EVPN designs: EBGP over EBGP

EVPN/ebgp-ebgp/README.md

@@ -0,0 +1,15 @@
+# EVPN Designs: EBGP Everywhere
+
+This directory contains the lab topology described in the [EVPN Designs:
+EBGP-over-EBGP ](https://blog.ipspace.net/2024/10/evpn-designs-ebgp-ebgp/) blog
+post. The switches run EBGP (IPv4 AF) on physical interfaces and EBGP (EVPN AF)
+between lopback interfaces advertised via EBGP IIPv4 AF.
+
+![](http://blog.ipspace.net/2024/04/evpn-design-fabric.png)
+
+The lab topology uses a custom EBGP ECMP configuration template that is provided
+for Arista EOS and FRRouting and reports a warning if you're using another
+device for the leaf switches.
+
+If you need a similar template for another platform, please add the
+configuration template to the `ebgp.ecmp` directory and submit a Pull Request.

EVPN/ebgp-ebgp/check.config/plugin.py

@@ -0,0 +1,54 @@
+import os
+
+from netsim import __version__
+from netsim.utils import log, files as _files,strings
+from netsim import data
+
+from box import Box
+
+def init(topology: Box) -> None:
+  if __version__ >= '1.9.2':
+    return
+
+  if topology.defaults.device not in ['eos','frr']:
+    log.error(
+      f'EBGP ECMP configuration is not available for device {topology.defaults.device}',
+      category=Warning,
+      module='custom')
+    topology.groups.get('leafs',{}).pop('config',None)
+
+def cleanup(topology: Box) -> None:
+  missing = data.get_empty_box()
+  for ndata in topology.nodes.values():
+    if not 'config' in ndata:
+      continue
+
+    candidate_files = [ 
+      f'{ndata.name}.{ndata.device}.j2',
+      f'{ndata.name}.j2',
+      f'{ndata.device}.j2' ]
+
+    for cfg in list(ndata.config):
+      for cfg_candidate in candidate_files:
+        cfg_file = _files.find_file(f'{cfg}/{cfg_candidate}',topology.defaults.paths.custom.dirs)
+
+        if cfg_file:
+          break
+
+      if cfg_file:
+        break
+
+      cfg_id = strings.make_id(cfg)
+      missing[cfg_id].item = cfg
+      data.append_to_list(missing[cfg_id].devices,ndata.device,ndata.name)
+      ndata.config = [ f for f in ndata.config if f != cfg ]
+
+  hint = "You will have to configure the missing functionality yourself"
+  for m_config in missing.values():
+    for m_device,m_nodes in m_config.devices.items():
+      log.error(
+        f'Custom configuration {m_config.item} is missing for device {m_device} (nodes {",".join(m_nodes)})',
+        category=Warning,
+        more_hints=hint,
+        module='check.config')
+      hint = None

EVPN/ebgp-ebgp/ebgp.ecmp/eos.j2

@@ -0,0 +1,2 @@
+router bgp {{ bgp.as }}
+  maximum-paths 8

EVPN/ebgp-ebgp/ebgp.ecmp/frr.j2

@@ -0,0 +1,3 @@
+router bgp {{ bgp.as }}
+ address-family ipv4
+  maximum-paths 8

