Skip to content

dc1-leaf1a

Table of Contents

Management

Management Interfaces

Management Interfaces Summary

IPv4
Management Interface Description Type VRF IP Address Gateway
Management1 OOB_MANAGEMENT oob MGMT 172.16.1.101/24 172.16.1.1
IPv6
Management Interface Description Type VRF IPv6 Address IPv6 Gateway
Management1 OOB_MANAGEMENT oob MGMT - -

Management Interfaces Device Configuration

!
interface Management1
   description OOB_MANAGEMENT
   no shutdown
   vrf MGMT
   ip address 172.16.1.101/24

IP Name Servers

IP Name Servers Summary

Name Server VRF Priority
192.168.1.1 MGMT -

IP Name Servers Device Configuration

ip name-server vrf MGMT 192.168.1.1

NTP

NTP Summary

NTP Local Interface
Interface VRF
Management1 MGMT
NTP Servers
Server VRF Preferred Burst iBurst Version Min Poll Max Poll Local-interface Key
0.pool.ntp.org MGMT True - - - - - - -

NTP Device Configuration

!
ntp local-interface vrf MGMT Management1
ntp server vrf MGMT 0.pool.ntp.org prefer

Management API HTTP

Management API HTTP Summary

HTTP HTTPS Default Services
False True -

Management API VRF Access

VRF Name IPv4 ACL IPv6 ACL
MGMT - -

Management API HTTP Device Configuration

!
management api http-commands
   protocol https
   no shutdown
   !
   vrf MGMT
      no shutdown

Authentication

Local Users

Local Users Summary

User Privilege Role Disabled Shell
admin 15 network-admin False -
ansible 15 network-admin False -

Local Users Device Configuration

!
username admin privilege 15 role network-admin nopassword
username ansible privilege 15 role network-admin secret sha512 <removed>

Enable Password

Enable password has been disabled

Monitoring

TerminAttr Daemon

TerminAttr Daemon Summary

CV Compression CloudVision Servers VRF Authentication Smash Excludes Ingest Exclude Bypass AAA
gzip 192.168.1.12:9910 MGMT token,/tmp/token ale,flexCounter,hardware,kni,pulse,strata /Sysdb/cell/1/agent,/Sysdb/cell/2/agent True

TerminAttr Daemon Device Configuration

!
daemon TerminAttr
   exec /usr/bin/TerminAttr -cvaddr=192.168.1.12:9910 -cvauth=token,/tmp/token -cvvrf=MGMT -disableaaa -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs
   no shutdown

MLAG

MLAG Summary

Domain-id Local-interface Peer-address Peer-link
DC1_L3_LEAF1 Vlan4094 10.255.1.65 Port-Channel3

Dual primary detection is disabled.

MLAG Device Configuration

!
mlag configuration
   domain-id DC1_L3_LEAF1
   local-interface Vlan4094
   peer-address 10.255.1.65
   peer-link Port-Channel3
   reload-delay mlag 300
   reload-delay non-mlag 330

Spanning Tree

Spanning Tree Summary

STP mode: mstp

MSTP Instance and Priority

Instance(s) Priority
0 4096

Global Spanning-Tree Settings

  • Spanning Tree disabled for VLANs: 4093-4094

Spanning Tree Device Configuration

!
spanning-tree mode mstp
no spanning-tree vlan-id 4093-4094
spanning-tree mst 0 priority 4096

Internal VLAN Allocation Policy

Internal VLAN Allocation Policy Summary

Policy Allocation Range Beginning Range Ending
ascending 1006 1199

Internal VLAN Allocation Policy Device Configuration

!
vlan internal order ascending range 1006 1199

VLANs

VLANs Summary

VLAN ID Name Trunk Groups
11 VRF10_VLAN11 -
12 VRF10_VLAN12 -
21 VRF11_VLAN21 -
22 VRF11_VLAN22 -
3009 MLAG_L3_VRF_VRF10 MLAG
3010 MLAG_L3_VRF_VRF11 MLAG
3401 L2_VLAN3401 -
3402 L2_VLAN3402 -
4093 MLAG_L3 MLAG
4094 MLAG MLAG

