From 0b61422dce6884b56d6f18f740320829b11e6668 Mon Sep 17 00:00:00 2001 From: pa Date: Mon, 6 May 2024 12:07:03 +0000 Subject: [PATCH] add more slides and some clab fixes --- .../.devcontainer/addAliases.sh | 10 +- .../clab/init-configs/h01.cfg | 55 +++- .../clab/init-configs/l01.cfg | 241 ++++++++++++++++-- .../clab/init-configs/l02.cfg | 241 ++++++++++++++++-- .../clab/init-configs/s01.cfg | 106 ++++++-- .../clab/init-configs/s02.cfg | 106 ++++++-- .../clab/interface_mapping.json | 12 + .../clab/topology.clab.yml | 20 +- slides/clab-build-containerlab-with-ceos.md | 36 +++ 9 files changed, 739 insertions(+), 88 deletions(-) create mode 100644 demos/clab-build-containerlab-with-ceos/clab/interface_mapping.json diff --git a/containers/clab-build-containerlab-with-ceos/.devcontainer/addAliases.sh b/containers/clab-build-containerlab-with-ceos/.devcontainer/addAliases.sh index 79e3e49..4153477 100644 --- a/containers/clab-build-containerlab-with-ceos/.devcontainer/addAliases.sh +++ b/containers/clab-build-containerlab-with-ceos/.devcontainer/addAliases.sh @@ -3,9 +3,9 @@ set +e -echo "alias s01='sshpass -p arista ssh -o \"StrictHostKeyChecking no\" arista@10.0.1.1'" >> ~/.zshrc -echo "alias s02='sshpass -p arista ssh -o \"StrictHostKeyChecking no\" arista@10.0.1.2'" >> ~/.zshrc -echo "alias l01='sshpass -p arista ssh -o \"StrictHostKeyChecking no\" arista@10.0.2.1'" >> ~/.zshrc -echo "alias l02='sshpass -p arista ssh -o \"StrictHostKeyChecking no\" arista@10.0.2.2'" >> ~/.zshrc +echo "alias s01='sshpass -p admin ssh -o \"StrictHostKeyChecking no\" admin@10.0.1.1'" >> ~/.zshrc +echo "alias s02='sshpass -p admin ssh -o \"StrictHostKeyChecking no\" admin@10.0.1.2'" >> ~/.zshrc +echo "alias l01='sshpass -p admin ssh -o \"StrictHostKeyChecking no\" admin@10.0.2.1'" >> ~/.zshrc +echo "alias l02='sshpass -p admin ssh -o \"StrictHostKeyChecking no\" admin@10.0.2.2'" >> ~/.zshrc -echo "alias h01='sshpass -p arista ssh -o \"StrictHostKeyChecking no\" arista@10.0.3.1'" >> ~/.zshrc \ No newline at end of file +echo "alias h01='sshpass -p admin ssh -o \"StrictHostKeyChecking no\" admin@10.0.3.1'" >> ~/.zshrc \ No newline at end of file diff --git a/demos/clab-build-containerlab-with-ceos/clab/init-configs/h01.cfg b/demos/clab-build-containerlab-with-ceos/clab/init-configs/h01.cfg index ecfc607..a77acf3 100644 --- a/demos/clab-build-containerlab-with-ceos/clab/init-configs/h01.cfg +++ b/demos/clab-build-containerlab-with-ceos/clab/init-configs/h01.cfg @@ -1,20 +1,33 @@ -hostname s01 ! no aaa root ! -username arista privilege 15 role network-admin secret arista +username admin privilege 15 role network-admin secret admin ! -vrf instance MGMT +alias test + 10 echo "#####################################################" + 11 echo "# testing default GW connectivity" + 12 echo "#####################################################" + 13 echo "" + 14 ping 10.100.100.1 + 15 echo "" + 20 echo "#####################################################" + 21 echo "# try ping to VLAN100" + 22 echo "#####################################################" + 23 echo "" + 24 ping 10.100.100.101 +! +service routing protocols model multi-agent ! +hostname h01 ip name-server vrf MGMT 8.8.8.8 dns domain avd.lab ! -ntp local-interface vrf MGMT Management0 -ntp server vrf MGMT time.apple.com -ntp server vrf MGMT time.google.com -ntp server vrf MGMT time.windows.com +platform tfa + personality arfa ! -service routing protocols model multi-agent +vlan 100 +! +vrf instance MGMT ! management api http-commands protocol https @@ -25,12 +38,32 @@ management api http-commands ! aaa