diff --git a/ansible_collections/arista/avd/docs/porting-guides/5.x.x.md b/ansible_collections/arista/avd/docs/porting-guides/5.x.x.md
index ef8fbb408f9..9ef0eb24eca 100644
--- a/ansible_collections/arista/avd/docs/porting-guides/5.x.x.md
+++ b/ansible_collections/arista/avd/docs/porting-guides/5.x.x.md
@@ -885,6 +885,23 @@ To retain the previous configuration use custom_platform_settings use `use_port_
ha_ipv4_pool: 10.10.10.0/24
```
+### Prevent redistributing the MLAG peer link subnets into BGP for all VRFs by default
+
+With AVD version 5.0.0 the subnet of VRF L3 peering VLANs between MLAG peers are no longer redistributed into BGP by default. Previously all connected routes were redistributed to BGP.
+
+To retain the previous behavior, set `redistribute_mlag_ibgp_peering_vrfs` to `true` per tenant or VRF:
+
+```diff
+tenants:
+ - name: Tenant_A
++ redistribute_mlag_ibgp_peering_vrfs: true
+ <...>
+ vrfs:
+ - name: Tenant_A_OP
++ redistribute_mlag_ibgp_peering_vrfs: true
+ <...>
+```
+
## Changes to role `arista.avd.eos_cli_config_gen`
TODO: Level 3 sections for each change with details on how to migrate
diff --git a/ansible_collections/arista/avd/docs/release-notes/5.x.x.md b/ansible_collections/arista/avd/docs/release-notes/5.x.x.md
index de899454566..ec10e36215d 100644
--- a/ansible_collections/arista/avd/docs/release-notes/5.x.x.md
+++ b/ansible_collections/arista/avd/docs/release-notes/5.x.x.md
@@ -246,6 +246,12 @@ This feature was introduced recently in EOS and may not be supported on your ver
See the [porting guide](../porting-guides/5.x.x.md#preview-wan-ha-direct-link-now-uses-port-channel-by-default) for details.
+### Prevent redistributing the MLAG peer link subnets into BGP for all VRFs by default
+
+Starting AVD 5.0.0, default value of `redistribute_mlag_ibgp_peering_vrfs` changed to `false`.
+
+See the [porting guide](../porting-guides/5.x.x.md#prevent-redistributing-the-mlag-peer-link-subnets-into-bgp-for-all-vrfs-by-default)
+
### Other breaking or behavioral changes
Breaking changes may require modifications to the inventory or playbook. See the [Porting guide for AVD 5.x.x](../porting-guides/5.x.x.md)
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc1-leaf1a.md b/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc1-leaf1a.md
index a407340bdf0..c45e41d6543 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc1-leaf1a.md
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc1-leaf1a.md
@@ -772,7 +772,7 @@ router bgp 65101
router-id 10.255.0.3
neighbor 10.255.1.97 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.97 description dc1-leaf1b_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.0.3:11
@@ -781,7 +781,7 @@ router bgp 65101
router-id 10.255.0.3
neighbor 10.255.1.97 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.97 description dc1-leaf1b_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -830,6 +830,12 @@ router bfd
| 10 | permit 10.255.0.0/27 eq 32 |
| 20 | permit 10.255.1.0/27 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.1.96/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -837,6 +843,9 @@ router bfd
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.0.0/27 eq 32
seq 20 permit 10.255.1.0/27 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.1.96/31
```
### Route-maps
@@ -849,6 +858,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -862,6 +878,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc1-leaf1b.md b/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc1-leaf1b.md
index 868f391f4e7..7f7b4658d57 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc1-leaf1b.md
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc1-leaf1b.md
@@ -772,7 +772,7 @@ router bgp 65101
router-id 10.255.0.4
neighbor 10.255.1.96 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.96 description dc1-leaf1a_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.0.4:11
@@ -781,7 +781,7 @@ router bgp 65101
router-id 10.255.0.4
neighbor 10.255.1.96 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.96 description dc1-leaf1a_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -830,6 +830,12 @@ router bfd
| 10 | permit 10.255.0.0/27 eq 32 |
| 20 | permit 10.255.1.0/27 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.1.96/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -837,6 +843,9 @@ router bfd
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.0.0/27 eq 32
seq 20 permit 10.255.1.0/27 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.1.96/31
```
### Route-maps
@@ -849,6 +858,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -862,6 +878,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc1-leaf2a.md b/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc1-leaf2a.md
index 5ff336d7b3e..521ea7eba67 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc1-leaf2a.md
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc1-leaf2a.md
@@ -830,7 +830,7 @@ router bgp 65102
router-id 10.255.0.5
neighbor 10.255.1.101 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.101 description dc1-leaf2b_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.0.5:11
@@ -839,7 +839,7 @@ router bgp 65102
router-id 10.255.0.5
neighbor 10.255.1.101 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.101 description dc1-leaf2b_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -888,6 +888,12 @@ router bfd
| 10 | permit 10.255.0.0/27 eq 32 |
| 20 | permit 10.255.1.0/27 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.1.100/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -895,6 +901,9 @@ router bfd
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.0.0/27 eq 32
seq 20 permit 10.255.1.0/27 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.1.100/31
```
### Route-maps
@@ -907,6 +916,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -920,6 +936,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc1-leaf2b.md b/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc1-leaf2b.md
index 7e97f2628f7..d242a467947 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc1-leaf2b.md
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc1-leaf2b.md
@@ -830,7 +830,7 @@ router bgp 65102
router-id 10.255.0.6
neighbor 10.255.1.100 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.100 description dc1-leaf2a_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.0.6:11
@@ -839,7 +839,7 @@ router bgp 65102
router-id 10.255.0.6
neighbor 10.255.1.100 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.100 description dc1-leaf2a_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -888,6 +888,12 @@ router bfd
| 10 | permit 10.255.0.0/27 eq 32 |
| 20 | permit 10.255.1.0/27 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.1.100/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -895,6 +901,9 @@ router bfd
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.0.0/27 eq 32
seq 20 permit 10.255.1.0/27 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.1.100/31
```
### Route-maps
@@ -907,6 +916,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -920,6 +936,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc2-leaf1a.md b/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc2-leaf1a.md
index fd66afaeb9c..926269cdf33 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc2-leaf1a.md
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc2-leaf1a.md
@@ -772,7 +772,7 @@ router bgp 65201
router-id 10.255.128.13
neighbor 10.255.129.117 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.129.117 description dc2-leaf1b_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.128.13:11
@@ -781,7 +781,7 @@ router bgp 65201
router-id 10.255.128.13
neighbor 10.255.129.117 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.129.117 description dc2-leaf1b_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -830,6 +830,12 @@ router bfd
| 10 | permit 10.255.128.0/27 eq 32 |
| 20 | permit 10.255.129.0/27 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.129.116/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -837,6 +843,9 @@ router bfd
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.128.0/27 eq 32
seq 20 permit 10.255.129.0/27 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.129.116/31
```
### Route-maps
@@ -849,6 +858,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -862,6 +878,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc2-leaf1b.md b/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc2-leaf1b.md
index 685c1b2d8c7..0753332b85a 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc2-leaf1b.md
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc2-leaf1b.md
@@ -772,7 +772,7 @@ router bgp 65201
router-id 10.255.128.14
neighbor 10.255.129.116 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.129.116 description dc2-leaf1a_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.128.14:11
@@ -781,7 +781,7 @@ router bgp 65201
router-id 10.255.128.14
neighbor 10.255.129.116 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.129.116 description dc2-leaf1a_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -830,6 +830,12 @@ router bfd
| 10 | permit 10.255.128.0/27 eq 32 |
| 20 | permit 10.255.129.0/27 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.129.116/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -837,6 +843,9 @@ router bfd
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.128.0/27 eq 32
seq 20 permit 10.255.129.0/27 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.129.116/31
```
### Route-maps
@@ -849,6 +858,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -862,6 +878,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc2-leaf2a.md b/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc2-leaf2a.md
index 45328345368..14949c3d0c6 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc2-leaf2a.md
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc2-leaf2a.md
@@ -830,7 +830,7 @@ router bgp 65202
router-id 10.255.128.15
neighbor 10.255.129.121 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.129.121 description dc2-leaf2b_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.128.15:11
@@ -839,7 +839,7 @@ router bgp 65202
router-id 10.255.128.15
neighbor 10.255.129.121 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.129.121 description dc2-leaf2b_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -888,6 +888,12 @@ router bfd
| 10 | permit 10.255.128.0/27 eq 32 |
| 20 | permit 10.255.129.0/27 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.129.120/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -895,6 +901,9 @@ router bfd
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.128.0/27 eq 32
seq 20 permit 10.255.129.0/27 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.129.120/31
```
### Route-maps
@@ -907,6 +916,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -920,6 +936,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc2-leaf2b.md b/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc2-leaf2b.md
index c04d68b72fc..568dc8ca296 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc2-leaf2b.md
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/documentation/devices/dc2-leaf2b.md
@@ -830,7 +830,7 @@ router bgp 65202
router-id 10.255.128.16
neighbor 10.255.129.120 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.129.120 description dc2-leaf2a_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.128.16:11
@@ -839,7 +839,7 @@ router bgp 65202
router-id 10.255.128.16
neighbor 10.255.129.120 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.129.120 description dc2-leaf2a_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -888,6 +888,12 @@ router bfd
| 10 | permit 10.255.128.0/27 eq 32 |
| 20 | permit 10.255.129.0/27 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.129.120/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -895,6 +901,9 @@ router bfd
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.128.0/27 eq 32
seq 20 permit 10.255.129.0/27 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.129.120/31
```
### Route-maps
@@ -907,6 +916,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -920,6 +936,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc1-leaf1a.cfg b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc1-leaf1a.cfg
index 3dedc87440e..f8e3d22e009 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc1-leaf1a.cfg
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc1-leaf1a.cfg
@@ -230,6 +230,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.0.0/27 eq 32
seq 20 permit 10.255.1.0/27 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.1.96/31
+!
mlag configuration
domain-id DC1_L3_LEAF1
local-interface Vlan4094
@@ -243,6 +246,11 @@ ip route vrf MGMT 0.0.0.0/0 172.16.1.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -334,7 +342,7 @@ router bgp 65101
router-id 10.255.0.3
neighbor 10.255.1.97 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.97 description dc1-leaf1b_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.0.3:11
@@ -343,6 +351,6 @@ router bgp 65101
router-id 10.255.0.3
neighbor 10.255.1.97 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.97 description dc1-leaf1b_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc1-leaf1b.cfg b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc1-leaf1b.cfg
index 2b33278bacd..d6ebfb7d5ec 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc1-leaf1b.cfg
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc1-leaf1b.cfg
@@ -230,6 +230,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.0.0/27 eq 32
seq 20 permit 10.255.1.0/27 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.1.96/31
+!
mlag configuration
domain-id DC1_L3_LEAF1
local-interface Vlan4094
@@ -243,6 +246,11 @@ ip route vrf MGMT 0.0.0.0/0 172.16.1.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -334,7 +342,7 @@ router bgp 65101
router-id 10.255.0.4
neighbor 10.255.1.96 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.96 description dc1-leaf1a_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.0.4:11
@@ -343,6 +351,6 @@ router bgp 65101
router-id 10.255.0.4
neighbor 10.255.1.96 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.96 description dc1-leaf1a_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc1-leaf2a.cfg b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc1-leaf2a.cfg
index d3715e0dd1f..c82ff1581a7 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc1-leaf2a.cfg
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc1-leaf2a.cfg
@@ -237,6 +237,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.0.0/27 eq 32
seq 20 permit 10.255.1.0/27 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.1.100/31
+!
mlag configuration
domain-id DC1_L3_LEAF2
local-interface Vlan4094
@@ -250,6 +253,11 @@ ip route vrf MGMT 0.0.0.0/0 172.16.1.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -369,7 +377,7 @@ router bgp 65102
router-id 10.255.0.5
neighbor 10.255.1.101 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.101 description dc1-leaf2b_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.0.5:11
@@ -378,6 +386,6 @@ router bgp 65102
router-id 10.255.0.5
neighbor 10.255.1.101 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.101 description dc1-leaf2b_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc1-leaf2b.cfg b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc1-leaf2b.cfg
index 337dd182758..a2e64bac1e3 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc1-leaf2b.cfg
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc1-leaf2b.cfg
@@ -237,6 +237,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.0.0/27 eq 32
seq 20 permit 10.255.1.0/27 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.1.100/31
+!
mlag configuration
domain-id DC1_L3_LEAF2
local-interface Vlan4094
@@ -250,6 +253,11 @@ ip route vrf MGMT 0.0.0.0/0 172.16.1.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -369,7 +377,7 @@ router bgp 65102
router-id 10.255.0.6
neighbor 10.255.1.100 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.100 description dc1-leaf2a_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.0.6:11
@@ -378,6 +386,6 @@ router bgp 65102
router-id 10.255.0.6
neighbor 10.255.1.100 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.100 description dc1-leaf2a_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc2-leaf1a.cfg b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc2-leaf1a.cfg
index 8e45534876f..04bed741e69 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc2-leaf1a.cfg
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc2-leaf1a.cfg
@@ -230,6 +230,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.128.0/27 eq 32
seq 20 permit 10.255.129.0/27 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.129.116/31
+!
mlag configuration
domain-id DC2_L3_LEAF1
local-interface Vlan4094
@@ -243,6 +246,11 @@ ip route vrf MGMT 0.0.0.0/0 172.16.1.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -334,7 +342,7 @@ router bgp 65201
router-id 10.255.128.13
neighbor 10.255.129.117 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.129.117 description dc2-leaf1b_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.128.13:11
@@ -343,6 +351,6 @@ router bgp 65201
router-id 10.255.128.13
neighbor 10.255.129.117 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.129.117 description dc2-leaf1b_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc2-leaf1b.cfg b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc2-leaf1b.cfg
index 9a3ad03dac5..45dd65c32a1 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc2-leaf1b.cfg
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc2-leaf1b.cfg
@@ -230,6 +230,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.128.0/27 eq 32
seq 20 permit 10.255.129.0/27 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.129.116/31
+!
mlag configuration
domain-id DC2_L3_LEAF1
local-interface Vlan4094
@@ -243,6 +246,11 @@ ip route vrf MGMT 0.0.0.0/0 172.16.1.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -334,7 +342,7 @@ router bgp 65201
router-id 10.255.128.14
neighbor 10.255.129.116 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.129.116 description dc2-leaf1a_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.128.14:11
@@ -343,6 +351,6 @@ router bgp 65201
router-id 10.255.128.14
neighbor 10.255.129.116 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.129.116 description dc2-leaf1a_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc2-leaf2a.cfg b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc2-leaf2a.cfg
index e227636e2cc..abaa036f31f 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc2-leaf2a.cfg
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc2-leaf2a.cfg
@@ -237,6 +237,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.128.0/27 eq 32
seq 20 permit 10.255.129.0/27 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.129.120/31
+!
mlag configuration
domain-id DC2_L3_LEAF2
local-interface Vlan4094
@@ -250,6 +253,11 @@ ip route vrf MGMT 0.0.0.0/0 172.16.1.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -369,7 +377,7 @@ router bgp 65202
router-id 10.255.128.15
neighbor 10.255.129.121 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.129.121 description dc2-leaf2b_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.128.15:11
@@ -378,6 +386,6 @@ router bgp 65202
router-id 10.255.128.15
neighbor 10.255.129.121 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.129.121 description dc2-leaf2b_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc2-leaf2b.cfg b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc2-leaf2b.cfg
index 864ca8178ca..e4e6379e90d 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc2-leaf2b.cfg
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/configs/dc2-leaf2b.cfg
@@ -237,6 +237,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.128.0/27 eq 32
seq 20 permit 10.255.129.0/27 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.129.120/31
+!
mlag configuration
domain-id DC2_L3_LEAF2
local-interface Vlan4094
@@ -250,6 +253,11 @@ ip route vrf MGMT 0.0.0.0/0 172.16.1.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -369,7 +377,7 @@ router bgp 65202
router-id 10.255.128.16
neighbor 10.255.129.120 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.129.120 description dc2-leaf2a_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.128.16:11
@@ -378,6 +386,6 @@ router bgp 65202
router-id 10.255.128.16
neighbor 10.255.129.120 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.129.120 description dc2-leaf2a_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc1-leaf1a.yml b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc1-leaf1a.yml
index d7f057f1787..fcbcdabe32a 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc1-leaf1a.yml
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc1-leaf1a.yml
@@ -87,6 +87,7 @@ router_bgp:
router_id: 10.255.0.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.97
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -105,6 +106,7 @@ router_bgp:
router_id: 10.255.0.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.97
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -410,6 +412,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -436,6 +446,10 @@ prefix_lists:
action: permit 10.255.0.0/27 eq 32
- sequence: 20
action: permit 10.255.1.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.1.96/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc1-leaf1b.yml b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc1-leaf1b.yml
index 9c150480fe1..a25d2d336c8 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc1-leaf1b.yml
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc1-leaf1b.yml
@@ -87,6 +87,7 @@ router_bgp:
router_id: 10.255.0.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.96
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -105,6 +106,7 @@ router_bgp:
router_id: 10.255.0.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.96
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -410,6 +412,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -436,6 +446,10 @@ prefix_lists:
action: permit 10.255.0.0/27 eq 32
- sequence: 20
action: permit 10.255.1.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.1.96/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc1-leaf2a.yml b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc1-leaf2a.yml
index 73861aa0f1c..2e0634afa08 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc1-leaf2a.yml
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc1-leaf2a.yml
@@ -113,6 +113,7 @@ router_bgp:
router_id: 10.255.0.5
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.101
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -131,6 +132,7 @@ router_bgp:
router_id: 10.255.0.5
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.101
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -482,6 +484,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -508,6 +518,10 @@ prefix_lists:
action: permit 10.255.0.0/27 eq 32
- sequence: 20
action: permit 10.255.1.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.1.100/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc1-leaf2b.yml b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc1-leaf2b.yml
index 5023249e233..a9277440a48 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc1-leaf2b.yml
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc1-leaf2b.yml
@@ -113,6 +113,7 @@ router_bgp:
router_id: 10.255.0.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.100
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -131,6 +132,7 @@ router_bgp:
router_id: 10.255.0.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.100
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -482,6 +484,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -508,6 +518,10 @@ prefix_lists:
action: permit 10.255.0.0/27 eq 32
- sequence: 20
action: permit 10.255.1.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.1.100/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc2-leaf1a.yml b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc2-leaf1a.yml
index d61e45ef7c2..c2d81104e5a 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc2-leaf1a.yml
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc2-leaf1a.yml
@@ -87,6 +87,7 @@ router_bgp:
router_id: 10.255.128.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.117
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -105,6 +106,7 @@ router_bgp:
router_id: 10.255.128.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.117
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -410,6 +412,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -436,6 +446,10 @@ prefix_lists:
action: permit 10.255.128.0/27 eq 32
- sequence: 20
action: permit 10.255.129.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.129.116/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc2-leaf1b.yml b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc2-leaf1b.yml
index dfea8ef1bc8..33c7ff5fc6e 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc2-leaf1b.yml
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc2-leaf1b.yml
@@ -87,6 +87,7 @@ router_bgp:
router_id: 10.255.128.14
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.116
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -105,6 +106,7 @@ router_bgp:
router_id: 10.255.128.14
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.116
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -410,6 +412,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -436,6 +446,10 @@ prefix_lists:
action: permit 10.255.128.0/27 eq 32
- sequence: 20
action: permit 10.255.129.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.129.116/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc2-leaf2a.yml b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc2-leaf2a.yml
index 49e2725cf5a..a237ae40c6c 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc2-leaf2a.yml
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc2-leaf2a.yml
@@ -113,6 +113,7 @@ router_bgp:
router_id: 10.255.128.15
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.121
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -131,6 +132,7 @@ router_bgp:
router_id: 10.255.128.15
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.121
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -482,6 +484,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -508,6 +518,10 @@ prefix_lists:
action: permit 10.255.128.0/27 eq 32
- sequence: 20
action: permit 10.255.129.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.129.120/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc2-leaf2b.yml b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc2-leaf2b.yml
index 991b1590399..d5b94223beb 100644
--- a/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc2-leaf2b.yml
+++ b/ansible_collections/arista/avd/examples/dual-dc-l3ls/intended/structured_configs/dc2-leaf2b.yml
@@ -113,6 +113,7 @@ router_bgp:
router_id: 10.255.128.16
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.120
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -131,6 +132,7 @@ router_bgp:
router_id: 10.255.128.16
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.120
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -482,6 +484,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -508,6 +518,10 @@ prefix_lists:
action: permit 10.255.128.0/27 eq 32
- sequence: 20
action: permit 10.255.129.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.129.120/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/documentation/devices/dc1-leaf1a.md b/ansible_collections/arista/avd/examples/single-dc-l3ls/documentation/devices/dc1-leaf1a.md
index 3d59fff5948..2766beda9b5 100644
--- a/ansible_collections/arista/avd/examples/single-dc-l3ls/documentation/devices/dc1-leaf1a.md
+++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/documentation/devices/dc1-leaf1a.md
@@ -833,7 +833,7 @@ router bgp 65101
router-id 10.255.0.3
neighbor 10.255.1.97 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.97 description dc1-leaf1b_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.0.3:11
@@ -842,7 +842,7 @@ router bgp 65101
router-id 10.255.0.3
neighbor 10.255.1.97 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.97 description dc1-leaf1b_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -891,6 +891,12 @@ router bfd
| 10 | permit 10.255.0.0/27 eq 32 |
| 20 | permit 10.255.1.0/27 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.1.96/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -898,6 +904,9 @@ router bfd
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.0.0/27 eq 32
seq 20 permit 10.255.1.0/27 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.1.96/31
```
### Route-maps
@@ -910,6 +919,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -923,6 +939,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/documentation/devices/dc1-leaf1b.md b/ansible_collections/arista/avd/examples/single-dc-l3ls/documentation/devices/dc1-leaf1b.md
index e9ab0308f99..ba1e7faf0f0 100644
--- a/ansible_collections/arista/avd/examples/single-dc-l3ls/documentation/devices/dc1-leaf1b.md
+++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/documentation/devices/dc1-leaf1b.md
@@ -833,7 +833,7 @@ router bgp 65101
router-id 10.255.0.4
neighbor 10.255.1.96 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.96 description dc1-leaf1a_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.0.4:11
@@ -842,7 +842,7 @@ router bgp 65101
router-id 10.255.0.4
neighbor 10.255.1.96 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.96 description dc1-leaf1a_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -891,6 +891,12 @@ router bfd
| 10 | permit 10.255.0.0/27 eq 32 |
| 20 | permit 10.255.1.0/27 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.1.96/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -898,6 +904,9 @@ router bfd
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.0.0/27 eq 32
seq 20 permit 10.255.1.0/27 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.1.96/31
```
### Route-maps
@@ -910,6 +919,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -923,6 +939,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/documentation/devices/dc1-leaf2a.md b/ansible_collections/arista/avd/examples/single-dc-l3ls/documentation/devices/dc1-leaf2a.md
index beb356d454e..12d2f514283 100644
--- a/ansible_collections/arista/avd/examples/single-dc-l3ls/documentation/devices/dc1-leaf2a.md
+++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/documentation/devices/dc1-leaf2a.md
@@ -833,7 +833,7 @@ router bgp 65102
router-id 10.255.0.5
neighbor 10.255.1.101 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.101 description dc1-leaf2b_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.0.5:11
@@ -842,7 +842,7 @@ router bgp 65102
router-id 10.255.0.5
neighbor 10.255.1.101 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.101 description dc1-leaf2b_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -891,6 +891,12 @@ router bfd
| 10 | permit 10.255.0.0/27 eq 32 |
| 20 | permit 10.255.1.0/27 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.1.100/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -898,6 +904,9 @@ router bfd
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.0.0/27 eq 32
seq 20 permit 10.255.1.0/27 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.1.100/31
```
### Route-maps
@@ -910,6 +919,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -923,6 +939,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/documentation/devices/dc1-leaf2b.md b/ansible_collections/arista/avd/examples/single-dc-l3ls/documentation/devices/dc1-leaf2b.md
index a805ae9e74f..5fc25888cee 100644
--- a/ansible_collections/arista/avd/examples/single-dc-l3ls/documentation/devices/dc1-leaf2b.md
+++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/documentation/devices/dc1-leaf2b.md
@@ -833,7 +833,7 @@ router bgp 65102
router-id 10.255.0.6
neighbor 10.255.1.100 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.100 description dc1-leaf2a_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.0.6:11
@@ -842,7 +842,7 @@ router bgp 65102
router-id 10.255.0.6
neighbor 10.255.1.100 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.100 description dc1-leaf2a_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -891,6 +891,12 @@ router bfd
| 10 | permit 10.255.0.0/27 eq 32 |
| 20 | permit 10.255.1.0/27 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.1.100/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -898,6 +904,9 @@ router bfd
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.0.0/27 eq 32
seq 20 permit 10.255.1.0/27 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.1.100/31
```
### Route-maps
@@ -910,6 +919,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -923,6 +939,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/configs/dc1-leaf1a.cfg b/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/configs/dc1-leaf1a.cfg
index 535306f8e11..7928036bddf 100644
--- a/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/configs/dc1-leaf1a.cfg
+++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/configs/dc1-leaf1a.cfg
@@ -235,6 +235,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.0.0/27 eq 32
seq 20 permit 10.255.1.0/27 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.1.96/31
+!
mlag configuration
domain-id DC1_L3_LEAF1
local-interface Vlan4094
@@ -251,6 +254,11 @@ ntp server vrf MGMT 0.pool.ntp.org prefer
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -342,7 +350,7 @@ router bgp 65101
router-id 10.255.0.3
neighbor 10.255.1.97 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.97 description dc1-leaf1b_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.0.3:11
@@ -351,6 +359,6 @@ router bgp 65101
router-id 10.255.0.3
neighbor 10.255.1.97 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.97 description dc1-leaf1b_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/configs/dc1-leaf1b.cfg b/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/configs/dc1-leaf1b.cfg
index 681a10812e9..85eaf50ce52 100644
--- a/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/configs/dc1-leaf1b.cfg
+++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/configs/dc1-leaf1b.cfg
@@ -235,6 +235,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.0.0/27 eq 32
seq 20 permit 10.255.1.0/27 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.1.96/31
+!
mlag configuration
domain-id DC1_L3_LEAF1
local-interface Vlan4094
@@ -251,6 +254,11 @@ ntp server vrf MGMT 0.pool.ntp.org prefer
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -342,7 +350,7 @@ router bgp 65101
router-id 10.255.0.4
neighbor 10.255.1.96 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.96 description dc1-leaf1a_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.0.4:11
@@ -351,6 +359,6 @@ router bgp 65101
router-id 10.255.0.4
neighbor 10.255.1.96 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.96 description dc1-leaf1a_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/configs/dc1-leaf2a.cfg b/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/configs/dc1-leaf2a.cfg
index fb929351393..c61683cbc96 100644
--- a/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/configs/dc1-leaf2a.cfg
+++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/configs/dc1-leaf2a.cfg
@@ -235,6 +235,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.0.0/27 eq 32
seq 20 permit 10.255.1.0/27 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.1.100/31
+!
mlag configuration
domain-id DC1_L3_LEAF2
local-interface Vlan4094
@@ -251,6 +254,11 @@ ntp server vrf MGMT 0.pool.ntp.org prefer
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -342,7 +350,7 @@ router bgp 65102
router-id 10.255.0.5
neighbor 10.255.1.101 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.101 description dc1-leaf2b_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.0.5:11
@@ -351,6 +359,6 @@ router bgp 65102
router-id 10.255.0.5
neighbor 10.255.1.101 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.101 description dc1-leaf2b_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/configs/dc1-leaf2b.cfg b/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/configs/dc1-leaf2b.cfg
index 05bb298af42..71f91621a08 100644
--- a/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/configs/dc1-leaf2b.cfg
+++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/configs/dc1-leaf2b.cfg
@@ -235,6 +235,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.255.0.0/27 eq 32
seq 20 permit 10.255.1.0/27 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.1.100/31
+!
mlag configuration
domain-id DC1_L3_LEAF2
local-interface Vlan4094
@@ -251,6 +254,11 @@ ntp server vrf MGMT 0.pool.ntp.org prefer
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -342,7 +350,7 @@ router bgp 65102
router-id 10.255.0.6
neighbor 10.255.1.100 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.100 description dc1-leaf2a_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf VRF11
rd 10.255.0.6:11
@@ -351,6 +359,6 @@ router bgp 65102
router-id 10.255.0.6
neighbor 10.255.1.100 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.1.100 description dc1-leaf2a_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/structured_configs/dc1-leaf1a.yml b/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/structured_configs/dc1-leaf1a.yml
index 2dfdcc6ef91..9ce8011bbb7 100644
--- a/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/structured_configs/dc1-leaf1a.yml
+++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/structured_configs/dc1-leaf1a.yml
@@ -87,6 +87,7 @@ router_bgp:
router_id: 10.255.0.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.97
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -105,6 +106,7 @@ router_bgp:
router_id: 10.255.0.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.97
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -431,6 +433,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -457,6 +467,10 @@ prefix_lists:
action: permit 10.255.0.0/27 eq 32
- sequence: 20
action: permit 10.255.1.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.1.96/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/structured_configs/dc1-leaf1b.yml b/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/structured_configs/dc1-leaf1b.yml
index 5cfe51f373e..9f7f8ab3b49 100644
--- a/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/structured_configs/dc1-leaf1b.yml
+++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/structured_configs/dc1-leaf1b.yml
@@ -87,6 +87,7 @@ router_bgp:
router_id: 10.255.0.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.96
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -105,6 +106,7 @@ router_bgp:
router_id: 10.255.0.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.96
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -431,6 +433,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -457,6 +467,10 @@ prefix_lists:
action: permit 10.255.0.0/27 eq 32
- sequence: 20
action: permit 10.255.1.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.1.96/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/structured_configs/dc1-leaf2a.yml b/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/structured_configs/dc1-leaf2a.yml
index 0d189aa4ce8..a236ed20001 100644
--- a/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/structured_configs/dc1-leaf2a.yml
+++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/structured_configs/dc1-leaf2a.yml
@@ -87,6 +87,7 @@ router_bgp:
router_id: 10.255.0.5
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.101
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -105,6 +106,7 @@ router_bgp:
router_id: 10.255.0.5
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.101
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -431,6 +433,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -457,6 +467,10 @@ prefix_lists:
action: permit 10.255.0.0/27 eq 32
- sequence: 20
action: permit 10.255.1.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.1.100/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/structured_configs/dc1-leaf2b.yml b/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/structured_configs/dc1-leaf2b.yml
index e38ee8e9b27..fafa42ddb9a 100644
--- a/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/structured_configs/dc1-leaf2b.yml
+++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/intended/structured_configs/dc1-leaf2b.yml
@@ -87,6 +87,7 @@ router_bgp:
router_id: 10.255.0.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.100
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -105,6 +106,7 @@ router_bgp:
router_id: 10.255.0.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.100
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -431,6 +433,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -457,6 +467,10 @@ prefix_lists:
action: permit 10.255.0.0/27 eq 32
- sequence: 20
action: permit 10.255.1.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.1.100/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-BL1A.md b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-BL1A.md
index b2810ef86a0..4010854cd40 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-BL1A.md
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-BL1A.md
@@ -801,7 +801,7 @@ router bgp 65104
update wait-install
neighbor 10.255.251.11 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.11 description DC1-BL1B_Vlan3013
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 192.168.255.10:21
@@ -811,7 +811,7 @@ router bgp 65104
update wait-install
neighbor 10.255.251.11 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.11 description DC1-BL1B_Vlan3020
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 192.168.255.10:31
@@ -821,7 +821,7 @@ router bgp 65104
update wait-install
neighbor 10.255.251.11 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.11 description DC1-BL1B_Vlan3030
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -870,6 +870,12 @@ router bfd
| 10 | permit 192.168.255.0/24 eq 32 |
| 20 | permit 192.168.254.0/24 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.251.10/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -877,6 +883,9 @@ router bfd
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.10/31
```
### Route-maps
@@ -889,6 +898,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -902,6 +918,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-BL1B.md b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-BL1B.md
index 4eb50a5a546..6676457c38e 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-BL1B.md
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-BL1B.md
@@ -801,7 +801,7 @@ router bgp 65104
update wait-install
neighbor 10.255.251.10 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.10 description DC1-BL1A_Vlan3013
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 192.168.255.11:21
@@ -811,7 +811,7 @@ router bgp 65104
update wait-install
neighbor 10.255.251.10 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.10 description DC1-BL1A_Vlan3020
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 192.168.255.11:31
@@ -821,7 +821,7 @@ router bgp 65104
update wait-install
neighbor 10.255.251.10 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.10 description DC1-BL1A_Vlan3030
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -870,6 +870,12 @@ router bfd
| 10 | permit 192.168.255.0/24 eq 32 |
| 20 | permit 192.168.254.0/24 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.251.10/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -877,6 +883,9 @@ router bfd
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.10/31
```
### Route-maps
@@ -889,6 +898,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -902,6 +918,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-LEAF2A.md b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-LEAF2A.md
index b54b1ba5a55..5f354ecf474 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-LEAF2A.md
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-LEAF2A.md
@@ -1055,7 +1055,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3011
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.6:13
@@ -1065,7 +1065,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3012
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.6:10
@@ -1075,7 +1075,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.6:11
@@ -1085,7 +1085,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.6:20
@@ -1095,7 +1095,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.6:30
@@ -1105,7 +1105,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3029
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -1162,6 +1162,12 @@ no ip igmp snooping vlan 120
| 10 | permit 192.168.255.0/24 eq 32 |
| 20 | permit 192.168.254.0/24 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.251.2/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -1169,6 +1175,9 @@ no ip igmp snooping vlan 120
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.2/31
```
### Route-maps
@@ -1181,6 +1190,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -1194,6 +1210,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-LEAF2B.md b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-LEAF2B.md
index f36899aefe1..89473f59ddb 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-LEAF2B.md
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-LEAF2B.md
@@ -1055,7 +1055,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3011
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.7:13
@@ -1065,7 +1065,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3012
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.7:10
@@ -1075,7 +1075,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.7:11
@@ -1085,7 +1085,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.7:20
@@ -1095,7 +1095,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.7:30
@@ -1105,7 +1105,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3029
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -1162,6 +1162,12 @@ no ip igmp snooping vlan 120
| 10 | permit 192.168.255.0/24 eq 32 |
| 20 | permit 192.168.254.0/24 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.251.2/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -1169,6 +1175,9 @@ no ip igmp snooping vlan 120
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.2/31
```
### Route-maps
@@ -1181,6 +1190,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -1194,6 +1210,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-SVC3A.md b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-SVC3A.md
index d6e71023d61..c118b2fb704 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-SVC3A.md
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-SVC3A.md
@@ -1198,7 +1198,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.7 description DC1-SVC3B_Vlan3011
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.8:13
@@ -1208,7 +1208,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.7 description DC1-SVC3B_Vlan3012
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.8:10
@@ -1218,7 +1218,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.7 description DC1-SVC3B_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WAN_Zone
rd 192.168.255.8:14
@@ -1228,7 +1228,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.7 description DC1-SVC3B_Vlan3013
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.8:11
@@ -1238,7 +1238,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.7 description DC1-SVC3B_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.8:20
@@ -1248,7 +1248,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.7 description DC1-SVC3B_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 192.168.255.8:21
@@ -1258,7 +1258,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.7 description DC1-SVC3B_Vlan3020
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.8:30
@@ -1268,7 +1268,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.7 description DC1-SVC3B_Vlan3029
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 192.168.255.8:31
@@ -1278,7 +1278,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.7 description DC1-SVC3B_Vlan3030
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -1335,6 +1335,12 @@ no ip igmp snooping vlan 120
| 10 | permit 192.168.255.0/24 eq 32 |
| 20 | permit 192.168.254.0/24 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.251.6/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -1342,6 +1348,9 @@ no ip igmp snooping vlan 120
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.6/31
```
### Route-maps
@@ -1354,6 +1363,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -1367,6 +1383,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-SVC3B.md b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-SVC3B.md
index 81af75bfb16..55694543467 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-SVC3B.md
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/documentation/devices/DC1-SVC3B.md
@@ -1172,7 +1172,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.6 description DC1-SVC3A_Vlan3011
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.9:13
@@ -1182,7 +1182,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.6 description DC1-SVC3A_Vlan3012
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.9:10
@@ -1192,7 +1192,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.6 description DC1-SVC3A_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WAN_Zone
rd 192.168.255.9:14
@@ -1202,7 +1202,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.6 description DC1-SVC3A_Vlan3013
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.9:11
@@ -1212,7 +1212,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.6 description DC1-SVC3A_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.9:20
@@ -1222,7 +1222,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.6 description DC1-SVC3A_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 192.168.255.9:21
@@ -1232,7 +1232,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.6 description DC1-SVC3A_Vlan3020
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.9:30
@@ -1242,7 +1242,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.6 description DC1-SVC3A_Vlan3029
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 192.168.255.9:31
@@ -1252,7 +1252,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.6 description DC1-SVC3A_Vlan3030
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -1309,6 +1309,12 @@ no ip igmp snooping vlan 120
| 10 | permit 192.168.255.0/24 eq 32 |
| 20 | permit 192.168.254.0/24 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.251.6/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -1316,6 +1322,9 @@ no ip igmp snooping vlan 120
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.6/31
```
### Route-maps
@@ -1328,6 +1337,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -1341,6 +1357,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-BL1A.cfg b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-BL1A.cfg
index 9396b227484..2d4202fa9c9 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-BL1A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-BL1A.cfg
@@ -204,6 +204,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.10/31
+!
