# Complete IP Address Plan - Arista L5 Dual DC ## 🎯 Design Philosophy **Avoiding 192.168.x.x to prevent conflicts with LAN subnet (192.168.1.0/24)** We'll use **RFC 1918 private address space** strategically: - **Management**: `10.255.0.0/24` (out-of-band) - **DC1 Underlay**: `10.1.x.x/16` range - **DC2 Underlay**: `10.2.x.x/16` range - **DCI**: `10.253.x.x` range - **Host/Tenant Networks**: `172.16.x.x/16` range --- ## 📊 IP Address Summary Table | Network Purpose | Subnet | Size | Usage | |----------------|--------|------|-------| | Management (OOB) | 10.255.0.0/24 | 254 hosts | ContainerLab mgmt | | DC1 Loopback0 | 10.1.0.0/24 | 254 hosts | Router IDs | | DC1 Loopback1 | 10.1.1.0/24 | 254 hosts | VTEP addresses | | DC1 P2P Links | 10.1.10.0/24 | 127 /31s | Spine-Leaf links | | DC1 MLAG Peer | 10.1.255.0/30 | Per pair | MLAG peer links | | DC2 Loopback0 | 10.2.0.0/24 | 254 hosts | Router IDs | | DC2 Loopback1 | 10.2.1.0/24 | 254 hosts | VTEP addresses | | DC2 P2P Links | 10.2.10.0/24 | 127 /31s | Spine-Leaf links | | DC2 MLAG Peer | 10.2.255.0/30 | Per pair | MLAG peer links | | DCI Loopback | 10.253.0.1/32 | 1 host | DCI router ID | | DCI P2P Links | 10.253.254.0/24 | 127 /31s | Border-DCI links | | Tenant VLANs | 172.16.x.0/24 | Per VLAN | Host networks | --- ## 🔌 Management Network (Out-of-Band) **Subnet**: `10.255.0.0/24` ### DC1 Management IPs ``` Device | Management IP | Purpose --------------------|----------------|------------------ spine1-DC1 | 10.255.0.11 | SSH/API access spine2-DC1 | 10.255.0.12 | SSH/API access spine3-DC1 | 10.255.0.13 | SSH/API access leaf1-DC1 | 10.255.0.21 | SSH/API access leaf2-DC1 | 10.255.0.22 | SSH/API access leaf3-DC1 | 10.255.0.23 | SSH/API access leaf4-DC1 | 10.255.0.24 | SSH/API access borderleaf1-DC1 | 10.255.0.31 | SSH/API access borderleaf2-DC1 | 10.255.0.32 | SSH/API access ``` ### DC2 Management IPs ``` Device | Management IP | Purpose --------------------|----------------|------------------ spine1-DC2 | 10.255.0.41 | SSH/API access spine2-DC2 | 10.255.0.42 | SSH/API access spine3-DC2 | 10.255.0.43 | SSH/API access leaf1-DC2 | 10.255.0.51 | SSH/API access leaf2-DC2 | 10.255.0.52 | SSH/API access leaf3-DC2 | 10.255.0.53 | SSH/API access leaf4-DC2 | 10.255.0.54 | SSH/API access borderleaf1-DC2 | 10.255.0.61 | SSH/API access borderleaf2-DC2 | 10.255.0.62 | SSH/API access ``` ### DCI Management IP ``` Device | Management IP | Purpose --------------------|----------------|------------------ DCI | 10.255.0.100 | SSH/API access ``` ### Host Management IPs ``` Device | Management IP | Purpose --------------------|----------------|------------------ host1-DC1 | 10.255.0.201 | SSH access host2-DC1 | 10.255.0.202 | SSH access host1-DC2 | 10.255.0.211 | SSH access host2-DC2 | 10.255.0.212 | SSH access ``` --- ## 🏢 DC1 - Data Center 1 IP Plan ### Loopback0 Addresses (Router IDs) **Subnet**: `10.1.0.0/24` ``` Device | Loopback0 | Mask | Router ID --------------------|----------------|------|---------- spine1-DC1 | 10.1.0.11 | /32 | 10.1.0.11 spine2-DC1 | 10.1.0.12 | /32 | 10.1.0.12 spine3-DC1 | 10.1.0.13 | /32 | 10.1.0.13 leaf1-DC1 | 10.1.0.21 | /32 | 10.1.0.21 leaf2-DC1 | 10.1.0.22 | /32 | 10.1.0.22 leaf3-DC1 | 10.1.0.23 | /32 | 10.1.0.23 leaf4-DC1 | 10.1.0.24 | /32 | 10.1.0.24 borderleaf1-DC1 | 10.1.0.31 | /32 | 10.1.0.31 borderleaf2-DC1 | 10.1.0.32 | /32 | 10.1.0.32 ``` ### Loopback1 Addresses (VTEP) **Subnet**: `10.1.1.0/24` ``` Device | Loopback1 | Mask | Notes --------------------|----------------|------|------------------------ leaf1-DC1 | 10.1.1.21 | /32 | Shared with leaf2 leaf2-DC1 | 10.1.1.21 | /32 | Shared with leaf1 (MLAG) leaf3-DC1 | 10.1.1.23 | /32 | Shared with leaf4 leaf4-DC1 | 10.1.1.23 | /32 | Shared with leaf3 (MLAG) borderleaf1-DC1 | 10.1.1.31 | /32 | Shared with borderleaf2 borderleaf2-DC1 | 10.1.1.31 | /32 | Shared with borderleaf1 (MLAG) ``` **Note**: Spines don't need Loopback1 (not VTEPs) ### Point-to-Point Links (Spine-Leaf) **Subnet**: `10.1.10.0/24` (using /31 subnets) #### Spine1-DC1 Links ``` Link | Leaf Side | Spine Side | Subnet ----------------------------------|--------------|--------------|-------- leaf1-DC1:eth3 - spine1-DC1:eth2 | 10.1.10.0 | 10.1.10.1 | /31 leaf2-DC1:eth3 - spine1-DC1:eth3 | 10.1.10.2 | 10.1.10.3 | /31 leaf3-DC1:eth3 - spine1-DC1:eth4 | 10.1.10.4 | 10.1.10.5 | /31 leaf4-DC1:eth3 - spine1-DC1:eth5 | 10.1.10.6 | 10.1.10.7 | /31 border1-DC1:eth3 - spine1-DC1:eth6| 10.1.10.8 | 10.1.10.9 | /31 border2-DC1:eth3 - spine1-DC1:eth7| 10.1.10.10 | 10.1.10.11 | /31 ``` #### Spine2-DC1 Links ``` Link | Leaf Side | Spine Side | Subnet ----------------------------------|--------------|--------------|-------- leaf1-DC1:eth4 - spine2-DC1:eth2 | 10.1.10.12 | 10.1.10.13 | /31 leaf2-DC1:eth4 - spine2-DC1:eth3 | 10.1.10.14 | 10.1.10.15 | /31 leaf3-DC1:eth4 - spine2-DC1:eth4 | 10.1.10.16 | 10.1.10.17 | /31 leaf4-DC1:eth4 - spine2-DC1:eth5 | 10.1.10.18 | 10.1.10.19 | /31 border1-DC1:eth4 - spine2-DC1:eth6| 10.1.10.20 | 10.1.10.21 | /31 border2-DC1:eth4 - spine2-DC1:eth7| 10.1.10.22 | 10.1.10.23 | /31 ``` #### Spine3-DC1 Links ``` Link | Leaf Side | Spine Side | Subnet ----------------------------------|--------------|--------------|-------- leaf1-DC1:eth5 - spine3-DC1:eth2 | 10.1.10.24 | 10.1.10.25 | /31 leaf2-DC1:eth5 - spine3-DC1:eth3 | 10.1.10.26 | 10.1.10.27 | /31 leaf3-DC1:eth5 - spine3-DC1:eth4 | 10.1.10.28 | 10.1.10.29 | /31 leaf4-DC1:eth5 - spine3-DC1:eth5 | 10.1.10.30 | 10.1.10.31 | /31 border1-DC1:eth5 - spine3-DC1:eth6| 10.1.10.32 | 10.1.10.33 | /31 border2-DC1:eth5 - spine3-DC1:eth7| 10.1.10.34 | 10.1.10.35 | /31 ``` ### MLAG Peer Links (VLAN 4094) **Subnet**: `10.1.255.0/24` (using /30 subnets) ``` MLAG Pair | Device | VLAN 4094 IP | Subnet --------------------|-----------------|--------------|-------- Leaf Pair 1 | leaf1-DC1 | 10.1.255.1 | /30 | leaf2-DC1 | 10.1.255.2 | /30 Leaf Pair 2 | leaf3-DC1 | 10.1.255.5 | /30 | leaf4-DC1 | 10.1.255.6 | /30 Border Leaf Pair | borderleaf1-DC1 | 10.1.255.9 | /30 | borderleaf2-DC1 | 10.1.255.10 | /30 ``` --- ## 🏢 DC2 - Data Center 2 IP Plan ### Loopback0 Addresses (Router IDs) **Subnet**: `10.2.0.0/24` ``` Device | Loopback0 | Mask | Router ID --------------------|----------------|------|---------- spine1-DC2 | 10.2.0.11 | /32 | 10.2.0.11 spine2-DC2 | 10.2.0.12 | /32 | 10.2.0.12 spine3-DC2 | 10.2.0.13 | /32 | 10.2.0.13 leaf1-DC2 | 10.2.0.21 | /32 | 10.2.0.21 leaf2-DC2 | 10.2.0.22 | /32 | 10.2.0.22 leaf3-DC2 | 10.2.0.23 | /32 | 10.2.0.23 leaf4-DC2 | 10.2.0.24 | /32 | 10.2.0.24 borderleaf1-DC2 | 10.2.0.31 | /32 | 10.2.0.31 borderleaf2-DC2 | 10.2.0.32 | /32 | 10.2.0.32 ``` ### Loopback1 Addresses (VTEP) **Subnet**: `10.2.1.0/24` ``` Device | Loopback1 | Mask | Notes --------------------|----------------|------|------------------------ leaf1-DC2 | 10.2.1.21 | /32 | Shared with leaf2 leaf2-DC2 | 10.2.1.21 | /32 | Shared with leaf1 (MLAG) leaf3-DC2 | 10.2.1.23 | /32 | Shared with leaf4 leaf4-DC2 | 10.2.1.23 | /32 | Shared with leaf3 (MLAG) borderleaf1-DC2 | 10.2.1.31 | /32 | Shared with borderleaf2 borderleaf2-DC2 | 10.2.1.31 | /32 | Shared with borderleaf1 (MLAG) ``` ### Point-to-Point Links (Spine-Leaf) **Subnet**: `10.2.10.0/24` (using /31 subnets) **Same pattern as DC1**, but using `10.2.10.x` range: - Spine1 links: 10.2.10.0 - 10.2.10.11 - Spine2 links: 10.2.10.12 - 10.2.10.23 - Spine3 links: 10.2.10.24 - 10.2.10.35 ### MLAG Peer Links (VLAN 4094) **Subnet**: `10.2.255.0/24` (using /30 subnets) ``` MLAG Pair | Device | VLAN 4094 IP | Subnet --------------------|-----------------|--------------|-------- Leaf Pair 1 | leaf1-DC2 | 10.2.255.1 | /30 | leaf2-DC2 | 10.2.255.2 | /30 Leaf Pair 2 | leaf3-DC2 | 10.2.255.5 | /30 | leaf4-DC2 | 10.2.255.6 | /30 Border Leaf Pair | borderleaf1-DC2 | 10.2.255.9 | /30 | borderleaf2-DC2 | 10.2.255.10 | /30 ``` --- ## 🌐 DCI (Data Center Interconnect) IP Plan ### DCI Loopback ``` Device | Loopback0 | Mask | Router ID --------------------|----------------|------|---------- DCI | 10.253.0.1 | /32 | 10.253.0.1 ``` ### DCI Point-to-Point Links **Subnet**: `10.253.254.0/24` (using /31 subnets) ``` Link | Borderleaf Side | DCI Side | Subnet ------------------------------------|-----------------|--------------|-------- borderleaf1-DC1:eth12 - DCI:eth1 | 10.253.254.0 | 10.253.254.1 | /31 borderleaf2-DC1:eth12 - DCI:eth2 | 10.253.254.2 | 10.253.254.3 | /31 borderleaf1-DC2:eth12 - DCI:eth3 | 10.253.254.4 | 10.253.254.5 | /31 borderleaf2-DC2:eth12 - DCI:eth4 | 10.253.254.6 | 10.253.254.7 | /31 ``` --- ## 🖥️ Tenant/Host Networks ### VLAN Allocation **Subnet**: `172.16.x.0/24` (one /24 per VLAN) ``` VLAN ID | VLAN Name | Subnet | Gateway | Purpose --------|--------------|-----------------|--------------|------------------ 