authorization exec default local ! -interface Management0 +interface Port-Channel1 + switchport trunk allowed vlan 100 + switchport mode trunk +! +interface Ethernet1 + channel-group 1 mode active +! +interface Ethernet2 + channel-group 1 mode active +! +interface Management1 vrf MGMT - ip address 10.0.1.1/16 + ip address 10.0.3.1/16 +! +interface Vlan100 + ip address 10.100.100.101/24 +! +ip routing +no ip routing vrf MGMT ! +ip route 0.0.0.0/0 10.100.100.1 ip route vrf MGMT 0.0.0.0/0 10.0.0.1 ! -ip name-server vrf MGMT 8.8.8.8 +ntp local-interface vrf MGMT Management1 +ntp server vrf MGMT time.apple.com +ntp server vrf MGMT time.google.com +ntp server vrf MGMT time.windows.com ! end \ No newline at end of file diff --git a/demos/clab-build-containerlab-with-ceos/clab/init-configs/l01.cfg b/demos/clab-build-containerlab-with-ceos/clab/init-configs/l01.cfg index e5539a2..885c789 100644 --- a/demos/clab-build-containerlab-with-ceos/clab/init-configs/l01.cfg +++ b/demos/clab-build-containerlab-with-ceos/clab/init-configs/l01.cfg @@ -1,36 +1,245 @@ -hostname l01 +!RANCID-CONTENT-TYPE: arista ! -no aaa root +vlan internal order ascending range 1006 1199 ! -username arista privilege 15 role network-admin secret arista +transceiver qsfp default-mode 4x10G ! -vrf instance MGMT +service routing protocols model multi-agent ! +hostname l01 ip name-server vrf MGMT 8.8.8.8 dns domain avd.lab ! -ntp local-interface vrf MGMT Management0 +ntp local-interface vrf MGMT Management1 ntp server vrf MGMT time.apple.com ntp server vrf MGMT time.google.com ntp server vrf MGMT time.windows.com ! -service routing protocols model multi-agent +spanning-tree mode mstp +no spanning-tree vlan-id 4093-4094 +spanning-tree mst 0 priority 16384 ! -management api http-commands - protocol https +aaa authorization exec default local +! +no enable password +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$1$NqV/CQk9bwcfK8AYBz51mI.U0xCaSI/DWePCaRi/sawWnu93yyOXYeS8Y615dK0OUZSb/3O3YUJLVyjGqifXD1 +! +vlan 100 + name VLAN101 +! +vlan 3000 + name MLAG_iBGP_VRF1 + trunk group LEAF_PEER_L3 +! +vlan 4093 + name LEAF_PEER_L3 + trunk group LEAF_PEER_L3 +! +vlan 4094 + name MLAG_PEER + trunk group MLAG +! +vrf instance MGMT +! +vrf instance VRF1 +! +interface Port-Channel31 + description MLAG_PEER_l02_Po31 no shutdown - ! - vrf MGMT - no shutdown + switchport + switchport mode trunk + switchport trunk group LEAF_PEER_L3 + switchport trunk group MLAG ! -aaa authorization exec default local +interface Port-Channel101 + description h01 + no shutdown + switchport + switchport trunk allowed vlan 100 + switchport mode trunk + mlag 101 +! +interface Ethernet1/1 + description P2P_LINK_TO_S01_Ethernet1/1 + no shutdown + mtu 9214 + no switchport + ip address 100.65.0.1/31 ! -interface Management0 +interface Ethernet2/1 + description P2P_LINK_TO_S02_Ethernet1/1 + no shutdown + mtu 9214 + no switchport + ip address 100.65.0.3/31 +! +interface Ethernet3/1 + description MLAG_PEER_l02_Ethernet3/1 + no shutdown + channel-group 31 mode active +! +interface Ethernet4/1 + description MLAG_PEER_l02_Ethernet4/1 + no shutdown + channel-group 31 mode active +! +interface Ethernet10/1 + description h01 + no shutdown + channel-group 101 mode active +! +interface Loopback0 + description EVPN_Overlay_Peering + no shutdown + ip address 100.65.255.3/32 +! +interface Loopback1 + description VTEP_VXLAN_Tunnel_Source + no shutdown + ip address 100.65.254.3/32 +! +interface Loopback101 + description VRF1_VTEP_DIAGNOSTICS + no shutdown + vrf VRF1 + ip address 100.64.101.3/32 +! +interface Management1 + description oob_management + no shutdown vrf MGMT - ip address 10.0.2.1/16 + ip address 10.0.2.1/16 +! +interface Vlan100 + description VLAN101 + no shutdown + vrf VRF1 + ip address virtual 10.100.100.1/24 +! +interface Vlan3000 + description MLAG_PEER_L3_iBGP: vrf VRF1 + no shutdown + mtu 9214 + vrf VRF1 + ip address 100.65.2.0/31 +! +interface Vlan4093 + description MLAG_PEER_L3_PEERING + no shutdown + mtu 9214 + ip address 100.65.2.0/31 +! +interface Vlan4094 + description MLAG_PEER + no shutdown + mtu 9214 + no autostate + ip address 100.65.1.0/31 +! +interface Vxlan1 + description l01_VTEP + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 100 vni 10100 + vxlan vrf VRF1 vni 1 +! +ip virtual-router mac-address 00:1c:73:00:dc:01 +! +ip address virtual source-nat vrf VRF1 address 100.64.101.3 +! +ip routing +no ip routing vrf MGMT +ip routing vrf VRF1 +! +ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY + seq 10 permit 100.65.255.0/24 eq 32 + seq 20 permit 100.65.254.0/24 eq 32 +! +mlag configuration + domain-id pod0 + local-interface Vlan4094 + peer-address 100.65.1.1 + peer-link Port-Channel31 + reload-delay mlag 300 + reload-delay non-mlag 330 ! ip route vrf MGMT 0.0.0.0/0 10.0.0.1 ! -ip name-server vrf MGMT 8.8.8.8 +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +! +route-map RM-MLAG-PEER-IN permit 10 + description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing + set origin incomplete +! +router bfd + multihop interval 300 min-rx 300 multiplier 3 +! +router bgp 65101 + router-id 100.65.255.3 + maximum-paths 4 ecmp 4 + no bgp default ipv4-unicast + neighbor EVPN-OVERLAY-PEERS peer group + neighbor EVPN-OVERLAY-PEERS update-source Loopback0 + neighbor EVPN-OVERLAY-PEERS bfd + neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 + neighbor EVPN-OVERLAY-PEERS send-community + neighbor EVPN-OVERLAY-PEERS maximum-routes 0 + neighbor IPv4-UNDERLAY-PEERS peer group + neighbor IPv4-UNDERLAY-PEERS send-community + neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 + neighbor MLAG-IPv4-UNDERLAY-PEER peer group + neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101 + neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self + neighbor MLAG-IPv4-UNDERLAY-PEER description l02 + neighbor MLAG-IPv4-UNDERLAY-PEER send-community + neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 + neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in + neighbor 100.64.255.1 peer group EVPN-OVERLAY-PEERS + neighbor 100.64.255.1 remote-as 65100 + neighbor 100.64.255.1 description s01 + neighbor 100.64.255.2 peer group EVPN-OVERLAY-PEERS + neighbor 100.64.255.2 remote-as 65100 + neighbor 100.64.255.2 description s02 + neighbor 100.65.0.0 peer group IPv4-UNDERLAY-PEERS + neighbor 100.65.0.0 remote-as 65100 + neighbor 100.65.0.0 description s01_Ethernet1/1 + neighbor 100.65.0.2 peer group IPv4-UNDERLAY-PEERS + neighbor 100.65.0.2 remote-as 65100 + neighbor 100.65.0.2 description s02_Ethernet1/1 + neighbor 100.65.2.1 peer group MLAG-IPv4-UNDERLAY-PEER + neighbor 100.65.2.1 description l02 + redistribute connected route-map RM-CONN-2-BGP + ! + vlan 100 + rd 100.65.255.3:10100 + route-target both 10100:10100 + redistribute learned + ! + address-family evpn + neighbor EVPN-OVERLAY-PEERS activate + ! + address-family ipv4 + no neighbor EVPN-OVERLAY-PEERS activate + neighbor IPv4-UNDERLAY-PEERS activate + neighbor MLAG-IPv4-UNDERLAY-PEER activate + ! + vrf VRF1 + rd 100.65.255.3:1 + route-target import evpn 1:1 + route-target export evpn 1:1 + router-id 100.65.255.3 + neighbor 100.65.2.1 peer group MLAG-IPv4-UNDERLAY-PEER + redistribute connected +! +management api http-commands + protocol https + no shutdown + ! + vrf MGMT + no shutdown ! -end \ No newline at end of file +end diff --git a/demos/clab-build-containerlab-with-ceos/clab/init-configs/l02.cfg b/demos/clab-build-containerlab-with-ceos/clab/init-configs/l02.cfg index d28984d..84b9c07 100644 --- a/demos/clab-build-containerlab-with-ceos/clab/init-configs/l02.cfg +++ b/demos/clab-build-containerlab-with-ceos/clab/init-configs/l02.cfg @@ -1,36 +1,245 @@ -hostname l02 +!RANCID-CONTENT-TYPE: arista ! -no aaa root +vlan internal order ascending range 1006 1199 ! -username arista privilege 15 role network-admin secret arista +transceiver qsfp default-mode 4x10G ! -vrf instance MGMT +service routing protocols model multi-agent ! +hostname l02 ip name-server vrf MGMT 8.8.8.8 dns domain avd.lab ! -ntp local-interface vrf MGMT Management0 +ntp local-interface vrf MGMT Management1 ntp server vrf MGMT time.apple.com ntp server vrf MGMT time.google.com ntp server vrf MGMT time.windows.com ! -service routing protocols model multi-agent +spanning-tree mode mstp +no spanning-tree vlan-id 4093-4094 +spanning-tree mst 0 priority 16384 ! -management api http-commands - protocol https +aaa authorization exec default local +! +no enable password +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$1$NqV/CQk9bwcfK8AYBz51mI.U0xCaSI/DWePCaRi/sawWnu93yyOXYeS8Y615dK0OUZSb/3O3YUJLVyjGqifXD1 +! +vlan 100 + name VLAN101 +! +vlan 3000 + name MLAG_iBGP_VRF1 + trunk group LEAF_PEER_L3 +! +vlan 4093 + name LEAF_PEER_L3 + trunk group LEAF_PEER_L3 +! +vlan 4094 + name MLAG_PEER + trunk group MLAG +! +vrf instance MGMT +! +vrf instance VRF1 +! +interface Port-Channel31 + description MLAG_PEER_l01_Po31 no shutdown - ! - vrf MGMT - no shutdown + switchport + switchport mode trunk + switchport trunk group LEAF_PEER_L3 + switchport trunk group MLAG ! -aaa authorization exec default local +interface Port-Channel101 + description h01 + no shutdown + switchport + switchport trunk allowed vlan 100 + switchport mode trunk + mlag 101 +! +interface Ethernet1/1 + description P2P_LINK_TO_S01_Ethernet2/1 + no shutdown + mtu 9214 + no switchport + ip address 100.65.0.5/31 ! -interface Management0 +interface Ethernet2/1 + description P2P_LINK_TO_S02_Ethernet2/1 + no shutdown + mtu 9214 + no switchport + ip address 100.65.0.7/31 +! +interface Ethernet3/1 + description MLAG_PEER_l01_Ethernet3/1 + no shutdown + channel-group 31 mode active +! +interface Ethernet4/1 + description MLAG_PEER_l01_Ethernet4/1 + no shutdown + channel-group 31 mode active +! +interface Ethernet10/1 + description h01 + no shutdown + channel-group 101 mode active +! +interface Loopback0 + description EVPN_Overlay_Peering + no shutdown + ip address 100.65.255.4/32 +! +interface Loopback1 + description VTEP_VXLAN_Tunnel_Source + no shutdown + ip address 100.65.254.3/32 +! +interface Loopback101 + description VRF1_VTEP_DIAGNOSTICS + no shutdown + vrf VRF1 + ip address 100.64.101.4/32 +! +interface Management1 + description oob_management + no shutdown vrf MGMT - ip address 10.0.2.2/16 + ip address 10.0.2.2/16 +! +interface Vlan100 + description VLAN101 + no shutdown + vrf VRF1 + ip address virtual 10.100.100.1/24 +! +interface Vlan3000 + description MLAG_PEER_L3_iBGP: vrf VRF1 + no shutdown + mtu 9214 + vrf VRF1 + ip address 100.65.2.1/31 +! +interface Vlan4093 + description MLAG_PEER_L3_PEERING + no shutdown + mtu 9214 + ip address 100.65.2.1/31 +! +interface Vlan4094 + description MLAG_PEER + no shutdown + mtu 9214 + no autostate + ip address 100.65.1.1/31 +! +interface