Single DC Multi-Pod L3LS (5-Stage Clos)¶
Introduction¶
This example shows how to create a multi-pod environment (a 5-stage Clos) in a single DC environment. Of course, this can be used in multiple DCs, but this example is only for two PODs in a single DC.
This example only teaches some aspects of an L3LS EVPN/VXLAN build; please see the single DC L3LS example for additional information. It supplements the single DC example, concentrating on the unique elements of multiple PODs/5-stage Clos.
AVD Playground¶
AVD playground is an interactive Cloud-based lab environment sponsored by Arista. To get started, simply sign in at labs.arista.com and click the button below to launch the lab.
For detailed guidance, please refer to the “How to use AVD examples” guide.
Note
Due to infrastructure costs and security protocols, AVD Playgrounds are exclusively available to registered Arista customers with an active support contract. Users are expected to adhere to the EULA terms accepted during registration and use the environment for its intended professional purposes. If you do not currently have the required access level, please contact your Arista account team.
Installation¶
Requirements to use this example:
- Follow the installation guide for AVD
- Run the following playbook to copy the AVD examples to your current working directory, for example
ansible-avd-examples:
This will show the following:
~/ansible-avd-examples# ansible-playbook arista.avd.install_examples
PLAY [Install Examples]**********************************************************************************************
TASK [Copy all examples to ~/ansible-avd-examples]*******************************************************************
changed: [localhost]
PLAY RECAP
*********************************************************************************************************************
localhost : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Info
If the content of any file is modified and the playbook is rerun, the file will not be overwritten. However, if any file in the example is deleted and the playbook is rerun, Ansible will re-create the file.
After the playbook has run successfully, the directory structure of the example should look like below, the contents of which will be covered in later sections:
ansible-avd-examples/ (or wherever the playbook was run)
|── single-dc-multipod-l3ls
├── ansible.cfg
├── build.yml
├── clab
├── deploy-cvp.yml
├── deploy.yml
├── documentation
├── group_vars
├── images
├── intended
├── inventory.yml
├── README.md
└── validate.yml
Overall design overview¶
Physical topology¶
The drawing below shows the physical topology used in this example. The interface assignments shown here are referenced across the entire example, so keep that in mind if this example must be adapted to a different topology.
Fabric design¶
The fabric is a basic L3LS EVPN/VXLAN design with a multi-pod (5-stage Clos) architecture.
Ansible inventory, group vars, and naming scheme¶
The following drawing shows a graphic overview of the Ansible inventory, group variables, and naming scheme used in this example:
The SUPERSPINES group has been added, as well as POD1 and POD2 groups with PODX_LEAFS and PODX_SPINES under each. The EVPN_SERVICES and CONNECTED_ENDPOINTS allow separation of YAML files, and putting the PODX_LEAFS under them will build the appropriate configs for those devices (VXLAN/VLAN/anycast gateways do not get instantiated on spines, of course).
Content of the inventory.yml file¶
inventory.yml
---
all:
children:
FABRIC:
children:
SUPERSPINES:
hosts:
dc1-ss1:
ansible_host: 172.16.1.25
dc1-ss2:
ansible_host: 172.16.1.26
POD1:
children:
POD1_SPINES:
hosts:
dc1-spine1:
ansible_host: 172.16.1.11
dc1-spine2:
ansible_host: 172.16.1.12
POD1_LEAFS:
hosts:
dc1-leaf1a:
ansible_host: 172.16.1.21
dc1-leaf1b:
ansible_host: 172.16.1.22
POD2:
children:
POD2_SPINES:
hosts:
dc1-spine3:
ansible_host: 172.16.1.13
dc1-spine4:
ansible_host: 172.16.1.14
POD2_LEAFS:
hosts:
dc1-leaf2a:
ansible_host: 172.16.1.23
dc1-leaf2b:
ansible_host: 172.16.1.24
EVPN_SERVICES:
children:
POD1_LEAFS:
POD2_LEAFS:
CONNECTED_ENDPOINTS:
children:
POD1_LEAFS:
POD2_LEAFS:
Fabric files¶
With the topology, the following YAML files are used in group_vars:
- FABRIC/fabric_ansible_connectivity.yml
- FABRIC/fabric_variables.yml
- SUPERSPINES/superspines.yml
- POD1/pod1.yml
- POD2/pod2.yml
- EVPN_SERVICES/evpn_services.yml
- CONNECTED_ENDPOINTS/endpoints.yml
The fabric_variables.yml file contains parameters that would apply to the entire fabric, such as evpn_vlan_aware_bundles: true.
FABRIC/fabric_variables.yml
---
# Common AVD group variables
fabric_name: FABRIC
# Generate CSVs with fabric link info.
eos_designs_documentation:
topology_csv: true
p2p_links_csv: true
# Enable eAPI for programmatic access
management_eapi:
enabled: true
# Default gateway for management network (172.16.1.0/24)
mgmt_gateway: 172.16.1.1
# VLAN-aware bundles reduce BGP EVPN route count by bundling VLANs
evpn_vlan_aware_bundles: true
# Define default node types based on hostnames
# Eliminates need to specify 'type' per node in inventory
default_node_types:
- node_type: super-spine
match_hostnames:
- ".*-ss.*"
- node_type: spine
match_hostnames:
- ".*-spine.*"
- node_type: l3leaf
match_hostnames:
- ".*-leaf.*"
# Automatically assign interfaces based on node type
# Eliminates need to specify interfaces per node
default_interfaces:
- types: [super-spine]
platforms: [default]
downlink_interfaces: [Ethernet1-4] # Connects to pod spines
- types: [spine]
platforms: [default]
uplink_interfaces: [Ethernet1-2] # Connects to super-spines
downlink_interfaces: [Ethernet3-4] # Connects to leafs
- types: [l3leaf]
platforms: [default]
uplink_interfaces: [Ethernet1-2] # Connects to spines
mlag_interfaces: [Ethernet3-4] # MLAG peer-link
# Local users
aaa_settings:
local_users:
# Username with no password configured
- name: admin
privilege: 15
role: network-admin
no_password: true
# Username with a password
- name: arista
privilege: 15
role: network-admin
sha512_password: "$6$Enl0WfE32FthwyiJ$yTyGaEJ2uPKLU.F7314YtB7J1jrzrMi7ogXIRTEHQfLdLgKWWmr1UvNlZLN6AyuxET7G5aH3AI9OYRzxVTkB1."
# BFD Settings
bfd_multihop:
interval: 1200
min_rx: 1200
multiplier: 3
dns_settings:
servers:
- ip_address: 192.168.1.1
# NTP Servers IP or DNS name, first NTP server will be preferred, and sourced from Management VRF
ntp_settings:
server_vrf: use_mgmt_interface_vrf
servers:
- name: 0.pool.ntp.org
The superspines.yml file contains the super-spine definitions.
SUPERSPINES/superspines.yml
---
# Super-Spine Switches
super_spine:
defaults:
platform: cEOSLab
bgp_as: 65000
loopback_ipv4_pool: 192.168.101.0/24
evpn_role: server
nodes:
- name: dc1-ss1
id: 201
mgmt_ip: 172.16.1.25/24
- name: dc1-ss2
id: 202
mgmt_ip: 172.16.1.26/24
The super_spine section works like the traditional spine section in a single POD L3LS. It will need an ASN (separate from the POD spines) and loopback pool (which can be the same pool as the PODs, as long as the IDs are unique). The evpn_role: server makes the super-spines a route server, as the PODs’ routes need to be propagated to each other.
The leaf configurations, EVPN services, and endpoints sections aren’t affected by the multi-pod format.
The POD1 and POD2 YAML files contain the descriptions of the leafs and spines. Note that each POD’s spines have its own unique ASN (eBGP). Also, the spines now have uplink interfaces and uplink switches specified (to the superspines) with the uplink_switches and uplink_switch_interfaces directives. The uplink pool can overlap between the PODs in a DC. If doing multi-DC, the pools should be on different subnets.
POD1/pod1.yml
---
# Spine Switches
spine:
defaults:
platform: cEOSLab
bgp_as: 65001
loopback_ipv4_pool: 192.168.101.0/24
uplink_switches: [dc1-ss1, dc1-ss2] # Where the spine uplinks go
uplink_ipv4_pool: 192.168.103.0/24 # For the p2p interfaces to chopped up into /31s
evpn_route_servers: [dc1-ss1, dc1-ss2]
nodes:
- name: dc1-spine1
id: 11
mgmt_ip: 172.16.1.11/24
uplink_switch_interfaces: [Ethernet1, Ethernet1]
- name: dc1-spine2
id: 12
mgmt_ip: 172.16.1.12/24
uplink_switch_interfaces: [Ethernet2, Ethernet2]
# Leaf switches. Most leafs will be l3leaf, not l2leaf.
l3leaf:
defaults:
bgp_as: 65100-65199 # Gives a range which will be auto-assigned
platform: cEOSLab
loopback_ipv4_pool: 192.168.101.0/24 # This is loopback0 (underlay)
vtep_loopback_ipv4_pool: 192.168.102.0/24 # This is loopback1 (VTEP)
uplink_switches: [dc1-spine1, dc1-spine2] # Where the leaf uplinks go
uplink_ipv4_pool: 192.168.103.0/24 # For the p2p interfaces, /31s
mlag_peer_ipv4_pool: 10.255.252.0/24 # MLAG peer IPs
mlag_peer_l3_ipv4_pool: 10.255.251.0/24 # iBGP peering between MLAG peers
virtual_router_mac_address: 00:1c:73:00:00:99 # The vMAC for the anycast gateways
spanning_tree_mode: mstp # Spanning Tree is still enabled even in EVPN setups
spanning_tree_priority: 16384
node_groups:
- group: dc1-leaf1
nodes:
- name: dc1-leaf1a
id: 1
mgmt_ip: 172.16.1.21/24
uplink_switch_interfaces: [Ethernet3, Ethernet3]
- name: dc1-leaf1b
id: 2
mgmt_ip: 172.16.1.22/24
uplink_switch_interfaces: [Ethernet4, Ethernet4]
Please note the similarities between POD1 and POD2.
POD2/pod2.yml
---
# Spine Switches
spine:
defaults:
platform: cEOSLab
bgp_as: 65002
loopback_ipv4_pool: 192.168.101.0/24
uplink_switches: [dc1-ss1, dc1-ss2] # Where the spine uplinks go
uplink_ipv4_pool: 192.168.103.0/24 # For the p2p interfaces to chopped up into /31s
evpn_route_servers: [dc1-ss1, dc1-ss2]
nodes:
- name: dc1-spine3
id: 13
mgmt_ip: 172.16.1.13/24
uplink_switch_interfaces: [Ethernet3, Ethernet3]
- name: dc1-spine4
id: 14
mgmt_ip: 172.16.1.14/24
uplink_switch_interfaces: [Ethernet4, Ethernet4]
# Leaf switches. Most leafs will be l3leaf, not l2leaf.
l3leaf:
defaults:
bgp_as: 65100-65199 # Gives a range which will be auto-assigned
platform: cEOSLab
loopback_ipv4_pool: 192.168.101.0/24 # This is loopback0 (underlay)
vtep_loopback_ipv4_pool: 192.168.102.0/24 # This is loopback1 (VTEP)
uplink_switches: [dc1-spine3, dc1-spine4] # Where the leaf uplinks go
uplink_ipv4_pool: 192.168.103.0/24 # For the p2p interfaces to chopped up into /31s
mlag_peer_ipv4_pool: 10.255.252.0/24 # MLAG peer IPs
mlag_peer_l3_ipv4_pool: 10.255.251.0/24 # iBGP peering between MLAG peers
virtual_router_mac_address: 00:1c:73:00:00:99 # The vMAC for the anycast gateways
spanning_tree_mode: mstp # Spanning Tree is still enabled even in EVPN setups
spanning_tree_priority: 16384
node_groups:
- group: dc1-leaf2
nodes:
- name: dc1-leaf2a
id: 3
mgmt_ip: 172.16.1.23/24
uplink_switch_interfaces: [Ethernet3, Ethernet3]
- name: dc1-leaf2b
id: 4
mgmt_ip: 172.16.1.24/24
uplink_switch_interfaces: [Ethernet4, Ethernet4]
Endpoint connectivity¶
The final group variables file provides an example of connecting two servers across a leaf pair.
CONNECTED_ENDPOINTS/endpoints.yml
---
servers:
- name: host1
adapters:
- switch_ports: [Ethernet5, Ethernet5]
switches: [dc1-leaf1a, dc1-leaf1b]
vlans: 10
mode: access
spanning_tree_portfast: edge
port_channel:
mode: active
- name: host2
adapters:
- switch_ports: [Ethernet5, Ethernet5]
switches: [dc1-leaf2a, dc1-leaf2b]
vlans: 20
mode: access
spanning_tree_portfast: edge
port_channel:
mode: active
The playbooks¶
The build.yml playbook imports two roles from the AVD collection; eos_designs and eos_cli_config_gen. These roles will produce any relevant documentation and configuration for our fabric deployment.
---
- name: Build Configurations and Documentation
hosts: FABRIC
gather_facts: false
tasks:
- name: Generate AVD Structured Configurations and Fabric Documentation
ansible.builtin.import_role:
name: arista.avd.eos_designs
- name: Generate Device Configurations and Documentation
ansible.builtin.import_role:
name: arista.avd.eos_cli_config_gen
The deploy.yml file leverages the artifacts from the build playbook to provision our fabric but connects directly to our EOS nodes.
Playbook Run¶
To build the configuration files, run the playbook called build.yml.
EOS Intended Configurations¶
Your configuration files should be similar to these.
!
no enable password
no aaa root
!
username admin privilege 15 role network-admin nopassword
username arista privilege 15 role network-admin secret sha512 $6$Enl0WfE32FthwyiJ$yTyGaEJ2uPKLU.F7314YtB7J1jrzrMi7ogXIRTEHQfLdLgKWWmr1UvNlZLN6AyuxET7G5aH3AI9OYRzxVTkB1.
!
vlan internal order ascending range 1006 1199
!
transceiver qsfp default-mode 4x10G
!
service routing protocols model multi-agent
!
hostname dc1-ss1
ip domain lookup vrf MGMT source-interface Management1
ip name-server vrf MGMT 192.168.1.1
!
spanning-tree mode none
!
vrf instance MGMT
!
management api http-commands
protocol https
no shutdown
!
vrf MGMT
no shutdown
!
interface Ethernet1
description P2P_dc1-spine1_Ethernet1
no shutdown
mtu 9214
no switchport
ip address 192.168.103.40/31
!
interface Ethernet2
description P2P_dc1-spine2_Ethernet1
no shutdown
mtu 9214
no switchport
ip address 192.168.103.44/31
!
interface Ethernet3
description P2P_dc1-spine3_Ethernet1
no shutdown
mtu 9214
no switchport
ip address 192.168.103.48/31
!
interface Ethernet4
description P2P_dc1-spine4_Ethernet1
no shutdown
mtu 9214
no switchport
ip address 192.168.103.52/31
!
interface Loopback0
description ROUTER_ID
no shutdown
ip address 192.168.101.201/32
!
interface Management1
description OOB_MANAGEMENT
no shutdown
vrf MGMT
ip address 172.16.1.25/24
!
ip routing
no ip routing vrf MGMT
!
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.101.0/24 eq 32
!
ip route vrf MGMT 0.0.0.0/0 172.16.1.1
!
ntp local-interface vrf MGMT Management1
ntp server vrf MGMT 0.pool.ntp.org prefer
!
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
router bfd
multihop interval 1200 min-rx 1200 multiplier 3
!
router bgp 65000
router-id 192.168.101.201
no bgp default ipv4-unicast
maximum-paths 4
neighbor EVPN-OVERLAY-PEERS peer group
neighbor EVPN-OVERLAY-PEERS next-hop-unchanged
neighbor EVPN-OVERLAY-PEERS update-source Loopback0
neighbor EVPN-OVERLAY-PEERS bfd
neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3
neighbor EVPN-OVERLAY-PEERS send-community
neighbor EVPN-OVERLAY-PEERS maximum-routes 0
neighbor IPv4-UNDERLAY-PEERS peer group
neighbor IPv4-UNDERLAY-PEERS send-community
neighbor IPv4-UNDERLAY-PEERS maximum-routes 256000
neighbor 192.168.101.11 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.11 remote-as 65001
neighbor 192.168.101.11 description dc1-spine1_Loopback0
neighbor 192.168.101.12 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.12 remote-as 65001
neighbor 192.168.101.12 description dc1-spine2_Loopback0
neighbor 192.168.101.13 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.13 remote-as 65002
neighbor 192.168.101.13 description dc1-spine3_Loopback0
neighbor 192.168.101.14 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.14 remote-as 65002
neighbor 192.168.101.14 description dc1-spine4_Loopback0
neighbor 192.168.103.41 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.41 remote-as 65001
neighbor 192.168.103.41 description dc1-spine1_Ethernet1
neighbor 192.168.103.45 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.45 remote-as 65001
neighbor 192.168.103.45 description dc1-spine2_Ethernet1
neighbor 192.168.103.49 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.49 remote-as 65002
neighbor 192.168.103.49 description dc1-spine3_Ethernet1
neighbor 192.168.103.53 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.53 remote-as 65002
neighbor 192.168.103.53 description dc1-spine4_Ethernet1
redistribute connected route-map RM-CONN-2-BGP
!
address-family evpn
neighbor EVPN-OVERLAY-PEERS activate
!
address-family ipv4
no neighbor EVPN-OVERLAY-PEERS activate
neighbor IPv4-UNDERLAY-PEERS activate
!
end
!
no enable password
no aaa root
!
username admin privilege 15 role network-admin nopassword
username arista privilege 15 role network-admin secret sha512 $6$Enl0WfE32FthwyiJ$yTyGaEJ2uPKLU.F7314YtB7J1jrzrMi7ogXIRTEHQfLdLgKWWmr1UvNlZLN6AyuxET7G5aH3AI9OYRzxVTkB1.
!
vlan internal order ascending range 1006 1199
!
transceiver qsfp default-mode 4x10G
!
service routing protocols model multi-agent
!
hostname dc1-ss2
ip domain lookup vrf MGMT source-interface Management1
ip name-server vrf MGMT 192.168.1.1
!
spanning-tree mode none
!
vrf instance MGMT
!
management api http-commands
protocol https
no shutdown
!
vrf MGMT
no shutdown
!
interface Ethernet1
description P2P_dc1-spine1_Ethernet2
no shutdown
mtu 9214
no switchport
ip address 192.168.103.42/31
!
interface Ethernet2
description P2P_dc1-spine2_Ethernet2
no shutdown
mtu 9214
no switchport
ip address 192.168.103.46/31
!
interface Ethernet3
description P2P_dc1-spine3_Ethernet2
no shutdown
mtu 9214
no switchport
ip address 192.168.103.50/31
!
interface Ethernet4
description P2P_dc1-spine4_Ethernet2
no shutdown
mtu 9214
no switchport
ip address 192.168.103.54/31
!
interface Loopback0
description ROUTER_ID
no shutdown
ip address 192.168.101.202/32
!
interface Management1
description OOB_MANAGEMENT
no shutdown
vrf MGMT
ip address 172.16.1.26/24
!
ip routing
no ip routing vrf MGMT
!
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.101.0/24 eq 32
!
ip route vrf MGMT 0.0.0.0/0 172.16.1.1
!
ntp local-interface vrf MGMT Management1
ntp server vrf MGMT 0.pool.ntp.org prefer
!
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
router bfd
multihop interval 1200 min-rx 1200 multiplier 3
!
router bgp 65000
router-id 192.168.101.202
no bgp default ipv4-unicast
maximum-paths 4
neighbor EVPN-OVERLAY-PEERS peer group
neighbor EVPN-OVERLAY-PEERS next-hop-unchanged
neighbor EVPN-OVERLAY-PEERS update-source Loopback0
neighbor EVPN-OVERLAY-PEERS bfd
neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3
neighbor EVPN-OVERLAY-PEERS send-community
neighbor EVPN-OVERLAY-PEERS maximum-routes 0
neighbor IPv4-UNDERLAY-PEERS peer group
neighbor IPv4-UNDERLAY-PEERS send-community
neighbor IPv4-UNDERLAY-PEERS maximum-routes 256000
neighbor 192.168.101.11 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.11 remote-as 65001
neighbor 192.168.101.11 description dc1-spine1_Loopback0
neighbor 192.168.101.12 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.12 remote-as 65001
neighbor 192.168.101.12 description dc1-spine2_Loopback0
neighbor 192.168.101.13 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.13 remote-as 65002
neighbor 192.168.101.13 description dc1-spine3_Loopback0
neighbor 192.168.101.14 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.14 remote-as 65002
neighbor 192.168.101.14 description dc1-spine4_Loopback0
neighbor 192.168.103.43 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.43 remote-as 65001
neighbor 192.168.103.43 description dc1-spine1_Ethernet2
neighbor 192.168.103.47 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.47 remote-as 65001
neighbor 192.168.103.47 description dc1-spine2_Ethernet2
neighbor 192.168.103.51 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.51 remote-as 65002
neighbor 192.168.103.51 description dc1-spine3_Ethernet2
neighbor 192.168.103.55 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.55 remote-as 65002
neighbor 192.168.103.55 description dc1-spine4_Ethernet2
redistribute connected route-map RM-CONN-2-BGP
!
address-family evpn
neighbor EVPN-OVERLAY-PEERS activate
!
address-family ipv4
no neighbor EVPN-OVERLAY-PEERS activate
neighbor IPv4-UNDERLAY-PEERS activate
!
end
!
no enable password
no aaa root
!
username admin privilege 15 role network-admin nopassword
username arista privilege 15 role network-admin secret sha512 $6$Enl0WfE32FthwyiJ$yTyGaEJ2uPKLU.F7314YtB7J1jrzrMi7ogXIRTEHQfLdLgKWWmr1UvNlZLN6AyuxET7G5aH3AI9OYRzxVTkB1.
!
vlan internal order ascending range 1006 1199
!
transceiver qsfp default-mode 4x10G
!
service routing protocols model multi-agent
!
hostname dc1-spine1
ip domain lookup vrf MGMT source-interface Management1
ip name-server vrf MGMT 192.168.1.1
!
spanning-tree mode none
!
vrf instance MGMT
!
management api http-commands
protocol https
no shutdown
!
vrf MGMT
no shutdown
!
interface Ethernet1
description P2P_dc1-ss1_Ethernet1
no shutdown
mtu 9214
no switchport
ip address 192.168.103.41/31
!
interface Ethernet2
description P2P_dc1-ss2_Ethernet1
no shutdown
mtu 9214
no switchport
ip address 192.168.103.43/31
!
interface Ethernet3
description P2P_dc1-leaf1a_Ethernet1
no shutdown
mtu 9214
no switchport
ip address 192.168.103.0/31
!
interface Ethernet4
description P2P_dc1-leaf1b_Ethernet1
no shutdown
mtu 9214
no switchport
ip address 192.168.103.4/31
!
interface Loopback0
description ROUTER_ID
no shutdown
ip address 192.168.101.11/32
!
interface Management1
description OOB_MANAGEMENT
no shutdown
vrf MGMT
ip address 172.16.1.11/24
!
ip routing
no ip routing vrf MGMT
!
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.101.0/24 eq 32
!
ip route vrf MGMT 0.0.0.0/0 172.16.1.1
!
ntp local-interface vrf MGMT Management1
ntp server vrf MGMT 0.pool.ntp.org prefer
!
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
router bfd
multihop interval 1200 min-rx 1200 multiplier 3
!
router bgp 65001
router-id 192.168.101.11
no bgp default ipv4-unicast
maximum-paths 4
neighbor EVPN-OVERLAY-PEERS peer group
neighbor EVPN-OVERLAY-PEERS next-hop-unchanged
neighbor EVPN-OVERLAY-PEERS update-source Loopback0
neighbor EVPN-OVERLAY-PEERS bfd
neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3
neighbor EVPN-OVERLAY-PEERS send-community
neighbor EVPN-OVERLAY-PEERS maximum-routes 0
neighbor IPv4-UNDERLAY-PEERS peer group
neighbor IPv4-UNDERLAY-PEERS send-community
neighbor IPv4-UNDERLAY-PEERS maximum-routes 256000
neighbor 192.168.101.1 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.1 remote-as 65100
neighbor 192.168.101.1 description dc1-leaf1a_Loopback0
neighbor 192.168.101.2 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.2 remote-as 65100
neighbor 192.168.101.2 description dc1-leaf1b_Loopback0
neighbor 192.168.101.201 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.201 remote-as 65000
neighbor 192.168.101.201 description dc1-ss1_Loopback0
neighbor 192.168.101.202 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.202 remote-as 65000
neighbor 192.168.101.202 description dc1-ss2_Loopback0
neighbor 192.168.103.1 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.1 remote-as 65100
neighbor 192.168.103.1 description dc1-leaf1a_Ethernet1
neighbor 192.168.103.5 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.5 remote-as 65100
neighbor 192.168.103.5 description dc1-leaf1b_Ethernet1
neighbor 192.168.103.40 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.40 remote-as 65000
neighbor 192.168.103.40 description dc1-ss1_Ethernet1
neighbor 192.168.103.42 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.42 remote-as 65000
neighbor 192.168.103.42 description dc1-ss2_Ethernet1
redistribute connected route-map RM-CONN-2-BGP
!
address-family evpn
neighbor EVPN-OVERLAY-PEERS activate
!
address-family ipv4
no neighbor EVPN-OVERLAY-PEERS activate
neighbor IPv4-UNDERLAY-PEERS activate
!
end
!
no enable password
no aaa root
!
username admin privilege 15 role network-admin nopassword
username arista privilege 15 role network-admin secret sha512 $6$Enl0WfE32FthwyiJ$yTyGaEJ2uPKLU.F7314YtB7J1jrzrMi7ogXIRTEHQfLdLgKWWmr1UvNlZLN6AyuxET7G5aH3AI9OYRzxVTkB1.
!
vlan internal order ascending range 1006 1199
!
transceiver qsfp default-mode 4x10G
!
service routing protocols model multi-agent
!
hostname dc1-spine2
ip domain lookup vrf MGMT source-interface Management1
ip name-server vrf MGMT 192.168.1.1
!
spanning-tree mode none
!
vrf instance MGMT
!
management api http-commands
protocol https
no shutdown
!
vrf MGMT
no shutdown
!
interface Ethernet1
description P2P_dc1-ss1_Ethernet2
no shutdown
mtu 9214
no switchport
ip address 192.168.103.45/31
!
interface Ethernet2
description P2P_dc1-ss2_Ethernet2
no shutdown
mtu 9214
no switchport
ip address 192.168.103.47/31
!
interface Ethernet3
description P2P_dc1-leaf1a_Ethernet2
no shutdown
mtu 9214
no switchport
ip address 192.168.103.2/31
!
interface Ethernet4
description P2P_dc1-leaf1b_Ethernet2
no shutdown
mtu 9214
no switchport
ip address 192.168.103.6/31
!
interface Loopback0
description ROUTER_ID
no shutdown
ip address 192.168.101.12/32
!
interface Management1
description OOB_MANAGEMENT
no shutdown
vrf MGMT
ip address 172.16.1.12/24
!
ip routing
no ip routing vrf MGMT
!
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.101.0/24 eq 32
!
ip route vrf MGMT 0.0.0.0/0 172.16.1.1
!
ntp local-interface vrf MGMT Management1
ntp server vrf MGMT 0.pool.ntp.org prefer
!
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
router bfd
multihop interval 1200 min-rx 1200 multiplier 3
!
router bgp 65001
router-id 192.168.101.12
no bgp default ipv4-unicast
maximum-paths 4
neighbor EVPN-OVERLAY-PEERS peer group
neighbor EVPN-OVERLAY-PEERS next-hop-unchanged
neighbor EVPN-OVERLAY-PEERS update-source Loopback0
neighbor EVPN-OVERLAY-PEERS bfd
neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3
neighbor EVPN-OVERLAY-PEERS send-community
neighbor EVPN-OVERLAY-PEERS maximum-routes 0
neighbor IPv4-UNDERLAY-PEERS peer group
neighbor IPv4-UNDERLAY-PEERS send-community
neighbor IPv4-UNDERLAY-PEERS maximum-routes 256000
neighbor 192.168.101.1 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.1 remote-as 65100
neighbor 192.168.101.1 description dc1-leaf1a_Loopback0
neighbor 192.168.101.2 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.2 remote-as 65100
neighbor 192.168.101.2 description dc1-leaf1b_Loopback0
neighbor 192.168.101.201 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.201 remote-as 65000
neighbor 192.168.101.201 description dc1-ss1_Loopback0
neighbor 192.168.101.202 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.202 remote-as 65000
neighbor 192.168.101.202 description dc1-ss2_Loopback0
neighbor 192.168.103.3 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.3 remote-as 65100
neighbor 192.168.103.3 description dc1-leaf1a_Ethernet2
neighbor 192.168.103.7 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.7 remote-as 65100
neighbor 192.168.103.7 description dc1-leaf1b_Ethernet2
neighbor 192.168.103.44 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.44 remote-as 65000
neighbor 192.168.103.44 description dc1-ss1_Ethernet2
neighbor 192.168.103.46 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.46 remote-as 65000
neighbor 192.168.103.46 description dc1-ss2_Ethernet2
redistribute connected route-map RM-CONN-2-BGP
!
address-family evpn
neighbor EVPN-OVERLAY-PEERS activate
!
address-family ipv4
no neighbor EVPN-OVERLAY-PEERS activate
neighbor IPv4-UNDERLAY-PEERS activate
!
end
!
no enable password
no aaa root
!
username admin privilege 15 role network-admin nopassword
username arista privilege 15 role network-admin secret sha512 $6$Enl0WfE32FthwyiJ$yTyGaEJ2uPKLU.F7314YtB7J1jrzrMi7ogXIRTEHQfLdLgKWWmr1UvNlZLN6AyuxET7G5aH3AI9OYRzxVTkB1.
!
vlan internal order ascending range 1006 1199
!
transceiver qsfp default-mode 4x10G
!
service routing protocols model multi-agent
!
hostname dc1-spine3
ip domain lookup vrf MGMT source-interface Management1
ip name-server vrf MGMT 192.168.1.1
!
spanning-tree mode none
!
vrf instance MGMT
!
management api http-commands
protocol https
no shutdown
!
vrf MGMT
no shutdown
!
interface Ethernet1
description P2P_dc1-ss1_Ethernet3
no shutdown
mtu 9214
no switchport
ip address 192.168.103.49/31
!
interface Ethernet2
description P2P_dc1-ss2_Ethernet3
no shutdown
mtu 9214
no switchport
ip address 192.168.103.51/31
!
interface Ethernet3
description P2P_dc1-leaf2a_Ethernet1
no shutdown
mtu 9214
no switchport
ip address 192.168.103.8/31
!
interface Ethernet4
description P2P_dc1-leaf2b_Ethernet1
no shutdown
mtu 9214
no switchport
ip address 192.168.103.12/31
!
interface Loopback0
description ROUTER_ID
no shutdown
ip address 192.168.101.13/32
!
interface Management1
description OOB_MANAGEMENT
no shutdown
vrf MGMT
ip address 172.16.1.13/24
!
ip routing
no ip routing vrf MGMT
!
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.101.0/24 eq 32
!
ip route vrf MGMT 0.0.0.0/0 172.16.1.1
!
ntp local-interface vrf MGMT Management1
ntp server vrf MGMT 0.pool.ntp.org prefer
!
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
router bfd
multihop interval 1200 min-rx 1200 multiplier 3
!
router bgp 65002
router-id 192.168.101.13
no bgp default ipv4-unicast
maximum-paths 4
neighbor EVPN-OVERLAY-PEERS peer group
neighbor EVPN-OVERLAY-PEERS next-hop-unchanged
neighbor EVPN-OVERLAY-PEERS update-source Loopback0
neighbor EVPN-OVERLAY-PEERS bfd
neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3
neighbor EVPN-OVERLAY-PEERS send-community
neighbor EVPN-OVERLAY-PEERS maximum-routes 0
neighbor IPv4-UNDERLAY-PEERS peer group
neighbor IPv4-UNDERLAY-PEERS send-community
neighbor IPv4-UNDERLAY-PEERS maximum-routes 256000
neighbor 192.168.101.3 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.3 remote-as 65102
neighbor 192.168.101.3 description dc1-leaf2a_Loopback0
neighbor 192.168.101.4 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.4 remote-as 65102
neighbor 192.168.101.4 description dc1-leaf2b_Loopback0
neighbor 192.168.101.201 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.201 remote-as 65000
neighbor 192.168.101.201 description dc1-ss1_Loopback0
neighbor 192.168.101.202 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.202 remote-as 65000
neighbor 192.168.101.202 description dc1-ss2_Loopback0
neighbor 192.168.103.9 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.9 remote-as 65102
neighbor 192.168.103.9 description dc1-leaf2a_Ethernet1
neighbor 192.168.103.13 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.13 remote-as 65102
neighbor 192.168.103.13 description dc1-leaf2b_Ethernet1
neighbor 192.168.103.48 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.48 remote-as 65000
neighbor 192.168.103.48 description dc1-ss1_Ethernet3
neighbor 192.168.103.50 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.50 remote-as 65000
neighbor 192.168.103.50 description dc1-ss2_Ethernet3
redistribute connected route-map RM-CONN-2-BGP
!
address-family evpn
neighbor EVPN-OVERLAY-PEERS activate
!
address-family ipv4
no neighbor EVPN-OVERLAY-PEERS activate
neighbor IPv4-UNDERLAY-PEERS activate
!
end
!
no enable password
no aaa root
!
username admin privilege 15 role network-admin nopassword
username arista privilege 15 role network-admin secret sha512 $6$Enl0WfE32FthwyiJ$yTyGaEJ2uPKLU.F7314YtB7J1jrzrMi7ogXIRTEHQfLdLgKWWmr1UvNlZLN6AyuxET7G5aH3AI9OYRzxVTkB1.
!
vlan internal order ascending range 1006 1199
!
transceiver qsfp default-mode 4x10G
!
service routing protocols model multi-agent
!
hostname dc1-spine4
ip domain lookup vrf MGMT source-interface Management1
ip name-server vrf MGMT 192.168.1.1
!
spanning-tree mode none
!
vrf instance MGMT
!
management api http-commands
protocol https
no shutdown
!
vrf MGMT
no shutdown
!
interface Ethernet1
description P2P_dc1-ss1_Ethernet4
no shutdown
mtu 9214
no switchport
ip address 192.168.103.53/31
!
interface Ethernet2
description P2P_dc1-ss2_Ethernet4
no shutdown
mtu 9214
no switchport
ip address 192.168.103.55/31
!
interface Ethernet3
description P2P_dc1-leaf2a_Ethernet2
no shutdown
mtu 9214
no switchport
ip address 192.168.103.10/31
!
interface Ethernet4
description P2P_dc1-leaf2b_Ethernet2
no shutdown
mtu 9214
no switchport
ip address 192.168.103.14/31
!
interface Loopback0
description ROUTER_ID
no shutdown
ip address 192.168.101.14/32
!
interface Management1
description OOB_MANAGEMENT
no shutdown
vrf MGMT
ip address 172.16.1.14/24
!
ip routing
no ip routing vrf MGMT
!
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.101.0/24 eq 32
!
ip route vrf MGMT 0.0.0.0/0 172.16.1.1
!
ntp local-interface vrf MGMT Management1
ntp server vrf MGMT 0.pool.ntp.org prefer
!
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
router bfd
multihop interval 1200 min-rx 1200 multiplier 3
!
router bgp 65002
router-id 192.168.101.14
no bgp default ipv4-unicast
maximum-paths 4
neighbor EVPN-OVERLAY-PEERS peer group
neighbor EVPN-OVERLAY-PEERS next-hop-unchanged
neighbor EVPN-OVERLAY-PEERS update-source Loopback0
neighbor EVPN-OVERLAY-PEERS bfd
neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3
neighbor EVPN-OVERLAY-PEERS send-community
neighbor EVPN-OVERLAY-PEERS maximum-routes 0
neighbor IPv4-UNDERLAY-PEERS peer group
neighbor IPv4-UNDERLAY-PEERS send-community
neighbor IPv4-UNDERLAY-PEERS maximum-routes 256000
neighbor 192.168.101.3 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.3 remote-as 65102
neighbor 192.168.101.3 description dc1-leaf2a_Loopback0
neighbor 192.168.101.4 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.4 remote-as 65102
neighbor 192.168.101.4 description dc1-leaf2b_Loopback0
neighbor 192.168.101.201 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.201 remote-as 65000
neighbor 192.168.101.201 description dc1-ss1_Loopback0
neighbor 192.168.101.202 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.202 remote-as 65000
neighbor 192.168.101.202 description dc1-ss2_Loopback0
neighbor 192.168.103.11 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.11 remote-as 65102
neighbor 192.168.103.11 description dc1-leaf2a_Ethernet2
neighbor 192.168.103.15 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.15 remote-as 65102
neighbor 192.168.103.15 description dc1-leaf2b_Ethernet2
neighbor 192.168.103.52 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.52 remote-as 65000
neighbor 192.168.103.52 description dc1-ss1_Ethernet4
neighbor 192.168.103.54 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.54 remote-as 65000
neighbor 192.168.103.54 description dc1-ss2_Ethernet4
redistribute connected route-map RM-CONN-2-BGP
!
address-family evpn
neighbor EVPN-OVERLAY-PEERS activate
!
address-family ipv4
no neighbor EVPN-OVERLAY-PEERS activate
neighbor IPv4-UNDERLAY-PEERS activate
!
end
!
no enable password
no aaa root
!
username admin privilege 15 role network-admin nopassword
username arista privilege 15 role network-admin secret sha512 $6$Enl0WfE32FthwyiJ$yTyGaEJ2uPKLU.F7314YtB7J1jrzrMi7ogXIRTEHQfLdLgKWWmr1UvNlZLN6AyuxET7G5aH3AI9OYRzxVTkB1.
!
vlan internal order ascending range 1006 1199
!
transceiver qsfp default-mode 4x10G
!
service routing protocols model multi-agent
!
hostname dc1-leaf1a
ip domain lookup vrf MGMT source-interface Management1
ip name-server vrf MGMT 192.168.1.1
!
spanning-tree mode mstp
no spanning-tree vlan-id 4093-4094
spanning-tree mst 0 priority 16384
!
vlan 10
name DMZ
!
vlan 20
name Internal
!
vlan 3009
name MLAG_L3_VRF_VRF_A
trunk group MLAG
!
vlan 4093
name MLAG_L3
trunk group MLAG
!
vlan 4094
name MLAG
trunk group MLAG
!
vrf instance MGMT
!
vrf instance VRF_A
!
management api http-commands
protocol https
no shutdown
!
vrf MGMT
no shutdown
!
interface Port-Channel3
description MLAG_dc1-leaf1b_Port-Channel3
no shutdown
switchport mode trunk
switchport trunk group MLAG
switchport
!
interface Port-Channel5
description SERVER_host1
no shutdown
switchport access vlan 10
switchport mode access
switchport
mlag 5
spanning-tree portfast
!
interface Ethernet1
description P2P_dc1-spine1_Ethernet3
no shutdown
mtu 9214
no switchport
ip address 192.168.103.1/31
!
interface Ethernet2
description P2P_dc1-spine2_Ethernet3
no shutdown
mtu 9214
no switchport
ip address 192.168.103.3/31
!
interface Ethernet3
description MLAG_dc1-leaf1b_Ethernet3
no shutdown
channel-group 3 mode active
!
interface Ethernet4
description MLAG_dc1-leaf1b_Ethernet4
no shutdown
channel-group 3 mode active
!
interface Ethernet5
description SERVER_host1
no shutdown
channel-group 5 mode active
!
interface Loopback0
description ROUTER_ID
no shutdown
ip address 192.168.101.1/32
!
interface Loopback1
description VXLAN_TUNNEL_SOURCE
no shutdown
ip address 192.168.102.1/32
!
interface Management1
description OOB_MANAGEMENT
no shutdown
vrf MGMT
ip address 172.16.1.21/24
!
interface Vlan10
description DMZ
no shutdown
vrf VRF_A
ip address virtual 10.1.10.1/24
!
interface Vlan20
description Internal
no shutdown
vrf VRF_A
ip address virtual 10.1.20.1/24
!
interface Vlan3009
description MLAG_L3_VRF_VRF_A
no shutdown
mtu 9214
vrf VRF_A
ip address 10.255.251.0/31
!
interface Vlan4093
description MLAG_L3
no shutdown
mtu 9214
ip address 10.255.251.0/31
!
interface Vlan4094
description MLAG
no shutdown
mtu 9214
no autostate
ip address 10.255.252.0/31
!
interface Vxlan1
description dc1-leaf1a_VTEP
vxlan source-interface Loopback1
vxlan virtual-router encapsulation mac-address mlag-system-id
vxlan udp-port 4789
vxlan vlan 10 vni 10010
vxlan vlan 20 vni 10020
vxlan vrf VRF_A vni 10
!
ip virtual-router mac-address 00:1c:73:00:00:99
!
ip routing
no ip routing vrf MGMT
ip routing vrf VRF_A
!
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.101.0/24 eq 32
seq 20 permit 192.168.102.0/24 eq 32
!
ip prefix-list PL-MLAG-PEER-VRFS
seq 10 permit 10.255.251.0/31
!
mlag configuration
domain-id dc1-leaf1
local-interface Vlan4094
peer-address 10.255.252.1
peer-link Port-Channel3
reload-delay mlag 300
reload-delay non-mlag 330
!
ip route vrf MGMT 0.0.0.0/0 172.16.1.1
!
ntp local-interface vrf MGMT Management1
ntp server vrf MGMT 0.pool.ntp.org prefer
!
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
route-map RM-CONN-2-BGP-VRFS deny 10
match ip address prefix-list PL-MLAG-PEER-VRFS
!
route-map RM-CONN-2-BGP-VRFS permit 20
!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
!
router bfd
multihop interval 1200 min-rx 1200 multiplier 3
!
router bgp 65100
router-id 192.168.101.1
no bgp default ipv4-unicast
maximum-paths 4
neighbor EVPN-OVERLAY-PEERS peer group
neighbor EVPN-OVERLAY-PEERS update-source Loopback0
neighbor EVPN-OVERLAY-PEERS bfd
neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3
neighbor EVPN-OVERLAY-PEERS send-community
neighbor EVPN-OVERLAY-PEERS maximum-routes 0
neighbor IPv4-UNDERLAY-PEERS peer group
neighbor IPv4-UNDERLAY-PEERS send-community
neighbor IPv4-UNDERLAY-PEERS maximum-routes 256000
neighbor MLAG-IPv4-UNDERLAY-PEER peer group
neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65100
neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self
neighbor MLAG-IPv4-UNDERLAY-PEER description dc1-leaf1b
neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in
neighbor MLAG-IPv4-UNDERLAY-PEER send-community
neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 256000
neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.1 description dc1-leaf1b_Vlan4093
neighbor 192.168.101.11 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.11 remote-as 65001
neighbor 192.168.101.11 description dc1-spine1_Loopback0
neighbor 192.168.101.12 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.12 remote-as 65001
neighbor 192.168.101.12 description dc1-spine2_Loopback0
neighbor 192.168.103.0 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.0 remote-as 65001
neighbor 192.168.103.0 description dc1-spine1_Ethernet3
neighbor 192.168.103.2 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.2 remote-as 65001
neighbor 192.168.103.2 description dc1-spine2_Ethernet3
redistribute connected route-map RM-CONN-2-BGP
!
vlan-aware-bundle VRF_A
rd 192.168.101.1:10
route-target both 10:10
redistribute learned
vlan 10,20
!
address-family evpn
neighbor EVPN-OVERLAY-PEERS activate
!
address-family ipv4
no neighbor EVPN-OVERLAY-PEERS activate
neighbor IPv4-UNDERLAY-PEERS activate
neighbor MLAG-IPv4-UNDERLAY-PEER activate
!
vrf VRF_A
rd 192.168.101.1:10
route-target import evpn 10:10
route-target export evpn 10:10
router-id 192.168.101.1
neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.1 description dc1-leaf1b_Vlan3009
redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
!
no enable password
no aaa root
!
username admin privilege 15 role network-admin nopassword
username arista privilege 15 role network-admin secret sha512 $6$Enl0WfE32FthwyiJ$yTyGaEJ2uPKLU.F7314YtB7J1jrzrMi7ogXIRTEHQfLdLgKWWmr1UvNlZLN6AyuxET7G5aH3AI9OYRzxVTkB1.
!
vlan internal order ascending range 1006 1199
!
transceiver qsfp default-mode 4x10G
!
service routing protocols model multi-agent
!
hostname dc1-leaf1b
ip domain lookup vrf MGMT source-interface Management1
ip name-server vrf MGMT 192.168.1.1
!
spanning-tree mode mstp
no spanning-tree vlan-id 4093-4094
spanning-tree mst 0 priority 16384
!
vlan 10
name DMZ
!
vlan 20
name Internal
!
vlan 3009
name MLAG_L3_VRF_VRF_A
trunk group MLAG
!
vlan 4093
name MLAG_L3
trunk group MLAG
!
vlan 4094
name MLAG
trunk group MLAG
!
vrf instance MGMT
!
vrf instance VRF_A
!
management api http-commands
protocol https
no shutdown
!
vrf MGMT
no shutdown
!
interface Port-Channel3
description MLAG_dc1-leaf1a_Port-Channel3
no shutdown
switchport mode trunk
switchport trunk group MLAG
switchport
!
interface Port-Channel5
description SERVER_host1
no shutdown
switchport access vlan 10
switchport mode access
switchport
mlag 5
spanning-tree portfast
!
interface Ethernet1
description P2P_dc1-spine1_Ethernet4
no shutdown
mtu 9214
no switchport
ip address 192.168.103.5/31
!
interface Ethernet2
description P2P_dc1-spine2_Ethernet4
no shutdown
mtu 9214
no switchport
ip address 192.168.103.7/31
!
interface Ethernet3
description MLAG_dc1-leaf1a_Ethernet3
no shutdown
channel-group 3 mode active
!
interface Ethernet4
description MLAG_dc1-leaf1a_Ethernet4
no shutdown
channel-group 3 mode active
!
interface Ethernet5
description SERVER_host1
no shutdown
channel-group 5 mode active
!
interface Loopback0
description ROUTER_ID
no shutdown
ip address 192.168.101.2/32
!
interface Loopback1
description VXLAN_TUNNEL_SOURCE
no shutdown
ip address 192.168.102.1/32
!
interface Management1
description OOB_MANAGEMENT
no shutdown
vrf MGMT
ip address 172.16.1.22/24
!
interface Vlan10
description DMZ
no shutdown
vrf VRF_A
ip address virtual 10.1.10.1/24
!
interface Vlan20
description Internal
no shutdown
vrf VRF_A
ip address virtual 10.1.20.1/24
!
interface Vlan3009
description MLAG_L3_VRF_VRF_A
no shutdown
mtu 9214
vrf VRF_A
ip address 10.255.251.1/31
!
interface Vlan4093
description MLAG_L3
no shutdown
mtu 9214
ip address 10.255.251.1/31
!
interface Vlan4094
description MLAG
no shutdown
mtu 9214
no autostate
ip address 10.255.252.1/31
!
interface Vxlan1
description dc1-leaf1b_VTEP
vxlan source-interface Loopback1
vxlan virtual-router encapsulation mac-address mlag-system-id
vxlan udp-port 4789
vxlan vlan 10 vni 10010
vxlan vlan 20 vni 10020
vxlan vrf VRF_A vni 10
!
ip virtual-router mac-address 00:1c:73:00:00:99
!
ip routing
no ip routing vrf MGMT
ip routing vrf VRF_A
!
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.101.0/24 eq 32
seq 20 permit 192.168.102.0/24 eq 32
!
ip prefix-list PL-MLAG-PEER-VRFS
seq 10 permit 10.255.251.0/31
!
mlag configuration
domain-id dc1-leaf1
local-interface Vlan4094
peer-address 10.255.252.0
peer-link Port-Channel3
reload-delay mlag 300
reload-delay non-mlag 330
!
ip route vrf MGMT 0.0.0.0/0 172.16.1.1
!
ntp local-interface vrf MGMT Management1
ntp server vrf MGMT 0.pool.ntp.org prefer
!
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
route-map RM-CONN-2-BGP-VRFS deny 10
match ip address prefix-list PL-MLAG-PEER-VRFS
!
route-map RM-CONN-2-BGP-VRFS permit 20
!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
!
router bfd
multihop interval 1200 min-rx 1200 multiplier 3
!
router bgp 65100
router-id 192.168.101.2
no bgp default ipv4-unicast
maximum-paths 4
neighbor EVPN-OVERLAY-PEERS peer group
neighbor EVPN-OVERLAY-PEERS update-source Loopback0
neighbor EVPN-OVERLAY-PEERS bfd
neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3
neighbor EVPN-OVERLAY-PEERS send-community
neighbor EVPN-OVERLAY-PEERS maximum-routes 0
neighbor IPv4-UNDERLAY-PEERS peer group
neighbor IPv4-UNDERLAY-PEERS send-community
neighbor IPv4-UNDERLAY-PEERS maximum-routes 256000
neighbor MLAG-IPv4-UNDERLAY-PEER peer group
neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65100
neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self
neighbor MLAG-IPv4-UNDERLAY-PEER description dc1-leaf1a
neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in
neighbor MLAG-IPv4-UNDERLAY-PEER send-community
neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 256000
neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.0 description dc1-leaf1a_Vlan4093
neighbor 192.168.101.11 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.11 remote-as 65001
neighbor 192.168.101.11 description dc1-spine1_Loopback0
neighbor 192.168.101.12 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.12 remote-as 65001
neighbor 192.168.101.12 description dc1-spine2_Loopback0
neighbor 192.168.103.4 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.4 remote-as 65001
neighbor 192.168.103.4 description dc1-spine1_Ethernet4
neighbor 192.168.103.6 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.6 remote-as 65001
neighbor 192.168.103.6 description dc1-spine2_Ethernet4
redistribute connected route-map RM-CONN-2-BGP
!
vlan-aware-bundle VRF_A
rd 192.168.101.2:10
route-target both 10:10
redistribute learned
vlan 10,20
!
address-family evpn
neighbor EVPN-OVERLAY-PEERS activate
!
address-family ipv4
no neighbor EVPN-OVERLAY-PEERS activate
neighbor IPv4-UNDERLAY-PEERS activate
neighbor MLAG-IPv4-UNDERLAY-PEER activate
!
vrf VRF_A
rd 192.168.101.2:10
route-target import evpn 10:10
route-target export evpn 10:10
router-id 192.168.101.2
neighbor 10.255.251.0 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.0 description dc1-leaf1a_Vlan3009
redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
!
no enable password
no aaa root
!
username admin privilege 15 role network-admin nopassword
username arista privilege 15 role network-admin secret sha512 $6$Enl0WfE32FthwyiJ$yTyGaEJ2uPKLU.F7314YtB7J1jrzrMi7ogXIRTEHQfLdLgKWWmr1UvNlZLN6AyuxET7G5aH3AI9OYRzxVTkB1.
!
vlan internal order ascending range 1006 1199
!
transceiver qsfp default-mode 4x10G
!
service routing protocols model multi-agent
!
hostname dc1-leaf2a
ip domain lookup vrf MGMT source-interface Management1
ip name-server vrf MGMT 192.168.1.1
!
spanning-tree mode mstp
no spanning-tree vlan-id 4093-4094
spanning-tree mst 0 priority 16384
!
vlan 10
name DMZ
!
vlan 20
name Internal
!
vlan 3009
name MLAG_L3_VRF_VRF_A
trunk group MLAG
!
vlan 4093
name MLAG_L3
trunk group MLAG
!
vlan 4094
name MLAG
trunk group MLAG
!
vrf instance MGMT
!
vrf instance VRF_A
!
management api http-commands
protocol https
no shutdown
!
vrf MGMT
no shutdown
!
interface Port-Channel3
description MLAG_dc1-leaf2b_Port-Channel3
no shutdown
switchport mode trunk
switchport trunk group MLAG
switchport
!
interface Port-Channel5
description SERVER_host2
no shutdown
switchport access vlan 20
switchport mode access
switchport
mlag 5
spanning-tree portfast
!
interface Ethernet1
description P2P_dc1-spine3_Ethernet3
no shutdown
mtu 9214
no switchport
ip address 192.168.103.9/31
!
interface Ethernet2
description P2P_dc1-spine4_Ethernet3
no shutdown
mtu 9214
no switchport
ip address 192.168.103.11/31
!
interface Ethernet3
description MLAG_dc1-leaf2b_Ethernet3
no shutdown
channel-group 3 mode active
!
interface Ethernet4
description MLAG_dc1-leaf2b_Ethernet4
no shutdown
channel-group 3 mode active
!
interface Ethernet5
description SERVER_host2
no shutdown
channel-group 5 mode active
!
interface Loopback0
description ROUTER_ID
no shutdown
ip address 192.168.101.3/32
!
interface Loopback1
description VXLAN_TUNNEL_SOURCE
no shutdown
ip address 192.168.102.3/32
!
interface Management1
description OOB_MANAGEMENT
no shutdown
vrf MGMT
ip address 172.16.1.23/24
!
interface Vlan10
description DMZ
no shutdown
vrf VRF_A
ip address virtual 10.1.10.1/24
!
interface Vlan20
description Internal
no shutdown
vrf VRF_A
ip address virtual 10.1.20.1/24
!
interface Vlan3009
description MLAG_L3_VRF_VRF_A
no shutdown
mtu 9214
vrf VRF_A
ip address 10.255.251.4/31
!
interface Vlan4093
description MLAG_L3
no shutdown
mtu 9214
ip address 10.255.251.4/31
!
interface Vlan4094
description MLAG
no shutdown
mtu 9214
no autostate
ip address 10.255.252.4/31
!
interface Vxlan1
description dc1-leaf2a_VTEP
vxlan source-interface Loopback1
vxlan virtual-router encapsulation mac-address mlag-system-id
vxlan udp-port 4789
vxlan vlan 10 vni 10010
vxlan vlan 20 vni 10020
vxlan vrf VRF_A vni 10
!
ip virtual-router mac-address 00:1c:73:00:00:99
!
ip routing
no ip routing vrf MGMT
ip routing vrf VRF_A
!
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.101.0/24 eq 32
seq 20 permit 192.168.102.0/24 eq 32
!
ip prefix-list PL-MLAG-PEER-VRFS
seq 10 permit 10.255.251.4/31
!
mlag configuration
domain-id dc1-leaf2
local-interface Vlan4094
peer-address 10.255.252.5
peer-link Port-Channel3
reload-delay mlag 300
reload-delay non-mlag 330
!
ip route vrf MGMT 0.0.0.0/0 172.16.1.1
!
ntp local-interface vrf MGMT Management1
ntp server vrf MGMT 0.pool.ntp.org prefer
!
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
route-map RM-CONN-2-BGP-VRFS deny 10
match ip address prefix-list PL-MLAG-PEER-VRFS
!
route-map RM-CONN-2-BGP-VRFS permit 20
!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
!
router bfd
multihop interval 1200 min-rx 1200 multiplier 3
!
router bgp 65102
router-id 192.168.101.3
no bgp default ipv4-unicast
maximum-paths 4
neighbor EVPN-OVERLAY-PEERS peer group
neighbor EVPN-OVERLAY-PEERS update-source Loopback0
neighbor EVPN-OVERLAY-PEERS bfd
neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3
neighbor EVPN-OVERLAY-PEERS send-community
neighbor EVPN-OVERLAY-PEERS maximum-routes 0
neighbor IPv4-UNDERLAY-PEERS peer group
neighbor IPv4-UNDERLAY-PEERS send-community
neighbor IPv4-UNDERLAY-PEERS maximum-routes 256000
neighbor MLAG-IPv4-UNDERLAY-PEER peer group
neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102
neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self
neighbor MLAG-IPv4-UNDERLAY-PEER description dc1-leaf2b
neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in
neighbor MLAG-IPv4-UNDERLAY-PEER send-community
neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 256000
neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.5 description dc1-leaf2b_Vlan4093
neighbor 192.168.101.13 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.13 remote-as 65002
neighbor 192.168.101.13 description dc1-spine3_Loopback0
neighbor 192.168.101.14 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.14 remote-as 65002
neighbor 192.168.101.14 description dc1-spine4_Loopback0
neighbor 192.168.103.8 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.8 remote-as 65002
neighbor 192.168.103.8 description dc1-spine3_Ethernet3
neighbor 192.168.103.10 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.10 remote-as 65002
neighbor 192.168.103.10 description dc1-spine4_Ethernet3
redistribute connected route-map RM-CONN-2-BGP
!
vlan-aware-bundle VRF_A
rd 192.168.101.3:10
route-target both 10:10
redistribute learned
vlan 10,20
!
address-family evpn
neighbor EVPN-OVERLAY-PEERS activate
!
address-family ipv4
no neighbor EVPN-OVERLAY-PEERS activate
neighbor IPv4-UNDERLAY-PEERS activate
neighbor MLAG-IPv4-UNDERLAY-PEER activate
!
vrf VRF_A
rd 192.168.101.3:10
route-target import evpn 10:10
route-target export evpn 10:10
router-id 192.168.101.3
neighbor 10.255.251.5 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.5 description dc1-leaf2b_Vlan3009
redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end
!
no enable password
no aaa root
!
username admin privilege 15 role network-admin nopassword
username arista privilege 15 role network-admin secret sha512 $6$Enl0WfE32FthwyiJ$yTyGaEJ2uPKLU.F7314YtB7J1jrzrMi7ogXIRTEHQfLdLgKWWmr1UvNlZLN6AyuxET7G5aH3AI9OYRzxVTkB1.
!
vlan internal order ascending range 1006 1199
!
transceiver qsfp default-mode 4x10G
!
service routing protocols model multi-agent
!
hostname dc1-leaf2b
ip domain lookup vrf MGMT source-interface Management1
ip name-server vrf MGMT 192.168.1.1
!
spanning-tree mode mstp
no spanning-tree vlan-id 4093-4094
spanning-tree mst 0 priority 16384
!
vlan 10
name DMZ
!
vlan 20
name Internal
!
vlan 3009
name MLAG_L3_VRF_VRF_A
trunk group MLAG
!
vlan 4093
name MLAG_L3
trunk group MLAG
!
vlan 4094
name MLAG
trunk group MLAG
!
vrf instance MGMT
!
vrf instance VRF_A
!
management api http-commands
protocol https
no shutdown
!
vrf MGMT
no shutdown
!
interface Port-Channel3
description MLAG_dc1-leaf2a_Port-Channel3
no shutdown
switchport mode trunk
switchport trunk group MLAG
switchport
!
interface Port-Channel5
description SERVER_host2
no shutdown
switchport access vlan 20
switchport mode access
switchport
mlag 5
spanning-tree portfast
!
interface Ethernet1
description P2P_dc1-spine3_Ethernet4
no shutdown
mtu 9214
no switchport
ip address 192.168.103.13/31
!
interface Ethernet2
description P2P_dc1-spine4_Ethernet4
no shutdown
mtu 9214
no switchport
ip address 192.168.103.15/31
!
interface Ethernet3
description MLAG_dc1-leaf2a_Ethernet3
no shutdown
channel-group 3 mode active
!
interface Ethernet4
description MLAG_dc1-leaf2a_Ethernet4
no shutdown
channel-group 3 mode active
!
interface Ethernet5
description SERVER_host2
no shutdown
channel-group 5 mode active
!
interface Loopback0
description ROUTER_ID
no shutdown
ip address 192.168.101.4/32
!
interface Loopback1
description VXLAN_TUNNEL_SOURCE
no shutdown
ip address 192.168.102.3/32
!
interface Management1
description OOB_MANAGEMENT
no shutdown
vrf MGMT
ip address 172.16.1.24/24
!
interface Vlan10
description DMZ
no shutdown
vrf VRF_A
ip address virtual 10.1.10.1/24
!
interface Vlan20
description Internal
no shutdown
vrf VRF_A
ip address virtual 10.1.20.1/24
!
interface Vlan3009
description MLAG_L3_VRF_VRF_A
no shutdown
mtu 9214
vrf VRF_A
ip address 10.255.251.5/31
!
interface Vlan4093
description MLAG_L3
no shutdown
mtu 9214
ip address 10.255.251.5/31
!
interface Vlan4094
description MLAG
no shutdown
mtu 9214
no autostate
ip address 10.255.252.5/31
!
interface Vxlan1
description dc1-leaf2b_VTEP
vxlan source-interface Loopback1
vxlan virtual-router encapsulation mac-address mlag-system-id
vxlan udp-port 4789
vxlan vlan 10 vni 10010
vxlan vlan 20 vni 10020
vxlan vrf VRF_A vni 10
!
ip virtual-router mac-address 00:1c:73:00:00:99
!
ip routing
no ip routing vrf MGMT
ip routing vrf VRF_A
!
ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY
seq 10 permit 192.168.101.0/24 eq 32
seq 20 permit 192.168.102.0/24 eq 32
!
ip prefix-list PL-MLAG-PEER-VRFS
seq 10 permit 10.255.251.4/31
!
mlag configuration
domain-id dc1-leaf2
local-interface Vlan4094
peer-address 10.255.252.4
peer-link Port-Channel3
reload-delay mlag 300
reload-delay non-mlag 330
!
ip route vrf MGMT 0.0.0.0/0 172.16.1.1
!
ntp local-interface vrf MGMT Management1
ntp server vrf MGMT 0.pool.ntp.org prefer
!
route-map RM-CONN-2-BGP permit 10
match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY
!
route-map RM-CONN-2-BGP-VRFS deny 10
match ip address prefix-list PL-MLAG-PEER-VRFS
!
route-map RM-CONN-2-BGP-VRFS permit 20
!
route-map RM-MLAG-PEER-IN permit 10
description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing
set origin incomplete
!
router bfd
multihop interval 1200 min-rx 1200 multiplier 3
!
router bgp 65102
router-id 192.168.101.4
no bgp default ipv4-unicast
maximum-paths 4
neighbor EVPN-OVERLAY-PEERS peer group
neighbor EVPN-OVERLAY-PEERS update-source Loopback0
neighbor EVPN-OVERLAY-PEERS bfd
neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3
neighbor EVPN-OVERLAY-PEERS send-community
neighbor EVPN-OVERLAY-PEERS maximum-routes 0
neighbor IPv4-UNDERLAY-PEERS peer group
neighbor IPv4-UNDERLAY-PEERS send-community
neighbor IPv4-UNDERLAY-PEERS maximum-routes 256000
neighbor MLAG-IPv4-UNDERLAY-PEER peer group
neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65102
neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self
neighbor MLAG-IPv4-UNDERLAY-PEER description dc1-leaf2a
neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in
neighbor MLAG-IPv4-UNDERLAY-PEER send-community
neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 256000
neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.4 description dc1-leaf2a_Vlan4093
neighbor 192.168.101.13 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.13 remote-as 65002
neighbor 192.168.101.13 description dc1-spine3_Loopback0
neighbor 192.168.101.14 peer group EVPN-OVERLAY-PEERS
neighbor 192.168.101.14 remote-as 65002
neighbor 192.168.101.14 description dc1-spine4_Loopback0
neighbor 192.168.103.12 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.12 remote-as 65002
neighbor 192.168.103.12 description dc1-spine3_Ethernet4
neighbor 192.168.103.14 peer group IPv4-UNDERLAY-PEERS
neighbor 192.168.103.14 remote-as 65002
neighbor 192.168.103.14 description dc1-spine4_Ethernet4
redistribute connected route-map RM-CONN-2-BGP
!
vlan-aware-bundle VRF_A
rd 192.168.101.4:10
route-target both 10:10
redistribute learned
vlan 10,20
!
address-family evpn
neighbor EVPN-OVERLAY-PEERS activate
!
address-family ipv4
no neighbor EVPN-OVERLAY-PEERS activate
neighbor IPv4-UNDERLAY-PEERS activate
neighbor MLAG-IPv4-UNDERLAY-PEER activate
!
vrf VRF_A
rd 192.168.101.4:10
route-target import evpn 10:10
route-target export evpn 10:10
router-id 192.168.101.4
neighbor 10.255.251.4 peer group MLAG-IPv4-UNDERLAY-PEER
neighbor 10.255.251.4 description dc1-leaf2a_Vlan3009
redistribute connected route-map RM-CONN-2-BGP-VRFS
!
end