100 | TENANT-A | 172.16.100.0/24 | 172.16.100.1 | Tenant A workloads 200 | TENANT-B | 172.16.200.0/24 | 172.16.200.1 | Tenant B workloads 300 | DMZ | 172.16.300.0/24 | 172.16.300.1 | DMZ services 4094 | MLAG-PEER | (see above) | N/A | MLAG peer link ``` ### Host IP Assignments ``` Host Device | VLAN | IP Address | Gateway | Bond Interface ---------------|------|-----------------|--------------|--------------- host1-DC1 | 100 | 172.16.100.10/24| 172.16.100.1 | bond0 host2-DC1 | 200 | 172.16.200.10/24| 172.16.200.1 | bond0 host1-DC2 | 100 | 172.16.100.20/24| 172.16.100.1 | bond0 host2-DC2 | 200 | 172.16.200.20/24| 172.16.200.1 | bond0 ``` --- ## 📋 BGP ASN Allocation ### DC1 ASNs ``` Device Type | Devices | ASN --------------------|------------------------------|-------- Spines | spine1-3 DC1 | 65100 Leaf Pair 1 | leaf1-DC1, leaf2-DC1 | 65101 Leaf Pair 2 | leaf3-DC1, leaf4-DC1 | 65102 Border Leaf Pair | borderleaf1-2 DC1 | 65103 ``` ### DC2 ASNs ``` Device Type | Devices | ASN --------------------|------------------------------|-------- Spines | spine1-3 DC2 | 65200 Leaf Pair 1 | leaf1-DC2, leaf2-DC2 | 65201 Leaf Pair 2 | leaf3-DC2, leaf4-DC2 | 65202 Border Leaf Pair | borderleaf1-2 DC2 | 65203 ``` ### DCI ASN ``` Device | ASN | Purpose --------------------|-------|-------------------------------- DCI | 65000 | Neutral AS for inter-DC routing ``` --- ## 🔍 IP Address Validation ### No Conflicts With Your LAN ✅ ``` Your LAN: 192.168.1.0/24 Our Plan: 10.x.x.x and 172.16.x.x Conflict Risk: NONE ✅ ``` ### Subnets Summary ``` Purpose | Subnet Range | Total IPs ---------------------|-------------------|---------- Management | 10.255.0.0/24 | 254 DC1 Infrastructure | 10.1.0.0/16 | 65,534 DC2 Infrastructure | 10.2.0.0/16 | 65,534 DCI | 10.253.0.0/16 | 65,534 Tenant Networks | 172.16.0.0/16 | 65,534 ``` --- ## 🚀 Quick Reference Commands ### Test Management Connectivity ```bash # DC1 Spines ping 10.255.0.11 ping 10.255.0.12 ping 10.255.0.13 # DC1 Leafs ping 10.255.0.21 ping 10.255.0.22 # DCI ping 10.255.0.50 ``` ### SSH Access ```bash # Access spine1-DC1 ssh admin@10.255.0.11 # Access leaf1-DC1 ssh admin@10.255.0.21 # Access DCI ssh admin@10.255.0.50 ``` ### Verify Underlay from any leaf ```bash # Check loopback reachability (should reach all loopbacks) ping 10.1.0.11 source 10.1.0.21 # Check BGP neighbors show ip bgp summary # Verify ECMP paths show ip route 10.1.1.23 ``` --- ## 💡 Design Highlights 1. **Clean Separation**: Each DC has its own /16 (10.1.x.x and 10.2.x.x) 2. **Consistent Numbering**: Same pattern in both DCs 3. **Easy Troubleshooting**: IP tells you the location/role - `.0.x` = Loopback0 (router-id) - `.1.x` = Loopback1 (VTEP) - `.10.x` = P2P links - `.255.x` = MLAG peer links 4. **Scalable**: Room for growth in each range 5. **No LAN Conflicts**: Completely avoids 192.168.x.x space This addressing plan is production-ready and automation-friendly! 🎯