7"
description: "iBGP to leaf8"
peer_group: ["10.0.250.17", "underlay_ibgp"]
peer_device: leaf8
- bgp_config: leaf7
peer_address: "10.0.250.1"
description: "EVPN to spine1"
peer_group: ["10.0.250.17", "evpn"]
peer_device: spine1
- bgp_config: leaf7
peer_address: "10.0.250.2"
description: "EVPN to spine2"
peer_group: ["10.0.250.17", "evpn"]
peer_device: spine2
# Border session in VRF gold
- bgp_config: leaf7
peer_address: "10.90.90.1"
description: "VRF gold border to AS 64999"
remote_asn: "64999"
vrf: gold
# ============================================================
# Leaf8 sessions (+ VRF gold border session)
# ============================================================
- bgp_config: leaf8
peer_address: "10.0.1.14"
description: "underlay to spine1"
peer_group: ["10.0.250.18", "underlay"]
peer_device: spine1
- bgp_config: leaf8
peer_address: "10.0.2.14"
description: "underlay to spine2"
peer_group: ["10.0.250.18", "underlay"]
peer_device: spine2
- bgp_config: leaf8
peer_address: "10.0.3.6"
description: "iBGP to leaf7"
peer_group: ["10.0.250.18", "underlay_ibgp"]
peer_device: leaf7
- bgp_config: leaf8
peer_address: "10.0.250.1"
description: "EVPN to spine1"
peer_group: ["10.0.250.18", "evpn"]
peer_device: spine1
- bgp_config: leaf8
peer_address: "10.0.250.2"
description: "EVPN to spine2"
peer_group: ["10.0.250.18", "evpn"]
peer_device: spine2
# Border session in VRF gold
- bgp_config: leaf8
peer_address: "10.90.90.1"
description: "VRF gold border to AS 64999"
remote_asn: "64999"
vrf: gold
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraBGPAddressFamily
data:
# ============================================================
# Spine1 address families
# ============================================================
- bgp_config: spine1
afi: ipv4
safi: unicast
networks:
- "10.0.250.1/32"
- bgp_config: spine1
afi: evpn
safi: unicast
active_peer_groups:
- ["10.0.250.1", "evpn"]
# ============================================================
# Spine2 address families
# ============================================================
- bgp_config: spine2
afi: ipv4
safi: unicast
networks:
- "10.0.250.2/32"
- bgp_config: spine2
afi: evpn
safi: unicast
active_peer_groups:
- ["10.0.250.2", "evpn"]
# ============================================================
# Leaf1 address families
# ============================================================
- bgp_config: leaf1
afi: ipv4
safi: unicast
active_peer_groups:
- ["10.0.250.11", "underlay"]
- ["10.0.250.11", "underlay_ibgp"]
networks:
- "10.0.250.11/32"
- "10.0.255.11/32"
- bgp_config: leaf1
afi: evpn
safi: unicast
active_peer_groups:
- ["10.0.250.11", "evpn"]
# ============================================================
# Leaf2 address families
# ============================================================
- bgp_config: leaf2
afi: ipv4
safi: unicast
active_peer_groups:
- ["10.0.250.12", "underlay"]
- ["10.0.250.12", "underlay_ibgp"]
networks:
- "10.0.250.12/32"
- "10.0.255.11/32"
- bgp_config: leaf2
afi: evpn
safi: unicast
active_peer_groups:
- ["10.0.250.12", "evpn"]
# ============================================================
# Leaf3 address families
# ============================================================
- bgp_config: leaf3
afi: ipv4
safi: unicast
active_peer_groups:
- ["10.0.250.13", "underlay"]
- ["10.0.250.13", "underlay_ibgp"]
networks:
- "10.0.250.13/32"
- "10.0.255.12/32"
- bgp_config: leaf3
afi: evpn
safi: unicast