mlag configuration
domain-id DC1_BL1
local-interface Vlan4094
@@ -220,6 +223,11 @@ ntp server vrf MGMT 192.168.200.5 prefer
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -314,7 +322,7 @@ router bgp 65104
update wait-install
neighbor 10.255.251.11 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.11 description DC1-BL1B_Vlan3013
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 192.168.255.10:21
@@ -324,7 +332,7 @@ router bgp 65104
update wait-install
neighbor 10.255.251.11 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.11 description DC1-BL1B_Vlan3020
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 192.168.255.10:31
@@ -334,6 +342,6 @@ router bgp 65104
update wait-install
neighbor 10.255.251.11 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.11 description DC1-BL1B_Vlan3030
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-BL1B.cfg b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-BL1B.cfg
index da900e7addb..4ac76e50341 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-BL1B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-BL1B.cfg
@@ -204,6 +204,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.10/31
+!
mlag configuration
domain-id DC1_BL1
local-interface Vlan4094
@@ -220,6 +223,11 @@ ntp server vrf MGMT 192.168.200.5 prefer
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -314,7 +322,7 @@ router bgp 65104
update wait-install
neighbor 10.255.251.10 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.10 description DC1-BL1A_Vlan3013
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 192.168.255.11:21
@@ -324,7 +332,7 @@ router bgp 65104
update wait-install
neighbor 10.255.251.10 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.10 description DC1-BL1A_Vlan3020
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 192.168.255.11:31
@@ -334,6 +342,6 @@ router bgp 65104
update wait-install
neighbor 10.255.251.10 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.10 description DC1-BL1A_Vlan3030
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-LEAF2A.cfg b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-LEAF2A.cfg
index 21e695619b1..27f789c94b6 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-LEAF2A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-LEAF2A.cfg
@@ -378,6 +378,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.2/31
+!
mlag configuration
domain-id DC1_LEAF2
local-interface Vlan4094
@@ -394,6 +397,11 @@ ntp server vrf MGMT 192.168.200.5 prefer
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -506,7 +514,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3011
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.6:13
@@ -516,7 +524,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3012
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.6:10
@@ -526,7 +534,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.6:11
@@ -536,7 +544,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.6:20
@@ -546,7 +554,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.6:30
@@ -556,6 +564,6 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3029
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-LEAF2B.cfg b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-LEAF2B.cfg
index 12cce642327..cc0dabfce15 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-LEAF2B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-LEAF2B.cfg
@@ -378,6 +378,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.2/31
+!
mlag configuration
domain-id DC1_LEAF2
local-interface Vlan4094
@@ -394,6 +397,11 @@ ntp server vrf MGMT 192.168.200.5 prefer
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -506,7 +514,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3011
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.7:13
@@ -516,7 +524,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3012
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.7:10
@@ -526,7 +534,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.7:11
@@ -536,7 +544,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.7:20
@@ -546,7 +554,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.7:30
@@ -556,6 +564,6 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3029
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-SVC3A.cfg b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-SVC3A.cfg
index 70fcb63bf15..e069feaf365 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-SVC3A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-SVC3A.cfg
@@ -461,6 +461,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.6/31
+!
mlag configuration
domain-id DC1_SVC3
local-interface Vlan4094
@@ -477,6 +480,11 @@ ntp server vrf MGMT 192.168.200.5 prefer
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -607,7 +615,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.7 description DC1-SVC3B_Vlan3011
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.8:13
@@ -617,7 +625,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.7 description DC1-SVC3B_Vlan3012
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.8:10
@@ -627,7 +635,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.7 description DC1-SVC3B_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WAN_Zone
rd 192.168.255.8:14
@@ -637,7 +645,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.7 description DC1-SVC3B_Vlan3013
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.8:11
@@ -647,7 +655,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.7 description DC1-SVC3B_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.8:20
@@ -657,7 +665,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.7 description DC1-SVC3B_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 192.168.255.8:21
@@ -667,7 +675,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.7 description DC1-SVC3B_Vlan3020
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.8:30
@@ -677,7 +685,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.7 description DC1-SVC3B_Vlan3029
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 192.168.255.8:31
@@ -687,6 +695,6 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.7 description DC1-SVC3B_Vlan3030
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-SVC3B.cfg b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-SVC3B.cfg
index 129e51becdf..a049aecf96b 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-SVC3B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/configs/DC1-SVC3B.cfg
@@ -445,6 +445,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.6/31
+!
mlag configuration
domain-id DC1_SVC3
local-interface Vlan4094
@@ -461,6 +464,11 @@ ntp server vrf MGMT 192.168.200.5 prefer
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -591,7 +599,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.6 description DC1-SVC3A_Vlan3011
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.9:13
@@ -601,7 +609,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.6 description DC1-SVC3A_Vlan3012
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.9:10
@@ -611,7 +619,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.6 description DC1-SVC3A_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WAN_Zone
rd 192.168.255.9:14
@@ -621,7 +629,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.6 description DC1-SVC3A_Vlan3013
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.9:11
@@ -631,7 +639,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.6 description DC1-SVC3A_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.9:20
@@ -641,7 +649,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.6 description DC1-SVC3A_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 192.168.255.9:21
@@ -651,7 +659,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.6 description DC1-SVC3A_Vlan3020
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.9:30
@@ -661,7 +669,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.6 description DC1-SVC3A_Vlan3029
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 192.168.255.9:31
@@ -671,6 +679,6 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.6 description DC1-SVC3A_Vlan3030
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-BL1A.yml b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-BL1A.yml
index b18737a7d83..faff40b02bb 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-BL1A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-BL1A.yml
@@ -111,6 +111,7 @@ router_bgp:
router_id: 192.168.255.10
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.11
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -131,6 +132,7 @@ router_bgp:
router_id: 192.168.255.10
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.11
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -151,6 +153,7 @@ router_bgp:
router_id: 192.168.255.10
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.11
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -446,6 +449,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -462,6 +473,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.251.10/31
router_bfd:
multihop:
interval: 1200
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-BL1B.yml b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-BL1B.yml
index bdf383db030..5ff70938776 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-BL1B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-BL1B.yml
@@ -111,6 +111,7 @@ router_bgp:
router_id: 192.168.255.11
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.10
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -131,6 +132,7 @@ router_bgp:
router_id: 192.168.255.11
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.10
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -151,6 +153,7 @@ router_bgp:
router_id: 192.168.255.11
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.10
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -446,6 +449,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -462,6 +473,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.251.10/31
router_bfd:
multihop:
interval: 1200
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-LEAF2A.yml b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-LEAF2A.yml
index aca5ed9c347..4fab46eb828 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-LEAF2A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-LEAF2A.yml
@@ -111,6 +111,7 @@ router_bgp:
router_id: 192.168.255.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.3
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -131,6 +132,7 @@ router_bgp:
router_id: 192.168.255.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.3
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -151,6 +153,7 @@ router_bgp:
router_id: 192.168.255.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.3
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -171,6 +174,7 @@ router_bgp:
router_id: 192.168.255.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.3
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -191,6 +195,7 @@ router_bgp:
router_id: 192.168.255.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.3
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -211,6 +216,7 @@ router_bgp:
router_id: 192.168.255.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.3
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -726,6 +732,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -747,6 +761,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.251.2/31
router_bfd:
multihop:
interval: 1200
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-LEAF2B.yml b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-LEAF2B.yml
index 071c24b2c17..1d3ab2fd994 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-LEAF2B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-LEAF2B.yml
@@ -111,6 +111,7 @@ router_bgp:
router_id: 192.168.255.7
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.2
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -131,6 +132,7 @@ router_bgp:
router_id: 192.168.255.7
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.2
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -151,6 +153,7 @@ router_bgp:
router_id: 192.168.255.7
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.2
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -171,6 +174,7 @@ router_bgp:
router_id: 192.168.255.7
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.2
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -191,6 +195,7 @@ router_bgp:
router_id: 192.168.255.7
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.2
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -211,6 +216,7 @@ router_bgp:
router_id: 192.168.255.7
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.2
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -726,6 +732,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -747,6 +761,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.251.2/31
router_bfd:
multihop:
interval: 1200
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-SVC3A.yml b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-SVC3A.yml
index 8f0e9efccc5..4528d92240c 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-SVC3A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-SVC3A.yml
@@ -111,6 +111,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.7
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -131,6 +132,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.7
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -151,6 +153,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.7
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -171,6 +174,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.7
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -191,6 +195,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.7
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -211,6 +216,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.7
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -231,6 +237,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.7
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -251,6 +258,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.7
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -271,6 +279,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.7
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -903,6 +912,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -924,6 +941,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.251.6/31
router_bfd:
multihop:
interval: 1200
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-SVC3B.yml b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-SVC3B.yml
index 434bd6281e6..b5a4e56df03 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-SVC3B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/DC1-SVC3B.yml
@@ -111,6 +111,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.6
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -131,6 +132,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.6
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -151,6 +153,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.6
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -171,6 +174,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.6
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -191,6 +195,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.6
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -211,6 +216,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.6
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -231,6 +237,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.6
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -251,6 +258,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.6
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -271,6 +279,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.6
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -881,6 +890,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -902,6 +919,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.251.6/31
router_bfd:
multihop:
interval: 1200
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/cvp-empty-filter/cv_server_configlets.yml b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/cvp-empty-filter/cv_server_configlets.yml
index 8dbeb69de33..0280aebade7 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/cvp-empty-filter/cv_server_configlets.yml
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/cvp-empty-filter/cv_server_configlets.yml
@@ -52,67 +52,71 @@ cvp_configlets:
vni 31\n!\nip virtual-router mac-address 00:dc:00:00:00:0a\n!\nip routing\nno
ip routing vrf MGMT\nip routing vrf Tenant_A_WAN_Zone\nip routing vrf Tenant_B_WAN_Zone\nip
routing vrf Tenant_C_WAN_Zone\n!\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq
- 10 permit 192.168.255.0/24 eq 32\n seq 20 permit 192.168.254.0/24 eq 32\n!\nmlag
- configuration\n domain-id DC1_BL1\n local-interface Vlan4094\n peer-address
- 10.255.252.11\n peer-link Port-Channel5\n reload-delay mlag 300\n reload-delay
- non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0 192.168.200.5\n!\nntp local-interface
- vrf MGMT Management1\nntp server vrf MGMT 192.168.200.5 prefer\n!\nroute-map RM-CONN-2-BGP
+ 10 permit 192.168.255.0/24 eq 32\n seq 20 permit 192.168.254.0/24 eq 32\n!\nip
+ prefix-list PL-MLAG-PEER-VRFS\n seq 10 permit 10.255.251.10/31\n!\nmlag configuration\n
+ \ domain-id DC1_BL1\n local-interface Vlan4094\n peer-address 10.255.252.11\n
+ \ peer-link Port-Channel5\n reload-delay mlag 300\n reload-delay non-mlag
+ 330\n!\nip route vrf MGMT 0.0.0.0/0 192.168.200.5\n!\nntp local-interface vrf
+ MGMT Management1\nntp server vrf MGMT 192.168.200.5 prefer\n!\nroute-map RM-CONN-2-BGP
permit 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map
- RM-MLAG-PEER-IN permit 10\n description Make routes learned over MLAG Peer-link
- less preferred on spines to ensure optimal routing\n set origin incomplete\n!\nrouter
- bfd\n multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65104\n
- \ router-id 192.168.255.10\n maximum-paths 4 ecmp 4\n update wait-install\n
- \ no bgp default ipv4-unicast\n distance bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS
- peer group\n neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor
- EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor
- EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS
- send-community\n neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS
- peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n
- \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS
- maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER peer group\n neighbor
- MLAG-IPv4-UNDERLAY-PEER remote-as 65104\n neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-BL1B\n neighbor MLAG-IPv4-UNDERLAY-PEER
- password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
- route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.11 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.11 description DC1-BL1B_Vlan4093\n neighbor 172.31.255.40
- peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.40 remote-as 65001\n neighbor
- 172.31.255.40 description DC1-SPINE1_Ethernet6\n neighbor 172.31.255.42 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.42 remote-as 65001\n neighbor
- 172.31.255.42 description DC1-SPINE2_Ethernet6\n neighbor 172.31.255.44 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.44 remote-as 65001\n neighbor
- 172.31.255.44 description DC1-SPINE3_Ethernet6\n neighbor 172.31.255.46 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.46 remote-as 65001\n neighbor
- 172.31.255.46 description DC1-SPINE4_Ethernet6\n neighbor 192.168.255.1 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor
- 192.168.255.1 description DC1-SPINE1_Loopback0\n neighbor 192.168.255.2 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2 remote-as 65001\n neighbor
- 192.168.255.2 description DC1-SPINE2_Loopback0\n neighbor 192.168.255.3 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3 remote-as 65001\n neighbor
- 192.168.255.3 description DC1-SPINE3_Loopback0\n neighbor 192.168.255.4 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4 remote-as 65001\n neighbor
- 192.168.255.4 description DC1-SPINE4_Loopback0\n redistribute connected route-map
- RM-CONN-2-BGP\n !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd 192.168.255.10:14\n
- \ route-target both 14:14\n redistribute learned\n vlan 150\n !\n
- \ vlan-aware-bundle Tenant_B_WAN_Zone\n rd 192.168.255.10:21\n route-target
- both 21:21\n redistribute learned\n vlan 250\n !\n vlan-aware-bundle
- Tenant_C_WAN_Zone\n rd 192.168.255.10:31\n route-target both 31:31\n
- \ redistribute learned\n vlan 350\n !\n address-family evpn\n neighbor
- EVPN-OVERLAY-PEERS activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS
- activate\n neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ RM-CONN-2-BGP-VRFS deny 10\n match ip address prefix-list PL-MLAG-PEER-VRFS\n!\nroute-map
+ RM-CONN-2-BGP-VRFS permit 20\n!\nroute-map RM-MLAG-PEER-IN permit 10\n description
+ Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal
+ routing\n set origin incomplete\n!\nrouter bfd\n multihop interval 1200 min-rx
+ 1200 multiplier 3\n!\nrouter bgp 65104\n router-id 192.168.255.10\n maximum-paths
+ 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n distance
+ bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS
+ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS
+ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n
+ \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS
+ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS
+ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n
+ \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65104\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-BL1B\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ send-community\n neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.11
+ peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.11 description DC1-BL1B_Vlan4093\n
+ \ neighbor 172.31.255.40 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.40
+ remote-as 65001\n neighbor 172.31.255.40 description DC1-SPINE1_Ethernet6\n
+ \ neighbor 172.31.255.42 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.42
+ remote-as 65001\n neighbor 172.31.255.42 description DC1-SPINE2_Ethernet6\n
+ \ neighbor 172.31.255.44 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.44
+ remote-as 65001\n neighbor 172.31.255.44 description DC1-SPINE3_Ethernet6\n
+ \ neighbor 172.31.255.46 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.46
+ remote-as 65001\n neighbor 172.31.255.46 description DC1-SPINE4_Ethernet6\n
+ \ neighbor 192.168.255.1 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1
+ remote-as 65001\n neighbor 192.168.255.1 description DC1-SPINE1_Loopback0\n
+ \ neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2
+ remote-as 65001\n neighbor 192.168.255.2 description DC1-SPINE2_Loopback0\n
+ \ neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3
+ remote-as 65001\n neighbor 192.168.255.3 description DC1-SPINE3_Loopback0\n
+ \ neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4
+ remote-as 65001\n neighbor 192.168.255.4 description DC1-SPINE4_Loopback0\n
+ \ redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle
+ Tenant_A_WAN_Zone\n rd 192.168.255.10:14\n route-target both 14:14\n
+ \ redistribute learned\n vlan 150\n !\n vlan-aware-bundle Tenant_B_WAN_Zone\n
+ \ rd 192.168.255.10:21\n route-target both 21:21\n redistribute
+ learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd
+ 192.168.255.10:31\n route-target both 31:31\n redistribute learned\n
+ \ vlan 350\n !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS
+ activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n
+ \ neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER
activate\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.10:14\n route-target
import evpn 14:14\n route-target export evpn 14:14\n router-id 192.168.255.10\n
\ update wait-install\n neighbor 10.255.251.11 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.11 description DC1-BL1B_Vlan3013\n redistribute
- connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.10:21\n route-target
- import evpn 21:21\n route-target export evpn 21:21\n router-id 192.168.255.10\n
- \ update wait-install\n neighbor 10.255.251.11 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.11 description DC1-BL1B_Vlan3020\n redistribute
- connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.10:31\n route-target
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_B_WAN_Zone\n rd
+ 192.168.255.10:21\n route-target import evpn 21:21\n route-target export
+ evpn 21:21\n router-id 192.168.255.10\n update wait-install\n neighbor
+ 10.255.251.11 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.11
+ description DC1-BL1B_Vlan3020\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.10:31\n route-target
import evpn 31:31\n route-target export evpn 31:31\n router-id 192.168.255.10\n
\ update wait-install\n neighbor 10.255.251.11 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.11 description DC1-BL1B_Vlan3030\n redistribute
- connected\n!\nend\n"
+ connected route-map RM-CONN-2-BGP-VRFS\n!\nend\n"
AVD_DC1-BL1B: "!\nno enable password\nno aaa root\n!\nusername admin privilege 15
role network-admin nopassword\nusername cvpadmin privilege 15 role network-admin
secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nmanagement
@@ -166,67 +170,71 @@ cvp_configlets:
vni 31\n!\nip virtual-router mac-address 00:dc:00:00:00:0a\n!\nip routing\nno
ip routing vrf MGMT\nip routing vrf Tenant_A_WAN_Zone\nip routing vrf Tenant_B_WAN_Zone\nip
routing vrf Tenant_C_WAN_Zone\n!\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq
- 10 permit 192.168.255.0/24 eq 32\n seq 20 permit 192.168.254.0/24 eq 32\n!\nmlag
- configuration\n domain-id DC1_BL1\n local-interface Vlan4094\n peer-address
- 10.255.252.10\n peer-link Port-Channel5\n reload-delay mlag 300\n reload-delay
- non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0 192.168.200.5\n!\nntp local-interface
- vrf MGMT Management1\nntp server vrf MGMT 192.168.200.5 prefer\n!\nroute-map RM-CONN-2-BGP
+ 10 permit 192.168.255.0/24 eq 32\n seq 20 permit 192.168.254.0/24 eq 32\n!\nip
+ prefix-list PL-MLAG-PEER-VRFS\n seq 10 permit 10.255.251.10/31\n!\nmlag configuration\n
+ \ domain-id DC1_BL1\n local-interface Vlan4094\n peer-address 10.255.252.10\n
+ \ peer-link Port-Channel5\n reload-delay mlag 300\n reload-delay non-mlag
+ 330\n!\nip route vrf MGMT 0.0.0.0/0 192.168.200.5\n!\nntp local-interface vrf
+ MGMT Management1\nntp server vrf MGMT 192.168.200.5 prefer\n!\nroute-map RM-CONN-2-BGP
permit 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map
- RM-MLAG-PEER-IN permit 10\n description Make routes learned over MLAG Peer-link
- less preferred on spines to ensure optimal routing\n set origin incomplete\n!\nrouter
- bfd\n multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65104\n
- \ router-id 192.168.255.11\n maximum-paths 4 ecmp 4\n update wait-install\n
- \ no bgp default ipv4-unicast\n distance bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS
- peer group\n neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor
- EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor
- EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS
- send-community\n neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS
- peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n
- \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS
- maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER peer group\n neighbor
- MLAG-IPv4-UNDERLAY-PEER remote-as 65104\n neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-BL1A\n neighbor MLAG-IPv4-UNDERLAY-PEER
- password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
- route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.10 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.10 description DC1-BL1A_Vlan4093\n neighbor 172.31.255.48
- peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.48 remote-as 65001\n neighbor
- 172.31.255.48 description DC1-SPINE1_Ethernet7\n neighbor 172.31.255.50 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.50 remote-as 65001\n neighbor
- 172.31.255.50 description DC1-SPINE2_Ethernet7\n neighbor 172.31.255.52 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.52 remote-as 65001\n neighbor
- 172.31.255.52 description DC1-SPINE3_Ethernet7\n neighbor 172.31.255.54 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.54 remote-as 65001\n neighbor
- 172.31.255.54 description DC1-SPINE4_Ethernet7\n neighbor 192.168.255.1 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor
- 192.168.255.1 description DC1-SPINE1_Loopback0\n neighbor 192.168.255.2 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2 remote-as 65001\n neighbor
- 192.168.255.2 description DC1-SPINE2_Loopback0\n neighbor 192.168.255.3 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3 remote-as 65001\n neighbor
- 192.168.255.3 description DC1-SPINE3_Loopback0\n neighbor 192.168.255.4 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4 remote-as 65001\n neighbor
- 192.168.255.4 description DC1-SPINE4_Loopback0\n redistribute connected route-map
- RM-CONN-2-BGP\n !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd 192.168.255.11:14\n
- \ route-target both 14:14\n redistribute learned\n vlan 150\n !\n
- \ vlan-aware-bundle Tenant_B_WAN_Zone\n rd 192.168.255.11:21\n route-target
- both 21:21\n redistribute learned\n vlan 250\n !\n vlan-aware-bundle
- Tenant_C_WAN_Zone\n rd 192.168.255.11:31\n route-target both 31:31\n
- \ redistribute learned\n vlan 350\n !\n address-family evpn\n neighbor
- EVPN-OVERLAY-PEERS activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS
- activate\n neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ RM-CONN-2-BGP-VRFS deny 10\n match ip address prefix-list PL-MLAG-PEER-VRFS\n!\nroute-map
+ RM-CONN-2-BGP-VRFS permit 20\n!\nroute-map RM-MLAG-PEER-IN permit 10\n description
+ Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal
+ routing\n set origin incomplete\n!\nrouter bfd\n multihop interval 1200 min-rx
+ 1200 multiplier 3\n!\nrouter bgp 65104\n router-id 192.168.255.11\n maximum-paths
+ 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n distance
+ bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS
+ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS
+ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n
+ \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS
+ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS
+ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n
+ \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65104\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-BL1A\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ send-community\n neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.10
+ peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.10 description DC1-BL1A_Vlan4093\n
+ \ neighbor 172.31.255.48 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.48
+ remote-as 65001\n neighbor 172.31.255.48 description DC1-SPINE1_Ethernet7\n
+ \ neighbor 172.31.255.50 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.50
+ remote-as 65001\n neighbor 172.31.255.50 description DC1-SPINE2_Ethernet7\n
+ \ neighbor 172.31.255.52 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.52
+ remote-as 65001\n neighbor 172.31.255.52 description DC1-SPINE3_Ethernet7\n
+ \ neighbor 172.31.255.54 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.54
+ remote-as 65001\n neighbor 172.31.255.54 description DC1-SPINE4_Ethernet7\n
+ \ neighbor 192.168.255.1 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1
+ remote-as 65001\n neighbor 192.168.255.1 description DC1-SPINE1_Loopback0\n
+ \ neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2
+ remote-as 65001\n neighbor 192.168.255.2 description DC1-SPINE2_Loopback0\n
+ \ neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3
+ remote-as 65001\n neighbor 192.168.255.3 description DC1-SPINE3_Loopback0\n
+ \ neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4
+ remote-as 65001\n neighbor 192.168.255.4 description DC1-SPINE4_Loopback0\n
+ \ redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle
+ Tenant_A_WAN_Zone\n rd 192.168.255.11:14\n route-target both 14:14\n
+ \ redistribute learned\n vlan 150\n !\n vlan-aware-bundle Tenant_B_WAN_Zone\n
+ \ rd 192.168.255.11:21\n route-target both 21:21\n redistribute
+ learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd
+ 192.168.255.11:31\n route-target both 31:31\n redistribute learned\n
+ \ vlan 350\n !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS
+ activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n
+ \ neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER
activate\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.11:14\n route-target
import evpn 14:14\n route-target export evpn 14:14\n router-id 192.168.255.11\n
\ update wait-install\n neighbor 10.255.251.10 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.10 description DC1-BL1A_Vlan3013\n redistribute
- connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.11:21\n route-target
- import evpn 21:21\n route-target export evpn 21:21\n router-id 192.168.255.11\n
- \ update wait-install\n neighbor 10.255.251.10 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.10 description DC1-BL1A_Vlan3020\n redistribute
- connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.11:31\n route-target
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_B_WAN_Zone\n rd
+ 192.168.255.11:21\n route-target import evpn 21:21\n route-target export
+ evpn 21:21\n router-id 192.168.255.11\n update wait-install\n neighbor
+ 10.255.251.10 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.10
+ description DC1-BL1A_Vlan3020\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.11:31\n route-target
import evpn 31:31\n route-target export evpn 31:31\n router-id 192.168.255.11\n
\ update wait-install\n neighbor 10.255.251.10 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.10 description DC1-BL1A_Vlan3030\n redistribute
- connected\n!\nend\n"
+ connected route-map RM-CONN-2-BGP-VRFS\n!\nend\n"
AVD_DC1-L2LEAF1A: "!\nno enable password\nno aaa root\n!\nusername admin privilege
15 role network-admin nopassword\nusername cvpadmin privilege 15 role network-admin
secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nmanagement
@@ -499,85 +507,89 @@ cvp_configlets:
routing vrf Tenant_A_DB_Zone\nip routing vrf Tenant_A_OP_Zone\nip routing vrf
Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing vrf Tenant_C_OP_Zone\n!\nip
prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24 eq 32\n
- \ seq 20 permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id DC1_LEAF2\n
+ \ seq 20 permit 192.168.254.0/24 eq 32\n!\nip prefix-list PL-MLAG-PEER-VRFS\n
+ \ seq 10 permit 10.255.251.2/31\n!\nmlag configuration\n domain-id DC1_LEAF2\n
\ local-interface Vlan4094\n peer-address 10.255.252.3\n peer-link Port-Channel5\n
\ reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0
192.168.200.5\n!\nntp local-interface vrf MGMT Management1\nntp server vrf MGMT
192.168.200.5 prefer\n!\nroute-map RM-CONN-2-BGP permit 10\n match ip address
- prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN permit 10\n
- \ description Make routes learned over MLAG Peer-link less preferred on spines
- to ensure optimal routing\n set origin incomplete\n!\nrouter bfd\n multihop
- interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65102\n router-id 192.168.255.6\n
- \ maximum-paths 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n
- \ distance bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor
- EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n
- \ neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS
- password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS send-community\n
- \ neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS
- peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n
- \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS
- maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER peer group\n neighbor
- MLAG-IPv4-UNDERLAY-PEER remote-as 65102\n neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2B\n neighbor MLAG-IPv4-UNDERLAY-PEER
- password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
- route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.3 description DC1-LEAF2B_Vlan4093\n neighbor 172.31.255.8
- peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.8 remote-as 65001\n neighbor
- 172.31.255.8 description DC1-SPINE1_Ethernet2\n neighbor 172.31.255.10 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.10 remote-as 65001\n neighbor
- 172.31.255.10 description DC1-SPINE2_Ethernet2\n neighbor 172.31.255.12 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.12 remote-as 65001\n neighbor
- 172.31.255.12 description DC1-SPINE3_Ethernet2\n neighbor 172.31.255.14 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.14 remote-as 65001\n neighbor
- 172.31.255.14 description DC1-SPINE4_Ethernet2\n neighbor 192.168.255.1 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor
- 192.168.255.1 description DC1-SPINE1_Loopback0\n neighbor 192.168.255.2 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2 remote-as 65001\n neighbor
- 192.168.255.2 description DC1-SPINE2_Loopback0\n neighbor 192.168.255.3 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3 remote-as 65001\n neighbor
- 192.168.255.3 description DC1-SPINE3_Loopback0\n neighbor 192.168.255.4 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4 remote-as 65001\n neighbor
- 192.168.255.4 description DC1-SPINE4_Loopback0\n redistribute connected route-map
- RM-CONN-2-BGP\n !\n vlan-aware-bundle Tenant_A_APP_Zone\n rd 192.168.255.6:12\n
- \ route-target both 12:12\n redistribute learned\n vlan 130-131\n
- \ !\n vlan-aware-bundle Tenant_A_DB_Zone\n rd 192.168.255.6:13\n route-target
- both 13:13\n redistribute learned\n vlan 140-141\n !\n vlan-aware-bundle
- Tenant_A_OP_Zone\n rd 192.168.255.6:10\n route-target both 10:10\n redistribute
- learned\n vlan 110-111\n !\n vlan-aware-bundle Tenant_A_WEB_Zone\n rd
- 192.168.255.6:11\n route-target both 11:11\n redistribute learned\n
- \ vlan 120-121\n !\n vlan-aware-bundle Tenant_B_OP_Zone\n rd 192.168.255.6:20\n
- \ route-target both 20:20\n redistribute learned\n vlan 210-211\n
- \ !\n vlan-aware-bundle Tenant_C_OP_Zone\n rd 192.168.255.6:30\n route-target
- both 30:30\n redistribute learned\n vlan 310-311\n !\n address-family
- evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n address-family ipv4\n
- \ no neighbor EVPN-OVERLAY-PEERS activate\n neighbor IPv4-UNDERLAY-PEERS
- activate\n neighbor MLAG-IPv4-UNDERLAY-PEER activate\n !\n vrf Tenant_A_APP_Zone\n
- \ rd 192.168.255.6:12\n route-target import evpn 12:12\n route-target
- export evpn 12:12\n router-id 192.168.255.6\n update wait-install\n
- \ neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor
- 10.255.251.3 description DC1-LEAF2B_Vlan3011\n redistribute connected\n !\n
- \ vrf Tenant_A_DB_Zone\n rd 192.168.255.6:13\n route-target import
- evpn 13:13\n route-target export evpn 13:13\n router-id 192.168.255.6\n
+ prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-CONN-2-BGP-VRFS deny 10\n
+ \ match ip address prefix-list PL-MLAG-PEER-VRFS\n!\nroute-map RM-CONN-2-BGP-VRFS
+ permit 20\n!\nroute-map RM-MLAG-PEER-IN permit 10\n description Make routes
+ learned over MLAG Peer-link less preferred on spines to ensure optimal routing\n
+ \ set origin incomplete\n!\nrouter bfd\n multihop interval 1200 min-rx 1200
+ multiplier 3\n!\nrouter bgp 65102\n router-id 192.168.255.6\n maximum-paths
+ 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n distance
+ bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS
+ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS
+ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n
+ \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS
+ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS
+ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n
+ \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2B\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ send-community\n neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.3
+ peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.3 description DC1-LEAF2B_Vlan4093\n
+ \ neighbor 172.31.255.8 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.8
+ remote-as 65001\n neighbor 172.31.255.8 description DC1-SPINE1_Ethernet2\n neighbor
+ 172.31.255.10 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.10 remote-as
+ 65001\n neighbor 172.31.255.10 description DC1-SPINE2_Ethernet2\n neighbor
+ 172.31.255.12 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.12 remote-as
+ 65001\n neighbor 172.31.255.12 description DC1-SPINE3_Ethernet2\n neighbor
+ 172.31.255.14 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.14 remote-as
+ 65001\n neighbor 172.31.255.14 description DC1-SPINE4_Ethernet2\n neighbor
+ 192.168.255.1 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as
+ 65001\n neighbor 192.168.255.1 description DC1-SPINE1_Loopback0\n neighbor
+ 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2 remote-as
+ 65001\n neighbor 192.168.255.2 description DC1-SPINE2_Loopback0\n neighbor
+ 192.168.255.3 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3 remote-as
+ 65001\n neighbor 192.168.255.3 description DC1-SPINE3_Loopback0\n neighbor
+ 192.168.255.4 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4 remote-as
+ 65001\n neighbor 192.168.255.4 description DC1-SPINE4_Loopback0\n redistribute
+ connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle Tenant_A_APP_Zone\n
+ \ rd 192.168.255.6:12\n route-target both 12:12\n redistribute learned\n
+ \ vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n rd 192.168.255.6:13\n
+ \ route-target both 13:13\n redistribute learned\n vlan 140-141\n
+ \ !\n vlan-aware-bundle Tenant_A_OP_Zone\n rd 192.168.255.6:10\n route-target
+ both 10:10\n redistribute learned\n vlan 110-111\n !\n vlan-aware-bundle
+ Tenant_A_WEB_Zone\n rd 192.168.255.6:11\n route-target both 11:11\n
+ \ redistribute learned\n vlan 120-121\n !\n vlan-aware-bundle Tenant_B_OP_Zone\n
+ \ rd 192.168.255.6:20\n route-target both 20:20\n redistribute learned\n
+ \ vlan 210-211\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n rd 192.168.255.6:30\n
+ \ route-target both 30:30\n redistribute learned\n vlan 310-311\n
+ \ !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n
+ \ address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n neighbor
+ IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER activate\n
+ \ !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.6:12\n route-target
+ import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.6\n
\ update wait-install\n neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3012\n redistribute
- connected\n !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.6:10\n route-target
- import evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.6\n
+ \ neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3011\n redistribute
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_A_DB_Zone\n rd
+ 192.168.255.6:13\n route-target import evpn 13:13\n route-target export
+ evpn 13:13\n router-id 192.168.255.6\n update wait-install\n neighbor
+ 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.3 description
+ DC1-LEAF2B_Vlan3012\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.6:10\n route-target import
+ evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.6\n
\ update wait-install\n neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3009\n redistribute
- connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.6:11\n route-target
- import evpn 11:11\n route-target export evpn 11:11\n router-id 192.168.255.6\n
- \ update wait-install\n neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3010\n redistribute
- connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.6:20\n route-target
- import evpn 20:20\n route-target export evpn 20:20\n router-id 192.168.255.6\n
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_A_WEB_Zone\n rd
+ 192.168.255.6:11\n route-target import evpn 11:11\n route-target export
+ evpn 11:11\n router-id 192.168.255.6\n update wait-install\n neighbor
+ 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.3 description
+ DC1-LEAF2B_Vlan3010\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.6:20\n route-target import
+ evpn 20:20\n route-target export evpn 20:20\n router-id 192.168.255.6\n
\ update wait-install\n neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3019\n redistribute
- connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.6:30\n route-target
- import evpn 30:30\n route-target export evpn 30:30\n router-id 192.168.255.6\n
- \ update wait-install\n neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3029\n redistribute
- connected\n!\nend\n"
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_C_OP_Zone\n rd
+ 192.168.255.6:30\n route-target import evpn 30:30\n route-target export
+ evpn 30:30\n router-id 192.168.255.6\n update wait-install\n neighbor
+ 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.3 description
+ DC1-LEAF2B_Vlan3029\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n!\nend\n"
AVD_DC1-LEAF2B: "!\nno enable password\nno aaa root\n!\nusername admin privilege
15 role network-admin nopassword\nusername cvpadmin privilege 15 role network-admin
secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nmanagement
@@ -675,85 +687,89 @@ cvp_configlets:
routing vrf Tenant_A_DB_Zone\nip routing vrf Tenant_A_OP_Zone\nip routing vrf
Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing vrf Tenant_C_OP_Zone\n!\nip
prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24 eq 32\n
- \ seq 20 permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id DC1_LEAF2\n
+ \ seq 20 permit 192.168.254.0/24 eq 32\n!\nip prefix-list PL-MLAG-PEER-VRFS\n
+ \ seq 10 permit 10.255.251.2/31\n!\nmlag configuration\n domain-id DC1_LEAF2\n
\ local-interface Vlan4094\n peer-address 10.255.252.2\n peer-link Port-Channel5\n
\ reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0
192.168.200.5\n!\nntp local-interface vrf MGMT Management1\nntp server vrf MGMT
192.168.200.5 prefer\n!\nroute-map RM-CONN-2-BGP permit 10\n match ip address
- prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN permit 10\n
- \ description Make routes learned over MLAG Peer-link less preferred on spines
- to ensure optimal routing\n set origin incomplete\n!\nrouter bfd\n multihop
- interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65102\n router-id 192.168.255.7\n
- \ maximum-paths 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n
- \ distance bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor
- EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n
- \ neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS
- password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS send-community\n
- \ neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS
- peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n
- \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS
- maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER peer group\n neighbor
- MLAG-IPv4-UNDERLAY-PEER remote-as 65102\n neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2A\n neighbor MLAG-IPv4-UNDERLAY-PEER
- password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
- route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.2 description DC1-LEAF2A_Vlan4093\n neighbor 172.31.255.16
- peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.16 remote-as 65001\n neighbor
- 172.31.255.16 description DC1-SPINE1_Ethernet3\n neighbor 172.31.255.18 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.18 remote-as 65001\n neighbor
- 172.31.255.18 description DC1-SPINE2_Ethernet3\n neighbor 172.31.255.20 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.20 remote-as 65001\n neighbor
- 172.31.255.20 description DC1-SPINE3_Ethernet3\n neighbor 172.31.255.22 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.22 remote-as 65001\n neighbor
- 172.31.255.22 description DC1-SPINE4_Ethernet3\n neighbor 192.168.255.1 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor
- 192.168.255.1 description DC1-SPINE1_Loopback0\n neighbor 192.168.255.2 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2 remote-as 65001\n neighbor
- 192.168.255.2 description DC1-SPINE2_Loopback0\n neighbor 192.168.255.3 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3 remote-as 65001\n neighbor
- 192.168.255.3 description DC1-SPINE3_Loopback0\n neighbor 192.168.255.4 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4 remote-as 65001\n neighbor
- 192.168.255.4 description DC1-SPINE4_Loopback0\n redistribute connected route-map
- RM-CONN-2-BGP\n !\n vlan-aware-bundle Tenant_A_APP_Zone\n rd 192.168.255.7:12\n
- \ route-target both 12:12\n redistribute learned\n vlan 130-131\n
- \ !\n vlan-aware-bundle Tenant_A_DB_Zone\n rd 192.168.255.7:13\n route-target
- both 13:13\n redistribute learned\n vlan 140-141\n !\n vlan-aware-bundle
- Tenant_A_OP_Zone\n rd 192.168.255.7:10\n route-target both 10:10\n redistribute
- learned\n vlan 110-111\n !\n vlan-aware-bundle Tenant_A_WEB_Zone\n rd
- 192.168.255.7:11\n route-target both 11:11\n redistribute learned\n
- \ vlan 120-121\n !\n vlan-aware-bundle Tenant_B_OP_Zone\n rd 192.168.255.7:20\n
- \ route-target both 20:20\n redistribute learned\n vlan 210-211\n
- \ !\n vlan-aware-bundle Tenant_C_OP_Zone\n rd 192.168.255.7:30\n route-target
- both 30:30\n redistribute learned\n vlan 310-311\n !\n address-family
- evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n address-family ipv4\n
- \ no neighbor EVPN-OVERLAY-PEERS activate\n neighbor IPv4-UNDERLAY-PEERS
- activate\n neighbor MLAG-IPv4-UNDERLAY-PEER activate\n !\n vrf Tenant_A_APP_Zone\n
- \ rd 192.168.255.7:12\n route-target import evpn 12:12\n route-target
- export evpn 12:12\n router-id 192.168.255.7\n update wait-install\n
- \ neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor
- 10.255.251.2 description DC1-LEAF2A_Vlan3011\n redistribute connected\n !\n
- \ vrf Tenant_A_DB_Zone\n rd 192.168.255.7:13\n route-target import
- evpn 13:13\n route-target export evpn 13:13\n router-id 192.168.255.7\n
+ prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-CONN-2-BGP-VRFS deny 10\n
+ \ match ip address prefix-list PL-MLAG-PEER-VRFS\n!\nroute-map RM-CONN-2-BGP-VRFS
+ permit 20\n!\nroute-map RM-MLAG-PEER-IN permit 10\n description Make routes
+ learned over MLAG Peer-link less preferred on spines to ensure optimal routing\n
+ \ set origin incomplete\n!\nrouter bfd\n multihop interval 1200 min-rx 1200
+ multiplier 3\n!\nrouter bgp 65102\n router-id 192.168.255.7\n maximum-paths
+ 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n distance
+ bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS
+ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS
+ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n
+ \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS
+ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS
+ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n
+ \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2A\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ send-community\n neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.2
+ peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.2 description DC1-LEAF2A_Vlan4093\n
+ \ neighbor 172.31.255.16 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.16
+ remote-as 65001\n neighbor 172.31.255.16 description DC1-SPINE1_Ethernet3\n
+ \ neighbor 172.31.255.18 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.18
+ remote-as 65001\n neighbor 172.31.255.18 description DC1-SPINE2_Ethernet3\n
+ \ neighbor 172.31.255.20 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.20
+ remote-as 65001\n neighbor 172.31.255.20 description DC1-SPINE3_Ethernet3\n
+ \ neighbor 172.31.255.22 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.22
+ remote-as 65001\n neighbor 172.31.255.22 description DC1-SPINE4_Ethernet3\n
+ \ neighbor 192.168.255.1 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1
+ remote-as 65001\n neighbor 192.168.255.1 description DC1-SPINE1_Loopback0\n
+ \ neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2
+ remote-as 65001\n neighbor 192.168.255.2 description DC1-SPINE2_Loopback0\n
+ \ neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3
+ remote-as 65001\n neighbor 192.168.255.3 description DC1-SPINE3_Loopback0\n
+ \ neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4
+ remote-as 65001\n neighbor 192.168.255.4 description DC1-SPINE4_Loopback0\n
+ \ redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle
+ Tenant_A_APP_Zone\n rd 192.168.255.7:12\n route-target both 12:12\n
+ \ redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n
+ \ rd 192.168.255.7:13\n route-target both 13:13\n redistribute learned\n
+ \ vlan 140-141\n !\n vlan-aware-bundle Tenant_A_OP_Zone\n rd 192.168.255.7:10\n
+ \ route-target both 10:10\n redistribute learned\n vlan 110-111\n
+ \ !\n vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.7:11\n route-target
+ both 11:11\n redistribute learned\n vlan 120-121\n !\n vlan-aware-bundle
+ Tenant_B_OP_Zone\n rd 192.168.255.7:20\n route-target both 20:20\n redistribute
+ learned\n vlan 210-211\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n rd
+ 192.168.255.7:30\n route-target both 30:30\n redistribute learned\n
+ \ vlan 310-311\n !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS
+ activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n
+ \ neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ activate\n !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.7:12\n route-target
+ import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.7\n
\ update wait-install\n neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3012\n redistribute
- connected\n !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.7:10\n route-target
- import evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.7\n
+ \ neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3011\n redistribute
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_A_DB_Zone\n rd
+ 192.168.255.7:13\n route-target import evpn 13:13\n route-target export
+ evpn 13:13\n router-id 192.168.255.7\n update wait-install\n neighbor
+ 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.2 description
+ DC1-LEAF2A_Vlan3012\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.7:10\n route-target import
+ evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.7\n
\ update wait-install\n neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3009\n redistribute
- connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.7:11\n route-target
- import evpn 11:11\n route-target export evpn 11:11\n router-id 192.168.255.7\n
- \ update wait-install\n neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3010\n redistribute
- connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.7:20\n route-target
- import evpn 20:20\n route-target export evpn 20:20\n router-id 192.168.255.7\n
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_A_WEB_Zone\n rd
+ 192.168.255.7:11\n route-target import evpn 11:11\n route-target export
+ evpn 11:11\n router-id 192.168.255.7\n update wait-install\n neighbor
+ 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.2 description
+ DC1-LEAF2A_Vlan3010\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.7:20\n route-target import
+ evpn 20:20\n route-target export evpn 20:20\n router-id 192.168.255.7\n
\ update wait-install\n neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3019\n redistribute
- connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.7:30\n route-target
- import evpn 30:30\n route-target export evpn 30:30\n router-id 192.168.255.7\n
- \ update wait-install\n neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3029\n redistribute
- connected\n!\nend\n"
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_C_OP_Zone\n rd
+ 192.168.255.7:30\n route-target import evpn 30:30\n route-target export
+ evpn 30:30\n router-id 192.168.255.7\n update wait-install\n neighbor
+ 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.2 description
+ DC1-LEAF2A_Vlan3029\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n!\nend\n"
AVD_DC1-SPINE1: "!\nno enable password\nno aaa root\n!\nusername admin privilege
15 role network-admin nopassword\nusername cvpadmin privilege 15 role network-admin
secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nmanagement
@@ -1157,102 +1173,107 @@ cvp_configlets:
Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing vrf Tenant_B_WAN_Zone\nip
routing vrf Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n!\nip prefix-list
PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24 eq 32\n seq 20
- permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id DC1_SVC3\n
- \ local-interface Vlan4094\n peer-address 10.255.252.7\n peer-link Port-Channel5\n
- \ reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0
- 192.168.200.5\n!\nntp local-interface vrf MGMT Management1\nntp server vrf MGMT
- 192.168.200.5 prefer\n!\nroute-map RM-CONN-2-BGP permit 10\n match ip address
- prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN permit 10\n
- \ description Make routes learned over MLAG Peer-link less preferred on spines
- to ensure optimal routing\n set origin incomplete\n!\nrouter bfd\n multihop
- interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65103\n router-id 192.168.255.8\n
- \ maximum-paths 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n
- \ distance bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor
- EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n
- \ neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS
- password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS send-community\n
- \ neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS
- peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n
- \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS
- maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER peer group\n neighbor
- MLAG-IPv4-UNDERLAY-PEER remote-as 65103\n neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-SVC3B\n neighbor MLAG-IPv4-UNDERLAY-PEER
- password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
- route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.7 description DC1-SVC3B_Vlan4093\n neighbor 172.31.255.24
- peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.24 remote-as 65001\n neighbor
- 172.31.255.24 description DC1-SPINE1_Ethernet4\n neighbor 172.31.255.26 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.26 remote-as 65001\n neighbor
- 172.31.255.26 description DC1-SPINE2_Ethernet4\n neighbor 172.31.255.28 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.28 remote-as 65001\n neighbor
- 172.31.255.28 description DC1-SPINE3_Ethernet4\n neighbor 172.31.255.30 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.30 remote-as 65001\n neighbor
- 172.31.255.30 description DC1-SPINE4_Ethernet4\n neighbor 192.168.255.1 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor
- 192.168.255.1 description DC1-SPINE1_Loopback0\n neighbor 192.168.255.2 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2 remote-as 65001\n neighbor
- 192.168.255.2 description DC1-SPINE2_Loopback0\n neighbor 192.168.255.3 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3 remote-as 65001\n neighbor
- 192.168.255.3 description DC1-SPINE3_Loopback0\n neighbor 192.168.255.4 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4 remote-as 65001\n neighbor
- 192.168.255.4 description DC1-SPINE4_Loopback0\n redistribute connected route-map
- RM-CONN-2-BGP\n !\n vlan-aware-bundle Tenant_A_APP_Zone\n rd 192.168.255.8:12\n
- \ route-target both 12:12\n redistribute learned\n vlan 130-131\n
- \ !\n vlan-aware-bundle Tenant_A_DB_Zone\n rd 192.168.255.8:13\n route-target
- both 13:13\n redistribute learned\n vlan 140-141\n !\n vlan-aware-bundle
- Tenant_A_OP_Zone\n rd 192.168.255.8:10\n route-target both 10:10\n redistribute
- learned\n vlan 110-111\n !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd
- 192.168.255.8:14\n route-target both 14:14\n redistribute learned\n
- \ vlan 150\n !\n vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.8:11\n
- \ route-target both 11:11\n redistribute learned\n vlan 120-121\n
- \ !\n vlan-aware-bundle Tenant_B_OP_Zone\n rd 192.168.255.8:20\n route-target
- both 20:20\n redistribute learned\n vlan 210-211\n !\n vlan-aware-bundle
- Tenant_B_WAN_Zone\n rd 192.168.255.8:21\n route-target both 21:21\n
- \ redistribute learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n
- \ rd 192.168.255.8:30\n route-target both 30:30\n redistribute learned\n
- \ vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd 192.168.255.8:31\n
- \ route-target both 31:31\n redistribute learned\n vlan 350\n !\n
- \ address-family evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n address-family
- ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n neighbor IPv4-UNDERLAY-PEERS
- activate\n neighbor MLAG-IPv4-UNDERLAY-PEER activate\n !\n vrf Tenant_A_APP_Zone\n
- \ rd 192.168.255.8:12\n route-target import evpn 12:12\n route-target
- export evpn 12:12\n router-id 192.168.255.8\n update wait-install\n
- \ neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor
- 10.255.251.7 description DC1-SVC3B_Vlan3011\n redistribute connected\n !\n
- \ vrf Tenant_A_DB_Zone\n rd 192.168.255.8:13\n route-target import
- evpn 13:13\n route-target export evpn 13:13\n router-id 192.168.255.8\n
+ permit 192.168.254.0/24 eq 32\n!\nip prefix-list PL-MLAG-PEER-VRFS\n seq 10
+ permit 10.255.251.6/31\n!\nmlag configuration\n domain-id DC1_SVC3\n local-interface
+ Vlan4094\n peer-address 10.255.252.7\n peer-link Port-Channel5\n reload-delay
+ mlag 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0 192.168.200.5\n!\nntp
+ local-interface vrf MGMT Management1\nntp server vrf MGMT 192.168.200.5 prefer\n!\nroute-map
+ RM-CONN-2-BGP permit 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map
+ RM-CONN-2-BGP-VRFS deny 10\n match ip address prefix-list PL-MLAG-PEER-VRFS\n!\nroute-map
+ RM-CONN-2-BGP-VRFS permit 20\n!\nroute-map RM-MLAG-PEER-IN permit 10\n description
+ Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal
+ routing\n set origin incomplete\n!\nrouter bfd\n multihop interval 1200 min-rx
+ 1200 multiplier 3\n!\nrouter bgp 65103\n router-id 192.168.255.8\n maximum-paths
+ 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n distance
+ bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS
+ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS
+ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n
+ \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS
+ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS
+ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n
+ \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65103\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-SVC3B\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ send-community\n neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.7
+ peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.7 description DC1-SVC3B_Vlan4093\n
+ \ neighbor 172.31.255.24 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.24
+ remote-as 65001\n neighbor 172.31.255.24 description DC1-SPINE1_Ethernet4\n
+ \ neighbor 172.31.255.26 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.26
+ remote-as 65001\n neighbor 172.31.255.26 description DC1-SPINE2_Ethernet4\n
+ \ neighbor 172.31.255.28 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.28
+ remote-as 65001\n neighbor 172.31.255.28 description DC1-SPINE3_Ethernet4\n
+ \ neighbor 172.31.255.30 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.30
+ remote-as 65001\n neighbor 172.31.255.30 description DC1-SPINE4_Ethernet4\n
+ \ neighbor 192.168.255.1 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1
+ remote-as 65001\n neighbor 192.168.255.1 description DC1-SPINE1_Loopback0\n
+ \ neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2
+ remote-as 65001\n neighbor 192.168.255.2 description DC1-SPINE2_Loopback0\n
+ \ neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3
+ remote-as 65001\n neighbor 192.168.255.3 description DC1-SPINE3_Loopback0\n
+ \ neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4
+ remote-as 65001\n neighbor 192.168.255.4 description DC1-SPINE4_Loopback0\n
+ \ redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle
+ Tenant_A_APP_Zone\n rd 192.168.255.8:12\n route-target both 12:12\n
+ \ redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n
+ \ rd 192.168.255.8:13\n route-target both 13:13\n redistribute learned\n
+ \ vlan 140-141\n !\n vlan-aware-bundle Tenant_A_OP_Zone\n rd 192.168.255.8:10\n
+ \ route-target both 10:10\n redistribute learned\n vlan 110-111\n
+ \ !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd 192.168.255.8:14\n route-target
+ both 14:14\n redistribute learned\n vlan 150\n !\n vlan-aware-bundle
+ Tenant_A_WEB_Zone\n rd 192.168.255.8:11\n route-target both 11:11\n
+ \ redistribute learned\n vlan 120-121\n !\n vlan-aware-bundle Tenant_B_OP_Zone\n
+ \ rd 192.168.255.8:20\n route-target both 20:20\n redistribute learned\n
+ \ vlan 210-211\n !\n vlan-aware-bundle Tenant_B_WAN_Zone\n rd 192.168.255.8:21\n
+ \ route-target both 21:21\n redistribute learned\n vlan 250\n !\n
+ \ vlan-aware-bundle Tenant_C_OP_Zone\n rd 192.168.255.8:30\n route-target
+ both 30:30\n redistribute learned\n vlan 310-311\n !\n vlan-aware-bundle
+ Tenant_C_WAN_Zone\n rd 192.168.255.8:31\n route-target both 31:31\n
+ \ redistribute learned\n vlan 350\n !\n address-family evpn\n neighbor
+ EVPN-OVERLAY-PEERS activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS
+ activate\n neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ activate\n !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.8:12\n route-target
+ import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.8\n
\ update wait-install\n neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.7 description DC1-SVC3B_Vlan3012\n redistribute
- connected\n !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.8:10\n route-target
- import evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.8\n
+ \ neighbor 10.255.251.7 description DC1-SVC3B_Vlan3011\n redistribute
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_A_DB_Zone\n rd
+ 192.168.255.8:13\n route-target import evpn 13:13\n route-target export
+ evpn 13:13\n router-id 192.168.255.8\n update wait-install\n neighbor
+ 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.7 description
+ DC1-SVC3B_Vlan3012\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.8:10\n route-target import
+ evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.8\n
\ update wait-install\n neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.7 description DC1-SVC3B_Vlan3009\n redistribute
- connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.8:14\n route-target
- import evpn 14:14\n route-target export evpn 14:14\n router-id 192.168.255.8\n
- \ update wait-install\n neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.7 description DC1-SVC3B_Vlan3013\n redistribute
- connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.8:11\n route-target
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_A_WAN_Zone\n rd
+ 192.168.255.8:14\n route-target import evpn 14:14\n route-target export
+ evpn 14:14\n router-id 192.168.255.8\n update wait-install\n neighbor
+ 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.7 description
+ DC1-SVC3B_Vlan3013\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.8:11\n route-target
import evpn 11:11\n route-target export evpn 11:11\n router-id 192.168.255.8\n
\ update wait-install\n neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.7 description DC1-SVC3B_Vlan3010\n redistribute
- connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.8:20\n route-target
- import evpn 20:20\n route-target export evpn 20:20\n router-id 192.168.255.8\n
- \ update wait-install\n neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.7 description DC1-SVC3B_Vlan3019\n redistribute
- connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.8:21\n route-target
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_B_OP_Zone\n rd
+ 192.168.255.8:20\n route-target import evpn 20:20\n route-target export
+ evpn 20:20\n router-id 192.168.255.8\n update wait-install\n neighbor
+ 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.7 description
+ DC1-SVC3B_Vlan3019\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.8:21\n route-target
import evpn 21:21\n route-target export evpn 21:21\n router-id 192.168.255.8\n
\ update wait-install\n neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.7 description DC1-SVC3B_Vlan3020\n redistribute
- connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.8:30\n route-target
- import evpn 30:30\n route-target export evpn 30:30\n router-id 192.168.255.8\n
- \ update wait-install\n neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.7 description DC1-SVC3B_Vlan3029\n redistribute
- connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.8:31\n route-target
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_C_OP_Zone\n rd
+ 192.168.255.8:30\n route-target import evpn 30:30\n route-target export
+ evpn 30:30\n router-id 192.168.255.8\n update wait-install\n neighbor
+ 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.7 description
+ DC1-SVC3B_Vlan3029\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.8:31\n route-target
import evpn 31:31\n route-target export evpn 31:31\n router-id 192.168.255.8\n
\ update wait-install\n neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.7 description DC1-SVC3B_Vlan3030\n redistribute
- connected\n!\nend\n"
+ connected route-map RM-CONN-2-BGP-VRFS\n!\nend\n"
AVD_DC1-SVC3B: "!\nno enable password\nno aaa root\n!\nusername admin privilege
15 role network-admin nopassword\nusername cvpadmin privilege 15 role network-admin
secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nmanagement
@@ -1367,102 +1388,107 @@ cvp_configlets:
Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing vrf Tenant_B_WAN_Zone\nip
routing vrf Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n!\nip prefix-list
PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24 eq 32\n seq 20
- permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id DC1_SVC3\n
- \ local-interface Vlan4094\n peer-address 10.255.252.6\n peer-link Port-Channel5\n
- \ reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0
- 192.168.200.5\n!\nntp local-interface vrf MGMT Management1\nntp server vrf MGMT
- 192.168.200.5 prefer\n!\nroute-map RM-CONN-2-BGP permit 10\n match ip address
- prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN permit 10\n
- \ description Make routes learned over MLAG Peer-link less preferred on spines
- to ensure optimal routing\n set origin incomplete\n!\nrouter bfd\n multihop
- interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65103\n router-id 192.168.255.9\n
- \ maximum-paths 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n
- \ distance bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor
- EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n
- \ neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS
- password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS send-community\n
- \ neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS
- peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n
- \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS
- maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER peer group\n neighbor
- MLAG-IPv4-UNDERLAY-PEER remote-as 65103\n neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-SVC3A\n neighbor MLAG-IPv4-UNDERLAY-PEER
- password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
- route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.6 description DC1-SVC3A_Vlan4093\n neighbor 172.31.255.32
- peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.32 remote-as 65001\n neighbor
- 172.31.255.32 description DC1-SPINE1_Ethernet5\n neighbor 172.31.255.34 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.34 remote-as 65001\n neighbor
- 172.31.255.34 description DC1-SPINE2_Ethernet5\n neighbor 172.31.255.36 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.36 remote-as 65001\n neighbor
- 172.31.255.36 description DC1-SPINE3_Ethernet5\n neighbor 172.31.255.38 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.38 remote-as 65001\n neighbor
- 172.31.255.38 description DC1-SPINE4_Ethernet5\n neighbor 192.168.255.1 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor
- 192.168.255.1 description DC1-SPINE1_Loopback0\n neighbor 192.168.255.2 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2 remote-as 65001\n neighbor
- 192.168.255.2 description DC1-SPINE2_Loopback0\n neighbor 192.168.255.3 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3 remote-as 65001\n neighbor
- 192.168.255.3 description DC1-SPINE3_Loopback0\n neighbor 192.168.255.4 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4 remote-as 65001\n neighbor
- 192.168.255.4 description DC1-SPINE4_Loopback0\n redistribute connected route-map
- RM-CONN-2-BGP\n !\n vlan-aware-bundle Tenant_A_APP_Zone\n rd 192.168.255.9:12\n
- \ route-target both 12:12\n redistribute learned\n vlan 130-131\n
- \ !\n vlan-aware-bundle Tenant_A_DB_Zone\n rd 192.168.255.9:13\n route-target
- both 13:13\n redistribute learned\n vlan 140-141\n !\n vlan-aware-bundle
- Tenant_A_OP_Zone\n rd 192.168.255.9:10\n route-target both 10:10\n redistribute
- learned\n vlan 110-111\n !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd
- 192.168.255.9:14\n route-target both 14:14\n redistribute learned\n
- \ vlan 150\n !\n vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.9:11\n
- \ route-target both 11:11\n redistribute learned\n vlan 120-121\n
- \ !\n vlan-aware-bundle Tenant_B_OP_Zone\n rd 192.168.255.9:20\n route-target
- both 20:20\n redistribute learned\n vlan 210-211\n !\n vlan-aware-bundle
- Tenant_B_WAN_Zone\n rd 192.168.255.9:21\n route-target both 21:21\n
- \ redistribute learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n
- \ rd 192.168.255.9:30\n route-target both 30:30\n redistribute learned\n
- \ vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd 192.168.255.9:31\n
- \ route-target both 31:31\n redistribute learned\n vlan 350\n !\n
- \ address-family evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n address-family
- ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n neighbor IPv4-UNDERLAY-PEERS
- activate\n neighbor MLAG-IPv4-UNDERLAY-PEER activate\n !\n vrf Tenant_A_APP_Zone\n
- \ rd 192.168.255.9:12\n route-target import evpn 12:12\n route-target
- export evpn 12:12\n router-id 192.168.255.9\n update wait-install\n
- \ neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor
- 10.255.251.6 description DC1-SVC3A_Vlan3011\n redistribute connected\n !\n
- \ vrf Tenant_A_DB_Zone\n rd 192.168.255.9:13\n route-target import
- evpn 13:13\n route-target export evpn 13:13\n router-id 192.168.255.9\n
+ permit 192.168.254.0/24 eq 32\n!\nip prefix-list PL-MLAG-PEER-VRFS\n seq 10
+ permit 10.255.251.6/31\n!\nmlag configuration\n domain-id DC1_SVC3\n local-interface
+ Vlan4094\n peer-address 10.255.252.6\n peer-link Port-Channel5\n reload-delay
+ mlag 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0 192.168.200.5\n!\nntp
+ local-interface vrf MGMT Management1\nntp server vrf MGMT 192.168.200.5 prefer\n!\nroute-map
+ RM-CONN-2-BGP permit 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map
+ RM-CONN-2-BGP-VRFS deny 10\n match ip address prefix-list PL-MLAG-PEER-VRFS\n!\nroute-map
+ RM-CONN-2-BGP-VRFS permit 20\n!\nroute-map RM-MLAG-PEER-IN permit 10\n description
+ Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal
+ routing\n set origin incomplete\n!\nrouter bfd\n multihop interval 1200 min-rx
+ 1200 multiplier 3\n!\nrouter bgp 65103\n router-id 192.168.255.9\n maximum-paths
+ 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n distance
+ bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS
+ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS
+ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n
+ \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS
+ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS
+ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n
+ \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65103\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-SVC3A\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ send-community\n neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.6
+ peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.6 description DC1-SVC3A_Vlan4093\n
+ \ neighbor 172.31.255.32 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.32
+ remote-as 65001\n neighbor 172.31.255.32 description DC1-SPINE1_Ethernet5\n
+ \ neighbor 172.31.255.34 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.34
+ remote-as 65001\n neighbor 172.31.255.34 description DC1-SPINE2_Ethernet5\n
+ \ neighbor 172.31.255.36 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.36
+ remote-as 65001\n neighbor 172.31.255.36 description DC1-SPINE3_Ethernet5\n
+ \ neighbor 172.31.255.38 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.38
+ remote-as 65001\n neighbor 172.31.255.38 description DC1-SPINE4_Ethernet5\n
+ \ neighbor 192.168.255.1 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1
+ remote-as 65001\n neighbor 192.168.255.1 description DC1-SPINE1_Loopback0\n
+ \ neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2
+ remote-as 65001\n neighbor 192.168.255.2 description DC1-SPINE2_Loopback0\n
+ \ neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3
+ remote-as 65001\n neighbor 192.168.255.3 description DC1-SPINE3_Loopback0\n
+ \ neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4
+ remote-as 65001\n neighbor 192.168.255.4 description DC1-SPINE4_Loopback0\n
+ \ redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle
+ Tenant_A_APP_Zone\n rd 192.168.255.9:12\n route-target both 12:12\n
+ \ redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n
+ \ rd 192.168.255.9:13\n route-target both 13:13\n redistribute learned\n
+ \ vlan 140-141\n !\n vlan-aware-bundle Tenant_A_OP_Zone\n rd 192.168.255.9:10\n
+ \ route-target both 10:10\n redistribute learned\n vlan 110-111\n
+ \ !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd 192.168.255.9:14\n route-target
+ both 14:14\n redistribute learned\n vlan 150\n !\n vlan-aware-bundle
+ Tenant_A_WEB_Zone\n rd 192.168.255.9:11\n route-target both 11:11\n
+ \ redistribute learned\n vlan 120-121\n !\n vlan-aware-bundle Tenant_B_OP_Zone\n
+ \ rd 192.168.255.9:20\n route-target both 20:20\n redistribute learned\n
+ \ vlan 210-211\n !\n vlan-aware-bundle Tenant_B_WAN_Zone\n rd 192.168.255.9:21\n
+ \ route-target both 21:21\n redistribute learned\n vlan 250\n !\n
+ \ vlan-aware-bundle Tenant_C_OP_Zone\n rd 192.168.255.9:30\n route-target
+ both 30:30\n redistribute learned\n vlan 310-311\n !\n vlan-aware-bundle
+ Tenant_C_WAN_Zone\n rd 192.168.255.9:31\n route-target both 31:31\n
+ \ redistribute learned\n vlan 350\n !\n address-family evpn\n neighbor
+ EVPN-OVERLAY-PEERS activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS
+ activate\n neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ activate\n !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.9:12\n route-target
+ import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.9\n
\ update wait-install\n neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.6 description DC1-SVC3A_Vlan3012\n redistribute
- connected\n !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.9:10\n route-target
- import evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.9\n
+ \ neighbor 10.255.251.6 description DC1-SVC3A_Vlan3011\n redistribute
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_A_DB_Zone\n rd
+ 192.168.255.9:13\n route-target import evpn 13:13\n route-target export
+ evpn 13:13\n router-id 192.168.255.9\n update wait-install\n neighbor
+ 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.6 description
+ DC1-SVC3A_Vlan3012\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.9:10\n route-target import
+ evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.9\n
\ update wait-install\n neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.6 description DC1-SVC3A_Vlan3009\n redistribute
- connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.9:14\n route-target
- import evpn 14:14\n route-target export evpn 14:14\n router-id 192.168.255.9\n
- \ update wait-install\n neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.6 description DC1-SVC3A_Vlan3013\n redistribute
- connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.9:11\n route-target
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_A_WAN_Zone\n rd
+ 192.168.255.9:14\n route-target import evpn 14:14\n route-target export
+ evpn 14:14\n router-id 192.168.255.9\n update wait-install\n neighbor
+ 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.6 description
+ DC1-SVC3A_Vlan3013\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.9:11\n route-target
import evpn 11:11\n route-target export evpn 11:11\n router-id 192.168.255.9\n
\ update wait-install\n neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.6 description DC1-SVC3A_Vlan3010\n redistribute
- connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.9:20\n route-target
- import evpn 20:20\n route-target export evpn 20:20\n router-id 192.168.255.9\n
- \ update wait-install\n neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.6 description DC1-SVC3A_Vlan3019\n redistribute
- connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.9:21\n route-target
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_B_OP_Zone\n rd
+ 192.168.255.9:20\n route-target import evpn 20:20\n route-target export
+ evpn 20:20\n router-id 192.168.255.9\n update wait-install\n neighbor
+ 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.6 description
+ DC1-SVC3A_Vlan3019\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.9:21\n route-target
import evpn 21:21\n route-target export evpn 21:21\n router-id 192.168.255.9\n
\ update wait-install\n neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.6 description DC1-SVC3A_Vlan3020\n redistribute
- connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.9:30\n route-target
- import evpn 30:30\n route-target export evpn 30:30\n router-id 192.168.255.9\n
- \ update wait-install\n neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.6 description DC1-SVC3A_Vlan3029\n redistribute
- connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.9:31\n route-target
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_C_OP_Zone\n rd
+ 192.168.255.9:30\n route-target import evpn 30:30\n route-target export
+ evpn 30:30\n router-id 192.168.255.9\n update wait-install\n neighbor
