Input variables for eos_designs¶

This document describes the supported input variables for the role arista.avd.eos_designs.

Since several data models have changed between AVD versions 3.x and 4.x, it is recommended to study the Porting Guide for AVD 4.x.x for existing deployments.

The input variables are documented below in tables and YAML.

Note

All input variables are validated by a schema. If additional custom keys are desired, a key starting with an underscore _, will be ignored.

Warning

Available features and variables may vary by platforms, refer to documentation on arista.com for specifics.

Supported designs¶

eos_designs supports multiple options such as L3LS-EVPN with 3-stage or 5-stage, L2LS and MPLS. The sections below highlight these 3 topologies, but you can extend eos_designs to support your own topology by using node_type_keys to create your own node type.

Design type¶

By setting the design.type variable, the default node-types described in Node Type Variables will be used.

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`design`	Dictionary
`type`	String		`l3ls-evpn`	Valid Values: - l3ls-evpn - mpls - l2ls	By setting the design.type variable, the default node-types and templates described in these documents will be used.

design:
  type: <str>

3-stage clos topology support (Leaf & Spine)¶

The eos_designs role support various deployments with layer 3 leaf and spine (3-stage Clos) and optionally, with dedicated overlay controllers.
3 stage Clos fabric can be represented as spines, L3 leafs and L2 leafs, and also referred to as a “POD”.

See the following examples using the l3ls-evpn design:

5-stage clos topology support (Super Spine)¶

The eos_designs role support lager deployments with super-spines (5-stage Clos) and optionally, with dedicated overlay controllers.
5 stage Clos fabric can be represented as multiple leaf-spine structures (called PODs - Point of Delivery) interconnected by super-spines.
The logic to deploy every leaf-spine POD fabric remains unchanged.
Super-spines can be deployed as a single plane (typically chassis switches) or multiple planes.

Layer 2 Leaf Spine¶

The eos_designs role support various deployments with layer 2 leaf and spine. For example, routing may terminate at the spine level or an external L3 device.
The Clos fabric can be represented as L3 spines, spines, and leafs.

See the following examples using the l2ls design:

MPLS¶

The eos_designs role with the mpls design type supports any arbitrary physical mesh topology by combining and interconnecting different node types with the core_interfaces settings.

The following underlay routing protocols are supported:

ISIS-SR (default)
ISIS + LDP
ISIS-SR + LDP
OSPF + LDP

The following overlay routing protocols are supported:

IBGP (default)

Any node group of 2 or more rr-routers will form a Route Reflector cluster.

The MPLS design supports most fabric topology variables already supported by l3ls-evpn, barring the exceptions outlined below:

Connectivity is defined with the core_interfaces settings instead of Node type uplink settings.
No MLAG support.
No VXLAN support.
EVPN overlay settings are set with mpls_overlay_role and mpls_route_reflectors instead of evpn_role and evpn_route_servers.
No Inband Management support.

See the following example using the mpls design:

AVD example for a MPLS-VPN based WAN Network.

Fabric topology hierarchy¶

As per the diagram above, the topology hierarchy is the following:

fabric_name
- dc_name
  - pod_name

You must define the fabric_name variable and it must match the Ansible inventory group name covering all devices in scope of the fabric.

TableYAML

Variable	Type	Required	Description
`dc_name`	String		POD Name is used in: - Fabric Documentation (Optional, falls back to fabric_name) - SNMP Location: `snmp_settings.location` (Optional) - HER Overlay DC scoped flood lists: `overlay_her_flood_list_scope: dc` (Required)
`fabric_name`	String	Required	Fabric Name, required to match Ansible Group name covering all devices in the Fabric, must be an inventory group name.
`pod_name`	String		POD Name is used in: - Fabric Documentation (Optional, falls back to dc_name and then to fabric_name) - SNMP Location: `snmp_settings.location` (Optional) - VRF Loopbacks: `vtep_diagnostic.loopback_ip_pools.pod` (Required) Recommended to be common between Spines and Leafs within a POD (One l3ls topology).

dc_name: <str>
fabric_name: <str>
pod_name: <str>

Node Type Variables¶

The following tables provide information on the default node types that have been pre-defined in eos_designs for each design type.

To customize or create new node types, please refer to node type customization section.

L3LS EVPN¶

Node Type Key	Underlay Router	Uplink Type	Default EVPN Role	L2 Network Services	L3 Network Services	VTEP	MLAG Support	Connected Endpoints
super_spine	✅	p2p	none	✘	✘	✘	✘	✘
spine	✅	p2p	server	✘	✘	✘	✘	✘
l3leaf	✅	p2p	client	✅	✅	✅	✅	✅
l2leaf	✘	port-channel	none	✅	✘	✘	✅	✅
overlay_controller	✅	p2p	server	✘	✘	✘	✘	✘

L2LS¶

Node Type Key	Underlay Router	Uplink Type	Default EVPN Role	L2 Network Services	L3 Network Services	VTEP	MLAG Support	Connected Endpoints
l3spine	✅	p2p	none	✅	✅	✘	✅	✅
spine	✘	port-channel	none	✅	✘	✘	✅	✅
leaf	✘	port-channel	none	✅	✘	✘	✅	✅

MPLS¶

Node Type Key	Underlay Router	Uplink Type	Default Overlay Role	L2 Network Services	L3 Network Services	VTEP	MLAG Support	Connected Endpoints
p	✅	p2p	none	✘	✘	✘	✘	✘
rr	✅	p2p	server	✘	✘	✘	✘	✘
pe	✅	p2p	client	✅	✅	✅	✘	✅

Node type customization¶

AVD provides the capability to customize your node types, supporting a variety of designs.

Note

The default values will be overridden if defining this key, so it is recommended to copy the defaults and modify them.

Default value for design l3ls-evpn

node_type:keys:

  - key: spine
    type: spine
    default_evpn_role: server
    default_ptp_priority1: 20

  - key: l3leaf
    type: l3leaf
    connected_endpoints: true
    default_evpn_role: client
    default_ptp_priority1: 30
    mlag_support: true
    network_services:
      l2: true
      l3: true
    vtep: true

  - key: l2leaf
    type: l2leaf
    connected_endpoints: true
    mlag_support: true
    network_services:
      l2: true
    underlay_router: false
    uplink_type: port-channel

  - key: super_spine
    type: super-spine

  - key: overlay_controller
    type: overlay-controller
    default_evpn_role: server

Default value for design l2ls

node_type:keys:

  - key: l3spine
    type: l3spine
    connected_endpoints: true
    default_overlay_routing_protocol: none
    default_underlay_routing_protocol: none
    mlag_support: true
    network_services:
      l2: true
      l3: true

  - key: spine
    type: spine
    connected_endpoints: true
    mlag_support: true
    network_services:
      l2: true
    underlay_router: false
    uplink_type: port-channel

  - key: leaf
    type: leaf
    connected_endpoints: true
    mlag_support: true
    network_services:
      l2: true
    underlay_router: false
    uplink_type: port-channel

Default value for design mpls

node_type:keys:

  - key: p
    type: p
    default_mpls_overlay_role: none
    default_overlay_routing_protocol: ibgp
    default_underlay_routing_protocol: isis-sr
    mpls_lsr: true

  - key: pe
    type: pe
    connected_endpoints: true
    default_evpn_encapsulation: mpls
    default_evpn_role: client
    default_mpls_overlay_role: client
    default_overlay_address_families:
      - vpn-ipv4
    default_overlay_routing_protocol: ibgp
    default_underlay_routing_protocol: isis-sr
    mpls_lsr: true
    network_services:
      l1: true
      l2: true
      l3: true

  - key: rr
    type: rr
    default_evpn_encapsulation: mpls
    default_evpn_role: server
    default_mpls_overlay_role: server
    default_overlay_address_families:
      - vpn-ipv4
    default_overlay_routing_protocol: ibgp
    default_underlay_routing_protocol: isis-sr
    mpls_lsr: true

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`node_type_keys`	List, items: Dictionary				Define Node Type Keys, to specify the properties of each node type in the fabric. This allows for complete customization of the fabric layout and functionality. `node_type_keys` should be defined in top level group_var for the fabric. The default values will be overridden if defining this key, so it is recommended to copy the defaults and modify them.
`- key`	String	Required, Unique
`type`	String				Type value matching this node_type_key.
`connected_endpoints`	Boolean		`False`		Are endpoints connected to this node type.
`default_evpn_role`	String		`none`	Valid Values: - none - client - server	Default evpn_role. Can be overridden in topology vars.
`default_ptp_priority1`	Integer		`127`	Min: 0 Max: 255	Default PTP priority 1
`default_underlay_routing_protocol`	String		`ebgp`	Value is converted to lower case Valid Values: - ebgp - ibgp - ospf - ospf-ldp - isis - isis-sr - isis-ldp - isis-sr-ldp - none	Set the default underlay routing_protocol. Can be overridden by setting “underlay_routing_protocol” host/group_vars.
`default_overlay_routing_protocol`	String		`ebgp`	Value is converted to lower case Valid Values: - ebgp - ibgp - her - cvx - none	Set the default overlay routing_protocol. Can be overridden by setting “overlay_routing_protocol” host/group_vars.
`default_mpls_overlay_role`	String			Valid Values: - client - server - none	Set the default mpls overlay role. Acting role in overlay control plane.
`default_overlay_address_families`	List, items: String				Set the default overlay address families.
`- <str>`	String			Value is converted to lower case Valid Values: - evpn - vpn-ipv4 - vpn-ipv6
`default_evpn_encapsulation`	String			Value is converted to lower case Valid Values: - mpls - vxlan	Set the default evpn encapsulation.
`mlag_support`	Boolean		`False`		Can this node type support mlag.
`network_services`	Dictionary				Will network services be deployed on this node type.
`l1`	Boolean		`False`		??
`l2`	Boolean		`False`		Vlans
`l3`	Boolean		`False`		VRFs, SVIs (if l2 is true). Only supported with underlay_router.
`underlay_router`	Boolean		`True`		Is this node type a L3 device.
`uplink_type`	String		`p2p`	Valid Values: - p2p - port-channel	Uplinks must be p2p if “vtep” or “underlay_router” is true.
`vtep`	Boolean		`False`		Is this switch an EVPN VTEP.
`mpls_lsr`	Boolean		`False`		Is this switch an MPLS LSR.
`ip_addressing`	Dictionary				Override ip_addressing templates.
`python_module`	String				Custom Python Module to import for IP addressing.
`python_class_name`	String				Name of Custom Python Class to import for IP addressing.
`router_id`	String				Path to Custom J2 template.
`router_id_ipv6`	String				Path to Custom J2 template.
`mlag_ip_primary`	String				Path to Custom J2 template.
`mlag_ip_secondary`	String				Path to Custom J2 template.
`mlag_l3_ip_primary`	String				Path to Custom J2 template.
`mlag_l3_ip_secondary`	String				Path to Custom J2 template.
`mlag_ibgp_peering_ip_primary`	String				Path to Custom J2 template.
`mlag_ibgp_peering_ip_secondary`	String				Path to Custom J2 template.
`p2p_uplinks_ip`	String				Path to Custom J2 template.
`p2p_uplinks_peer_ip`	String				Path to Custom J2 template.
`vtep_ip_mlag`	String				Path to Custom J2 template.
`vtep_ip`	String				Path to Custom J2 template.
`interface_descriptions`	Dictionary				Override interface_descriptions templates If description templates use Jinja2, they have to strip whitespaces using {%- -%} on any code blocks.
`python_module`	String				Custom Python Module to import for interface descriptions.
`python_class_name`	String				Name of Custom Python Class to import for interface descriptions.
`underlay_ethernet_interfaces`	String				Path to Custom J2 template.
`underlay_port_channel_interfaces`	String				Path to Custom J2 template.
`mlag_ethernet_interfaces`	String				Path to Custom J2 template.
`mlag_port_channel_interfaces`	String				Path to Custom J2 template.
`connected_endpoints_ethernet_interfaces`	String				Path to Custom J2 template.
`connected_endpoints_port_channel_interfaces`	String				Path to Custom J2 template.
`overlay_loopback_interface`	String				Path to Custom J2 template.
`vtep_loopback_interface`	String				Path to Custom J2 template.

node_type_keys:
  - key: <str>
    type: <str>
    connected_endpoints: <bool>
    default_evpn_role: <str>
    default_ptp_priority1: <int>
    default_underlay_routing_protocol: <str>
    default_overlay_routing_protocol: <str>
    default_mpls_overlay_role: <str>
    default_overlay_address_families:
      - <str>
    default_evpn_encapsulation: <str>
    mlag_support: <bool>
    network_services:
      l1: <bool>
      l2: <bool>
      l3: <bool>
    underlay_router: <bool>
    uplink_type: <str>
    vtep: <bool>
    mpls_lsr: <bool>
    ip_addressing:
      python_module: <str>
      python_class_name: <str>
      router_id: <str>
      router_id_ipv6: <str>
      mlag_ip_primary: <str>
      mlag_ip_secondary: <str>
      mlag_l3_ip_primary: <str>
      mlag_l3_ip_secondary: <str>
      mlag_ibgp_peering_ip_primary: <str>
      mlag_ibgp_peering_ip_secondary: <str>
      p2p_uplinks_ip: <str>
      p2p_uplinks_peer_ip: <str>
      vtep_ip_mlag: <str>
      vtep_ip: <str>
    interface_descriptions:
      python_module: <str>
      python_class_name: <str>
      underlay_ethernet_interfaces: <str>
      underlay_port_channel_interfaces: <str>
      mlag_ethernet_interfaces: <str>
      mlag_port_channel_interfaces: <str>
      connected_endpoints_ethernet_interfaces: <str>
      connected_endpoints_port_channel_interfaces: <str>
      overlay_loopback_interface: <str>
      vtep_loopback_interface: <str>

Type setting¶

The type: variable needs to be defined for each device in the fabric.
This is leveraged to load the appropriate settings to generate the configuration.

Tip

The node type setting can be automatically derived from a switch name by defining the patterns in the default_node_types data model.

Type setting example

# Defined in SPINE.yml file
# Can also be set directly in your inventory file under spine group
type: spine

# Defined in L3LEAFS.yml
# Can also be set directly in your inventory file under l3leaf group
type: l3leaf

# Defined in L2LEAFS.yml
# Can also be set directly in your inventory file under l2leaf group
type: l2leaf

# Defined in SUPER-SPINES.yml
# Can also be set directly in your inventory file under super-spine group
type: super-spine

# Defined in ROUTE-SERVERS.yml
# Can also be set directly in your inventory file under route-server group
type: overlay-controller

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`type`	String			Valid Values: -	The `type:` variable needs to be defined for each device in the fabric. This is leveraged to load the appropriate template to generate the configuration.

type: <str>

Default node types settings¶

TableYAML

Variable	Type	Required	Description
`default_node_types`	List, items: Dictionary		Uses hostname matches against a regular expression to determine the node type.
`- node_type`	String	Required, Unique	Resulting node type when regex matches.
`match_hostnames`	List, items: String	Required	Regular expressions to match against hostnames.
`- <str>`	String	Required	Regex needs to match full hostname (i.e. is bounded by ^ and $ elements).

default_node_types:
  - node_type: <str>
    match_hostnames:
      - <str>

Node type settings¶

Node type settings are defined under the node_type_keys.key i.e spine:, l3leaf:, l2leaf: to configure management, underlay, overlay functionality.

Node type structure¶

All node types have the same structure based on defaults, node_group, node_group.node, node and all variables can be defined in any section and support inheritance like this:

Under node_type_keys.key:

defaults <- node_group <- node_group.node <- node

Tip

Define common node settings under defaults. This reduces user input requirements, limiting errors.

TableYAML

Variable	Type	Required	Description
`<node_type_keys.key>`	Dictionary
`defaults`	Dictionary		Define variables for all nodes of this type.
`node_groups`	List, items: Dictionary		Define variables related to all nodes part of this group.
`- group`	String	Required, Unique	The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’. The Node Group Name is also used for peer description on downstream switches’ uplinks.
`nodes`	List, items: Dictionary		Define variables per node.
`- name`	String	Required, Unique	The Node Name is used as “hostname”.
`nodes`	List, items: Dictionary		Define variables per node.
`- name`	String	Required, Unique	The Node Name is used as “hostname”.

<node_type_keys.key>:
  defaults:
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
  nodes:
    - name: <str>

Node type common configuration¶

Define your nodes, id, management and common configuration elements.

Tip

If a node is not deployed, leverage is_deployed: false to indicate the node as offline.

Info

A static unique identifier (id) is assigned to each device. This is leveraged to derive the IP address assignment from each summary defined in the Fabric Underlay and Overlay Topology Variables.

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`<node_type_keys.key>`	Dictionary
`defaults`	Dictionary				Define variables for all nodes of this type.
`id`	Integer				Unique identifier used for IP addressing and other algorithms.
`platform`	String				Arista platform family.
`mac_address`	String				Leverage to document management interface mac address.
`system_mac_address`	String				System MAC Address in this following format: “xx:xx:xx:xx:xx:xx”. Set to the same MAC address as available in “show version” on the device. “system_mac_address” can also be set directly as a hostvar. If both are set, the setting under node type settings takes precedence.
`serial_number`	String				Set to the Serial Number of the device. Only used for documentation purpose in the fabric documentation and part of the structured_config. “serial_number” can also be set directly as a hostvar. If both are set, the setting under node type settings takes precedence.
`rack`	String				Rack that the switch is located in (only used in snmp_settings location).
`mgmt_ip`	String			Format: cidr	Node management interface IPv4 address.
`ipv6_mgmt_ip`	String			Format: cidr	Node management interface IPv6 address.
`mgmt_interface`	String				Management Interface Name. Default -> platform_management_interface -> mgmt_interface -> “Management1”.
`lacp_port_id_range`	Dictionary				This will generate the “lacp port-id range”, “begin” and “end” values based on node “id” and the number of nodes in the “node_group”. Unique LACP port-id ranges are recommended for EVPN Multihoming designs.
`enabled`	Boolean		`False`
`size`	Integer		`128`		Recommended size > = number of ports in the switch.
`offset`	Integer		`0`		Offset is used to avoid overlapping port-id ranges of different switches. Useful when a “connected-endpoint” is connected to switches in different “node_groups”.
`always_configure_ip_routing`	Boolean		`False`		Force configuration of “ip routing” even on L2 devices. Use this to retain behavior of AVD versions below 4.0.0.
`raw_eos_cli`	String				EOS CLI rendered directly on the root level of the final EOS configuration.
`structured_config`	Dictionary				Custom structured config for eos_cli_config_gen.
`node_groups`	List, items: Dictionary				Define variables related to all nodes part of this group.
`- group`	String	Required, Unique			The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’. The Node Group Name is also used for peer description on downstream switches’ uplinks.
`nodes`	List, items: Dictionary				Define variables per node.
`- name`	String	Required, Unique			The Node Name is used as “hostname”.
`id`	Integer				Unique identifier used for IP addressing and other algorithms.
`platform`	String				Arista platform family.
`mac_address`	String				Leverage to document management interface mac address.
`system_mac_address`	String				System MAC Address in this following format: “xx:xx:xx:xx:xx:xx”. Set to the same MAC address as available in “show version” on the device. “system_mac_address” can also be set directly as a hostvar. If both are set, the setting under node type settings takes precedence.
`serial_number`	String				Set to the Serial Number of the device. Only used for documentation purpose in the fabric documentation and part of the structured_config. “serial_number” can also be set directly as a hostvar. If both are set, the setting under node type settings takes precedence.
`rack`	String				Rack that the switch is located in (only used in snmp_settings location).
`mgmt_ip`	String			Format: cidr	Node management interface IPv4 address.
`ipv6_mgmt_ip`	String			Format: cidr	Node management interface IPv6 address.
`mgmt_interface`	String				Management Interface Name. Default -> platform_management_interface -> mgmt_interface -> “Management1”.
`lacp_port_id_range`	Dictionary				This will generate the “lacp port-id range”, “begin” and “end” values based on node “id” and the number of nodes in the “node_group”. Unique LACP port-id ranges are recommended for EVPN Multihoming designs.
`enabled`	Boolean		`False`
`size`	Integer		`128`		Recommended size > = number of ports in the switch.
`offset`	Integer		`0`		Offset is used to avoid overlapping port-id ranges of different switches. Useful when a “connected-endpoint” is connected to switches in different “node_groups”.
`always_configure_ip_routing`	Boolean		`False`		Force configuration of “ip routing” even on L2 devices. Use this to retain behavior of AVD versions below 4.0.0.
`raw_eos_cli`	String				EOS CLI rendered directly on the root level of the final EOS configuration.
`structured_config`	Dictionary				Custom structured config for eos_cli_config_gen.
`id`	Integer				Unique identifier used for IP addressing and other algorithms.
`platform`	String				Arista platform family.
`mac_address`	String				Leverage to document management interface mac address.
`system_mac_address`	String				System MAC Address in this following format: “xx:xx:xx:xx:xx:xx”. Set to the same MAC address as available in “show version” on the device. “system_mac_address” can also be set directly as a hostvar. If both are set, the setting under node type settings takes precedence.
`serial_number`	String				Set to the Serial Number of the device. Only used for documentation purpose in the fabric documentation and part of the structured_config. “serial_number” can also be set directly as a hostvar. If both are set, the setting under node type settings takes precedence.
`rack`	String				Rack that the switch is located in (only used in snmp_settings location).
`mgmt_ip`	String			Format: cidr	Node management interface IPv4 address.
`ipv6_mgmt_ip`	String			Format: cidr	Node management interface IPv6 address.
`mgmt_interface`	String				Management Interface Name. Default -> platform_management_interface -> mgmt_interface -> “Management1”.
`lacp_port_id_range`	Dictionary				This will generate the “lacp port-id range”, “begin” and “end” values based on node “id” and the number of nodes in the “node_group”. Unique LACP port-id ranges are recommended for EVPN Multihoming designs.
`enabled`	Boolean		`False`
`size`	Integer		`128`		Recommended size > = number of ports in the switch.
`offset`	Integer		`0`		Offset is used to avoid overlapping port-id ranges of different switches. Useful when a “connected-endpoint” is connected to switches in different “node_groups”.
`always_configure_ip_routing`	Boolean		`False`		Force configuration of “ip routing” even on L2 devices. Use this to retain behavior of AVD versions below 4.0.0.
`raw_eos_cli`	String				EOS CLI rendered directly on the root level of the final EOS configuration.
`structured_config`	Dictionary				Custom structured config for eos_cli_config_gen.
`nodes`	List, items: Dictionary				Define variables per node.
`- name`	String	Required, Unique			The Node Name is used as “hostname”.
`id`	Integer				Unique identifier used for IP addressing and other algorithms.
`platform`	String				Arista platform family.
`mac_address`	String				Leverage to document management interface mac address.
`system_mac_address`	String				System MAC Address in this following format: “xx:xx:xx:xx:xx:xx”. Set to the same MAC address as available in “show version” on the device. “system_mac_address” can also be set directly as a hostvar. If both are set, the setting under node type settings takes precedence.
`serial_number`	String				Set to the Serial Number of the device. Only used for documentation purpose in the fabric documentation and part of the structured_config. “serial_number” can also be set directly as a hostvar. If both are set, the setting under node type settings takes precedence.
`rack`	String				Rack that the switch is located in (only used in snmp_settings location).
`mgmt_ip`	String			Format: cidr	Node management interface IPv4 address.
`ipv6_mgmt_ip`	String			Format: cidr	Node management interface IPv6 address.
`mgmt_interface`	String				Management Interface Name. Default -> platform_management_interface -> mgmt_interface -> “Management1”.
`lacp_port_id_range`	Dictionary				This will generate the “lacp port-id range”, “begin” and “end” values based on node “id” and the number of nodes in the “node_group”. Unique LACP port-id ranges are recommended for EVPN Multihoming designs.
`enabled`	Boolean		`False`
`size`	Integer		`128`		Recommended size > = number of ports in the switch.
`offset`	Integer		`0`		Offset is used to avoid overlapping port-id ranges of different switches. Useful when a “connected-endpoint” is connected to switches in different “node_groups”.
`always_configure_ip_routing`	Boolean		`False`		Force configuration of “ip routing” even on L2 devices. Use this to retain behavior of AVD versions below 4.0.0.
`raw_eos_cli`	String				EOS CLI rendered directly on the root level of the final EOS configuration.
`structured_config`	Dictionary				Custom structured config for eos_cli_config_gen.

<node_type_keys.key>:
  defaults:
    id: <int>
    platform: <str>
    mac_address: <str>
    system_mac_address: <str>
    serial_number: <str>
    rack: <str>
    mgmt_ip: <str>
    ipv6_mgmt_ip: <str>
    mgmt_interface: <str>
    lacp_port_id_range:
      enabled: <bool>
      size: <int>
      offset: <int>
    always_configure_ip_routing: <bool>
    raw_eos_cli: <str>
    structured_config: <dict>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          id: <int>
          platform: <str>
          mac_address: <str>
          system_mac_address: <str>
          serial_number: <str>
          rack: <str>
          mgmt_ip: <str>
          ipv6_mgmt_ip: <str>
          mgmt_interface: <str>
          lacp_port_id_range:
            enabled: <bool>
            size: <int>
            offset: <int>
          always_configure_ip_routing: <bool>
          raw_eos_cli: <str>
          structured_config: <dict>
      id: <int>
      platform: <str>
      mac_address: <str>
      system_mac_address: <str>
      serial_number: <str>
      rack: <str>
      mgmt_ip: <str>
      ipv6_mgmt_ip: <str>
      mgmt_interface: <str>
      lacp_port_id_range:
        enabled: <bool>
        size: <int>
        offset: <int>
      always_configure_ip_routing: <bool>
      raw_eos_cli: <str>
      structured_config: <dict>
  nodes:
    - name: <str>
      id: <int>
      platform: <str>
      mac_address: <str>
      system_mac_address: <str>
      serial_number: <str>
      rack: <str>
      mgmt_ip: <str>
      ipv6_mgmt_ip: <str>
      mgmt_interface: <str>
      lacp_port_id_range:
        enabled: <bool>
        size: <int>
        offset: <int>
      always_configure_ip_routing: <bool>
      raw_eos_cli: <str>
      structured_config: <dict>

Node type inband management¶

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`<node_type_keys.key>`	Dictionary
`defaults`	Dictionary				Define variables for all nodes of this type.
`inband_mgmt_interface`	String				Pointer to interface used for inband management. All configuration must be done using other data models like network services or structured_config. ‘inband_mgmt_interface’ is only used to refer to this interface as source in various management protocol settings (future feature). On L2 switches, this defaults to Vlan if either ‘inband_mgmt_subnet’ or ‘inband_mgmt_ip’ is set.
`inband_mgmt_vlan`	Integer		`4092`		VLAN number used for inband management on L2 switches (switches using port-channel trunks as uplinks). When using ‘inband_mgmt_subnet’ the VLAN and SVIs will be created automatically on this switch as well as all ‘uplink_switches’. When using ‘inband_mgmt_ip’ the VLAN and SVI will only be created on this device and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models.
`inband_mgmt_subnet`	String			Format: ipv4_cidr	Optional IP subnet assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks). Parent l3leafs will have SVI with “ip virtual-router” and host-route injection based on ARP. This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension. SVI IP address will be assigned as follows: virtual-router: + 1 l3leaf A : + 2 (same IP on all l3leaf A) l3leaf B : + 3 (same IP on all l3leaf B) l2leafs : + 3 + GW on l2leafs : + 1 Assign range larger than total l2leafs + 5 Setting is ignored if ‘inband_mgmt_ip’ is set. This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
`inband_mgmt_ip`	String			Format: ipv4_cidr	IP address assigned to the inband management interface set with ‘inband_mgmt_vlan’. This overrides ‘inband_mgmt_subnet’, hence all behavior of ‘inband_mgmt_subnet’ is removed. If this is set the VLAN and SVI will only be created on the L2 switch and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models. This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
`inband_mgmt_gateway`	String			Format: ipv4	Default gateway configured in the ‘inband_mgmt_vrf’ when using ‘inband_mgmt_ip’. Otherwise gateway is derived from ‘inband_mgmt_subnet’ if set. This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
`inband_mgmt_description`	String		`Inband Management`		Description configured on the Inband Management SVI. This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
`inband_mgmt_vlan_name`	String		`Inband Management`		Name configured on the Inband Management VLAN. This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
`inband_mgmt_vrf`	String		`default`		VRF configured on the Inband Management Interface. The VRF is created if not already created by other means. This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
`inband_mgmt_mtu`	Integer		`1500`		MTU configured on the Inband Management Interface. This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
`inband_management_subnet` deprecated	String			Format: ipv4_cidr	Optional IP subnet assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks). Parent l3leafs will have SVI with “ip virtual-router” and host-route injection based on ARP. This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension. SVI IP address will be assigned as follows: virtual-router: + 1 l3leaf A : + 2 (same IP on all l3leaf A) l3leaf B : + 3 (same IP on all l3leaf B) l2leafs : + 3 + GW on l2leafs : + 1 Assign range larger than total l2leafs + 5 Setting is ignored if ‘inband_mgmt_ip’ is set. This setting is applicable to L2 switches (switches using port-channel trunks as uplinks). This key is deprecated. Support will be removed in AVD version 5.0.0. Use `inband_mgmt_subnet` instead.
`inband_management_vlan` deprecated	Integer		`4092`		VLAN number used for inband management on L2 switches (switches using port-channel trunks as uplinks). When using ‘inband_mgmt_subnet’ the VLAN and SVIs will be created automatically on this switch as well as all ‘uplink_switches’. When using ‘inband_mgmt_ip’ the VLAN and SVI will only be created on this device and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models.This key is deprecated. Support will be removed in AVD version 5.0.0. Use `inband_mgmt_vlan` instead.
`node_groups`	List, items: Dictionary				Define variables related to all nodes part of this group.
`- group`	String	Required, Unique			The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’. The Node Group Name is also used for peer description on downstream switches’ uplinks.
`nodes`	List, items: Dictionary				Define variables per node.
`- name`	String	Required, Unique			The Node Name is used as “hostname”.
`inband_mgmt_interface`	String				Pointer to interface used for inband management. All configuration must be done using other data models like network services or structured_config. ‘inband_mgmt_interface’ is only used to refer to this interface as source in various management protocol settings (future feature). On L2 switches, this defaults to Vlan if either ‘inband_mgmt_subnet’ or ‘inband_mgmt_ip’ is set.
`inband_mgmt_vlan`	Integer		`4092`		VLAN number used for inband management on L2 switches (switches using port-channel trunks as uplinks). When using ‘inband_mgmt_subnet’ the VLAN and SVIs will be created automatically on this switch as well as all ‘uplink_switches’. When using ‘inband_mgmt_ip’ the VLAN and SVI will only be created on this device and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models.
`inband_mgmt_subnet`	String			Format: ipv4_cidr	Optional IP subnet assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks). Parent l3leafs will have SVI with “ip virtual-router” and host-route injection based on ARP. This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension. SVI IP address will be assigned as follows: virtual-router: + 1 l3leaf A : + 2 (same IP on all l3leaf A) l3leaf B : + 3 (same IP on all l3leaf B) l2leafs : + 3 + GW on l2leafs : + 1 Assign range larger than total l2leafs + 5 Setting is ignored if ‘inband_mgmt_ip’ is set. This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
`inband_mgmt_ip`	String			Format: ipv4_cidr	IP address assigned to the inband management interface set with ‘inband_mgmt_vlan’. This overrides ‘inband_mgmt_subnet’, hence all behavior of ‘inband_mgmt_subnet’ is removed. If this is set the VLAN and SVI will only be created on the L2 switch and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models. This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
`inband_mgmt_gateway`	String			Format: ipv4	Default gateway configured in the ‘inband_mgmt_vrf’ when using ‘inband_mgmt_ip’. Otherwise gateway is derived from ‘inband_mgmt_subnet’ if set. This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
`inband_mgmt_description`	String		`Inband Management`		Description configured on the Inband Management SVI. This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
`inband_mgmt_vlan_name`	String		`Inband Management`		Name configured on the Inband Management VLAN. This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
`inband_mgmt_vrf`	String		`default`		VRF configured on the Inband Management Interface. The VRF is created if not already created by other means. This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
`inband_mgmt_mtu`	Integer		`1500`		MTU configured on the Inband Management Interface. This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
`inband_management_subnet` deprecated	String			Format: ipv4_cidr	Optional IP subnet assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks). Parent l3leafs will have SVI with “ip virtual-router” and host-route injection based on ARP. This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension. SVI IP address will be assigned as follows: virtual-router: + 1 l3leaf A : + 2 (same IP on all l3leaf A) l3leaf B : + 3 (same IP on all l3leaf B) l2leafs : + 3 + GW on l2leafs : + 1 Assign range larger than total l2leafs + 5 Setting is ignored if ‘inband_mgmt_ip’ is set. This setting is applicable to L2 switches (switches using port-channel trunks as uplinks). This key is deprecated. Support will be removed in AVD version 5.0.0. Use `inband_mgmt_subnet` instead.
`inband_management_vlan` deprecated	Integer		`4092`		VLAN number used for inband management on L2 switches (switches using port-channel trunks as uplinks). When using ‘inband_mgmt_subnet’ the VLAN and SVIs will be created automatically on this switch as well as all ‘uplink_switches’. When using ‘inband_mgmt_ip’ the VLAN and SVI will only be created on this device and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models.This key is deprecated. Support will be removed in AVD version 5.0.0. Use `inband_mgmt_vlan` instead.
`inband_mgmt_interface`	String				Pointer to interface used for inband management. All configuration must be done using other data models like network services or structured_config. ‘inband_mgmt_interface’ is only used to refer to this interface as source in various management protocol settings (future feature). On L2 switches, this defaults to Vlan if either ‘inband_mgmt_subnet’ or ‘inband_mgmt_ip’ is set.
`inband_mgmt_vlan`	Integer		`4092`		VLAN number used for inband management on L2 switches (switches using port-channel trunks as uplinks). When using ‘inband_mgmt_subnet’ the VLAN and SVIs will be created automatically on this switch as well as all ‘uplink_switches’. When using ‘inband_mgmt_ip’ the VLAN and SVI will only be created on this device and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models.
`inband_mgmt_subnet`	String			Format: ipv4_cidr	Optional IP subnet assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks). Parent l3leafs will have SVI with “ip virtual-router” and host-route injection based on ARP. This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension. SVI IP address will be assigned as follows: virtual-router: + 1 l3leaf A : + 2 (same IP on all l3leaf A) l3leaf B : + 3 (same IP on all l3leaf B) l2leafs : + 3 + GW on l2leafs : + 1 Assign range larger than total l2leafs + 5 Setting is ignored if ‘inband_mgmt_ip’ is set. This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
`inband_mgmt_ip`	String			Format: ipv4_cidr	IP address assigned to the inband management interface set with ‘inband_mgmt_vlan’. This overrides ‘inband_mgmt_subnet’, hence all behavior of ‘inband_mgmt_subnet’ is removed. If this is set the VLAN and SVI will only be created on the L2 switch and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models. This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
`inband_mgmt_gateway`	String			Format: ipv4	Default gateway configured in the ‘inband_mgmt_vrf’ when using ‘inband_mgmt_ip’. Otherwise gateway is derived from ‘inband_mgmt_subnet’ if set. This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
`inband_mgmt_description`	String		`Inband Management`		Description configured on the Inband Management SVI. This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
`inband_mgmt_vlan_name`	String		`Inband Management`		Name configured on the Inband Management VLAN. This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
`inband_mgmt_vrf`	String		`default`		VRF configured on the Inband Management Interface. The VRF is created if not already created by other means. This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
`inband_mgmt_mtu`	Integer		`1500`		MTU configured on the Inband Management Interface. This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
`inband_management_subnet` deprecated	String			Format: ipv4_cidr	Optional IP subnet assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks). Parent l3leafs will have SVI with “ip virtual-router” and host-route injection based on ARP. This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension. SVI IP address will be assigned as follows: virtual-router: + 1 l3leaf A : + 2 (same IP on all l3leaf A) l3leaf B : + 3 (same IP on all l3leaf B) l2leafs : + 3 + GW on l2leafs : + 1 Assign range larger than total l2leafs + 5 Setting is ignored if ‘inband_mgmt_ip’ is set. This setting is applicable to L2 switches (switches using port-channel trunks as uplinks). This key is deprecated. Support will be removed in AVD version 5.0.0. Use `inband_mgmt_subnet` instead.
`inband_management_vlan` deprecated	Integer		`4092`		VLAN number used for inband management on L2 switches (switches using port-channel trunks as uplinks). When using ‘inband_mgmt_subnet’ the VLAN and SVIs will be created automatically on this switch as well as all ‘uplink_switches’. When using ‘inband_mgmt_ip’ the VLAN and SVI will only be created on this device and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models.This key is deprecated. Support will be removed in AVD version 5.0.0. Use `inband_mgmt_vlan` instead.
`nodes`	List, items: Dictionary				Define variables per node.
`- name`	String	Required, Unique			The Node Name is used as “hostname”.
`inband_mgmt_interface`	String				Pointer to interface used for inband management. All configuration must be done using other data models like network services or structured_config. ‘inband_mgmt_interface’ is only used to refer to this interface as source in various management protocol settings (future feature). On L2 switches, this defaults to Vlan if either ‘inband_mgmt_subnet’ or ‘inband_mgmt_ip’ is set.
`inband_mgmt_vlan`	Integer		`4092`		VLAN number used for inband management on L2 switches (switches using port-channel trunks as uplinks). When using ‘inband_mgmt_subnet’ the VLAN and SVIs will be created automatically on this switch as well as all ‘uplink_switches’. When using ‘inband_mgmt_ip’ the VLAN and SVI will only be created on this device and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models.
`inband_mgmt_subnet`	String			Format: ipv4_cidr	Optional IP subnet assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks). Parent l3leafs will have SVI with “ip virtual-router” and host-route injection based on ARP. This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension. SVI IP address will be assigned as follows: virtual-router: + 1 l3leaf A : + 2 (same IP on all l3leaf A) l3leaf B : + 3 (same IP on all l3leaf B) l2leafs : + 3 + GW on l2leafs : + 1 Assign range larger than total l2leafs + 5 Setting is ignored if ‘inband_mgmt_ip’ is set. This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
`inband_mgmt_ip`	String			Format: ipv4_cidr	IP address assigned to the inband management interface set with ‘inband_mgmt_vlan’. This overrides ‘inband_mgmt_subnet’, hence all behavior of ‘inband_mgmt_subnet’ is removed. If this is set the VLAN and SVI will only be created on the L2 switch and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models. This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
`inband_mgmt_gateway`	String			Format: ipv4	Default gateway configured in the ‘inband_mgmt_vrf’ when using ‘inband_mgmt_ip’. Otherwise gateway is derived from ‘inband_mgmt_subnet’ if set. This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
`inband_mgmt_description`	String		`Inband Management`		Description configured on the Inband Management SVI. This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
`inband_mgmt_vlan_name`	String		`Inband Management`		Name configured on the Inband Management VLAN. This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
`inband_mgmt_vrf`	String		`default`		VRF configured on the Inband Management Interface. The VRF is created if not already created by other means. This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
`inband_mgmt_mtu`	Integer		`1500`		MTU configured on the Inband Management Interface. This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
`inband_management_subnet` deprecated	String			Format: ipv4_cidr	Optional IP subnet assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks). Parent l3leafs will have SVI with “ip virtual-router” and host-route injection based on ARP. This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension. SVI IP address will be assigned as follows: virtual-router: + 1 l3leaf A : + 2 (same IP on all l3leaf A) l3leaf B : + 3 (same IP on all l3leaf B) l2leafs : + 3 + GW on l2leafs : + 1 Assign range larger than total l2leafs + 5 Setting is ignored if ‘inband_mgmt_ip’ is set. This setting is applicable to L2 switches (switches using port-channel trunks as uplinks). This key is deprecated. Support will be removed in AVD version 5.0.0. Use `inband_mgmt_subnet` instead.
`inband_management_vlan` deprecated	Integer		`4092`		VLAN number used for inband management on L2 switches (switches using port-channel trunks as uplinks). When using ‘inband_mgmt_subnet’ the VLAN and SVIs will be created automatically on this switch as well as all ‘uplink_switches’. When using ‘inband_mgmt_ip’ the VLAN and SVI will only be created on this device and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models.This key is deprecated. Support will be removed in AVD version 5.0.0. Use `inband_mgmt_vlan` instead.

<node_type_keys.key>:
  defaults:
    inband_mgmt_interface: <str>
    inband_mgmt_vlan: <int>
    inband_mgmt_subnet: <str>
    inband_mgmt_ip: <str>
    inband_mgmt_gateway: <str>
    inband_mgmt_description: <str>
    inband_mgmt_vlan_name: <str>
    inband_mgmt_vrf: <str>
    inband_mgmt_mtu: <int>
    inband_management_subnet: <str>
    inband_management_vlan: <int>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          inband_mgmt_interface: <str>
          inband_mgmt_vlan: <int>
          inband_mgmt_subnet: <str>
          inband_mgmt_ip: <str>
          inband_mgmt_gateway: <str>
          inband_mgmt_description: <str>
          inband_mgmt_vlan_name: <str>
          inband_mgmt_vrf: <str>
          inband_mgmt_mtu: <int>
          inband_management_subnet: <str>
          inband_management_vlan: <int>
      inband_mgmt_interface: <str>
      inband_mgmt_vlan: <int>
      inband_mgmt_subnet: <str>
      inband_mgmt_ip: <str>
      inband_mgmt_gateway: <str>
      inband_mgmt_description: <str>
      inband_mgmt_vlan_name: <str>
      inband_mgmt_vrf: <str>
      inband_mgmt_mtu: <int>
      inband_management_subnet: <str>
      inband_management_vlan: <int>
  nodes:
    - name: <str>
      inband_mgmt_interface: <str>
      inband_mgmt_vlan: <int>
      inband_mgmt_subnet: <str>
      inband_mgmt_ip: <str>
      inband_mgmt_gateway: <str>
      inband_mgmt_description: <str>
      inband_mgmt_vlan_name: <str>
      inband_mgmt_vrf: <str>
      inband_mgmt_mtu: <int>
      inband_management_subnet: <str>
      inband_management_vlan: <int>

Node type uplink management¶

Connectivity is defined from the child’s device perspective. Source uplink interfaces and parent interfaces are defined on the child.

Tip

Leverage default_interfaces data model to auto define uplink and downlink interfaces based on the node id.

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`<node_type_keys.key>`	Dictionary
`defaults`	Dictionary				Define variables for all nodes of this type.
`link_tracking`	Dictionary				This configures the Link Tracking Group on a switch as well as adds the p2p-uplinks of the switch as the upstream interfaces. Useful in EVPN multhoming designs.
`enabled`	Boolean		`False`
`groups`	List, items: Dictionary		`[{'name': 'LT_GROUP1'}]`		Link Tracking Groups. By default a single group named “LT_GROUP1” is defined with default values. Any groups defined under “groups” will replace the default.
`- name`	String				Tracking group name.
`recovery_delay`	Integer			Min: 0 Max: 3600	default -> platform_settings_mlag_reload_delay -> 300.
`links_minimum`	Integer			Min: 1 Max: 100000
`uplink_ipv4_pool`	String			Format: ipv4_cidr	IPv4 subnet to use to connect to uplink switches.
`uplink_interfaces`	List, items: String				Local uplink interfaces Each list item supports range syntax that can be expanded into a list of interfaces. If uplink_interfaces is not defined, platform-specific defaults (defined under default_interfaces) will be used instead. Please note that default_interfaces are not defined by default, you should define these yourself.
`- <str>`	String			Pattern: Ethernet[\d/]+
`uplink_switch_interfaces`	List, items: String				Interfaces located on uplink switches.
`- <str>`	String			Pattern: Ethernet[\d/]+
`uplink_switches`	List, items: String
`- <str>`	String	Required			Hostname of uplink switch. If parallel uplinks are in use, update max_parallel_uplinks below and specify each uplink switch multiple times. e.g. uplink_switches: [ ‘DC1-SPINE1’, ‘DC1-SPINE1’, ‘DC1-SPINE2’, ‘DC1-SPINE2’ ].
`uplink_interface_speed`	String				Set point-to-Point interface speed and will apply to uplink interfaces on both ends. interface_speed or forced interface_speed or auto interface_speed.
`max_uplink_switches`	Integer				Maximum number of uplink switches. Changing this value may change IP Addressing on uplinks. Can be used to reserve IP space for future expansions.
`max_parallel_uplinks`	Integer				Number of parallel links towards uplink switches. Changing this value may change interface naming on uplinks (and corresponding downlinks). Can be used to reserve interfaces for future parallel uplinks.
`uplink_bfd`	Boolean		`False`		Enable bfd on uplink interfaces.
`uplink_native_vlan`	Integer			Min: 1 Max: 4094	Only applicable to switches with layer-2 port-channel uplinks. A suspended (disabled) vlan will be created in both ends of the link unless the vlan is defined under network services. By default the uplink will not have a native_vlan configured, so EOS defaults to vlan 1.
`uplink_ptp`	Dictionary				Enable PTP on all infrastructure links.
`enable`	Boolean		`False`
`uplink_macsec`	Dictionary				Enable MacSec on all uplinks.
`profile`	String
`uplink_structured_config`	Dictionary				Custom structured config applied to “uplink_interfaces”, and “uplink_switch_interfaces”. When uplink_type == “p2p”, custom structured config added under ethernet_interfaces. for eos_cli_config_gen overrides the settings on the ethernet interface level. When uplink_type == “port-channel”, custom structured config added under port_channel_interfaces. for eos_cli_config_gen overrides the settings on the port-channel interface level. “uplink_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
`short_esi`	String				short_esi only valid for l2leaf devices using port-channel uplink. Setting short_esi to “auto” generates the short_esi automatically using a hash of configuration elements. < 0000:0000:0000
`node_groups`	List, items: Dictionary				Define variables related to all nodes part of this group.
`- group`	String	Required, Unique			The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’. The Node Group Name is also used for peer description on downstream switches’ uplinks.
`nodes`	List, items: Dictionary				Define variables per node.
`- name`	String	Required, Unique			The Node Name is used as “hostname”.
`link_tracking`	Dictionary				This configures the Link Tracking Group on a switch as well as adds the p2p-uplinks of the switch as the upstream interfaces. Useful in EVPN multhoming designs.
`enabled`	Boolean		`False`
`groups`	List, items: Dictionary		`[{'name': 'LT_GROUP1'}]`		Link Tracking Groups. By default a single group named “LT_GROUP1” is defined with default values. Any groups defined under “groups” will replace the default.
`- name`	String				Tracking group name.
`recovery_delay`	Integer			Min: 0 Max: 3600	default -> platform_settings_mlag_reload_delay -> 300.
`links_minimum`	Integer			Min: 1 Max: 100000
`uplink_ipv4_pool`	String			Format: ipv4_cidr	IPv4 subnet to use to connect to uplink switches.
`uplink_interfaces`	List, items: String				Local uplink interfaces Each list item supports range syntax that can be expanded into a list of interfaces. If uplink_interfaces is not defined, platform-specific defaults (defined under default_interfaces) will be used instead. Please note that default_interfaces are not defined by default, you should define these yourself.
`- <str>`	String			Pattern: Ethernet[\d/]+
`uplink_switch_interfaces`	List, items: String				Interfaces located on uplink switches.
`- <str>`	String			Pattern: Ethernet[\d/]+
`uplink_switches`	List, items: String
`- <str>`	String	Required			Hostname of uplink switch. If parallel uplinks are in use, update max_parallel_uplinks below and specify each uplink switch multiple times. e.g. uplink_switches: [ ‘DC1-SPINE1’, ‘DC1-SPINE1’, ‘DC1-SPINE2’, ‘DC1-SPINE2’ ].
`uplink_interface_speed`	String				Set point-to-Point interface speed and will apply to uplink interfaces on both ends. interface_speed or forced interface_speed or auto interface_speed.
`max_uplink_switches`	Integer				Maximum number of uplink switches. Changing this value may change IP Addressing on uplinks. Can be used to reserve IP space for future expansions.
`max_parallel_uplinks`	Integer				Number of parallel links towards uplink switches. Changing this value may change interface naming on uplinks (and corresponding downlinks). Can be used to reserve interfaces for future parallel uplinks.
`uplink_bfd`	Boolean		`False`		Enable bfd on uplink interfaces.
`uplink_native_vlan`	Integer			Min: 1 Max: 4094	Only applicable to switches with layer-2 port-channel uplinks. A suspended (disabled) vlan will be created in both ends of the link unless the vlan is defined under network services. By default the uplink will not have a native_vlan configured, so EOS defaults to vlan 1.
`uplink_ptp`	Dictionary				Enable PTP on all infrastructure links.
`enable`	Boolean		`False`
`uplink_macsec`	Dictionary				Enable MacSec on all uplinks.
`profile`	String
`uplink_structured_config`	Dictionary				Custom structured config applied to “uplink_interfaces”, and “uplink_switch_interfaces”. When uplink_type == “p2p”, custom structured config added under ethernet_interfaces. for eos_cli_config_gen overrides the settings on the ethernet interface level. When uplink_type == “port-channel”, custom structured config added under port_channel_interfaces. for eos_cli_config_gen overrides the settings on the port-channel interface level. “uplink_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
`short_esi`	String				short_esi only valid for l2leaf devices using port-channel uplink. Setting short_esi to “auto” generates the short_esi automatically using a hash of configuration elements. < 0000:0000:0000
`link_tracking`	Dictionary				This configures the Link Tracking Group on a switch as well as adds the p2p-uplinks of the switch as the upstream interfaces. Useful in EVPN multhoming designs.
`enabled`	Boolean		`False`
`groups`	List, items: Dictionary		`[{'name': 'LT_GROUP1'}]`		Link Tracking Groups. By default a single group named “LT_GROUP1” is defined with default values. Any groups defined under “groups” will replace the default.
`- name`	String				Tracking group name.
`recovery_delay`	Integer			Min: 0 Max: 3600	default -> platform_settings_mlag_reload_delay -> 300.
`links_minimum`	Integer			Min: 1 Max: 100000
`uplink_ipv4_pool`	String			Format: ipv4_cidr	IPv4 subnet to use to connect to uplink switches.
`uplink_interfaces`	List, items: String				Local uplink interfaces Each list item supports range syntax that can be expanded into a list of interfaces. If uplink_interfaces is not defined, platform-specific defaults (defined under default_interfaces) will be used instead. Please note that default_interfaces are not defined by default, you should define these yourself.
`- <str>`	String			Pattern: Ethernet[\d/]+
`uplink_switch_interfaces`	List, items: String				Interfaces located on uplink switches.
`- <str>`	String			Pattern: Ethernet[\d/]+
`uplink_switches`	List, items: String
`- <str>`	String	Required			Hostname of uplink switch. If parallel uplinks are in use, update max_parallel_uplinks below and specify each uplink switch multiple times. e.g. uplink_switches: [ ‘DC1-SPINE1’, ‘DC1-SPINE1’, ‘DC1-SPINE2’, ‘DC1-SPINE2’ ].
`uplink_interface_speed`	String				Set point-to-Point interface speed and will apply to uplink interfaces on both ends. interface_speed or forced interface_speed or auto interface_speed.
`max_uplink_switches`	Integer				Maximum number of uplink switches. Changing this value may change IP Addressing on uplinks. Can be used to reserve IP space for future expansions.
`max_parallel_uplinks`	Integer				Number of parallel links towards uplink switches. Changing this value may change interface naming on uplinks (and corresponding downlinks). Can be used to reserve interfaces for future parallel uplinks.
`uplink_bfd`	Boolean		`False`		Enable bfd on uplink interfaces.
`uplink_native_vlan`	Integer			Min: 1 Max: 4094	Only applicable to switches with layer-2 port-channel uplinks. A suspended (disabled) vlan will be created in both ends of the link unless the vlan is defined under network services. By default the uplink will not have a native_vlan configured, so EOS defaults to vlan 1.
`uplink_ptp`	Dictionary				Enable PTP on all infrastructure links.
`enable`	Boolean		`False`
`uplink_macsec`	Dictionary				Enable MacSec on all uplinks.
`profile`	String
`uplink_structured_config`	Dictionary				Custom structured config applied to “uplink_interfaces”, and “uplink_switch_interfaces”. When uplink_type == “p2p”, custom structured config added under ethernet_interfaces. for eos_cli_config_gen overrides the settings on the ethernet interface level. When uplink_type == “port-channel”, custom structured config added under port_channel_interfaces. for eos_cli_config_gen overrides the settings on the port-channel interface level. “uplink_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
`short_esi`	String				short_esi only valid for l2leaf devices using port-channel uplink. Setting short_esi to “auto” generates the short_esi automatically using a hash of configuration elements. < 0000:0000:0000
`nodes`	List, items: Dictionary				Define variables per node.
`- name`	String	Required, Unique			The Node Name is used as “hostname”.
`link_tracking`	Dictionary				This configures the Link Tracking Group on a switch as well as adds the p2p-uplinks of the switch as the upstream interfaces. Useful in EVPN multhoming designs.
`enabled`	Boolean		`False`
`groups`	List, items: Dictionary		`[{'name': 'LT_GROUP1'}]`		Link Tracking Groups. By default a single group named “LT_GROUP1” is defined with default values. Any groups defined under “groups” will replace the default.
`- name`	String				Tracking group name.
`recovery_delay`	Integer			Min: 0 Max: 3600	default -> platform_settings_mlag_reload_delay -> 300.
`links_minimum`	Integer			Min: 1 Max: 100000
`uplink_ipv4_pool`	String			Format: ipv4_cidr	IPv4 subnet to use to connect to uplink switches.
`uplink_interfaces`	List, items: String				Local uplink interfaces Each list item supports range syntax that can be expanded into a list of interfaces. If uplink_interfaces is not defined, platform-specific defaults (defined under default_interfaces) will be used instead. Please note that default_interfaces are not defined by default, you should define these yourself.
`- <str>`	String			Pattern: Ethernet[\d/]+
`uplink_switch_interfaces`	List, items: String				Interfaces located on uplink switches.
`- <str>`	String			Pattern: Ethernet[\d/]+
`uplink_switches`	List, items: String
`- <str>`	String	Required			Hostname of uplink switch. If parallel uplinks are in use, update max_parallel_uplinks below and specify each uplink switch multiple times. e.g. uplink_switches: [ ‘DC1-SPINE1’, ‘DC1-SPINE1’, ‘DC1-SPINE2’, ‘DC1-SPINE2’ ].
`uplink_interface_speed`	String				Set point-to-Point interface speed and will apply to uplink interfaces on both ends. interface_speed or forced interface_speed or auto interface_speed.
`max_uplink_switches`	Integer				Maximum number of uplink switches. Changing this value may change IP Addressing on uplinks. Can be used to reserve IP space for future expansions.
`max_parallel_uplinks`	Integer				Number of parallel links towards uplink switches. Changing this value may change interface naming on uplinks (and corresponding downlinks). Can be used to reserve interfaces for future parallel uplinks.
`uplink_bfd`	Boolean		`False`		Enable bfd on uplink interfaces.
`uplink_native_vlan`	Integer			Min: 1 Max: 4094	Only applicable to switches with layer-2 port-channel uplinks. A suspended (disabled) vlan will be created in both ends of the link unless the vlan is defined under network services. By default the uplink will not have a native_vlan configured, so EOS defaults to vlan 1.
`uplink_ptp`	Dictionary				Enable PTP on all infrastructure links.
`enable`	Boolean		`False`
`uplink_macsec`	Dictionary				Enable MacSec on all uplinks.
`profile`	String
`uplink_structured_config`	Dictionary				Custom structured config applied to “uplink_interfaces”, and “uplink_switch_interfaces”. When uplink_type == “p2p”, custom structured config added under ethernet_interfaces. for eos_cli_config_gen overrides the settings on the ethernet interface level. When uplink_type == “port-channel”, custom structured config added under port_channel_interfaces. for eos_cli_config_gen overrides the settings on the port-channel interface level. “uplink_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
`short_esi`	String				short_esi only valid for l2leaf devices using port-channel uplink. Setting short_esi to “auto” generates the short_esi automatically using a hash of configuration elements. < 0000:0000:0000

<node_type_keys.key>:
  defaults:
    link_tracking:
      enabled: <bool>
      groups:
        - name: <str>
          recovery_delay: <int>
          links_minimum: <int>
    uplink_ipv4_pool: <str>
    uplink_interfaces:
      - <str>
    uplink_switch_interfaces:
      - <str>
    uplink_switches:
      - <str>
    uplink_interface_speed: <str>
    max_uplink_switches: <int>
    max_parallel_uplinks: <int>
    uplink_bfd: <bool>
    uplink_native_vlan: <int>
    uplink_ptp:
      enable: <bool>
    uplink_macsec:
      profile: <str>
    uplink_structured_config: <dict>
    short_esi: <str>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          link_tracking:
            enabled: <bool>
            groups:
              - name: <str>
                recovery_delay: <int>
                links_minimum: <int>
          uplink_ipv4_pool: <str>
          uplink_interfaces:
            - <str>
          uplink_switch_interfaces:
            - <str>
          uplink_switches:
            - <str>
          uplink_interface_speed: <str>
          max_uplink_switches: <int>
          max_parallel_uplinks: <int>
          uplink_bfd: <bool>
          uplink_native_vlan: <int>
          uplink_ptp:
            enable: <bool>
          uplink_macsec:
            profile: <str>
          uplink_structured_config: <dict>
          short_esi: <str>
      link_tracking:
        enabled: <bool>
        groups:
          - name: <str>
            recovery_delay: <int>
            links_minimum: <int>
      uplink_ipv4_pool: <str>
      uplink_interfaces:
        - <str>
      uplink_switch_interfaces:
        - <str>
      uplink_switches:
        - <str>
      uplink_interface_speed: <str>
      max_uplink_switches: <int>
      max_parallel_uplinks: <int>
      uplink_bfd: <bool>
      uplink_native_vlan: <int>
      uplink_ptp:
        enable: <bool>
      uplink_macsec:
        profile: <str>
      uplink_structured_config: <dict>
      short_esi: <str>
  nodes:
    - name: <str>
      link_tracking:
        enabled: <bool>
        groups:
          - name: <str>
            recovery_delay: <int>
            links_minimum: <int>
      uplink_ipv4_pool: <str>
      uplink_interfaces:
        - <str>
      uplink_switch_interfaces:
        - <str>
      uplink_switches:
        - <str>
      uplink_interface_speed: <str>
      max_uplink_switches: <int>
      max_parallel_uplinks: <int>
      uplink_bfd: <bool>
      uplink_native_vlan: <int>
      uplink_ptp:
        enable: <bool>
      uplink_macsec:
        profile: <str>
      uplink_structured_config: <dict>
      short_esi: <str>

Node type L2 and MLAG configuration¶

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`<node_type_keys.key>`	Dictionary
`defaults`	Dictionary				Define variables for all nodes of this type.
`mlag_port_channel_structured_config`	Dictionary				Custom structured config applied to MLAG peer link port-channel id. Added under port_channel_interfaces. for eos_cli_config_gen. Overrides the settings on the port-channel interface level. “mlag_port_channel_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
`mlag_peer_vlan_structured_config`	Dictionary				Custom structured config applied to MLAG Peer Link (control link) SVI interface id. Added under vlan_interfaces. for eos_cli_config_gen. Overrides the settings on the vlan interface level. “mlag_peer_vlan_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
`mlag_peer_l3_vlan_structured_config`	Dictionary				Custom structured config applied to MLAG underlay L3 peering SVI interface id. Added under vlan_interfaces. for eos_cli_config_gen. Overrides the settings on the vlan interface level. “mlag_peer_l3_vlan_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
`mlag`	Boolean		`True`		Enable / Disable auto MLAG, when two nodes are defined in node group.
`mlag_dual_primary_detection`	Boolean		`False`		Enable / Disable MLAG dual primary detection.
`mlag_ibgp_origin_incomplete`	Boolean		`True`		Set origin of routes received from MLAG iBGP peer to incomplete. The purpose is to optimize routing for leaf loopbacks from spine perspective and avoid suboptimal routing via peerlink for control plane traffic.
`mlag_interfaces`	List, items: String				Each list item supports range syntax that can be expanded into a list of interfaces. Required when MLAG leafs are present in the topology.
`- <str>`	String
`mlag_interfaces_speed`	String				Set MLAG interface speed. < interface_speed or forced interface_speed or auto interface_speed >.
`mlag_peer_l3_vlan`	Integer		`4093`	Min: 0 Max: 4094	Underlay L3 peering SVI interface id. If set to 0 or the same vlan as mlag_peer_vlan, the mlag_peer_vlan will be used for L3 peering.
`mlag_peer_l3_ipv4_pool`	String			Format: ipv4_cidr	IP address pool used for MLAG underlay L3 peering. IP is derived from the node id. Required when MLAG leafs present in topology and they are using a separate L3 peering VLAN.
`mlag_peer_vlan`	Integer		`4094`	Min: 1 Max: 4094	MLAG Peer Link (control link) SVI interface id.
`mlag_peer_link_allowed_vlans`	String
`mlag_peer_ipv4_pool`	String			Format: ipv4_cidr	IP address pool used for MLAG Peer Link (control link). IP is derived from the node id. Required when MLAG leafs present in topology.
`mlag_port_channel_id`	Integer				If not set, the mlag port-channel id is generated based on the digits of the first interface present in ‘mlag_interfaces’. Valid port-channel id numbers are < 1-2000 > for EOS < 4.25.0F and < 1 - 999999 > for EOS >= 4.25.0F.
`mlag_domain_id`	String				MLAG Domain ID. If not set the node group name (Set with “group” key) will be used.
`spanning_tree_mode`	String			Valid Values: - mstp - rstp - rapid-pvst - none
`spanning_tree_priority`	Integer		`32768`
`spanning_tree_root_super`	Boolean		`False`
`virtual_router_mac_address`	String			Format: mac	Virtual router mac address for anycast gateway.
`node_groups`	List, items: Dictionary				Define variables related to all nodes part of this group.
`- group`	String	Required, Unique			The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’. The Node Group Name is also used for peer description on downstream switches’ uplinks.
`nodes`	List, items: Dictionary				Define variables per node.
`- name`	String	Required, Unique			The Node Name is used as “hostname”.
`mlag_port_channel_structured_config`	Dictionary				Custom structured config applied to MLAG peer link port-channel id. Added under port_channel_interfaces. for eos_cli_config_gen. Overrides the settings on the port-channel interface level. “mlag_port_channel_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
`mlag_peer_vlan_structured_config`	Dictionary				Custom structured config applied to MLAG Peer Link (control link) SVI interface id. Added under vlan_interfaces. for eos_cli_config_gen. Overrides the settings on the vlan interface level. “mlag_peer_vlan_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
`mlag_peer_l3_vlan_structured_config`	Dictionary				Custom structured config applied to MLAG underlay L3 peering SVI interface id. Added under vlan_interfaces. for eos_cli_config_gen. Overrides the settings on the vlan interface level. “mlag_peer_l3_vlan_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
`mlag`	Boolean		`True`		Enable / Disable auto MLAG, when two nodes are defined in node group.
`mlag_dual_primary_detection`	Boolean		`False`		Enable / Disable MLAG dual primary detection.
`mlag_ibgp_origin_incomplete`	Boolean		`True`		Set origin of routes received from MLAG iBGP peer to incomplete. The purpose is to optimize routing for leaf loopbacks from spine perspective and avoid suboptimal routing via peerlink for control plane traffic.
`mlag_interfaces`	List, items: String				Each list item supports range syntax that can be expanded into a list of interfaces. Required when MLAG leafs are present in the topology.
`- <str>`	String
`mlag_interfaces_speed`	String				Set MLAG interface speed. < interface_speed or forced interface_speed or auto interface_speed >.
`mlag_peer_l3_vlan`	Integer		`4093`	Min: 0 Max: 4094	Underlay L3 peering SVI interface id. If set to 0 or the same vlan as mlag_peer_vlan, the mlag_peer_vlan will be used for L3 peering.
`mlag_peer_l3_ipv4_pool`	String			Format: ipv4_cidr	IP address pool used for MLAG underlay L3 peering. IP is derived from the node id. Required when MLAG leafs present in topology and they are using a separate L3 peering VLAN.
`mlag_peer_vlan`	Integer		`4094`	Min: 1 Max: 4094	MLAG Peer Link (control link) SVI interface id.
`mlag_peer_link_allowed_vlans`	String
`mlag_peer_ipv4_pool`	String			Format: ipv4_cidr	IP address pool used for MLAG Peer Link (control link). IP is derived from the node id. Required when MLAG leafs present in topology.
`mlag_port_channel_id`	Integer				If not set, the mlag port-channel id is generated based on the digits of the first interface present in ‘mlag_interfaces’. Valid port-channel id numbers are < 1-2000 > for EOS < 4.25.0F and < 1 - 999999 > for EOS >= 4.25.0F.
`mlag_domain_id`	String				MLAG Domain ID. If not set the node group name (Set with “group” key) will be used.
`spanning_tree_mode`	String			Valid Values: - mstp - rstp - rapid-pvst - none
`spanning_tree_priority`	Integer		`32768`
`spanning_tree_root_super`	Boolean		`False`
`virtual_router_mac_address`	String			Format: mac	Virtual router mac address for anycast gateway.
`mlag_port_channel_structured_config`	Dictionary				Custom structured config applied to MLAG peer link port-channel id. Added under port_channel_interfaces. for eos_cli_config_gen. Overrides the settings on the port-channel interface level. “mlag_port_channel_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
`mlag_peer_vlan_structured_config`	Dictionary				Custom structured config applied to MLAG Peer Link (control link) SVI interface id. Added under vlan_interfaces. for eos_cli_config_gen. Overrides the settings on the vlan interface level. “mlag_peer_vlan_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
`mlag_peer_l3_vlan_structured_config`	Dictionary				Custom structured config applied to MLAG underlay L3 peering SVI interface id. Added under vlan_interfaces. for eos_cli_config_gen. Overrides the settings on the vlan interface level. “mlag_peer_l3_vlan_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
`mlag`	Boolean		`True`		Enable / Disable auto MLAG, when two nodes are defined in node group.
`mlag_dual_primary_detection`	Boolean		`False`		Enable / Disable MLAG dual primary detection.
`mlag_ibgp_origin_incomplete`	Boolean		`True`		Set origin of routes received from MLAG iBGP peer to incomplete. The purpose is to optimize routing for leaf loopbacks from spine perspective and avoid suboptimal routing via peerlink for control plane traffic.
`mlag_interfaces`	List, items: String				Each list item supports range syntax that can be expanded into a list of interfaces. Required when MLAG leafs are present in the topology.
`- <str>`	String
`mlag_interfaces_speed`	String				Set MLAG interface speed. < interface_speed or forced interface_speed or auto interface_speed >.
`mlag_peer_l3_vlan`	Integer		`4093`	Min: 0 Max: 4094	Underlay L3 peering SVI interface id. If set to 0 or the same vlan as mlag_peer_vlan, the mlag_peer_vlan will be used for L3 peering.
`mlag_peer_l3_ipv4_pool`	String			Format: ipv4_cidr	IP address pool used for MLAG underlay L3 peering. IP is derived from the node id. Required when MLAG leafs present in topology and they are using a separate L3 peering VLAN.
`mlag_peer_vlan`	Integer		`4094`	Min: 1 Max: 4094	MLAG Peer Link (control link) SVI interface id.
`mlag_peer_link_allowed_vlans`	String
`mlag_peer_ipv4_pool`	String			Format: ipv4_cidr	IP address pool used for MLAG Peer Link (control link). IP is derived from the node id. Required when MLAG leafs present in topology.
`mlag_port_channel_id`	Integer				If not set, the mlag port-channel id is generated based on the digits of the first interface present in ‘mlag_interfaces’. Valid port-channel id numbers are < 1-2000 > for EOS < 4.25.0F and < 1 - 999999 > for EOS >= 4.25.0F.
`mlag_domain_id`	String				MLAG Domain ID. If not set the node group name (Set with “group” key) will be used.
`spanning_tree_mode`	String			Valid Values: - mstp - rstp - rapid-pvst - none
`spanning_tree_priority`	Integer		`32768`
`spanning_tree_root_super`	Boolean		`False`
`virtual_router_mac_address`	String			Format: mac	Virtual router mac address for anycast gateway.
`nodes`	List, items: Dictionary				Define variables per node.
`- name`	String	Required, Unique			The Node Name is used as “hostname”.
`mlag_port_channel_structured_config`	Dictionary				Custom structured config applied to MLAG peer link port-channel id. Added under port_channel_interfaces. for eos_cli_config_gen. Overrides the settings on the port-channel interface level. “mlag_port_channel_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
`mlag_peer_vlan_structured_config`	Dictionary				Custom structured config applied to MLAG Peer Link (control link) SVI interface id. Added under vlan_interfaces. for eos_cli_config_gen. Overrides the settings on the vlan interface level. “mlag_peer_vlan_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
`mlag_peer_l3_vlan_structured_config`	Dictionary				Custom structured config applied to MLAG underlay L3 peering SVI interface id. Added under vlan_interfaces. for eos_cli_config_gen. Overrides the settings on the vlan interface level. “mlag_peer_l3_vlan_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
`mlag`	Boolean		`True`		Enable / Disable auto MLAG, when two nodes are defined in node group.
`mlag_dual_primary_detection`	Boolean		`False`		Enable / Disable MLAG dual primary detection.
`mlag_ibgp_origin_incomplete`	Boolean		`True`		Set origin of routes received from MLAG iBGP peer to incomplete. The purpose is to optimize routing for leaf loopbacks from spine perspective and avoid suboptimal routing via peerlink for control plane traffic.
`mlag_interfaces`	List, items: String				Each list item supports range syntax that can be expanded into a list of interfaces. Required when MLAG leafs are present in the topology.
`- <str>`	String
`mlag_interfaces_speed`	String				Set MLAG interface speed. < interface_speed or forced interface_speed or auto interface_speed >.
`mlag_peer_l3_vlan`	Integer		`4093`	Min: 0 Max: 4094	Underlay L3 peering SVI interface id. If set to 0 or the same vlan as mlag_peer_vlan, the mlag_peer_vlan will be used for L3 peering.
`mlag_peer_l3_ipv4_pool`	String			Format: ipv4_cidr	IP address pool used for MLAG underlay L3 peering. IP is derived from the node id. Required when MLAG leafs present in topology and they are using a separate L3 peering VLAN.
`mlag_peer_vlan`	Integer		`4094`	Min: 1 Max: 4094	MLAG Peer Link (control link) SVI interface id.
`mlag_peer_link_allowed_vlans`	String
`mlag_peer_ipv4_pool`	String			Format: ipv4_cidr	IP address pool used for MLAG Peer Link (control link). IP is derived from the node id. Required when MLAG leafs present in topology.
`mlag_port_channel_id`	Integer				If not set, the mlag port-channel id is generated based on the digits of the first interface present in ‘mlag_interfaces’. Valid port-channel id numbers are < 1-2000 > for EOS < 4.25.0F and < 1 - 999999 > for EOS >= 4.25.0F.
`mlag_domain_id`	String				MLAG Domain ID. If not set the node group name (Set with “group” key) will be used.
`spanning_tree_mode`	String			Valid Values: - mstp - rstp - rapid-pvst - none
`spanning_tree_priority`	Integer		`32768`
`spanning_tree_root_super`	Boolean		`False`
`virtual_router_mac_address`	String			Format: mac	Virtual router mac address for anycast gateway.

<node_type_keys.key>:
  defaults:
    mlag_port_channel_structured_config: <dict>
    mlag_peer_vlan_structured_config: <dict>
    mlag_peer_l3_vlan_structured_config: <dict>
    mlag: <bool>
    mlag_dual_primary_detection: <bool>
    mlag_ibgp_origin_incomplete: <bool>
    mlag_interfaces:
      - <str>
    mlag_interfaces_speed: <str>
    mlag_peer_l3_vlan: <int>
    mlag_peer_l3_ipv4_pool: <str>
    mlag_peer_vlan: <int>
    mlag_peer_link_allowed_vlans: <str>
    mlag_peer_ipv4_pool: <str>
    mlag_port_channel_id: <int>
    mlag_domain_id: <str>
    spanning_tree_mode: <str>
    spanning_tree_priority: <int>
    spanning_tree_root_super: <bool>
    virtual_router_mac_address: <str>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          mlag_port_channel_structured_config: <dict>
          mlag_peer_vlan_structured_config: <dict>
          mlag_peer_l3_vlan_structured_config: <dict>
          mlag: <bool>
          mlag_dual_primary_detection: <bool>
          mlag_ibgp_origin_incomplete: <bool>
          mlag_interfaces:
            - <str>
          mlag_interfaces_speed: <str>
          mlag_peer_l3_vlan: <int>
          mlag_peer_l3_ipv4_pool: <str>
          mlag_peer_vlan: <int>
          mlag_peer_link_allowed_vlans: <str>
          mlag_peer_ipv4_pool: <str>
          mlag_port_channel_id: <int>
          mlag_domain_id: <str>
          spanning_tree_mode: <str>
          spanning_tree_priority: <int>
          spanning_tree_root_super: <bool>
          virtual_router_mac_address: <str>
      mlag_port_channel_structured_config: <dict>
      mlag_peer_vlan_structured_config: <dict>
      mlag_peer_l3_vlan_structured_config: <dict>
      mlag: <bool>
      mlag_dual_primary_detection: <bool>
      mlag_ibgp_origin_incomplete: <bool>
      mlag_interfaces:
        - <str>
      mlag_interfaces_speed: <str>
      mlag_peer_l3_vlan: <int>
      mlag_peer_l3_ipv4_pool: <str>
      mlag_peer_vlan: <int>
      mlag_peer_link_allowed_vlans: <str>
      mlag_peer_ipv4_pool: <str>
      mlag_port_channel_id: <int>
      mlag_domain_id: <str>
      spanning_tree_mode: <str>
      spanning_tree_priority: <int>
      spanning_tree_root_super: <bool>
      virtual_router_mac_address: <str>
  nodes:
    - name: <str>
      mlag_port_channel_structured_config: <dict>
      mlag_peer_vlan_structured_config: <dict>
      mlag_peer_l3_vlan_structured_config: <dict>
      mlag: <bool>
      mlag_dual_primary_detection: <bool>
      mlag_ibgp_origin_incomplete: <bool>
      mlag_interfaces:
        - <str>
      mlag_interfaces_speed: <str>
      mlag_peer_l3_vlan: <int>
      mlag_peer_l3_ipv4_pool: <str>
      mlag_peer_vlan: <int>
      mlag_peer_link_allowed_vlans: <str>
      mlag_peer_ipv4_pool: <str>
      mlag_port_channel_id: <int>
      mlag_domain_id: <str>
      spanning_tree_mode: <str>
      spanning_tree_priority: <int>
      spanning_tree_root_super: <bool>
      virtual_router_mac_address: <str>

Node type Loopback and VTEP configuration¶

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`<node_type_keys.key>`	Dictionary
`defaults`	Dictionary				Define variables for all nodes of this type.
`loopback_ipv4_pool`	String			Format: ipv4_cidr	IPv4 subnet for Loopback0 allocation.
`vtep_loopback_ipv4_pool`	String			Format: ipv4_cidr	IPv4 subnet for VTEP-Loopback allocation.
`loopback_ipv4_offset`	Integer		`0`		Offset all assigned loopback IP addresses. Required when the < loopback_ipv4_pool > is same for 2 different node_types (like spine and l3leaf) to avoid over-lapping IPs. For example, set the minimum offset l3leaf.defaults.loopback_ipv4_offset: < total # spine switches > or vice versa.
`loopback_ipv6_pool`	String			Format: ipv6_cidr	IPv6 subnet for Loopback0 allocation.
`loopback_ipv6_offset`	Integer		`0`		Offset all assigned loopback IPv6 addresses. Required when the < loopback_ipv6_pool > is same for 2 different node_types (like spine and l3leaf) to avoid overlapping IPs. For example, set the minimum offset l3leaf.defaults.loopback_ipv6_offset: < total # spine switches > or vice versa.
`vtep_loopback`	String			Pattern: Loopback[\d/]+	Set VXLAN source interface.
`node_groups`	List, items: Dictionary				Define variables related to all nodes part of this group.
`- group`	String	Required, Unique			The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’. The Node Group Name is also used for peer description on downstream switches’ uplinks.
`nodes`	List, items: Dictionary				Define variables per node.
`- name`	String	Required, Unique			The Node Name is used as “hostname”.
`loopback_ipv4_pool`	String			Format: ipv4_cidr	IPv4 subnet for Loopback0 allocation.
`vtep_loopback_ipv4_pool`	String			Format: ipv4_cidr	IPv4 subnet for VTEP-Loopback allocation.
`loopback_ipv4_offset`	Integer		`0`		Offset all assigned loopback IP addresses. Required when the < loopback_ipv4_pool > is same for 2 different node_types (like spine and l3leaf) to avoid over-lapping IPs. For example, set the minimum offset l3leaf.defaults.loopback_ipv4_offset: < total # spine switches > or vice versa.
`loopback_ipv6_pool`	String			Format: ipv6_cidr	IPv6 subnet for Loopback0 allocation.
`loopback_ipv6_offset`	Integer		`0`		Offset all assigned loopback IPv6 addresses. Required when the < loopback_ipv6_pool > is same for 2 different node_types (like spine and l3leaf) to avoid overlapping IPs. For example, set the minimum offset l3leaf.defaults.loopback_ipv6_offset: < total # spine switches > or vice versa.
`vtep_loopback`	String			Pattern: Loopback[\d/]+	Set VXLAN source interface.
`loopback_ipv4_pool`	String			Format: ipv4_cidr	IPv4 subnet for Loopback0 allocation.
`vtep_loopback_ipv4_pool`	String			Format: ipv4_cidr	IPv4 subnet for VTEP-Loopback allocation.
`loopback_ipv4_offset`	Integer		`0`		Offset all assigned loopback IP addresses. Required when the < loopback_ipv4_pool > is same for 2 different node_types (like spine and l3leaf) to avoid over-lapping IPs. For example, set the minimum offset l3leaf.defaults.loopback_ipv4_offset: < total # spine switches > or vice versa.
`loopback_ipv6_pool`	String			Format: ipv6_cidr	IPv6 subnet for Loopback0 allocation.
`loopback_ipv6_offset`	Integer		`0`		Offset all assigned loopback IPv6 addresses. Required when the < loopback_ipv6_pool > is same for 2 different node_types (like spine and l3leaf) to avoid overlapping IPs. For example, set the minimum offset l3leaf.defaults.loopback_ipv6_offset: < total # spine switches > or vice versa.
`vtep_loopback`	String			Pattern: Loopback[\d/]+	Set VXLAN source interface.
`nodes`	List, items: Dictionary				Define variables per node.
`- name`	String	Required, Unique			The Node Name is used as “hostname”.
`loopback_ipv4_pool`	String			Format: ipv4_cidr	IPv4 subnet for Loopback0 allocation.
`vtep_loopback_ipv4_pool`	String			Format: ipv4_cidr	IPv4 subnet for VTEP-Loopback allocation.
`loopback_ipv4_offset`	Integer		`0`		Offset all assigned loopback IP addresses. Required when the < loopback_ipv4_pool > is same for 2 different node_types (like spine and l3leaf) to avoid over-lapping IPs. For example, set the minimum offset l3leaf.defaults.loopback_ipv4_offset: < total # spine switches > or vice versa.
`loopback_ipv6_pool`	String			Format: ipv6_cidr	IPv6 subnet for Loopback0 allocation.
`loopback_ipv6_offset`	Integer		`0`		Offset all assigned loopback IPv6 addresses. Required when the < loopback_ipv6_pool > is same for 2 different node_types (like spine and l3leaf) to avoid overlapping IPs. For example, set the minimum offset l3leaf.defaults.loopback_ipv6_offset: < total # spine switches > or vice versa.
`vtep_loopback`	String			Pattern: Loopback[\d/]+	Set VXLAN source interface.

<node_type_keys.key>:
  defaults:
    loopback_ipv4_pool: <str>
    vtep_loopback_ipv4_pool: <str>
    loopback_ipv4_offset: <int>
    loopback_ipv6_pool: <str>
    loopback_ipv6_offset: <int>
    vtep_loopback: <str>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          loopback_ipv4_pool: <str>
          vtep_loopback_ipv4_pool: <str>
          loopback_ipv4_offset: <int>
          loopback_ipv6_pool: <str>
          loopback_ipv6_offset: <int>
          vtep_loopback: <str>
      loopback_ipv4_pool: <str>
      vtep_loopback_ipv4_pool: <str>
      loopback_ipv4_offset: <int>
      loopback_ipv6_pool: <str>
      loopback_ipv6_offset: <int>
      vtep_loopback: <str>
  nodes:
    - name: <str>
      loopback_ipv4_pool: <str>
      vtep_loopback_ipv4_pool: <str>
      loopback_ipv4_offset: <int>
      loopback_ipv6_pool: <str>
      loopback_ipv6_offset: <int>
      vtep_loopback: <str>

Node type BGP configuration¶

TableYAML

Variable	Type	Required	Value Restrictions	Description
`<node_type_keys.key>`	Dictionary
`defaults`	Dictionary			Define variables for all nodes of this type.
`bgp_as`	String			Required with eBGP.
`bgp_defaults`	List, items: String			List of EOS commands to apply to BGP daemon.
`- <str>`	String
`evpn_role`	String		Valid Values: - client - server - none	Acting role in EVPN control plane. Default is set in node_type definition from node_type_keys.
`evpn_route_servers`	List, items: String			List of nodes acting as EVPN Route-Servers / Route-Reflectors.
`- <str>`	String
`node_groups`	List, items: Dictionary			Define variables related to all nodes part of this group.
`- group`	String	Required, Unique		The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’. The Node Group Name is also used for peer description on downstream switches’ uplinks.
`nodes`	List, items: Dictionary			Define variables per node.
`- name`	String	Required, Unique		The Node Name is used as “hostname”.
`bgp_as`	String			Required with eBGP.
`bgp_defaults`	List, items: String			List of EOS commands to apply to BGP daemon.
`- <str>`	String
`evpn_role`	String		Valid Values: - client - server - none	Acting role in EVPN control plane. Default is set in node_type definition from node_type_keys.
`evpn_route_servers`	List, items: String			List of nodes acting as EVPN Route-Servers / Route-Reflectors.
`- <str>`	String
`bgp_as`	String			Required with eBGP.
`bgp_defaults`	List, items: String			List of EOS commands to apply to BGP daemon.
`- <str>`	String
`evpn_role`	String		Valid Values: - client - server - none	Acting role in EVPN control plane. Default is set in node_type definition from node_type_keys.
`evpn_route_servers`	List, items: String			List of nodes acting as EVPN Route-Servers / Route-Reflectors.
`- <str>`	String
`nodes`	List, items: Dictionary			Define variables per node.
`- name`	String	Required, Unique		The Node Name is used as “hostname”.
`bgp_as`	String			Required with eBGP.
`bgp_defaults`	List, items: String			List of EOS commands to apply to BGP daemon.
`- <str>`	String
`evpn_role`	String		Valid Values: - client - server - none	Acting role in EVPN control plane. Default is set in node_type definition from node_type_keys.
`evpn_route_servers`	List, items: String			List of nodes acting as EVPN Route-Servers / Route-Reflectors.
`- <str>`	String

<node_type_keys.key>:
  defaults:
    bgp_as: <str>
    bgp_defaults:
      - <str>
    evpn_role: <str>
    evpn_route_servers:
      - <str>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          bgp_as: <str>
          bgp_defaults:
            - <str>
          evpn_role: <str>
          evpn_route_servers:
            - <str>
      bgp_as: <str>
      bgp_defaults:
        - <str>
      evpn_role: <str>
      evpn_route_servers:
        - <str>
  nodes:
    - name: <str>
      bgp_as: <str>
      bgp_defaults:
        - <str>
      evpn_role: <str>
      evpn_route_servers:
        - <str>

Node type network services configuration¶

TableYAML

Variable	Type	Required	Default	Description
`<node_type_keys.key>`	Dictionary
`defaults`	Dictionary			Define variables for all nodes of this type.
`evpn_services_l2_only`	Boolean		`False`	Possibility to prevent configuration of Tenant VRFs and SVIs. Override node definition “network_services_l3” from node_type_keys. This allows support for centralized routing.
`filter`	Dictionary			Filter L3 and L2 network services based on tenant and tags (and operation filter). If filter is not defined it will default to all.
`tenants`	List, items: String		`['all']`
`- <str>`	String
`tags`	List, items: String		`['all']`
`- <str>`	String
`always_include_vrfs_in_tenants`	List, items: String			List of tenants where VRFs will be configured even if VLANs are not included in tags. Useful for L3 “border” leaf.
`- <str>`	String
`only_vlans_in_use`	Boolean		`False`	Only configure VLANs, SVIs, VRFs in use by connected endpoints or downstream L2 switches. Note! This feature only considers configuration managed by eos_designs. This excludes structured_config, custom_structured_configuration_, raw_eos_cli, eos_cli, custom templates, configlets etc.
`igmp_snooping_enabled`	Boolean		`True`	Activate or deactivate IGMP snooping on device level.
`node_groups`	List, items: Dictionary			Define variables related to all nodes part of this group.
`- group`	String	Required, Unique		The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’. The Node Group Name is also used for peer description on downstream switches’ uplinks.
`nodes`	List, items: Dictionary			Define variables per node.
`- name`	String	Required, Unique		The Node Name is used as “hostname”.
`evpn_services_l2_only`	Boolean		`False`	Possibility to prevent configuration of Tenant VRFs and SVIs. Override node definition “network_services_l3” from node_type_keys. This allows support for centralized routing.
`filter`	Dictionary			Filter L3 and L2 network services based on tenant and tags (and operation filter). If filter is not defined it will default to all.
`tenants`	List, items: String		`['all']`
`- <str>`	String
`tags`	List, items: String		`['all']`
`- <str>`	String
`always_include_vrfs_in_tenants`	List, items: String			List of tenants where VRFs will be configured even if VLANs are not included in tags. Useful for L3 “border” leaf.
`- <str>`	String
`only_vlans_in_use`	Boolean		`False`	Only configure VLANs, SVIs, VRFs in use by connected endpoints or downstream L2 switches. Note! This feature only considers configuration managed by eos_designs. This excludes structured_config, custom_structured_configuration_, raw_eos_cli, eos_cli, custom templates, configlets etc.
`igmp_snooping_enabled`	Boolean		`True`	Activate or deactivate IGMP snooping on device level.
`evpn_services_l2_only`	Boolean		`False`	Possibility to prevent configuration of Tenant VRFs and SVIs. Override node definition “network_services_l3” from node_type_keys. This allows support for centralized routing.
`filter`	Dictionary			Filter L3 and L2 network services based on tenant and tags (and operation filter). If filter is not defined it will default to all.
`tenants`	List, items: String		`['all']`
`- <str>`	String
`tags`	List, items: String		`['all']`
`- <str>`	String
`always_include_vrfs_in_tenants`	List, items: String			List of tenants where VRFs will be configured even if VLANs are not included in tags. Useful for L3 “border” leaf.
`- <str>`	String
`only_vlans_in_use`	Boolean		`False`	Only configure VLANs, SVIs, VRFs in use by connected endpoints or downstream L2 switches. Note! This feature only considers configuration managed by eos_designs. This excludes structured_config, custom_structured_configuration_, raw_eos_cli, eos_cli, custom templates, configlets etc.
`igmp_snooping_enabled`	Boolean		`True`	Activate or deactivate IGMP snooping on device level.
`nodes`	List, items: Dictionary			Define variables per node.
`- name`	String	Required, Unique		The Node Name is used as “hostname”.
`evpn_services_l2_only`	Boolean		`False`	Possibility to prevent configuration of Tenant VRFs and SVIs. Override node definition “network_services_l3” from node_type_keys. This allows support for centralized routing.
`filter`	Dictionary			Filter L3 and L2 network services based on tenant and tags (and operation filter). If filter is not defined it will default to all.
`tenants`	List, items: String		`['all']`
`- <str>`	String
`tags`	List, items: String		`['all']`
`- <str>`	String
`always_include_vrfs_in_tenants`	List, items: String			List of tenants where VRFs will be configured even if VLANs are not included in tags. Useful for L3 “border” leaf.
`- <str>`	String
`only_vlans_in_use`	Boolean		`False`	Only configure VLANs, SVIs, VRFs in use by connected endpoints or downstream L2 switches. Note! This feature only considers configuration managed by eos_designs. This excludes structured_config, custom_structured_configuration_, raw_eos_cli, eos_cli, custom templates, configlets etc.
`igmp_snooping_enabled`	Boolean		`True`	Activate or deactivate IGMP snooping on device level.

<node_type_keys.key>:
  defaults:
    evpn_services_l2_only: <bool>
    filter:
      tenants:
        - <str>
      tags:
        - <str>
      always_include_vrfs_in_tenants:
        - <str>
      only_vlans_in_use: <bool>
    igmp_snooping_enabled: <bool>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          evpn_services_l2_only: <bool>
          filter:
            tenants:
              - <str>
            tags:
              - <str>
            always_include_vrfs_in_tenants:
              - <str>
            only_vlans_in_use: <bool>
          igmp_snooping_enabled: <bool>
      evpn_services_l2_only: <bool>
      filter:
        tenants:
          - <str>
        tags:
          - <str>
        always_include_vrfs_in_tenants:
          - <str>
        only_vlans_in_use: <bool>
      igmp_snooping_enabled: <bool>
  nodes:
    - name: <str>
      evpn_services_l2_only: <bool>
      filter:
        tenants:
          - <str>
        tags:
          - <str>
        always_include_vrfs_in_tenants:
          - <str>
        only_vlans_in_use: <bool>
      igmp_snooping_enabled: <bool>

Node type EVPN gateway configuration¶

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`<node_type_keys.key>`	Dictionary
`defaults`	Dictionary				Define variables for all nodes of this type.
`ipvpn_gateway`	Dictionary				Node is acting as IP-VPN Gateway for EVPN to MPLS-IP-VPN Interworking. The BGP peer group used for this is “bgp_peer_groups.ipvpn_gateway_peers”. L3 Reachability is required for this to work, the preferred method to establish underlay connectivity is to use core_interfaces.
`enabled`	Boolean	Required
`evpn_domain_id`	String		`65535:1`		Domain ID to assign to EVPN address family for use with D-path. Format :.
`ipvpn_domain_id`	String		`65535:2`		Domain ID to assign to IPVPN address families for use with D-path. Format :.
`enable_d_path`	Boolean		`True`		Enable D-path for use with BGP bestpath selection algorithm.
`maximum_routes`	Integer		`0`		Maximum routes to accept from IPVPN remote peers.
`local_as`	String		`none`		Apply local-as to peering with IPVPN remote peers.
`address_families`	List, items: String		`['vpn-ipv4']`		IPVPN address families to enable for remote peers.
`- <str>`	String
`remote_peers`	List, items: Dictionary
`- hostname`	String	Required			Hostname of remote IPVPN Peer.
`ip_address`	String	Required		Format: ipv4	Peering IP of remote IPVPN Peer.
`bgp_as`	String	Required			BGP ASN of remote IPVPN Peer.
`node_groups`	List, items: Dictionary				Define variables related to all nodes part of this group.
`- group`	String	Required, Unique			The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’. The Node Group Name is also used for peer description on downstream switches’ uplinks.
`nodes`	List, items: Dictionary				Define variables per node.
`- name`	String	Required, Unique			The Node Name is used as “hostname”.
`ipvpn_gateway`	Dictionary				Node is acting as IP-VPN Gateway for EVPN to MPLS-IP-VPN Interworking. The BGP peer group used for this is “bgp_peer_groups.ipvpn_gateway_peers”. L3 Reachability is required for this to work, the preferred method to establish underlay connectivity is to use core_interfaces.
`enabled`	Boolean	Required
`evpn_domain_id`	String		`65535:1`		Domain ID to assign to EVPN address family for use with D-path. Format :.
`ipvpn_domain_id`	String		`65535:2`		Domain ID to assign to IPVPN address families for use with D-path. Format :.
`enable_d_path`	Boolean		`True`		Enable D-path for use with BGP bestpath selection algorithm.
`maximum_routes`	Integer		`0`		Maximum routes to accept from IPVPN remote peers.
`local_as`	String		`none`		Apply local-as to peering with IPVPN remote peers.
`address_families`	List, items: String		`['vpn-ipv4']`		IPVPN address families to enable for remote peers.
`- <str>`	String
`remote_peers`	List, items: Dictionary
`- hostname`	String	Required			Hostname of remote IPVPN Peer.
`ip_address`	String	Required		Format: ipv4	Peering IP of remote IPVPN Peer.
`bgp_as`	String	Required			BGP ASN of remote IPVPN Peer.
`ipvpn_gateway`	Dictionary				Node is acting as IP-VPN Gateway for EVPN to MPLS-IP-VPN Interworking. The BGP peer group used for this is “bgp_peer_groups.ipvpn_gateway_peers”. L3 Reachability is required for this to work, the preferred method to establish underlay connectivity is to use core_interfaces.
`enabled`	Boolean	Required
`evpn_domain_id`	String		`65535:1`		Domain ID to assign to EVPN address family for use with D-path. Format :.
`ipvpn_domain_id`	String		`65535:2`		Domain ID to assign to IPVPN address families for use with D-path. Format :.
`enable_d_path`	Boolean		`True`		Enable D-path for use with BGP bestpath selection algorithm.
`maximum_routes`	Integer		`0`		Maximum routes to accept from IPVPN remote peers.
`local_as`	String		`none`		Apply local-as to peering with IPVPN remote peers.
`address_families`	List, items: String		`['vpn-ipv4']`		IPVPN address families to enable for remote peers.
`- <str>`	String
`remote_peers`	List, items: Dictionary
`- hostname`	String	Required			Hostname of remote IPVPN Peer.
`ip_address`	String	Required		Format: ipv4	Peering IP of remote IPVPN Peer.
`bgp_as`	String	Required			BGP ASN of remote IPVPN Peer.
`nodes`	List, items: Dictionary				Define variables per node.
`- name`	String	Required, Unique			The Node Name is used as “hostname”.
`ipvpn_gateway`	Dictionary				Node is acting as IP-VPN Gateway for EVPN to MPLS-IP-VPN Interworking. The BGP peer group used for this is “bgp_peer_groups.ipvpn_gateway_peers”. L3 Reachability is required for this to work, the preferred method to establish underlay connectivity is to use core_interfaces.
`enabled`	Boolean	Required
`evpn_domain_id`	String		`65535:1`		Domain ID to assign to EVPN address family for use with D-path. Format :.
`ipvpn_domain_id`	String		`65535:2`		Domain ID to assign to IPVPN address families for use with D-path. Format :.
`enable_d_path`	Boolean		`True`		Enable D-path for use with BGP bestpath selection algorithm.
`maximum_routes`	Integer		`0`		Maximum routes to accept from IPVPN remote peers.
`local_as`	String		`none`		Apply local-as to peering with IPVPN remote peers.
`address_families`	List, items: String		`['vpn-ipv4']`		IPVPN address families to enable for remote peers.
`- <str>`	String
`remote_peers`	List, items: Dictionary
`- hostname`	String	Required			Hostname of remote IPVPN Peer.
`ip_address`	String	Required		Format: ipv4	Peering IP of remote IPVPN Peer.
`bgp_as`	String	Required			BGP ASN of remote IPVPN Peer.

<node_type_keys.key>:
  defaults:
    ipvpn_gateway:
      enabled: <bool>
      evpn_domain_id: <str>
      ipvpn_domain_id: <str>
      enable_d_path: <bool>
      maximum_routes: <int>
      local_as: <str>
      address_families:
        - <str>
      remote_peers:
        - hostname: <str>
          ip_address: <str>
          bgp_as: <str>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          ipvpn_gateway:
            enabled: <bool>
            evpn_domain_id: <str>
            ipvpn_domain_id: <str>
            enable_d_path: <bool>
            maximum_routes: <int>
            local_as: <str>
            address_families:
              - <str>
            remote_peers:
              - hostname: <str>
                ip_address: <str>
                bgp_as: <str>
      ipvpn_gateway:
        enabled: <bool>
        evpn_domain_id: <str>
        ipvpn_domain_id: <str>
        enable_d_path: <bool>
        maximum_routes: <int>
        local_as: <str>
        address_families:
          - <str>
        remote_peers:
          - hostname: <str>
            ip_address: <str>
            bgp_as: <str>
  nodes:
    - name: <str>
      ipvpn_gateway:
        enabled: <bool>
        evpn_domain_id: <str>
        ipvpn_domain_id: <str>
        enable_d_path: <bool>
        maximum_routes: <int>
        local_as: <str>
        address_families:
          - <str>
        remote_peers:
          - hostname: <str>
            ip_address: <str>
            bgp_as: <str>

Node type EVPN multi-domain gateway configuration¶

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`<node_type_keys.key>`	Dictionary
`defaults`	Dictionary				Define variables for all nodes of this type.
`evpn_gateway`	Dictionary				Node is acting as EVPN Multi-Domain Gateway. New BGP peer-group is generated between EVPN GWs in different domains or between GWs and Route Servers. Name can be changed under “bgp_peer_groups.evpn_overlay_core” variable. L3 rechability for different EVPN GWs must be already in place, it is recommended to use DCI & L3 Edge if Route Servers and GWs are not defined under the same Ansible inventory.
`remote_peers`	List, items: Dictionary				Define remote peers of the EVPN VXLAN Gateway. If the hostname can be found in the inventory, ip_address and BGP ASN will be automatically populated. Manual override takes precedence. If the peer’s hostname can not be found in the inventory, ip_address and bgp_as must be defined.
`- hostname`	String				Hostname of remote EVPN GW server.
`ip_address`	String			Format: ipv4	Peering IP of remote Route Server.
`bgp_as`	String				BGP ASN of remote Route Server.
`evpn_l2`	Dictionary				Enable EVPN Gateway functionality for route-types 2 (MAC-IP) and 3 (IMET).
`enabled`	Boolean		`False`
`evpn_l3`	Dictionary				Enable EVPN Gateway functionality for route-type 5 (IP-PREFIX).
`enabled`	Boolean		`False`
`inter_domain`	Boolean		`True`
`node_groups`	List, items: Dictionary				Define variables related to all nodes part of this group.
`- group`	String	Required, Unique			The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’. The Node Group Name is also used for peer description on downstream switches’ uplinks.
`nodes`	List, items: Dictionary				Define variables per node.
`- name`	String	Required, Unique			The Node Name is used as “hostname”.
`evpn_gateway`	Dictionary				Node is acting as EVPN Multi-Domain Gateway. New BGP peer-group is generated between EVPN GWs in different domains or between GWs and Route Servers. Name can be changed under “bgp_peer_groups.evpn_overlay_core” variable. L3 rechability for different EVPN GWs must be already in place, it is recommended to use DCI & L3 Edge if Route Servers and GWs are not defined under the same Ansible inventory.
`remote_peers`	List, items: Dictionary				Define remote peers of the EVPN VXLAN Gateway. If the hostname can be found in the inventory, ip_address and BGP ASN will be automatically populated. Manual override takes precedence. If the peer’s hostname can not be found in the inventory, ip_address and bgp_as must be defined.
`- hostname`	String				Hostname of remote EVPN GW server.
`ip_address`	String			Format: ipv4	Peering IP of remote Route Server.
`bgp_as`	String				BGP ASN of remote Route Server.
`evpn_l2`	Dictionary				Enable EVPN Gateway functionality for route-types 2 (MAC-IP) and 3 (IMET).
`enabled`	Boolean		`False`
`evpn_l3`	Dictionary				Enable EVPN Gateway functionality for route-type 5 (IP-PREFIX).
`enabled`	Boolean		`False`
`inter_domain`	Boolean		`True`
`evpn_gateway`	Dictionary				Node is acting as EVPN Multi-Domain Gateway. New BGP peer-group is generated between EVPN GWs in different domains or between GWs and Route Servers. Name can be changed under “bgp_peer_groups.evpn_overlay_core” variable. L3 rechability for different EVPN GWs must be already in place, it is recommended to use DCI & L3 Edge if Route Servers and GWs are not defined under the same Ansible inventory.
`remote_peers`	List, items: Dictionary				Define remote peers of the EVPN VXLAN Gateway. If the hostname can be found in the inventory, ip_address and BGP ASN will be automatically populated. Manual override takes precedence. If the peer’s hostname can not be found in the inventory, ip_address and bgp_as must be defined.
`- hostname`	String				Hostname of remote EVPN GW server.
`ip_address`	String			Format: ipv4	Peering IP of remote Route Server.
`bgp_as`	String				BGP ASN of remote Route Server.
`evpn_l2`	Dictionary				Enable EVPN Gateway functionality for route-types 2 (MAC-IP) and 3 (IMET).
`enabled`	Boolean		`False`
`evpn_l3`	Dictionary				Enable EVPN Gateway functionality for route-type 5 (IP-PREFIX).
`enabled`	Boolean		`False`
`inter_domain`	Boolean		`True`
`nodes`	List, items: Dictionary				Define variables per node.
`- name`	String	Required, Unique			The Node Name is used as “hostname”.
`evpn_gateway`	Dictionary				Node is acting as EVPN Multi-Domain Gateway. New BGP peer-group is generated between EVPN GWs in different domains or between GWs and Route Servers. Name can be changed under “bgp_peer_groups.evpn_overlay_core” variable. L3 rechability for different EVPN GWs must be already in place, it is recommended to use DCI & L3 Edge if Route Servers and GWs are not defined under the same Ansible inventory.
`remote_peers`	List, items: Dictionary				Define remote peers of the EVPN VXLAN Gateway. If the hostname can be found in the inventory, ip_address and BGP ASN will be automatically populated. Manual override takes precedence. If the peer’s hostname can not be found in the inventory, ip_address and bgp_as must be defined.
`- hostname`	String				Hostname of remote EVPN GW server.
`ip_address`	String			Format: ipv4	Peering IP of remote Route Server.
`bgp_as`	String				BGP ASN of remote Route Server.
`evpn_l2`	Dictionary				Enable EVPN Gateway functionality for route-types 2 (MAC-IP) and 3 (IMET).
`enabled`	Boolean		`False`
`evpn_l3`	Dictionary				Enable EVPN Gateway functionality for route-type 5 (IP-PREFIX).
`enabled`	Boolean		`False`
`inter_domain`	Boolean		`True`

<node_type_keys.key>:
  defaults:
    evpn_gateway:
      remote_peers:
        - hostname: <str>
          ip_address: <str>
          bgp_as: <str>
      evpn_l2:
        enabled: <bool>
      evpn_l3:
        enabled: <bool>
        inter_domain: <bool>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          evpn_gateway:
            remote_peers:
              - hostname: <str>
                ip_address: <str>
                bgp_as: <str>
            evpn_l2:
              enabled: <bool>
            evpn_l3:
              enabled: <bool>
              inter_domain: <bool>
      evpn_gateway:
        remote_peers:
          - hostname: <str>
            ip_address: <str>
            bgp_as: <str>
        evpn_l2:
          enabled: <bool>
        evpn_l3:
          enabled: <bool>
          inter_domain: <bool>
  nodes:
    - name: <str>
      evpn_gateway:
        remote_peers:
          - hostname: <str>
            ip_address: <str>
            bgp_as: <str>
        evpn_l2:
          enabled: <bool>
        evpn_l3:
          enabled: <bool>
          inter_domain: <bool>

Node type ISIS Configuration¶

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`<node_type_keys.key>`	Dictionary
`defaults`	Dictionary				Define variables for all nodes of this type.
`isis_system_id_prefix`	String			Pattern: [0-9a-f]{4}.[0-9a-f]{4}	(4.4 hexadecimal).
`isis_maximum_paths`	Integer				Number of path to configure in ECMP for ISIS.
`is_type`	String		`level-2`	Valid Values: - level-1-2 - level-1 - level-2
`node_sid_base`	Integer		`0`		Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID.
`node_groups`	List, items: Dictionary				Define variables related to all nodes part of this group.
`- group`	String	Required, Unique			The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’. The Node Group Name is also used for peer description on downstream switches’ uplinks.
`nodes`	List, items: Dictionary				Define variables per node.
`- name`	String	Required, Unique			The Node Name is used as “hostname”.
`isis_system_id_prefix`	String			Pattern: [0-9a-f]{4}.[0-9a-f]{4}	(4.4 hexadecimal).
`isis_maximum_paths`	Integer				Number of path to configure in ECMP for ISIS.
`is_type`	String		`level-2`	Valid Values: - level-1-2 - level-1 - level-2
`node_sid_base`	Integer		`0`		Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID.
`isis_system_id_prefix`	String			Pattern: [0-9a-f]{4}.[0-9a-f]{4}	(4.4 hexadecimal).
`isis_maximum_paths`	Integer				Number of path to configure in ECMP for ISIS.
`is_type`	String		`level-2`	Valid Values: - level-1-2 - level-1 - level-2
`node_sid_base`	Integer		`0`		Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID.
`nodes`	List, items: Dictionary				Define variables per node.
`- name`	String	Required, Unique			The Node Name is used as “hostname”.
`isis_system_id_prefix`	String			Pattern: [0-9a-f]{4}.[0-9a-f]{4}	(4.4 hexadecimal).
`isis_maximum_paths`	Integer				Number of path to configure in ECMP for ISIS.
`is_type`	String		`level-2`	Valid Values: - level-1-2 - level-1 - level-2
`node_sid_base`	Integer		`0`		Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID.

<node_type_keys.key>:
  defaults:
    isis_system_id_prefix: <str>
    isis_maximum_paths: <int>
    is_type: <str>
    node_sid_base: <int>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          isis_system_id_prefix: <str>
          isis_maximum_paths: <int>
          is_type: <str>
          node_sid_base: <int>
      isis_system_id_prefix: <str>
      isis_maximum_paths: <int>
      is_type: <str>
      node_sid_base: <int>
  nodes:
    - name: <str>
      isis_system_id_prefix: <str>
      isis_maximum_paths: <int>
      is_type: <str>
      node_sid_base: <int>

Node type MPLS configuration¶

TableYAML

Variable	Type	Required	Value Restrictions	Description
`<node_type_keys.key>`	Dictionary
`defaults`	Dictionary			Define variables for all nodes of this type.
`mpls_overlay_role`	String		Valid Values: - client - server - none	Set the default mpls overlay role. Acting role in overlay control plane.
`overlay_address_families`	List, items: String			Set the default overlay address families.
`- <str>`	String		Valid Values: - evpn - vpn-ipv4 - vpn-ipv6
`mpls_route_reflectors`	List, items: String			List of inventory hostname acting as MPLS route-reflectors.
`- <str>`	String			Inventory_hostname_of_mpls_route_reflectors.
`bgp_cluster_id`	String			Set BGP cluster id.
`node_groups`	List, items: Dictionary			Define variables related to all nodes part of this group.
`- group`	String	Required, Unique		The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’. The Node Group Name is also used for peer description on downstream switches’ uplinks.
`nodes`	List, items: Dictionary			Define variables per node.
`- name`	String	Required, Unique		The Node Name is used as “hostname”.
`mpls_overlay_role`	String		Valid Values: - client - server - none	Set the default mpls overlay role. Acting role in overlay control plane.
`overlay_address_families`	List, items: String			Set the default overlay address families.
`- <str>`	String		Valid Values: - evpn - vpn-ipv4 - vpn-ipv6
`mpls_route_reflectors`	List, items: String			List of inventory hostname acting as MPLS route-reflectors.
`- <str>`	String			Inventory_hostname_of_mpls_route_reflectors.
`bgp_cluster_id`	String			Set BGP cluster id.
`mpls_overlay_role`	String		Valid Values: - client - server - none	Set the default mpls overlay role. Acting role in overlay control plane.
`overlay_address_families`	List, items: String			Set the default overlay address families.
`- <str>`	String		Valid Values: - evpn - vpn-ipv4 - vpn-ipv6
`mpls_route_reflectors`	List, items: String			List of inventory hostname acting as MPLS route-reflectors.
`- <str>`	String			Inventory_hostname_of_mpls_route_reflectors.
`bgp_cluster_id`	String			Set BGP cluster id.
`nodes`	List, items: Dictionary			Define variables per node.
`- name`	String	Required, Unique		The Node Name is used as “hostname”.
`mpls_overlay_role`	String		Valid Values: - client - server - none	Set the default mpls overlay role. Acting role in overlay control plane.
`overlay_address_families`	List, items: String			Set the default overlay address families.
`- <str>`	String		Valid Values: - evpn - vpn-ipv4 - vpn-ipv6
`mpls_route_reflectors`	List, items: String			List of inventory hostname acting as MPLS route-reflectors.
`- <str>`	String			Inventory_hostname_of_mpls_route_reflectors.
`bgp_cluster_id`	String			Set BGP cluster id.

<node_type_keys.key>:
  defaults:
    mpls_overlay_role: <str>
    overlay_address_families:
      - <str>
    mpls_route_reflectors:
      - <str>
    bgp_cluster_id: <str>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          mpls_overlay_role: <str>
          overlay_address_families:
            - <str>
          mpls_route_reflectors:
            - <str>
          bgp_cluster_id: <str>
      mpls_overlay_role: <str>
      overlay_address_families:
        - <str>
      mpls_route_reflectors:
        - <str>
      bgp_cluster_id: <str>
  nodes:
    - name: <str>
      mpls_overlay_role: <str>
      overlay_address_families:
        - <str>
      mpls_route_reflectors:
        - <str>
      bgp_cluster_id: <str>

Node type PTP configuration¶

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`<node_type_keys.key>`	Dictionary
`defaults`	Dictionary				Define variables for all nodes of this type.
`ptp`	Dictionary
`enabled`	Boolean		`False`
`profile`	String		`aes67-r16-2016`	Valid Values: - aes67 - smpte2059-2 - aes67-r16-2016
`domain`	Integer		`127`	Min: 0 Max: 255
`priority1`	Integer			Min: 0 Max: 255	default -> automatically set based on node_type.
`priority2`	Integer			Min: 0 Max: 255	default -> (node_id modulus 256).
`auto_clock_identity`	Boolean		`True`		If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity. default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + “:00:” + (PTP priority 2 as HEX).
`clock_identity_prefix`	String				PTP clock idetentiy 3-byte prefix. i.e. “01:02:03”. By default the 3-byte prefix is “00:1C:73”. This can be overridden if auto_clock_identity is set to true (which is the default).
`clock_identity`	String				Set PTP clock identity manually. 6-byte value i.e. “01:02:03:04:05:06”.
`source_ip`	String				By default in EOS, PTP packets are sourced with an IP address from the routed port or from the relevant SVI, which is the recommended behaviour. This can be set manually if required, for example, to a value of “10.1.2.3”.
`ttl`	Integer
`forward_unicast`	Boolean		`False`		Enable PTP unicast forwarding.
`dscp`	Dictionary
`general_messages`	Integer
`event_messages`	Integer
`monitor`	Dictionary
`enabled`	Boolean		`True`
`threshold`	Dictionary
`offset_from_master`	Integer		`250`	Min: 0 Max: 1000000000
`mean_path_delay`	Integer		`1500`	Min: 0 Max: 1000000000
`drop`	Dictionary
`offset_from_master`	Integer			Min: 0 Max: 1000000000
`mean_path_delay`	Integer			Min: 0 Max: 1000000000
`missing_message`	Dictionary
`intervals`	Dictionary
`announce`	Integer			Min: 2 Max: 255
`follow_up`	Integer			Min: 2 Max: 255
`sync`	Integer			Min: 2 Max: 255
`sequence_ids`	Dictionary
`enabled`	Boolean		`True`
`announce`	Integer		`3`	Min: 2 Max: 255
`delay_resp`	Integer		`3`	Min: 2 Max: 255
`follow_up`	Integer		`3`	Min: 2 Max: 255
`sync`	Integer		`3`	Min: 2 Max: 255
`node_groups`	List, items: Dictionary				Define variables related to all nodes part of this group.
`- group`	String	Required, Unique			The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’. The Node Group Name is also used for peer description on downstream switches’ uplinks.
`nodes`	List, items: Dictionary				Define variables per node.
`- name`	String	Required, Unique			The Node Name is used as “hostname”.
`ptp`	Dictionary
`enabled`	Boolean		`False`
`profile`	String		`aes67-r16-2016`	Valid Values: - aes67 - smpte2059-2 - aes67-r16-2016
`domain`	Integer		`127`	Min: 0 Max: 255
`priority1`	Integer			Min: 0 Max: 255	default -> automatically set based on node_type.
`priority2`	Integer			Min: 0 Max: 255	default -> (node_id modulus 256).
`auto_clock_identity`	Boolean		`True`		If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity. default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + “:00:” + (PTP priority 2 as HEX).
`clock_identity_prefix`	String				PTP clock idetentiy 3-byte prefix. i.e. “01:02:03”. By default the 3-byte prefix is “00:1C:73”. This can be overridden if auto_clock_identity is set to true (which is the default).
`clock_identity`	String				Set PTP clock identity manually. 6-byte value i.e. “01:02:03:04:05:06”.
`source_ip`	String				By default in EOS, PTP packets are sourced with an IP address from the routed port or from the relevant SVI, which is the recommended behaviour. This can be set manually if required, for example, to a value of “10.1.2.3”.
`ttl`	Integer
`forward_unicast`	Boolean		`False`		Enable PTP unicast forwarding.
`dscp`	Dictionary
`general_messages`	Integer
`event_messages`	Integer
`monitor`	Dictionary
`enabled`	Boolean		`True`
`threshold`	Dictionary
`offset_from_master`	Integer		`250`	Min: 0 Max: 1000000000
`mean_path_delay`	Integer		`1500`	Min: 0 Max: 1000000000
`drop`	Dictionary
`offset_from_master`	Integer			Min: 0 Max: 1000000000
`mean_path_delay`	Integer			Min: 0 Max: 1000000000
`missing_message`	Dictionary
`intervals`	Dictionary
`announce`	Integer			Min: 2 Max: 255
`follow_up`	Integer			Min: 2 Max: 255
`sync`	Integer			Min: 2 Max: 255
`sequence_ids`	Dictionary
`enabled`	Boolean		`True`
`announce`	Integer		`3`	Min: 2 Max: 255
`delay_resp`	Integer		`3`	Min: 2 Max: 255
`follow_up`	Integer		`3`	Min: 2 Max: 255
`sync`	Integer		`3`	Min: 2 Max: 255
`ptp`	Dictionary
`enabled`	Boolean		`False`
`profile`	String		`aes67-r16-2016`	Valid Values: - aes67 - smpte2059-2 - aes67-r16-2016
`domain`	Integer		`127`	Min: 0 Max: 255
`priority1`	Integer			Min: 0 Max: 255	default -> automatically set based on node_type.
`priority2`	Integer			Min: 0 Max: 255	default -> (node_id modulus 256).
`auto_clock_identity`	Boolean		`True`		If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity. default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + “:00:” + (PTP priority 2 as HEX).
`clock_identity_prefix`	String				PTP clock idetentiy 3-byte prefix. i.e. “01:02:03”. By default the 3-byte prefix is “00:1C:73”. This can be overridden if auto_clock_identity is set to true (which is the default).
`clock_identity`	String				Set PTP clock identity manually. 6-byte value i.e. “01:02:03:04:05:06”.
`source_ip`	String				By default in EOS, PTP packets are sourced with an IP address from the routed port or from the relevant SVI, which is the recommended behaviour. This can be set manually if required, for example, to a value of “10.1.2.3”.
`ttl`	Integer
`forward_unicast`	Boolean		`False`		Enable PTP unicast forwarding.
`dscp`	Dictionary
`general_messages`	Integer
`event_messages`	Integer
`monitor`	Dictionary
`enabled`	Boolean		`True`
`threshold`	Dictionary
`offset_from_master`	Integer		`250`	Min: 0 Max: 1000000000
`mean_path_delay`	Integer		`1500`	Min: 0 Max: 1000000000
`drop`	Dictionary
`offset_from_master`	Integer			Min: 0 Max: 1000000000
`mean_path_delay`	Integer			Min: 0 Max: 1000000000
`missing_message`	Dictionary
`intervals`	Dictionary
`announce`	Integer			Min: 2 Max: 255
`follow_up`	Integer			Min: 2 Max: 255
`sync`	Integer			Min: 2 Max: 255
`sequence_ids`	Dictionary
`enabled`	Boolean		`True`
`announce`	Integer		`3`	Min: 2 Max: 255
`delay_resp`	Integer		`3`	Min: 2 Max: 255
`follow_up`	Integer		`3`	Min: 2 Max: 255
`sync`	Integer		`3`	Min: 2 Max: 255
`nodes`	List, items: Dictionary				Define variables per node.
`- name`	String	Required, Unique			The Node Name is used as “hostname”.
`ptp`	Dictionary
`enabled`	Boolean		`False`
`profile`	String		`aes67-r16-2016`	Valid Values: - aes67 - smpte2059-2 - aes67-r16-2016
`domain`	Integer		`127`	Min: 0 Max: 255
`priority1`	Integer			Min: 0 Max: 255	default -> automatically set based on node_type.
`priority2`	Integer			Min: 0 Max: 255	default -> (node_id modulus 256).
`auto_clock_identity`	Boolean		`True`		If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity. default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + “:00:” + (PTP priority 2 as HEX).
`clock_identity_prefix`	String				PTP clock idetentiy 3-byte prefix. i.e. “01:02:03”. By default the 3-byte prefix is “00:1C:73”. This can be overridden if auto_clock_identity is set to true (which is the default).
`clock_identity`	String				Set PTP clock identity manually. 6-byte value i.e. “01:02:03:04:05:06”.
`source_ip`	String				By default in EOS, PTP packets are sourced with an IP address from the routed port or from the relevant SVI, which is the recommended behaviour. This can be set manually if required, for example, to a value of “10.1.2.3”.
`ttl`	Integer
`forward_unicast`	Boolean		`False`		Enable PTP unicast forwarding.
`dscp`	Dictionary
`general_messages`	Integer
`event_messages`	Integer
`monitor`	Dictionary
`enabled`	Boolean		`True`
`threshold`	Dictionary
`offset_from_master`	Integer		`250`	Min: 0 Max: 1000000000
`mean_path_delay`	Integer		`1500`	Min: 0 Max: 1000000000
`drop`	Dictionary
`offset_from_master`	Integer			Min: 0 Max: 1000000000
`mean_path_delay`	Integer			Min: 0 Max: 1000000000
`missing_message`	Dictionary
`intervals`	Dictionary
`announce`	Integer			Min: 2 Max: 255
`follow_up`	Integer			Min: 2 Max: 255
`sync`	Integer			Min: 2 Max: 255
`sequence_ids`	Dictionary
`enabled`	Boolean		`True`
`announce`	Integer		`3`	Min: 2 Max: 255
`delay_resp`	Integer		`3`	Min: 2 Max: 255
`follow_up`	Integer		`3`	Min: 2 Max: 255
`sync`	Integer		`3`	Min: 2 Max: 255

<node_type_keys.key>:
  defaults:
    ptp:
      enabled: <bool>
      profile: <str>
      domain: <int>
      priority1: <int>
      priority2: <int>
      auto_clock_identity: <bool>
      clock_identity_prefix: <str>
      clock_identity: <str>
      source_ip: <str>
      ttl: <int>
      forward_unicast: <bool>
      dscp:
        general_messages: <int>
        event_messages: <int>
      monitor:
        enabled: <bool>
        threshold:
          offset_from_master: <int>
          mean_path_delay: <int>
          drop:
            offset_from_master: <int>
            mean_path_delay: <int>
        missing_message:
          intervals:
            announce: <int>
            follow_up: <int>
            sync: <int>
          sequence_ids:
            enabled: <bool>
            announce: <int>
            delay_resp: <int>
            follow_up: <int>
            sync: <int>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          ptp:
            enabled: <bool>
            profile: <str>
            domain: <int>
            priority1: <int>
            priority2: <int>
            auto_clock_identity: <bool>
            clock_identity_prefix: <str>
            clock_identity: <str>
            source_ip: <str>
            ttl: <int>
            forward_unicast: <bool>
            dscp:
              general_messages: <int>
              event_messages: <int>
            monitor:
              enabled: <bool>
              threshold:
                offset_from_master: <int>
                mean_path_delay: <int>
                drop:
                  offset_from_master: <int>
                  mean_path_delay: <int>
              missing_message:
                intervals:
                  announce: <int>
                  follow_up: <int>
                  sync: <int>
                sequence_ids:
                  enabled: <bool>
                  announce: <int>
                  delay_resp: <int>
                  follow_up: <int>
                  sync: <int>
      ptp:
        enabled: <bool>
        profile: <str>
        domain: <int>
        priority1: <int>
        priority2: <int>
        auto_clock_identity: <bool>
        clock_identity_prefix: <str>
        clock_identity: <str>
        source_ip: <str>
        ttl: <int>
        forward_unicast: <bool>
        dscp:
          general_messages: <int>
          event_messages: <int>
        monitor:
          enabled: <bool>
          threshold:
            offset_from_master: <int>
            mean_path_delay: <int>
            drop:
              offset_from_master: <int>
              mean_path_delay: <int>
          missing_message:
            intervals:
              announce: <int>
              follow_up: <int>
              sync: <int>
            sequence_ids:
              enabled: <bool>
              announce: <int>
              delay_resp: <int>
              follow_up: <int>
              sync: <int>
  nodes:
    - name: <str>
      ptp:
        enabled: <bool>
        profile: <str>
        domain: <int>
        priority1: <int>
        priority2: <int>
        auto_clock_identity: <bool>
        clock_identity_prefix: <str>
        clock_identity: <str>
        source_ip: <str>
        ttl: <int>
        forward_unicast: <bool>
        dscp:
          general_messages: <int>
          event_messages: <int>
        monitor:
          enabled: <bool>
          threshold:
            offset_from_master: <int>
            mean_path_delay: <int>
            drop:
              offset_from_master: <int>
              mean_path_delay: <int>
          missing_message:
            intervals:
              announce: <int>
              follow_up: <int>
              sync: <int>
            sequence_ids:
              enabled: <bool>
              announce: <int>
              delay_resp: <int>
              follow_up: <int>
              sync: <int>

Default interface settings¶

Set default uplink, downlink, and MLAG interfaces, which will be used if these interfaces are not defined on a device (either directly or through inheritance).
These are defined based on the combination of node_type (e.g., l3leaf or spine) and a regex for matching the platform.
A list of interfaces or interface ranges can be specified.
Each list item supports range syntax that can be expanded into a list of interfaces. Interface range examples:
- Ethernet49-52/1: Expands to [ Ethernet49/1, Ethernet50/1, Ethernet51/1, Ethernet52/1 ]
- Ethernet1/31-34/1: Expands to [ Ethernet1/31/1, Ethernet1/32/1, Ethernet1/33/1, Ethernet1/34/1 ]
- Ethernet49-50,53-54: Expands to [ Ethernet49, Ethernet50, Ethernet53, Ethernet54 ]
- Ethernet1-2/1-4: Expands to [ Ethernet1/1, Ethernet1/2, Ethernet1/3, Ethernet1/4, Ethernet2/1, Ethernet2/2, Ethernet2/3, Ethernet2/4 ]
uplink_interfaces and mlag_interfaces under default_interfaces are directly inherited by uplink_interfaces and mlag_interfaces.
downlink_interfaces are referenced by the child switch (e.g., the leaf in a leaf/spine network). The child switch leverages an upstream switch’s default_downlink_interfaces using the child switch ID. This is then used to build uplink_switch_interfaces for that child.
- In the case of max_parallel_uplinks > 1 the default_downlink_interfaces are mapped with consecutive downlinks per child ID.
- Example for max_parallel_uplinks: 2, downlink interfaces will be mapped as [ <downlink1 to leaf-id1>, <downlink2 to leaf-id1>, <downlink1 to leaf-id2>, <downlink2 to leaf-id2> ...]
Please note that no default interfaces are defined in AVD itself. You will need to create your own based on the example below.

Default interfaces example

default_interfaces:
  - types: [ spine, l3leaf ]
    platforms: [ "7050[SC]X3", vEOS.*, default ]
    uplink_interfaces: [ Ethernet49-54/1 ]
    mlag_interfaces: [ Ethernet55-56/1 ]
    downlink_interfaces: [ Ethernet1-32/1 ]

TableYAML

Variable	Type	Required	Description
`default_interfaces`	List, items: Dictionary		Default uplink, downlink, and MLAG interfaces, which will be used if these interfaces are not defined on a device (either directly or through inheritance).
`- types`	List, items: String	Required	List of node type keys.
`- <str>`	String
`platforms`	List, items: String	Required	List of platform families. This is defined as a Python regular expression that matches the full platform type.
`- <str>`	String		Arista platform family regular expression.
`uplink_interfaces`	List, items: String		List of uplink interfaces or uplink interface ranges.
`- <str>`	String		Interface range or interface.
`mlag_interfaces`	List, items: String		List of MLAG interfaces or MLAG interface ranges.
`- <str>`	String		Interface range or interface.
`downlink_interfaces`	List, items: String		List of downlink interfaces or downlink interface ranges.
`- <str>`	String		Interface range or interface.

default_interfaces:
  - types:
      - <str>
    platforms:
      - <str>
    uplink_interfaces:
      - <str>
    mlag_interfaces:
      - <str>
    downlink_interfaces:
      - <str>

L3 edge and DCI settings¶

The l3_edge data model can be used to configure extra L3 P2P links anywhere in the fabric. It can be between two switches that are already part of the fabric inventory, or it can be towards another device, where only one end of the link is on a switch in the fabric.

The data model supports using IP pools, Subnet per link, specifying the IP addresses manually or using ipv6 with rfc5549. One of these options must be set. For BGP peerings the AS number must be specified. If the AS number is different than the AS number configured for the node, the local-as will be replaced on this BGP peering (neighbor <ip> local-as <as> no-prepend replace-as).

Make sure to configure the variables in a group_vars file covering all devices mentioned in the data model.

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`l3_edge`	Dictionary
`p2p_links_ip_pools`	List, items: Dictionary
`- name`	String	Required, Unique			P2P pool name.
`ipv4_pool`	String				IPv4 address/Mask.
`prefix_size`	Integer		`31`	Min: 8 Max: 31	Subnet mask size.
`p2p_links_profiles`	List, items: Dictionary
`- name`	String	Required, Unique			P2P profile name. Any variable supported under p2p_links can be inherited from a profile.
`id`	Integer				Unique id per subnet_summary. Used to calculate ip addresses. Required with ip_pool. ID starting from 1.
`speed`	String				The values can be speed or auto speed or forced speed.
`ip_pool`	String				P2P pool name. IP Pool defined under p2p_links_ip_pools. A /31 will be taken from the pool per P2P link.
`subnet`	String				IPv4 address/Mask. Subnet used on this P2P link.
`ip`	List, items: String				Specific IP addresses used on this P2P link.
`- <str>`	String				Node IPv4 address/Mask.
`ipv6_enable`	Boolean		`False`		Allows turning on ipv6 for the link or profile (also autodetected based on underlay_rfc5549 and include_in_underlay_protocol).
`nodes`	List, items: String				Nodes where this link should be configured.
`- <str>`	String				The values can be < node_a >, < node_b >. ex.- [ core-1-isis-sr-ldp, core-2-ospf-ldp ].
`interfaces`	List, items: String				Interfaces where this link should be configured and Required unless using port-channels.
`- <str>`	String				The value can be like < node_a_interface >, < node_b_interface >. ex. - [ Ethernet2, Ethernet2 ].
`as`	List, items: String				AS numbers for BGP. Required with bgp peering.
`- <str>`	String				The values can be like [“node_a_as”, “node_b_as”].
`descriptions`	List, items: String				Interface description.
`- <str>`	String
`include_in_underlay_protocol`	Boolean		`True`		Add this interface to underlay routing protocol.
`isis_hello_padding`	Boolean		`False`
`isis_metric`	Integer
`isis_circuit_type`	String			Valid Values: - level-1 - level-2 - level-1-2
`isis_authentication_mode`	String			Valid Values: - md5 - text
`isis_authentication_key`	String				Type-7 encrypted password.
`mpls_ip`	Boolean				MPLS parameters. Default value is true if switch.mpls_lsr is true.
`mpls_ldp`	Boolean				MPLS parameters. Default value is true for ldp underlay variants, otherwise false.
`mtu`	Integer				MTU for this P2P link. Default value same as p2p_uplinks_mtu.
`bfd`	Boolean		`False`		Enable BFD (only considered for BGP).
`ptp`	Dictionary				PTP parameters.
`enabled`	Boolean		`False`		Enable PTP.
`qos_profile`	String				QOS service profile.
`macsec_profile`	String				MAC security profile.
`port_channel`	Dictionary				Port-channel parameters.
`mode`	String		`active`
`nodes_child_interfaces`	List, items: Dictionary
`- node`	String	Required, Unique
`interfaces`	List, items: String				List of node interfaces. Ex.- [ ‘node1 interface1’, ‘node1 interface2’ ].
`- <str>`	String
`raw_eos_cli`	String				EOS CLI rendered directly on the point-to-point interface in the final EOS configuration.
`p2p_links`	List, items: Dictionary
`- nodes`	List, items: String	Required			Nodes where this link should be configured.
`- <str>`	String				The values can be < node_a >, < node_b >. ex.- [ core-1-isis-sr-ldp, core-2-ospf-ldp ].
`profile`	String				P2P profile name. Profile defined under p2p_profiles.
`id`	Integer				Unique id per subnet_summary. Used to calculate ip addresses. Required with ip_pool. ID starting from 1.
`speed`	String				The values can be speed or auto speed or forced speed.
`ip_pool`	String				P2P pool name. IP Pool defined under p2p_links_ip_pools. A /31 will be taken from the pool per P2P link.
`subnet`	String				IPv4 address/Mask. Subnet used on this P2P link.
`ip`	List, items: String				Specific IP addresses used on this P2P link.
`- <str>`	String				Node IPv4 address/Mask.
`ipv6_enable`	Boolean		`False`		Allows turning on ipv6 for the link or profile (also autodetected based on underlay_rfc5549 and include_in_underlay_protocol).
`interfaces`	List, items: String				Interfaces where this link should be configured and Required unless using port-channels.
`- <str>`	String				The value can be like < node_a_interface >, < node_b_interface >. ex. - [ Ethernet2, Ethernet2 ].
`as`	List, items: String				AS numbers for BGP. Required with bgp peering.
`- <str>`	String				The values can be like [“node_a_as”, “node_b_as”].
`descriptions`	List, items: String				Interface description.
`- <str>`	String
`include_in_underlay_protocol`	Boolean		`True`		Add this interface to underlay routing protocol.
`isis_hello_padding`	Boolean		`False`
`isis_metric`	Integer
`isis_circuit_type`	String			Valid Values: - level-1 - level-2 - level-1-2
`isis_authentication_mode`	String			Valid Values: - md5 - text
`isis_authentication_key`	String				Type-7 encrypted password.
`mpls_ip`	Boolean				MPLS parameters. Default value is true if switch.mpls_lsr is true.
`mpls_ldp`	Boolean				MPLS parameters. Default value is true for ldp underlay variants, otherwise false.
`mtu`	Integer				MTU for this P2P link. Default value same as p2p_uplinks_mtu.
`bfd`	Boolean		`False`		Enable BFD (only considered for BGP).
`ptp`	Dictionary				PTP parameters.
`enabled`	Boolean		`False`		Enable PTP.
`qos_profile`	String				QOS service profile.
`macsec_profile`	String				MAC security profile.
`port_channel`	Dictionary				Port-channel parameters.
`mode`	String		`active`
`nodes_child_interfaces`	List, items: Dictionary
`- node`	String	Required, Unique
`interfaces`	List, items: String				List of node interfaces. Ex.- [ ‘node1 interface1’, ‘node1 interface2’ ].
`- <str>`	String
`raw_eos_cli`	String				EOS CLI rendered directly on the point-to-point interface in the final EOS configuration.

l3_edge:
  p2p_links_ip_pools:
    - name: <str>
      ipv4_pool: <str>
      prefix_size: <int>
  p2p_links_profiles:
    - name: <str>
      id: <int>
      speed: <str>
      ip_pool: <str>
      subnet: <str>
      ip:
        - <str>
      ipv6_enable: <bool>
      nodes:
        - <str>
      interfaces:
        - <str>
      as:
        - <str>
      descriptions:
        - <str>
      include_in_underlay_protocol: <bool>
      isis_hello_padding: <bool>
      isis_metric: <int>
      isis_circuit_type: <str>
      isis_authentication_mode: <str>
      isis_authentication_key: <str>
      mpls_ip: <bool>
      mpls_ldp: <bool>
      mtu: <int>
      bfd: <bool>
      ptp:
        enabled: <bool>
      qos_profile: <str>
      macsec_profile: <str>
      port_channel:
        mode: <str>
        nodes_child_interfaces:
          - node: <str>
            interfaces:
              - <str>
      raw_eos_cli: <str>
  p2p_links:
    - nodes:
        - <str>
      profile: <str>
      id: <int>
      speed: <str>
      ip_pool: <str>
      subnet: <str>
      ip:
        - <str>
      ipv6_enable: <bool>
      interfaces:
        - <str>
      as:
        - <str>
      descriptions:
        - <str>
      include_in_underlay_protocol: <bool>
      isis_hello_padding: <bool>
      isis_metric: <int>
      isis_circuit_type: <str>
      isis_authentication_mode: <str>
      isis_authentication_key: <str>
      mpls_ip: <bool>
      mpls_ldp: <bool>
      mtu: <int>
      bfd: <bool>
      ptp:
        enabled: <bool>
      qos_profile: <str>
      macsec_profile: <str>
      port_channel:
        mode: <str>
        nodes_child_interfaces:
          - node: <str>
            interfaces:
              - <str>
      raw_eos_cli: <str>

Core interfaces settings¶

The core_interfaces data model can be used to configure L3 P2P links anywhere in the fabric. It can be between two switches that are already part of the fabric inventory, or it can be towards another device, where only one end of the link is on a switch in the fabric.

The data model supports using IP pools, Subnet per link or specifying the IP addresses manually. For BGP peerings the AS number must be specified. If the AS number is different than the AS number configured for the node, the local-as will be replaced on this BGP peering (neighbor <ip> local-as <as> no-prepend replace-as).

Make sure to configure the variables in a group_vars file covering all devices mentioned in the data model.

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`core_interfaces`	Dictionary
`p2p_links_ip_pools`	List, items: Dictionary
`- name`	String	Required, Unique			P2P pool name.
`ipv4_pool`	String				IPv4 address/Mask.
`prefix_size`	Integer		`31`	Min: 8 Max: 31	Subnet mask size.
`p2p_links_profiles`	List, items: Dictionary
`- name`	String	Required, Unique			P2P profile name. Any variable supported under p2p_links can be inherited from a profile.
`id`	Integer				Unique id per subnet_summary. Used to calculate ip addresses. Required with ip_pool. ID starting from 1.
`speed`	String				The values can be speed or auto speed or forced speed.
`ip_pool`	String				P2P pool name. IP Pool defined under p2p_links_ip_pools. A /31 will be taken from the pool per P2P link.
`subnet`	String				IPv4 address/Mask. Subnet used on this P2P link.
`ip`	List, items: String				Specific IP addresses used on this P2P link.
`- <str>`	String				Node IPv4 address/Mask.
`ipv6_enable`	Boolean		`False`		Allows turning on ipv6 for the link or profile (also autodetected based on underlay_rfc5549 and include_in_underlay_protocol).
`nodes`	List, items: String				Nodes where this link should be configured.
`- <str>`	String				The values can be < node_a >, < node_b >. ex.- [ core-1-isis-sr-ldp, core-2-ospf-ldp ].
`interfaces`	List, items: String				Interfaces where this link should be configured and Required unless using port-channels.
`- <str>`	String				The value can be like < node_a_interface >, < node_b_interface >. ex. - [ Ethernet2, Ethernet2 ].
`as`	List, items: String				AS numbers for BGP. Required with bgp peering.
`- <str>`	String				The values can be like [“node_a_as”, “node_b_as”].
`descriptions`	List, items: String				Interface description.
`- <str>`	String
`include_in_underlay_protocol`	Boolean		`True`		Add this interface to underlay routing protocol.
`isis_hello_padding`	Boolean		`False`
`isis_metric`	Integer
`isis_circuit_type`	String			Valid Values: - level-1 - level-2 - level-1-2
`isis_authentication_mode`	String			Valid Values: - md5 - text
`isis_authentication_key`	String				Type-7 encrypted password.
`mpls_ip`	Boolean				MPLS parameters. Default value is true if switch.mpls_lsr is true.
`mpls_ldp`	Boolean				MPLS parameters. Default value is true for ldp underlay variants, otherwise false.
`mtu`	Integer				MTU for this P2P link. Default value same as p2p_uplinks_mtu.
`bfd`	Boolean		`False`		Enable BFD (only considered for BGP).
`ptp`	Dictionary				PTP parameters.
`enabled`	Boolean		`False`		Enable PTP.
`qos_profile`	String				QOS service profile.
`macsec_profile`	String				MAC security profile.
`port_channel`	Dictionary				Port-channel parameters.
`mode`	String		`active`
`nodes_child_interfaces`	List, items: Dictionary
`- node`	String	Required, Unique
`interfaces`	List, items: String				List of node interfaces. Ex.- [ ‘node1 interface1’, ‘node1 interface2’ ].
`- <str>`	String
`raw_eos_cli`	String				EOS CLI rendered directly on the point-to-point interface in the final EOS configuration.
`p2p_links`	List, items: Dictionary
`- nodes`	List, items: String	Required			Nodes where this link should be configured.
`- <str>`	String				The values can be < node_a >, < node_b >. ex.- [ core-1-isis-sr-ldp, core-2-ospf-ldp ].
`profile`	String				P2P profile name. Profile defined under p2p_profiles.
`id`	Integer				Unique id per subnet_summary. Used to calculate ip addresses. Required with ip_pool. ID starting from 1.
`speed`	String				The values can be speed or auto speed or forced speed.
`ip_pool`	String				P2P pool name. IP Pool defined under p2p_links_ip_pools. A /31 will be taken from the pool per P2P link.
`subnet`	String				IPv4 address/Mask. Subnet used on this P2P link.
`ip`	List, items: String				Specific IP addresses used on this P2P link.
`- <str>`	String				Node IPv4 address/Mask.
`ipv6_enable`	Boolean		`False`		Allows turning on ipv6 for the link or profile (also autodetected based on underlay_rfc5549 and include_in_underlay_protocol).
`interfaces`	List, items: String				Interfaces where this link should be configured and Required unless using port-channels.
`- <str>`	String				The value can be like < node_a_interface >, < node_b_interface >. ex. - [ Ethernet2, Ethernet2 ].
`as`	List, items: String				AS numbers for BGP. Required with bgp peering.
`- <str>`	String				The values can be like [“node_a_as”, “node_b_as”].
`descriptions`	List, items: String				Interface description.
`- <str>`	String
`include_in_underlay_protocol`	Boolean		`True`		Add this interface to underlay routing protocol.
`isis_hello_padding`	Boolean		`False`
`isis_metric`	Integer
`isis_circuit_type`	String			Valid Values: - level-1 - level-2 - level-1-2
`isis_authentication_mode`	String			Valid Values: - md5 - text
`isis_authentication_key`	String				Type-7 encrypted password.
`mpls_ip`	Boolean				MPLS parameters. Default value is true if switch.mpls_lsr is true.
`mpls_ldp`	Boolean				MPLS parameters. Default value is true for ldp underlay variants, otherwise false.
`mtu`	Integer				MTU for this P2P link. Default value same as p2p_uplinks_mtu.
`bfd`	Boolean		`False`		Enable BFD (only considered for BGP).
`ptp`	Dictionary				PTP parameters.
`enabled`	Boolean		`False`		Enable PTP.
`qos_profile`	String				QOS service profile.
`macsec_profile`	String				MAC security profile.
`port_channel`	Dictionary				Port-channel parameters.
`mode`	String		`active`
`nodes_child_interfaces`	List, items: Dictionary
`- node`	String	Required, Unique
`interfaces`	List, items: String				List of node interfaces. Ex.- [ ‘node1 interface1’, ‘node1 interface2’ ].
`- <str>`	String
`raw_eos_cli`	String				EOS CLI rendered directly on the point-to-point interface in the final EOS configuration.

core_interfaces:
  p2p_links_ip_pools:
    - name: <str>
      ipv4_pool: <str>
      prefix_size: <int>
  p2p_links_profiles:
    - name: <str>
      id: <int>
      speed: <str>
      ip_pool: <str>
      subnet: <str>
      ip:
        - <str>
      ipv6_enable: <bool>
      nodes:
        - <str>
      interfaces:
        - <str>
      as:
        - <str>
      descriptions:
        - <str>
      include_in_underlay_protocol: <bool>
      isis_hello_padding: <bool>
      isis_metric: <int>
      isis_circuit_type: <str>
      isis_authentication_mode: <str>
      isis_authentication_key: <str>
      mpls_ip: <bool>
      mpls_ldp: <bool>
      mtu: <int>
      bfd: <bool>
      ptp:
        enabled: <bool>
      qos_profile: <str>
      macsec_profile: <str>
      port_channel:
        mode: <str>
        nodes_child_interfaces:
          - node: <str>
            interfaces:
              - <str>
      raw_eos_cli: <str>
  p2p_links:
    - nodes:
        - <str>
      profile: <str>
      id: <int>
      speed: <str>
      ip_pool: <str>
      subnet: <str>
      ip:
        - <str>
      ipv6_enable: <bool>
      interfaces:
        - <str>
      as:
        - <str>
      descriptions:
        - <str>
      include_in_underlay_protocol: <bool>
      isis_hello_padding: <bool>
      isis_metric: <int>
      isis_circuit_type: <str>
      isis_authentication_mode: <str>
      isis_authentication_key: <str>
      mpls_ip: <bool>
      mpls_ldp: <bool>
      mtu: <int>
      bfd: <bool>
      ptp:
        enabled: <bool>
      qos_profile: <str>
      macsec_profile: <str>
      port_channel:
        mode: <str>
        nodes_child_interfaces:
          - node: <str>
            interfaces:
              - <str>
      raw_eos_cli: <str>

Flagging a device as not deployed¶

It is possible to provision configurations for a complete topology but flag devices as undeployed using the host level variable is_deployed: false.
By default, this will have no impact within the eos_designs role. Configs will still be generated by the eos_cli_config_gen role and will still be pushed by the eos_config_deploy_eapi directly to devices if used.
However, if the eos_config_deploy_cvp role is used to push configurations, CloudVision will ignore the devices flagged as is_deployed: false and not attempt to configure them.
If the device is not present in the network due to CloudVision not configuring the device, eos_validate_state role will fail lldp_toplogy and interface tests on peers of the undeployed device trying to verify that interfaces are up.
To overcome this and shutdown interfaces towards undeployed peers, the variable shutdown_interfaces_towards_undeployed_peers can be used, satisfying the eos_validate_state role interface and lldp_topology tests. Again, this is only an issue if eos_config_deploy_cvp is used and the devices are not present in the network.

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`is_deployed`	Boolean		`True`		Is device already deployed in the fabric. When set to false, interfaces toward this device may be shutdown depending on the `shutdown_interfaces_towards_undeployed_peers` setting. Furthermore `eos_config_deploy_cvp` will not attempt to move or apply configurations to the device.

is_deployed: <bool>

Fabric settings¶

The following underlay routing protocols are supported:

EBGP (default for l3ls-evpn)
OSPF.
ISIS.
ISIS-SR*.
ISIS-LDP*.
ISIS-SR-LDP*.
OSPF-LDP*.
none**.

* Only supported with core_interfaces data model.
** For use with design type “l2ls” or other designs where there is no requirement for a routing protocol for underlay and/or overlay on l3 devices.

Details on enable_trunk_groups

Enabling the use of trunk groups will change the behavior of several components in AVD.

Changes:

Requires Trunk Groups to be defined on all trunks towards connected endpoints
MLAG Trunk Group will be configured on all vlans on MLAG switches
Use Trunk Groups for uplinks to L2 switches instead of “switchport trunk allow vlan” lists.
- On the parent switch a Trunk Group with the name of the L2 switch will be assigned on all vlans that are allowed towards the L2 switch.
- The port-channel towards the L2 switch will be assigned to this trunk group only
- Add UPLINK Trunk Group to all vlans on the L2 Switch and assign this to the uplink port-channel

Figure: Enable Trunk Groups

While it is recommended for consistency to set enable_trunk_groups for all devices in the fabric, it can also be set in group_vars or host_vars since trunk-groups are only local to a switch.

Warning

Because of the nature of the EOS Trunk Group feature, enabling this is “all or nothing”. All vlans and all trunks towards connected endpoints must be using trunk groups as well. If trunk groups are not assigned to a trunk, no vlans will be enabled on that trunk.

Details on only_local_vlan_trunk_groups

Enabling this feature will prevent unneeded trunk groups from being configured on vlans.

Using the figure under Details on enable_trunk_groups as basis enabling with feature would remove the unmatched trunk groups like this:

Figure: Enable only_local_vlan_trunk_groups

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`enable_trunk_groups`	Boolean		`False`		Enable Trunk Group support across eos_designs. Warning: Because of the nature of the EOS Trunk Group feature, enabling this is “all or nothing”. All vlans and all trunks towards connected endpoints must be using trunk groups as well. If trunk groups are not assigned to a trunk, no vlans will be enabled on that trunk. See “Details on enable_trunk_groups” below before enabling this feature.
`only_local_vlan_trunk_groups`	Boolean		`False`		A vlan can have many trunk_groups assigned. To avoid unneeded configuration changes on all leaf switches when a new trunk group is added, this feature will only configure the vlan trunk groups matched with local connected_endpoints. See “Details on only_local_vlan_trunk_groups” below. Requires “enable_trunk_groups: true”.
`p2p_uplinks_mtu`	Integer		`9214`	Min: 68 Max: 65535	Point to Point Links MTU.
`p2p_uplinks_qos_profile`	String				QOS Profile assigned on all infrastructure links.
`shutdown_interfaces_towards_undeployed_peers`	Boolean		`False`		- It is possible to provision configurations for a complete topology but flag devices as undeployed using the host level variable `is_deployed: false`. `yaml<br># Use at the host level<br>is_deployed: < true or false or default -> true ><br>` - By default, this will have no impact within the `eos_designs` role. Configs will still be generated by the `eos_cli_config_gen` role and will still be pushed by the `eos_config_deploy_eapi` directly to devices if used. - However, if the `eos_config_deploy_cvp` role is used to push configurations, CloudVision will ignore the devices flagged as `is_deployed: false` and not attempt to configure them. - If the device is not present in the network due to CloudVision not configuring the device, `eos_validate_state` role will fail tests on peers of the undeployed device trying to verify that interfaces are up. - To overcome this and shutdown interfaces towards undeployed peers, the variable `shutdown_interfaces_towards_undeployed_peers` can be used, satisfying the `eos_validate_state` role interface tests. - Again, this is only an issue if `eos_config_deploy_cvp` is used and the devices are not present in the network.
`trunk_groups`	Dictionary
`mlag`	Dictionary				Trunk Group used for MLAG VLAN (Typically VLAN 4094).
`name`	String		`MLAG`
`mlag_l3`	Dictionary				Trunk Group used for MLAG L3 peering VLAN and for VRF L3 peering VLANs (Typically VLAN 4093).
`name`	String		`LEAF_PEER_L3`
`uplink`	Dictionary				Trunk Group used on L2 Leaf switches when “enable_trunk_groups” is set.
`name`	String		`UPLINK`
`underlay_filter_peer_as`	Boolean		`False`		Configure route-map on eBGP sessions towards underlay peers, where prefixes with the peer’s ASN in the AS Path are filtered away. This is very useful in very large scale networks not using EVPN overlays, where convergence will be quicker by not having to return all updates received from Spine-1 to Spine-2 just for Spine-2 to throw them away because of AS Path loop detection. Note this key is ignored when EVPN is configured.
`underlay_filter_redistribute_connected`	Boolean		`True`		Filter redistribution of connected into the underlay routing protocol. Only applicable when overlay_routing_protocol != ‘none’ and underlay_routing_protocol == BGP. Creates a route-map and prefix-list assigned to redistribute connected permitting only loopbacks and inband management subnets.
`underlay_ipv6`	Boolean		`False`		This feature allows IPv6 underlay routing protocol with RFC5549 addresses to be used along with IPv4 advertisements as VXLAN tunnel endpoints. Requires “underlay_rfc5549: true” and “loopback_ipv6_pool” under the node type settings.
`underlay_multicast`	Boolean		`False`		Enable Multicast in the underlay on all p2p uplink interfaces and mlag l3 peer interface. Specifically PIM Sparse-Mode will be configured on all routed underlay interfaces. No other configuration is added, so the underlay will only support Source-Specific Multicast (SSM). The configuration is intended to be used as multicast underlay for EVPN OISM overlay.
`underlay_multicast_anycast_rp`	Dictionary				If multiple nodes are configured under ‘underlay_multicast_rps.[].nodes’ for the same RP address, they will be configured with one of the following methods: - Anycast RP using PIM (RFC4610). - Anycast RP using MSDP (RFC4611). NOTE: When using MSDP, all nodes across all MSDP enabled RPs will be added to a single MSDP mesh group named “ANYCAST-RP”.
`mode`	String		`pim`	Valid Values: - pim - msdp
`underlay_multicast_rps`	List, items: Dictionary				List of PIM Sparse-Mode Rendevouz Points configured for underlay multicast on all devices. The device(s) listed under ‘nodes’, will be configured as the Rendevouz point router(s). If multiple nodes are configured under ‘nodes’ for the same RP address, they will be configured according to the ‘underlay_multicast_anycast_rp.mode’ setting. Requires ‘underlay_multicast: true’.
`- rp`	String	Required, Unique			RP IPv4 address.
`nodes`	List, items: Dictionary				List of nodes where a Loopback interface with the RP address will be configured.
`- name`	String	Required, Unique			Hostname.
`loopback_number`	Integer	Required
`description`	String		`PIM RP`		Interface description.
`groups`	List, items: String				List of groups to associate with the RP address set in ‘rp’. If access_list_name is set, a standard access-list will be configured matching these groups. Otherwise the groups are configured directly on the RP command.
`- <str>`	String				Multicast Group IPv4 prefix/mask.
`access_list_name`	String				Name of standard Access-List.
`underlay_rfc5549`	Boolean		`False`		Point to Point Underlay with RFC 5549(eBGP), i.e. IPv6 Unnumbered. Requires “underlay_routing_protocol: ebgp”.
`underlay_routing_protocol`	String			Value is converted to lower case Valid Values: - ebgp - ospf - isis - isis-sr - isis-ldp - isis-sr-ldp - ospf-ldp	- The following underlay routing protocols are supported: - EBGP (default for l3ls-evpn) - OSPF. - ISIS. - ISIS-SR. - ISIS-LDP. - ISIS-SR-LDP. - OSPF-LDP. - The variables should be applied to all devices in the fabric. *Only supported with core_interfaces data model.
`uplink_ptp`	Dictionary				Enable PTP on all infrastructure links.
`enable`	Boolean		`False`

enable_trunk_groups: <bool>
only_local_vlan_trunk_groups: <bool>
p2p_uplinks_mtu: <int>
p2p_uplinks_qos_profile: <str>
shutdown_interfaces_towards_undeployed_peers: <bool>
trunk_groups:
  mlag:
    name: <str>
  mlag_l3:
    name: <str>
  uplink:
    name: <str>
underlay_filter_peer_as: <bool>
underlay_filter_redistribute_connected: <bool>
underlay_ipv6: <bool>
underlay_multicast: <bool>
underlay_multicast_anycast_rp:
  mode: <str>
underlay_multicast_rps:
  - rp: <str>
    nodes:
      - name: <str>
        loopback_number: <int>
        description: <str>
    groups:
      - <str>
    access_list_name: <str>
underlay_rfc5549: <bool>
underlay_routing_protocol: <str>
uplink_ptp:
  enable: <bool>

Management interface settings¶

TableYAML

Variable	Type	Default	Description
`mgmt_destination_networks`	List, items: String		List of IPv4 prefixes to configure as static routes towards the OOB Management interface gateway. Replaces the default route.
`- <str>`	String		IPv4_address/Mask.
`mgmt_gateway`	String		OOB Management interface gateway in IPv4 format. Used as next-hop for default gateway or static routes defined under ‘mgmt_destination_networks’.
`mgmt_interface`	String	`Management1`	OOB Management interface.
`mgmt_interface_description`	String	`oob_management`	Management interface description.
`mgmt_interface_vrf`	String	`MGMT`	OOB Management VRF.
`mgmt_vrf_routing`	Boolean	`False`	Configure IP routing for the OOB Management VRF.

mgmt_destination_networks:
  - <str>
mgmt_gateway: <str>
mgmt_interface: <str>
mgmt_interface_description: <str>
mgmt_interface_vrf: <str>
mgmt_vrf_routing: <bool>

BFD settings¶

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`bfd_multihop`	Dictionary		See (+) on YAML tab		BFD Multihop tuning.
`interval`	Integer	Required		Min: 50 Max: 60000
`min_rx`	Integer	Required		Min: 50 Max: 60000
`multiplier`	Integer	Required		Min: 3 Max: 50

bfd_multihop: # (1)!
  interval: <int>
  min_rx: <int>
  multiplier: <int>

Default Value

bfd_multihop:
  interval: 300
  min_rx: 300
  multiplier: 3

BGP settings¶

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`bgp_as`	String				AS number to use to configure overlay when “overlay_routing_protocol” == ibgp.
`bgp_default_ipv4_unicast`	Boolean		`False`		Default activation of IPv4 unicast address-family on all IPv4 neighbors. It is best practice to disable activation.
`bgp_distance`	Dictionary
`external_routes`	Integer	Required		Min: 1 Max: 255
`internal_routes`	Integer	Required		Min: 1 Max: 255
`local_routes`	Integer	Required		Min: 1 Max: 255
`bgp_ecmp`	Integer		`4`		Maximum ECMP for BGP multi-path.
`bgp_graceful_restart`	Dictionary				BGP graceful-restart allows a BGP speaker with separate control plane and data plane processing to continue forwarding traffic during a BGP restart. Its neighbors (receiving speakers) may retain routing information from the restarting speaker while a BGP session with it is being re-established, reducing route flapping.
`enabled`	Boolean	Required	`False`		Enable or disable graceful-restart for all BGP peers.
`restart_time`	Integer		`300`	Min: 1 Max: 3600	Restart time in seconds.
`bgp_maximum_paths`	Integer		`4`	Min: 1 Max: 512	Maximum Paths for BGP multi-path.
`bgp_peer_groups`	Dictionary				Leverage an Arista EOS switch to generate the encrypted password using the correct peer group name. Note that the name of the peer groups use ‘-‘ instead of ‘_’ in EOS configuration.
`ipv4_underlay_peers`	Dictionary
`name`	String		`IPv4-UNDERLAY-PEERS`		Name of peer group.
`password`	String				Type 7 encrypted password.
`bfd`	Boolean		`False`
`structured_config`	Dictionary				Custom structured config added under router_bgp.peer_groups. for eos_cli_config_gen.
`mlag_ipv4_underlay_peer`	Dictionary
`name`	String		`MLAG-IPv4-UNDERLAY-PEER`		Name of peer group.
`password`	String				Type 7 encrypted password.
`bfd`	Boolean		`False`
`structured_config`	Dictionary				Custom structured config added under router_bgp.peer_groups. for eos_cli_config_gen.
`evpn_overlay_peers`	Dictionary
`name`	String		`EVPN-OVERLAY-PEERS`		Name of peer group.
`password`	String				Type 7 encrypted password.
`bfd`	Boolean		`True`
`structured_config`	Dictionary				Custom structured config added under router_bgp.peer_groups. for eos_cli_config_gen.
`evpn_overlay_core`	Dictionary
`name`	String		`EVPN-OVERLAY-CORE`		Name of peer group.
`password`	String				Type 7 encrypted password.
`bfd`	Boolean		`True`
`structured_config`	Dictionary				Custom structured config added under router_bgp.peer_groups. for eos_cli_config_gen.
`mpls_overlay_peers`	Dictionary
`name`	String		`MPLS-OVERLAY-PEERS`		Name of peer group.
`password`	String				Type 7 encrypted password.
`bfd`	Boolean		`True`
`structured_config`	Dictionary				Custom structured config added under router_bgp.peer_groups. for eos_cli_config_gen.
`rr_overlay_peers`	Dictionary
`name`	String		`RR-OVERLAY-PEERS`		Name of peer group.
`password`	String				Type 7 encrypted password.
`bfd`	Boolean		`True`
`structured_config`	Dictionary				Custom structured config added under router_bgp.peer_groups. for eos_cli_config_gen.
`ipvpn_gateway_peers`	Dictionary
`name`	String		`IPVPN-GATEWAY-PEERS`		Name of peer group.
`password`	String				Type 7 encrypted password.
`bfd`	Boolean		`True`
`structured_config`	Dictionary				Custom structured config added under router_bgp.peer_groups. for eos_cli_config_gen.
`IPv4_UNDERLAY_PEERS` removed	Dictionary				This key was removed. Support was removed in AVD version 4.0.0. Use `bgp_peer_groups.ipv4_underlay_peers` instead.
`MLAG_IPv4_UNDERLAY_PEER` removed	Dictionary				This key was removed. Support was removed in AVD version 4.0.0. Use `bgp_peer_groups.mlag_ipv4_underlay_peer` instead.
`EVPN_OVERLAY_PEERS` removed	Dictionary				This key was removed. Support was removed in AVD version 4.0.0. Use `bgp_peer_groups.evpn_overlay_peers` instead.
`bgp_update_wait_install`	Boolean				Do not advertise reachability to a prefix until that prefix has been installed in hardware. This will eliminate any temporary black holes due to a BGP speaker advertising reachability to a prefix that may not yet be installed into the forwarding plane.
`bgp_update_wait_for_convergence`	Boolean				Disables FIB updates and route advertisement when the BGP instance is initiated until the BGP convergence state is reached.

bgp_as: <str>
bgp_default_ipv4_unicast: <bool>
bgp_distance:
  external_routes: <int>
  internal_routes: <int>
  local_routes: <int>
bgp_ecmp: <int>
bgp_graceful_restart:
  enabled: <bool>
  restart_time: <int>
bgp_maximum_paths: <int>
bgp_peer_groups:
  ipv4_underlay_peers:
    name: <str>
    password: <str>
    bfd: <bool>
    structured_config: <dict>
  mlag_ipv4_underlay_peer:
    name: <str>
    password: <str>
    bfd: <bool>
    structured_config: <dict>
  evpn_overlay_peers:
    name: <str>
    password: <str>
    bfd: <bool>
    structured_config: <dict>
  evpn_overlay_core:
    name: <str>
    password: <str>
    bfd: <bool>
    structured_config: <dict>
  mpls_overlay_peers:
    name: <str>
    password: <str>
    bfd: <bool>
    structured_config: <dict>
  rr_overlay_peers:
    name: <str>
    password: <str>
    bfd: <bool>
    structured_config: <dict>
  ipvpn_gateway_peers:
    name: <str>
    password: <str>
    bfd: <bool>
    structured_config: <dict>
bgp_update_wait_install: <bool>
bgp_update_wait_for_convergence: <bool>

OSPF settings¶

TableYAML

Variable	Type	Default	Value Restrictions
`underlay_ospf_area`	String	`0.0.0.0`	Format: ipv4
`underlay_ospf_bfd_enable`	Boolean	`False`
`underlay_ospf_max_lsa`	Integer	`12000`
`underlay_ospf_process_id`	Integer	`100`

underlay_ospf_area: <str>
underlay_ospf_bfd_enable: <bool>
underlay_ospf_max_lsa: <int>
underlay_ospf_process_id: <int>

ISIS settings¶

TableYAML

Variable	Type	Default	Value Restrictions	Description
`isis_advertise_passive_only`	Boolean	`False`
`isis_area_id`	String	`49.0001`
`isis_default_circuit_type`	String	`level-2`	Valid Values: - level-1-2 - level-1 - level-2	These fabric level parameters can be used with core_interfaces running ISIS, and may be overridden on link profile or link level.
`isis_default_is_type`	String	`level-2`	Valid Values: - level-1-2 - level-1 - level-2
`isis_default_metric`	Integer	`50`		These fabric level parameters can be used with core_interfaces running ISIS, and may be overridden at link profile or link level.
`isis_maximum_paths`	Integer			Number of path to configure in ECMP for ISIS.
`isis_ti_lfa`	Dictionary
`enabled`	Boolean	`False`
`protection`	String		Valid Values: - link - node
`local_convergence_delay`	Integer	`10000`		Local convergence delay in milliseconds.
`underlay_isis_instance_name`	String			Default -> “EVPN_UNDERLAY” for l3ls, “CORE” for mpls.

isis_advertise_passive_only: <bool>
isis_area_id: <str>
isis_default_circuit_type: <str>
isis_default_is_type: <str>
isis_default_metric: <int>
isis_maximum_paths: <int>
isis_ti_lfa:
  enabled: <bool>
  protection: <str>
  local_convergence_delay: <int>
underlay_isis_instance_name: <str>

Overlay settings¶

The following overlay routing protocols are supported:

EBGP (default for l3ls-evpn)
IBGP (only with OSPF or ISIS variants in underlay)
none*
HER (Head-End Replication)**
CVX (CloudVision eXchange)

* For use with design type “l2ls” or other designs where there is no requirement for a routing protocol for underlay and/or overlay on l3 devices.
** By setting overlay_routing_protocol:HER, eos_designs will configure static VXLAN flood-lists instead of using a dynamic overlay protocol.

TableYAML

Variable	Type	Default	Value Restrictions	Description
`bgp_mesh_pes`	Boolean	`False`		Configure an iBGP full mesh between PEs, either because there is no RR used or other reasons. Only supported in combination with MPLS overlay.
`mlag_ibgp_peering_vrfs`	Dictionary			On mlag leafs, an SVI interface is defined per vrf, to establish iBGP peering (required when there are MLAG leafs in topology). The SVI id will be derived from the base vlan defined: mlag_ibgp_peering_vrfs.base_vlan + (vrf_id or vrf_vni) - 1. Depending on the values of vrf_id / vrf_vni it may be required to adjust the base_vlan to avoid overlaps or invalid vlan ids. The SVI ip address derived from mlag_l3_peer_ipv4_pool is re-used across all iBGP peerings.
`base_vlan`	Integer	`3000`	Min: 1 Max: 4093
`overlay_cvx_servers`	List, items: String			List of CVX vxlan overlay controllers. Required if overlay_routing_protocol == CVX. CVX servers (VMs) are peering using their management interface, so mgmt_ip must be set for all CVX servers.
`- <str>`	String			‘inventory_hostname’ of CVX server
`overlay_her_flood_list_per_vni`	Boolean	`False`		When using Head-End Replication, configure flood-lists per VNI. By default HER will be configured with a common flood-list containing all VTEPs. This behavior can be changed to per-VNI flood-lists by setting `overlay_her_flood_list_per_vni: true`. This will make `eos_designs` consider configured VLANs per VTEP, and only include the relevant VTEPs to each VNI’s flood-list.
`overlay_her_flood_list_scope`	String	`fabric`	Valid Values: - fabric - dc	When using Head-End Replication, set the scope of flood-lists to Fabric or DC. By default all VTEPs in the Fabric (part of the inventory group referenced by “fabric_name”) are added to the flood-lists. This can be changed to all VTEPs in the DC (sharing the same “dc_name” value). This is useful if Border Leaf switches are dividing the VXLAN overlay into separate domains.
`overlay_loopback_description`	String			Customize the description on overlay interface Loopback0.
`overlay_mlag_rfc5549`	Boolean	`False`		IPv6 Unnumbered for MLAG iBGP connections. Requires “underlay_rfc5549: true”.
`overlay_rd_type`	Dictionary			Configuration options for the Administrator subfield (first part of RD) and the Assigned Number subfield (second part of RD). By default Route Distinguishers (RD) are set to: - `<overlay_loopback>:<mac_vrf_id_base + vlan_id or mac_vrf_vni_base + vlan_id>` for VLANs and VLAN-Aware Bundles with L2 vlans. - `<overlay_loopback>:<vlan_aware_bundle_number_base + vrf_id>` for VLAN-Aware Bundles with SVIs. - `<overlay_loopback>:<vrf_id>` for VRFs. Note: RD is a 48-bit value which is split into <16-bit>:<32-bit> or <32-bit>:<16-bit>. When using loopback or 32-bit ASN/number the assigned number can only be a 16-bit number. This may be a problem with large VNIs. For 16-bit ASN/number the assigned number can be a 32-bit number.
`admin_subfield`	String	`overlay_loopback_ip`		The method for deriving RD Administrator subfield (first part of RD): - ‘overlay_loopback_ip’ means the IP address of Loopback0. - ‘vtep_loopback’ means the IP address of the VTEP loopback interface. - ‘bgp_as’ means the AS number of the device. - ‘switch_id’ means the ‘id’ value of the device. - Any without mask. - Integer between <0-65535>. - Integer between <0-4294967295>.
`admin_subfield_offset`	String			Offset can only be used if admin_subfield is an integer between <0-4294967295> or ‘switch_id’. Total value of admin_subfield + admin_subfield_offset must be <= 4294967295.
`vrf_admin_subfield`	String			The method for deriving RD Administrator subfield (first part of RD) for VRF services: - ‘overlay_loopback_ip’ means the IP address of Loopback0. - ‘vtep_loopback’ means the IP address of the VTEP loopback interface. - ‘bgp_as’ means the AS number of the device. - ‘switch_id’ means the ‘id’ value of the device. - Any without mask. - Integer between <0-65535>. - Integer between <0-4294967295>. ‘vrf_admin_subfield’ takes precedence for VRF RDs if set. Otherwise the ‘admin_subfield’ value will be used.
`vrf_admin_subfield_offset`	String			Offset can only be used if ‘vrf_admin_subfield’ is an integer between <0-4294967295> or ‘switch_id’. Total value of ‘vrf_admin_subfield’ + ‘vrf_admin_subfield_offset’ must be <= 4294967295.
`vlan_assigned_number_subfield`	String	`mac_vrf_id`	Valid Values: - mac_vrf_id - mac_vrf_vni - vlan_id	The method for deriving RD Assigned Number subfield for VLAN services (second part of RD): - ‘mac_vrf_id’ means `(mac_vrf_id_base or mac_vrf_vni_base) + vlan_id`. - ‘mac_vrf_vni’ means `(mac_vrf_vni_base or mac_vrf_id_base) + vlan_id`. - ‘vlan_id’ will only use the ‘vlan_id’ and ignores all base values. These methods can be overridden per VLAN if either ‘rd_override’, ‘rt_override’ or ‘vni_override’ is set (preferred in this order).
`overlay_routing_protocol`	String	`ebgp`	Value is converted to lower case Valid Values: - ebgp - ibgp - cvx - her - none	- The following overlay routing protocols are supported: - eBGP: Configures fabric with eBGP, default for l3ls-evpn design. - iBGP: Configured fabric with iBGP, only supported with OSPF or ISIS variants in underlay, default for mpls design. - CVX: Configures fabric to leverage CloudVision eXchange as the overlay controller. - HER: Configures fabric with Head-End Replication, configures static VXLAN flood-lists instead of using a dynamic overlay protocol. - none: No overlay configuration will be generated, default for l2ls design.
`overlay_routing_protocol_address_family`	String	`ipv4`	Valid Values: - ipv4 - ipv6	When set to `ipv6`, enable overlay EVPN peering with IPv6 addresses. This feature depends on underlay_ipv6 variable. As of today, only RFC5549 is capable to transport IPv6 in the underlay.
`overlay_rt_type`	Dictionary			Configuration options for the Administrator subfield (first part of RT) and the Assigned Number subfield (second part of RT). By default Route Targets (RT) are set to: - `<(mac_vrf_id_base or mac_vrf_vni_base) + vlan_id>:<(mac_vrf_id_base or mac_vrf_vni_base) + vlan_id>` for VLANs and VLAN-Aware Bundles with L2 vlans. - `<vlan_aware_bundle_number_base + vrf_id>:<vlan_aware_bundle_number_base + vrf_id>` for VLAN-Aware Bundles with SVIs. - `<vrf_id>:<vrf_id>` for VRFs. Notes: RT is a 48-bit value which is split into <16-bit>:<32-bit> or <32-bit>:<16-bit>. When using 32-bit ASN/number the VNI can only be a 16-bit number. Alternatively use vlan_id/vrf_id as assigned number. For 16-bit ASN/number the assigned number can be a 32-bit number.
`admin_subfield`	String	`vrf_id`		The method for deriving RT Administrator subfield (first part of RT): - ‘vrf_id’ means `(mac_vrf_id_base or mac_vrf_vni_base) + vlan_id` for VLANs and `(vrf_id or vrf_vni)` for VRFs. - ‘vrf_vni’ means `(mac_vrf_vni_base or mac_vrf_id_base) + vlan_id` for VLANs and `(vrf_vni or vrf_id)` for VRFs. - ‘id’ means `vlan_id` for VLANs and `(vrf_id or vrf_vni)` for VRFs. - ‘bgp_as’ means the AS number of the device. - Integer between <0-65535>. - Integer between <0-4294967295>. The ‘vrf_id’ and ‘vrf_vni’ methods can be overridden per VLAN if either ‘rt_override’ or ‘vni_override’ is set (preferred in this order).
`vrf_admin_subfield`	String	`vrf_id`		The method for deriving RT Administrator subfield (first part of RT) for VRF services: - ‘id’ means `(vrf_id or vrf_vni)`. - ‘vrf_id’ means `(vrf_id or vrf_vni)`. - ‘vrf_vni’ means `(vrf_vni or vrf_id)`. - ‘bgp_as’ means the AS number of the device. - Integer between <0-65535>. - Integer between <0-4294967295>. ‘vrf_admin_subfield’ takes precedence for VRF RDs if set. Otherwise the ‘admin_subfield’ value will be used.
`vlan_assigned_number_subfield`	String	`mac_vrf_id`	Valid Values: - mac_vrf_id - mac_vrf_vni - vlan_id	The method for deriving RT Assigned Number subfield for VLAN services (second part of RT): - ‘mac_vrf_id’ means `(mac_vrf_id_base or mac_vrf_vni_base) + vlan_id`. - ‘mac_vrf_vni’ means `(mac_vrf_vni_base or mac_vrf_id_base) + vlan_id`. - ‘vlan_id’ will only use the ‘vlan_id’ and ignores all base values. These methods can be overridden per VLAN if either ‘rt_override’ or ‘vni_override’ is set (preferred in this order).
`vtep_vvtep_ip`	String			IP Address used as Virtual VTEP. Will be configured as secondary IP on Loopback1. This is only needed for centralized routing designs.

bgp_mesh_pes: <bool>
mlag_ibgp_peering_vrfs:
  base_vlan: <int>
overlay_cvx_servers:
  - <str>
overlay_her_flood_list_per_vni: <bool>
overlay_her_flood_list_scope: <str>
overlay_loopback_description: <str>
overlay_mlag_rfc5549: <bool>
overlay_rd_type:
  admin_subfield: <str>
  admin_subfield_offset: <str>
  vrf_admin_subfield: <str>
  vrf_admin_subfield_offset: <str>
  vlan_assigned_number_subfield: <str>
overlay_routing_protocol: <str>
overlay_routing_protocol_address_family: <str>
overlay_rt_type:
  admin_subfield: <str>
  vrf_admin_subfield: <str>
  vlan_assigned_number_subfield: <str>
vtep_vvtep_ip: <str>

EVPN settings¶

TableYAML

Variable	Type	Default	Value Restrictions	Description
`evpn_ebgp_gateway_inter_domain`	Boolean
`evpn_ebgp_gateway_multihop`	Integer	`15`		Default of 15, considering a large value to avoid BGP reachability issues in very complex DCI networks. Adapt the value for your specific topology.
`evpn_ebgp_multihop`	Integer	`3`		Default of 3, the recommended value for a 3 stage spine and leaf topology. Set to a higher value to allow for very large and complex topologies.
`evpn_hostflap_detection`	Dictionary
`enabled`	Boolean	`True`		If set to false it will disable EVPN host-flap detection.
`threshold`	Integer	`5`		Minimum number of MAC moves that indicate a MAC duplication issue.
`window`	Integer	`180`		Time (in seconds) to detect a MAC duplication issue.
`expiry_timeout`	Integer			Time (in seconds) to purge a MAC duplication issue.
`evpn_import_pruning`	Boolean	`False`		Enable VPN import pruning (Min. EOS 4.24.2F). The Route Target extended communities carried by incoming VPN paths will be examined. If none of those Route Targets have been configured for import, the path will be immediately discarded.
`evpn_multicast`	Boolean	`False`		General Configuration required for EVPN Multicast. “evpn_l2_multicast” or “evpn_l3_multicast” must also be configured under the Network Services (tenants). Requires “underlay_multicast: true” and IGMP snooping enabled globally (default). For MLAG devices Route Distinguisher must be unique since this feature will create multi-vtep configuration. Warning !!! For Trident3 based platforms i.e 7050X3, 7300X3, 720XP and 722XP The Following default platform setting will be configured: “platform trident forwarding-table partition flexible exact-match 16384 l2-shared 98304 l3-shared 131072” All forwarding agents will be restarted when this configuration is applied. You can tune the settings by overridding the default variable: “platform_settings[platforms].trident_forwarding_table_partition:” Please contact an Arista representative for help with determining the appropriate values for your environment.
`evpn_overlay_bgp_rtc`	Boolean	`False`		Enable Route Target Membership Constraint Address Family on EVPN overlay BGP peerings (Min. EOS 4.25.1F). Requires use eBGP as overlay protocol.
`evpn_prevent_readvertise_to_server`	Boolean	`False`		Configure route-map on eBGP sessions towards route-servers, where prefixes with the peer’s ASN in the AS Path are filtered away. This is very useful in large-scale networks, where convergence will be quicker by not returning all updates received from Route-server-1 to Router-server-2 just for Route-server-2 to throw them away because of AS Path loop detection.
`evpn_rd_type` removed	Dictionary			This key was removed. Support was removed in AVD version 4.0.0. Use `overlay_rd_type` instead.
`evpn_rt_type` removed	Dictionary			This key was removed. Support was removed in AVD version 4.0.0. Use `overlay_rt_type` instead.
`evpn_short_esi_prefix`	String	`0000:0000:`		Configure prefix for “short_esi” values.
`evpn_vlan_aware_bundles`	Boolean	`False`		Enable vlan aware bundles for EVPN MAC-VRF.
`fabric_evpn_encapsulation`	String	`vxlan`	Valid Values: - vxlan - mpls	Should be set to mpls for evpn-mpls scenario.
`vxlan_vlan_aware_bundles` removed	Boolean	`False`		This key was removed. Support was removed in AVD version 4.0.0. Use `evpn_vlan_aware_bundles` instead.

evpn_ebgp_gateway_inter_domain: <bool>
evpn_ebgp_gateway_multihop: <int>
evpn_ebgp_multihop: <int>
evpn_hostflap_detection:
  enabled: <bool>
  threshold: <int>
  window: <int>
  expiry_timeout: <int>
evpn_import_pruning: <bool>
evpn_multicast: <bool>
evpn_overlay_bgp_rtc: <bool>
evpn_prevent_readvertise_to_server: <bool>
evpn_short_esi_prefix: <str>
evpn_vlan_aware_bundles: <bool>
fabric_evpn_encapsulation: <str>

Management settings¶

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`event_handlers`	List, items: Dictionary				Gives the ability to monitor and react to Syslog messages. Event Handlers provide a powerful and flexible tool that can be used to apply self-healing actions, customize the system behavior, and implement workarounds to problems discovered in the field.
`- name`	String	Required, Unique			Event Handler Name
`action_type`	String			Valid Values: - bash - increment - log
`action`	String				Command to execute
`delay`	Integer				Event-handler delay in seconds
`trigger`	String			Valid Values: - on-logging - on-startup-config	Configure event trigger condition.
`regex`	String				Regular expression to use for searching log messages. Required for on-logging trigger
`asynchronous`	Boolean		`False`		Set the action to be non-blocking.
`ipv6_mgmt_destination_networks`	List, items: String				List of IPv6 prefixes to configure as static routes towards the OOB IPv6 Management interface gateway. Replaces the default route.
`- <str>`	String				IPv6_network/Mask.
`ipv6_mgmt_gateway`	String			Format: ipv6	OOB Management interface gateway in IPv6 format. Used as next-hop for default gateway or static routes defined under ‘ipv6_mgmt_destination_networks’.
`local_users`	List, items: Dictionary
`- name`	String	Required, Unique			Username
`disabled`	Boolean				If true, the user will be removed and all other settings are ignored. Useful for removing the default “admin” user.
`privilege`	Integer			Min: 0 Max: 15	Initial privilege level with local EXEC authorization.
`role`	String				EOS RBAC Role to be assigned to the user such as “network-admin” or “network-operator”
`sha512_password`	String				SHA512 Hash of Password Must be the hash of the password. By default EOS salts the password with the username, so the simplest is to generate the hash on an EOS device using the same username.
`no_password`	Boolean				If set a password will not be configured for this user. “sha512_password” MUST not be defined for this user.
`ssh_key`	String
`shell`	String			Valid Values: - /bin/bash - /bin/sh - /sbin/nologin	Specify shell for the user
`management_eapi`	Dictionary				Default is HTTPS management eAPI enabled. The VRF is set to < mgmt_interface_vrf >.
`enable_http`	Boolean		`False`
`enable_https`	Boolean		`True`
`default_services`	Boolean
`name_servers`	List, items: String				List of DNS servers. The VRF is set to < mgmt_interface_vrf >.
`- <str>`	String				IPv4 address
`snmp_settings`	Dictionary				Set SNMP settings (optional).
`contact`	String				SNMP contact.
`location`	Boolean		`False`		Set SNMP location. Formatted as “ “.
`compute_local_engineid`	Boolean		`False`		Generate a local engineId for SNMP using the ‘compute_local_engineid_source’ method.
`compute_local_engineid_source`	String		`hostname_and_ip`	Valid Values: - hostname_and_ip - system_mac	`compute_local_engineid_source` supports: - `hostname_and_ip` generate a local engineId for SNMP by hashing via SHA1 the string generated via the concatenation of the hostname plus the management IP. {{ inventory_hostname }} + {{ switch.mgmt_ip }}. - `system_mac` generate the switch default engine id for AVD usage. To use this, `system_mac_address` MUST be set for the device. The formula is f5717f + system_mac_address + 00.
`compute_v3_user_localized_key`	Boolean		`False`		Requires compute_local_engineid to be `true`. If enabled, the SNMPv3 passphrases for auth and priv are transformed using RFC 2574, matching the value they would take in EOS CLI. The algorithm requires a local engineId, which is unknown to AVD, hence the necessity to generate one beforehand.
`users`	List, items: Dictionary
`- name`	String				Username
`group`	String				Configuration of the SNMP User Groups are currently only possible using `structured_config`.
`version`	String			Valid Values: - v1 - v2c - v3
`auth`	String			Valid Values: - md5 - sha - sha256 - sha384 - sha512
`auth_passphrase`	String				Cleartext passphrase so the recommendation is to use vault. Requires ‘auth’ to be set.
`priv`	String			Valid Values: - des - aes - aes192 - aes256
`priv_passphrase`	String				Cleartext passphrase so the recommendation is to use vault. Requires ‘priv’ to be set.
`timezone`	String				Clock timezone like “CET” or “US/Pacific”.

event_handlers:
  - name: <str>
    action_type: <str>
    action: <str>
    delay: <int>
    trigger: <str>
    regex: <str>
    asynchronous: <bool>
ipv6_mgmt_destination_networks:
  - <str>
ipv6_mgmt_gateway: <str>
local_users:
  - name: <str>
    disabled: <bool>
    privilege: <int>
    role: <str>
    sha512_password: <str>
    no_password: <bool>
    ssh_key: <str>
    shell: <str>
management_eapi:
  enable_http: <bool>
  enable_https: <bool>
  default_services: <bool>
name_servers:
  - <str>
snmp_settings:
  contact: <str>
  location: <bool>
  compute_local_engineid: <bool>
  compute_local_engineid_source: <str>
  compute_v3_user_localized_key: <bool>
  users:
    - name: <str>
      group: <str>
      version: <str>
      auth: <str>
      auth_passphrase: <str>
      priv: <str>
      priv_passphrase: <str>
timezone: <str>

System settings¶

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`default_igmp_snooping_enabled`	Boolean		`True`		When set to false, disables IGMP snooping at fabric level and overrides per vlan settings.
`hardware_counters`	Dictionary
`features`	List, items: Dictionary				This data model allows to configure the list of hardware counters feature available on Arista platforms. The `name` key accepts a list of valid_values which MUST be updated to support new feature as they are released in EOS. The available values of the different keys like ‘direction’ or ‘address_type’ are feature and hardware dependent and this model DOES NOT validate that the combinations are valid. It is the responsability of the user of this data model to make sure that the rendered CLI is accepted by the targeted device. Examples: * Use: `yaml<br> hardware_counters:<br> features:<br> - name: ip<br> direction: out<br> layer3: true<br> units_packets: true<br>` to render: `eos<br> hardware counter feature ip out layer3 units packets<br>` * Use: `yaml<br> hardware_counters:<br> features:<br> - name: route<br> address_type: ipv4<br> vrf: test<br> prefix: 192.168.0.0/24<br>` to render: `eos<br> hardware counter feature route ipv4 vrf test 192.168.0.0/24<br>`
`- name`	String			Valid Values: - acl - decap-group - directflow - ecn - flow-spec - gre tunnel interface - ip - mpls interface - mpls lfib - mpls tunnel - multicast - nexthop - pbr - pdp - policing interface - qos - qos dual-rate-policer - route - routed-port - subinterface - tapagg - traffic-class - traffic-policy - vlan - vlan-interface - vni decap - vni encap - vtep decap - vtep encap
`direction`	String			Valid Values: - in - out - cpu	Most features support only ‘in’ and ‘out’. Some like traffic-policy support ‘cpu’. Some features DO NOT have any direction. This validation IS NOT made by the schemas.
`address_type`	String			Valid Values: - ipv4 - ipv6 - mac	Supported only for the following features: - acl: [ipv4, ipv6, mac] if direction is ‘out’ - multicast: [ipv4, ipv6] - route: [ipv4, ipv6] This validation IS NOT made by the schemas.
`layer3`	Boolean				Supported only for the ‘ip’ feature
`vrf`	String				Supported only for the ‘route’ feature. This validation IS NOT made by the schemas.
`prefix`	String				Supported only for the ‘route’ feature. Mandatory for the ‘route’ feature. This validation IS NOT made by the schemas.
`units_packets`	Boolean
`internal_vlan_order`	Dictionary		See (+) on YAML tab		Internal vlan allocation order and range.
`allocation`	String	Required		Valid Values: - ascending - descending
`range`	Dictionary
`beginning`	Integer	Required		Min: 2 Max: 4094	First VLAN ID.
`ending`	Integer	Required		Min: 2 Max: 4094	Last VLAN ID.
`mac_address_table`	Dictionary				MAC address-table aging time. Use to change the EOS default of 300.
`aging_time`	Integer			Min: 0 Max: 1000000	Aging time in seconds 10-1000000. Enter 0 to disable aging.
`queue_monitor_length`	Dictionary
`enabled`	Boolean	Required
`notifying`	Boolean				If True, `eos_designs` will configure `queue-monitor length notifying` according to the `platform_settings.[].feature_support.queue_monitor_length_notify` setting.
`default_thresholds`	Dictionary
`high`	Integer	Required			Default high threshold for Ethernet Interfaces.
`low`	Integer				Default low threshold for Ethernet Interfaces. Low threshold support is platform dependent.
`log`	Integer				Logging interval in seconds
`cpu`	Dictionary
`thresholds`	Dictionary
`high`	Integer	Required
`low`	Integer
`redundancy`	Dictionary				Redundancy for chassis platforms with dual supervisors
`protocol`	String			Valid Values: - sso - rpr
`serial_number`	String				Serial Number of the device. Used for documentation purpose in the fabric documentation as can also be used by the ‘eos_config_deploy_cvp’ role. “serial_number” can also be set directly under node type settings. If both are set, the value under node type settings takes precedence.
`system_mac_address`	String				Set to the same MAC address as available in “show version” on the device. “system_mac_address” can also be set under node type settings. If both are set, the value under node type settings takes precedence.

default_igmp_snooping_enabled: <bool>
hardware_counters:
  features:
    - name: <str>
      direction: <str>
      address_type: <str>
      layer3: <bool>
      vrf: <str>
      prefix: <str>
      units_packets: <bool>
internal_vlan_order: # (1)!
  allocation: <str>
  range:
    beginning: <int>
    ending: <int>
mac_address_table:
  aging_time: <int>
queue_monitor_length:
  enabled: <bool>
  notifying: <bool>
  default_thresholds:
    high: <int>
    low: <int>
  log: <int>
  cpu:
    thresholds:
      high: <int>
      low: <int>
redundancy:
  protocol: <str>
serial_number: <str>
system_mac_address: <str>

Default Value

internal_vlan_order:
  allocation: ascending
  range:
    beginning: 1006
    ending: 1199

CloudVision Settings¶

TableYAML

Variable	Type	Default	Description
`cvp_ingestauth_key`	String		On-premise CVP ingest auth key. If set, TerminAttr will be configured with key-based authentication for on-premise CVP. If not set, TerminAttr will be configured with certificate based authentication: - On-premise using token onboarding. Default token path is ‘/tmp/token’. - CVaaS using token-secure onboarding. Default token path is ‘/tmp/cv-onboarding-token’. Token must be copied to the device first.
`cvp_instance_ip`	String		IPv4 address or DNS name for CloudVision. This variable only supports an on-premise single-node cluster or the DNS name of a CloudVision as a Service instance.
`cvp_instance_ips`	List, items: String		List of IPv4 addresses or DNS names for CloudVision. For on-premise CloudVision enter all the nodes of the cluster. For CloudVision as a Service enter the DNS name of the instance. `eos_designs` only supports one CloudVision cluster.
`- <str>`	String		IPv4 address or DNS name for CloudVision
`cvp_token_file`	String		cvp_token_file is the path to the token file on the switch. If not set the default locations for on-premise or CVaaS will be used. See cvp_ingestauth_key for details.
`terminattr_disable_aaa`	Boolean	`False`
`terminattr_ingestexclude`	String	`/Sysdb/cell/1/agent,/Sysdb/cell/2/agent`
`terminattr_ingestgrpcurl_port`	Integer	`9910`	Port number used for Terminattr connection to an on-premise CloudVision cluster. The port number is always 443 when using CloudVision as a Service, so this value is ignored.
`terminattr_smashexcludes`	String	`ale,flexCounter,hardware,kni,pulse,strata`

cvp_ingestauth_key: <str>
cvp_instance_ip: <str>
cvp_instance_ips:
  - <str>
cvp_token_file: <str>
terminattr_disable_aaa: <bool>
terminattr_ingestexclude: <str>
terminattr_ingestgrpcurl_port: <int>
terminattr_smashexcludes: <str>

Endpoint connectivity¶

AVD supports two different data models for defining connectivity to endpoints:

“Connected Endpoints” is an endpoint-centric model intended for servers or other use cases where most ports have unique configurations.
“Network Ports” is a compact and port-centric model intended for configuration of generic port configurations on large ranges of ports.

Both data models share the same underlying implementation and can coexist without conflicts. If a switch port is defined in both “Connected Endpoints” and “Network Ports”, the “Connected Endpoints” configuration will take precedence.

Both data models support variable inheritance from profiles defined under port_profiles. The profiles can be shared between the models. Any setting defined under the port_profiles will be inherited from parent_profile to profile to adapter.

Connected endpoints settings¶

The connected endpoints variables define connectivity from the perspective of the endpoints that connect to the fabric.
Each endpoint can have one or more adapters defined, under which the connected switches, switch_ports and endpoint_ports must be set.
If port_channel mode is enabled under one “adapter”, all switch_ports connected to that “adapter” will become part of this port-channel.
The keys used to define connected endpoints are configurable using connected_endpoints_keys. The default available keys are:
- servers
- firewalls
- routers
- load_balancers
- storage_arrays
- cpes
- workstations
- access_points
- phones
- printers
- cameras
- generic_devices

Example with profiles

port_profiles:

  - profile: VM_Servers
    mode: trunk
    vlans: "110-111,120-121,130-131"
    spanning_tree_portfast: edge

  - profile: MGMT
    mode: access
    vlans: "110"

  - profile: DB_Clusters
    mode: trunk
    vlans: "140-141"

servers:
  - name: server01
    rack: RackB
    adapters:

      # Single homed interface from E0 toward DC1-LEAF1A_Eth5
      - endpoint_ports: [ E0 ]
        switch_ports: [ Ethernet5 ]
        switches: [ DC1-LEAF1A ]
        profile: MGMT

      # MLAG dual-homed connection from E1 to DC1-LEAF2A_Eth10
      #                            from E2 to DC1-LEAF2B_Eth10
      - endpoint_ports: [ E1, E2 ]
        switch_ports: [ Ethernet10, Ethernet10 ]
        switches: [ DC1-LEAF2A, DC1-LEAF2B ]
        profile: DB_Clusters
        port_channel:
          description: PortChanne1
          mode: active

  - name: server03
    rack: RackC
    adapters:

      # MLAG dual-homed connection from E0 to DC1-SVC3A_Eth10
      #                            from E1 to DC1-SVC3B_Eth10
      - endpoint_ports: [ E0, E1 ]
        switch_ports: [ Ethernet10, Ethernet10 ]
        switches: [ DC1-SVC3A, DC1-SVC3B ]
        profile: VM_Servers
        port_channel:
          description: PortChanne1
          mode: active
# Firewall
firewalls:
  - name: FIREWALL01
    rack: RackB
    adapters:
      - endpoint_ports: [ E0, E1 ]
        switch_ports: [ Ethernet20, Ethernet20 ]
        switches: [ DC1-LEAF2A, DC1-LEAF2B ]
        profile: TENANT_A_B
        port_channel:
          description: PortChanne1
          mode: active

# Routers
routers:
  - name: ROUTER01
    rack: RackB
    adapters:
      - endpoint_ports: [ Eth0, Eth1 ]
        switch_ports: [ Ethernet21, Ethernet21 ]
        switches: [ DC1-LEAF2A, DC1-LEAF2B ]
        profile: TENANT_A

Example with single attached endpoint

Single attached interface from E0 toward DC1-LEAF1A interface Eth5

servers:
  - name: server01
    rack: RackB
    adapters:
      - endpoint_ports: [ E0 ]
        switch_ports: [ Ethernet5 ]
        switches: [ DC1-LEAF1A ]
        profile: MGMT

Example with MLAG dual-attached endpoint

MLAG dual-homed connection:

From E0 to DC1-SVC3A interface Eth10
From E1 to DC1-SVC3B interface Eth10

servers:
  - name: server01
    rack: RackB
    adapters:
      - endpoint_ports: [ E0, E1 ]
        switch_ports: [ Ethernet10, Ethernet10 ]
        switches: [ DC1-SVC3A, DC1-SVC3B ]
        profile: VM_Servers
        port_channel:
          description: PortChanne1
          mode: active

Example with EVPN A/A ESI dual-attached endpoint

To help provide consistency when configuring EVPN A/A ESI values, arista.avd provides an abstraction in the form of a short_esi key. short_esi is an abbreviated 3 octets value to encode Ethernet Segment ID and LACP ID. Transformation from abstraction to network values is managed by a filter_plugin and provides following result:

EVPN ESI: 000:000:0303:0202:0101
LACP ID: 0303.0202.0101
Route Target: 03:03:02:02:01:01

In addition, setting the short_esi key to auto generates the short_esi automatically using a hash of the following data elements:

Port-Channel Interfaces: first two uplink switch hostnames, the ports on those switches, the corresponding endpoint ports and the channel-group ID.
Port-Channel Subinterface: first two uplink switch hostname, the ports on those switches, the corresponding endpoint ports, the channel-group ID and the subinterface number.
Ethernet Interfaces: first two uplink switch hostnames, the ports on those switches, the corresponding endpoint ports and the interface number.

It should be noted that arista.avd does not currently check for hash collisions when using short_esi: auto and while the risk of this happening is non-zero, it is small.

Active/Active multihoming connections:

From E0 to DC1-SVC3A interface Eth10
From E1 to DC1-SVC4A interface Eth10

servers:
  - name: server01
    rack: RackB
    adapters:
      - endpoint_ports: [ E0, E1 ]
        switch_ports: [ Ethernet10, Ethernet10 ]
        switches: [ DC1-SVC3A, DC1-SVC4A ]
        profile: VM_Servers
        port_channel:
          description: PortChanne1
          mode: active
          short_esi: 0303:0202:0101

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`<connected_endpoints_keys.key>`	List, items: Dictionary				This should be applied to group_vars or host_vars where endpoints are connecting. `connected_endpoints_keys.key` is one of the keys under “connected_endpoints_keys”. The default keys are `servers`, `firewalls`, `routers`, `load_balancers`, and `storage_arrays`.
`- name`	String	Required, Unique			Endpoint name will be used in the switchport description.
`rack`	String				Rack is used for documentation purposes only.
`adapters`	List, items: Dictionary				A list of adapters, group by adapters leveraging the same port-profile.
`- switch_ports`	List, items: String	Required			List of switch interfaces. The lists `endpoint_ports`, `switch_ports`, and `switches` must have the same length.
`- <str>`	String				Switchport interface.
`switches`	List, items: String	Required			List of switches. The lists `endpoint_ports`, `switch_ports`, and `switches` must have the same length.
`- <str>`	String				Device
`endpoint_ports`	List, items: String				Endpoint ports is used for description, required unless description is set. The lists `endpoint_ports`, `switch_ports`, and `switches` must have the same length. Each list item is one switchport.
`- <str>`	String				Interface name.
`server_ports` removed	List, items: String				This key was removed. Support was removed in AVD version 4.0.0. Use `endpoint_ports` instead.
`- <str>`	String				Used for documentation purposes.
`speed`	String				Set adapter speed: `< interface_speed >`, `forced < interface_speed >`, `auto < interface_speed >`. If not specified will be auto.
`description`	String				By default the description is built leveraging `<peer>_<peer_interface>`. When set this key will overide the default value on the physical ports.
`profile`	String				Port-profile name to inherit configuration.
`enabled`	Boolean		`True`		Administrative state, setting to false will set the port to ‘shutdown’ in the intended configuration.
`mode`	String			Valid Values: - access - dot1q-tunnel - trunk - trunk phone	Interface mode.
`mtu`	Integer			Min: 68 Max: 65535
`l2_mtu`	Integer			Min: 68 Max: 9416	This should only be defined for platforms supporting the “l2 mtu” CLI command.
`native_vlan`	Integer			Min: 1 Max: 4094	Native VLAN for a trunk port. If both `native_vlan` and `native_vlan_tag`, `native_vlan_tag` takes precedence.
`native_vlan_tag`	Boolean		`False`		If both `native_vlan` and `native_vlan_tag`, `native_vlan_tag` takes precedence.
`trunk_groups`	List, items: String				Required with `enable_trunk_groups: true`. Trunk Groups are used for limiting VLANs on trunk ports to VLANs with the same Trunk Group.
`- <str>`	String
`vlans`	String				Interface VLANs - if not set, the EOS default is that all VLANs are allowed for trunk ports, and VLAN 1 will be used for access ports.
`spanning_tree_portfast`	String			Valid Values: - edge - network
`spanning_tree_bpdufilter`	String			Valid Values: - enabled - disabled - True - False - true - false
`spanning_tree_bpduguard`	String			Valid Values: - enabled - disabled - True - False - true - false
`flowcontrol`	Dictionary
`received`	String			Valid Values: - received - send - on
`qos_profile`	String				QOS profile name
`ptp`	Dictionary				The global PTP profile parameters will be applied to all connected endpoints where `ptp` is manually enabled. `ptp role master` is set to ensure control over the PTP topology.
`enabled`	Boolean		`False`
`endpoint_role`	String		`follower`	Valid Values: - bmca - default - follower
`profile`	String		`aes67-r16-2016`	Valid Values: - aes67 - aes67-r16-2016 - smpte2059-2
`link_tracking`	Dictionary				Configure the downstream interfaces of a respective Link Tracking Group. If `port_channel` is defined in an adapter, then the port-channel interface is configured to be the downstream. Else all the ethernet interfaces will be configured as downstream -> to configure single-active EVPN multihomed networks.
`enabled`	Boolean
`name`	String				Tracking group name. The default group name is taken from fabric variable of the switch, `link_tracking.groups[0].name` with default value being “LT_GROUP1”. Optional if default link_tracking settings are configured on the node.
`dot1x`	Dictionary				802.1x
`port_control`	String			Valid Values: - auto - force-authorized - force-unauthorized
`port_control_force_authorized_phone`	Boolean
`reauthentication`	Boolean
`pae`	Dictionary
`mode`	String			Valid Values: - authenticator
`authentication_failure`	Dictionary
`action`	String			Valid Values: - allow - drop
`allow_vlan`	Integer			Min: 1 Max: 4094
`host_mode`	Dictionary
`mode`	String			Valid Values: - multi-host - single-host
`multi_host_authenticated`	Boolean
`mac_based_authentication`	Dictionary
`enabled`	Boolean
`always`	Boolean
`host_mode_common`	Boolean
`timeout`	Dictionary
`idle_host`	Integer			Min: 10 Max: 65535
`quiet_period`	Integer			Min: 1 Max: 65535
`reauth_period`	String				Range 60-4294967295 or “server”.
`reauth_timeout_ignore`	Boolean
`tx_period`	Integer			Min: 1 Max: 65535
`reauthorization_request_limit`	Integer			Min: 1 Max: 10
`poe`	Dictionary				Power Over Ethernet settings applied on port. Only configured if platform supports PoE.
`disabled`	Boolean		`False`		Disable PoE on a POE capable port. PoE is enabled on all ports that support it by default in EOS.
`priority`	String			Valid Values: - critical - high - medium - low	Prioritize a port’s power in the event that one of the switch’s power supplies loses power
`reboot`	Dictionary				Set the PoE power behavior for a PoE port when the system is rebooted
`action`	String			Valid Values: - maintain - power-off	PoE action for interface
`link_down`	Dictionary				Set the PoE power behavior for a PoE port when the port goes down
`action`	String			Valid Values: - maintain - power-off	PoE action for interface
`power_off_delay`	Integer			Min: 1 Max: 86400	Number of seconds to delay shutting the power off after a link down event occurs. Default value is 5 seconds in EOS.
`shutdown`	Dictionary				Set the PoE power behavior for a PoE port when the port is admin down
`action`	String			Valid Values: - maintain - power-off	PoE action for interface
`limit`	Dictionary				Override the hardware-negotiated power limit using either wattage or a power class. Note that if using a power class, AVD will automatically convert the class value to the wattage value corresponding to that power class.
`class`	Integer			Min: 0 Max: 8
`watts`	String
`fixed`	Boolean				Set to ignore hardware classification
`negotiation_lldp`	Boolean				Disable to prevent port from negotiating power with powered devices over LLDP. Enabled by default in EOS.
`legacy_detect`	Boolean				Allow a subset of legacy devices to work with the PoE switch. Disabled by default in EOS because it can cause false positive detections.
`storm_control`	Dictionary				Storm control settings applied on port toward the endpoint.
`all`	Dictionary
`level`	String				Configure maximum storm-control level.
`unit`	String		`percent`	Valid Values: - percent - pps	Optional variable and is hardware dependent.
`broadcast`	Dictionary
`level`	String				Configure maximum storm-control level.
`unit`	String		`percent`	Valid Values: - percent - pps	Optional variable and is hardware dependent.
`multicast`	Dictionary
`level`	String				Configure maximum storm-control level.
`unit`	String		`percent`	Valid Values: - percent - pps	Optional variable and is hardware dependent.
`unknown_unicast`	Dictionary
`level`	String				Configure maximum storm-control level.
`unit`	String		`percent`	Valid Values: - percent - pps	Optional variable and is hardware dependent.
`monitor_sessions`	List, items: Dictionary				Used to define switchports as source or destination for monitoring sessions.
`- name`	String	Required			Session name.
`role`	String			Valid Values: - source - destination
`source_settings`	Dictionary
`direction`	String			Valid Values: - rx - tx - both
`access_group`	Dictionary
`type`	String			Valid Values: - ip - ipv6 - mac
`name`	String				ACL name.
`priority`	Integer
`session_settings`	Dictionary				Session settings are defined per session name. Different session_settings for the same session name will be combined/merged.
`encapsulation_gre_metadata_tx`	Boolean
`header_remove_size`	Integer				Number of bytes to remove from header.
`access_group`	Dictionary
`type`	String			Valid Values: - ip - ipv6 - mac
`name`	String				ACL name.
`rate_limit_per_ingress_chip`	String				Ratelimit and unit as string. Examples: “100000 bps” “100 kbps” “10 mbps”
`rate_limit_per_egress_chip`	String				Ratelimit and unit as string. Examples: “100000 bps” “100 kbps” “10 mbps”
`sample`	Integer
`truncate`	Dictionary
`enabled`	Boolean
`size`	Integer				Size in bytes
`ethernet_segment`	Dictionary				Settings for all or single-active EVPN multihoming.
`short_esi`	String	Required			In format xxxx:xxxx:xxxx or “auto”. Define a manual short-esi (be careful using this on profiles) or set the value to “auto” to automatically generate the value. Please see the notes under “EVPN A/A ESI dual and single-attached endpoint scenarios” before setting `short_esi: auto`.
`redundancy`	String			Valid Values: - all-active - single-active	If omitted, Port-Channels use the EOS default of all-active. If omitted, Ethernet interfaces are configured as single-active.
`designated_forwarder_algorithm`	String			Valid Values: - auto - modulus - preference	Configure DF algorithm and preferences. - auto: Use preference-based algorithm and assign preference based on position of device in the ‘switches’ list, e.g., assuming a list of three switches, this would assign a preference of 200 to the first switch, 100 to the 2^nd, and 0 to the third. - preference: Set preference for each switch manually using designated_forwarder_preferences key. - modulus: Use the default modulus-based algorithm. If omitted, Port-Channels use the EOS default of modulus. If omitted, Ethernet interfaces default to the ‘auto’ mechanism detailed above.
`designated_forwarder_preferences`	List, items: String				Manual preference as described above, required only for preference algorithm.
`- <str>`	String
`dont_preempt`	Boolean				Disable preemption for single-active forwarding when auto/manual DF preference is configured.
`port_channel`	Dictionary				Used for port-channel adapter.
`mode`	String			Valid Values: - active - passive - on	Port-Channel Mode.
`channel_id`	Integer				Port-Channel ID. If no channel_id is specified, an id is generated from the first switch port in the port channel.
`description`	String				By default the description is built leveraging `<peer>` name or `adapter.description` when defined. When this key is defined, it will append its content to the physical port description.
`enabled`	Boolean		`True`		Port-Channel administrative state. Setting to false will set port to ‘shutdown’ in intended configuration.
`esi` removed	String				Format xxxx:xxxx:xxxx.This key was removed. Support was removed in AVD version 4.0.0. Use `short_esi` instead.
`short_esi`	String				In format xxxx:xxxx:xxxx or “auto”.
`lacp_fallback`	Dictionary				LACP fallback configuration.
`mode`	String			Valid Values: - static	Currently only static mode is supported.
`timeout`	Integer				Timeout in seconds. EOS default is 90 seconds.
`lacp_timer`	Dictionary				LACP timer configuration. Applies only when Port-channel mode is not “on”.
`mode`	String			Valid Values: - normal - fast	LACP mode for interface members.
`multiplier`	Integer				Number of LACP BPDUs lost before deeming the peer down. EOS default is 3.
`subinterfaces`	List, items: Dictionary				Port-Channel L2 Subinterfaces Subinterfaces are only supported on routed port-channels, which means they cannot be configured on MLAG port-channels. Setting short_esi: auto generates the short_esi automatically using a hash of configuration elements. Please see the notes under “EVPN A/A ESI dual-attached endpoint scenario” before setting short_esi: auto.
`- number`	Integer				Subinterface number
`short_esi`	String				In format xxxx:xxxx:xxxx or “auto” Required for multihomed port-channels with subinterfaces
`vlan_id`	Integer			Min: 1 Max: 4094	VLAN ID to bridge. Default is subinterface number.
`encapsulation_vlan`	Dictionary				Client VLAN ID encapsulation. Default is subinterface number.
`client_dot1q`	Integer			Min: 1 Max: 4094
`raw_eos_cli`	String				EOS CLI rendered directly on the port-channel interface in the final EOS configuration.
`structured_config`	Dictionary				Custom structured config added under port_channel_interfaces. for eos_cli_config_gen.
`raw_eos_cli`	String				EOS CLI rendered directly on the ethernet interface in the final EOS configuration.
`structured_config`	Dictionary				Custom structured config added under ethernet_interfaces. for eos_cli_config_gen.

<connected_endpoints_keys.key>:
  - name: <str>
    rack: <str>
    adapters:
      - switch_ports:
          - <str>
        switches:
          - <str>
        endpoint_ports:
          - <str>
        speed: <str>
        description: <str>
        profile: <str>
        enabled: <bool>
        mode: <str>
        mtu: <int>
        l2_mtu: <int>
        native_vlan: <int>
        native_vlan_tag: <bool>
        trunk_groups:
          - <str>
        vlans: <str>
        spanning_tree_portfast: <str>
        spanning_tree_bpdufilter: <str>
        spanning_tree_bpduguard: <str>
        flowcontrol:
          received: <str>
        qos_profile: <str>
        ptp:
          enabled: <bool>
          endpoint_role: <str>
          profile: <str>
        link_tracking:
          enabled: <bool>
          name: <str>
        dot1x:
          port_control: <str>
          port_control_force_authorized_phone: <bool>
          reauthentication: <bool>
          pae:
            mode: <str>
          authentication_failure:
            action: <str>
            allow_vlan: <int>
          host_mode:
            mode: <str>
            multi_host_authenticated: <bool>
          mac_based_authentication:
            enabled: <bool>
            always: <bool>
            host_mode_common: <bool>
          timeout:
            idle_host: <int>
            quiet_period: <int>
            reauth_period: <str>
            reauth_timeout_ignore: <bool>
            tx_period: <int>
          reauthorization_request_limit: <int>
        poe:
          disabled: <bool>
          priority: <str>
          reboot:
            action: <str>
          link_down:
            action: <str>
            power_off_delay: <int>
          shutdown:
            action: <str>
          limit:
            class: <int>
            watts: <str>
            fixed: <bool>
          negotiation_lldp: <bool>
          legacy_detect: <bool>
        storm_control:
          all:
            level: <str>
            unit: <str>
          broadcast:
            level: <str>
            unit: <str>
          multicast:
            level: <str>
            unit: <str>
          unknown_unicast:
            level: <str>
            unit: <str>
        monitor_sessions:
          - name: <str>
            role: <str>
            source_settings:
              direction: <str>
              access_group:
                type: <str>
                name: <str>
                priority: <int>
            session_settings:
              encapsulation_gre_metadata_tx: <bool>
              header_remove_size: <int>
              access_group:
                type: <str>
                name: <str>
              rate_limit_per_ingress_chip: <str>
              rate_limit_per_egress_chip: <str>
              sample: <int>
              truncate:
                enabled: <bool>
                size: <int>
        ethernet_segment:
          short_esi: <str>
          redundancy: <str>
          designated_forwarder_algorithm: <str>
          designated_forwarder_preferences:
            - <str>
          dont_preempt: <bool>
        port_channel:
          mode: <str>
          channel_id: <int>
          description: <str>
          enabled: <bool>
          short_esi: <str>
          lacp_fallback:
            mode: <str>
            timeout: <int>
          lacp_timer:
            mode: <str>
            multiplier: <int>
          subinterfaces:
            - number: <int>
              short_esi: <str>
              vlan_id: <int>
              encapsulation_vlan:
                client_dot1q: <int>
          raw_eos_cli: <str>
          structured_config: <dict>
        raw_eos_cli: <str>
        structured_config: <dict>

Network ports settings¶

The network_ports data model is intended to be used with port_profiles and parent_profiles to keep the configuration generic and compact, but all features and keys supported under connected_endpoints.adapters are also supported directly under network_ports.

All ranges defined under switch_ports will be expanded to individual port configuration which leads to a some behavioral differences to connected_endpoints:

By default each port will be configured in a port-channel with one member when leveraging automatic channel-id generation. To configure multiple ports as member of the same port-channel set the channel-id key (see the example below).
Inconsistent configurations when used with short_esi: auto or designated_forwarder_algorithm: auto, since those rely on information from multiple switches and interfaces.

Example using network ports and profiles

# Port Profiles
# Common settings inherited to network_ports
port_profiles:
  - profile: common
    mode: access
    vlans: "999"
    spanning_tree_portfast: edge
    spanning_tree_bpdufilter: enabled

  - profile: ap_with_port_channel
    parent_profile: common
    vlans: "101"
    port_channel:
      mode: active

  - profile: pc
    parent_profile: common
    vlans: "100"

# Network Ports
# All switch_ports ranges are expanded into individual port configurations
# Switches are matched with regex matching the full hostname.
network_ports:
  - switches:
      - network-ports-tests-1
    switch_ports:
      - Ethernet1-2
    profile: pc
    description: PCs

  - switches:
      - network-ports-tests-2$
    switch_ports:
      - Ethernet1-2
    profile: ap_with_port_channel
    description: AP1 with port_channel

  - switches:
      - network-ports-[est]{5}-.*
    switch_ports:
      - Ethernet3-4
      - Ethernet2/1-48
    profile: pc
    description: PCs

Example using network ports to configure multiple ports in the same port-channel

When defining port-channels, all ranges defined under switch_ports will be expanded to individual port configurations in a port-channel with one member. To configure multiple ports as members of the same port-channel, set the channel-id key manually like in this example:

# Network Ports
# By setting the channel_id key under port-channel, interfaces Ethernet3-4 will
# be configured under the same port-channel.
network_ports:
  - switches:
      - network-ports-tests-1
    switch_ports:
      - Ethernet3-4
    description: Multiple interfaces in the same port-channel
    port_channel:
      mode: active
      channel_id: 42

This will generate the following config:

interface Port-Channel42
  description Multiple interfaces in the same port-channel
  no shutdown
  switchport
!
!
interface Ethernet3
  description Multiple interfaces in the same port-channel
  no shutdown
  channel-group 42 mode active
!
interface Ethernet4
  description Multiple interfaces in the same port-channel
  no shutdown
  channel-group 42 mode active
!

Tip

To leverage automatic channel-id computation and configure port-channel with multiple members, connected_endpoints should be used.

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`network_ports`	List, items: Dictionary
`- switches`	List, items: String				Regex matching the full hostname of one or more switches. The regular expression must match the full hostname.
`- <str>`	String
`switch_ports`	List, items: String				List of ranges using AVD range_expand syntax. For example: switch_ports: - Ethernet1 - Ethernet2-48 All switch_ports ranges are expanded into individual port configurations. For more details and examples of the `range_expand` syntax, see the arista.avd.range_expand documentation
`- <str>`	String
`description`	String				Description to be used on all ports.
`speed`	String				Set adapter speed: `< interface_speed >`, `forced < interface_speed >`, `auto < interface_speed >`. If not specified will be auto.
`profile`	String				Port-profile name to inherit configuration.
`enabled`	Boolean		`True`		Administrative state, setting to false will set the port to ‘shutdown’ in the intended configuration.
`mode`	String			Valid Values: - access - dot1q-tunnel - trunk - trunk phone	Interface mode.
`mtu`	Integer			Min: 68 Max: 65535
`l2_mtu`	Integer			Min: 68 Max: 9416	This should only be defined for platforms supporting the “l2 mtu” CLI command.
`native_vlan`	Integer			Min: 1 Max: 4094	Native VLAN for a trunk port. If both `native_vlan` and `native_vlan_tag`, `native_vlan_tag` takes precedence.
`native_vlan_tag`	Boolean		`False`		If both `native_vlan` and `native_vlan_tag`, `native_vlan_tag` takes precedence.
`trunk_groups`	List, items: String				Required with `enable_trunk_groups: true`. Trunk Groups are used for limiting VLANs on trunk ports to VLANs with the same Trunk Group.
`- <str>`	String
`vlans`	String				Interface VLANs - if not set, the EOS default is that all VLANs are allowed for trunk ports, and VLAN 1 will be used for access ports.
`spanning_tree_portfast`	String			Valid Values: - edge - network
`spanning_tree_bpdufilter`	String			Valid Values: - enabled - disabled - True - False - true - false
`spanning_tree_bpduguard`	String			Valid Values: - enabled - disabled - True - False - true - false
`flowcontrol`	Dictionary
`received`	String			Valid Values: - received - send - on
`qos_profile`	String				QOS profile name
`ptp`	Dictionary				The global PTP profile parameters will be applied to all connected endpoints where `ptp` is manually enabled. `ptp role master` is set to ensure control over the PTP topology.
`enabled`	Boolean		`False`
`endpoint_role`	String		`follower`	Valid Values: - bmca - default - follower
`profile`	String		`aes67-r16-2016`	Valid Values: - aes67 - aes67-r16-2016 - smpte2059-2
`link_tracking`	Dictionary				Configure the downstream interfaces of a respective Link Tracking Group. If `port_channel` is defined in an adapter, then the port-channel interface is configured to be the downstream. Else all the ethernet interfaces will be configured as downstream -> to configure single-active EVPN multihomed networks.
`enabled`	Boolean
`name`	String				Tracking group name. The default group name is taken from fabric variable of the switch, `link_tracking.groups[0].name` with default value being “LT_GROUP1”. Optional if default link_tracking settings are configured on the node.
`dot1x`	Dictionary				802.1x
`port_control`	String			Valid Values: - auto - force-authorized - force-unauthorized
`port_control_force_authorized_phone`	Boolean
`reauthentication`	Boolean
`pae`	Dictionary
`mode`	String			Valid Values: - authenticator
`authentication_failure`	Dictionary
`action`	String			Valid Values: - allow - drop
`allow_vlan`	Integer			Min: 1 Max: 4094
`host_mode`	Dictionary
`mode`	String			Valid Values: - multi-host - single-host
`multi_host_authenticated`	Boolean
`mac_based_authentication`	Dictionary
`enabled`	Boolean
`always`	Boolean
`host_mode_common`	Boolean
`timeout`	Dictionary
`idle_host`	Integer			Min: 10 Max: 65535
`quiet_period`	Integer			Min: 1 Max: 65535
`reauth_period`	String				Range 60-4294967295 or “server”.
`reauth_timeout_ignore`	Boolean
`tx_period`	Integer			Min: 1 Max: 65535
`reauthorization_request_limit`	Integer			Min: 1 Max: 10
`poe`	Dictionary				Power Over Ethernet settings applied on port. Only configured if platform supports PoE.
`disabled`	Boolean		`False`		Disable PoE on a POE capable port. PoE is enabled on all ports that support it by default in EOS.
`priority`	String			Valid Values: - critical - high - medium - low	Prioritize a port’s power in the event that one of the switch’s power supplies loses power
`reboot`	Dictionary				Set the PoE power behavior for a PoE port when the system is rebooted
`action`	String			Valid Values: - maintain - power-off	PoE action for interface
`link_down`	Dictionary				Set the PoE power behavior for a PoE port when the port goes down
`action`	String			Valid Values: - maintain - power-off	PoE action for interface
`power_off_delay`	Integer			Min: 1 Max: 86400	Number of seconds to delay shutting the power off after a link down event occurs. Default value is 5 seconds in EOS.
`shutdown`	Dictionary				Set the PoE power behavior for a PoE port when the port is admin down
`action`	String			Valid Values: - maintain - power-off	PoE action for interface
`limit`	Dictionary				Override the hardware-negotiated power limit using either wattage or a power class. Note that if using a power class, AVD will automatically convert the class value to the wattage value corresponding to that power class.
`class`	Integer			Min: 0 Max: 8
`watts`	String
`fixed`	Boolean				Set to ignore hardware classification
`negotiation_lldp`	Boolean				Disable to prevent port from negotiating power with powered devices over LLDP. Enabled by default in EOS.
`legacy_detect`	Boolean				Allow a subset of legacy devices to work with the PoE switch. Disabled by default in EOS because it can cause false positive detections.
`storm_control`	Dictionary				Storm control settings applied on port toward the endpoint.
`all`	Dictionary
`level`	String				Configure maximum storm-control level.
`unit`	String		`percent`	Valid Values: - percent - pps	Optional variable and is hardware dependent.
`broadcast`	Dictionary
`level`	String				Configure maximum storm-control level.
`unit`	String		`percent`	Valid Values: - percent - pps	Optional variable and is hardware dependent.
`multicast`	Dictionary
`level`	String				Configure maximum storm-control level.
`unit`	String		`percent`	Valid Values: - percent - pps	Optional variable and is hardware dependent.
`unknown_unicast`	Dictionary
`level`	String				Configure maximum storm-control level.
`unit`	String		`percent`	Valid Values: - percent - pps	Optional variable and is hardware dependent.
`monitor_sessions`	List, items: Dictionary				Used to define switchports as source or destination for monitoring sessions.
`- name`	String	Required			Session name.
`role`	String			Valid Values: - source - destination
`source_settings`	Dictionary
`direction`	String			Valid Values: - rx - tx - both
`access_group`	Dictionary
`type`	String			Valid Values: - ip - ipv6 - mac
`name`	String				ACL name.
`priority`	Integer
`session_settings`	Dictionary				Session settings are defined per session name. Different session_settings for the same session name will be combined/merged.
`encapsulation_gre_metadata_tx`	Boolean
`header_remove_size`	Integer				Number of bytes to remove from header.
`access_group`	Dictionary
`type`	String			Valid Values: - ip - ipv6 - mac
`name`	String				ACL name.
`rate_limit_per_ingress_chip`	String				Ratelimit and unit as string. Examples: “100000 bps” “100 kbps” “10 mbps”
`rate_limit_per_egress_chip`	String				Ratelimit and unit as string. Examples: “100000 bps” “100 kbps” “10 mbps”
`sample`	Integer
`truncate`	Dictionary
`enabled`	Boolean
`size`	Integer				Size in bytes
`ethernet_segment`	Dictionary				Settings for all or single-active EVPN multihoming.
`short_esi`	String	Required			In format xxxx:xxxx:xxxx or “auto”. Define a manual short-esi (be careful using this on profiles) or set the value to “auto” to automatically generate the value. Please see the notes under “EVPN A/A ESI dual and single-attached endpoint scenarios” before setting `short_esi: auto`.
`redundancy`	String			Valid Values: - all-active - single-active	If omitted, Port-Channels use the EOS default of all-active. If omitted, Ethernet interfaces are configured as single-active.
`designated_forwarder_algorithm`	String			Valid Values: - auto - modulus - preference	Configure DF algorithm and preferences. - auto: Use preference-based algorithm and assign preference based on position of device in the ‘switches’ list, e.g., assuming a list of three switches, this would assign a preference of 200 to the first switch, 100 to the 2^nd, and 0 to the third. - preference: Set preference for each switch manually using designated_forwarder_preferences key. - modulus: Use the default modulus-based algorithm. If omitted, Port-Channels use the EOS default of modulus. If omitted, Ethernet interfaces default to the ‘auto’ mechanism detailed above.
`designated_forwarder_preferences`	List, items: String				Manual preference as described above, required only for preference algorithm.
`- <str>`	String
`dont_preempt`	Boolean				Disable preemption for single-active forwarding when auto/manual DF preference is configured.
`port_channel`	Dictionary				Used for port-channel adapter.
`mode`	String			Valid Values: - active - passive - on	Port-Channel Mode.
`channel_id`	Integer				Port-Channel ID. If no channel_id is specified, an id is generated from the first switch port in the port channel.
`description`	String				By default the description is built leveraging `<peer>` name or `adapter.description` when defined. When this key is defined, it will append its content to the physical port description.
`enabled`	Boolean		`True`		Port-Channel administrative state. Setting to false will set port to ‘shutdown’ in intended configuration.
`esi` removed	String				Format xxxx:xxxx:xxxx.This key was removed. Support was removed in AVD version 4.0.0. Use `short_esi` instead.
`short_esi`	String				In format xxxx:xxxx:xxxx or “auto”.
`lacp_fallback`	Dictionary				LACP fallback configuration.
`mode`	String			Valid Values: - static	Currently only static mode is supported.
`timeout`	Integer				Timeout in seconds. EOS default is 90 seconds.
`lacp_timer`	Dictionary				LACP timer configuration. Applies only when Port-channel mode is not “on”.
`mode`	String			Valid Values: - normal - fast	LACP mode for interface members.
`multiplier`	Integer				Number of LACP BPDUs lost before deeming the peer down. EOS default is 3.
`subinterfaces`	List, items: Dictionary				Port-Channel L2 Subinterfaces Subinterfaces are only supported on routed port-channels, which means they cannot be configured on MLAG port-channels. Setting short_esi: auto generates the short_esi automatically using a hash of configuration elements. Please see the notes under “EVPN A/A ESI dual-attached endpoint scenario” before setting short_esi: auto.
`- number`	Integer				Subinterface number
`short_esi`	String				In format xxxx:xxxx:xxxx or “auto” Required for multihomed port-channels with subinterfaces
`vlan_id`	Integer			Min: 1 Max: 4094	VLAN ID to bridge. Default is subinterface number.
`encapsulation_vlan`	Dictionary				Client VLAN ID encapsulation. Default is subinterface number.
`client_dot1q`	Integer			Min: 1 Max: 4094
`raw_eos_cli`	String				EOS CLI rendered directly on the port-channel interface in the final EOS configuration.
`structured_config`	Dictionary				Custom structured config added under port_channel_interfaces. for eos_cli_config_gen.
`raw_eos_cli`	String				EOS CLI rendered directly on the ethernet interface in the final EOS configuration.
`structured_config`	Dictionary				Custom structured config added under ethernet_interfaces. for eos_cli_config_gen.

network_ports:
  - switches:
      - <str>
    switch_ports:
      - <str>
    description: <str>
    speed: <str>
    profile: <str>
    enabled: <bool>
    mode: <str>
    mtu: <int>
    l2_mtu: <int>
    native_vlan: <int>
    native_vlan_tag: <bool>
    trunk_groups:
      - <str>
    vlans: <str>
    spanning_tree_portfast: <str>
    spanning_tree_bpdufilter: <str>
    spanning_tree_bpduguard: <str>
    flowcontrol:
      received: <str>
    qos_profile: <str>
    ptp:
      enabled: <bool>
      endpoint_role: <str>
      profile: <str>
    link_tracking:
      enabled: <bool>
      name: <str>
    dot1x:
      port_control: <str>
      port_control_force_authorized_phone: <bool>
      reauthentication: <bool>
      pae:
        mode: <str>
      authentication_failure:
        action: <str>
        allow_vlan: <int>
      host_mode:
        mode: <str>
        multi_host_authenticated: <bool>
      mac_based_authentication:
        enabled: <bool>
        always: <bool>
        host_mode_common: <bool>
      timeout:
        idle_host: <int>
        quiet_period: <int>
        reauth_period: <str>
        reauth_timeout_ignore: <bool>
        tx_period: <int>
      reauthorization_request_limit: <int>
    poe:
      disabled: <bool>
      priority: <str>
      reboot:
        action: <str>
      link_down:
        action: <str>
        power_off_delay: <int>
      shutdown:
        action: <str>
      limit:
        class: <int>
        watts: <str>
        fixed: <bool>
      negotiation_lldp: <bool>
      legacy_detect: <bool>
    storm_control:
      all:
        level: <str>
        unit: <str>
      broadcast:
        level: <str>
        unit: <str>
      multicast:
        level: <str>
        unit: <str>
      unknown_unicast:
        level: <str>
        unit: <str>
    monitor_sessions:
      - name: <str>
        role: <str>
        source_settings:
          direction: <str>
          access_group:
            type: <str>
            name: <str>
            priority: <int>
        session_settings:
          encapsulation_gre_metadata_tx: <bool>
          header_remove_size: <int>
          access_group:
            type: <str>
            name: <str>
          rate_limit_per_ingress_chip: <str>
          rate_limit_per_egress_chip: <str>
          sample: <int>
          truncate:
            enabled: <bool>
            size: <int>
    ethernet_segment:
      short_esi: <str>
      redundancy: <str>
      designated_forwarder_algorithm: <str>
      designated_forwarder_preferences:
        - <str>
      dont_preempt: <bool>
    port_channel:
      mode: <str>
      channel_id: <int>
      description: <str>
      enabled: <bool>
      short_esi: <str>
      lacp_fallback:
        mode: <str>
        timeout: <int>
      lacp_timer:
        mode: <str>
        multiplier: <int>
      subinterfaces:
        - number: <int>
          short_esi: <str>
          vlan_id: <int>
          encapsulation_vlan:
            client_dot1q: <int>
      raw_eos_cli: <str>
      structured_config: <dict>
    raw_eos_cli: <str>
    structured_config: <dict>

Port profiles settings¶

Optional profiles to share common settings for connected_endpoints and/or network_ports. Keys are the same as used under endpoint adapters. Keys defined under endpoints adapters take precedence.

A port profile can refer to another port profile using parent_profile to inherit settings in up to two levels (adapter->profile->parent_profile).

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`port_profiles`	List, items: Dictionary				Optional profiles to share common settings for connected_endpoints and/or network_ports. Keys are the same used under endpoints adapters. Keys defined under endpoints adapters take precedence.
`- profile`	String	Required, Unique			Port profile name.
`parent_profile`	String				Parent profile is optional. Port_profiles can refer to another port_profile to inherit settings in up to two levels (adapter->profile->parent_profile).
`speed`	String				Set adapter speed: `< interface_speed >`, `forced < interface_speed >`, `auto < interface_speed >`. If not specified will be auto.
`description`	String				By default the description is built leveraging `<peer>_<peer_interface>`. When set this key will overide the default value on the physical ports.
`enabled`	Boolean		`True`		Administrative state, setting to false will set the port to ‘shutdown’ in the intended configuration.
`mode`	String			Valid Values: - access - dot1q-tunnel - trunk - trunk phone	Interface mode.
`mtu`	Integer			Min: 68 Max: 65535
`l2_mtu`	Integer			Min: 68 Max: 9416	This should only be defined for platforms supporting the “l2 mtu” CLI command.
`native_vlan`	Integer			Min: 1 Max: 4094	Native VLAN for a trunk port. If both `native_vlan` and `native_vlan_tag`, `native_vlan_tag` takes precedence.
`native_vlan_tag`	Boolean		`False`		If both `native_vlan` and `native_vlan_tag`, `native_vlan_tag` takes precedence.
`trunk_groups`	List, items: String				Required with `enable_trunk_groups: true`. Trunk Groups are used for limiting VLANs on trunk ports to VLANs with the same Trunk Group.
`- <str>`	String
`vlans`	String				Interface VLANs - if not set, the EOS default is that all VLANs are allowed for trunk ports, and VLAN 1 will be used for access ports.
`spanning_tree_portfast`	String			Valid Values: - edge - network
`spanning_tree_bpdufilter`	String			Valid Values: - enabled - disabled - True - False - true - false
`spanning_tree_bpduguard`	String			Valid Values: - enabled - disabled - True - False - true - false
`flowcontrol`	Dictionary
`received`	String			Valid Values: - received - send - on
`qos_profile`	String				QOS profile name
`ptp`	Dictionary				The global PTP profile parameters will be applied to all connected endpoints where `ptp` is manually enabled. `ptp role master` is set to ensure control over the PTP topology.
`enabled`	Boolean		`False`
`endpoint_role`	String		`follower`	Valid Values: - bmca - default - follower
`profile`	String		`aes67-r16-2016`	Valid Values: - aes67 - aes67-r16-2016 - smpte2059-2
`link_tracking`	Dictionary				Configure the downstream interfaces of a respective Link Tracking Group. If `port_channel` is defined in an adapter, then the port-channel interface is configured to be the downstream. Else all the ethernet interfaces will be configured as downstream -> to configure single-active EVPN multihomed networks.
`enabled`	Boolean
`name`	String				Tracking group name. The default group name is taken from fabric variable of the switch, `link_tracking.groups[0].name` with default value being “LT_GROUP1”. Optional if default link_tracking settings are configured on the node.
`dot1x`	Dictionary				802.1x
`port_control`	String			Valid Values: - auto - force-authorized - force-unauthorized
`port_control_force_authorized_phone`	Boolean
`reauthentication`	Boolean
`pae`	Dictionary
`mode`	String			Valid Values: - authenticator
`authentication_failure`	Dictionary
`action`	String			Valid Values: - allow - drop
`allow_vlan`	Integer			Min: 1 Max: 4094
`host_mode`	Dictionary
`mode`	String			Valid Values: - multi-host - single-host
`multi_host_authenticated`	Boolean
`mac_based_authentication`	Dictionary
`enabled`	Boolean
`always`	Boolean
`host_mode_common`	Boolean
`timeout`	Dictionary
`idle_host`	Integer			Min: 10 Max: 65535
`quiet_period`	Integer			Min: 1 Max: 65535
`reauth_period`	String				Range 60-4294967295 or “server”.
`reauth_timeout_ignore`	Boolean
`tx_period`	Integer			Min: 1 Max: 65535
`reauthorization_request_limit`	Integer			Min: 1 Max: 10
`poe`	Dictionary				Power Over Ethernet settings applied on port. Only configured if platform supports PoE.
`disabled`	Boolean		`False`		Disable PoE on a POE capable port. PoE is enabled on all ports that support it by default in EOS.
`priority`	String			Valid Values: - critical - high - medium - low	Prioritize a port’s power in the event that one of the switch’s power supplies loses power
`reboot`	Dictionary				Set the PoE power behavior for a PoE port when the system is rebooted
`action`	String			Valid Values: - maintain - power-off	PoE action for interface
`link_down`	Dictionary				Set the PoE power behavior for a PoE port when the port goes down
`action`	String			Valid Values: - maintain - power-off	PoE action for interface
`power_off_delay`	Integer			Min: 1 Max: 86400	Number of seconds to delay shutting the power off after a link down event occurs. Default value is 5 seconds in EOS.
`shutdown`	Dictionary				Set the PoE power behavior for a PoE port when the port is admin down
`action`	String			Valid Values: - maintain - power-off	PoE action for interface
`limit`	Dictionary				Override the hardware-negotiated power limit using either wattage or a power class. Note that if using a power class, AVD will automatically convert the class value to the wattage value corresponding to that power class.
`class`	Integer			Min: 0 Max: 8
`watts`	String
`fixed`	Boolean				Set to ignore hardware classification
`negotiation_lldp`	Boolean				Disable to prevent port from negotiating power with powered devices over LLDP. Enabled by default in EOS.
`legacy_detect`	Boolean				Allow a subset of legacy devices to work with the PoE switch. Disabled by default in EOS because it can cause false positive detections.
`storm_control`	Dictionary				Storm control settings applied on port toward the endpoint.
`all`	Dictionary
`level`	String				Configure maximum storm-control level.
`unit`	String		`percent`	Valid Values: - percent - pps	Optional variable and is hardware dependent.
`broadcast`	Dictionary
`level`	String				Configure maximum storm-control level.
`unit`	String		`percent`	Valid Values: - percent - pps	Optional variable and is hardware dependent.
`multicast`	Dictionary
`level`	String				Configure maximum storm-control level.
`unit`	String		`percent`	Valid Values: - percent - pps	Optional variable and is hardware dependent.
`unknown_unicast`	Dictionary
`level`	String				Configure maximum storm-control level.
`unit`	String		`percent`	Valid Values: - percent - pps	Optional variable and is hardware dependent.
`monitor_sessions`	List, items: Dictionary				Used to define switchports as source or destination for monitoring sessions.
`- name`	String	Required			Session name.
`role`	String			Valid Values: - source - destination
`source_settings`	Dictionary
`direction`	String			Valid Values: - rx - tx - both
`access_group`	Dictionary
`type`	String			Valid Values: - ip - ipv6 - mac
`name`	String				ACL name.
`priority`	Integer
`session_settings`	Dictionary				Session settings are defined per session name. Different session_settings for the same session name will be combined/merged.
`encapsulation_gre_metadata_tx`	Boolean
`header_remove_size`	Integer				Number of bytes to remove from header.
`access_group`	Dictionary
`type`	String			Valid Values: - ip - ipv6 - mac
`name`	String				ACL name.
`rate_limit_per_ingress_chip`	String				Ratelimit and unit as string. Examples: “100000 bps” “100 kbps” “10 mbps”
`rate_limit_per_egress_chip`	String				Ratelimit and unit as string. Examples: “100000 bps” “100 kbps” “10 mbps”
`sample`	Integer
`truncate`	Dictionary
`enabled`	Boolean
`size`	Integer				Size in bytes
`ethernet_segment`	Dictionary				Settings for all or single-active EVPN multihoming.
`short_esi`	String	Required			In format xxxx:xxxx:xxxx or “auto”. Define a manual short-esi (be careful using this on profiles) or set the value to “auto” to automatically generate the value. Please see the notes under “EVPN A/A ESI dual and single-attached endpoint scenarios” before setting `short_esi: auto`.
`redundancy`	String			Valid Values: - all-active - single-active	If omitted, Port-Channels use the EOS default of all-active. If omitted, Ethernet interfaces are configured as single-active.
`designated_forwarder_algorithm`	String			Valid Values: - auto - modulus - preference	Configure DF algorithm and preferences. - auto: Use preference-based algorithm and assign preference based on position of device in the ‘switches’ list, e.g., assuming a list of three switches, this would assign a preference of 200 to the first switch, 100 to the 2^nd, and 0 to the third. - preference: Set preference for each switch manually using designated_forwarder_preferences key. - modulus: Use the default modulus-based algorithm. If omitted, Port-Channels use the EOS default of modulus. If omitted, Ethernet interfaces default to the ‘auto’ mechanism detailed above.
`designated_forwarder_preferences`	List, items: String				Manual preference as described above, required only for preference algorithm.
`- <str>`	String
`dont_preempt`	Boolean				Disable preemption for single-active forwarding when auto/manual DF preference is configured.
`port_channel`	Dictionary				Used for port-channel adapter.
`mode`	String			Valid Values: - active - passive - on	Port-Channel Mode.
`channel_id`	Integer				Port-Channel ID. If no channel_id is specified, an id is generated from the first switch port in the port channel.
`description`	String				By default the description is built leveraging `<peer>` name or `adapter.description` when defined. When this key is defined, it will append its content to the physical port description.
`enabled`	Boolean		`True`		Port-Channel administrative state. Setting to false will set port to ‘shutdown’ in intended configuration.
`esi` removed	String				Format xxxx:xxxx:xxxx.This key was removed. Support was removed in AVD version 4.0.0. Use `short_esi` instead.
`short_esi`	String				In format xxxx:xxxx:xxxx or “auto”.
`lacp_fallback`	Dictionary				LACP fallback configuration.
`mode`	String			Valid Values: - static	Currently only static mode is supported.
`timeout`	Integer				Timeout in seconds. EOS default is 90 seconds.
`lacp_timer`	Dictionary				LACP timer configuration. Applies only when Port-channel mode is not “on”.
`mode`	String			Valid Values: - normal - fast	LACP mode for interface members.
`multiplier`	Integer				Number of LACP BPDUs lost before deeming the peer down. EOS default is 3.
`subinterfaces`	List, items: Dictionary				Port-Channel L2 Subinterfaces Subinterfaces are only supported on routed port-channels, which means they cannot be configured on MLAG port-channels. Setting short_esi: auto generates the short_esi automatically using a hash of configuration elements. Please see the notes under “EVPN A/A ESI dual-attached endpoint scenario” before setting short_esi: auto.
`- number`	Integer				Subinterface number
`short_esi`	String				In format xxxx:xxxx:xxxx or “auto” Required for multihomed port-channels with subinterfaces
`vlan_id`	Integer			Min: 1 Max: 4094	VLAN ID to bridge. Default is subinterface number.
`encapsulation_vlan`	Dictionary				Client VLAN ID encapsulation. Default is subinterface number.
`client_dot1q`	Integer			Min: 1 Max: 4094
`raw_eos_cli`	String				EOS CLI rendered directly on the port-channel interface in the final EOS configuration.
`structured_config`	Dictionary				Custom structured config added under port_channel_interfaces. for eos_cli_config_gen.
`raw_eos_cli`	String				EOS CLI rendered directly on the ethernet interface in the final EOS configuration.
`structured_config`	Dictionary				Custom structured config added under ethernet_interfaces. for eos_cli_config_gen.

port_profiles:
  - profile: <str>
    parent_profile: <str>
    speed: <str>
    description: <str>
    enabled: <bool>
    mode: <str>
    mtu: <int>
    l2_mtu: <int>
    native_vlan: <int>
    native_vlan_tag: <bool>
    trunk_groups:
      - <str>
    vlans: <str>
    spanning_tree_portfast: <str>
    spanning_tree_bpdufilter: <str>
    spanning_tree_bpduguard: <str>
    flowcontrol:
      received: <str>
    qos_profile: <str>
    ptp:
      enabled: <bool>
      endpoint_role: <str>
      profile: <str>
    link_tracking:
      enabled: <bool>
      name: <str>
    dot1x:
      port_control: <str>
      port_control_force_authorized_phone: <bool>
      reauthentication: <bool>
      pae:
        mode: <str>
      authentication_failure:
        action: <str>
        allow_vlan: <int>
      host_mode:
        mode: <str>
        multi_host_authenticated: <bool>
      mac_based_authentication:
        enabled: <bool>
        always: <bool>
        host_mode_common: <bool>
      timeout:
        idle_host: <int>
        quiet_period: <int>
        reauth_period: <str>
        reauth_timeout_ignore: <bool>
        tx_period: <int>
      reauthorization_request_limit: <int>
    poe:
      disabled: <bool>
      priority: <str>
      reboot:
        action: <str>
      link_down:
        action: <str>
        power_off_delay: <int>
      shutdown:
        action: <str>
      limit:
        class: <int>
        watts: <str>
        fixed: <bool>
      negotiation_lldp: <bool>
      legacy_detect: <bool>
    storm_control:
      all:
        level: <str>
        unit: <str>
      broadcast:
        level: <str>
        unit: <str>
      multicast:
        level: <str>
        unit: <str>
      unknown_unicast:
        level: <str>
        unit: <str>
    monitor_sessions:
      - name: <str>
        role: <str>
        source_settings:
          direction: <str>
          access_group:
            type: <str>
            name: <str>
            priority: <int>
        session_settings:
          encapsulation_gre_metadata_tx: <bool>
          header_remove_size: <int>
          access_group:
            type: <str>
            name: <str>
          rate_limit_per_ingress_chip: <str>
          rate_limit_per_egress_chip: <str>
          sample: <int>
          truncate:
            enabled: <bool>
            size: <int>
    ethernet_segment:
      short_esi: <str>
      redundancy: <str>
      designated_forwarder_algorithm: <str>
      designated_forwarder_preferences:
        - <str>
      dont_preempt: <bool>
    port_channel:
      mode: <str>
      channel_id: <int>
      description: <str>
      enabled: <bool>
      short_esi: <str>
      lacp_fallback:
        mode: <str>
        timeout: <int>
      lacp_timer:
        mode: <str>
        multiplier: <int>
      subinterfaces:
        - number: <int>
          short_esi: <str>
          vlan_id: <int>
          encapsulation_vlan:
            client_dot1q: <int>
      raw_eos_cli: <str>
      structured_config: <dict>
    raw_eos_cli: <str>
    structured_config: <dict>

Connected endpoints keys settings¶

The keys used to define Connected Endpoints are configurable using connected_endpoints_keys.

Endpoints connecting to the fabric can be grouped by using separate keys. The keys can be customized to provide a better better organization or grouping of your data.

connected_endpoints_keys should be defined in the top level group_vars for the fabric.

Note

The default values will be overridden if defining this key, so it is recommended to copy the defaults and modify them.

TableYAML

Variable	Type	Required	Default	Description
`connected_endpoints_keys`	List, items: Dictionary		See (+) on YAML tab	Endpoints connecting to the fabric can be grouped by using separate keys. The keys can be customized to provide a better better organization or grouping of your data. `connected_endpoints_keys` should be defined in the top level group_vars for the fabric. The default values will be overridden if defining this key, so it is recommended to copy the defaults and modify them.
`- key`	String	Required, Unique
`type`	String			Type used for documentation.
`description`	String			Description used for documentation.

connected_endpoints_keys: # (1)!
  - key: <str>
    type: <str>
    description: <str>

Default Value

connected_endpoints_keys:
- description: Server
  key: servers
  type: server
- description: Firewall
  key: firewalls
  type: firewall
- description: Router
  key: routers
  type: router
- description: Load Balancer
  key: load_balancers
  type: load_balancer
- description: Storage Array
  key: storage_arrays
  type: storage_array
- description: CPE
  key: cpes
  type: cpe
- description: Workstation
  key: workstations
  type: workstation
- description: Access Point
  key: access_points
  type: access_point
- description: Phone
  key: phones
  type: phone
- description: Printer
  key: printers
  type: printer
- description: Camera
  key: cameras
  type: camera
- description: Generic Device
  key: generic_devices
  type: generic_device

Network Services¶

The network services variabless provide an abstracted model to define network services across the fabric. The network services are grouped by tenants. The definition of a tenant may vary between organizations. E.g. tenants can be organizations or departments.

The filtering models defined under Node type network services configuration allows for granular deployment of network services to the fabric leveraging the tenant name and tags applied to the service definition.

This allows for the re-use of SVI/VLAN IDs across the fabric.
An error will be returned at runtime in case of duplicate or conflicting SVI/VLAN IDs or VNIs targeted towards the same device.

Network services settings¶

The supported network services for each tenant cover:

VRFs
- SVIs
- L3 Interfaces
- BGP routing
- OSPF routing
L2 VLANs
Point-to-point services (Pseudowires, only for MPLS designs)
Multicast

Typically services within each tenant share common VNI ranges and MAC VRF assignment pattern.

The keys used to define network services are configurable using network_services_keys. The default available keys is tenants.

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`<network_services_keys.name>`	List, items: Dictionary
`- name`	String	Required, Unique			Specify a tenant name. Tenant provide a construct to group L3 VRFs and L2 VLANs. Networks services can be filtered by tenant name.
`mac_vrf_vni_base`	Integer			Min: 0 Max: 16770000	Base number for MAC VRF VXLAN Network Identifier (required with VXLAN). VXLAN VNI is derived from the base number with simple addition. i.e. mac_vrf_vni_base = 10000, svi 100 = VNI 10100, svi 300 = VNI 10300.
`mac_vrf_id_base`	Integer			Min: 0 Max: 16770000	If not set, “mac_vrf_vni_base” will be used. Base number for MAC VRF RD/RT ID (Required unless mac_vrf_vni_base is set) ID is derived from the base number with simple addition. i.e. mac_vrf_id_base = 10000, svi 100 = RD/RT 10100, svi 300 = RD/RT 10300.
`vlan_aware_bundle_number_base`	Integer		`0`		Base number for VLAN aware bundle RD/RT. The “Assigned Number” part of RD/RT is derived from vrf_vni + vlan_aware_bundle_number_base.
`evpn_l2_multi_domain`	Boolean		`True`		Explicitly extend all VLANs/VLAN-Aware Bundles inside the tenant to remote EVPN domains.

<network_services_keys.name>:
  - name: <str>
    mac_vrf_vni_base: <int>
    mac_vrf_id_base: <int>
    vlan_aware_bundle_number_base: <int>
    evpn_l2_multi_domain: <bool>

Network services VRFs configuration¶

TableYAML

Variable	Type	Required	Value Restrictions	Description
`<network_services_keys.name>`	List, items: Dictionary
`- name`	String	Required, Unique		Specify a tenant name. Tenant provide a construct to group L3 VRFs and L2 VLANs. Networks services can be filtered by tenant name.
`enable_mlag_ibgp_peering_vrfs`	Boolean			MLAG iBGP peering per VRF. By default an iBGP peering is configured per VRF between MLAG peers on separate VLANs. Setting enable_mlag_ibgp_peering_vrfs: false under tenant will change this default to prevent configuration of these peerings and VLANs for all VRFs in the tenant. This setting can be overridden per VRF.
`vrfs`	List, items: Dictionary			VRFs will only be configured on a node if any of the underlying objects like `svis` or `l3_interfaces` apply to the node. It is recommended to only define a VRF in one Tenant. If the same VRF name is used across multiple tenants and those tenants are accepted by `filter.tenants` on the node, any object set under the duplicate VRFs must either be unique or be an exact match. VRF “default” is partially supported under network-services. Currently the supported options for “default” vrf are route-target, route-distinguisher settings, structured_config, raw_eos_cli in bgp and SVIs are the only supported interface type. Vlan-aware-bundles are supported as well inside default vrf. OSPF is not supported currently.
`- name`	String	Required, Unique
`address_families`	List, items: String
`- <str>`	String		Valid Values: - evpn - vpn-ipv4 - vpn-ipv6
`description`	String			VRF description.
`vrf_vni`	Integer		Min: 1 Max: 16777215	Required if “vrf_id” is not set. The VRF VNI range is not limited, but if vrf_id is not set, “vrf_vni” is used for calculating MLAG iBGP peering vlan id. “vrf_vni” may also be used for VRF RD/RT ID. See “overlay_rd_type” and “overlay_rt_type” for details. See “mlag_ibgp_peering_vrfs.base_vlan” for details. If vrf_vni > 10000 make sure to adjust “mac_vrf_vni_base” accordingly to avoid overlap.
`vrf_id`	Integer		Min: 1 Max: 1024	Required if “vrf_vni” is not set. “vrf_id” is used as default value for “vrf_vni” and “ospf.process_id” unless those are set. “vrf_id” may also be used for VRF RD/RT ID. See “overlay_rd_type” and “overlay_rt_type” for details. “vrf_id” is preferred over “vrf_vni” for MLAG iBGP peering vlan, see “mlag_ibgp_peering_vrfs.base_vlan” for details.
`mlag_ibgp_peering_ipv4_pool`	String			IPv4_address/Mask The subnet used for iBGP peering in the VRF. Each MLAG pair will be assigned a subnet based on the ID of the primary MLAG switch. If not set, “mlag_peer_l3_ipv4_pool” or “mlag_peer_ipv4_pool” will be used.
`ip_helpers`	List, items: Dictionary			IP helper for DHCP relay.
`- ip_helper`	String	Required, Unique		IPv4 DHCP server IP.
`source_interface`	String			Interface name.
`source_vrf`	String			VRF to originate DHCP relay packets to DHCP server. If not set, uses current VRF.
`enable_mlag_ibgp_peering_vrfs`	Boolean			MLAG iBGP peering per VRF. By default an iBGP peering is configured per VRF between MLAG peers on separate VLANs. Setting enable_mlag_ibgp_peering_vrfs: false under vrf will change this default and/or override the tenant-wide setting.
`mlag_ibgp_peering_vlan`	Integer		Min: 1 Max: 4096	Manually define the VLAN used on the MLAG pair for the iBGP session. By default this parameter is calculated using the following formula: + - 1.
`vtep_diagnostic`	Dictionary			Enable VTEP Network diagnostics. This will create a loopback with virtual source-nat enable to perform diagnostics from the switch.
`loopback`	Integer		Min: 2 Max: 2100	Loopback interface number, required when vtep_diagnotics defined.
`loopback_description`	String			Provide a custom description for loopback interface.
`loopback_ip_range`	String			IPv4_address/Mask. Loopback ip range, a unique ip is derived from this ranged and assignedto each l3 leaf based on it’s unique id. Loopback is not created unless loopback_ip_range or loopback_ip_pools are set.
`loopback_ip_pools`	List, items: Dictionary			For inventories with multiple PODs a loopback range can be set per POD to avoid overlaps. This only takes effect when loopback_ip_range is not defined, ptional (loopback is not created unless loopback_ip_range or loopback_ip_pools are set).
`- pod`	String			POD name.
`ipv4_pool`	String			IPv4_address/Mask.
`static_routes`	List, items: Dictionary			List of static routes for v4 and/or v6. This will create static routes inside the tenant VRF. If nodes are not specified, all l3leafs that carry the VRF will also be applied the static routes. If a node has a static route in the VRF, redistribute static will be automatically enabled in that VRF. This automatic behavior can be overridden non-selectively with the redistribute_static knob for the VRF.
`- destination_address_prefix`	String			IPv4_address.
`gateway`	String			IPv4_address.
`track_bfd`	Boolean			Track next-hop using BFD.
`distance`	Integer		Min: 1 Max: 255
`tag`	Integer		Min: 0 Max: 4294967295
`name`	String			description.
`metric`	Integer		Min: 0 Max: 4294967295
`interface`	String
`nodes`	List, items: String
`- <str>`	String
`ipv6_static_routes`	List, items: Dictionary
`- destination_address_prefix`	String			IPv6_address.
`gateway`	String
`track_bfd`	Boolean			Track next-hop using BFD.
`distance`	Integer		Min: 1 Max: 255
`tag`	Integer		Min: 0 Max: 4294967295
`name`	String			description.
`metric`	Integer		Min: 0 Max: 4294967295
`interface`	String
`nodes`	List, items: String
`- <str>`	String
`redistribute_static`	Boolean			Non-selectively enabling or disabling redistribute static inside the VRF.
`bgp`	Dictionary
`raw_eos_cli`	String			EOS CLI rendered directly on the Router BGP, VRF definition in the final EOS configuration.
`structured_config`	Dictionary			Custom structured config added under router_bgp.vrfs. for eos_cli_config_gen.
`additional_route_targets`	List, items: Dictionary			Configuration of extra route-targets for this VRF. Useful for route-leaking or gateway between address families.
`- type`	String		Valid Values: - import - export
`address_family`	String
`route_target`	String
`nodes`	List, items: String			Nodes is required to restrict configuration of BGP neighbors to certain nodes in the network.
`- <str>`	String
`raw_eos_cli`	String			EOS CLI rendered directly on the root level of the final EOS configuration.
`structured_config`	Dictionary			Custom structured config for eos_cli_config_gen.

<network_services_keys.name>:
  - name: <str>
    enable_mlag_ibgp_peering_vrfs: <bool>
    vrfs:
      - name: <str>
        address_families:
          - <str>
        description: <str>
        vrf_vni: <int>
        vrf_id: <int>
        mlag_ibgp_peering_ipv4_pool: <str>
        ip_helpers:
          - ip_helper: <str>
            source_interface: <str>
            source_vrf: <str>
        enable_mlag_ibgp_peering_vrfs: <bool>
        mlag_ibgp_peering_vlan: <int>
        vtep_diagnostic:
          loopback: <int>
          loopback_description: <str>
          loopback_ip_range: <str>
          loopback_ip_pools:
            - pod: <str>
              ipv4_pool: <str>
        static_routes:
          - destination_address_prefix: <str>
            gateway: <str>
            track_bfd: <bool>
            distance: <int>
            tag: <int>
            name: <str>
            metric: <int>
            interface: <str>
            nodes:
              - <str>
        ipv6_static_routes:
          - destination_address_prefix: <str>
            gateway: <str>
            track_bfd: <bool>
            distance: <int>
            tag: <int>
            name: <str>
            metric: <int>
            interface: <str>
            nodes:
              - <str>
        redistribute_static: <bool>
        bgp:
          raw_eos_cli: <str>
          structured_config: <dict>
        additional_route_targets:
          - type: <str>
            address_family: <str>
            route_target: <str>
            nodes:
              - <str>
        raw_eos_cli: <str>
        structured_config: <dict>

Network services VRF SVIs configuration¶

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`<network_services_keys.name>`	List, items: Dictionary
`- name`	String	Required, Unique			Specify a tenant name. Tenant provide a construct to group L3 VRFs and L2 VLANs. Networks services can be filtered by tenant name.
`vrfs`	List, items: Dictionary				VRFs will only be configured on a node if any of the underlying objects like `svis` or `l3_interfaces` apply to the node. It is recommended to only define a VRF in one Tenant. If the same VRF name is used across multiple tenants and those tenants are accepted by `filter.tenants` on the node, any object set under the duplicate VRFs must either be unique or be an exact match. VRF “default” is partially supported under network-services. Currently the supported options for “default” vrf are route-target, route-distinguisher settings, structured_config, raw_eos_cli in bgp and SVIs are the only supported interface type. Vlan-aware-bundles are supported as well inside default vrf. OSPF is not supported currently.
`- name`	String	Required, Unique
`svis`	List, items: Dictionary				List of SVIs. This will create both the L3 SVI and L2 VLAN based on filters applied to the node.
`- id`	Integer	Required, Unique		Min: 1 Max: 4096	SVI interface id and VLAN id.
`name`	String	Required			VLAN name.
`profile`	String				SVI profile name to apply. SVI can refer to one svi_profile which again can refer to another svi_profile to inherit settings in up to two levels (svi -> svi_profile -> svi_parent_profile).
`nodes`	List, items: Dictionary				Define node specific configuration, such as unique IP addresses. Any keys set here will be merged onto the SVI config, except `structured_config` keys which will replace the `structured_config` set on SVI level.
`- node`	String	Required, Unique			l3_leaf inventory hostname
`name`	String				VLAN name
`enabled`	Boolean				Enable or disable interface
`description`	String				SVI description. By default set to VLAN name.
`ip_address`	String				IPv4_address/Mask. Usually set under “nodes” to have unique IPv4 addresses per node.
`ipv6_address`	String				IPv6_address/Mask. Usually set under “nodes” to have unique IPv6 addresses per node.
`ipv6_enable`	Boolean				Explicitly enable/disable link-local IPv6 addressing.
`ip_address_virtual`	String				IPv4_address/Mask IPv4 VXLAN Anycast IP address Conserves IP addresses in VXLAN deployments as it doesn’t require unique IP addresses on each node.
`ipv6_address_virtual` deprecated	String				IPv6_address/Mask ipv6 address virtuals to configure VXLAN Anycast IP address (Optional) If both “ipv6_address_virtual” and “ipv6_address_virtuals” are set, all addresses will be configured This key is deprecated. Support will be removed in AVD version 5.0.0. Use `ipv6_address_virtuals` instead.
`ipv6_address_virtuals`	List, items: String				IPv6 VXLAN Anycast IP addresses Conserves IPv6 addresses in VXLAN deployments as it doesn’t require unique IPv6 addresses on each node.
`- <str>`	String				IPv6_address/Mask
`ip_address_virtual_secondaries`	List, items: String				Secondary IPv4 VXLAN Anycast IP addresses
`- <str>`	String				IPv4_address/Mask
`ip_virtual_router_addresses`	List, items: String				IPv4 VARP addresses. Requires an IP address to be configured on the SVI. If ip_address_virtual is also set, ip_virtual_router_addresses will take precedence if there is an ip_address configured for the node.
`- <str>`	String				IPv4_address/Mask or IPv4_address IPv4_address/Mask will also configure a static route to the SVI per best practice.
`ipv6_virtual_router_addresses`	List, items: String				IPv6 VARP addresses. Requires an IPv6 address to be configured on the SVI. If ipv6_address_virtuals is also set, ipv6_virtual_router_addresses will take precedence if there is an ipv6_address configured for the node.
`- <str>`	String				IPv6_address
`ip_helpers`	List, items: Dictionary				IP helper for DHCP relay
`- ip_helper`	String	Required, Unique			IPv4 DHCP server IP
`source_interface`	String				Interface name to originate DHCP relay packets to DHCP server.
`source_vrf`	String				VRF to originate DHCP relay packets to DHCP server. If not set, EOS uses the VRF on the SVI.
`vni_override`	Integer			Min: 1 Max: 16777215	By default the VNI will be derived from “mac_vrf_vni_base”. The vni_override allows us to override this value and statically define it (optional).
`rt_override`	String				By default the MAC VRF RT will be derived from mac_vrf_id_base + vlan_id. The rt_override allows us to override this value and statically define it. rt_override will default to vni_override if set. rt_override supports two formats: - A single number which will be used in the RT fields instead of mac_vrf_id/mac_vrf_vni (see ‘overlay_rt_type’ for details). - A full RT string with colon seperator which will override the full RT.
`rd_override`	String				By default the MAC VRF RD will be derived from mac_vrf_id_base + vlan_id. The rt_override allows us to override this value and statically define it. rd_override will default to rt_override or vni_override if set. rd_override supports two formats: - A single number which will be used in the RD assigned number field instead of mac_vrf_id/mac_vrf_vni (see ‘overlay_rd_type’ for details). - A full RD string with colon seperator which will override the full RD.
`tags`	List, items: String		`['all']`		Tags leveraged for networks services filtering. Tags are matched against “filter.tags” defined under node type settings. Tags are also matched against the “node_group” name under node type settings.
`- <str>`	String				Tag value.
`trunk_groups`	List, items: String
`- <str>`	String				Trunk groups are used for limiting vlans to trunk ports assigned to the same trunk group. Requires “enable_trunk_groups: true”.
`vxlan`	Boolean		`True`		Extend this SVI over VXLAN.
`mtu`	Integer				Interface MTU.
`bgp`	Dictionary
`structured_config`	Dictionary				Structured configuration and EOS CLI commands rendered on router_bgp.vlans. This configuration will not be applied to vlan aware bundles
`raw_eos_cli`	String				EOS CLI rendered directly on the Router BGP, VLAN definition in the final EOS configuration.
`raw_eos_cli`	String				EOS CLI rendered directly on the VLAN interface in the final EOS configuration.
`structured_config`	Dictionary				Custom structured config added under vlan_interfaces. for eos_cli_config_gen.
`enabled`	Boolean				Enable or disable interface
`description`	String				SVI description. By default set to VLAN name.
`ip_address`	String				IPv4_address/Mask. Usually set under “nodes” to have unique IPv4 addresses per node.
`ipv6_address`	String				IPv6_address/Mask. Usually set under “nodes” to have unique IPv6 addresses per node.
`ipv6_enable`	Boolean				Explicitly enable/disable link-local IPv6 addressing.
`ip_address_virtual`	String				IPv4_address/Mask IPv4 VXLAN Anycast IP address Conserves IP addresses in VXLAN deployments as it doesn’t require unique IP addresses on each node.
`ipv6_address_virtual` deprecated	String				IPv6_address/Mask ipv6 address virtuals to configure VXLAN Anycast IP address (Optional) If both “ipv6_address_virtual” and “ipv6_address_virtuals” are set, all addresses will be configured This key is deprecated. Support will be removed in AVD version 5.0.0. Use `ipv6_address_virtuals` instead.
`ipv6_address_virtuals`	List, items: String				IPv6 VXLAN Anycast IP addresses Conserves IPv6 addresses in VXLAN deployments as it doesn’t require unique IPv6 addresses on each node.
`- <str>`	String				IPv6_address/Mask
`ip_address_virtual_secondaries`	List, items: String				Secondary IPv4 VXLAN Anycast IP addresses
`- <str>`	String				IPv4_address/Mask
`ip_virtual_router_addresses`	List, items: String				IPv4 VARP addresses. Requires an IP address to be configured on the SVI. If ip_address_virtual is also set, ip_virtual_router_addresses will take precedence if there is an ip_address configured for the node.
`- <str>`	String				IPv4_address/Mask or IPv4_address IPv4_address/Mask will also configure a static route to the SVI per best practice.
`ipv6_virtual_router_addresses`	List, items: String				IPv6 VARP addresses. Requires an IPv6 address to be configured on the SVI. If ipv6_address_virtuals is also set, ipv6_virtual_router_addresses will take precedence if there is an ipv6_address configured for the node.
`- <str>`	String				IPv6_address
`ip_helpers`	List, items: Dictionary				IP helper for DHCP relay
`- ip_helper`	String	Required, Unique			IPv4 DHCP server IP
`source_interface`	String				Interface name to originate DHCP relay packets to DHCP server.
`source_vrf`	String				VRF to originate DHCP relay packets to DHCP server. If not set, EOS uses the VRF on the SVI.
`vni_override`	Integer			Min: 1 Max: 16777215	By default the VNI will be derived from “mac_vrf_vni_base”. The vni_override allows us to override this value and statically define it (optional).
`rt_override`	String				By default the MAC VRF RT will be derived from mac_vrf_id_base + vlan_id. The rt_override allows us to override this value and statically define it. rt_override will default to vni_override if set. rt_override supports two formats: - A single number which will be used in the RT fields instead of mac_vrf_id/mac_vrf_vni (see ‘overlay_rt_type’ for details). - A full RT string with colon seperator which will override the full RT.
`rd_override`	String				By default the MAC VRF RD will be derived from mac_vrf_id_base + vlan_id. The rt_override allows us to override this value and statically define it. rd_override will default to rt_override or vni_override if set. rd_override supports two formats: - A single number which will be used in the RD assigned number field instead of mac_vrf_id/mac_vrf_vni (see ‘overlay_rd_type’ for details). - A full RD string with colon seperator which will override the full RD.
`tags`	List, items: String		`['all']`		Tags leveraged for networks services filtering. Tags are matched against “filter.tags” defined under node type settings. Tags are also matched against the “node_group” name under node type settings.
`- <str>`	String				Tag value.
`trunk_groups`	List, items: String
`- <str>`	String				Trunk groups are used for limiting vlans to trunk ports assigned to the same trunk group. Requires “enable_trunk_groups: true”.
`vxlan`	Boolean		`True`		Extend this SVI over VXLAN.
`mtu`	Integer				Interface MTU.
`bgp`	Dictionary
`structured_config`	Dictionary				Structured configuration and EOS CLI commands rendered on router_bgp.vlans. This configuration will not be applied to vlan aware bundles
`raw_eos_cli`	String				EOS CLI rendered directly on the Router BGP, VLAN definition in the final EOS configuration.
`raw_eos_cli`	String				EOS CLI rendered directly on the VLAN interface in the final EOS configuration.
`structured_config`	Dictionary				Custom structured config added under vlan_interfaces. for eos_cli_config_gen.

<network_services_keys.name>:
  - name: <str>
    vrfs:
      - name: <str>
        svis:
          - id: <int>
            name: <str>
            profile: <str>
            nodes:
              - node: <str>
                name: <str>
                enabled: <bool>
                description: <str>
                ip_address: <str>
                ipv6_address: <str>
                ipv6_enable: <bool>
                ip_address_virtual: <str>
                ipv6_address_virtual: <str>
                ipv6_address_virtuals:
                  - <str>
                ip_address_virtual_secondaries:
                  - <str>
                ip_virtual_router_addresses:
                  - <str>
                ipv6_virtual_router_addresses:
                  - <str>
                ip_helpers:
                  - ip_helper: <str>
                    source_interface: <str>
                    source_vrf: <str>
                vni_override: <int>
                rt_override: <str>
                rd_override: <str>
                tags:
                  - <str>
                trunk_groups:
                  - <str>
                vxlan: <bool>
                mtu: <int>
                bgp:
                  structured_config: <dict>
                  raw_eos_cli: <str>
                raw_eos_cli: <str>
                structured_config: <dict>
            enabled: <bool>
            description: <str>
            ip_address: <str>
            ipv6_address: <str>
            ipv6_enable: <bool>
            ip_address_virtual: <str>
            ipv6_address_virtual: <str>
            ipv6_address_virtuals:
              - <str>
            ip_address_virtual_secondaries:
              - <str>
            ip_virtual_router_addresses:
              - <str>
            ipv6_virtual_router_addresses:
              - <str>
            ip_helpers:
              - ip_helper: <str>
                source_interface: <str>
                source_vrf: <str>
            vni_override: <int>
            rt_override: <str>
            rd_override: <str>
            tags:
              - <str>
            trunk_groups:
              - <str>
            vxlan: <bool>
            mtu: <int>
            bgp:
              structured_config: <dict>
              raw_eos_cli: <str>
            raw_eos_cli: <str>
            structured_config: <dict>

Network services VRF L3 Interfaces configuration¶

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`<network_services_keys.name>`	List, items: Dictionary
`- name`	String	Required, Unique			Specify a tenant name. Tenant provide a construct to group L3 VRFs and L2 VLANs. Networks services can be filtered by tenant name.
`vrfs`	List, items: Dictionary				VRFs will only be configured on a node if any of the underlying objects like `svis` or `l3_interfaces` apply to the node. It is recommended to only define a VRF in one Tenant. If the same VRF name is used across multiple tenants and those tenants are accepted by `filter.tenants` on the node, any object set under the duplicate VRFs must either be unique or be an exact match. VRF “default” is partially supported under network-services. Currently the supported options for “default” vrf are route-target, route-distinguisher settings, structured_config, raw_eos_cli in bgp and SVIs are the only supported interface type. Vlan-aware-bundles are supported as well inside default vrf. OSPF is not supported currently.
`- name`	String	Required, Unique
`l3_interfaces`	List, items: Dictionary				List of L3 interfaces. This will create IP routed interface inside VRF. Length of interfaces, nodes and ip_addresses must match.
`- interfaces`	List, items: String
`- <str>`	String				Interface name.
`encapsulation_dot1q_vlan`	List, items: Integer				For sub-interfaces the dot1q vlan is derived from the interface name by default, but can also be specified.
`- <int>`	Integer			Min: 1 Max: 4094
`ip_addresses`	List, items: String
`- <str>`	String				IPv4_address/Mask.
`nodes`	List, items: String
`- <str>`	String				Node.
`description`	String
`descriptions`	List, items: String				“descriptions” has precedence over “description”.
`- <str>`	String
`enabled`	Boolean
`mtu`	Integer
`ospf`	Dictionary				OSPF interface configuration.
`enabled`	Boolean
`point_to_point`	Boolean		`False`
`area`	Integer		`0`		OSPF area id.
`cost`	Integer				OSPF link cost.
`authentication`	String			Valid Values: - simple - message-digest
`simple_auth_key`	String				Password used with simple authentication.
`message_digest_keys`	List, items: Dictionary
`- id`	Integer
`hash_algorithm`	String		`sha512`	Valid Values: - md5 - sha1 - sha256 - sha384 - sha512
`key`	String				Key password.
`pim`	Dictionary				Enable PIM sparse-mode on the interface; requires “evpn_l3_multicast” to be enabled on the VRF/Tenant Enabling this implicitly makes the device a PIM External Gateway (PEG) in EVPN designs only. At least one RP address must be configured for EVPN PEG to be configured.
`enabled`	Boolean
`structured_config`	Dictionary				Custom structured config added under ethernet_interfaces. for eos_cli_config_gen.
`raw_eos_cli`	String				EOS CLI rendered directly on the Ethernet interface in the final EOS configuration.

<network_services_keys.name>:
  - name: <str>
    vrfs:
      - name: <str>
        l3_interfaces:
          - interfaces:
              - <str>
            encapsulation_dot1q_vlan:
              - <int>
            ip_addresses:
              - <str>
            nodes:
              - <str>
            description: <str>
            descriptions:
              - <str>
            enabled: <bool>
            mtu: <int>
            ospf:
              enabled: <bool>
              point_to_point: <bool>
              area: <int>
              cost: <int>
              authentication: <str>
              simple_auth_key: <str>
              message_digest_keys:
                - id: <int>
                  hash_algorithm: <str>
                  key: <str>
            pim:
              enabled: <bool>
            structured_config: <dict>
            raw_eos_cli: <str>

Network services VRF BGP configuration¶

TableYAML

Variable	Type	Required	Value Restrictions	Description
`<network_services_keys.name>`	List, items: Dictionary
`- name`	String	Required, Unique		Specify a tenant name. Tenant provide a construct to group L3 VRFs and L2 VLANs. Networks services can be filtered by tenant name.
`bgp_peer_groups`	List, items: Dictionary			List of BGP peer groups definitions. This will configure BGP peer groups to be used inside the tenant VRF for peering with external devices. Since BGP peer groups are configured at higher BGP level, shared between VRFs, peer_group names should not overlap between VRFs.
`- name`	String	Required, Unique		BGP peer group name.
`nodes`	List, items: String			Nodes is required to restrict configuration of BGP neighbors to certain nodes in the network. If not set the peer-group is created on devices which have a bgp_peer mapped to the corresponding peer_group.
`- <str>`	String
`type`	String			Key only used for documentation or validation purposes
`remote_as`	String			BGP AS <1-4294967295> or AS number in asdot notation <1-65535>.<0-65535>
`local_as`	String			BGP AS <1-4294967295> or AS number in asdot notation <1-65535>.<0-65535>
`description`	String
`shutdown`	Boolean
`as_path`	Dictionary			BGP AS-PATH options
`remote_as_replace_out`	Boolean			Replace AS number with local AS number
`prepend_own_disabled`	Boolean			Disable prepending own AS number to AS path
`remove_private_as`	Dictionary			Remove private AS numbers in outbound AS path
`enabled`	Boolean
`all`	Boolean
`replace_as`	Boolean
`remove_private_as_ingress`	Dictionary
`enabled`	Boolean
`replace_as`	Boolean
`peer_filter` deprecated	String			Peer-filter name note: `bgp_listen_range_prefix` and `peer_filter` should not be mixed with the new `listen_ranges` key above to avoid conflicts. This key is deprecated. Support will be removed in AVD version 5.0.0. Use `listen_ranges` instead.
`next_hop_unchanged`	Boolean
`update_source`	String			IP address or interface name
`route_reflector_client`	Boolean
`bfd`	Boolean
`ebgp_multihop`	Integer		Min: 1 Max: 255	Time-to-live in range of hops
`next_hop_self`	Boolean
`password`	String
`passive`	Boolean
`default_originate`	Dictionary
`enabled`	Boolean
`always`	Boolean
`route_map`	String			Route-map name
`send_community`	String			‘all’ or a combination of ‘standard’, ‘extended’, ‘large’ and ‘link-bandwidth (w/options)’
`maximum_routes`	Integer		Min: 0 Max: 4294967294	Maximum number of routes (0 means unlimited)
`maximum_routes_warning_limit`	String			Maximum number of routes after which a warning is issued (0 means never warn) or Percentage of maximum number of routes at which to warn (“<1-100> percent”)
`maximum_routes_warning_only`	Boolean
`link_bandwidth`	Dictionary
`enabled`	Boolean
`default`	String			nn.nn(K
`allowas_in`	Dictionary
`enabled`	Boolean
`times`	Integer		Min: 1 Max: 10	Number of local ASNs allowed in a BGP update
`weight`	Integer		Min: 0 Max: 65535
`timers`	String			BGP Keepalive and Hold Timer values in seconds as string “<0-3600> <0-3600>”
`rib_in_pre_policy_retain`	Dictionary
`enabled`	Boolean
`all`	Boolean
`route_map_in`	String			Inbound route-map name
`route_map_out`	String			Outbound route-map name
`bgp_listen_range_prefix` deprecated	String			IP prefix range note: `bgp_listen_range_prefix` and `peer_filter` should not be mixed with the new `listen_ranges` key above to avoid conflicts. This key is deprecated. Support will be removed in AVD version 5.0.0. Use `listen_ranges` instead.
`session_tracker`	String
`vrfs`	List, items: Dictionary			VRFs will only be configured on a node if any of the underlying objects like `svis` or `l3_interfaces` apply to the node. It is recommended to only define a VRF in one Tenant. If the same VRF name is used across multiple tenants and those tenants are accepted by `filter.tenants` on the node, any object set under the duplicate VRFs must either be unique or be an exact match. VRF “default” is partially supported under network-services. Currently the supported options for “default” vrf are route-target, route-distinguisher settings, structured_config, raw_eos_cli in bgp and SVIs are the only supported interface type. Vlan-aware-bundles are supported as well inside default vrf. OSPF is not supported currently.
`- name`	String	Required, Unique
`bgp_peers`	List, items: Dictionary			List of BGP peer definitions. This will configure BGP neighbors inside the tenant VRF for peering with external devices. The configured peer will automatically be activated for ipv4 or ipv6 address family based on the ip address. Note, only ipv4 and ipv6 address families are currently supported in eos_designs. For other address families, use custom_structured configuration with eos_cli_config_gen.
`- ip_address`	String	Required, Unique		IPv4_address or IPv6_address.
`peer_group`	String			Peer group name.
`remote_as`	Integer			Remote ASN.
`description`	String
`password`	String			Encrypted password.
`send_community`	String			‘all’ or a combination of ‘standard’, ‘extended’, ‘large’ and ‘link-bandwidth (w/options)’.
`next_hop_self`	Boolean
`timers`	String			BGP Keepalive and Hold Timer values in seconds as string <0-3600> <0-3600>.
`maximum_routes`	Integer		Min: 0 Max: 4294967294	Maximum number of routes (0 means unlimited).
`default_originate`	Dictionary
`always`	Boolean
`update_source`	String
`ebgp_multihop`	Integer		Min: 1 Max: 255	Time-to-live in range of hops.
`nodes`	List, items: String			Nodes is required to restrict configuration of BGP neighbors to certain nodes in the network.
`- <str>`	String
`set_ipv4_next_hop`	String			IPv4_address Next hop settings can be either ipv4 or ipv6 for one neighbor, this will be applied by a uniquely generated route-map per neighbor. Next hop takes precedence over route_map_out.
`set_ipv6_next_hop`	String			IPv6_address Next hop settings can be either ipv4 or ipv6 for one neighbor, this will be applied by a uniquely generated route-map per neighbor. Next hop takes precedence over route_map_out.
`route_map_out`	String			Route-map name.
`route_map_in`	String			Route-map name.
`prefix_list_in`	String			Prefix list name.
`prefix_list_out`	String			Prefix list name.
`local_as`	String			Local BGP ASN. eg. “65001.1200”.
`weight`	Integer		Min: 0 Max: 65535
`bfd`	Boolean
`bgp_peer_groups`	List, items: Dictionary			List of BGP peer groups definitions. This will configure BGP peer groups to be used inside the tenant VRF for peering with external devices. Since BGP peer groups are configured at higher BGP level, shared between VRFs, peer_group names should not overlap between VRFs.
`- name`	String			BGP peer group name.
`nodes`	List, items: String			Nodes is required to restrict configuration of BGP neighbors to certain nodes in the network. If not set the peer-group is created on devices which have a bgp_peer mapped to the corresponding peer_group.
`- <str>`	String
`type`	String			Key only used for documentation or validation purposes
`remote_as`	String			BGP AS <1-4294967295> or AS number in asdot notation <1-65535>.<0-65535>
`local_as`	String			BGP AS <1-4294967295> or AS number in asdot notation <1-65535>.<0-65535>
`description`	String
`shutdown`	Boolean
`as_path`	Dictionary			BGP AS-PATH options
`remote_as_replace_out`	Boolean			Replace AS number with local AS number
`prepend_own_disabled`	Boolean			Disable prepending own AS number to AS path
`remove_private_as`	Dictionary			Remove private AS numbers in outbound AS path
`enabled`	Boolean
`all`	Boolean
`replace_as`	Boolean
`remove_private_as_ingress`	Dictionary
`enabled`	Boolean
`replace_as`	Boolean
`peer_filter` deprecated	String			Peer-filter name note: `bgp_listen_range_prefix` and `peer_filter` should not be mixed with the new `listen_ranges` key above to avoid conflicts. This key is deprecated. Support will be removed in AVD version 5.0.0. Use `listen_ranges` instead.
`next_hop_unchanged`	Boolean
`update_source`	String			IP address or interface name
`route_reflector_client`	Boolean
`bfd`	Boolean
`ebgp_multihop`	Integer		Min: 1 Max: 255	Time-to-live in range of hops
`next_hop_self`	Boolean
`password`	String
`passive`	Boolean
`default_originate`	Dictionary
`enabled`	Boolean
`always`	Boolean
`route_map`	String			Route-map name
`send_community`	String			‘all’ or a combination of ‘standard’, ‘extended’, ‘large’ and ‘link-bandwidth (w/options)’
`maximum_routes`	Integer		Min: 0 Max: 4294967294	Maximum number of routes (0 means unlimited)
`maximum_routes_warning_limit`	String			Maximum number of routes after which a warning is issued (0 means never warn) or Percentage of maximum number of routes at which to warn (“<1-100> percent”)
`maximum_routes_warning_only`	Boolean
`link_bandwidth`	Dictionary
`enabled`	Boolean
`default`	String			nn.nn(K
`allowas_in`	Dictionary
`enabled`	Boolean
`times`	Integer		Min: 1 Max: 10	Number of local ASNs allowed in a BGP update
`weight`	Integer		Min: 0 Max: 65535
`timers`	String			BGP Keepalive and Hold Timer values in seconds as string “<0-3600> <0-3600>”
`rib_in_pre_policy_retain`	Dictionary
`enabled`	Boolean
`all`	Boolean
`route_map_in`	String			Inbound route-map name
`route_map_out`	String			Outbound route-map name
`bgp_listen_range_prefix` deprecated	String			IP prefix range note: `bgp_listen_range_prefix` and `peer_filter` should not be mixed with the new `listen_ranges` key above to avoid conflicts. This key is deprecated. Support will be removed in AVD version 5.0.0. Use `listen_ranges` instead.
`session_tracker`	String

<network_services_keys.name>:
  - name: <str>
    bgp_peer_groups:
      - name: <str>
        nodes:
          - <str>
        type: <str>
        remote_as: <str>
        local_as: <str>
        description: <str>
        shutdown: <bool>
        as_path:
          remote_as_replace_out: <bool>
          prepend_own_disabled: <bool>
        remove_private_as:
          enabled: <bool>
          all: <bool>
          replace_as: <bool>
        remove_private_as_ingress:
          enabled: <bool>
          replace_as: <bool>
        peer_filter: <str>
        next_hop_unchanged: <bool>
        update_source: <str>
        route_reflector_client: <bool>
        bfd: <bool>
        ebgp_multihop: <int>
        next_hop_self: <bool>
        password: <str>
        passive: <bool>
        default_originate:
          enabled: <bool>
          always: <bool>
          route_map: <str>
        send_community: <str>
        maximum_routes: <int>
        maximum_routes_warning_limit: <str>
        maximum_routes_warning_only: <bool>
        link_bandwidth:
          enabled: <bool>
          default: <str>
        allowas_in:
          enabled: <bool>
          times: <int>
        weight: <int>
        timers: <str>
        rib_in_pre_policy_retain:
          enabled: <bool>
          all: <bool>
        route_map_in: <str>
        route_map_out: <str>
        bgp_listen_range_prefix: <str>
        session_tracker: <str>
    vrfs:
      - name: <str>
        bgp_peers:
          - ip_address: <str>
            peer_group: <str>
            remote_as: <int>
            description: <str>
            password: <str>
            send_community: <str>
            next_hop_self: <bool>
            timers: <str>
            maximum_routes: <int>
            default_originate:
              always: <bool>
            update_source: <str>
            ebgp_multihop: <int>
            nodes:
              - <str>
            set_ipv4_next_hop: <str>
            set_ipv6_next_hop: <str>
            route_map_out: <str>
            route_map_in: <str>
            prefix_list_in: <str>
            prefix_list_out: <str>
            local_as: <str>
            weight: <int>
            bfd: <bool>
        bgp_peer_groups:
          - name: <str>
            nodes:
              - <str>
            type: <str>
            remote_as: <str>
            local_as: <str>
            description: <str>
            shutdown: <bool>
            as_path:
              remote_as_replace_out: <bool>
              prepend_own_disabled: <bool>
            remove_private_as:
              enabled: <bool>
              all: <bool>
              replace_as: <bool>
            remove_private_as_ingress:
              enabled: <bool>
              replace_as: <bool>
            peer_filter: <str>
            next_hop_unchanged: <bool>
            update_source: <str>
            route_reflector_client: <bool>
            bfd: <bool>
            ebgp_multihop: <int>
            next_hop_self: <bool>
            password: <str>
            passive: <bool>
            default_originate:
              enabled: <bool>
              always: <bool>
              route_map: <str>
            send_community: <str>
            maximum_routes: <int>
            maximum_routes_warning_limit: <str>
            maximum_routes_warning_only: <bool>
            link_bandwidth:
              enabled: <bool>
              default: <str>
            allowas_in:
              enabled: <bool>
              times: <int>
            weight: <int>
            timers: <str>
            rib_in_pre_policy_retain:
              enabled: <bool>
              all: <bool>
            route_map_in: <str>
            route_map_out: <str>
            bgp_listen_range_prefix: <str>
            session_tracker: <str>

Network services VRF OSPF configuration¶

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`svi_profiles`	List, items: Dictionary				Profiles to share common settings for SVIs under `<network_services_key>.[].vrfs.svis`. Keys are the same used under SVIs. Keys defined under SVIs take precedence. Note: structured configuration is not merged recursively and will be taken directly from the most specific level in the following order: 1. svi.nodes[inventory_hostname].structured_config 2. svi_profile.nodes[inventory_hostname].structured_config 3. svi_parent_profile.nodes[inventory_hostname].structured_config 4. svi.structured_config 5. svi_profile.structured_config 6. svi_parent_profile.structured_config
`- profile`	String	Required, Unique			Profile name
`nodes`	List, items: Dictionary				Define node specific configuration, such as unique IP addresses. Any keys set here will be merged onto the SVI config, except `structured_config` keys which will replace the `structured_config` set on SVI level.
`- node`	String	Required, Unique			l3_leaf inventory hostname
`ospf`	Dictionary				OSPF interface configuration.
`enabled`	Boolean
`point_to_point`	Boolean		`True`
`area`	String		`0`		OSPF area ID.
`cost`	Integer				OSPF link cost.
`authentication`	String			Valid Values: - simple - message-digest
`simple_auth_key`	String				Password used with simple authentication.
`message_digest_keys`	List, items: Dictionary
`- id`	Integer
`hash_algorithm`	String		`sha512`	Valid Values: - md5 - sha1 - sha256 - sha384 - sha512
`key`	String				Type 7 encrypted key.
`ospf`	Dictionary				OSPF interface configuration.
`enabled`	Boolean
`point_to_point`	Boolean		`True`
`area`	String		`0`		OSPF area ID.
`cost`	Integer				OSPF link cost.
`authentication`	String			Valid Values: - simple - message-digest
`simple_auth_key`	String				Password used with simple authentication.
`message_digest_keys`	List, items: Dictionary
`- id`	Integer
`hash_algorithm`	String		`sha512`	Valid Values: - md5 - sha1 - sha256 - sha384 - sha512
`key`	String				Type 7 encrypted key.
`<network_services_keys.name>`	List, items: Dictionary
`- name`	String	Required, Unique			Specify a tenant name. Tenant provide a construct to group L3 VRFs and L2 VLANs. Networks services can be filtered by tenant name.
`vrfs`	List, items: Dictionary				VRFs will only be configured on a node if any of the underlying objects like `svis` or `l3_interfaces` apply to the node. It is recommended to only define a VRF in one Tenant. If the same VRF name is used across multiple tenants and those tenants are accepted by `filter.tenants` on the node, any object set under the duplicate VRFs must either be unique or be an exact match. VRF “default” is partially supported under network-services. Currently the supported options for “default” vrf are route-target, route-distinguisher settings, structured_config, raw_eos_cli in bgp and SVIs are the only supported interface type. Vlan-aware-bundles are supported as well inside default vrf. OSPF is not supported currently.
`- name`	String	Required, Unique
`ospf`	Dictionary				Router OSPF configuration. This will create an OSPF routing instance in the tenant VRF. If there is no nodes definition, the OSPF instance will be created on all leafs where the VRF is deployed. This will also cause automatic OSPF redistribution into BGP unless explicitly turned off with “redistribute_ospf: false”.
`enabled`	Boolean
`process_id`	Integer				If not set, “vrf_id” will be used.
`router_id`	String				If not set, switch router_id will be used.
`max_lsa`	Integer
`bfd`	Boolean		`False`
`redistribute_bgp`	Dictionary
`enabled`	Boolean		`True`
`route_map`	String				Route-map name.
`redistribute_connected`	Dictionary
`enabled`	Boolean		`False`
`route_map`	String				Route-map name.
`nodes`	List, items: String
`- <str>`	String				Hostname.
`redistribute_ospf`	Boolean		`True`		Non-selectively enabling or disabling redistribute ospf inside the VRF.
`svis`	List, items: Dictionary				List of SVIs. This will create both the L3 SVI and L2 VLAN based on filters applied to the node.
`- id`	Integer	Required, Unique		Min: 1 Max: 4096	SVI interface id and VLAN id.
`nodes`	List, items: Dictionary				Define node specific configuration, such as unique IP addresses. Any keys set here will be merged onto the SVI config, except `structured_config` keys which will replace the `structured_config` set on SVI level.
`- node`	String	Required, Unique			l3_leaf inventory hostname
`ospf`	Dictionary				OSPF interface configuration.
`enabled`	Boolean
`point_to_point`	Boolean		`True`
`area`	String		`0`		OSPF area ID.
`cost`	Integer				OSPF link cost.
`authentication`	String			Valid Values: - simple - message-digest
`simple_auth_key`	String				Password used with simple authentication.
`message_digest_keys`	List, items: Dictionary
`- id`	Integer
`hash_algorithm`	String		`sha512`	Valid Values: - md5 - sha1 - sha256 - sha384 - sha512
`key`	String				Type 7 encrypted key.
`ospf`	Dictionary				OSPF interface configuration.
`enabled`	Boolean
`point_to_point`	Boolean		`True`
`area`	String		`0`		OSPF area ID.
`cost`	Integer				OSPF link cost.
`authentication`	String			Valid Values: - simple - message-digest
`simple_auth_key`	String				Password used with simple authentication.
`message_digest_keys`	List, items: Dictionary
`- id`	Integer
`hash_algorithm`	String		`sha512`	Valid Values: - md5 - sha1 - sha256 - sha384 - sha512
`key`	String				Type 7 encrypted key.

svi_profiles:
  - profile: <str>
    nodes:
      - node: <str>
        ospf:
          enabled: <bool>
          point_to_point: <bool>
          area: <str>
          cost: <int>
          authentication: <str>
          simple_auth_key: <str>
          message_digest_keys:
            - id: <int>
              hash_algorithm: <str>
              key: <str>
    ospf:
      enabled: <bool>
      point_to_point: <bool>
      area: <str>
      cost: <int>
      authentication: <str>
      simple_auth_key: <str>
      message_digest_keys:
        - id: <int>
          hash_algorithm: <str>
          key: <str>
<network_services_keys.name>:
  - name: <str>
    vrfs:
      - name: <str>
        ospf:
          enabled: <bool>
          process_id: <int>
          router_id: <str>
          max_lsa: <int>
          bfd: <bool>
          redistribute_bgp:
            enabled: <bool>
            route_map: <str>
          redistribute_connected:
            enabled: <bool>
            route_map: <str>
          nodes:
            - <str>
        redistribute_ospf: <bool>
        svis:
          - id: <int>
            nodes:
              - node: <str>
                ospf:
                  enabled: <bool>
                  point_to_point: <bool>
                  area: <str>
                  cost: <int>
                  authentication: <str>
                  simple_auth_key: <str>
                  message_digest_keys:
                    - id: <int>
                      hash_algorithm: <str>
                      key: <str>
            ospf:
              enabled: <bool>
              point_to_point: <bool>
              area: <str>
              cost: <int>
              authentication: <str>
              simple_auth_key: <str>
              message_digest_keys:
                - id: <int>
                  hash_algorithm: <str>
                  key: <str>

Network services L2 VLANs configuration¶

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`<network_services_keys.name>`	List, items: Dictionary
`- name`	String	Required, Unique			Specify a tenant name. Tenant provide a construct to group L3 VRFs and L2 VLANs. Networks services can be filtered by tenant name.
`l2vlans`	List, items: Dictionary				Define L2 network services organized by vlan id.
`- id`	Integer	Required, Unique		Min: 1 Max: 4094	VLAN ID
`vni_override`	Integer			Min: 1 Max: 16777215	By default the VNI will be derived from mac_vrf_vni_base. The vni_override, allows to override this value and statically define it.
`rt_override`	String				By default the MAC VRF RT will be derived from mac_vrf_id_base + vlan_id. The rt_override allows us to override this value and statically define it. rt_override will default to vni_override if set. rt_override supports two formats: - A single number which will be used in the RT fields instead of mac_vrf_id/mac_vrf_vni (see ‘overlay_rt_type’ for details). - A full RT string with colon seperator which will override the full RT.
`rd_override`	String				By default the MAC VRF RD will be derived from mac_vrf_id_base + vlan_id. The rt_override allows us to override this value and statically define it. rd_override will default to rt_override or vni_override if set. rd_override supports two formats: - A single number which will be used in the RD assigned number field instead of mac_vrf_id/mac_vrf_vni (see ‘overlay_rd_type’ for details). - A full RD string with colon seperator which will override the full RD.
`name`	String	Required			VLAN name
`tags`	List, items: String				Tags leveraged for networks services filtering. Tags are matched against filter.tags defined under node type settings. Tags are also matched against the node_group name under node type settings.
`- <str>`	String		`all`
`vxlan`	Boolean		`True`		Extend this L2VLAN over VXLAN.
`trunk_groups`	List, items: String
`- <str>`	String				Trunk groups are used for limiting vlans to trunk ports assigned to the same trunk group. Requires enable_trunk_groups: true.
`bgp`	Dictionary
`structured_config`	Dictionary				Structured configuration for eos_cli_config_gen rendered on router_bgp.vlans. This configuration will not be applied to vlan aware bundles.
`raw_eos_cli`	String				EOS cli commands rendered on router_bgp.vlans. This configuration will not be applied to vlan aware bundles.

<network_services_keys.name>:
  - name: <str>
    l2vlans:
      - id: <int>
        vni_override: <int>
        rt_override: <str>
        rd_override: <str>
        name: <str>
        tags:
          - <str>
        vxlan: <bool>
        trunk_groups:
          - <str>
        bgp:
          structured_config: <dict>
          raw_eos_cli: <str>

Network services point-to-point services configuration¶

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`<network_services_keys.name>`	List, items: Dictionary
`- name`	String	Required, Unique			Specify a tenant name. Tenant provide a construct to group L3 VRFs and L2 VLANs. Networks services can be filtered by tenant name.
`pseudowire_rt_base`	Integer				Pseudowire RT base, used to generate route targets for VPWS services. Avoid overlapping route target spaces between different services.
`point_to_point_services`	List, items: Dictionary				Point to point services (pseudowires). Only supported for node types with “network_services.l1: true”. By default this is only set for node type “pe” with “design.type: mpls”
`- name`	String	Required, Unique			Pseudowire name
`type`	String		`vpws-pseudowire`	Valid Values: - vpws-pseudowire
`subinterfaces`	List, items: Dictionary				Subinterfaces will create subinterfaces and additional pseudowires/patch panel config for each endpoint.
`- number`	Integer	Required, Unique			Subinterface number
`endpoints`	List, items: Dictionary			Min Length: 2 Max Length: 2	Pseudowire terminating endpoints. Must have exactly two items.
`- id`	Integer	Required			Pseudowire ID on this endpoint.
`nodes`	List, items: String	Required		Min Length: 1	Usually one node. With ESI multihoming we support two nodes per pseudowire endpoint
`- <str>`	String
`interfaces`	List, items: String	Required		Min Length: 1	Interfaces patched to the pseudowire on this endpoints. The list of interfaces is mapped to the list of nodes, so they must have the same length.
`- <str>`	String
`port_channel`	Dictionary
`mode`	String			Valid Values: - active - on
`short_esi`	String
`lldp_disable`	Boolean				Disable LLDP RX/TX on port mode pseudowire services.

<network_services_keys.name>:
  - name: <str>
    pseudowire_rt_base: <int>
    point_to_point_services:
      - name: <str>
        type: <str>
        subinterfaces:
          - number: <int>
        endpoints:
          - id: <int>
            nodes:
              - <str>
            interfaces:
              - <str>
            port_channel:
              mode: <str>
              short_esi: <str>
        lldp_disable: <bool>

Network services multicast configuration¶

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`svi_profiles`	List, items: Dictionary				Profiles to share common settings for SVIs under `<network_services_key>.[].vrfs.svis`. Keys are the same used under SVIs. Keys defined under SVIs take precedence. Note: structured configuration is not merged recursively and will be taken directly from the most specific level in the following order: 1. svi.nodes[inventory_hostname].structured_config 2. svi_profile.nodes[inventory_hostname].structured_config 3. svi_parent_profile.nodes[inventory_hostname].structured_config 4. svi.structured_config 5. svi_profile.structured_config 6. svi_parent_profile.structured_config
`- profile`	String	Required, Unique			Profile name
`nodes`	List, items: Dictionary				Define node specific configuration, such as unique IP addresses. Any keys set here will be merged onto the SVI config, except `structured_config` keys which will replace the `structured_config` set on SVI level.
`- node`	String	Required, Unique			l3_leaf inventory hostname
`evpn_l2_multicast`	Dictionary				Explicitly enable or disable evpn_l2_multicast to override setting of `<network_services_key>.[].evpn_l2_multicast.enabled`. When evpn_l2_multicast.enabled is set to true for a vlan or a tenant, “igmp snooping” and “igmp snooping querier” will always be enabled, overriding those individual settings.
`enabled`	Boolean
`evpn_l3_multicast`	Dictionary				Explicitly enable or disable evpn_l3_multicast to override setting of `<network_services_key>.[].evpn_l3_multicast.enabled` and `<network_services_key>.[].vrfs.[].evpn_l3_multicast.enabled`.
`enabled`	Boolean
`igmp_snooping_enabled`	Boolean				Enable IGMP Snooping (Enabled by default on EOS).
`igmp_snooping_querier`	Dictionary
`enabled`	Boolean				Will be enabled automatically if evpn_l2_multicast is enabled.
`source_address`	String				IPv4_address If not set, IP address of “Loopback0” will be used.
`version`	Integer			Valid Values: - 1 - 2 - 3	IGMP Version (By default EOS uses IGMP version 2 for IGMP querier).
`evpn_l2_multicast`	Dictionary				Explicitly enable or disable evpn_l2_multicast to override setting of `<network_services_key>.[].evpn_l2_multicast.enabled`. When evpn_l2_multicast.enabled is set to true for a vlan or a tenant, “igmp snooping” and “igmp snooping querier” will always be enabled, overriding those individual settings.
`enabled`	Boolean
`evpn_l3_multicast`	Dictionary				Explicitly enable or disable evpn_l3_multicast to override setting of `<network_services_key>.[].evpn_l3_multicast.enabled` and `<network_services_key>.[].vrfs.[].evpn_l3_multicast.enabled`.
`enabled`	Boolean
`igmp_snooping_enabled`	Boolean				Enable IGMP Snooping (Enabled by default on EOS).
`igmp_snooping_querier`	Dictionary
`enabled`	Boolean				Will be enabled automatically if evpn_l2_multicast is enabled.
`source_address`	String				IPv4_address If not set, IP address of “Loopback0” will be used.
`version`	Integer			Valid Values: - 1 - 2 - 3	IGMP Version (By default EOS uses IGMP version 2 for IGMP querier).
`<network_services_keys.name>`	List, items: Dictionary
`- name`	String	Required, Unique			Specify a tenant name. Tenant provide a construct to group L3 VRFs and L2 VLANs. Networks services can be filtered by tenant name.
`evpn_l2_multicast`	Dictionary				Enable EVPN L2 Multicast for all SVIs and l2vlans within Tenant. - Multicast group binding is created only for Multicast traffic. BULL traffic will use ingress-replication. - Configures binding between VXLAN, VLAN, and multicast group IPv4 address using the following formula: < evpn_l2_multicast.underlay_l2_multicast_group_ipv4_pool > + < vlan_id - 1 > + < evpn_l2_multicast.underlay_l2_multicast_group_ipv4_pool_offset >. - The recommendation is to assign a /20 block within the 232.0.0.0/8 Source-Specific Multicast range. - Enables `redistribute igmp` on the router bgp MAC VRF. - When evpn_l2_multicast.enabled is true for a VLAN or a tenant, “igmp snooping” and “igmp snooping querier” will always be enabled - overriding those individual settings.
`enabled`	Boolean
`underlay_l2_multicast_group_ipv4_pool`	String				IPv4_address/Mask
`underlay_l2_multicast_group_ipv4_pool_offset`	Integer
`evpn_l3_multicast`	Dictionary				Enable L3 Multicast for all SVIs and l3vlans within Tenant. - In the evpn-l3ls design type, this enables L3 EVPN Multicast (aka OISM)’. - Multicast group binding for VRF is created only for Multicast traffic. BULL traffic will use ingress-replication. - Configures binding between VXLAN, VLAN, and multicast group IPv4 address using the following formula: < l3_multicast.evpn_underlay_l3_multicast_group_ipv4_pool > + < vrf_vni - 1 > + < l3_multicast.evpn_underlay_l3_multicast_group_ipv4_pool_offset >. - The recommendation is to assign a /20 block within the 232.0.0.0/8 Source-Specific Multicast range. - If enabled on an SVI using the anycast default gateway feature, a diagnostic loopback (see below) MUST be configured to source IGMP traffic. - Enables `evpn multicast` on the router bgp VRF. - When enabled on an SVI: - If switch is part of an MLAG pair, enables “pim ipv4 sparse-mode” on the SVI. - If switch is standalone or A-A MH, enables “ip igmp” on the SVI. - If “ip address virtual” is configured, enables “pim ipv4 local-interface” and uses the diagnostic Loopback defined in the VRF
`enabled`	Boolean
`evpn_underlay_l3_multicast_group_ipv4_pool`	String	Required			IPv4_address/Mask
`evpn_underlay_l3_multicast_group_ipv4_pool_offset`	Integer
`evpn_peg`	List, items: Dictionary				For each group of nodes, allow configuration of EVPN PEG options. The first group of settings where the device’s hostname is present in the ‘nodes’ list will be used.
`- nodes`	List, items: String				A description will be applied to all nodes with RP addresses configured if not set.
`- <str>`	String
`transit`	Boolean				Enable EVPN PEG transit mode.
`pim_rp_addresses`	List, items: Dictionary				For each group of nodes, allow configuration of RP Addresses & associated groups.
`- rps`	List, items: String			Min Length: 1	List of Rendevouz Points.
`- <str>`	String				RP address.
`nodes`	List, items: String				Restrict configuration to specific nodes. Configuration Will be applied to all nodes if not set.
`- <str>`	String
`groups`	List, items: String
`- <str>`	String				Group_prefix/mask.
`igmp_snooping_querier`	Dictionary				Enable IGMP snooping querier for each SVI/l2vlan within tenant, by default using IP address of Loopback 0. When enabled, IGMP snooping querier will only be configured on L3 devices, i.e., uplink_type: p2p.
`enabled`	Boolean				Will be enabled automatically if “evpn_l2_multicast” is enabled.
`source_address`	String			Format: ipv4	Default IP address of Loopback0
`version`	Integer		`2`	Valid Values: - 1 - 2 - 3
`vrfs`	List, items: Dictionary				VRFs will only be configured on a node if any of the underlying objects like `svis` or `l3_interfaces` apply to the node. It is recommended to only define a VRF in one Tenant. If the same VRF name is used across multiple tenants and those tenants are accepted by `filter.tenants` on the node, any object set under the duplicate VRFs must either be unique or be an exact match. VRF “default” is partially supported under network-services. Currently the supported options for “default” vrf are route-target, route-distinguisher settings, structured_config, raw_eos_cli in bgp and SVIs are the only supported interface type. Vlan-aware-bundles are supported as well inside default vrf. OSPF is not supported currently.
`- name`	String	Required, Unique
`evpn_l3_multicast`	Dictionary				Explicitly enable or disable evpn_l3_multicast to override setting of `<network_services_key>.[].evpn_l3_multicast.enabled`. Allow override of `<network_services_key>.[].evpn_l3_multicast` node_settings.
`enabled`	Boolean
`evpn_peg`	List, items: Dictionary				For each group of nodes, allow configuration of EVPN PEG features.
`- nodes`	List, items: String				Restrict configuration to specific nodes. Will apply to all nodes with RP addresses configured if not set.
`- <str>`	String
`transit`	Boolean		`False`		Enable EVPN PEG transit mode.
`pim_rp_addresses`	List, items: Dictionary				For each group of nodes, allow configuration of RP Addresses & associated groups.
`- rps`	List, items: String				A minimum of one RP must be specified.
`- <str>`	String				RP address.
`nodes`	List, items: String				Restrict configuration to specific nodes. Configuration Will be applied to all nodes if not set.
`- <str>`	String
`groups`	List, items: String
`- <str>`	String				Group_prefix/mask.
`evpn_l2_multi_domain`	Boolean				Explicitly extend all VLANs/VLAN-Aware Bundles inside the VRF to remote EVPN domains. Overrides `<network_services_key>.[].evpn_l2_multi_domain`.
`svis`	List, items: Dictionary				List of SVIs. This will create both the L3 SVI and L2 VLAN based on filters applied to the node.
`- id`	Integer	Required, Unique		Min: 1 Max: 4096	SVI interface id and VLAN id.
`nodes`	List, items: Dictionary				Define node specific configuration, such as unique IP addresses. Any keys set here will be merged onto the SVI config, except `structured_config` keys which will replace the `structured_config` set on SVI level.
`- node`	String	Required, Unique			l3_leaf inventory hostname
`evpn_l2_multicast`	Dictionary				Explicitly enable or disable evpn_l2_multicast to override setting of `<network_services_key>.[].evpn_l2_multicast.enabled`. When evpn_l2_multicast.enabled is set to true for a vlan or a tenant, “igmp snooping” and “igmp snooping querier” will always be enabled, overriding those individual settings.
`enabled`	Boolean
`evpn_l3_multicast`	Dictionary				Explicitly enable or disable evpn_l3_multicast to override setting of `<network_services_key>.[].evpn_l3_multicast.enabled` and `<network_services_key>.[].vrfs.[].evpn_l3_multicast.enabled`.
`enabled`	Boolean
`igmp_snooping_enabled`	Boolean				Enable IGMP Snooping (Enabled by default on EOS).
`igmp_snooping_querier`	Dictionary
`enabled`	Boolean				Will be enabled automatically if evpn_l2_multicast is enabled.
`source_address`	String				IPv4_address If not set, IP address of “Loopback0” will be used.
`version`	Integer			Valid Values: - 1 - 2 - 3	IGMP Version (By default EOS uses IGMP version 2 for IGMP querier).
`evpn_l2_multicast`	Dictionary				Explicitly enable or disable evpn_l2_multicast to override setting of `<network_services_key>.[].evpn_l2_multicast.enabled`. When evpn_l2_multicast.enabled is set to true for a vlan or a tenant, “igmp snooping” and “igmp snooping querier” will always be enabled, overriding those individual settings.
`enabled`	Boolean
`evpn_l3_multicast`	Dictionary				Explicitly enable or disable evpn_l3_multicast to override setting of `<network_services_key>.[].evpn_l3_multicast.enabled` and `<network_services_key>.[].vrfs.[].evpn_l3_multicast.enabled`.
`enabled`	Boolean
`igmp_snooping_enabled`	Boolean				Enable IGMP Snooping (Enabled by default on EOS).
`igmp_snooping_querier`	Dictionary
`enabled`	Boolean				Will be enabled automatically if evpn_l2_multicast is enabled.
`source_address`	String				IPv4_address If not set, IP address of “Loopback0” will be used.
`version`	Integer			Valid Values: - 1 - 2 - 3	IGMP Version (By default EOS uses IGMP version 2 for IGMP querier).
`l2vlans`	List, items: Dictionary				Define L2 network services organized by vlan id.
`- id`	Integer	Required, Unique		Min: 1 Max: 4094	VLAN ID
`evpn_l2_multicast`	Dictionary				Explicitly enable or disable evpn_l2_multicast to override setting of `<network_services_key>.[].evpn_l2_multicast.enabled`. When evpn_l2_multicast.enabled is set to true for a vlan or a tenant, igmp snooping and igmp snooping querier will always be enabled, overriding those individual settings.
`enabled`	Boolean
`igmp_snooping_enabled`	Boolean		`True`		Activate or deactivate IGMP snooping.
`igmp_snooping_querier`	Dictionary				Enable igmp snooping querier, by default using IP address of Loopback 0. When enabled, igmp snooping querier will only be configured on l3 devices, i.e., uplink_type: p2p.
`enabled`	Boolean				Will be enabled automatically if evpn_l2_multicast is enabled.
`source_address`	String				IPv4_address If not set, IP address of “Loopback0” will be used.
`version`	Integer		`2`	Valid Values: - 1 - 2 - 3

svi_profiles:
  - profile: <str>
    nodes:
      - node: <str>
        evpn_l2_multicast:
          enabled: <bool>
        evpn_l3_multicast:
          enabled: <bool>
        igmp_snooping_enabled: <bool>
        igmp_snooping_querier:
          enabled: <bool>
          source_address: <str>
          version: <int>
    evpn_l2_multicast:
      enabled: <bool>
    evpn_l3_multicast:
      enabled: <bool>
    igmp_snooping_enabled: <bool>
    igmp_snooping_querier:
      enabled: <bool>
      source_address: <str>
      version: <int>
<network_services_keys.name>:
  - name: <str>
    evpn_l2_multicast:
      enabled: <bool>
      underlay_l2_multicast_group_ipv4_pool: <str>
      underlay_l2_multicast_group_ipv4_pool_offset: <int>
    evpn_l3_multicast:
      enabled: <bool>
      evpn_underlay_l3_multicast_group_ipv4_pool: <str>
      evpn_underlay_l3_multicast_group_ipv4_pool_offset: <int>
      evpn_peg:
        - nodes:
            - <str>
          transit: <bool>
    pim_rp_addresses:
      - rps:
          - <str>
        nodes:
          - <str>
        groups:
          - <str>
    igmp_snooping_querier:
      enabled: <bool>
      source_address: <str>
      version: <int>
    vrfs:
      - name: <str>
        evpn_l3_multicast:
          enabled: <bool>
          evpn_peg:
            - nodes:
                - <str>
              transit: <bool>
        pim_rp_addresses:
          - rps:
              - <str>
            nodes:
              - <str>
            groups:
              - <str>
        evpn_l2_multi_domain: <bool>
        svis:
          - id: <int>
            nodes:
              - node: <str>
                evpn_l2_multicast:
                  enabled: <bool>
                evpn_l3_multicast:
                  enabled: <bool>
                igmp_snooping_enabled: <bool>
                igmp_snooping_querier:
                  enabled: <bool>
                  source_address: <str>
                  version: <int>
            evpn_l2_multicast:
              enabled: <bool>
            evpn_l3_multicast:
              enabled: <bool>
            igmp_snooping_enabled: <bool>
            igmp_snooping_querier:
              enabled: <bool>
              source_address: <str>
              version: <int>
    l2vlans:
      - id: <int>
        evpn_l2_multicast:
          enabled: <bool>
        igmp_snooping_enabled: <bool>
        igmp_snooping_querier:
          enabled: <bool>
          source_address: <str>
          version: <int>

SVI profiles settings¶

Optional profiles to share common settings for SVIs

Keys are the same as used under SVIs. Keys defined under SVIs take precedence.

Note: structured configuration is not merged recursively and will be taken directly from the most specific level in the following order:

svi.nodes[inventory_hostname].structured_config
svi_profile.nodes[inventory_hostname].structured_config
svi_parent_profile.nodes[inventory_hostname].structured_config
svi.structured_config
svi_profile.structured_config
svi_parent_profile.structured_config

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`svi_profiles`	List, items: Dictionary				Profiles to share common settings for SVIs under `<network_services_key>.[].vrfs.svis`. Keys are the same used under SVIs. Keys defined under SVIs take precedence. Note: structured configuration is not merged recursively and will be taken directly from the most specific level in the following order: 1. svi.nodes[inventory_hostname].structured_config 2. svi_profile.nodes[inventory_hostname].structured_config 3. svi_parent_profile.nodes[inventory_hostname].structured_config 4. svi.structured_config 5. svi_profile.structured_config 6. svi_parent_profile.structured_config
`- profile`	String	Required, Unique			Profile name
`parent_profile`	String				Parent SVI profile name to apply. svi_profiles can refer to another svi_profile to inherit settings in up to two levels (svi -> svi_profile -> svi_parent_profile).
`nodes`	List, items: Dictionary				Define node specific configuration, such as unique IP addresses. Any keys set here will be merged onto the SVI config, except `structured_config` keys which will replace the `structured_config` set on SVI level.
`- node`	String	Required, Unique			l3_leaf inventory hostname
`name`	String				VLAN name
`enabled`	Boolean				Enable or disable interface
`description`	String				SVI description. By default set to VLAN name.
`ip_address`	String				IPv4_address/Mask. Usually set under “nodes” to have unique IPv4 addresses per node.
`ipv6_address`	String				IPv6_address/Mask. Usually set under “nodes” to have unique IPv6 addresses per node.
`ipv6_enable`	Boolean				Explicitly enable/disable link-local IPv6 addressing.
`ip_address_virtual`	String				IPv4_address/Mask IPv4 VXLAN Anycast IP address Conserves IP addresses in VXLAN deployments as it doesn’t require unique IP addresses on each node.
`ipv6_address_virtual` deprecated	String				IPv6_address/Mask ipv6 address virtuals to configure VXLAN Anycast IP address (Optional) If both “ipv6_address_virtual” and “ipv6_address_virtuals” are set, all addresses will be configured This key is deprecated. Support will be removed in AVD version 5.0.0. Use `ipv6_address_virtuals` instead.
`ipv6_address_virtuals`	List, items: String				IPv6 VXLAN Anycast IP addresses Conserves IPv6 addresses in VXLAN deployments as it doesn’t require unique IPv6 addresses on each node.
`- <str>`	String				IPv6_address/Mask
`ip_address_virtual_secondaries`	List, items: String				Secondary IPv4 VXLAN Anycast IP addresses
`- <str>`	String				IPv4_address/Mask
`ip_virtual_router_addresses`	List, items: String				IPv4 VARP addresses. Requires an IP address to be configured on the SVI. If ip_address_virtual is also set, ip_virtual_router_addresses will take precedence if there is an ip_address configured for the node.
`- <str>`	String				IPv4_address/Mask or IPv4_address IPv4_address/Mask will also configure a static route to the SVI per best practice.
`ipv6_virtual_router_addresses`	List, items: String				IPv6 VARP addresses. Requires an IPv6 address to be configured on the SVI. If ipv6_address_virtuals is also set, ipv6_virtual_router_addresses will take precedence if there is an ipv6_address configured for the node.
`- <str>`	String				IPv6_address
`ip_helpers`	List, items: Dictionary				IP helper for DHCP relay
`- ip_helper`	String	Required, Unique			IPv4 DHCP server IP
`source_interface`	String				Interface name to originate DHCP relay packets to DHCP server.
`source_vrf`	String				VRF to originate DHCP relay packets to DHCP server. If not set, EOS uses the VRF on the SVI.
`vni_override`	Integer			Min: 1 Max: 16777215	By default the VNI will be derived from “mac_vrf_vni_base”. The vni_override allows us to override this value and statically define it (optional).
`rt_override`	String				By default the MAC VRF RT will be derived from mac_vrf_id_base + vlan_id. The rt_override allows us to override this value and statically define it. rt_override will default to vni_override if set. rt_override supports two formats: - A single number which will be used in the RT fields instead of mac_vrf_id/mac_vrf_vni (see ‘overlay_rt_type’ for details). - A full RT string with colon seperator which will override the full RT.
`rd_override`	String				By default the MAC VRF RD will be derived from mac_vrf_id_base + vlan_id. The rt_override allows us to override this value and statically define it. rd_override will default to rt_override or vni_override if set. rd_override supports two formats: - A single number which will be used in the RD assigned number field instead of mac_vrf_id/mac_vrf_vni (see ‘overlay_rd_type’ for details). - A full RD string with colon seperator which will override the full RD.
`tags`	List, items: String		`['all']`		Tags leveraged for networks services filtering. Tags are matched against “filter.tags” defined under node type settings. Tags are also matched against the “node_group” name under node type settings.
`- <str>`	String				Tag value.
`trunk_groups`	List, items: String
`- <str>`	String				Trunk groups are used for limiting vlans to trunk ports assigned to the same trunk group. Requires “enable_trunk_groups: true”.
`vxlan`	Boolean		`True`		Extend this SVI over VXLAN.
`mtu`	Integer				Interface MTU.
`bgp`	Dictionary
`structured_config`	Dictionary				Structured configuration and EOS CLI commands rendered on router_bgp.vlans. This configuration will not be applied to vlan aware bundles
`raw_eos_cli`	String				EOS CLI rendered directly on the Router BGP, VLAN definition in the final EOS configuration.
`raw_eos_cli`	String				EOS CLI rendered directly on the VLAN interface in the final EOS configuration.
`structured_config`	Dictionary				Custom structured config added under vlan_interfaces. for eos_cli_config_gen.
`name`	String				VLAN name
`enabled`	Boolean				Enable or disable interface
`description`	String				SVI description. By default set to VLAN name.
`ip_address`	String				IPv4_address/Mask. Usually set under “nodes” to have unique IPv4 addresses per node.
`ipv6_address`	String				IPv6_address/Mask. Usually set under “nodes” to have unique IPv6 addresses per node.
`ipv6_enable`	Boolean				Explicitly enable/disable link-local IPv6 addressing.
`ip_address_virtual`	String				IPv4_address/Mask IPv4 VXLAN Anycast IP address Conserves IP addresses in VXLAN deployments as it doesn’t require unique IP addresses on each node.
`ipv6_address_virtual` deprecated	String				IPv6_address/Mask ipv6 address virtuals to configure VXLAN Anycast IP address (Optional) If both “ipv6_address_virtual” and “ipv6_address_virtuals” are set, all addresses will be configured This key is deprecated. Support will be removed in AVD version 5.0.0. Use `ipv6_address_virtuals` instead.
`ipv6_address_virtuals`	List, items: String				IPv6 VXLAN Anycast IP addresses Conserves IPv6 addresses in VXLAN deployments as it doesn’t require unique IPv6 addresses on each node.
`- <str>`	String				IPv6_address/Mask
`ip_address_virtual_secondaries`	List, items: String				Secondary IPv4 VXLAN Anycast IP addresses
`- <str>`	String				IPv4_address/Mask
`ip_virtual_router_addresses`	List, items: String				IPv4 VARP addresses. Requires an IP address to be configured on the SVI. If ip_address_virtual is also set, ip_virtual_router_addresses will take precedence if there is an ip_address configured for the node.
`- <str>`	String				IPv4_address/Mask or IPv4_address IPv4_address/Mask will also configure a static route to the SVI per best practice.
`ipv6_virtual_router_addresses`	List, items: String				IPv6 VARP addresses. Requires an IPv6 address to be configured on the SVI. If ipv6_address_virtuals is also set, ipv6_virtual_router_addresses will take precedence if there is an ipv6_address configured for the node.
`- <str>`	String				IPv6_address
`ip_helpers`	List, items: Dictionary				IP helper for DHCP relay
`- ip_helper`	String	Required, Unique			IPv4 DHCP server IP
`source_interface`	String				Interface name to originate DHCP relay packets to DHCP server.
`source_vrf`	String				VRF to originate DHCP relay packets to DHCP server. If not set, EOS uses the VRF on the SVI.
`vni_override`	Integer			Min: 1 Max: 16777215	By default the VNI will be derived from “mac_vrf_vni_base”. The vni_override allows us to override this value and statically define it (optional).
`rt_override`	String				By default the MAC VRF RT will be derived from mac_vrf_id_base + vlan_id. The rt_override allows us to override this value and statically define it. rt_override will default to vni_override if set. rt_override supports two formats: - A single number which will be used in the RT fields instead of mac_vrf_id/mac_vrf_vni (see ‘overlay_rt_type’ for details). - A full RT string with colon seperator which will override the full RT.
`rd_override`	String				By default the MAC VRF RD will be derived from mac_vrf_id_base + vlan_id. The rt_override allows us to override this value and statically define it. rd_override will default to rt_override or vni_override if set. rd_override supports two formats: - A single number which will be used in the RD assigned number field instead of mac_vrf_id/mac_vrf_vni (see ‘overlay_rd_type’ for details). - A full RD string with colon seperator which will override the full RD.
`tags`	List, items: String		`['all']`		Tags leveraged for networks services filtering. Tags are matched against “filter.tags” defined under node type settings. Tags are also matched against the “node_group” name under node type settings.
`- <str>`	String				Tag value.
`trunk_groups`	List, items: String
`- <str>`	String				Trunk groups are used for limiting vlans to trunk ports assigned to the same trunk group. Requires “enable_trunk_groups: true”.
`vxlan`	Boolean		`True`		Extend this SVI over VXLAN.
`mtu`	Integer				Interface MTU.
`bgp`	Dictionary
`structured_config`	Dictionary				Structured configuration and EOS CLI commands rendered on router_bgp.vlans. This configuration will not be applied to vlan aware bundles
`raw_eos_cli`	String				EOS CLI rendered directly on the Router BGP, VLAN definition in the final EOS configuration.
`raw_eos_cli`	String				EOS CLI rendered directly on the VLAN interface in the final EOS configuration.
`structured_config`	Dictionary				Custom structured config added under vlan_interfaces. for eos_cli_config_gen.

svi_profiles:
  - profile: <str>
    parent_profile: <str>
    nodes:
      - node: <str>
        name: <str>
        enabled: <bool>
        description: <str>
        ip_address: <str>
        ipv6_address: <str>
        ipv6_enable: <bool>
        ip_address_virtual: <str>
        ipv6_address_virtual: <str>
        ipv6_address_virtuals:
          - <str>
        ip_address_virtual_secondaries:
          - <str>
        ip_virtual_router_addresses:
          - <str>
        ipv6_virtual_router_addresses:
          - <str>
        ip_helpers:
          - ip_helper: <str>
            source_interface: <str>
            source_vrf: <str>
        vni_override: <int>
        rt_override: <str>
        rd_override: <str>
        tags:
          - <str>
        trunk_groups:
          - <str>
        vxlan: <bool>
        mtu: <int>
        bgp:
          structured_config: <dict>
          raw_eos_cli: <str>
        raw_eos_cli: <str>
        structured_config: <dict>
    name: <str>
    enabled: <bool>
    description: <str>
    ip_address: <str>
    ipv6_address: <str>
    ipv6_enable: <bool>
    ip_address_virtual: <str>
    ipv6_address_virtual: <str>
    ipv6_address_virtuals:
      - <str>
    ip_address_virtual_secondaries:
      - <str>
    ip_virtual_router_addresses:
      - <str>
    ipv6_virtual_router_addresses:
      - <str>
    ip_helpers:
      - ip_helper: <str>
        source_interface: <str>
        source_vrf: <str>
    vni_override: <int>
    rt_override: <str>
    rd_override: <str>
    tags:
      - <str>
    trunk_groups:
      - <str>
    vxlan: <bool>
    mtu: <int>
    bgp:
      structured_config: <dict>
      raw_eos_cli: <str>
    raw_eos_cli: <str>
    structured_config: <dict>

Network services keys settings¶

Network Services can be grouped by using separate keys.

The keys can be customized to provide a better better organization or grouping of your data. network_services_keys should be defined in the top level group_vars for the fabric.

Note

The default values will be overridden if defining this key, so it is recommended to copy the defaults and modify them.

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`network_services_keys`	List, items: Dictionary		`[{'name': 'tenants'}]`		Network Services can be grouped by using separate keys. The keys can be customized to provide a better better organization or grouping of your data. `network_services_keys` should be defined in the top level group_vars for the fabric. The default values will be overridden if defining this key, so it is recommended to copy the defaults and modify them.
`- name`	String	Required, Unique

network_services_keys:
  - name: <str>

Platform settings¶

Set platform specific settings like TCAM profile and reload delay.

If the platform is not defined, it will load parameters from the platform tagged default.

Management interface is modified for specific platforms like modular platforms with dual supervisor support and container EOS.

Note

The reload delay values should be reviewed and tuned to the specific environment.

Note

The default values will be overridden if defining this key, so it is recommended to copy the defaults and modify them.

TableYAML

Variable	Type	Required	Default	Value Restrictions	Description
`platform_settings`	List, items: Dictionary		See (+) on YAML tab
`- platforms`	List, items: String
`- <str>`	String
`trident_forwarding_table_partition`	String				Only applied when evpn_multicast is true.
`reload_delay`	Dictionary
`mlag`	Integer			Min: 0 Max: 86400	In seconds.
`non_mlag`	Integer			Min: 0 Max: 86400	In seconds.
`tcam_profile`	String
`lag_hardware_only`	Boolean
`feature_support`	Dictionary
`queue_monitor_length_notify`	Boolean		`True`
`interface_storm_control`	Boolean		`True`
`poe`	Boolean		`False`
`bgp_update_wait_install`	Boolean		`True`		Disables FIB updates and route advertisement when the BGP instance is initiated until the BGP convergence state is reached. Can be overridden by setting “bgp_update_wait_install” host/group_vars.
`bgp_update_wait_for_convergence`	Boolean		`True`		Do not advertise reachability to a prefix until that prefix has been installed in hardware. This will eliminate any temporary black holes due to a BGP speaker advertising reachability to a prefix that may not yet be installed into the forwarding plane. Can be overridden by setting “bgp_update_wait_for_convergence” host/group_vars.
`management_interface`	String		`Management1`
`raw_eos_cli`	String				EOS CLI rendered directly on the root level of the final EOS configuration.
`platform_speed_groups`	List, items: Dictionary				Set Hardware Speed Groups per Platform.
`- platform`	String	Required, Unique
`speeds`	List, items: Dictionary
`- speed`	String	Required, Unique
`speed_groups`	List, items: Integer
`- <int>`	Integer

platform_settings: # (1)!
  - platforms:
      - <str>
    trident_forwarding_table_partition: <str>
    reload_delay:
      mlag: <int>
      non_mlag: <int>
    tcam_profile: <str>
    lag_hardware_only: <bool>
    feature_support:
      queue_monitor_length_notify: <bool>
      interface_storm_control: <bool>
      poe: <bool>
      bgp_update_wait_install: <bool>
      bgp_update_wait_for_convergence: <bool>
    management_interface: <str>
    raw_eos_cli: <str>
platform_speed_groups:
  - platform: <str>
    speeds:
      - speed: <str>
        speed_groups:
          - <int>

Default Value

platform_settings:
- feature_support:
    queue_monitor_length_notify: false
  platforms:
  - default
  reload_delay:
    mlag: 300
    non_mlag: 330
- feature_support:
    queue_monitor_length_notify: false
  platforms:
  - 7050X3
  - 720XP
  - 722XP
  reload_delay:
    mlag: 300
    non_mlag: 330
  trident_forwarding_table_partition: flexible exact-match 16384 l2-shared 98304 l3-shared
    131072
- lag_hardware_only: true
  platforms:
  - 7280R
  - 7280R2
  - 7020R
  reload_delay:
    mlag: 900
    non_mlag: 1020
  tcam_profile: vxlan-routing
- platforms:
  - 7280R3
  reload_delay:
    mlag: 900
    non_mlag: 1020
- lag_hardware_only: true
  management_interface: Management0
  platforms:
  - 7500R
  - 7500R2
  reload_delay:
    mlag: 900
    non_mlag: 1020
  tcam_profile: vxlan-routing
- management_interface: Management0
  platforms:
  - 7500R3
  - 7800R3
  reload_delay:
    mlag: 900
    non_mlag: 1020
- management_interface: Management0
  platforms:
  - 7368X4
  reload_delay:
    mlag: 300
    non_mlag: 330
- management_interface: Management0
  platforms:
  - 7300X3
  reload_delay:
    mlag: 1200
    non_mlag: 1320
  trident_forwarding_table_partition: flexible exact-match 16384 l2-shared 98304 l3-shared
    131072
- feature_support:
    bgp_update_wait_for_convergence: false
    bgp_update_wait_install: false
    interface_storm_control: false
    queue_monitor_length_notify: false
  platforms:
  - VEOS
  - VEOS-LAB
  - vEOS
  - vEOS-lab
  reload_delay:
    mlag: 300
    non_mlag: 330
- feature_support:
    bgp_update_wait_for_convergence: false
    bgp_update_wait_install: false
    interface_storm_control: false
    queue_monitor_length_notify: false
  management_interface: Management0
  platforms:
  - CEOS
  - cEOS
  - ceos
  - cEOSLab
  reload_delay:
    mlag: 300
    non_mlag: 330

PTP settings¶

See the Configuring PTP how-to for details.

TableYAML

Variable	Type	Default	Value Restrictions	Description
`ptp`	Dictionary
`enabled`	Boolean
`profile`	String	`aes67-r16-2016`	Valid Values: - aes67 - smpte2059-2 - aes67-r16-2016
`domain`	Integer		Min: 0 Max: 255
`auto_clock_identity`	Boolean	`True`
`ptp_profiles`	List, items: Dictionary	See (+) on YAML tab
`- profile`	String			PTP profile.
`announce`	Dictionary			PTP announce interval.
`interval`	Integer		Min: -7 Max: 4
`timeout`	Integer		Min: 2 Max: 255
`delay_req`	Integer		Min: -7 Max: 8
`sync_message`	Dictionary			PTP sync message interval.
`interval`	Integer		Min: -7 Max: 3
`transport`	String		Valid Values: - ipv4

ptp:
  enabled: <bool>
  profile: <str>
  domain: <int>
  auto_clock_identity: <bool>
ptp_profiles: # (1)!
  - profile: <str>
    announce:
      interval: <int>
      timeout: <int>
    delay_req: <int>
    sync_message:
      interval: <int>
    transport: <str>

Default Value

ptp_profiles:
- announce:
    interval: 0
    timeout: 3
  delay_req: -3
  profile: aes67-r16-2016
  sync_message:
    interval: -3
  transport: ipv4
- announce:
    interval: -2
    timeout: 3
  delay_req: -4
  profile: smpte2059-2
  sync_message:
    interval: -4
  transport: ipv4
- announce:
    interval: 2
    timeout: 3
  delay_req: 0
  profile: aes67
  sync_message:
    interval: 0
  transport: ipv4

Custom Structured Configuration¶

See the Custom Structured Configuration how-to for details.

TableYAML

Variable	Type	Default	Value Restrictions	Description
`custom_structured_configuration_list_merge`	String	`append_rp`	Valid Values: - replace - append - keep - prepend - append_rp - prepend_rp	The List-merge strategy used when merging custom structured configurations. This applies to all vars prefixed by prefixes in `custom_structured_configuration_prefix` and all data under the various `structured_config` options. The available list merge strategies: - `replace`: - Any list will be replaced with the list defined in custom structured configurations. - `append`: - Existing list items with the same “Primary key”-value will be updated. - New items will be appended to the existing list (including duplicates). - `keep`: - Only set list if there is no existing list or existing list is `None`. - `prepend`: - Existing list items with the same “Primary key”-value will be updated. - New items will be prepended to the existing list (including duplicates). - `append_rp`: - Existing list items with the same “Primary key”-value will be updated. - New unique items will be appended to the existing list. - `prepend_rp`: - Existing list items with the same “Primary key”-value will be updated. - New unique items will be prepended to the existing list.
`custom_structured_configuration_prefix`	List, items: String	`['custom_structured_configuration_']`		Custom EOS Structured Configuration keys can be set on any group or host_var level using the name of the corresponding `eos_cli_config_gen` key prefixed with content of `custom_structured_configuration_prefix`. The content of Custom Structured Configuration variables will be merged with the structured config generated by the eos_designs role. The merge is done recursively, so it is possible to update a sub-key of a variable set by `eos_designs` role already. The merge follow these recursive merge strategies: - New keys will be added for all types. - Existing keys of type “List” with a “Primary key” set in the schema: - Strategy can be changed with `custom_structured_configuration_list_merge`. Default strategy: - Existing list items with the same “Primary key”-value will be updated. - New unique items will be appended to the existing list - Other keys of type “List” will have new unique items appended the the existing list. - Existing keys of type “Dictionary” will recursively merge - Other existing keys will be replaced.
`- <str>`	String

custom_structured_configuration_list_merge: <str>
custom_structured_configuration_prefix:
  - <str>

Last update: June 13, 2023