diff --git a/ansible_collections/arista/avd/examples/cv-pathfinder/documentation/devices/inet-cloud.md b/ansible_collections/arista/avd/examples/cv-pathfinder/documentation/devices/inet-cloud.md
index 5cf8a45f6d5..af2228d68c5 100644
--- a/ansible_collections/arista/avd/examples/cv-pathfinder/documentation/devices/inet-cloud.md
+++ b/ansible_collections/arista/avd/examples/cv-pathfinder/documentation/devices/inet-cloud.md
@@ -26,6 +26,7 @@
- [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration)
- [Interfaces](#interfaces)
- [Ethernet Interfaces](#ethernet-interfaces)
+ - [Port-Channel Interfaces](#port-channel-interfaces)
- [Loopback Interfaces](#loopback-interfaces)
- [Routing](#routing)
- [Service Routing Protocols Model](#service-routing-protocols-model)
@@ -235,7 +236,6 @@ dhcp server
| -------------- | --------- | --------- |
| Ethernet5 | True | False |
| Ethernet6 | True | False |
-| Ethernet8 | True | False |
## Monitoring
@@ -306,7 +306,10 @@ vlan internal order ascending range 1006 1199
| Ethernet5 | site1-wan1-Ethernet4 | - | 100.64.10.1/24 | default | - | False | - | - |
| Ethernet6 | site1-wan2-Ethernet4 | - | 100.64.11.1/24 | default | - | False | - | - |
| Ethernet7 | site2-wan2-Ethernet4 | - | 100.64.21.1/24 | default | - | False | - | - |
-| Ethernet8 | site3-wan1-Ethernet4 | - | 100.64.30.1/24 | default | - | False | - | - |
+| Ethernet8 | - | 8 | *100.64.30.1/24 | **default | **- | *False | **- | **- |
+| Ethernet9 | - | 8 | *100.64.30.1/24 | **default | **- | *False | **- | **- |
+
+*Inherited from Port-Channel Interface
#### Ethernet Interfaces Device Configuration
@@ -345,11 +348,44 @@ interface Ethernet7
ip address 100.64.21.1/24
!
interface Ethernet8
- description site3-wan1-Ethernet4
+ no shutdown
+ speed forced 10000full
+ no switchport
+ channel-group 8 mode active
+!
+interface Ethernet9
+ no shutdown
+ speed forced 10000full
+ no switchport
+ channel-group 8 mode active
+```
+
+### Port-Channel Interfaces
+
+#### Port-Channel Interfaces Summary
+
+##### L2
+
+| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI |
+| --------- | ----------- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- |
+
+##### IPv4
+
+| Interface | Description | MLAG ID | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out |
+| --------- | ----------- | ------- | ---------- | --- | --- | -------- | ------ | ------- |
+| Port-Channel8 | site3-wan1-Port-Channel4 | - | 100.64.30.1/24 | default | - | False | - | - |
+
+#### Port-Channel Interfaces Device Configuration
+
+```eos
+!
+interface Port-Channel8
+ description site3-wan1-Port-Channel4
no shutdown
no switchport
ip address 100.64.30.1/24
dhcp server ipv4
+
```
### Loopback Interfaces
diff --git a/ansible_collections/arista/avd/examples/cv-pathfinder/documentation/devices/site3-wan1.md b/ansible_collections/arista/avd/examples/cv-pathfinder/documentation/devices/site3-wan1.md
index 334c7029489..b0200cebca4 100644
--- a/ansible_collections/arista/avd/examples/cv-pathfinder/documentation/devices/site3-wan1.md
+++ b/ansible_collections/arista/avd/examples/cv-pathfinder/documentation/devices/site3-wan1.md
@@ -33,6 +33,7 @@
- [Interfaces](#interfaces)
- [DPS Interfaces](#dps-interfaces)
- [Ethernet Interfaces](#ethernet-interfaces)
+ - [Port-Channel Interfaces](#port-channel-interfaces)
- [Loopback Interfaces](#loopback-interfaces)
- [VXLAN Interface](#vxlan-interface)
- [Routing](#routing)
@@ -287,7 +288,7 @@ daemon TerminAttr
| Tracker Name | Record Export On Inactive Timeout | Record Export On Interval | Number of Exporters | Applied On |
| ------------ | --------------------------------- | ------------------------- | ------------------- | ---------- |
-| FLOW-TRACKER | 70000 | 5000 | 1 | Dps1
Ethernet1.666
Ethernet1.42
Ethernet4 |
+| FLOW-TRACKER | 70000 | 5000 | 1 | Dps1
Ethernet1.666
Ethernet1.42
Port-Channel4 |
##### Exporters Summary
@@ -430,7 +431,10 @@ interface Dps1
| --------- | ----------- | ------------- | ---------- | ----| ---- | -------- | ------ | ------- |
| Ethernet1.42 | RED-TEST | - | 10.42.3.1/24 | RED | - | False | - | - |
| Ethernet1.666 | BLUE-TEST | - | 10.66.3.1/24 | BLUE | - | False | - | - |
-| Ethernet4 | REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud_Ethernet8 | - | dhcp | default | - | False | ACL-INTERNET-IN_Ethernet4 | - |
+| Ethernet4 | REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud | 4 | *dhcp | **default | **- | *False | *ACL-INTERNET-IN_Port-Channel4 | **- |
+| Ethernet5 | REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud | 4 | *dhcp | **default | **- | *False | *ACL-INTERNET-IN_Port-Channel4 | **- |
+
+*Inherited from Port-Channel Interface
#### Ethernet Interfaces Device Configuration
@@ -459,13 +463,47 @@ interface Ethernet1.666
ip address 10.66.3.1/24
!
interface Ethernet4
- description REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud_Ethernet8
+ description REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud
+ no shutdown
+ speed forced 10000full
+ no switchport
+ channel-group 4 mode active
+!
+interface Ethernet5
+ description REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud
+ no shutdown
+ speed forced 10000full
+ no switchport
+ channel-group 4 mode active
+```
+
+### Port-Channel Interfaces
+
+#### Port-Channel Interfaces Summary
+
+##### L2
+
+| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI |
+| --------- | ----------- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- |
+
+##### IPv4
+
+| Interface | Description | MLAG ID | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out |
+| --------- | ----------- | ------- | ---------- | --- | --- | -------- | ------ | ------- |
+| Port-Channel4 | REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud_Port-Channel8 | - | dhcp | default | - | False | ACL-INTERNET-IN_Port-Channel4 | - |
+
+#### Port-Channel Interfaces Device Configuration
+
+```eos
+!
+interface Port-Channel4
+ description REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud_Port-Channel8
no shutdown
no switchport
flow tracker hardware FLOW-TRACKER
ip address dhcp
dhcp client accept default-route
- ip access-group ACL-INTERNET-IN_Ethernet4 in
+ ip access-group ACL-INTERNET-IN_Port-Channel4 in
```
### Loopback Interfaces
@@ -1011,7 +1049,7 @@ ip extcommunity-list ECL-EVPN-SOO permit soo 192.168.255.11:203
```eos
!
-ip access-list ACL-INTERNET-IN_Ethernet4
+ip access-list ACL-INTERNET-IN_Port-Channel4
1 remark Not for PRODUCTION: This ACL is built this way because the lab has an out-of-band interface
10 permit udp any host 100.64.30.2 eq isakmp non500-isakmp
30 permit icmp any host 100.64.30.2
@@ -1168,7 +1206,7 @@ application traffic recognition
| Interface name | Public address | STUN server profile(s) |
| -------------- | -------------- | ---------------------- |
-| Ethernet4 | - | INTERNET-pf1-Ethernet2
INTERNET-pf2-Ethernet2 |
+| Port-Channel4 | - | INTERNET-pf1-Ethernet2
INTERNET-pf2-Ethernet2 |
###### Dynamic Peers Settings
@@ -1206,7 +1244,7 @@ router path-selection
path-group INTERNET id 102
ipsec profile CP-PROFILE
!
- local interface Ethernet4
+ local interface Port-Channel4
stun server-profile INTERNET-pf1-Ethernet2 INTERNET-pf2-Ethernet2
!
peer dynamic
diff --git a/ansible_collections/arista/avd/examples/cv-pathfinder/group_vars/SITE3.yml b/ansible_collections/arista/avd/examples/cv-pathfinder/group_vars/SITE3.yml
index c0d78381609..c3f1639569f 100644
--- a/ansible_collections/arista/avd/examples/cv-pathfinder/group_vars/SITE3.yml
+++ b/ansible_collections/arista/avd/examples/cv-pathfinder/group_vars/SITE3.yml
@@ -23,10 +23,21 @@ wan_router:
id: 11
mgmt_ip: 192.168.17.20/24
uplink_switches: [site3-leaf1]
- l3_interfaces:
- - name: Ethernet4
- peer_interface: Ethernet8
+ l3_port_channels:
+ - name: Port-Channel4
+ mode: active
+ member_interfaces:
+ - name: Ethernet4
+ speed: forced 10000full
+ - name: Ethernet5
+ speed: forced 10000full
+ peer: inet-cloud
+ ip_address: dhcp
dhcp_ip: 100.64.30.2
- profile: INTERNET-WAN-INTERFACE
+ dhcp_accept_default_route: true
+ ipv4_acl_in: ACL-INTERNET-IN
+ peer_port_channel: Port-Channel8
wan_carrier: REGION2-INTERNET-CORP
wan_circuit_id: inet-site3-wan1
+ flow_tracking:
+ enabled: true
diff --git a/ansible_collections/arista/avd/examples/cv-pathfinder/group_vars/TRANSPORTS.yml b/ansible_collections/arista/avd/examples/cv-pathfinder/group_vars/TRANSPORTS.yml
index 3a289d70903..45f19c45942 100644
--- a/ansible_collections/arista/avd/examples/cv-pathfinder/group_vars/TRANSPORTS.yml
+++ b/ansible_collections/arista/avd/examples/cv-pathfinder/group_vars/TRANSPORTS.yml
@@ -50,11 +50,18 @@ spine:
- name: Ethernet7
description: site2-wan2-Ethernet4
ip_address: 100.64.21.1/24
- - name: Ethernet8
- description: site3-wan1-Ethernet4
+ l3_port_channels:
+ - name: Port-Channel8
+ mode: active
+ description: site3-wan1-Port-Channel4
+ member_interfaces:
+ - name: Ethernet8
+ speed: forced 10000full
+ - name: Ethernet9
+ speed: forced 10000full
ip_address: 100.64.30.1/24
- structured_config:
- dhcp_server_ipv4: true
+ raw_eos_cli: |
+ dhcp server ipv4
structured_config:
router_bgp:
# Neighbor definition for site2-wan2
diff --git a/ansible_collections/arista/avd/examples/cv-pathfinder/intended/configs/inet-cloud.cfg b/ansible_collections/arista/avd/examples/cv-pathfinder/intended/configs/inet-cloud.cfg
index f38e4cdf0e6..0c8ca483342 100644
--- a/ansible_collections/arista/avd/examples/cv-pathfinder/intended/configs/inet-cloud.cfg
+++ b/ansible_collections/arista/avd/examples/cv-pathfinder/intended/configs/inet-cloud.cfg
@@ -53,6 +53,14 @@ management api http-commands
no shutdown
!
aaa authorization exec default local
+!
+interface Port-Channel8
+ description site3-wan1-Port-Channel4
+ no shutdown
+ no switchport
+ ip address 100.64.30.1/24
+ dhcp server ipv4
+
!
interface Ethernet1
description pf1-Ethernet2
@@ -87,11 +95,16 @@ interface Ethernet7
ip address 100.64.21.1/24
!
interface Ethernet8
- description site3-wan1-Ethernet4
no shutdown
+ speed forced 10000full
no switchport
- ip address 100.64.30.1/24
- dhcp server ipv4
+ channel-group 8 mode active
+!
+interface Ethernet9
+ no shutdown
+ speed forced 10000full
+ no switchport
+ channel-group 8 mode active
!
interface Loopback0
description ROUTER_ID
diff --git a/ansible_collections/arista/avd/examples/cv-pathfinder/intended/configs/site3-wan1.cfg b/ansible_collections/arista/avd/examples/cv-pathfinder/intended/configs/site3-wan1.cfg
index 58fbee377cb..65f4547c301 100644
--- a/ansible_collections/arista/avd/examples/cv-pathfinder/intended/configs/site3-wan1.cfg
+++ b/ansible_collections/arista/avd/examples/cv-pathfinder/intended/configs/site3-wan1.cfg
@@ -104,7 +104,7 @@ router path-selection
path-group INTERNET id 102
ipsec profile CP-PROFILE
!
- local interface Ethernet4
+ local interface Port-Channel4
stun server-profile INTERNET-pf1-Ethernet2 INTERNET-pf2-Ethernet2
!
peer dynamic
@@ -196,6 +196,15 @@ ip security
key controller
profile DP-PROFILE
!
+interface Port-Channel4
+ description REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud_Port-Channel8
+ no shutdown
+ no switchport
+ flow tracker hardware FLOW-TRACKER
+ ip address dhcp
+ dhcp client accept default-route
+ ip access-group ACL-INTERNET-IN_Port-Channel4 in
+!
interface Dps1
description DPS Interface
mtu 9194
@@ -225,13 +234,18 @@ interface Ethernet1.666
ip address 10.66.3.1/24
!
interface Ethernet4
- description REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud_Ethernet8
+ description REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud
no shutdown
+ speed forced 10000full
no switchport
- flow tracker hardware FLOW-TRACKER
- ip address dhcp
- dhcp client accept default-route
- ip access-group ACL-INTERNET-IN_Ethernet4 in
+ channel-group 4 mode active
+!
+interface Ethernet5
+ description REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud
+ no shutdown
+ speed forced 10000full
+ no switchport
+ channel-group 4 mode active
!
interface Loopback0
description ROUTER_ID
@@ -296,7 +310,7 @@ application traffic recognition
field-set l4-port VOICE-PORTS
666-667
!
-ip access-list ACL-INTERNET-IN_Ethernet4
+ip access-list ACL-INTERNET-IN_Port-Channel4
1 remark Not for PRODUCTION: This ACL is built this way because the lab has an out-of-band interface
10 permit udp any host 100.64.30.2 eq isakmp non500-isakmp
30 permit icmp any host 100.64.30.2
diff --git a/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/inet-cloud.yml b/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/inet-cloud.yml
index ff44c321f9d..61b000e4f33 100644
--- a/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/inet-cloud.yml
+++ b/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/inet-cloud.yml
@@ -138,13 +138,32 @@ ethernet_interfaces:
enabled: false
description: site2-wan2-Ethernet4
- name: Ethernet8
- peer_type: l3_interface
+ shutdown: false
+ switchport:
+ enabled: false
+ speed: forced 10000full
+ channel_group:
+ id: 8
+ mode: active
+- name: Ethernet9
+ shutdown: false
+ switchport:
+ enabled: false
+ speed: forced 10000full
+ channel_group:
+ id: 8
+ mode: active
+port_channel_interfaces:
+- name: Port-Channel8
+ peer_type: l3_port_channel
ip_address: 100.64.30.1/24
shutdown: false
switchport:
enabled: false
- description: site3-wan1-Ethernet4
- dhcp_server_ipv4: true
+ description: site3-wan1-Port-Channel4
+ eos_cli: 'dhcp server ipv4
+
+ '
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
diff --git a/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/site1-wan1.yml b/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/site1-wan1.yml
index 26ebe38fe11..1184ca94d6e 100644
--- a/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/site1-wan1.yml
+++ b/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/site1-wan1.yml
@@ -334,9 +334,9 @@ ethernet_interfaces:
switchport:
enabled: false
description: REGION1-INTERNET-CORP_inet-site1-wan1_inet-cloud_Ethernet5
- access_group_in: ACL-INTERNET-IN_Ethernet4
flow_tracker:
hardware: FLOW-TRACKER
+ access_group_in: ACL-INTERNET-IN_Ethernet4
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
diff --git a/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/site1-wan2.yml b/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/site1-wan2.yml
index 6cd61b9e2be..4bb66fe57cb 100644
--- a/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/site1-wan2.yml
+++ b/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/site1-wan2.yml
@@ -334,9 +334,9 @@ ethernet_interfaces:
switchport:
enabled: false
description: REGION1-INTERNET-CORP_inet-site1-wan2_inet-cloud_Ethernet6
- access_group_in: ACL-INTERNET-IN_Ethernet4
flow_tracker:
hardware: FLOW-TRACKER
+ access_group_in: ACL-INTERNET-IN_Ethernet4
dhcp_client_accept_default_route: true
loopback_interfaces:
- name: Loopback0
diff --git a/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/site2-wan2.yml b/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/site2-wan2.yml
index b95710ba067..22e9e1adb78 100644
--- a/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/site2-wan2.yml
+++ b/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/site2-wan2.yml
@@ -365,9 +365,9 @@ ethernet_interfaces:
switchport:
enabled: false
description: REGION2-INTERNET-CORP_inet-site2-wan2_inet-cloud_Ethernet7
- access_group_in: ACL-INTERNET-IN_Ethernet4
flow_tracker:
hardware: FLOW-TRACKER
+ access_group_in: ACL-INTERNET-IN_Ethernet4
- name: Ethernet5
switchport:
enabled: false
diff --git a/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/site3-wan1.yml b/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/site3-wan1.yml
index a5c8da00bd0..2fe320880e8 100644
--- a/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/site3-wan1.yml
+++ b/ansible_collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/site3-wan1.yml
@@ -215,17 +215,38 @@ ethernet_interfaces:
flow_tracker:
hardware: FLOW-TRACKER
- name: Ethernet4
- peer_type: l3_interface
+ description: REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud
peer: inet-cloud
- peer_interface: Ethernet8
+ shutdown: false
+ switchport:
+ enabled: false
+ speed: forced 10000full
+ channel_group:
+ id: 4
+ mode: active
+- name: Ethernet5
+ description: REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud
+ peer: inet-cloud
+ shutdown: false
+ switchport:
+ enabled: false
+ speed: forced 10000full
+ channel_group:
+ id: 4
+ mode: active
+port_channel_interfaces:
+- name: Port-Channel4
+ peer_type: l3_port_channel
+ peer: inet-cloud
+ peer_interface: Port-Channel8
ip_address: dhcp
shutdown: false
switchport:
enabled: false
- description: REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud_Ethernet8
- access_group_in: ACL-INTERNET-IN_Ethernet4
+ description: REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud_Port-Channel8
flow_tracker:
hardware: FLOW-TRACKER
+ access_group_in: ACL-INTERNET-IN_Port-Channel4
dhcp_client_accept_default_route: true
loopback_interfaces:
- name: Loopback0
@@ -272,7 +293,7 @@ agents:
- name: KERNELFIB_PROGRAM_ALL_ECMP
value: '1'
ip_access_lists:
-- name: ACL-INTERNET-IN_Ethernet4
+- name: ACL-INTERNET-IN_Port-Channel4
entries:
- sequence: 1
remark: 'Not for PRODUCTION: This ACL is built this way because the lab has an out-of-band interface'
@@ -428,7 +449,7 @@ router_path_selection:
- name: INTERNET
id: 102
local_interfaces:
- - name: Ethernet4
+ - name: Port-Channel4
stun:
server_profiles:
- INTERNET-pf1-Ethernet2
@@ -593,11 +614,11 @@ metadata:
- interface: Ethernet4
tags:
- name: Type
- value: wan
- - name: Carrier
- value: REGION2-INTERNET-CORP
- - name: Circuit
- value: inet-site3-wan1
+ value: lan
+ - interface: Ethernet5
+ tags:
+ - name: Type
+ value: lan
cv_pathfinder:
role: edge
ssl_profile: STUN-DTLS
@@ -606,7 +627,7 @@ metadata:
zone: REGION2-ZONE
site: SITE3
interfaces:
- - name: Ethernet4
+ - name: Port-Channel4
carrier: REGION2-INTERNET-CORP
circuit_id: inet-site3-wan1
pathgroup: INTERNET
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_negative_unit_tests/inventory/host_vars/ipv4-acl-in-missing-on-wan-interface.yml b/ansible_collections/arista/avd/molecule/eos_designs_negative_unit_tests/inventory/host_vars/ipv4-acl-in-missing-on-wan-interface.yml
index 0c2656b2281..5930aa1e75e 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_negative_unit_tests/inventory/host_vars/ipv4-acl-in-missing-on-wan-interface.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_negative_unit_tests/inventory/host_vars/ipv4-acl-in-missing-on-wan-interface.yml
@@ -24,4 +24,4 @@ wan_path_groups:
expected_error_message: >-
'ipv4_acl_in' must be set on WAN interfaces where 'wan_carrier' is set,
- unless the carrier is configured as 'trusted' under 'wan_carriers'. 'ipv4_acl_in' is missing on interface 'Ethernet1'.
+ unless the carrier is configured as 'trusted' under 'wan_carriers'. 'ipv4_acl_in' is missing on L3 interface 'Ethernet1'.
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge.cfg
index 52331356039..4d144183706 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge.cfg
@@ -66,6 +66,9 @@ router adaptive-virtual-topology
match application-profile MPLS-ONLY
avt profile PROD-AVT-POLICY-MPLS-ONLY
!
+ match application-profile CRITICAL-APP
+ avt profile PROD-AVT-POLICY-CRITICAL-APP
+ !
match application-profile default
avt profile PROD-AVT-POLICY-DEFAULT
!
@@ -82,6 +85,9 @@ router adaptive-virtual-topology
profile DEFAULT-POLICY-DEFAULT
path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
!
+ profile PROD-AVT-POLICY-CRITICAL-APP
+ path-selection load-balance LB-PROD-AVT-POLICY-CRITICAL-APP
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -116,6 +122,7 @@ router adaptive-virtual-topology
avt profile PROD-AVT-POLICY-VOICE id 2
avt profile PROD-AVT-POLICY-VIDEO id 4
avt profile PROD-AVT-POLICY-MPLS-ONLY id 5
+ avt profile PROD-AVT-POLICY-CRITICAL-APP id 6
!
router internet-exit
exit-group DIRECT-EXIT-POLICY-1
@@ -196,6 +203,10 @@ router path-selection
path-group INET
path-group MPLS
!
+ load-balance policy LB-PROD-AVT-POLICY-CRITICAL-APP
+ loss-rate 45.0
+ path-group INET
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group MPLS priority 2
@@ -427,6 +438,9 @@ application traffic recognition
application ipv4 CUSTOM-APPLICATION-2
protocol tcp source port field-set TCP-SRC-2 destination port field-set TCP-DEST-2
!
+ application ipv4 CUSTOM-APPLICATION-3
+ protocol tcp source port field-set TCP-SRC-3 destination port field-set TCP-DEST-3
+ !
application ipv4 CUSTOM-DSCP-APPLICATION
dscp ef 12-14 cs6 42
!
@@ -438,6 +452,9 @@ application traffic recognition
application-profile APP-PROFILE-CONTROL-PLANE
application APP-CONTROL-PLANE
!
+ application-profile CRITICAL-APP
+ application CUSTOM-APPLICATION-3
+ !
application-profile MPLS-ONLY
!
application-profile VIDEO
@@ -461,8 +478,14 @@ application traffic recognition
field-set l4-port TCP-DEST-2
666, 777
!
+ field-set l4-port TCP-DEST-3
+ 880
+ !
field-set l4-port TCP-SRC-2
42
+ !
+ field-set l4-port TCP-SRC-3
+ 400
!
monitor connectivity
no shutdown
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge1.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge1.cfg
index 9962486a0d2..8b6cd55b0bc 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge1.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge1.cfg
@@ -63,6 +63,9 @@ router adaptive-virtual-topology
match application-profile VIDEO
avt profile PROD-AVT-POLICY-VIDEO
!
+ match application-profile CRITICAL-APP
+ avt profile PROD-AVT-POLICY-CRITICAL-APP
+ !
match application-profile default
avt profile PROD-AVT-POLICY-DEFAULT
!
@@ -79,6 +82,10 @@ router adaptive-virtual-topology
profile DEFAULT-POLICY-DEFAULT
path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
!
+ profile PROD-AVT-POLICY-CRITICAL-APP
+ internet-exit policy ZSCALER-EXIT-POLICY-3
+ path-selection load-balance LB-PROD-AVT-POLICY-CRITICAL-APP
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -110,6 +117,7 @@ router adaptive-virtual-topology
avt profile PROD-AVT-POLICY-DEFAULT id 1
avt profile PROD-AVT-POLICY-VOICE id 2
avt profile PROD-AVT-POLICY-VIDEO id 4
+ avt profile PROD-AVT-POLICY-CRITICAL-APP id 6
!
router internet-exit
exit-group DIRECT-EXIT-POLICY-1
@@ -133,6 +141,15 @@ router internet-exit
exit-group ZSCALER-EXIT-POLICY-2_TER
local connection IE-Tunnel112
!
+ exit-group ZSCALER-EXIT-POLICY-3_PRI
+ local connection IE-Tunnel200
+ !
+ exit-group ZSCALER-EXIT-POLICY-3_SEC
+ local connection IE-Tunnel201
+ !
+ exit-group ZSCALER-EXIT-POLICY-3_TER
+ local connection IE-Tunnel202
+ !
policy DIRECT-EXIT-POLICY-1
exit-group DIRECT-EXIT-POLICY-1
!
@@ -146,6 +163,11 @@ router internet-exit
exit-group ZSCALER-EXIT-POLICY-2_PRI
exit-group ZSCALER-EXIT-POLICY-2_SEC
exit-group ZSCALER-EXIT-POLICY-2_TER
+ !
+ policy ZSCALER-EXIT-POLICY-3
+ exit-group ZSCALER-EXIT-POLICY-3_PRI
+ exit-group ZSCALER-EXIT-POLICY-3_SEC
+ exit-group ZSCALER-EXIT-POLICY-3_TER
!
router path-selection
tcp mss ceiling ipv4 ingress
@@ -163,6 +185,9 @@ router path-selection
local interface Ethernet3
stun server-profile INET-cv-pathfinder-pathfinder1-Ethernet1 INET-cv-pathfinder-pathfinder2-Ethernet1
!
+ local interface Port-Channel1
+ stun server-profile INET-cv-pathfinder-pathfinder1-Ethernet1 INET-cv-pathfinder-pathfinder2-Ethernet1
+ !
peer dynamic
!
peer static router-ip 192.168.144.2
@@ -196,6 +221,11 @@ router path-selection
path-group INET
path-group Satellite priority 2
!
+ load-balance policy LB-PROD-AVT-POLICY-CRITICAL-APP
+ loss-rate 45.0
+ path-group INET
+ path-group AWS priority 2
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
!
@@ -230,6 +260,15 @@ router service-insertion
connection IE-Tunnel112
interface Tunnel112 primary
monitor connectivity host IE-Tunnel112
+ connection IE-Tunnel200
+ interface Tunnel200 primary
+ monitor connectivity host IE-Tunnel200
+ connection IE-Tunnel201
+ interface Tunnel201 primary
+ monitor connectivity host IE-Tunnel201
+ connection IE-Tunnel202
+ interface Tunnel202 primary
+ monitor connectivity host IE-Tunnel202
!
spanning-tree mode none
!
@@ -271,6 +310,12 @@ ip security
dh-group 24
local-id fqdn cv-pathfinder-edge1_ZSCALER-EXIT-POLICY-2@test.local
!
+ ike policy IE-ZSCALER-EXIT-POLICY-3-IKE-POLICY
+ ike-lifetime 24
+ encryption aes256
+ dh-group 24
+ local-id fqdn cv-pathfinder-edge1_ZSCALER-EXIT-POLICY-3@test.local
+ !
sa policy CP-SA-POLICY
esp encryption aes256gcm128
pfs dh-group 14
@@ -291,6 +336,12 @@ ip security
sa lifetime 8 hours
pfs dh-group 24
!
+ sa policy IE-ZSCALER-EXIT-POLICY-3-SA-POLICY
+ esp encryption aes256
+ esp integrity sha256
+ sa lifetime 8 hours
+ pfs dh-group 24
+ !
profile CP-PROFILE
ike-policy CP-IKE-POLICY
sa-policy CP-SA-POLICY
@@ -320,9 +371,23 @@ ip security
shared-key 7 0007054B145A1F0E0928424A0C0B4812160C09551511170B121907214A333B286214687C782720215B0B67637B7B666B3873293274733B31233B6D2A332315696A
dpd 10 60 clear
!
+ profile IE-ZSCALER-EXIT-POLICY-3-PROFILE
+ ike-policy IE-ZSCALER-EXIT-POLICY-3-IKE-POLICY
+ sa-policy IE-ZSCALER-EXIT-POLICY-3-SA-POLICY
+ connection start
+ shared-key 7 0007054B145A1F0E0928424A0C0B4812160C09551511170B121907214A333B286214687C782720215B0A67637B7B666B3873293274733B31233B6D2A332315696A
+ dpd 10 60 clear
+ !
key controller
profile DP-PROFILE
!
+interface Port-Channel1
+ description ATT_404_peerDeviceA_Port-Channel2
+ no shutdown
+ no switchport
+ flow tracker hardware FLOW-TRACKER
+ ip address 172.15.5.7/31
+!
interface Dps1
description DPS Interface
mtu 9194
@@ -367,6 +432,20 @@ interface Ethernet5
ip address dhcp
dhcp client accept default-route
!
+interface Ethernet6
+ description ATT_404_peerDevice1_PeerDevIntf1
+ no shutdown
+ speed forced 10000full
+ no switchport
+ channel-group 1 mode active
+!
+interface Ethernet7
+ description ATT_404_peerDeviceA
+ no shutdown
+ speed forced 10000full
+ no switchport
+ channel-group 1 mode active
+!
interface Ethernet52
description P2P_site-ha-disabled-leaf_Ethernet2
no shutdown
@@ -463,6 +542,36 @@ interface Tunnel112
tunnel destination 10.50.9.1
tunnel ipsec profile IE-ZSCALER-EXIT-POLICY-2-PROFILE
!
+interface Tunnel200
+ description Internet Exit ZSCALER-EXIT-POLICY-3 PRI
+ mtu 1394
+ ip address unnumbered Loopback0
+ ip nat service-profile NAT-IE-ZSCALER
+ tunnel mode ipsec
+ tunnel source interface Port-Channel1
+ tunnel destination 10.37.121.1
+ tunnel ipsec profile IE-ZSCALER-EXIT-POLICY-3-PROFILE
+!