+ 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.6 description
+ DC1-SVC3A_Vlan3029\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.9:31\n route-target
import evpn 31:31\n route-target export evpn 31:31\n router-id 192.168.255.9\n
\ update wait-install\n neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.6 description DC1-SVC3A_Vlan3030\n redistribute
- connected\n!\nend\n"
+ connected route-map RM-CONN-2-BGP-VRFS\n!\nend\n"
cvp_topology:
DC1_BL1:
devices:
diff --git a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/cvp/cv_server_configlets.yml b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/cvp/cv_server_configlets.yml
index 8dbeb69de33..0280aebade7 100644
--- a/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/cvp/cv_server_configlets.yml
+++ b/ansible_collections/arista/avd/molecule/eos_config_deploy_cvp/intended/structured_configs/cvp/cv_server_configlets.yml
@@ -52,67 +52,71 @@ cvp_configlets:
vni 31\n!\nip virtual-router mac-address 00:dc:00:00:00:0a\n!\nip routing\nno
ip routing vrf MGMT\nip routing vrf Tenant_A_WAN_Zone\nip routing vrf Tenant_B_WAN_Zone\nip
routing vrf Tenant_C_WAN_Zone\n!\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq
- 10 permit 192.168.255.0/24 eq 32\n seq 20 permit 192.168.254.0/24 eq 32\n!\nmlag
- configuration\n domain-id DC1_BL1\n local-interface Vlan4094\n peer-address
- 10.255.252.11\n peer-link Port-Channel5\n reload-delay mlag 300\n reload-delay
- non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0 192.168.200.5\n!\nntp local-interface
- vrf MGMT Management1\nntp server vrf MGMT 192.168.200.5 prefer\n!\nroute-map RM-CONN-2-BGP
+ 10 permit 192.168.255.0/24 eq 32\n seq 20 permit 192.168.254.0/24 eq 32\n!\nip
+ prefix-list PL-MLAG-PEER-VRFS\n seq 10 permit 10.255.251.10/31\n!\nmlag configuration\n
+ \ domain-id DC1_BL1\n local-interface Vlan4094\n peer-address 10.255.252.11\n
+ \ peer-link Port-Channel5\n reload-delay mlag 300\n reload-delay non-mlag
+ 330\n!\nip route vrf MGMT 0.0.0.0/0 192.168.200.5\n!\nntp local-interface vrf
+ MGMT Management1\nntp server vrf MGMT 192.168.200.5 prefer\n!\nroute-map RM-CONN-2-BGP
permit 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map
- RM-MLAG-PEER-IN permit 10\n description Make routes learned over MLAG Peer-link
- less preferred on spines to ensure optimal routing\n set origin incomplete\n!\nrouter
- bfd\n multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65104\n
- \ router-id 192.168.255.10\n maximum-paths 4 ecmp 4\n update wait-install\n
- \ no bgp default ipv4-unicast\n distance bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS
- peer group\n neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor
- EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor
- EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS
- send-community\n neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS
- peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n
- \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS
- maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER peer group\n neighbor
- MLAG-IPv4-UNDERLAY-PEER remote-as 65104\n neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-BL1B\n neighbor MLAG-IPv4-UNDERLAY-PEER
- password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
- route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.11 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.11 description DC1-BL1B_Vlan4093\n neighbor 172.31.255.40
- peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.40 remote-as 65001\n neighbor
- 172.31.255.40 description DC1-SPINE1_Ethernet6\n neighbor 172.31.255.42 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.42 remote-as 65001\n neighbor
- 172.31.255.42 description DC1-SPINE2_Ethernet6\n neighbor 172.31.255.44 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.44 remote-as 65001\n neighbor
- 172.31.255.44 description DC1-SPINE3_Ethernet6\n neighbor 172.31.255.46 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.46 remote-as 65001\n neighbor
- 172.31.255.46 description DC1-SPINE4_Ethernet6\n neighbor 192.168.255.1 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor
- 192.168.255.1 description DC1-SPINE1_Loopback0\n neighbor 192.168.255.2 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2 remote-as 65001\n neighbor
- 192.168.255.2 description DC1-SPINE2_Loopback0\n neighbor 192.168.255.3 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3 remote-as 65001\n neighbor
- 192.168.255.3 description DC1-SPINE3_Loopback0\n neighbor 192.168.255.4 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4 remote-as 65001\n neighbor
- 192.168.255.4 description DC1-SPINE4_Loopback0\n redistribute connected route-map
- RM-CONN-2-BGP\n !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd 192.168.255.10:14\n
- \ route-target both 14:14\n redistribute learned\n vlan 150\n !\n
- \ vlan-aware-bundle Tenant_B_WAN_Zone\n rd 192.168.255.10:21\n route-target
- both 21:21\n redistribute learned\n vlan 250\n !\n vlan-aware-bundle
- Tenant_C_WAN_Zone\n rd 192.168.255.10:31\n route-target both 31:31\n
- \ redistribute learned\n vlan 350\n !\n address-family evpn\n neighbor
- EVPN-OVERLAY-PEERS activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS
- activate\n neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ RM-CONN-2-BGP-VRFS deny 10\n match ip address prefix-list PL-MLAG-PEER-VRFS\n!\nroute-map
+ RM-CONN-2-BGP-VRFS permit 20\n!\nroute-map RM-MLAG-PEER-IN permit 10\n description
+ Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal
+ routing\n set origin incomplete\n!\nrouter bfd\n multihop interval 1200 min-rx
+ 1200 multiplier 3\n!\nrouter bgp 65104\n router-id 192.168.255.10\n maximum-paths
+ 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n distance
+ bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS
+ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS
+ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n
+ \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS
+ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS
+ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n
+ \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65104\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-BL1B\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ send-community\n neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.11
+ peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.11 description DC1-BL1B_Vlan4093\n
+ \ neighbor 172.31.255.40 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.40
+ remote-as 65001\n neighbor 172.31.255.40 description DC1-SPINE1_Ethernet6\n
+ \ neighbor 172.31.255.42 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.42
+ remote-as 65001\n neighbor 172.31.255.42 description DC1-SPINE2_Ethernet6\n
+ \ neighbor 172.31.255.44 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.44
+ remote-as 65001\n neighbor 172.31.255.44 description DC1-SPINE3_Ethernet6\n
+ \ neighbor 172.31.255.46 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.46
+ remote-as 65001\n neighbor 172.31.255.46 description DC1-SPINE4_Ethernet6\n
+ \ neighbor 192.168.255.1 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1
+ remote-as 65001\n neighbor 192.168.255.1 description DC1-SPINE1_Loopback0\n
+ \ neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2
+ remote-as 65001\n neighbor 192.168.255.2 description DC1-SPINE2_Loopback0\n
+ \ neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3
+ remote-as 65001\n neighbor 192.168.255.3 description DC1-SPINE3_Loopback0\n
+ \ neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4
+ remote-as 65001\n neighbor 192.168.255.4 description DC1-SPINE4_Loopback0\n
+ \ redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle
+ Tenant_A_WAN_Zone\n rd 192.168.255.10:14\n route-target both 14:14\n
+ \ redistribute learned\n vlan 150\n !\n vlan-aware-bundle Tenant_B_WAN_Zone\n
+ \ rd 192.168.255.10:21\n route-target both 21:21\n redistribute
+ learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd
+ 192.168.255.10:31\n route-target both 31:31\n redistribute learned\n
+ \ vlan 350\n !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS
+ activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n
+ \ neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER
activate\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.10:14\n route-target
import evpn 14:14\n route-target export evpn 14:14\n router-id 192.168.255.10\n
\ update wait-install\n neighbor 10.255.251.11 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.11 description DC1-BL1B_Vlan3013\n redistribute
- connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.10:21\n route-target
- import evpn 21:21\n route-target export evpn 21:21\n router-id 192.168.255.10\n
- \ update wait-install\n neighbor 10.255.251.11 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.11 description DC1-BL1B_Vlan3020\n redistribute
- connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.10:31\n route-target
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_B_WAN_Zone\n rd
+ 192.168.255.10:21\n route-target import evpn 21:21\n route-target export
+ evpn 21:21\n router-id 192.168.255.10\n update wait-install\n neighbor
+ 10.255.251.11 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.11
+ description DC1-BL1B_Vlan3020\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.10:31\n route-target
import evpn 31:31\n route-target export evpn 31:31\n router-id 192.168.255.10\n
\ update wait-install\n neighbor 10.255.251.11 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.11 description DC1-BL1B_Vlan3030\n redistribute
- connected\n!\nend\n"
+ connected route-map RM-CONN-2-BGP-VRFS\n!\nend\n"
AVD_DC1-BL1B: "!\nno enable password\nno aaa root\n!\nusername admin privilege 15
role network-admin nopassword\nusername cvpadmin privilege 15 role network-admin
secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nmanagement
@@ -166,67 +170,71 @@ cvp_configlets:
vni 31\n!\nip virtual-router mac-address 00:dc:00:00:00:0a\n!\nip routing\nno
ip routing vrf MGMT\nip routing vrf Tenant_A_WAN_Zone\nip routing vrf Tenant_B_WAN_Zone\nip
routing vrf Tenant_C_WAN_Zone\n!\nip prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq
- 10 permit 192.168.255.0/24 eq 32\n seq 20 permit 192.168.254.0/24 eq 32\n!\nmlag
- configuration\n domain-id DC1_BL1\n local-interface Vlan4094\n peer-address
- 10.255.252.10\n peer-link Port-Channel5\n reload-delay mlag 300\n reload-delay
- non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0 192.168.200.5\n!\nntp local-interface
- vrf MGMT Management1\nntp server vrf MGMT 192.168.200.5 prefer\n!\nroute-map RM-CONN-2-BGP
+ 10 permit 192.168.255.0/24 eq 32\n seq 20 permit 192.168.254.0/24 eq 32\n!\nip
+ prefix-list PL-MLAG-PEER-VRFS\n seq 10 permit 10.255.251.10/31\n!\nmlag configuration\n
+ \ domain-id DC1_BL1\n local-interface Vlan4094\n peer-address 10.255.252.10\n
+ \ peer-link Port-Channel5\n reload-delay mlag 300\n reload-delay non-mlag
+ 330\n!\nip route vrf MGMT 0.0.0.0/0 192.168.200.5\n!\nntp local-interface vrf
+ MGMT Management1\nntp server vrf MGMT 192.168.200.5 prefer\n!\nroute-map RM-CONN-2-BGP
permit 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map
- RM-MLAG-PEER-IN permit 10\n description Make routes learned over MLAG Peer-link
- less preferred on spines to ensure optimal routing\n set origin incomplete\n!\nrouter
- bfd\n multihop interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65104\n
- \ router-id 192.168.255.11\n maximum-paths 4 ecmp 4\n update wait-install\n
- \ no bgp default ipv4-unicast\n distance bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS
- peer group\n neighbor EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor
- EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor
- EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS
- send-community\n neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS
- peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n
- \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS
- maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER peer group\n neighbor
- MLAG-IPv4-UNDERLAY-PEER remote-as 65104\n neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-BL1A\n neighbor MLAG-IPv4-UNDERLAY-PEER
- password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
- route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.10 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.10 description DC1-BL1A_Vlan4093\n neighbor 172.31.255.48
- peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.48 remote-as 65001\n neighbor
- 172.31.255.48 description DC1-SPINE1_Ethernet7\n neighbor 172.31.255.50 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.50 remote-as 65001\n neighbor
- 172.31.255.50 description DC1-SPINE2_Ethernet7\n neighbor 172.31.255.52 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.52 remote-as 65001\n neighbor
- 172.31.255.52 description DC1-SPINE3_Ethernet7\n neighbor 172.31.255.54 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.54 remote-as 65001\n neighbor
- 172.31.255.54 description DC1-SPINE4_Ethernet7\n neighbor 192.168.255.1 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor
- 192.168.255.1 description DC1-SPINE1_Loopback0\n neighbor 192.168.255.2 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2 remote-as 65001\n neighbor
- 192.168.255.2 description DC1-SPINE2_Loopback0\n neighbor 192.168.255.3 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3 remote-as 65001\n neighbor
- 192.168.255.3 description DC1-SPINE3_Loopback0\n neighbor 192.168.255.4 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4 remote-as 65001\n neighbor
- 192.168.255.4 description DC1-SPINE4_Loopback0\n redistribute connected route-map
- RM-CONN-2-BGP\n !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd 192.168.255.11:14\n
- \ route-target both 14:14\n redistribute learned\n vlan 150\n !\n
- \ vlan-aware-bundle Tenant_B_WAN_Zone\n rd 192.168.255.11:21\n route-target
- both 21:21\n redistribute learned\n vlan 250\n !\n vlan-aware-bundle
- Tenant_C_WAN_Zone\n rd 192.168.255.11:31\n route-target both 31:31\n
- \ redistribute learned\n vlan 350\n !\n address-family evpn\n neighbor
- EVPN-OVERLAY-PEERS activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS
- activate\n neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ RM-CONN-2-BGP-VRFS deny 10\n match ip address prefix-list PL-MLAG-PEER-VRFS\n!\nroute-map
+ RM-CONN-2-BGP-VRFS permit 20\n!\nroute-map RM-MLAG-PEER-IN permit 10\n description
+ Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal
+ routing\n set origin incomplete\n!\nrouter bfd\n multihop interval 1200 min-rx
+ 1200 multiplier 3\n!\nrouter bgp 65104\n router-id 192.168.255.11\n maximum-paths
+ 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n distance
+ bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS
+ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS
+ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n
+ \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS
+ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS
+ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n
+ \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65104\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-BL1A\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ send-community\n neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.10
+ peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.10 description DC1-BL1A_Vlan4093\n
+ \ neighbor 172.31.255.48 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.48
+ remote-as 65001\n neighbor 172.31.255.48 description DC1-SPINE1_Ethernet7\n
+ \ neighbor 172.31.255.50 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.50
+ remote-as 65001\n neighbor 172.31.255.50 description DC1-SPINE2_Ethernet7\n
+ \ neighbor 172.31.255.52 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.52
+ remote-as 65001\n neighbor 172.31.255.52 description DC1-SPINE3_Ethernet7\n
+ \ neighbor 172.31.255.54 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.54
+ remote-as 65001\n neighbor 172.31.255.54 description DC1-SPINE4_Ethernet7\n
+ \ neighbor 192.168.255.1 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1
+ remote-as 65001\n neighbor 192.168.255.1 description DC1-SPINE1_Loopback0\n
+ \ neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2
+ remote-as 65001\n neighbor 192.168.255.2 description DC1-SPINE2_Loopback0\n
+ \ neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3
+ remote-as 65001\n neighbor 192.168.255.3 description DC1-SPINE3_Loopback0\n
+ \ neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4
+ remote-as 65001\n neighbor 192.168.255.4 description DC1-SPINE4_Loopback0\n
+ \ redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle
+ Tenant_A_WAN_Zone\n rd 192.168.255.11:14\n route-target both 14:14\n
+ \ redistribute learned\n vlan 150\n !\n vlan-aware-bundle Tenant_B_WAN_Zone\n
+ \ rd 192.168.255.11:21\n route-target both 21:21\n redistribute
+ learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd
+ 192.168.255.11:31\n route-target both 31:31\n redistribute learned\n
+ \ vlan 350\n !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS
+ activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n
+ \ neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER
activate\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.11:14\n route-target
import evpn 14:14\n route-target export evpn 14:14\n router-id 192.168.255.11\n
\ update wait-install\n neighbor 10.255.251.10 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.10 description DC1-BL1A_Vlan3013\n redistribute
- connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.11:21\n route-target
- import evpn 21:21\n route-target export evpn 21:21\n router-id 192.168.255.11\n
- \ update wait-install\n neighbor 10.255.251.10 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.10 description DC1-BL1A_Vlan3020\n redistribute
- connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.11:31\n route-target
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_B_WAN_Zone\n rd
+ 192.168.255.11:21\n route-target import evpn 21:21\n route-target export
+ evpn 21:21\n router-id 192.168.255.11\n update wait-install\n neighbor
+ 10.255.251.10 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.10
+ description DC1-BL1A_Vlan3020\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.11:31\n route-target
import evpn 31:31\n route-target export evpn 31:31\n router-id 192.168.255.11\n
\ update wait-install\n neighbor 10.255.251.10 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.10 description DC1-BL1A_Vlan3030\n redistribute
- connected\n!\nend\n"
+ connected route-map RM-CONN-2-BGP-VRFS\n!\nend\n"
AVD_DC1-L2LEAF1A: "!\nno enable password\nno aaa root\n!\nusername admin privilege
15 role network-admin nopassword\nusername cvpadmin privilege 15 role network-admin
secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nmanagement
@@ -499,85 +507,89 @@ cvp_configlets:
routing vrf Tenant_A_DB_Zone\nip routing vrf Tenant_A_OP_Zone\nip routing vrf
Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing vrf Tenant_C_OP_Zone\n!\nip
prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24 eq 32\n
- \ seq 20 permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id DC1_LEAF2\n
+ \ seq 20 permit 192.168.254.0/24 eq 32\n!\nip prefix-list PL-MLAG-PEER-VRFS\n
+ \ seq 10 permit 10.255.251.2/31\n!\nmlag configuration\n domain-id DC1_LEAF2\n
\ local-interface Vlan4094\n peer-address 10.255.252.3\n peer-link Port-Channel5\n
\ reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0
192.168.200.5\n!\nntp local-interface vrf MGMT Management1\nntp server vrf MGMT
192.168.200.5 prefer\n!\nroute-map RM-CONN-2-BGP permit 10\n match ip address
- prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN permit 10\n
- \ description Make routes learned over MLAG Peer-link less preferred on spines
- to ensure optimal routing\n set origin incomplete\n!\nrouter bfd\n multihop
- interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65102\n router-id 192.168.255.6\n
- \ maximum-paths 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n
- \ distance bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor
- EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n
- \ neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS
- password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS send-community\n
- \ neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS
- peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n
- \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS
- maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER peer group\n neighbor
- MLAG-IPv4-UNDERLAY-PEER remote-as 65102\n neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2B\n neighbor MLAG-IPv4-UNDERLAY-PEER
- password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
- route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.3 description DC1-LEAF2B_Vlan4093\n neighbor 172.31.255.8
- peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.8 remote-as 65001\n neighbor
- 172.31.255.8 description DC1-SPINE1_Ethernet2\n neighbor 172.31.255.10 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.10 remote-as 65001\n neighbor
- 172.31.255.10 description DC1-SPINE2_Ethernet2\n neighbor 172.31.255.12 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.12 remote-as 65001\n neighbor
- 172.31.255.12 description DC1-SPINE3_Ethernet2\n neighbor 172.31.255.14 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.14 remote-as 65001\n neighbor
- 172.31.255.14 description DC1-SPINE4_Ethernet2\n neighbor 192.168.255.1 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor
- 192.168.255.1 description DC1-SPINE1_Loopback0\n neighbor 192.168.255.2 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2 remote-as 65001\n neighbor
- 192.168.255.2 description DC1-SPINE2_Loopback0\n neighbor 192.168.255.3 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3 remote-as 65001\n neighbor
- 192.168.255.3 description DC1-SPINE3_Loopback0\n neighbor 192.168.255.4 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4 remote-as 65001\n neighbor
- 192.168.255.4 description DC1-SPINE4_Loopback0\n redistribute connected route-map
- RM-CONN-2-BGP\n !\n vlan-aware-bundle Tenant_A_APP_Zone\n rd 192.168.255.6:12\n
- \ route-target both 12:12\n redistribute learned\n vlan 130-131\n
- \ !\n vlan-aware-bundle Tenant_A_DB_Zone\n rd 192.168.255.6:13\n route-target
- both 13:13\n redistribute learned\n vlan 140-141\n !\n vlan-aware-bundle
- Tenant_A_OP_Zone\n rd 192.168.255.6:10\n route-target both 10:10\n redistribute
- learned\n vlan 110-111\n !\n vlan-aware-bundle Tenant_A_WEB_Zone\n rd
- 192.168.255.6:11\n route-target both 11:11\n redistribute learned\n
- \ vlan 120-121\n !\n vlan-aware-bundle Tenant_B_OP_Zone\n rd 192.168.255.6:20\n
- \ route-target both 20:20\n redistribute learned\n vlan 210-211\n
- \ !\n vlan-aware-bundle Tenant_C_OP_Zone\n rd 192.168.255.6:30\n route-target
- both 30:30\n redistribute learned\n vlan 310-311\n !\n address-family
- evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n address-family ipv4\n
- \ no neighbor EVPN-OVERLAY-PEERS activate\n neighbor IPv4-UNDERLAY-PEERS
- activate\n neighbor MLAG-IPv4-UNDERLAY-PEER activate\n !\n vrf Tenant_A_APP_Zone\n
- \ rd 192.168.255.6:12\n route-target import evpn 12:12\n route-target
- export evpn 12:12\n router-id 192.168.255.6\n update wait-install\n
- \ neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor
- 10.255.251.3 description DC1-LEAF2B_Vlan3011\n redistribute connected\n !\n
- \ vrf Tenant_A_DB_Zone\n rd 192.168.255.6:13\n route-target import
- evpn 13:13\n route-target export evpn 13:13\n router-id 192.168.255.6\n
+ prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-CONN-2-BGP-VRFS deny 10\n
+ \ match ip address prefix-list PL-MLAG-PEER-VRFS\n!\nroute-map RM-CONN-2-BGP-VRFS
+ permit 20\n!\nroute-map RM-MLAG-PEER-IN permit 10\n description Make routes
+ learned over MLAG Peer-link less preferred on spines to ensure optimal routing\n
+ \ set origin incomplete\n!\nrouter bfd\n multihop interval 1200 min-rx 1200
+ multiplier 3\n!\nrouter bgp 65102\n router-id 192.168.255.6\n maximum-paths
+ 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n distance
+ bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS
+ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS
+ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n
+ \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS
+ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS
+ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n
+ \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2B\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ send-community\n neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.3
+ peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.3 description DC1-LEAF2B_Vlan4093\n
+ \ neighbor 172.31.255.8 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.8
+ remote-as 65001\n neighbor 172.31.255.8 description DC1-SPINE1_Ethernet2\n neighbor
+ 172.31.255.10 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.10 remote-as
+ 65001\n neighbor 172.31.255.10 description DC1-SPINE2_Ethernet2\n neighbor
+ 172.31.255.12 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.12 remote-as
+ 65001\n neighbor 172.31.255.12 description DC1-SPINE3_Ethernet2\n neighbor
+ 172.31.255.14 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.14 remote-as
+ 65001\n neighbor 172.31.255.14 description DC1-SPINE4_Ethernet2\n neighbor
+ 192.168.255.1 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as
+ 65001\n neighbor 192.168.255.1 description DC1-SPINE1_Loopback0\n neighbor
+ 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2 remote-as
+ 65001\n neighbor 192.168.255.2 description DC1-SPINE2_Loopback0\n neighbor
+ 192.168.255.3 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3 remote-as
+ 65001\n neighbor 192.168.255.3 description DC1-SPINE3_Loopback0\n neighbor
+ 192.168.255.4 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4 remote-as
+ 65001\n neighbor 192.168.255.4 description DC1-SPINE4_Loopback0\n redistribute
+ connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle Tenant_A_APP_Zone\n
+ \ rd 192.168.255.6:12\n route-target both 12:12\n redistribute learned\n
+ \ vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n rd 192.168.255.6:13\n
+ \ route-target both 13:13\n redistribute learned\n vlan 140-141\n
+ \ !\n vlan-aware-bundle Tenant_A_OP_Zone\n rd 192.168.255.6:10\n route-target
+ both 10:10\n redistribute learned\n vlan 110-111\n !\n vlan-aware-bundle
+ Tenant_A_WEB_Zone\n rd 192.168.255.6:11\n route-target both 11:11\n
+ \ redistribute learned\n vlan 120-121\n !\n vlan-aware-bundle Tenant_B_OP_Zone\n
+ \ rd 192.168.255.6:20\n route-target both 20:20\n redistribute learned\n
+ \ vlan 210-211\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n rd 192.168.255.6:30\n
+ \ route-target both 30:30\n redistribute learned\n vlan 310-311\n
+ \ !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n
+ \ address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n neighbor
+ IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER activate\n
+ \ !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.6:12\n route-target
+ import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.6\n
\ update wait-install\n neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3012\n redistribute
- connected\n !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.6:10\n route-target
- import evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.6\n
+ \ neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3011\n redistribute
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_A_DB_Zone\n rd
+ 192.168.255.6:13\n route-target import evpn 13:13\n route-target export
+ evpn 13:13\n router-id 192.168.255.6\n update wait-install\n neighbor
+ 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.3 description
+ DC1-LEAF2B_Vlan3012\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.6:10\n route-target import
+ evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.6\n
\ update wait-install\n neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3009\n redistribute
- connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.6:11\n route-target
- import evpn 11:11\n route-target export evpn 11:11\n router-id 192.168.255.6\n
- \ update wait-install\n neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3010\n redistribute
- connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.6:20\n route-target
- import evpn 20:20\n route-target export evpn 20:20\n router-id 192.168.255.6\n
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_A_WEB_Zone\n rd
+ 192.168.255.6:11\n route-target import evpn 11:11\n route-target export
+ evpn 11:11\n router-id 192.168.255.6\n update wait-install\n neighbor
+ 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.3 description
+ DC1-LEAF2B_Vlan3010\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.6:20\n route-target import
+ evpn 20:20\n route-target export evpn 20:20\n router-id 192.168.255.6\n
\ update wait-install\n neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3019\n redistribute
- connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.6:30\n route-target
- import evpn 30:30\n route-target export evpn 30:30\n router-id 192.168.255.6\n
- \ update wait-install\n neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3029\n redistribute
- connected\n!\nend\n"
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_C_OP_Zone\n rd
+ 192.168.255.6:30\n route-target import evpn 30:30\n route-target export
+ evpn 30:30\n router-id 192.168.255.6\n update wait-install\n neighbor
+ 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.3 description
+ DC1-LEAF2B_Vlan3029\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n!\nend\n"
AVD_DC1-LEAF2B: "!\nno enable password\nno aaa root\n!\nusername admin privilege
15 role network-admin nopassword\nusername cvpadmin privilege 15 role network-admin
secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nmanagement
@@ -675,85 +687,89 @@ cvp_configlets:
routing vrf Tenant_A_DB_Zone\nip routing vrf Tenant_A_OP_Zone\nip routing vrf
Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing vrf Tenant_C_OP_Zone\n!\nip
prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24 eq 32\n
- \ seq 20 permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id DC1_LEAF2\n
+ \ seq 20 permit 192.168.254.0/24 eq 32\n!\nip prefix-list PL-MLAG-PEER-VRFS\n
+ \ seq 10 permit 10.255.251.2/31\n!\nmlag configuration\n domain-id DC1_LEAF2\n
\ local-interface Vlan4094\n peer-address 10.255.252.2\n peer-link Port-Channel5\n
\ reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0
192.168.200.5\n!\nntp local-interface vrf MGMT Management1\nntp server vrf MGMT
192.168.200.5 prefer\n!\nroute-map RM-CONN-2-BGP permit 10\n match ip address
- prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN permit 10\n
- \ description Make routes learned over MLAG Peer-link less preferred on spines
- to ensure optimal routing\n set origin incomplete\n!\nrouter bfd\n multihop
- interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65102\n router-id 192.168.255.7\n
- \ maximum-paths 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n
- \ distance bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor
- EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n
- \ neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS
- password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS send-community\n
- \ neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS
- peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n
- \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS
- maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER peer group\n neighbor
- MLAG-IPv4-UNDERLAY-PEER remote-as 65102\n neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2A\n neighbor MLAG-IPv4-UNDERLAY-PEER
- password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
- route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.2 description DC1-LEAF2A_Vlan4093\n neighbor 172.31.255.16
- peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.16 remote-as 65001\n neighbor
- 172.31.255.16 description DC1-SPINE1_Ethernet3\n neighbor 172.31.255.18 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.18 remote-as 65001\n neighbor
- 172.31.255.18 description DC1-SPINE2_Ethernet3\n neighbor 172.31.255.20 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.20 remote-as 65001\n neighbor
- 172.31.255.20 description DC1-SPINE3_Ethernet3\n neighbor 172.31.255.22 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.22 remote-as 65001\n neighbor
- 172.31.255.22 description DC1-SPINE4_Ethernet3\n neighbor 192.168.255.1 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor
- 192.168.255.1 description DC1-SPINE1_Loopback0\n neighbor 192.168.255.2 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2 remote-as 65001\n neighbor
- 192.168.255.2 description DC1-SPINE2_Loopback0\n neighbor 192.168.255.3 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3 remote-as 65001\n neighbor
- 192.168.255.3 description DC1-SPINE3_Loopback0\n neighbor 192.168.255.4 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4 remote-as 65001\n neighbor
- 192.168.255.4 description DC1-SPINE4_Loopback0\n redistribute connected route-map
- RM-CONN-2-BGP\n !\n vlan-aware-bundle Tenant_A_APP_Zone\n rd 192.168.255.7:12\n
- \ route-target both 12:12\n redistribute learned\n vlan 130-131\n
- \ !\n vlan-aware-bundle Tenant_A_DB_Zone\n rd 192.168.255.7:13\n route-target
- both 13:13\n redistribute learned\n vlan 140-141\n !\n vlan-aware-bundle
- Tenant_A_OP_Zone\n rd 192.168.255.7:10\n route-target both 10:10\n redistribute
- learned\n vlan 110-111\n !\n vlan-aware-bundle Tenant_A_WEB_Zone\n rd
- 192.168.255.7:11\n route-target both 11:11\n redistribute learned\n
- \ vlan 120-121\n !\n vlan-aware-bundle Tenant_B_OP_Zone\n rd 192.168.255.7:20\n
- \ route-target both 20:20\n redistribute learned\n vlan 210-211\n
- \ !\n vlan-aware-bundle Tenant_C_OP_Zone\n rd 192.168.255.7:30\n route-target
- both 30:30\n redistribute learned\n vlan 310-311\n !\n address-family
- evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n address-family ipv4\n
- \ no neighbor EVPN-OVERLAY-PEERS activate\n neighbor IPv4-UNDERLAY-PEERS
- activate\n neighbor MLAG-IPv4-UNDERLAY-PEER activate\n !\n vrf Tenant_A_APP_Zone\n
- \ rd 192.168.255.7:12\n route-target import evpn 12:12\n route-target
- export evpn 12:12\n router-id 192.168.255.7\n update wait-install\n
- \ neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor
- 10.255.251.2 description DC1-LEAF2A_Vlan3011\n redistribute connected\n !\n
- \ vrf Tenant_A_DB_Zone\n rd 192.168.255.7:13\n route-target import
- evpn 13:13\n route-target export evpn 13:13\n router-id 192.168.255.7\n
+ prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-CONN-2-BGP-VRFS deny 10\n
+ \ match ip address prefix-list PL-MLAG-PEER-VRFS\n!\nroute-map RM-CONN-2-BGP-VRFS
+ permit 20\n!\nroute-map RM-MLAG-PEER-IN permit 10\n description Make routes
+ learned over MLAG Peer-link less preferred on spines to ensure optimal routing\n
+ \ set origin incomplete\n!\nrouter bfd\n multihop interval 1200 min-rx 1200
+ multiplier 3\n!\nrouter bgp 65102\n router-id 192.168.255.7\n maximum-paths
+ 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n distance
+ bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS
+ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS
+ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n
+ \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS
+ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS
+ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n
+ \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-LEAF2A\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ send-community\n neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.2
+ peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.2 description DC1-LEAF2A_Vlan4093\n
+ \ neighbor 172.31.255.16 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.16
+ remote-as 65001\n neighbor 172.31.255.16 description DC1-SPINE1_Ethernet3\n
+ \ neighbor 172.31.255.18 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.18
+ remote-as 65001\n neighbor 172.31.255.18 description DC1-SPINE2_Ethernet3\n
+ \ neighbor 172.31.255.20 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.20
+ remote-as 65001\n neighbor 172.31.255.20 description DC1-SPINE3_Ethernet3\n
+ \ neighbor 172.31.255.22 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.22
+ remote-as 65001\n neighbor 172.31.255.22 description DC1-SPINE4_Ethernet3\n
+ \ neighbor 192.168.255.1 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1
+ remote-as 65001\n neighbor 192.168.255.1 description DC1-SPINE1_Loopback0\n
+ \ neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2
+ remote-as 65001\n neighbor 192.168.255.2 description DC1-SPINE2_Loopback0\n
+ \ neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3
+ remote-as 65001\n neighbor 192.168.255.3 description DC1-SPINE3_Loopback0\n
+ \ neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4
+ remote-as 65001\n neighbor 192.168.255.4 description DC1-SPINE4_Loopback0\n
+ \ redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle
+ Tenant_A_APP_Zone\n rd 192.168.255.7:12\n route-target both 12:12\n
+ \ redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n
+ \ rd 192.168.255.7:13\n route-target both 13:13\n redistribute learned\n
+ \ vlan 140-141\n !\n vlan-aware-bundle Tenant_A_OP_Zone\n rd 192.168.255.7:10\n
+ \ route-target both 10:10\n redistribute learned\n vlan 110-111\n
+ \ !\n vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.7:11\n route-target
+ both 11:11\n redistribute learned\n vlan 120-121\n !\n vlan-aware-bundle
+ Tenant_B_OP_Zone\n rd 192.168.255.7:20\n route-target both 20:20\n redistribute
+ learned\n vlan 210-211\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n rd
+ 192.168.255.7:30\n route-target both 30:30\n redistribute learned\n
+ \ vlan 310-311\n !\n address-family evpn\n neighbor EVPN-OVERLAY-PEERS
+ activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n
+ \ neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ activate\n !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.7:12\n route-target
+ import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.7\n
\ update wait-install\n neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3012\n redistribute
- connected\n !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.7:10\n route-target
- import evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.7\n
+ \ neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3011\n redistribute
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_A_DB_Zone\n rd
+ 192.168.255.7:13\n route-target import evpn 13:13\n route-target export
+ evpn 13:13\n router-id 192.168.255.7\n update wait-install\n neighbor
+ 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.2 description
+ DC1-LEAF2A_Vlan3012\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.7:10\n route-target import
+ evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.7\n
\ update wait-install\n neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3009\n redistribute
- connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.7:11\n route-target
- import evpn 11:11\n route-target export evpn 11:11\n router-id 192.168.255.7\n
- \ update wait-install\n neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3010\n redistribute
- connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.7:20\n route-target
- import evpn 20:20\n route-target export evpn 20:20\n router-id 192.168.255.7\n
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_A_WEB_Zone\n rd
+ 192.168.255.7:11\n route-target import evpn 11:11\n route-target export
+ evpn 11:11\n router-id 192.168.255.7\n update wait-install\n neighbor
+ 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.2 description
+ DC1-LEAF2A_Vlan3010\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.7:20\n route-target import
+ evpn 20:20\n route-target export evpn 20:20\n router-id 192.168.255.7\n
\ update wait-install\n neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3019\n redistribute
- connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.7:30\n route-target
- import evpn 30:30\n route-target export evpn 30:30\n router-id 192.168.255.7\n
- \ update wait-install\n neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3029\n redistribute
- connected\n!\nend\n"
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_C_OP_Zone\n rd
+ 192.168.255.7:30\n route-target import evpn 30:30\n route-target export
+ evpn 30:30\n router-id 192.168.255.7\n update wait-install\n neighbor
+ 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.2 description
+ DC1-LEAF2A_Vlan3029\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n!\nend\n"
AVD_DC1-SPINE1: "!\nno enable password\nno aaa root\n!\nusername admin privilege
15 role network-admin nopassword\nusername cvpadmin privilege 15 role network-admin
secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nmanagement
@@ -1157,102 +1173,107 @@ cvp_configlets:
Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing vrf Tenant_B_WAN_Zone\nip
routing vrf Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n!\nip prefix-list
PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24 eq 32\n seq 20
- permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id DC1_SVC3\n
- \ local-interface Vlan4094\n peer-address 10.255.252.7\n peer-link Port-Channel5\n
