-
Notifications
You must be signed in to change notification settings - Fork 11
/
topo.yml
94 lines (93 loc) · 3.63 KB
/
topo.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
name: rtbh
mgmt:
network: fixedips
ipv4-subnet: 172.100.100.0/24
ipv6-subnet: 2001:172:100:100::/80
topology:
nodes:
pe-router:
kind: linux
image: frrouting/frr:v8.2.2
mgmt-ipv4: 172.100.100.2
mgmt-ipv6: 2001:172:100:100::2
binds:
- ./pe-router/daemons:/etc/frr/daemons
- ./pe-router/frr.conf:/etc/frr/frr.conf
- ./pe-router/vtysh.conf:/etc/frr/vtysh.conf
labels:
graph-level: 1
ce-router:
kind: linux
image: netreplica/frr-sflow:v8.2.2
mgmt-ipv4: 172.100.100.3
mgmt-ipv6: 2001:172:100:100::3
binds:
- ./ce-router/daemons:/etc/frr/daemons
- ./ce-router/frr.conf:/etc/frr/frr.conf
- ./ce-router/vtysh.conf:/etc/frr/vtysh.conf
- ./ce-router/hsflowd.conf:/etc/hsflowd.conf
env:
COLLECTOR: yes
exec:
- touch /tmp/initialized
labels:
graph-level: 1
ixia:
kind: keysight_ixia-c-one
image: ghcr.io/open-traffic-generator/ixia-c-one:1.17.0-9
mgmt-ipv4: 172.100.100.10
mgmt-ipv6: 2001:172:100:100::10
exec:
- sh -c './ifcfg add eth1 198.51.100.2 24 >/dev/null'
- sh -c './ifcfg add eth2 192.0.2.2 24 >/dev/null'
- sh -c './ifcfg add eth2 192.0.2.201 24 >/dev/null'
- sh -c './ifcfg add eth2 192.0.2.202 24 >/dev/null'
labels:
graph-icon: cloud
graph-mode: port
graph-level: 2
gosnappi:
kind: linux
image: gosnappi:local
mgmt-ipv4: 172.100.100.101
mgmt-ipv6: 2001:172:100:100::101
binds:
- .:/otg
labels:
graph-hide: yes
controller:
kind: linux
image: sflow/ddos-protect
mgmt-ipv4: 172.100.100.6
mgmt-ipv6: 2001:172:100:100::6
env:
CLAB_SSH_CONNECTION: ${SSH_CONNECTION}
RTPROP: >
-Dddos_protect.as=64497 -Dddos_protect.nexthop=203.0.113.2 -Dddos_protect.enable.flowspec=yes -Dddos_protect.router=172.100.100.3 -Dddos_protect.group.local=192.0.2.0/24 -Dddos_protect.mode=automatic -Dddos_protect.icmp_flood.action=filter -Dddos_protect.icmp_flood.threshold=20000 -Dddos_protect.icmp_flood.timeout=1 -Dddos_protect.ip_flood.action=drop -Dddos_protect.ip_flood.threshold=8000 -Dddos_protect.ip_flood.timeout=1 -Dddos_protect.ip_fragmentation.action=filter -Dddos_protect.ip_fragmentation.threshold=20000 -Dddos_protect.ip_fragmentation.timeout=1 -Dddos_protect.tcp_amplification.action=filter -Dddos_protect.tcp_amplification.threshold=20000 -Dddos_protect.tcp_amplification.timeout=1 -Dddos_protect.tcp_flood.action=filter -Dddos_protect.tcp_flood.threshold=20000 -Dddos_protect.tcp_flood.timeout=1 -Dddos_protect.udp_amplification.action=filter -Dddos_protect.udp_amplification.threshold=20000 -Dddos_protect.udp_amplification.timeout=1 -Dddos_protect.udp_flood.action=filter -Dddos_protect.udp_flood.threshold=20000 -Dddos_protect.udp_flood.timeout=1
ports:
- 8008:8008
binds:
- ./sflow/sflow_url.sh:/sflow-rt/sflow_url.sh:ro
exec:
- sh -c '/sflow-rt/sflow_url.sh 8008'
labels:
graph-icon: server
graphite:
kind: linux
image: netreplica/graphite:latest
mgmt-ipv4: 172.100.100.102
mgmt-ipv6: 2001:172:100:100::102
env:
CLAB_SSH_CONNECTION: ${SSH_CONNECTION}
binds:
- __clabDir__/topology-data.json:/htdocs/default/default.json:ro
ports:
- 8080:80
exec:
- sh -c 'graphite_motd.sh 8080'
labels:
graph-hide: yes
links:
- endpoints: ["pe-router:eth1", "ce-router:eth1"]
- endpoints: ["pe-router:eth2", "ixia:eth1"]
- endpoints: ["ce-router:eth2", "ixia:eth2"]