+interface Tunnel201
+ description Internet Exit ZSCALER-EXIT-POLICY-3 SEC
+ mtu 1394
+ ip address unnumbered Loopback0
+ ip nat service-profile NAT-IE-ZSCALER
+ tunnel mode ipsec
+ tunnel source interface Port-Channel1
+ tunnel destination 10.39.77.1
+ tunnel ipsec profile IE-ZSCALER-EXIT-POLICY-3-PROFILE
+!
+interface Tunnel202
+ description Internet Exit ZSCALER-EXIT-POLICY-3 TER
+ mtu 1394
+ ip address unnumbered Loopback0
+ ip nat service-profile NAT-IE-ZSCALER
+ tunnel mode ipsec
+ tunnel source interface Port-Channel1
+ tunnel destination 10.50.9.1
+ tunnel ipsec profile IE-ZSCALER-EXIT-POLICY-3-PROFILE
+!
interface Vxlan1
description cv-pathfinder-edge1_VTEP
vxlan source-interface Dps1
@@ -485,6 +594,9 @@ application traffic recognition
application ipv4 CUSTOM-APPLICATION-2
protocol tcp source port field-set TCP-SRC-2 destination port field-set TCP-DEST-2
!
+ application ipv4 CUSTOM-APPLICATION-3
+ protocol tcp source port field-set TCP-SRC-3 destination port field-set TCP-DEST-3
+ !
application ipv4 CUSTOM-DSCP-APPLICATION
dscp ef 12-14 cs6 42
!
@@ -496,6 +608,9 @@ application traffic recognition
application-profile APP-PROFILE-CONTROL-PLANE
application APP-CONTROL-PLANE
!
+ application-profile CRITICAL-APP
+ application CUSTOM-APPLICATION-3
+ !
application-profile VIDEO
application CUSTOM-APPLICATION-1
application skype
@@ -517,8 +632,14 @@ application traffic recognition
field-set l4-port TCP-DEST-2
666, 777
!
+ field-set l4-port TCP-DEST-3
+ 880
+ !
field-set l4-port TCP-SRC-2
42
+ !
+ field-set l4-port TCP-SRC-3
+ 400
!
monitor connectivity
no shutdown
@@ -529,6 +650,9 @@ monitor connectivity
interface set SET-Tunnel110 Tunnel110
interface set SET-Tunnel111 Tunnel111
interface set SET-Tunnel112 Tunnel112
+ interface set SET-Tunnel200 Tunnel200
+ interface set SET-Tunnel201 Tunnel201
+ interface set SET-Tunnel202 Tunnel202
!
host IE-Ethernet3
description
@@ -577,6 +701,27 @@ monitor connectivity
local-interfaces SET-Tunnel112
ip 10.50.9.1
url http://gateway.zscalerbeta.net/vpntest
+ !
+ host IE-Tunnel200
+ description
+ Internet Exit ZSCALER-EXIT-POLICY-3 PRI
+ local-interfaces SET-Tunnel200
+ ip 10.37.121.1
+ url http://gateway.zscalerbeta.net/vpntest
+ !
+ host IE-Tunnel201
+ description
+ Internet Exit ZSCALER-EXIT-POLICY-3 SEC
+ local-interfaces SET-Tunnel201
+ ip 10.39.77.1
+ url http://gateway.zscalerbeta.net/vpntest
+ !
+ host IE-Tunnel202
+ description
+ Internet Exit ZSCALER-EXIT-POLICY-3 TER
+ local-interfaces SET-Tunnel202
+ ip 10.50.9.1
+ url http://gateway.zscalerbeta.net/vpntest
!
ip access-list ACL-NAT-IE-DIRECT
10 deny ip any 5.0.0.0/24
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2A.cfg
index f2d1fb1eab3..f0eab7d42c3 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2A.cfg
@@ -59,6 +59,9 @@ router adaptive-virtual-topology
match application-profile MPLS-ONLY
avt profile PROD-AVT-POLICY-MPLS-ONLY
!
+ match application-profile CRITICAL-APP
+ avt profile PROD-AVT-POLICY-CRITICAL-APP
+ !
match application-profile default
avt profile PROD-AVT-POLICY-DEFAULT
!
@@ -74,6 +77,9 @@ router adaptive-virtual-topology
profile DEFAULT-POLICY-DEFAULT
path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
!
+ profile PROD-AVT-POLICY-CRITICAL-APP
+ path-selection load-balance LB-PROD-AVT-POLICY-CRITICAL-APP
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -107,6 +113,7 @@ router adaptive-virtual-topology
avt profile PROD-AVT-POLICY-VOICE id 2
avt profile PROD-AVT-POLICY-VIDEO id 4
avt profile PROD-AVT-POLICY-MPLS-ONLY id 5
+ avt profile PROD-AVT-POLICY-CRITICAL-APP id 6
!
router path-selection
tcp mss ceiling ipv4 ingress
@@ -153,6 +160,11 @@ router path-selection
path-group INET
path-group LAN_HA
!
+ load-balance policy LB-PROD-AVT-POLICY-CRITICAL-APP
+ loss-rate 45.0
+ path-group INET
+ path-group LAN_HA
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -331,6 +343,9 @@ application traffic recognition
application ipv4 CUSTOM-APPLICATION-2
protocol tcp source port field-set TCP-SRC-2 destination port field-set TCP-DEST-2
!
+ application ipv4 CUSTOM-APPLICATION-3
+ protocol tcp source port field-set TCP-SRC-3 destination port field-set TCP-DEST-3
+ !
application ipv4 CUSTOM-DSCP-APPLICATION
dscp ef 12-14 cs6 42
!
@@ -342,6 +357,9 @@ application traffic recognition
application-profile APP-PROFILE-CONTROL-PLANE
application APP-CONTROL-PLANE
!
+ application-profile CRITICAL-APP
+ application CUSTOM-APPLICATION-3
+ !
application-profile MPLS-ONLY
!
application-profile VIDEO
@@ -365,8 +383,14 @@ application traffic recognition
field-set l4-port TCP-DEST-2
666, 777
!
+ field-set l4-port TCP-DEST-3
+ 880
+ !
field-set l4-port TCP-SRC-2
42
+ !
+ field-set l4-port TCP-SRC-3
+ 400
!
ip routing
ip routing vrf ATTRACTED-VRF-FROM-UPLINK
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2B.cfg
index 926b3c4a899..9618cf8fe8a 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge2B.cfg
@@ -59,6 +59,9 @@ router adaptive-virtual-topology
match application-profile MPLS-ONLY
avt profile PROD-AVT-POLICY-MPLS-ONLY
!
+ match application-profile CRITICAL-APP
+ avt profile PROD-AVT-POLICY-CRITICAL-APP
+ !
match application-profile default
avt profile PROD-AVT-POLICY-DEFAULT
!
@@ -74,6 +77,9 @@ router adaptive-virtual-topology
profile DEFAULT-POLICY-DEFAULT
path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
!
+ profile PROD-AVT-POLICY-CRITICAL-APP
+ path-selection load-balance LB-PROD-AVT-POLICY-CRITICAL-APP
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -107,6 +113,7 @@ router adaptive-virtual-topology
avt profile PROD-AVT-POLICY-VOICE id 2
avt profile PROD-AVT-POLICY-VIDEO id 4
avt profile PROD-AVT-POLICY-MPLS-ONLY id 5
+ avt profile PROD-AVT-POLICY-CRITICAL-APP id 6
!
router path-selection
tcp mss ceiling ipv4 ingress
@@ -153,6 +160,10 @@ router path-selection
path-group CUSTOM_LAN_HA
path-group MPLS
!
+ load-balance policy LB-PROD-AVT-POLICY-CRITICAL-APP
+ loss-rate 45.0
+ path-group CUSTOM_LAN_HA
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group CUSTOM_LAN_HA
path-group MPLS priority 2
@@ -316,6 +327,9 @@ application traffic recognition
application ipv4 CUSTOM-APPLICATION-2
protocol tcp source port field-set TCP-SRC-2 destination port field-set TCP-DEST-2
!
+ application ipv4 CUSTOM-APPLICATION-3
+ protocol tcp source port field-set TCP-SRC-3 destination port field-set TCP-DEST-3
+ !
application ipv4 CUSTOM-DSCP-APPLICATION
dscp ef 12-14 cs6 42
!
@@ -327,6 +341,9 @@ application traffic recognition
application-profile APP-PROFILE-CONTROL-PLANE
application APP-CONTROL-PLANE
!
+ application-profile CRITICAL-APP
+ application CUSTOM-APPLICATION-3
+ !
application-profile MPLS-ONLY
!
application-profile VIDEO
@@ -350,8 +367,14 @@ application traffic recognition
field-set l4-port TCP-DEST-2
666, 777
!
+ field-set l4-port TCP-DEST-3
+ 880
+ !
field-set l4-port TCP-SRC-2
42
+ !
+ field-set l4-port TCP-SRC-3
+ 400
!
ip routing
ip routing vrf ATTRACTED-VRF-FROM-UPLINK
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge3A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge3A.cfg
index a25ef697368..abf4b6d9718 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge3A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge3A.cfg
@@ -54,6 +54,9 @@ router adaptive-virtual-topology
match application-profile MPLS-ONLY
avt profile PROD-AVT-POLICY-MPLS-ONLY
!
+ match application-profile CRITICAL-APP
+ avt profile PROD-AVT-POLICY-CRITICAL-APP
+ !
match application-profile default
avt profile PROD-AVT-POLICY-DEFAULT
!
@@ -66,6 +69,9 @@ router adaptive-virtual-topology
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile PROD-AVT-POLICY-CRITICAL-APP
+ path-selection load-balance LB-PROD-AVT-POLICY-CRITICAL-APP
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -95,6 +101,7 @@ router adaptive-virtual-topology
avt profile PROD-AVT-POLICY-VOICE id 2
avt profile PROD-AVT-POLICY-VIDEO id 4
avt profile PROD-AVT-POLICY-MPLS-ONLY id 5
+ avt profile PROD-AVT-POLICY-CRITICAL-APP id 6
!
router path-selection
tcp mss ceiling ipv4 ingress
@@ -134,6 +141,11 @@ router path-selection
path-group INET
path-group LAN_HA
!
+ load-balance policy LB-PROD-AVT-POLICY-CRITICAL-APP
+ loss-rate 45.0
+ path-group INET
+ path-group LAN_HA
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -255,6 +267,9 @@ application traffic recognition
application ipv4 CUSTOM-APPLICATION-2
protocol tcp source port field-set TCP-SRC-2 destination port field-set TCP-DEST-2
!
+ application ipv4 CUSTOM-APPLICATION-3
+ protocol tcp source port field-set TCP-SRC-3 destination port field-set TCP-DEST-3
+ !
application ipv4 CUSTOM-DSCP-APPLICATION
dscp ef 12-14 cs6 42
!
@@ -266,6 +281,9 @@ application traffic recognition
application-profile APP-PROFILE-CONTROL-PLANE
application APP-CONTROL-PLANE
!
+ application-profile CRITICAL-APP
+ application CUSTOM-APPLICATION-3
+ !
application-profile MPLS-ONLY
!
application-profile VIDEO
@@ -289,8 +307,14 @@ application traffic recognition
field-set l4-port TCP-DEST-2
666, 777
!
+ field-set l4-port TCP-DEST-3
+ 880
+ !
field-set l4-port TCP-SRC-2
42
+ !
+ field-set l4-port TCP-SRC-3
+ 400
!
ip routing
ip routing vrf IT
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge3B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge3B.cfg
index 661711e095c..ac9e9852069 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge3B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge3B.cfg
@@ -54,6 +54,9 @@ router adaptive-virtual-topology
match application-profile MPLS-ONLY
avt profile PROD-AVT-POLICY-MPLS-ONLY
!
+ match application-profile CRITICAL-APP
+ avt profile PROD-AVT-POLICY-CRITICAL-APP
+ !
match application-profile default
avt profile PROD-AVT-POLICY-DEFAULT
!
@@ -66,6 +69,9 @@ router adaptive-virtual-topology
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile PROD-AVT-POLICY-CRITICAL-APP
+ path-selection load-balance LB-PROD-AVT-POLICY-CRITICAL-APP
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -95,6 +101,7 @@ router adaptive-virtual-topology
avt profile PROD-AVT-POLICY-VOICE id 2
avt profile PROD-AVT-POLICY-VIDEO id 4
avt profile PROD-AVT-POLICY-MPLS-ONLY id 5
+ avt profile PROD-AVT-POLICY-CRITICAL-APP id 6
!
router path-selection
tcp mss ceiling ipv4 ingress
@@ -134,6 +141,10 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-PROD-AVT-POLICY-CRITICAL-APP
+ loss-rate 45.0
+ path-group LAN_HA
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group LAN_HA
path-group MPLS priority 2
@@ -255,6 +266,9 @@ application traffic recognition
application ipv4 CUSTOM-APPLICATION-2
protocol tcp source port field-set TCP-SRC-2 destination port field-set TCP-DEST-2
!
+ application ipv4 CUSTOM-APPLICATION-3
+ protocol tcp source port field-set TCP-SRC-3 destination port field-set TCP-DEST-3
+ !
application ipv4 CUSTOM-DSCP-APPLICATION
dscp ef 12-14 cs6 42
!
@@ -266,6 +280,9 @@ application traffic recognition
application-profile APP-PROFILE-CONTROL-PLANE
application APP-CONTROL-PLANE
!
+ application-profile CRITICAL-APP
+ application CUSTOM-APPLICATION-3
+ !
application-profile MPLS-ONLY
!
application-profile VIDEO
@@ -289,8 +306,14 @@ application traffic recognition
field-set l4-port TCP-DEST-2
666, 777
!
+ field-set l4-port TCP-DEST-3
+ 880
+ !
field-set l4-port TCP-SRC-2
42
+ !
+ field-set l4-port TCP-SRC-3
+ 400
!
ip routing
ip routing vrf IT
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge4A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge4A.cfg
index 948b4f4a9cf..8d53fa194cd 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge4A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge4A.cfg
@@ -54,6 +54,9 @@ router adaptive-virtual-topology
match application-profile MPLS-ONLY
avt profile PROD-AVT-POLICY-MPLS-ONLY
!
+ match application-profile CRITICAL-APP
+ avt profile PROD-AVT-POLICY-CRITICAL-APP
+ !
match application-profile default
avt profile PROD-AVT-POLICY-DEFAULT
!
@@ -66,6 +69,9 @@ router adaptive-virtual-topology
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile PROD-AVT-POLICY-CRITICAL-APP
+ path-selection load-balance LB-PROD-AVT-POLICY-CRITICAL-APP
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -95,6 +101,7 @@ router adaptive-virtual-topology
avt profile PROD-AVT-POLICY-VOICE id 2
avt profile PROD-AVT-POLICY-VIDEO id 4
avt profile PROD-AVT-POLICY-MPLS-ONLY id 5
+ avt profile PROD-AVT-POLICY-CRITICAL-APP id 6
!
router path-selection
tcp mss ceiling ipv4 ingress
@@ -133,6 +140,11 @@ router path-selection
path-group INET
path-group LAN_HA
!
+ load-balance policy LB-PROD-AVT-POLICY-CRITICAL-APP
+ loss-rate 45.0
+ path-group INET
+ path-group LAN_HA
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -266,6 +278,9 @@ application traffic recognition
application ipv4 CUSTOM-APPLICATION-2
protocol tcp source port field-set TCP-SRC-2 destination port field-set TCP-DEST-2
!
+ application ipv4 CUSTOM-APPLICATION-3
+ protocol tcp source port field-set TCP-SRC-3 destination port field-set TCP-DEST-3
+ !
application ipv4 CUSTOM-DSCP-APPLICATION
dscp ef 12-14 cs6 42
!
@@ -277,6 +292,9 @@ application traffic recognition
application-profile APP-PROFILE-CONTROL-PLANE
application APP-CONTROL-PLANE
!
+ application-profile CRITICAL-APP
+ application CUSTOM-APPLICATION-3
+ !
application-profile MPLS-ONLY
!
application-profile VIDEO
@@ -300,8 +318,14 @@ application traffic recognition
field-set l4-port TCP-DEST-2
666, 777
!
+ field-set l4-port TCP-DEST-3
+ 880
+ !
field-set l4-port TCP-SRC-2
42
+ !
+ field-set l4-port TCP-SRC-3
+ 400
!
ip routing
ip routing vrf IT
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge4B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge4B.cfg
index 25a1e5e02dd..471f95547c3 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge4B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-edge4B.cfg
@@ -54,6 +54,9 @@ router adaptive-virtual-topology
match application-profile MPLS-ONLY
avt profile PROD-AVT-POLICY-MPLS-ONLY
!
+ match application-profile CRITICAL-APP
+ avt profile PROD-AVT-POLICY-CRITICAL-APP
+ !
match application-profile default
avt profile PROD-AVT-POLICY-DEFAULT
!
@@ -66,6 +69,9 @@ router adaptive-virtual-topology
profile DEFAULT-AVT-POLICY-VIDEO
path-selection load-balance LB-DEFAULT-AVT-POLICY-VIDEO
!
+ profile PROD-AVT-POLICY-CRITICAL-APP
+ path-selection load-balance LB-PROD-AVT-POLICY-CRITICAL-APP
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -95,6 +101,7 @@ router adaptive-virtual-topology
avt profile PROD-AVT-POLICY-VOICE id 2
avt profile PROD-AVT-POLICY-VIDEO id 4
avt profile PROD-AVT-POLICY-MPLS-ONLY id 5
+ avt profile PROD-AVT-POLICY-CRITICAL-APP id 6
!
router path-selection
tcp mss ceiling ipv4 ingress
@@ -133,6 +140,11 @@ router path-selection
path-group INET
path-group LAN_HA
!
+ load-balance policy LB-PROD-AVT-POLICY-CRITICAL-APP
+ loss-rate 45.0
+ path-group INET
+ path-group LAN_HA
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -266,6 +278,9 @@ application traffic recognition
application ipv4 CUSTOM-APPLICATION-2
protocol tcp source port field-set TCP-SRC-2 destination port field-set TCP-DEST-2
!
+ application ipv4 CUSTOM-APPLICATION-3
+ protocol tcp source port field-set TCP-SRC-3 destination port field-set TCP-DEST-3
+ !
application ipv4 CUSTOM-DSCP-APPLICATION
dscp ef 12-14 cs6 42
!
@@ -277,6 +292,9 @@ application traffic recognition
application-profile APP-PROFILE-CONTROL-PLANE
application APP-CONTROL-PLANE
!
+ application-profile CRITICAL-APP
+ application CUSTOM-APPLICATION-3
+ !
application-profile MPLS-ONLY
!
application-profile VIDEO
@@ -300,8 +318,14 @@ application traffic recognition
field-set l4-port TCP-DEST-2
666, 777
!
+ field-set l4-port TCP-DEST-3
+ 880
+ !
field-set l4-port TCP-SRC-2
42
+ !
+ field-set l4-port TCP-SRC-3
+ 400
!
ip routing
ip routing vrf IT
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder.cfg
index a010e84d82f..07e645346ea 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder.cfg
@@ -56,6 +56,9 @@ router adaptive-virtual-topology
match application-profile MPLS-ONLY
avt profile PROD-AVT-POLICY-MPLS-ONLY
!
+ match application-profile CRITICAL-APP
+ avt profile PROD-AVT-POLICY-CRITICAL-APP
+ !
match application-profile default
avt profile PROD-AVT-POLICY-DEFAULT
!
@@ -82,6 +85,9 @@ router adaptive-virtual-topology
profile DEFAULT-POLICY-DEFAULT
path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
!
+ profile PROD-AVT-POLICY-CRITICAL-APP
+ path-selection load-balance LB-PROD-AVT-POLICY-CRITICAL-APP
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -118,6 +124,7 @@ router adaptive-virtual-topology
avt profile PROD-AVT-POLICY-VOICE id 2
avt profile PROD-AVT-POLICY-VIDEO id 4
avt profile PROD-AVT-POLICY-MPLS-ONLY id 5
+ avt profile PROD-AVT-POLICY-CRITICAL-APP id 6
!
vrf TRANSIT
avt policy TRANSIT-AVT-POLICY
@@ -184,6 +191,12 @@ router path-selection
path-group Equinix priority 2
path-group Satellite priority 2
!
+ load-balance policy LB-PROD-AVT-POLICY-CRITICAL-APP
+ loss-rate 45.0
+ path-group INET
+ path-group LAN_HA
+ path-group AWS priority 2
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -300,6 +313,9 @@ application traffic recognition
application ipv4 CUSTOM-APPLICATION-2
protocol tcp source port field-set TCP-SRC-2 destination port field-set TCP-DEST-2
!
+ application ipv4 CUSTOM-APPLICATION-3
+ protocol tcp source port field-set TCP-SRC-3 destination port field-set TCP-DEST-3
+ !
application ipv4 CUSTOM-DSCP-APPLICATION
dscp ef 12-14 cs6 42
!
@@ -311,6 +327,9 @@ application traffic recognition
application-profile APP-PROFILE-CONTROL-PLANE
application APP-CONTROL-PLANE
!
+ application-profile CRITICAL-APP
+ application CUSTOM-APPLICATION-3
+ !
application-profile MPLS-ONLY
!
application-profile VIDEO
@@ -334,8 +353,14 @@ application traffic recognition
field-set l4-port TCP-DEST-2
666, 777
!
+ field-set l4-port TCP-DEST-3
+ 880
+ !
field-set l4-port TCP-SRC-2
42
+ !
+ field-set l4-port TCP-SRC-3
+ 400
!
ip routing
no ip routing vrf MGMT
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder1.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder1.cfg
index a722345ab23..5c2dcfb50f5 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder1.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder1.cfg
@@ -56,6 +56,9 @@ router adaptive-virtual-topology
match application-profile MPLS-ONLY
avt profile PROD-AVT-POLICY-MPLS-ONLY
!
+ match application-profile CRITICAL-APP
+ avt profile PROD-AVT-POLICY-CRITICAL-APP
+ !
match application-profile default
avt profile PROD-AVT-POLICY-DEFAULT
!
@@ -82,6 +85,9 @@ router adaptive-virtual-topology
profile DEFAULT-POLICY-DEFAULT
path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
!
+ profile PROD-AVT-POLICY-CRITICAL-APP
+ path-selection load-balance LB-PROD-AVT-POLICY-CRITICAL-APP
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -118,6 +124,7 @@ router adaptive-virtual-topology
avt profile PROD-AVT-POLICY-VOICE id 2
avt profile PROD-AVT-POLICY-VIDEO id 4
avt profile PROD-AVT-POLICY-MPLS-ONLY id 5
+ avt profile PROD-AVT-POLICY-CRITICAL-APP id 6
!
vrf TRANSIT
avt policy TRANSIT-AVT-POLICY
@@ -187,6 +194,12 @@ router path-selection
path-group Equinix priority 2
path-group Satellite priority 2
!
+ load-balance policy LB-PROD-AVT-POLICY-CRITICAL-APP
+ loss-rate 45.0
+ path-group INET
+ path-group LAN_HA
+ path-group AWS priority 2
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -291,6 +304,9 @@ application traffic recognition
application ipv4 CUSTOM-APPLICATION-2
protocol tcp source port field-set TCP-SRC-2 destination port field-set TCP-DEST-2
!
+ application ipv4 CUSTOM-APPLICATION-3
+ protocol tcp source port field-set TCP-SRC-3 destination port field-set TCP-DEST-3
+ !
application ipv4 CUSTOM-DSCP-APPLICATION
dscp ef 12-14 cs6 42
!
@@ -302,6 +318,9 @@ application traffic recognition
application-profile APP-PROFILE-CONTROL-PLANE
application APP-CONTROL-PLANE
!
+ application-profile CRITICAL-APP
+ application CUSTOM-APPLICATION-3
+ !
application-profile MPLS-ONLY
!
application-profile VIDEO
@@ -325,8 +344,14 @@ application traffic recognition
field-set l4-port TCP-DEST-2
666, 777
!
+ field-set l4-port TCP-DEST-3
+ 880
+ !
field-set l4-port TCP-SRC-2
42
+ !
+ field-set l4-port TCP-SRC-3
+ 400
!
ip routing
no ip routing vrf MGMT
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder2.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder2.cfg
index f5cef9139e2..b81e319bfac 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder2.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-pathfinder2.cfg
@@ -56,6 +56,9 @@ router adaptive-virtual-topology
match application-profile MPLS-ONLY
avt profile PROD-AVT-POLICY-MPLS-ONLY
!
+ match application-profile CRITICAL-APP
+ avt profile PROD-AVT-POLICY-CRITICAL-APP
+ !
match application-profile default
avt profile PROD-AVT-POLICY-DEFAULT
!
@@ -82,6 +85,9 @@ router adaptive-virtual-topology
profile DEFAULT-POLICY-DEFAULT
path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
!
+ profile PROD-AVT-POLICY-CRITICAL-APP
+ path-selection load-balance LB-PROD-AVT-POLICY-CRITICAL-APP
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -118,6 +124,7 @@ router adaptive-virtual-topology
avt profile PROD-AVT-POLICY-VOICE id 2
avt profile PROD-AVT-POLICY-VIDEO id 4
avt profile PROD-AVT-POLICY-MPLS-ONLY id 5
+ avt profile PROD-AVT-POLICY-CRITICAL-APP id 6
!
vrf TRANSIT
avt policy TRANSIT-AVT-POLICY
@@ -194,6 +201,12 @@ router path-selection
path-group Equinix priority 2
path-group Satellite priority 2
!
+ load-balance policy LB-PROD-AVT-POLICY-CRITICAL-APP
+ loss-rate 45.0
+ path-group INET
+ path-group LAN_HA
+ path-group AWS priority 2
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -304,6 +317,9 @@ application traffic recognition
application ipv4 CUSTOM-APPLICATION-2
protocol tcp source port field-set TCP-SRC-2 destination port field-set TCP-DEST-2
!
+ application ipv4 CUSTOM-APPLICATION-3
+ protocol tcp source port field-set TCP-SRC-3 destination port field-set TCP-DEST-3
+ !
application ipv4 CUSTOM-DSCP-APPLICATION
dscp ef 12-14 cs6 42
!
@@ -315,6 +331,9 @@ application traffic recognition
application-profile APP-PROFILE-CONTROL-PLANE
application APP-CONTROL-PLANE
!
+ application-profile CRITICAL-APP
+ application CUSTOM-APPLICATION-3
+ !
application-profile MPLS-ONLY
!
application-profile VIDEO
@@ -338,8 +357,14 @@ application traffic recognition
field-set l4-port TCP-DEST-2
666, 777
!
+ field-set l4-port TCP-DEST-3
+ 880
+ !
field-set l4-port TCP-SRC-2
42
+ !
+ field-set l4-port TCP-SRC-3
+ 400
!
ip routing
no ip routing vrf MGMT
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1A.cfg
index 55756638cc6..c1d39266d00 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1A.cfg
@@ -63,6 +63,9 @@ router adaptive-virtual-topology
match application-profile MPLS-ONLY
avt profile PROD-AVT-POLICY-MPLS-ONLY
!
+ match application-profile CRITICAL-APP
+ avt profile PROD-AVT-POLICY-CRITICAL-APP
+ !
match application-profile default
avt profile PROD-AVT-POLICY-DEFAULT
!
@@ -90,6 +93,9 @@ router adaptive-virtual-topology
profile DEFAULT-POLICY-DEFAULT
path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
!
+ profile PROD-AVT-POLICY-CRITICAL-APP
+ path-selection load-balance LB-PROD-AVT-POLICY-CRITICAL-APP
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -126,6 +132,7 @@ router adaptive-virtual-topology
avt profile PROD-AVT-POLICY-VOICE id 2
avt profile PROD-AVT-POLICY-VIDEO id 4
avt profile PROD-AVT-POLICY-MPLS-ONLY id 5
+ avt profile PROD-AVT-POLICY-CRITICAL-APP id 6
!
vrf TRANSIT
avt policy TRANSIT-AVT-POLICY
@@ -203,6 +210,11 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-PROD-AVT-POLICY-CRITICAL-APP
+ loss-rate 45.0
+ path-group INET
+ path-group LAN_HA
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -380,6 +392,9 @@ application traffic recognition
application ipv4 CUSTOM-APPLICATION-2
protocol tcp source port field-set TCP-SRC-2 destination port field-set TCP-DEST-2
!
+ application ipv4 CUSTOM-APPLICATION-3
+ protocol tcp source port field-set TCP-SRC-3 destination port field-set TCP-DEST-3
+ !
application ipv4 CUSTOM-DSCP-APPLICATION
dscp ef 12-14 cs6 42
!
@@ -391,6 +406,9 @@ application traffic recognition
application-profile APP-PROFILE-CONTROL-PLANE
application APP-CONTROL-PLANE
!
+ application-profile CRITICAL-APP
+ application CUSTOM-APPLICATION-3
+ !
application-profile MPLS-ONLY
!
application-profile VIDEO
@@ -414,8 +432,14 @@ application traffic recognition
field-set l4-port TCP-DEST-2
666, 777
!
+ field-set l4-port TCP-DEST-3
+ 880
+ !
field-set l4-port TCP-SRC-2
42
+ !
+ field-set l4-port TCP-SRC-3
+ 400
!
monitor connectivity
no shutdown
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1B.cfg
index a1abb72ffdb..64999ac4185 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/cv-pathfinder-transit1B.cfg
@@ -59,6 +59,9 @@ router adaptive-virtual-topology
match application-profile MPLS-ONLY
avt profile PROD-AVT-POLICY-MPLS-ONLY
!
+ match application-profile CRITICAL-APP
+ avt profile PROD-AVT-POLICY-CRITICAL-APP
+ !
match application-profile default
avt profile PROD-AVT-POLICY-DEFAULT
!
@@ -85,6 +88,9 @@ router adaptive-virtual-topology
profile DEFAULT-POLICY-DEFAULT
path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
!
+ profile PROD-AVT-POLICY-CRITICAL-APP
+ path-selection load-balance LB-PROD-AVT-POLICY-CRITICAL-APP
+ !
profile PROD-AVT-POLICY-DEFAULT
path-selection load-balance LB-PROD-AVT-POLICY-DEFAULT
!
@@ -121,6 +127,7 @@ router adaptive-virtual-topology
avt profile PROD-AVT-POLICY-VOICE id 2
avt profile PROD-AVT-POLICY-VIDEO id 4
avt profile PROD-AVT-POLICY-MPLS-ONLY id 5
+ avt profile PROD-AVT-POLICY-CRITICAL-APP id 6
!
vrf TRANSIT
avt policy TRANSIT-AVT-POLICY
@@ -190,6 +197,11 @@ router path-selection
path-group LAN_HA
path-group MPLS
!