- \ reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0
- 192.168.200.5\n!\nntp local-interface vrf MGMT Management1\nntp server vrf MGMT
- 192.168.200.5 prefer\n!\nroute-map RM-CONN-2-BGP permit 10\n match ip address
- prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN permit 10\n
- \ description Make routes learned over MLAG Peer-link less preferred on spines
- to ensure optimal routing\n set origin incomplete\n!\nrouter bfd\n multihop
- interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65103\n router-id 192.168.255.8\n
- \ maximum-paths 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n
- \ distance bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor
- EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n
- \ neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS
- password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS send-community\n
- \ neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS
- peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n
- \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS
- maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER peer group\n neighbor
- MLAG-IPv4-UNDERLAY-PEER remote-as 65103\n neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-SVC3B\n neighbor MLAG-IPv4-UNDERLAY-PEER
- password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
- route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.7 description DC1-SVC3B_Vlan4093\n neighbor 172.31.255.24
- peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.24 remote-as 65001\n neighbor
- 172.31.255.24 description DC1-SPINE1_Ethernet4\n neighbor 172.31.255.26 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.26 remote-as 65001\n neighbor
- 172.31.255.26 description DC1-SPINE2_Ethernet4\n neighbor 172.31.255.28 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.28 remote-as 65001\n neighbor
- 172.31.255.28 description DC1-SPINE3_Ethernet4\n neighbor 172.31.255.30 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.30 remote-as 65001\n neighbor
- 172.31.255.30 description DC1-SPINE4_Ethernet4\n neighbor 192.168.255.1 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor
- 192.168.255.1 description DC1-SPINE1_Loopback0\n neighbor 192.168.255.2 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2 remote-as 65001\n neighbor
- 192.168.255.2 description DC1-SPINE2_Loopback0\n neighbor 192.168.255.3 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3 remote-as 65001\n neighbor
- 192.168.255.3 description DC1-SPINE3_Loopback0\n neighbor 192.168.255.4 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4 remote-as 65001\n neighbor
- 192.168.255.4 description DC1-SPINE4_Loopback0\n redistribute connected route-map
- RM-CONN-2-BGP\n !\n vlan-aware-bundle Tenant_A_APP_Zone\n rd 192.168.255.8:12\n
- \ route-target both 12:12\n redistribute learned\n vlan 130-131\n
- \ !\n vlan-aware-bundle Tenant_A_DB_Zone\n rd 192.168.255.8:13\n route-target
- both 13:13\n redistribute learned\n vlan 140-141\n !\n vlan-aware-bundle
- Tenant_A_OP_Zone\n rd 192.168.255.8:10\n route-target both 10:10\n redistribute
- learned\n vlan 110-111\n !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd
- 192.168.255.8:14\n route-target both 14:14\n redistribute learned\n
- \ vlan 150\n !\n vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.8:11\n
- \ route-target both 11:11\n redistribute learned\n vlan 120-121\n
- \ !\n vlan-aware-bundle Tenant_B_OP_Zone\n rd 192.168.255.8:20\n route-target
- both 20:20\n redistribute learned\n vlan 210-211\n !\n vlan-aware-bundle
- Tenant_B_WAN_Zone\n rd 192.168.255.8:21\n route-target both 21:21\n
- \ redistribute learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n
- \ rd 192.168.255.8:30\n route-target both 30:30\n redistribute learned\n
- \ vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd 192.168.255.8:31\n
- \ route-target both 31:31\n redistribute learned\n vlan 350\n !\n
- \ address-family evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n address-family
- ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n neighbor IPv4-UNDERLAY-PEERS
- activate\n neighbor MLAG-IPv4-UNDERLAY-PEER activate\n !\n vrf Tenant_A_APP_Zone\n
- \ rd 192.168.255.8:12\n route-target import evpn 12:12\n route-target
- export evpn 12:12\n router-id 192.168.255.8\n update wait-install\n
- \ neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor
- 10.255.251.7 description DC1-SVC3B_Vlan3011\n redistribute connected\n !\n
- \ vrf Tenant_A_DB_Zone\n rd 192.168.255.8:13\n route-target import
- evpn 13:13\n route-target export evpn 13:13\n router-id 192.168.255.8\n
+ permit 192.168.254.0/24 eq 32\n!\nip prefix-list PL-MLAG-PEER-VRFS\n seq 10
+ permit 10.255.251.6/31\n!\nmlag configuration\n domain-id DC1_SVC3\n local-interface
+ Vlan4094\n peer-address 10.255.252.7\n peer-link Port-Channel5\n reload-delay
+ mlag 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0 192.168.200.5\n!\nntp
+ local-interface vrf MGMT Management1\nntp server vrf MGMT 192.168.200.5 prefer\n!\nroute-map
+ RM-CONN-2-BGP permit 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map
+ RM-CONN-2-BGP-VRFS deny 10\n match ip address prefix-list PL-MLAG-PEER-VRFS\n!\nroute-map
+ RM-CONN-2-BGP-VRFS permit 20\n!\nroute-map RM-MLAG-PEER-IN permit 10\n description
+ Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal
+ routing\n set origin incomplete\n!\nrouter bfd\n multihop interval 1200 min-rx
+ 1200 multiplier 3\n!\nrouter bgp 65103\n router-id 192.168.255.8\n maximum-paths
+ 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n distance
+ bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS
+ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS
+ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n
+ \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS
+ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS
+ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n
+ \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65103\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-SVC3B\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ send-community\n neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.7
+ peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.7 description DC1-SVC3B_Vlan4093\n
+ \ neighbor 172.31.255.24 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.24
+ remote-as 65001\n neighbor 172.31.255.24 description DC1-SPINE1_Ethernet4\n
+ \ neighbor 172.31.255.26 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.26
+ remote-as 65001\n neighbor 172.31.255.26 description DC1-SPINE2_Ethernet4\n
+ \ neighbor 172.31.255.28 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.28
+ remote-as 65001\n neighbor 172.31.255.28 description DC1-SPINE3_Ethernet4\n
+ \ neighbor 172.31.255.30 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.30
+ remote-as 65001\n neighbor 172.31.255.30 description DC1-SPINE4_Ethernet4\n
+ \ neighbor 192.168.255.1 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1
+ remote-as 65001\n neighbor 192.168.255.1 description DC1-SPINE1_Loopback0\n
+ \ neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2
+ remote-as 65001\n neighbor 192.168.255.2 description DC1-SPINE2_Loopback0\n
+ \ neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3
+ remote-as 65001\n neighbor 192.168.255.3 description DC1-SPINE3_Loopback0\n
+ \ neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4
+ remote-as 65001\n neighbor 192.168.255.4 description DC1-SPINE4_Loopback0\n
+ \ redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle
+ Tenant_A_APP_Zone\n rd 192.168.255.8:12\n route-target both 12:12\n
+ \ redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n
+ \ rd 192.168.255.8:13\n route-target both 13:13\n redistribute learned\n
+ \ vlan 140-141\n !\n vlan-aware-bundle Tenant_A_OP_Zone\n rd 192.168.255.8:10\n
+ \ route-target both 10:10\n redistribute learned\n vlan 110-111\n
+ \ !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd 192.168.255.8:14\n route-target
+ both 14:14\n redistribute learned\n vlan 150\n !\n vlan-aware-bundle
+ Tenant_A_WEB_Zone\n rd 192.168.255.8:11\n route-target both 11:11\n
+ \ redistribute learned\n vlan 120-121\n !\n vlan-aware-bundle Tenant_B_OP_Zone\n
+ \ rd 192.168.255.8:20\n route-target both 20:20\n redistribute learned\n
+ \ vlan 210-211\n !\n vlan-aware-bundle Tenant_B_WAN_Zone\n rd 192.168.255.8:21\n
+ \ route-target both 21:21\n redistribute learned\n vlan 250\n !\n
+ \ vlan-aware-bundle Tenant_C_OP_Zone\n rd 192.168.255.8:30\n route-target
+ both 30:30\n redistribute learned\n vlan 310-311\n !\n vlan-aware-bundle
+ Tenant_C_WAN_Zone\n rd 192.168.255.8:31\n route-target both 31:31\n
+ \ redistribute learned\n vlan 350\n !\n address-family evpn\n neighbor
+ EVPN-OVERLAY-PEERS activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS
+ activate\n neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ activate\n !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.8:12\n route-target
+ import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.8\n
\ update wait-install\n neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.7 description DC1-SVC3B_Vlan3012\n redistribute
- connected\n !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.8:10\n route-target
- import evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.8\n
+ \ neighbor 10.255.251.7 description DC1-SVC3B_Vlan3011\n redistribute
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_A_DB_Zone\n rd
+ 192.168.255.8:13\n route-target import evpn 13:13\n route-target export
+ evpn 13:13\n router-id 192.168.255.8\n update wait-install\n neighbor
+ 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.7 description
+ DC1-SVC3B_Vlan3012\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.8:10\n route-target import
+ evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.8\n
\ update wait-install\n neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.7 description DC1-SVC3B_Vlan3009\n redistribute
- connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.8:14\n route-target
- import evpn 14:14\n route-target export evpn 14:14\n router-id 192.168.255.8\n
- \ update wait-install\n neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.7 description DC1-SVC3B_Vlan3013\n redistribute
- connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.8:11\n route-target
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_A_WAN_Zone\n rd
+ 192.168.255.8:14\n route-target import evpn 14:14\n route-target export
+ evpn 14:14\n router-id 192.168.255.8\n update wait-install\n neighbor
+ 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.7 description
+ DC1-SVC3B_Vlan3013\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.8:11\n route-target
import evpn 11:11\n route-target export evpn 11:11\n router-id 192.168.255.8\n
\ update wait-install\n neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.7 description DC1-SVC3B_Vlan3010\n redistribute
- connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.8:20\n route-target
- import evpn 20:20\n route-target export evpn 20:20\n router-id 192.168.255.8\n
- \ update wait-install\n neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.7 description DC1-SVC3B_Vlan3019\n redistribute
- connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.8:21\n route-target
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_B_OP_Zone\n rd
+ 192.168.255.8:20\n route-target import evpn 20:20\n route-target export
+ evpn 20:20\n router-id 192.168.255.8\n update wait-install\n neighbor
+ 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.7 description
+ DC1-SVC3B_Vlan3019\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.8:21\n route-target
import evpn 21:21\n route-target export evpn 21:21\n router-id 192.168.255.8\n
\ update wait-install\n neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.7 description DC1-SVC3B_Vlan3020\n redistribute
- connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.8:30\n route-target
- import evpn 30:30\n route-target export evpn 30:30\n router-id 192.168.255.8\n
- \ update wait-install\n neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.7 description DC1-SVC3B_Vlan3029\n redistribute
- connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.8:31\n route-target
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_C_OP_Zone\n rd
+ 192.168.255.8:30\n route-target import evpn 30:30\n route-target export
+ evpn 30:30\n router-id 192.168.255.8\n update wait-install\n neighbor
+ 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.7 description
+ DC1-SVC3B_Vlan3029\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.8:31\n route-target
import evpn 31:31\n route-target export evpn 31:31\n router-id 192.168.255.8\n
\ update wait-install\n neighbor 10.255.251.7 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.7 description DC1-SVC3B_Vlan3030\n redistribute
- connected\n!\nend\n"
+ connected route-map RM-CONN-2-BGP-VRFS\n!\nend\n"
AVD_DC1-SVC3B: "!\nno enable password\nno aaa root\n!\nusername admin privilege
15 role network-admin nopassword\nusername cvpadmin privilege 15 role network-admin
secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj.\n!\nmanagement
@@ -1367,102 +1388,107 @@ cvp_configlets:
Tenant_A_WEB_Zone\nip routing vrf Tenant_B_OP_Zone\nip routing vrf Tenant_B_WAN_Zone\nip
routing vrf Tenant_C_OP_Zone\nip routing vrf Tenant_C_WAN_Zone\n!\nip prefix-list
PL-LOOPBACKS-EVPN-OVERLAY\n seq 10 permit 192.168.255.0/24 eq 32\n seq 20
- permit 192.168.254.0/24 eq 32\n!\nmlag configuration\n domain-id DC1_SVC3\n
- \ local-interface Vlan4094\n peer-address 10.255.252.6\n peer-link Port-Channel5\n
- \ reload-delay mlag 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0
- 192.168.200.5\n!\nntp local-interface vrf MGMT Management1\nntp server vrf MGMT
- 192.168.200.5 prefer\n!\nroute-map RM-CONN-2-BGP permit 10\n match ip address
- prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map RM-MLAG-PEER-IN permit 10\n
- \ description Make routes learned over MLAG Peer-link less preferred on spines
- to ensure optimal routing\n set origin incomplete\n!\nrouter bfd\n multihop
- interval 1200 min-rx 1200 multiplier 3\n!\nrouter bgp 65103\n router-id 192.168.255.9\n
- \ maximum-paths 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n
- \ distance bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor
- EVPN-OVERLAY-PEERS update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n
- \ neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS
- password 7 q+VNViP5i4rVjW1cxFv2wA==\n neighbor EVPN-OVERLAY-PEERS send-community\n
- \ neighbor EVPN-OVERLAY-PEERS maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS
- peer group\n neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w==\n
- \ neighbor IPv4-UNDERLAY-PEERS send-community\n neighbor IPv4-UNDERLAY-PEERS
- maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER peer group\n neighbor
- MLAG-IPv4-UNDERLAY-PEER remote-as 65103\n neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-SVC3A\n neighbor MLAG-IPv4-UNDERLAY-PEER
- password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER send-community\n
- \ neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
- route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.6 description DC1-SVC3A_Vlan4093\n neighbor 172.31.255.32
- peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.32 remote-as 65001\n neighbor
- 172.31.255.32 description DC1-SPINE1_Ethernet5\n neighbor 172.31.255.34 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.34 remote-as 65001\n neighbor
- 172.31.255.34 description DC1-SPINE2_Ethernet5\n neighbor 172.31.255.36 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.36 remote-as 65001\n neighbor
- 172.31.255.36 description DC1-SPINE3_Ethernet5\n neighbor 172.31.255.38 peer
- group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.38 remote-as 65001\n neighbor
- 172.31.255.38 description DC1-SPINE4_Ethernet5\n neighbor 192.168.255.1 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1 remote-as 65001\n neighbor
- 192.168.255.1 description DC1-SPINE1_Loopback0\n neighbor 192.168.255.2 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2 remote-as 65001\n neighbor
- 192.168.255.2 description DC1-SPINE2_Loopback0\n neighbor 192.168.255.3 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3 remote-as 65001\n neighbor
- 192.168.255.3 description DC1-SPINE3_Loopback0\n neighbor 192.168.255.4 peer
- group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4 remote-as 65001\n neighbor
- 192.168.255.4 description DC1-SPINE4_Loopback0\n redistribute connected route-map
- RM-CONN-2-BGP\n !\n vlan-aware-bundle Tenant_A_APP_Zone\n rd 192.168.255.9:12\n
- \ route-target both 12:12\n redistribute learned\n vlan 130-131\n
- \ !\n vlan-aware-bundle Tenant_A_DB_Zone\n rd 192.168.255.9:13\n route-target
- both 13:13\n redistribute learned\n vlan 140-141\n !\n vlan-aware-bundle
- Tenant_A_OP_Zone\n rd 192.168.255.9:10\n route-target both 10:10\n redistribute
- learned\n vlan 110-111\n !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd
- 192.168.255.9:14\n route-target both 14:14\n redistribute learned\n
- \ vlan 150\n !\n vlan-aware-bundle Tenant_A_WEB_Zone\n rd 192.168.255.9:11\n
- \ route-target both 11:11\n redistribute learned\n vlan 120-121\n
- \ !\n vlan-aware-bundle Tenant_B_OP_Zone\n rd 192.168.255.9:20\n route-target
- both 20:20\n redistribute learned\n vlan 210-211\n !\n vlan-aware-bundle
- Tenant_B_WAN_Zone\n rd 192.168.255.9:21\n route-target both 21:21\n
- \ redistribute learned\n vlan 250\n !\n vlan-aware-bundle Tenant_C_OP_Zone\n
- \ rd 192.168.255.9:30\n route-target both 30:30\n redistribute learned\n
- \ vlan 310-311\n !\n vlan-aware-bundle Tenant_C_WAN_Zone\n rd 192.168.255.9:31\n
- \ route-target both 31:31\n redistribute learned\n vlan 350\n !\n
- \ address-family evpn\n neighbor EVPN-OVERLAY-PEERS activate\n !\n address-family
- ipv4\n no neighbor EVPN-OVERLAY-PEERS activate\n neighbor IPv4-UNDERLAY-PEERS
- activate\n neighbor MLAG-IPv4-UNDERLAY-PEER activate\n !\n vrf Tenant_A_APP_Zone\n
- \ rd 192.168.255.9:12\n route-target import evpn 12:12\n route-target
- export evpn 12:12\n router-id 192.168.255.9\n update wait-install\n
- \ neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor
- 10.255.251.6 description DC1-SVC3A_Vlan3011\n redistribute connected\n !\n
- \ vrf Tenant_A_DB_Zone\n rd 192.168.255.9:13\n route-target import
- evpn 13:13\n route-target export evpn 13:13\n router-id 192.168.255.9\n
+ permit 192.168.254.0/24 eq 32\n!\nip prefix-list PL-MLAG-PEER-VRFS\n seq 10
+ permit 10.255.251.6/31\n!\nmlag configuration\n domain-id DC1_SVC3\n local-interface
+ Vlan4094\n peer-address 10.255.252.6\n peer-link Port-Channel5\n reload-delay
+ mlag 300\n reload-delay non-mlag 330\n!\nip route vrf MGMT 0.0.0.0/0 192.168.200.5\n!\nntp
+ local-interface vrf MGMT Management1\nntp server vrf MGMT 192.168.200.5 prefer\n!\nroute-map
+ RM-CONN-2-BGP permit 10\n match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY\n!\nroute-map
+ RM-CONN-2-BGP-VRFS deny 10\n match ip address prefix-list PL-MLAG-PEER-VRFS\n!\nroute-map
+ RM-CONN-2-BGP-VRFS permit 20\n!\nroute-map RM-MLAG-PEER-IN permit 10\n description
+ Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal
+ routing\n set origin incomplete\n!\nrouter bfd\n multihop interval 1200 min-rx
+ 1200 multiplier 3\n!\nrouter bgp 65103\n router-id 192.168.255.9\n maximum-paths
+ 4 ecmp 4\n update wait-install\n no bgp default ipv4-unicast\n distance
+ bgp 20 200 200\n neighbor EVPN-OVERLAY-PEERS peer group\n neighbor EVPN-OVERLAY-PEERS
+ update-source Loopback0\n neighbor EVPN-OVERLAY-PEERS bfd\n neighbor EVPN-OVERLAY-PEERS
+ ebgp-multihop 3\n neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA==\n
+ \ neighbor EVPN-OVERLAY-PEERS send-community\n neighbor EVPN-OVERLAY-PEERS
+ maximum-routes 0\n neighbor IPv4-UNDERLAY-PEERS peer group\n neighbor IPv4-UNDERLAY-PEERS
+ password 7 AQQvKeimxJu+uGQ/yYvv9w==\n neighbor IPv4-UNDERLAY-PEERS send-community\n
+ \ neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ peer group\n neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65103\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ next-hop-self\n neighbor MLAG-IPv4-UNDERLAY-PEER description DC1-SVC3A\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ==\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ send-community\n neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000\n neighbor
+ MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in\n neighbor 10.255.251.6
+ peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.6 description DC1-SVC3A_Vlan4093\n
+ \ neighbor 172.31.255.32 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.32
+ remote-as 65001\n neighbor 172.31.255.32 description DC1-SPINE1_Ethernet5\n
+ \ neighbor 172.31.255.34 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.34
+ remote-as 65001\n neighbor 172.31.255.34 description DC1-SPINE2_Ethernet5\n
+ \ neighbor 172.31.255.36 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.36
+ remote-as 65001\n neighbor 172.31.255.36 description DC1-SPINE3_Ethernet5\n
+ \ neighbor 172.31.255.38 peer group IPv4-UNDERLAY-PEERS\n neighbor 172.31.255.38
+ remote-as 65001\n neighbor 172.31.255.38 description DC1-SPINE4_Ethernet5\n
+ \ neighbor 192.168.255.1 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.1
+ remote-as 65001\n neighbor 192.168.255.1 description DC1-SPINE1_Loopback0\n
+ \ neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.2
+ remote-as 65001\n neighbor 192.168.255.2 description DC1-SPINE2_Loopback0\n
+ \ neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.3
+ remote-as 65001\n neighbor 192.168.255.3 description DC1-SPINE3_Loopback0\n
+ \ neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS\n neighbor 192.168.255.4
+ remote-as 65001\n neighbor 192.168.255.4 description DC1-SPINE4_Loopback0\n
+ \ redistribute connected route-map RM-CONN-2-BGP\n !\n vlan-aware-bundle
+ Tenant_A_APP_Zone\n rd 192.168.255.9:12\n route-target both 12:12\n
+ \ redistribute learned\n vlan 130-131\n !\n vlan-aware-bundle Tenant_A_DB_Zone\n
+ \ rd 192.168.255.9:13\n route-target both 13:13\n redistribute learned\n
+ \ vlan 140-141\n !\n vlan-aware-bundle Tenant_A_OP_Zone\n rd 192.168.255.9:10\n
+ \ route-target both 10:10\n redistribute learned\n vlan 110-111\n
+ \ !\n vlan-aware-bundle Tenant_A_WAN_Zone\n rd 192.168.255.9:14\n route-target
+ both 14:14\n redistribute learned\n vlan 150\n !\n vlan-aware-bundle
+ Tenant_A_WEB_Zone\n rd 192.168.255.9:11\n route-target both 11:11\n
+ \ redistribute learned\n vlan 120-121\n !\n vlan-aware-bundle Tenant_B_OP_Zone\n
+ \ rd 192.168.255.9:20\n route-target both 20:20\n redistribute learned\n
+ \ vlan 210-211\n !\n vlan-aware-bundle Tenant_B_WAN_Zone\n rd 192.168.255.9:21\n
+ \ route-target both 21:21\n redistribute learned\n vlan 250\n !\n
+ \ vlan-aware-bundle Tenant_C_OP_Zone\n rd 192.168.255.9:30\n route-target
+ both 30:30\n redistribute learned\n vlan 310-311\n !\n vlan-aware-bundle
+ Tenant_C_WAN_Zone\n rd 192.168.255.9:31\n route-target both 31:31\n
+ \ redistribute learned\n vlan 350\n !\n address-family evpn\n neighbor
+ EVPN-OVERLAY-PEERS activate\n !\n address-family ipv4\n no neighbor EVPN-OVERLAY-PEERS
+ activate\n neighbor IPv4-UNDERLAY-PEERS activate\n neighbor MLAG-IPv4-UNDERLAY-PEER
+ activate\n !\n vrf Tenant_A_APP_Zone\n rd 192.168.255.9:12\n route-target
+ import evpn 12:12\n route-target export evpn 12:12\n router-id 192.168.255.9\n
\ update wait-install\n neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.6 description DC1-SVC3A_Vlan3012\n redistribute
- connected\n !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.9:10\n route-target
- import evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.9\n
+ \ neighbor 10.255.251.6 description DC1-SVC3A_Vlan3011\n redistribute
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_A_DB_Zone\n rd
+ 192.168.255.9:13\n route-target import evpn 13:13\n route-target export
+ evpn 13:13\n router-id 192.168.255.9\n update wait-install\n neighbor
+ 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.6 description
+ DC1-SVC3A_Vlan3012\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_A_OP_Zone\n rd 192.168.255.9:10\n route-target import
+ evpn 10:10\n route-target export evpn 10:10\n router-id 192.168.255.9\n
\ update wait-install\n neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.6 description DC1-SVC3A_Vlan3009\n redistribute
- connected\n !\n vrf Tenant_A_WAN_Zone\n rd 192.168.255.9:14\n route-target
- import evpn 14:14\n route-target export evpn 14:14\n router-id 192.168.255.9\n
- \ update wait-install\n neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.6 description DC1-SVC3A_Vlan3013\n redistribute
- connected\n !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.9:11\n route-target
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_A_WAN_Zone\n rd
+ 192.168.255.9:14\n route-target import evpn 14:14\n route-target export
+ evpn 14:14\n router-id 192.168.255.9\n update wait-install\n neighbor
+ 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.6 description
+ DC1-SVC3A_Vlan3013\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_A_WEB_Zone\n rd 192.168.255.9:11\n route-target
import evpn 11:11\n route-target export evpn 11:11\n router-id 192.168.255.9\n
\ update wait-install\n neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.6 description DC1-SVC3A_Vlan3010\n redistribute
- connected\n !\n vrf Tenant_B_OP_Zone\n rd 192.168.255.9:20\n route-target
- import evpn 20:20\n route-target export evpn 20:20\n router-id 192.168.255.9\n
- \ update wait-install\n neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.6 description DC1-SVC3A_Vlan3019\n redistribute
- connected\n !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.9:21\n route-target
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_B_OP_Zone\n rd
+ 192.168.255.9:20\n route-target import evpn 20:20\n route-target export
+ evpn 20:20\n router-id 192.168.255.9\n update wait-install\n neighbor
+ 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.6 description
+ DC1-SVC3A_Vlan3019\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_B_WAN_Zone\n rd 192.168.255.9:21\n route-target
import evpn 21:21\n route-target export evpn 21:21\n router-id 192.168.255.9\n
\ update wait-install\n neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.6 description DC1-SVC3A_Vlan3020\n redistribute
- connected\n !\n vrf Tenant_C_OP_Zone\n rd 192.168.255.9:30\n route-target
- import evpn 30:30\n route-target export evpn 30:30\n router-id 192.168.255.9\n
- \ update wait-install\n neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n
- \ neighbor 10.255.251.6 description DC1-SVC3A_Vlan3029\n redistribute
- connected\n !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.9:31\n route-target
+ connected route-map RM-CONN-2-BGP-VRFS\n !\n vrf Tenant_C_OP_Zone\n rd
+ 192.168.255.9:30\n route-target import evpn 30:30\n route-target export
+ evpn 30:30\n router-id 192.168.255.9\n update wait-install\n neighbor
+ 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n neighbor 10.255.251.6 description
+ DC1-SVC3A_Vlan3029\n redistribute connected route-map RM-CONN-2-BGP-VRFS\n
+ \ !\n vrf Tenant_C_WAN_Zone\n rd 192.168.255.9:31\n route-target
import evpn 31:31\n route-target export evpn 31:31\n router-id 192.168.255.9\n
\ update wait-install\n neighbor 10.255.251.6 peer group MLAG-IPv4-UNDERLAY-PEER\n
\ neighbor 10.255.251.6 description DC1-SVC3A_Vlan3030\n redistribute
- connected\n!\nend\n"
+ connected route-map RM-CONN-2-BGP-VRFS\n!\nend\n"
cvp_topology:
DC1_BL1:
devices:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/CUSTOM-PYTHON_MODULES-L3LEAF1A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/CUSTOM-PYTHON_MODULES-L3LEAF1A.cfg
index 7f6e76e8e2a..9f426268409 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/CUSTOM-PYTHON_MODULES-L3LEAF1A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/CUSTOM-PYTHON_MODULES-L3LEAF1A.cfg
@@ -133,6 +133,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.240.10/31
+!
mlag configuration
domain-id CUSTOM_PYTHON_MODULES_L3LEAF1
local-interface Vlan4094
@@ -146,6 +149,11 @@ ip route vrf MGMT 0.0.0.0/0 192.168.200.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -211,6 +219,6 @@ router bgp 65101
neighbor 172.16.0.25 remote-as 65103
neighbor 172.16.0.25 peer group IPv4-UNDERLAY-PEERS
neighbor 172.16.0.25 description CUSTOM-PYTHON_MODULES-L3LEAF2_Ethernet1.1_vrf_TEST_VRF
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/CUSTOM-PYTHON_MODULES-L3LEAF1B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/CUSTOM-PYTHON_MODULES-L3LEAF1B.cfg
index 412779a53d6..b91ae57b239 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/CUSTOM-PYTHON_MODULES-L3LEAF1B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/CUSTOM-PYTHON_MODULES-L3LEAF1B.cfg
@@ -122,6 +122,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.240.10/31
+!
mlag configuration
domain-id CUSTOM_PYTHON_MODULES_L3LEAF1
local-interface Vlan4094
@@ -135,6 +138,11 @@ ip route vrf MGMT 0.0.0.0/0 192.168.200.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -194,6 +202,6 @@ router bgp 65101
update wait-install
neighbor 10.255.240.10 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.240.10 description CUSTOM-PYTHON_MODULES-L3LEAF1A_Vlan3000
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/CUSTOM-TEMPLATES-L3LEAF1A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/CUSTOM-TEMPLATES-L3LEAF1A.cfg
index 29a9a1ee052..4760d6453e2 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/CUSTOM-TEMPLATES-L3LEAF1A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/CUSTOM-TEMPLATES-L3LEAF1A.cfg
@@ -146,6 +146,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.240.10/31
+!
mlag configuration
domain-id CUSTOM_TEMPLATES_L3LEAF1
local-interface Vlan4094
@@ -159,6 +162,11 @@ ip route vrf MGMT 0.0.0.0/0 192.168.200.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -218,6 +226,6 @@ router bgp 65101
update wait-install
neighbor 10.255.240.11 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.240.11 description CUSTOM-TEMPLATES-L3LEAF1B_Vlan3000
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/CUSTOM-TEMPLATES-L3LEAF1B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/CUSTOM-TEMPLATES-L3LEAF1B.cfg
index 39b72d92e6d..55c88245c5a 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/CUSTOM-TEMPLATES-L3LEAF1B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/CUSTOM-TEMPLATES-L3LEAF1B.cfg
@@ -156,6 +156,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.240.10/31
+!
mlag configuration
domain-id CUSTOM_TEMPLATES_L3LEAF1
local-interface Vlan4094
@@ -169,6 +172,11 @@ ip route vrf MGMT 0.0.0.0/0 192.168.200.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -228,6 +236,6 @@ router bgp 65101
update wait-install
neighbor 10.255.240.10 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.240.10 description CUSTOM-TEMPLATES-L3LEAF1A_Vlan3000
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3A.cfg
index 1c0e089a63c..fa77c6efa75 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3A.cfg
@@ -872,7 +872,6 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
ip prefix-list PL-MLAG-PEER-VRFS
seq 10 permit 10.255.251.6/31
- seq 20 permit 172.31.11.6/31
!
monitor session MonitoringSessionServer18WithDest mac access-group mac_acl
monitor session MonitoringSessionServer18WithDest source Ethernet25 rx ip access-group MyIpACL priority 5
@@ -1053,7 +1052,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-PEERS
neighbor 10.255.251.7 description DC1-SVC3B
- redistribute connected route-map RM-CONN-2-BGP-VRFS
+ redistribute connected
!
vrf Tenant_A_DB_Zone
rd 65103:13
@@ -1063,7 +1062,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-PEERS
neighbor 10.255.251.7 description DC1-SVC3B
- redistribute connected route-map RM-CONN-2-BGP-VRFS
+ redistribute connected
!
vrf Tenant_A_OP_Zone
rd 65103:9
@@ -1073,7 +1072,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-PEERS
neighbor 10.255.251.7 description DC1-SVC3B
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WAN_Zone
rd 65103:14
@@ -1085,7 +1084,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-PEERS
neighbor 10.255.251.7 description DC1-SVC3B
- redistribute connected route-map RM-CONN-2-BGP-VRFS
+ redistribute connected
!
vrf Tenant_A_WEB_Zone
rd 65103:11
@@ -1095,7 +1094,7 @@ router bgp 65103
update wait-install
neighbor 172.31.11.7 peer group MLAG-PEERS
neighbor 172.31.11.7 description DC1-SVC3B
- redistribute connected route-map RM-CONN-2-BGP-VRFS
+ redistribute connected
!
vrf Tenant_B_OP_Zone
rd 65103:20
@@ -1105,7 +1104,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-PEERS
neighbor 10.255.251.7 description DC1-SVC3B
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 65103:21
@@ -1115,7 +1114,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-PEERS
neighbor 10.255.251.7 description DC1-SVC3B
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 65103:30
@@ -1125,7 +1124,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-PEERS
neighbor 10.255.251.7 description DC1-SVC3B
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 65103:31
@@ -1135,6 +1134,6 @@ router bgp 65103
update wait-install
neighbor 10.255.251.7 peer group MLAG-PEERS
neighbor 10.255.251.7 description DC1-SVC3B
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3B.cfg
index 50b7338bfaf..8e73b31961d 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1-SVC3B.cfg
@@ -838,7 +838,6 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
ip prefix-list PL-MLAG-PEER-VRFS
seq 10 permit 10.255.251.6/31
- seq 20 permit 172.31.11.6/31
!
monitor session MonitoringSessionServer18WithDest ip access-group ip_acl
monitor session MonitoringSessionServer18WithDest source Ethernet25 rx ip access-group MyIpACL priority 5
@@ -1018,7 +1017,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-PEERS
neighbor 10.255.251.6 description DC1-SVC3A
- redistribute connected route-map RM-CONN-2-BGP-VRFS
+ redistribute connected
!
vrf Tenant_A_DB_Zone
rd 65103:13
@@ -1028,7 +1027,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-PEERS
neighbor 10.255.251.6 description DC1-SVC3A
- redistribute connected route-map RM-CONN-2-BGP-VRFS
+ redistribute connected
!
vrf Tenant_A_OP_Zone
rd 65103:9
@@ -1038,7 +1037,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-PEERS
neighbor 10.255.251.6 description DC1-SVC3A
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WAN_Zone
rd 65103:14
@@ -1050,7 +1049,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-PEERS
neighbor 10.255.251.6 description DC1-SVC3A
- redistribute connected route-map RM-CONN-2-BGP-VRFS
+ redistribute connected
!
vrf Tenant_A_WEB_Zone
rd 65103:11
@@ -1060,7 +1059,7 @@ router bgp 65103
update wait-install
neighbor 172.31.11.6 peer group MLAG-PEERS
neighbor 172.31.11.6 description DC1-SVC3A
- redistribute connected route-map RM-CONN-2-BGP-VRFS
+ redistribute connected
!
vrf Tenant_B_OP_Zone
rd 65103:20
@@ -1070,7 +1069,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-PEERS
neighbor 10.255.251.6 description DC1-SVC3A
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 65103:21
@@ -1080,7 +1079,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-PEERS
neighbor 10.255.251.6 description DC1-SVC3A
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 65103:30
@@ -1090,7 +1089,7 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-PEERS
neighbor 10.255.251.6 description DC1-SVC3A
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 65103:31
@@ -1100,6 +1099,6 @@ router bgp 65103
update wait-install
neighbor 10.255.251.6 peer group MLAG-PEERS
neighbor 10.255.251.6 description DC1-SVC3A
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1_UNDEPLOYED_LEAF1A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1_UNDEPLOYED_LEAF1A.cfg
index cc424199403..4fc01cc866e 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1_UNDEPLOYED_LEAF1A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1_UNDEPLOYED_LEAF1A.cfg
@@ -494,7 +494,6 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
ip prefix-list PL-MLAG-PEER-VRFS
seq 10 permit 10.255.251.24/31
- seq 20 permit 172.31.11.24/31
!
mlag configuration
domain-id DC1_UNDEPLOYED_LEAF1
@@ -661,7 +660,7 @@ router bgp 65110
update wait-install
neighbor 10.255.251.25 peer group MLAG-PEERS
neighbor 10.255.251.25 description DC1_UNDEPLOYED_LEAF1B
- redistribute connected route-map RM-CONN-2-BGP-VRFS
+ redistribute connected
!
vrf Tenant_A_DB_Zone
rd 192.168.255.21:13
@@ -671,7 +670,7 @@ router bgp 65110
update wait-install
neighbor 10.255.251.25 peer group MLAG-PEERS
neighbor 10.255.251.25 description DC1_UNDEPLOYED_LEAF1B
- redistribute connected route-map RM-CONN-2-BGP-VRFS
+ redistribute connected
!
vrf Tenant_A_OP_Zone
rd 192.168.255.21:9
@@ -681,7 +680,7 @@ router bgp 65110
update wait-install
neighbor 10.255.251.25 peer group MLAG-PEERS
neighbor 10.255.251.25 description DC1_UNDEPLOYED_LEAF1B
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WAN_Zone
rd 192.168.255.21:14
@@ -693,7 +692,7 @@ router bgp 65110
update wait-install
neighbor 10.255.251.25 peer group MLAG-PEERS
neighbor 10.255.251.25 description DC1_UNDEPLOYED_LEAF1B
- redistribute connected route-map RM-CONN-2-BGP-VRFS
+ redistribute connected
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.21:11
@@ -703,7 +702,7 @@ router bgp 65110
update wait-install
neighbor 172.31.11.25 peer group MLAG-PEERS
neighbor 172.31.11.25 description DC1_UNDEPLOYED_LEAF1B
- redistribute connected route-map RM-CONN-2-BGP-VRFS
+ redistribute connected
!
vrf Tenant_B_OP_Zone
rd 192.168.255.21:20
@@ -713,7 +712,7 @@ router bgp 65110
update wait-install
neighbor 10.255.251.25 peer group MLAG-PEERS
neighbor 10.255.251.25 description DC1_UNDEPLOYED_LEAF1B
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 192.168.255.21:21
@@ -723,7 +722,7 @@ router bgp 65110
update wait-install
neighbor 10.255.251.25 peer group MLAG-PEERS
neighbor 10.255.251.25 description DC1_UNDEPLOYED_LEAF1B
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.21:30
@@ -733,7 +732,7 @@ router bgp 65110
update wait-install
neighbor 10.255.251.25 peer group MLAG-PEERS
neighbor 10.255.251.25 description DC1_UNDEPLOYED_LEAF1B
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 192.168.255.21:31
@@ -743,6 +742,6 @@ router bgp 65110
update wait-install
neighbor 10.255.251.25 peer group MLAG-PEERS
neighbor 10.255.251.25 description DC1_UNDEPLOYED_LEAF1B
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1_UNDEPLOYED_LEAF1B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1_UNDEPLOYED_LEAF1B.cfg
index befde58c932..fab041f9a7b 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1_UNDEPLOYED_LEAF1B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/DC1_UNDEPLOYED_LEAF1B.cfg
@@ -494,7 +494,6 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
ip prefix-list PL-MLAG-PEER-VRFS
seq 10 permit 10.255.251.24/31
- seq 20 permit 172.31.11.24/31
!
mlag configuration
domain-id DC1_UNDEPLOYED_LEAF1
@@ -661,7 +660,7 @@ router bgp 65111
update wait-install
neighbor 10.255.251.24 peer group MLAG-PEERS
neighbor 10.255.251.24 description DC1_UNDEPLOYED_LEAF1A
- redistribute connected route-map RM-CONN-2-BGP-VRFS
+ redistribute connected
!
vrf Tenant_A_DB_Zone
rd 192.168.255.22:13
@@ -671,7 +670,7 @@ router bgp 65111
update wait-install
neighbor 10.255.251.24 peer group MLAG-PEERS
neighbor 10.255.251.24 description DC1_UNDEPLOYED_LEAF1A
- redistribute connected route-map RM-CONN-2-BGP-VRFS
+ redistribute connected
!
vrf Tenant_A_OP_Zone
rd 192.168.255.22:9
@@ -681,7 +680,7 @@ router bgp 65111
update wait-install
neighbor 10.255.251.24 peer group MLAG-PEERS
neighbor 10.255.251.24 description DC1_UNDEPLOYED_LEAF1A
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WAN_Zone
rd 192.168.255.22:14
@@ -693,7 +692,7 @@ router bgp 65111
update wait-install
neighbor 10.255.251.24 peer group MLAG-PEERS
neighbor 10.255.251.24 description DC1_UNDEPLOYED_LEAF1A
- redistribute connected route-map RM-CONN-2-BGP-VRFS
+ redistribute connected
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.22:11
@@ -703,7 +702,7 @@ router bgp 65111
update wait-install
neighbor 172.31.11.24 peer group MLAG-PEERS
neighbor 172.31.11.24 description DC1_UNDEPLOYED_LEAF1A
- redistribute connected route-map RM-CONN-2-BGP-VRFS
+ redistribute connected
!
vrf Tenant_B_OP_Zone
rd 192.168.255.22:20
@@ -713,7 +712,7 @@ router bgp 65111
update wait-install
neighbor 10.255.251.24 peer group MLAG-PEERS
neighbor 10.255.251.24 description DC1_UNDEPLOYED_LEAF1A
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 192.168.255.22:21
@@ -723,7 +722,7 @@ router bgp 65111
update wait-install
neighbor 10.255.251.24 peer group MLAG-PEERS
neighbor 10.255.251.24 description DC1_UNDEPLOYED_LEAF1A
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.22:30
@@ -733,7 +732,7 @@ router bgp 65111
update wait-install
neighbor 10.255.251.24 peer group MLAG-PEERS
neighbor 10.255.251.24 description DC1_UNDEPLOYED_LEAF1A
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 192.168.255.22:31
@@ -743,6 +742,6 @@ router bgp 65111
update wait-install
neighbor 10.255.251.24 peer group MLAG-PEERS
neighbor 10.255.251.24 description DC1_UNDEPLOYED_LEAF1A
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF1A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF1A.cfg
index 9549fa46bcc..3d1d2340e7b 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF1A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF1A.cfg
@@ -853,6 +853,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.0/31
+!
