Creating Device configuration snippets [CREATED] r1: initial,bgp [CREATED] r2: initial,bgp [CREATED] r3: initial,bgp [CREATED] r4: initial,bgp [CREATED] dut: initial,bgp,vrf Config Deploying device configurations [INFO] Executing initial configuration for node r1 [INFO] Executing initial configuration for node r2 [INFO] Executing initial configuration for node r3 [INFO] Executing initial configuration for node r4 [INFO] Executing bgp configuration for node r1 [INFO] Executing bgp configuration for node r2 [INFO] Executing bgp configuration for node r4 [INFO] Executing bgp configuration for node r3 [INFO] Starting Ansible playbook to deploy the rest of the configurations [WARNING]: Found variable using reserved name: hosts PLAY [Deploy initial device configuration] ************************************* TASK [Set variables that cannot be set with VARS] ****************************** ok: [dut] TASK [Normalize config on bridge-like devices] ********************************* included: /home/pipi/netlab_gh/netsim/ansible/tasks/deploy-module.yml for dut TASK [Figure out whether to deploy the module normalize on current device] ***** ok: [dut] TASK [Find configuration template for normalize] ******************************* ok: [dut] TASK [fail] ******************************************************************** skipping: [dut] TASK [Find configuration deployment deploy_script for normalize] *************** ok: [dut] TASK [Print deployed configuration when running in verbose mode] *************** skipping: [dut] TASK [Deploy normalize configuration] ****************************************** skipping: [dut] TASK [Deploy initial configuration] ******************************************** included: /home/pipi/netlab_gh/netsim/ansible/tasks/deploy-module.yml for dut TASK [Figure out whether to deploy the module initial on current device] ******* ok: [dut] TASK [Find configuration template for initial] ********************************* ok: [dut] TASK [fail] ******************************************************************** skipping: [dut] TASK [Find configuration deployment deploy_script for initial] ***************** ok: [dut] TASK [Print deployed configuration when running in verbose mode] *************** ok: [dut] => { "msg": "initial configuration for dut\n=========================================\n\nupdates:\n\n- path: /interface[name=system0]/subinterface[index=0]\n value:\n description: \"No description\"\n admin-state: enable\n ipv4:\n admin-state: enable\n address:\n - ip-prefix: \"10.0.0.1/32\"\n\n- path: /interface[name=ethernet-1/1]\n value:\n description: \"dut ~ r1\"\n subinterface:\n index: 0\n description: \"dut ~ r1\"\n\n- path: /interface[name=ethernet-1/1]/subinterface[index=0]\n value:\n description: \"dut ~ r1\"\n admin-state: enable\n ipv4:\n admin-state: enable\n unnumbered:\n admin-state: enable\n interface: \"system0.0\"\n ipv6:\n admin-state: enable\n neighbor-discovery:\n learn-unsolicited: link-local\n router-advertisement:\n router-role:\n admin-state: enable # no ipv6 nd suppress-ra\n min-advertisement-interval: 4 # Leaving this at platform default 200..600 takes too long at startup\n _annotate_min-advertisement-interval: \"Reduced from platform default 200s\"\n max-advertisement-interval: 5\n\n- path: /interface[name=ethernet-1/2]\n value:\n description: \"dut ~ r2\"\n subinterface:\n index: 0\n description: \"dut ~ r2\"\n\n- path: /interface[name=ethernet-1/2]/subinterface[index=0]\n value:\n description: \"dut ~ r2\"\n admin-state: enable\n ipv4:\n admin-state: enable\n unnumbered:\n admin-state: enable\n interface: \"system0.0\"\n ipv6:\n admin-state: enable\n neighbor-discovery:\n learn-unsolicited: link-local\n router-advertisement:\n router-role:\n admin-state: enable # no ipv6 nd suppress-ra\n min-advertisement-interval: 4 # Leaving this at platform default 200..600 takes too long at startup\n _annotate_min-advertisement-interval: \"Reduced from platform default 200s\"\n max-advertisement-interval: 5\n\n- path: /interface[name=ethernet-1/3]\n value:\n description: \"dut ~ r3\"\n subinterface:\n index: 0\n description: \"dut ~ r3\"\n\n- path: /interface[name=ethernet-1/3]/subinterface[index=0]\n value:\n description: \"dut ~ r3\"\n admin-state: enable\n ipv4:\n admin-state: enable\n unnumbered:\n admin-state: enable\n interface: \"system0.0\"\n ipv6:\n admin-state: enable\n neighbor-discovery:\n learn-unsolicited: link-local\n router-advertisement:\n router-role:\n admin-state: enable # no ipv6 nd suppress-ra\n min-advertisement-interval: 4 # Leaving this at platform default 200..600 takes too long at startup\n _annotate_min-advertisement-interval: \"Reduced from platform default 200s\"\n max-advertisement-interval: 5\n\n- path: /interface[name=ethernet-1/4]\n value:\n description: \"dut ~ r4\"\n subinterface:\n index: 0\n description: \"dut ~ r4\"\n\n- path: /interface[name=ethernet-1/4]/subinterface[index=0]\n value:\n description: \"dut ~ r4\"\n admin-state: enable\n ipv4:\n admin-state: enable\n unnumbered:\n admin-state: enable\n interface: \"system0.0\"\n ipv6:\n admin-state: enable\n neighbor-discovery:\n learn-unsolicited: link-local\n router-advertisement:\n router-role:\n admin-state: enable # no ipv6 nd suppress-ra\n min-advertisement-interval: 4 # Leaving this at platform default 200..600 takes too long at startup\n _annotate_min-advertisement-interval: \"Reduced from platform default 200s\"\n max-advertisement-interval: 5\n\n\n\n- path: /network-instance[name=default]\n value:\n type: default\n interface:\n - name: system0.0\n\n\n\n\n# TODO: vdata.rd, vdata.import/export, vdata.af\n- path: /network-instance[name=red]\n value:\n type: ip-vrf\n interface:\n - name: ethernet-1/1.0\n- path: /network-instance[name=red]\n value:\n type: ip-vrf\n interface:\n - name: ethernet-1/2.0\n\n\n\n# TODO: vdata.rd, vdata.import/export, vdata.af\n- path: /network-instance[name=blue]\n value:\n type: ip-vrf\n interface:\n - name: ethernet-1/3.0\n- path: /network-instance[name=blue]\n value:\n type: ip-vrf\n interface:\n - name: ethernet-1/4.0\n\n\n" } TASK [Deploy initial configuration] ******************************************** included: /home/pipi/netlab_gh/netsim/ansible/tasks/deploy-config/srlinux.yml for dut TASK [Generate JSON-RPC YAML configuration] ************************************ ok: [dut] TASK [Update SRL initial node configuration (template=/work/netlab_cicd/node_files/dut/initial)] *** changed: [dut] TASK [debug] ******************************************************************* skipping: [dut] PLAY [Deploy module-specific configurations] *********************************** TASK [Set variables that cannot be set with VARS] ****************************** ok: [dut] TASK [Deploy individual configuration modules] ********************************* included: /home/pipi/netlab_gh/netsim/ansible/tasks/deploy-module.yml for dut => (item=bgp) included: /home/pipi/netlab_gh/netsim/ansible/tasks/deploy-module.yml for dut => (item=vrf) TASK [Figure out whether to deploy the module bgp on current device] *********** ok: [dut] TASK [Find configuration template for bgp] ************************************* ok: [dut] TASK [fail] ******************************************************************** skipping: [dut] TASK [Find configuration deployment deploy_script for bgp] ********************* ok: [dut] TASK [Print deployed configuration when running in verbose mode] *************** ok: [dut] => { "msg": "bgp configuration for dut\n=========================================\nupdates:\n\n- path: /routing-policy/policy[name=accept_all]\n value:\n default-action:\n policy-result: accept\n\n- path: /routing-policy/community-set[name=ibgp-mark]\n value:\n member: [ \"65536:0:65536\" ]\n\n- path: /routing-policy/policy[name=ibgp-mark]\n value:\n default-action:\n policy-result: reject\n statement:\n - name: mark-ibgp-routes\n action:\n bgp:\n communities:\n add: ibgp-mark\n policy-result: accept\n\n- path: /routing-policy/prefix-set[name=default_bgp_advertise]\n value:\n prefix: [] # Make sure it exists\n\n- path: /routing-policy/policy[name=default_bgp_export]\n value:\n default-action:\n policy-result: reject\n statement:\n - name: prefixes\n match:\n prefix:\n prefix-set: default_bgp_advertise\n action:\n policy-result: next-policy\n - name: bgp\n match:\n protocol: bgp\n action:\n policy-result: next-policy\n bgp:\n communities:\n remove:\n ibgp-mark\n\n\n- path: /network-instance[name=default]/protocols/bgp\n value:\n admin-state: enable\n autonomous-system: 65000\n router-id: 10.0.0.1\n ebgp-default-policy:\n export-reject-all: False\n import-reject-all: False\n\n afi-safi:\n - afi-safi-name: ipv4-unicast\n admin-state: enable\n\n- path: /routing-policy/prefix-set[name=default_bgp_advertise]\n value:\n prefix:\n - ip-prefix: 10.0.0.1/32\n mask-length-range: exact\n\n\n\n\n\n\n" } TASK [Deploy bgp configuration] ************************************************ included: /home/pipi/netlab_gh/netsim/ansible/tasks/deploy-config/srlinux.yml for dut TASK [Generate JSON-RPC YAML configuration] ************************************ ok: [dut] TASK [Update SRL bgp node configuration (template=/work/netlab_cicd/node_files/dut/bgp)] *** changed: [dut] TASK [debug] ******************************************************************* skipping: [dut] TASK [Figure out whether to deploy the module vrf on current device] *********** ok: [dut] TASK [Find configuration template for vrf] ************************************* ok: [dut] TASK [fail] ******************************************************************** skipping: [dut] TASK [Find configuration deployment deploy_script for vrf] ********************* ok: [dut] TASK [Print deployed configuration when running in verbose mode] *************** ok: [dut] => { "msg": "vrf configuration for dut\n=========================================\n\nupdates:\n\n- path: /network-instance[name=red]\n value:\n type: ip-vrf\n\n\n- path: /routing-policy/community-set[name=C65000_1]\n value:\n member:\n - \"target:65000:1\" # Single member, else matching is AND\n\n- path: /routing-policy/community-set[name=red_export]\n value:\n member:\n - \"target:65000:1\"\n\n\n- path: /routing-policy/policy[name=red_bgp_export]\n value:\n default-action:\n policy-result: reject\n statement:\n - name: bgp\n match:\n protocol: bgp\n action:\n policy-result: next-policy\n bgp:\n communities:\n remove:\n ibgp-mark\n - name: export_local\n match:\n protocol: local\n action:\n policy-result: next-policy\n\n\n- path: /network-instance[name=red]/protocols/bgp\n value:\n admin-state: enable\n autonomous-system: 65000\n router-id: 10.0.0.1\n ebgp-default-policy:\n export-reject-all: False\n import-reject-all: False\n\n afi-safi:\n - afi-safi-name: ipv4-unicast\n admin-state: enable\n afi-safi:\n - afi-safi-name: ipv6-unicast\n admin-state: enable\n\n\n\n\n\n\n\n- path: /network-instance[name=red]/protocols/bgp/group[group-name=intf-ethernet-1/1]\n value:\n admin-state: enable\n# neighbor: {'ifindex': 1, 'local_if': 'ethernet-1/1', 'ipv4_rfc8950': True, 'name': 'r1', 'as': 65101, 'type': 'ebgp', 'ipv4': True, 'activate': {'ipv4': True}, '_src_vrf': 'red'}\n# ipv4: True\n# ipv6: True\n afi-safi:\n - afi-safi-name: ipv4-unicast\n admin-state: enable\n send-community-type: ['standard', 'large']\n\n ipv4-unicast:\n advertise-ipv6-next-hops: True\n receive-ipv6-next-hops: True\n import-policy: ['accept_all']\n export-policy: ['red_bgp_export', 'accept_all']\n - afi-safi-name: ipv6-unicast\n admin-state: disable\n send-community-type: ['standard', 'large']\n\n import-policy: ['accept_all']\n export-policy: ['red_bgp_export', 'accept_all']\n\n timers:\n connect-retry: 10\n _annotate_connect-retry: \"Reduce default 120s to 10s\"\n minimum-advertisement-interval: 1\n\n\n- path: /network-instance[name=red]/ip-forwarding\n value:\n receive-ipv4-check: false\n _annotate_receive-ipv4-check: \"Allow IPv4 on IPv6 unnumbered interfaces\"\n\n- path: /network-instance[name=red]/protocols/bgp/dynamic-neighbors/interface[interface-name=ethernet-1/1.0]\n value:\n peer-group: \"intf-ethernet-1/1\"\n allowed-peer-as: [ 65101..65101 ]\n\n- path: /network-instance[name=red]/protocols/bgp/group[group-name=intf-ethernet-1/2]\n value:\n admin-state: enable\n# neighbor: {'ifindex': 2, 'local_if': 'ethernet-1/2', 'ipv4_rfc8950': True, 'name': 'r2', 'as': 65102, 'type': 'ebgp', 'ipv4': True, 'activate': {'ipv4': True}, '_src_vrf': 'red'}\n# ipv4: True\n# ipv6: True\n afi-safi:\n - afi-safi-name: ipv4-unicast\n admin-state: enable\n send-community-type: ['standard', 'large']\n\n ipv4-unicast:\n advertise-ipv6-next-hops: True\n receive-ipv6-next-hops: True\n import-policy: ['accept_all']\n export-policy: ['red_bgp_export', 'accept_all']\n - afi-safi-name: ipv6-unicast\n admin-state: disable\n send-community-type: ['standard', 'large']\n\n import-policy: ['accept_all']\n export-policy: ['red_bgp_export', 'accept_all']\n\n timers:\n connect-retry: 10\n _annotate_connect-retry: \"Reduce default 120s to 10s\"\n minimum-advertisement-interval: 1\n\n\n- path: /network-instance[name=red]/ip-forwarding\n value:\n receive-ipv4-check: false\n _annotate_receive-ipv4-check: \"Allow IPv4 on IPv6 unnumbered interfaces\"\n\n- path: /network-instance[name=red]/protocols/bgp/dynamic-neighbors/interface[interface-name=ethernet-1/2.0]\n value:\n peer-group: \"intf-ethernet-1/2\"\n allowed-peer-as: [ 65102..65102 ]\n\n\n\n\n- path: /network-instance[name=red]/protocols/bgp-vpn\n value:\n bgp-instance:\n - id: 1\n route-distinguisher:\n rd: \"65000:1\"\n\n- path: /network-instance[name=red]/inter-instance-policies\n value:\n apply-policy:\n export-policy:\n - \"red_vpn_export\"\n import-policy:\n - \"red_vpn_import\"\n\n- path: /routing-policy/policy[name=red_vpn_export]\n value:\n default-action:\n policy-result: \"accept\"\n bgp:\n communities:\n add: \"red_export\"\n\n- path: /routing-policy/policy[name=red_vpn_import]\n value:\n default-action:\n policy-result: \"reject\"\n statement:\n - name: 11\n match:\n bgp:\n community-set: \"C65000_1\"\n action:\n policy-result: \"accept\"\n\n\n- path: /network-instance[name=blue]\n value:\n type: ip-vrf\n\n\n- path: /routing-policy/community-set[name=C65000_2]\n value:\n member:\n - \"target:65000:2\" # Single member, else matching is AND\n\n- path: /routing-policy/community-set[name=blue_export]\n value:\n member:\n - \"target:65000:2\"\n\n\n- path: /routing-policy/policy[name=blue_bgp_export]\n value:\n default-action:\n policy-result: reject\n statement:\n - name: bgp\n match:\n protocol: bgp\n action:\n policy-result: next-policy\n bgp:\n communities:\n remove:\n ibgp-mark\n - name: export_local\n match:\n protocol: local\n action:\n policy-result: next-policy\n\n\n- path: /network-instance[name=blue]/protocols/bgp\n value:\n admin-state: enable\n autonomous-system: 65000\n router-id: 10.0.0.1\n ebgp-default-policy:\n export-reject-all: False\n import-reject-all: False\n\n afi-safi:\n - afi-safi-name: ipv4-unicast\n admin-state: enable\n afi-safi:\n - afi-safi-name: ipv6-unicast\n admin-state: enable\n\n\n\n\n\n\n\n- path: /network-instance[name=blue]/protocols/bgp/group[group-name=intf-ethernet-1/3]\n value:\n admin-state: enable\n# neighbor: {'ifindex': 3, 'local_if': 'ethernet-1/3', 'ipv4_rfc8950': True, 'name': 'r3', 'as': 65103, 'type': 'ebgp', 'ipv4': True, 'activate': {'ipv4': True}, '_src_vrf': 'blue'}\n# ipv4: True\n# ipv6: True\n afi-safi:\n - afi-safi-name: ipv4-unicast\n admin-state: enable\n send-community-type: ['standard', 'large']\n\n ipv4-unicast:\n advertise-ipv6-next-hops: True\n receive-ipv6-next-hops: True\n import-policy: ['accept_all']\n export-policy: ['blue_bgp_export', 'accept_all']\n - afi-safi-name: ipv6-unicast\n admin-state: disable\n send-community-type: ['standard', 'large']\n\n import-policy: ['accept_all']\n export-policy: ['blue_bgp_export', 'accept_all']\n\n timers:\n connect-retry: 10\n _annotate_connect-retry: \"Reduce default 120s to 10s\"\n minimum-advertisement-interval: 1\n\n\n- path: /network-instance[name=blue]/ip-forwarding\n value:\n receive-ipv4-check: false\n _annotate_receive-ipv4-check: \"Allow IPv4 on IPv6 unnumbered interfaces\"\n\n- path: /network-instance[name=blue]/protocols/bgp/dynamic-neighbors/interface[interface-name=ethernet-1/3.0]\n value:\n peer-group: \"intf-ethernet-1/3\"\n allowed-peer-as: [ 65103..65103 ]\n\n- path: /network-instance[name=blue]/protocols/bgp/group[group-name=intf-ethernet-1/4]\n value:\n admin-state: enable\n# neighbor: {'ifindex': 4, 'local_if': 'ethernet-1/4', 'ipv4_rfc8950': True, 'name': 'r4', 'as': 65104, 'type': 'ebgp', 'ipv4': True, 'activate': {'ipv4': True}, '_src_vrf': 'blue'}\n# ipv4: True\n# ipv6: True\n afi-safi:\n - afi-safi-name: ipv4-unicast\n admin-state: enable\n send-community-type: ['standard', 'large']\n\n ipv4-unicast:\n advertise-ipv6-next-hops: True\n receive-ipv6-next-hops: True\n import-policy: ['accept_all']\n export-policy: ['blue_bgp_export', 'accept_all']\n - afi-safi-name: ipv6-unicast\n admin-state: disable\n send-community-type: ['standard', 'large']\n\n import-policy: ['accept_all']\n export-policy: ['blue_bgp_export', 'accept_all']\n\n timers:\n connect-retry: 10\n _annotate_connect-retry: \"Reduce default 120s to 10s\"\n minimum-advertisement-interval: 1\n\n\n- path: /network-instance[name=blue]/ip-forwarding\n value:\n receive-ipv4-check: false\n _annotate_receive-ipv4-check: \"Allow IPv4 on IPv6 unnumbered interfaces\"\n\n- path: /network-instance[name=blue]/protocols/bgp/dynamic-neighbors/interface[interface-name=ethernet-1/4.0]\n value:\n peer-group: \"intf-ethernet-1/4\"\n allowed-peer-as: [ 65104..65104 ]\n\n\n\n\n- path: /network-instance[name=blue]/protocols/bgp-vpn\n value:\n bgp-instance:\n - id: 1\n route-distinguisher:\n rd: \"65000:2\"\n\n- path: /network-instance[name=blue]/inter-instance-policies\n value:\n apply-policy:\n export-policy:\n - \"blue_vpn_export\"\n import-policy:\n - \"blue_vpn_import\"\n\n- path: /routing-policy/policy[name=blue_vpn_export]\n value:\n default-action:\n policy-result: \"accept\"\n bgp:\n communities:\n add: \"blue_export\"\n\n- path: /routing-policy/policy[name=blue_vpn_import]\n value:\n default-action:\n policy-result: \"reject\"\n statement:\n - name: 11\n match:\n bgp:\n community-set: \"C65000_2\"\n action:\n policy-result: \"accept\"\n\n" } TASK [Deploy vrf configuration] ************************************************ included: /home/pipi/netlab_gh/netsim/ansible/tasks/deploy-config/srlinux.yml for dut TASK [Generate JSON-RPC YAML configuration] ************************************ ok: [dut] TASK [Update SRL vrf node configuration (template=/work/netlab_cicd/node_files/dut/vrf)] *** changed: [dut] TASK [debug] ******************************************************************* skipping: [dut] PLAY [Deploy custom deployment templates] ************************************** skipping: no hosts matched PLAY RECAP ********************************************************************* dut : ok=30 changed=3 unreachable=0 failed=0 skipped=9 rescued=0 ignored=0 Results of configuration script deployments ================================================================================ r1 Script: initial,bgp r2 Script: initial,bgp r3 Script: initial,bgp r4 Script: initial,bgp The device under test has two VRFs with two interfaces in each VRF. Routers are attached to those interfaces and run BGP with device under test. Assuming the multi-vrf test case succeeded, this one adds BGP routing with CE routers. * r1 and r2 should be able to ping each other * r3 and r4 should be able to ping each other * r1 should not be able to reach r3