+ load-balance policy LB-PROD-AVT-POLICY-CRITICAL-APP
+ loss-rate 45.0
+ path-group INET
+ path-group LAN_HA
+ !
load-balance policy LB-PROD-AVT-POLICY-DEFAULT
path-group INET
path-group LAN_HA
@@ -361,6 +373,9 @@ application traffic recognition
application ipv4 CUSTOM-APPLICATION-2
protocol tcp source port field-set TCP-SRC-2 destination port field-set TCP-DEST-2
!
+ application ipv4 CUSTOM-APPLICATION-3
+ protocol tcp source port field-set TCP-SRC-3 destination port field-set TCP-DEST-3
+ !
application ipv4 CUSTOM-DSCP-APPLICATION
dscp ef 12-14 cs6 42
!
@@ -372,6 +387,9 @@ application traffic recognition
application-profile APP-PROFILE-CONTROL-PLANE
application APP-CONTROL-PLANE
!
+ application-profile CRITICAL-APP
+ application CUSTOM-APPLICATION-3
+ !
application-profile MPLS-ONLY
!
application-profile VIDEO
@@ -395,8 +413,14 @@ application traffic recognition
field-set l4-port TCP-DEST-2
666, 777
!
+ field-set l4-port TCP-DEST-3
+ 880
+ !
field-set l4-port TCP-SRC-2
42
+ !
+ field-set l4-port TCP-SRC-3
+ 400
!
ip routing
ip routing vrf ATTRACTED-VRF-FROM-UPLINK
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/node-type-l3-port-channels.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/node-type-l3-port-channels.cfg
new file mode 100644
index 00000000000..cbfacc36241
--- /dev/null
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/node-type-l3-port-channels.cfg
@@ -0,0 +1,294 @@
+!
+no enable password
+no aaa root
+!
+agent KernelFib environment KERNELFIB_PROGRAM_ALL_ECMP=1
+!
+flow tracking hardware
+ tracker FLOW-TRACKER
+ record export on inactive timeout 70000
+ record export on interval 300000
+ exporter CV-TELEMETRY
+ collector 127.0.0.1
+ local interface Loopback0
+ template interval 3600000
+ no shutdown
+!
+service routing protocols model multi-agent
+!
+hostname node-type-l3-port-channels
+!
+router adaptive-virtual-topology
+ topology role edge
+ region AVD_Land_East id 43
+ zone AVD_Land_East-ZONE id 1
+ site Site511 id 511
+ !
+ policy DEFAULT-POLICY-WITH-CP
+ !
+ match application-profile APP-PROFILE-CONTROL-PLANE
+ avt profile DEFAULT-POLICY-CONTROL-PLANE
+ !
+ match application-profile default
+ avt profile DEFAULT-POLICY-DEFAULT
+ !
+ profile DEFAULT-POLICY-CONTROL-PLANE
+ path-selection load-balance LB-DEFAULT-POLICY-CONTROL-PLANE
+ !
+ profile DEFAULT-POLICY-DEFAULT
+ path-selection load-balance LB-DEFAULT-POLICY-DEFAULT
+ !
+ vrf default
+ avt policy DEFAULT-POLICY-WITH-CP
+ avt profile DEFAULT-POLICY-DEFAULT id 1
+ avt profile DEFAULT-POLICY-CONTROL-PLANE id 254
+!
+router path-selection
+ tcp mss ceiling ipv4 ingress
+ !
+ path-group INET id 101
+ ipsec profile CP-PROFILE
+ !
+ local interface Port-Channel2
+ !
+ local interface Port-Channel5
+ !
+ local interface Port-Channel5.100
+ !
+ local interface Port-Channel8
+ !
+ peer dynamic
+ !
+ load-balance policy LB-DEFAULT-POLICY-CONTROL-PLANE
+ path-group INET
+ !
+ load-balance policy LB-DEFAULT-POLICY-DEFAULT
+ path-group INET
+!
+spanning-tree mode none
+!
+vrf instance MGMT
+!
+management api http-commands
+ protocol https
+ no shutdown
+ !
+ vrf MGMT
+ no shutdown
+!
+management security
+ !
+ ssl profile STUN-DTLS
+ tls versions 1.2
+ trust certificate aristaDeviceCertProvisionerDefaultRootCA.crt
+ certificate STUN-DTLS.crt key STUN-DTLS.key
+!
+ip security
+ ike policy CP-IKE-POLICY
+ local-id 192.168.142.1
+ !
+ sa policy CP-SA-POLICY
+ esp encryption aes256gcm128
+ pfs dh-group 14
+ !
+ sa policy DP-SA-POLICY
+ esp encryption aes256gcm128
+ pfs dh-group 14
+ !
+ profile CP-PROFILE
+ ike-policy CP-IKE-POLICY
+ sa-policy CP-SA-POLICY
+ connection start
+ shared-key 7 ABCDEF1234567890
+ dpd 10 50 clear
+ mode transport
+ !
+ profile DP-PROFILE
+ sa-policy DP-SA-POLICY
+ connection start
+ shared-key 7 ABCDEF1234567890666
+ dpd 10 50 clear
+ mode transport
+ !
+ key controller
+ profile DP-PROFILE
+!
+interface Port-Channel2
+ description Cybercast_101_peer1_Port-Channel10
+ no shutdown
+ no switchport
+ flow tracker hardware FLOW-TRACKER
+ ip address 192.168.1.102/31
+ service-profile TEST-QOS-PROFILE1
+!
+interface Port-Channel5
+ description StreamFast_102_peer2_Port-Channel15
+ no shutdown
+ no switchport
+ ip address 192.168.1.105/31
+ service-policy type qos input TEST_POLICY
+ service-profile TEST-QOS-PROFILE1
+ ! TEST RAW_EOS_CLI
+
+!
+interface Port-Channel5.100
+ description ExtremeCable_105_peer2_Port-Channel15
+ no shutdown
+ encapsulation dot1q vlan 108
+ flow tracker hardware FLOW-TRACKER
+ ip address 192.168.100.115/31
+ service-profile TEST-QOS-PROFILE2
+!
+interface Port-Channel8
+ description BlizzardFast_peerDevice3_Port-Channel18
+ no shutdown
+ no switchport
+ flow tracker hardware FLOW-TRACKER
+ ip address dhcp
+ dhcp client accept default-route
+ service-profile TEST-QOS-PROFILE3
+ ! TEST RAW_EOS_CLI 123
+
+!
+interface Dps1
+ description DPS Interface
+ mtu 9194
+ flow tracker hardware FLOW-TRACKER
+ ip address 192.168.142.1/32
+!
+interface Ethernet1
+ description Cybercast_101_peerDevice1_Ethernet11
+ no shutdown
+ speed forced 10000full
+ no switchport
+ channel-group 2 mode active
+!
+interface Ethernet1/4
+ description StreamFast_102_peerDevice2_Ethernet1/12
+ no shutdown
+ speed forced 10000full
+ no switchport
+ channel-group 5 mode passive
+!
+interface Ethernet1/5
+ description StreamFast_102_peer2
+ no shutdown
+ speed forced 10000full
+ no switchport
+ channel-group 5 mode passive
+!
+interface Ethernet1/10
+ description BlizzardFast_peerDevice3_Ethernet1/10
+ no shutdown
+ speed forced 1000full
+ no switchport
+ channel-group 8 mode on
+!
+interface Ethernet2
+ description Cybercast_101_peer1
+ no shutdown
+ speed forced 10000full
+ no switchport
+ channel-group 2 mode active
+!
+interface Ethernet3
+ description Custom eth3 description
+ no shutdown
+ no switchport
+ channel-group 2 mode active
+!
+interface Loopback0
+ description ROUTER_ID
+ no shutdown
+ ip address 192.168.255.1/32
+!
+interface Vxlan1
+ description node-type-l3-port-channels_VTEP
+ vxlan source-interface Dps1
+ vxlan udp-port 4789
+ vxlan vrf default vni 1
+!
+application traffic recognition
+ !
+ application ipv4 APP-CONTROL-PLANE
+ destination prefix field-set PFX-PATHFINDERS
+ !
+ application-profile APP-PROFILE-CONTROL-PLANE
+ application APP-CONTROL-PLANE
+ !
+ field-set ipv4 prefix PFX-PATHFINDERS
+!
+ip routing
+no ip routing vrf MGMT
+!
+ip extcommunity-list ECL-EVPN-SOO permit soo 192.168.255.1:511
+!
+ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+ seq 10 permit 192.168.255.0/24 eq 32
+!
+ip route 0.0.0.0/0 192.168.1.10
+!
+route-map RM-CONN-2-BGP permit 10
+ match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+ set extcommunity soo 192.168.255.1:511 additive
+!
+route-map RM-EVPN-EXPORT-VRF-DEFAULT permit 10
+ match extcommunity ECL-EVPN-SOO
+!
+route-map RM-EVPN-SOO-IN deny 10
+ match extcommunity ECL-EVPN-SOO
+!
+route-map RM-EVPN-SOO-IN permit 20
+!
+route-map RM-EVPN-SOO-OUT permit 10
+ set extcommunity soo 192.168.255.1:511 additive
+!
+router bfd
+ multihop interval 300 min-rx 300 multiplier 3
+!
+router bgp 65005
+ router-id 192.168.255.1
+ update wait-install
+ no bgp default ipv4-unicast
+ maximum-paths 16
+ neighbor WAN-OVERLAY-PEERS peer group
+ neighbor WAN-OVERLAY-PEERS remote-as 65005
+ neighbor WAN-OVERLAY-PEERS update-source Dps1
+ neighbor WAN-OVERLAY-PEERS bfd
+ neighbor WAN-OVERLAY-PEERS bfd interval 1000 min-rx 1000 multiplier 10
+ neighbor WAN-OVERLAY-PEERS ttl maximum-hops 1
+ neighbor WAN-OVERLAY-PEERS password 7 htm4AZe9mIQOO1uiMuGgYQ==
+ neighbor WAN-OVERLAY-PEERS send-community
+ neighbor WAN-OVERLAY-PEERS maximum-routes 0
+ redistribute connected route-map RM-CONN-2-BGP
+ !
+ address-family evpn
+ neighbor WAN-OVERLAY-PEERS activate
+ neighbor WAN-OVERLAY-PEERS route-map RM-EVPN-SOO-IN in
+ neighbor WAN-OVERLAY-PEERS route-map RM-EVPN-SOO-OUT out
+ neighbor WAN-OVERLAY-PEERS encapsulation path-selection
+ !
+ address-family ipv4
+ no neighbor WAN-OVERLAY-PEERS activate
+ !
+ address-family ipv4 sr-te
+ neighbor WAN-OVERLAY-PEERS activate
+ !
+ address-family link-state
+ neighbor WAN-OVERLAY-PEERS activate
+ path-selection
+ !
+ address-family path-selection
+ bgp additional-paths receive
+ bgp additional-paths send any
+ neighbor WAN-OVERLAY-PEERS activate
+ !
+ vrf default
+ rd 192.168.255.1:1
+ route-target import evpn 1:1
+ route-target export evpn 1:1
+ route-target export evpn route-map RM-EVPN-EXPORT-VRF-DEFAULT
+!
+router traffic-engineering
+!
+end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge.yml
index 5d5afc6d38f..dc24869f3ae 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge.yml
@@ -483,6 +483,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-MPLS-ONLY
load_balance_policy: LB-PROD-AVT-POLICY-MPLS-ONLY
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ load_balance_policy: LB-PROD-AVT-POLICY-CRITICAL-APP
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
- name: DEFAULT-POLICY-DEFAULT
@@ -506,6 +508,8 @@ router_adaptive_virtual_topology:
id: 4
- name: PROD-AVT-POLICY-MPLS-ONLY
id: 5
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ id: 6
- name: PROD-AVT-POLICY-DEFAULT
id: 1
- name: IT
@@ -537,6 +541,8 @@ router_adaptive_virtual_topology:
avt_profile: PROD-AVT-POLICY-VIDEO
- application_profile: MPLS-ONLY
avt_profile: PROD-AVT-POLICY-MPLS-ONLY
+ - application_profile: CRITICAL-APP
+ avt_profile: PROD-AVT-POLICY-CRITICAL-APP
- application_profile: default
avt_profile: PROD-AVT-POLICY-DEFAULT
- name: DEFAULT-AVT-POLICY
@@ -638,6 +644,10 @@ router_path_selection:
- name: LB-PROD-AVT-POLICY-MPLS-ONLY
path_groups:
- name: MPLS
+ - name: LB-PROD-AVT-POLICY-CRITICAL-APP
+ path_groups:
+ - name: INET
+ loss_rate: '45.0'
- name: LB-PROD-AVT-POLICY-DEFAULT
path_groups:
- name: INET
@@ -675,6 +685,9 @@ application_traffic_recognition:
applications:
- name: CUSTOM-VOICE-APPLICATION
- name: MPLS-ONLY
+ - name: CRITICAL-APP
+ applications:
+ - name: CUSTOM-APPLICATION-3
- name: APP-PROFILE-CONTROL-PLANE
applications:
- name: APP-CONTROL-PLANE
@@ -691,6 +704,11 @@ application_traffic_recognition:
dest_prefix_set_name: CUSTOM-DEST-PREFIX-1
protocols:
- tcp
+ - name: CUSTOM-APPLICATION-3
+ protocols:
+ - tcp
+ tcp_src_port_set_name: TCP-SRC-3
+ tcp_dest_port_set_name: TCP-DEST-3
- name: CUSTOM-APPLICATION-2
protocols:
- tcp
@@ -706,6 +724,12 @@ application_traffic_recognition:
dest_prefix_set_name: PFX-PATHFINDERS
field_sets:
l4_ports:
+ - name: TCP-SRC-3
+ port_values:
+ - '400'
+ - name: TCP-DEST-3
+ port_values:
+ - '880'
- name: TCP-SRC-2
port_values:
- '42'
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge1.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge1.yml
index de3888f213d..88c182fd2be 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge1.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge1.yml
@@ -352,6 +352,39 @@ ethernet_interfaces:
enabled: false
peer_type: l3_interface
shutdown: false
+- name: Ethernet6
+ description: ATT_404_peerDevice1_PeerDevIntf1
+ peer: peerDevice1
+ peer_interface: PeerDevIntf1
+ shutdown: false
+ switchport:
+ enabled: false
+ speed: forced 10000full
+ channel_group:
+ id: 1
+ mode: active
+- name: Ethernet7
+ description: ATT_404_peerDeviceA
+ peer: peerDeviceA
+ shutdown: false
+ switchport:
+ enabled: false
+ speed: forced 10000full
+ channel_group:
+ id: 1
+ mode: active
+port_channel_interfaces:
+- name: Port-Channel1
+ peer_type: l3_port_channel
+ peer: peerDeviceA
+ peer_interface: Port-Channel2
+ ip_address: 172.15.5.7/31
+ shutdown: false
+ switchport:
+ enabled: false
+ description: ATT_404_peerDeviceA_Port-Channel2
+ flow_tracker:
+ hardware: FLOW-TRACKER
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -417,6 +450,11 @@ ip_security:
ike_lifetime: 24
encryption: aes256
dh_group: 24
+ - name: IE-ZSCALER-EXIT-POLICY-3-IKE-POLICY
+ local_id_fqdn: cv-pathfinder-edge1_ZSCALER-EXIT-POLICY-3@test.local
+ ike_lifetime: 24
+ encryption: aes256
+ dh_group: 24
sa_policies:
- name: DP-SA-POLICY
esp:
@@ -440,6 +478,13 @@ ip_security:
esp:
integrity: sha256
encryption: aes256
+ - name: IE-ZSCALER-EXIT-POLICY-3-SA-POLICY
+ pfs_dh_group: 24
+ sa_lifetime:
+ value: 8
+ esp:
+ integrity: sha256
+ encryption: aes256
profiles:
- name: DP-PROFILE
sa_policy: DP-SA-POLICY
@@ -478,6 +523,15 @@ ip_security:
time: 60
action: clear
connection: start
+ - name: IE-ZSCALER-EXIT-POLICY-3-PROFILE
+ ike_policy: IE-ZSCALER-EXIT-POLICY-3-IKE-POLICY
+ sa_policy: IE-ZSCALER-EXIT-POLICY-3-SA-POLICY
+ shared_key: 0007054B145A1F0E0928424A0C0B4812160C09551511170B121907214A333B286214687C782720215B0A67637B7B666B3873293274733B31233B6D2A332315696A
+ dpd:
+ interval: 10
+ time: 60
+ action: clear
+ connection: start
key_controller:
profile: DP-PROFILE
management_security:
@@ -515,6 +569,9 @@ router_adaptive_virtual_topology:
- name: PROD-AVT-POLICY-VIDEO
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
internet_exit_policy: ZSCALER-EXIT-POLICY-2
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ load_balance_policy: LB-PROD-AVT-POLICY-CRITICAL-APP
+ internet_exit_policy: ZSCALER-EXIT-POLICY-3
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
- name: DEFAULT-POLICY-DEFAULT
@@ -536,6 +593,8 @@ router_adaptive_virtual_topology:
id: 2
- name: PROD-AVT-POLICY-VIDEO
id: 4
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ id: 6
- name: PROD-AVT-POLICY-DEFAULT
id: 1
- name: IT
@@ -565,6 +624,8 @@ router_adaptive_virtual_topology:
avt_profile: PROD-AVT-POLICY-VOICE
- application_profile: VIDEO
avt_profile: PROD-AVT-POLICY-VIDEO
+ - application_profile: CRITICAL-APP
+ avt_profile: PROD-AVT-POLICY-CRITICAL-APP
- application_profile: default
avt_profile: PROD-AVT-POLICY-DEFAULT
- name: DEFAULT-AVT-POLICY
@@ -610,6 +671,11 @@ router_path_selection:
server_profiles:
- INET-cv-pathfinder-pathfinder1-Ethernet1
- INET-cv-pathfinder-pathfinder2-Ethernet1
+ - name: Port-Channel1
+ stun:
+ server_profiles:
+ - INET-cv-pathfinder-pathfinder1-Ethernet1
+ - INET-cv-pathfinder-pathfinder2-Ethernet1
dynamic_peers:
enabled: true
static_peers:
@@ -645,6 +711,12 @@ router_path_selection:
- name: INET
priority: 2
loss_rate: '42.0'
+ - name: LB-PROD-AVT-POLICY-CRITICAL-APP
+ path_groups:
+ - name: INET
+ - name: AWS
+ priority: 2
+ loss_rate: '45.0'
- name: LB-PROD-AVT-POLICY-DEFAULT
path_groups:
- name: INET
@@ -678,6 +750,9 @@ application_traffic_recognition:
- name: VOICE
applications:
- name: CUSTOM-VOICE-APPLICATION
+ - name: CRITICAL-APP
+ applications:
+ - name: CUSTOM-APPLICATION-3
- name: APP-PROFILE-CONTROL-PLANE
applications:
- name: APP-CONTROL-PLANE
@@ -694,6 +769,11 @@ application_traffic_recognition:
dest_prefix_set_name: CUSTOM-DEST-PREFIX-1
protocols:
- tcp
+ - name: CUSTOM-APPLICATION-3
+ protocols:
+ - tcp
+ tcp_src_port_set_name: TCP-SRC-3
+ tcp_dest_port_set_name: TCP-DEST-3
- name: CUSTOM-APPLICATION-2
protocols:
- tcp
@@ -709,6 +789,12 @@ application_traffic_recognition:
dest_prefix_set_name: PFX-PATHFINDERS
field_sets:
l4_ports:
+ - name: TCP-SRC-3
+ port_values:
+ - '400'
+ - name: TCP-DEST-3
+ port_values:
+ - '880'
- name: TCP-SRC-2
port_values:
- '42'
@@ -788,6 +874,18 @@ router_service_insertion:
monitor_connectivity_host: IE-Tunnel112
tunnel_interface:
primary: Tunnel112
+ - name: IE-Tunnel200
+ monitor_connectivity_host: IE-Tunnel200
+ tunnel_interface:
+ primary: Tunnel200
+ - name: IE-Tunnel201
+ monitor_connectivity_host: IE-Tunnel201
+ tunnel_interface:
+ primary: Tunnel201
+ - name: IE-Tunnel202
+ monitor_connectivity_host: IE-Tunnel202
+ tunnel_interface:
+ primary: Tunnel202
router_internet_exit:
exit_groups:
- name: DIRECT-EXIT-POLICY-1
@@ -811,6 +909,15 @@ router_internet_exit:
- name: ZSCALER-EXIT-POLICY-2_TER
local_connections:
- name: IE-Tunnel112
+ - name: ZSCALER-EXIT-POLICY-3_PRI
+ local_connections:
+ - name: IE-Tunnel200
+ - name: ZSCALER-EXIT-POLICY-3_SEC
+ local_connections:
+ - name: IE-Tunnel201
+ - name: ZSCALER-EXIT-POLICY-3_TER
+ local_connections:
+ - name: IE-Tunnel202
policies:
- name: DIRECT-EXIT-POLICY-1
exit_groups:
@@ -826,6 +933,11 @@ router_internet_exit:
- name: ZSCALER-EXIT-POLICY-2_PRI
- name: ZSCALER-EXIT-POLICY-2_SEC
- name: ZSCALER-EXIT-POLICY-2_TER
+ - name: ZSCALER-EXIT-POLICY-3
+ exit_groups:
+ - name: ZSCALER-EXIT-POLICY-3_PRI
+ - name: ZSCALER-EXIT-POLICY-3_SEC
+ - name: ZSCALER-EXIT-POLICY-3_TER
dps_interfaces:
- name: Dps1
description: DPS Interface
@@ -903,6 +1015,33 @@ tunnel_interfaces:
destination: 10.50.9.1
ipsec_profile: IE-ZSCALER-EXIT-POLICY-2-PROFILE
nat_profile: NAT-IE-ZSCALER
+- name: Tunnel200
+ description: Internet Exit ZSCALER-EXIT-POLICY-3 PRI
+ mtu: 1394
+ ip_address: unnumbered Loopback0
+ tunnel_mode: ipsec
+ source_interface: Port-Channel1
+ destination: 10.37.121.1
+ ipsec_profile: IE-ZSCALER-EXIT-POLICY-3-PROFILE
+ nat_profile: NAT-IE-ZSCALER
+- name: Tunnel201
+ description: Internet Exit ZSCALER-EXIT-POLICY-3 SEC
+ mtu: 1394
+ ip_address: unnumbered Loopback0
+ tunnel_mode: ipsec
+ source_interface: Port-Channel1
+ destination: 10.39.77.1
+ ipsec_profile: IE-ZSCALER-EXIT-POLICY-3-PROFILE
+ nat_profile: NAT-IE-ZSCALER
+- name: Tunnel202
+ description: Internet Exit ZSCALER-EXIT-POLICY-3 TER
+ mtu: 1394
+ ip_address: unnumbered Loopback0
+ tunnel_mode: ipsec
+ source_interface: Port-Channel1
+ destination: 10.50.9.1
+ ipsec_profile: IE-ZSCALER-EXIT-POLICY-3-PROFILE
+ nat_profile: NAT-IE-ZSCALER
monitor_connectivity:
interface_sets:
- name: SET-Ethernet3
@@ -919,6 +1058,12 @@ monitor_connectivity:
interfaces: Tunnel111
- name: SET-Tunnel112
interfaces: Tunnel112
+ - name: SET-Tunnel200
+ interfaces: Tunnel200
+ - name: SET-Tunnel201
+ interfaces: Tunnel201
+ - name: SET-Tunnel202
+ interfaces: Tunnel202
hosts:
- name: IE-Ethernet3
description: Internet Exit DIRECT-EXIT-POLICY-1
@@ -961,6 +1106,24 @@ monitor_connectivity:
local_interfaces: SET-Tunnel112
address_only: false
url: http://gateway.zscalerbeta.net/vpntest
+ - name: IE-Tunnel200
+ description: Internet Exit ZSCALER-EXIT-POLICY-3 PRI
+ ip: 10.37.121.1
+ local_interfaces: SET-Tunnel200
+ address_only: false
+ url: http://gateway.zscalerbeta.net/vpntest
+ - name: IE-Tunnel201
+ description: Internet Exit ZSCALER-EXIT-POLICY-3 SEC
+ ip: 10.39.77.1
+ local_interfaces: SET-Tunnel201
+ address_only: false
+ url: http://gateway.zscalerbeta.net/vpntest
+ - name: IE-Tunnel202
+ description: Internet Exit ZSCALER-EXIT-POLICY-3 TER
+ ip: 10.50.9.1
+ local_interfaces: SET-Tunnel202
+ address_only: false
+ url: http://gateway.zscalerbeta.net/vpntest
shutdown: false
metadata:
cv_pathfinder:
@@ -1049,6 +1212,48 @@ metadata:
region: eu-west1
latitude: '50'
longitude: '9'
+ - name: ZSCALER-EXIT-POLICY-3
+ type: zscaler
+ city: Santa Clara, CA
+ country: United States
+ firewall: false
+ ips_control: false
+ acceptable_use_policy: false
+ vpn_credentials:
+ - fqdn: cv-pathfinder-edge1_ZSCALER-EXIT-POLICY-3@test.local
+ vpn_type: UFQDN
+ pre_shared_key: 0007054B145A1F0E0928424A0C0B4812160C09551511170B121907214A333B286214687C782720215B0A67637B7B666B3873293274733B31233B6D2A332315696A
+ tunnels:
+ - name: Tunnel200
+ preference: Preferred
+ endpoint:
+ ip_address: 10.37.121.1
+ datacenter: FMT1
+ city: Fremont, CA
+ country: United States
+ region: us-west1
+ latitude: '37'
+ longitude: '-121'
+ - name: Tunnel201
+ preference: Alternate
+ endpoint:
+ ip_address: 10.39.77.1
+ datacenter: WAS1
+ city: Washington, DC
+ country: United States
+ region: us-east1
+ latitude: '39'
+ longitude: '-77'
+ - name: Tunnel202
+ preference: Alternate
+ endpoint:
+ ip_address: 10.50.9.1
+ datacenter: FRA4
+ city: Frankfurt
+ country: Germany
+ region: eu-west1
+ latitude: '50'
+ longitude: '9'
role: edge
ssl_profile: profileA
vtep_ip: 192.168.142.2
@@ -1068,6 +1273,10 @@ metadata:
carrier: ATT
circuit_id: '404'
pathgroup: INET
+ - name: Port-Channel1
+ carrier: ATT
+ circuit_id: '404'
+ pathgroup: INET
pathfinders:
- vtep_ip: 192.168.144.2
- vtep_ip: 192.168.144.3
@@ -1134,6 +1343,14 @@ metadata:
tags:
- name: Type
value: lan
+ - interface: Ethernet6
+ tags:
+ - name: Type
+ value: lan
+ - interface: Ethernet7
+ tags:
+ - name: Type
+ value: lan
flow_tracking:
hardware:
trackers:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2A.yml
index e5b55b5cdaa..a767e6f3c0a 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2A.yml
@@ -499,6 +499,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-MPLS-ONLY
load_balance_policy: LB-PROD-AVT-POLICY-MPLS-ONLY
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ load_balance_policy: LB-PROD-AVT-POLICY-CRITICAL-APP
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
- name: DEFAULT-POLICY-DEFAULT
@@ -522,6 +524,8 @@ router_adaptive_virtual_topology:
id: 4
- name: PROD-AVT-POLICY-MPLS-ONLY
id: 5
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ id: 6
- name: PROD-AVT-POLICY-DEFAULT
id: 1
- name: IT
@@ -553,6 +557,8 @@ router_adaptive_virtual_topology:
avt_profile: PROD-AVT-POLICY-VIDEO
- application_profile: MPLS-ONLY
avt_profile: PROD-AVT-POLICY-MPLS-ONLY
+ - application_profile: CRITICAL-APP
+ avt_profile: PROD-AVT-POLICY-CRITICAL-APP
- application_profile: default
avt_profile: PROD-AVT-POLICY-DEFAULT
- name: DEFAULT-AVT-POLICY
@@ -633,6 +639,11 @@ router_path_selection:
- name: LB-PROD-AVT-POLICY-MPLS-ONLY
path_groups:
- name: LAN_HA
+ - name: LB-PROD-AVT-POLICY-CRITICAL-APP
+ path_groups:
+ - name: INET
+ - name: LAN_HA
+ loss_rate: '45.0'
- name: LB-PROD-AVT-POLICY-DEFAULT
path_groups:
- name: INET
@@ -666,6 +677,9 @@ application_traffic_recognition:
applications:
- name: CUSTOM-VOICE-APPLICATION
- name: MPLS-ONLY
+ - name: CRITICAL-APP
+ applications:
+ - name: CUSTOM-APPLICATION-3
- name: APP-PROFILE-CONTROL-PLANE
applications:
- name: APP-CONTROL-PLANE
@@ -682,6 +696,11 @@ application_traffic_recognition:
dest_prefix_set_name: CUSTOM-DEST-PREFIX-1
protocols:
- tcp
+ - name: CUSTOM-APPLICATION-3
+ protocols:
+ - tcp
+ tcp_src_port_set_name: TCP-SRC-3
+ tcp_dest_port_set_name: TCP-DEST-3
- name: CUSTOM-APPLICATION-2
protocols:
- tcp
@@ -697,6 +716,12 @@ application_traffic_recognition:
dest_prefix_set_name: PFX-PATHFINDERS
field_sets:
l4_ports:
+ - name: TCP-SRC-3
+ port_values:
+ - '400'
+ - name: TCP-DEST-3
+ port_values:
+ - '880'
- name: TCP-SRC-2
port_values:
- '42'
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2B.yml
index 13d4ac9ac68..614c8c24ebe 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge2B.yml
@@ -482,6 +482,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-MPLS-ONLY
load_balance_policy: LB-PROD-AVT-POLICY-MPLS-ONLY
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ load_balance_policy: LB-PROD-AVT-POLICY-CRITICAL-APP
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
- name: DEFAULT-POLICY-DEFAULT
@@ -505,6 +507,8 @@ router_adaptive_virtual_topology:
id: 4
- name: PROD-AVT-POLICY-MPLS-ONLY
id: 5
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ id: 6
- name: PROD-AVT-POLICY-DEFAULT
id: 1
- name: IT
@@ -536,6 +540,8 @@ router_adaptive_virtual_topology:
avt_profile: PROD-AVT-POLICY-VIDEO
- application_profile: MPLS-ONLY
avt_profile: PROD-AVT-POLICY-MPLS-ONLY
+ - application_profile: CRITICAL-APP
+ avt_profile: PROD-AVT-POLICY-CRITICAL-APP
- application_profile: default
avt_profile: PROD-AVT-POLICY-DEFAULT
- name: DEFAULT-AVT-POLICY
@@ -617,6 +623,10 @@ router_path_selection:
path_groups:
- name: MPLS
- name: CUSTOM_LAN_HA
+ - name: LB-PROD-AVT-POLICY-CRITICAL-APP
+ path_groups:
+ - name: CUSTOM_LAN_HA
+ loss_rate: '45.0'
- name: LB-PROD-AVT-POLICY-DEFAULT
path_groups:
- name: MPLS
@@ -648,6 +658,9 @@ application_traffic_recognition:
applications:
- name: CUSTOM-VOICE-APPLICATION
- name: MPLS-ONLY
+ - name: CRITICAL-APP
+ applications:
+ - name: CUSTOM-APPLICATION-3
- name: APP-PROFILE-CONTROL-PLANE
applications:
- name: APP-CONTROL-PLANE
@@ -664,6 +677,11 @@ application_traffic_recognition:
dest_prefix_set_name: CUSTOM-DEST-PREFIX-1
protocols:
- tcp
+ - name: CUSTOM-APPLICATION-3
+ protocols:
+ - tcp
+ tcp_src_port_set_name: TCP-SRC-3
+ tcp_dest_port_set_name: TCP-DEST-3
- name: CUSTOM-APPLICATION-2