mlag configuration
domain-id EVPN_MULTICAST_L3LEAF1
local-interface Vlan4094
@@ -866,6 +869,11 @@ ip route vrf MGMT 0.0.0.0/0 192.168.200.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -1068,7 +1076,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.1 description EVPN-MULTICAST-L3LEAF1B_Vlan3022
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf MULTICAST_DISABLED_310_311
rd 192.168.255.3:13
@@ -1078,7 +1086,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.1 description EVPN-MULTICAST-L3LEAF1B_Vlan3012
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf MULTICAST_ENABLED_1_2
rd 192.168.255.3:21
@@ -1088,7 +1096,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.1 description EVPN-MULTICAST-L3LEAF1B_Vlan3020
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf MULTICAST_ENABLED_3_DISABLED_4
rd 192.168.255.3:22
@@ -1098,7 +1106,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.1 description EVPN-MULTICAST-L3LEAF1B_Vlan3021
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf MULTICAST_ENABLED_110_111
rd 192.168.255.3:11
@@ -1108,7 +1116,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.1 description EVPN-MULTICAST-L3LEAF1B_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf MULTICAST_ENABLED_210_DISABLED_211
rd 192.168.255.3:12
@@ -1118,7 +1126,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.1 description EVPN-MULTICAST-L3LEAF1B_Vlan3011
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TEN_C_L3_MULTICAST_DISABLED_330_331
rd 192.168.255.3:33
@@ -1128,7 +1136,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.1 description EVPN-MULTICAST-L3LEAF1B_Vlan3032
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TEN_C_L3_MULTICAST_ENABLED_130_131
rd 192.168.255.3:66
@@ -1139,7 +1147,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.1 description EVPN-MULTICAST-L3LEAF1B_Vlan3065
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TEN_C_L3_MULTICAST_ENABLED_230_DISABLED_231
rd 192.168.255.3:32
@@ -1150,7 +1158,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.1 description EVPN-MULTICAST-L3LEAF1B_Vlan3031
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TEN_D_L3_MULTICAST_DISABLED_240_241
rd 192.168.255.3:42
@@ -1160,7 +1168,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.1 description EVPN-MULTICAST-L3LEAF1B_Vlan3041
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TEN_D_L3_MULTICAST_ENABLED_140_DISABLED_141
rd 192.168.255.3:41
@@ -1171,7 +1179,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.1 description EVPN-MULTICAST-L3LEAF1B_Vlan3040
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TEN_E_L3_MULTICAST_ENABLED_PEG_OVERRIDE
rd 192.168.255.3:55
@@ -1182,7 +1190,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.1 description EVPN-MULTICAST-L3LEAF1B_Vlan3054
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TEN_E_L3_MULTICAST_EVPN_PEG_RP_NODES
rd 192.168.255.3:60
@@ -1195,7 +1203,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.1 description EVPN-MULTICAST-L3LEAF1B_Vlan3059
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TEN_E_L3_MULTICAST_TRANSIT
rd 192.168.255.3:52
@@ -1208,7 +1216,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.1 description EVPN-MULTICAST-L3LEAF1B_Vlan3051
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TEN_E_PEG_L3_MULTICAST_ENABLED
rd 192.168.255.3:51
@@ -1219,7 +1227,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.1 description EVPN-MULTICAST-L3LEAF1B_Vlan3050
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
router multicast
ipv4
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF1B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF1B.cfg
index 9d643a214fe..1d71d138f27 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF1B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/EVPN-MULTICAST-L3LEAF1B.cfg
@@ -853,6 +853,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.0/31
+!
mlag configuration
domain-id EVPN_MULTICAST_L3LEAF1
local-interface Vlan4094
@@ -866,6 +869,11 @@ ip route vrf MGMT 0.0.0.0/0 192.168.200.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -1068,7 +1076,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.0 description EVPN-MULTICAST-L3LEAF1A_Vlan3022
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf MULTICAST_DISABLED_310_311
rd 192.168.255.4:13
@@ -1078,7 +1086,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.0 description EVPN-MULTICAST-L3LEAF1A_Vlan3012
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf MULTICAST_ENABLED_1_2
rd 192.168.255.4:21
@@ -1088,7 +1096,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.0 description EVPN-MULTICAST-L3LEAF1A_Vlan3020
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf MULTICAST_ENABLED_3_DISABLED_4
rd 192.168.255.4:22
@@ -1098,7 +1106,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.0 description EVPN-MULTICAST-L3LEAF1A_Vlan3021
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf MULTICAST_ENABLED_110_111
rd 192.168.255.4:11
@@ -1108,7 +1116,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.0 description EVPN-MULTICAST-L3LEAF1A_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf MULTICAST_ENABLED_210_DISABLED_211
rd 192.168.255.4:12
@@ -1118,7 +1126,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.0 description EVPN-MULTICAST-L3LEAF1A_Vlan3011
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TEN_C_L3_MULTICAST_DISABLED_330_331
rd 192.168.255.4:33
@@ -1128,7 +1136,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.0 description EVPN-MULTICAST-L3LEAF1A_Vlan3032
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TEN_C_L3_MULTICAST_ENABLED_130_131
rd 192.168.255.4:66
@@ -1139,7 +1147,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.0 description EVPN-MULTICAST-L3LEAF1A_Vlan3065
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TEN_C_L3_MULTICAST_ENABLED_230_DISABLED_231
rd 192.168.255.4:32
@@ -1150,7 +1158,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.0 description EVPN-MULTICAST-L3LEAF1A_Vlan3031
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TEN_D_L3_MULTICAST_DISABLED_240_241
rd 192.168.255.4:42
@@ -1160,7 +1168,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.0 description EVPN-MULTICAST-L3LEAF1A_Vlan3041
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TEN_D_L3_MULTICAST_ENABLED_140_DISABLED_141
rd 192.168.255.4:41
@@ -1171,7 +1179,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.0 description EVPN-MULTICAST-L3LEAF1A_Vlan3040
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TEN_E_L3_MULTICAST_ENABLED_PEG_OVERRIDE
rd 192.168.255.4:55
@@ -1182,7 +1190,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.0 description EVPN-MULTICAST-L3LEAF1A_Vlan3054
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TEN_E_L3_MULTICAST_EVPN_PEG_RP_NODES
rd 192.168.255.4:60
@@ -1195,7 +1203,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.0 description EVPN-MULTICAST-L3LEAF1A_Vlan3059
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TEN_E_L3_MULTICAST_TRANSIT
rd 192.168.255.4:52
@@ -1208,7 +1216,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.0 description EVPN-MULTICAST-L3LEAF1A_Vlan3051
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TEN_E_PEG_L3_MULTICAST_ENABLED
rd 192.168.255.4:51
@@ -1219,7 +1227,7 @@ router bgp 65101
update wait-install
neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.0 description EVPN-MULTICAST-L3LEAF1A_Vlan3050
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
router multicast
ipv4
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG_SAME_SUBNET_L3LEAF1A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG_SAME_SUBNET_L3LEAF1A.cfg
index 3b4cc75fc8a..cd223323096 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG_SAME_SUBNET_L3LEAF1A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG_SAME_SUBNET_L3LEAF1A.cfg
@@ -115,6 +115,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.10.224.0/30
+!
mlag configuration
domain-id MLAG_SAME_SUBNET_L3LEAF1
local-interface Vlan4094
@@ -126,6 +129,11 @@ mlag configuration
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -179,6 +187,6 @@ router bgp 923
update wait-install
neighbor 10.10.224.2 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.10.224.2 description MLAG_SAME_SUBNET_L3LEAF1B_Vlan3000
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG_SAME_SUBNET_L3LEAF1B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG_SAME_SUBNET_L3LEAF1B.cfg
index c8d19975211..063e7494c95 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG_SAME_SUBNET_L3LEAF1B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG_SAME_SUBNET_L3LEAF1B.cfg
@@ -115,6 +115,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.10.224.0/30
+!
mlag configuration
domain-id MLAG_SAME_SUBNET_L3LEAF1
local-interface Vlan4094
@@ -126,6 +129,11 @@ mlag configuration
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -179,6 +187,6 @@ router bgp 923
update wait-install
neighbor 10.10.224.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.10.224.1 description MLAG_SAME_SUBNET_L3LEAF1A_Vlan3000
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG_SAME_SUBNET_L3LEAF2A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG_SAME_SUBNET_L3LEAF2A.cfg
index 67bed659e13..725fcf65751 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG_SAME_SUBNET_L3LEAF2A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG_SAME_SUBNET_L3LEAF2A.cfg
@@ -115,6 +115,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.10.224.0/30
+!
mlag configuration
domain-id MLAG_SAME_SUBNET_L3LEAF2
local-interface Vlan4094
@@ -126,6 +129,11 @@ mlag configuration
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -179,6 +187,6 @@ router bgp 923
update wait-install
neighbor 10.10.224.2 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.10.224.2 description MLAG_SAME_SUBNET_L3LEAF2B_Vlan3000
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG_SAME_SUBNET_L3LEAF2B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG_SAME_SUBNET_L3LEAF2B.cfg
index da55b6769bb..e47c2ac8e7c 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG_SAME_SUBNET_L3LEAF2B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG_SAME_SUBNET_L3LEAF2B.cfg
@@ -115,6 +115,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.10.224.0/30
+!
mlag configuration
domain-id MLAG_SAME_SUBNET_L3LEAF2
local-interface Vlan4094
@@ -126,6 +129,11 @@ mlag configuration
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -179,6 +187,6 @@ router bgp 923
update wait-install
neighbor 10.10.224.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.10.224.1 description MLAG_SAME_SUBNET_L3LEAF2A_Vlan3000
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/OVERLAY_ROUTING_PROTOCOL_HER_L3LEAF3A.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/OVERLAY_ROUTING_PROTOCOL_HER_L3LEAF3A.cfg
index 7aa2f032eb6..aeed7d2b5ee 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/OVERLAY_ROUTING_PROTOCOL_HER_L3LEAF3A.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/OVERLAY_ROUTING_PROTOCOL_HER_L3LEAF3A.cfg
@@ -125,6 +125,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.254.0/24 eq 32
seq 20 permit 192.168.253.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 192.168.253.4/31
+!
mlag configuration
domain-id OVERLAY_ROUTING_PROTOCOL_HER_L3LEAF3
local-interface Vlan4094
@@ -136,6 +139,11 @@ mlag configuration
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/OVERLAY_ROUTING_PROTOCOL_HER_L3LEAF3B.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/OVERLAY_ROUTING_PROTOCOL_HER_L3LEAF3B.cfg
index 30726e54f0d..7b10ffb5372 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/OVERLAY_ROUTING_PROTOCOL_HER_L3LEAF3B.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/OVERLAY_ROUTING_PROTOCOL_HER_L3LEAF3B.cfg
@@ -125,6 +125,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.254.0/24 eq 32
seq 20 permit 192.168.253.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 192.168.253.4/31
+!
mlag configuration
domain-id OVERLAY_ROUTING_PROTOCOL_HER_L3LEAF3
local-interface Vlan4094
@@ -136,6 +139,11 @@ mlag configuration
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/bgp-from-network-services-1.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/bgp-from-network-services-1.cfg
index db66de6884d..a9871cc726e 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/bgp-from-network-services-1.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/bgp-from-network-services-1.cfg
@@ -75,6 +75,9 @@ interface Vlan4094
ip routing
no ip routing vrf MGMT
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.10.20.0/31
+!
mlag configuration
domain-id GROUP1
local-interface Vlan4094
@@ -85,6 +88,11 @@ mlag configuration
!
ip route 0.0.0.0 10.10.1.1
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -108,7 +116,7 @@ router bgp 65001
neighbor 10.10.1.2 peer group MYPEERGROUP
neighbor 10.10.20.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.10.20.1 description bgp-from-network-services-2_Vlan3099
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
neighbor MLAG-IPv4-UNDERLAY-PEER activate
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/flow-tracking-tests-leaf3.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/flow-tracking-tests-leaf3.cfg
index f55b7f6b313..79332754921 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/flow-tracking-tests-leaf3.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/flow-tracking-tests-leaf3.cfg
@@ -235,6 +235,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.254.1.0/27 eq 32
seq 20 permit 10.254.11.0/27 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.254.1.104/31
+!
mlag configuration
domain-id flow-tracking-tests-leaf-mlag
local-interface Vlan4094
@@ -251,6 +254,11 @@ route-map RM-CONN-2-BGP permit 10
route-map RM-CONN-2-BGP permit 20
match ip address prefix-list PL-L2LEAF-INBAND-MGMT
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -315,6 +323,6 @@ router bgp 65105
router-id 10.254.1.5
neighbor 10.254.1.105 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.254.1.105 description flow-tracking-tests-leaf4_Vlan3000
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/flow-tracking-tests-leaf4.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/flow-tracking-tests-leaf4.cfg
index 9bf78d9da2e..0b3a97e6bc3 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/flow-tracking-tests-leaf4.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/flow-tracking-tests-leaf4.cfg
@@ -235,6 +235,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.254.1.0/27 eq 32
seq 20 permit 10.254.11.0/27 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.254.1.104/31
+!
mlag configuration
domain-id flow-tracking-tests-leaf-mlag
local-interface Vlan4094
@@ -251,6 +254,11 @@ route-map RM-CONN-2-BGP permit 10
route-map RM-CONN-2-BGP permit 20
match ip address prefix-list PL-L2LEAF-INBAND-MGMT
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -315,6 +323,6 @@ router bgp 65105
router-id 10.254.1.6
neighbor 10.254.1.104 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.254.1.104 description flow-tracking-tests-leaf3_Vlan3000
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/inband-mgmt-parent-dualstack1.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/inband-mgmt-parent-dualstack1.cfg
index 1fd751a9271..1688628fcb7 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/inband-mgmt-parent-dualstack1.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/inband-mgmt-parent-dualstack1.cfg
@@ -206,6 +206,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.0.255.0/24 eq 32
seq 20 permit 10.0.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 100.64.1.4/31
+!
ipv6 prefix-list IPv6-PL-L2LEAF-INBAND-MGMT
seq 10 permit 2a00:104::/64
!
@@ -228,6 +231,11 @@ route-map RM-CONN-2-BGP permit 20
route-map RM-CONN-2-BGP permit 60
match ipv6 address prefix-list IPv6-PL-L2LEAF-INBAND-MGMT
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -277,6 +285,6 @@ router bgp 65002
update wait-install
neighbor 100.64.1.5 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 100.64.1.5 description inband-mgmt-parent-dualstack2_Vlan3000
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/inband-mgmt-parent-dualstack2.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/inband-mgmt-parent-dualstack2.cfg
index aec0d515b88..0c329960783 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/inband-mgmt-parent-dualstack2.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/inband-mgmt-parent-dualstack2.cfg
@@ -206,6 +206,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.0.255.0/24 eq 32
seq 20 permit 10.0.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 100.64.1.4/31
+!
ipv6 prefix-list IPv6-PL-L2LEAF-INBAND-MGMT
seq 10 permit 2a00:104::/64
!
@@ -228,6 +231,11 @@ route-map RM-CONN-2-BGP permit 20
route-map RM-CONN-2-BGP permit 60
match ipv6 address prefix-list IPv6-PL-L2LEAF-INBAND-MGMT
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -277,6 +285,6 @@ router bgp 65002
update wait-install
neighbor 100.64.1.4 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 100.64.1.4 description inband-mgmt-parent-dualstack1_Vlan3000
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/ptp-tests-leaf1.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/ptp-tests-leaf1.cfg
index a8862e36df8..c0276faf050 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/ptp-tests-leaf1.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/ptp-tests-leaf1.cfg
@@ -268,6 +268,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.254.1.0/27 eq 32
seq 20 permit 10.254.11.0/27 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.254.1.96/31
+!
mlag configuration
domain-id ptp-test-leaf
local-interface Vlan4094
@@ -281,6 +284,11 @@ ip route vrf MGMT 0.0.0.0/0 192.168.0.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -341,6 +349,6 @@ router bgp 65101
router-id 10.254.1.1
neighbor 10.254.1.97 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.254.1.97 description ptp-tests-leaf2_Vlan3000
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/ptp-tests-leaf2.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/ptp-tests-leaf2.cfg
index 7f157892034..0d53047b885 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/ptp-tests-leaf2.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/ptp-tests-leaf2.cfg
@@ -248,6 +248,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.254.1.0/27 eq 32
seq 20 permit 10.254.11.0/27 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.254.1.96/31
+!
mlag configuration
domain-id ptp-test-leaf
local-interface Vlan4094
@@ -261,6 +264,11 @@ ip route vrf MGMT 0.0.0.0/0 192.168.0.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -321,6 +329,6 @@ router bgp 65102
router-id 10.254.1.2
neighbor 10.254.1.96 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.254.1.96 description ptp-tests-leaf1_Vlan3000
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/sflow-tests-leaf3.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/sflow-tests-leaf3.cfg
index e2827748365..8d147ff489b 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/sflow-tests-leaf3.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/sflow-tests-leaf3.cfg
@@ -215,6 +215,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.254.1.0/27 eq 32
seq 20 permit 10.254.11.0/27 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.254.1.104/31
+!
mlag configuration
domain-id sflow-tests-leaf-mlag
local-interface Vlan4094
@@ -231,6 +234,11 @@ route-map RM-CONN-2-BGP permit 10
route-map RM-CONN-2-BGP permit 20
match ip address prefix-list PL-L2LEAF-INBAND-MGMT
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -292,6 +300,6 @@ router bgp 65105
router-id 10.254.1.5
neighbor 10.254.1.105 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.254.1.105 description sflow-tests-leaf4_Vlan3000
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/sflow-tests-leaf4.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/sflow-tests-leaf4.cfg
index ea6aa23165b..a53b2fc7463 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/sflow-tests-leaf4.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/sflow-tests-leaf4.cfg
@@ -215,6 +215,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 10.254.1.0/27 eq 32
seq 20 permit 10.254.11.0/27 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.254.1.104/31
+!
mlag configuration
domain-id sflow-tests-leaf-mlag
local-interface Vlan4094
@@ -231,6 +234,11 @@ route-map RM-CONN-2-BGP permit 10
route-map RM-CONN-2-BGP permit 20
match ip address prefix-list PL-L2LEAF-INBAND-MGMT
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -292,6 +300,6 @@ router bgp 65105
router-id 10.254.1.6
neighbor 10.254.1.104 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.254.1.104 description sflow-tests-leaf3_Vlan3000
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/trunk-group-tests-l3leaf1a.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/trunk-group-tests-l3leaf1a.cfg
index 2e0dc05dea4..9549cb70d46 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/trunk-group-tests-l3leaf1a.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/trunk-group-tests-l3leaf1a.cfg
@@ -288,6 +288,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.250.0/24 eq 32
seq 20 permit 192.168.249.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.247.0/31
+!
mlag configuration
domain-id TRUNK_GROUP_TESTS_L3LEAF1
local-interface Vlan4094
@@ -301,6 +304,11 @@ ip route vrf MGMT 0.0.0.0/0 1.1.1.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -399,7 +407,7 @@ router bgp 65001
update wait-install
neighbor 10.255.247.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.247.1 description trunk-group-tests-l3leaf1b_Vlan3099
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TG_200
rd 192.168.250.9:200
@@ -409,7 +417,7 @@ router bgp 65001
update wait-install
neighbor 10.255.247.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.247.1 description trunk-group-tests-l3leaf1b_Vlan3199
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TG_300
rd 192.168.250.9:300
@@ -419,6 +427,6 @@ router bgp 65001
update wait-install
neighbor 10.255.247.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.247.1 description trunk-group-tests-l3leaf1b_Vlan3299
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/trunk-group-tests-l3leaf1b.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/trunk-group-tests-l3leaf1b.cfg
index 3961f1731a8..fda4deaf74a 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/trunk-group-tests-l3leaf1b.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/trunk-group-tests-l3leaf1b.cfg
@@ -269,6 +269,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.250.0/24 eq 32
seq 20 permit 192.168.249.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.247.0/31
+!
mlag configuration
domain-id TRUNK_GROUP_TESTS_L3LEAF1
local-interface Vlan4094
@@ -282,6 +285,11 @@ ip route vrf MGMT 0.0.0.0/0 1.1.1.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -380,7 +388,7 @@ router bgp 65001
update wait-install
neighbor 10.255.247.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.247.0 description trunk-group-tests-l3leaf1a_Vlan3099
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TG_200
rd 192.168.250.10:200
@@ -390,7 +398,7 @@ router bgp 65001
update wait-install
neighbor 10.255.247.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.247.0 description trunk-group-tests-l3leaf1a_Vlan3199
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf TG_300
rd 192.168.250.10:300
@@ -400,6 +408,6 @@ router bgp 65001
update wait-install
neighbor 10.255.247.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.247.0 description trunk-group-tests-l3leaf1a_Vlan3299
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/trunk-group-tests-l3leaf2a.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/trunk-group-tests-l3leaf2a.cfg
index be6f670099e..3d10d6d51d6 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/trunk-group-tests-l3leaf2a.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/trunk-group-tests-l3leaf2a.cfg
@@ -134,6 +134,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.250.0/24 eq 32
seq 20 permit 192.168.249.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.247.4/31
+!
mlag configuration
domain-id TRUNK_GROUP_TESTS_L3LEAF2
local-interface Vlan4094
@@ -147,6 +150,11 @@ ip route vrf MGMT 0.0.0.0/0 1.1.1.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -205,6 +213,6 @@ router bgp 65002
update wait-install
neighbor 10.255.247.5 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.247.5 description trunk-group-tests-l3leaf2b_Vlan3199
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/trunk-group-tests-l3leaf2b.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/trunk-group-tests-l3leaf2b.cfg
index f3bb376cf8b..bd1061baa7c 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/trunk-group-tests-l3leaf2b.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/trunk-group-tests-l3leaf2b.cfg
@@ -130,6 +130,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.250.0/24 eq 32
seq 20 permit 192.168.249.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.247.4/31
+!
mlag configuration
domain-id TRUNK_GROUP_TESTS_L3LEAF2
local-interface Vlan4094
@@ -143,6 +146,11 @@ ip route vrf MGMT 0.0.0.0/0 1.1.1.1
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -201,6 +209,6 @@ router bgp 65002
update wait-install
neighbor 10.255.247.4 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.247.4 description trunk-group-tests-l3leaf2a_Vlan3199
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/CUSTOM-PYTHON_MODULES-L3LEAF1A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/CUSTOM-PYTHON_MODULES-L3LEAF1A.yml
index 4c7638b29e3..54f223ff8dd 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/CUSTOM-PYTHON_MODULES-L3LEAF1A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/CUSTOM-PYTHON_MODULES-L3LEAF1A.yml
@@ -85,6 +85,7 @@ router_bgp:
- '1:1'
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
updates:
wait_install: true
address_family_evpn:
@@ -259,6 +260,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: TEST_CUSTOM_PREFIX_EVPN_Overlay_Peering_L3LEAF
@@ -275,6 +284,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.240.10/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/CUSTOM-PYTHON_MODULES-L3LEAF1B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/CUSTOM-PYTHON_MODULES-L3LEAF1B.yml
index 185b05d8f95..1ce661d0455 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/CUSTOM-PYTHON_MODULES-L3LEAF1B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/CUSTOM-PYTHON_MODULES-L3LEAF1B.yml
@@ -76,6 +76,7 @@ router_bgp:
router_id: 192.168.255.22
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.240.10
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -235,6 +236,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: TEST_CUSTOM_PREFIX_EVPN_Overlay_Peering_L3LEAF
@@ -251,6 +260,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.240.10/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/CUSTOM-TEMPLATES-L3LEAF1A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/CUSTOM-TEMPLATES-L3LEAF1A.yml
index 8f738310dfe..b82c6a60076 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/CUSTOM-TEMPLATES-L3LEAF1A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/CUSTOM-TEMPLATES-L3LEAF1A.yml
@@ -76,6 +76,7 @@ router_bgp:
router_id: 192.168.255.21
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.240.11
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -271,6 +272,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: TEST_CUSTOM_PREFIX_EVPN_Overlay_Peering_L3LEAF
@@ -287,6 +296,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.240.10/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/CUSTOM-TEMPLATES-L3LEAF1B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/CUSTOM-TEMPLATES-L3LEAF1B.yml
index f8a98c5e736..2f653484811 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/CUSTOM-TEMPLATES-L3LEAF1B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/CUSTOM-TEMPLATES-L3LEAF1B.yml
@@ -76,6 +76,7 @@ router_bgp:
router_id: 192.168.255.22
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.240.10
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -286,6 +287,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: TEST_CUSTOM_PREFIX_EVPN_Overlay_Peering_L3LEAF
@@ -302,6 +311,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.240.10/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml
index 52c14cfafae..8a13351dee4 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3A.yml
@@ -116,7 +116,6 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
- route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.7
peer_group: MLAG-PEERS
@@ -137,7 +136,6 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
- route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.7
peer_group: MLAG-PEERS
@@ -158,6 +156,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.7
peer_group: MLAG-PEERS
@@ -180,7 +179,6 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
- route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.7
peer_group: MLAG-PEERS
@@ -201,7 +199,6 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
- route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 172.31.11.7
peer_group: MLAG-PEERS
@@ -222,6 +219,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.7
peer_group: MLAG-PEERS
@@ -242,6 +240,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.7
peer_group: MLAG-PEERS
@@ -262,6 +261,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.7
peer_group: MLAG-PEERS
@@ -282,6 +282,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.7
peer_group: MLAG-PEERS
@@ -1582,8 +1583,6 @@ prefix_lists:
sequence_numbers:
- sequence: 10
action: permit 10.255.251.6/31
- - sequence: 20
- action: permit 172.31.11.6/31
router_bfd:
multihop:
interval: 1200
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml
index 8c295031512..a923be5b895 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1-SVC3B.yml
@@ -116,7 +116,6 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
- route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.6
peer_group: MLAG-PEERS
@@ -137,7 +136,6 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
- route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.6
peer_group: MLAG-PEERS
@@ -158,6 +156,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.6
peer_group: MLAG-PEERS
@@ -180,7 +179,6 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
- route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.6
peer_group: MLAG-PEERS
@@ -201,7 +199,6 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
- route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 172.31.11.6
peer_group: MLAG-PEERS
@@ -222,6 +219,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.6
peer_group: MLAG-PEERS
@@ -242,6 +240,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.6
peer_group: MLAG-PEERS
@@ -262,6 +261,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.6
peer_group: MLAG-PEERS
@@ -282,6 +282,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.6
peer_group: MLAG-PEERS
@@ -1531,8 +1532,6 @@ prefix_lists:
sequence_numbers:
- sequence: 10
action: permit 10.255.251.6/31
- - sequence: 20
- action: permit 172.31.11.6/31
router_bfd:
multihop:
interval: 1200
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1_UNDEPLOYED_LEAF1A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1_UNDEPLOYED_LEAF1A.yml
index bb939559fcf..b637f9ce1e9 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1_UNDEPLOYED_LEAF1A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1_UNDEPLOYED_LEAF1A.yml
@@ -116,7 +116,6 @@ router_bgp:
router_id: 192.168.255.21
redistribute_routes:
- source_protocol: connected
- route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.25
peer_group: MLAG-PEERS
@@ -137,7 +136,6 @@ router_bgp:
router_id: 192.168.255.21
redistribute_routes:
- source_protocol: connected
- route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.25
peer_group: MLAG-PEERS
@@ -158,6 +156,7 @@ router_bgp:
router_id: 192.168.255.21
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.25
peer_group: MLAG-PEERS
@@ -180,7 +179,6 @@ router_bgp:
router_id: 192.168.255.21
redistribute_routes:
- source_protocol: connected
- route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.25
peer_group: MLAG-PEERS
@@ -201,7 +199,6 @@ router_bgp:
router_id: 192.168.255.21
redistribute_routes:
- source_protocol: connected
- route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 172.31.11.25
peer_group: MLAG-PEERS
@@ -222,6 +219,7 @@ router_bgp:
router_id: 192.168.255.21
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.25
peer_group: MLAG-PEERS
@@ -242,6 +240,7 @@ router_bgp:
router_id: 192.168.255.21
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.25
peer_group: MLAG-PEERS
@@ -262,6 +261,7 @@ router_bgp:
router_id: 192.168.255.21
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.25
peer_group: MLAG-PEERS
@@ -282,6 +282,7 @@ router_bgp:
router_id: 192.168.255.21
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.25
peer_group: MLAG-PEERS
@@ -990,8 +991,6 @@ prefix_lists:
sequence_numbers:
- sequence: 10
action: permit 10.255.251.24/31
- - sequence: 20
- action: permit 172.31.11.24/31
router_bfd:
multihop:
interval: 1200
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1_UNDEPLOYED_LEAF1B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1_UNDEPLOYED_LEAF1B.yml
index 31591aa6859..87397be7ec5 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1_UNDEPLOYED_LEAF1B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/DC1_UNDEPLOYED_LEAF1B.yml
@@ -116,7 +116,6 @@ router_bgp:
router_id: 192.168.255.22
redistribute_routes:
- source_protocol: connected
- route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.24
peer_group: MLAG-PEERS
@@ -137,7 +136,6 @@ router_bgp:
router_id: 192.168.255.22
redistribute_routes:
- source_protocol: connected
- route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.24
peer_group: MLAG-PEERS
@@ -158,6 +156,7 @@ router_bgp:
router_id: 192.168.255.22
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.24
peer_group: MLAG-PEERS
@@ -180,7 +179,6 @@ router_bgp:
router_id: 192.168.255.22
redistribute_routes:
- source_protocol: connected
- route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.24
peer_group: MLAG-PEERS
@@ -201,7 +199,6 @@ router_bgp:
router_id: 192.168.255.22
redistribute_routes:
- source_protocol: connected
- route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 172.31.11.24
peer_group: MLAG-PEERS
@@ -222,6 +219,7 @@ router_bgp:
router_id: 192.168.255.22
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.24
peer_group: MLAG-PEERS
@@ -242,6 +240,7 @@ router_bgp:
router_id: 192.168.255.22
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.24
peer_group: MLAG-PEERS
@@ -262,6 +261,7 @@ router_bgp:
router_id: 192.168.255.22
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.24
peer_group: MLAG-PEERS
@@ -282,6 +282,7 @@ router_bgp:
router_id: 192.168.255.22
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.24
peer_group: MLAG-PEERS
@@ -990,8 +991,6 @@ prefix_lists:
sequence_numbers:
- sequence: 10
action: permit 10.255.251.24/31
- - sequence: 20
- action: permit 172.31.11.24/31
router_bfd:
multihop:
interval: 1200
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF1A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF1A.yml
index c99963a739a..d65ed1ae678 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF1A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF1A.yml
@@ -76,6 +76,7 @@ router_bgp:
router_id: 192.168.255.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -96,6 +97,7 @@ router_bgp:
router_id: 192.168.255.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -116,6 +118,7 @@ router_bgp:
router_id: 192.168.255.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -136,6 +139,7 @@ router_bgp:
router_id: 192.168.255.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -156,6 +160,7 @@ router_bgp:
router_id: 192.168.255.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -176,6 +181,7 @@ router_bgp:
router_id: 192.168.255.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -197,6 +203,7 @@ router_bgp:
router_id: 192.168.255.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -218,6 +225,7 @@ router_bgp:
router_id: 192.168.255.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -239,6 +247,7 @@ router_bgp:
router_id: 192.168.255.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -260,6 +269,7 @@ router_bgp:
router_id: 192.168.255.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -281,6 +291,7 @@ router_bgp:
router_id: 192.168.255.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -302,6 +313,7 @@ router_bgp:
router_id: 192.168.255.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -326,6 +338,7 @@ router_bgp:
router_id: 192.168.255.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -350,6 +363,7 @@ router_bgp:
router_id: 192.168.255.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -371,6 +385,7 @@ router_bgp:
router_id: 192.168.255.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -1417,6 +1432,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -1478,6 +1501,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.251.0/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF1B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF1B.yml
index 0d444f453ae..a2ad6d48867 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF1B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/EVPN-MULTICAST-L3LEAF1B.yml
@@ -76,6 +76,7 @@ router_bgp:
router_id: 192.168.255.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.0
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -96,6 +97,7 @@ router_bgp:
router_id: 192.168.255.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.0
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -116,6 +118,7 @@ router_bgp:
router_id: 192.168.255.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.0
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -136,6 +139,7 @@ router_bgp:
router_id: 192.168.255.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.0
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -156,6 +160,7 @@ router_bgp:
router_id: 192.168.255.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.0
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -176,6 +181,7 @@ router_bgp:
router_id: 192.168.255.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.0
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -197,6 +203,7 @@ router_bgp:
router_id: 192.168.255.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.0
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -218,6 +225,7 @@ router_bgp:
router_id: 192.168.255.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.0
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -239,6 +247,7 @@ router_bgp:
router_id: 192.168.255.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.0
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -260,6 +269,7 @@ router_bgp:
router_id: 192.168.255.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.0
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -281,6 +291,7 @@ router_bgp:
router_id: 192.168.255.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.0
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -302,6 +313,7 @@ router_bgp:
router_id: 192.168.255.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.0
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -326,6 +338,7 @@ router_bgp:
router_id: 192.168.255.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.0
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -350,6 +363,7 @@ router_bgp:
router_id: 192.168.255.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.0
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -371,6 +385,7 @@ router_bgp:
router_id: 192.168.255.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.0
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -1417,6 +1432,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -1478,6 +1501,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.251.0/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/MLAG_SAME_SUBNET_L3LEAF1A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/MLAG_SAME_SUBNET_L3LEAF1A.yml
index fd8ae6ca6fa..101a416f0f7 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/MLAG_SAME_SUBNET_L3LEAF1A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/MLAG_SAME_SUBNET_L3LEAF1A.yml
@@ -66,6 +66,7 @@ router_bgp:
router_id: 192.168.255.32
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.10.224.2
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -209,6 +210,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -225,6 +234,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.10.224.0/30
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/MLAG_SAME_SUBNET_L3LEAF1B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/MLAG_SAME_SUBNET_L3LEAF1B.yml
index b9a2b2341ab..6eb318bea31 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/MLAG_SAME_SUBNET_L3LEAF1B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/MLAG_SAME_SUBNET_L3LEAF1B.yml
@@ -66,6 +66,7 @@ router_bgp:
router_id: 192.168.255.33
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.10.224.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -209,6 +210,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -225,6 +234,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.10.224.0/30
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/MLAG_SAME_SUBNET_L3LEAF2A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/MLAG_SAME_SUBNET_L3LEAF2A.yml
index 02a4d97b569..4810062dff0 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/MLAG_SAME_SUBNET_L3LEAF2A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/MLAG_SAME_SUBNET_L3LEAF2A.yml
@@ -66,6 +66,7 @@ router_bgp:
router_id: 192.168.255.34
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.10.224.2
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -209,6 +210,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -225,6 +234,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.10.224.0/30
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/MLAG_SAME_SUBNET_L3LEAF2B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/MLAG_SAME_SUBNET_L3LEAF2B.yml
index 4a47dcc3820..241def440bd 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/MLAG_SAME_SUBNET_L3LEAF2B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/MLAG_SAME_SUBNET_L3LEAF2B.yml
@@ -66,6 +66,7 @@ router_bgp:
router_id: 192.168.255.35
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.10.224.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -209,6 +210,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -225,6 +234,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.10.224.0/30
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/OVERLAY_ROUTING_PROTOCOL_HER_L3LEAF3A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/OVERLAY_ROUTING_PROTOCOL_HER_L3LEAF3A.yml
index 6100ff56aea..12f3be88172 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/OVERLAY_ROUTING_PROTOCOL_HER_L3LEAF3A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/OVERLAY_ROUTING_PROTOCOL_HER_L3LEAF3A.yml