EVPN/ebgp-ebgp/eos/L1.cfg

@@ -0,0 +1,139 @@
+! Command: show running-config
+! device: L1 (cEOSLab, EOS-4.32.1F-37265360.4321F (engineering build))
+!
+no aaa root
+!
+username admin privilege 15 role network-admin secret sha512 $6$8zlEPlRLYcVt8Wuy$9VEfovVNcRwriOHt7cfL2PKfNa7VLbru/OcrLLfLnNmle.9msxj.hu4ut6MpbkHySG9UFiN8EsUK0lPhXFdq//
+!
+transceiver qsfp default-mode 4x10G
+!
+service routing protocols model multi-agent
+!
+logging monitor debugging
+!
+hostname L1
+ip host H1 172.16.0.7
+ip host H2 172.16.0.8
+ip host H3 172.16.1.9
+ip host H4 172.16.1.10
+ip host L2 10.0.0.2
+ip host L3 10.0.0.3
+ip host L4 10.0.0.4
+ip host S1 10.0.0.5
+ip host S2 10.0.0.6
+!
+spanning-tree mode mstp
+!
+system l1
+   unsupported speed action error
+   unsupported error-correction action error
+!
+vlan 1000
+   name orange
+!
+vrf instance management
+!
+management api http-commands
+   no shutdown
+   !
+   vrf management
+      no shutdown
+!
+management api gnmi
+   transport grpc default
+      vrf management
+!
+management api netconf
+   transport ssh default
+      vrf management
+!
+aaa authorization exec default local
+!
+interface Ethernet1
+   description L1 -> S1 [external]
+   mac-address 52:dc:ca:fe:01:01
+   no switchport
+   ip address unnumbered Loopback0
+   ipv6 enable
+   ipv6 nd ra interval msec 5000
+!
+interface Ethernet2
+   description L1 -> S2 [external]
+   mac-address 52:dc:ca:fe:01:02
+   no switchport
+   ip address unnumbered Loopback0
+   ipv6 enable
+   ipv6 nd ra interval msec 5000
+!
+interface Ethernet3
+   mac-address 52:dc:ca:fe:01:03
+   switchport access vlan 1000
+!
+interface Loopback0
+   ip address 10.0.0.1/32
+!
+interface Management0
+   vrf management
+   ip address 192.168.121.101/24
+   no lldp transmit
+   no lldp receive
+!
+interface Vlan1000
+   description VLAN orange (1000) -> [H1,H2,L3]
+!
+interface Vxlan1
+   vxlan source-interface Loopback0
+   vxlan udp-port 4789
+   vxlan vlan 1000 vni 101000
+!
+ip routing ipv6 interfaces 
+no ip routing vrf management
+!
+ipv6 unicast-routing
+!
+ip route vrf management 0.0.0.0/0 192.168.121.1
+!
+router bgp 65001
+   router-id 10.0.0.1
+   no bgp default ipv4-unicast
+   maximum-paths 8
+   bgp advertise-inactive
+   neighbor ebgp_intf_Ethernet1 peer group
+   neighbor ebgp_intf_Ethernet1 remote-as 65100
+   neighbor ebgp_intf_Ethernet1 description S1
+   neighbor ebgp_intf_Ethernet1 send-community standard extended large
+   neighbor ebgp_intf_Ethernet2 peer group
+   neighbor ebgp_intf_Ethernet2 remote-as 65100
+   neighbor ebgp_intf_Ethernet2 description S2
+   neighbor ebgp_intf_Ethernet2 send-community standard extended large
+   neighbor 10.0.0.5 remote-as 65100
+   neighbor 10.0.0.5 update-source Loopback0
+   neighbor 10.0.0.5 description S1
+   neighbor 10.0.0.5 ebgp-multihop
+   neighbor 10.0.0.5 send-community standard extended large
+   neighbor 10.0.0.6 remote-as 65100
+   neighbor 10.0.0.6 update-source Loopback0
+   neighbor 10.0.0.6 description S2
+   neighbor 10.0.0.6 ebgp-multihop
+   neighbor 10.0.0.6 send-community standard extended large
+   neighbor interface Et1 peer-group ebgp_intf_Ethernet1
+   neighbor interface Et2 peer-group ebgp_intf_Ethernet2
+   !
+   vlan 1000
+      rd 10.0.0.1:1000
+      route-target import 65000:1000
+      route-target export 65000:1000
+      redistribute learned
+   !
+   address-family evpn
+      neighbor 10.0.0.5 activate
+      neighbor 10.0.0.6 activate
+   !
+   address-family ipv4
+      neighbor ebgp_intf_Ethernet1 activate
+      neighbor ebgp_intf_Ethernet1 next-hop address-family ipv6 originate
+      neighbor ebgp_intf_Ethernet2 activate
+      neighbor ebgp_intf_Ethernet2 next-hop address-family ipv6 originate
+      network 10.0.0.1/32
+!
+end

EVPN/ebgp-ebgp/eos/L2.cfg

@@ -0,0 +1,139 @@
+! Command: show running-config
+! device: L2 (cEOSLab, EOS-4.32.1F-37265360.4321F (engineering build))
+!
+no aaa root
+!
+username admin privilege 15 role network-admin secret sha512 $6$woLsZ1ep0WnLCpVo$zZLzS3dJLon8QGz0JspdoErWEALPD42ELb8BITf5fikeiWGgUSG1Rbaz09LYQaCNEduTIMcWAsnC9fcuWcLSf1
+!
+transceiver qsfp default-mode 4x10G
+!
+service routing protocols model multi-agent
+!
+logging monitor debugging
+!
+hostname L2
+ip host H1 172.16.0.7
+ip host H2 172.16.0.8
+ip host H3 172.16.1.9
+ip host H4 172.16.1.10
+ip host L1 10.0.0.1
+ip host L3 10.0.0.3
+ip host L4 10.0.0.4
+ip host S1 10.0.0.5
+ip host S2 10.0.0.6
+!
+spanning-tree mode mstp
+!
+system l1
+   unsupported speed action error
+   unsupported error-correction action error
+!
+vlan 1001
+   name blue
+!
+vrf instance management
+!
+management api http-commands
+   no shutdown
+   !
+   vrf management
+      no shutdown
+!
+management api gnmi
+   transport grpc default
+      vrf management
+!
+management api netconf
+   transport ssh default
+      vrf management
+!
+aaa authorization exec default local
+!
+interface Ethernet1
+   description L2 -> S1 [external]
+   mac-address 52:dc:ca:fe:02:01
+   no switchport
+   ip address unnumbered Loopback0
+   ipv6 enable
+   ipv6 nd ra interval msec 5000
+!
+interface Ethernet2
+   description L2 -> S2 [external]
+   mac-address 52:dc:ca:fe:02:02
+   no switchport
+   ip address unnumbered Loopback0
+   ipv6 enable
+   ipv6 nd ra interval msec 5000
+!
+interface Ethernet3
+   mac-address 52:dc:ca:fe:02:03
+   switchport access vlan 1001
+!
+interface Loopback0
+   ip address 10.0.0.2/32
+!
+interface Management0
+   vrf management
+   ip address 192.168.121.102/24
+   no lldp transmit
+   no lldp receive
+!
+interface Vlan1001
+   description VLAN blue (1001) -> [H3,H4,L4]
+!
+interface Vxlan1
+   vxlan source-interface Loopback0
+   vxlan udp-port 4789
+   vxlan vlan 1001 vni 101001
+!
+ip routing ipv6 interfaces 
+no ip routing vrf management
+!
+ipv6 unicast-routing
+!
+ip route vrf management 0.0.0.0/0 192.168.121.1
+!
+router bgp 65002
+   router-id 10.0.0.2
+   no bgp default ipv4-unicast
+   maximum-paths 8
+   bgp advertise-inactive
+   neighbor ebgp_intf_Ethernet1 peer group
+   neighbor ebgp_intf_Ethernet1 remote-as 65100
+   neighbor ebgp_intf_Ethernet1 description S1
+   neighbor ebgp_intf_Ethernet1 send-community standard extended large
+   neighbor ebgp_intf_Ethernet2 peer group
+   neighbor ebgp_intf_Ethernet2 remote-as 65100
+   neighbor ebgp_intf_Ethernet2 description S2
+   neighbor ebgp_intf_Ethernet2 send-community standard extended large
+   neighbor 10.0.0.5 remote-as 65100
+   neighbor 10.0.0.5 update-source Loopback0
+   neighbor 10.0.0.5 description S1
+   neighbor 10.0.0.5 ebgp-multihop
+   neighbor 10.0.0.5 send-community standard extended large
+   neighbor 10.0.0.6 remote-as 65100
+   neighbor 10.0.0.6 update-source Loopback0
+   neighbor 10.0.0.6 description S2
+   neighbor 10.0.0.6 ebgp-multihop
+   neighbor 10.0.0.6 send-community standard extended large
+   neighbor interface Et1 peer-group ebgp_intf_Ethernet1
+   neighbor interface Et2 peer-group ebgp_intf_Ethernet2
+   !
+   vlan 1001
+      rd 10.0.0.2:1001
+      route-target import 65000:1001
+      route-target export 65000:1001
+      redistribute learned
+   !
+   address-family evpn
+      neighbor 10.0.0.5 activate
+      neighbor 10.0.0.6 activate
+   !
+   address-family ipv4
+      neighbor ebgp_intf_Ethernet1 activate
+      neighbor ebgp_intf_Ethernet1 next-hop address-family ipv6 originate
+      neighbor ebgp_intf_Ethernet2 activate
+      neighbor ebgp_intf_Ethernet2 next-hop address-family ipv6 originate
+      network 10.0.0.2/32
+!
+end