protocols:
- tcp
@@ -679,6 +697,12 @@ application_traffic_recognition:
dest_prefix_set_name: PFX-PATHFINDERS
field_sets:
l4_ports:
+ - name: TCP-SRC-3
+ port_values:
+ - '400'
+ - name: TCP-DEST-3
+ port_values:
+ - '880'
- name: TCP-SRC-2
port_values:
- '42'
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge3A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge3A.yml
index effa2d4a8b3..9cda7bf959c 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge3A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge3A.yml
@@ -334,6 +334,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-MPLS-ONLY
load_balance_policy: LB-PROD-AVT-POLICY-MPLS-ONLY
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ load_balance_policy: LB-PROD-AVT-POLICY-CRITICAL-APP
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
vrfs:
@@ -355,6 +357,8 @@ router_adaptive_virtual_topology:
id: 4
- name: PROD-AVT-POLICY-MPLS-ONLY
id: 5
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ id: 6
- name: PROD-AVT-POLICY-DEFAULT
id: 1
- name: IT
@@ -381,6 +385,8 @@ router_adaptive_virtual_topology:
avt_profile: PROD-AVT-POLICY-VIDEO
- application_profile: MPLS-ONLY
avt_profile: PROD-AVT-POLICY-MPLS-ONLY
+ - application_profile: CRITICAL-APP
+ avt_profile: PROD-AVT-POLICY-CRITICAL-APP
- application_profile: default
avt_profile: PROD-AVT-POLICY-DEFAULT
- name: DEFAULT-AVT-POLICY
@@ -455,6 +461,11 @@ router_path_selection:
- name: LB-PROD-AVT-POLICY-MPLS-ONLY
path_groups:
- name: LAN_HA
+ - name: LB-PROD-AVT-POLICY-CRITICAL-APP
+ path_groups:
+ - name: INET
+ - name: LAN_HA
+ loss_rate: '45.0'
- name: LB-PROD-AVT-POLICY-DEFAULT
path_groups:
- name: INET
@@ -484,6 +495,9 @@ application_traffic_recognition:
applications:
- name: CUSTOM-VOICE-APPLICATION
- name: MPLS-ONLY
+ - name: CRITICAL-APP
+ applications:
+ - name: CUSTOM-APPLICATION-3
- name: APP-PROFILE-CONTROL-PLANE
applications:
- name: APP-CONTROL-PLANE
@@ -500,6 +514,11 @@ application_traffic_recognition:
dest_prefix_set_name: CUSTOM-DEST-PREFIX-1
protocols:
- tcp
+ - name: CUSTOM-APPLICATION-3
+ protocols:
+ - tcp
+ tcp_src_port_set_name: TCP-SRC-3
+ tcp_dest_port_set_name: TCP-DEST-3
- name: CUSTOM-APPLICATION-2
protocols:
- tcp
@@ -515,6 +534,12 @@ application_traffic_recognition:
dest_prefix_set_name: PFX-PATHFINDERS
field_sets:
l4_ports:
+ - name: TCP-SRC-3
+ port_values:
+ - '400'
+ - name: TCP-DEST-3
+ port_values:
+ - '880'
- name: TCP-SRC-2
port_values:
- '42'
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge3B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge3B.yml
index 451caef49c9..22ee556e080 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge3B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge3B.yml
@@ -333,6 +333,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-MPLS-ONLY
load_balance_policy: LB-PROD-AVT-POLICY-MPLS-ONLY
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ load_balance_policy: LB-PROD-AVT-POLICY-CRITICAL-APP
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
vrfs:
@@ -354,6 +356,8 @@ router_adaptive_virtual_topology:
id: 4
- name: PROD-AVT-POLICY-MPLS-ONLY
id: 5
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ id: 6
- name: PROD-AVT-POLICY-DEFAULT
id: 1
- name: IT
@@ -380,6 +384,8 @@ router_adaptive_virtual_topology:
avt_profile: PROD-AVT-POLICY-VIDEO
- application_profile: MPLS-ONLY
avt_profile: PROD-AVT-POLICY-MPLS-ONLY
+ - application_profile: CRITICAL-APP
+ avt_profile: PROD-AVT-POLICY-CRITICAL-APP
- application_profile: default
avt_profile: PROD-AVT-POLICY-DEFAULT
- name: DEFAULT-AVT-POLICY
@@ -455,6 +461,10 @@ router_path_selection:
path_groups:
- name: MPLS
- name: LAN_HA
+ - name: LB-PROD-AVT-POLICY-CRITICAL-APP
+ path_groups:
+ - name: LAN_HA
+ loss_rate: '45.0'
- name: LB-PROD-AVT-POLICY-DEFAULT
path_groups:
- name: MPLS
@@ -482,6 +492,9 @@ application_traffic_recognition:
applications:
- name: CUSTOM-VOICE-APPLICATION
- name: MPLS-ONLY
+ - name: CRITICAL-APP
+ applications:
+ - name: CUSTOM-APPLICATION-3
- name: APP-PROFILE-CONTROL-PLANE
applications:
- name: APP-CONTROL-PLANE
@@ -498,6 +511,11 @@ application_traffic_recognition:
dest_prefix_set_name: CUSTOM-DEST-PREFIX-1
protocols:
- tcp
+ - name: CUSTOM-APPLICATION-3
+ protocols:
+ - tcp
+ tcp_src_port_set_name: TCP-SRC-3
+ tcp_dest_port_set_name: TCP-DEST-3
- name: CUSTOM-APPLICATION-2
protocols:
- tcp
@@ -513,6 +531,12 @@ application_traffic_recognition:
dest_prefix_set_name: PFX-PATHFINDERS
field_sets:
l4_ports:
+ - name: TCP-SRC-3
+ port_values:
+ - '400'
+ - name: TCP-DEST-3
+ port_values:
+ - '880'
- name: TCP-SRC-2
port_values:
- '42'
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge4A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge4A.yml
index 84006493a56..35c30339251 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge4A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge4A.yml
@@ -358,6 +358,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-MPLS-ONLY
load_balance_policy: LB-PROD-AVT-POLICY-MPLS-ONLY
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ load_balance_policy: LB-PROD-AVT-POLICY-CRITICAL-APP
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
vrfs:
@@ -379,6 +381,8 @@ router_adaptive_virtual_topology:
id: 4
- name: PROD-AVT-POLICY-MPLS-ONLY
id: 5
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ id: 6
- name: PROD-AVT-POLICY-DEFAULT
id: 1
- name: IT
@@ -405,6 +409,8 @@ router_adaptive_virtual_topology:
avt_profile: PROD-AVT-POLICY-VIDEO
- application_profile: MPLS-ONLY
avt_profile: PROD-AVT-POLICY-MPLS-ONLY
+ - application_profile: CRITICAL-APP
+ avt_profile: PROD-AVT-POLICY-CRITICAL-APP
- application_profile: default
avt_profile: PROD-AVT-POLICY-DEFAULT
- name: DEFAULT-AVT-POLICY
@@ -478,6 +484,11 @@ router_path_selection:
- name: LB-PROD-AVT-POLICY-MPLS-ONLY
path_groups:
- name: LAN_HA
+ - name: LB-PROD-AVT-POLICY-CRITICAL-APP
+ path_groups:
+ - name: INET
+ - name: LAN_HA
+ loss_rate: '45.0'
- name: LB-PROD-AVT-POLICY-DEFAULT
path_groups:
- name: INET
@@ -507,6 +518,9 @@ application_traffic_recognition:
applications:
- name: CUSTOM-VOICE-APPLICATION
- name: MPLS-ONLY
+ - name: CRITICAL-APP
+ applications:
+ - name: CUSTOM-APPLICATION-3
- name: APP-PROFILE-CONTROL-PLANE
applications:
- name: APP-CONTROL-PLANE
@@ -523,6 +537,11 @@ application_traffic_recognition:
dest_prefix_set_name: CUSTOM-DEST-PREFIX-1
protocols:
- tcp
+ - name: CUSTOM-APPLICATION-3
+ protocols:
+ - tcp
+ tcp_src_port_set_name: TCP-SRC-3
+ tcp_dest_port_set_name: TCP-DEST-3
- name: CUSTOM-APPLICATION-2
protocols:
- tcp
@@ -538,6 +557,12 @@ application_traffic_recognition:
dest_prefix_set_name: PFX-PATHFINDERS
field_sets:
l4_ports:
+ - name: TCP-SRC-3
+ port_values:
+ - '400'
+ - name: TCP-DEST-3
+ port_values:
+ - '880'
- name: TCP-SRC-2
port_values:
- '42'
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge4B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge4B.yml
index cfa89076411..5b71f6ee3f1 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge4B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-edge4B.yml
@@ -358,6 +358,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-MPLS-ONLY
load_balance_policy: LB-PROD-AVT-POLICY-MPLS-ONLY
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ load_balance_policy: LB-PROD-AVT-POLICY-CRITICAL-APP
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
vrfs:
@@ -379,6 +381,8 @@ router_adaptive_virtual_topology:
id: 4
- name: PROD-AVT-POLICY-MPLS-ONLY
id: 5
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ id: 6
- name: PROD-AVT-POLICY-DEFAULT
id: 1
- name: IT
@@ -405,6 +409,8 @@ router_adaptive_virtual_topology:
avt_profile: PROD-AVT-POLICY-VIDEO
- application_profile: MPLS-ONLY
avt_profile: PROD-AVT-POLICY-MPLS-ONLY
+ - application_profile: CRITICAL-APP
+ avt_profile: PROD-AVT-POLICY-CRITICAL-APP
- application_profile: default
avt_profile: PROD-AVT-POLICY-DEFAULT
- name: DEFAULT-AVT-POLICY
@@ -478,6 +484,11 @@ router_path_selection:
- name: LB-PROD-AVT-POLICY-MPLS-ONLY
path_groups:
- name: LAN_HA
+ - name: LB-PROD-AVT-POLICY-CRITICAL-APP
+ path_groups:
+ - name: INET
+ - name: LAN_HA
+ loss_rate: '45.0'
- name: LB-PROD-AVT-POLICY-DEFAULT
path_groups:
- name: INET
@@ -507,6 +518,9 @@ application_traffic_recognition:
applications:
- name: CUSTOM-VOICE-APPLICATION
- name: MPLS-ONLY
+ - name: CRITICAL-APP
+ applications:
+ - name: CUSTOM-APPLICATION-3
- name: APP-PROFILE-CONTROL-PLANE
applications:
- name: APP-CONTROL-PLANE
@@ -523,6 +537,11 @@ application_traffic_recognition:
dest_prefix_set_name: CUSTOM-DEST-PREFIX-1
protocols:
- tcp
+ - name: CUSTOM-APPLICATION-3
+ protocols:
+ - tcp
+ tcp_src_port_set_name: TCP-SRC-3
+ tcp_dest_port_set_name: TCP-DEST-3
- name: CUSTOM-APPLICATION-2
protocols:
- tcp
@@ -538,6 +557,12 @@ application_traffic_recognition:
dest_prefix_set_name: PFX-PATHFINDERS
field_sets:
l4_ports:
+ - name: TCP-SRC-3
+ port_values:
+ - '400'
+ - name: TCP-DEST-3
+ port_values:
+ - '880'
- name: TCP-SRC-2
port_values:
- '42'
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder.yml
index a16d246a099..7c2e6ddd943 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder.yml
@@ -215,6 +215,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-MPLS-ONLY
load_balance_policy: LB-PROD-AVT-POLICY-MPLS-ONLY
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ load_balance_policy: LB-PROD-AVT-POLICY-CRITICAL-APP
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
- name: CUSTOM-VOICE-PROFILE-NAME
@@ -242,6 +244,8 @@ router_adaptive_virtual_topology:
id: 4
- name: PROD-AVT-POLICY-MPLS-ONLY
id: 5
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ id: 6
- name: PROD-AVT-POLICY-DEFAULT
id: 1
- name: IT
@@ -280,6 +284,8 @@ router_adaptive_virtual_topology:
avt_profile: PROD-AVT-POLICY-VIDEO
- application_profile: MPLS-ONLY
avt_profile: PROD-AVT-POLICY-MPLS-ONLY
+ - application_profile: CRITICAL-APP
+ avt_profile: PROD-AVT-POLICY-CRITICAL-APP
- application_profile: default
avt_profile: PROD-AVT-POLICY-DEFAULT
- name: DEFAULT-AVT-POLICY
@@ -377,6 +383,13 @@ router_path_selection:
path_groups:
- name: MPLS
- name: LAN_HA
+ - name: LB-PROD-AVT-POLICY-CRITICAL-APP
+ path_groups:
+ - name: INET
+ - name: AWS
+ priority: 2
+ - name: LAN_HA
+ loss_rate: '45.0'
- name: LB-PROD-AVT-POLICY-DEFAULT
path_groups:
- name: INET
@@ -428,6 +441,9 @@ application_traffic_recognition:
applications:
- name: CUSTOM-VOICE-APPLICATION
- name: MPLS-ONLY
+ - name: CRITICAL-APP
+ applications:
+ - name: CUSTOM-APPLICATION-3
- name: APP-PROFILE-CONTROL-PLANE
applications:
- name: APP-CONTROL-PLANE
@@ -444,6 +460,11 @@ application_traffic_recognition:
dest_prefix_set_name: CUSTOM-DEST-PREFIX-1
protocols:
- tcp
+ - name: CUSTOM-APPLICATION-3
+ protocols:
+ - tcp
+ tcp_src_port_set_name: TCP-SRC-3
+ tcp_dest_port_set_name: TCP-DEST-3
- name: CUSTOM-APPLICATION-2
protocols:
- tcp
@@ -459,6 +480,12 @@ application_traffic_recognition:
src_prefix_set_name: PFX-LOCAL-VTEP-IP
field_sets:
l4_ports:
+ - name: TCP-SRC-3
+ port_values:
+ - '400'
+ - name: TCP-DEST-3
+ port_values:
+ - '880'
- name: TCP-SRC-2
port_values:
- '42'
@@ -517,6 +544,9 @@ metadata:
builtin_applications:
- name: CUSTOM-VOICE-APPLICATION
- name: MPLS-ONLY
+ - name: CRITICAL-APP
+ user_defined_applications:
+ - name: CUSTOM-APPLICATION-3
- name: APP-PROFILE-CONTROL-PLANE
user_defined_applications:
- name: APP-CONTROL-PLANE
@@ -692,6 +722,19 @@ metadata:
preference: preferred
application_profiles:
- MPLS-ONLY
+ - constraints:
+ lossrate: 45.0
+ id: 6
+ name: PROD-AVT-POLICY-CRITICAL-APP
+ pathgroups:
+ - name: INET
+ preference: preferred
+ - name: AWS
+ preference: alternate
+ - name: LAN_HA
+ preference: preferred
+ application_profiles:
+ - CRITICAL-APP
- id: 1
name: PROD-AVT-POLICY-DEFAULT
pathgroups:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder1.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder1.yml
index fb494dc1aca..5d5117bc84d 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder1.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder1.yml
@@ -231,6 +231,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-MPLS-ONLY
load_balance_policy: LB-PROD-AVT-POLICY-MPLS-ONLY
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ load_balance_policy: LB-PROD-AVT-POLICY-CRITICAL-APP
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
- name: CUSTOM-VOICE-PROFILE-NAME
@@ -258,6 +260,8 @@ router_adaptive_virtual_topology:
id: 4
- name: PROD-AVT-POLICY-MPLS-ONLY
id: 5
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ id: 6
- name: PROD-AVT-POLICY-DEFAULT
id: 1
- name: IT
@@ -296,6 +300,8 @@ router_adaptive_virtual_topology:
avt_profile: PROD-AVT-POLICY-VIDEO
- application_profile: MPLS-ONLY
avt_profile: PROD-AVT-POLICY-MPLS-ONLY
+ - application_profile: CRITICAL-APP
+ avt_profile: PROD-AVT-POLICY-CRITICAL-APP
- application_profile: default
avt_profile: PROD-AVT-POLICY-DEFAULT
- name: DEFAULT-AVT-POLICY
@@ -396,6 +402,13 @@ router_path_selection:
path_groups:
- name: MPLS
- name: LAN_HA
+ - name: LB-PROD-AVT-POLICY-CRITICAL-APP
+ path_groups:
+ - name: INET
+ - name: AWS
+ priority: 2
+ - name: LAN_HA
+ loss_rate: '45.0'
- name: LB-PROD-AVT-POLICY-DEFAULT
path_groups:
- name: INET
@@ -445,6 +458,9 @@ application_traffic_recognition:
applications:
- name: CUSTOM-VOICE-APPLICATION
- name: MPLS-ONLY
+ - name: CRITICAL-APP
+ applications:
+ - name: CUSTOM-APPLICATION-3
- name: APP-PROFILE-CONTROL-PLANE
applications:
- name: APP-CONTROL-PLANE
@@ -461,6 +477,11 @@ application_traffic_recognition:
dest_prefix_set_name: CUSTOM-DEST-PREFIX-1
protocols:
- tcp
+ - name: CUSTOM-APPLICATION-3
+ protocols:
+ - tcp
+ tcp_src_port_set_name: TCP-SRC-3
+ tcp_dest_port_set_name: TCP-DEST-3
- name: CUSTOM-APPLICATION-2
protocols:
- tcp
@@ -476,6 +497,12 @@ application_traffic_recognition:
src_prefix_set_name: PFX-LOCAL-VTEP-IP
field_sets:
l4_ports:
+ - name: TCP-SRC-3
+ port_values:
+ - '400'
+ - name: TCP-DEST-3
+ port_values:
+ - '880'
- name: TCP-SRC-2
port_values:
- '42'
@@ -534,6 +561,9 @@ metadata:
builtin_applications:
- name: CUSTOM-VOICE-APPLICATION
- name: MPLS-ONLY
+ - name: CRITICAL-APP
+ user_defined_applications:
+ - name: CUSTOM-APPLICATION-3
- name: APP-PROFILE-CONTROL-PLANE
user_defined_applications:
- name: APP-CONTROL-PLANE
@@ -700,6 +730,19 @@ metadata:
preference: preferred
application_profiles:
- MPLS-ONLY
+ - constraints:
+ lossrate: 45.0
+ id: 6
+ name: PROD-AVT-POLICY-CRITICAL-APP
+ pathgroups:
+ - name: INET
+ preference: preferred
+ - name: AWS
+ preference: alternate
+ - name: LAN_HA
+ preference: preferred
+ application_profiles:
+ - CRITICAL-APP
- id: 1
name: PROD-AVT-POLICY-DEFAULT
pathgroups:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder2.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder2.yml
index 6da01081346..396e4e4fd53 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder2.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-pathfinder2.yml
@@ -238,6 +238,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-MPLS-ONLY
load_balance_policy: LB-PROD-AVT-POLICY-MPLS-ONLY
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ load_balance_policy: LB-PROD-AVT-POLICY-CRITICAL-APP
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
- name: CUSTOM-VOICE-PROFILE-NAME
@@ -265,6 +267,8 @@ router_adaptive_virtual_topology:
id: 4
- name: PROD-AVT-POLICY-MPLS-ONLY
id: 5
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ id: 6
- name: PROD-AVT-POLICY-DEFAULT
id: 1
- name: IT
@@ -303,6 +307,8 @@ router_adaptive_virtual_topology:
avt_profile: PROD-AVT-POLICY-VIDEO
- application_profile: MPLS-ONLY
avt_profile: PROD-AVT-POLICY-MPLS-ONLY
+ - application_profile: CRITICAL-APP
+ avt_profile: PROD-AVT-POLICY-CRITICAL-APP
- application_profile: default
avt_profile: PROD-AVT-POLICY-DEFAULT
- name: DEFAULT-AVT-POLICY
@@ -413,6 +419,13 @@ router_path_selection:
path_groups:
- name: MPLS
- name: LAN_HA
+ - name: LB-PROD-AVT-POLICY-CRITICAL-APP
+ path_groups:
+ - name: INET
+ - name: AWS
+ priority: 2
+ - name: LAN_HA
+ loss_rate: '45.0'
- name: LB-PROD-AVT-POLICY-DEFAULT
path_groups:
- name: INET
@@ -463,6 +476,9 @@ application_traffic_recognition:
applications:
- name: CUSTOM-VOICE-APPLICATION
- name: MPLS-ONLY
+ - name: CRITICAL-APP
+ applications:
+ - name: CUSTOM-APPLICATION-3
- name: APP-PROFILE-CONTROL-PLANE
applications:
- name: APP-CONTROL-PLANE
@@ -479,6 +495,11 @@ application_traffic_recognition:
dest_prefix_set_name: CUSTOM-DEST-PREFIX-1
protocols:
- tcp
+ - name: CUSTOM-APPLICATION-3
+ protocols:
+ - tcp
+ tcp_src_port_set_name: TCP-SRC-3
+ tcp_dest_port_set_name: TCP-DEST-3
- name: CUSTOM-APPLICATION-2
protocols:
- tcp
@@ -494,6 +515,12 @@ application_traffic_recognition:
src_prefix_set_name: PFX-LOCAL-VTEP-IP
field_sets:
l4_ports:
+ - name: TCP-SRC-3
+ port_values:
+ - '400'
+ - name: TCP-DEST-3
+ port_values:
+ - '880'
- name: TCP-SRC-2
port_values:
- '42'
@@ -552,6 +579,9 @@ metadata:
builtin_applications:
- name: CUSTOM-VOICE-APPLICATION
- name: MPLS-ONLY
+ - name: CRITICAL-APP
+ user_defined_applications:
+ - name: CUSTOM-APPLICATION-3
- name: APP-PROFILE-CONTROL-PLANE
user_defined_applications:
- name: APP-CONTROL-PLANE
@@ -721,6 +751,19 @@ metadata:
preference: preferred
application_profiles:
- MPLS-ONLY
+ - constraints:
+ lossrate: 45.0
+ id: 6
+ name: PROD-AVT-POLICY-CRITICAL-APP
+ pathgroups:
+ - name: INET
+ preference: preferred
+ - name: AWS
+ preference: alternate
+ - name: LAN_HA
+ preference: preferred
+ application_profiles:
+ - CRITICAL-APP
- id: 1
name: PROD-AVT-POLICY-DEFAULT
pathgroups:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1A.yml
index b42ca1cd3e3..1710d303e3c 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1A.yml
@@ -477,6 +477,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-MPLS-ONLY
load_balance_policy: LB-PROD-AVT-POLICY-MPLS-ONLY
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ load_balance_policy: LB-PROD-AVT-POLICY-CRITICAL-APP
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
- name: CUSTOM-VOICE-PROFILE-NAME
@@ -505,6 +507,8 @@ router_adaptive_virtual_topology:
id: 4
- name: PROD-AVT-POLICY-MPLS-ONLY
id: 5
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ id: 6
- name: PROD-AVT-POLICY-DEFAULT
id: 1
- name: IT
@@ -543,6 +547,8 @@ router_adaptive_virtual_topology:
avt_profile: PROD-AVT-POLICY-VIDEO
- application_profile: MPLS-ONLY
avt_profile: PROD-AVT-POLICY-MPLS-ONLY
+ - application_profile: CRITICAL-APP
+ avt_profile: PROD-AVT-POLICY-CRITICAL-APP
- application_profile: default
avt_profile: PROD-AVT-POLICY-DEFAULT
- name: DEFAULT-AVT-POLICY
@@ -651,6 +657,11 @@ router_path_selection:
path_groups:
- name: MPLS
- name: LAN_HA
+ - name: LB-PROD-AVT-POLICY-CRITICAL-APP
+ path_groups:
+ - name: INET
+ - name: LAN_HA
+ loss_rate: '45.0'
- name: LB-PROD-AVT-POLICY-DEFAULT
path_groups:
- name: INET
@@ -702,6 +713,9 @@ application_traffic_recognition:
applications:
- name: CUSTOM-VOICE-APPLICATION
- name: MPLS-ONLY
+ - name: CRITICAL-APP
+ applications:
+ - name: CUSTOM-APPLICATION-3
- name: APP-PROFILE-CONTROL-PLANE
applications:
- name: APP-CONTROL-PLANE
@@ -718,6 +732,11 @@ application_traffic_recognition:
dest_prefix_set_name: CUSTOM-DEST-PREFIX-1
protocols:
- tcp
+ - name: CUSTOM-APPLICATION-3
+ protocols:
+ - tcp
+ tcp_src_port_set_name: TCP-SRC-3
+ tcp_dest_port_set_name: TCP-DEST-3
- name: CUSTOM-APPLICATION-2
protocols:
- tcp
@@ -733,6 +752,12 @@ application_traffic_recognition:
dest_prefix_set_name: PFX-PATHFINDERS
field_sets:
l4_ports:
+ - name: TCP-SRC-3
+ port_values:
+ - '400'
+ - name: TCP-DEST-3
+ port_values:
+ - '880'
- name: TCP-SRC-2
port_values:
- '42'
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1B.yml
index 4b42d7cbaa8..977abd30a51 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/cv-pathfinder-transit1B.yml
@@ -475,6 +475,8 @@ router_adaptive_virtual_topology:
load_balance_policy: LB-PROD-AVT-POLICY-VIDEO
- name: PROD-AVT-POLICY-MPLS-ONLY
load_balance_policy: LB-PROD-AVT-POLICY-MPLS-ONLY
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ load_balance_policy: LB-PROD-AVT-POLICY-CRITICAL-APP
- name: PROD-AVT-POLICY-DEFAULT
load_balance_policy: LB-PROD-AVT-POLICY-DEFAULT
- name: CUSTOM-VOICE-PROFILE-NAME
@@ -502,6 +504,8 @@ router_adaptive_virtual_topology:
id: 4
- name: PROD-AVT-POLICY-MPLS-ONLY
id: 5
+ - name: PROD-AVT-POLICY-CRITICAL-APP
+ id: 6
- name: PROD-AVT-POLICY-DEFAULT
id: 1
- name: IT
@@ -540,6 +544,8 @@ router_adaptive_virtual_topology:
avt_profile: PROD-AVT-POLICY-VIDEO
- application_profile: MPLS-ONLY
avt_profile: PROD-AVT-POLICY-MPLS-ONLY
+ - application_profile: CRITICAL-APP
+ avt_profile: PROD-AVT-POLICY-CRITICAL-APP
- application_profile: default
avt_profile: PROD-AVT-POLICY-DEFAULT
- name: DEFAULT-AVT-POLICY
@@ -648,6 +654,11 @@ router_path_selection:
path_groups:
- name: MPLS
- name: LAN_HA
+ - name: LB-PROD-AVT-POLICY-CRITICAL-APP
+ path_groups:
+ - name: INET
+ - name: LAN_HA
+ loss_rate: '45.0'
- name: LB-PROD-AVT-POLICY-DEFAULT
path_groups:
- name: INET
@@ -699,6 +710,9 @@ application_traffic_recognition:
applications:
- name: CUSTOM-VOICE-APPLICATION
- name: MPLS-ONLY
+ - name: CRITICAL-APP
+ applications:
+ - name: CUSTOM-APPLICATION-3
- name: APP-PROFILE-CONTROL-PLANE
applications:
- name: APP-CONTROL-PLANE
@@ -715,6 +729,11 @@ application_traffic_recognition:
dest_prefix_set_name: CUSTOM-DEST-PREFIX-1
protocols:
- tcp
+ - name: CUSTOM-APPLICATION-3
+ protocols:
+ - tcp
+ tcp_src_port_set_name: TCP-SRC-3
+ tcp_dest_port_set_name: TCP-DEST-3
- name: CUSTOM-APPLICATION-2
protocols:
- tcp
@@ -730,6 +749,12 @@ application_traffic_recognition:
dest_prefix_set_name: PFX-PATHFINDERS
field_sets:
l4_ports:
+ - name: TCP-SRC-3
+ port_values:
+ - '400'
+ - name: TCP-DEST-3
+ port_values:
+ - '880'
- name: TCP-SRC-2
port_values:
- '42'
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/node-type-l3-port-channels.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/node-type-l3-port-channels.yml
new file mode 100644
index 00000000000..22392d052f4
--- /dev/null
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/node-type-l3-port-channels.yml
@@ -0,0 +1,467 @@
+hostname: node-type-l3-port-channels
+is_deployed: true
+router_bgp:
+ as: '65005'
+ router_id: 192.168.255.1
+ bgp:
+ default:
+ ipv4_unicast: false
+ maximum_paths:
+ paths: 16
+ redistribute:
+ connected:
+ enabled: true
+ route_map: RM-CONN-2-BGP
+ updates:
+ wait_install: true
+ peer_groups:
+ - name: WAN-OVERLAY-PEERS
+ type: wan
+ update_source: Dps1
+ bfd: true
+ password: htm4AZe9mIQOO1uiMuGgYQ==
+ send_community: all
+ maximum_routes: 0
+ remote_as: '65005'
+ ttl_maximum_hops: 1
+ bfd_timers:
+ interval: 1000
+ min_rx: 1000
+ multiplier: 10
+ address_family_evpn:
+ peer_groups:
+ - name: WAN-OVERLAY-PEERS
+ activate: true
+ encapsulation: path-selection
+ route_map_in: RM-EVPN-SOO-IN
+ route_map_out: RM-EVPN-SOO-OUT
+ address_family_ipv4:
+ peer_groups:
+ - name: WAN-OVERLAY-PEERS
+ activate: false
+ address_family_ipv4_sr_te:
+ peer_groups:
+ - name: WAN-OVERLAY-PEERS
+ activate: true
+ address_family_link_state:
+ peer_groups:
+ - name: WAN-OVERLAY-PEERS
+ activate: true
+ path_selection:
+ roles:
+ producer: true
+ address_family_path_selection:
+ peer_groups:
+ - name: WAN-OVERLAY-PEERS
+ activate: true
+ bgp:
+ additional_paths:
+ receive: true
+ send: any
+ vrfs:
+ - name: default
+ rd: 192.168.255.1:1
+ route_targets:
+ import:
+ - address_family: evpn
+ route_targets:
+ - '1:1'
+ export:
+ - address_family: evpn
+ route_targets:
+ - '1:1'
+ - route-map RM-EVPN-EXPORT-VRF-DEFAULT
+service_routing_protocols_model: multi-agent
+ip_routing: true
+aaa_root:
+ disabled: true
+config_end: true
+enable_password:
+ disabled: true
+transceiver_qsfp_default_mode_4x10: false
+spanning_tree:
+ mode: none
+vrfs:
+- name: MGMT
+ ip_routing: false
+management_api_http:
+ enable_vrfs:
+ - name: MGMT
+ enable_https: true
+ethernet_interfaces:
+- name: Ethernet1
+ description: Cybercast_101_peerDevice1_Ethernet11
+ peer: peerDevice1
+ peer_interface: Ethernet11
+ shutdown: false
+ switchport:
+ enabled: false
+ speed: forced 10000full
+ channel_group:
+ id: 2
+ mode: active
+- name: Ethernet2
+ description: Cybercast_101_peer1
+ peer: peer1
+ shutdown: false
+ switchport:
+ enabled: false
+ speed: forced 10000full
+ channel_group:
+ id: 2
+ mode: active
+- name: Ethernet3
+ description: Custom eth3 description
+ peer: peer1
+ shutdown: false
+ switchport:
+ enabled: false
+ channel_group:
+ id: 2
+ mode: active
+- name: Ethernet1/4
+ description: StreamFast_102_peerDevice2_Ethernet1/12
+ peer: peerDevice2
+ peer_interface: Ethernet1/12
+ shutdown: false
+ switchport:
+ enabled: false
+ speed: forced 10000full
+ channel_group:
+ id: 5
+ mode: passive
+- name: Ethernet1/5
+ description: StreamFast_102_peer2
+ peer: peer2
+ shutdown: false
+ switchport:
+ enabled: false
+ speed: forced 10000full
+ channel_group:
+ id: 5
+ mode: passive
+- name: Ethernet1/10
+ description: BlizzardFast_peerDevice3_Ethernet1/10
+ peer: peerDevice3
+ peer_interface: Ethernet1/10
+ shutdown: false
+ switchport:
+ enabled: false
+ speed: forced 1000full
+ channel_group:
+ id: 8
+ mode: 'on'
+port_channel_interfaces:
+- name: Port-Channel2
+ peer_type: l3_port_channel
+ peer: peer1
+ peer_interface: Port-Channel10
+ ip_address: 192.168.1.102/31
+ shutdown: false
+ switchport:
+ enabled: false
+ description: Cybercast_101_peer1_Port-Channel10
+ service_profile: TEST-QOS-PROFILE1
+ flow_tracker:
+ hardware: FLOW-TRACKER
+- name: Port-Channel5
+ peer_type: l3_port_channel
+ peer: peer2
+ peer_interface: Port-Channel15
+ ip_address: 192.168.1.105/31
+ shutdown: false
+ switchport:
+ enabled: false
+ description: StreamFast_102_peer2_Port-Channel15
+ service_profile: TEST-QOS-PROFILE1
+ eos_cli: '! TEST RAW_EOS_CLI
+
+ '
+ service_policy:
+ qos:
+ input: TEST_POLICY
+- name: Port-Channel5.100
+ peer_type: l3_port_channel
+ peer: peer2
+ peer_interface: Port-Channel15
+ ip_address: 192.168.100.115/31
+ shutdown: false
+ description: ExtremeCable_105_peer2_Port-Channel15
+ service_profile: TEST-QOS-PROFILE2
+ flow_tracker:
+ hardware: FLOW-TRACKER
+ encapsulation_dot1q:
+ vlan: 108
+- name: Port-Channel8
+ peer_type: l3_port_channel
+ peer: peerDevice3
+ peer_interface: Port-Channel18
+ ip_address: dhcp
+ shutdown: false
+ switchport:
+ enabled: false
+ description: BlizzardFast_peerDevice3_Port-Channel18
+ service_profile: TEST-QOS-PROFILE3
+ eos_cli: '! TEST RAW_EOS_CLI 123
+
+ '
+ flow_tracker:
+ hardware: FLOW-TRACKER
+ dhcp_client_accept_default_route: true
+loopback_interfaces:
+- name: Loopback0
+ description: ROUTER_ID
+ shutdown: false
+ ip_address: 192.168.255.1/32
+prefix_lists:
+- name: PL-LOOPBACKS-EVPN-OVERLAY
+ sequence_numbers:
+ - sequence: 10
+ action: permit 192.168.255.0/24 eq 32
+route_maps:
+- name: RM-CONN-2-BGP
+ sequence_numbers:
+ - sequence: 10
+ type: permit
+ match:
+ - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+ set:
+ - extcommunity soo 192.168.255.1:511 additive
+- name: RM-EVPN-SOO-IN
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - extcommunity ECL-EVPN-SOO
+ - sequence: 20
+ type: permit
+- name: RM-EVPN-SOO-OUT
+ sequence_numbers:
+ - sequence: 10
+ type: permit
+ set:
+ - extcommunity soo 192.168.255.1:511 additive
+- name: RM-EVPN-EXPORT-VRF-DEFAULT
+ sequence_numbers:
+ - sequence: 10
+ type: permit
+ match:
+ - extcommunity ECL-EVPN-SOO
+static_routes:
+- destination_address_prefix: 0.0.0.0/0
+ gateway: 192.168.1.10
+agents:
+- name: KernelFib
+ environment_variables:
+ - name: KERNELFIB_PROGRAM_ALL_ECMP
+ value: '1'
+ip_extcommunity_lists:
+- name: ECL-EVPN-SOO
+ entries:
+ - type: permit
+ extcommunities: soo 192.168.255.1:511
+ip_security:
+ ike_policies:
+ - name: CP-IKE-POLICY
+ local_id: 192.168.142.1
+ sa_policies:
+ - name: DP-SA-POLICY
+ esp:
+ encryption: aes256gcm128
+ pfs_dh_group: 14
+ - name: CP-SA-POLICY
+ esp:
+ encryption: aes256gcm128
+ pfs_dh_group: 14
+ profiles:
+ - name: DP-PROFILE
+ sa_policy: DP-SA-POLICY
+ connection: start
+ shared_key: ABCDEF1234567890666
+ dpd:
+ interval: 10
+ time: 50
+ action: clear
+ mode: transport
+ - name: CP-PROFILE
+ ike_policy: CP-IKE-POLICY
+ sa_policy: CP-SA-POLICY
+ connection: start
+ shared_key: ABCDEF1234567890
+ dpd:
+ interval: 10
+ time: 50
+ action: clear
+ mode: transport
+ key_controller:
+ profile: DP-PROFILE
+management_security:
+ ssl_profiles:
+ - name: STUN-DTLS
+ certificate:
+ file: STUN-DTLS.crt
+ key: STUN-DTLS.key
+ trust_certificate:
+ certificates:
+ - aristaDeviceCertProvisionerDefaultRootCA.crt
+ tls_versions: '1.2'
+router_adaptive_virtual_topology:
+ topology_role: edge
+ region:
+ name: AVD_Land_East
+ id: 43
+ zone:
+ name: AVD_Land_East-ZONE
+ id: 1
+ site:
+ name: Site511
+ id: 511
+ profiles:
+ - name: DEFAULT-POLICY-CONTROL-PLANE
+ load_balance_policy: LB-DEFAULT-POLICY-CONTROL-PLANE
+ - name: DEFAULT-POLICY-DEFAULT
+ load_balance_policy: LB-DEFAULT-POLICY-DEFAULT
+ vrfs:
+ - name: default
+ policy: DEFAULT-POLICY-WITH-CP
+ profiles:
+ - name: DEFAULT-POLICY-CONTROL-PLANE
+ id: 254
+ - name: DEFAULT-POLICY-DEFAULT
+ id: 1
+ policies:
+ - name: DEFAULT-POLICY-WITH-CP
+ matches:
+ - application_profile: APP-PROFILE-CONTROL-PLANE
+ avt_profile: DEFAULT-POLICY-CONTROL-PLANE
+ - application_profile: default
+ avt_profile: DEFAULT-POLICY-DEFAULT
+router_bfd:
+ multihop:
+ interval: 300
+ min_rx: 300
+ multiplier: 3
+router_path_selection:
+ tcp_mss_ceiling:
+ ipv4_segment_size: auto
+ path_groups:
+ - name: INET
+ id: 101
+ local_interfaces:
+ - name: Port-Channel2
+ - name: Port-Channel5
+ - name: Port-Channel5.100
+ - name: Port-Channel8
+ dynamic_peers:
+ enabled: true
+ ipsec_profile: CP-PROFILE
+ load_balance_policies:
+ - name: LB-DEFAULT-POLICY-CONTROL-PLANE
+ path_groups:
+ - name: INET
+ - name: LB-DEFAULT-POLICY-DEFAULT
+ path_groups:
+ - name: INET
+router_traffic_engineering:
+ enabled: true
+application_traffic_recognition:
+ application_profiles:
+ - name: APP-PROFILE-CONTROL-PLANE
+ applications:
+ - name: APP-CONTROL-PLANE
+ applications:
+ ipv4_applications:
+ - name: APP-CONTROL-PLANE
+ dest_prefix_set_name: PFX-PATHFINDERS
+ field_sets:
+ ipv4_prefixes:
+ - name: PFX-PATHFINDERS
+dps_interfaces:
+- name: Dps1
+ description: DPS Interface
+ mtu: 9194
+ ip_address: 192.168.142.1/32
+ flow_tracker:
+ hardware: FLOW-TRACKER
+vxlan_interface:
+ vxlan1:
+ description: node-type-l3-port-channels_VTEP
+ vxlan:
+ udp_port: 4789
+ source_interface: Dps1
+ vrfs:
+ - name: default
+ vni: 1
+flow_tracking:
+ hardware:
+ trackers:
+ - name: FLOW-TRACKER
+ record_export:
+ on_inactive_timeout: 70000
+ on_interval: 300000
+ exporters:
+ - name: CV-TELEMETRY
+ collector:
+ host: 127.0.0.1
+ local_interface: Loopback0
+ template_interval: 3600000
+ shutdown: false
+metadata:
+ cv_tags:
+ device_tags:
+ - name: Role
+ value: edge
+ - name: Region
+ value: AVD_Land_East
+ - name: Zone
+ value: AVD_Land_East-ZONE
+ - name: Site
+ value: Site511
+ interface_tags:
+ - interface: Ethernet1
+ tags:
+ - name: Type
+ value: lan
+ - interface: Ethernet2
+ tags:
+ - name: Type
+ value: lan
+ - interface: Ethernet3
+ tags:
+ - name: Type
+ value: lan
+ - interface: Ethernet1/4
+ tags:
+ - name: Type
+ value: lan
+ - interface: Ethernet1/5
+ tags:
+ - name: Type
+ value: lan
+ - interface: Ethernet1/10
+ tags:
+ - name: Type
+ value: lan
+ cv_pathfinder:
+ role: edge
+ ssl_profile: STUN-DTLS
+ vtep_ip: 192.168.142.1
+ region: AVD_Land_East
+ zone: AVD_Land_East-ZONE
+ site: Site511
+ interfaces:
+ - name: Port-Channel2
+ carrier: Cybercast
+ circuit_id: '101'
+ pathgroup: INET
+ - name: Port-Channel5
+ carrier: StreamFast
+ circuit_id: '102'
+ pathgroup: INET
+ - name: Port-Channel5.100
+ carrier: ExtremeCable
+ circuit_id: '105'
+ pathgroup: INET
+ - name: Port-Channel8
+ carrier: BlizzardFast
+ pathgroup: INET
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CV_PATHFINDER_TESTS.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CV_PATHFINDER_TESTS.yml
index 620bdc0843f..dd3a6cde9d9 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CV_PATHFINDER_TESTS.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/CV_PATHFINDER_TESTS.yml
@@ -212,6 +212,32 @@ wan_router:
bgp:
peer_as: 64520
ipv4_prefix_list_out: PL2
+ l3_port_channels:
+ - # Port-Channel with 2 member ports
+ name: Port-Channel1
+ mode: active
+ member_interfaces:
+ - name: Ethernet6
+ peer: peerDevice1
+ peer_interface: PeerDevIntf1
+ speed: "forced 10000full"
+ - # peer, peer_interface not set, use one from parent L3 Port-Channel
+ name: Ethernet7
+ speed: "forced 10000full"
+ ip_address: 172.15.5.7/31
+ # using peer_ip same as the one for Ethernet3 under l3_interfaces above
+ # This will cause identical nexthop for Zscaler tunnel destinations to be configured via ip route.
+ peer: peerDeviceA
+ peer_ip: 172.31.0.1
+ peer_port_channel: Port-Channel2
+ wan_carrier: ATT
+ wan_circuit_id: 404
+ cv_pathfinder_internet_exit:
+ policies:
+ - name: ZSCALER-EXIT-POLICY-3
+ tunnel_interface_numbers: 200-202
+ flow_tracking:
+ enabled: true
# SITE_HA_ENABLED
# Because HA is enabled, this allow to test that MPLS-ONLY, present on
# cv-pathfinder-edge2B (because of Colt) is being configured on cv-pathfinder-edge2A
@@ -607,6 +633,17 @@ wan_virtual_topologies:
- names: [MPLS]
preference: preferred
id: 5
+ - application_profile: CRITICAL-APP
+ path_groups:
+ - names: [INET]
+ preference: preferred
+ - names: [AWS]
+ preference: alternate
+ constraints:
+ loss_rate: 45.0
+ internet_exit:
+ policy: ZSCALER-EXIT-POLICY-3
+ id: 6
- name: DEFAULT-AVT-POLICY
default_virtual_topology:
path_groups:
@@ -659,6 +696,10 @@ application_classification:
- rtp
- name: IT
- name: MPLS-ONLY
+ - name: CRITICAL-APP
+ applications:
+ # Testing applications in application-profiles filtering
+ - name: CUSTOM-APPLICATION-3
- name: VOICE
applications:
# Testing applications in application-profiles filtering
@@ -688,6 +729,10 @@ application_classification:
protocols: [tcp]
tcp_src_port_set_name: TCP-SRC-2
tcp_dest_port_set_name: TCP-DEST-2
+ - name: CUSTOM-APPLICATION-3
+ protocols: [tcp]
+ tcp_src_port_set_name: TCP-SRC-3
+ tcp_dest_port_set_name: TCP-DEST-3
- name: CUSTOM-voice-APPLICATION
protocols: [udp]
udp_src_port_set_name: UDP-SRC-VOICE
@@ -714,10 +759,16 @@ application_classification:
- name: TCP-SRC-2
port_values:
- 42
+ - name: TCP-SRC-3
+ port_values:
+ - 400
- name: TCP-DEST-2
port_values:
- 666
- 777
+ - name: TCP-DEST-3
+ port_values:
+ - 880
- name: UDP-SRC-VOICE
port_values:
- 42000-42999
@@ -738,6 +789,12 @@ cv_pathfinder_internet_exit_policies:
zscaler:
domain_name: test.local
ipsec_key_salt: THIS_SHOULD_BE_VAULTED
+ - name: ZSCALER-EXIT-POLICY-3
+ fallback_to_system_default: False
+ type: zscaler
+ zscaler:
+ domain_name: test.local
+ ipsec_key_salt: THIS_SHOULD_BE_VAULTED
- name: DIRECT-EXIT-POLICY-1
fallback_to_system_default: False
type: direct
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/node-type-l3-port-channels.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/node-type-l3-port-channels.yml
new file mode 100644
index 00000000000..85b3e9af22f
--- /dev/null
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/node-type-l3-port-channels.yml
@@ -0,0 +1,140 @@
+---
+type: wan_router
+
+cv_pathfinder_regions:
+ - name: AVD_Land_East
+ id: 43
+ description: AVD Region
+ sites:
+ - name: Site511
+ id: 511
+ location: Miami
+
+bgp_peer_groups:
+ wan_overlay_peers:
+ password: "htm4AZe9mIQOO1uiMuGgYQ=="
+ listen_range_prefixes:
+ - 192.168.142.0/24
+ - 192.168.143.0/24
+
+wan_ipsec_profiles:
+ control_plane:
+ shared_key: ABCDEF1234567890
+ data_plane:
+ shared_key: ABCDEF1234567890666
+
+wan_router:
+ node_groups:
+ - group: Site511
+ uplink_type: p2p-vrfs
+ cv_pathfinder_region: AVD_Land_East
+ cv_pathfinder_site: Site511
+ nodes:
+ - name: node-type-l3-port-channels
+ id: 1
+ loopback_ipv4_pool: 192.168.255.0/24
+ vtep_loopback_ipv4_pool: 192.168.142.0/24
+ bgp_as: 65005
+ l3_port_channels:
+ - # Port-Channel with 3 member ports
+ name: Port-Channel2
+ mode: active
+ member_interfaces:
+ - name: Ethernet1
+ peer: peerDevice1
+ peer_interface: Ethernet11
+ speed: "forced 10000full"
+ - # if peer not set, use one from parent L3 Port-Channel
+ name: Ethernet2
+ speed: "forced 10000full"
+ - # one with structured config for member port (TO ADD)
+ name: Ethernet3
+ description: "Custom eth3 description"
+ ip_address: 192.168.1.102/31
+ peer: peer1
+ peer_port_channel: Port-Channel10
+ peer_ip: 192.168.1.10
+ static_routes:
+ - prefix: 0.0.0.0/0
+ qos_profile: TEST-QOS-PROFILE1
+ wan_carrier: Cybercast
+ wan_circuit_id: 101
+ flow_tracking:
+ enabled: true
+ - # Port-Channel with 2 member ports
+ name: Port-Channel5
+ mode: passive
+ member_interfaces:
+ - name: Ethernet1/4
+ peer: peerDevice2
+ peer_interface: Ethernet1/12
+ speed: "forced 10000full"
+ - # if peer not set, use one from parent L3 Port-Channel
+ name: Ethernet1/5
+ speed: "forced 10000full"
+ ip_address: 192.168.1.105/31
+ peer: peer2
+ peer_port_channel: Port-Channel15
+ peer_ip: 192.168.1.15
+ qos_profile: TEST-QOS-PROFILE1
+ wan_carrier: StreamFast
+ wan_circuit_id: 102
+ flow_tracking:
+ enabled: false
+ structured_config:
+ service_policy:
+ qos:
+ input: TEST_POLICY
+ raw_eos_cli: |
+ ! TEST RAW_EOS_CLI
+ - # sub-interface for Port-Channel
+ name: Port-Channel5.100
+ encapsulation_dot1q_vlan: 108
+ ip_address: 192.168.100.115/31
+ peer: peer2
+ peer_port_channel: Port-Channel15
+ peer_ip: 192.168.1.15
+ qos_profile: TEST-QOS-PROFILE2
+ wan_carrier: ExtremeCable
+ wan_circuit_id: 105
+ flow_tracking:
+ enabled: true
+ - # Port-Channel with 1 member port
+ name: Port-Channel8
+ mode: 'on'
+ member_interfaces:
+ - name: Ethernet1/10
+ peer: peerDevice3
+ peer_interface: Ethernet1/10
+ speed: "forced 1000full"
+ peer: peerDevice3
+ peer_port_channel: Port-Channel18
+ peer_ip: 192.168.1.18
+ qos_profile: TEST-QOS-PROFILE3
+ wan_carrier: BlizzardFast
+ ip_address: dhcp
+ dhcp_ip: 10.15.16.17
+ dhcp_accept_default_route: true
+ flow_tracking:
+ enabled: true
+ raw_eos_cli: |
+ ! TEST RAW_EOS_CLI 123
+wan_carriers:
+ - name: Cybercast
+ path_group: INET
+ trusted: true
+ - name: StreamFast
+ path_group: INET
+ trusted: true
+ - name: ExtremeCable
+ path_group: INET
+ trusted: true
+ - name: BlizzardFast
+ path_group: INET
+ trusted: true
+
+wan_path_groups:
+ - name: INET
+ id: 101
+ - name: LTE
+ id: 102
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml
index 62a5b1e8ca0..032556ab7a4 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml
@@ -50,6 +50,7 @@ all:
spanning-tree-mode-rapid-pvst:
node-type-l3-interfaces:
node-type-l3-interfaces-bgp:
+ node-type-l3-port-channels:
ipv4-acls:
only-connected-endpoints:
platform_settings:
diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/management-flow-tracking-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/management-flow-tracking-settings.md
index 5eddb2ca443..27281796fe2 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/management-flow-tracking-settings.md
+++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/management-flow-tracking-settings.md
@@ -29,6 +29,9 @@
| [ l3_interfaces](## "fabric_flow_tracking.l3_interfaces") | Dictionary | | | | Enable flow-tracking on all node.l3_interfaces and network-services tenants.vrfs.l3_interfaces. |
| [ enabled](## "fabric_flow_tracking.l3_interfaces.enabled") | Boolean | | `False` | | |
| [ name](## "fabric_flow_tracking.l3_interfaces.name") | String | | `FLOW-TRACKER` | | Flow tracker name as defined in flow_tracking_settings. |
+ | [ l3_port_channels](## "fabric_flow_tracking.l3_port_channels") | Dictionary | | | | Enable flow-tracking on all node.l3_port_channels. |
+ | [ enabled](## "fabric_flow_tracking.l3_port_channels.enabled") | Boolean | | `False` | | |
+ | [ name](## "fabric_flow_tracking.l3_port_channels.name") | String | | `FLOW-TRACKER` | | Flow tracker name as defined in flow_tracking_settings. |
| [ dps_interfaces](## "fabric_flow_tracking.dps_interfaces") | Dictionary | | | | Enable flow-tracking on all dps_interfaces. |
| [ enabled](## "fabric_flow_tracking.dps_interfaces.enabled") | Boolean | | `True` | | |
| [ name](## "fabric_flow_tracking.dps_interfaces.name") | String | | `FLOW-TRACKER` | | Flow tracker name as defined in flow_tracking_settings. |
@@ -124,6 +127,13 @@
# Flow tracker name as defined in flow_tracking_settings.
name:
+ # Enable flow-tracking on all node.l3_port_channels.
+ l3_port_channels:
+ enabled:
+
+ # Flow tracker name as defined in flow_tracking_settings.
+ name:
+
# Enable flow-tracking on all dps_interfaces.
dps_interfaces:
enabled:
diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-l3-interfaces-configuration.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-l3-interfaces-configuration.md
index 8c5ff47281d..0c16c173c87 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-l3-interfaces-configuration.md
+++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-l3-interfaces-configuration.md
@@ -9,7 +9,7 @@
| -------- | ---- | -------- | ------- | ------------------ | ----------- |
| [<node_type_keys.key>](## "") | Dictionary | | | | |
| [ defaults](## ".defaults") | Dictionary | | | | Define variables for all nodes of this type. |
- | [ l3_interfaces](## ".defaults.l3_interfaces") | List, items: Dictionary | | | | L3 Interfaces to configure on the node.
Used to define the node for WAN interfaces when `wan_carrier` is set. |
+ | [ l3_interfaces](## ".defaults.l3_interfaces") | List, items: Dictionary | | | | L3 Interfaces to configure on the node. |
| [ - profile](## ".defaults.l3_interfaces.[].profile") | String | | | | L3 interface profile name. Profile defined under `l3_interface_profiles`.
|
| [ name](## ".defaults.l3_interfaces.[].name") | String | Required, Unique | | Pattern: `Ethernet[\d/]+(.[\d]+)?` | Ethernet interface name like 'Ethernet2' or subinterface name like 'Ethernet2.42'.
For a subinterface, the parent physical interface is automatically created. |
| [ description](## ".defaults.l3_interfaces.[].description") | String | | | | Interface description.
If not set a default description will be configured with '[[ ]]'. |
@@ -48,7 +48,7 @@
| [ - group](## ".node_groups.[].group") | String | Required, Unique | | | The Node Group Name is used for MLAG domain unless set with 'mlag_domain_id'.
The Node Group Name is also used for peer description on downstream switches' uplinks.
|
| [ nodes](## ".node_groups.[].nodes") | List, items: Dictionary | | | | Define variables per node. |
| [ - name](## ".node_groups.[].nodes.[].name") | String | Required, Unique | | | The Node Name is used as "hostname". |
- | [ l3_interfaces](## ".node_groups.[].nodes.[].l3_interfaces") | List, items: Dictionary | | | | L3 Interfaces to configure on the node.
Used to define the node for WAN interfaces when `wan_carrier` is set. |
+ | [ l3_interfaces](## ".node_groups.[].nodes.[].l3_interfaces") | List, items: Dictionary | | | | L3 Interfaces to configure on the node. |
| [ - profile](## ".node_groups.[].nodes.[].l3_interfaces.[].profile") | String | | | | L3 interface profile name. Profile defined under `l3_interface_profiles`.
|
| [ name](## ".node_groups.[].nodes.[].l3_interfaces.[].name") | String | Required, Unique | | Pattern: `Ethernet[\d/]+(.[\d]+)?` | Ethernet interface name like 'Ethernet2' or subinterface name like 'Ethernet2.42'.
For a subinterface, the parent physical interface is automatically created. |
| [ description](## ".node_groups.[].nodes.[].l3_interfaces.[].description") | String | | | | Interface description.
If not set a default description will be configured with '[[ ]]'. |
@@ -83,7 +83,7 @@
| [ enabled](## ".node_groups.[].nodes.[].l3_interfaces.[].flow_tracking.enabled") | Boolean | | | | |
| [ name](## ".node_groups.[].nodes.[].l3_interfaces.[].flow_tracking.name") | String | | | | Flow tracker name as defined in flow_tracking_settings. |
| [ structured_config](## ".node_groups.[].nodes.[].l3_interfaces.[].structured_config") | Dictionary | | | | Custom structured config for the Ethernet interface. |
- | [ l3_interfaces](## ".node_groups.[].l3_interfaces") | List, items: Dictionary | | | | L3 Interfaces to configure on the node.
Used to define the node for WAN interfaces when `wan_carrier` is set. |
+ | [ l3_interfaces](## ".node_groups.[].l3_interfaces") | List, items: Dictionary | | | | L3 Interfaces to configure on the node. |
| [ - profile](## ".node_groups.[].l3_interfaces.[].profile") | String | | | | L3 interface profile name. Profile defined under `l3_interface_profiles`.
|
| [ name](## ".node_groups.[].l3_interfaces.[].name") | String | Required, Unique | | Pattern: `Ethernet[\d/]+(.[\d]+)?` | Ethernet interface name like 'Ethernet2' or subinterface name like 'Ethernet2.42'.
For a subinterface, the parent physical interface is automatically created. |
| [ description](## ".node_groups.[].l3_interfaces.[].description") | String | | | | Interface description.
If not set a default description will be configured with '[[ ]]'. |
@@ -120,7 +120,7 @@
| [ structured_config](## ".node_groups.[].l3_interfaces.[].structured_config") | Dictionary | | | | Custom structured config for the Ethernet interface. |
| [ nodes](## ".nodes") | List, items: Dictionary | | | | Define variables per node. |
| [ - name](## ".nodes.[].name") | String | Required, Unique | | | The Node Name is used as "hostname". |
- | [ l3_interfaces](## ".nodes.[].l3_interfaces") | List, items: Dictionary | | | | L3 Interfaces to configure on the node.
Used to define the node for WAN interfaces when `wan_carrier` is set. |
+ | [ l3_interfaces](## ".nodes.[].l3_interfaces") | List, items: Dictionary | | | | L3 Interfaces to configure on the node. |
| [ - profile](## ".nodes.[].l3_interfaces.[].profile") | String | | | | L3 interface profile name. Profile defined under `l3_interface_profiles`.
|
| [ name](## ".nodes.[].l3_interfaces.[].name") | String | Required, Unique | | Pattern: `Ethernet[\d/]+(.[\d]+)?` | Ethernet interface name like 'Ethernet2' or subinterface name like 'Ethernet2.42'.
For a subinterface, the parent physical interface is automatically created. |
| [ description](## ".nodes.[].l3_interfaces.[].description") | String | | | | Interface description.
If not set a default description will be configured with '[[ ]]'. |
@@ -200,7 +200,6 @@
defaults:
# L3 Interfaces to configure on the node.
- # Used to define the node for WAN interfaces when `wan_carrier` is set.
l3_interfaces:
# L3 interface profile name. Profile defined under `l3_interface_profiles`.
@@ -341,7 +340,6 @@
- name:
# L3 Interfaces to configure on the node.
- # Used to define the node for WAN interfaces when `wan_carrier` is set.
l3_interfaces:
# L3 interface profile name. Profile defined under `l3_interface_profiles`.
@@ -469,7 +467,6 @@
structured_config:
# L3 Interfaces to configure on the node.
- # Used to define the node for WAN interfaces when `wan_carrier` is set.
l3_interfaces:
# L3 interface profile name. Profile defined under `l3_interface_profiles`.
@@ -603,7 +600,6 @@
- name:
# L3 Interfaces to configure on the node.
- # Used to define the node for WAN interfaces when `wan_carrier` is set.
l3_interfaces:
# L3 interface profile name. Profile defined under `l3_interface_profiles`.
diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-l3-port-channels-configuration.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-l3-port-channels-configuration.md
index 00496f9888a..cd09e3b40d9 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-l3-port-channels-configuration.md
+++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-l3-port-channels-configuration.md
@@ -9,10 +9,10 @@
| -------- | ---- | -------- | ------- | ------------------ | ----------- |
| [<node_type_keys.key>](## "") | Dictionary | | | | |
| [ defaults](## ".defaults") | Dictionary | | | | Define variables for all nodes of this type. |
- | [ l3_port_channels](## ".defaults.l3_port_channels") | List, items: Dictionary | | | | L3 Port-Channel interfaces to configure on the node.
Used to define the node for WAN interfaces when `wan_carrier` is set. |
+ | [ l3_port_channels](## ".defaults.l3_port_channels") | List, items: Dictionary | | | | L3 Port-Channel interfaces to configure on the node. |
| [ - name](## ".defaults.l3_port_channels.[].name") | String | Required, Unique | | Pattern: `Port-Channel[\d/]+(.[\d]+)?` | Port-Channel interface name like 'Port-Channel2' or subinterface name like 'Port-Channel2.42'.
For a Port-Channel subinterface, the parent Port-Channel interface must be defined as well. |
| [ description](## ".defaults.l3_port_channels.[].description") | String | | | | Interface description.
If not set a default description will be configured with '[[ ]]'. |
- | [ mode](## ".defaults.l3_port_channels.[].mode") | String | | `on` | Valid Values:
- active
- passive
- on | Port-Channel mode.
Should not be set on Port-Channel subinterfaces. |
+ | [ mode](## ".defaults.l3_port_channels.[].mode") | String | | `active` | Valid Values:
- active
- passive
- on | Port-Channel mode.
Should not be set on Port-Channel subinterfaces. |
| [ member_interfaces](## ".defaults.l3_port_channels.[].member_interfaces") | List, items: Dictionary | | | | Port-Channel member interfaces.
Should not be set on Port-Channel subinterfaces. |
| [ - name](## ".defaults.l3_port_channels.[].member_interfaces.[].name") | String | Required, Unique | | Pattern: `Ethernet[\d/]+` | Ethernet interface name like 'Ethernet2'.
Member interface cannot be subinterface. |
| [ description](## ".defaults.l3_port_channels.[].member_interfaces.[].description") | String | | | | Interface description for this member.
If not set a default description will be configured with '[[ ]]'. |
@@ -35,7 +35,7 @@
| [ ipv4_acl_in](## ".defaults.l3_port_channels.[].ipv4_acl_in") | String | | | | Name of the IPv4 access-list to be assigned in the ingress direction.
The access-list must be defined under `ipv4_acls` and supports field substitution for "interface_ip" and "peer_ip".
Required for all WAN interfaces (`wan_carrier` is set) unless the carrier is marked as 'trusted' under `wan_carriers`. |
| [ ipv4_acl_out](## ".defaults.l3_port_channels.[].ipv4_acl_out") | String | | | | Name of the IPv4 Access-list to be assigned in the egress direction.
The access-list must be defined under `ipv4_acls` and supports field substitution for "interface_ip" and "peer_ip". |
| [ static_routes](## ".defaults.l3_port_channels.[].static_routes") | List, items: Dictionary | | | Min Length: 1 | Configure IPv4 static routes pointing to `peer_ip`. |
- | [ - prefix](## ".defaults.l3_port_channels.[].static_routes.[].prefix") | String | Required | | | IPv4_network/Mask. |
+ | [ - prefix](## ".defaults.l3_port_channels.[].static_routes.[].prefix") | String | Required, Unique | | | IPv4_network/Mask. |
| [ qos_profile](## ".defaults.l3_port_channels.[].qos_profile") | String | | | | QOS service profile. |
| [ wan_carrier](## ".defaults.l3_port_channels.[].wan_carrier") | String | | | | The WAN carrier this interface is connected to.
This is used to infer the path-groups in which this interface should be configured.
Unless the carrier is marked as 'trusted' under `wan_carriers`, `ipv4_acl_in` is also required on all WAN interfaces. |
| [ wan_circuit_id](## ".defaults.l3_port_channels.[].wan_circuit_id") | String | | | | The WAN circuit ID for this interface.
This is not rendered in the configuration but used for WAN designs. |
@@ -44,8 +44,8 @@
| [ policies](## ".defaults.l3_port_channels.[].cv_pathfinder_internet_exit.policies") | List, items: Dictionary | | | | List of Internet-exit policies using this interface as exit. |
| [ - name](## ".defaults.l3_port_channels.[].cv_pathfinder_internet_exit.policies.[].name") | String | Required, Unique | | | Internet-exit policy name. |
| [ tunnel_interface_numbers](## ".defaults.l3_port_channels.[].cv_pathfinder_internet_exit.policies.[].tunnel_interface_numbers") | String | | | | Number range to use for Tunnel interfaces to an internet-exit service provider using this local interface.
Examples: '1-3' or '100,200,300' |
- | [ raw_eos_cli](## ".defaults.l3_port_channels.[].raw_eos_cli") | String | | | | EOS CLI rendered directly on the interface in the final EOS configuration. |
- | [ flow_tracking](## ".defaults.l3_port_channels.[].flow_tracking") | Dictionary | | | | Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_interfaces` setting. |
+ | [ raw_eos_cli](## ".defaults.l3_port_channels.[].raw_eos_cli") | String | | | | EOS CLI rendered directly on the Port-Channel interface in the final EOS configuration. |
+ | [ flow_tracking](## ".defaults.l3_port_channels.[].flow_tracking") | Dictionary | | | | Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_port_channels` setting. |
| [ enabled](## ".defaults.l3_port_channels.[].flow_tracking.enabled") | Boolean | | | | |
| [ name](## ".defaults.l3_port_channels.[].flow_tracking.name") | String | | | | Flow tracker name as defined in flow_tracking_settings. |
| [ structured_config](## ".defaults.l3_port_channels.[].structured_config") | Dictionary | | | | Custom structured config for the Port-Channel interface. |
@@ -53,10 +53,10 @@
| [ - group](## ".node_groups.[].group") | String | Required, Unique | | | The Node Group Name is used for MLAG domain unless set with 'mlag_domain_id'.
The Node Group Name is also used for peer description on downstream switches' uplinks.
|
| [ nodes](## ".node_groups.[].nodes") | List, items: Dictionary | | | | Define variables per node. |
| [ - name](## ".node_groups.[].nodes.[].name") | String | Required, Unique | | | The Node Name is used as "hostname". |
- | [ l3_port_channels](## ".node_groups.[].nodes.[].l3_port_channels") | List, items: Dictionary | | | | L3 Port-Channel interfaces to configure on the node.
Used to define the node for WAN interfaces when `wan_carrier` is set. |
+ | [ l3_port_channels](## ".node_groups.[].nodes.[].l3_port_channels") | List, items: Dictionary | | | | L3 Port-Channel interfaces to configure on the node. |
| [ - name](## ".node_groups.[].nodes.[].l3_port_channels.[].name") | String | Required, Unique | | Pattern: `Port-Channel[\d/]+(.[\d]+)?` | Port-Channel interface name like 'Port-Channel2' or subinterface name like 'Port-Channel2.42'.
For a Port-Channel subinterface, the parent Port-Channel interface must be defined as well. |
| [ description](## ".node_groups.[].nodes.[].l3_port_channels.[].description") | String | | | | Interface description.
If not set a default description will be configured with '[[ ]]'. |
- | [ mode](## ".node_groups.[].nodes.[].l3_port_channels.[].mode") | String | | `on` | Valid Values:
- active
- passive
- on | Port-Channel mode.
Should not be set on Port-Channel subinterfaces. |
+ | [ mode](## ".node_groups.[].nodes.[].l3_port_channels.[].mode") | String | | `active` | Valid Values:
- active
- passive
- on | Port-Channel mode.
Should not be set on Port-Channel subinterfaces. |
| [ member_interfaces](## ".node_groups.[].nodes.[].l3_port_channels.[].member_interfaces") | List, items: Dictionary | | | | Port-Channel member interfaces.
Should not be set on Port-Channel subinterfaces. |
| [ - name](## ".node_groups.[].nodes.[].l3_port_channels.[].member_interfaces.[].name") | String | Required, Unique | | Pattern: `Ethernet[\d/]+` | Ethernet interface name like 'Ethernet2'.
Member interface cannot be subinterface. |
| [ description](## ".node_groups.[].nodes.[].l3_port_channels.[].member_interfaces.[].description") | String | | | | Interface description for this member.
If not set a default description will be configured with '[[ ]]'. |
@@ -79,7 +79,7 @@
| [ ipv4_acl_in](## ".node_groups.[].nodes.[].l3_port_channels.[].ipv4_acl_in") | String | | | | Name of the IPv4 access-list to be assigned in the ingress direction.
The access-list must be defined under `ipv4_acls` and supports field substitution for "interface_ip" and "peer_ip".
Required for all WAN interfaces (`wan_carrier` is set) unless the carrier is marked as 'trusted' under `wan_carriers`. |
| [ ipv4_acl_out](## ".node_groups.[].nodes.[].l3_port_channels.[].ipv4_acl_out") | String | | | | Name of the IPv4 Access-list to be assigned in the egress direction.
The access-list must be defined under `ipv4_acls` and supports field substitution for "interface_ip" and "peer_ip". |
| [ static_routes](## ".node_groups.[].nodes.[].l3_port_channels.[].static_routes") | List, items: Dictionary | | | Min Length: 1 | Configure IPv4 static routes pointing to `peer_ip`. |
- | [ - prefix](## ".node_groups.[].nodes.[].l3_port_channels.[].static_routes.[].prefix") | String | Required | | | IPv4_network/Mask. |
+ | [ - prefix](## ".node_groups.[].nodes.[].l3_port_channels.[].static_routes.[].prefix") | String | Required, Unique | | | IPv4_network/Mask. |
| [ qos_profile](## ".node_groups.[].nodes.[].l3_port_channels.[].qos_profile") | String | | | | QOS service profile. |
| [ wan_carrier](## ".node_groups.[].nodes.[].l3_port_channels.[].wan_carrier") | String | | | | The WAN carrier this interface is connected to.
This is used to infer the path-groups in which this interface should be configured.
Unless the carrier is marked as 'trusted' under `wan_carriers`, `ipv4_acl_in` is also required on all WAN interfaces. |
| [ wan_circuit_id](## ".node_groups.[].nodes.[].l3_port_channels.[].wan_circuit_id") | String | | | | The WAN circuit ID for this interface.
This is not rendered in the configuration but used for WAN designs. |
@@ -88,15 +88,15 @@
| [ policies](## ".node_groups.[].nodes.[].l3_port_channels.[].cv_pathfinder_internet_exit.policies") | List, items: Dictionary | | | | List of Internet-exit policies using this interface as exit. |
| [ - name](## ".node_groups.[].nodes.[].l3_port_channels.[].cv_pathfinder_internet_exit.policies.[].name") | String | Required, Unique | | | Internet-exit policy name. |
| [ tunnel_interface_numbers](## ".node_groups.[].nodes.[].l3_port_channels.[].cv_pathfinder_internet_exit.policies.[].tunnel_interface_numbers") | String | | | | Number range to use for Tunnel interfaces to an internet-exit service provider using this local interface.
Examples: '1-3' or '100,200,300' |
- | [ raw_eos_cli](## ".node_groups.[].nodes.[].l3_port_channels.[].raw_eos_cli") | String | | | | EOS CLI rendered directly on the interface in the final EOS configuration. |
- | [ flow_tracking](## ".node_groups.[].nodes.[].l3_port_channels.[].flow_tracking") | Dictionary | | | | Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_interfaces` setting. |
+ | [ raw_eos_cli](## ".node_groups.[].nodes.[].l3_port_channels.[].raw_eos_cli") | String | | | | EOS CLI rendered directly on the Port-Channel interface in the final EOS configuration. |
+ | [ flow_tracking](## ".node_groups.[].nodes.[].l3_port_channels.[].flow_tracking") | Dictionary | | | | Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_port_channels` setting. |
| [ enabled](## ".node_groups.[].nodes.[].l3_port_channels.[].flow_tracking.enabled") | Boolean | | | | |
| [ name](## ".node_groups.[].nodes.[].l3_port_channels.[].flow_tracking.name") | String | | | | Flow tracker name as defined in flow_tracking_settings. |
| [ structured_config](## ".node_groups.[].nodes.[].l3_port_channels.[].structured_config") | Dictionary | | | | Custom structured config for the Port-Channel interface. |
- | [ l3_port_channels](## ".node_groups.[].l3_port_channels") | List, items: Dictionary | | | | L3 Port-Channel interfaces to configure on the node.
Used to define the node for WAN interfaces when `wan_carrier` is set. |
+ | [ l3_port_channels](## ".node_groups.[].l3_port_channels") | List, items: Dictionary | | | | L3 Port-Channel interfaces to configure on the node. |
| [ - name](## ".node_groups.[].l3_port_channels.[].name") | String | Required, Unique | | Pattern: `Port-Channel[\d/]+(.[\d]+)?` | Port-Channel interface name like 'Port-Channel2' or subinterface name like 'Port-Channel2.42'.
For a Port-Channel subinterface, the parent Port-Channel interface must be defined as well. |
| [ description](## ".node_groups.[].l3_port_channels.[].description") | String | | | | Interface description.
If not set a default description will be configured with '[[ ]]'. |
- | [ mode](## ".node_groups.[].l3_port_channels.[].mode") | String | | `on` | Valid Values:
- active
- passive
- on | Port-Channel mode.
Should not be set on Port-Channel subinterfaces. |
+ | [ mode](## ".node_groups.[].l3_port_channels.[].mode") | String | | `active` | Valid Values:
- active
- passive
- on | Port-Channel mode.
Should not be set on Port-Channel subinterfaces. |
| [ member_interfaces](## ".node_groups.[].l3_port_channels.[].member_interfaces") | List, items: Dictionary | | | | Port-Channel member interfaces.
Should not be set on Port-Channel subinterfaces. |
| [ - name](## ".node_groups.[].l3_port_channels.[].member_interfaces.[].name") | String | Required, Unique | | Pattern: `Ethernet[\d/]+` | Ethernet interface name like 'Ethernet2'.
Member interface cannot be subinterface. |
| [ description](## ".node_groups.[].l3_port_channels.[].member_interfaces.[].description") | String | | | | Interface description for this member.
If not set a default description will be configured with '[[ ]]'. |
@@ -119,7 +119,7 @@
| [ ipv4_acl_in](## ".node_groups.[].l3_port_channels.[].ipv4_acl_in") | String | | | | Name of the IPv4 access-list to be assigned in the ingress direction.
The access-list must be defined under `ipv4_acls` and supports field substitution for "interface_ip" and "peer_ip".
Required for all WAN interfaces (`wan_carrier` is set) unless the carrier is marked as 'trusted' under `wan_carriers`. |
| [ ipv4_acl_out](## ".node_groups.[].l3_port_channels.[].ipv4_acl_out") | String | | | | Name of the IPv4 Access-list to be assigned in the egress direction.
The access-list must be defined under `ipv4_acls` and supports field substitution for "interface_ip" and "peer_ip". |
| [ static_routes](## ".node_groups.[].l3_port_channels.[].static_routes") | List, items: Dictionary | | | Min Length: 1 | Configure IPv4 static routes pointing to `peer_ip`. |
- | [ - prefix](## ".node_groups.[].l3_port_channels.[].static_routes.[].prefix") | String | Required | | | IPv4_network/Mask. |
+ | [ - prefix](## ".node_groups.[].l3_port_channels.[].static_routes.[].prefix") | String | Required, Unique | | | IPv4_network/Mask. |
| [ qos_profile](## ".node_groups.[].l3_port_channels.[].qos_profile") | String | | | | QOS service profile. |
| [ wan_carrier](## ".node_groups.[].l3_port_channels.[].wan_carrier") | String | | | | The WAN carrier this interface is connected to.
This is used to infer the path-groups in which this interface should be configured.
Unless the carrier is marked as 'trusted' under `wan_carriers`, `ipv4_acl_in` is also required on all WAN interfaces. |
| [ wan_circuit_id](## ".node_groups.[].l3_port_channels.[].wan_circuit_id") | String | | | | The WAN circuit ID for this interface.
This is not rendered in the configuration but used for WAN designs. |
@@ -128,17 +128,17 @@
| [ policies](## ".node_groups.[].l3_port_channels.[].cv_pathfinder_internet_exit.policies") | List, items: Dictionary | | | | List of Internet-exit policies using this interface as exit. |
| [ - name](## ".node_groups.[].l3_port_channels.[].cv_pathfinder_internet_exit.policies.[].name") | String | Required, Unique | | | Internet-exit policy name. |
| [ tunnel_interface_numbers](## ".node_groups.[].l3_port_channels.[].cv_pathfinder_internet_exit.policies.[].tunnel_interface_numbers") | String | | | | Number range to use for Tunnel interfaces to an internet-exit service provider using this local interface.
Examples: '1-3' or '100,200,300' |
- | [ raw_eos_cli](## ".node_groups.[].l3_port_channels.[].raw_eos_cli") | String | | | | EOS CLI rendered directly on the interface in the final EOS configuration. |
- | [ flow_tracking](## ".node_groups.[].l3_port_channels.[].flow_tracking") | Dictionary | | | | Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_interfaces` setting. |
+ | [ raw_eos_cli](## ".node_groups.[].l3_port_channels.[].raw_eos_cli") | String | | | | EOS CLI rendered directly on the Port-Channel interface in the final EOS configuration. |
+ | [ flow_tracking](## ".node_groups.[].l3_port_channels.[].flow_tracking") | Dictionary | | | | Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_port_channels` setting. |
| [ enabled](## ".node_groups.[].l3_port_channels.[].flow_tracking.enabled") | Boolean | | | | |
| [ name](## ".node_groups.[].l3_port_channels.[].flow_tracking.name") | String | | | | Flow tracker name as defined in flow_tracking_settings. |
| [ structured_config](## ".node_groups.[].l3_port_channels.[].structured_config") | Dictionary | | | | Custom structured config for the Port-Channel interface. |
| [ nodes](## ".nodes") | List, items: Dictionary | | | | Define variables per node. |
| [ - name](## ".nodes.[].name") | String | Required, Unique | | | The Node Name is used as "hostname". |
- | [ l3_port_channels](## ".nodes.[].l3_port_channels") | List, items: Dictionary | | | | L3 Port-Channel interfaces to configure on the node.
Used to define the node for WAN interfaces when `wan_carrier` is set. |
+ | [ l3_port_channels](## ".nodes.[].l3_port_channels") | List, items: Dictionary | | | | L3 Port-Channel interfaces to configure on the node. |
| [ - name](## ".nodes.[].l3_port_channels.[].name") | String | Required, Unique | | Pattern: `Port-Channel[\d/]+(.[\d]+)?` | Port-Channel interface name like 'Port-Channel2' or subinterface name like 'Port-Channel2.42'.
For a Port-Channel subinterface, the parent Port-Channel interface must be defined as well. |
| [ description](## ".nodes.[].l3_port_channels.[].description") | String | | | | Interface description.
If not set a default description will be configured with '[[ ]]'. |
- | [ mode](## ".nodes.[].l3_port_channels.[].mode") | String | | `on` | Valid Values:
- active
- passive
- on | Port-Channel mode.
Should not be set on Port-Channel subinterfaces. |
+ | [ mode](## ".nodes.[].l3_port_channels.[].mode") | String | | `active` | Valid Values:
- active
- passive
- on | Port-Channel mode.
Should not be set on Port-Channel subinterfaces. |
| [ member_interfaces](## ".nodes.[].l3_port_channels.[].member_interfaces") | List, items: Dictionary | | | | Port-Channel member interfaces.
Should not be set on Port-Channel subinterfaces. |
| [ - name](## ".nodes.[].l3_port_channels.[].member_interfaces.[].name") | String | Required, Unique | | Pattern: `Ethernet[\d/]+` | Ethernet interface name like 'Ethernet2'.
Member interface cannot be subinterface. |
| [ description](## ".nodes.[].l3_port_channels.[].member_interfaces.[].description") | String | | | | Interface description for this member.
If not set a default description will be configured with '[[ ]]'. |
@@ -161,7 +161,7 @@
| [ ipv4_acl_in](## ".nodes.[].l3_port_channels.[].ipv4_acl_in") | String | | | | Name of the IPv4 access-list to be assigned in the ingress direction.
The access-list must be defined under `ipv4_acls` and supports field substitution for "interface_ip" and "peer_ip".
Required for all WAN interfaces (`wan_carrier` is set) unless the carrier is marked as 'trusted' under `wan_carriers`. |
| [ ipv4_acl_out](## ".nodes.[].l3_port_channels.[].ipv4_acl_out") | String | | | | Name of the IPv4 Access-list to be assigned in the egress direction.
The access-list must be defined under `ipv4_acls` and supports field substitution for "interface_ip" and "peer_ip". |
| [ static_routes](## ".nodes.[].l3_port_channels.[].static_routes") | List, items: Dictionary | | | Min Length: 1 | Configure IPv4 static routes pointing to `peer_ip`. |
- | [ - prefix](## ".nodes.[].l3_port_channels.[].static_routes.[].prefix") | String | Required | | | IPv4_network/Mask. |
+ | [ - prefix](## ".nodes.[].l3_port_channels.[].static_routes.[].prefix") | String | Required, Unique | | | IPv4_network/Mask. |
| [ qos_profile](## ".nodes.[].l3_port_channels.[].qos_profile") | String | | | | QOS service profile. |
| [ wan_carrier](## ".nodes.[].l3_port_channels.[].wan_carrier") | String | | | | The WAN carrier this interface is connected to.
This is used to infer the path-groups in which this interface should be configured.
Unless the carrier is marked as 'trusted' under `wan_carriers`, `ipv4_acl_in` is also required on all WAN interfaces. |
| [ wan_circuit_id](## ".nodes.[].l3_port_channels.[].wan_circuit_id") | String | | | | The WAN circuit ID for this interface.
This is not rendered in the configuration but used for WAN designs. |
@@ -170,8 +170,8 @@
| [ policies](## ".nodes.[].l3_port_channels.[].cv_pathfinder_internet_exit.policies") | List, items: Dictionary | | | | List of Internet-exit policies using this interface as exit. |
| [ - name](## ".nodes.[].l3_port_channels.[].cv_pathfinder_internet_exit.policies.[].name") | String | Required, Unique | | | Internet-exit policy name. |
| [ tunnel_interface_numbers](## ".nodes.[].l3_port_channels.[].cv_pathfinder_internet_exit.policies.[].tunnel_interface_numbers") | String | | | | Number range to use for Tunnel interfaces to an internet-exit service provider using this local interface.
Examples: '1-3' or '100,200,300' |
- | [ raw_eos_cli](## ".nodes.[].l3_port_channels.[].raw_eos_cli") | String | | | | EOS CLI rendered directly on the interface in the final EOS configuration. |
- | [ flow_tracking](## ".nodes.[].l3_port_channels.[].flow_tracking") | Dictionary | | | | Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_interfaces` setting. |
+ | [ raw_eos_cli](## ".nodes.[].l3_port_channels.[].raw_eos_cli") | String | | | | EOS CLI rendered directly on the Port-Channel interface in the final EOS configuration. |
+ | [ flow_tracking](## ".nodes.[].l3_port_channels.[].flow_tracking") | Dictionary | | | | Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_port_channels` setting. |
| [ enabled](## ".nodes.[].l3_port_channels.[].flow_tracking.enabled") | Boolean | | | | |
| [ name](## ".nodes.[].l3_port_channels.[].flow_tracking.name") | String | | | | Flow tracker name as defined in flow_tracking_settings. |
| [ structured_config](## ".nodes.[].l3_port_channels.[].structured_config") | Dictionary | | | | Custom structured config for the Port-Channel interface. |
@@ -185,7 +185,6 @@
defaults:
# L3 Port-Channel interfaces to configure on the node.
- # Used to define the node for WAN interfaces when `wan_carrier` is set.
l3_port_channels:
# Port-Channel interface name like 'Port-Channel2' or subinterface name like 'Port-Channel2.42'.
@@ -198,7 +197,7 @@
# Port-Channel mode.
# Should not be set on Port-Channel subinterfaces.
- mode:
+ mode:
# Port-Channel member interfaces.
# Should not be set on Port-Channel subinterfaces.
@@ -289,7 +288,7 @@
static_routes: # >=1 items
# IPv4_network/Mask.
- - prefix:
+ - prefix:
# QOS service profile.
qos_profile:
@@ -319,10 +318,10 @@
# Examples: '1-3' or '100,200,300'
tunnel_interface_numbers:
- # EOS CLI rendered directly on the interface in the final EOS configuration.
+ # EOS CLI rendered directly on the Port-Channel interface in the final EOS configuration.
raw_eos_cli:
- # Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_interfaces` setting.
+ # Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_port_channels` setting.
flow_tracking:
enabled:
@@ -346,7 +345,6 @@
- name:
# L3 Port-Channel interfaces to configure on the node.
- # Used to define the node for WAN interfaces when `wan_carrier` is set.
l3_port_channels:
# Port-Channel interface name like 'Port-Channel2' or subinterface name like 'Port-Channel2.42'.
@@ -359,7 +357,7 @@
# Port-Channel mode.
# Should not be set on Port-Channel subinterfaces.
- mode:
+ mode:
# Port-Channel member interfaces.
# Should not be set on Port-Channel subinterfaces.
@@ -450,7 +448,7 @@
static_routes: # >=1 items
# IPv4_network/Mask.
- - prefix:
+ - prefix:
# QOS service profile.
qos_profile:
@@ -480,10 +478,10 @@
# Examples: '1-3' or '100,200,300'
tunnel_interface_numbers:
- # EOS CLI rendered directly on the interface in the final EOS configuration.
+ # EOS CLI rendered directly on the Port-Channel interface in the final EOS configuration.
raw_eos_cli:
- # Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_interfaces` setting.
+ # Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_port_channels` setting.
flow_tracking:
enabled:
@@ -494,7 +492,6 @@
structured_config:
# L3 Port-Channel interfaces to configure on the node.
- # Used to define the node for WAN interfaces when `wan_carrier` is set.
l3_port_channels:
# Port-Channel interface name like 'Port-Channel2' or subinterface name like 'Port-Channel2.42'.
@@ -507,7 +504,7 @@
# Port-Channel mode.
# Should not be set on Port-Channel subinterfaces.
- mode:
+ mode:
# Port-Channel member interfaces.
# Should not be set on Port-Channel subinterfaces.
@@ -598,7 +595,7 @@
static_routes: # >=1 items
# IPv4_network/Mask.
- - prefix:
+ - prefix:
# QOS service profile.
qos_profile:
@@ -628,10 +625,10 @@
# Examples: '1-3' or '100,200,300'
tunnel_interface_numbers:
- # EOS CLI rendered directly on the interface in the final EOS configuration.
+ # EOS CLI rendered directly on the Port-Channel interface in the final EOS configuration.
raw_eos_cli:
- # Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_interfaces` setting.
+ # Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_port_channels` setting.
flow_tracking:
enabled:
@@ -648,7 +645,6 @@
- name:
# L3 Port-Channel interfaces to configure on the node.
- # Used to define the node for WAN interfaces when `wan_carrier` is set.
l3_port_channels:
# Port-Channel interface name like 'Port-Channel2' or subinterface name like 'Port-Channel2.42'.
@@ -661,7 +657,7 @@
# Port-Channel mode.
# Should not be set on Port-Channel subinterfaces.
- mode:
+ mode:
# Port-Channel member interfaces.
# Should not be set on Port-Channel subinterfaces.
@@ -752,7 +748,7 @@
static_routes: # >=1 items
# IPv4_network/Mask.
- - prefix:
+ - prefix:
# QOS service profile.
qos_profile:
@@ -782,10 +778,10 @@
# Examples: '1-3' or '100,200,300'
tunnel_interface_numbers:
- # EOS CLI rendered directly on the interface in the final EOS configuration.
+ # EOS CLI rendered directly on the Port-Channel interface in the final EOS configuration.
raw_eos_cli:
- # Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_interfaces` setting.
+ # Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_port_channels` setting.
flow_tracking:
enabled:
diff --git a/python-avd/pyavd/_eos_designs/schema/__init__.py b/python-avd/pyavd/_eos_designs/schema/__init__.py
index afa5548636b..c70c5a4f8e7 100644
--- a/python-avd/pyavd/_eos_designs/schema/__init__.py
+++ b/python-avd/pyavd/_eos_designs/schema/__init__.py
@@ -3400,6 +3400,46 @@ def __init__(
L3Interfaces.
+ Subclass of AvdModel.
+
+ Args:
+ enabled: enabled
+ name: Flow tracker name as defined in flow_tracking_settings.
+ _custom_data: _custom_data
+
+ """
+
+ class L3PortChannels(AvdModel):
+ """Subclass of AvdModel."""
+
+ _fields: ClassVar[dict] = {
+ "enabled": {"type": bool, "default": False},
+ "name": {"type": str, "default": "FLOW-TRACKER"},
+ "_custom_data": {"type": dict},
+ }
+ enabled: bool
+ """Default value: `False`"""
+ name: str
+ """
+ Flow tracker name as defined in flow_tracking_settings.
+
+ Default value: `"FLOW-TRACKER"`
+ """
+ _custom_data: dict[str, Any]
+
+ if TYPE_CHECKING:
+
+ def __init__(
+ self,
+ *,
+ enabled: bool | UndefinedType = Undefined,
+ name: str | UndefinedType = Undefined,
+ _custom_data: dict[str, Any] | UndefinedType = Undefined,
+ ) -> None:
+ """
+ L3PortChannels.
+
+
Subclass of AvdModel.
Args:
@@ -3497,6 +3537,7 @@ def __init__(
"core_interfaces": {"type": CoreInterfaces},
"mlag_interfaces": {"type": MlagInterfaces},
"l3_interfaces": {"type": L3Interfaces},
+ "l3_port_channels": {"type": L3PortChannels},
"dps_interfaces": {"type": DpsInterfaces},
"direct_wan_ha_links": {"type": DirectWanHaLinks},
"_custom_data": {"type": dict},
@@ -3540,6 +3581,12 @@ def __init__(
l3_interfaces: L3Interfaces
"""
Enable flow-tracking on all node.l3_interfaces and network-services tenants.vrfs.l3_interfaces.
+ Subclass of AvdModel.
+ """
+ l3_port_channels: L3PortChannels
+ """
+ Enable flow-tracking on all node.l3_port_channels.
+
Subclass of AvdModel.
"""
dps_interfaces: DpsInterfaces
@@ -3568,6 +3615,7 @@ def __init__(
core_interfaces: CoreInterfaces | UndefinedType = Undefined,
mlag_interfaces: MlagInterfaces | UndefinedType = Undefined,
l3_interfaces: L3Interfaces | UndefinedType = Undefined,
+ l3_port_channels: L3PortChannels | UndefinedType = Undefined,
dps_interfaces: DpsInterfaces | UndefinedType = Undefined,
direct_wan_ha_links: DirectWanHaLinks | UndefinedType = Undefined,
_custom_data: dict[str, Any] | UndefinedType = Undefined,
@@ -3605,6 +3653,10 @@ def __init__(
Subclass of AvdModel.
l3_interfaces:
Enable flow-tracking on all node.l3_interfaces and network-services tenants.vrfs.l3_interfaces.
+ Subclass of AvdModel.
+ l3_port_channels:
+ Enable flow-tracking on all node.l3_port_channels.
+
Subclass of AvdModel.
dps_interfaces:
Enable flow-tracking on all dps_interfaces.
@@ -21191,6 +21243,627 @@ class L3Interfaces(AvdIndexedList[str, L3InterfacesItem]):
L3Interfaces._item_type = L3InterfacesItem
+ class L3PortChannelsItem(AvdModel):
+ """Subclass of AvdModel."""
+
+ class MemberInterfacesItem(AvdModel):
+ """Subclass of AvdModel."""
+
+ _fields: ClassVar[dict] = {
+ "name": {"type": str},
+ "description": {"type": str},
+ "peer": {"type": str},
+ "peer_interface": {"type": str},
+ "speed": {"type": str},
+ "_custom_data": {"type": dict},
+ }
+ name: str
+ """
+ Ethernet interface name like 'Ethernet2'.
+ Member interface cannot be subinterface.
+ """
+ description: str | None
+ """
+ Interface description for this member.
+ If not set a default description will be configured with
+ '[[ ]]'.
+ """
+ peer: str | None
+ """
+ The peer device name. Used for description and documentation.
+ If not set, this inherits the peer
+ setting on the port-channel interface.
+ """
+ peer_interface: str | None
+ """The peer device interface. Used for description and documentation."""
+ speed: str | None
+ """
+ Speed should be set in the format `` or `forced ` or `auto
+ `.
+ """
+ _custom_data: dict[str, Any]
+
+ if TYPE_CHECKING:
+
+ def __init__(
+ self,
+ *,
+ name: str | UndefinedType = Undefined,
+ description: str | None | UndefinedType = Undefined,
+ peer: str | None | UndefinedType = Undefined,
+ peer_interface: str | None | UndefinedType = Undefined,
+ speed: str | None | UndefinedType = Undefined,
+ _custom_data: dict[str, Any] | UndefinedType = Undefined,
+ ) -> None:
+ """
+ MemberInterfacesItem.
+
+
+ Subclass of AvdModel.
+
+ Args:
+ name:
+ Ethernet interface name like 'Ethernet2'.
+ Member interface cannot be subinterface.
+ description:
+ Interface description for this member.
+ If not set a default description will be configured with
+ '[[ ]]'.
+ peer:
+ The peer device name. Used for description and documentation.
+ If not set, this inherits the peer
+ setting on the port-channel interface.
+ peer_interface: The peer device interface. Used for description and documentation.
+ speed:
+ Speed should be set in the format `` or `forced ` or `auto
+ `.
+ _custom_data: _custom_data
+
+ """
+
+ class MemberInterfaces(AvdIndexedList[str, MemberInterfacesItem]):
+ """Subclass of AvdIndexedList with `MemberInterfacesItem` items. Primary key is `name` (`str`)."""
+
+ _primary_key: ClassVar[str] = "name"
+
+ MemberInterfaces._item_type = MemberInterfacesItem
+
+ class Bgp(AvdModel):
+ """Subclass of AvdModel."""
+
+ _fields: ClassVar[dict] = {
+ "peer_as": {"type": str},
+ "ipv4_prefix_list_in": {"type": str},
+ "ipv4_prefix_list_out": {"type": str},
+ "_custom_data": {"type": dict},
+ }
+ peer_as: str
+ """
+ BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
+ For asdot notation in
+ YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float
+ number.
+ """
+ ipv4_prefix_list_in: str | None
+ """
+ Prefix List Name. Accept routes for only these prefixes from the peer.
+ Required for wan interfaces.
+ """
+ ipv4_prefix_list_out: str | None
+ """
+ Prefix List Name. Advertise routes for only these prefixes.
+ If not specified, nothing would be
+ advertised.
+ """
+ _custom_data: dict[str, Any]
+
+ if TYPE_CHECKING:
+
+ def __init__(
+ self,
+ *,
+ peer_as: str | UndefinedType = Undefined,
+ ipv4_prefix_list_in: str | None | UndefinedType = Undefined,
+ ipv4_prefix_list_out: str | None | UndefinedType = Undefined,
+ _custom_data: dict[str, Any] | UndefinedType = Undefined,
+ ) -> None:
+ """
+ Bgp.
+
+
+ Subclass of AvdModel.
+
+ Args:
+ peer_as:
+ BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
+ For asdot notation in
+ YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float
+ number.
+ ipv4_prefix_list_in:
+ Prefix List Name. Accept routes for only these prefixes from the peer.
+ Required for wan interfaces.
+ ipv4_prefix_list_out:
+ Prefix List Name. Advertise routes for only these prefixes.
+ If not specified, nothing would be
+ advertised.
+ _custom_data: _custom_data
+
+ """
+
+ class StaticRoutesItem(AvdModel):
+ """Subclass of AvdModel."""
+
+ _fields: ClassVar[dict] = {"prefix": {"type": str}, "_custom_data": {"type": dict}}
+ prefix: str
+ """IPv4_network/Mask."""
+ _custom_data: dict[str, Any]
+
+ if TYPE_CHECKING:
+
+ def __init__(
+ self, *, prefix: str | UndefinedType = Undefined, _custom_data: dict[str, Any] | UndefinedType = Undefined
+ ) -> None:
+ """
+ StaticRoutesItem.
+
+
+ Subclass of AvdModel.
+
+ Args:
+ prefix: IPv4_network/Mask.
+ _custom_data: _custom_data
+
+ """
+
+ class StaticRoutes(AvdIndexedList[str, StaticRoutesItem]):
+ """Subclass of AvdIndexedList with `StaticRoutesItem` items. Primary key is `prefix` (`str`)."""
+
+ _primary_key: ClassVar[str] = "prefix"
+
+ StaticRoutes._item_type = StaticRoutesItem
+
+ class CvPathfinderInternetExit(AvdModel):
+ """Subclass of AvdModel."""
+
+ class PoliciesItem(AvdModel):
+ """Subclass of AvdModel."""
+
+ _fields: ClassVar[dict] = {"name": {"type": str}, "tunnel_interface_numbers": {"type": str}, "_custom_data": {"type": dict}}
+ name: str
+ """Internet-exit policy name."""
+ tunnel_interface_numbers: str | None
+ """
+ Number range to use for Tunnel interfaces to an internet-exit service provider using this local
+ interface.
+ Examples: '1-3' or '100,200,300'
+ """
+ _custom_data: dict[str, Any]
+
+ if TYPE_CHECKING:
+
+ def __init__(
+ self,
+ *,
+ name: str | UndefinedType = Undefined,
+ tunnel_interface_numbers: str | None | UndefinedType = Undefined,
+ _custom_data: dict[str, Any] | UndefinedType = Undefined,
+ ) -> None:
+ """
+ PoliciesItem.
+
+
+ Subclass of AvdModel.
+
+ Args:
+ name: Internet-exit policy name.
+ tunnel_interface_numbers:
+ Number range to use for Tunnel interfaces to an internet-exit service provider using this local
+ interface.
+ Examples: '1-3' or '100,200,300'
+ _custom_data: _custom_data
+
+ """
+
+ class Policies(AvdIndexedList[str, PoliciesItem]):
+ """Subclass of AvdIndexedList with `PoliciesItem` items. Primary key is `name` (`str`)."""
+
+ _primary_key: ClassVar[str] = "name"
+
+ Policies._item_type = PoliciesItem
+
+ _fields: ClassVar[dict] = {"policies": {"type": Policies}, "_custom_data": {"type": dict}}
+ policies: Policies
+ """
+ List of Internet-exit policies using this interface as exit.
+
+ Subclass of AvdIndexedList with
+ `PoliciesItem` items. Primary key is `name` (`str`).
+ """
+ _custom_data: dict[str, Any]
+
+ if TYPE_CHECKING:
+
+ def __init__(
+ self, *, policies: Policies | UndefinedType = Undefined, _custom_data: dict[str, Any] | UndefinedType = Undefined
+ ) -> None:
+ """
+ CvPathfinderInternetExit.
+
+
+ Subclass of AvdModel.
+
+ Args:
+ policies:
+ List of Internet-exit policies using this interface as exit.
+
+ Subclass of AvdIndexedList with
+ `PoliciesItem` items. Primary key is `name` (`str`).
+ _custom_data: _custom_data
+
+ """
+
+ class FlowTracking(AvdModel):
+ """Subclass of AvdModel."""
+
+ _fields: ClassVar[dict] = {"enabled": {"type": bool}, "name": {"type": str}, "_custom_data": {"type": dict}}
+ enabled: bool | None
+ name: str | None
+ """Flow tracker name as defined in flow_tracking_settings."""
+ _custom_data: dict[str, Any]
+
+ if TYPE_CHECKING:
+
+ def __init__(
+ self,
+ *,
+ enabled: bool | None | UndefinedType = Undefined,
+ name: str | None | UndefinedType = Undefined,
+ _custom_data: dict[str, Any] | UndefinedType = Undefined,
+ ) -> None:
+ """
+ FlowTracking.
+
+
+ Subclass of AvdModel.
+
+ Args:
+ enabled: enabled
+ name: Flow tracker name as defined in flow_tracking_settings.
+ _custom_data: _custom_data
+
+ """
+
+ class StructuredConfig(EosCliConfigGen.PortChannelInterfacesItem):
+ """Subclass of AvdModel."""
+
+ _fields: ClassVar[dict] = {
+ "name": {"type": str},
+ "description": {"type": str},
+ "mode": {"type": str, "default": "active"},
+ "member_interfaces": {"type": MemberInterfaces},
+ "ip_address": {"type": str},
+ "dhcp_ip": {"type": str},
+ "public_ip": {"type": str},
+ "encapsulation_dot1q_vlan": {"type": int},
+ "dhcp_accept_default_route": {"type": bool, "default": True},
+ "enabled": {"type": bool, "default": True},
+ "peer": {"type": str},
+ "peer_port_channel": {"type": str},
+ "peer_ip": {"type": str},
+ "bgp": {"type": Bgp},
+ "ipv4_acl_in": {"type": str},
+ "ipv4_acl_out": {"type": str},
+ "static_routes": {"type": StaticRoutes},
+ "qos_profile": {"type": str},
+ "wan_carrier": {"type": str},
+ "wan_circuit_id": {"type": str},
+ "connected_to_pathfinder": {"type": bool, "default": True},
+ "cv_pathfinder_internet_exit": {"type": CvPathfinderInternetExit},
+ "raw_eos_cli": {"type": str},
+ "flow_tracking": {"type": FlowTracking},
+ "structured_config": {"type": StructuredConfig},
+ "_custom_data": {"type": dict},
+ }
+ name: str
+ """
+ Port-Channel interface name like 'Port-Channel2' or subinterface name like 'Port-Channel2.42'.
+ For a
+ Port-Channel subinterface, the parent Port-Channel interface must be defined as well.
+ """
+ description: str | None
+ """
+ Interface description.
+ If not set a default description will be configured with '[[
+ ]]'.
+ """
+ mode: Literal["active", "passive", "on"]
+ """
+ Port-Channel mode.
+ Should not be set on Port-Channel subinterfaces.
+
+ Default value: `"active"`
+ """
+ member_interfaces: MemberInterfaces
+ """
+ Port-Channel member interfaces.
+ Should not be set on Port-Channel subinterfaces.
+
+ Subclass of
+ AvdIndexedList with `MemberInterfacesItem` items. Primary key is `name` (`str`).
+ """
+ ip_address: str | None
+ """Node IPv4 address/Mask or 'dhcp'."""
+ dhcp_ip: str | None
+ """
+ When the `ip_address` is `dhcp`, this optional field allows to indicate the expected
+ IPv4 address
+ (without mask) to be allocated on the interface if known.
+ This is not rendered in the configuration
+ but can be used for substitution of 'interface_ip' in the Access-list
+ set under `ipv4_acl_in` and
+ `ipv4_acl_out`.
+ """
+ public_ip: str | None
+ """
+ Node IPv4 address (no mask).
+
+ This is used to get the public IP (if known) when the device is behind
+ NAT.
+ This is only used for `wan_rr` routers (AutoVPN RRs and Pathfinders) to determine the Public IP
+ with the following preference:
+ `wan_route_servers.path_groups.interfaces.ip_address`
+ ->
+ `l3_port_channels.public_ip`
+ -> `l3_port_channels.ip_address`
+
+ The determined Public IP is
+ used by WAN routers when peering with this interface.
+ """
+ encapsulation_dot1q_vlan: int | None
+ """
+ For subinterfaces the dot1q vlan is derived from the interface name by default, but can also be
+ specified.
+ """
+ dhcp_accept_default_route: bool
+ """
+ Accept a default route from DHCP if `ip_address` is set to `dhcp`.
+
+ Default value: `True`
+ """
+ enabled: bool
+ """
+ Enable or Shutdown the interface.
+
+ Default value: `True`
+ """
+ peer: str | None
+ """The peer device name. Used for description and documentation."""
+ peer_port_channel: str | None
+ """The peer device port-channel interface. Used for description and documentation."""
+ peer_ip: str | None
+ """
+ The peer device IPv4 address (no mask). Used as default route gateway if `set_default_route` is true
+ and `ip` is an IP address.
+ """
+ bgp: Bgp
+ """
+ Enforce IPv4 BGP peering for the peer
+
+ Subclass of AvdModel.
+ """
+ ipv4_acl_in: str | None
+ """
+ Name of the IPv4 access-list to be assigned in the ingress direction.
+ The access-list must be
+ defined under `ipv4_acls` and supports field substitution for "interface_ip" and "peer_ip".
+ Required
+ for all WAN interfaces (`wan_carrier` is set) unless the carrier is marked as 'trusted' under
+ `wan_carriers`.
+ """
+ ipv4_acl_out: str | None
+ """
+ Name of the IPv4 Access-list to be assigned in the egress direction.
+ The access-list must be defined
+ under `ipv4_acls` and supports field substitution for "interface_ip" and "peer_ip".
+ """
+ static_routes: StaticRoutes
+ """
+ Configure IPv4 static routes pointing to `peer_ip`.
+
+ Subclass of AvdIndexedList with
+ `StaticRoutesItem` items. Primary key is `prefix` (`str`).
+ """
+ qos_profile: str | None
+ """QOS service profile."""
+ wan_carrier: str | None
+ """
+ The WAN carrier this interface is connected to.
+ This is used to infer the path-groups in which this
+ interface should be configured.
+ Unless the carrier is marked as 'trusted' under `wan_carriers`,
+ `ipv4_acl_in` is also required on all WAN interfaces.
+ """
+ wan_circuit_id: str | None
+ """
+ The WAN circuit ID for this interface.
+ This is not rendered in the configuration but used for WAN
+ designs.
+ """
+ connected_to_pathfinder: bool
+ """
+ For a WAN interface (`wan_carrier` is set), allow to disable the static tunnel towards Pathfinders.
+
+ Default value: `True`
+ """
+ cv_pathfinder_internet_exit: CvPathfinderInternetExit
+ """
+ PREVIEW: This key is in preview mode
+
+ Subclass of AvdModel.
+ """
+ raw_eos_cli: str | None
+ """EOS CLI rendered directly on the Port-Channel interface in the final EOS configuration."""
+ flow_tracking: FlowTracking
+ """
+ Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_port_channels`
+ setting.
+
+ Subclass of AvdModel.
+ """
+ structured_config: StructuredConfig
+ """
+ Custom structured config for the Port-Channel interface.
+
+ Subclass of AvdModel.
+ """
+ _custom_data: dict[str, Any]
+
+ if TYPE_CHECKING:
+
+ def __init__(
+ self,
+ *,
+ name: str | UndefinedType = Undefined,
+ description: str | None | UndefinedType = Undefined,
+ mode: Literal["active", "passive", "on"] | UndefinedType = Undefined,
+ member_interfaces: MemberInterfaces | UndefinedType = Undefined,
+ ip_address: str | None | UndefinedType = Undefined,
+ dhcp_ip: str | None | UndefinedType = Undefined,
+ public_ip: str | None | UndefinedType = Undefined,
+ encapsulation_dot1q_vlan: int | None | UndefinedType = Undefined,
+ dhcp_accept_default_route: bool | UndefinedType = Undefined,
+ enabled: bool | UndefinedType = Undefined,
+ peer: str | None | UndefinedType = Undefined,
+ peer_port_channel: str | None | UndefinedType = Undefined,
+ peer_ip: str | None | UndefinedType = Undefined,
+ bgp: Bgp | UndefinedType = Undefined,
+ ipv4_acl_in: str | None | UndefinedType = Undefined,
+ ipv4_acl_out: str | None | UndefinedType = Undefined,
+ static_routes: StaticRoutes | UndefinedType = Undefined,
+ qos_profile: str | None | UndefinedType = Undefined,
+ wan_carrier: str | None | UndefinedType = Undefined,
+ wan_circuit_id: str | None | UndefinedType = Undefined,
+ connected_to_pathfinder: bool | UndefinedType = Undefined,
+ cv_pathfinder_internet_exit: CvPathfinderInternetExit | UndefinedType = Undefined,
+ raw_eos_cli: str | None | UndefinedType = Undefined,
+ flow_tracking: FlowTracking | UndefinedType = Undefined,
+ structured_config: StructuredConfig | UndefinedType = Undefined,
+ _custom_data: dict[str, Any] | UndefinedType = Undefined,
+ ) -> None:
+ """
+ L3PortChannelsItem.
+
+
+ Subclass of AvdModel.
+
+ Args:
+ name:
+ Port-Channel interface name like 'Port-Channel2' or subinterface name like 'Port-Channel2.42'.
+ For a
+ Port-Channel subinterface, the parent Port-Channel interface must be defined as well.
+ description:
+ Interface description.
+ If not set a default description will be configured with '[[
+ ]]'.
+ mode:
+ Port-Channel mode.
+ Should not be set on Port-Channel subinterfaces.
+ member_interfaces:
+ Port-Channel member interfaces.
+ Should not be set on Port-Channel subinterfaces.
+
+ Subclass of
+ AvdIndexedList with `MemberInterfacesItem` items. Primary key is `name` (`str`).
+ ip_address: Node IPv4 address/Mask or 'dhcp'.
+ dhcp_ip:
+ When the `ip_address` is `dhcp`, this optional field allows to indicate the expected
+ IPv4 address
+ (without mask) to be allocated on the interface if known.
+ This is not rendered in the configuration
+ but can be used for substitution of 'interface_ip' in the Access-list
+ set under `ipv4_acl_in` and
+ `ipv4_acl_out`.
+ public_ip:
+ Node IPv4 address (no mask).
+
+ This is used to get the public IP (if known) when the device is behind
+ NAT.
+ This is only used for `wan_rr` routers (AutoVPN RRs and Pathfinders) to determine the Public IP
+ with the following preference:
+ `wan_route_servers.path_groups.interfaces.ip_address`
+ ->
+ `l3_port_channels.public_ip`
+ -> `l3_port_channels.ip_address`
+
+ The determined Public IP is
+ used by WAN routers when peering with this interface.
+ encapsulation_dot1q_vlan:
+ For subinterfaces the dot1q vlan is derived from the interface name by default, but can also be
+ specified.
+ dhcp_accept_default_route: Accept a default route from DHCP if `ip_address` is set to `dhcp`.
+ enabled: Enable or Shutdown the interface.
+ peer: The peer device name. Used for description and documentation.
+ peer_port_channel: The peer device port-channel interface. Used for description and documentation.
+ peer_ip:
+ The peer device IPv4 address (no mask). Used as default route gateway if `set_default_route` is true
+ and `ip` is an IP address.
+ bgp:
+ Enforce IPv4 BGP peering for the peer
+
+ Subclass of AvdModel.
+ ipv4_acl_in:
+ Name of the IPv4 access-list to be assigned in the ingress direction.
+ The access-list must be
+ defined under `ipv4_acls` and supports field substitution for "interface_ip" and "peer_ip".
+ Required
+ for all WAN interfaces (`wan_carrier` is set) unless the carrier is marked as 'trusted' under
+ `wan_carriers`.
+ ipv4_acl_out:
+ Name of the IPv4 Access-list to be assigned in the egress direction.
+ The access-list must be defined
+ under `ipv4_acls` and supports field substitution for "interface_ip" and "peer_ip".
+ static_routes:
+ Configure IPv4 static routes pointing to `peer_ip`.
+
+ Subclass of AvdIndexedList with
+ `StaticRoutesItem` items. Primary key is `prefix` (`str`).
+ qos_profile: QOS service profile.
+ wan_carrier:
+ The WAN carrier this interface is connected to.
+ This is used to infer the path-groups in which this
+ interface should be configured.
+ Unless the carrier is marked as 'trusted' under `wan_carriers`,
+ `ipv4_acl_in` is also required on all WAN interfaces.
+ wan_circuit_id:
+ The WAN circuit ID for this interface.
+ This is not rendered in the configuration but used for WAN
+ designs.
+ connected_to_pathfinder: For a WAN interface (`wan_carrier` is set), allow to disable the static tunnel towards Pathfinders.
+ cv_pathfinder_internet_exit:
+ PREVIEW: This key is in preview mode
+
+ Subclass of AvdModel.
+ raw_eos_cli: EOS CLI rendered directly on the Port-Channel interface in the final EOS configuration.
+ flow_tracking:
+ Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_port_channels`
+ setting.
+
+ Subclass of AvdModel.
+ structured_config:
+ Custom structured config for the Port-Channel interface.
+
+ Subclass of AvdModel.
+ _custom_data: _custom_data
+
+ """
+
+ class L3PortChannels(AvdIndexedList[str, L3PortChannelsItem]):
+ """Subclass of AvdIndexedList with `L3PortChannelsItem` items. Primary key is `name` (`str`)."""
+
+ _primary_key: ClassVar[str] = "name"
+
+ L3PortChannels._item_type = L3PortChannelsItem
+
_fields: ClassVar[dict] = {
"id": {"type": int},
"platform": {"type": str},
@@ -21295,6 +21968,7 @@ class L3Interfaces(AvdIndexedList[str, L3InterfacesItem]):
"wan_ha": {"type": WanHa},
"dps_mss_ipv4": {"type": str, "default": "auto"},
"l3_interfaces": {"type": L3Interfaces},
+ "l3_port_channels": {"type": L3PortChannels},
"data_plane_cpu_allocation_max": {"type": int},
"flow_tracker_type": {"type": str},
"_custom_data": {"type": dict},
@@ -22051,11 +22725,16 @@ class L3Interfaces(AvdIndexedList[str, L3InterfacesItem]):
l3_interfaces: L3Interfaces
"""
L3 Interfaces to configure on the node.
- Used to define the node for WAN interfaces when
- `wan_carrier` is set.
- Subclass of AvdIndexedList with `L3InterfacesItem` items. Primary key is
- `name` (`str`).
+ Subclass of AvdIndexedList with `L3InterfacesItem` items.
+ Primary key is `name` (`str`).
+ """
+ l3_port_channels: L3PortChannels
+ """
+ L3 Port-Channel interfaces to configure on the node.
+
+ Subclass of AvdIndexedList with
+ `L3PortChannelsItem` items. Primary key is `name` (`str`).
"""
data_plane_cpu_allocation_max: int | None
"""
@@ -22180,6 +22859,7 @@ def __init__(
wan_ha: WanHa | UndefinedType = Undefined,
dps_mss_ipv4: str | UndefinedType = Undefined,
l3_interfaces: L3Interfaces | UndefinedType = Undefined,
+ l3_port_channels: L3PortChannels | UndefinedType = Undefined,
data_plane_cpu_allocation_max: int | None | UndefinedType = Undefined,
flow_tracker_type: Literal["sampled", "hardware"] | None | UndefinedType = Undefined,
_custom_data: dict[str, Any] | UndefinedType = Undefined,
@@ -22715,11 +23395,14 @@ def __init__(
dps_mss_ipv4: IPv4 MSS value configured under "router path-selection" on WAN Devices.
l3_interfaces:
L3 Interfaces to configure on the node.
- Used to define the node for WAN interfaces when
- `wan_carrier` is set.
- Subclass of AvdIndexedList with `L3InterfacesItem` items. Primary key is
- `name` (`str`).
+ Subclass of AvdIndexedList with `L3InterfacesItem` items.
+ Primary key is `name` (`str`).
+ l3_port_channels:
+ L3 Port-Channel interfaces to configure on the node.
+
+ Subclass of AvdIndexedList with
+ `L3PortChannelsItem` items. Primary key is `name` (`str`).
data_plane_cpu_allocation_max:
Set the maximum number of CPU used for the data plane.
This setting is useful on virtual Route
@@ -24021,70 +24704,510 @@ def __init__(
"""
_fields: ClassVar[dict] = {
- "enabled": {"type": bool},
- "ipsec": {"type": bool, "default": True},
- "mtu": {"type": int, "default": 9194},
- "ha_interfaces": {"type": HaInterfaces},
- "ha_ipv4_pool": {"type": str},
- "max_ha_interfaces": {"type": int},
- "port_channel_id": {"type": int},
- "use_port_channel_for_direct_ha": {"type": bool, "default": True},
+ "enabled": {"type": bool},
+ "ipsec": {"type": bool, "default": True},
+ "mtu": {"type": int, "default": 9194},
+ "ha_interfaces": {"type": HaInterfaces},
+ "ha_ipv4_pool": {"type": str},
+ "max_ha_interfaces": {"type": int},
+ "port_channel_id": {"type": int},
+ "use_port_channel_for_direct_ha": {"type": bool, "default": True},
+ "flow_tracking": {"type": FlowTracking},
+ "_custom_data": {"type": dict},
+ }
+ enabled: bool | None
+ """Enable / Disable auto CV-Pathfinder HA, when two nodes are defined in the same node_group."""
+ ipsec: bool
+ """
+ Enable / Disable IPsec over HA path-group when HA is enabled.
+
+ Default value: `True`
+ """
+ mtu: int
+ """
+ Set MTU on WAN HA interfaces.
+
+ Default value: `9194`
+ """
+ ha_interfaces: HaInterfaces
+ """
+ Local WAN HA interfaces
+ Overwrite the default behavior which is to pick all the `uplink_interfaces`.
+ Can be used to filter uplink interfaces when there are multiple uplinks.
+ Limitations:
+ Either all
+ interfaces must be uplinks or all interfaces must not be uplinks.
+ Only one interface is supported
+ for non uplinks.
+
+ Subclass of AvdList with `str` items.
+ """
+ ha_ipv4_pool: str | None
+ """
+ IP address pool used for WAN HA connectivity.
+ IP is derived from the node ID.
+ Not used for uplink
+ interfaces.
+ """
+ max_ha_interfaces: int | None
+ """
+ Number of parallel links towards HA switches.
+ Can be used to reserve IP addresses for future
+ parallel HA links.
+ """
+ port_channel_id: int | None
+ """Port-channel ID to use for direct HA."""
+ use_port_channel_for_direct_ha: bool
+ """
+ Enable or disable using a port-channel interface for direct HA when there is only one interface.
+ This feature was introduced in EOS 4.33.0F.
+
+ Default value: `True`
+ """
+ flow_tracking: FlowTracking
+ """
+ Configures flow-tracking on the HA interfaces. Overrides `fabric_flow_tracking.wan_ha_links`
+ setting.
+
+ Subclass of AvdModel.
+ """
+ _custom_data: dict[str, Any]
+
+ if TYPE_CHECKING:
+
+ def __init__(
+ self,
+ *,
+ enabled: bool | None | UndefinedType = Undefined,
+ ipsec: bool | UndefinedType = Undefined,
+ mtu: int | UndefinedType = Undefined,
+ ha_interfaces: HaInterfaces | UndefinedType = Undefined,
+ ha_ipv4_pool: str | None | UndefinedType = Undefined,
+ max_ha_interfaces: int | None | UndefinedType = Undefined,
+ port_channel_id: int | None | UndefinedType = Undefined,
+ use_port_channel_for_direct_ha: bool | UndefinedType = Undefined,
+ flow_tracking: FlowTracking | UndefinedType = Undefined,
+ _custom_data: dict[str, Any] | UndefinedType = Undefined,
+ ) -> None:
+ """
+ WanHa.
+
+
+ Subclass of AvdModel.
+
+ Args:
+ enabled: Enable / Disable auto CV-Pathfinder HA, when two nodes are defined in the same node_group.
+ ipsec: Enable / Disable IPsec over HA path-group when HA is enabled.
+ mtu: Set MTU on WAN HA interfaces.
+ ha_interfaces:
+ Local WAN HA interfaces
+ Overwrite the default behavior which is to pick all the `uplink_interfaces`.
+ Can be used to filter uplink interfaces when there are multiple uplinks.
+ Limitations:
+ Either all
+ interfaces must be uplinks or all interfaces must not be uplinks.
+ Only one interface is supported
+ for non uplinks.
+
+ Subclass of AvdList with `str` items.
+ ha_ipv4_pool:
+ IP address pool used for WAN HA connectivity.
+ IP is derived from the node ID.
+ Not used for uplink
+ interfaces.
+ max_ha_interfaces:
+ Number of parallel links towards HA switches.
+ Can be used to reserve IP addresses for future
+ parallel HA links.
+ port_channel_id: Port-channel ID to use for direct HA.
+ use_port_channel_for_direct_ha:
+ Enable or disable using a port-channel interface for direct HA when there is only one interface.
+ This feature was introduced in EOS 4.33.0F.
+ flow_tracking:
+ Configures flow-tracking on the HA interfaces. Overrides `fabric_flow_tracking.wan_ha_links`
+ setting.
+
+ Subclass of AvdModel.
+ _custom_data: _custom_data
+
+ """
+
+ class L3InterfacesItem(AvdModel):
+ """Subclass of AvdModel."""
+
+ class Bgp(AvdModel):
+ """Subclass of AvdModel."""
+
+ _fields: ClassVar[dict] = {
+ "peer_as": {"type": str},
+ "ipv4_prefix_list_in": {"type": str},
+ "ipv4_prefix_list_out": {"type": str},
+ "_custom_data": {"type": dict},
+ }
+ peer_as: str
+ """
+ BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
+ For asdot notation in
+ YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float
+ number.
+ """
+ ipv4_prefix_list_in: str | None
+ """
+ Prefix List Name. Accept routes for only these prefixes from the peer.
+ Required for wan interfaces.
+ """
+ ipv4_prefix_list_out: str | None
+ """
+ Prefix List Name. Advertise routes for only these prefixes.
+ If not specified, nothing would be
+ advertised.
+ """
+ _custom_data: dict[str, Any]
+
+ if TYPE_CHECKING:
+
+ def __init__(
+ self,
+ *,
+ peer_as: str | UndefinedType = Undefined,
+ ipv4_prefix_list_in: str | None | UndefinedType = Undefined,
+ ipv4_prefix_list_out: str | None | UndefinedType = Undefined,
+ _custom_data: dict[str, Any] | UndefinedType = Undefined,
+ ) -> None:
+ """
+ Bgp.
+
+
+ Subclass of AvdModel.
+
+ Args:
+ peer_as:
+ BGP AS <1-4294967295> or AS number in asdot notation "<1-65535>.<0-65535>".
+ For asdot notation in
+ YAML inputs, the value must be put in quotes, to prevent it from being interpreted as a float
+ number.
+ ipv4_prefix_list_in:
+ Prefix List Name. Accept routes for only these prefixes from the peer.
+ Required for wan interfaces.
+ ipv4_prefix_list_out:
+ Prefix List Name. Advertise routes for only these prefixes.
+ If not specified, nothing would be
+ advertised.
+ _custom_data: _custom_data
+
+ """
+
+ class StaticRoutesItem(AvdModel):
+ """Subclass of AvdModel."""
+
+ _fields: ClassVar[dict] = {"prefix": {"type": str}, "_custom_data": {"type": dict}}
+ prefix: str
+ """IPv4_network/Mask."""
+ _custom_data: dict[str, Any]
+
+ if TYPE_CHECKING:
+
+ def __init__(
+ self, *, prefix: str | UndefinedType = Undefined, _custom_data: dict[str, Any] | UndefinedType = Undefined
+ ) -> None:
+ """
+ StaticRoutesItem.
+
+
+ Subclass of AvdModel.
+
+ Args:
+ prefix: IPv4_network/Mask.
+ _custom_data: _custom_data
+
+ """
+
+ class StaticRoutes(AvdList[StaticRoutesItem]):
+ """Subclass of AvdList with `StaticRoutesItem` items."""
+
+ StaticRoutes._item_type = StaticRoutesItem
+
+ class CvPathfinderInternetExit(AvdModel):
+ """Subclass of AvdModel."""
+
+ class PoliciesItem(AvdModel):
+ """Subclass of AvdModel."""
+
+ _fields: ClassVar[dict] = {"name": {"type": str}, "tunnel_interface_numbers": {"type": str}, "_custom_data": {"type": dict}}
+ name: str
+ """Internet-exit policy name."""
+ tunnel_interface_numbers: str | None
+ """
+ Number range to use for Tunnel interfaces to an internet-exit service provider using this local
+ interface.
+ Examples: '1-3' or '100,200,300'
+ """
+ _custom_data: dict[str, Any]
+
+ if TYPE_CHECKING:
+
+ def __init__(
+ self,
+ *,
+ name: str | UndefinedType = Undefined,
+ tunnel_interface_numbers: str | None | UndefinedType = Undefined,
+ _custom_data: dict[str, Any] | UndefinedType = Undefined,
+ ) -> None:
+ """
+ PoliciesItem.
+
+
+ Subclass of AvdModel.
+
+ Args:
+ name: Internet-exit policy name.
+ tunnel_interface_numbers:
+ Number range to use for Tunnel interfaces to an internet-exit service provider using this local
+ interface.
+ Examples: '1-3' or '100,200,300'
+ _custom_data: _custom_data
+
+ """
+
+ class Policies(AvdIndexedList[str, PoliciesItem]):
+ """Subclass of AvdIndexedList with `PoliciesItem` items. Primary key is `name` (`str`)."""
+
+ _primary_key: ClassVar[str] = "name"
+
+ Policies._item_type = PoliciesItem
+
+ _fields: ClassVar[dict] = {"policies": {"type": Policies}, "_custom_data": {"type": dict}}
+ policies: Policies
+ """
+ List of Internet-exit policies using this interface as exit.
+
+ Subclass of AvdIndexedList with
+ `PoliciesItem` items. Primary key is `name` (`str`).
+ """
+ _custom_data: dict[str, Any]
+
+ if TYPE_CHECKING:
+
+ def __init__(
+ self, *, policies: Policies | UndefinedType = Undefined, _custom_data: dict[str, Any] | UndefinedType = Undefined
+ ) -> None:
+ """
+ CvPathfinderInternetExit.
+
+
+ Subclass of AvdModel.
+
+ Args:
+ policies:
+ List of Internet-exit policies using this interface as exit.
+
+ Subclass of AvdIndexedList with
+ `PoliciesItem` items. Primary key is `name` (`str`).
+ _custom_data: _custom_data
+
+ """
+
+ class FlowTracking(AvdModel):
+ """Subclass of AvdModel."""
+
+ _fields: ClassVar[dict] = {"enabled": {"type": bool}, "name": {"type": str}, "_custom_data": {"type": dict}}
+ enabled: bool | None
+ name: str | None
+ """Flow tracker name as defined in flow_tracking_settings."""
+ _custom_data: dict[str, Any]
+
+ if TYPE_CHECKING:
+
+ def __init__(
+ self,
+ *,
+ enabled: bool | None | UndefinedType = Undefined,
+ name: str | None | UndefinedType = Undefined,
+ _custom_data: dict[str, Any] | UndefinedType = Undefined,
+ ) -> None:
+ """
+ FlowTracking.
+
+
+ Subclass of AvdModel.
+
+ Args:
+ enabled: enabled
+ name: Flow tracker name as defined in flow_tracking_settings.
+ _custom_data: _custom_data
+
+ """
+
+ class StructuredConfig(EosCliConfigGen.EthernetInterfacesItem):
+ """Subclass of AvdModel."""
+
+ _fields: ClassVar[dict] = {
+ "profile": {"type": str},
+ "name": {"type": str},
+ "description": {"type": str},
+ "ip_address": {"type": str},
+ "dhcp_ip": {"type": str},
+ "public_ip": {"type": str},
+ "encapsulation_dot1q_vlan": {"type": int},
+ "dhcp_accept_default_route": {"type": bool, "default": True},
+ "enabled": {"type": bool, "default": True},
+ "speed": {"type": str},
+ "peer": {"type": str},
+ "peer_interface": {"type": str},
+ "peer_ip": {"type": str},
+ "bgp": {"type": Bgp},
+ "ipv4_acl_in": {"type": str},
+ "ipv4_acl_out": {"type": str},
+ "static_routes": {"type": StaticRoutes},
+ "qos_profile": {"type": str},
+ "wan_carrier": {"type": str},
+ "wan_circuit_id": {"type": str},
+ "connected_to_pathfinder": {"type": bool, "default": True},
+ "cv_pathfinder_internet_exit": {"type": CvPathfinderInternetExit},
+ "raw_eos_cli": {"type": str},
"flow_tracking": {"type": FlowTracking},
+ "structured_config": {"type": StructuredConfig},
"_custom_data": {"type": dict},
}
- enabled: bool | None
- """Enable / Disable auto CV-Pathfinder HA, when two nodes are defined in the same node_group."""
- ipsec: bool
+ profile: str | None
+ """L3 interface profile name. Profile defined under `l3_interface_profiles`."""
+ name: str
"""
- Enable / Disable IPsec over HA path-group when HA is enabled.
+ Ethernet interface name like 'Ethernet2' or subinterface name like 'Ethernet2.42'.
+ For a
+ subinterface, the parent physical interface is automatically created.
+ """
+ description: str | None
+ """
+ Interface description.
+ If not set a default description will be configured with '[[
+ ]]'.
+ """
+ ip_address: str | None
+ """Node IPv4 address/Mask or 'dhcp'."""
+ dhcp_ip: str | None
+ """
+ When the `ip_address` is `dhcp`, this optional field allows to indicate the expected
+ IPv4 address
+ (without mask) to be allocated on the interface if known.
+ This is not rendered in the configuration
+ but can be used for substitution of 'interface_ip' in the Access-list
+ set under `ipv4_acl_in` and
+ `ipv4_acl_out`.
+ """
+ public_ip: str | None
+ """
+ Node IPv4 address (no mask).
+
+ This is used to get the public IP (if known) when the device is behind
+ NAT.
+ This is only used for `wan_rr` routers (AutoVPN RRs and Pathfinders) to determine the Public IP
+ with the following preference:
+ `wan_route_servers.path_groups.interfaces.ip_address`
+ ->
+ `l3_interfaces.public_ip`
+ -> `l3_interfaces.ip_address`
+
+ The determined Public IP is used
+ by WAN routers when peering with this interface.
+ """
+ encapsulation_dot1q_vlan: int | None
+ """
+ For subinterfaces the dot1q vlan is derived from the interface name by default, but can also be
+ specified.
+ """
+ dhcp_accept_default_route: bool
+ """
+ Accept a default route from DHCP if `ip_address` is set to `dhcp`.
Default value: `True`
"""
- mtu: int
+ enabled: bool
"""
- Set MTU on WAN HA interfaces.
+ Enable or Shutdown the interface.
- Default value: `9194`
+ Default value: `True`
"""
- ha_interfaces: HaInterfaces
+ speed: str | None
"""
- Local WAN HA interfaces
- Overwrite the default behavior which is to pick all the `uplink_interfaces`.
- Can be used to filter uplink interfaces when there are multiple uplinks.
- Limitations:
- Either all
- interfaces must be uplinks or all interfaces must not be uplinks.
- Only one interface is supported
- for non uplinks.
+ Speed should be set in the format `` or `forced ` or `auto
+ `.
+ """
+ peer: str | None
+ """The peer device name. Used for description and documentation."""
+ peer_interface: str | None
+ """The peer device interface. Used for description and documentation."""
+ peer_ip: str | None
+ """
+ The peer device IPv4 address (no mask). Used as default route gateway if `set_default_route` is true
+ and `ip` is an IP address.
+ """
+ bgp: Bgp
+ """
+ Enforce IPv4 BGP peering for the peer
- Subclass of AvdList with `str` items.
+ Subclass of AvdModel.
"""
- ha_ipv4_pool: str | None
+ ipv4_acl_in: str | None
"""
- IP address pool used for WAN HA connectivity.
- IP is derived from the node ID.
- Not used for uplink
- interfaces.
+ Name of the IPv4 access-list to be assigned in the ingress direction.
+ The access-list must be
+ defined under `ipv4_acls` and supports field substitution for "interface_ip" and "peer_ip".
+ Required
+ for all WAN interfaces (`wan_carrier` is set) unless the carrier is marked as 'trusted' under
+ `wan_carriers`.
"""
- max_ha_interfaces: int | None
+ ipv4_acl_out: str | None
"""
- Number of parallel links towards HA switches.
- Can be used to reserve IP addresses for future
- parallel HA links.
+ Name of the IPv4 Access-list to be assigned in the egress direction.
+ The access-list must be defined
+ under `ipv4_acls` and supports field substitution for "interface_ip" and "peer_ip".
"""
- port_channel_id: int | None
- """Port-channel ID to use for direct HA."""
- use_port_channel_for_direct_ha: bool
+ static_routes: StaticRoutes
"""
- Enable or disable using a port-channel interface for direct HA when there is only one interface.
- This feature was introduced in EOS 4.33.0F.
+ Configure IPv4 static routes pointing to `peer_ip`.
+
+ Subclass of AvdList with `StaticRoutesItem`
+ items.
+ """
+ qos_profile: str | None
+ """QOS service profile."""
+ wan_carrier: str | None
+ """
+ The WAN carrier this interface is connected to.
+ This is used to infer the path-groups in which this
+ interface should be configured.
+ Unless the carrier is marked as 'trusted' under `wan_carriers`,
+ `ipv4_acl_in` is also required on all WAN interfaces.
+ """
+ wan_circuit_id: str | None
+ """
+ The WAN circuit ID for this interface.
+ This is not rendered in the configuration but used for WAN
+ designs.
+ """
+ connected_to_pathfinder: bool
+ """
+ For a WAN interface (`wan_carrier` is set), allow to disable the static tunnel towards Pathfinders.
Default value: `True`
"""
+ cv_pathfinder_internet_exit: CvPathfinderInternetExit
+ """
+ PREVIEW: This key is in preview mode
+
+ Subclass of AvdModel.
+ """
+ raw_eos_cli: str | None
+ """EOS CLI rendered directly on the interface in the final EOS configuration."""
flow_tracking: FlowTracking
"""
- Configures flow-tracking on the HA interfaces. Overrides `fabric_flow_tracking.wan_ha_links`
- setting.
+ Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_interfaces` setting.
+ Subclass of AvdModel.
+ """
+ structured_config: StructuredConfig
+ """
+ Custom structured config for the Ethernet interface.
Subclass of AvdModel.
"""
@@ -24095,63 +25218,225 @@ def __init__(
def __init__(
self,
*,
- enabled: bool | None | UndefinedType = Undefined,
- ipsec: bool | UndefinedType = Undefined,
- mtu: int | UndefinedType = Undefined,
- ha_interfaces: HaInterfaces | UndefinedType = Undefined,
- ha_ipv4_pool: str | None | UndefinedType = Undefined,
- max_ha_interfaces: int | None | UndefinedType = Undefined,
- port_channel_id: int | None | UndefinedType = Undefined,
- use_port_channel_for_direct_ha: bool | UndefinedType = Undefined,
+ profile: str | None | UndefinedType = Undefined,
+ name: str | UndefinedType = Undefined,
+ description: str | None | UndefinedType = Undefined,
+ ip_address: str | None | UndefinedType = Undefined,
+ dhcp_ip: str | None | UndefinedType = Undefined,
+ public_ip: str | None | UndefinedType = Undefined,
+ encapsulation_dot1q_vlan: int | None | UndefinedType = Undefined,
+ dhcp_accept_default_route: bool | UndefinedType = Undefined,
+ enabled: bool | UndefinedType = Undefined,
+ speed: str | None | UndefinedType = Undefined,
+ peer: str | None | UndefinedType = Undefined,
+ peer_interface: str | None | UndefinedType = Undefined,
+ peer_ip: str | None | UndefinedType = Undefined,
+ bgp: Bgp | UndefinedType = Undefined,
+ ipv4_acl_in: str | None | UndefinedType = Undefined,
+ ipv4_acl_out: str | None | UndefinedType = Undefined,
+ static_routes: StaticRoutes | UndefinedType = Undefined,
+ qos_profile: str | None | UndefinedType = Undefined,
+ wan_carrier: str | None | UndefinedType = Undefined,
+ wan_circuit_id: str | None | UndefinedType = Undefined,
+ connected_to_pathfinder: bool | UndefinedType = Undefined,
+ cv_pathfinder_internet_exit: CvPathfinderInternetExit | UndefinedType = Undefined,
+ raw_eos_cli: str | None | UndefinedType = Undefined,
flow_tracking: FlowTracking | UndefinedType = Undefined,
+ structured_config: StructuredConfig | UndefinedType = Undefined,
_custom_data: dict[str, Any] | UndefinedType = Undefined,
) -> None:
"""
- WanHa.
+ L3InterfacesItem.
Subclass of AvdModel.
Args:
- enabled: Enable / Disable auto CV-Pathfinder HA, when two nodes are defined in the same node_group.
- ipsec: Enable / Disable IPsec over HA path-group when HA is enabled.
- mtu: Set MTU on WAN HA interfaces.
- ha_interfaces:
- Local WAN HA interfaces
- Overwrite the default behavior which is to pick all the `uplink_interfaces`.
- Can be used to filter uplink interfaces when there are multiple uplinks.
- Limitations:
- Either all
- interfaces must be uplinks or all interfaces must not be uplinks.
- Only one interface is supported
- for non uplinks.
+ profile: L3 interface profile name. Profile defined under `l3_interface_profiles`.
+ name:
+ Ethernet interface name like 'Ethernet2' or subinterface name like 'Ethernet2.42'.
+ For a
+ subinterface, the parent physical interface is automatically created.
+ description:
+ Interface description.
+ If not set a default description will be configured with '[[
+ ]]'.
+ ip_address: Node IPv4 address/Mask or 'dhcp'.
+ dhcp_ip:
+ When the `ip_address` is `dhcp`, this optional field allows to indicate the expected
+ IPv4 address
+ (without mask) to be allocated on the interface if known.
+ This is not rendered in the configuration
+ but can be used for substitution of 'interface_ip' in the Access-list
+ set under `ipv4_acl_in` and
+ `ipv4_acl_out`.
+ public_ip:
+ Node IPv4 address (no mask).
- Subclass of AvdList with `str` items.
- ha_ipv4_pool:
- IP address pool used for WAN HA connectivity.
- IP is derived from the node ID.
- Not used for uplink
- interfaces.
- max_ha_interfaces:
- Number of parallel links towards HA switches.
- Can be used to reserve IP addresses for future
- parallel HA links.
- port_channel_id: Port-channel ID to use for direct HA.
- use_port_channel_for_direct_ha:
- Enable or disable using a port-channel interface for direct HA when there is only one interface.
- This feature was introduced in EOS 4.33.0F.
+ This is used to get the public IP (if known) when the device is behind
+ NAT.
+ This is only used for `wan_rr` routers (AutoVPN RRs and Pathfinders) to determine the Public IP
+ with the following preference:
+ `wan_route_servers.path_groups.interfaces.ip_address`
+ ->
+ `l3_interfaces.public_ip`
+ -> `l3_interfaces.ip_address`
+
+ The determined Public IP is used
+ by WAN routers when peering with this interface.
+ encapsulation_dot1q_vlan:
+ For subinterfaces the dot1q vlan is derived from the interface name by default, but can also be
+ specified.
+ dhcp_accept_default_route: Accept a default route from DHCP if `ip_address` is set to `dhcp`.
+ enabled: Enable or Shutdown the interface.
+ speed:
+ Speed should be set in the format `` or `forced ` or `auto
+ `.
+ peer: The peer device name. Used for description and documentation.
+ peer_interface: The peer device interface. Used for description and documentation.
+ peer_ip:
+ The peer device IPv4 address (no mask). Used as default route gateway if `set_default_route` is true
+ and `ip` is an IP address.
+ bgp:
+ Enforce IPv4 BGP peering for the peer
+
+ Subclass of AvdModel.
+ ipv4_acl_in:
+ Name of the IPv4 access-list to be assigned in the ingress direction.
+ The access-list must be
+ defined under `ipv4_acls` and supports field substitution for "interface_ip" and "peer_ip".
+ Required
+ for all WAN interfaces (`wan_carrier` is set) unless the carrier is marked as 'trusted' under
+ `wan_carriers`.
+ ipv4_acl_out:
+ Name of the IPv4 Access-list to be assigned in the egress direction.
+ The access-list must be defined
+ under `ipv4_acls` and supports field substitution for "interface_ip" and "peer_ip".
+ static_routes:
+ Configure IPv4 static routes pointing to `peer_ip`.
+
+ Subclass of AvdList with `StaticRoutesItem`
+ items.
+ qos_profile: QOS service profile.
+ wan_carrier:
+ The WAN carrier this interface is connected to.
+ This is used to infer the path-groups in which this
+ interface should be configured.
+ Unless the carrier is marked as 'trusted' under `wan_carriers`,
+ `ipv4_acl_in` is also required on all WAN interfaces.
+ wan_circuit_id:
+ The WAN circuit ID for this interface.
+ This is not rendered in the configuration but used for WAN
+ designs.
+ connected_to_pathfinder: For a WAN interface (`wan_carrier` is set), allow to disable the static tunnel towards Pathfinders.
+ cv_pathfinder_internet_exit:
+ PREVIEW: This key is in preview mode
+
+ Subclass of AvdModel.
+ raw_eos_cli: EOS CLI rendered directly on the interface in the final EOS configuration.
flow_tracking:
- Configures flow-tracking on the HA interfaces. Overrides `fabric_flow_tracking.wan_ha_links`
- setting.
+ Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_interfaces` setting.
+ Subclass of AvdModel.
+ structured_config:
+ Custom structured config for the Ethernet interface.
Subclass of AvdModel.
_custom_data: _custom_data
"""
- class L3InterfacesItem(AvdModel):
+ class L3Interfaces(AvdIndexedList[str, L3InterfacesItem]):
+ """Subclass of AvdIndexedList with `L3InterfacesItem` items. Primary key is `name` (`str`)."""
+
+ _primary_key: ClassVar[str] = "name"
+
+ L3Interfaces._item_type = L3InterfacesItem
+
+ class L3PortChannelsItem(AvdModel):
"""Subclass of AvdModel."""
+ class MemberInterfacesItem(AvdModel):
+ """Subclass of AvdModel."""
+
+ _fields: ClassVar[dict] = {
+ "name": {"type": str},
+ "description": {"type": str},
+ "peer": {"type": str},
+ "peer_interface": {"type": str},
+ "speed": {"type": str},
+ "_custom_data": {"type": dict},
+ }
+ name: str
+ """
+ Ethernet interface name like 'Ethernet2'.
+ Member interface cannot be subinterface.
+ """
+ description: str | None
+ """
+ Interface description for this member.
+ If not set a default description will be configured with
+ '[[ ]]'.
+ """
+ peer: str | None
+ """
+ The peer device name. Used for description and documentation.
+ If not set, this inherits the peer
+ setting on the port-channel interface.
+ """
+ peer_interface: str | None
+ """The peer device interface. Used for description and documentation."""
+ speed: str | None
+ """
+ Speed should be set in the format `` or `forced ` or `auto
+ `.
+ """
+ _custom_data: dict[str, Any]
+
+ if TYPE_CHECKING:
+
+ def __init__(
+ self,
+ *,
+ name: str | UndefinedType = Undefined,
+ description: str | None | UndefinedType = Undefined,
+ peer: str | None | UndefinedType = Undefined,
+ peer_interface: str | None | UndefinedType = Undefined,
+ speed: str | None | UndefinedType = Undefined,
+ _custom_data: dict[str, Any] | UndefinedType = Undefined,
+ ) -> None:
+ """
+ MemberInterfacesItem.
+
+
+ Subclass of AvdModel.
+
+ Args:
+ name:
+ Ethernet interface name like 'Ethernet2'.
+ Member interface cannot be subinterface.
+ description:
+ Interface description for this member.
+ If not set a default description will be configured with
+ '[[ ]]'.
+ peer:
+ The peer device name. Used for description and documentation.
+ If not set, this inherits the peer
+ setting on the port-channel interface.
+ peer_interface: The peer device interface. Used for description and documentation.
+ speed:
+ Speed should be set in the format `` or `forced ` or `auto
+ `.
+ _custom_data: _custom_data
+
+ """
+
+ class MemberInterfaces(AvdIndexedList[str, MemberInterfacesItem]):
+ """Subclass of AvdIndexedList with `MemberInterfacesItem` items. Primary key is `name` (`str`)."""
+
+ _primary_key: ClassVar[str] = "name"
+
+ MemberInterfaces._item_type = MemberInterfacesItem
+
class Bgp(AvdModel):
"""Subclass of AvdModel."""
@@ -24239,8 +25524,10 @@ def __init__(
"""
- class StaticRoutes(AvdList[StaticRoutesItem]):
- """Subclass of AvdList with `StaticRoutesItem` items."""
+ class StaticRoutes(AvdIndexedList[str, StaticRoutesItem]):
+ """Subclass of AvdIndexedList with `StaticRoutesItem` items. Primary key is `prefix` (`str`)."""
+
+ _primary_key: ClassVar[str] = "prefix"
StaticRoutes._item_type = StaticRoutesItem
@@ -24355,22 +25642,22 @@ def __init__(
"""
- class StructuredConfig(EosCliConfigGen.EthernetInterfacesItem):
+ class StructuredConfig(EosCliConfigGen.PortChannelInterfacesItem):
"""Subclass of AvdModel."""
_fields: ClassVar[dict] = {
- "profile": {"type": str},
"name": {"type": str},
"description": {"type": str},
+ "mode": {"type": str, "default": "active"},
+ "member_interfaces": {"type": MemberInterfaces},
"ip_address": {"type": str},
"dhcp_ip": {"type": str},
"public_ip": {"type": str},
"encapsulation_dot1q_vlan": {"type": int},
"dhcp_accept_default_route": {"type": bool, "default": True},
"enabled": {"type": bool, "default": True},
- "speed": {"type": str},
"peer": {"type": str},
- "peer_interface": {"type": str},
+ "peer_port_channel": {"type": str},
"peer_ip": {"type": str},
"bgp": {"type": Bgp},
"ipv4_acl_in": {"type": str},
@@ -24386,19 +25673,32 @@ class StructuredConfig(EosCliConfigGen.EthernetInterfacesItem):
"structured_config": {"type": StructuredConfig},
"_custom_data": {"type": dict},
}
- profile: str | None
- """L3 interface profile name. Profile defined under `l3_interface_profiles`."""
name: str
"""
- Ethernet interface name like 'Ethernet2' or subinterface name like 'Ethernet2.42'.
+ Port-Channel interface name like 'Port-Channel2' or subinterface name like 'Port-Channel2.42'.
For a
- subinterface, the parent physical interface is automatically created.
+ Port-Channel subinterface, the parent Port-Channel interface must be defined as well.
"""
description: str | None
"""
Interface description.
If not set a default description will be configured with '[[
- ]]'.
+ ]]'.
+ """
+ mode: Literal["active", "passive", "on"]
+ """
+ Port-Channel mode.
+ Should not be set on Port-Channel subinterfaces.
+
+ Default value: `"active"`
+ """
+ member_interfaces: MemberInterfaces
+ """
+ Port-Channel member interfaces.
+ Should not be set on Port-Channel subinterfaces.
+
+ Subclass of
+ AvdIndexedList with `MemberInterfacesItem` items. Primary key is `name` (`str`).
"""
ip_address: str | None
"""Node IPv4 address/Mask or 'dhcp'."""
@@ -24422,11 +25722,11 @@ class StructuredConfig(EosCliConfigGen.EthernetInterfacesItem):
with the following preference:
`wan_route_servers.path_groups.interfaces.ip_address`
->
- `l3_interfaces.public_ip`
- -> `l3_interfaces.ip_address`
+ `l3_port_channels.public_ip`
+ -> `l3_port_channels.ip_address`
- The determined Public IP is used
- by WAN routers when peering with this interface.
+ The determined Public IP is
+ used by WAN routers when peering with this interface.
"""
encapsulation_dot1q_vlan: int | None
"""
@@ -24445,15 +25745,10 @@ class StructuredConfig(EosCliConfigGen.EthernetInterfacesItem):
Default value: `True`
"""
- speed: str | None
- """
- Speed should be set in the format `` or `forced ` or `auto
- `.
- """
peer: str | None
"""The peer device name. Used for description and documentation."""
- peer_interface: str | None
- """The peer device interface. Used for description and documentation."""
+ peer_port_channel: str | None
+ """The peer device port-channel interface. Used for description and documentation."""
peer_ip: str | None
"""
The peer device IPv4 address (no mask). Used as default route gateway if `set_default_route` is true
@@ -24484,8 +25779,8 @@ class StructuredConfig(EosCliConfigGen.EthernetInterfacesItem):
"""
Configure IPv4 static routes pointing to `peer_ip`.
- Subclass of AvdList with `StaticRoutesItem`
- items.
+ Subclass of AvdIndexedList with
+ `StaticRoutesItem` items. Primary key is `prefix` (`str`).
"""
qos_profile: str | None
"""QOS service profile."""
@@ -24516,15 +25811,17 @@ class StructuredConfig(EosCliConfigGen.EthernetInterfacesItem):
Subclass of AvdModel.
"""
raw_eos_cli: str | None
- """EOS CLI rendered directly on the interface in the final EOS configuration."""
+ """EOS CLI rendered directly on the Port-Channel interface in the final EOS configuration."""
flow_tracking: FlowTracking
"""
- Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_interfaces` setting.
+ Configures flow-tracking on the interface. Overrides `fabric_flow_tracking.l3_port_channels`
+ setting.
+
Subclass of AvdModel.
"""
structured_config: StructuredConfig
"""
- Custom structured config for the Ethernet interface.
+ Custom structured config for the Port-Channel interface.
Subclass of AvdModel.
"""
@@ -24535,18 +25832,18 @@ class StructuredConfig(EosCliConfigGen.EthernetInterfacesItem):
def __init__(
self,
*,
- profile: str | None | UndefinedType = Undefined,
name: str | UndefinedType = Undefined,
description: str | None | UndefinedType = Undefined,
+ mode: Literal["active", "passive", "on"] | UndefinedType = Undefined,
+ member_interfaces: MemberInterfaces | UndefinedType = Undefined,
ip_address: str | None | UndefinedType = Undefined,
dhcp_ip: str | None | UndefinedType = Undefined,
public_ip: str | None | UndefinedType = Undefined,
encapsulation_dot1q_vlan: int | None | UndefinedType = Undefined,
dhcp_accept_default_route: bool | UndefinedType = Undefined,
enabled: bool | UndefinedType = Undefined,
- speed: str | None | UndefinedType = Undefined,
peer: str | None | UndefinedType = Undefined,
- peer_interface: str | None | UndefinedType = Undefined,
+ peer_port_channel: str | None | UndefinedType = Undefined,
peer_ip: str | None | UndefinedType = Undefined,
bgp: Bgp | UndefinedType = Undefined,
ipv4_acl_in: str | None | UndefinedType = Undefined,
@@ -24563,21 +25860,29 @@ def __init__(
_custom_data: dict[str, Any] | UndefinedType = Undefined,
) -> None:
"""
- L3InterfacesItem.
+ L3PortChannelsItem.
Subclass of AvdModel.
Args:
- profile: L3 interface profile name. Profile defined under `l3_interface_profiles`.
name:
- Ethernet interface name like 'Ethernet2' or subinterface name like 'Ethernet2.42'.
+ Port-Channel interface name like 'Port-Channel2' or subinterface name like 'Port-Channel2.42'.
For a
- subinterface, the parent physical interface is automatically created.
+ Port-Channel subinterface, the parent Port-Channel interface must be defined as well.
description:
Interface description.
If not set a default description will be configured with '[[
-