@@ -178,6 +178,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -194,6 +202,10 @@ prefix_lists:
action: permit 192.168.254.0/24 eq 32
- sequence: 20
action: permit 192.168.253.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 192.168.253.4/31
ip_igmp_snooping:
globally_enabled: true
vxlan_interface:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/OVERLAY_ROUTING_PROTOCOL_HER_L3LEAF3B.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/OVERLAY_ROUTING_PROTOCOL_HER_L3LEAF3B.yml
index abf2707b752..85e6b9f9459 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/OVERLAY_ROUTING_PROTOCOL_HER_L3LEAF3B.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/OVERLAY_ROUTING_PROTOCOL_HER_L3LEAF3B.yml
@@ -178,6 +178,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -194,6 +202,10 @@ prefix_lists:
action: permit 192.168.254.0/24 eq 32
- sequence: 20
action: permit 192.168.253.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 192.168.253.4/31
ip_igmp_snooping:
globally_enabled: true
vxlan_interface:
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/bgp-from-network-services-1.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/bgp-from-network-services-1.yml
index b6b48088f1c..574ab57c63a 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/bgp-from-network-services-1.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/bgp-from-network-services-1.yml
@@ -26,6 +26,7 @@ router_bgp:
route_map_in: RM-MLAG-PEER-IN
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.10.20.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -144,7 +145,20 @@ route_maps:
set:
- origin incomplete
description: Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
static_routes:
- destination_address_prefix: 0.0.0.0
gateway: 10.10.1.1
vrf: default
+prefix_lists:
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.10.20.0/31
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/flow-tracking-tests-leaf3.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/flow-tracking-tests-leaf3.yml
index e2655327494..6a53356ecd3 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/flow-tracking-tests-leaf3.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/flow-tracking-tests-leaf3.yml
@@ -85,6 +85,7 @@ router_bgp:
router_id: 10.254.1.5
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.254.1.105
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -370,6 +371,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-L2LEAF-INBAND-MGMT
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -386,6 +395,10 @@ prefix_lists:
action: permit 10.254.1.0/27 eq 32
- sequence: 20
action: permit 10.254.11.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.254.1.104/31
- name: PL-L2LEAF-INBAND-MGMT
sequence_numbers:
- sequence: 10
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/flow-tracking-tests-leaf4.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/flow-tracking-tests-leaf4.yml
index 9fd10684a97..3288cc44ed5 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/flow-tracking-tests-leaf4.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/flow-tracking-tests-leaf4.yml
@@ -85,6 +85,7 @@ router_bgp:
router_id: 10.254.1.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.254.1.104
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -370,6 +371,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-L2LEAF-INBAND-MGMT
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -386,6 +395,10 @@ prefix_lists:
action: permit 10.254.1.0/27 eq 32
- sequence: 20
action: permit 10.254.11.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.254.1.104/31
- name: PL-L2LEAF-INBAND-MGMT
sequence_numbers:
- sequence: 10
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/inband-mgmt-parent-dualstack1.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/inband-mgmt-parent-dualstack1.yml
index 185018ab6cb..7446841ac38 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/inband-mgmt-parent-dualstack1.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/inband-mgmt-parent-dualstack1.yml
@@ -67,6 +67,7 @@ router_bgp:
router_id: 10.0.255.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 100.64.1.5
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -348,6 +349,14 @@ route_maps:
type: permit
match:
- ipv6 address prefix-list IPv6-PL-L2LEAF-INBAND-MGMT
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -364,6 +373,10 @@ prefix_lists:
action: permit 10.0.255.0/24 eq 32
- sequence: 20
action: permit 10.0.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 100.64.1.4/31
- name: PL-L2LEAF-INBAND-MGMT
sequence_numbers:
- sequence: 10
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/inband-mgmt-parent-dualstack2.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/inband-mgmt-parent-dualstack2.yml
index 91b872c68d2..f04771204f6 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/inband-mgmt-parent-dualstack2.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/inband-mgmt-parent-dualstack2.yml
@@ -67,6 +67,7 @@ router_bgp:
router_id: 10.0.255.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 100.64.1.4
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -348,6 +349,14 @@ route_maps:
type: permit
match:
- ipv6 address prefix-list IPv6-PL-L2LEAF-INBAND-MGMT
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -364,6 +373,10 @@ prefix_lists:
action: permit 10.0.255.0/24 eq 32
- sequence: 20
action: permit 10.0.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 100.64.1.4/31
- name: PL-L2LEAF-INBAND-MGMT
sequence_numbers:
- sequence: 10
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/ptp-tests-leaf1.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/ptp-tests-leaf1.yml
index 4670b43537c..c8c4fcfdf46 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/ptp-tests-leaf1.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/ptp-tests-leaf1.yml
@@ -79,6 +79,7 @@ router_bgp:
router_id: 10.254.1.1
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.254.1.97
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -446,6 +447,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -462,6 +471,10 @@ prefix_lists:
action: permit 10.254.1.0/27 eq 32
- sequence: 20
action: permit 10.254.11.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.254.1.96/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/ptp-tests-leaf2.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/ptp-tests-leaf2.yml
index 6545bd33143..ef0c343fdcd 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/ptp-tests-leaf2.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/ptp-tests-leaf2.yml
@@ -79,6 +79,7 @@ router_bgp:
router_id: 10.254.1.2
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.254.1.96
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -417,6 +418,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -433,6 +442,10 @@ prefix_lists:
action: permit 10.254.1.0/27 eq 32
- sequence: 20
action: permit 10.254.11.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.254.1.96/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/sflow-tests-leaf3.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/sflow-tests-leaf3.yml
index 9c4bc1fe8bd..50bfd7b85aa 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/sflow-tests-leaf3.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/sflow-tests-leaf3.yml
@@ -80,6 +80,7 @@ router_bgp:
router_id: 10.254.1.5
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.254.1.105
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -354,6 +355,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-L2LEAF-INBAND-MGMT
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -370,6 +379,10 @@ prefix_lists:
action: permit 10.254.1.0/27 eq 32
- sequence: 20
action: permit 10.254.11.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.254.1.104/31
- name: PL-L2LEAF-INBAND-MGMT
sequence_numbers:
- sequence: 10
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/sflow-tests-leaf4.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/sflow-tests-leaf4.yml
index a6843574b64..1be6e438c82 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/sflow-tests-leaf4.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/sflow-tests-leaf4.yml
@@ -80,6 +80,7 @@ router_bgp:
router_id: 10.254.1.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.254.1.104
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -354,6 +355,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-L2LEAF-INBAND-MGMT
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -370,6 +379,10 @@ prefix_lists:
action: permit 10.254.1.0/27 eq 32
- sequence: 20
action: permit 10.254.11.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.254.1.104/31
- name: PL-L2LEAF-INBAND-MGMT
sequence_numbers:
- sequence: 10
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/trunk-group-tests-l3leaf1a.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/trunk-group-tests-l3leaf1a.yml
index 5a43d23fa61..bffe9995adf 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/trunk-group-tests-l3leaf1a.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/trunk-group-tests-l3leaf1a.yml
@@ -66,6 +66,7 @@ router_bgp:
router_id: 192.168.250.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.247.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -86,6 +87,7 @@ router_bgp:
router_id: 192.168.250.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.247.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -106,6 +108,7 @@ router_bgp:
router_id: 192.168.250.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.247.1
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -540,6 +543,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -556,6 +567,10 @@ prefix_lists:
action: permit 192.168.250.0/24 eq 32
- sequence: 20
action: permit 192.168.249.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.247.0/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/trunk-group-tests-l3leaf1b.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/trunk-group-tests-l3leaf1b.yml
index 753b4217837..73d5806c360 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/trunk-group-tests-l3leaf1b.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/trunk-group-tests-l3leaf1b.yml
@@ -66,6 +66,7 @@ router_bgp:
router_id: 192.168.250.10
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.247.0
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -86,6 +87,7 @@ router_bgp:
router_id: 192.168.250.10
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.247.0
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -106,6 +108,7 @@ router_bgp:
router_id: 192.168.250.10
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.247.0
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -516,6 +519,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -532,6 +543,10 @@ prefix_lists:
action: permit 192.168.250.0/24 eq 32
- sequence: 20
action: permit 192.168.249.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.247.0/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/trunk-group-tests-l3leaf2a.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/trunk-group-tests-l3leaf2a.yml
index 0e6250b1c37..0c44c549109 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/trunk-group-tests-l3leaf2a.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/trunk-group-tests-l3leaf2a.yml
@@ -66,6 +66,7 @@ router_bgp:
router_id: 192.168.250.11
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.247.5
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -248,6 +249,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -264,6 +273,10 @@ prefix_lists:
action: permit 192.168.250.0/24 eq 32
- sequence: 20
action: permit 192.168.249.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.247.4/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/trunk-group-tests-l3leaf2b.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/trunk-group-tests-l3leaf2b.yml
index 9e80c8b6c73..1ebb20a9144 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/trunk-group-tests-l3leaf2b.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/trunk-group-tests-l3leaf2b.yml
@@ -66,6 +66,7 @@ router_bgp:
router_id: 192.168.250.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.247.4
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -244,6 +245,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -260,6 +269,10 @@ prefix_lists:
action: permit 192.168.250.0/24 eq 32
- sequence: 20
action: permit 192.168.249.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.247.4/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_A.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_A.yml
index 66d7bbc1986..11a22332079 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_A.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/DC1_TENANTS_NETWORKS/Tenant_A.yml
@@ -2,7 +2,7 @@ tenant_a:
- name: Tenant_A
mac_vrf_vni_base: 10000
mac_vrf_id_base: 20000
- redistribute_mlag_ibgp_peering_vrfs: false
+ redistribute_mlag_ibgp_peering_vrfs: true
vrfs:
- name: Tenant_A_OP_Zone
description: "Tenant_A_OP_Zone"
@@ -11,7 +11,7 @@ tenant_a:
vtep_diagnostic:
loopback: 100
loopback_ip_range: 10.255.1.0/24
- redistribute_mlag_ibgp_peering_vrfs: true
+ redistribute_mlag_ibgp_peering_vrfs: false
svis:
# SVI as string
- id: '110'
diff --git a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc1-leaf1a.yml b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc1-leaf1a.yml
index 1962ff640d3..44c7cbd6796 100644
--- a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc1-leaf1a.yml
+++ b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc1-leaf1a.yml
@@ -101,6 +101,7 @@ router_bgp:
router_id: 10.255.0.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.97
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -119,6 +120,7 @@ router_bgp:
router_id: 10.255.0.3
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.97
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -488,6 +490,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-L2LEAF-INBAND-MGMT
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -514,6 +524,10 @@ prefix_lists:
action: permit 10.255.0.0/27 eq 32
- sequence: 20
action: permit 10.255.1.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.1.96/31
- name: PL-L2LEAF-INBAND-MGMT
sequence_numbers:
- sequence: 10
diff --git a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc1-leaf1b.yml b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc1-leaf1b.yml
index d4f89f14d30..bb646e8e4bf 100644
--- a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc1-leaf1b.yml
+++ b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc1-leaf1b.yml
@@ -98,6 +98,7 @@ router_bgp:
router_id: 10.255.0.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.96
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -116,6 +117,7 @@ router_bgp:
router_id: 10.255.0.4
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.96
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -549,6 +551,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-L2LEAF-INBAND-MGMT
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -575,6 +585,10 @@ prefix_lists:
action: permit 10.255.0.0/27 eq 32
- sequence: 20
action: permit 10.255.1.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.1.96/31
- name: PL-L2LEAF-INBAND-MGMT
sequence_numbers:
- sequence: 10
diff --git a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc1-leaf2a.yml b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc1-leaf2a.yml
index e0363ba79cb..c84e152a7f3 100644
--- a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc1-leaf2a.yml
+++ b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc1-leaf2a.yml
@@ -114,6 +114,7 @@ router_bgp:
router_id: 10.255.0.5
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.101
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -132,6 +133,7 @@ router_bgp:
router_id: 10.255.0.5
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.101
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -501,6 +503,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-L2LEAF-INBAND-MGMT
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -527,6 +537,10 @@ prefix_lists:
action: permit 10.255.0.0/27 eq 32
- sequence: 20
action: permit 10.255.1.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.1.100/31
- name: PL-L2LEAF-INBAND-MGMT
sequence_numbers:
- sequence: 10
diff --git a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc1-leaf2b.yml b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc1-leaf2b.yml
index ecc88dfd13b..30a16dedd28 100644
--- a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc1-leaf2b.yml
+++ b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc1-leaf2b.yml
@@ -114,6 +114,7 @@ router_bgp:
router_id: 10.255.0.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.100
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -132,6 +133,7 @@ router_bgp:
router_id: 10.255.0.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.1.100
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -501,6 +503,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-L2LEAF-INBAND-MGMT
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -527,6 +537,10 @@ prefix_lists:
action: permit 10.255.0.0/27 eq 32
- sequence: 20
action: permit 10.255.1.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.1.100/31
- name: PL-L2LEAF-INBAND-MGMT
sequence_numbers:
- sequence: 10
diff --git a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf1a.yml b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf1a.yml
index 4c1759e5442..4ad49a9b0f1 100644
--- a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf1a.yml
+++ b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf1a.yml
@@ -87,6 +87,7 @@ router_bgp:
router_id: 10.255.128.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.117
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -105,6 +106,7 @@ router_bgp:
router_id: 10.255.128.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.117
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -411,6 +413,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -437,6 +447,10 @@ prefix_lists:
action: permit 10.255.128.0/27 eq 32
- sequence: 20
action: permit 10.255.129.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.129.116/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf1b.yml b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf1b.yml
index 977966a0e7c..4c4a8461e2a 100644
--- a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf1b.yml
+++ b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf1b.yml
@@ -87,6 +87,7 @@ router_bgp:
router_id: 10.255.128.14
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.116
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -105,6 +106,7 @@ router_bgp:
router_id: 10.255.128.14
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.116
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -411,6 +413,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -437,6 +447,10 @@ prefix_lists:
action: permit 10.255.128.0/27 eq 32
- sequence: 20
action: permit 10.255.129.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.129.116/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf2a.yml b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf2a.yml
index 2e6dfa24e8b..73b192f2f73 100644
--- a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf2a.yml
+++ b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf2a.yml
@@ -113,6 +113,7 @@ router_bgp:
router_id: 10.255.128.15
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.121
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -131,6 +132,7 @@ router_bgp:
router_id: 10.255.128.15
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.121
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -483,6 +485,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -509,6 +519,10 @@ prefix_lists:
action: permit 10.255.128.0/27 eq 32
- sequence: 20
action: permit 10.255.129.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.129.120/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf2b.yml b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf2b.yml
index 24795548ab5..0f34cb2f866 100644
--- a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf2b.yml
+++ b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf2b.yml
@@ -113,6 +113,7 @@ router_bgp:
router_id: 10.255.128.16
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.120
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -131,6 +132,7 @@ router_bgp:
router_id: 10.255.128.16
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.120
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -483,6 +485,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -509,6 +519,10 @@ prefix_lists:
action: permit 10.255.128.0/27 eq 32
- sequence: 20
action: permit 10.255.129.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.129.120/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf3a.arista.com.yml b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf3a.arista.com.yml
index de4105a8d29..2001a276fe4 100644
--- a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf3a.arista.com.yml
+++ b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf3a.arista.com.yml
@@ -87,6 +87,7 @@ router_bgp:
router_id: 10.255.128.17
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.125
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -105,6 +106,7 @@ router_bgp:
router_id: 10.255.128.17
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.125
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -443,6 +445,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -469,6 +479,10 @@ prefix_lists:
action: permit 10.255.128.0/27 eq 32
- sequence: 20
action: permit 10.255.129.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.129.124/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf3b.arista.com.yml b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf3b.arista.com.yml
index e943ff33425..ee2776d0acc 100644
--- a/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf3b.arista.com.yml
+++ b/ansible_collections/arista/avd/molecule/eos_validate_state/intended/structured_configs/dc2-leaf3b.arista.com.yml
@@ -87,6 +87,7 @@ router_bgp:
router_id: 10.255.128.18
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.124
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -105,6 +106,7 @@ router_bgp:
router_id: 10.255.128.18
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.129.124
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -390,6 +392,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -416,6 +426,10 @@ prefix_lists:
action: permit 10.255.128.0/27 eq 32
- sequence: 20
action: permit 10.255.129.0/27 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.129.124/31
router_bfd:
multihop:
interval: 300
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/documentation/devices/DC1-SVC3A.md b/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/documentation/devices/DC1-SVC3A.md
index bd6e43867c9..9e4259dde1a 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/documentation/devices/DC1-SVC3A.md
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/documentation/devices/DC1-SVC3A.md
@@ -1502,7 +1502,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-PEERS
neighbor 10.255.252.7 description DC1-SVC3B_Vlan3011
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.12:13
@@ -1512,7 +1512,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-PEERS
neighbor 10.255.252.7 description DC1-SVC3B_Vlan3012
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.12:10
@@ -1522,7 +1522,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-PEERS
neighbor 10.255.252.7 description DC1-SVC3B_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WAN_Zone
rd 192.168.255.12:14
@@ -1534,7 +1534,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-PEERS
neighbor 10.255.252.7 description DC1-SVC3B_Vlan3013
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
redistribute static
!
vrf Tenant_A_WEB_Zone
@@ -1545,7 +1545,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-PEERS
neighbor 10.255.252.7 description DC1-SVC3B_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.12:20
@@ -1555,7 +1555,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-PEERS
neighbor 10.255.252.7 description DC1-SVC3B_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 192.168.255.12:21
@@ -1565,7 +1565,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-PEERS
neighbor 10.255.252.7 description DC1-SVC3B_Vlan3020
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.12:30
@@ -1575,7 +1575,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-PEERS
neighbor 10.255.252.7 description DC1-SVC3B_Vlan2
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 192.168.255.12:31
@@ -1585,7 +1585,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-PEERS
neighbor 10.255.252.7 description DC1-SVC3B_Vlan3030
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -1663,6 +1663,12 @@ no ip igmp snooping vlan 161
| 10 | permit 192.168.255.0/24 eq 32 |
| 20 | permit 192.168.254.0/24 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.252.6/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -1670,6 +1676,9 @@ no ip igmp snooping vlan 161
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.252.6/31
```
### Route-maps
@@ -1682,6 +1691,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -1695,6 +1711,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/documentation/devices/DC1-SVC3B.md b/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/documentation/devices/DC1-SVC3B.md
index 7eea5729b89..4999074bc27 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/documentation/devices/DC1-SVC3B.md
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/documentation/devices/DC1-SVC3B.md
@@ -1502,7 +1502,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-PEERS
neighbor 10.255.252.6 description DC1-SVC3A_Vlan3011
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.13:13
@@ -1512,7 +1512,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-PEERS
neighbor 10.255.252.6 description DC1-SVC3A_Vlan3012
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.13:10
@@ -1522,7 +1522,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-PEERS
neighbor 10.255.252.6 description DC1-SVC3A_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WAN_Zone
rd 192.168.255.13:14
@@ -1534,7 +1534,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-PEERS
neighbor 10.255.252.6 description DC1-SVC3A_Vlan3013
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
redistribute static
!
vrf Tenant_A_WEB_Zone
@@ -1545,7 +1545,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-PEERS
neighbor 10.255.252.6 description DC1-SVC3A_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.13:20
@@ -1555,7 +1555,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-PEERS
neighbor 10.255.252.6 description DC1-SVC3A_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 192.168.255.13:21
@@ -1565,7 +1565,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-PEERS
neighbor 10.255.252.6 description DC1-SVC3A_Vlan3020
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.13:30
@@ -1575,7 +1575,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-PEERS
neighbor 10.255.252.6 description DC1-SVC3A_Vlan2
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 192.168.255.13:31
@@ -1585,7 +1585,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-PEERS
neighbor 10.255.252.6 description DC1-SVC3A_Vlan3030
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -1663,6 +1663,12 @@ no ip igmp snooping vlan 161
| 10 | permit 192.168.255.0/24 eq 32 |
| 20 | permit 192.168.254.0/24 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.252.6/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -1670,6 +1676,9 @@ no ip igmp snooping vlan 161
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.252.6/31
```
### Route-maps
@@ -1682,6 +1691,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -1695,6 +1711,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/intended/configs/DC1-SVC3A.cfg b/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/intended/configs/DC1-SVC3A.cfg
index debc24290de..2991a76e035 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/intended/configs/DC1-SVC3A.cfg
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/intended/configs/DC1-SVC3A.cfg
@@ -698,6 +698,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.252.6/31
+!
mlag configuration
domain-id DC1_SVC3
local-interface Vlan4092
@@ -715,6 +718,11 @@ ntp server vrf MGMT 192.168.200.5 prefer
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -858,7 +866,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-PEERS
neighbor 10.255.252.7 description DC1-SVC3B_Vlan3011
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.12:13
@@ -868,7 +876,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-PEERS
neighbor 10.255.252.7 description DC1-SVC3B_Vlan3012
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.12:10
@@ -878,7 +886,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-PEERS
neighbor 10.255.252.7 description DC1-SVC3B_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WAN_Zone
rd 192.168.255.12:14
@@ -890,7 +898,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-PEERS
neighbor 10.255.252.7 description DC1-SVC3B_Vlan3013
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
redistribute static
!
vrf Tenant_A_WEB_Zone
@@ -901,7 +909,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-PEERS
neighbor 10.255.252.7 description DC1-SVC3B_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.12:20
@@ -911,7 +919,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-PEERS
neighbor 10.255.252.7 description DC1-SVC3B_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 192.168.255.12:21
@@ -921,7 +929,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-PEERS
neighbor 10.255.252.7 description DC1-SVC3B_Vlan3020
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.12:30
@@ -931,7 +939,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-PEERS
neighbor 10.255.252.7 description DC1-SVC3B_Vlan2
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 192.168.255.12:31
@@ -941,6 +949,6 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-PEERS
neighbor 10.255.252.7 description DC1-SVC3B_Vlan3030
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/intended/configs/DC1-SVC3B.cfg b/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/intended/configs/DC1-SVC3B.cfg
index d1fce6c3bad..02341ac22cb 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/intended/configs/DC1-SVC3B.cfg
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/intended/configs/DC1-SVC3B.cfg
@@ -698,6 +698,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.252.6/31
+!
mlag configuration
domain-id DC1_SVC3
local-interface Vlan4092
@@ -715,6 +718,11 @@ ntp server vrf MGMT 192.168.200.5 prefer
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -858,7 +866,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-PEERS
neighbor 10.255.252.6 description DC1-SVC3A_Vlan3011
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.13:13
@@ -868,7 +876,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-PEERS
neighbor 10.255.252.6 description DC1-SVC3A_Vlan3012
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.13:10
@@ -878,7 +886,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-PEERS
neighbor 10.255.252.6 description DC1-SVC3A_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WAN_Zone
rd 192.168.255.13:14
@@ -890,7 +898,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-PEERS
neighbor 10.255.252.6 description DC1-SVC3A_Vlan3013
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
redistribute static
!
vrf Tenant_A_WEB_Zone
@@ -901,7 +909,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-PEERS
neighbor 10.255.252.6 description DC1-SVC3A_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.13:20
@@ -911,7 +919,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-PEERS
neighbor 10.255.252.6 description DC1-SVC3A_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 192.168.255.13:21
@@ -921,7 +929,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-PEERS
neighbor 10.255.252.6 description DC1-SVC3A_Vlan3020
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.13:30
@@ -931,7 +939,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-PEERS
neighbor 10.255.252.6 description DC1-SVC3A_Vlan2
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 192.168.255.13:31
@@ -941,6 +949,6 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-PEERS
neighbor 10.255.252.6 description DC1-SVC3A_Vlan3030
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/intended/structured_configs/DC1-SVC3A.yml b/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/intended/structured_configs/DC1-SVC3A.yml
index 26b53feea04..f550b0611d4 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/intended/structured_configs/DC1-SVC3A.yml
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/intended/structured_configs/DC1-SVC3A.yml
@@ -115,6 +115,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.252.7
peer_group: MLAG-PEERS
@@ -135,6 +136,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.252.7
peer_group: MLAG-PEERS
@@ -155,6 +157,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.252.7
peer_group: MLAG-PEERS
@@ -177,6 +180,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
- source_protocol: static
neighbors:
- ip_address: 10.255.252.7
@@ -198,6 +202,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.252.7
peer_group: MLAG-PEERS
@@ -218,6 +223,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.252.7
peer_group: MLAG-PEERS
@@ -238,6 +244,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.252.7
peer_group: MLAG-PEERS
@@ -258,6 +265,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.252.7
peer_group: MLAG-PEERS
@@ -278,6 +286,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.252.7
peer_group: MLAG-PEERS
@@ -1322,6 +1331,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: CUSTOM_EVPN_Overlay_Peering_L3LEAF
@@ -1343,6 +1360,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.252.6/31
router_bfd:
multihop:
interval: 1200
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/intended/structured_configs/DC1-SVC3B.yml b/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/intended/structured_configs/DC1-SVC3B.yml
index eb8be3c01a4..0901260a789 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/intended/structured_configs/DC1-SVC3B.yml
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_ebgp_overlay_ebgp/intended/structured_configs/DC1-SVC3B.yml
@@ -115,6 +115,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.252.6
peer_group: MLAG-PEERS
@@ -135,6 +136,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.252.6
peer_group: MLAG-PEERS
@@ -155,6 +157,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.252.6
peer_group: MLAG-PEERS
@@ -177,6 +180,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
- source_protocol: static
neighbors:
- ip_address: 10.255.252.6
@@ -198,6 +202,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.252.6
peer_group: MLAG-PEERS
@@ -218,6 +223,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.252.6
peer_group: MLAG-PEERS
@@ -238,6 +244,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.252.6
peer_group: MLAG-PEERS
@@ -258,6 +265,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.252.6
peer_group: MLAG-PEERS
@@ -278,6 +286,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.252.6
peer_group: MLAG-PEERS
@@ -1322,6 +1331,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: CUSTOM_EVPN_Overlay_Peering_L3LEAF
@@ -1343,6 +1360,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.252.6/31
router_bfd:
multihop:
interval: 1200
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-LEAF2A.md b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-LEAF2A.md
index 0878908cd74..095ff24a199 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-LEAF2A.md
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-LEAF2A.md
@@ -43,6 +43,7 @@
- [Multicast](#multicast)
- [IP IGMP Snooping](#ip-igmp-snooping)
- [Filters](#filters)
+ - [Prefix-lists](#prefix-lists)
- [Route-maps](#route-maps)
- [VRF Instances](#vrf-instances)
- [VRF Instances Summary](#vrf-instances-summary)
@@ -762,7 +763,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -800,10 +801,35 @@ router bfd
## Filters
+### Prefix-lists
+
+#### Prefix-lists Summary
+
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.251.2/31 |
+
+#### Prefix-lists Device Configuration
+
+```eos
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.2/31
+```
+
### Route-maps
#### Route-maps Summary
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -814,6 +840,11 @@ router bfd
```eos
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-LEAF2B.md b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-LEAF2B.md
index 75b8d4b5551..1ac6d01ad9f 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-LEAF2B.md
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-LEAF2B.md
@@ -43,6 +43,7 @@
- [Multicast](#multicast)
- [IP IGMP Snooping](#ip-igmp-snooping)
- [Filters](#filters)
+ - [Prefix-lists](#prefix-lists)
- [Route-maps](#route-maps)
- [VRF Instances](#vrf-instances)
- [VRF Instances Summary](#vrf-instances-summary)
@@ -762,7 +763,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -800,10 +801,35 @@ router bfd
## Filters
+### Prefix-lists
+
+#### Prefix-lists Summary
+
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.251.2/31 |
+
+#### Prefix-lists Device Configuration
+
+```eos
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.2/31
+```
+
### Route-maps
#### Route-maps Summary
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -814,6 +840,11 @@ router bfd
```eos
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-SVC3A.md b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-SVC3A.md
index 15e085c7c64..7adfa23d3d4 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-SVC3A.md
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-SVC3A.md
@@ -43,6 +43,7 @@
- [Multicast](#multicast)
- [IP IGMP Snooping](#ip-igmp-snooping)
- [Filters](#filters)
+ - [Prefix-lists](#prefix-lists)
- [Route-maps](#route-maps)
- [VRF Instances](#vrf-instances)
- [VRF Instances Summary](#vrf-instances-summary)
@@ -755,7 +756,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.252.7 description DC1-SVC3B_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -793,10 +794,35 @@ router bfd
## Filters
+### Prefix-lists
+
+#### Prefix-lists Summary
+
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.252.6/31 |
+
+#### Prefix-lists Device Configuration
+
+```eos
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.252.6/31
+```
+
### Route-maps
#### Route-maps Summary
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -807,6 +833,11 @@ router bfd
```eos
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-SVC3B.md b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-SVC3B.md
index 3e6deefb5f8..8f220cc5527 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-SVC3B.md
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-SVC3B.md
@@ -43,6 +43,7 @@
- [Multicast](#multicast)
- [IP IGMP Snooping](#ip-igmp-snooping)
- [Filters](#filters)
+ - [Prefix-lists](#prefix-lists)
- [Route-maps](#route-maps)
- [VRF Instances](#vrf-instances)
- [VRF Instances Summary](#vrf-instances-summary)
@@ -755,7 +756,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.252.6 description DC1-SVC3A_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
@@ -793,10 +794,35 @@ router bfd
## Filters
+### Prefix-lists
+
+#### Prefix-lists Summary
+
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.252.6/31 |
+
+#### Prefix-lists Device Configuration
+
+```eos
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.252.6/31
+```
+
### Route-maps
#### Route-maps Summary
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -807,6 +833,11 @@ router bfd
```eos
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/configs/DC1-LEAF2A.cfg b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/configs/DC1-LEAF2A.cfg
index e1d3ee04961..742b62917c7 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/configs/DC1-LEAF2A.cfg
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/configs/DC1-LEAF2A.cfg
@@ -183,6 +183,9 @@ ip routing
no ip routing vrf MGMT
ip routing vrf Tenant_B_OP_Zone
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.2/31
+!
mlag configuration
domain-id DC1_LEAF2
local-interface Vlan4094
@@ -196,6 +199,11 @@ ip route vrf MGMT 0.0.0.0/0 192.168.200.5
ntp local-interface vrf MGMT Management1
ntp server vrf MGMT 192.168.200.5 prefer
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -259,7 +267,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
router ospf 101
router-id 192.168.255.6
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/configs/DC1-LEAF2B.cfg b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/configs/DC1-LEAF2B.cfg
index 5f4b6c97e74..7565b04ced4 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/configs/DC1-LEAF2B.cfg
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/configs/DC1-LEAF2B.cfg
@@ -183,6 +183,9 @@ ip routing
no ip routing vrf MGMT
ip routing vrf Tenant_B_OP_Zone
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.2/31
+!
mlag configuration
domain-id DC1_LEAF2
local-interface Vlan4094
@@ -196,6 +199,11 @@ ip route vrf MGMT 0.0.0.0/0 192.168.200.5
ntp local-interface vrf MGMT Management1
ntp server vrf MGMT 192.168.200.5 prefer
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -259,7 +267,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
router ospf 101
router-id 192.168.255.7
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/configs/DC1-SVC3A.cfg b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/configs/DC1-SVC3A.cfg
index 3bc328ebd80..127b324a802 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/configs/DC1-SVC3A.cfg
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/configs/DC1-SVC3A.cfg
@@ -178,6 +178,9 @@ ip routing
no ip routing vrf MGMT
ip routing vrf Tenant_B_OP_Zone
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.252.6/31
+!
mlag configuration
domain-id DC1_SVC3
local-interface Vlan4094
@@ -191,6 +194,11 @@ ip route vrf MGMT 0.0.0.0/0 192.168.200.5
ntp local-interface vrf MGMT Management1
ntp server vrf MGMT 192.168.200.5 prefer
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -254,7 +262,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.7 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.252.7 description DC1-SVC3B_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
router ospf 101
router-id 192.168.255.8
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/configs/DC1-SVC3B.cfg b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/configs/DC1-SVC3B.cfg
index 73a69db2c67..ef0580de359 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/configs/DC1-SVC3B.cfg
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/configs/DC1-SVC3B.cfg
@@ -178,6 +178,9 @@ ip routing
no ip routing vrf MGMT
ip routing vrf Tenant_B_OP_Zone
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.252.6/31
+!