active_peer_groups:
- ["10.0.250.13", "evpn"]
# ============================================================
# Leaf4 address families
# ============================================================
- bgp_config: leaf4
afi: ipv4
safi: unicast
active_peer_groups:
- ["10.0.250.14", "underlay"]
- ["10.0.250.14", "underlay_ibgp"]
networks:
- "10.0.250.14/32"
- "10.0.255.12/32"
- bgp_config: leaf4
afi: evpn
safi: unicast
active_peer_groups:
- ["10.0.250.14", "evpn"]
# ============================================================
# Leaf5 address families
# ============================================================
- bgp_config: leaf5
afi: ipv4
safi: unicast
active_peer_groups:
- ["10.0.250.15", "underlay"]
- ["10.0.250.15", "underlay_ibgp"]
networks:
- "10.0.250.15/32"
- "10.0.255.13/32"
- bgp_config: leaf5
afi: evpn
safi: unicast
active_peer_groups:
- ["10.0.250.15", "evpn"]
# ============================================================
# Leaf6 address families
# ============================================================
- bgp_config: leaf6
afi: ipv4
safi: unicast
active_peer_groups:
- ["10.0.250.16", "underlay"]
- ["10.0.250.16", "underlay_ibgp"]
networks:
- "10.0.250.16/32"
- "10.0.255.13/32"
- bgp_config: leaf6
afi: evpn
safi: unicast
active_peer_groups:
- ["10.0.250.16", "evpn"]
# ============================================================
# Leaf7 address families
# ============================================================
- bgp_config: leaf7
afi: ipv4
safi: unicast
active_peer_groups:
- ["10.0.250.17", "underlay"]
- ["10.0.250.17", "underlay_ibgp"]
networks:
- "10.0.250.17/32"
- "10.0.255.14/32"
- bgp_config: leaf7
afi: evpn
safi: unicast
active_peer_groups:
- ["10.0.250.17", "evpn"]
# ============================================================
# Leaf8 address families
# ============================================================
- bgp_config: leaf8
afi: ipv4
safi: unicast
active_peer_groups:
- ["10.0.250.18", "underlay"]
- ["10.0.250.18", "underlay_ibgp"]
networks:
- "10.0.250.18/32"
- "10.0.255.14/32"
- bgp_config: leaf8
afi: evpn
safi: unicast
active_peer_groups:
- ["10.0.250.18", "evpn"]

62
objects/07-vrfs.yml Normal file
View File

@@ -0,0 +1,62 @@
# VRFs, Route Targets, VRF Device Assignments
# Depends on: 02-devices, 03-interfaces, 05-vlans-vxlan (VNI 100001)
#
# VRF gold is used on leaf3/4 (VLAN 34) and leaf7/8 (VLAN 78 + border)
# L3VNI 100001 for symmetric IRB
# Route targets: import/export evpn 1:100001
# Per-device RD: <router-id>:1
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraRouteTarget
data:
- target: "1:100001"
description: VRF gold EVPN route target
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraVRF
data:
- name: gold
description: VRF gold - L3 VXLAN with symmetric IRB
l3vni: "100001"
import_targets:
- "1:100001"
export_targets:
- "1:100001"
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraVRFDeviceAssignment
data:
- device: leaf3
vrf: gold
route_distinguisher: "10.0.250.13:1"
import_targets:
- "1:100001"
export_targets:
- "1:100001"
- device: leaf4
vrf: gold
route_distinguisher: "10.0.250.14:1"
import_targets:
- "1:100001"
export_targets:
- "1:100001"
- device: leaf7
vrf: gold
route_distinguisher: "10.0.250.17:1"
import_targets:
- "1:100001"
export_targets:
- "1:100001"
- device: leaf8
vrf: gold
route_distinguisher: "10.0.250.18:1"
import_targets:
- "1:100001"
export_targets:
- "1:100001"

134
objects/08-mlag.yml Normal file
View File

@@ -0,0 +1,134 @@
# MLAG: Domains and Peer Configs
# Depends on: 02-devices, 03-interfaces (Vlan4090, Port-Channel999), 05-vlans-vxlan (VLAN 4090/4091)
#
# All 4 MLAG pairs share domain-id "leafs" and virtual-mac c001.cafe.babe
# but each is a separate MlagDomain object linking two devices.
# MLAG peer VLAN: 4090, MLAG iBGP VLAN: 4091
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraMlagDomain
data:
# MLAG pair 1: leaf1 + leaf2
- domain_id: leafs-1-2
description: MLAG domain for leaf1/leaf2 pair
virtual_mac: "c001.cafe.babe"
heartbeat_vrf: mgmt
dual_primary_detection: true
dual_primary_delay: 10
dual_primary_action: errdisable
devices:
- leaf1
- leaf2
peer_vlan: "4090"
ibgp_vlan: "4091"
# MLAG pair 2: leaf3 + leaf4
- domain_id: leafs-3-4
description: MLAG domain for leaf3/leaf4 pair
virtual_mac: "c001.cafe.babe"
heartbeat_vrf: mgmt
dual_primary_detection: true
dual_primary_delay: 10
dual_primary_action: errdisable
devices:
- leaf3
- leaf4
peer_vlan: "4090"
ibgp_vlan: "4091"
# MLAG pair 3: leaf5 + leaf6
- domain_id: leafs-5-6
description: MLAG domain for leaf5/leaf6 pair
virtual_mac: "c001.cafe.babe"
heartbeat_vrf: mgmt
dual_primary_detection: true
dual_primary_delay: 10
dual_primary_action: errdisable
devices:
- leaf5
- leaf6
peer_vlan: "4090"
ibgp_vlan: "4091"
# MLAG pair 4: leaf7 + leaf8
- domain_id: leafs-7-8
description: MLAG domain for leaf7/leaf8 pair
virtual_mac: "c001.cafe.babe"
heartbeat_vrf: mgmt
dual_primary_detection: true
dual_primary_delay: 10
dual_primary_action: errdisable
devices:
- leaf7
- leaf8
peer_vlan: "4090"
ibgp_vlan: "4091"
---
apiVersion: infrahub.app/v1
kind: Object
spec:
kind: InfraMlagPeerConfig
data:
# Leaf1 MLAG peer config
- device: leaf1
mlag_domain: leafs-1-2
local_interface_ip: "10.0.199.254/31"
peer_address: "10.0.199.255"
heartbeat_peer_ip: "172.16.0.50"
local_interface: ["leaf1", "Vlan4090"]
peer_link: ["leaf1", "Port-Channel999"]
# Leaf2 MLAG peer config
- device: leaf2
mlag_domain: leafs-1-2
local_interface_ip: "10.0.199.255/31"
peer_address: "10.0.199.254"
heartbeat_peer_ip: "172.16.0.25"
local_interface: ["leaf2", "Vlan4090"]
peer_link: ["leaf2", "Port-Channel999"]
# Leaf3 MLAG peer config
- device: leaf3
mlag_domain: leafs-3-4
local_interface_ip: "10.0.199.252/31"
peer_address: "10.0.199.253"
heartbeat_peer_ip: "172.16.0.28"
local_interface: ["leaf3", "Vlan4090"]
peer_link: ["leaf3", "Port-Channel999"]
# Leaf4 MLAG peer config
- device: leaf4
mlag_domain: leafs-3-4
local_interface_ip: "10.0.199.253/31"
peer_address: "10.0.199.252"
heartbeat_peer_ip: "172.16.0.27"
local_interface: ["leaf4", "Vlan4090"]
peer_link: ["leaf4", "Port-Channel999"]
# Leaf5 MLAG peer config
- device: leaf5
mlag_domain: leafs-5-6
local_interface_ip: "10.0.199.250/31"
peer_address: "10.0.199.251"
heartbeat_peer_ip: "172.16.0.30"
local_interface: ["leaf5", "Vlan4090"]
peer_link: ["leaf5", "Port-Channel999"]
# Leaf6 MLAG peer config
- device: leaf6
mlag_domain: leafs-5-6
local_interface_ip: "10.0.199.251/31"
peer_address: "10.0.199.250"
heartbeat_peer_ip: "172.16.0.29"
local_interface: ["leaf6", "Vlan4090"]
peer_link: ["leaf6", "Port-Channel999"]
# Leaf7 MLAG peer config
- device: leaf7
mlag_domain: leafs-7-8
local_interface_ip: "10.0.199.248/31"
peer_address: "10.0.199.249"
heartbeat_peer_ip: "172.16.0.32"
local_interface: ["leaf7", "Vlan4090"]
peer_link: ["leaf7", "Port-Channel999"]
# Leaf8 MLAG peer config
- device: leaf8
mlag_domain: leafs-7-8
local_interface_ip: "10.0.199.249/31"
peer_address: "10.0.199.248"
heartbeat_peer_ip: "172.16.0.31"
local_interface: ["leaf8", "Vlan4090"]
peer_link: ["leaf8", "Port-Channel999"]