Vxlan1 + description l02_VTEP + vxlan source-interface Loopback1 + vxlan virtual-router encapsulation mac-address mlag-system-id + vxlan udp-port 4789 + vxlan vlan 100 vni 10100 + vxlan vrf VRF1 vni 1 +! +ip virtual-router mac-address 00:1c:73:00:dc:01 +! +ip address virtual source-nat vrf VRF1 address 100.64.101.4 +! +ip routing +no ip routing vrf MGMT +ip routing vrf VRF1 +! +ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY + seq 10 permit 100.65.255.0/24 eq 32 + seq 20 permit 100.65.254.0/24 eq 32 +! +mlag configuration + domain-id pod0 + local-interface Vlan4094 + peer-address 100.65.1.0 + peer-link Port-Channel31 + reload-delay mlag 300 + reload-delay non-mlag 330 ! ip route vrf MGMT 0.0.0.0/0 10.0.0.1 ! -ip name-server vrf MGMT 8.8.8.8 +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +! +route-map RM-MLAG-PEER-IN permit 10 + description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing + set origin incomplete +! +router bfd + multihop interval 300 min-rx 300 multiplier 3 +! +router bgp 65101 + router-id 100.65.255.4 + maximum-paths 4 ecmp 4 + no bgp default ipv4-unicast + neighbor EVPN-OVERLAY-PEERS peer group + neighbor EVPN-OVERLAY-PEERS update-source Loopback0 + neighbor EVPN-OVERLAY-PEERS bfd + neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 + neighbor EVPN-OVERLAY-PEERS send-community + neighbor EVPN-OVERLAY-PEERS maximum-routes 0 + neighbor IPv4-UNDERLAY-PEERS peer group + neighbor IPv4-UNDERLAY-PEERS send-community + neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 + neighbor MLAG-IPv4-UNDERLAY-PEER peer group + neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101 + neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self + neighbor MLAG-IPv4-UNDERLAY-PEER description l01 + neighbor MLAG-IPv4-UNDERLAY-PEER send-community + neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 + neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in + neighbor 100.64.255.1 peer group EVPN-OVERLAY-PEERS + neighbor 100.64.255.1 remote-as 65100 + neighbor 100.64.255.1 description s01 + neighbor 100.64.255.2 peer group EVPN-OVERLAY-PEERS + neighbor 100.64.255.2 remote-as 65100 + neighbor 100.64.255.2 description s02 + neighbor 100.65.0.4 peer group IPv4-UNDERLAY-PEERS + neighbor 100.65.0.4 remote-as 65100 + neighbor 100.65.0.4 description s01_Ethernet2/1 + neighbor 100.65.0.6 peer group IPv4-UNDERLAY-PEERS + neighbor 100.65.0.6 remote-as 65100 + neighbor 100.65.0.6 description s02_Ethernet2/1 + neighbor 100.65.2.0 peer group MLAG-IPv4-UNDERLAY-PEER + neighbor 100.65.2.0 description l01 + redistribute connected route-map RM-CONN-2-BGP + ! + vlan 100 + rd 100.65.255.4:10100 + route-target both 10100:10100 + redistribute learned + ! + address-family evpn + neighbor EVPN-OVERLAY-PEERS activate + ! + address-family ipv4 + no neighbor EVPN-OVERLAY-PEERS activate + neighbor IPv4-UNDERLAY-PEERS activate + neighbor MLAG-IPv4-UNDERLAY-PEER activate + ! + vrf VRF1 + rd 100.65.255.4:1 + route-target import evpn 1:1 + route-target export evpn 1:1 + router-id 100.65.255.4 + neighbor 100.65.2.0 peer group MLAG-IPv4-UNDERLAY-PEER + redistribute connected +! +management api http-commands + protocol https + no shutdown + ! + vrf MGMT + no shutdown ! -end \ No newline at end of file +end diff --git a/demos/clab-build-containerlab-with-ceos/clab/init-configs/s01.cfg b/demos/clab-build-containerlab-with-ceos/clab/init-configs/s01.cfg index ecfc607..5698f1b 100644 --- a/demos/clab-build-containerlab-with-ceos/clab/init-configs/s01.cfg +++ b/demos/clab-build-containerlab-with-ceos/clab/init-configs/s01.cfg @@ -1,36 +1,110 @@ -hostname s01 +!RANCID-CONTENT-TYPE: arista ! -no aaa root +vlan internal order ascending range 1006 1199 ! -username arista privilege 15 role network-admin secret arista +transceiver qsfp default-mode 4x10G ! -vrf instance MGMT +service routing protocols model multi-agent ! +hostname s01 ip name-server vrf MGMT 8.8.8.8 dns domain avd.lab ! -ntp local-interface vrf MGMT Management0 +ntp local-interface vrf MGMT Management1 ntp server vrf MGMT time.apple.com ntp server vrf MGMT time.google.com ntp server vrf MGMT time.windows.com ! -service routing protocols model multi-agent +spanning-tree mode none ! -management api http-commands - protocol https +aaa authorization exec default local +! +no enable password +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$1$NqV/CQk9bwcfK8AYBz51mI.U0xCaSI/DWePCaRi/sawWnu93yyOXYeS8Y615dK0OUZSb/3O3YUJLVyjGqifXD1 +! +vrf instance MGMT +! +interface Ethernet1/1 + description P2P_LINK_TO_L01_Ethernet1/1 no shutdown - ! - vrf MGMT - no shutdown + mtu 9214 + no switchport + ip address 100.65.0.0/31 ! -aaa authorization exec default local +interface Ethernet2/1 + description P2P_LINK_TO_L02_Ethernet1/1 + no shutdown + mtu 9214 + no switchport + ip address 100.65.0.4/31 +! +interface Loopback0 + description EVPN_Overlay_Peering + no shutdown + ip address 100.64.255.1/32 ! -interface Management0 +interface Management1 + description oob_management + no shutdown vrf MGMT - ip address 10.0.1.1/16 + ip address 10.0.1.1/16 +! +ip routing +no ip routing vrf MGMT +! +ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY + seq 10 permit 100.64.255.0/24 eq 32 ! ip route vrf MGMT 0.0.0.0/0 10.0.0.1 ! -ip name-server vrf MGMT 8.8.8.8 +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +! +router bfd + multihop interval 300 min-rx 300 multiplier 3 +! +router bgp 65100 + router-id 100.64.255.1 + maximum-paths 4 ecmp 4 + no bgp default ipv4-unicast + neighbor EVPN-OVERLAY-PEERS peer group + neighbor EVPN-OVERLAY-PEERS next-hop-unchanged + neighbor EVPN-OVERLAY-PEERS update-source Loopback0 + neighbor EVPN-OVERLAY-PEERS bfd + neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 + neighbor EVPN-OVERLAY-PEERS send-community + neighbor EVPN-OVERLAY-PEERS maximum-routes 0 + neighbor IPv4-UNDERLAY-PEERS peer group + neighbor IPv4-UNDERLAY-PEERS send-community + neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 + neighbor 100.65.0.1 peer group IPv4-UNDERLAY-PEERS + neighbor 100.65.0.1 remote-as 65101 + neighbor 100.65.0.1 description l01_Ethernet1/1 + neighbor 100.65.0.5 peer group IPv4-UNDERLAY-PEERS + neighbor 100.65.0.5 remote-as 65101 + neighbor 100.65.0.5 description l02_Ethernet1/1 + neighbor 100.65.255.3 peer group EVPN-OVERLAY-PEERS + neighbor 100.65.255.3 remote-as 65101 + neighbor 100.65.255.3 description l01 + neighbor 100.65.255.4 peer group EVPN-OVERLAY-PEERS + neighbor 100.65.255.4 remote-as 65101 + neighbor 100.65.255.4 description l02 + redistribute connected route-map RM-CONN-2-BGP + ! + address-family evpn + neighbor EVPN-OVERLAY-PEERS activate + ! + address-family ipv4 + no neighbor EVPN-OVERLAY-PEERS activate + neighbor IPv4-UNDERLAY-PEERS activate +! +management api http-commands + protocol https + no shutdown + ! + vrf MGMT + no shutdown ! -end \ No newline at end of file +end diff --git a/demos/clab-build-containerlab-with-ceos/clab/init-configs/s02.cfg b/demos/clab-build-containerlab-with-ceos/clab/init-configs/s02.cfg index f88a33b..4bc5641 100644 --- a/demos/clab-build-containerlab-with-ceos/clab/init-configs/s02.cfg +++ b/demos/clab-build-containerlab-with-ceos/clab/init-configs/s02.cfg @@ -1,36 +1,110 @@ -hostname s02 +!RANCID-CONTENT-TYPE: arista ! -no aaa root +vlan internal order ascending range 1006 1199 ! -username arista privilege 15 role network-admin secret arista +transceiver qsfp default-mode 4x10G ! -vrf instance MGMT +service routing protocols model multi-agent ! +hostname s02 ip name-server vrf MGMT 8.8.8.8 dns domain avd.lab ! -ntp local-interface vrf MGMT Management0 +ntp local-interface vrf MGMT Management1 ntp server vrf MGMT time.apple.com ntp server vrf MGMT time.google.com ntp server vrf MGMT time.windows.com ! -service routing protocols model multi-agent +spanning-tree mode none ! -management api http-commands - protocol https +aaa authorization exec default local +! +no enable password +no aaa root +! +username admin privilege 15 role network-admin secret sha512 $6$1$NqV/CQk9bwcfK8AYBz51mI.U0xCaSI/DWePCaRi/sawWnu93yyOXYeS8Y615dK0OUZSb/3O3YUJLVyjGqifXD1 +! +vrf instance MGMT +! +interface Ethernet1/1 + description P2P_LINK_TO_L01_Ethernet2/1 no shutdown - ! - vrf MGMT - no shutdown + mtu 9214 + no switchport + ip address 100.65.0.2/31 ! -aaa authorization exec default local +interface Ethernet2/1 + description P2P_LINK_TO_L02_Ethernet2/1 + no shutdown + mtu 9214 + no switchport + ip address 100.65.0.6/31 +! +interface Loopback0 + description EVPN_Overlay_Peering + no shutdown + ip address 100.64.255.2/32 ! -interface Management0 +interface Management1 + description oob_management + no shutdown vrf MGMT - ip address 10.0.1.2/16 + ip address 10.0.1.2/16 +! +ip routing +no ip routing vrf MGMT +! +ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY + seq 10 permit 100.64.255.0/24 eq 32 ! ip route vrf MGMT 0.0.0.0/0 10.0.0.1 ! -ip name-server vrf MGMT 8.8.8.8 +route-map RM-CONN-2-BGP permit 10 + match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY +! +router bfd + multihop interval 300 min-rx 300 multiplier 3 +! +router bgp 65100 + router-id 100.64.255.2 + maximum-paths 4 ecmp 4 + no bgp default ipv4-unicast + neighbor EVPN-OVERLAY-PEERS peer group + neighbor EVPN-OVERLAY-PEERS next-hop-unchanged + neighbor EVPN-OVERLAY-PEERS update-source Loopback0 + neighbor EVPN-OVERLAY-PEERS bfd + neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 + neighbor EVPN-OVERLAY-PEERS send-community + neighbor EVPN-OVERLAY-PEERS maximum-routes 0 + neighbor IPv4-UNDERLAY-PEERS peer group + neighbor IPv4-UNDERLAY-PEERS send-community + neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 + neighbor 100.65.0.3 peer group IPv4-UNDERLAY-PEERS + neighbor 100.65.0.3 remote-as 65101 + neighbor 100.65.0.3 description l01_Ethernet2/1 + neighbor 100.65.0.7 peer group IPv4-UNDERLAY-PEERS + neighbor 100.65.0.7 remote-as 65101 + neighbor 100.65.0.7 description l02_Ethernet2/1 + neighbor 100.65.255.3 peer group EVPN-OVERLAY-PEERS + neighbor 100.65.255.3 remote-as 65101 + neighbor 100.65.255.3 description l01 + neighbor 100.65.255.4 peer group EVPN-OVERLAY-PEERS + neighbor 100.65.255.4 remote-as 65101 + neighbor 100.65.255.4 description l02 + redistribute connected route-map RM-CONN-2-BGP + ! + address-family evpn + neighbor EVPN-OVERLAY-PEERS activate + ! + address-family ipv4 + no neighbor EVPN-OVERLAY-PEERS activate + neighbor IPv4-UNDERLAY-PEERS activate +! +management api http-commands + protocol https + no shutdown + ! + vrf MGMT + no shutdown ! -end \ No newline at end of file +end diff --git a/demos/clab-build-containerlab-with-ceos/clab/interface_mapping.json b/demos/clab-build-containerlab-with-ceos/clab/interface_mapping.json new file mode 100644 index 0000000..0e99968 --- /dev/null +++ b/demos/clab-build-containerlab-with-ceos/clab/interface_mapping.json @@ -0,0 +1,12 @@ +{ + "ManagementIntf": { + "eth0": "Management1" + }, + "EthernetIntf": { + "eth1_1": "Ethernet1/1", + "eth2_1": "Ethernet2/1", + "eth3_1": "Ethernet3/1", + "eth4_1": "Ethernet4/1", + "eth10_1": "Ethernet10/1" + } +} \ No newline at end of file diff --git a/demos/clab-build-containerlab-with-ceos/clab/topology.clab.yml b/demos/clab-build-containerlab-with-ceos/clab/topology.clab.yml index ca572a1..05b0039 100644 --- a/demos/clab-build-containerlab-with-ceos/clab/topology.clab.yml +++ b/demos/clab-build-containerlab-with-ceos/clab/topology.clab.yml @@ -17,32 +17,36 @@ topology: mgmt-ipv4: 10.0.1.1 binds: - sn/s01.txt:/mnt/flash/ceos-config:ro + - interface_mapping.json:/mnt/flash/EosIntfMapping.json:ro startup-config: init-configs/s01.cfg s02: mgmt-ipv4: 10.0.1.2 binds: - sn/s02.txt:/mnt/flash/ceos-config:ro + - interface_mapping.json:/mnt/flash/EosIntfMapping.json:ro startup-config: init-configs/s02.cfg l01: mgmt-ipv4: 10.0.2.1 binds: - sn/l01.txt:/mnt/flash/ceos-config:ro + - interface_mapping.json:/mnt/flash/EosIntfMapping.json:ro startup-config: init-configs/l01.cfg l02: mgmt-ipv4: 10.0.2.2 binds: - sn/l02.txt:/mnt/flash/ceos-config:ro + - interface_mapping.json:/mnt/flash/EosIntfMapping.json:ro startup-config: init-configs/l02.cfg h01: mgmt-ipv4: 10.0.3.1 startup-config: init-configs/h01.cfg links: - - endpoints: ["l01:eth1", "s01:eth1"] - - endpoints: ["l01:eth2", "s02:eth1"] - - endpoints: ["l02:eth1", "s01:eth2"] - - endpoints: ["l02:eth2", "s02:eth2"] - - endpoints: ["l01:eth3", "l02:eth3"] - - endpoints: ["l01:eth4", "l02:eth4"] - - endpoints: ["h01:eth1", "l01:eth10"] - - endpoints: ["h01:eth2", "l02:eth10"] + - endpoints: ["l01:eth1_1", "s01:eth1_1"] + - endpoints: ["l01:eth2_1", "s02:eth1_1"] + - endpoints: ["l02:eth1_1", "s01:eth2_1"] + - endpoints: ["l02:eth2_1", "s02:eth2_1"] + - endpoints: ["l01:eth3_1", "l02:eth3_1"] + - endpoints: ["l01:eth4_1", "l02:eth4_1"] + - endpoints: ["h01:eth1", "l01:eth10_1"] + - endpoints: ["h01:eth2", "l02:eth10_1"] diff --git a/slides/clab-build-containerlab-with-ceos.md b/slides/clab-build-containerlab-with-ceos.md index 3f5d04b..295a961 100644 --- a/slides/clab-build-containerlab-with-ceos.md +++ b/slides/clab-build-containerlab-with-ceos.md @@ -320,6 +320,42 @@ Execute few command to confirm that cEOS-lab is functioning: --- +# Deploy the Lab with Custom Startup Config + + + +- Deploy the lab with the custom configuration: + + ```bash + sudo containerlab deploy --debug --topo clab/topology.clab.yml --reconfigure + ``` + + > NOTE: `--reconfigure` is required if `--cleanup` flag was not specified in the previous step. Otherwise custom configs can be ignored and startup configs in `clab-build-clab-with-ceos/` will be used instead. + +- Custom startup configs are located in the `clab/init-configs` directory and assigned to every node using `startup-config:` key in the `topology.clab.yml`. This allows creating pre-configured labs. In this workshop switches are preconfigured with a full EVPN MLAG setup. Host is pre-configured as well and should be able to ping the diagnostic loopbacks of leaf switches: + + ```console + $ ssh admin@h01 + Password: + h01>en + h01#bash for i in {3..4}; do ping -c 4 100.64.101.${i}; done + ``` + +- You can also check following commands on the leaf switches: + + - `show ip bgp summary` + - `show bgp evpn summary` + - `show mlag` + - `show port-channel dense` + +--- + +# cEOS-lab Interface Mapping + +to-be-defined + +--- + ![bg left opacity:80%](img/pexels-ann-h-7186206.jpg)