VLANs Device Configuration

!
vlan 11
   name VRF10_VLAN11
!
vlan 12
   name VRF10_VLAN12
!
vlan 21
   name VRF11_VLAN21
!
vlan 22
   name VRF11_VLAN22
!
vlan 3009
   name MLAG_L3_VRF_VRF10
   trunk group MLAG
!
vlan 3010
   name MLAG_L3_VRF_VRF11
   trunk group MLAG
!
vlan 3401
   name L2_VLAN3401
!
vlan 3402
   name L2_VLAN3402
!
vlan 4093
   name MLAG_L3
   trunk group MLAG
!
vlan 4094
   name MLAG
   trunk group MLAG

Interfaces

Ethernet Interfaces

Ethernet Interfaces Summary

L2
Interface Description Mode VLANs Native VLAN Trunk Group Channel-Group
Ethernet3 MLAG_dc1-leaf1b_Ethernet3 *trunk *- *- *MLAG 3
Ethernet4 MLAG_dc1-leaf1b_Ethernet4 *trunk *- *- *MLAG 3
Ethernet5 SERVER_dc1-leaf1-server1_PCI1 *trunk *11-12,21-22 *4092 *- 5
Ethernet8 L2_dc1-leaf1c_Ethernet1 *trunk *11-12,21-22,3401-3402 *- *- 8

*Inherited from Port-Channel Interface

IPv4
Interface Description Channel Group IP Address VRF MTU Shutdown ACL In ACL Out
Ethernet1 P2P_dc1-spine1_Ethernet1 - 10.255.255.1/31 default 1500 False - -
Ethernet2 P2P_dc1-spine2_Ethernet1 - 10.255.255.3/31 default 1500 False - -

Ethernet Interfaces Device Configuration

!
interface Ethernet1
   description P2P_dc1-spine1_Ethernet1
   no shutdown
   mtu 1500
   no switchport
   ip address 10.255.255.1/31
!
interface Ethernet2
   description P2P_dc1-spine2_Ethernet1
   no shutdown
   mtu 1500
   no switchport
   ip address 10.255.255.3/31
!
interface Ethernet3
   description MLAG_dc1-leaf1b_Ethernet3
   no shutdown
   channel-group 3 mode active
!
interface Ethernet4
   description MLAG_dc1-leaf1b_Ethernet4
   no shutdown
   channel-group 3 mode active
!
interface Ethernet5
   description SERVER_dc1-leaf1-server1_PCI1
   no shutdown
   channel-group 5 mode active
!
interface Ethernet8
   description L2_dc1-leaf1c_Ethernet1
   no shutdown
   channel-group 8 mode active

Port-Channel Interfaces

Port-Channel Interfaces Summary

L2
Interface Description Mode VLANs Native VLAN Trunk Group LACP Fallback Timeout LACP Fallback Mode MLAG ID EVPN ESI
Port-Channel3 MLAG_dc1-leaf1b_Port-Channel3 trunk - - MLAG - - - -
Port-Channel5 SERVER_dc1-leaf1-server1_Bond1 trunk 11-12,21-22 4092 - - - 5 -
Port-Channel8 L2_dc1-leaf1c_Port-Channel1 trunk 11-12,21-22,3401-3402 - - - - 8 -

Port-Channel Interfaces Device Configuration

!
interface Port-Channel3
   description MLAG_dc1-leaf1b_Port-Channel3
   no shutdown
   switchport mode trunk
   switchport trunk group MLAG
   switchport
!
interface Port-Channel5
   description SERVER_dc1-leaf1-server1_Bond1
   no shutdown
   switchport trunk native vlan 4092
   switchport trunk allowed vlan 11-12,21-22
   switchport mode trunk
   switchport
   mlag 5
   spanning-tree portfast
!
interface Port-Channel8
   description L2_dc1-leaf1c_Port-Channel1
   no shutdown
   switchport trunk allowed vlan 11-12,21-22,3401-3402
   switchport mode trunk
   switchport
   mlag 8

Loopback Interfaces

Loopback Interfaces Summary

IPv4
Interface Description VRF IP Address
Loopback0 ROUTER_ID default 10.255.0.3/32
Loopback1 VXLAN_TUNNEL_SOURCE default 10.255.1.3/32
Loopback10 DIAG_VRF_VRF10 VRF10 10.255.10.3/32
Loopback11 DIAG_VRF_VRF11 VRF11 10.255.11.3/32
IPv6
Interface Description VRF IPv6 Address
Loopback0 ROUTER_ID default -
Loopback1 VXLAN_TUNNEL_SOURCE default -
Loopback10 DIAG_VRF_VRF10 VRF10 -
Loopback11 DIAG_VRF_VRF11 VRF11 -

Loopback Interfaces Device Configuration

!
interface Loopback0
   description ROUTER_ID
   no shutdown
   ip address 10.255.0.3/32
!
interface Loopback1
   description VXLAN_TUNNEL_SOURCE
   no shutdown
   ip address 10.255.1.3/32
!
interface Loopback10
   description DIAG_VRF_VRF10
   no shutdown
   vrf VRF10
   ip address 10.255.10.3/32
!
interface Loopback11
   description DIAG_VRF_VRF11
   no shutdown
   vrf VRF11
   ip address 10.255.11.3/32

VLAN Interfaces

VLAN Interfaces Summary

Interface Description VRF MTU Shutdown
Vlan11 VRF10_VLAN11 VRF10 - False
Vlan12 VRF10_VLAN12 VRF10 - False
Vlan21 VRF11_VLAN21 VRF11 - False
Vlan22 VRF11_VLAN22 VRF11 - False
Vlan3009 MLAG_L3_VRF_VRF10 VRF10 1500 False
Vlan3010 MLAG_L3_VRF_VRF11 VRF11 1500 False
Vlan4093 MLAG_L3 default 1500 False
Vlan4094 MLAG default 1500 False
IPv4
Interface VRF IP Address IP Address Virtual IP Router Virtual Address ACL In ACL Out
Vlan11 VRF10 - 10.10.11.1/24 - - -
Vlan12 VRF10 - 10.10.12.1/24 - - -
Vlan21 VRF11 - 10.10.21.1/24 - - -
Vlan22 VRF11 - 10.10.22.1/24 - - -
Vlan3009 VRF10 10.255.1.96/31 - - - -
Vlan3010 VRF11 10.255.1.96/31 - - - -
Vlan4093 default 10.255.1.96/31 - - - -
Vlan4094 default 10.255.1.64/31 - - - -

VLAN Interfaces Device Configuration

!
interface Vlan11
   description VRF10_VLAN11
   no shutdown
   vrf VRF10
   ip address virtual 10.10.11.1/24
!
interface Vlan12
   description VRF10_VLAN12
   no shutdown
   vrf VRF10
   ip address virtual 10.10.12.1/24
!
interface Vlan21
   description VRF11_VLAN21
   no shutdown
   vrf VRF11
   ip address virtual 10.10.21.1/24
!
interface Vlan22
   description VRF11_VLAN22
   no shutdown
   vrf VRF11
   ip address virtual 10.10.22.1/24
!
interface Vlan3009
   description MLAG_L3_VRF_VRF10
   no shutdown
   mtu 1500
   vrf VRF10
   ip address 10.255.1.96/31
!
interface Vlan3010
   description MLAG_L3_VRF_VRF11
   no shutdown
   mtu 1500
   vrf VRF11
   ip address 10.255.1.96/31
!
interface Vlan4093
   description MLAG_L3
   no shutdown
   mtu 1500
   ip address 10.255.1.96/31
!
interface Vlan4094
   description MLAG
   no shutdown
   mtu 1500
   no autostate
   ip address 10.255.1.64/31

VXLAN Interface

VXLAN Interface Summary

Setting Value
Source Interface Loopback1
UDP port 4789
EVPN MLAG Shared Router MAC mlag-system-id
VLAN to VNI, Flood List and Multicast Group Mappings
VLAN VNI Flood List Multicast Group
11 10011 - -
12 10012 - -
21 10021 - -
22 10022 - -
3401 13401 - -
3402 13402 - -
VRF to VNI and Multicast Group Mappings
VRF VNI Multicast Group
VRF10 10 -
VRF11 11 -

VXLAN Interface Device Configuration

!
interface Vxlan1
   description dc1-leaf1a_VTEP
   vxlan source-interface Loopback1
   vxlan virtual-router encapsulation mac-address mlag-system-id
   vxlan udp-port 4789
   vxlan vlan 11 vni 10011
   vxlan vlan 12 vni 10012
   vxlan vlan 21 vni 10021
   vxlan vlan 22 vni 10022
   vxlan vlan 3401 vni 13401
   vxlan vlan 3402 vni 13402
   vxlan vrf VRF10 vni 10
   vxlan vrf VRF11 vni 11

Routing

Service Routing Protocols Model

Multi agent routing protocol model enabled

!
service routing protocols model multi-agent

Virtual Router MAC Address

Virtual Router MAC Address Summary

Virtual Router MAC Address: 00:1c:73:00:00:99

Virtual Router MAC Address Device Configuration

!
ip virtual-router mac-address 00:1c:73:00:00:99

IP Routing

IP Routing Summary

VRF Routing Enabled
default True
MGMT False
VRF10 True
VRF11 True

IP Routing Device Configuration

!
ip routing
no ip routing vrf MGMT
ip routing vrf VRF10
ip routing vrf VRF11

IPv6 Routing

IPv6 Routing Summary

VRF Routing Enabled
default False
MGMT false
VRF10 false
VRF11 false

Static Routes

Static Routes Summary

VRF Destination Prefix Next Hop IP Exit interface Administrative Distance Tag Route Name Metric
MGMT 0.0.0.0/0 172.16.1.1 - 1 - - -

Static Routes Device Configuration

!
ip route vrf MGMT 0.0.0.0/0 172.16.1.1

Router BGP

ASN Notation: asplain

Router BGP Summary

BGP AS Router ID
65101 10.255.0.3
BGP Tuning
no bgp default ipv4-unicast
maximum-paths 4 ecmp 4

Router BGP Peer Groups

EVPN-OVERLAY-PEERS
Settings Value
Address Family evpn
Source Loopback0
BFD True
Ebgp multihop 3
Send community all
Maximum routes 0 (no limit)
IPv4-UNDERLAY-PEERS
Settings Value
Address Family ipv4
Send community all
Maximum routes 12000
MLAG-IPv4-UNDERLAY-PEER
Settings Value
Address Family ipv4
Remote AS 65101
Next-hop self True
Send community all
Maximum routes 12000

BGP Neighbors

Neighbor Remote AS VRF Shutdown Send-community Maximum-routes Allowas-in BFD RIB Pre-Policy Retain Route-Reflector Client Passive TTL Max Hops
10.255.0.1 65100 default - Inherited from peer group EVPN-OVERLAY-PEERS Inherited from peer group EVPN-OVERLAY-PEERS - Inherited from peer group EVPN-OVERLAY-PEERS - - - -
10.255.0.2 65100 default - Inherited from peer group EVPN-OVERLAY-PEERS Inherited from peer group EVPN-OVERLAY-PEERS - Inherited from peer group EVPN-OVERLAY-PEERS - - - -
10.255.1.97 Inherited from peer group MLAG-IPv4-UNDERLAY-PEER default - Inherited from peer group MLAG-IPv4-UNDERLAY-PEER Inherited from peer group MLAG-IPv4-UNDERLAY-PEER - - - - - -
10.255.255.0 65100 default - Inherited from peer group IPv4-UNDERLAY-PEERS Inherited from peer group IPv4-UNDERLAY-PEERS - - - - - -
10.255.255.2 65100 default - Inherited from peer group IPv4-UNDERLAY-PEERS Inherited from peer group IPv4-UNDERLAY-PEERS - - - - - -
10.255.1.97 Inherited from peer group MLAG-IPv4-UNDERLAY-PEER VRF10 - Inherited from peer group MLAG-IPv4-UNDERLAY-PEER Inherited from peer group MLAG-IPv4-UNDERLAY-PEER - - - - - -
10.255.1.97 Inherited from peer group MLAG-IPv4-UNDERLAY-PEER VRF11 - Inherited from peer group MLAG-IPv4-UNDERLAY-PEER Inherited from peer group MLAG-IPv4-UNDERLAY-PEER - - - - - -

Router BGP EVPN Address Family

EVPN Peer Groups
Peer Group Activate Route-map In Route-map Out Encapsulation
EVPN-OVERLAY-PEERS True - - default

Router BGP VLANs

VLAN Route-Distinguisher Both Route-Target Import Route Target Export Route-Target Redistribute
11 10.255.0.3:10011 10011:10011 - - learned
12 10.255.0.3:10012 10012:10012 - - learned
21 10.255.0.3:10021 10021:10021 - - learned
22 10.255.0.3:10022 10022:10022 - - learned
3401 10.255.0.3:13401 13401:13401 - - learned
3402 10.255.0.3:13402 13402:13402 - - learned

Router BGP VRFs

VRF Route-Distinguisher Redistribute
VRF10 10.255.0.3:10 connected
VRF11 10.255.0.3:11 connected

Router BGP Device Configuration

!
router bgp 65101
   router-id 10.255.0.3
   no bgp default ipv4-unicast
   maximum-paths 4 ecmp 4
   neighbor EVPN-OVERLAY-PEERS peer group
   neighbor EVPN-OVERLAY-PEERS update-source Loopback0
   neighbor EVPN-OVERLAY-PEERS bfd
   neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3
   neighbor EVPN-OVERLAY-PEERS password 7 <removed>
   neighbor EVPN-OVERLAY-PEERS send-community
   neighbor EVPN-OVERLAY-PEERS maximum-routes 0
   neighbor IPv4-UNDERLAY-PEERS peer group
   neighbor IPv4-UNDERLAY-PEERS password 7 <removed>
   neighbor IPv4-UNDERLAY-PEERS send-community
   neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000
   neighbor MLAG-IPv4-UNDERLAY-PEER peer group
   neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101
   neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self
   neighbor MLAG-IPv4-UNDERLAY-PEER description dc1-leaf1b
   neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in
   neighbor MLAG-IPv4-UNDERLAY-PEER password 7 <removed>
   neighbor MLAG-IPv4-UNDERLAY-PEER send-community
   neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000
   neighbor 10.255.0.1 peer group EVPN-OVERLAY-PEERS
   neighbor 10.255.0.1 remote-as 65100
   neighbor 10.255.0.1 description dc1-spine1_Loopback0
   neighbor 10.255.0.2 peer group EVPN-OVERLAY-PEERS
   neighbor 10.255.0.2 remote-as 65100
   neighbor 10.255.0.2 description dc1-spine2_Loopback0
   neighbor 10.255.1.97 peer group MLAG-IPv4-UNDERLAY-PEER
   neighbor 10.255.1.97 description dc1-leaf1b_Vlan4093
   neighbor 10.255.255.0 peer group IPv4-UNDERLAY-PEERS
   neighbor 10.255.255.0 remote-as 65100
   neighbor 10.255.255.0 description dc1-spine1_Ethernet1
   neighbor 10.255.255.2 peer group IPv4-UNDERLAY-PEERS
   neighbor 10.255.255.2 remote-as 65100
   neighbor 10.255.255.2 description dc1-spine2_Ethernet1
   redistribute connected route-map RM-CONN-2-BGP
   !
   vlan 11
      rd 10.255.0.3:10011
      route-target both 10011:10011
      redistribute learned
   !
   vlan 12
      rd 10.255.0.3:10012
      route-target both 10012:10012
      redistribute learned
   !
   vlan 21
      rd 10.255.0.3:10021
      route-target both 10021:10021
      redistribute learned
   !
   vlan 22
      rd 10.255.0.3:10022
      route-target both 10022:10022
      redistribute learned
   !
   vlan 3401
      rd 10.255.0.3:13401
      route-target both 13401:13401
      redistribute learned
   !
   vlan 3402
      rd 10.255.0.3:13402
      route-target both 13402:13402
      redistribute learned
   !
   address-family evpn
      neighbor EVPN-OVERLAY-PEERS activate
   !
   address-family ipv4
      no neighbor EVPN-OVERLAY-PEERS activate
      neighbor IPv4-UNDERLAY-PEERS activate
      neighbor MLAG-IPv4-UNDERLAY-PEER activate
   !
   vrf VRF10
      rd 10.255.0.3:10
      route-target import evpn 10:10
      route-target export evpn 10:10
      router-id 10.255.0.3
      neighbor 10.255.1.97 peer group MLAG-IPv4-UNDERLAY-PEER
      neighbor 10.255.1.97 description dc1-leaf1b_Vlan3009
      redistribute connected route-map RM-CONN-2-BGP-VRFS
   !
   vrf VRF11
      rd 10.255.0.3:11
      route-target import evpn 11:11
      route-target export evpn 11:11
      router-id 10.255.0.3
      neighbor 10.255.1.97 peer group MLAG-IPv4-UNDERLAY-PEER
      neighbor 10.255.1.97 description dc1-leaf1b_Vlan3010
      redistribute connected route-map RM-CONN-2-BGP-VRFS

BFD

Router BFD

Router BFD Multihop Summary

Interval Minimum RX Multiplier
300 300 3

Router BFD Device Configuration

!
router bfd
   multihop interval 300 min-rx 300 multiplier 3

Multicast

IP IGMP Snooping

IP IGMP Snooping Summary

IGMP Snooping Fast Leave Interface Restart Query Proxy Restart Query Interval Robustness Variable
Enabled - - - - -

IP IGMP Snooping Device Configuration


Filters

Prefix-lists

Prefix-lists Summary

PL-LOOPBACKS-EVPN-OVERLAY
Sequence Action
10 permit 10.255.0.0/27 eq 32
20 permit 10.255.1.0/27 eq 32
PL-MLAG-PEER-VRFS
Sequence Action
10 permit 10.255.1.96/31

Prefix-lists Device Configuration

!
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
   seq 10 permit 10.255.0.0/27 eq 32
   seq 20 permit 10.255.1.0/27 eq 32
!
ip prefix-list PL-MLAG-PEER-VRFS
   seq 10 permit 10.255.1.96/31

Route-maps

Route-maps Summary

RM-CONN-2-BGP
Sequence Type Match Set Sub-Route-Map Continue
10 permit ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY - - -
RM-CONN-2-BGP-VRFS
Sequence Type Match Set Sub-Route-Map Continue
10 deny ip address prefix-list PL-MLAG-PEER-VRFS - - -
20 permit - - - -
RM-MLAG-PEER-IN
Sequence Type Match Set Sub-Route-Map Continue
10 permit - origin incomplete - -

Route-maps Device Configuration

!
route-map RM-CONN-2-BGP permit 10
   match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
route-map RM-CONN-2-BGP-VRFS deny 10
   match ip address prefix-list PL-MLAG-PEER-VRFS
!
route-map RM-CONN-2-BGP-VRFS permit 20
!
route-map RM-MLAG-PEER-IN permit 10
   description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
   set origin incomplete

VRF Instances

VRF Instances Summary

VRF Name IP Routing
MGMT disabled
VRF10 enabled
VRF11 enabled

VRF Instances Device Configuration

!
vrf instance MGMT
!
vrf instance VRF10
!
vrf instance VRF11

Virtual Source NAT

Virtual Source NAT Summary

Source NAT VRF Source NAT IPv4 Address Source NAT IPv6 Address
VRF10 10.255.10.3 -
VRF11 10.255.11.3 -

Virtual Source NAT Configuration

!
ip address virtual source-nat vrf VRF10 address 10.255.10.3
ip address virtual source-nat vrf VRF11 address 10.255.11.3