mlag configuration
domain-id DC1_SVC3
local-interface Vlan4094
@@ -191,6 +194,11 @@ ip route vrf MGMT 0.0.0.0/0 192.168.200.5
ntp local-interface vrf MGMT Management1
ntp server vrf MGMT 192.168.200.5 prefer
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -254,7 +262,7 @@ router bgp 65103
update wait-install
neighbor 10.255.252.6 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.252.6 description DC1-SVC3A_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
router ospf 101
router-id 192.168.255.9
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/structured_configs/DC1-LEAF2A.yml b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/structured_configs/DC1-LEAF2A.yml
index b8676beeb88..60f6b7fe18d 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/structured_configs/DC1-LEAF2A.yml
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/structured_configs/DC1-LEAF2A.yml
@@ -81,6 +81,7 @@ router_bgp:
router_id: 192.168.255.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.3
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -380,6 +381,19 @@ route_maps:
set:
- origin incomplete
description: Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
+prefix_lists:
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.251.2/31
vxlan_interface:
vxlan1:
description: DC1-LEAF2A_VTEP
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/structured_configs/DC1-LEAF2B.yml b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/structured_configs/DC1-LEAF2B.yml
index 771ceae83e7..fef8960a074 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/structured_configs/DC1-LEAF2B.yml
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/structured_configs/DC1-LEAF2B.yml
@@ -81,6 +81,7 @@ router_bgp:
router_id: 192.168.255.7
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.2
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -380,6 +381,19 @@ route_maps:
set:
- origin incomplete
description: Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
+prefix_lists:
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.251.2/31
vxlan_interface:
vxlan1:
description: DC1-LEAF2B_VTEP
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/structured_configs/DC1-SVC3A.yml b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/structured_configs/DC1-SVC3A.yml
index 0f54aaa4d93..f7152435589 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/structured_configs/DC1-SVC3A.yml
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/structured_configs/DC1-SVC3A.yml
@@ -81,6 +81,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.252.7
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -379,6 +380,19 @@ route_maps:
set:
- origin incomplete
description: Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
+prefix_lists:
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.252.6/31
vxlan_interface:
vxlan1:
description: DC1-SVC3A_VTEP
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/structured_configs/DC1-SVC3B.yml b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/structured_configs/DC1-SVC3B.yml
index e65e82c565f..44e084d8621 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/structured_configs/DC1-SVC3B.yml
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_ospf_overlay_ebgp/intended/structured_configs/DC1-SVC3B.yml
@@ -81,6 +81,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.252.6
peer_group: MLAG-IPv4-UNDERLAY-PEER
@@ -379,6 +380,19 @@ route_maps:
set:
- origin incomplete
description: Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
+prefix_lists:
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.252.6/31
vxlan_interface:
vxlan1:
description: DC1-SVC3B_VTEP
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF2A.md b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF2A.md
index a417372bbaa..4fb75b47497 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF2A.md
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF2A.md
@@ -1140,7 +1140,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG_PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3011
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.3 next-hop address-family ipv6
@@ -1153,7 +1153,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG_PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3012
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.3 next-hop address-family ipv6
@@ -1166,7 +1166,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG_PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.3 next-hop address-family ipv6
@@ -1179,7 +1179,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG_PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.3 next-hop address-family ipv6
@@ -1192,7 +1192,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG_PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.3 next-hop address-family ipv6
@@ -1205,7 +1205,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG_PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan2
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.3 next-hop address-family ipv6
@@ -1265,6 +1265,12 @@ no ip igmp snooping vlan 120
| 10 | permit 192.168.255.0/24 eq 32 |
| 20 | permit 192.168.254.0/24 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.251.2/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -1272,6 +1278,9 @@ no ip igmp snooping vlan 120
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.2/31
```
### Route-maps
@@ -1284,6 +1293,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -1297,6 +1313,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF2B.md b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF2B.md
index 43a0f9d5d4d..1c106ef5774 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF2B.md
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF2B.md
@@ -1140,7 +1140,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG_PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3011
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.2 next-hop address-family ipv6
@@ -1153,7 +1153,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG_PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3012
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.2 next-hop address-family ipv6
@@ -1166,7 +1166,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG_PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.2 next-hop address-family ipv6
@@ -1179,7 +1179,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG_PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.2 next-hop address-family ipv6
@@ -1192,7 +1192,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG_PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.2 next-hop address-family ipv6
@@ -1205,7 +1205,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG_PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan2
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.2 next-hop address-family ipv6
@@ -1265,6 +1265,12 @@ no ip igmp snooping vlan 120
| 10 | permit 192.168.255.0/24 eq 32 |
| 20 | permit 192.168.254.0/24 eq 32 |
+##### PL-MLAG-PEER-VRFS
+
+| Sequence | Action |
+| -------- | ------ |
+| 10 | permit 10.255.251.2/31 |
+
#### Prefix-lists Device Configuration
```eos
@@ -1272,6 +1278,9 @@ no ip igmp snooping vlan 120
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
+!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.2/31
```
### Route-maps
@@ -1284,6 +1293,13 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
| -------- | ---- | ----- | --- | ------------- | -------- |
| 10 | permit | ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | - | - | - |
+##### RM-CONN-2-BGP-VRFS
+
+| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
+| -------- | ---- | ----- | --- | ------------- | -------- |
+| 10 | deny | ip address prefix-list PL-MLAG-PEER-VRFS | - | - | - |
+| 20 | permit | - | - | - | - |
+
##### RM-MLAG-PEER-IN
| Sequence | Type | Match | Set | Sub-Route-Map | Continue |
@@ -1297,6 +1313,11 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF3A.md b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF3A.md
index 49982f17005..260960a151e 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF3A.md
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF3A.md
@@ -1058,7 +1058,7 @@ router bgp 65106
route-target export evpn 12:12
router-id 192.168.255.12
neighbor interface Vlan3011 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.12:13
@@ -1066,7 +1066,7 @@ router bgp 65106
route-target export evpn 13:13
router-id 192.168.255.12
neighbor interface Vlan3012 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.12:10
@@ -1074,7 +1074,7 @@ router bgp 65106
route-target export evpn 10:10
router-id 192.168.255.12
neighbor interface Vlan3009 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.12:11
@@ -1082,7 +1082,7 @@ router bgp 65106
route-target export evpn 11:11
router-id 192.168.255.12
neighbor interface Vlan3010 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.12:20
@@ -1090,7 +1090,7 @@ router bgp 65106
route-target export evpn 20:20
router-id 192.168.255.12
neighbor interface Vlan3019 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.12:30
@@ -1098,7 +1098,7 @@ router bgp 65106
route-target export evpn 30:30
router-id 192.168.255.12
neighbor interface Vlan2 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF3B.md b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF3B.md
index 229b830a032..6359033361e 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF3B.md
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF3B.md
@@ -1058,7 +1058,7 @@ router bgp 65106
route-target export evpn 12:12
router-id 192.168.255.13
neighbor interface Vlan3011 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.13:13
@@ -1066,7 +1066,7 @@ router bgp 65106
route-target export evpn 13:13
router-id 192.168.255.13
neighbor interface Vlan3012 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.13:10
@@ -1074,7 +1074,7 @@ router bgp 65106
route-target export evpn 10:10
router-id 192.168.255.13
neighbor interface Vlan3009 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.13:11
@@ -1082,7 +1082,7 @@ router bgp 65106
route-target export evpn 11:11
router-id 192.168.255.13
neighbor interface Vlan3010 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.13:20
@@ -1090,7 +1090,7 @@ router bgp 65106
route-target export evpn 20:20
router-id 192.168.255.13
neighbor interface Vlan3019 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.13:30
@@ -1098,7 +1098,7 @@ router bgp 65106
route-target export evpn 30:30
router-id 192.168.255.13
neighbor interface Vlan2 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF4A.md b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF4A.md
index ee8946905ab..5e82f8fbb37 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF4A.md
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF4A.md
@@ -1048,7 +1048,7 @@ router bgp 65107
route-target export evpn 12:12
router-id 192.168.255.14
neighbor interface Vlan3011 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.14:13
@@ -1056,7 +1056,7 @@ router bgp 65107
route-target export evpn 13:13
router-id 192.168.255.14
neighbor interface Vlan3012 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.14:10
@@ -1064,7 +1064,7 @@ router bgp 65107
route-target export evpn 10:10
router-id 192.168.255.14
neighbor interface Vlan3009 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.14:11
@@ -1072,7 +1072,7 @@ router bgp 65107
route-target export evpn 11:11
router-id 192.168.255.14
neighbor interface Vlan3010 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.14:20
@@ -1080,7 +1080,7 @@ router bgp 65107
route-target export evpn 20:20
router-id 192.168.255.14
neighbor interface Vlan3019 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.14:30
@@ -1088,7 +1088,7 @@ router bgp 65107
route-target export evpn 30:30
router-id 192.168.255.14
neighbor interface Vlan2 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF4B.md b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF4B.md
index 6f8e4f4858c..301859a5122 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF4B.md
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-LEAF4B.md
@@ -1048,7 +1048,7 @@ router bgp 65107
route-target export evpn 12:12
router-id 192.168.255.15
neighbor interface Vlan3011 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.15:13
@@ -1056,7 +1056,7 @@ router bgp 65107
route-target export evpn 13:13
router-id 192.168.255.15
neighbor interface Vlan3012 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.15:10
@@ -1064,7 +1064,7 @@ router bgp 65107
route-target export evpn 10:10
router-id 192.168.255.15
neighbor interface Vlan3009 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.15:11
@@ -1072,7 +1072,7 @@ router bgp 65107
route-target export evpn 11:11
router-id 192.168.255.15
neighbor interface Vlan3010 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.15:20
@@ -1080,7 +1080,7 @@ router bgp 65107
route-target export evpn 20:20
router-id 192.168.255.15
neighbor interface Vlan3019 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.15:30
@@ -1088,7 +1088,7 @@ router bgp 65107
route-target export evpn 30:30
router-id 192.168.255.15
neighbor interface Vlan2 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-SVC3A.md b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-SVC3A.md
index 6487ec07bf9..54f0332f45a 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-SVC3A.md
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-SVC3A.md
@@ -1358,7 +1358,7 @@ router bgp 65103
route-target export evpn 12:12
router-id 192.168.255.8
neighbor interface Vlan3011 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.8:13
@@ -1366,7 +1366,7 @@ router bgp 65103
route-target export evpn 13:13
router-id 192.168.255.8
neighbor interface Vlan3012 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.8:10
@@ -1374,7 +1374,7 @@ router bgp 65103
route-target export evpn 10:10
router-id 192.168.255.8
neighbor interface Vlan3009 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WAN_Zone
rd 192.168.255.8:14
@@ -1382,7 +1382,7 @@ router bgp 65103
route-target export evpn 14:14
router-id 192.168.255.8
neighbor interface Vlan3013 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.8:11
@@ -1390,7 +1390,7 @@ router bgp 65103
route-target export evpn 11:11
router-id 192.168.255.8
neighbor interface Vlan3010 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.8:20
@@ -1398,7 +1398,7 @@ router bgp 65103
route-target export evpn 20:20
router-id 192.168.255.8
neighbor interface Vlan3019 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 192.168.255.8:21
@@ -1406,7 +1406,7 @@ router bgp 65103
route-target export evpn 21:21
router-id 192.168.255.8
neighbor interface Vlan3020 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.8:30
@@ -1414,7 +1414,7 @@ router bgp 65103
route-target export evpn 30:30
router-id 192.168.255.8
neighbor interface Vlan2 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 192.168.255.8:31
@@ -1422,7 +1422,7 @@ router bgp 65103
route-target export evpn 31:31
router-id 192.168.255.8
neighbor interface Vlan3030 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-SVC3B.md b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-SVC3B.md
index 49fa6e1545b..0b4f13cb8b2 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-SVC3B.md
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/documentation/devices/DC1-SVC3B.md
@@ -1332,7 +1332,7 @@ router bgp 65103
route-target export evpn 12:12
router-id 192.168.255.9
neighbor interface Vlan3011 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.9:13
@@ -1340,7 +1340,7 @@ router bgp 65103
route-target export evpn 13:13
router-id 192.168.255.9
neighbor interface Vlan3012 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.9:10
@@ -1348,7 +1348,7 @@ router bgp 65103
route-target export evpn 10:10
router-id 192.168.255.9
neighbor interface Vlan3009 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WAN_Zone
rd 192.168.255.9:14
@@ -1356,7 +1356,7 @@ router bgp 65103
route-target export evpn 14:14
router-id 192.168.255.9
neighbor interface Vlan3013 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.9:11
@@ -1364,7 +1364,7 @@ router bgp 65103
route-target export evpn 11:11
router-id 192.168.255.9
neighbor interface Vlan3010 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.9:20
@@ -1372,7 +1372,7 @@ router bgp 65103
route-target export evpn 20:20
router-id 192.168.255.9
neighbor interface Vlan3019 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 192.168.255.9:21
@@ -1380,7 +1380,7 @@ router bgp 65103
route-target export evpn 21:21
router-id 192.168.255.9
neighbor interface Vlan3020 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.9:30
@@ -1388,7 +1388,7 @@ router bgp 65103
route-target export evpn 30:30
router-id 192.168.255.9
neighbor interface Vlan2 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 192.168.255.9:31
@@ -1396,7 +1396,7 @@ router bgp 65103
route-target export evpn 31:31
router-id 192.168.255.9
neighbor interface Vlan3030 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
```
## BFD
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF2A.cfg b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF2A.cfg
index dc49c1c619c..40af67ff24d 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF2A.cfg
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF2A.cfg
@@ -417,6 +417,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.2/31
+!
ipv6 unicast-routing
!
mlag configuration
@@ -435,6 +438,11 @@ ntp server vrf MGMT 192.168.200.5 prefer
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -553,7 +561,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG_PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3011
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.3 next-hop address-family ipv6
@@ -566,7 +574,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG_PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3012
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.3 next-hop address-family ipv6
@@ -579,7 +587,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG_PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.3 next-hop address-family ipv6
@@ -592,7 +600,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG_PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.3 next-hop address-family ipv6
@@ -605,7 +613,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG_PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.3 next-hop address-family ipv6
@@ -618,7 +626,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.3 peer group MLAG_PEER
neighbor 10.255.251.3 description DC1-LEAF2B_Vlan2
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.3 next-hop address-family ipv6
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF2B.cfg b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF2B.cfg
index cbb9ac1fefd..bb33ab4d323 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF2B.cfg
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF2B.cfg
@@ -417,6 +417,9 @@ ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.255.0/24 eq 32
seq 20 permit 192.168.254.0/24 eq 32
!
+ip prefix-list PL-MLAG-PEER-VRFS
+ seq 10 permit 10.255.251.2/31
+!
ipv6 unicast-routing
!
mlag configuration
@@ -435,6 +438,11 @@ ntp server vrf MGMT 192.168.200.5 prefer
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
+route-map RM-CONN-2-BGP-VRFS deny 10
+ match ip address prefix-list PL-MLAG-PEER-VRFS
+!
+route-map RM-CONN-2-BGP-VRFS permit 20
+!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
@@ -553,7 +561,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG_PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3011
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.2 next-hop address-family ipv6
@@ -566,7 +574,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG_PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3012
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.2 next-hop address-family ipv6
@@ -579,7 +587,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG_PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3009
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.2 next-hop address-family ipv6
@@ -592,7 +600,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG_PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3010
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.2 next-hop address-family ipv6
@@ -605,7 +613,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG_PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan3019
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.2 next-hop address-family ipv6
@@ -618,7 +626,7 @@ router bgp 65102
update wait-install
neighbor 10.255.251.2 peer group MLAG_PEER
neighbor 10.255.251.2 description DC1-LEAF2A_Vlan2
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
address-family ipv4
no neighbor 10.255.251.2 next-hop address-family ipv6
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF3A.cfg b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF3A.cfg
index 4d8e0326038..893a6cf18f2 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF3A.cfg
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF3A.cfg
@@ -491,7 +491,7 @@ router bgp 65106
route-target export evpn 12:12
router-id 192.168.255.12
neighbor interface Vlan3011 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.12:13
@@ -499,7 +499,7 @@ router bgp 65106
route-target export evpn 13:13
router-id 192.168.255.12
neighbor interface Vlan3012 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.12:10
@@ -507,7 +507,7 @@ router bgp 65106
route-target export evpn 10:10
router-id 192.168.255.12
neighbor interface Vlan3009 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.12:11
@@ -515,7 +515,7 @@ router bgp 65106
route-target export evpn 11:11
router-id 192.168.255.12
neighbor interface Vlan3010 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.12:20
@@ -523,7 +523,7 @@ router bgp 65106
route-target export evpn 20:20
router-id 192.168.255.12
neighbor interface Vlan3019 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.12:30
@@ -531,6 +531,6 @@ router bgp 65106
route-target export evpn 30:30
router-id 192.168.255.12
neighbor interface Vlan2 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF3B.cfg b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF3B.cfg
index c9ef2142bd3..a7e5c00f4f2 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF3B.cfg
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF3B.cfg
@@ -491,7 +491,7 @@ router bgp 65106
route-target export evpn 12:12
router-id 192.168.255.13
neighbor interface Vlan3011 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.13:13
@@ -499,7 +499,7 @@ router bgp 65106
route-target export evpn 13:13
router-id 192.168.255.13
neighbor interface Vlan3012 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.13:10
@@ -507,7 +507,7 @@ router bgp 65106
route-target export evpn 10:10
router-id 192.168.255.13
neighbor interface Vlan3009 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.13:11
@@ -515,7 +515,7 @@ router bgp 65106
route-target export evpn 11:11
router-id 192.168.255.13
neighbor interface Vlan3010 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.13:20
@@ -523,7 +523,7 @@ router bgp 65106
route-target export evpn 20:20
router-id 192.168.255.13
neighbor interface Vlan3019 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.13:30
@@ -531,6 +531,6 @@ router bgp 65106
route-target export evpn 30:30
router-id 192.168.255.13
neighbor interface Vlan2 peer-group MLAG_PEER remote-as 65106
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF4A.cfg b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF4A.cfg
index de44eef6251..9b4570e97ac 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF4A.cfg
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF4A.cfg
@@ -483,7 +483,7 @@ router bgp 65107
route-target export evpn 12:12
router-id 192.168.255.14
neighbor interface Vlan3011 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.14:13
@@ -491,7 +491,7 @@ router bgp 65107
route-target export evpn 13:13
router-id 192.168.255.14
neighbor interface Vlan3012 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.14:10
@@ -499,7 +499,7 @@ router bgp 65107
route-target export evpn 10:10
router-id 192.168.255.14
neighbor interface Vlan3009 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.14:11
@@ -507,7 +507,7 @@ router bgp 65107
route-target export evpn 11:11
router-id 192.168.255.14
neighbor interface Vlan3010 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.14:20
@@ -515,7 +515,7 @@ router bgp 65107
route-target export evpn 20:20
router-id 192.168.255.14
neighbor interface Vlan3019 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.14:30
@@ -523,6 +523,6 @@ router bgp 65107
route-target export evpn 30:30
router-id 192.168.255.14
neighbor interface Vlan2 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF4B.cfg b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF4B.cfg
index 1365a3ba045..19a46ec7e9c 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF4B.cfg
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-LEAF4B.cfg
@@ -483,7 +483,7 @@ router bgp 65107
route-target export evpn 12:12
router-id 192.168.255.15
neighbor interface Vlan3011 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.15:13
@@ -491,7 +491,7 @@ router bgp 65107
route-target export evpn 13:13
router-id 192.168.255.15
neighbor interface Vlan3012 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.15:10
@@ -499,7 +499,7 @@ router bgp 65107
route-target export evpn 10:10
router-id 192.168.255.15
neighbor interface Vlan3009 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.15:11
@@ -507,7 +507,7 @@ router bgp 65107
route-target export evpn 11:11
router-id 192.168.255.15
neighbor interface Vlan3010 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.15:20
@@ -515,7 +515,7 @@ router bgp 65107
route-target export evpn 20:20
router-id 192.168.255.15
neighbor interface Vlan3019 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.15:30
@@ -523,6 +523,6 @@ router bgp 65107
route-target export evpn 30:30
router-id 192.168.255.15
neighbor interface Vlan2 peer-group MLAG_PEER remote-as 65107
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-SVC3A.cfg b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-SVC3A.cfg
index 2108caa5b6c..22ed504b9ff 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-SVC3A.cfg
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-SVC3A.cfg
@@ -725,7 +725,7 @@ router bgp 65103
route-target export evpn 12:12
router-id 192.168.255.8
neighbor interface Vlan3011 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.8:13
@@ -733,7 +733,7 @@ router bgp 65103
route-target export evpn 13:13
router-id 192.168.255.8
neighbor interface Vlan3012 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.8:10
@@ -741,7 +741,7 @@ router bgp 65103
route-target export evpn 10:10
router-id 192.168.255.8
neighbor interface Vlan3009 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WAN_Zone
rd 192.168.255.8:14
@@ -749,7 +749,7 @@ router bgp 65103
route-target export evpn 14:14
router-id 192.168.255.8
neighbor interface Vlan3013 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.8:11
@@ -757,7 +757,7 @@ router bgp 65103
route-target export evpn 11:11
router-id 192.168.255.8
neighbor interface Vlan3010 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.8:20
@@ -765,7 +765,7 @@ router bgp 65103
route-target export evpn 20:20
router-id 192.168.255.8
neighbor interface Vlan3019 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 192.168.255.8:21
@@ -773,7 +773,7 @@ router bgp 65103
route-target export evpn 21:21
router-id 192.168.255.8
neighbor interface Vlan3020 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.8:30
@@ -781,7 +781,7 @@ router bgp 65103
route-target export evpn 30:30
router-id 192.168.255.8
neighbor interface Vlan2 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 192.168.255.8:31
@@ -789,6 +789,6 @@ router bgp 65103
route-target export evpn 31:31
router-id 192.168.255.8
neighbor interface Vlan3030 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-SVC3B.cfg b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-SVC3B.cfg
index a97db8ad04d..b836ea03464 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-SVC3B.cfg
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/configs/DC1-SVC3B.cfg
@@ -709,7 +709,7 @@ router bgp 65103
route-target export evpn 12:12
router-id 192.168.255.9
neighbor interface Vlan3011 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_DB_Zone
rd 192.168.255.9:13
@@ -717,7 +717,7 @@ router bgp 65103
route-target export evpn 13:13
router-id 192.168.255.9
neighbor interface Vlan3012 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_OP_Zone
rd 192.168.255.9:10
@@ -725,7 +725,7 @@ router bgp 65103
route-target export evpn 10:10
router-id 192.168.255.9
neighbor interface Vlan3009 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WAN_Zone
rd 192.168.255.9:14
@@ -733,7 +733,7 @@ router bgp 65103
route-target export evpn 14:14
router-id 192.168.255.9
neighbor interface Vlan3013 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_A_WEB_Zone
rd 192.168.255.9:11
@@ -741,7 +741,7 @@ router bgp 65103
route-target export evpn 11:11
router-id 192.168.255.9
neighbor interface Vlan3010 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_OP_Zone
rd 192.168.255.9:20
@@ -749,7 +749,7 @@ router bgp 65103
route-target export evpn 20:20
router-id 192.168.255.9
neighbor interface Vlan3019 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_B_WAN_Zone
rd 192.168.255.9:21
@@ -757,7 +757,7 @@ router bgp 65103
route-target export evpn 21:21
router-id 192.168.255.9
neighbor interface Vlan3020 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_OP_Zone
rd 192.168.255.9:30
@@ -765,7 +765,7 @@ router bgp 65103
route-target export evpn 30:30
router-id 192.168.255.9
neighbor interface Vlan2 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
vrf Tenant_C_WAN_Zone
rd 192.168.255.9:31
@@ -773,6 +773,6 @@ router bgp 65103
route-target export evpn 31:31
router-id 192.168.255.9
neighbor interface Vlan3030 peer-group MLAG_PEER remote-as 65103
- redistribute connected
+ redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF2A.yml b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF2A.yml
index f32aa6b41e5..011a4a07573 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF2A.yml
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF2A.yml
@@ -125,6 +125,7 @@ router_bgp:
router_id: 192.168.255.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.3
peer_group: MLAG_PEER
@@ -151,6 +152,7 @@ router_bgp:
router_id: 192.168.255.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.3
peer_group: MLAG_PEER
@@ -177,6 +179,7 @@ router_bgp:
router_id: 192.168.255.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.3
peer_group: MLAG_PEER
@@ -203,6 +206,7 @@ router_bgp:
router_id: 192.168.255.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.3
peer_group: MLAG_PEER
@@ -229,6 +233,7 @@ router_bgp:
router_id: 192.168.255.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.3
peer_group: MLAG_PEER
@@ -255,6 +260,7 @@ router_bgp:
router_id: 192.168.255.6
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.3
peer_group: MLAG_PEER
@@ -842,6 +848,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -863,6 +877,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.251.2/31
router_bfd:
multihop:
interval: 1200
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF2B.yml b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF2B.yml
index 306ae9b50a1..aa848cd4bee 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF2B.yml
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF2B.yml
@@ -125,6 +125,7 @@ router_bgp:
router_id: 192.168.255.7
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.2
peer_group: MLAG_PEER
@@ -151,6 +152,7 @@ router_bgp:
router_id: 192.168.255.7
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.2
peer_group: MLAG_PEER
@@ -177,6 +179,7 @@ router_bgp:
router_id: 192.168.255.7
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.2
peer_group: MLAG_PEER
@@ -203,6 +206,7 @@ router_bgp:
router_id: 192.168.255.7
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.2
peer_group: MLAG_PEER
@@ -229,6 +233,7 @@ router_bgp:
router_id: 192.168.255.7
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.2
peer_group: MLAG_PEER
@@ -255,6 +260,7 @@ router_bgp:
router_id: 192.168.255.7
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbors:
- ip_address: 10.255.251.2
peer_group: MLAG_PEER
@@ -842,6 +848,14 @@ route_maps:
type: permit
match:
- ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
+- name: RM-CONN-2-BGP-VRFS
+ sequence_numbers:
+ - sequence: 10
+ type: deny
+ match:
+ - ip address prefix-list PL-MLAG-PEER-VRFS
+ - sequence: 20
+ type: permit
loopback_interfaces:
- name: Loopback0
description: ROUTER_ID
@@ -863,6 +877,10 @@ prefix_lists:
action: permit 192.168.255.0/24 eq 32
- sequence: 20
action: permit 192.168.254.0/24 eq 32
+- name: PL-MLAG-PEER-VRFS
+ sequence_numbers:
+ - sequence: 10
+ action: permit 10.255.251.2/31
router_bfd:
multihop:
interval: 1200
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF3A.yml b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF3A.yml
index b755657aa1e..223ba428fd1 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF3A.yml
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF3A.yml
@@ -106,6 +106,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3011
peer_group: MLAG_PEER
@@ -125,6 +126,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3012
peer_group: MLAG_PEER
@@ -144,6 +146,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3009
peer_group: MLAG_PEER
@@ -163,6 +166,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3010
peer_group: MLAG_PEER
@@ -182,6 +186,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3019
peer_group: MLAG_PEER
@@ -201,6 +206,7 @@ router_bgp:
router_id: 192.168.255.12
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan2
peer_group: MLAG_PEER
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF3B.yml b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF3B.yml
index 5c30b7b2985..9a424e33941 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF3B.yml
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF3B.yml
@@ -106,6 +106,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3011
peer_group: MLAG_PEER
@@ -125,6 +126,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3012
peer_group: MLAG_PEER
@@ -144,6 +146,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3009
peer_group: MLAG_PEER
@@ -163,6 +166,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3010
peer_group: MLAG_PEER
@@ -182,6 +186,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3019
peer_group: MLAG_PEER
@@ -201,6 +206,7 @@ router_bgp:
router_id: 192.168.255.13
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan2
peer_group: MLAG_PEER
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF4A.yml b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF4A.yml
index b1ba4e61e02..6819e28e79d 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF4A.yml
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF4A.yml
@@ -101,6 +101,7 @@ router_bgp:
router_id: 192.168.255.14
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3011
peer_group: MLAG_PEER
@@ -120,6 +121,7 @@ router_bgp:
router_id: 192.168.255.14
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3012
peer_group: MLAG_PEER
@@ -139,6 +141,7 @@ router_bgp:
router_id: 192.168.255.14
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3009
peer_group: MLAG_PEER
@@ -158,6 +161,7 @@ router_bgp:
router_id: 192.168.255.14
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3010
peer_group: MLAG_PEER
@@ -177,6 +181,7 @@ router_bgp:
router_id: 192.168.255.14
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3019
peer_group: MLAG_PEER
@@ -196,6 +201,7 @@ router_bgp:
router_id: 192.168.255.14
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan2
peer_group: MLAG_PEER
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF4B.yml b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF4B.yml
index d1e2577248e..425ec72a90a 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF4B.yml
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-LEAF4B.yml
@@ -101,6 +101,7 @@ router_bgp:
router_id: 192.168.255.15
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3011
peer_group: MLAG_PEER
@@ -120,6 +121,7 @@ router_bgp:
router_id: 192.168.255.15
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3012
peer_group: MLAG_PEER
@@ -139,6 +141,7 @@ router_bgp:
router_id: 192.168.255.15
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3009
peer_group: MLAG_PEER
@@ -158,6 +161,7 @@ router_bgp:
router_id: 192.168.255.15
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3010
peer_group: MLAG_PEER
@@ -177,6 +181,7 @@ router_bgp:
router_id: 192.168.255.15
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3019
peer_group: MLAG_PEER
@@ -196,6 +201,7 @@ router_bgp:
router_id: 192.168.255.15
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan2
peer_group: MLAG_PEER
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-SVC3A.yml b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-SVC3A.yml
index a1524a6b5c0..33cc8d13e9f 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-SVC3A.yml
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-SVC3A.yml
@@ -125,6 +125,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3011
peer_group: MLAG_PEER
@@ -144,6 +145,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3012
peer_group: MLAG_PEER
@@ -163,6 +165,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3009
peer_group: MLAG_PEER
@@ -182,6 +185,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3013
peer_group: MLAG_PEER
@@ -201,6 +205,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3010
peer_group: MLAG_PEER
@@ -220,6 +225,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3019
peer_group: MLAG_PEER
@@ -239,6 +245,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3020
peer_group: MLAG_PEER
@@ -258,6 +265,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan2
peer_group: MLAG_PEER
@@ -277,6 +285,7 @@ router_bgp:
router_id: 192.168.255.8
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3030
peer_group: MLAG_PEER
diff --git a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-SVC3B.yml b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-SVC3B.yml
index 847a9aa2b22..ee78e6cefe3 100644
--- a/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-SVC3B.yml
+++ b/ansible_collections/arista/avd/molecule/evpn_underlay_rfc5549_overlay_ebgp/intended/structured_configs/DC1-SVC3B.yml
@@ -125,6 +125,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3011
peer_group: MLAG_PEER
@@ -144,6 +145,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3012
peer_group: MLAG_PEER
@@ -163,6 +165,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3009
peer_group: MLAG_PEER
@@ -182,6 +185,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3013
peer_group: MLAG_PEER
@@ -201,6 +205,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3010
peer_group: MLAG_PEER
@@ -220,6 +225,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3019
peer_group: MLAG_PEER
@@ -239,6 +245,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3020
peer_group: MLAG_PEER
@@ -258,6 +265,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan2
peer_group: MLAG_PEER
@@ -277,6 +285,7 @@ router_bgp:
router_id: 192.168.255.9
redistribute_routes:
- source_protocol: connected
+ route_map: RM-CONN-2-BGP-VRFS
neighbor_interfaces:
- name: Vlan3030
peer_group: MLAG_PEER
diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md
index f73658d5a14..27b6d017c0a 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md
+++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/network-services-vrfs-settings.md
@@ -10,7 +10,7 @@
| [<network_services_keys.name>](## "") | List, items: Dictionary | | | | |
| [ - name](## ".[].name") | String | Required, Unique | | | Specify a tenant name.
Tenant provide a construct to group L3 VRFs and L2 VLANs.
Networks services can be filtered by tenant name.
|
| [ enable_mlag_ibgp_peering_vrfs](## ".[].enable_mlag_ibgp_peering_vrfs") | Boolean | | | | MLAG iBGP peering per VRF.
By default an iBGP peering is configured per VRF between MLAG peers on separate VLANs.
Setting `enable_mlag_ibgp_peering_vrfs` false under a tenant will change this default to prevent configuration of these peerings and VLANs for all VRFs in the tenant.
This setting can be overridden per VRF.
|
- | [ redistribute_mlag_ibgp_peering_vrfs](## ".[].redistribute_mlag_ibgp_peering_vrfs") | Boolean | | `True` | | Redistribute the connected subnet for the MLAG iBGP peering per VRF into overlay BGP.
By default the iBGP peering subnet is redistributed into the overlay routing protocol per VRF.
Setting `redistribute_mlag_ibgp_peering_vrfs: false` under a tenant will change this default to prevent redistribution of these subnets for all VRFs in the tenant.
This setting can be overridden per VRF.
|
+ | [ redistribute_mlag_ibgp_peering_vrfs](## ".[].redistribute_mlag_ibgp_peering_vrfs") | Boolean | | `False` | | Redistribute the connected subnet for the MLAG iBGP peering per VRF into overlay BGP.
By default the iBGP peering subnet is not redistributed into the overlay routing protocol per VRF.
Setting `redistribute_mlag_ibgp_peering_vrfs: true` under a tenant will change this default to redistribution of these subnets for all VRFs in the tenant.
This setting can be overridden per VRF.
|
| [ vrfs](## ".[].vrfs") | List, items: Dictionary | | | | VRFs will only be configured on a node if any of the underlying objects like `svis` or `l3_interfaces` apply to the node.
It is recommended to only define a VRF in one Tenant. If the same VRF name is used across multiple tenants and those tenants
are accepted by `filter.tenants` on the node, any object set under the duplicate VRFs must either be unique or be an exact match.
VRF "default" is partially supported under network-services. Currently the supported options for "default" vrf are route-target,
route-distinguisher settings, structured_config, raw_eos_cli in bgp and SVIs are the only supported interface type.
Vlan-aware-bundles are supported as well inside default vrf. OSPF is not supported currently.
|
| [ - name](## ".[].vrfs.[].name") | String | Required, Unique | | | |
| [ address_families](## ".[].vrfs.[].address_families") | List, items: String | | | | |
@@ -26,7 +26,7 @@
| [ source_interface](## ".[].vrfs.[].ip_helpers.[].source_interface") | String | | | | Interface name. |
| [ source_vrf](## ".[].vrfs.[].ip_helpers.[].source_vrf") | String | | | | VRF to originate DHCP relay packets to DHCP server. If not set, uses current VRF. |
| [ enable_mlag_ibgp_peering_vrfs](## ".[].vrfs.[].enable_mlag_ibgp_peering_vrfs") | Boolean | | | | MLAG iBGP peering per VRF.
By default an iBGP peering is configured per VRF between MLAG peers on separate VLANs.
Setting `enable_mlag_ibgp_peering_vrfs: false` under a VRF will change this default and/or override the tenant-wide setting.
|
- | [ redistribute_mlag_ibgp_peering_vrfs](## ".[].vrfs.[].redistribute_mlag_ibgp_peering_vrfs") | Boolean | | `True` | | Redistribute the connected subnet for the MLAG iBGP peering per VRF into overlay BGP.
By default the iBGP peering subnet is redistributed into the overlay routing protocol per VRF.
Setting `redistribute_mlag_ibgp_peering_vrfs: false` under a VRF will change this default and/or override the tenant-wide setting.
|
+ | [ redistribute_mlag_ibgp_peering_vrfs](## ".[].vrfs.[].redistribute_mlag_ibgp_peering_vrfs") | Boolean | | `False` | | Redistribute the connected subnet for the MLAG iBGP peering per VRF into overlay BGP.
By default the iBGP peering subnet is not redistributed into the overlay routing protocol per VRF.
Setting `redistribute_mlag_ibgp_peering_vrfs: true` under a VRF will change this default and/or override the tenant-wide setting.
|
| [ mlag_ibgp_peering_vlan](## ".[].vrfs.[].mlag_ibgp_peering_vlan") | Integer | | | Min: 1
Max: 4096 | Manually define the VLAN used on the MLAG pair for the iBGP session.
By default this parameter is calculated using the following formula: `` + `` - 1.
|
| [ vtep_diagnostic](## ".[].vrfs.[].vtep_diagnostic") | Dictionary | | | | Enable VTEP Network diagnostics.
This will create a loopback with virtual source-nat enable to perform diagnostics from the switch.
|
| [ loopback](## ".[].vrfs.[].vtep_diagnostic.loopback") | Integer | | | Min: 2
Max: 2100 | Loopback interface number, required when vtep_diagnotics defined.
|
@@ -90,10 +90,10 @@
enable_mlag_ibgp_peering_vrfs:
# Redistribute the connected subnet for the MLAG iBGP peering per VRF into overlay BGP.
- # By default the iBGP peering subnet is redistributed into the overlay routing protocol per VRF.
- # Setting `redistribute_mlag_ibgp_peering_vrfs: false` under a tenant will change this default to prevent redistribution of these subnets for all VRFs in the tenant.
+ # By default the iBGP peering subnet is not redistributed into the overlay routing protocol per VRF.
+ # Setting `redistribute_mlag_ibgp_peering_vrfs: true` under a tenant will change this default to redistribution of these subnets for all VRFs in the tenant.
# This setting can be overridden per VRF.
- redistribute_mlag_ibgp_peering_vrfs:
+ redistribute_mlag_ibgp_peering_vrfs:
# VRFs will only be configured on a node if any of the underlying objects like `svis` or `l3_interfaces` apply to the node.
#
@@ -164,9 +164,9 @@
enable_mlag_ibgp_peering_vrfs:
# Redistribute the connected subnet for the MLAG iBGP peering per VRF into overlay BGP.
- # By default the iBGP peering subnet is redistributed into the overlay routing protocol per VRF.
- # Setting `redistribute_mlag_ibgp_peering_vrfs: false` under a VRF will change this default and/or override the tenant-wide setting.
- redistribute_mlag_ibgp_peering_vrfs:
+ # By default the iBGP peering subnet is not redistributed into the overlay routing protocol per VRF.
+ # Setting `redistribute_mlag_ibgp_peering_vrfs: true` under a VRF will change this default and/or override the tenant-wide setting.
+ redistribute_mlag_ibgp_peering_vrfs:
# Manually define the VLAN used on the MLAG pair for the iBGP session.
# By default this parameter is calculated using the following formula: `` + `` - 1.
diff --git a/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml b/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml
index ec1386e2a08..75ab0847cb9 100644
--- a/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml
+++ b/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml
@@ -5894,16 +5894,16 @@ $defs:
documentation_options:
table: network-services-vrfs-settings
type: bool
- default: true
+ default: false
description: 'Redistribute the connected subnet for the MLAG iBGP peering
per VRF into overlay BGP.
- By default the iBGP peering subnet is redistributed into the overlay routing
- protocol per VRF.
+ By default the iBGP peering subnet is not redistributed into the overlay
+ routing protocol per VRF.
- Setting `redistribute_mlag_ibgp_peering_vrfs: false` under a tenant will
- change this default to prevent redistribution of these subnets for all
- VRFs in the tenant.
+ Setting `redistribute_mlag_ibgp_peering_vrfs: true` under a tenant will
+ change this default to redistribution of these subnets for all VRFs in
+ the tenant.
This setting can be overridden per VRF.
@@ -6307,14 +6307,14 @@ $defs:
'
redistribute_mlag_ibgp_peering_vrfs:
type: bool
- default: true
+ default: false
description: 'Redistribute the connected subnet for the MLAG iBGP
peering per VRF into overlay BGP.
- By default the iBGP peering subnet is redistributed into the overlay
- routing protocol per VRF.
+ By default the iBGP peering subnet is not redistributed into the
+ overlay routing protocol per VRF.
- Setting `redistribute_mlag_ibgp_peering_vrfs: false` under a VRF
+ Setting `redistribute_mlag_ibgp_peering_vrfs: true` under a VRF
will change this default and/or override the tenant-wide setting.
'
diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml
index ec12b299d3f..f65ace97ef1 100644
--- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml
+++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_network_services.schema.yml
@@ -71,11 +71,11 @@ $defs:
documentation_options:
table: network-services-vrfs-settings
type: bool
- default: true
+ default: false
description: |
Redistribute the connected subnet for the MLAG iBGP peering per VRF into overlay BGP.
- By default the iBGP peering subnet is redistributed into the overlay routing protocol per VRF.
- Setting `redistribute_mlag_ibgp_peering_vrfs: false` under a tenant will change this default to prevent redistribution of these subnets for all VRFs in the tenant.
+ By default the iBGP peering subnet is not redistributed into the overlay routing protocol per VRF.
+ Setting `redistribute_mlag_ibgp_peering_vrfs: true` under a tenant will change this default to redistribution of these subnets for all VRFs in the tenant.
This setting can be overridden per VRF.
evpn_vlan_bundle:
type: str
@@ -395,11 +395,11 @@ $defs:
Setting `enable_mlag_ibgp_peering_vrfs: false` under a VRF will change this default and/or override the tenant-wide setting.
redistribute_mlag_ibgp_peering_vrfs:
type: bool
- default: true
+ default: false
description: |
Redistribute the connected subnet for the MLAG iBGP peering per VRF into overlay BGP.
- By default the iBGP peering subnet is redistributed into the overlay routing protocol per VRF.
- Setting `redistribute_mlag_ibgp_peering_vrfs: false` under a VRF will change this default and/or override the tenant-wide setting.
+ By default the iBGP peering subnet is not redistributed into the overlay routing protocol per VRF.
+ Setting `redistribute_mlag_ibgp_peering_vrfs: true` under a VRF will change this default and/or override the tenant-wide setting.
mlag_ibgp_peering_vlan:
type: int
convert_types:
diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py
index 67adad6a35c..a454e939b79 100644
--- a/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py
+++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/utils.py
@@ -172,7 +172,7 @@ def _mlag_ibgp_peering_redistribute(self: AvdStructuredConfigNetworkServices, vr
Does _not_ include checks if the peering is enabled at all, so that should be checked first.
"""
- return default(vrf.get("redistribute_mlag_ibgp_peering_vrfs"), tenant.get("redistribute_mlag_ibgp_peering_vrfs"), True) is True # noqa: FBT003
+ return default(vrf.get("redistribute_mlag_ibgp_peering_vrfs"), tenant.get("redistribute_mlag_ibgp_peering_vrfs"), False) is True # noqa: FBT003
@cached_property
def _configure_bgp_mlag_peer_group(self: AvdStructuredConfigNetworkServices) -> bool: