/home/pipi/.local/lib/python3.10/site-packages/paramiko/pkey.py:100: CryptographyDeprecationWarning: TripleDES has been moved to cryptography.hazmat.decrepit.ciphers.algorithms.TripleDES and will be removed from cryptography.hazmat.primitives.ciphers.algorithms in 48.0.0. "cipher": algorithms.TripleDES, /home/pipi/.local/lib/python3.10/site-packages/paramiko/transport.py:259: CryptographyDeprecationWarning: TripleDES has been moved to cryptography.hazmat.decrepit.ciphers.algorithms.TripleDES and will be removed from cryptography.hazmat.primitives.ciphers.algorithms in 48.0.0. "class": algorithms.TripleDES, [WARNING]: Could not match supplied host pattern, ignoring: unprovisioned [WARNING]: Found variable using reserved name: hosts PLAY [Deploy initial device configuration] ************************************* TASK [Set variables that cannot be set with VARS] ****************************** ok: [s1] ok: [s2] ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Find device readiness script] ******************************************** ok: [s1] ok: [s2] ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Wait for device to become ready] ***************************************** skipping: [s1] skipping: [s2] skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Normalize config on bridge-like devices] ********************************* included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for s1, s2, h1, h2, h3, h4 TASK [Figure out whether to deploy the module normalize on current device] ***** ok: [s1] ok: [s2] ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Find configuration template for normalize] ******************************* ok: [s1] ok: [s2] ok: [h1] ok: [h2] ok: [h4] ok: [h3] TASK [fail] ******************************************************************** skipping: [s1] skipping: [s2] skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Find configuration deployment deploy_script for normalize] *************** ok: [s1] ok: [s2] ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Print deployed configuration when running in verbose mode] *************** skipping: [s1] skipping: [s2] skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Deploy normalize configuration] ****************************************** skipping: [s1] skipping: [s2] skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Deploy initial configuration] ******************************************** included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for s1, s2, h1, h2, h3, h4 TASK [Figure out whether to deploy the module initial on current device] ******* ok: [s1] ok: [s2] ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Find configuration template for initial] ********************************* ok: [s1] ok: [s2] ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [fail] ******************************************************************** skipping: [s1] skipping: [s2] skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Find configuration deployment deploy_script for initial] ***************** ok: [s1] ok: [s2] ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Print deployed configuration when running in verbose mode] *************** ok: [h2] => msg: |- initial configuration for h2 ========================================= #!/bin/bash # # This script contains the 'ip' commands needed to set up container # interfaces and route table. It's executed within the container # network namespace on the container host. # # /etc/hosts file is generated as a clab bind. # set -e ### One-Shot configuration (non-Ubuntu VM or container) # # Send ARP requests from a sane source IP address sysctl -w net.ipv4.conf.all.arp_announce=2 # # Disable IPv4 and IPv6 forwarding # sysctl -w net.ipv4.ip_forward=0 sysctl -w net.ipv6.conf.all.forwarding=0 # # Interface addressing, create any bond devices # ip link set dev eth1 up set +e ip addr del 172.16.1.4/24 dev eth1 2>/dev/null set -e ip addr add 172.16.1.4/24 dev eth1 sysctl -w net.ipv6.conf.eth1.disable_ipv6=1 ip link set dev eth1 mtu 1500 ok: [h1] => msg: |- initial configuration for h1 ========================================= #!/bin/bash # # This script contains the 'ip' commands needed to set up container # interfaces and route table. It's executed within the container # network namespace on the container host. # # /etc/hosts file is generated as a clab bind. # set -e ### One-Shot configuration (non-Ubuntu VM or container) # # Send ARP requests from a sane source IP address sysctl -w net.ipv4.conf.all.arp_announce=2 # # Disable IPv4 and IPv6 forwarding # sysctl -w net.ipv4.ip_forward=0 sysctl -w net.ipv6.conf.all.forwarding=0 # # Interface addressing, create any bond devices # ip link set dev eth1 up set +e ip addr del 172.16.0.3/24 dev eth1 2>/dev/null set -e ip addr add 172.16.0.3/24 dev eth1 sysctl -w net.ipv6.conf.eth1.disable_ipv6=1 ip link set dev eth1 mtu 1500 ok: [h4] => msg: |- initial configuration for h4 ========================================= #!/bin/bash # # This script contains the 'ip' commands needed to set up container # interfaces and route table. It's executed within the container # network namespace on the container host. # # /etc/hosts file is generated as a clab bind. # set -e ### One-Shot configuration (non-Ubuntu VM or container) # # Send ARP requests from a sane source IP address sysctl -w net.ipv4.conf.all.arp_announce=2 # # Disable IPv4 and IPv6 forwarding # sysctl -w net.ipv4.ip_forward=0 sysctl -w net.ipv6.conf.all.forwarding=0 # # Interface addressing, create any bond devices # ip link set dev eth1 up set +e ip addr del 172.16.3.6/24 dev eth1 2>/dev/null set -e ip addr add 172.16.3.6/24 dev eth1 sysctl -w net.ipv6.conf.eth1.disable_ipv6=1 ip link set dev eth1 mtu 1500 ok: [h3] => msg: |- initial configuration for h3 ========================================= #!/bin/bash # # This script contains the 'ip' commands needed to set up container # interfaces and route table. It's executed within the container # network namespace on the container host. # # /etc/hosts file is generated as a clab bind. # set -e ### One-Shot configuration (non-Ubuntu VM or container) # # Send ARP requests from a sane source IP address sysctl -w net.ipv4.conf.all.arp_announce=2 # # Disable IPv4 and IPv6 forwarding # sysctl -w net.ipv4.ip_forward=0 sysctl -w net.ipv6.conf.all.forwarding=0 # # Interface addressing, create any bond devices # ip link set dev eth1 up set +e ip addr del 172.16.2.5/24 dev eth1 2>/dev/null set -e ip addr add 172.16.2.5/24 dev eth1 sysctl -w net.ipv6.conf.eth1.disable_ipv6=1 ip link set dev eth1 mtu 1500 ok: [s1] => msg: |- initial configuration for s1 ========================================= #!/bin/vbash source /opt/vyatta/etc/functions/script-template if [ "$(id -g -n)" != 'vyattacfg' ] ; then exec sg vyattacfg -c "/bin/vbash $(readlink -f $0) $@" fi # Configuration items start here configure set system host-name 's1' set vrf name tenant table 100 set interfaces bridge br0 description 'Global Switch Bridge' set interfaces bridge br0 enable-vlan set interfaces bridge br0 vif 1000 set interfaces bridge br0 vif 1001 set interfaces bridge br0 vif 1002 set interfaces dummy dum0 address 10.0.0.1/32 set interfaces ethernet eth1 description 's1 -> s2' set interfaces ethernet eth1 mtu 1600 set interfaces ethernet eth1 address 10.1.0.1/30 set interfaces ethernet eth2 description '[Access VLAN red] s1 -> h1' set interfaces ethernet eth2 mtu 1500 set interfaces ethernet eth3 description '[Access VLAN green] s1 -> h3' set interfaces ethernet eth3 mtu 1500 set interfaces dummy dum1 description '[Access VLAN blue] s1 -> stub' set interfaces bridge br0 vif 1000 description 'VLAN red (1000) -> [h1,s2]' set interfaces bridge br0 vif 1000 mtu 1500 set interfaces bridge br0 vif 1000 address 172.16.0.1/24 set interfaces bridge br0 vif 1000 vrf tenant set interfaces bridge br0 vif 1002 description 'VLAN green (1002) -> [h3] [stub]' set interfaces bridge br0 vif 1002 mtu 1500 set interfaces bridge br0 vif 1002 address 172.16.2.1/24 set interfaces bridge br0 vif 1002 vrf tenant set interfaces bridge br0 vif 1001 description 'VLAN blue (1001) -> [h2,s2]' set interfaces bridge br0 vif 1001 mtu 1500 set interfaces bridge br0 vif 1001 address 172.16.1.1/24 set interfaces bridge br0 vif 1001 vrf tenant set service lldp interface all >/dev/null 2>/dev/null set service lldp interface eth0 disable >/dev/null 2>/dev/null set service lldp interface eth0 mode disable set service ssh # Commit, save and exit from subshell commit save exit # Restart FRR to pick up the new hostname sudo service frr restart ok: [s2] => msg: |- initial configuration for s2 ========================================= #!/bin/vbash source /opt/vyatta/etc/functions/script-template if [ "$(id -g -n)" != 'vyattacfg' ] ; then exec sg vyattacfg -c "/bin/vbash $(readlink -f $0) $@" fi # Configuration items start here configure set system host-name 's2' set vrf name tenant table 100 set interfaces bridge br0 description 'Global Switch Bridge' set interfaces bridge br0 enable-vlan set interfaces bridge br0 vif 1000 set interfaces bridge br0 vif 1001 set interfaces bridge br0 vif 1003 set interfaces dummy dum0 address 10.0.0.2/32 set interfaces ethernet eth1 description 's2 -> s1' set interfaces ethernet eth1 mtu 1600 set interfaces ethernet eth1 address 10.1.0.2/30 set interfaces ethernet eth2 description '[Access VLAN blue] s2 -> h2' set interfaces ethernet eth2 mtu 1500 set interfaces ethernet eth3 description '[Access VLAN purple] s2 -> h4' set interfaces ethernet eth3 mtu 1500 set interfaces dummy dum1 description '[Access VLAN red] s2 -> stub' set interfaces bridge br0 vif 1001 description 'VLAN blue (1001) -> [s1,h2]' set interfaces bridge br0 vif 1001 mtu 1500 set interfaces bridge br0 vif 1001 address 172.16.1.2/24 set interfaces bridge br0 vif 1001 vrf tenant set interfaces bridge br0 vif 1003 description 'VLAN purple (1003) -> [h4] [stub]' set interfaces bridge br0 vif 1003 mtu 1500 set interfaces bridge br0 vif 1003 address 172.16.3.2/24 set interfaces bridge br0 vif 1003 vrf tenant set interfaces bridge br0 vif 1000 description 'VLAN red (1000) -> [h1,s1]' set interfaces bridge br0 vif 1000 mtu 1500 set interfaces bridge br0 vif 1000 address 172.16.0.2/24 set interfaces bridge br0 vif 1000 vrf tenant set service lldp interface all >/dev/null 2>/dev/null set service lldp interface eth0 disable >/dev/null 2>/dev/null set service lldp interface eth0 mode disable set service ssh # Commit, save and exit from subshell commit save exit # Restart FRR to pick up the new hostname sudo service frr restart TASK [Deploy initial configuration] ******************************************** included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-config/vyos.yml for s1, s2 included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-config/linux-clab.yml for h1, h2, h3, h4 TASK [wait_for_connection] ***************************************************** ok: [s2] ok: [s1] TASK [wait_for] **************************************************************** ok: [s1] ok: [s2] TASK [set_fact] **************************************************************** ok: [s1] ok: [s2] TASK [set_fact] **************************************************************** ok: [s1] ok: [s2] TASK [template] **************************************************************** changed: [s1] changed: [s2] TASK [execute config-initial.sh to deploy initial config from /home/pipi/net101/tools/netsim/ansible/templates/initial/vyos.j2] *** changed: [s1] changed: [s2] TASK [Define script filename and determine whether to execute in netns] ******** ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Create a temporary file for the rendered script] ************************* changed: [h2 -> localhost] changed: [h1 -> localhost] changed: [h3 -> localhost] changed: [h4 -> localhost] TASK [Create container setup script from /home/pipi/net101/tools/netsim/ansible/templates/initial/linux-clab.j2] *** changed: [h1 -> localhost] changed: [h2 -> localhost] changed: [h3 -> localhost] changed: [h4 -> localhost] TASK [Copy script into running container at /tmp/config-h1_initial.sh] ********* skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Execute /tmp/config-h1_initial.sh to deploy initial config based on /home/pipi/net101/tools/netsim/ansible/templates/initial/linux-clab.j2] *** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Container configuration for initial based on /home/pipi/net101/tools/netsim/ansible/templates/initial/linux-clab.j2 executed in netns] *** changed: [h1 -> localhost] changed: [h2 -> localhost] changed: [h3 -> localhost] changed: [h4 -> localhost] TASK [Remove temporary file /tmp/h1_initial-djspq766.sh] *********************** changed: [h4 -> localhost] changed: [h1 -> localhost] changed: [h3 -> localhost] changed: [h2 -> localhost] PLAY [Deploy module-specific configurations] *********************************** TASK [Set variables that cannot be set with VARS] ****************************** ok: [s1] ok: [s2] ok: [h1] ok: [h3] ok: [h2] ok: [h4] TASK [Deploy individual configuration modules] ********************************* included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for s1, s2, h1, h2, h3, h4 => (item=vlan) included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for s1, s2, h1, h2, h3, h4 => (item=routing) included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for s1, s2, h1, h2, h3, h4 => (item=ospf) included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for s1, s2, h1, h2, h3, h4 => (item=bgp) included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for s1, s2, h1, h2, h3, h4 => (item=vrf) included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for s1, s2, h1, h2, h3, h4 => (item=vxlan) included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for s1, s2, h1, h2, h3, h4 => (item=evpn) TASK [Figure out whether to deploy the module vlan on current device] ********** ok: [s1] ok: [s2] ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Find configuration template for vlan] ************************************ skipping: [h1] skipping: [h2] ok: [s1] ok: [s2] skipping: [h3] skipping: [h4] TASK [fail] ******************************************************************** skipping: [s1] skipping: [s2] skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Find configuration deployment deploy_script for vlan] ******************** skipping: [h1] skipping: [h2] skipping: [h3] ok: [s1] skipping: [h4] ok: [s2] TASK [Print deployed configuration when running in verbose mode] *************** skipping: [h1] skipping: [h2] skipping: [h3] ok: [s1] => msg: |- vlan configuration for s1 ========================================= #!/bin/vbash source /opt/vyatta/etc/functions/script-template if [ "$(id -g -n)" != 'vyattacfg' ] ; then exec sg vyattacfg -c "/bin/vbash $(readlink -f $0) $@" fi # Configuration items start here configure set interfaces bridge br0 member interface eth2 native-vlan 1000 set interfaces bridge br0 member interface eth3 native-vlan 1002 set interfaces bridge br0 member interface dum1 native-vlan 1001 # Commit, save and exit from subshell commit save exit skipping: [h4] ok: [s2] => msg: |- vlan configuration for s2 ========================================= #!/bin/vbash source /opt/vyatta/etc/functions/script-template if [ "$(id -g -n)" != 'vyattacfg' ] ; then exec sg vyattacfg -c "/bin/vbash $(readlink -f $0) $@" fi # Configuration items start here configure set interfaces bridge br0 member interface eth2 native-vlan 1001 set interfaces bridge br0 member interface eth3 native-vlan 1003 set interfaces bridge br0 member interface dum1 native-vlan 1000 # Commit, save and exit from subshell commit save exit TASK [Deploy vlan configuration] *********************************************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-config/vyos.yml for s1, s2 TASK [wait_for_connection] ***************************************************** skipping: [s1] skipping: [s2] TASK [wait_for] **************************************************************** skipping: [s1] skipping: [s2] TASK [set_fact] **************************************************************** ok: [s1] ok: [s2] TASK [set_fact] **************************************************************** ok: [s1] ok: [s2] TASK [template] **************************************************************** changed: [s2] changed: [s1] TASK [execute config-vlan.sh to deploy vlan config from /home/pipi/net101/tools/netsim/ansible/templates/vlan/vyos.j2] *** changed: [s1] changed: [s2] TASK [Figure out whether to deploy the module routing on current device] ******* ok: [s1] ok: [s2] ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Find configuration template for routing] ********************************* skipping: [s1] skipping: [s2] ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [fail] ******************************************************************** skipping: [s1] skipping: [s2] skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Find configuration deployment deploy_script for routing] ***************** skipping: [s1] skipping: [s2] ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Print deployed configuration when running in verbose mode] *************** skipping: [s1] skipping: [s2] ok: [h1] => msg: |- routing configuration for h1 ========================================= #!/bin/bash # # Add static routes (usually IPv4 routes pointing to the first usable gateway) # # echo Removing existing IPv4 routes while ip route del 172.16.0.0/16 2>/dev/null; do : ; done while ip route del 10.0.0.0/24 2>/dev/null; do : ; done while ip route del 10.1.0.0/16 2>/dev/null; do : ; done while ip route del 10.2.0.0/24 2>/dev/null; do : ; done # # # echo Adding direct static routes ip route add 172.16.0.0/16 via 172.16.0.1 dev eth1 protocol static ip route add 10.0.0.0/24 via 172.16.0.1 dev eth1 protocol static ip route add 10.1.0.0/16 via 172.16.0.1 dev eth1 protocol static ip route add 10.2.0.0/24 via 172.16.0.1 dev eth1 protocol static # # Print the final routing table ip route ok: [h2] => msg: |- routing configuration for h2 ========================================= #!/bin/bash # # Add static routes (usually IPv4 routes pointing to the first usable gateway) # # echo Removing existing IPv4 routes while ip route del 172.16.0.0/16 2>/dev/null; do : ; done while ip route del 10.0.0.0/24 2>/dev/null; do : ; done while ip route del 10.1.0.0/16 2>/dev/null; do : ; done while ip route del 10.2.0.0/24 2>/dev/null; do : ; done # # # echo Adding direct static routes ip route add 172.16.0.0/16 via 172.16.1.1 dev eth1 protocol static ip route add 10.0.0.0/24 via 172.16.1.1 dev eth1 protocol static ip route add 10.1.0.0/16 via 172.16.1.1 dev eth1 protocol static ip route add 10.2.0.0/24 via 172.16.1.1 dev eth1 protocol static # # Print the final routing table ip route ok: [h3] => msg: |- routing configuration for h3 ========================================= #!/bin/bash # # Add static routes (usually IPv4 routes pointing to the first usable gateway) # # echo Removing existing IPv4 routes while ip route del 172.16.0.0/16 2>/dev/null; do : ; done while ip route del 10.0.0.0/24 2>/dev/null; do : ; done while ip route del 10.1.0.0/16 2>/dev/null; do : ; done while ip route del 10.2.0.0/24 2>/dev/null; do : ; done # # # echo Adding direct static routes ip route add 172.16.0.0/16 via 172.16.2.1 dev eth1 protocol static ip route add 10.0.0.0/24 via 172.16.2.1 dev eth1 protocol static ip route add 10.1.0.0/16 via 172.16.2.1 dev eth1 protocol static ip route add 10.2.0.0/24 via 172.16.2.1 dev eth1 protocol static # # Print the final routing table ip route ok: [h4] => msg: |- routing configuration for h4 ========================================= #!/bin/bash # # Add static routes (usually IPv4 routes pointing to the first usable gateway) # # echo Removing existing IPv4 routes while ip route del 172.16.0.0/16 2>/dev/null; do : ; done while ip route del 10.0.0.0/24 2>/dev/null; do : ; done while ip route del 10.1.0.0/16 2>/dev/null; do : ; done while ip route del 10.2.0.0/24 2>/dev/null; do : ; done # # # echo Adding direct static routes ip route add 172.16.0.0/16 via 172.16.3.2 dev eth1 protocol static ip route add 10.0.0.0/24 via 172.16.3.2 dev eth1 protocol static ip route add 10.1.0.0/16 via 172.16.3.2 dev eth1 protocol static ip route add 10.2.0.0/24 via 172.16.3.2 dev eth1 protocol static # # Print the final routing table ip route TASK [Deploy routing configuration] ******************************************** skipping: [s1] skipping: [s2] included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-config/linux-clab.yml for h1, h2, h3, h4 TASK [Define script filename and determine whether to execute in netns] ******** ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Create a temporary file for the rendered script] ************************* changed: [h1 -> localhost] changed: [h2 -> localhost] changed: [h3 -> localhost] changed: [h4 -> localhost] TASK [Create container setup script from /home/pipi/net101/tools/netsim/ansible/templates/routing/linux-clab.j2] *** changed: [h1 -> localhost] changed: [h2 -> localhost] changed: [h3 -> localhost] changed: [h4 -> localhost] TASK [Copy script into running container at /tmp/config-h1_routing.sh] ********* skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Execute /tmp/config-h1_routing.sh to deploy routing config based on /home/pipi/net101/tools/netsim/ansible/templates/routing/linux-clab.j2] *** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Container configuration for routing based on /home/pipi/net101/tools/netsim/ansible/templates/routing/linux-clab.j2 executed in netns] *** changed: [h1 -> localhost] changed: [h2 -> localhost] changed: [h3 -> localhost] changed: [h4 -> localhost] TASK [Remove temporary file /tmp/h1_routing-cp57z2ss.sh] *********************** changed: [h1 -> localhost] changed: [h2 -> localhost] changed: [h3 -> localhost] changed: [h4 -> localhost] TASK [Figure out whether to deploy the module ospf on current device] ********** ok: [s1] ok: [s2] ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Find configuration template for ospf] ************************************ skipping: [h1] skipping: [h2] ok: [s1] ok: [s2] skipping: [h3] skipping: [h4] TASK [fail] ******************************************************************** skipping: [s1] skipping: [s2] skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Find configuration deployment deploy_script for ospf] ******************** skipping: [h1] skipping: [h2] skipping: [h3] ok: [s1] skipping: [h4] ok: [s2] TASK [Print deployed configuration when running in verbose mode] *************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] ok: [s1] => msg: |- ospf configuration for s1 ========================================= #!/bin/vbash source /opt/vyatta/etc/functions/script-template if [ "$(id -g -n)" != 'vyattacfg' ] ; then exec sg vyattacfg -c "/bin/vbash $(readlink -f $0) $@" fi # Configuration items start here configure set protocols ospf parameters router-id 10.0.0.1 set protocols ospf interface dum0 passive set protocols ospf interface dum0 area 0.0.0.0 set protocols ospf interface eth1 area 0.0.0.0 set protocols ospf interface eth1 network point-to-point commit save exit ok: [s2] => msg: |- ospf configuration for s2 ========================================= #!/bin/vbash source /opt/vyatta/etc/functions/script-template if [ "$(id -g -n)" != 'vyattacfg' ] ; then exec sg vyattacfg -c "/bin/vbash $(readlink -f $0) $@" fi # Configuration items start here configure set protocols ospf parameters router-id 10.0.0.2 set protocols ospf interface dum0 passive set protocols ospf interface dum0 area 0.0.0.0 set protocols ospf interface eth1 area 0.0.0.0 set protocols ospf interface eth1 network point-to-point commit save exit TASK [Deploy ospf configuration] *********************************************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-config/vyos.yml for s1, s2 TASK [wait_for_connection] ***************************************************** skipping: [s1] skipping: [s2] TASK [wait_for] **************************************************************** skipping: [s1] skipping: [s2] TASK [set_fact] **************************************************************** ok: [s1] ok: [s2] TASK [set_fact] **************************************************************** ok: [s1] ok: [s2] TASK [template] **************************************************************** changed: [s1] changed: [s2] TASK [execute config-ospf.sh to deploy ospf config from /home/pipi/net101/tools/netsim/ansible/templates/ospf/vyos.j2] *** changed: [s1] changed: [s2] TASK [Figure out whether to deploy the module bgp on current device] *********** ok: [s1] ok: [s2] ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Find configuration template for bgp] ************************************* skipping: [h1] skipping: [h2] ok: [s1] ok: [s2] skipping: [h3] skipping: [h4] TASK [fail] ******************************************************************** skipping: [s1] skipping: [s2] skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Find configuration deployment deploy_script for bgp] ********************* skipping: [h1] skipping: [h2] skipping: [h3] ok: [s1] skipping: [h4] ok: [s2] TASK [Print deployed configuration when running in verbose mode] *************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] ok: [s1] => msg: |- bgp configuration for s1 ========================================= #!/bin/vbash source /opt/vyatta/etc/functions/script-template if [ "$(id -g -n)" != 'vyattacfg' ] ; then exec sg vyattacfg -c "/bin/vbash $(readlink -f $0) $@" fi # Configuration items start here configure set protocols bgp system-as 65000 set protocols bgp parameters router-id 10.0.0.1 set protocols bgp neighbor 10.0.0.2 remote-as 65000 set protocols bgp neighbor 10.0.0.2 description 's2' set protocols bgp neighbor 10.0.0.2 update-source dum0 # Work on Family ipv4 set protocols bgp address-family ipv4-unicast network 10.0.0.1/32 set protocols bgp neighbor 10.0.0.2 address-family ipv4-unicast soft-reconfiguration inbound set protocols bgp neighbor 10.0.0.2 address-family ipv4-unicast nexthop-self # Commit, save and exit from subshell commit save exit ok: [s2] => msg: |- bgp configuration for s2 ========================================= #!/bin/vbash source /opt/vyatta/etc/functions/script-template if [ "$(id -g -n)" != 'vyattacfg' ] ; then exec sg vyattacfg -c "/bin/vbash $(readlink -f $0) $@" fi # Configuration items start here configure set protocols bgp system-as 65000 set protocols bgp parameters router-id 10.0.0.2 set protocols bgp neighbor 10.0.0.1 remote-as 65000 set protocols bgp neighbor 10.0.0.1 description 's1' set protocols bgp neighbor 10.0.0.1 update-source dum0 # Work on Family ipv4 set protocols bgp address-family ipv4-unicast network 10.0.0.2/32 set protocols bgp neighbor 10.0.0.1 address-family ipv4-unicast soft-reconfiguration inbound set protocols bgp neighbor 10.0.0.1 address-family ipv4-unicast nexthop-self # Commit, save and exit from subshell commit save exit TASK [Deploy bgp configuration] ************************************************ skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-config/vyos.yml for s1, s2 TASK [wait_for_connection] ***************************************************** skipping: [s1] skipping: [s2] TASK [wait_for] **************************************************************** skipping: [s1] skipping: [s2] TASK [set_fact] **************************************************************** ok: [s1] ok: [s2] TASK [set_fact] **************************************************************** ok: [s1] ok: [s2] TASK [template] **************************************************************** changed: [s2] changed: [s1] TASK [execute config-bgp.sh to deploy bgp config from /home/pipi/net101/tools/netsim/ansible/templates/bgp/vyos.j2] *** changed: [s1] changed: [s2] TASK [Figure out whether to deploy the module vrf on current device] *********** ok: [s1] ok: [s2] ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Find configuration template for vrf] ************************************* skipping: [h1] skipping: [h2] ok: [s1] ok: [s2] skipping: [h3] skipping: [h4] TASK [fail] ******************************************************************** skipping: [s1] skipping: [s2] skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Find configuration deployment deploy_script for vrf] ********************* skipping: [h1] skipping: [h2] skipping: [h3] ok: [s1] skipping: [h4] ok: [s2] TASK [Print deployed configuration when running in verbose mode] *************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] ok: [s1] => msg: |- vrf configuration for s1 ========================================= #!/bin/vbash source /opt/vyatta/etc/functions/script-template if [ "$(id -g -n)" != 'vyattacfg' ] ; then exec sg vyattacfg -c "/bin/vbash $(readlink -f $0) $@" fi # Configuration items start here configure set protocols bgp system-as 65000 # Enter vrf sublevel edit vrf name tenant set protocols bgp system-as 65000 set protocols bgp parameters router-id 10.0.0.1 set protocols bgp address-family ipv4-unicast rd vpn export 65000:1 set protocols bgp address-family ipv4-unicast route-target vpn import "65000:1" set protocols bgp address-family ipv4-unicast route-target vpn export "65000:1" set protocols bgp address-family ipv4-unicast import vpn set protocols bgp address-family ipv4-unicast export vpn set protocols bgp address-family ipv4-unicast label vpn export auto set protocols bgp address-family ipv4-unicast redistribute connected set protocols bgp address-family ipv4-unicast redistribute ospf # Define networks for VRF Loopback set protocols ospf parameters router-id 10.0.0.1 set protocols ospf redistribute bgp set protocols ospf redistribute connected set protocols ospf interface br0.1000 area 0.0.0.0 set protocols ospf interface br0.1002 area 0.0.0.0 set protocols ospf interface br0.1002 passive set protocols ospf interface br0.1002 network point-to-point set protocols ospf interface br0.1001 area 0.0.0.0 # Back to root level top # Commit, save and exit from subshell commit save exit ok: [s2] => msg: |- vrf configuration for s2 ========================================= #!/bin/vbash source /opt/vyatta/etc/functions/script-template if [ "$(id -g -n)" != 'vyattacfg' ] ; then exec sg vyattacfg -c "/bin/vbash $(readlink -f $0) $@" fi # Configuration items start here configure set protocols bgp system-as 65000 # Enter vrf sublevel edit vrf name tenant set protocols bgp system-as 65000 set protocols bgp parameters router-id 10.0.0.2 set protocols bgp address-family ipv4-unicast rd vpn export 65000:1 set protocols bgp address-family ipv4-unicast route-target vpn import "65000:1" set protocols bgp address-family ipv4-unicast route-target vpn export "65000:1" set protocols bgp address-family ipv4-unicast import vpn set protocols bgp address-family ipv4-unicast export vpn set protocols bgp address-family ipv4-unicast label vpn export auto set protocols bgp address-family ipv4-unicast redistribute connected set protocols bgp address-family ipv4-unicast redistribute ospf # Define networks for VRF Loopback set protocols ospf parameters router-id 10.0.0.2 set protocols ospf redistribute bgp set protocols ospf redistribute connected set protocols ospf interface br0.1001 area 0.0.0.0 set protocols ospf interface br0.1003 area 0.0.0.0 set protocols ospf interface br0.1003 passive set protocols ospf interface br0.1003 network point-to-point set protocols ospf interface br0.1000 area 0.0.0.0 # Back to root level top # Commit, save and exit from subshell commit save exit TASK [Deploy vrf configuration] ************************************************ skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-config/vyos.yml for s1, s2 TASK [wait_for_connection] ***************************************************** skipping: [s1] skipping: [s2] TASK [wait_for] **************************************************************** skipping: [s1] skipping: [s2] TASK [set_fact] **************************************************************** ok: [s1] ok: [s2] TASK [set_fact] **************************************************************** ok: [s1] ok: [s2] TASK [template] **************************************************************** changed: [s2] changed: [s1] TASK [execute config-vrf.sh to deploy vrf config from /home/pipi/net101/tools/netsim/ansible/templates/vrf/vyos.j2] *** changed: [s1] changed: [s2] TASK [Figure out whether to deploy the module vxlan on current device] ********* ok: [s1] ok: [s2] ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Find configuration template for vxlan] *********************************** skipping: [h1] skipping: [h2] ok: [s1] ok: [s2] skipping: [h3] skipping: [h4] TASK [fail] ******************************************************************** skipping: [s1] skipping: [s2] skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Find configuration deployment deploy_script for vxlan] ******************* skipping: [h1] skipping: [h2] skipping: [h3] ok: [s1] skipping: [h4] ok: [s2] TASK [Print deployed configuration when running in verbose mode] *************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] ok: [s1] => msg: |- vxlan configuration for s1 ========================================= #!/bin/vbash source /opt/vyatta/etc/functions/script-template if [ "$(id -g -n)" != 'vyattacfg' ] ; then exec sg vyattacfg -c "/bin/vbash $(readlink -f $0) $@" fi # Configuration items start here configure # Create VXLAN interface set interfaces vxlan vxlan21000 vni 21000 set interfaces vxlan vxlan21000 source-address 10.0.0.1 # And set UDP port to 4789 set interfaces vxlan vxlan21000 port 4789 # Add it to the global bridge ## NOTE: in the future we may want to switch to one-bridge-per-vni ## (still to understand if single bridge can work with EVPN controlled VXLAN) set interfaces bridge br0 member interface vxlan21000 native-vlan 1000 # Add VTEP Flood list # If flooding is based on EVPN, set 'parameters nolearning' set interfaces vxlan vxlan21000 parameters nolearning # Create VXLAN interface set interfaces vxlan vxlan21001 vni 21001 set interfaces vxlan vxlan21001 source-address 10.0.0.1 # And set UDP port to 4789 set interfaces vxlan vxlan21001 port 4789 # Add it to the global bridge ## NOTE: in the future we may want to switch to one-bridge-per-vni ## (still to understand if single bridge can work with EVPN controlled VXLAN) set interfaces bridge br0 member interface vxlan21001 native-vlan 1001 # Add VTEP Flood list # If flooding is based on EVPN, set 'parameters nolearning' set interfaces vxlan vxlan21001 parameters nolearning # Commit, save and exit from subshell commit save exit ok: [s2] => msg: |- vxlan configuration for s2 ========================================= #!/bin/vbash source /opt/vyatta/etc/functions/script-template if [ "$(id -g -n)" != 'vyattacfg' ] ; then exec sg vyattacfg -c "/bin/vbash $(readlink -f $0) $@" fi # Configuration items start here configure # Create VXLAN interface set interfaces vxlan vxlan21000 vni 21000 set interfaces vxlan vxlan21000 source-address 10.0.0.2 # And set UDP port to 4789 set interfaces vxlan vxlan21000 port 4789 # Add it to the global bridge ## NOTE: in the future we may want to switch to one-bridge-per-vni ## (still to understand if single bridge can work with EVPN controlled VXLAN) set interfaces bridge br0 member interface vxlan21000 native-vlan 1000 # Add VTEP Flood list # If flooding is based on EVPN, set 'parameters nolearning' set interfaces vxlan vxlan21000 parameters nolearning # Create VXLAN interface set interfaces vxlan vxlan21001 vni 21001 set interfaces vxlan vxlan21001 source-address 10.0.0.2 # And set UDP port to 4789 set interfaces vxlan vxlan21001 port 4789 # Add it to the global bridge ## NOTE: in the future we may want to switch to one-bridge-per-vni ## (still to understand if single bridge can work with EVPN controlled VXLAN) set interfaces bridge br0 member interface vxlan21001 native-vlan 1001 # Add VTEP Flood list # If flooding is based on EVPN, set 'parameters nolearning' set interfaces vxlan vxlan21001 parameters nolearning # Commit, save and exit from subshell commit save exit TASK [Deploy vxlan configuration] ********************************************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-config/vyos.yml for s1, s2 TASK [wait_for_connection] ***************************************************** skipping: [s1] skipping: [s2] TASK [wait_for] **************************************************************** skipping: [s1] skipping: [s2] TASK [set_fact] **************************************************************** ok: [s1] ok: [s2] TASK [set_fact] **************************************************************** ok: [s1] ok: [s2] TASK [template] **************************************************************** changed: [s1] changed: [s2] TASK [execute config-vxlan.sh to deploy vxlan config from /home/pipi/net101/tools/netsim/ansible/templates/vxlan/vyos.j2] *** changed: [s1] changed: [s2] TASK [Figure out whether to deploy the module evpn on current device] ********** ok: [s1] ok: [s2] ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Find configuration template for evpn] ************************************ skipping: [h1] skipping: [h2] ok: [s1] ok: [s2] skipping: [h3] skipping: [h4] TASK [fail] ******************************************************************** skipping: [s1] skipping: [s2] skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Find configuration deployment deploy_script for evpn] ******************** skipping: [h1] skipping: [h2] skipping: [h3] ok: [s1] skipping: [h4] ok: [s2] TASK [Print deployed configuration when running in verbose mode] *************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] ok: [s1] => msg: |- evpn configuration for s1 ========================================= #!/bin/vbash source /opt/vyatta/etc/functions/script-template if [ "$(id -g -n)" != 'vyattacfg' ] ; then exec sg vyattacfg -c "/bin/vbash $(readlink -f $0) $@" fi # Configuration items start here configure # Configure Generic EVPN Stuff set protocols bgp address-family l2vpn-evpn advertise-svi-ip set protocols bgp address-family l2vpn-evpn advertise-all-vni set protocols bgp neighbor 10.0.0.2 address-family l2vpn-evpn nexthop-self set protocols bgp neighbor 10.0.0.2 address-family l2vpn-evpn soft-reconfiguration inbound # Configure VNI params set protocols bgp address-family l2vpn-evpn vni 21000 rd 10.0.0.1:1000 set protocols bgp address-family l2vpn-evpn vni 21000 route-target import "65000:1000" set protocols bgp address-family l2vpn-evpn vni 21000 route-target export "65000:1000" set protocols bgp address-family l2vpn-evpn vni 21001 rd 10.0.0.1:1001 set protocols bgp address-family l2vpn-evpn vni 21001 route-target import "65000:1001" set protocols bgp address-family l2vpn-evpn vni 21001 route-target export "65000:1001" # Work on L3VNI # If at least one VRF has evpn.transit_vni # Commit, save and exit from subshell commit save exit ok: [s2] => msg: |- evpn configuration for s2 ========================================= #!/bin/vbash source /opt/vyatta/etc/functions/script-template if [ "$(id -g -n)" != 'vyattacfg' ] ; then exec sg vyattacfg -c "/bin/vbash $(readlink -f $0) $@" fi # Configuration items start here configure # Configure Generic EVPN Stuff set protocols bgp address-family l2vpn-evpn advertise-svi-ip set protocols bgp address-family l2vpn-evpn advertise-all-vni set protocols bgp neighbor 10.0.0.1 address-family l2vpn-evpn nexthop-self set protocols bgp neighbor 10.0.0.1 address-family l2vpn-evpn soft-reconfiguration inbound # Configure VNI params set protocols bgp address-family l2vpn-evpn vni 21000 rd 10.0.0.2:1000 set protocols bgp address-family l2vpn-evpn vni 21000 route-target import "65000:1000" set protocols bgp address-family l2vpn-evpn vni 21000 route-target export "65000:1000" set protocols bgp address-family l2vpn-evpn vni 21001 rd 10.0.0.2:1001 set protocols bgp address-family l2vpn-evpn vni 21001 route-target import "65000:1001" set protocols bgp address-family l2vpn-evpn vni 21001 route-target export "65000:1001" # Work on L3VNI # If at least one VRF has evpn.transit_vni # Commit, save and exit from subshell commit save exit TASK [Deploy evpn configuration] *********************************************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-config/vyos.yml for s1, s2 TASK [wait_for_connection] ***************************************************** skipping: [s1] skipping: [s2] TASK [wait_for] **************************************************************** skipping: [s1] skipping: [s2] TASK [set_fact] **************************************************************** ok: [s1] ok: [s2] TASK [set_fact] **************************************************************** ok: [s1] ok: [s2] TASK [template] **************************************************************** changed: [s2] changed: [s1] TASK [execute config-evpn.sh to deploy evpn config from /home/pipi/net101/tools/netsim/ansible/templates/evpn/vyos.j2] *** changed: [s2] changed: [s1] PLAY [Deploy custom deployment templates] ************************************** skipping: no hosts matched PLAY RECAP ********************************************************************* h1 : ok=41 changed=8 unreachable=0 failed=0 skipped=40 rescued=0 ignored=0 h2 : ok=41 changed=8 unreachable=0 failed=0 skipped=40 rescued=0 ignored=0 h3 : ok=41 changed=8 unreachable=0 failed=0 skipped=40 rescued=0 ignored=0 h4 : ok=41 changed=8 unreachable=0 failed=0 skipped=40 rescued=0 ignored=0 s1 : ok=81 changed=14 unreachable=0 failed=0 skipped=28 rescued=0 ignored=0 s2 : ok=81 changed=14 unreachable=0 failed=0 skipped=28 rescued=0 ignored=0 The devices under test are VLAN-to-VXLAN routers using asymmetric IRB with EVPN control plane and running OSPF within the VRF (across VXLAN segments) to exchange information about non-EVPN subnets. All hosts should be able to ping each other