From 843c742635533b7b4c0df4256a3e59cb17050f62 Mon Sep 17 00:00:00 2001 From: Mahesh Kumar <122076792+MaheshGSLAB@users.noreply.github.com> Date: Mon, 2 Dec 2024 14:03:02 +0530 Subject: [PATCH] CI(eos_cli_config_gen): Restructured the eos_cli_config_gen hostvars part-7 (#4722) Co-authored-by: Mahesh Kumar Co-authored-by: Guillaume Mulocher --- .../documentation/devices/address-locking.md | 128 -- .../devices/banners_without_eof.md | 165 -- .../documentation/devices/base.md | 165 -- .../documentation/devices/custom-templates.md | 63 - .../documentation/devices/dns-ntp.md | 140 -- ...eos_cli_config_gen_configuration.enable.md | 34 - .../documentation/devices/flow-tracking-2.md | 70 - .../documentation/devices/flow-tracking.md | 224 --- .../documentation/devices/hardware-counter.md | 73 - .../documentation/devices/hide-passwords.md | 168 -- .../documentation/devices/host1.md | 1638 ++++++++++++++++- .../documentation/devices/host2.md | 85 + .../documentation/devices/host3.md | 10 + .../devices/host4_inline_jinja.md | 159 ++ .../devices/{hardware.md => host6.md} | 31 +- .../devices/interface-defaults.md | 70 - .../documentation/devices/ip-routing-fib.md | 71 - .../documentation/devices/ip-routing.md | 100 - .../devices/l2-protocol-forwarding.md | 157 -- .../documentation/devices/lldp.md | 123 -- .../devices/mac-security-eth-po-entropy.md | 215 --- .../documentation/devices/platform.md | 111 -- .../documentation/devices/poe.md | 84 - .../documentation/devices/prefix-lists.md | 140 -- .../documentation/devices/ptp.md | 164 -- .../documentation/devices/qos.md | 706 ------- .../documentation/devices/sync-e.md | 105 -- .../documentation/devices/tcam-profile.md | 168 -- .../devices/traffic-policies-2.md | 76 - .../devices/traffic-policies-3.md | 67 - .../documentation/devices/traffic-policies.md | 304 --- .../intended/configs/address-locking.cfg | 31 - .../intended/configs/banners_without_eof.cfg | 51 - .../intended/configs/base.cfg | 51 - .../intended/configs/custom-templates.cfg | 14 - .../intended/configs/dns-ntp.cfg | 26 - ...os_cli_config_gen_documentation.enable.cfg | 5 - .../intended/configs/flow-tracking-2.cfg | 13 - .../intended/configs/flow-tracking.cfg | 85 - .../intended/configs/hardware-counter.cfg | 14 - .../intended/configs/hardware.cfg | 14 - .../intended/configs/hide-passwords.cfg | 29 - .../intended/configs/host1.cfg | 760 +++++++- .../intended/configs/host2.cfg | 35 + .../intended/configs/host3.cfg | 2 + .../intended/configs/host4_inline_jinja.cfg | 121 ++ .../intended/configs/host6.cfg | 8 + .../intended/configs/interface-defaults.cfg | 12 - .../intended/configs/ip-routing-fib.cfg | 11 - .../intended/configs/ip-routing.cfg | 18 - .../configs/l2-protocol-forwarding.cfg | 53 - .../intended/configs/lldp.cfg | 37 - .../configs/mac-security-eth-po-entropy.cfg | 52 - .../intended/configs/platform.cfg | 40 - .../intended/configs/poe.cfg | 12 - .../intended/configs/prefix-lists.cfg | 36 - .../intended/configs/ptp.cfg | 75 - .../intended/configs/qos.cfg | 278 --- .../intended/configs/sync-e.cfg | 31 - .../intended/configs/tcam-profile.cfg | 120 -- .../intended/configs/traffic-policies-2.cfg | 14 - .../intended/configs/traffic-policies-3.cfg | 10 - .../intended/configs/traffic-policies.cfg | 173 -- .../inventory/host_vars/address-locking.yml | 40 - .../host_vars/banners_without_eof.yml | 49 - .../inventory/host_vars/base.yml | 50 - .../inventory/host_vars/dns-ntp.yml | 63 - ...os_cli_config_gen_configuration.enable.yml | 2 - ...os_cli_config_gen_documentation.enable.yml | 2 - .../inventory/host_vars/hide-passwords.yml | 50 - .../inventory/host_vars/host1/acl.yml | 8 + .../host_vars/host1/address-locking.yml | 17 + .../host_vars/host1/banners_without_eof.yml | 11 + .../inventory/host_vars/host1/class-maps.yml | 12 + .../inventory/host_vars/host1/dns-domain.yml | 3 + .../host_vars/host1/dps-interfaces.yml | 4 +- .../host_vars/host1/dynamic-prefix-lists.yml | 16 + .../eos-cli-config-gen-configuration.yml | 4 + .../eos-cli-config-gen-documentation.yml | 4 + .../inventory/host_vars/host1/eos-cli.yml | 4 + .../host_vars/host1/ethernet-interfaces.yml | 82 + .../host_vars/{ => host1}/flow-tracking.yml | 31 - .../{ => host1}/hardware-counter.yml | 1 + .../host_vars/{ => host1}/hardware.yml | 1 + .../{ => host1}/interface-defaults.yml | 4 +- .../host_vars/host1/ip-domain-lookup.yml | 7 + .../inventory/host_vars/host1/ip-hardware.yml | 6 + .../host_vars/host1/ip-name-servers.yml | 27 + .../host1/ip-routing-ipv6-interfaces.yml | 2 + .../inventory/host_vars/host1/ip-routing.yml | 3 + .../host_vars/host1/ipv6-access-lists.yml | 8 + .../host_vars/host1/ipv6-hardware.yml | 6 + .../host_vars/host1/ipv6-prefix-lists.yml | 7 + .../host_vars/host1/ipv6-unicast-routing.yml | 2 + .../{ => host1}/l2-protocol-forwarding.yml | 17 +- .../inventory/host_vars/host1/lldp.yml | 13 + .../mac-security-eth-po-entropy.yml | 44 +- .../host_vars/host1/management-security.yml | 5 + .../host_vars/host1/management-ssh.yml | 4 + .../inventory/host_vars/host1/ntp.yml | 3 +- .../host_vars/{ => host1}/platform.yml | 1 + .../inventory/host_vars/host1/poe.yml | 7 + .../inventory/host_vars/host1/policy-maps.yml | 17 + .../host1/port-channel-interfaces.yml | 28 + .../host_vars/host1/prefix-lists.yml | 12 + .../host_vars/host1/priority-flow-control.yml | 9 + .../inventory/host_vars/host1/ptp.yml | 38 + .../{qos.yml => host1/qos-profiles.yml} | 183 +- .../inventory/host_vars/host1/qos.yml | 23 + .../inventory/host_vars/host1/router-bgp.yml | 1 + ...chport-mode.yml => switchport-default.yml} | 0 .../inventory/host_vars/host1/sync-e.yml | 5 + .../host_vars/host1/tcam-profile.yml | 6 + .../{ => host1}/traffic-policies.yml | 15 - .../host_vars/host1/vrf-instances.yml | 11 + .../inventory/host_vars/host2/banners.yml | 13 + .../flow-tracking.yml} | 0 .../host_vars/host2/ip-icmp-redirect.yml | 2 + .../inventory/host_vars/host2/ip-routing.yml | 3 + .../host_vars/host2/ipv6-icmp-redirect.yml | 2 + .../host_vars/host2/switchport-default.yml | 3 + .../traffic-policies.yml} | 5 +- .../traffic-policies.yml} | 5 +- .../custom-templates.yml | 1 + .../{ => host4_inline_jinja}/tcam-profile.yml | 3 +- .../eos-cli-config-gen-configuration.yml | 4 + .../eos-cli-config-gen-documentation.yml | 4 + .../inventory/host_vars/host6/snmp-server.yml | 11 + .../inventory/host_vars/ip-routing-fib.yml | 14 - .../inventory/host_vars/ip-routing.yml | 19 - .../inventory/host_vars/lldp.yml | 46 - .../inventory/host_vars/poe.yml | 14 - .../inventory/host_vars/prefix-lists.yml | 46 - .../inventory/host_vars/ptp.yml | 114 -- .../inventory/host_vars/sync-e.yml | 40 - .../eos_cli_config_gen/inventory/hosts.yml | 31 +- 136 files changed, 3289 insertions(+), 6104 deletions(-) delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/address-locking.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/banners_without_eof.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/base.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/custom-templates.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/dns-ntp.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/eos_cli_config_gen_configuration.enable.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/flow-tracking-2.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/flow-tracking.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/hardware-counter.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/hide-passwords.md rename ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/{hardware.md => host6.md} (57%) delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/interface-defaults.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-routing-fib.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-routing.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/l2-protocol-forwarding.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/lldp.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/mac-security-eth-po-entropy.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/platform.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/poe.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/prefix-lists.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ptp.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/qos.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/sync-e.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/tcam-profile.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/traffic-policies-2.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/traffic-policies-3.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/traffic-policies.md delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/address-locking.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/banners_without_eof.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/base.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/custom-templates.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/dns-ntp.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/eos_cli_config_gen_documentation.enable.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/flow-tracking-2.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/flow-tracking.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/hardware-counter.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/hardware.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/hide-passwords.cfg create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host6.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/interface-defaults.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-routing-fib.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-routing.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/l2-protocol-forwarding.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/lldp.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/mac-security-eth-po-entropy.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/platform.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/poe.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/prefix-lists.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ptp.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/qos.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/sync-e.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/tcam-profile.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/traffic-policies-2.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/traffic-policies-3.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/traffic-policies.cfg delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/address-locking.yml delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/banners_without_eof.yml delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/base.yml delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/dns-ntp.yml delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/eos_cli_config_gen_configuration.enable.yml delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/eos_cli_config_gen_documentation.enable.yml delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/hide-passwords.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/address-locking.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/banners_without_eof.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/dns-domain.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/dynamic-prefix-lists.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/eos-cli-config-gen-configuration.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/eos-cli-config-gen-documentation.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/eos-cli.yml rename ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/{ => host1}/flow-tracking.yml (81%) rename ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/{ => host1}/hardware-counter.yml (99%) rename ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/{ => host1}/hardware.yml (98%) rename ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/{ => host1}/interface-defaults.yml (72%) create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-domain-lookup.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-hardware.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-name-servers.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-routing-ipv6-interfaces.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-routing.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ipv6-hardware.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ipv6-prefix-lists.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ipv6-unicast-routing.yml rename ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/{ => host1}/l2-protocol-forwarding.yml (84%) create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/lldp.yml rename ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/{ => host1}/mac-security-eth-po-entropy.yml (52%) rename ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/{ => host1}/platform.yml (99%) create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/poe.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/prefix-lists.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/priority-flow-control.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ptp.yml rename ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/{qos.yml => host1/qos-profiles.yml} (58%) create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/qos.yml rename ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/{switchport-mode.yml => switchport-default.yml} (100%) create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/sync-e.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/tcam-profile.yml rename ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/{ => host1}/traffic-policies.yml (94%) create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/banners.yml rename ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/{flow-tracking-2.yml => host2/flow-tracking.yml} (100%) create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ip-icmp-redirect.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ip-routing.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ipv6-icmp-redirect.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/switchport-default.yml rename ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/{traffic-policies-2.yml => host2/traffic-policies.yml} (70%) rename ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/{traffic-policies-3.yml => host3/traffic-policies.yml} (60%) rename ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/{ => host4_inline_jinja}/custom-templates.yml (97%) rename ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/{ => host4_inline_jinja}/tcam-profile.yml (66%) create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host6/eos-cli-config-gen-configuration.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host6/eos-cli-config-gen-documentation.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host6/snmp-server.yml delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-routing-fib.yml delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-routing.yml delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/lldp.yml delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/poe.yml delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/prefix-lists.yml delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ptp.yml delete mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/sync-e.yml diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/address-locking.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/address-locking.md deleted file mode 100644 index 1e828e6228d..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/address-locking.md +++ /dev/null @@ -1,128 +0,0 @@ -# address-locking - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Address Locking](#address-locking-1) - - [Address Locking Summary](#address-locking-summary) - - [DHCP Servers](#dhcp-servers) - - [Leases](#leases) -- [Address Locking Interfaces](#address-locking-interfaces) - - [Address Locking Device Configuration](#address-locking-device-configuration) -- [Interfaces](#interfaces) - - [Ethernet Interfaces](#ethernet-interfaces) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Address Locking - -### Address Locking Summary - -| Setting | Value | -| -------- | ----- | -| Disable IP locking on configured ports | True | -| Local Interface | Loopback0 | -| Disable deauthorizing locked addresses upon MAC aging out | True | -| Disable enforcement for locked ipv4 addresses | True | -| Disable enforcement for locked ipv6 addresses | True | - -### DHCP Servers - -| Server IP | -| --------- | -| 1.1.1.1 | -| 4.4.4.4 | - -### Leases - -| Lease IP Address | Lease MAC Address | -| ---------------- | ----------------- | -| 2.2.2.2 | dead.beef.cafe | -| 3.3.3.3 | de:af:be:ef:ca:fe | - -## Address Locking Interfaces - -| Interface | IPv4 Address Locking | IPv6 Address Locking | -| --------- | -------------------- | -------------------- | -| Ethernet1 | True | False | -| Ethernet2 | True | True | -| Ethernet3 | False | True | - -### Address Locking Device Configuration - -```eos -! -address locking - disabled - local-interface Loopback0 - dhcp server ipv4 1.1.1.1 - dhcp server ipv4 4.4.4.4 - lease 2.2.2.2 mac dead.beef.cafe - lease 3.3.3.3 mac de:af:be:ef:ca:fe - locked-address expiration mac disabled - locked-address ipv4 enforcement disabled - locked-address ipv6 enforcement disabled -``` - -## Interfaces - -### Ethernet Interfaces - -#### Ethernet Interfaces Summary - -##### L2 - -| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | -| --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | -| Ethernet1 | Address Locking Interface Testing 1 | - | - | - | - | - | -| Ethernet2 | Address Locking Interface Testing 2 | - | - | - | - | - | -| Ethernet3 | Address Locking Interface Testing 3 | - | - | - | - | - | - -*Inherited from Port-Channel Interface - -#### Ethernet Interfaces Device Configuration - -```eos -! -interface Ethernet1 - description Address Locking Interface Testing 1 - switchport - address locking ipv4 -! -interface Ethernet2 - description Address Locking Interface Testing 2 - switchport - address locking ipv4 ipv6 -! -interface Ethernet3 - description Address Locking Interface Testing 3 - switchport - address locking ipv6 -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/banners_without_eof.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/banners_without_eof.md deleted file mode 100644 index 091b093266c..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/banners_without_eof.md +++ /dev/null @@ -1,165 +0,0 @@ -# banners_without_eof - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) - - [Management SSH](#management-ssh) - - [Management Console](#management-console) - - [Management API HTTP](#management-api-http) -- [Management Security](#management-security) - - [Management Security Summary](#management-security-summary) - - [Management Security Device Configuration](#management-security-device-configuration) -- [EOS CLI Device Configuration](#eos-cli-device-configuration) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -### Management SSH - -#### IPv4 ACL - -| IPv4 ACL | VRF | -| -------- | --- | -| ACL-SSH | - | -| ACL-SSH-VRF | mgt | - -#### IPv6 ACL - -| IPv6 ACL | VRF | -| -------- | --- | -| ACL-SSH6 | - | -| ACL-SSH-VRF6 | mgt | - -#### SSH Timeout and Management - -| Idle Timeout | SSH Management | -| ------------ | -------------- | -| 15 | Enabled | - -#### Max number of SSH sessions limit and per-host limit - -| Connection Limit | Max from a single Host | -| ---------------- | ---------------------- | -| - | 12 | - -#### Ciphers and Algorithms - -| Ciphers | Key-exchange methods | MAC algorithms | Hostkey server algorithms | -|---------|----------------------|----------------|---------------------------| -| default | default | default | default | - -#### VRFs - -| VRF | Status | -| --- | ------ | -| mgt | Enabled | - -#### Management SSH Device Configuration - -```eos -! -management ssh - ip access-group ACL-SSH in - ip access-group ACL-SSH-VRF vrf mgt in - ipv6 access-group ACL-SSH6 in - ipv6 access-group ACL-SSH-VRF6 vrf mgt in - idle-timeout 15 - connection per-host 12 - no shutdown - ! - vrf mgt - no shutdown -``` - -### Management Console - -#### Management Console Timeout - -Management Console Timeout is set to **300** minutes. - -#### Management Console Device Configuration - -```eos -! -management console - idle-timeout 300 -``` - -### Management API HTTP - -#### Management API HTTP Summary - -| HTTP | HTTPS | Default Services | -| ---- | ----- | ---------------- | -| True | True | - | - -#### Management API VRF Access - -| VRF Name | IPv4 ACL | IPv6 ACL | -| -------- | -------- | -------- | -| mgt | ACL-API | - | - -#### Management API HTTP Device Configuration - -```eos -! -management api http-commands - protocol https - protocol http - no shutdown - ! - vrf mgt - no shutdown - ip access-group ACL-API -``` - -## Management Security - -### Management Security Summary - -| Settings | Value | -| -------- | ----- | -| Common password encryption key | True | - -### Management Security Device Configuration - -```eos -! -management security - password encryption-key common -``` - -## EOS CLI Device Configuration - -```eos -! -interface Loopback1000 - description Interface created with eos_cli on device level - -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/base.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/base.md deleted file mode 100644 index e860537ec3e..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/base.md +++ /dev/null @@ -1,165 +0,0 @@ -# base - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) - - [Management SSH](#management-ssh) - - [Management Console](#management-console) - - [Management API HTTP](#management-api-http) -- [Management Security](#management-security) - - [Management Security Summary](#management-security-summary) - - [Management Security Device Configuration](#management-security-device-configuration) -- [EOS CLI Device Configuration](#eos-cli-device-configuration) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -### Management SSH - -#### IPv4 ACL - -| IPv4 ACL | VRF | -| -------- | --- | -| ACL-SSH | - | -| ACL-SSH-VRF | mgt | - -#### IPv6 ACL - -| IPv6 ACL | VRF | -| -------- | --- | -| ACL-SSH6 | - | -| ACL-SSH-VRF6 | mgt | - -#### SSH Timeout and Management - -| Idle Timeout | SSH Management | -| ------------ | -------------- | -| 15 | Enabled | - -#### Max number of SSH sessions limit and per-host limit - -| Connection Limit | Max from a single Host | -| ---------------- | ---------------------- | -| - | 12 | - -#### Ciphers and Algorithms - -| Ciphers | Key-exchange methods | MAC algorithms | Hostkey server algorithms | -|---------|----------------------|----------------|---------------------------| -| default | default | default | default | - -#### VRFs - -| VRF | Status | -| --- | ------ | -| mgt | Enabled | - -#### Management SSH Device Configuration - -```eos -! -management ssh - ip access-group ACL-SSH in - ip access-group ACL-SSH-VRF vrf mgt in - ipv6 access-group ACL-SSH6 in - ipv6 access-group ACL-SSH-VRF6 vrf mgt in - idle-timeout 15 - connection per-host 12 - no shutdown - ! - vrf mgt - no shutdown -``` - -### Management Console - -#### Management Console Timeout - -Management Console Timeout is set to **300** minutes. - -#### Management Console Device Configuration - -```eos -! -management console - idle-timeout 300 -``` - -### Management API HTTP - -#### Management API HTTP Summary - -| HTTP | HTTPS | Default Services | -| ---- | ----- | ---------------- | -| True | True | - | - -#### Management API VRF Access - -| VRF Name | IPv4 ACL | IPv6 ACL | -| -------- | -------- | -------- | -| mgt | ACL-API | - | - -#### Management API HTTP Device Configuration - -```eos -! -management api http-commands - protocol https - protocol http - no shutdown - ! - vrf mgt - no shutdown - ip access-group ACL-API -``` - -## Management Security - -### Management Security Summary - -| Settings | Value | -| -------- | ----- | -| Common password encryption key | True | - -### Management Security Device Configuration - -```eos -! -management security - password encryption-key common -``` - -## EOS CLI Device Configuration - -```eos -! -interface Loopback1000 - description Interface created with eos_cli on device level - -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/custom-templates.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/custom-templates.md deleted file mode 100644 index 702672bf807..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/custom-templates.md +++ /dev/null @@ -1,63 +0,0 @@ -# custom-templates - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Custom Templates](#custom-templates-1) - - [Configuration Generated by `custom_templates/test-template-1.j2`](#configuration-generated-by-custom_templatestest-template-1j2) - - [Configuration Generated by `custom_templates/test-template-2.j2`](#configuration-generated-by-custom_templatestest-template-2j2) - - [Configuration Generated by `custom_templates/test-template-3.j2`](#configuration-generated-by-custom_templatestest-template-3j2) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Custom Templates - -### Configuration Generated by `custom_templates/test-template-1.j2` - -```eos -! -test-custom-template-with-logic-1 - -``` - -### Configuration Generated by `custom_templates/test-template-2.j2` - -```eos -! -test-custom-template-no-logic-2 -``` - -### Configuration Generated by `custom_templates/test-template-3.j2` - -```eos -! -test-custom-template-with-logic-3 - -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/dns-ntp.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/dns-ntp.md deleted file mode 100644 index 936ad869c24..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/dns-ntp.md +++ /dev/null @@ -1,140 +0,0 @@ -# dns-ntp - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) - - [DNS Domain](#dns-domain) - - [IP Name Servers](#ip-name-servers) - - [Domain Lookup](#domain-lookup) - - [NTP](#ntp) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -### DNS Domain - -DNS domain: test.local - -#### DNS Domain Device Configuration - -```eos -dns domain test.local -! -``` - -### IP Name Servers - -#### IP Name Servers Summary - -| Name Server | VRF | Priority | -| ----------- | --- | -------- | -| 10.10.128.10 | - | - | -| 10.10.129.10 | - | 0 | -| 10.10.128.10 | mgmt | - | -| 10.10.128.10 | TEST | 3 | -| 2001:db8::1 | - | - | -| 2001:db8::2 | - | 0 | -| 2001:db8::1 | mgmt | - | -| 2001:db8::2 | TEST | 3 | - -#### IP Name Servers Device Configuration - -```eos -ip name-server 10.10.128.10 -ip name-server vrf mgmt 10.10.128.10 -ip name-server vrf TEST 10.10.128.10 priority 3 -ip name-server 10.10.129.10 priority 0 -ip name-server 2001:db8::1 -ip name-server vrf mgmt 2001:db8::1 -ip name-server 2001:db8::2 priority 0 -ip name-server vrf TEST 2001:db8::2 priority 3 -``` - -### Domain Lookup - -#### DNS Domain Lookup Summary - -| Source interface | vrf | -| ---------------- | --- | -| Loopback0 | - | -| Management0 | mgt | - -#### DNS Domain Lookup Device Configuration - -```eos -ip domain lookup source-interface Loopback0 -ip domain lookup vrf mgt source-interface Management0 -``` - -### NTP - -#### NTP Summary - -##### NTP Local Interface - -| Interface | VRF | -| --------- | --- | -| Management0 | mgt | - -##### NTP Servers - -| Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | -| ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | -| 10.10.111.1 | mgt | True | - | - | - | - | - | - | - | -| 10.10.111.2 | mgt | - | - | - | - | - | - | - | - | -| 2001:db8::3 | mgt | - | - | - | - | - | - | - | - | -| 2001:db8::4 | mgt | - | - | - | - | - | - | - | - | - -##### NTP Authentication - -- Authentication enabled (Servers only) - -- Trusted Keys: 1-2 - -##### NTP Authentication Keys - -| ID | Algorithm | -| -- | -------- | -| 1 | md5 | -| 2 | sha1 | - -#### NTP Device Configuration - -```eos -! -ntp authentication-key 1 md5 -ntp authentication-key 2 sha1 -ntp trusted-key 1-2 -ntp authenticate servers -ntp local-interface vrf mgt Management0 -ntp server vrf mgt 10.10.111.1 prefer -ntp server vrf mgt 10.10.111.2 -ntp server vrf mgt 2001:db8::3 -ntp server vrf mgt 2001:db8::4 -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/eos_cli_config_gen_configuration.enable.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/eos_cli_config_gen_configuration.enable.md deleted file mode 100644 index 13949926c0d..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/eos_cli_config_gen_configuration.enable.md +++ /dev/null @@ -1,34 +0,0 @@ -# eos_cli_config_gen_configuration.enable - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/flow-tracking-2.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/flow-tracking-2.md deleted file mode 100644 index 5480303686b..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/flow-tracking-2.md +++ /dev/null @@ -1,70 +0,0 @@ -# flow-tracking-2 - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Monitoring](#monitoring) - - [Flow Tracking](#flow-tracking) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Monitoring - -### Flow Tracking - -#### Flow Tracking Sampled - -| Sample Size | Minimum Sample Size | Hardware Offload for IPv4 | Hardware Offload for IPv6 | Encapsulations | -| ----------- | ------------------- | ------------------------- | ------------------------- | -------------- | -| 666 | default | enabled | enabled | - | - -##### Trackers Summary - -| Tracker Name | Record Export On Inactive Timeout | Record Export On Interval | MPLS | Number of Exporters | Applied On | Table Size | -| ------------ | --------------------------------- | ------------------------- | ---- | ------------------- | ---------- | ---------- | -| T21 | 3666 | 5666 | True | 0 | | - | - -##### Exporters Summary - -| Tracker Name | Exporter Name | Collector IP/Host | Collector Port | Local Interface | -| ------------ | ------------- | ----------------- | -------------- | --------------- | - -#### Flow Tracking Device Configuration - -```eos -! -flow tracking sampled - sample 666 - hardware offload ipv4 ipv6 - tracker T21 - record export on inactive timeout 3666 - record export on interval 5666 - record export mpls -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/flow-tracking.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/flow-tracking.md deleted file mode 100644 index 135d8c5c618..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/flow-tracking.md +++ /dev/null @@ -1,224 +0,0 @@ -# flow-tracking - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Monitoring](#monitoring) - - [Flow Tracking](#flow-tracking-1) -- [Interfaces](#interfaces) - - [DPS Interfaces](#dps-interfaces) - - [Ethernet Interfaces](#ethernet-interfaces) - - [Port-Channel Interfaces](#port-channel-interfaces) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Monitoring - -### Flow Tracking - -#### Flow Tracking Sampled - -| Sample Size | Minimum Sample Size | Hardware Offload for IPv4 | Hardware Offload for IPv6 | Encapsulations | -| ----------- | ------------------- | ------------------------- | ------------------------- | -------------- | -| 666 | 2 | enabled | disabled | ipv4, ipv6, mpls | - -##### Trackers Summary - -| Tracker Name | Record Export On Inactive Timeout | Record Export On Interval | MPLS | Number of Exporters | Applied On | Table Size | -| ------------ | --------------------------------- | ------------------------- | ---- | ------------------- | ---------- | ---------- | -| T1 | 3666 | 5666 | True | 0 | | - | -| T2 | - | - | False | 1 | Ethernet40 | 614400 | -| T3 | - | - | - | 4 | Ethernet41
Ethernet42
Port-Channel42 | 100000 | - -##### Exporters Summary - -| Tracker Name | Exporter Name | Collector IP/Host | Collector Port | Local Interface | -| ------------ | ------------- | ----------------- | -------------- | --------------- | -| T2 | T2-E1 | - | - | No local interface | -| T3 | T3-E1 | - | - | No local interface | -| T3 | T3-E2 | - | - | No local interface | -| T3 | T3-E3 | - | - | Management1 | -| T3 | T3-E4 | - | - | No local interface | - -#### Flow Tracking Hardware - -Software export of IPFIX data records enabled. - -##### Trackers Summary - -| Tracker Name | Record Export On Inactive Timeout | Record Export On Interval | Number of Exporters | Applied On | -| ------------ | --------------------------------- | ------------------------- | ------------------- | ---------- | -| T1 | 3666 | 5666 | 0 | | -| T2 | - | - | 1 | Ethernet40 | -| T3 | - | - | 4 | Dps1
Ethernet41
Port-Channel42 | - -##### Exporters Summary - -| Tracker Name | Exporter Name | Collector IP/Host | Collector Port | Local Interface | -| ------------ | ------------- | ----------------- | -------------- | --------------- | -| T2 | T2-E1 | - | - | No local interface | -| T3 | T3-E1 | - | - | No local interface | -| T3 | T3-E2 | - | - | No local interface | -| T3 | T3-E3 | - | - | Management1 | -| T3 | T3-E4 | - | - | No local interface | - -#### Flow Tracking Device Configuration - -```eos -! -flow tracking hardware - tracker T1 - record export on inactive timeout 3666 - record export on interval 5666 - ! - tracker T2 - exporter T2-E1 - collector 42.42.42.42 - ! - tracker T3 - exporter T3-E1 - ! - exporter T3-E2 - collector 10.10.10.10 port 777 - ! - exporter T3-E3 - collector this.is.my.awesome.collector.dns.name port 888 - format ipfix version 10 - local interface Management1 - template interval 424242 - ! - exporter T3-E4 - collector dead:beef::cafe - record format ipfix standard timestamps counters - no shutdown -! -flow tracking sampled - encapsulation ipv4 ipv6 mpls - sample 666 - hardware offload ipv4 - hardware offload threshold minimum 2 samples - tracker T1 - record export on inactive timeout 3666 - record export on interval 5666 - record export mpls - ! - tracker T2 - flow table size 614400 entries - exporter T2-E1 - collector 42.42.42.42 - ! - tracker T3 - flow table size 100000 entries - exporter T3-E1 - ! - exporter T3-E2 - collector 10.10.10.10 port 777 - ! - exporter T3-E3 - collector this.is.my.awesome.collector.dns.name port 888 - format ipfix version 10 - local interface Management1 - template interval 424242 - ! - exporter T3-E4 - collector dead:beef::cafe - no shutdown -``` - -## Interfaces - -### DPS Interfaces - -#### DPS Interfaces Summary - -| Interface | IP address | Shutdown | MTU | Flow tracker(s) | TCP MSS Ceiling | -| --------- | ---------- | -------- | --- | --------------- | --------------- | -| Dps1 | - | - | - | Hardware: T3 | | - -#### DPS Interfaces Device Configuration - -```eos -! -interface Dps1 - flow tracker hardware T3 -``` - -### Ethernet Interfaces - -#### Ethernet Interfaces Summary - -##### L2 - -| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | -| --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | -| Ethernet40 | - | - | - | - | - | - | -| Ethernet41 | - | - | - | - | - | - | -| Ethernet42 | - | - | - | - | - | - | - -*Inherited from Port-Channel Interface - -#### Ethernet Interfaces Device Configuration - -```eos -! -interface Ethernet40 - switchport - flow tracker hardware T2 - flow tracker sampled T2 -! -interface Ethernet41 - switchport - flow tracker hardware T3 - flow tracker sampled T3 -! -interface Ethernet42 - switchport - flow tracker sampled T3 -``` - -### Port-Channel Interfaces - -#### Port-Channel Interfaces Summary - -##### L2 - -| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | -| --------- | ----------- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | -| Port-Channel42 | - | - | - | - | - | - | - | - | - | - -#### Port-Channel Interfaces Device Configuration - -```eos -! -interface Port-Channel42 - switchport - flow tracker hardware T3 - flow tracker sampled T3 -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/hardware-counter.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/hardware-counter.md deleted file mode 100644 index 1fde1da8131..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/hardware-counter.md +++ /dev/null @@ -1,73 +0,0 @@ -# hardware-counter - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Monitoring](#monitoring) - - [Hardware](#hardware) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Monitoring - -### Hardware - -#### Hardware Counters - -##### Hardware Counters Summary - -###### Hardware Counter Features - -**NOTE:** Not all options (columns) in the table below are compatible with every available feature, it is the user responsibility to configure valid options for each feature. - -| Feature | Flow Direction | Address Type | Layer3 | VRF | Prefix | Units Packets | -| ------- | -------------- | ------------ | ------ | --- | ------ | ------------- | -| acl | out | mac | - | - | - | - | -| gre tunnel interface | out | - | - | - | - | - | -| ip | in | - | - | False | - | False | -| ip | out | - | - | True | - | True | -| mpls lfib | - | - | - | - | - | True | -| route | - | ipv4 | test | - | 192.168.0.0/24 | - | -| route | - | ipv6 | - | - | 2001:db8:cafe::/64 | - | -| segment-security | in | - | - | - | - | - | - -#### Hardware Device Configuration - -```eos -! -hardware counter feature acl out mac -hardware counter feature gre tunnel interface out -hardware counter feature ip in -hardware counter feature ip out layer3 units packets -hardware counter feature mpls lfib units packets -hardware counter feature route ipv4 vrf test 192.168.0.0/24 -hardware counter feature route ipv6 2001:db8:cafe::/64 -hardware counter feature segment-security in -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/hide-passwords.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/hide-passwords.md deleted file mode 100644 index b205a6ab7e1..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/hide-passwords.md +++ /dev/null @@ -1,168 +0,0 @@ -# hide-passwords - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Authentication](#authentication) - - [Local Users](#local-users) - - [Enable Password](#enable-password) - - [TACACS Servers](#tacacs-servers) - - [RADIUS Server](#radius-server) -- [IP Security](#ip-security) - - [IPSec profiles](#ipsec-profiles) - - [IP Security Device Configuration](#ip-security-device-configuration) -- [Routing](#routing) - - [Router BGP](#router-bgp) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Authentication - -### Local Users - -#### Local Users Summary - -| User | Privilege | Role | Disabled | Shell | -| ---- | --------- | ---- | -------- | ----- | -| ansible | - | - | False | - | - -#### Local Users Device Configuration - -```eos -! -username ansible secret sha512 -``` - -### Enable Password - -sha512 encrypted enable password is configured - -#### Enable Password Device Configuration - -```eos -! -enable password sha512 -! -``` - -### TACACS Servers - -#### TACACS Servers - -| VRF | TACACS Servers | Single-Connection | Timeout | -| --- | -------------- | ----------------- | ------- | -| default | 10.10.10.157 | False | - | - -#### TACACS Servers Device Configuration - -```eos -! -tacacs-server host 10.10.10.157 key 7 -``` - -### RADIUS Server - -#### RADIUS Server Hosts - -| VRF | RADIUS Servers | TLS | SSL Profile | Timeout | Retransmit | -| --- | -------------- | --- | ----------- | ------- | ---------- | -| default | 10.10.10.158 | - | - | - | - | - -#### RADIUS Server Device Configuration - -```eos -! -radius-server host 10.10.10.158 key 7 -``` - -## IP Security - -### IPSec profiles - -| Profile name | IKE policy | SA policy | Connection | DPD Interval | DPD Time | DPD action | Mode | Flow Parallelization | -| ------------ | ---------- | ----------| ---------- | ------------ | -------- | ---------- | ---- | -------------------- | -| Profile-1 | - | - | - | - | - | - | - | - | - -### IP Security Device Configuration - -```eos -! -ip security - ! - profile Profile-1 - shared-key 7 -``` - -## Routing - -### Router BGP - -ASN Notation: asplain - -#### Router BGP Summary - -| BGP AS | Router ID | -| ------ | --------- | -| 65100 | 10.50.64.15 | - -#### Router BGP Peer Groups - -##### IPV4-UNDERLAY - -| Settings | Value | -| -------- | ----- | -| Remote AS | 65000 | - -#### BGP Neighbors - -| Neighbor | Remote AS | VRF | Shutdown | Send-community | Maximum-routes | Allowas-in | BFD | RIB Pre-Policy Retain | Route-Reflector Client | Passive | TTL Max Hops | -| -------- | --------- | --- | -------- | -------------- | -------------- | ---------- | --- | --------------------- | ---------------------- | ------- | ------------ | -| 10.50.2.1 | 65000 | BLAH | - | - | - | - | - | - | - | - | - | - -#### Router BGP VRFs - -| VRF | Route-Distinguisher | Redistribute | -| --- | ------------------- | ------------ | -| BLAH | - | - | - -#### Router BGP Device Configuration - -```eos -! -router bgp 65100 - router-id 10.50.64.15 - neighbor IPV4-UNDERLAY peer group - neighbor IPV4-UNDERLAY remote-as 65000 - neighbor IPV4-UNDERLAY password 7 - ! - vrf BLAH - neighbor 10.50.2.1 remote-as 65000 - neighbor 10.50.2.1 password 7 -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host1.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host1.md index 10d87078891..6cacb9d905f 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host1.md +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host1.md @@ -5,9 +5,13 @@ - [Management](#management) - [Agents](#agents) - [Management Interfaces](#management-interfaces) + - [DNS Domain](#dns-domain) - [IP Domain-list](#ip-domain-list) + - [IP Name Servers](#ip-name-servers) + - [Domain Lookup](#domain-lookup) - [Clock Settings](#clock-settings) - [NTP](#ntp) + - [PTP](#ptp) - [System Control-Plane](#system-control-plane) - [Management SSH](#management-ssh) - [Management Tech-Support](#management-tech-support) @@ -34,6 +38,12 @@ - [AAA Authentication](#aaa-authentication) - [AAA Authorization](#aaa-authorization) - [AAA Accounting](#aaa-accounting) +- [Address Locking](#address-locking) + - [Address Locking Summary](#address-locking-summary) + - [DHCP Servers](#dhcp-servers) + - [Leases](#leases) +- [Address Locking Interfaces](#address-locking-interfaces) + - [Address Locking Device Configuration](#address-locking-device-configuration) - [Management Security](#management-security) - [Management Security Summary](#management-security-summary) - [Management Security SSL Profiles](#management-security-ssl-profiles) @@ -63,8 +73,10 @@ - [Monitor Sessions](#monitor-sessions) - [Tap Aggregation](#tap-aggregation) - [SFlow](#sflow) + - [Hardware](#hardware) - [VM Tracer Sessions](#vm-tracer-sessions) - [Event Handler](#event-handler) + - [Flow Tracking](#flow-tracking) - [Object Tracking](#object-tracking) - [Monitor Telemetry Postcard Policy](#monitor-telemetry-postcard-policy) - [Monitor Server Radius Summary](#monitor-server-radius-summary) @@ -74,13 +86,23 @@ - [Monitor Connectivity Device Configuration](#monitor-connectivity-device-configuration) - [Monitor Layer 1 Logging](#monitor-layer-1-logging) - [Monitor Layer 1 Device Configuration](#monitor-layer-1-device-configuration) +- [Hardware TCAM Profile](#hardware-tcam-profile) + - [Custom TCAM Profiles](#custom-tcam-profiles) + - [Hardware TCAM Device Configuration](#hardware-tcam-device-configuration) - [Link Tracking](#link-tracking) - [MLAG](#mlag) - [MLAG Summary](#mlag-summary) - [MLAG Device Configuration](#mlag-device-configuration) +- [LLDP](#lldp) + - [LLDP Summary](#lldp-summary) + - [LLDP Device Configuration](#lldp-device-configuration) +- [L2 Protocol Forwarding](#l2-protocol-forwarding) + - [Forwarding Profiles](#forwarding-profiles) + - [L2 Protocol Forwarding Device Configuration](#l2-protocol-forwarding-device-configuration) - [LACP](#lacp) - [LACP Summary](#lacp-summary) - [LACP Device Configuration](#lacp-device-configuration) + - [Synchronous Ethernet (SyncE) Settings](#synchronous-ethernet-synce-settings) - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration) @@ -98,6 +120,7 @@ - [IP Security Device Configuration](#ip-security-device-configuration) - [Interfaces](#interfaces) - [Switchport Default](#switchport-default) + - [Interface Defaults](#interface-defaults) - [Interface Profiles](#interface-profiles) - [DPS Interfaces](#dps-interfaces) - [Ethernet Interfaces](#ethernet-interfaces) @@ -148,6 +171,9 @@ - [Filters](#filters) - [IP Community-lists](#ip-community-lists) - [Peer Filters](#peer-filters) + - [Dynamic Prefix-lists](#dynamic-prefix-lists) + - [Prefix-lists](#prefix-lists) + - [IPv6 Prefix-lists](#ipv6-prefix-lists) - [Route-maps](#route-maps) - [IP Extended Community Lists](#ip-extended-community-lists) - [IP Extended Community RegExp Lists](#ip-extended-community-regexp-lists) @@ -157,6 +183,7 @@ - [802.1X Summary](#8021x-summary) - [Power Over Ethernet (PoE)](#power-over-ethernet-poe) - [PoE Summary](#poe-summary) + - [PoE Device Configuration](#poe-device-configuration) - [ACL](#acl) - [Standard Access-lists](#standard-access-lists) - [Extended Access-lists](#extended-access-lists) @@ -170,6 +197,9 @@ - [Virtual Source NAT](#virtual-source-nat) - [Virtual Source NAT Summary](#virtual-source-nat-summary) - [Virtual Source NAT Configuration](#virtual-source-nat-configuration) +- [Platform](#platform) + - [Platform Summary](#platform-summary) + - [Platform Device Configuration](#platform-device-configuration) - [System L1](#system-l1) - [Unsupported Interface Configurations](#unsupported-interface-configurations) - [System L1 Device Configuration](#system-l1-device-configuration) @@ -204,14 +234,21 @@ - [IP NAT Device Configuration](#ip-nat-device-configuration) - [Errdisable](#errdisable) - [Errdisable Summary](#errdisable-summary) +- [MACsec](#macsec) + - [MACsec Summary](#macsec-summary) + - [MACsec Device Configuration](#macsec-device-configuration) + - [Traffic Policies information](#traffic-policies-information) - [Quality Of Service](#quality-of-service) + - [QOS](#qos) - [QOS Class Maps](#qos-class-maps) - [QOS Policy Maps](#qos-policy-maps) + - [QOS Profiles](#qos-profiles) - [QOS Interfaces](#qos-interfaces) - [Control-plane Policy Map](#control-plane-policy-map) - [InfluxDB Telemetry](#influxdb-telemetry) - [InfluxDB Telemetry Summary](#influxdb-telemetry-summary) - [InfluxDB Telemetry Device Configuration](#influxdb-telemetry-device-configuration) + - [Priority Flow Control](#priority-flow-control-2) - [STUN](#stun) - [STUN Client](#stun-client) - [STUN Server](#stun-server) @@ -220,6 +257,7 @@ - [BGP Groups](#bgp-groups) - [Interface Groups](#interface-groups) - [Maintenance](#maintenance) +- [EOS CLI Device Configuration](#eos-cli-device-configuration) ## Management @@ -299,6 +337,17 @@ interface Vlan123 ip virtual-router address 10.73.0.1 ``` +### DNS Domain + +DNS domain: test.local + +#### DNS Domain Device Configuration + +```eos +dns domain test.local +! +``` + ### IP Domain-list #### Domains List @@ -314,6 +363,50 @@ ip domain-list domain2.local ! ``` +### IP Name Servers + +#### IP Name Servers Summary + +| Name Server | VRF | Priority | +| ----------- | --- | -------- | +| 10.10.128.10 | - | - | +| 10.10.129.10 | - | 0 | +| 10.10.128.10 | mgmt | - | +| 10.10.128.10 | TEST | 3 | +| 2001:db8::1 | - | - | +| 2001:db8::2 | - | 0 | +| 2001:db8::1 | mgmt | - | +| 2001:db8::2 | TEST | 3 | + +#### IP Name Servers Device Configuration + +```eos +ip name-server 10.10.128.10 +ip name-server vrf mgmt 10.10.128.10 +ip name-server vrf TEST 10.10.128.10 priority 3 +ip name-server 10.10.129.10 priority 0 +ip name-server 2001:db8::1 +ip name-server vrf mgmt 2001:db8::1 +ip name-server 2001:db8::2 priority 0 +ip name-server vrf TEST 2001:db8::2 priority 3 +``` + +### Domain Lookup + +#### DNS Domain Lookup Summary + +| Source interface | vrf | +| ---------------- | --- | +| Loopback0 | - | +| Management0 | mgt | + +#### DNS Domain Lookup Device Configuration + +```eos +ip domain lookup source-interface Loopback0 +ip domain lookup vrf mgt source-interface Management0 +``` + ### Clock Settings #### Clock Timezone Settings @@ -350,9 +443,9 @@ clock timezone GMT ##### NTP Authentication -- Authentication enabled +- Authentication enabled (Servers only) -- Trusted Keys: 1-3 +- Trusted Keys: 1-2 ##### NTP Authentication Keys @@ -369,8 +462,8 @@ clock timezone GMT ntp authentication-key 1 md5 ntp authentication-key 2 md5 7 ntp authentication-key 3 sha1 8a -ntp trusted-key 1-3 -ntp authenticate +ntp trusted-key 1-2 +ntp authenticate servers ntp local-interface lo1 ntp server 1.2.3.4 local-interface lo0 ntp server 2.2.2.55 @@ -380,6 +473,45 @@ ntp server 20.20.20.1 key ntp server ie.pool.ntp.org iburst key ``` +### PTP + +PTP Profile: g8275.1 + +#### PTP Summary + +| Clock ID | Source IP | Priority 1 | Priority 2 | TTL | Domain | Mode | Forward Unicast | +| -------- | --------- | ---------- | ---------- | --- | ------ | ---- | --------------- | +| 11:11:11:11:11:11 | 1.1.2.3 | 101 | 102 | 12 | 17 | boundary | True | + +#### PTP Device Configuration + +```eos +! +ptp clock-identity 11:11:11:11:11:11 +ptp domain 17 +ptp message-type event dscp 46 default +ptp message-type general dscp 36 default +ptp mode boundary one-step +ptp priority1 101 +ptp priority2 102 +ptp profile g8275.1 +ptp source ip 1.1.2.3 +ptp ttl 12 +ptp forward-unicast +ptp monitor threshold offset-from-master 11 +ptp monitor threshold mean-path-delay 12 +ptp monitor threshold mean-path-delay 14 nanoseconds drop +ptp monitor threshold offset-from-master 13 nanoseconds drop +ptp monitor threshold missing-message sync 103 intervals +ptp monitor threshold missing-message follow-up 102 intervals +ptp monitor threshold missing-message announce 101 intervals +ptp monitor sequence-id +ptp monitor threshold missing-message sync 204 sequence-ids +ptp monitor threshold missing-message follow-up 203 sequence-ids +ptp monitor threshold missing-message delay-resp 202 sequence-ids +ptp monitor threshold missing-message announce 201 sequence-ids +``` + ### System Control-Plane #### TCP MSS Ceiling @@ -437,6 +569,13 @@ system control-plane | ACL-SSH | - | | ACL-SSH-VRF | mgt | +#### IPv6 ACL + +| IPv6 ACL | VRF | +| -------- | --- | +| ACL-SSH6 | - | +| ACL-SSH-VRF6 | mgt | + #### SSH Timeout and Management | Idle Timeout | SSH Management | @@ -468,6 +607,8 @@ system control-plane management ssh ip access-group ACL-SSH in ip access-group ACL-SSH-VRF vrf mgt in + ipv6 access-group ACL-SSH6 in + ipv6 access-group ACL-SSH-VRF6 vrf mgt in idle-timeout 15 authentication protocol keyboard-interactive password public-key connection per-host 10 @@ -1229,6 +1370,56 @@ aaa accounting commands 0 default start-stop logging aaa accounting commands 1 default start-stop group TACACS ``` +## Address Locking + +### Address Locking Summary + +| Setting | Value | +| -------- | ----- | +| Disable IP locking on configured ports | True | +| Local Interface | Loopback0 | +| Disable deauthorizing locked addresses upon MAC aging out | True | +| Disable enforcement for locked ipv4 addresses | True | +| Disable enforcement for locked ipv6 addresses | True | + +### DHCP Servers + +| Server IP | +| --------- | +| 1.1.1.1 | +| 4.4.4.4 | + +### Leases + +| Lease IP Address | Lease MAC Address | +| ---------------- | ----------------- | +| 2.2.2.2 | dead.beef.cafe | +| 3.3.3.3 | de:af:be:ef:ca:fe | + +## Address Locking Interfaces + +| Interface | IPv4 Address Locking | IPv6 Address Locking | +| --------- | -------------------- | -------------------- | +| Ethernet1 | True | False | +| Ethernet2 | True | True | +| Ethernet3 | False | True | + +### Address Locking Device Configuration + +```eos +! +address locking + disabled + local-interface Loopback0 + dhcp server ipv4 1.1.1.1 + dhcp server ipv4 4.4.4.4 + lease 2.2.2.2 mac dead.beef.cafe + lease 3.3.3.3 mac de:af:be:ef:ca:fe + locked-address expiration mac disabled + locked-address ipv4 enforcement disabled + locked-address ipv6 enforcement disabled +``` + ## Management Security ### Management Security Summary @@ -1246,6 +1437,7 @@ aaa accounting commands 1 default start-stop group TACACS | ---------------- | --------------------- | -------------------- | ------------ | ----------- | ---- | | certificate-profile | - | eAPI.crt | eAPI.key | - | ca.crl
intermediate.crl | | cipher-list-profile | - | - | - | ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384 | - | +| SSL_PROFILE | 1.1 1.2 | SSL_CERT | SSL_KEY | - | - | | test1-chain-cert | - | - | - | - | - | | test1-trust-cert | - | - | - | - | - | | test2-chain-cert | - | - | - | - | - | @@ -1343,6 +1535,10 @@ management security ssl profile cipher-list-profile cipher-list ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384 ! + ssl profile SSL_PROFILE + tls versions 1.1 1.2 + certificate SSL_CERT key SSL_KEY + ! ssl profile test1-chain-cert chain certificate test-chain-cert1.crt chain certificate test-chain-cert2.crt @@ -1950,6 +2146,50 @@ sflow hardware acceleration module Linecard2 no sflow hardware acceleration module Linecard3 ``` +### Hardware + +#### Hardware Counters + +##### Hardware Counters Summary + +###### Hardware Counter Features + +**NOTE:** Not all options (columns) in the table below are compatible with every available feature, it is the user responsibility to configure valid options for each feature. + +| Feature | Flow Direction | Address Type | Layer3 | VRF | Prefix | Units Packets | +| ------- | -------------- | ------------ | ------ | --- | ------ | ------------- | +| acl | out | mac | - | - | - | - | +| gre tunnel interface | out | - | - | - | - | - | +| ip | in | - | - | False | - | False | +| ip | out | - | - | True | - | True | +| mpls lfib | - | - | - | - | - | True | +| route | - | ipv4 | test | - | 192.168.0.0/24 | - | +| route | - | ipv6 | - | - | 2001:db8:cafe::/64 | - | +| segment-security | in | - | - | - | - | - | + +#### Hardware Device Configuration + +```eos +! +hardware port-group 1 select Et32/1-4 +hardware port-group 2 select Et32/1,Et32/3,Et34 +! +hardware counter feature acl out mac +hardware counter feature gre tunnel interface out +hardware counter feature ip in +hardware counter feature ip out layer3 units packets +hardware counter feature mpls lfib units packets +hardware counter feature route ipv4 vrf test 192.168.0.0/24 +hardware counter feature route ipv6 2001:db8:cafe::/64 +hardware counter feature segment-security in +! +hardware access-list mechanism tcam +! +hardware speed-group 1 serdes 10g +hardware speed-group 2 serdes 25g +hardware speed-group 3/1 serdes 25g +``` + ### VM Tracer Sessions #### VM Tracer Summary @@ -2096,6 +2336,117 @@ event-handler trigger-vm-tracer2 event-handler without-trigger-key ``` +### Flow Tracking + +#### Flow Tracking Sampled + +| Sample Size | Minimum Sample Size | Hardware Offload for IPv4 | Hardware Offload for IPv6 | Encapsulations | +| ----------- | ------------------- | ------------------------- | ------------------------- | -------------- | +| 666 | 2 | enabled | disabled | ipv4, ipv6, mpls | + +##### Trackers Summary + +| Tracker Name | Record Export On Inactive Timeout | Record Export On Interval | MPLS | Number of Exporters | Applied On | Table Size | +| ------------ | --------------------------------- | ------------------------- | ---- | ------------------- | ---------- | ---------- | +| T1 | 3666 | 5666 | True | 0 | | - | +| T2 | - | - | False | 1 | Dps1
Ethernet40 | 614400 | +| T3 | - | - | - | 4 | Ethernet41
Ethernet42
Port-Channel115 | 100000 | + +##### Exporters Summary + +| Tracker Name | Exporter Name | Collector IP/Host | Collector Port | Local Interface | +| ------------ | ------------- | ----------------- | -------------- | --------------- | +| T2 | T2-E1 | - | - | No local interface | +| T3 | T3-E1 | - | - | No local interface | +| T3 | T3-E2 | - | - | No local interface | +| T3 | T3-E3 | - | - | Management1 | +| T3 | T3-E4 | - | - | No local interface | + +#### Flow Tracking Hardware + +Software export of IPFIX data records enabled. + +##### Trackers Summary + +| Tracker Name | Record Export On Inactive Timeout | Record Export On Interval | Number of Exporters | Applied On | +| ------------ | --------------------------------- | ------------------------- | ------------------- | ---------- | +| T1 | 3666 | 5666 | 0 | | +| T2 | - | - | 1 | Ethernet40 | +| T3 | - | - | 4 | Dps1
Ethernet41
Port-Channel115 | + +##### Exporters Summary + +| Tracker Name | Exporter Name | Collector IP/Host | Collector Port | Local Interface | +| ------------ | ------------- | ----------------- | -------------- | --------------- | +| T2 | T2-E1 | - | - | No local interface | +| T3 | T3-E1 | - | - | No local interface | +| T3 | T3-E2 | - | - | No local interface | +| T3 | T3-E3 | - | - | Management1 | +| T3 | T3-E4 | - | - | No local interface | + +#### Flow Tracking Device Configuration + +```eos +! +flow tracking hardware + tracker T1 + record export on inactive timeout 3666 + record export on interval 5666 + ! + tracker T2 + exporter T2-E1 + collector 42.42.42.42 + ! + tracker T3 + exporter T3-E1 + ! + exporter T3-E2 + collector 10.10.10.10 port 777 + ! + exporter T3-E3 + collector this.is.my.awesome.collector.dns.name port 888 + format ipfix version 10 + local interface Management1 + template interval 424242 + ! + exporter T3-E4 + collector dead:beef::cafe + record format ipfix standard timestamps counters + no shutdown +! +flow tracking sampled + encapsulation ipv4 ipv6 mpls + sample 666 + hardware offload ipv4 + hardware offload threshold minimum 2 samples + tracker T1 + record export on inactive timeout 3666 + record export on interval 5666 + record export mpls + ! + tracker T2 + flow table size 614400 entries + exporter T2-E1 + collector 42.42.42.42 + ! + tracker T3 + flow table size 100000 entries + exporter T3-E1 + ! + exporter T3-E2 + collector 10.10.10.10 port 777 + ! + exporter T3-E3 + collector this.is.my.awesome.collector.dns.name port 888 + format ipfix version 10 + local interface Management1 + template interval 424242 + ! + exporter T3-E4 + collector dead:beef::cafe + no shutdown +``` + ### Object Tracking #### Object Tracking Summary @@ -2363,6 +2714,27 @@ monitor layer1 logging mac fault ``` +## Hardware TCAM Profile + +TCAM profile **`traffic_policy`** is active + +### Custom TCAM Profiles + +Following TCAM profiles are configured on device: + +- Profile Name: `MY_TCAM_PROFILE` + +### Hardware TCAM Device Configuration + +```eos +! +hardware tcam + profile MY_TCAM_PROFILE + source flash:/TCAM_PROFILES/MY_TCAM_PROFILE.conf + ! + system profile traffic_policy +``` + ### Link Tracking #### Link Tracking Groups Summary @@ -2411,6 +2783,122 @@ mlag configuration reload-delay non-mlag 450 ``` +## LLDP + +### LLDP Summary + +#### LLDP Global Settings + +| Enabled | Management Address | Management VRF | Timer | Hold-Time | Re-initialization Timer | Drop Received Tagged Packets | +| ------- | ------------------ | -------------- | ----- | --------- | ----------------------- | ---------------------------- | +| False | 192.168.1.1/24 | Management | 30 | 90 | 2 | - | + +#### LLDP Explicit TLV Transmit Settings + +| TLV | Transmit | +| --- | -------- | +| system-capabilities | False | +| system-description | True | + +#### LLDP Interface Settings + +LLDP is **disabled** globally. Local interface configs will not apply. + +| Interface | Transmit | Receive | +| --------- | -------- | ------- | +| Ethernet6 | False | True | +| Ethernet8 | False | False | +| Ethernet9 | True | False | +| Ethernet19 | False | False | +| Ethernet20 | False | False | +| Ethernet76 | False | False | + +### LLDP Device Configuration + +```eos +! +lldp timer 30 +lldp hold-time 90 +no lldp tlv transmit system-capabilities +lldp tlv transmit system-description +no lldp run +lldp management-address 192.168.1.1/24 +lldp management-address vrf Management +``` + +## L2 Protocol Forwarding + +### Forwarding Profiles + +#### TEST1 + +| Protocol | Forward | Tagged Forward | Untagged Forward | +| -------- | ------- | -------------- | ---------------- | +| bfd per-link rfc-7130 | True | True | True | +| e-lmi | True | True | True | +| isis | True | True | True | +| lacp | True | True | True | +| lldp | True | True | True | +| macsec | True | True | True | +| pause | True | True | True | +| stp | True | True | True | + +#### TEST2 + +| Protocol | Forward | Tagged Forward | Untagged Forward | +| -------- | ------- | -------------- | ---------------- | +| bfd per-link rfc-7130 | False | True | - | +| e-lmi | True | - | - | +| isis | - | - | True | +| lacp | True | False | True | +| lldp | False | True | False | +| macsec | - | True | - | +| pause | False | - | True | +| stp | - | True | True | + +### L2 Protocol Forwarding Device Configuration + +```eos +! +l2-protocol + forwarding profile TEST1 + bfd per-link rfc-7130 forward + bfd per-link rfc-7130 tagged forward + bfd per-link rfc-7130 untagged forward + e-lmi forward + e-lmi tagged forward + e-lmi untagged forward + isis forward + isis tagged forward + isis untagged forward + lacp forward + lacp tagged forward + lacp untagged forward + lldp forward + lldp tagged forward + lldp untagged forward + macsec forward + macsec tagged forward + macsec untagged forward + pause forward + pause tagged forward + pause untagged forward + stp forward + stp tagged forward + stp untagged forward + forwarding profile TEST2 + bfd per-link rfc-7130 tagged forward + e-lmi forward + isis untagged forward + lacp forward + lacp untagged forward + lldp tagged forward + macsec tagged forward + pause untagged forward + stp tagged forward + stp untagged forward +``` + ## LACP ### LACP Summary @@ -2427,6 +2915,18 @@ lacp port-id range 1 128 no lacp rate-limit default ``` +### Synchronous Ethernet (SyncE) Settings + +Synchronous Ethernet Network Option: 2 + +#### Synchronous Ethernet Device Configuration + +```eos +! +sync-e + network option 2 +``` + ## Internal VLAN Allocation Policy ### Internal VLAN Allocation Policy Summary @@ -2653,6 +3153,24 @@ switchport default phone cos 0 switchport default phone vlan 69 ``` +### Interface Defaults + +#### Interface Defaults Summary + +- Default Ethernet Interface Shutdown: True + +- Default Routed Interface MTU: 9000 + +#### Interface Defaults Device Configuration + +```eos +! +interface defaults + mtu 9000 + ethernet + shutdown +``` + ### Interface Profiles #### Interface Profiles Summary @@ -2680,7 +3198,7 @@ interface profile TEST-PROFILE-2 | Interface | IP address | Shutdown | MTU | Flow tracker(s) | TCP MSS Ceiling | | --------- | ---------- | -------- | --- | --------------- | --------------- | -| Dps1 | 192.168.42.42/24 | True | 666 | Hardware: FT-HW
Sampled: FT-S | IPv4: 666
IPv6: 666
Direction: ingress | +| Dps1 | 192.168.42.42/24 | True | 666 | Hardware: T3
Sampled: T2 | IPv4: 666
IPv6: 666
Direction: ingress | #### DPS Interfaces Device Configuration @@ -2690,8 +3208,8 @@ interface Dps1 description Test DPS Interface shutdown mtu 666 - flow tracker hardware FT-HW - flow tracker sampled FT-S + flow tracker hardware T3 + flow tracker sampled T2 ip address 192.168.42.42/24 tcp mss ceiling ipv4 666 ipv6 666 ingress load-interval 42 @@ -3042,14 +3560,25 @@ interface Dps1 | Ethernet3 | False | - | - | | Ethernet4 | True | - | - | +#### Synchronous Ethernet + +| Interface | Priority | +| --------- | -------- | +| Ethernet3 | 10 | +| Ethernet5 | 127 | +| Ethernet6 | disabled | + #### Ethernet Interfaces Device Configuration ```eos ! interface Ethernet1 + traffic-policy input BLUE-C1-POLICY + traffic-policy output BLUE-C2-POLICY description P2P_LINK_TO_DC1-SPINE1_Ethernet1 mtu 1500 bgp session tracker ST1 + l2-protocol forwarding profile TEST1 l2 mtu 8000 l2 mru 8000 speed forced 100gfull @@ -3079,6 +3608,7 @@ interface Ethernet1 switchport vlan translation out 45 dot1q-tunnel all switchport trunk private-vlan secondary switchport pvlan mapping 20-30 + address locking ipv4 ip address 172.31.255.1/31 ip verify unicast source reachable-via rx bfd interval 500 min-rx 500 multiplier 5 @@ -3098,6 +3628,10 @@ interface Ethernet1 tcp mss ceiling ipv4 70 ipv6 75 egress switchport port-security switchport port-security mac-address maximum disabled + service-policy type qos input pmap_test1 + service-profile test + qos trust dscp + qos dscp 48 priority-flow-control on priority-flow-control priority 5 drop switchport backup-link Ethernet5 prefer vlan 10 @@ -3120,6 +3654,7 @@ interface Ethernet2 switchport trunk allowed vlan 110-111,210-211 switchport mode trunk switchport + address locking ipv4 ipv6 ip address 10.1.255.3/24 ip address 1.1.1.3/24 secondary ip address 1.1.1.4/24 secondary @@ -3147,6 +3682,7 @@ interface Ethernet3 no switchport switchport vlan translation out 23 dot1q-tunnel 50 no snmp trap link-change + address locking ipv6 ip address 172.31.128.1/31 ipv6 enable ipv6 address 2002:ABDC::1/64 @@ -3154,6 +3690,7 @@ interface Ethernet3 ipv6 nd prefix 2345:ABCD:3FE0::2/96 50 infinite ipv6 nd prefix 2345:ABCD:3FE0::3/96 100000 no-autoconfig tcp mss ceiling ipv6 65 + mac security profile A1 switchport port-security no switchport port-security mac-address maximum disabled switchport port-security vlan 1 mac-address maximum 3 @@ -3163,9 +3700,18 @@ interface Ethernet3 switchport port-security vlan 22 mac-address maximum 4 switchport port-security vlan 41 mac-address maximum 4 switchport port-security vlan default mac-address maximum 2 + ptp enable + ptp delay-mechanism e2e + ptp role dynamic + ptp sync-message interval 1 + ptp transport layer2 + ptp vlan 2 no priority-flow-control spanning-tree guard root switchport backup-link Ethernet4 + ! + sync-e + priority 10 link tracking group EVPN_MH_ES2 downstream ! interface Ethernet4 @@ -3217,6 +3763,8 @@ interface Ethernet5 no isis hello padding isis network point-to-point spanning-tree guard loop + ! + sync-e ! interface Ethernet6 description SRV-POD02_Eth1 @@ -3225,10 +3773,29 @@ interface Ethernet6 switchport trunk allowed vlan 110-111,210-211 switchport mode trunk switchport + no lldp transmit + ptp enable + ptp announce interval 3 + ptp announce timeout 9 + ptp delay-mechanism e2e + ptp delay-req interval -7 + ptp profile g8275.1 destination mac-address non-forwardable + ptp role dynamic + ptp sync-message interval 1 + ptp transport ipv4 + service-profile experiment + qos trust cos + qos cos 2 + ! + tx-queue 2 + random-detect ecn count logging event storm-control discards spanning-tree bpduguard enable spanning-tree bpdufilter enable logging event spanning-tree + ! + sync-e + priority disabled ! interface Ethernet7 description Molecule L2 @@ -3262,6 +3829,10 @@ interface Ethernet8 no switchport no lldp transmit no lldp receive + service-profile qprof_testwithpolicy + ! + uc-tx-queue 4 + random-detect ecn count isis authentication mode md5 rx-disabled isis authentication key 0 ! @@ -3279,6 +3850,7 @@ interface Ethernet9 no switchport ip address 172.31.128.9/31 mpls ldp interface + no lldp receive multicast ipv4 boundary ACL_MULTICAST out multicast ipv6 static mpls ip @@ -3547,17 +4119,22 @@ interface Ethernet39 interface Ethernet40 description DOT1X Testing - mac_based_authentication always switchport + flow tracker hardware T2 + flow tracker sampled T2 dot1x mac based authentication always ! interface Ethernet41 description DOT1X Testing - mac_based_authentication always and host-mode common switchport + flow tracker hardware T3 + flow tracker sampled T3 dot1x mac based authentication host-mode common dot1x mac based authentication always ! interface Ethernet42 description DOT1X Testing - mac_based_authentication switchport + flow tracker sampled T3 dot1x mac based authentication ! interface Ethernet43 @@ -4181,6 +4758,14 @@ interface Port-Channel5 l2 mtu 8000 l2 mru 8000 mlag 5 + ptp enable + ptp mpass + ptp delay-mechanism e2e + ptp profile g8275.1 destination mac-address forwardable + ptp role dynamic + ptp sync-message interval 1 + ptp transport layer2 + ptp vlan 2 storm-control broadcast level 1 storm-control multicast level 1 storm-control unknown-unicast level 1 @@ -4272,11 +4857,17 @@ interface Port-Channel14 route-target import 00:00:01:02:03:05 ! interface Port-Channel15 + traffic-policy input BLUE-C1-POLICY + traffic-policy output BLUE-C2-POLICY description DC1_L2LEAF3_Po1 switchport trunk allowed vlan 110,201 switchport mode trunk switchport mlag 15 + service-policy type qos input pmap_test1 + service-profile experiment + qos trust cos + qos cos 2 isis authentication mode md5 rx-disabled isis authentication key 0 spanning-tree guard loop @@ -4559,9 +5150,12 @@ interface Port-Channel114 ! interface Port-Channel115 description native-vlan-tag-precedence + l2-protocol forwarding profile TEST2 switchport trunk native vlan tag switchport mode trunk switchport + flow tracker hardware T3 + flow tracker sampled T3 ! interface Port-Channel117 description interface_with_sflow_ingress_egress_enabled @@ -5488,20 +6082,27 @@ ip virtual-router mac-address 00:1c:73:00:dc:01 | VRF | Routing Enabled | | --- | --------------- | -| default | False | +| default | True (ipv6 interfaces) | | BLAH | - | | defauls | - | | defaulu | - | | MGMT | False | | TENANT_A_PROJECT01 | True | | TENANT_A_PROJECT02 | True | +| TEST1 | True | +| TEST2 | True (ipv6 interfaces) | #### IP Routing Device Configuration ```eos +! +ip routing ipv6 interfaces +ip hardware fib optimize prefixes profile urpf-internet no ip routing vrf MGMT ip routing vrf TENANT_A_PROJECT01 ip routing vrf TENANT_A_PROJECT02 +ip routing vrf TEST1 +ip routing ipv6 interfaces vrf TEST2 ``` ### IPv6 Routing @@ -5510,13 +6111,25 @@ ip routing vrf TENANT_A_PROJECT02 | VRF | Routing Enabled | | --- | --------------- | -| default | False | +| default | True | | BLAH | false | | defauls | false | +| default | true | | defaulu | false | | MGMT | false | | TENANT_A_PROJECT01 | false | | TENANT_A_PROJECT02 | false | +| TEST1 | true | +| TEST2 | false | + +#### IPv6 Routing Device Configuration + +```eos +! +ipv6 unicast-routing +ipv6 unicast-routing vrf TEST1 +ipv6 hardware fib optimize prefixes profile internet +``` ### Static Routes @@ -7573,6 +8186,7 @@ router bgp 65101 vrf VRF02 neighbor 1.1.1.1 additional-paths receive neighbor 1.1.1.1 additional-paths send ecmp limit 24 + neighbor 1.1.1.1 password 7 redistribute connected include leaked route-map RM_VRF_CONNECTED redistribute isis level-2 include leaked route-map RM_VRF_ISIS redistribute ospf include leaked route-map RM_VRF_OSPF @@ -8110,6 +8724,79 @@ peer-filter PF2 30 match as-range 65000 result accept ``` +### Dynamic Prefix-lists + +#### Dynamic Prefix-lists Summary + +| Dynamic Prefix-List Name | Match Map | IPv4 Prefix-list | IPv6 Prefix-list | +| ------------------------ | --------- | ---------------- | ---------------- | +| DYNAMIC_PREFIX_LIST_NAME_1 | Test_1 | IPV4_PREFIX_LIST | - | +| DYNAMIC_PREFIX_LIST_NAME_2 | Test_2 | - | IPV6_PREFIX_LIST | +| DYNAMIC_PREFIX_LIST_NAME_3 | Test_2 | IPV4_PREFIX_LIST | IPV6_PREFIX_LIST | + +#### Dynamic Prefix-lists Device Configuration + +```eos +! +dynamic prefix-list DYNAMIC_PREFIX_LIST_NAME_1 + match-map Test_1 + prefix-list ipv4 IPV4_PREFIX_LIST +! +dynamic prefix-list DYNAMIC_PREFIX_LIST_NAME_2 + match-map Test_2 + prefix-list ipv6 IPV6_PREFIX_LIST +! +dynamic prefix-list DYNAMIC_PREFIX_LIST_NAME_3 + match-map Test_2 + prefix-list ipv4 IPV4_PREFIX_LIST + prefix-list ipv6 IPV6_PREFIX_LIST +``` + +### Prefix-lists + +#### Prefix-lists Summary + +##### PL-IPV4-LOOPBACKS + +| Sequence | Action | +| -------- | ------ | + +##### PL-LOOPBACKS-EVPN-OVERLAY + +| Sequence | Action | +| -------- | ------ | +| 10 | permit 192.168.255.0/24 eq 32 | +| 20 | permit 192.168.254.0/24 eq 32 | + +#### Prefix-lists Device Configuration + +```eos +! +ip prefix-list PL-IPV4-LOOPBACKS +! +ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY + seq 10 permit 192.168.255.0/24 eq 32 + seq 20 permit 192.168.254.0/24 eq 32 +``` + +### IPv6 Prefix-lists + +#### IPv6 Prefix-lists Summary + +##### PL-IPV6-LOOPBACKS + +| Sequence | Action | +| -------- | ------ | +| 10 | permit 1b11:3a00:22b0:0082::/64 eq 128 | + +#### IPv6 Prefix-lists Device Configuration + +```eos +! +ipv6 prefix-list PL-IPV6-LOOPBACKS + seq 10 permit 1b11:3a00:22b0:0082::/64 eq 128 +``` + ### Route-maps #### Route-maps Summary @@ -8394,13 +9081,28 @@ ip as-path access-list mylist2 deny _64517$ igp ### PoE Summary +#### PoE Global + +| Reboot Action | Shutdown Action | LLDP Negotiation | +| ------------------- | -------------------- | ----------------------| +| maintain | power-off | - | + #### PoE Interfaces | Interface | PoE Enabled | Priority | Limit | Reboot Action | Link Down Action | Shutdown Action | LLDP Negotiation | Legacy Detection | | --------- | --------- | --------- | ----------- | ----------- | ----------- | ----------- | --------- | --------- | | Ethernet56 | True | low | 30.00 watts | power-off | power-off (delayed 10 seconds) | maintain | False | - | | Ethernet57 | True | critical | 45.00 watts (fixed) | maintain | maintain | power-off | True | True | -| Ethernet58 | False | - | - | - | - | - | - | - | +| Ethernet58 | False | - | - | maintain | - | power-off | - | - | + +### PoE Device Configuration + +```eos +! +poe + reboot action maintain + interface shutdown action power-off +``` ## ACL @@ -8525,6 +9227,18 @@ ACL has counting mode `counters per-entry` enabled! | 30 | permit ip 194.0.2.0/24 any | | - | permit response traffic nat | +##### acl_qos_tc0_v4 + +| Sequence | Action | +| -------- | ------ | +| 10 | permit ip any 192.0.2.0/29 | + +##### acl_qos_tc5_v4 + +| Sequence | Action | +| -------- | ------ | +| 10 | permit ip any any dscp ef | + #### Extended Access-lists Device Configuration ```eos @@ -8556,6 +9270,12 @@ ip access-list ACL-04 20 deny ip 12.0.0.0/8 any 30 permit ip 194.0.2.0/24 any permit response traffic nat +! +ip access-list acl_qos_tc0_v4 + 10 permit ip any 192.0.2.0/29 +! +ip access-list acl_qos_tc5_v4 + 10 permit ip any any dscp ef ``` ### IP Access-lists @@ -8640,6 +9360,18 @@ ipv6 access-list standard TEST6 #### IPv6 Extended Access-lists Summary +##### acl_qos_tc0_v6 + +| Sequence | Action | +| -------- | ------ | +| 10 | permit ipv6 any any dscp cs1 | + +##### acl_qos_tc5_v6 + +| Sequence | Action | +| -------- | ------ | +| 10 | permit ipv6 any 2001:db8::/48 | + ##### TEST1 | Sequence | Action | @@ -8667,6 +9399,12 @@ ACL has counting mode `counters per-entry` enabled! ```eos ! +ipv6 access-list acl_qos_tc0_v6 + 10 permit ipv6 any any dscp cs1 +! +ipv6 access-list acl_qos_tc5_v6 + 10 permit ipv6 any 2001:db8::/48 +! ipv6 access-list TEST1 5 deny ipv6 fe80::/64 any 10 permit ipv6 fe90::/64 any @@ -8755,6 +9493,8 @@ mac access-list TEST4 | MGMT | disabled | | TENANT_A_PROJECT01 | enabled | | TENANT_A_PROJECT02 | enabled | +| TEST1 | enabled | +| TEST2 | enabled (ipv6 interface) | ### VRF Instances Device Configuration @@ -8771,6 +9511,10 @@ vrf instance MGMT vrf instance TENANT_A_PROJECT01 ! vrf instance TENANT_A_PROJECT02 +! +vrf instance TEST1 +! +vrf instance TEST2 ``` ## Virtual Source NAT @@ -8795,6 +9539,80 @@ ipv6 address virtual source-nat vrf TEST_03 address 2001:db8:85a3::8a2e:370:7334 ipv6 address virtual source-nat vrf TEST_04 address 2001:db8:85a3::8a2e:370:7335 ``` +## Platform + +### Platform Summary + +#### Platform Trident Summary + +| Settings | Value | +| -------- | ----- | +| Routing MAC Address per VLAN | true | +| Forwarding Table Partition | 2 | +| MMU Applied Profile | mc_example_profile | + +#### Trident MMU QUEUE PROFILES + +##### mc_example_profile + +| Type | Egress Queue | Threshold | Reserved | Drop-Precedence | +| ---- | ------------ | --------- | -------- | --------------- | +| Unicast | 1 | - | 0 bytes | - | +| Unicast | 2 | 1/8 | 0 cells | - | +| Multicast | 0 | - | 0 bytes | - | +| Multicast | 1 | 1/64 | 0 cells | - | +| Multicast | 7 | 1/64 | 0 cells | - | + +##### unused_profile + +| Type | Egress Queue | Threshold | Reserved | Drop-Precedence | +| ---- | ------------ | --------- | -------- | --------------- | +| Unicast | 1 | - | 0 bytes | - | +| Unicast | 2 | 1/8 | 0 cells | - | +| Unicast | 7 | - | - bytes | - | +| Multicast | 0 | - | 0 bytes | - | +| Multicast | 1 | 8 | 0 cells | - | + +#### Platform Sand Summary + +| Settings | Value | +| -------- | ----- | +| Forwarding Mode | arad | +| Hardware Only Lag | True | +| Lag Mode | 512x32 | +| Default Multicast Replication | ingress | + +##### Internal Network QOS Mapping + +| Traffic Class | To Network QOS | +| ------------- | -------------- | +| 0 | 0 | +| 1 | 7 | +| 2 | 15 | + +#### Platform Software Forwarding Engine Summary + +| Settings | Value | +| -------- | ----- | +| Maximum CPU Allocation | 42 | + +### Platform Device Configuration + +```eos +! +platform trident l3 routing mac-address per-vlan +platform trident forwarding-table partition 2 +platform sand forwarding mode arad +platform sand lag mode 512x32 +platform sand lag hardware-only +platform sand qos map traffic-class 0 to network-qos 0 +platform sand qos map traffic-class 1 to network-qos 7 +platform sand qos map traffic-class 2 to network-qos 15 +platform sand multicast replication default ingress +platform sand mdb profile l3-xxl +platform sfe data-plane cpu allocation maximum 42 +``` + ## System L1 ### Unsupported Interface Configurations @@ -9723,8 +10541,368 @@ errdisable recovery cause xcvr-unsupported errdisable recovery interval 300 ``` +## MACsec + +### MACsec Summary + +License is installed. + +FIPS restrictions enabled. + +#### MACsec Profiles Summary + +##### Profile A1 + +###### Settings + +| Cipher | Key-Server Priority | Rekey-Period | SCI | Traffic Unprotected Fallback | +| ------ | ------------------- | ------------ | --- | ---------------------------- | +| aes128-gcm | 100 | 30 | True | allow | + +###### Keys + +| Key ID | Fallback | +| ------ | -------- | +| 1234a | - | +| 1234c | True | + +###### L2 Protocols + +| L2 Protocol | Mode | +| ----------- | ---- | +| lldp | bypass unauthorized | + +##### Profile A2 + +###### Settings + +| Cipher | Key-Server Priority | Rekey-Period | SCI | Traffic Unprotected Fallback | +| ------ | ------------------- | ------------ | --- | ---------------------------- | +| - | - | - | - | allow active-sak | + +###### Keys + +| Key ID | Fallback | +| ------ | -------- | +| 1234b | - | + +##### Profile A3 + +###### Settings + +| Cipher | Key-Server Priority | Rekey-Period | SCI | Traffic Unprotected Fallback | +| ------ | ------------------- | ------------ | --- | ---------------------------- | +| aes256-gcm-xpn | - | - | - | drop | + +###### Keys + +| Key ID | Fallback | +| ------ | -------- | +| ab | False | + +### MACsec Device Configuration + +```eos +! +mac security + license license1 123456 + fips restrictions + ! + profile A1 + cipher aes128-gcm + key 1234a 7 + key 1234c 7 fallback + mka key-server priority 100 + mka session rekey-period 30 + traffic unprotected allow + sci + l2-protocol lldp bypass unauthorized + ! + profile A2 + key 1234b 7 + traffic unprotected allow active-sak + ! + profile A3 + cipher aes256-gcm-xpn + key ab 7 + traffic unprotected drop +``` + +### Traffic Policies information + +#### IPv4 Field Sets + +| Field Set Name | IPv4 Prefixes | +| -------------- | ------------- | +| DEMO-01 | 10.0.0.0/8
192.168.0.0/16 | +| DEMO-02 | 172.16.0.0/12
224.0.0.0/8 | +| DEMO-03 | - | + +#### L4 Port Field Sets + +| Field Set Name | L4 Ports | +| -------------- | -------- | +| SERVICE-DEMO | 10,20,80,440-450 | +| SERVICE-DEMO2 | - | + +#### Traffic Policies + +##### BLUE-C1-POLICY + +| Match set | Type | Sources | Destinations | Protocol | Source Port(s) | Source Field(s) | Destination port(s) | Destination Field(s) | Action | +| --------- | ---- | ------- | ------------ | -------- | -------------- | --------------- | ------------------- | -------------------- | ------ | +| BLUE-C1-POLICY-01 | ipv4 | 10.0.0.0/8
192.168.0.0/16 | DEMO-01 | tcp
udp | 1,10-20
any | -
SERVICE-DEMO | any
any | -
- | action: PASS
traffic-class: 5 | +| BLUE-C1-POLICY-02 | ipv4 | DEMO-01
DEMO-02 | any | tcp
icmp | any
- | -
- | any
- | SERVICE-DEMO
- | action: PASS
counter: DEMO-TRAFFIC
dscp marking: 60 | +| BLUE-C1-POLICY-03 | ipv4 | DEMO-01 | any | icmp | - | - | - | - | action: DROP
counter: DROP-PACKETS
logging | +| BLUE-C1-POLICY-04 | ipv4 | DEMO-02 | DEMO-01 | tcp
icmp | 22
- | -
- | 80
- | -
- | action: PASS
traffic-class: 5 | +| BLUE-C1-POLICY-05 | ipv4 | DEMO-02 | DEMO-01 | bgp | - | - | - | - | action: PASS
traffic-class: 5 | +| BLUE-C1-POLICY-06 | ipv4 | any | any | neighbors
udp
tcp
icmp | -
22
22
- | -
-
-
- | -
1,10-20
any
- | -
-
-
- | action: PASS | +| BLUE-C1-POLICY-07 | ipv4 | any | 10.0.0.0/8
192.168.0.0/16 | - | - | - | - | - | default action: PASS | +| BLUE-C1-POLICY-08 | ipv4 | any | DEMO-01 | udp
tcp | any
any | -
SERVICE-DEMO-SRC | 1,10-20
any | -
SERVICE-DEMO-DST | default action: PASS | + +##### BLUE-C2-POLICY + +| Match set | Type | Sources | Destinations | Protocol | Source Port(s) | Source Field(s) | Destination port(s) | Destination Field(s) | Action | +| --------- | ---- | ------- | ------------ | -------- | -------------- | --------------- | ------------------- | -------------------- | ------ | +| BLUE-C2-POLICY-01 | ipv4 | 10.0.0.0/8
192.168.0.0/16 | any | tcp
icmp | 1,10-20
- | -
- | any
- | -
- | action: PASS
traffic-class: 5 | +| BLUE-C2-POLICY-02 | ipv4 | DEMO-01
DEMO-02 | any | tcp
icmp | any
- | SERVICE-DEMO
- | any
- | -
- | action: PASS
counter: DEMO-TRAFFIC
dscp marking: 60 | +| BLUE-C2-POLICY-03 | ipv4 | DEMO-01 | any | tcp | any | - | any | - | action: DROP | + +##### BLUE-C3-POLICY + +##### BLUE-C4-POLICY + +##### BLUE-C5-POLICY + +##### BLUE-C6-POLICY + +##### BLUE-C7-POLICY + +| Match set | Type | Sources | Destinations | Protocol | Source Port(s) | Source Field(s) | Destination port(s) | Destination Field(s) | Action | +| --------- | ---- | ------- | ------------ | -------- | -------------- | --------------- | ------------------- | -------------------- | ------ | +| BLUE-C7-POLICY-01 | ipv4 | any | any | neighbors | - | - | - | - | default action: PASS | + +##### Traffic-Policy Interfaces + +| Interface | Input Traffic-Policy | Output Traffic-Policy | +| --------- | -------------------- | --------------------- | +| Ethernet1 | BLUE-C1-POLICY | BLUE-C2-POLICY | +| Port-Channel15 | BLUE-C1-POLICY | BLUE-C2-POLICY | + +#### Traffic Policies Device Configuration + +```eos +! +traffic-policies + field-set l4-port SERVICE-DEMO + 10,20,80,440-450 + ! + field-set l4-port SERVICE-DEMO2 + field-set ipv4 prefix DEMO-01 + 10.0.0.0/8 192.168.0.0/16 + ! + field-set ipv4 prefix DEMO-02 + 172.16.0.0/12 224.0.0.0/8 + ! + field-set ipv4 prefix DEMO-03 + counter interface per-interface ingress + ! + traffic-policy BLUE-C1-POLICY + counter DEMO-TRAFFIC DROP-PACKETS + ! + match BLUE-C1-POLICY-01 ipv4 + source prefix 10.0.0.0/8 192.168.0.0/16 + destination prefix field-set DEMO-01 + protocol tcp source port 1,10-20 + protocol udp source port field-set SERVICE-DEMO + ttl 10, 20-30 + ! + actions + set traffic class 5 + ! + match BLUE-C1-POLICY-02 ipv4 + source prefix field-set DEMO-01 DEMO-02 + protocol tcp flags established + protocol tcp destination port field-set SERVICE-DEMO + protocol icmp + ! + actions + count DEMO-TRAFFIC + set dscp 60 + ! + match BLUE-C1-POLICY-03 ipv4 + source prefix field-set DEMO-01 + protocol icmp type echo echo-reply code all + fragment offset 1124, 2000-2010 + ! + actions + count DROP-PACKETS + drop + log + ! + match BLUE-C1-POLICY-04 ipv4 + source prefix field-set DEMO-02 + destination prefix field-set DEMO-01 + protocol tcp flags established + protocol tcp source port 22 destination port 80 + protocol icmp + ! + actions + set traffic class 5 + ! + match BLUE-C1-POLICY-05 ipv4 + source prefix field-set DEMO-02 + destination prefix field-set DEMO-01 + protocol bgp + fragment + ! + actions + set traffic class 5 + ! + match BLUE-C1-POLICY-06 ipv4 + protocol neighbors bgp + ! + match BLUE-C1-POLICY-07 ipv4 + destination prefix 10.0.0.0/8 192.168.0.0/16 + ! + match BLUE-C1-POLICY-08 ipv4 + destination prefix 10.0.0.0/8 192.168.0.0/16 + protocol udp destination port 1,10-20 + protocol tcp source port field-set SERVICE-DEMO-SRC destination port field-set SERVICE-DEMO-DST + ! + match ipv4-all-default ipv4 + actions + drop + ! + match ipv6-all-default ipv6 + ! + traffic-policy BLUE-C2-POLICY + counter DEMO-TRAFFIC + ! + match BLUE-C2-POLICY-01 ipv4 + source prefix 10.0.0.0/8 192.168.0.0/16 + protocol tcp source port 1,10-20 + protocol icmp + ! + actions + set traffic class 5 + ! + match BLUE-C2-POLICY-02 ipv4 + source prefix field-set DEMO-01 DEMO-02 + protocol tcp source port field-set SERVICE-DEMO + protocol icmp + ! + actions + count DEMO-TRAFFIC + set dscp 60 + ! + match BLUE-C2-POLICY-03 ipv4 + source prefix field-set DEMO-01 + protocol tcp + ! + actions + drop + ! + match ipv4-all-default ipv4 + actions + drop + log + ! + match ipv6-all-default ipv6 + ! + traffic-policy BLUE-C3-POLICY + match ipv4-all-default ipv4 + actions + count test + set dscp 11 + set traffic class 10 + ! + match ipv6-all-default ipv6 + ! + traffic-policy BLUE-C4-POLICY + match ipv4-all-default ipv4 + ! + match ipv6-all-default ipv6 + actions + count test + set dscp 11 + set traffic class 10 + ! + traffic-policy BLUE-C5-POLICY + match ipv4-all-default ipv4 + ! + match ipv6-all-default ipv6 + actions + drop + log + ! + traffic-policy BLUE-C6-POLICY + match ipv4-all-default ipv4 + ! + match ipv6-all-default ipv6 + actions + drop + ! + traffic-policy BLUE-C7-POLICY + match BLUE-C7-POLICY-01 ipv4 + protocol neighbors bgp enforce ttl maximum-hops + ! + match ipv4-all-default ipv4 + ! + match ipv6-all-default ipv6 +``` + ## Quality Of Service +### QOS + +#### QOS Summary + +QOS rewrite DSCP: **enabled** + +QOS random-detect ECN is set to allow **non-ect** **chip-based** + +##### QOS Mappings + +| COS to Traffic Class mappings | +| ----------------------------- | +| 1 2 3 4 to traffic-class 2 | +| 3 to traffic-class 3 | + +| DSCP to Traffic Class mappings | +| ------------------------------ | +| 8 9 10 11 12 13 14 15 16 17 19 21 23 24 25 27 29 31 32 33 35 37 39 40 41 42 43 44 45 47 49 50 51 52 53 54 55 57 58 59 60 61 62 63 to traffic-class 1 | +| 18 20 22 26 28 30 34 36 38 to traffic-class 4 drop-precedence 2 | +| 46 to traffic-class 5 | + +| EXP to Traffic Class mappings | +| ----------------------------- | +| 0 to traffic-class 0 | + +| Traffic Class to DSCP or COS mappings | +| ------------------------------------- | +| 1 to dscp 56 | +| 2 4 5 to cos 7 | +| 6 to tx-queue 2 | + +#### QOS Device Configuration + +```eos +! +qos rewrite dscp +qos map cos 1 2 3 4 to traffic-class 2 +qos map cos 3 to traffic-class 3 +qos map dscp 8 9 10 11 12 13 14 15 16 17 19 21 23 24 25 27 29 31 32 33 35 37 39 40 41 42 43 44 45 47 49 50 51 52 53 54 55 57 58 59 60 61 62 63 to traffic-class 1 +qos map dscp 18 20 22 26 28 30 34 36 38 to traffic-class 4 drop-precedence 2 +qos map dscp 46 to traffic-class 5 +qos map traffic-class 1 to dscp 56 +qos map traffic-class 2 4 5 to cos 7 +qos map traffic-class 6 to tx-queue 2 +qos map exp 0 to traffic-class 0 +! +qos random-detect ecn allow non-ect chip-based +``` + ### QOS Class Maps #### QOS Class Maps Summary @@ -9735,6 +10913,10 @@ errdisable recovery interval 300 | CM_REPLICATION_LD | acl | ACL_REPLICATION_LD | | CM_REPLICATION_LD2 | vlan | 200 | | CM_REPLICATION_LD3 | cos | 3 | +| cmap_tc0_v4 | acl | acl_qos_tc0_v4 | +| cmap_tc0_v6 | - | - | +| cmap_tc5_v4 | acl | acl_qos_tc5_v4 | +| cmap_tc5_v6 | - | - | | COS_RANGE | vlan | 1-3 | | VLAN_RANGE | vlan | 200-400 | @@ -9754,6 +10936,18 @@ class-map type qos match-any CM_REPLICATION_LD2 class-map type qos match-any CM_REPLICATION_LD3 match cos 3 ! +class-map type qos match-any cmap_tc0_v4 + match ip access-group acl_qos_tc0_v4 +! +class-map type qos match-any cmap_tc0_v6 + match ipv6 access-group acl_qos_tc0_v6 +! +class-map type qos match-any cmap_tc5_v4 + match ip access-group acl_qos_tc5_v4 +! +class-map type qos match-any cmap_tc5_v6 + match ipv6 access-group acl_qos_tc5_v6 +! class-map type qos match-any COS_RANGE match vlan 1-3 ! @@ -9792,6 +10986,16 @@ class-map type pbr match-any CM_PBR_WITHOUT_ACCESS_GROUP | ---------- | --- | -----| ------------- | --------------- | ----------------------------- | | CM_REPLICATION_LD | 6 | af11 | - | - | 10000 bps (260 kbytes) -> drop | +##### pmap_test1 + +| Class Name | COS | DSCP | Traffic Class | Drop Precedence | Police Rate (Burst) -> Action | +| ---------- | --- | -----| ------------- | --------------- | ----------------------------- | +| cmap_tc0_v4 | - | - | 0 | - | - | +| cmap_tc5_v4 | - | - | 5 | - | - | +| cmap_tc5_v6 | - | - | 5 | - | - | +| cmap_tc0_v6 | - | - | 0 | - | - | +| class-default | - | - | 1 | - | - | + #### QOS Policy Maps Device Configuration ```eos @@ -9818,17 +11022,401 @@ policy-map type quality-of-service PM_REPLICATION_LD3 set dscp af11 set cos 6 police rate 10000 bps burst-size 260 kbytes +! +policy-map type quality-of-service pmap_test1 + class cmap_tc0_v4 + set traffic-class 0 + ! + class cmap_tc5_v4 + set traffic-class 5 + ! + class cmap_tc5_v6 + set traffic-class 5 + ! + class cmap_tc0_v6 + set traffic-class 0 + ! + class class-default + set traffic-class 1 +``` + +### QOS Profiles + +#### QOS Profiles Summary + +##### QOS Profile: **experiment** + +###### Settings + +| Default COS | Default DSCP | Trust | Shape Rate | QOS Service Policy | +| ----------- | ------------ | ----- | ---------- | ------------------ | +| 2 | - | cos | - | test_qos_policy_v1 | + +###### TX Queues + +| TX queue | Type | Bandwidth | Priority | Shape Rate | Comment | +| -------- | ---- | --------- | -------- | ---------- | ------- | +| 3 | All | 30 | no priority | - | - | +| 4 | All | 10 | - | - | - | +| 5 | All | 40 | - | - | - | +| 7 | All | 30 | - | 40 percent | - | + +##### QOS Profile: **no_qos_trust** + +###### Settings + +| Default COS | Default DSCP | Trust | Shape Rate | QOS Service Policy | +| ----------- | ------------ | ----- | ---------- | ------------------ | +| 3 | 4 | disabled | - | - | + +##### QOS Profile: **qprof_testwithpolicy** + +###### Settings + +| Default COS | Default DSCP | Trust | Shape Rate | QOS Service Policy | +| ----------- | ------------ | ----- | ---------- | ------------------ | +| - | - | - | - | pmap_test1 | + +###### TX Queues + +| TX queue | Type | Bandwidth | Priority | Shape Rate | Comment | +| -------- | ---- | --------- | -------- | ---------- | ------- | +| 0 | All | 1 | - | - | - | +| 1 | All | 80 | - | - | - | +| 5 | All | 19 | no priority | - | Multi-line comment
here. | + +##### QOS Profile: **test** + +###### Settings + +| Default COS | Default DSCP | Trust | Shape Rate | QOS Service Policy | +| ----------- | ------------ | ----- | ---------- | ------------------ | +| - | 46 | dscp | 80 percent | - | + +###### TX Queues + +| TX queue | Type | Bandwidth | Priority | Shape Rate | Comment | +| -------- | ---- | --------- | -------- | ---------- | ------- | +| 1 | All | 50 | no priority | - | - | +| 2 | All | 10 | priority strict | - | - | +| 4 | All | 10 | - | - | - | + +###### ECN Configuration + +| TX queue | Type | Min Threshold | Max Threshold | Max Mark Probability | +| -------- | ---- | ------------- | ------------- | -------------------- | +| 1 | All | - | - | - | +| 2 | All | 320 kbytes | 320 kbytes | 90 | +| 4 | All | 320 segments | 320 segments | - | + +##### QOS Profile: **test_with_pfc** + +###### Settings + +| Default COS | Default DSCP | Trust | Shape Rate | QOS Service Policy | +| ----------- | ------------ | ----- | ---------- | ------------------ | +| - | - | - | - | pmap_test1 | + +###### TX Queues + +| TX queue | Type | Bandwidth | Priority | Shape Rate | Comment | +| -------- | ---- | --------- | -------- | ---------- | ------- | +| 0 | All | 1 | - | - | - | +| 1 | All | 80 | - | - | - | +| 5 | All | 19 | no priority | - | - | + +###### Priority Flow Control + +Priority Flow Control is **enabled**. + +| Priority | Action | +| -------- | ------ | +| 0 | no-drop | +| 1 | drop | + +###### Priority Flow Control Watchdog Settings + +| Enabled | Action | Timeout | Recovery | Polling | +| ------- | ------ | ------- | -------- | ------- | +| True | drop | 0.05 | 1.11 | auto | + +##### QOS Profile: **uc_mc_queues_test** + +###### Settings + +| Default COS | Default DSCP | Trust | Shape Rate | QOS Service Policy | +| ----------- | ------------ | ----- | ---------- | ------------------ | +| - | - | - | - | - | + +###### TX Queues + +| TX queue | Type | Bandwidth | Priority | Shape Rate | Comment | +| -------- | ---- | --------- | -------- | ---------- | ------- | +| 1 | Unicast | 50 | no priority | - | Test no priority | +| 2 | Unicast | 10 | priority strict | - | - | +| 4 | Unicast | 10 | - | - | Test guaranteed percent | +| 1 | Multicast | 50 | no priority | - | - | +| 2 | Multicast | 10 | priority strict | - | Test strict priority | +| 4 | Multicast | 10 | - | - | Test guaranteed percent | + +###### ECN Configuration + +| TX queue | Type | Min Threshold | Max Threshold | Max Mark Probability | +| -------- | ---- | ------------- | ------------- | -------------------- | +| 1 | Unicast | 3 milliseconds | 9 milliseconds | 90 | +| 2 | Unicast | 320 kbytes | 320 kbytes | 90 | +| 4 | Unicast | 320 segments | 320 segments | - | +| 1 | Multicast | - | - | - | +| 2 | Multicast | - | - | - | +| 4 | Multicast | - | - | - | + +##### QOS Profile: **wred_queues_test** + +###### Settings + +| Default COS | Default DSCP | Trust | Shape Rate | QOS Service Policy | +| ----------- | ------------ | ----- | ---------- | ------------------ | +| - | - | - | - | - | + +###### TX Queues + +| TX queue | Type | Bandwidth | Priority | Shape Rate | Comment | +| -------- | ---- | --------- | -------- | ---------- | ------- | +| 1 | All | 50 | no priority | - | Test no priority | +| 2 | All | 10 | priority strict | - | - | +| 3 | All | 10 | priority strict | - | - | +| 4 | All | 10 | - | - | Test guaranteed percent | +| 1 | Multicast | 50 | no priority | - | - | +| 2 | Multicast | 10 | priority strict | - | Test strict priority | +| 4 | Multicast | 10 | - | - | Test guaranteed percent | + +###### ECN Configuration + +| TX queue | Type | Min Threshold | Max Threshold | Max Mark Probability | +| -------- | ---- | ------------- | ------------- | -------------------- | +| 1 | All | - | - | - | +| 2 | All | - | - | - | +| 3 | All | 320 kbytes | 320 kbytes | - | +| 4 | All | - | - | - | +| 1 | Multicast | - | - | - | +| 2 | Multicast | - | - | - | +| 4 | Multicast | - | - | - | + +###### WRED Configuration + +| TX queue | Type | Drop Precedence | Min Threshold | Max Threshold | Drop Probability | Weight | +| -------- | ---- | --------------- | ------------- | ------------- | ---------------- | ------ | +| 1 | All | - | 1 kbytes | 10 kbytes | 100 | - | +| 2 | All | 2 | 2 kbytes | 200 kbytes | 50 | 10 | +| 3 | All | - | - | - | - | - | +| 4 | All | - | 1 kbytes | 10 kbytes | 90 | - | +| 1 | Multicast | - | - | - | - | - | +| 2 | Multicast | - | - | - | - | - | +| 4 | Multicast | - | - | - | - | - | + +##### QOS Profile: **wred_uc_queues_test** + +###### Settings + +| Default COS | Default DSCP | Trust | Shape Rate | QOS Service Policy | +| ----------- | ------------ | ----- | ---------- | ------------------ | +| - | - | - | - | - | + +###### TX Queues + +| TX queue | Type | Bandwidth | Priority | Shape Rate | Comment | +| -------- | ---- | --------- | -------- | ---------- | ------- | +| 1 | Unicast | 50 | no priority | - | Test no priority | +| 2 | Unicast | 10 | priority strict | - | - | +| 4 | Unicast | 10 | - | - | Test guaranteed percent | + +###### WRED Configuration + +| TX queue | Type | Drop Precedence | Min Threshold | Max Threshold | Drop Probability | Weight | +| -------- | ---- | --------------- | ------------- | ------------- | ---------------- | ------ | +| 1 | Unicast | - |1 microseconds | 10 microseconds | 90 | 15 | +| 2 | Unicast | 1 |2 milliseconds | 20 milliseconds | 80 | - | +| 4 | Unicast | - |1 microseconds | 10 microseconds | 90 | - | + +#### QOS Profile Device Configuration + +```eos +! +qos profile experiment + qos trust cos + qos cos 2 + service-policy type qos input test_qos_policy_v1 + ! + tx-queue 3 + no priority + bandwidth percent 30 + ! + tx-queue 4 + bandwidth guaranteed percent 10 + ! + tx-queue 5 + bandwidth percent 40 + ! + tx-queue 7 + bandwidth percent 30 + shape rate 40 percent +! +qos profile no_qos_trust + no qos trust + qos cos 3 + qos dscp 4 +! +qos profile qprof_testwithpolicy + service-policy type qos input pmap_test1 + ! + tx-queue 0 + bandwidth percent 1 + ! + tx-queue 1 + bandwidth percent 80 + ! + tx-queue 5 + !! Multi-line comment + !! here. + no priority + bandwidth percent 19 +! +qos profile test + qos trust dscp + qos dscp 46 + shape rate 80 percent + ! + tx-queue 1 + no priority + bandwidth percent 50 + ! + tx-queue 2 + priority strict + bandwidth percent 10 + random-detect ecn minimum-threshold 320 kbytes maximum-threshold 320 kbytes max-mark-probability 90 + ! + tx-queue 4 + bandwidth guaranteed percent 10 + random-detect ecn minimum-threshold 320 segments maximum-threshold 320 segments weight 10 +! +qos profile test_with_pfc + service-policy type qos input pmap_test1 + ! + tx-queue 0 + bandwidth percent 1 + ! + tx-queue 1 + bandwidth percent 80 + ! + tx-queue 5 + no priority + bandwidth percent 19 + ! + priority-flow-control on + priority-flow-control priority 0 no-drop + priority-flow-control priority 1 drop + priority-flow-control pause watchdog + priority-flow-control pause watchdog port action drop + priority-flow-control pause watchdog port timer timeout 0.05 polling-interval auto recovery-time 1.11 forced +! +qos profile uc_mc_queues_test + ! + uc-tx-queue 1 + !! Test no priority + no priority + bandwidth percent 50 + random-detect ecn minimum-threshold 3 milliseconds maximum-threshold 9 milliseconds max-mark-probability 90 + ! + uc-tx-queue 2 + priority strict + bandwidth percent 10 + random-detect ecn minimum-threshold 320 kbytes maximum-threshold 320 kbytes max-mark-probability 90 + ! + uc-tx-queue 4 + !! Test guaranteed percent + bandwidth guaranteed percent 10 + random-detect ecn minimum-threshold 320 segments maximum-threshold 320 segments weight 10 + ! + mc-tx-queue 1 + no priority + bandwidth percent 50 + ! + mc-tx-queue 2 + !! Test strict priority + priority strict + bandwidth percent 10 + ! + mc-tx-queue 4 + !! Test guaranteed percent + bandwidth guaranteed percent 10 +! +qos profile wred_queues_test + ! + tx-queue 1 + !! Test no priority + no priority + bandwidth percent 50 + random-detect drop minimum-threshold 1 kbytes maximum-threshold 10 kbytes drop-probability 100 + ! + tx-queue 2 + priority strict + bandwidth percent 10 + random-detect drop drop-precedence 2 minimum-threshold 2 kbytes maximum-threshold 200 kbytes drop-probability 50 weight 10 + ! + tx-queue 3 + priority strict + bandwidth percent 10 + random-detect ecn minimum-threshold 320 kbytes maximum-threshold 320 kbytes weight 10 + ! + tx-queue 4 + !! Test guaranteed percent + bandwidth guaranteed percent 10 + random-detect drop minimum-threshold 1 kbytes maximum-threshold 10 kbytes drop-probability 90 + ! + mc-tx-queue 1 + no priority + bandwidth percent 50 + ! + mc-tx-queue 2 + !! Test strict priority + priority strict + bandwidth percent 10 + ! + mc-tx-queue 4 + !! Test guaranteed percent + bandwidth guaranteed percent 10 +! +qos profile wred_uc_queues_test + ! + uc-tx-queue 1 + !! Test no priority + no priority + bandwidth percent 50 + random-detect drop minimum-threshold 1 microseconds maximum-threshold 10 microseconds drop-probability 90 weight 15 + ! + uc-tx-queue 2 + priority strict + bandwidth percent 10 + random-detect drop drop-precedence 1 minimum-threshold 2 milliseconds maximum-threshold 20 milliseconds drop-probability 80 + ! + uc-tx-queue 4 + !! Test guaranteed percent + bandwidth guaranteed percent 10 + random-detect drop minimum-threshold 1 microseconds maximum-threshold 10 microseconds drop-probability 90 ``` ### QOS Interfaces | Interface | Trust | Default DSCP | Default COS | Shape rate | | --------- | ----- | ------------ | ----------- | ---------- | +| Ethernet1 | dscp | 48 | - | - | +| Ethernet6 | cos | - | 2 | - | | Ethernet7 | cos | - | 5 | - | | Ethernet21 | disabled | - | - | 200000 kbps | | Ethernet22 | - | - | - | 10 percent | | Port-Channel3 | - | - | - | 200000 kbps | | Port-Channel10 | - | - | - | 50 percent | +| Port-Channel15 | cos | - | 2 | - | | Port-Channel101 | disabled | - | - | - | ### Control-plane Policy Map @@ -9917,6 +11505,27 @@ monitor telemetry influx source group standard disabled ``` +### Priority Flow Control + +#### Global Settings + +Priority Flow Control is **Off** on all interfaces. + +##### Priority Flow Control Watchdog Settings + +| Action | Timeout | Recovery | Polling | Override Action Drop | +| ------ | ------- | -------- | ------- | +| no-drop | 0.05 | 1.22 | 10.001 | False | + +```eos +! +priority-flow-control all off +priority-flow-control pause watchdog default timeout 0.05 +priority-flow-control pause watchdog default recovery-time 1.22 +priority-flow-control pause watchdog default polling-interval 10.001 +priority-flow-control pause watchdog action no-drop +``` + ## STUN ### STUN Client @@ -10088,3 +11697,12 @@ maintenance group interface INTERFACE_GROUP_1 profile unit UP1 ``` + +## EOS CLI Device Configuration + +```eos +! +interface Loopback1000 + description Interface created with eos_cli on device level + +``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host2.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host2.md index 34b7c2bb34d..28f98045794 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host2.md +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host2.md @@ -28,6 +28,7 @@ - [System Boot Device Configuration](#system-boot-device-configuration) - [Monitoring](#monitoring) - [Logging](#logging) + - [Flow Tracking](#flow-tracking) - [Monitor Server Radius Summary](#monitor-server-radius-summary) - [Monitor Connectivity](#monitor-connectivity) - [Global Configuration](#global-configuration) @@ -36,10 +37,12 @@ - [LACP Summary](#lacp-summary) - [LACP Device Configuration](#lacp-device-configuration) - [Interfaces](#interfaces) + - [Switchport Default](#switchport-default) - [DPS Interfaces](#dps-interfaces) - [VXLAN Interface](#vxlan-interface) - [Routing](#routing) - [Service Routing Protocols Model](#service-routing-protocols-model) + - [IP Routing](#ip-routing) - [ARP](#arp) - [Router Adaptive Virtual Topology](#router-adaptive-virtual-topology) - [Router BGP](#router-bgp) @@ -66,6 +69,7 @@ - [IP DHCP Snooping Device Configuration](#ip-dhcp-snooping-device-configuration) - [IP NAT](#ip-nat) - [IP NAT Device Configuration](#ip-nat-device-configuration) + - [Traffic Policies information](#traffic-policies-information) ## Management @@ -386,6 +390,38 @@ logging facility syslog logging event link-status global ``` +### Flow Tracking + +#### Flow Tracking Sampled + +| Sample Size | Minimum Sample Size | Hardware Offload for IPv4 | Hardware Offload for IPv6 | Encapsulations | +| ----------- | ------------------- | ------------------------- | ------------------------- | -------------- | +| 666 | default | enabled | enabled | - | + +##### Trackers Summary + +| Tracker Name | Record Export On Inactive Timeout | Record Export On Interval | MPLS | Number of Exporters | Applied On | Table Size | +| ------------ | --------------------------------- | ------------------------- | ---- | ------------------- | ---------- | ---------- | +| T21 | 3666 | 5666 | True | 0 | | - | + +##### Exporters Summary + +| Tracker Name | Exporter Name | Collector IP/Host | Collector Port | Local Interface | +| ------------ | ------------- | ----------------- | -------------- | --------------- | + +#### Flow Tracking Device Configuration + +```eos +! +flow tracking sampled + sample 666 + hardware offload ipv4 ipv6 + tracker T21 + record export on inactive timeout 3666 + record export on interval 5666 + record export mpls +``` + ### Monitor Server Radius Summary #### Server Probe Settings @@ -446,6 +482,19 @@ lacp system-priority 0 ## Interfaces +### Switchport Default + +#### Switchport Defaults Summary + +- Default Switchport Mode: routed + +#### Switchport Default Device Configuration + +```eos +! +switchport default mode routed +``` + ### DPS Interfaces #### DPS Interfaces Summary @@ -498,6 +547,22 @@ Single agent routing protocol model enabled service routing protocols model ribd ``` +### IP Routing + +#### IP Routing Summary + +| VRF | Routing Enabled | +| --- | --------------- | +| default | False | + +#### IP Routing Device Configuration + +```eos +! +no ip routing +no ip icmp redirect +``` + ### ARP ARP cache persistency is enabled. @@ -871,3 +936,23 @@ ip dhcp snooping ! ip nat synchronization ``` + +### Traffic Policies information + +#### IPv6 Field Sets + +| Field Set Name | IPv6 Prefixes | +| -------------- | ------------- | +| IPv6-DEMO-1 | 11:22:33:44:55:66:77:88 | +| IPv6-DEMO-2 | - | + +#### Traffic Policies Device Configuration + +```eos +! +traffic-policies + field-set ipv6 prefix IPv6-DEMO-1 + 11:22:33:44:55:66:77:88 + ! + field-set ipv6 prefix IPv6-DEMO-2 +``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host3.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host3.md index d5aabeba0d6..0d8e9a9bf3a 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host3.md +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host3.md @@ -6,6 +6,7 @@ - [Management Interfaces](#management-interfaces) - [Routing](#routing) - [Router BGP](#router-bgp) + - [Traffic Policies information](#traffic-policies-information) ## Management @@ -88,3 +89,12 @@ router bgp 65101.0001 redistribute ospfv3 include leaked route-map RM-REDISTRIBUTE-OSPFV3 redistribute ospfv3 match external include leaked route-map RM-REDISTRIBUTE-OSPFV3-EXTERNAL ``` + +### Traffic Policies information + +#### Traffic Policies Device Configuration + +```eos +! +traffic-policies +``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host4_inline_jinja.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host4_inline_jinja.md index 73a1ac0d771..20ebe890c21 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host4_inline_jinja.md +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host4_inline_jinja.md @@ -6,6 +6,13 @@ - [Management Interfaces](#management-interfaces) - [Authentication](#authentication) - [TACACS Servers](#tacacs-servers) +- [Hardware TCAM Profile](#hardware-tcam-profile) + - [Custom TCAM Profiles](#custom-tcam-profiles) + - [Hardware TCAM Device Configuration](#hardware-tcam-device-configuration) +- [Custom Templates](#custom-templates) + - [Configuration Generated by `custom_templates/test-template-1.j2`](#configuration-generated-by-custom_templatestest-template-1j2) + - [Configuration Generated by `custom_templates/test-template-2.j2`](#configuration-generated-by-custom_templatestest-template-2j2) + - [Configuration Generated by `custom_templates/test-template-3.j2`](#configuration-generated-by-custom_templatestest-template-3j2) ## Management @@ -51,3 +58,155 @@ interface Management1 ! tacacs-server host 10.10.10.158 key 7 ``` + +## Hardware TCAM Profile + +TCAM profile **`traffic_policy`** is active + +### Custom TCAM Profiles + +Following TCAM profiles are configured on device: + +- Profile Name: `traffic_policy` + +### Hardware TCAM Device Configuration + +```eos +! +hardware tcam + profile traffic_policy + feature acl port mac + sequence 55 + key size limit 160 + key field dst-mac ether-type src-mac + action count drop + packet ipv4 forwarding bridged + packet ipv4 forwarding routed + packet ipv4 forwarding routed multicast + packet ipv4 mpls ipv4 forwarding mpls decap + packet ipv4 mpls ipv6 forwarding mpls decap + packet ipv4 non-vxlan forwarding routed decap + packet ipv4 vxlan forwarding bridged decap + packet ipv6 forwarding bridged + packet ipv6 forwarding routed + packet ipv6 forwarding routed decap + packet ipv6 forwarding routed multicast + packet ipv6 ipv6 forwarding routed decap + packet mpls forwarding bridged decap + packet mpls ipv4 forwarding mpls + packet mpls ipv6 forwarding mpls + packet mpls non-ip forwarding mpls + packet non-ip forwarding bridged + ! + feature forwarding-destination mpls + sequence 100 + ! + feature mirror ip + sequence 80 + key size limit 160 + key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops l4-src-port src-ip tcp-control + action count mirror set-policer + packet ipv4 forwarding bridged + packet ipv4 forwarding routed + packet ipv4 forwarding routed multicast + packet ipv4 non-vxlan forwarding routed decap + ! + feature mpls + sequence 5 + key size limit 160 + action drop redirect set-ecn + packet ipv4 mpls ipv4 forwarding mpls decap + packet ipv4 mpls ipv6 forwarding mpls decap + packet mpls ipv4 forwarding mpls + packet mpls ipv6 forwarding mpls + packet mpls non-ip forwarding mpls + ! + feature pbr ip + sequence 60 + key size limit 160 + key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops-18b l4-src-port src-ip tcp-control + action count redirect + packet ipv4 forwarding routed + packet ipv4 mpls ipv4 forwarding mpls decap + packet ipv4 mpls ipv6 forwarding mpls decap + packet ipv4 non-vxlan forwarding routed decap + packet ipv4 vxlan forwarding bridged decap + ! + feature pbr ipv6 + sequence 30 + key field dst-ipv6 ipv6-next-header l4-dst-port l4-src-port src-ipv6-high src-ipv6-low tcp-control + action count redirect + packet ipv6 forwarding routed + ! + feature pbr mpls + sequence 65 + key size limit 160 + key field mpls-inner-ip-tos + action count drop redirect + packet mpls ipv4 forwarding mpls + packet mpls ipv6 forwarding mpls + packet mpls non-ip forwarding mpls + ! + feature qos ip + sequence 75 + key size limit 160 + key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops l4-src-port src-ip tcp-control + action set-dscp set-policer set-tc + packet ipv4 forwarding routed + packet ipv4 forwarding routed multicast + packet ipv4 mpls ipv4 forwarding mpls decap + packet ipv4 mpls ipv6 forwarding mpls decap + packet ipv4 non-vxlan forwarding routed decap + ! + feature qos ipv6 + sequence 70 + key field dst-ipv6 ipv6-next-header ipv6-traffic-class l4-dst-port l4-src-port src-ipv6-high src-ipv6-low + action set-dscp set-policer set-tc + packet ipv6 forwarding routed + ! + feature traffic-policy port ipv4 + sequence 45 + key size limit 160 + key field dscp dst-ip-label icmp-type-code ip-frag ip-fragment-offset ip-length ip-protocol l4-dst-port l4-src-port src-ip-label tcp-control ttl + action count drop log set-dscp set-tc + packet ipv4 forwarding routed + ! + feature traffic-policy port ipv6 + sequence 25 + key field dst-ipv6-label hop-limit icmp-type-code ipv6-length ipv6-next-header ipv6-traffic-class l4-dst-port l4-src-port src-ipv6-label tcp-control + action count drop log set-dscp set-tc + packet ipv6 forwarding routed + ! + feature tunnel vxlan + sequence 50 + key size limit 160 + packet ipv4 vxlan eth ipv4 forwarding routed decap + packet ipv4 vxlan forwarding bridged decap + ! + system profile traffic_policy +``` + +## Custom Templates + +### Configuration Generated by `custom_templates/test-template-1.j2` + +```eos +! +test-custom-template-with-logic-1 + +``` + +### Configuration Generated by `custom_templates/test-template-2.j2` + +```eos +! +test-custom-template-no-logic-2 +``` + +### Configuration Generated by `custom_templates/test-template-3.j2` + +```eos +! +test-custom-template-with-logic-3 + +``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/hardware.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host6.md similarity index 57% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/hardware.md rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host6.md index 637eb72fe5a..18ee4e6c9d5 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/hardware.md +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/host6.md @@ -1,11 +1,11 @@ -# hardware +# host6 ## Table of Contents - [Management](#management) - [Management Interfaces](#management-interfaces) - [Monitoring](#monitoring) - - [Hardware](#hardware-1) + - [SNMP](#snmp) ## Management @@ -37,18 +37,25 @@ interface Management1 ## Monitoring -### Hardware +### SNMP -#### Hardware Device Configuration +#### SNMP Configuration Summary + +| Contact | Location | SNMP Traps | State | +| ------- | -------- | ---------- | ----- | +| - | - | All | Disabled | + +#### SNMP Hosts Configuration + +| Host | VRF | Community | Username | Authentication level | SNMP Version | +| ---- |---- | --------- | -------- | -------------------- | ------------ | +| 10.6.75.121 | MGMT | SNMP-COMMUNITY-1 | - | - | 1 | +| 10.6.75.121 | MGMT | SNMP-COMMUNITY-2 | - | - | 2c | + +#### SNMP Device Configuration ```eos ! -hardware port-group 1 select Et32/1-4 -hardware port-group 2 select Et32/1,Et32/3,Et34 -! -hardware access-list mechanism tcam -! -hardware speed-group 1 serdes 10g -hardware speed-group 2 serdes 25g -hardware speed-group 3/1 serdes 25g +snmp-server host 10.6.75.121 vrf MGMT version 1 SNMP-COMMUNITY-1 +snmp-server host 10.6.75.121 vrf MGMT version 2c SNMP-COMMUNITY-2 ``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/interface-defaults.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/interface-defaults.md deleted file mode 100644 index 36cb96d3111..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/interface-defaults.md +++ /dev/null @@ -1,70 +0,0 @@ -# interface-defaults - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Interfaces](#interfaces) - - [Switchport Default](#switchport-default) - - [Interface Defaults](#interface-defaults-1) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Interfaces - -### Switchport Default - -#### Switchport Defaults Summary - -- Default Switchport Mode: routed - -#### Switchport Default Device Configuration - -```eos -! -switchport default mode routed -``` - -### Interface Defaults - -#### Interface Defaults Summary - -- Default Ethernet Interface Shutdown: True - -- Default Routed Interface MTU: 9000 - -#### Interface Defaults Device Configuration - -```eos -! -interface defaults - mtu 9000 - ethernet - shutdown -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-routing-fib.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-routing-fib.md deleted file mode 100644 index c7f04c85d95..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-routing-fib.md +++ /dev/null @@ -1,71 +0,0 @@ -# ip-routing-fib - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Routing](#routing) - - [IP Routing](#ip-routing) - - [IPv6 Routing](#ipv6-routing) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Routing - -### IP Routing - -#### IP Routing Summary - -| VRF | Routing Enabled | -| --- | --------------- | -| default | True | - -#### IP Routing Device Configuration - -```eos -! -ip routing -ip hardware fib optimize prefixes profile urpf-internet -``` - -### IPv6 Routing - -#### IPv6 Routing Summary - -| VRF | Routing Enabled | -| --- | --------------- | -| default | True | - -#### IPv6 Routing Device Configuration - -```eos -! -ipv6 unicast-routing -ipv6 hardware fib optimize prefixes profile internet -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-routing.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-routing.md deleted file mode 100644 index 34013b9f882..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ip-routing.md +++ /dev/null @@ -1,100 +0,0 @@ -# ip-routing - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Routing](#routing) - - [IP Routing](#ip-routing-1) - - [IPv6 Routing](#ipv6-routing) -- [VRF Instances](#vrf-instances) - - [VRF Instances Summary](#vrf-instances-summary) - - [VRF Instances Device Configuration](#vrf-instances-device-configuration) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Routing - -### IP Routing - -#### IP Routing Summary - -| VRF | Routing Enabled | -| --- | --------------- | -| default | True (ipv6 interfaces) | -| TEST1 | True | -| TEST2 | True (ipv6 interfaces) | - -#### IP Routing Device Configuration - -```eos -! -ip routing ipv6 interfaces -no ip icmp redirect -ip routing vrf TEST1 -ip routing ipv6 interfaces vrf TEST2 -``` - -### IPv6 Routing - -#### IPv6 Routing Summary - -| VRF | Routing Enabled | -| --- | --------------- | -| default | True | -| default | true | -| TEST1 | true | -| TEST2 | false | - -#### IPv6 Routing Device Configuration - -```eos -! -ipv6 unicast-routing -ipv6 unicast-routing vrf TEST1 -no ipv6 icmp redirect -``` - -## VRF Instances - -### VRF Instances Summary - -| VRF Name | IP Routing | -| -------- | ---------- | -| TEST1 | enabled | -| TEST2 | enabled (ipv6 interface) | - -### VRF Instances Device Configuration - -```eos -! -vrf instance TEST1 -! -vrf instance TEST2 -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/l2-protocol-forwarding.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/l2-protocol-forwarding.md deleted file mode 100644 index 7cfba07a00a..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/l2-protocol-forwarding.md +++ /dev/null @@ -1,157 +0,0 @@ -# l2-protocol-forwarding - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [L2 Protocol Forwarding](#l2-protocol-forwarding-1) - - [Forwarding Profiles](#forwarding-profiles) - - [L2 Protocol Forwarding Device Configuration](#l2-protocol-forwarding-device-configuration) -- [Interfaces](#interfaces) - - [Ethernet Interfaces](#ethernet-interfaces) - - [Port-Channel Interfaces](#port-channel-interfaces) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## L2 Protocol Forwarding - -### Forwarding Profiles - -#### TEST1 - -| Protocol | Forward | Tagged Forward | Untagged Forward | -| -------- | ------- | -------------- | ---------------- | -| bfd per-link rfc-7130 | True | True | True | -| e-lmi | True | True | True | -| isis | True | True | True | -| lacp | True | True | True | -| lldp | True | True | True | -| macsec | True | True | True | -| pause | True | True | True | -| stp | True | True | True | - -#### TEST2 - -| Protocol | Forward | Tagged Forward | Untagged Forward | -| -------- | ------- | -------------- | ---------------- | -| bfd per-link rfc-7130 | False | True | - | -| e-lmi | True | - | - | -| isis | - | - | True | -| lacp | True | False | True | -| lldp | False | True | False | -| macsec | - | True | - | -| pause | False | - | True | -| stp | - | True | True | - -### L2 Protocol Forwarding Device Configuration - -```eos -! -l2-protocol - forwarding profile TEST1 - bfd per-link rfc-7130 forward - bfd per-link rfc-7130 tagged forward - bfd per-link rfc-7130 untagged forward - e-lmi forward - e-lmi tagged forward - e-lmi untagged forward - isis forward - isis tagged forward - isis untagged forward - lacp forward - lacp tagged forward - lacp untagged forward - lldp forward - lldp tagged forward - lldp untagged forward - macsec forward - macsec tagged forward - macsec untagged forward - pause forward - pause tagged forward - pause untagged forward - stp forward - stp tagged forward - stp untagged forward - forwarding profile TEST2 - bfd per-link rfc-7130 tagged forward - e-lmi forward - isis untagged forward - lacp forward - lacp untagged forward - lldp tagged forward - macsec tagged forward - pause untagged forward - stp tagged forward - stp untagged forward -``` - -## Interfaces - -### Ethernet Interfaces - -#### Ethernet Interfaces Summary - -##### L2 - -| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | -| --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | -| Ethernet1 | L2PF test | - | - | - | - | - | - -*Inherited from Port-Channel Interface - -#### Ethernet Interfaces Device Configuration - -```eos -! -interface Ethernet1 - description L2PF test - l2-protocol forwarding profile TEST1 - switchport -``` - -### Port-Channel Interfaces - -#### Port-Channel Interfaces Summary - -##### L2 - -| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | -| --------- | ----------- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | -| Port-Channel1 | L2PF test | - | - | - | - | - | - | - | - | - -#### Port-Channel Interfaces Device Configuration - -```eos -! -interface Port-Channel1 - description L2PF test - l2-protocol forwarding profile TEST2 - switchport -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/lldp.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/lldp.md deleted file mode 100644 index f313f6a8ba9..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/lldp.md +++ /dev/null @@ -1,123 +0,0 @@ -# lldp - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [LLDP](#lldp-1) - - [LLDP Summary](#lldp-summary) - - [LLDP Device Configuration](#lldp-device-configuration) -- [Interfaces](#interfaces) - - [Ethernet Interfaces](#ethernet-interfaces) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## LLDP - -### LLDP Summary - -#### LLDP Global Settings - -| Enabled | Management Address | Management VRF | Timer | Hold-Time | Re-initialization Timer | Drop Received Tagged Packets | -| ------- | ------------------ | -------------- | ----- | --------- | ----------------------- | ---------------------------- | -| False | 192.168.1.1/24 | Management | 30 | 90 | 2 | - | - -#### LLDP Explicit TLV Transmit Settings - -| TLV | Transmit | -| --- | -------- | -| system-capabilities | False | -| system-description | True | - -#### LLDP Interface Settings - -LLDP is **disabled** globally. Local interface configs will not apply. - -| Interface | Transmit | Receive | -| --------- | -------- | ------- | -| Ethernet1 | False | False | -| Ethernet2 | False | True | -| Ethernet4 | True | False | - -### LLDP Device Configuration - -```eos -! -lldp timer 30 -lldp hold-time 90 -no lldp tlv transmit system-capabilities -lldp tlv transmit system-description -no lldp run -lldp management-address 192.168.1.1/24 -lldp management-address vrf Management -``` - -## Interfaces - -### Ethernet Interfaces - -#### Ethernet Interfaces Summary - -##### L2 - -| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | -| --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | -| Ethernet2 | Switched port with no LLDP rx/tx | access | 110 | - | - | - | -| Ethernet3 | No special LLDP settings | access | 110 | - | - | - | - -*Inherited from Port-Channel Interface - -#### Ethernet Interfaces Device Configuration - -```eos -! -interface Ethernet1 - description to WAN-ISP1-01 Ethernet2 - no switchport - no lldp transmit - no lldp receive -! -interface Ethernet2 - description Switched port with no LLDP rx/tx - switchport access vlan 110 - switchport mode access - switchport - no lldp transmit -! -interface Ethernet3 - description No special LLDP settings - switchport access vlan 110 - switchport mode access - switchport -! -interface Ethernet4 - description test - no switchport - no lldp receive -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/mac-security-eth-po-entropy.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/mac-security-eth-po-entropy.md deleted file mode 100644 index f61ec607759..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/mac-security-eth-po-entropy.md +++ /dev/null @@ -1,215 +0,0 @@ -# mac-security-eth-po-entropy - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Management Security](#management-security) - - [Management Security Summary](#management-security-summary) - - [Management Security SSL Profiles](#management-security-ssl-profiles) - - [Management Security Device Configuration](#management-security-device-configuration) -- [Interfaces](#interfaces) - - [Ethernet Interfaces](#ethernet-interfaces) - - [Port-Channel Interfaces](#port-channel-interfaces) -- [MACsec](#macsec) - - [MACsec Summary](#macsec-summary) - - [MACsec Device Configuration](#macsec-device-configuration) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Management Security - -### Management Security Summary - -| Settings | Value | -| -------- | ----- | -| Entropy sources | hardware | -| Common password encryption key | True | - -### Management Security SSL Profiles - -| SSL Profile Name | TLS protocol accepted | Certificate filename | Key filename | Cipher List | CRLs | -| ---------------- | --------------------- | -------------------- | ------------ | ----------- | ---- | -| SSL_PROFILE | 1.1 1.2 | SSL_CERT | SSL_KEY | - | - | - -### Management Security Device Configuration - -```eos -! -management security - entropy source hardware - password encryption-key common - ! - ssl profile SSL_PROFILE - tls versions 1.1 1.2 - certificate SSL_CERT key SSL_KEY -``` - -## Interfaces - -### Ethernet Interfaces - -#### Ethernet Interfaces Summary - -##### L2 - -| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | -| --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | -| Ethernet3 | DC1-AGG01_Ethernet1 | *trunk | *1-5 | *- | *- | 3 | - -*Inherited from Port-Channel Interface - -##### IPv4 - -| Interface | Description | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | -| --------- | ----------- | ------------- | ---------- | ----| ---- | -------- | ------ | ------- | -| Ethernet1 | - | - | 1.1.1.1/24 | default | - | - | - | - | - -#### Ethernet Interfaces Device Configuration - -```eos -! -interface Ethernet1 - no switchport - ip address 1.1.1.1/24 - mac security profile A1 -! -interface Ethernet3 - description DC1-AGG01_Ethernet1 - channel-group 3 mode active - mac security profile A1 -``` - -### Port-Channel Interfaces - -#### Port-Channel Interfaces Summary - -##### L2 - -| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | -| --------- | ----------- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | -| Port-Channel3 | L2-PORT | trunk | 1-5 | - | - | - | - | - | - | - -#### Port-Channel Interfaces Device Configuration - -```eos -! -interface Port-Channel3 - description L2-PORT - switchport trunk allowed vlan 1-5 - switchport mode trunk - switchport -``` - -## MACsec - -### MACsec Summary - -License is installed. - -FIPS restrictions enabled. - -#### MACsec Profiles Summary - -##### Profile A1 - -###### Settings - -| Cipher | Key-Server Priority | Rekey-Period | SCI | Traffic Unprotected Fallback | -| ------ | ------------------- | ------------ | --- | ---------------------------- | -| aes128-gcm | 100 | 30 | True | allow | - -###### Keys - -| Key ID | Fallback | -| ------ | -------- | -| 1234a | - | -| 1234c | True | - -###### L2 Protocols - -| L2 Protocol | Mode | -| ----------- | ---- | -| lldp | bypass unauthorized | - -##### Profile A2 - -###### Settings - -| Cipher | Key-Server Priority | Rekey-Period | SCI | Traffic Unprotected Fallback | -| ------ | ------------------- | ------------ | --- | ---------------------------- | -| - | - | - | - | allow active-sak | - -###### Keys - -| Key ID | Fallback | -| ------ | -------- | -| 1234b | - | - -##### Profile A3 - -###### Settings - -| Cipher | Key-Server Priority | Rekey-Period | SCI | Traffic Unprotected Fallback | -| ------ | ------------------- | ------------ | --- | ---------------------------- | -| aes256-gcm-xpn | - | - | - | drop | - -###### Keys - -| Key ID | Fallback | -| ------ | -------- | -| ab | False | - -### MACsec Device Configuration - -```eos -! -mac security - license license1 123456 - fips restrictions - ! - profile A1 - cipher aes128-gcm - key 1234a 7 - key 1234c 7 fallback - mka key-server priority 100 - mka session rekey-period 30 - traffic unprotected allow - sci - l2-protocol lldp bypass unauthorized - ! - profile A2 - key 1234b 7 - traffic unprotected allow active-sak - ! - profile A3 - cipher aes256-gcm-xpn - key ab 7 - traffic unprotected drop -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/platform.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/platform.md deleted file mode 100644 index c4b8632e308..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/platform.md +++ /dev/null @@ -1,111 +0,0 @@ -# platform - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Platform](#platform-1) - - [Platform Summary](#platform-summary) - - [Platform Device Configuration](#platform-device-configuration) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Platform - -### Platform Summary - -#### Platform Trident Summary - -| Settings | Value | -| -------- | ----- | -| Routing MAC Address per VLAN | true | -| Forwarding Table Partition | 2 | -| MMU Applied Profile | mc_example_profile | - -#### Trident MMU QUEUE PROFILES - -##### mc_example_profile - -| Type | Egress Queue | Threshold | Reserved | Drop-Precedence | -| ---- | ------------ | --------- | -------- | --------------- | -| Unicast | 1 | - | 0 bytes | - | -| Unicast | 2 | 1/8 | 0 cells | - | -| Multicast | 0 | - | 0 bytes | - | -| Multicast | 1 | 1/64 | 0 cells | - | -| Multicast | 7 | 1/64 | 0 cells | - | - -##### unused_profile - -| Type | Egress Queue | Threshold | Reserved | Drop-Precedence | -| ---- | ------------ | --------- | -------- | --------------- | -| Unicast | 1 | - | 0 bytes | - | -| Unicast | 2 | 1/8 | 0 cells | - | -| Unicast | 7 | - | - bytes | - | -| Multicast | 0 | - | 0 bytes | - | -| Multicast | 1 | 8 | 0 cells | - | - -#### Platform Sand Summary - -| Settings | Value | -| -------- | ----- | -| Forwarding Mode | arad | -| Hardware Only Lag | True | -| Lag Mode | 512x32 | -| Default Multicast Replication | ingress | - -##### Internal Network QOS Mapping - -| Traffic Class | To Network QOS | -| ------------- | -------------- | -| 0 | 0 | -| 1 | 7 | -| 2 | 15 | - -#### Platform Software Forwarding Engine Summary - -| Settings | Value | -| -------- | ----- | -| Maximum CPU Allocation | 42 | - -### Platform Device Configuration - -```eos -! -platform trident l3 routing mac-address per-vlan -platform trident forwarding-table partition 2 -platform sand forwarding mode arad -platform sand lag mode 512x32 -platform sand lag hardware-only -platform sand qos map traffic-class 0 to network-qos 0 -platform sand qos map traffic-class 1 to network-qos 7 -platform sand qos map traffic-class 2 to network-qos 15 -platform sand multicast replication default ingress -platform sand mdb profile l3-xxl -platform sfe data-plane cpu allocation maximum 42 -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/poe.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/poe.md deleted file mode 100644 index 33fabaf00c1..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/poe.md +++ /dev/null @@ -1,84 +0,0 @@ -# poe - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [LLDP](#lldp) - - [LLDP Summary](#lldp-summary) - - [LLDP Device Configuration](#lldp-device-configuration) -- [Power Over Ethernet (PoE)](#power-over-ethernet-poe) - - [PoE Summary](#poe-summary) - - [PoE Device Configuration](#poe-device-configuration) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## LLDP - -### LLDP Summary - -#### LLDP Global Settings - -| Enabled | Management Address | Management VRF | Timer | Hold-Time | Re-initialization Timer | Drop Received Tagged Packets | -| ------- | ------------------ | -------------- | ----- | --------- | ----------------------- | ---------------------------- | -| True | - | Default | 30 | 120 | 2 | - | - -#### LLDP Explicit TLV Transmit Settings - -| TLV | Transmit | -| --- | -------- | -| power-via-mdi | False | -| system-capabilities | True | - -### LLDP Device Configuration - -```eos -! -no lldp tlv transmit power-via-mdi -lldp tlv transmit system-capabilities -``` - -## Power Over Ethernet (PoE) - -### PoE Summary - -#### PoE Global - -| Reboot Action | Shutdown Action | LLDP Negotiation | -| ------------------- | -------------------- | ----------------------| -| maintain | power-off | False | - -### PoE Device Configuration - -```eos -! -poe - reboot action maintain - interface shutdown action power-off -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/prefix-lists.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/prefix-lists.md deleted file mode 100644 index a6091181ffc..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/prefix-lists.md +++ /dev/null @@ -1,140 +0,0 @@ -# prefix-lists - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Filters](#filters) - - [Dynamic Prefix-lists](#dynamic-prefix-lists) - - [Prefix-lists](#prefix-lists-1) - - [IPv6 Prefix-lists](#ipv6-prefix-lists) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Filters - -### Dynamic Prefix-lists - -#### Dynamic Prefix-lists Summary - -| Dynamic Prefix-List Name | Match Map | IPv4 Prefix-list | IPv6 Prefix-list | -| ------------------------ | --------- | ---------------- | ---------------- | -| DYNAMIC_PREFIX_LIST_NAME_1 | Test_1 | IPV4_PREFIX_LIST | - | -| DYNAMIC_PREFIX_LIST_NAME_2 | Test_2 | - | IPV6_PREFIX_LIST | -| DYNAMIC_PREFIX_LIST_NAME_3 | Test_2 | IPV4_PREFIX_LIST | IPV6_PREFIX_LIST | - -#### Dynamic Prefix-lists Device Configuration - -```eos -! -dynamic prefix-list DYNAMIC_PREFIX_LIST_NAME_1 - match-map Test_1 - prefix-list ipv4 IPV4_PREFIX_LIST -! -dynamic prefix-list DYNAMIC_PREFIX_LIST_NAME_2 - match-map Test_2 - prefix-list ipv6 IPV6_PREFIX_LIST -! -dynamic prefix-list DYNAMIC_PREFIX_LIST_NAME_3 - match-map Test_2 - prefix-list ipv4 IPV4_PREFIX_LIST - prefix-list ipv6 IPV6_PREFIX_LIST -``` - -### Prefix-lists - -#### Prefix-lists Summary - -##### PL-BGP-DEFAULT-BLUE-C1 - -| Sequence | Action | -| -------- | ------ | -| 10 | permit 0.0.0.0/0 le 1 | - -##### PL-BGP-DEFAULT-RED-IN-C1 - -| Sequence | Action | -| -------- | ------ | -| 10 | permit 0.0.0.0/0 | - -##### PL-BGP-DEFAULT-RED-OUT-C1 - -| Sequence | Action | -| -------- | ------ | -| 10 | permit 10.0.0.0/8 | - -##### PL-IPV4-LOOPBACKS - -| Sequence | Action | -| -------- | ------ | - -##### PL-LOOPBACKS-EVPN-OVERLAY - -| Sequence | Action | -| -------- | ------ | -| 10 | permit 192.168.255.0/24 eq 32 | -| 20 | permit 192.168.254.0/24 eq 32 | - -#### Prefix-lists Device Configuration - -```eos -! -ip prefix-list PL-BGP-DEFAULT-BLUE-C1 - seq 10 permit 0.0.0.0/0 le 1 -! -ip prefix-list PL-BGP-DEFAULT-RED-IN-C1 - seq 10 permit 0.0.0.0/0 -! -ip prefix-list PL-BGP-DEFAULT-RED-OUT-C1 - seq 10 permit 10.0.0.0/8 -! -ip prefix-list PL-IPV4-LOOPBACKS -! -ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY - seq 10 permit 192.168.255.0/24 eq 32 - seq 20 permit 192.168.254.0/24 eq 32 -``` - -### IPv6 Prefix-lists - -#### IPv6 Prefix-lists Summary - -##### PL-IPV6-LOOPBACKS - -| Sequence | Action | -| -------- | ------ | -| 10 | permit 1b11:3a00:22b0:0082::/64 eq 128 | - -#### IPv6 Prefix-lists Device Configuration - -```eos -! -ipv6 prefix-list PL-IPV6-LOOPBACKS - seq 10 permit 1b11:3a00:22b0:0082::/64 eq 128 -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ptp.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ptp.md deleted file mode 100644 index 12233216d31..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/ptp.md +++ /dev/null @@ -1,164 +0,0 @@ -# ptp - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) - - [PTP](#ptp-1) -- [Interfaces](#interfaces) - - [Ethernet Interfaces](#ethernet-interfaces) - - [Port-Channel Interfaces](#port-channel-interfaces) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -### PTP - -PTP Profile: g8275.1 - -#### PTP Summary - -| Clock ID | Source IP | Priority 1 | Priority 2 | TTL | Domain | Mode | Forward Unicast | -| -------- | --------- | ---------- | ---------- | --- | ------ | ---- | --------------- | -| 11:11:11:11:11:11 | 1.1.2.3 | 101 | 102 | 12 | 17 | boundary | True | - -#### PTP Device Configuration - -```eos -! -ptp clock-identity 11:11:11:11:11:11 -ptp domain 17 -ptp message-type event dscp 46 default -ptp message-type general dscp 36 default -ptp mode boundary one-step -ptp priority1 101 -ptp priority2 102 -ptp profile g8275.1 -ptp source ip 1.1.2.3 -ptp ttl 12 -ptp forward-unicast -ptp monitor threshold offset-from-master 11 -ptp monitor threshold mean-path-delay 12 -ptp monitor threshold mean-path-delay 14 nanoseconds drop -ptp monitor threshold offset-from-master 13 nanoseconds drop -ptp monitor threshold missing-message sync 103 intervals -ptp monitor threshold missing-message follow-up 102 intervals -ptp monitor threshold missing-message announce 101 intervals -ptp monitor sequence-id -ptp monitor threshold missing-message sync 204 sequence-ids -ptp monitor threshold missing-message follow-up 203 sequence-ids -ptp monitor threshold missing-message delay-resp 202 sequence-ids -ptp monitor threshold missing-message announce 201 sequence-ids -``` - -## Interfaces - -### Ethernet Interfaces - -#### Ethernet Interfaces Summary - -##### L2 - -| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | -| --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | -| Ethernet3 | P2P_LINK_TO_DC1-SPINE2_Ethernet5 | trunk | 2,14 | - | - | - | -| Ethernet5 | DC1-AGG01_Ethernet1 | *trunk | *110,201 | *- | *- | 5 | - -*Inherited from Port-Channel Interface - -##### IPv4 - -| Interface | Description | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | -| --------- | ----------- | ------------- | ---------- | ----| ---- | -------- | ------ | ------- | -| Ethernet6 | P2P_LINK_TO_DC1-SPINE1_Ethernet6 | - | 172.31.255.15/31 | default | 1500 | - | - | - | - -#### Ethernet Interfaces Device Configuration - -```eos -! -interface Ethernet3 - description P2P_LINK_TO_DC1-SPINE2_Ethernet5 - switchport trunk allowed vlan 2,14 - switchport mode trunk - switchport - ptp enable - ptp delay-mechanism e2e - ptp role dynamic - ptp sync-message interval 1 - ptp transport layer2 - ptp vlan 2 -! -interface Ethernet5 - description DC1-AGG01_Ethernet1 - channel-group 5 mode active -! -interface Ethernet6 - description P2P_LINK_TO_DC1-SPINE1_Ethernet6 - mtu 1500 - no switchport - ip address 172.31.255.15/31 - ptp enable - ptp announce interval 3 - ptp announce timeout 9 - ptp delay-mechanism e2e - ptp delay-req interval -7 - ptp profile g8275.1 destination mac-address non-forwardable - ptp role dynamic - ptp sync-message interval 1 - ptp transport ipv4 -``` - -### Port-Channel Interfaces - -#### Port-Channel Interfaces Summary - -##### L2 - -| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | -| --------- | ----------- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | -| Port-Channel5 | DC1_L2LEAF1_Po1 | trunk | 110,201 | - | - | - | - | 5 | - | - -#### Port-Channel Interfaces Device Configuration - -```eos -! -interface Port-Channel5 - description DC1_L2LEAF1_Po1 - switchport trunk allowed vlan 110,201 - switchport mode trunk - switchport - mlag 5 - ptp enable - ptp mpass - ptp delay-mechanism e2e - ptp profile g8275.1 destination mac-address forwardable - ptp role dynamic - ptp sync-message interval 1 - ptp transport layer2 - ptp vlan 2 -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/qos.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/qos.md deleted file mode 100644 index e46631806da..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/qos.md +++ /dev/null @@ -1,706 +0,0 @@ -# qos - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Interfaces](#interfaces) - - [Ethernet Interfaces](#ethernet-interfaces) - - [Port-Channel Interfaces](#port-channel-interfaces) -- [ACL](#acl) - - [Extended Access-lists](#extended-access-lists) - - [IPv6 Extended Access-lists](#ipv6-extended-access-lists) -- [Quality Of Service](#quality-of-service) - - [QOS](#qos-1) - - [QOS Class Maps](#qos-class-maps) - - [QOS Policy Maps](#qos-policy-maps) - - [QOS Profiles](#qos-profiles) - - [QOS Interfaces](#qos-interfaces) - - [Priority Flow Control](#priority-flow-control-1) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Interfaces - -### Ethernet Interfaces - -#### Ethernet Interfaces Summary - -##### L2 - -| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | -| --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | -| Ethernet3 | MLAG_PEER_DC1-LEAF1B_Ethernet3 | *trunk | *2-4094 | *- | *LEAF_PEER_L3, MLAG | 3 | -| Ethernet4 | MLAG_PEER_DC1-LEAF1B_Ethernet4 | *trunk | *2-4094 | *- | *LEAF_PEER_L3, MLAG | 3 | -| Ethernet6 | SRV-POD02_Eth1 | trunk | 110-111,210-211 | - | - | - | -| Ethernet7 | Test-with-policymap | trunk | 110-111,210-211 | - | - | - | - -*Inherited from Port-Channel Interface - -##### IPv4 - -| Interface | Description | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | -| --------- | ----------- | ------------- | ---------- | ----| ---- | -------- | ------ | ------- | -| Ethernet1 | P2P_LINK_TO_DC1-SPINE1_Ethernet1 | - | 172.31.255.1/31 | default | 1500 | - | - | - | - -#### Ethernet Interfaces Device Configuration - -```eos -! -interface Ethernet1 - description P2P_LINK_TO_DC1-SPINE1_Ethernet1 - mtu 1500 - no switchport - ip address 172.31.255.1/31 - service-policy type qos input pmap_test1 - service-profile test - qos trust dscp - qos dscp 48 -! -interface Ethernet3 - description MLAG_PEER_DC1-LEAF1B_Ethernet3 - channel-group 3 mode active -! -interface Ethernet4 - description MLAG_PEER_DC1-LEAF1B_Ethernet4 - channel-group 3 mode active -! -interface Ethernet6 - description SRV-POD02_Eth1 - switchport trunk allowed vlan 110-111,210-211 - switchport mode trunk - switchport - service-profile experiment - qos trust cos - qos cos 2 - ! - tx-queue 2 - random-detect ecn count -! -interface Ethernet7 - description Test-with-policymap - switchport trunk allowed vlan 110-111,210-211 - switchport mode trunk - switchport - service-profile qprof_testwithpolicy - ! - uc-tx-queue 4 - random-detect ecn count -``` - -### Port-Channel Interfaces - -#### Port-Channel Interfaces Summary - -##### L2 - -| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | -| --------- | ----------- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | -| Port-Channel3 | MLAG_PEER_DC1-LEAF1B_Po3 | trunk | 2-4094 | - | LEAF_PEER_L3, MLAG | - | - | - | - | - -#### Port-Channel Interfaces Device Configuration - -```eos -! -interface Port-Channel3 - description MLAG_PEER_DC1-LEAF1B_Po3 - switchport trunk allowed vlan 2-4094 - switchport mode trunk - switchport trunk group LEAF_PEER_L3 - switchport trunk group MLAG - switchport - service-policy type qos input pmap_test1 - service-profile experiment - qos trust cos - qos cos 2 -``` - -## ACL - -### Extended Access-lists - -#### Extended Access-lists Summary - -##### acl_qos_tc0_v4 - -| Sequence | Action | -| -------- | ------ | -| 10 | permit ip any 192.0.2.0/29 | - -##### acl_qos_tc5_v4 - -| Sequence | Action | -| -------- | ------ | -| 10 | permit ip any any dscp ef | - -#### Extended Access-lists Device Configuration - -```eos -! -ip access-list acl_qos_tc0_v4 - 10 permit ip any 192.0.2.0/29 -! -ip access-list acl_qos_tc5_v4 - 10 permit ip any any dscp ef -``` - -### IPv6 Extended Access-lists - -#### IPv6 Extended Access-lists Summary - -##### acl_qos_tc0_v6 - -| Sequence | Action | -| -------- | ------ | -| 10 | permit ipv6 any any dscp cs1 | - -##### acl_qos_tc5_v6 - -| Sequence | Action | -| -------- | ------ | -| 10 | permit ipv6 any 2001:db8::/48 | - -#### IPv6 Extended Access-lists Device Configuration - -```eos -! -ipv6 access-list acl_qos_tc0_v6 - 10 permit ipv6 any any dscp cs1 -! -ipv6 access-list acl_qos_tc5_v6 - 10 permit ipv6 any 2001:db8::/48 -``` - -## Quality Of Service - -### QOS - -#### QOS Summary - -QOS rewrite DSCP: **enabled** - -QOS random-detect ECN is set to allow **non-ect** **chip-based** - -##### QOS Mappings - -| COS to Traffic Class mappings | -| ----------------------------- | -| 1 2 3 4 to traffic-class 2 | -| 3 to traffic-class 3 | - -| DSCP to Traffic Class mappings | -| ------------------------------ | -| 8 9 10 11 12 13 14 15 16 17 19 21 23 24 25 27 29 31 32 33 35 37 39 40 41 42 43 44 45 47 49 50 51 52 53 54 55 57 58 59 60 61 62 63 to traffic-class 1 | -| 18 20 22 26 28 30 34 36 38 to traffic-class 4 drop-precedence 2 | -| 46 to traffic-class 5 | - -| EXP to Traffic Class mappings | -| ----------------------------- | -| 0 to traffic-class 0 | - -| Traffic Class to DSCP or COS mappings | -| ------------------------------------- | -| 1 to dscp 56 | -| 2 4 5 to cos 7 | -| 6 to tx-queue 2 | - -#### QOS Device Configuration - -```eos -! -qos rewrite dscp -qos map cos 1 2 3 4 to traffic-class 2 -qos map cos 3 to traffic-class 3 -qos map dscp 8 9 10 11 12 13 14 15 16 17 19 21 23 24 25 27 29 31 32 33 35 37 39 40 41 42 43 44 45 47 49 50 51 52 53 54 55 57 58 59 60 61 62 63 to traffic-class 1 -qos map dscp 18 20 22 26 28 30 34 36 38 to traffic-class 4 drop-precedence 2 -qos map dscp 46 to traffic-class 5 -qos map traffic-class 1 to dscp 56 -qos map traffic-class 2 4 5 to cos 7 -qos map traffic-class 6 to tx-queue 2 -qos map exp 0 to traffic-class 0 -! -qos random-detect ecn allow non-ect chip-based -``` - -### QOS Class Maps - -#### QOS Class Maps Summary - -| Name | Field | Value | -| ---- | ----- | ----- | -| cmap_tc0_v4 | acl | acl_qos_tc0_v4 | -| cmap_tc0_v6 | - | - | -| cmap_tc5_v4 | acl | acl_qos_tc5_v4 | -| cmap_tc5_v6 | - | - | - -#### Class-maps Device Configuration - -```eos -! -class-map type qos match-any cmap_tc0_v4 - match ip access-group acl_qos_tc0_v4 -! -class-map type qos match-any cmap_tc0_v6 - match ipv6 access-group acl_qos_tc0_v6 -! -class-map type qos match-any cmap_tc5_v4 - match ip access-group acl_qos_tc5_v4 -! -class-map type qos match-any cmap_tc5_v6 - match ipv6 access-group acl_qos_tc5_v6 -``` - -### QOS Policy Maps - -#### QOS Policy Maps Summary - -##### pmap_test1 - -| Class Name | COS | DSCP | Traffic Class | Drop Precedence | Police Rate (Burst) -> Action | -| ---------- | --- | -----| ------------- | --------------- | ----------------------------- | -| cmap_tc0_v4 | - | - | 0 | - | - | -| cmap_tc5_v4 | - | - | 5 | - | - | -| cmap_tc5_v6 | - | - | 5 | - | - | -| cmap_tc0_v6 | - | - | 0 | - | - | -| class-default | - | - | 1 | - | - | - -#### QOS Policy Maps Device Configuration - -```eos -! -policy-map type quality-of-service pmap_test1 - class cmap_tc0_v4 - set traffic-class 0 - ! - class cmap_tc5_v4 - set traffic-class 5 - ! - class cmap_tc5_v6 - set traffic-class 5 - ! - class cmap_tc0_v6 - set traffic-class 0 - ! - class class-default - set traffic-class 1 -``` - -### QOS Profiles - -#### QOS Profiles Summary - -##### QOS Profile: **experiment** - -###### Settings - -| Default COS | Default DSCP | Trust | Shape Rate | QOS Service Policy | -| ----------- | ------------ | ----- | ---------- | ------------------ | -| 2 | - | cos | - | test_qos_policy_v1 | - -###### TX Queues - -| TX queue | Type | Bandwidth | Priority | Shape Rate | Comment | -| -------- | ---- | --------- | -------- | ---------- | ------- | -| 3 | All | 30 | no priority | - | - | -| 4 | All | 10 | - | - | - | -| 5 | All | 40 | - | - | - | -| 7 | All | 30 | - | 40 percent | - | - -##### QOS Profile: **no_qos_trust** - -###### Settings - -| Default COS | Default DSCP | Trust | Shape Rate | QOS Service Policy | -| ----------- | ------------ | ----- | ---------- | ------------------ | -| 3 | 4 | disabled | - | - | - -##### QOS Profile: **qprof_testwithpolicy** - -###### Settings - -| Default COS | Default DSCP | Trust | Shape Rate | QOS Service Policy | -| ----------- | ------------ | ----- | ---------- | ------------------ | -| - | - | - | - | pmap_test1 | - -###### TX Queues - -| TX queue | Type | Bandwidth | Priority | Shape Rate | Comment | -| -------- | ---- | --------- | -------- | ---------- | ------- | -| 0 | All | 1 | - | - | - | -| 1 | All | 80 | - | - | - | -| 5 | All | 19 | no priority | - | Multi-line comment
here. | - -##### QOS Profile: **test** - -###### Settings - -| Default COS | Default DSCP | Trust | Shape Rate | QOS Service Policy | -| ----------- | ------------ | ----- | ---------- | ------------------ | -| - | 46 | dscp | 80 percent | - | - -###### TX Queues - -| TX queue | Type | Bandwidth | Priority | Shape Rate | Comment | -| -------- | ---- | --------- | -------- | ---------- | ------- | -| 1 | All | 50 | no priority | - | - | -| 2 | All | 10 | priority strict | - | - | -| 4 | All | 10 | - | - | - | - -###### ECN Configuration - -| TX queue | Type | Min Threshold | Max Threshold | Max Mark Probability | -| -------- | ---- | ------------- | ------------- | -------------------- | -| 1 | All | - | - | - | -| 2 | All | 320 kbytes | 320 kbytes | 90 | -| 4 | All | 320 segments | 320 segments | - | - -##### QOS Profile: **test_with_pfc** - -###### Settings - -| Default COS | Default DSCP | Trust | Shape Rate | QOS Service Policy | -| ----------- | ------------ | ----- | ---------- | ------------------ | -| - | - | - | - | pmap_test1 | - -###### TX Queues - -| TX queue | Type | Bandwidth | Priority | Shape Rate | Comment | -| -------- | ---- | --------- | -------- | ---------- | ------- | -| 0 | All | 1 | - | - | - | -| 1 | All | 80 | - | - | - | -| 5 | All | 19 | no priority | - | - | - -###### Priority Flow Control - -Priority Flow Control is **enabled**. - -| Priority | Action | -| -------- | ------ | -| 0 | no-drop | -| 1 | drop | - -###### Priority Flow Control Watchdog Settings - -| Enabled | Action | Timeout | Recovery | Polling | -| ------- | ------ | ------- | -------- | ------- | -| True | drop | 0.05 | 1.11 | auto | - -##### QOS Profile: **uc_mc_queues_test** - -###### Settings - -| Default COS | Default DSCP | Trust | Shape Rate | QOS Service Policy | -| ----------- | ------------ | ----- | ---------- | ------------------ | -| - | - | - | - | - | - -###### TX Queues - -| TX queue | Type | Bandwidth | Priority | Shape Rate | Comment | -| -------- | ---- | --------- | -------- | ---------- | ------- | -| 1 | Unicast | 50 | no priority | - | Test no priority | -| 2 | Unicast | 10 | priority strict | - | - | -| 4 | Unicast | 10 | - | - | Test guaranteed percent | -| 1 | Multicast | 50 | no priority | - | - | -| 2 | Multicast | 10 | priority strict | - | Test strict priority | -| 4 | Multicast | 10 | - | - | Test guaranteed percent | - -###### ECN Configuration - -| TX queue | Type | Min Threshold | Max Threshold | Max Mark Probability | -| -------- | ---- | ------------- | ------------- | -------------------- | -| 1 | Unicast | 3 milliseconds | 9 milliseconds | 90 | -| 2 | Unicast | 320 kbytes | 320 kbytes | 90 | -| 4 | Unicast | 320 segments | 320 segments | - | -| 1 | Multicast | - | - | - | -| 2 | Multicast | - | - | - | -| 4 | Multicast | - | - | - | - -##### QOS Profile: **wred_queues_test** - -###### Settings - -| Default COS | Default DSCP | Trust | Shape Rate | QOS Service Policy | -| ----------- | ------------ | ----- | ---------- | ------------------ | -| - | - | - | - | - | - -###### TX Queues - -| TX queue | Type | Bandwidth | Priority | Shape Rate | Comment | -| -------- | ---- | --------- | -------- | ---------- | ------- | -| 1 | All | 50 | no priority | - | Test no priority | -| 2 | All | 10 | priority strict | - | - | -| 3 | All | 10 | priority strict | - | - | -| 4 | All | 10 | - | - | Test guaranteed percent | -| 1 | Multicast | 50 | no priority | - | - | -| 2 | Multicast | 10 | priority strict | - | Test strict priority | -| 4 | Multicast | 10 | - | - | Test guaranteed percent | - -###### ECN Configuration - -| TX queue | Type | Min Threshold | Max Threshold | Max Mark Probability | -| -------- | ---- | ------------- | ------------- | -------------------- | -| 1 | All | - | - | - | -| 2 | All | - | - | - | -| 3 | All | 320 kbytes | 320 kbytes | - | -| 4 | All | - | - | - | -| 1 | Multicast | - | - | - | -| 2 | Multicast | - | - | - | -| 4 | Multicast | - | - | - | - -###### WRED Configuration - -| TX queue | Type | Drop Precedence | Min Threshold | Max Threshold | Drop Probability | Weight | -| -------- | ---- | --------------- | ------------- | ------------- | ---------------- | ------ | -| 1 | All | - | 1 kbytes | 10 kbytes | 100 | - | -| 2 | All | 2 | 2 kbytes | 200 kbytes | 50 | 10 | -| 3 | All | - | - | - | - | - | -| 4 | All | - | 1 kbytes | 10 kbytes | 90 | - | -| 1 | Multicast | - | - | - | - | - | -| 2 | Multicast | - | - | - | - | - | -| 4 | Multicast | - | - | - | - | - | - -##### QOS Profile: **wred_uc_queues_test** - -###### Settings - -| Default COS | Default DSCP | Trust | Shape Rate | QOS Service Policy | -| ----------- | ------------ | ----- | ---------- | ------------------ | -| - | - | - | - | - | - -###### TX Queues - -| TX queue | Type | Bandwidth | Priority | Shape Rate | Comment | -| -------- | ---- | --------- | -------- | ---------- | ------- | -| 1 | Unicast | 50 | no priority | - | Test no priority | -| 2 | Unicast | 10 | priority strict | - | - | -| 4 | Unicast | 10 | - | - | Test guaranteed percent | - -###### WRED Configuration - -| TX queue | Type | Drop Precedence | Min Threshold | Max Threshold | Drop Probability | Weight | -| -------- | ---- | --------------- | ------------- | ------------- | ---------------- | ------ | -| 1 | Unicast | - |1 microseconds | 10 microseconds | 90 | 15 | -| 2 | Unicast | 1 |2 milliseconds | 20 milliseconds | 80 | - | -| 4 | Unicast | - |1 microseconds | 10 microseconds | 90 | - | - -#### QOS Profile Device Configuration - -```eos -! -qos profile experiment - qos trust cos - qos cos 2 - service-policy type qos input test_qos_policy_v1 - ! - tx-queue 3 - no priority - bandwidth percent 30 - ! - tx-queue 4 - bandwidth guaranteed percent 10 - ! - tx-queue 5 - bandwidth percent 40 - ! - tx-queue 7 - bandwidth percent 30 - shape rate 40 percent -! -qos profile no_qos_trust - no qos trust - qos cos 3 - qos dscp 4 -! -qos profile qprof_testwithpolicy - service-policy type qos input pmap_test1 - ! - tx-queue 0 - bandwidth percent 1 - ! - tx-queue 1 - bandwidth percent 80 - ! - tx-queue 5 - !! Multi-line comment - !! here. - no priority - bandwidth percent 19 -! -qos profile test - qos trust dscp - qos dscp 46 - shape rate 80 percent - ! - tx-queue 1 - no priority - bandwidth percent 50 - ! - tx-queue 2 - priority strict - bandwidth percent 10 - random-detect ecn minimum-threshold 320 kbytes maximum-threshold 320 kbytes max-mark-probability 90 - ! - tx-queue 4 - bandwidth guaranteed percent 10 - random-detect ecn minimum-threshold 320 segments maximum-threshold 320 segments weight 10 -! -qos profile test_with_pfc - service-policy type qos input pmap_test1 - ! - tx-queue 0 - bandwidth percent 1 - ! - tx-queue 1 - bandwidth percent 80 - ! - tx-queue 5 - no priority - bandwidth percent 19 - ! - priority-flow-control on - priority-flow-control priority 0 no-drop - priority-flow-control priority 1 drop - priority-flow-control pause watchdog - priority-flow-control pause watchdog port action drop - priority-flow-control pause watchdog port timer timeout 0.05 polling-interval auto recovery-time 1.11 forced -! -qos profile uc_mc_queues_test - ! - uc-tx-queue 1 - !! Test no priority - no priority - bandwidth percent 50 - random-detect ecn minimum-threshold 3 milliseconds maximum-threshold 9 milliseconds max-mark-probability 90 - ! - uc-tx-queue 2 - priority strict - bandwidth percent 10 - random-detect ecn minimum-threshold 320 kbytes maximum-threshold 320 kbytes max-mark-probability 90 - ! - uc-tx-queue 4 - !! Test guaranteed percent - bandwidth guaranteed percent 10 - random-detect ecn minimum-threshold 320 segments maximum-threshold 320 segments weight 10 - ! - mc-tx-queue 1 - no priority - bandwidth percent 50 - ! - mc-tx-queue 2 - !! Test strict priority - priority strict - bandwidth percent 10 - ! - mc-tx-queue 4 - !! Test guaranteed percent - bandwidth guaranteed percent 10 -! -qos profile wred_queues_test - ! - tx-queue 1 - !! Test no priority - no priority - bandwidth percent 50 - random-detect drop minimum-threshold 1 kbytes maximum-threshold 10 kbytes drop-probability 100 - ! - tx-queue 2 - priority strict - bandwidth percent 10 - random-detect drop drop-precedence 2 minimum-threshold 2 kbytes maximum-threshold 200 kbytes drop-probability 50 weight 10 - ! - tx-queue 3 - priority strict - bandwidth percent 10 - random-detect ecn minimum-threshold 320 kbytes maximum-threshold 320 kbytes weight 10 - ! - tx-queue 4 - !! Test guaranteed percent - bandwidth guaranteed percent 10 - random-detect drop minimum-threshold 1 kbytes maximum-threshold 10 kbytes drop-probability 90 - ! - mc-tx-queue 1 - no priority - bandwidth percent 50 - ! - mc-tx-queue 2 - !! Test strict priority - priority strict - bandwidth percent 10 - ! - mc-tx-queue 4 - !! Test guaranteed percent - bandwidth guaranteed percent 10 -! -qos profile wred_uc_queues_test - ! - uc-tx-queue 1 - !! Test no priority - no priority - bandwidth percent 50 - random-detect drop minimum-threshold 1 microseconds maximum-threshold 10 microseconds drop-probability 90 weight 15 - ! - uc-tx-queue 2 - priority strict - bandwidth percent 10 - random-detect drop drop-precedence 1 minimum-threshold 2 milliseconds maximum-threshold 20 milliseconds drop-probability 80 - ! - uc-tx-queue 4 - !! Test guaranteed percent - bandwidth guaranteed percent 10 - random-detect drop minimum-threshold 1 microseconds maximum-threshold 10 microseconds drop-probability 90 -``` - -### QOS Interfaces - -| Interface | Trust | Default DSCP | Default COS | Shape rate | -| --------- | ----- | ------------ | ----------- | ---------- | -| Ethernet1 | dscp | 48 | - | - | -| Ethernet6 | cos | - | 2 | - | -| Port-Channel3 | cos | - | 2 | - | - -### Priority Flow Control - -#### Global Settings - -Priority Flow Control is **Off** on all interfaces. - -##### Priority Flow Control Watchdog Settings - -| Action | Timeout | Recovery | Polling | Override Action Drop | -| ------ | ------- | -------- | ------- | -| no-drop | 0.05 | 1.22 | 10.001 | False | - -```eos -! -priority-flow-control all off -priority-flow-control pause watchdog default timeout 0.05 -priority-flow-control pause watchdog default recovery-time 1.22 -priority-flow-control pause watchdog default polling-interval 10.001 -priority-flow-control pause watchdog action no-drop -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/sync-e.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/sync-e.md deleted file mode 100644 index 3af14e5bb3b..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/sync-e.md +++ /dev/null @@ -1,105 +0,0 @@ -# sync-e - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) - - [Synchronous Ethernet (SyncE) Settings](#synchronous-ethernet-synce-settings) -- [Interfaces](#interfaces) - - [Ethernet Interfaces](#ethernet-interfaces) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -### Synchronous Ethernet (SyncE) Settings - -Synchronous Ethernet Network Option: 2 - -#### Synchronous Ethernet Device Configuration - -```eos -! -sync-e - network option 2 -``` - -## Interfaces - -### Ethernet Interfaces - -#### Ethernet Interfaces Summary - -##### L2 - -| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | -| --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | -| Ethernet3 | P2P_LINK_TO_DC1-SPINE2_Ethernet5 | trunk | 2,14 | - | - | - | - -*Inherited from Port-Channel Interface - -##### IPv4 - -| Interface | Description | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | -| --------- | ----------- | ------------- | ---------- | ----| ---- | -------- | ------ | ------- | -| Ethernet6 | P2P_LINK_TO_DC1-SPINE1_Ethernet6 | - | 172.31.255.15/31 | default | 1500 | - | - | - | - -#### Synchronous Ethernet - -| Interface | Priority | -| --------- | -------- | -| Ethernet3 | 10 | -| Ethernet5 | 127 | -| Ethernet6 | disabled | - -#### Ethernet Interfaces Device Configuration - -```eos -! -interface Ethernet3 - description P2P_LINK_TO_DC1-SPINE2_Ethernet5 - switchport trunk allowed vlan 2,14 - switchport mode trunk - switchport - ! - sync-e - priority 10 -! -interface Ethernet5 - description DC1-AGG01_Ethernet1 - ! - sync-e -! -interface Ethernet6 - description P2P_LINK_TO_DC1-SPINE1_Ethernet6 - mtu 1500 - no switchport - ip address 172.31.255.15/31 - ! - sync-e - priority disabled -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/tcam-profile.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/tcam-profile.md deleted file mode 100644 index 300df142d85..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/tcam-profile.md +++ /dev/null @@ -1,168 +0,0 @@ -# tcam-profile - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Hardware TCAM Profile](#hardware-tcam-profile) - - [Custom TCAM Profiles](#custom-tcam-profiles) - - [Hardware TCAM Device Configuration](#hardware-tcam-device-configuration) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Hardware TCAM Profile - -TCAM profile **`traffic_policy`** is active - -### Custom TCAM Profiles - -Following TCAM profiles are configured on device: - -- Profile Name: `traffic_policy` -- Profile Name: `MY_TCAM_PROFILE` - -### Hardware TCAM Device Configuration - -```eos -! -hardware tcam - profile MY_TCAM_PROFILE - source flash:/TCAM_PROFILES/MY_TCAM_PROFILE.conf - ! - profile traffic_policy - feature acl port mac - sequence 55 - key size limit 160 - key field dst-mac ether-type src-mac - action count drop - packet ipv4 forwarding bridged - packet ipv4 forwarding routed - packet ipv4 forwarding routed multicast - packet ipv4 mpls ipv4 forwarding mpls decap - packet ipv4 mpls ipv6 forwarding mpls decap - packet ipv4 non-vxlan forwarding routed decap - packet ipv4 vxlan forwarding bridged decap - packet ipv6 forwarding bridged - packet ipv6 forwarding routed - packet ipv6 forwarding routed decap - packet ipv6 forwarding routed multicast - packet ipv6 ipv6 forwarding routed decap - packet mpls forwarding bridged decap - packet mpls ipv4 forwarding mpls - packet mpls ipv6 forwarding mpls - packet mpls non-ip forwarding mpls - packet non-ip forwarding bridged - ! - feature forwarding-destination mpls - sequence 100 - ! - feature mirror ip - sequence 80 - key size limit 160 - key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops l4-src-port src-ip tcp-control - action count mirror set-policer - packet ipv4 forwarding bridged - packet ipv4 forwarding routed - packet ipv4 forwarding routed multicast - packet ipv4 non-vxlan forwarding routed decap - ! - feature mpls - sequence 5 - key size limit 160 - action drop redirect set-ecn - packet ipv4 mpls ipv4 forwarding mpls decap - packet ipv4 mpls ipv6 forwarding mpls decap - packet mpls ipv4 forwarding mpls - packet mpls ipv6 forwarding mpls - packet mpls non-ip forwarding mpls - ! - feature pbr ip - sequence 60 - key size limit 160 - key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops-18b l4-src-port src-ip tcp-control - action count redirect - packet ipv4 forwarding routed - packet ipv4 mpls ipv4 forwarding mpls decap - packet ipv4 mpls ipv6 forwarding mpls decap - packet ipv4 non-vxlan forwarding routed decap - packet ipv4 vxlan forwarding bridged decap - ! - feature pbr ipv6 - sequence 30 - key field dst-ipv6 ipv6-next-header l4-dst-port l4-src-port src-ipv6-high src-ipv6-low tcp-control - action count redirect - packet ipv6 forwarding routed - ! - feature pbr mpls - sequence 65 - key size limit 160 - key field mpls-inner-ip-tos - action count drop redirect - packet mpls ipv4 forwarding mpls - packet mpls ipv6 forwarding mpls - packet mpls non-ip forwarding mpls - ! - feature qos ip - sequence 75 - key size limit 160 - key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops l4-src-port src-ip tcp-control - action set-dscp set-policer set-tc - packet ipv4 forwarding routed - packet ipv4 forwarding routed multicast - packet ipv4 mpls ipv4 forwarding mpls decap - packet ipv4 mpls ipv6 forwarding mpls decap - packet ipv4 non-vxlan forwarding routed decap - ! - feature qos ipv6 - sequence 70 - key field dst-ipv6 ipv6-next-header ipv6-traffic-class l4-dst-port l4-src-port src-ipv6-high src-ipv6-low - action set-dscp set-policer set-tc - packet ipv6 forwarding routed - ! - feature traffic-policy port ipv4 - sequence 45 - key size limit 160 - key field dscp dst-ip-label icmp-type-code ip-frag ip-fragment-offset ip-length ip-protocol l4-dst-port l4-src-port src-ip-label tcp-control ttl - action count drop log set-dscp set-tc - packet ipv4 forwarding routed - ! - feature traffic-policy port ipv6 - sequence 25 - key field dst-ipv6-label hop-limit icmp-type-code ipv6-length ipv6-next-header ipv6-traffic-class l4-dst-port l4-src-port src-ipv6-label tcp-control - action count drop log set-dscp set-tc - packet ipv6 forwarding routed - ! - feature tunnel vxlan - sequence 50 - key size limit 160 - packet ipv4 vxlan eth ipv4 forwarding routed decap - packet ipv4 vxlan forwarding bridged decap - ! - system profile traffic_policy -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/traffic-policies-2.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/traffic-policies-2.md deleted file mode 100644 index 18504850286..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/traffic-policies-2.md +++ /dev/null @@ -1,76 +0,0 @@ -# traffic-policies-2 - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Interfaces](#interfaces) - - [Port-Channel Interfaces](#port-channel-interfaces) - - [Traffic Policies information](#traffic-policies-information) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Interfaces - -### Port-Channel Interfaces - -#### Port-Channel Interfaces Summary - -##### L2 - -| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | -| --------- | ----------- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | - -#### Port-Channel Interfaces Device Configuration - -```eos -! -interface Port-Channel2 - no switchport -``` - -### Traffic Policies information - -#### IPv6 Field Sets - -| Field Set Name | IPv6 Prefixes | -| -------------- | ------------- | -| IPv6-DEMO-1 | 11:22:33:44:55:66:77:88 | -| IPv6-DEMO-2 | - | - -#### Traffic Policies Device Configuration - -```eos -! -traffic-policies - field-set ipv6 prefix IPv6-DEMO-1 - 11:22:33:44:55:66:77:88 - ! - field-set ipv6 prefix IPv6-DEMO-2 -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/traffic-policies-3.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/traffic-policies-3.md deleted file mode 100644 index c706240ed4a..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/traffic-policies-3.md +++ /dev/null @@ -1,67 +0,0 @@ -# traffic-policies-3 - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Interfaces](#interfaces) - - [Ethernet Interfaces](#ethernet-interfaces) - - [Traffic Policies information](#traffic-policies-information) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Interfaces - -### Ethernet Interfaces - -#### Ethernet Interfaces Summary - -##### L2 - -| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | -| --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | - -*Inherited from Port-Channel Interface - -#### Ethernet Interfaces Device Configuration - -```eos -! -interface Ethernet1 - no switchport -``` - -### Traffic Policies information - -#### Traffic Policies Device Configuration - -```eos -! -traffic-policies -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/traffic-policies.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/traffic-policies.md deleted file mode 100644 index 7ebb284c230..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/traffic-policies.md +++ /dev/null @@ -1,304 +0,0 @@ -# traffic-policies - -## Table of Contents - -- [Management](#management) - - [Management Interfaces](#management-interfaces) -- [Interfaces](#interfaces) - - [Ethernet Interfaces](#ethernet-interfaces) - - [Port-Channel Interfaces](#port-channel-interfaces) - - [Traffic Policies information](#traffic-policies-information) - -## Management - -### Management Interfaces - -#### Management Interfaces Summary - -##### IPv4 - -| Management Interface | Description | Type | VRF | IP Address | Gateway | -| -------------------- | ----------- | ---- | --- | ---------- | ------- | -| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | - -##### IPv6 - -| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | -| -------------------- | ----------- | ---- | --- | ------------ | ------------ | -| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | - -#### Management Interfaces Device Configuration - -```eos -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -``` - -## Interfaces - -### Ethernet Interfaces - -#### Ethernet Interfaces Summary - -##### L2 - -| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | -| --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | - -*Inherited from Port-Channel Interface - -#### Ethernet Interfaces Device Configuration - -```eos -! -interface Ethernet1 - traffic-policy input BLUE-C1-POLICY - traffic-policy output BLUE-C2-POLICY - no switchport -``` - -### Port-Channel Interfaces - -#### Port-Channel Interfaces Summary - -##### L2 - -| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | -| --------- | ----------- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | - -#### Port-Channel Interfaces Device Configuration - -```eos -! -interface Port-Channel2 - traffic-policy input BLUE-C1-POLICY - traffic-policy output BLUE-C2-POLICY - no switchport -``` - -### Traffic Policies information - -#### IPv4 Field Sets - -| Field Set Name | IPv4 Prefixes | -| -------------- | ------------- | -| DEMO-01 | 10.0.0.0/8
192.168.0.0/16 | -| DEMO-02 | 172.16.0.0/12
224.0.0.0/8 | -| DEMO-03 | - | - -#### L4 Port Field Sets - -| Field Set Name | L4 Ports | -| -------------- | -------- | -| SERVICE-DEMO | 10,20,80,440-450 | -| SERVICE-DEMO2 | - | - -#### Traffic Policies - -##### BLUE-C1-POLICY - -| Match set | Type | Sources | Destinations | Protocol | Source Port(s) | Source Field(s) | Destination port(s) | Destination Field(s) | Action | -| --------- | ---- | ------- | ------------ | -------- | -------------- | --------------- | ------------------- | -------------------- | ------ | -| BLUE-C1-POLICY-01 | ipv4 | 10.0.0.0/8
192.168.0.0/16 | DEMO-01 | tcp
udp | 1,10-20
any | -
SERVICE-DEMO | any
any | -
- | action: PASS
traffic-class: 5 | -| BLUE-C1-POLICY-02 | ipv4 | DEMO-01
DEMO-02 | any | tcp
icmp | any
- | -
- | any
- | SERVICE-DEMO
- | action: PASS
counter: DEMO-TRAFFIC
dscp marking: 60 | -| BLUE-C1-POLICY-03 | ipv4 | DEMO-01 | any | icmp | - | - | - | - | action: DROP
counter: DROP-PACKETS
logging | -| BLUE-C1-POLICY-04 | ipv4 | DEMO-02 | DEMO-01 | tcp
icmp | 22
- | -
- | 80
- | -
- | action: PASS
traffic-class: 5 | -| BLUE-C1-POLICY-05 | ipv4 | DEMO-02 | DEMO-01 | bgp | - | - | - | - | action: PASS
traffic-class: 5 | -| BLUE-C1-POLICY-06 | ipv4 | any | any | neighbors
udp
tcp
icmp | -
22
22
- | -
-
-
- | -
1,10-20
any
- | -
-
-
- | action: PASS | -| BLUE-C1-POLICY-07 | ipv4 | any | 10.0.0.0/8
192.168.0.0/16 | - | - | - | - | - | default action: PASS | -| BLUE-C1-POLICY-08 | ipv4 | any | DEMO-01 | udp
tcp | any
any | -
SERVICE-DEMO-SRC | 1,10-20
any | -
SERVICE-DEMO-DST | default action: PASS | - -##### BLUE-C2-POLICY - -| Match set | Type | Sources | Destinations | Protocol | Source Port(s) | Source Field(s) | Destination port(s) | Destination Field(s) | Action | -| --------- | ---- | ------- | ------------ | -------- | -------------- | --------------- | ------------------- | -------------------- | ------ | -| BLUE-C2-POLICY-01 | ipv4 | 10.0.0.0/8
192.168.0.0/16 | any | tcp
icmp | 1,10-20
- | -
- | any
- | -
- | action: PASS
traffic-class: 5 | -| BLUE-C2-POLICY-02 | ipv4 | DEMO-01
DEMO-02 | any | tcp
icmp | any
- | SERVICE-DEMO
- | any
- | -
- | action: PASS
counter: DEMO-TRAFFIC
dscp marking: 60 | -| BLUE-C2-POLICY-03 | ipv4 | DEMO-01 | any | tcp | any | - | any | - | action: DROP | - -##### BLUE-C3-POLICY - -##### BLUE-C4-POLICY - -##### BLUE-C5-POLICY - -##### BLUE-C6-POLICY - -##### BLUE-C7-POLICY - -| Match set | Type | Sources | Destinations | Protocol | Source Port(s) | Source Field(s) | Destination port(s) | Destination Field(s) | Action | -| --------- | ---- | ------- | ------------ | -------- | -------------- | --------------- | ------------------- | -------------------- | ------ | -| BLUE-C7-POLICY-01 | ipv4 | any | any | neighbors | - | - | - | - | default action: PASS | - -##### Traffic-Policy Interfaces - -| Interface | Input Traffic-Policy | Output Traffic-Policy | -| --------- | -------------------- | --------------------- | -| Ethernet1 | BLUE-C1-POLICY | BLUE-C2-POLICY | -| Port-Channel2 | BLUE-C1-POLICY | BLUE-C2-POLICY | - -#### Traffic Policies Device Configuration - -```eos -! -traffic-policies - field-set l4-port SERVICE-DEMO - 10,20,80,440-450 - ! - field-set l4-port SERVICE-DEMO2 - field-set ipv4 prefix DEMO-01 - 10.0.0.0/8 192.168.0.0/16 - ! - field-set ipv4 prefix DEMO-02 - 172.16.0.0/12 224.0.0.0/8 - ! - field-set ipv4 prefix DEMO-03 - counter interface per-interface ingress - ! - traffic-policy BLUE-C1-POLICY - counter DEMO-TRAFFIC DROP-PACKETS - ! - match BLUE-C1-POLICY-01 ipv4 - source prefix 10.0.0.0/8 192.168.0.0/16 - destination prefix field-set DEMO-01 - protocol tcp source port 1,10-20 - protocol udp source port field-set SERVICE-DEMO - ttl 10, 20-30 - ! - actions - set traffic class 5 - ! - match BLUE-C1-POLICY-02 ipv4 - source prefix field-set DEMO-01 DEMO-02 - protocol tcp flags established - protocol tcp destination port field-set SERVICE-DEMO - protocol icmp - ! - actions - count DEMO-TRAFFIC - set dscp 60 - ! - match BLUE-C1-POLICY-03 ipv4 - source prefix field-set DEMO-01 - protocol icmp type echo echo-reply code all - fragment offset 1124, 2000-2010 - ! - actions - count DROP-PACKETS - drop - log - ! - match BLUE-C1-POLICY-04 ipv4 - source prefix field-set DEMO-02 - destination prefix field-set DEMO-01 - protocol tcp flags established - protocol tcp source port 22 destination port 80 - protocol icmp - ! - actions - set traffic class 5 - ! - match BLUE-C1-POLICY-05 ipv4 - source prefix field-set DEMO-02 - destination prefix field-set DEMO-01 - protocol bgp - fragment - ! - actions - set traffic class 5 - ! - match BLUE-C1-POLICY-06 ipv4 - protocol neighbors bgp - ! - match BLUE-C1-POLICY-07 ipv4 - destination prefix 10.0.0.0/8 192.168.0.0/16 - ! - match BLUE-C1-POLICY-08 ipv4 - destination prefix 10.0.0.0/8 192.168.0.0/16 - protocol udp destination port 1,10-20 - protocol tcp source port field-set SERVICE-DEMO-SRC destination port field-set SERVICE-DEMO-DST - ! - match ipv4-all-default ipv4 - actions - drop - ! - match ipv6-all-default ipv6 - ! - traffic-policy BLUE-C2-POLICY - counter DEMO-TRAFFIC - ! - match BLUE-C2-POLICY-01 ipv4 - source prefix 10.0.0.0/8 192.168.0.0/16 - protocol tcp source port 1,10-20 - protocol icmp - ! - actions - set traffic class 5 - ! - match BLUE-C2-POLICY-02 ipv4 - source prefix field-set DEMO-01 DEMO-02 - protocol tcp source port field-set SERVICE-DEMO - protocol icmp - ! - actions - count DEMO-TRAFFIC - set dscp 60 - ! - match BLUE-C2-POLICY-03 ipv4 - source prefix field-set DEMO-01 - protocol tcp - ! - actions - drop - ! - match ipv4-all-default ipv4 - actions - drop - log - ! - match ipv6-all-default ipv6 - ! - traffic-policy BLUE-C3-POLICY - match ipv4-all-default ipv4 - actions - count test - set dscp 11 - set traffic class 10 - ! - match ipv6-all-default ipv6 - ! - traffic-policy BLUE-C4-POLICY - match ipv4-all-default ipv4 - ! - match ipv6-all-default ipv6 - actions - count test - set dscp 11 - set traffic class 10 - ! - traffic-policy BLUE-C5-POLICY - match ipv4-all-default ipv4 - ! - match ipv6-all-default ipv6 - actions - drop - log - ! - traffic-policy BLUE-C6-POLICY - match ipv4-all-default ipv4 - ! - match ipv6-all-default ipv6 - actions - drop - ! - traffic-policy BLUE-C7-POLICY - match BLUE-C7-POLICY-01 ipv4 - protocol neighbors bgp enforce ttl maximum-hops - ! - match ipv4-all-default ipv4 - ! - match ipv6-all-default ipv6 -``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/address-locking.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/address-locking.cfg deleted file mode 100644 index 8cb272ac953..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/address-locking.cfg +++ /dev/null @@ -1,31 +0,0 @@ -! -address locking - disabled - local-interface Loopback0 - dhcp server ipv4 1.1.1.1 - dhcp server ipv4 4.4.4.4 - lease 2.2.2.2 mac dead.beef.cafe - lease 3.3.3.3 mac de:af:be:ef:ca:fe - locked-address expiration mac disabled - locked-address ipv4 enforcement disabled - locked-address ipv6 enforcement disabled -! -interface Ethernet1 - description Address Locking Interface Testing 1 - switchport - address locking ipv4 -! -interface Ethernet2 - description Address Locking Interface Testing 2 - switchport - address locking ipv4 ipv6 -! -interface Ethernet3 - description Address Locking Interface Testing 3 - switchport - address locking ipv6 -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/banners_without_eof.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/banners_without_eof.cfg deleted file mode 100644 index fecc51c0d82..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/banners_without_eof.cfg +++ /dev/null @@ -1,51 +0,0 @@ -! -banner login -!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -!***!!!Unauthorized access prohibited!!!***! -!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -EOF - -! -banner motd -. Switch : $(hostname) . -. Site : DC1 . -. Type info for information about the device . -. Type help for information about the aliases . -EOF - -! -management api http-commands - protocol https - protocol http - no shutdown - ! - vrf mgt - no shutdown - ip access-group ACL-API -! -management console - idle-timeout 300 -! -management security - password encryption-key common -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -management ssh - ip access-group ACL-SSH in - ip access-group ACL-SSH-VRF vrf mgt in - ipv6 access-group ACL-SSH6 in - ipv6 access-group ACL-SSH-VRF6 vrf mgt in - idle-timeout 15 - connection per-host 12 - no shutdown - ! - vrf mgt - no shutdown -! -interface Loopback1000 - description Interface created with eos_cli on device level - diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/base.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/base.cfg deleted file mode 100644 index fecc51c0d82..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/base.cfg +++ /dev/null @@ -1,51 +0,0 @@ -! -banner login -!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -!***!!!Unauthorized access prohibited!!!***! -!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -EOF - -! -banner motd -. Switch : $(hostname) . -. Site : DC1 . -. Type info for information about the device . -. Type help for information about the aliases . -EOF - -! -management api http-commands - protocol https - protocol http - no shutdown - ! - vrf mgt - no shutdown - ip access-group ACL-API -! -management console - idle-timeout 300 -! -management security - password encryption-key common -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -management ssh - ip access-group ACL-SSH in - ip access-group ACL-SSH-VRF vrf mgt in - ipv6 access-group ACL-SSH6 in - ipv6 access-group ACL-SSH-VRF6 vrf mgt in - idle-timeout 15 - connection per-host 12 - no shutdown - ! - vrf mgt - no shutdown -! -interface Loopback1000 - description Interface created with eos_cli on device level - diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/custom-templates.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/custom-templates.cfg deleted file mode 100644 index 207d81792a9..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/custom-templates.cfg +++ /dev/null @@ -1,14 +0,0 @@ -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -! -test-custom-template-with-logic-1 - -! -test-custom-template-no-logic-2 -! -test-custom-template-with-logic-3 - diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/dns-ntp.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/dns-ntp.cfg deleted file mode 100644 index ea35a4f3ab6..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/dns-ntp.cfg +++ /dev/null @@ -1,26 +0,0 @@ -ip domain lookup source-interface Loopback0 -ip domain lookup vrf mgt source-interface Management0 -ip name-server 10.10.128.10 -ip name-server vrf mgmt 10.10.128.10 -ip name-server vrf TEST 10.10.128.10 priority 3 -ip name-server 10.10.129.10 priority 0 -ip name-server 2001:db8::1 -ip name-server vrf mgmt 2001:db8::1 -ip name-server 2001:db8::2 priority 0 -ip name-server vrf TEST 2001:db8::2 priority 3 -dns domain test.local -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -ntp authentication-key 1 md5 044F0E151B -ntp authentication-key 2 sha1 15060E1F10 -ntp trusted-key 1-2 -ntp authenticate servers -ntp local-interface vrf mgt Management0 -ntp server vrf mgt 10.10.111.1 prefer -ntp server vrf mgt 10.10.111.2 -ntp server vrf mgt 2001:db8::3 -ntp server vrf mgt 2001:db8::4 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/eos_cli_config_gen_documentation.enable.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/eos_cli_config_gen_documentation.enable.cfg deleted file mode 100644 index e047f96bbfc..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/eos_cli_config_gen_documentation.enable.cfg +++ /dev/null @@ -1,5 +0,0 @@ -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/flow-tracking-2.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/flow-tracking-2.cfg deleted file mode 100644 index 44d926c8757..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/flow-tracking-2.cfg +++ /dev/null @@ -1,13 +0,0 @@ -! -flow tracking sampled - sample 666 - hardware offload ipv4 ipv6 - tracker T21 - record export on inactive timeout 3666 - record export on interval 5666 - record export mpls -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/flow-tracking.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/flow-tracking.cfg deleted file mode 100644 index 981a88ee251..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/flow-tracking.cfg +++ /dev/null @@ -1,85 +0,0 @@ -! -flow tracking hardware - tracker T1 - record export on inactive timeout 3666 - record export on interval 5666 - ! - tracker T2 - exporter T2-E1 - collector 42.42.42.42 - ! - tracker T3 - exporter T3-E1 - ! - exporter T3-E2 - collector 10.10.10.10 port 777 - ! - exporter T3-E3 - collector this.is.my.awesome.collector.dns.name port 888 - format ipfix version 10 - local interface Management1 - template interval 424242 - ! - exporter T3-E4 - collector dead:beef::cafe - record format ipfix standard timestamps counters - no shutdown -! -flow tracking sampled - encapsulation ipv4 ipv6 mpls - sample 666 - hardware offload ipv4 - hardware offload threshold minimum 2 samples - tracker T1 - record export on inactive timeout 3666 - record export on interval 5666 - record export mpls - ! - tracker T2 - flow table size 614400 entries - exporter T2-E1 - collector 42.42.42.42 - ! - tracker T3 - flow table size 100000 entries - exporter T3-E1 - ! - exporter T3-E2 - collector 10.10.10.10 port 777 - ! - exporter T3-E3 - collector this.is.my.awesome.collector.dns.name port 888 - format ipfix version 10 - local interface Management1 - template interval 424242 - ! - exporter T3-E4 - collector dead:beef::cafe - no shutdown -! -interface Port-Channel42 - switchport - flow tracker hardware T3 - flow tracker sampled T3 -! -interface Dps1 - flow tracker hardware T3 -! -interface Ethernet40 - switchport - flow tracker hardware T2 - flow tracker sampled T2 -! -interface Ethernet41 - switchport - flow tracker hardware T3 - flow tracker sampled T3 -! -interface Ethernet42 - switchport - flow tracker sampled T3 -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/hardware-counter.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/hardware-counter.cfg deleted file mode 100644 index 3cae8d8f556..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/hardware-counter.cfg +++ /dev/null @@ -1,14 +0,0 @@ -! -hardware counter feature acl out mac -hardware counter feature gre tunnel interface out -hardware counter feature ip in -hardware counter feature ip out layer3 units packets -hardware counter feature mpls lfib units packets -hardware counter feature route ipv4 vrf test 192.168.0.0/24 -hardware counter feature route ipv6 2001:db8:cafe::/64 -hardware counter feature segment-security in -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/hardware.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/hardware.cfg deleted file mode 100644 index 1526d60b644..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/hardware.cfg +++ /dev/null @@ -1,14 +0,0 @@ -! -hardware port-group 1 select Et32/1-4 -hardware port-group 2 select Et32/1,Et32/3,Et34 -! -hardware access-list mechanism tcam -! -hardware speed-group 1 serdes 10g -hardware speed-group 2 serdes 25g -hardware speed-group 3/1 serdes 25g -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/hide-passwords.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/hide-passwords.cfg deleted file mode 100644 index 0bfb456436d..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/hide-passwords.cfg +++ /dev/null @@ -1,29 +0,0 @@ -! -enable password sha512 -aaa root secret sha512 -! -username ansible secret sha512 -! -radius-server host 10.10.10.158 key 7 -! -tacacs-server host 10.10.10.157 key 7 -! -ip security - ! - profile Profile-1 - shared-key 7 -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -router bgp 65100 - router-id 10.50.64.15 - neighbor IPV4-UNDERLAY peer group - neighbor IPV4-UNDERLAY remote-as 65000 - neighbor IPV4-UNDERLAY password 7 - ! - vrf BLAH - neighbor 10.50.2.1 remote-as 65000 - neighbor 10.50.2.1 password 7 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host1.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host1.cfg index 684d07ca13e..a13d741fc2f 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host1.cfg +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host1.cfg @@ -16,9 +16,34 @@ username shell shell /sbin/nologin nopassword username shell ssh-key ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDHMTFuLHPz/prREZZIks0ca4btBIzEbvY6KRYGzhN7JCG5CTfre0Y9UCbNul7qNl7cxomQkh/0VjQNX6ecPd0HyOTKL2EK002ejNyvooUDarnglMWtjKIl40NgDR/GNSkvC3nEylvX1H7Rfmu38NCqiwIpWA8JFwgLCLvkWUoORxHhIIy8/vttLgMxr66HGlVAnRidf3VVCnlILm4gUpc3fR43EhvVoYByY3jEa/fypiS2nDP9K2fXtpXGrIHSbyMu4Mj3fnSdcqWysRF7Tqc6Kvet8ImS07fLcgpbdLp31ssF1rssbTnD1zWuAozvXpK1d+vFO4EfFr5yzkE2Q8lM0wPpdS4LBWQfJdWgi6t5XEXewWyTYfIDKCBOI2dECGtkDjme+PDNIL9IQiiYC2iXMmQrun9fsp8jicdw1svGef8Otdb4kmHXiQ3mAxTeHLgeYPfYyekKq/+dFMcAZT+sv0g24AHc4ulitfLRoGjxYHZLGg2KQpFfAn0aQKCd5vk= noname@hostmachine-asd-cl username shell ssh-key secondary ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDHMTFuLHPz/prREZZIks0ca4btBIzEbvY6KRYGzhN7JCG5CTfre0Y9UCbNul7qNl7cxomQkh/0VjQNX6ecPd0HyOTKL2EK002ejNyvooUDarnglMWtjKIl40NgDR/GNSkvC3nEylvX1H7Rfmu38NCqiwIpWA8JFwgLCLvkWUoORxHhIIy8/vttLgMxr66HGlVAnRidf3VVCnlILm4gUpc3fR43EhvVoYByY3jEa/fypiS2nDP9K2fXtpXGrIHSbyMu4Mj3fnSdcqWysRF7Tqc6Kvet8ImS07fLcgpbdLp31ssF1rssbTnD1zWuAozvXpK1d+vFO4EfFr5yzkE2Q8lM0wPpdS4LBWQfJdWgi6t5XEXewWyTYfIDKCBOI2dECGtkDjme+PDNIL9IQiiYC2iXMmQrun9fsp8jicdw1svGef8Otdb4kmHXiQ3mAxTeHLgeYPfYyekKq/+dFMcAZT+sv0g24AHc4ulitfLRoGjxYHZLGg2KQpFfAn0aQKCd5vk= noname@hostmachine-asd-cl ! +address locking + disabled + local-interface Loopback0 + dhcp server ipv4 1.1.1.1 + dhcp server ipv4 4.4.4.4 + lease 2.2.2.2 mac dead.beef.cafe + lease 3.3.3.3 mac de:af:be:ef:ca:fe + locked-address expiration mac disabled + locked-address ipv4 enforcement disabled + locked-address ipv6 enforcement disabled +! agent Dummy environment V1=42:V2=666 agent KernelFib environment KERNELFIB_PROGRAM_ALL_ECMP=true ! +hardware port-group 1 select Et32/1-4 +hardware port-group 2 select Et32/1,Et32/3,Et34 +! +hardware counter feature acl out mac +hardware counter feature gre tunnel interface out +hardware counter feature ip in +hardware counter feature ip out layer3 units packets +hardware counter feature mpls lfib units packets +hardware counter feature route ipv4 vrf test 192.168.0.0/24 +hardware counter feature route ipv6 2001:db8:cafe::/64 +hardware counter feature segment-security in +! +hardware access-list mechanism tcam +! service routing configuration bgp no-equals-default ! prompt %H__%D{%H:%M:%S}%v%P @@ -160,6 +185,64 @@ errdisable recovery interval 300 ! event-monitor ! +flow tracking hardware + tracker T1 + record export on inactive timeout 3666 + record export on interval 5666 + ! + tracker T2 + exporter T2-E1 + collector 42.42.42.42 + ! + tracker T3 + exporter T3-E1 + ! + exporter T3-E2 + collector 10.10.10.10 port 777 + ! + exporter T3-E3 + collector this.is.my.awesome.collector.dns.name port 888 + format ipfix version 10 + local interface Management1 + template interval 424242 + ! + exporter T3-E4 + collector dead:beef::cafe + record format ipfix standard timestamps counters + no shutdown +! +flow tracking sampled + encapsulation ipv4 ipv6 mpls + sample 666 + hardware offload ipv4 + hardware offload threshold minimum 2 samples + tracker T1 + record export on inactive timeout 3666 + record export on interval 5666 + record export mpls + ! + tracker T2 + flow table size 614400 entries + exporter T2-E1 + collector 42.42.42.42 + ! + tracker T3 + flow table size 100000 entries + exporter T3-E1 + ! + exporter T3-E2 + collector 10.10.10.10 port 777 + ! + exporter T3-E3 + collector this.is.my.awesome.collector.dns.name port 888 + format ipfix version 10 + local interface Management1 + template interval 424242 + ! + exporter T3-E4 + collector dead:beef::cafe + no shutdown +! ip igmp snooping robustness-variable 2 ip igmp snooping restart query-interval 30 ip igmp snooping interface-restart-query 500 @@ -197,8 +280,51 @@ logging event congestion-drops interval 10 ! load-interval default 25 ! +interface defaults + mtu 9000 + ethernet + shutdown +! service routing protocols model multi-agent ! +l2-protocol + forwarding profile TEST1 + bfd per-link rfc-7130 forward + bfd per-link rfc-7130 tagged forward + bfd per-link rfc-7130 untagged forward + e-lmi forward + e-lmi tagged forward + e-lmi untagged forward + isis forward + isis tagged forward + isis untagged forward + lacp forward + lacp tagged forward + lacp untagged forward + lldp forward + lldp tagged forward + lldp untagged forward + macsec forward + macsec tagged forward + macsec untagged forward + pause forward + pause tagged forward + pause untagged forward + stp forward + stp tagged forward + stp untagged forward + forwarding profile TEST2 + bfd per-link rfc-7130 tagged forward + e-lmi forward + isis untagged forward + lacp forward + lacp untagged forward + lldp tagged forward + macsec tagged forward + pause untagged forward + stp tagged forward + stp untagged forward +! lacp port-id range 1 128 no lacp rate-limit default ! @@ -221,6 +347,14 @@ link tracking group EVPN_MH_ES1 recovery delay 500 link tracking group EVPN_MH_ES2 ! +lldp timer 30 +lldp hold-time 90 +no lldp tlv transmit system-capabilities +lldp tlv transmit system-description +no lldp run +lldp management-address 192.168.1.1/24 +lldp management-address vrf Management +! logging repeat-messages logging buffered 1000000 warnings no logging trap @@ -278,6 +412,27 @@ monitor server radius probe threshold failure 100 probe method access-request username arista password 7 141600021F102B ! +platform trident mmu queue profile mc_example_profile + egress unicast queue 1 reserved bytes 0 + egress unicast queue 2 reserved cells 0 + egress unicast queue 2 threshold 1/8 + egress multicast queue 0 reserved 0 + egress multicast queue 0 drop-precedence 1 drop-threshold 3/4 + egress multicast queue 1 reserved cells 0 + egress multicast queue 1 threshold 1/64 + egress multicast queue 7 reserved cells 0 + egress multicast queue 7 threshold 1/64 +! +platform trident mmu queue profile unused_profile + egress unicast queue 1 reserved bytes 0 + egress unicast queue 1 drop-precedence 1 drop-threshold 1/8 + egress unicast queue 2 reserved cells 0 + egress unicast queue 2 threshold 1/8 + egress multicast queue 0 reserved 0 + egress multicast queue 0 drop-precedence 2 drop-threshold 1 + egress multicast queue 1 reserved cells 0 + egress multicast queue 1 threshold 8 +! ip nat translation address selection hash field source-ip ip nat translation address selection any ip nat translation tcp-timeout 7200 @@ -328,6 +483,17 @@ ip nat profile NAT-PROFILE-NO-VRF-2 ip nat profile NAT-PROFILE-TEST-VRF vrf TEST ! hostname hostname-set-via-hostname-var +ip domain lookup source-interface Loopback0 +ip domain lookup vrf mgt source-interface Management0 +ip name-server 10.10.128.10 +ip name-server vrf mgmt 10.10.128.10 +ip name-server vrf TEST 10.10.128.10 priority 3 +ip name-server 10.10.129.10 priority 0 +ip name-server 2001:db8::1 +ip name-server vrf mgmt 2001:db8::1 +ip name-server 2001:db8::2 priority 0 +ip name-server vrf TEST 2001:db8::2 priority 3 +dns domain test.local ip domain-list domain1.local ip domain-list domain2.local ! @@ -342,11 +508,201 @@ aaa group server ldap LDAP1 track MyTrackNoProperty interface Ethernet1/1 line-protocol track MyTrackSetProperty interface Ethernet2/1 line-protocol ! +poe + reboot action maintain + interface shutdown action power-off +! switchport port-security mac-address aging switchport port-security mac-address moveable switchport port-security persistence disabled switchport port-security violation protect chip-based ! +ptp clock-identity 11:11:11:11:11:11 +ptp domain 17 +ptp message-type event dscp 46 default +ptp message-type general dscp 36 default +ptp mode boundary one-step +ptp priority1 101 +ptp priority2 102 +ptp profile g8275.1 +ptp source ip 1.1.2.3 +ptp ttl 12 +ptp forward-unicast +ptp monitor threshold offset-from-master 11 +ptp monitor threshold mean-path-delay 12 +ptp monitor threshold mean-path-delay 14 nanoseconds drop +ptp monitor threshold offset-from-master 13 nanoseconds drop +ptp monitor threshold missing-message sync 103 intervals +ptp monitor threshold missing-message follow-up 102 intervals +ptp monitor threshold missing-message announce 101 intervals +ptp monitor sequence-id +ptp monitor threshold missing-message sync 204 sequence-ids +ptp monitor threshold missing-message follow-up 203 sequence-ids +ptp monitor threshold missing-message delay-resp 202 sequence-ids +ptp monitor threshold missing-message announce 201 sequence-ids +! +qos profile experiment + qos trust cos + qos cos 2 + service-policy type qos input test_qos_policy_v1 + ! + tx-queue 3 + no priority + bandwidth percent 30 + ! + tx-queue 4 + bandwidth guaranteed percent 10 + ! + tx-queue 5 + bandwidth percent 40 + ! + tx-queue 7 + bandwidth percent 30 + shape rate 40 percent +! +qos profile no_qos_trust + no qos trust + qos cos 3 + qos dscp 4 +! +qos profile qprof_testwithpolicy + service-policy type qos input pmap_test1 + ! + tx-queue 0 + bandwidth percent 1 + ! + tx-queue 1 + bandwidth percent 80 + ! + tx-queue 5 + !! Multi-line comment + !! here. + no priority + bandwidth percent 19 +! +qos profile test + qos trust dscp + qos dscp 46 + shape rate 80 percent + ! + tx-queue 1 + no priority + bandwidth percent 50 + ! + tx-queue 2 + priority strict + bandwidth percent 10 + random-detect ecn minimum-threshold 320 kbytes maximum-threshold 320 kbytes max-mark-probability 90 + ! + tx-queue 4 + bandwidth guaranteed percent 10 + random-detect ecn minimum-threshold 320 segments maximum-threshold 320 segments weight 10 +! +qos profile test_with_pfc + service-policy type qos input pmap_test1 + ! + tx-queue 0 + bandwidth percent 1 + ! + tx-queue 1 + bandwidth percent 80 + ! + tx-queue 5 + no priority + bandwidth percent 19 + ! + priority-flow-control on + priority-flow-control priority 0 no-drop + priority-flow-control priority 1 drop + priority-flow-control pause watchdog + priority-flow-control pause watchdog port action drop + priority-flow-control pause watchdog port timer timeout 0.05 polling-interval auto recovery-time 1.11 forced +! +qos profile uc_mc_queues_test + ! + uc-tx-queue 1 + !! Test no priority + no priority + bandwidth percent 50 + random-detect ecn minimum-threshold 3 milliseconds maximum-threshold 9 milliseconds max-mark-probability 90 + ! + uc-tx-queue 2 + priority strict + bandwidth percent 10 + random-detect ecn minimum-threshold 320 kbytes maximum-threshold 320 kbytes max-mark-probability 90 + ! + uc-tx-queue 4 + !! Test guaranteed percent + bandwidth guaranteed percent 10 + random-detect ecn minimum-threshold 320 segments maximum-threshold 320 segments weight 10 + ! + mc-tx-queue 1 + no priority + bandwidth percent 50 + ! + mc-tx-queue 2 + !! Test strict priority + priority strict + bandwidth percent 10 + ! + mc-tx-queue 4 + !! Test guaranteed percent + bandwidth guaranteed percent 10 +! +qos profile wred_queues_test + ! + tx-queue 1 + !! Test no priority + no priority + bandwidth percent 50 + random-detect drop minimum-threshold 1 kbytes maximum-threshold 10 kbytes drop-probability 100 + ! + tx-queue 2 + priority strict + bandwidth percent 10 + random-detect drop drop-precedence 2 minimum-threshold 2 kbytes maximum-threshold 200 kbytes drop-probability 50 weight 10 + ! + tx-queue 3 + priority strict + bandwidth percent 10 + random-detect ecn minimum-threshold 320 kbytes maximum-threshold 320 kbytes weight 10 + ! + tx-queue 4 + !! Test guaranteed percent + bandwidth guaranteed percent 10 + random-detect drop minimum-threshold 1 kbytes maximum-threshold 10 kbytes drop-probability 90 + ! + mc-tx-queue 1 + no priority + bandwidth percent 50 + ! + mc-tx-queue 2 + !! Test strict priority + priority strict + bandwidth percent 10 + ! + mc-tx-queue 4 + !! Test guaranteed percent + bandwidth guaranteed percent 10 +! +qos profile wred_uc_queues_test + ! + uc-tx-queue 1 + !! Test no priority + no priority + bandwidth percent 50 + random-detect drop minimum-threshold 1 microseconds maximum-threshold 10 microseconds drop-probability 90 weight 15 + ! + uc-tx-queue 2 + priority strict + bandwidth percent 10 + random-detect drop drop-precedence 1 minimum-threshold 2 milliseconds maximum-threshold 20 milliseconds drop-probability 80 + ! + uc-tx-queue 4 + !! Test guaranteed percent + bandwidth guaranteed percent 10 + random-detect drop minimum-threshold 1 microseconds maximum-threshold 10 microseconds drop-probability 90 +! redundancy protocol sso ! @@ -558,6 +914,18 @@ router service-insertion interface Ethernet3/1 next-hop 10.10.10.10 monitor connectivity host host4 ! +platform trident l3 routing mac-address per-vlan +platform trident forwarding-table partition 2 +platform sand forwarding mode arad +platform sand lag mode 512x32 +platform sand lag hardware-only +platform sand qos map traffic-class 0 to network-qos 0 +platform sand qos map traffic-class 1 to network-qos 7 +platform sand qos map traffic-class 2 to network-qos 15 +platform sand multicast replication default ingress +platform sand mdb profile l3-xxl +platform sfe data-plane cpu allocation maximum 42 +! sflow sample dangerous 1000 sflow polling-interval 10 sflow vrf AAA destination 10.6.75.62 123 @@ -589,6 +957,13 @@ sflow hardware acceleration module Linecard1 sflow hardware acceleration module Linecard2 no sflow hardware acceleration module Linecard3 ! +hardware speed-group 1 serdes 10g +hardware speed-group 2 serdes 25g +hardware speed-group 3/1 serdes 25g +! +sync-e + network option 2 +! service unsupported-transceiver test dsafDSFfvadskjh3424 ! system l1 @@ -647,6 +1022,10 @@ vrf instance TENANT_A_PROJECT01 ! vrf instance TENANT_A_PROJECT02 ! +vrf instance TEST1 +! +vrf instance TEST2 +! group bgp bar vrf red neighbor peer-group-baz @@ -667,6 +1046,21 @@ queue-monitor streaming ipv6 access-group ACLv6-QMS vrf test no shutdown +! +banner login +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +!***!!!Unauthorized access prohibited!!!***! +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +EOF + +! +banner motd +. Switch : $(hostname) . +. Site : DC1 . +. Type info for information about the device . +. Type help for information about the aliases . +EOF + ! management accounts password policy AVD_POLICY @@ -879,6 +1273,10 @@ management security ssl profile cipher-list-profile cipher-list ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384 ! + ssl profile SSL_PROFILE + tls versions 1.1 1.2 + certificate SSL_CERT key SSL_KEY + ! ssl profile test1-chain-cert chain certificate test-chain-cert1.crt chain certificate test-chain-cert2.crt @@ -1120,6 +1518,29 @@ ip security profile Profile-1 hardware encryption disabled ! +mac security + license license1 123456 + fips restrictions + ! + profile A1 + cipher aes128-gcm + key 1234a 7 025756085F535976 + key 1234c 7 10195F4C5144405A fallback + mka key-server priority 100 + mka session rekey-period 30 + traffic unprotected allow + sci + l2-protocol lldp bypass unauthorized + ! + profile A2 + key 1234b 7 12485744465E5A53 + traffic unprotected allow active-sak + ! + profile A3 + cipher aes256-gcm-xpn + key ab 7 10195F4C5144405A + traffic unprotected drop +! interface Port-Channel3 description MLAG_PEER_DC1-LEAF1B_Po3 switchport trunk allowed vlan 2-4094 @@ -1155,6 +1576,14 @@ interface Port-Channel5 l2 mtu 8000 l2 mru 8000 mlag 5 + ptp enable + ptp mpass + ptp delay-mechanism e2e + ptp profile g8275.1 destination mac-address forwardable + ptp role dynamic + ptp sync-message interval 1 + ptp transport layer2 + ptp vlan 2 storm-control broadcast level 1 storm-control multicast level 1 storm-control unknown-unicast level 1 @@ -1246,11 +1675,17 @@ interface Port-Channel14 route-target import 00:00:01:02:03:05 ! interface Port-Channel15 + traffic-policy input BLUE-C1-POLICY + traffic-policy output BLUE-C2-POLICY description DC1_L2LEAF3_Po1 switchport trunk allowed vlan 110,201 switchport mode trunk switchport mlag 15 + service-policy type qos input pmap_test1 + service-profile experiment + qos trust cos + qos cos 2 isis authentication mode md5 rx-disabled isis authentication key 0 password spanning-tree guard loop @@ -1533,9 +1968,12 @@ interface Port-Channel114 ! interface Port-Channel115 description native-vlan-tag-precedence + l2-protocol forwarding profile TEST2 switchport trunk native vlan tag switchport mode trunk switchport + flow tracker hardware T3 + flow tracker sampled T3 ! interface Port-Channel117 description interface_with_sflow_ingress_egress_enabled @@ -1653,16 +2091,19 @@ interface Dps1 description Test DPS Interface shutdown mtu 666 - flow tracker hardware FT-HW - flow tracker sampled FT-S + flow tracker hardware T3 + flow tracker sampled T2 ip address 192.168.42.42/24 tcp mss ceiling ipv4 666 ipv6 666 ingress load-interval 42 ! interface Ethernet1 + traffic-policy input BLUE-C1-POLICY + traffic-policy output BLUE-C2-POLICY description P2P_LINK_TO_DC1-SPINE1_Ethernet1 mtu 1500 bgp session tracker ST1 + l2-protocol forwarding profile TEST1 l2 mtu 8000 l2 mru 8000 speed forced 100gfull @@ -1692,6 +2133,7 @@ interface Ethernet1 switchport vlan translation out 45 dot1q-tunnel all switchport trunk private-vlan secondary switchport pvlan mapping 20-30 + address locking ipv4 ip address 172.31.255.1/31 ip verify unicast source reachable-via rx bfd interval 500 min-rx 500 multiplier 5 @@ -1711,6 +2153,10 @@ interface Ethernet1 tcp mss ceiling ipv4 70 ipv6 75 egress switchport port-security switchport port-security mac-address maximum disabled + service-policy type qos input pmap_test1 + service-profile test + qos trust dscp + qos dscp 48 priority-flow-control on priority-flow-control priority 5 drop switchport backup-link Ethernet5 prefer vlan 10 @@ -1733,6 +2179,7 @@ interface Ethernet2 switchport trunk allowed vlan 110-111,210-211 switchport mode trunk switchport + address locking ipv4 ipv6 ip address 10.1.255.3/24 ip address 1.1.1.3/24 secondary ip address 1.1.1.4/24 secondary @@ -1760,6 +2207,7 @@ interface Ethernet3 no switchport switchport vlan translation out 23 dot1q-tunnel 50 no snmp trap link-change + address locking ipv6 ip address 172.31.128.1/31 ipv6 enable ipv6 address 2002:ABDC::1/64 @@ -1767,6 +2215,7 @@ interface Ethernet3 ipv6 nd prefix 2345:ABCD:3FE0::2/96 50 infinite ipv6 nd prefix 2345:ABCD:3FE0::3/96 100000 no-autoconfig tcp mss ceiling ipv6 65 + mac security profile A1 switchport port-security no switchport port-security mac-address maximum disabled switchport port-security vlan 1 mac-address maximum 3 @@ -1776,9 +2225,18 @@ interface Ethernet3 switchport port-security vlan 22 mac-address maximum 4 switchport port-security vlan 41 mac-address maximum 4 switchport port-security vlan default mac-address maximum 2 + ptp enable + ptp delay-mechanism e2e + ptp role dynamic + ptp sync-message interval 1 + ptp transport layer2 + ptp vlan 2 no priority-flow-control spanning-tree guard root switchport backup-link Ethernet4 + ! + sync-e + priority 10 link tracking group EVPN_MH_ES2 downstream ! interface Ethernet4 @@ -1830,6 +2288,8 @@ interface Ethernet5 no isis hello padding isis network point-to-point spanning-tree guard loop + ! + sync-e ! interface Ethernet6 description SRV-POD02_Eth1 @@ -1838,10 +2298,29 @@ interface Ethernet6 switchport trunk allowed vlan 110-111,210-211 switchport mode trunk switchport + no lldp transmit + ptp enable + ptp announce interval 3 + ptp announce timeout 9 + ptp delay-mechanism e2e + ptp delay-req interval -7 + ptp profile g8275.1 destination mac-address non-forwardable + ptp role dynamic + ptp sync-message interval 1 + ptp transport ipv4 + service-profile experiment + qos trust cos + qos cos 2 + ! + tx-queue 2 + random-detect ecn count logging event storm-control discards spanning-tree bpduguard enable spanning-tree bpdufilter enable logging event spanning-tree + ! + sync-e + priority disabled ! interface Ethernet7 description Molecule L2 @@ -1875,6 +2354,10 @@ interface Ethernet8 no switchport no lldp transmit no lldp receive + service-profile qprof_testwithpolicy + ! + uc-tx-queue 4 + random-detect ecn count isis authentication mode md5 rx-disabled isis authentication key 0 password ! @@ -1892,6 +2375,7 @@ interface Ethernet9 no switchport ip address 172.31.128.9/31 mpls ldp interface + no lldp receive multicast ipv4 boundary ACL_MULTICAST out multicast ipv6 static mpls ip @@ -2160,17 +2644,22 @@ interface Ethernet39 interface Ethernet40 description DOT1X Testing - mac_based_authentication always switchport + flow tracker hardware T2 + flow tracker sampled T2 dot1x mac based authentication always ! interface Ethernet41 description DOT1X Testing - mac_based_authentication always and host-mode common switchport + flow tracker hardware T3 + flow tracker sampled T3 dot1x mac based authentication host-mode common dot1x mac based authentication always ! interface Ethernet42 description DOT1X Testing - mac_based_authentication switchport + flow tracker sampled T3 dot1x mac based authentication ! interface Ethernet43 @@ -3061,6 +3550,12 @@ interface Vxlan1 vxlan encapsulation ipv4 ! +hardware tcam + profile MY_TCAM_PROFILE + source flash:/TCAM_PROFILES/MY_TCAM_PROFILE.conf + ! + system profile traffic_policy +! application traffic recognition ! application ipv4 empty-application @@ -3378,6 +3873,12 @@ ip address virtual source-nat vrf TEST_04 address 1.1.1.3 ipv6 address virtual source-nat vrf TEST_03 address 2001:db8:85a3::8a2e:370:7334 ipv6 address virtual source-nat vrf TEST_04 address 2001:db8:85a3::8a2e:370:7335 ! +ipv6 access-list acl_qos_tc0_v6 + 10 permit ipv6 any any dscp cs1 +! +ipv6 access-list acl_qos_tc5_v6 + 10 permit ipv6 any 2001:db8::/48 +! ipv6 access-list TEST1 5 deny ipv6 fe80::/64 any 10 permit ipv6 fe90::/64 any @@ -3432,6 +3933,12 @@ ip access-list ACL-04 30 permit ip 194.0.2.0/24 any permit response traffic nat ! +ip access-list acl_qos_tc0_v4 + 10 permit ip any 192.0.2.0/29 +! +ip access-list acl_qos_tc5_v4 + 10 permit ip any any dscp ef +! ip access-list ACL_NO_SEQUENCE remark test acl without sequence numbers deny udp any any log @@ -3486,9 +3993,14 @@ ip access-list standard ACL-SSH-VRF 20 permit 10.0.0.0/8 30 permit 172.16.0.0/12 40 permit 192.168.0.0/16 +! +ip routing ipv6 interfaces +ip hardware fib optimize prefixes profile urpf-internet no ip routing vrf MGMT ip routing vrf TENANT_A_PROJECT01 ip routing vrf TENANT_A_PROJECT02 +ip routing vrf TEST1 +ip routing ipv6 interfaces vrf TEST2 ! ip as-path regex-mode asn ip as-path access-list mylist1 permit ^(64512|645115) egp @@ -3512,6 +4024,32 @@ ip extcommunity-list regexp TEST1 deny .* ! ip extcommunity-list regexp TEST2 deny 6500[0-1]:650[0-9][0-9] ! +dynamic prefix-list DYNAMIC_PREFIX_LIST_NAME_1 + match-map Test_1 + prefix-list ipv4 IPV4_PREFIX_LIST +! +dynamic prefix-list DYNAMIC_PREFIX_LIST_NAME_2 + match-map Test_2 + prefix-list ipv6 IPV6_PREFIX_LIST +! +dynamic prefix-list DYNAMIC_PREFIX_LIST_NAME_3 + match-map Test_2 + prefix-list ipv4 IPV4_PREFIX_LIST + prefix-list ipv6 IPV6_PREFIX_LIST +! +ip prefix-list PL-IPV4-LOOPBACKS +! +ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY + seq 10 permit 192.168.255.0/24 eq 32 + seq 20 permit 192.168.254.0/24 eq 32 +! +ipv6 prefix-list PL-IPV6-LOOPBACKS + seq 10 permit 1b11:3a00:22b0:0082::/64 eq 128 +! +ipv6 unicast-routing +ipv6 hardware fib optimize prefixes profile internet +ipv6 unicast-routing vrf TEST1 +! ipv6 neighbor persistent refresh-delay 1000 ipv6 neighbor vrf MGMT 11:22:33:44:55:66:77:88 Ethernet1 11:22:33:44:55:66 ipv6 neighbor ::ffff:192.1.56.10 Loopback99 aa:af:12:34:bc:bf @@ -3693,8 +4231,8 @@ ip tftp client source-interface Management0 vrf MGMT ntp authentication-key 1 md5 7 044F0E151B ntp authentication-key 2 md5 7 044F0E151B ntp authentication-key 3 sha1 8a $BYk2Sjahe+D9T7uDgIItSA==$JTw5JOAPcYEo0O2hsvsxFQ==$C7wmpXOo -ntp trusted-key 1-3 -ntp authenticate +ntp trusted-key 1-2 +ntp authenticate servers ntp local-interface lo1 ntp server 1.2.3.4 local-interface lo0 ntp server 2.2.2.55 @@ -3755,6 +4293,19 @@ monitor telemetry postcard policy profile profile2 ingress sample policy samplepo2 ! +qos rewrite dscp +qos map cos 1 2 3 4 to traffic-class 2 +qos map cos 3 to traffic-class 3 +qos map dscp 8 9 10 11 12 13 14 15 16 17 19 21 23 24 25 27 29 31 32 33 35 37 39 40 41 42 43 44 45 47 49 50 51 52 53 54 55 57 58 59 60 61 62 63 to traffic-class 1 +qos map dscp 18 20 22 26 28 30 34 36 38 to traffic-class 4 drop-precedence 2 +qos map dscp 46 to traffic-class 5 +qos map traffic-class 1 to dscp 56 +qos map traffic-class 2 4 5 to cos 7 +qos map traffic-class 6 to tx-queue 2 +qos map exp 0 to traffic-class 0 +! +qos random-detect ecn allow non-ect chip-based +! class-map type qos match-any CM_IPv6_ACCESS_GROUP match ipv6 access-group ACL_REPLICATION_LD ! @@ -3767,6 +4318,18 @@ class-map type qos match-any CM_REPLICATION_LD2 class-map type qos match-any CM_REPLICATION_LD3 match cos 3 ! +class-map type qos match-any cmap_tc0_v4 + match ip access-group acl_qos_tc0_v4 +! +class-map type qos match-any cmap_tc0_v6 + match ipv6 access-group acl_qos_tc0_v6 +! +class-map type qos match-any cmap_tc5_v4 + match ip access-group acl_qos_tc5_v4 +! +class-map type qos match-any cmap_tc5_v6 + match ipv6 access-group acl_qos_tc5_v6 +! class-map type qos match-any COS_RANGE match vlan 1-3 ! @@ -3807,6 +4370,28 @@ policy-map type quality-of-service PM_REPLICATION_LD3 set cos 6 police rate 10000 bps burst-size 260 kbytes ! +policy-map type quality-of-service pmap_test1 + class cmap_tc0_v4 + set traffic-class 0 + ! + class cmap_tc5_v4 + set traffic-class 5 + ! + class cmap_tc5_v6 + set traffic-class 5 + ! + class cmap_tc0_v6 + set traffic-class 0 + ! + class class-default + set traffic-class 1 +! +priority-flow-control all off +priority-flow-control pause watchdog default timeout 0.05 +priority-flow-control pause watchdog default recovery-time 1.22 +priority-flow-control pause watchdog default polling-interval 10.001 +priority-flow-control pause watchdog action no-drop +! ip radius vrf default source-interface loopback1 ! ip radius vrf MGMT source-interface Ma1 @@ -4919,6 +5504,7 @@ router bgp 65101 vrf VRF02 neighbor 1.1.1.1 additional-paths receive neighbor 1.1.1.1 additional-paths send ecmp limit 24 + neighbor 1.1.1.1 password 7 CRWZZy7NjZF5vUQbiZLrzw== redistribute connected include leaked route-map RM_VRF_CONNECTED redistribute isis level-2 include leaked route-map RM_VRF_ISIS redistribute ospf include leaked route-map RM_VRF_OSPF @@ -5156,6 +5742,166 @@ ip tacacs vrf TEST1 source-interface lo3 ! ip tacacs source-interface loopback10 ! +traffic-policies + field-set l4-port SERVICE-DEMO + 10,20,80,440-450 + ! + field-set l4-port SERVICE-DEMO2 + field-set ipv4 prefix DEMO-01 + 10.0.0.0/8 192.168.0.0/16 + ! + field-set ipv4 prefix DEMO-02 + 172.16.0.0/12 224.0.0.0/8 + ! + field-set ipv4 prefix DEMO-03 + counter interface per-interface ingress + ! + traffic-policy BLUE-C1-POLICY + counter DEMO-TRAFFIC DROP-PACKETS + ! + match BLUE-C1-POLICY-01 ipv4 + source prefix 10.0.0.0/8 192.168.0.0/16 + destination prefix field-set DEMO-01 + protocol tcp source port 1,10-20 + protocol udp source port field-set SERVICE-DEMO + ttl 10, 20-30 + ! + actions + set traffic class 5 + ! + match BLUE-C1-POLICY-02 ipv4 + source prefix field-set DEMO-01 DEMO-02 + protocol tcp flags established + protocol tcp destination port field-set SERVICE-DEMO + protocol icmp + ! + actions + count DEMO-TRAFFIC + set dscp 60 + ! + match BLUE-C1-POLICY-03 ipv4 + source prefix field-set DEMO-01 + protocol icmp type echo echo-reply code all + fragment offset 1124, 2000-2010 + ! + actions + count DROP-PACKETS + drop + log + ! + match BLUE-C1-POLICY-04 ipv4 + source prefix field-set DEMO-02 + destination prefix field-set DEMO-01 + protocol tcp flags established + protocol tcp source port 22 destination port 80 + protocol icmp + ! + actions + set traffic class 5 + ! + match BLUE-C1-POLICY-05 ipv4 + source prefix field-set DEMO-02 + destination prefix field-set DEMO-01 + protocol bgp + fragment + ! + actions + set traffic class 5 + ! + match BLUE-C1-POLICY-06 ipv4 + protocol neighbors bgp + ! + match BLUE-C1-POLICY-07 ipv4 + destination prefix 10.0.0.0/8 192.168.0.0/16 + ! + match BLUE-C1-POLICY-08 ipv4 + destination prefix 10.0.0.0/8 192.168.0.0/16 + protocol udp destination port 1,10-20 + protocol tcp source port field-set SERVICE-DEMO-SRC destination port field-set SERVICE-DEMO-DST + ! + match ipv4-all-default ipv4 + actions + drop + ! + match ipv6-all-default ipv6 + ! + traffic-policy BLUE-C2-POLICY + counter DEMO-TRAFFIC + ! + match BLUE-C2-POLICY-01 ipv4 + source prefix 10.0.0.0/8 192.168.0.0/16 + protocol tcp source port 1,10-20 + protocol icmp + ! + actions + set traffic class 5 + ! + match BLUE-C2-POLICY-02 ipv4 + source prefix field-set DEMO-01 DEMO-02 + protocol tcp source port field-set SERVICE-DEMO + protocol icmp + ! + actions + count DEMO-TRAFFIC + set dscp 60 + ! + match BLUE-C2-POLICY-03 ipv4 + source prefix field-set DEMO-01 + protocol tcp + ! + actions + drop + ! + match ipv4-all-default ipv4 + actions + drop + log + ! + match ipv6-all-default ipv6 + ! + traffic-policy BLUE-C3-POLICY + match ipv4-all-default ipv4 + actions + count test + set dscp 11 + set traffic class 10 + ! + match ipv6-all-default ipv6 + ! + traffic-policy BLUE-C4-POLICY + match ipv4-all-default ipv4 + ! + match ipv6-all-default ipv6 + actions + count test + set dscp 11 + set traffic class 10 + ! + traffic-policy BLUE-C5-POLICY + match ipv4-all-default ipv4 + ! + match ipv6-all-default ipv6 + actions + drop + log + ! + traffic-policy BLUE-C6-POLICY + match ipv4-all-default ipv4 + ! + match ipv6-all-default ipv6 + actions + drop + ! + traffic-policy BLUE-C7-POLICY + match BLUE-C7-POLICY-01 ipv4 + protocol neighbors bgp enforce ttl maximum-hops + ! + match ipv4-all-default ipv4 + ! + match ipv6-all-default ipv6 +! +platform trident mmu queue profile mc_example_profile apply +! vmtracer session session_1 url https://192.168.0.10 username user1 @@ -5176,6 +5922,8 @@ dot1x dynamic-authorization management ssh ip access-group ACL-SSH in ip access-group ACL-SSH-VRF vrf mgt in + ipv6 access-group ACL-SSH6 in + ipv6 access-group ACL-SSH-VRF6 vrf mgt in idle-timeout 15 authentication protocol keyboard-interactive password public-key connection per-host 10 @@ -5204,3 +5952,7 @@ management tech-support exclude command json show version detail include command show version detail | grep TerminAttr exit +! +interface Loopback1000 + description Interface created with eos_cli on device level + diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host2.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host2.cfg index 56ca7a69535..52e59d195fa 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host2.cfg +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host2.cfg @@ -12,6 +12,16 @@ ip dhcp relay information option ! ip dhcp snooping ! +switchport default mode routed +! +flow tracking sampled + sample 666 + hardware offload ipv4 ipv6 + tracker T21 + record export on inactive timeout 3666 + record export on interval 5666 + record export mpls +! no ip igmp snooping no ip igmp snooping fast-leave no ip igmp snooping vlan 20 @@ -40,6 +50,21 @@ monitor server radius ! router adaptive-virtual-topology topology role edge gateway vxlan +! +banner login +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +!***!!!Unauthorized access prohibited!!!***! +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +EOF + +! +banner motd +. Switch : $(hostname) . +. Site : DC1 . +. Type info for information about the device . +. Type help for information about the aliases . +EOF + ! management api http-commands no protocol https @@ -121,6 +146,10 @@ monitor connectivity interface set HOST_SET2 Loopback2-4, Loopback10-12 local-interfaces HOST_SET2 default ! +no ip routing +no ip icmp redirect +no ipv6 icmp redirect +! ! arp persistent ! @@ -215,6 +244,12 @@ router pim sparse-mode ipv4 make-before-break ! +traffic-policies + field-set ipv6 prefix IPv6-DEMO-1 + 11:22:33:44:55:66:77:88 + ! + field-set ipv6 prefix IPv6-DEMO-2 +! dot1x system-auth-control dot1x protocol lldp bypass dot1x protocol bpdu bypass diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host3.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host3.cfg index e8bc4dc2974..bf36efabe7b 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host3.cfg +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host3.cfg @@ -30,3 +30,5 @@ router bgp 65101.0001 address-family ipv6 redistribute ospfv3 include leaked route-map RM-REDISTRIBUTE-OSPFV3 redistribute ospfv3 match external include leaked route-map RM-REDISTRIBUTE-OSPFV3-EXTERNAL +! +traffic-policies diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host4_inline_jinja.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host4_inline_jinja.cfg index d789bbd82db..a9f09351b0f 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host4_inline_jinja.cfg +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host4_inline_jinja.cfg @@ -5,3 +5,124 @@ interface Management1 description OOB_MANAGEMENT vrf MGMT ip address 10.73.255.122/24 +! +hardware tcam + profile traffic_policy + feature acl port mac + sequence 55 + key size limit 160 + key field dst-mac ether-type src-mac + action count drop + packet ipv4 forwarding bridged + packet ipv4 forwarding routed + packet ipv4 forwarding routed multicast + packet ipv4 mpls ipv4 forwarding mpls decap + packet ipv4 mpls ipv6 forwarding mpls decap + packet ipv4 non-vxlan forwarding routed decap + packet ipv4 vxlan forwarding bridged decap + packet ipv6 forwarding bridged + packet ipv6 forwarding routed + packet ipv6 forwarding routed decap + packet ipv6 forwarding routed multicast + packet ipv6 ipv6 forwarding routed decap + packet mpls forwarding bridged decap + packet mpls ipv4 forwarding mpls + packet mpls ipv6 forwarding mpls + packet mpls non-ip forwarding mpls + packet non-ip forwarding bridged + ! + feature forwarding-destination mpls + sequence 100 + ! + feature mirror ip + sequence 80 + key size limit 160 + key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops l4-src-port src-ip tcp-control + action count mirror set-policer + packet ipv4 forwarding bridged + packet ipv4 forwarding routed + packet ipv4 forwarding routed multicast + packet ipv4 non-vxlan forwarding routed decap + ! + feature mpls + sequence 5 + key size limit 160 + action drop redirect set-ecn + packet ipv4 mpls ipv4 forwarding mpls decap + packet ipv4 mpls ipv6 forwarding mpls decap + packet mpls ipv4 forwarding mpls + packet mpls ipv6 forwarding mpls + packet mpls non-ip forwarding mpls + ! + feature pbr ip + sequence 60 + key size limit 160 + key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops-18b l4-src-port src-ip tcp-control + action count redirect + packet ipv4 forwarding routed + packet ipv4 mpls ipv4 forwarding mpls decap + packet ipv4 mpls ipv6 forwarding mpls decap + packet ipv4 non-vxlan forwarding routed decap + packet ipv4 vxlan forwarding bridged decap + ! + feature pbr ipv6 + sequence 30 + key field dst-ipv6 ipv6-next-header l4-dst-port l4-src-port src-ipv6-high src-ipv6-low tcp-control + action count redirect + packet ipv6 forwarding routed + ! + feature pbr mpls + sequence 65 + key size limit 160 + key field mpls-inner-ip-tos + action count drop redirect + packet mpls ipv4 forwarding mpls + packet mpls ipv6 forwarding mpls + packet mpls non-ip forwarding mpls + ! + feature qos ip + sequence 75 + key size limit 160 + key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops l4-src-port src-ip tcp-control + action set-dscp set-policer set-tc + packet ipv4 forwarding routed + packet ipv4 forwarding routed multicast + packet ipv4 mpls ipv4 forwarding mpls decap + packet ipv4 mpls ipv6 forwarding mpls decap + packet ipv4 non-vxlan forwarding routed decap + ! + feature qos ipv6 + sequence 70 + key field dst-ipv6 ipv6-next-header ipv6-traffic-class l4-dst-port l4-src-port src-ipv6-high src-ipv6-low + action set-dscp set-policer set-tc + packet ipv6 forwarding routed + ! + feature traffic-policy port ipv4 + sequence 45 + key size limit 160 + key field dscp dst-ip-label icmp-type-code ip-frag ip-fragment-offset ip-length ip-protocol l4-dst-port l4-src-port src-ip-label tcp-control ttl + action count drop log set-dscp set-tc + packet ipv4 forwarding routed + ! + feature traffic-policy port ipv6 + sequence 25 + key field dst-ipv6-label hop-limit icmp-type-code ipv6-length ipv6-next-header ipv6-traffic-class l4-dst-port l4-src-port src-ipv6-label tcp-control + action count drop log set-dscp set-tc + packet ipv6 forwarding routed + ! + feature tunnel vxlan + sequence 50 + key size limit 160 + packet ipv4 vxlan eth ipv4 forwarding routed decap + packet ipv4 vxlan forwarding bridged decap + ! + system profile traffic_policy +! +! +test-custom-template-with-logic-1 + +! +test-custom-template-no-logic-2 +! +test-custom-template-with-logic-3 + diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host6.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host6.cfg new file mode 100644 index 00000000000..f8d6dcb237f --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/host6.cfg @@ -0,0 +1,8 @@ +! +snmp-server host 10.6.75.121 vrf MGMT version 1 +snmp-server host 10.6.75.121 vrf MGMT version 2c +! +interface Management1 + description OOB_MANAGEMENT + vrf MGMT + ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/interface-defaults.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/interface-defaults.cfg deleted file mode 100644 index 7be5a54af39..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/interface-defaults.cfg +++ /dev/null @@ -1,12 +0,0 @@ -! -switchport default mode routed -! -interface defaults - mtu 9000 - ethernet - shutdown -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-routing-fib.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-routing-fib.cfg deleted file mode 100644 index a5e454da595..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-routing-fib.cfg +++ /dev/null @@ -1,11 +0,0 @@ -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -ip routing -ip hardware fib optimize prefixes profile urpf-internet -! -ipv6 unicast-routing -ipv6 hardware fib optimize prefixes profile internet diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-routing.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-routing.cfg deleted file mode 100644 index 4c84b9e9fbe..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ip-routing.cfg +++ /dev/null @@ -1,18 +0,0 @@ -! -vrf instance TEST1 -! -vrf instance TEST2 -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -ip routing ipv6 interfaces -no ip icmp redirect -ip routing vrf TEST1 -ip routing ipv6 interfaces vrf TEST2 -no ipv6 icmp redirect -! -ipv6 unicast-routing -ipv6 unicast-routing vrf TEST1 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/l2-protocol-forwarding.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/l2-protocol-forwarding.cfg deleted file mode 100644 index 4eddb4a4325..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/l2-protocol-forwarding.cfg +++ /dev/null @@ -1,53 +0,0 @@ -! -l2-protocol - forwarding profile TEST1 - bfd per-link rfc-7130 forward - bfd per-link rfc-7130 tagged forward - bfd per-link rfc-7130 untagged forward - e-lmi forward - e-lmi tagged forward - e-lmi untagged forward - isis forward - isis tagged forward - isis untagged forward - lacp forward - lacp tagged forward - lacp untagged forward - lldp forward - lldp tagged forward - lldp untagged forward - macsec forward - macsec tagged forward - macsec untagged forward - pause forward - pause tagged forward - pause untagged forward - stp forward - stp tagged forward - stp untagged forward - forwarding profile TEST2 - bfd per-link rfc-7130 tagged forward - e-lmi forward - isis untagged forward - lacp forward - lacp untagged forward - lldp tagged forward - macsec tagged forward - pause untagged forward - stp tagged forward - stp untagged forward -! -interface Port-Channel1 - description L2PF test - l2-protocol forwarding profile TEST2 - switchport -! -interface Ethernet1 - description L2PF test - l2-protocol forwarding profile TEST1 - switchport -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/lldp.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/lldp.cfg deleted file mode 100644 index 339572730a7..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/lldp.cfg +++ /dev/null @@ -1,37 +0,0 @@ -! -lldp timer 30 -lldp hold-time 90 -no lldp tlv transmit system-capabilities -lldp tlv transmit system-description -no lldp run -lldp management-address 192.168.1.1/24 -lldp management-address vrf Management -! -interface Ethernet1 - description to WAN-ISP1-01 Ethernet2 - no switchport - no lldp transmit - no lldp receive -! -interface Ethernet2 - description Switched port with no LLDP rx/tx - switchport access vlan 110 - switchport mode access - switchport - no lldp transmit -! -interface Ethernet3 - description No special LLDP settings - switchport access vlan 110 - switchport mode access - switchport -! -interface Ethernet4 - description test - no switchport - no lldp receive -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/mac-security-eth-po-entropy.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/mac-security-eth-po-entropy.cfg deleted file mode 100644 index 86acb4596cb..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/mac-security-eth-po-entropy.cfg +++ /dev/null @@ -1,52 +0,0 @@ -! -management security - entropy source hardware - password encryption-key common - ! - ssl profile SSL_PROFILE - tls versions 1.1 1.2 - certificate SSL_CERT key SSL_KEY -! -mac security - license license1 123456 - fips restrictions - ! - profile A1 - cipher aes128-gcm - key 1234a 7 025756085F535976 - key 1234c 7 10195F4C5144405A fallback - mka key-server priority 100 - mka session rekey-period 30 - traffic unprotected allow - sci - l2-protocol lldp bypass unauthorized - ! - profile A2 - key 1234b 7 12485744465E5A53 - traffic unprotected allow active-sak - ! - profile A3 - cipher aes256-gcm-xpn - key ab 7 10195F4C5144405A - traffic unprotected drop -! -interface Port-Channel3 - description L2-PORT - switchport trunk allowed vlan 1-5 - switchport mode trunk - switchport -! -interface Ethernet1 - no switchport - ip address 1.1.1.1/24 - mac security profile A1 -! -interface Ethernet3 - description DC1-AGG01_Ethernet1 - channel-group 3 mode active - mac security profile A1 -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/platform.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/platform.cfg deleted file mode 100644 index e7daa0782e5..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/platform.cfg +++ /dev/null @@ -1,40 +0,0 @@ -! -platform trident mmu queue profile mc_example_profile - egress unicast queue 1 reserved bytes 0 - egress unicast queue 2 reserved cells 0 - egress unicast queue 2 threshold 1/8 - egress multicast queue 0 reserved 0 - egress multicast queue 0 drop-precedence 1 drop-threshold 3/4 - egress multicast queue 1 reserved cells 0 - egress multicast queue 1 threshold 1/64 - egress multicast queue 7 reserved cells 0 - egress multicast queue 7 threshold 1/64 -! -platform trident mmu queue profile unused_profile - egress unicast queue 1 reserved bytes 0 - egress unicast queue 1 drop-precedence 1 drop-threshold 1/8 - egress unicast queue 2 reserved cells 0 - egress unicast queue 2 threshold 1/8 - egress multicast queue 0 reserved 0 - egress multicast queue 0 drop-precedence 2 drop-threshold 1 - egress multicast queue 1 reserved cells 0 - egress multicast queue 1 threshold 8 -! -platform trident l3 routing mac-address per-vlan -platform trident forwarding-table partition 2 -platform sand forwarding mode arad -platform sand lag mode 512x32 -platform sand lag hardware-only -platform sand qos map traffic-class 0 to network-qos 0 -platform sand qos map traffic-class 1 to network-qos 7 -platform sand qos map traffic-class 2 to network-qos 15 -platform sand multicast replication default ingress -platform sand mdb profile l3-xxl -platform sfe data-plane cpu allocation maximum 42 -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -platform trident mmu queue profile mc_example_profile apply diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/poe.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/poe.cfg deleted file mode 100644 index f4484954195..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/poe.cfg +++ /dev/null @@ -1,12 +0,0 @@ -! -no lldp tlv transmit power-via-mdi -lldp tlv transmit system-capabilities -! -poe - reboot action maintain - interface shutdown action power-off -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/prefix-lists.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/prefix-lists.cfg deleted file mode 100644 index d0ff94bb844..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/prefix-lists.cfg +++ /dev/null @@ -1,36 +0,0 @@ -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -dynamic prefix-list DYNAMIC_PREFIX_LIST_NAME_1 - match-map Test_1 - prefix-list ipv4 IPV4_PREFIX_LIST -! -dynamic prefix-list DYNAMIC_PREFIX_LIST_NAME_2 - match-map Test_2 - prefix-list ipv6 IPV6_PREFIX_LIST -! -dynamic prefix-list DYNAMIC_PREFIX_LIST_NAME_3 - match-map Test_2 - prefix-list ipv4 IPV4_PREFIX_LIST - prefix-list ipv6 IPV6_PREFIX_LIST -! -ip prefix-list PL-BGP-DEFAULT-BLUE-C1 - seq 10 permit 0.0.0.0/0 le 1 -! -ip prefix-list PL-BGP-DEFAULT-RED-IN-C1 - seq 10 permit 0.0.0.0/0 -! -ip prefix-list PL-BGP-DEFAULT-RED-OUT-C1 - seq 10 permit 10.0.0.0/8 -! -ip prefix-list PL-IPV4-LOOPBACKS -! -ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY - seq 10 permit 192.168.255.0/24 eq 32 - seq 20 permit 192.168.254.0/24 eq 32 -! -ipv6 prefix-list PL-IPV6-LOOPBACKS - seq 10 permit 1b11:3a00:22b0:0082::/64 eq 128 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ptp.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ptp.cfg deleted file mode 100644 index 58a00d74aab..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/ptp.cfg +++ /dev/null @@ -1,75 +0,0 @@ -! -ptp clock-identity 11:11:11:11:11:11 -ptp domain 17 -ptp message-type event dscp 46 default -ptp message-type general dscp 36 default -ptp mode boundary one-step -ptp priority1 101 -ptp priority2 102 -ptp profile g8275.1 -ptp source ip 1.1.2.3 -ptp ttl 12 -ptp forward-unicast -ptp monitor threshold offset-from-master 11 -ptp monitor threshold mean-path-delay 12 -ptp monitor threshold mean-path-delay 14 nanoseconds drop -ptp monitor threshold offset-from-master 13 nanoseconds drop -ptp monitor threshold missing-message sync 103 intervals -ptp monitor threshold missing-message follow-up 102 intervals -ptp monitor threshold missing-message announce 101 intervals -ptp monitor sequence-id -ptp monitor threshold missing-message sync 204 sequence-ids -ptp monitor threshold missing-message follow-up 203 sequence-ids -ptp monitor threshold missing-message delay-resp 202 sequence-ids -ptp monitor threshold missing-message announce 201 sequence-ids -! -interface Port-Channel5 - description DC1_L2LEAF1_Po1 - switchport trunk allowed vlan 110,201 - switchport mode trunk - switchport - mlag 5 - ptp enable - ptp mpass - ptp delay-mechanism e2e - ptp profile g8275.1 destination mac-address forwardable - ptp role dynamic - ptp sync-message interval 1 - ptp transport layer2 - ptp vlan 2 -! -interface Ethernet3 - description P2P_LINK_TO_DC1-SPINE2_Ethernet5 - switchport trunk allowed vlan 2,14 - switchport mode trunk - switchport - ptp enable - ptp delay-mechanism e2e - ptp role dynamic - ptp sync-message interval 1 - ptp transport layer2 - ptp vlan 2 -! -interface Ethernet5 - description DC1-AGG01_Ethernet1 - channel-group 5 mode active -! -interface Ethernet6 - description P2P_LINK_TO_DC1-SPINE1_Ethernet6 - mtu 1500 - no switchport - ip address 172.31.255.15/31 - ptp enable - ptp announce interval 3 - ptp announce timeout 9 - ptp delay-mechanism e2e - ptp delay-req interval -7 - ptp profile g8275.1 destination mac-address non-forwardable - ptp role dynamic - ptp sync-message interval 1 - ptp transport ipv4 -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/qos.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/qos.cfg deleted file mode 100644 index 1aba434c588..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/qos.cfg +++ /dev/null @@ -1,278 +0,0 @@ -! -qos profile experiment - qos trust cos - qos cos 2 - service-policy type qos input test_qos_policy_v1 - ! - tx-queue 3 - no priority - bandwidth percent 30 - ! - tx-queue 4 - bandwidth guaranteed percent 10 - ! - tx-queue 5 - bandwidth percent 40 - ! - tx-queue 7 - bandwidth percent 30 - shape rate 40 percent -! -qos profile no_qos_trust - no qos trust - qos cos 3 - qos dscp 4 -! -qos profile qprof_testwithpolicy - service-policy type qos input pmap_test1 - ! - tx-queue 0 - bandwidth percent 1 - ! - tx-queue 1 - bandwidth percent 80 - ! - tx-queue 5 - !! Multi-line comment - !! here. - no priority - bandwidth percent 19 -! -qos profile test - qos trust dscp - qos dscp 46 - shape rate 80 percent - ! - tx-queue 1 - no priority - bandwidth percent 50 - ! - tx-queue 2 - priority strict - bandwidth percent 10 - random-detect ecn minimum-threshold 320 kbytes maximum-threshold 320 kbytes max-mark-probability 90 - ! - tx-queue 4 - bandwidth guaranteed percent 10 - random-detect ecn minimum-threshold 320 segments maximum-threshold 320 segments weight 10 -! -qos profile test_with_pfc - service-policy type qos input pmap_test1 - ! - tx-queue 0 - bandwidth percent 1 - ! - tx-queue 1 - bandwidth percent 80 - ! - tx-queue 5 - no priority - bandwidth percent 19 - ! - priority-flow-control on - priority-flow-control priority 0 no-drop - priority-flow-control priority 1 drop - priority-flow-control pause watchdog - priority-flow-control pause watchdog port action drop - priority-flow-control pause watchdog port timer timeout 0.05 polling-interval auto recovery-time 1.11 forced -! -qos profile uc_mc_queues_test - ! - uc-tx-queue 1 - !! Test no priority - no priority - bandwidth percent 50 - random-detect ecn minimum-threshold 3 milliseconds maximum-threshold 9 milliseconds max-mark-probability 90 - ! - uc-tx-queue 2 - priority strict - bandwidth percent 10 - random-detect ecn minimum-threshold 320 kbytes maximum-threshold 320 kbytes max-mark-probability 90 - ! - uc-tx-queue 4 - !! Test guaranteed percent - bandwidth guaranteed percent 10 - random-detect ecn minimum-threshold 320 segments maximum-threshold 320 segments weight 10 - ! - mc-tx-queue 1 - no priority - bandwidth percent 50 - ! - mc-tx-queue 2 - !! Test strict priority - priority strict - bandwidth percent 10 - ! - mc-tx-queue 4 - !! Test guaranteed percent - bandwidth guaranteed percent 10 -! -qos profile wred_queues_test - ! - tx-queue 1 - !! Test no priority - no priority - bandwidth percent 50 - random-detect drop minimum-threshold 1 kbytes maximum-threshold 10 kbytes drop-probability 100 - ! - tx-queue 2 - priority strict - bandwidth percent 10 - random-detect drop drop-precedence 2 minimum-threshold 2 kbytes maximum-threshold 200 kbytes drop-probability 50 weight 10 - ! - tx-queue 3 - priority strict - bandwidth percent 10 - random-detect ecn minimum-threshold 320 kbytes maximum-threshold 320 kbytes weight 10 - ! - tx-queue 4 - !! Test guaranteed percent - bandwidth guaranteed percent 10 - random-detect drop minimum-threshold 1 kbytes maximum-threshold 10 kbytes drop-probability 90 - ! - mc-tx-queue 1 - no priority - bandwidth percent 50 - ! - mc-tx-queue 2 - !! Test strict priority - priority strict - bandwidth percent 10 - ! - mc-tx-queue 4 - !! Test guaranteed percent - bandwidth guaranteed percent 10 -! -qos profile wred_uc_queues_test - ! - uc-tx-queue 1 - !! Test no priority - no priority - bandwidth percent 50 - random-detect drop minimum-threshold 1 microseconds maximum-threshold 10 microseconds drop-probability 90 weight 15 - ! - uc-tx-queue 2 - priority strict - bandwidth percent 10 - random-detect drop drop-precedence 1 minimum-threshold 2 milliseconds maximum-threshold 20 milliseconds drop-probability 80 - ! - uc-tx-queue 4 - !! Test guaranteed percent - bandwidth guaranteed percent 10 - random-detect drop minimum-threshold 1 microseconds maximum-threshold 10 microseconds drop-probability 90 -! -interface Port-Channel3 - description MLAG_PEER_DC1-LEAF1B_Po3 - switchport trunk allowed vlan 2-4094 - switchport mode trunk - switchport trunk group LEAF_PEER_L3 - switchport trunk group MLAG - switchport - service-policy type qos input pmap_test1 - service-profile experiment - qos trust cos - qos cos 2 -! -interface Ethernet1 - description P2P_LINK_TO_DC1-SPINE1_Ethernet1 - mtu 1500 - no switchport - ip address 172.31.255.1/31 - service-policy type qos input pmap_test1 - service-profile test - qos trust dscp - qos dscp 48 -! -interface Ethernet3 - description MLAG_PEER_DC1-LEAF1B_Ethernet3 - channel-group 3 mode active -! -interface Ethernet4 - description MLAG_PEER_DC1-LEAF1B_Ethernet4 - channel-group 3 mode active -! -interface Ethernet6 - description SRV-POD02_Eth1 - switchport trunk allowed vlan 110-111,210-211 - switchport mode trunk - switchport - service-profile experiment - qos trust cos - qos cos 2 - ! - tx-queue 2 - random-detect ecn count -! -interface Ethernet7 - description Test-with-policymap - switchport trunk allowed vlan 110-111,210-211 - switchport mode trunk - switchport - service-profile qprof_testwithpolicy - ! - uc-tx-queue 4 - random-detect ecn count -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -ipv6 access-list acl_qos_tc0_v6 - 10 permit ipv6 any any dscp cs1 -! -ipv6 access-list acl_qos_tc5_v6 - 10 permit ipv6 any 2001:db8::/48 -! -ip access-list acl_qos_tc0_v4 - 10 permit ip any 192.0.2.0/29 -! -ip access-list acl_qos_tc5_v4 - 10 permit ip any any dscp ef -! -qos rewrite dscp -qos map cos 1 2 3 4 to traffic-class 2 -qos map cos 3 to traffic-class 3 -qos map dscp 8 9 10 11 12 13 14 15 16 17 19 21 23 24 25 27 29 31 32 33 35 37 39 40 41 42 43 44 45 47 49 50 51 52 53 54 55 57 58 59 60 61 62 63 to traffic-class 1 -qos map dscp 18 20 22 26 28 30 34 36 38 to traffic-class 4 drop-precedence 2 -qos map dscp 46 to traffic-class 5 -qos map traffic-class 1 to dscp 56 -qos map traffic-class 2 4 5 to cos 7 -qos map traffic-class 6 to tx-queue 2 -qos map exp 0 to traffic-class 0 -! -qos random-detect ecn allow non-ect chip-based -! -class-map type qos match-any cmap_tc0_v4 - match ip access-group acl_qos_tc0_v4 -! -class-map type qos match-any cmap_tc0_v6 - match ipv6 access-group acl_qos_tc0_v6 -! -class-map type qos match-any cmap_tc5_v4 - match ip access-group acl_qos_tc5_v4 -! -class-map type qos match-any cmap_tc5_v6 - match ipv6 access-group acl_qos_tc5_v6 -! -policy-map type quality-of-service pmap_test1 - class cmap_tc0_v4 - set traffic-class 0 - ! - class cmap_tc5_v4 - set traffic-class 5 - ! - class cmap_tc5_v6 - set traffic-class 5 - ! - class cmap_tc0_v6 - set traffic-class 0 - ! - class class-default - set traffic-class 1 -! -priority-flow-control all off -priority-flow-control pause watchdog default timeout 0.05 -priority-flow-control pause watchdog default recovery-time 1.22 -priority-flow-control pause watchdog default polling-interval 10.001 -priority-flow-control pause watchdog action no-drop diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/sync-e.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/sync-e.cfg deleted file mode 100644 index 3f5293e99a4..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/sync-e.cfg +++ /dev/null @@ -1,31 +0,0 @@ -! -sync-e - network option 2 -! -interface Ethernet3 - description P2P_LINK_TO_DC1-SPINE2_Ethernet5 - switchport trunk allowed vlan 2,14 - switchport mode trunk - switchport - ! - sync-e - priority 10 -! -interface Ethernet5 - description DC1-AGG01_Ethernet1 - ! - sync-e -! -interface Ethernet6 - description P2P_LINK_TO_DC1-SPINE1_Ethernet6 - mtu 1500 - no switchport - ip address 172.31.255.15/31 - ! - sync-e - priority disabled -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/tcam-profile.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/tcam-profile.cfg deleted file mode 100644 index 29e313cdbc4..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/tcam-profile.cfg +++ /dev/null @@ -1,120 +0,0 @@ -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -hardware tcam - profile MY_TCAM_PROFILE - source flash:/TCAM_PROFILES/MY_TCAM_PROFILE.conf - ! - profile traffic_policy - feature acl port mac - sequence 55 - key size limit 160 - key field dst-mac ether-type src-mac - action count drop - packet ipv4 forwarding bridged - packet ipv4 forwarding routed - packet ipv4 forwarding routed multicast - packet ipv4 mpls ipv4 forwarding mpls decap - packet ipv4 mpls ipv6 forwarding mpls decap - packet ipv4 non-vxlan forwarding routed decap - packet ipv4 vxlan forwarding bridged decap - packet ipv6 forwarding bridged - packet ipv6 forwarding routed - packet ipv6 forwarding routed decap - packet ipv6 forwarding routed multicast - packet ipv6 ipv6 forwarding routed decap - packet mpls forwarding bridged decap - packet mpls ipv4 forwarding mpls - packet mpls ipv6 forwarding mpls - packet mpls non-ip forwarding mpls - packet non-ip forwarding bridged - ! - feature forwarding-destination mpls - sequence 100 - ! - feature mirror ip - sequence 80 - key size limit 160 - key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops l4-src-port src-ip tcp-control - action count mirror set-policer - packet ipv4 forwarding bridged - packet ipv4 forwarding routed - packet ipv4 forwarding routed multicast - packet ipv4 non-vxlan forwarding routed decap - ! - feature mpls - sequence 5 - key size limit 160 - action drop redirect set-ecn - packet ipv4 mpls ipv4 forwarding mpls decap - packet ipv4 mpls ipv6 forwarding mpls decap - packet mpls ipv4 forwarding mpls - packet mpls ipv6 forwarding mpls - packet mpls non-ip forwarding mpls - ! - feature pbr ip - sequence 60 - key size limit 160 - key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops-18b l4-src-port src-ip tcp-control - action count redirect - packet ipv4 forwarding routed - packet ipv4 mpls ipv4 forwarding mpls decap - packet ipv4 mpls ipv6 forwarding mpls decap - packet ipv4 non-vxlan forwarding routed decap - packet ipv4 vxlan forwarding bridged decap - ! - feature pbr ipv6 - sequence 30 - key field dst-ipv6 ipv6-next-header l4-dst-port l4-src-port src-ipv6-high src-ipv6-low tcp-control - action count redirect - packet ipv6 forwarding routed - ! - feature pbr mpls - sequence 65 - key size limit 160 - key field mpls-inner-ip-tos - action count drop redirect - packet mpls ipv4 forwarding mpls - packet mpls ipv6 forwarding mpls - packet mpls non-ip forwarding mpls - ! - feature qos ip - sequence 75 - key size limit 160 - key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops l4-src-port src-ip tcp-control - action set-dscp set-policer set-tc - packet ipv4 forwarding routed - packet ipv4 forwarding routed multicast - packet ipv4 mpls ipv4 forwarding mpls decap - packet ipv4 mpls ipv6 forwarding mpls decap - packet ipv4 non-vxlan forwarding routed decap - ! - feature qos ipv6 - sequence 70 - key field dst-ipv6 ipv6-next-header ipv6-traffic-class l4-dst-port l4-src-port src-ipv6-high src-ipv6-low - action set-dscp set-policer set-tc - packet ipv6 forwarding routed - ! - feature traffic-policy port ipv4 - sequence 45 - key size limit 160 - key field dscp dst-ip-label icmp-type-code ip-frag ip-fragment-offset ip-length ip-protocol l4-dst-port l4-src-port src-ip-label tcp-control ttl - action count drop log set-dscp set-tc - packet ipv4 forwarding routed - ! - feature traffic-policy port ipv6 - sequence 25 - key field dst-ipv6-label hop-limit icmp-type-code ipv6-length ipv6-next-header ipv6-traffic-class l4-dst-port l4-src-port src-ipv6-label tcp-control - action count drop log set-dscp set-tc - packet ipv6 forwarding routed - ! - feature tunnel vxlan - sequence 50 - key size limit 160 - packet ipv4 vxlan eth ipv4 forwarding routed decap - packet ipv4 vxlan forwarding bridged decap - ! - system profile traffic_policy diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/traffic-policies-2.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/traffic-policies-2.cfg deleted file mode 100644 index 4557d0714d1..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/traffic-policies-2.cfg +++ /dev/null @@ -1,14 +0,0 @@ -! -interface Port-Channel2 - no switchport -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -traffic-policies - field-set ipv6 prefix IPv6-DEMO-1 - 11:22:33:44:55:66:77:88 - ! - field-set ipv6 prefix IPv6-DEMO-2 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/traffic-policies-3.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/traffic-policies-3.cfg deleted file mode 100644 index 4ab401261fb..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/traffic-policies-3.cfg +++ /dev/null @@ -1,10 +0,0 @@ -! -interface Ethernet1 - no switchport -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -traffic-policies diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/traffic-policies.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/traffic-policies.cfg deleted file mode 100644 index fe2c0c135b6..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/traffic-policies.cfg +++ /dev/null @@ -1,173 +0,0 @@ -! -interface Port-Channel2 - traffic-policy input BLUE-C1-POLICY - traffic-policy output BLUE-C2-POLICY - no switchport -! -interface Ethernet1 - traffic-policy input BLUE-C1-POLICY - traffic-policy output BLUE-C2-POLICY - no switchport -! -interface Management1 - description OOB_MANAGEMENT - vrf MGMT - ip address 10.73.255.122/24 -! -traffic-policies - field-set l4-port SERVICE-DEMO - 10,20,80,440-450 - ! - field-set l4-port SERVICE-DEMO2 - field-set ipv4 prefix DEMO-01 - 10.0.0.0/8 192.168.0.0/16 - ! - field-set ipv4 prefix DEMO-02 - 172.16.0.0/12 224.0.0.0/8 - ! - field-set ipv4 prefix DEMO-03 - counter interface per-interface ingress - ! - traffic-policy BLUE-C1-POLICY - counter DEMO-TRAFFIC DROP-PACKETS - ! - match BLUE-C1-POLICY-01 ipv4 - source prefix 10.0.0.0/8 192.168.0.0/16 - destination prefix field-set DEMO-01 - protocol tcp source port 1,10-20 - protocol udp source port field-set SERVICE-DEMO - ttl 10, 20-30 - ! - actions - set traffic class 5 - ! - match BLUE-C1-POLICY-02 ipv4 - source prefix field-set DEMO-01 DEMO-02 - protocol tcp flags established - protocol tcp destination port field-set SERVICE-DEMO - protocol icmp - ! - actions - count DEMO-TRAFFIC - set dscp 60 - ! - match BLUE-C1-POLICY-03 ipv4 - source prefix field-set DEMO-01 - protocol icmp type echo echo-reply code all - fragment offset 1124, 2000-2010 - ! - actions - count DROP-PACKETS - drop - log - ! - match BLUE-C1-POLICY-04 ipv4 - source prefix field-set DEMO-02 - destination prefix field-set DEMO-01 - protocol tcp flags established - protocol tcp source port 22 destination port 80 - protocol icmp - ! - actions - set traffic class 5 - ! - match BLUE-C1-POLICY-05 ipv4 - source prefix field-set DEMO-02 - destination prefix field-set DEMO-01 - protocol bgp - fragment - ! - actions - set traffic class 5 - ! - match BLUE-C1-POLICY-06 ipv4 - protocol neighbors bgp - ! - match BLUE-C1-POLICY-07 ipv4 - destination prefix 10.0.0.0/8 192.168.0.0/16 - ! - match BLUE-C1-POLICY-08 ipv4 - destination prefix 10.0.0.0/8 192.168.0.0/16 - protocol udp destination port 1,10-20 - protocol tcp source port field-set SERVICE-DEMO-SRC destination port field-set SERVICE-DEMO-DST - ! - match ipv4-all-default ipv4 - actions - drop - ! - match ipv6-all-default ipv6 - ! - traffic-policy BLUE-C2-POLICY - counter DEMO-TRAFFIC - ! - match BLUE-C2-POLICY-01 ipv4 - source prefix 10.0.0.0/8 192.168.0.0/16 - protocol tcp source port 1,10-20 - protocol icmp - ! - actions - set traffic class 5 - ! - match BLUE-C2-POLICY-02 ipv4 - source prefix field-set DEMO-01 DEMO-02 - protocol tcp source port field-set SERVICE-DEMO - protocol icmp - ! - actions - count DEMO-TRAFFIC - set dscp 60 - ! - match BLUE-C2-POLICY-03 ipv4 - source prefix field-set DEMO-01 - protocol tcp - ! - actions - drop - ! - match ipv4-all-default ipv4 - actions - drop - log - ! - match ipv6-all-default ipv6 - ! - traffic-policy BLUE-C3-POLICY - match ipv4-all-default ipv4 - actions - count test - set dscp 11 - set traffic class 10 - ! - match ipv6-all-default ipv6 - ! - traffic-policy BLUE-C4-POLICY - match ipv4-all-default ipv4 - ! - match ipv6-all-default ipv6 - actions - count test - set dscp 11 - set traffic class 10 - ! - traffic-policy BLUE-C5-POLICY - match ipv4-all-default ipv4 - ! - match ipv6-all-default ipv6 - actions - drop - log - ! - traffic-policy BLUE-C6-POLICY - match ipv4-all-default ipv4 - ! - match ipv6-all-default ipv6 - actions - drop - ! - traffic-policy BLUE-C7-POLICY - match BLUE-C7-POLICY-01 ipv4 - protocol neighbors bgp enforce ttl maximum-hops - ! - match ipv4-all-default ipv4 - ! - match ipv6-all-default ipv6 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/address-locking.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/address-locking.yml deleted file mode 100644 index 66e65c5dbcb..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/address-locking.yml +++ /dev/null @@ -1,40 +0,0 @@ -### Address Locking ### -address_locking: - dhcp_servers_ipv4: - - 1.1.1.1 - - 4.4.4.4 - disabled: true - leases: - - ip: 2.2.2.2 - mac: dead.beef.cafe - - ip: 3.3.3.3 - mac: de:af:be:ef:ca:fe - local_interface: Loopback0 - locked_address: - expiration_mac_disabled: true - ipv4_enforcement_disabled: true - ipv6_enforcement_disabled: true - -ethernet_interfaces: - - name: Ethernet1 - switchport: - enabled: true - description: Address Locking Interface Testing 1 - address_locking: - ipv4: true - - - name: Ethernet2 - switchport: - enabled: true - description: Address Locking Interface Testing 2 - address_locking: - ipv4: true - ipv6: true - - - name: Ethernet3 - switchport: - enabled: true - description: Address Locking Interface Testing 3 - address_locking: - ipv4: false - ipv6: true diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/banners_without_eof.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/banners_without_eof.yml deleted file mode 100644 index aace0b75819..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/banners_without_eof.yml +++ /dev/null @@ -1,49 +0,0 @@ -banners: - login: | - !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - !***!!!Unauthorized access prohibited!!!***! - !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - motd: | - . Switch : $(hostname) . - . Site : DC1 . - . Type info for information about the device . - . Type help for information about the aliases . - -### Management API http ### -management_api_http: - enable_http: true - enable_https: true - enable_vrfs: - - name: mgt - access_group: ACL-API - -### Management console ### -management_console: - idle_timeout: 300 - -### Management security ### -management_security: - password: - encryption_key_common: true - -### Management ssh ### -management_ssh: - access_groups: - - name: ACL-SSH - - name: ACL-SSH-VRF - vrf: mgt - ipv6_access_groups: - - name: ACL-SSH6 - - name: ACL-SSH-VRF6 - vrf: mgt - idle_timeout: 15 - connection: - per_host: 12 - enable: true - vrfs: - - name: mgt - enable: true - -eos_cli: | - interface Loopback1000 - description Interface created with eos_cli on device level diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/base.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/base.yml deleted file mode 100644 index 64b203b28e4..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/base.yml +++ /dev/null @@ -1,50 +0,0 @@ -banners: - login: | - !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - !***!!!Unauthorized access prohibited!!!***! - !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - EOF - motd: | - . Switch : $(hostname) . - . Site : DC1 . - . Type info for information about the device . - . Type help for information about the aliases . - EOF -### Management API http ### -management_api_http: - enable_http: true - enable_https: true - enable_vrfs: - - name: mgt - access_group: ACL-API - -### Management console ### -management_console: - idle_timeout: 300 - -### Management security ### -management_security: - password: - encryption_key_common: true - -### Management ssh ### -management_ssh: - access_groups: - - name: ACL-SSH - - name: ACL-SSH-VRF - vrf: mgt - ipv6_access_groups: - - name: ACL-SSH6 - - name: ACL-SSH-VRF6 - vrf: mgt - idle_timeout: 15 - connection: - per_host: 12 - enable: true - vrfs: - - name: mgt - enable: true - -eos_cli: | - interface Loopback1000 - description Interface created with eos_cli on device level diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/dns-ntp.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/dns-ntp.yml deleted file mode 100644 index 9cfd3086c2e..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/dns-ntp.yml +++ /dev/null @@ -1,63 +0,0 @@ -### Domain Lookup ### -ip_domain_lookup: - source_interfaces: - - name: Management0 - vrf: mgt - - name: Loopback0 - # Note there is no value here. This is valid with the current data model, but triggered an issue with convert_dicts filter. - # So this is added to ensure we catch regression. - -### Name Servers ### -ip_name_servers: - # no VRF - - ip_address: 10.10.128.10 - # no VRF priority - - ip_address: 10.10.129.10 - priority: 0 - # Same DNS management VRF - - ip_address: 10.10.128.10 - vrf: mgmt - # Same DNS different VRF and priority - - ip_address: 10.10.128.10 - vrf: TEST - priority: 3 - # no VRF - - ip_address: 2001:db8::1 - # no VRF priority - - ip_address: 2001:db8::2 - priority: 0 - # Same DNS management VRF - - ip_address: 2001:db8::1 - vrf: mgmt - # Same DNS different VRF and priority - - ip_address: 2001:db8::2 - vrf: TEST - priority: 3 - -### DNS Domain ### -dns_domain: test.local - -### NTP Servers ### -ntp: - local_interface: - name: Management0 - vrf: mgt - servers: - - name: 10.10.111.1 - preferred: True - vrf: mgt - - name: 10.10.111.2 - vrf: mgt - - name: 2001:db8::4 - vrf: mgt - - name: 2001:db8::3 - vrf: mgt - authenticate_servers_only: true - authentication_keys: - - id: 1 - hash_algorithm: "md5" - key: "044F0E151B" - - id: 2 - hash_algorithm: "sha1" - key: "15060E1F10" - trusted_keys: "1-2" diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/eos_cli_config_gen_configuration.enable.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/eos_cli_config_gen_configuration.enable.yml deleted file mode 100644 index 68adfc9a0e4..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/eos_cli_config_gen_configuration.enable.yml +++ /dev/null @@ -1,2 +0,0 @@ -eos_cli_config_gen_configuration: - enable: false diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/eos_cli_config_gen_documentation.enable.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/eos_cli_config_gen_documentation.enable.yml deleted file mode 100644 index 76a8e0c3467..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/eos_cli_config_gen_documentation.enable.yml +++ /dev/null @@ -1,2 +0,0 @@ -eos_cli_config_gen_documentation: - enable: false diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/hide-passwords.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/hide-passwords.yml deleted file mode 100644 index 7c84cc34440..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/hide-passwords.yml +++ /dev/null @@ -1,50 +0,0 @@ ---- -# Verify that sensitive data is replaced by `` -eos_cli_config_gen_configuration: - hide_passwords: true - -tacacs_servers: - hosts: - - host: 10.10.10.157 - key: 071B245F5A - -radius_server: - hosts: - - host: 10.10.10.158 - key: 071B245F5A - -### AAA Root ### -aaa_root: - secret: - sha512_password: dsakjlhfqwereDSAFWE346543dfgsG - -### Local Users ### -local_users: - - name: ansible - sha512_password: $6$.I7/ZR/zlLIUv8fr$vR/JvLTbq5amMt6Y1SE4CKlPDv/AzJYlFYHkUZ17BDovm0Oi4aLdBULe1EmZ0Y9xKjVLMKpxCSKmlrAioDxbQ0 - -### Enable Password ### -enable_password: - hash_algorithm: sha512 - key: "$6$nXycSRhVPaxRINPL$tM1MNjjRCbFD5di4XWsj8CPkm8Pdwmf9fVqRV015y3DXD4t1vi8CAWQpFP8Vbi9Y2i7.JuFey5UaafXvI6quD1" - -## Routing - BGP ### -router_bgp: - as: 65100 - router_id: 10.50.64.15 - peer_groups: - - name: IPV4-UNDERLAY - remote_as: 65000 - password: "dt5J2fw8tymeDFPyoYLB3w==" - vrfs: - - name: BLAH - neighbors: - - ip_address: 10.50.2.1 - remote_as: 65000 - password: CY0aYXfSb24= - -### IP Security ### -ip_security: - profiles: - - name: Profile-1 - shared_key: 12312312313213AA diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/acl.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/acl.yml index dfbafda4057..14d49748bbd 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/acl.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/acl.yml @@ -1,6 +1,14 @@ --- ### Access-Lists ### access_lists: + - name: acl_qos_tc0_v4 + sequence_numbers: + - sequence: 10 + action: "permit ip any 192.0.2.0/29" + - name: acl_qos_tc5_v4 + sequence_numbers: + - sequence: 10 + action: "permit ip any any dscp ef" - name: ACL-01 sequence_numbers: - sequence: 10 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/address-locking.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/address-locking.yml new file mode 100644 index 00000000000..c2fbba2ba27 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/address-locking.yml @@ -0,0 +1,17 @@ +--- +### Address Locking ### +address_locking: + dhcp_servers_ipv4: + - 1.1.1.1 + - 4.4.4.4 + disabled: true + leases: + - ip: 2.2.2.2 + mac: dead.beef.cafe + - ip: 3.3.3.3 + mac: de:af:be:ef:ca:fe + local_interface: Loopback0 + locked_address: + expiration_mac_disabled: true + ipv4_enforcement_disabled: true + ipv6_enforcement_disabled: true diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/banners_without_eof.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/banners_without_eof.yml new file mode 100644 index 00000000000..cc416d61655 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/banners_without_eof.yml @@ -0,0 +1,11 @@ +--- +banners: + login: | + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + !***!!!Unauthorized access prohibited!!!***! + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + motd: | + . Switch : $(hostname) . + . Site : DC1 . + . Type info for information about the device . + . Type help for information about the aliases . diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/class-maps.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/class-maps.yml index e0aa396aeb0..ae6b456b99b 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/class-maps.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/class-maps.yml @@ -1,6 +1,18 @@ --- class_maps: qos: + - name: cmap_tc5_v4 + ip: + access_group: acl_qos_tc5_v4 + - name: cmap_tc0_v6 + ipv6: + access_group: acl_qos_tc0_v6 + - name: cmap_tc0_v4 + ip: + access_group: acl_qos_tc0_v4 + - name: cmap_tc5_v6 + ipv6: + access_group: acl_qos_tc5_v6 - name: CM_REPLICATION_LD ip: access_group: ACL_REPLICATION_LD diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/dns-domain.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/dns-domain.yml new file mode 100644 index 00000000000..43e617a6c80 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/dns-domain.yml @@ -0,0 +1,3 @@ +--- +### DNS Domain ### +dns_domain: test.local diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/dps-interfaces.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/dps-interfaces.yml index 51ec957b6a2..65a6ba26573 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/dps-interfaces.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/dps-interfaces.yml @@ -8,8 +8,8 @@ dps_interfaces: mtu: 666 ip_address: 192.168.42.42/24 flow_tracker: - hardware: FT-HW - sampled: FT-S + hardware: T3 + sampled: T2 # Cannot test all combination of tcp_mss_ceiling with only one Dps interface # available tcp_mss_ceiling: diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/dynamic-prefix-lists.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/dynamic-prefix-lists.yml new file mode 100644 index 00000000000..21a63654988 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/dynamic-prefix-lists.yml @@ -0,0 +1,16 @@ +--- +### IPv4 Prefix-Lists ### +dynamic_prefix_lists: + - name: DYNAMIC_PREFIX_LIST_NAME_3 + match_map: Test_2 + prefix_list: + ipv4: IPV4_PREFIX_LIST + ipv6: IPV6_PREFIX_LIST + - name: DYNAMIC_PREFIX_LIST_NAME_1 + match_map: Test_1 + prefix_list: + ipv4: IPV4_PREFIX_LIST + - name: DYNAMIC_PREFIX_LIST_NAME_2 + match_map: Test_2 + prefix_list: + ipv6: IPV6_PREFIX_LIST diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/eos-cli-config-gen-configuration.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/eos-cli-config-gen-configuration.yml new file mode 100644 index 00000000000..86581b90e52 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/eos-cli-config-gen-configuration.yml @@ -0,0 +1,4 @@ +--- +eos_cli_config_gen_configuration: + enable: true + hide_passwords: false diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/eos-cli-config-gen-documentation.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/eos-cli-config-gen-documentation.yml new file mode 100644 index 00000000000..2660ce301c8 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/eos-cli-config-gen-documentation.yml @@ -0,0 +1,4 @@ +--- +eos_cli_config_gen_documentation: + enable: true + hide_passwords: true diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/eos-cli.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/eos-cli.yml new file mode 100644 index 00000000000..eb6ffd2e89f --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/eos-cli.yml @@ -0,0 +1,4 @@ +--- +eos_cli: | + interface Loopback1000 + description Interface created with eos_cli on device level diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ethernet-interfaces.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ethernet-interfaces.yml index 568d6dc87c7..b1fc706ef46 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ethernet-interfaces.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ethernet-interfaces.yml @@ -130,6 +130,20 @@ ethernet_interfaces: - name: ACL1 - name: ACL2 version: 2 + address_locking: + ipv4: true + l2_protocol: + forwarding_profile: TEST1 + service_profile: test + service_policy: + qos: + input: pmap_test1 + qos: + trust: dscp + dscp: 48 + traffic_policy: + input: BLUE-C1-POLICY + output: BLUE-C2-POLICY - name: Ethernet2 ip_address: 10.1.255.3/24 @@ -189,6 +203,9 @@ ethernet_interfaces: in_required: false backup_link: prefer_vlan: 20 + address_locking: + ipv4: true + ipv6: true - name: Ethernet3 peer: DC1-SPINE2 @@ -244,6 +261,22 @@ ethernet_interfaces: dot1q_tunnel_to: 50 backup_link: interface: Ethernet4 + address_locking: + ipv4: false + ipv6: true + mac_security: + profile: A1 + ptp: + enable: true + delay_mechanism: e2e + sync_message: + interval: 1 + role: dynamic + vlan: 2 + transport: layer2 + sync_e: + enable: true + priority: 10 - name: Ethernet4 description: Molecule IPv6 @@ -315,6 +348,8 @@ ethernet_interfaces: switchport: enabled: false access_vlan: 220 + sync_e: + enable: true - name: Ethernet6 logging: @@ -335,6 +370,35 @@ ethernet_interfaces: mode: trunk spanning_tree_bpduguard: enabled spanning_tree_bpdufilter: enabled + lldp: + transmit: false + receive: true + ptp: + enable: true + announce: + interval: 3 + timeout: 9 + delay_req: -7 + delay_mechanism: e2e + sync_message: + interval: 1 + role: dynamic + transport: ipv4 + profile: + g8275_1: + destination_mac_address: non-forwardable + service_profile: experiment + qos: + trust: cos + cos: 2 + tx_queues: + - id: 2 + random_detect: + ecn: + count: true + sync_e: + enable: true + priority: disabled - name: Ethernet7 description: Molecule L2 @@ -403,6 +467,13 @@ ethernet_interfaces: key: password mode: md5 rx_disabled: true + service_profile: qprof_testwithpolicy + uc_tx_queues: + - id: 4 + random_detect: + ecn: + count: true + - name: Ethernet8.101 description: to WAN-ISP-01 Ethernet2.101 - VRF-C1 encapsulation_dot1q: @@ -442,6 +513,9 @@ ethernet_interfaces: sha: key_id: 2 rx_disabled: true + lldp: + transmit: true + receive: false - name: Ethernet10 description: interface_with_mpls_disabled @@ -959,6 +1033,9 @@ ethernet_interfaces: mac_based_authentication: enabled: true always: true + flow_tracker: + sampled: T2 + hardware: T2 - name: Ethernet41 switchport: @@ -969,6 +1046,9 @@ ethernet_interfaces: enabled: true always: true host_mode_common: true + flow_tracker: + sampled: T3 + hardware: T3 - name: Ethernet42 switchport: @@ -977,6 +1057,8 @@ ethernet_interfaces: dot1x: mac_based_authentication: enabled: true + flow_tracker: + sampled: T3 - name: Ethernet43 switchport: diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/flow-tracking.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/flow-tracking.yml similarity index 81% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/flow-tracking.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/flow-tracking.yml index 88ebba363ab..76da1b3e98f 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/flow-tracking.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/flow-tracking.yml @@ -94,34 +94,3 @@ flow_tracking: shutdown: false record: format_ipfix_standard_timestamps_counters: true -ethernet_interfaces: - - name: Ethernet40 - switchport: - enabled: true - flow_tracker: - sampled: T2 - hardware: T2 - - name: Ethernet41 - switchport: - enabled: true - flow_tracker: - sampled: T3 - hardware: T3 - - name: Ethernet42 - switchport: - enabled: true - flow_tracker: - sampled: T3 - -port_channel_interfaces: - - name: Port-Channel42 - switchport: - enabled: true - flow_tracker: - sampled: T3 - hardware: T3 - -dps_interfaces: - - name: Dps1 - flow_tracker: - hardware: T3 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/hardware-counter.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/hardware-counter.yml similarity index 99% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/hardware-counter.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/hardware-counter.yml index a0b58003fb1..c63f76c502a 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/hardware-counter.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/hardware-counter.yml @@ -1,3 +1,4 @@ +--- # test hw counter hardware_counters: features: diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/hardware.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/hardware.yml similarity index 98% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/hardware.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/hardware.yml index 3f56b6e5f35..77ecb1aeee7 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/hardware.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/hardware.yml @@ -1,3 +1,4 @@ +--- ### Hardware ### hardware: access_list: diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/interface-defaults.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/interface-defaults.yml similarity index 72% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/interface-defaults.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/interface-defaults.yml index c69c31ea4fe..639ccb45b21 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/interface-defaults.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/interface-defaults.yml @@ -1,9 +1,7 @@ +--- ### interface default all knobs interface_defaults: ethernet: shutdown: true mtu: 9000 - -switchport_default: - mode: routed diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-domain-lookup.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-domain-lookup.yml new file mode 100644 index 00000000000..04ea29ba4b6 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-domain-lookup.yml @@ -0,0 +1,7 @@ +--- +### Domain Lookup ### +ip_domain_lookup: + source_interfaces: + - name: Management0 + vrf: mgt + - name: Loopback0 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-hardware.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-hardware.yml new file mode 100644 index 00000000000..b7d17c31403 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-hardware.yml @@ -0,0 +1,6 @@ +--- +ip_hardware: + fib: + optimize: + prefixes: + profile: urpf-internet diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-name-servers.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-name-servers.yml new file mode 100644 index 00000000000..16da3fb0086 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-name-servers.yml @@ -0,0 +1,27 @@ +--- +### Name Servers ### +ip_name_servers: + # no VRF + - ip_address: 10.10.128.10 + # no VRF priority + - ip_address: 10.10.129.10 + priority: 0 + # Same DNS management VRF + - ip_address: 10.10.128.10 + vrf: mgmt + # Same DNS different VRF and priority + - ip_address: 10.10.128.10 + vrf: TEST + priority: 3 + # no VRF + - ip_address: 2001:db8::1 + # no VRF priority + - ip_address: 2001:db8::2 + priority: 0 + # Same DNS management VRF + - ip_address: 2001:db8::1 + vrf: mgmt + # Same DNS different VRF and priority + - ip_address: 2001:db8::2 + vrf: TEST + priority: 3 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-routing-ipv6-interfaces.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-routing-ipv6-interfaces.yml new file mode 100644 index 00000000000..75cd709580e --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-routing-ipv6-interfaces.yml @@ -0,0 +1,2 @@ +--- +ip_routing_ipv6_interfaces: true diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-routing.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-routing.yml new file mode 100644 index 00000000000..7164ba64b2f --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ip-routing.yml @@ -0,0 +1,3 @@ +--- +### IP routing ### +ip_routing: true diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ipv6-access-lists.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ipv6-access-lists.yml index e3df180635a..09a0a642a5e 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ipv6-access-lists.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ipv6-access-lists.yml @@ -1,6 +1,14 @@ --- ### IPv6 ACLs ### ipv6_access_lists: + - name: acl_qos_tc0_v6 + sequence_numbers: + - sequence: 10 + action: "permit ipv6 any any dscp cs1" + - name: acl_qos_tc5_v6 + sequence_numbers: + - sequence: 10 + action: "permit ipv6 any 2001:db8::/48" - name: TEST1 sequence_numbers: - sequence: 10 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ipv6-hardware.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ipv6-hardware.yml new file mode 100644 index 00000000000..ca7c3418bc7 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ipv6-hardware.yml @@ -0,0 +1,6 @@ +--- +ipv6_hardware: + fib: + optimize: + prefixes: + profile: internet diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ipv6-prefix-lists.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ipv6-prefix-lists.yml new file mode 100644 index 00000000000..9e40328ebea --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ipv6-prefix-lists.yml @@ -0,0 +1,7 @@ +--- +### IPv6 Prefix-lists ### +ipv6_prefix_lists: + - name: PL-IPV6-LOOPBACKS + sequence_numbers: + - sequence: 10 + action: permit 1b11:3a00:22b0:0082::/64 eq 128 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ipv6-unicast-routing.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ipv6-unicast-routing.yml new file mode 100644 index 00000000000..41e75b1e85a --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ipv6-unicast-routing.yml @@ -0,0 +1,2 @@ +--- +ipv6_unicast_routing: true diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/l2-protocol-forwarding.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/l2-protocol-forwarding.yml similarity index 84% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/l2-protocol-forwarding.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/l2-protocol-forwarding.yml index 6a50168985f..2f8b3574cce 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/l2-protocol-forwarding.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/l2-protocol-forwarding.yml @@ -1,3 +1,4 @@ +--- #### L2 Protocol Forwarding Tests l2_protocol: @@ -61,19 +62,3 @@ l2_protocol: - name: stp tagged_forward: true untagged_forward: true - -ethernet_interfaces: - - name: Ethernet1 - switchport: - enabled: true - description: L2PF test - l2_protocol: - forwarding_profile: TEST1 - -port_channel_interfaces: - - name: Port-Channel1 - switchport: - enabled: true - description: L2PF test - l2_protocol: - forwarding_profile: TEST2 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/lldp.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/lldp.yml new file mode 100644 index 00000000000..ddde68b2420 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/lldp.yml @@ -0,0 +1,13 @@ +--- +### LLDP ### +lldp: + run: false + timer: 30 + holdtime: 90 + management_address: 192.168.1.1/24 + vrf: Management + tlvs: + - name: system-capabilities + transmit: false + - name: system-description + transmit: true diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/mac-security-eth-po-entropy.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/mac-security-eth-po-entropy.yml similarity index 52% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/mac-security-eth-po-entropy.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/mac-security-eth-po-entropy.yml index cb6b384efba..91d888e391a 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/mac-security-eth-po-entropy.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/mac-security-eth-po-entropy.yml @@ -1,3 +1,4 @@ +--- mac_security: fips_restrictions: true license: @@ -37,46 +38,3 @@ mac_security: fallback: false traffic_unprotected: action: drop - -### Mgmt sec -management_security: - entropy_sources: - hardware: true - password: - encryption_key_common: true - ssl_profiles: - - name: SSL_PROFILE - tls_versions: 1.1 1.2 - certificate: - file: SSL_CERT - key: SSL_KEY - -### L2 portchannel -port_channel_interfaces: - - name: Port-Channel3 - description: L2-PORT - switchport: - enabled: true - trunk: - allowed_vlan: 1-5 - mode: trunk - -# Children interfaces -ethernet_interfaces: - - name: Ethernet3 - peer: DC1-AGG01 - peer_interface: Ethernet3 - peer_type: l3leaf - description: DC1-AGG01_Ethernet1 - mac_security: - profile: A1 - channel_group: - id: 3 - mode: active -# Routed Interfaces - - name: Ethernet1 - switchport: - enabled: false - ip_address: 1.1.1.1/24 - mac_security: - profile: A1 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/management-security.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/management-security.yml index 4135ea1485d..01c91089d33 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/management-security.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/management-security.yml @@ -22,6 +22,11 @@ management_security: repetitive: 6 sequential: 7 ssl_profiles: + - name: SSL_PROFILE + tls_versions: 1.1 1.2 + certificate: + file: SSL_CERT + key: SSL_KEY - name: tls-versions-profile tls_versions: "1.0 1.1" - name: cipher-list-profile diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/management-ssh.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/management-ssh.yml index b0d25163358..bbf630d5cb3 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/management-ssh.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/management-ssh.yml @@ -10,6 +10,10 @@ management_ssh: - name: ACL-SSH - name: ACL-SSH-VRF vrf: mgt + ipv6_access_groups: + - name: ACL-SSH6 + - name: ACL-SSH-VRF6 + vrf: mgt idle_timeout: 15 connection: limit: 50 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ntp.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ntp.yml index 6badd9d8868..dfad1ca823b 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ntp.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ntp.yml @@ -17,6 +17,8 @@ ntp: key: 2 - name: 1.2.3.4 local_interface: lo0 + authenticate_servers_only: true + trusted_keys: "1-2" authenticate: true authentication_keys: - id: 1 @@ -30,4 +32,3 @@ ntp: hash_algorithm: "sha1" key: "$BYk2Sjahe+D9T7uDgIItSA==$JTw5JOAPcYEo0O2hsvsxFQ==$C7wmpXOo" key_type: 8a - trusted_keys: "1-3" diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/platform.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/platform.yml similarity index 99% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/platform.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/platform.yml index 0a67c74546f..475a25278cd 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/platform.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/platform.yml @@ -1,3 +1,4 @@ +--- platform: trident: l3: diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/poe.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/poe.yml new file mode 100644 index 00000000000..a82485a9eb1 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/poe.yml @@ -0,0 +1,7 @@ +--- +### PoE Global ### +poe: + reboot: + action: maintain + interface_shutdown: + action: power-off diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/policy-maps.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/policy-maps.yml index 42d9b41ca4c..00ae86c7b91 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/policy-maps.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/policy-maps.yml @@ -1,6 +1,23 @@ --- policy_maps: qos: + - name: pmap_test1 + classes: + - name: cmap_tc0_v4 + set: + traffic_class: 0 + - name: cmap_tc5_v4 + set: + traffic_class: 5 + - name: cmap_tc5_v6 + set: + traffic_class: 5 + - name: cmap_tc0_v6 + set: + traffic_class: 0 + - name: class-default + set: + traffic_class: 1 - name: PM_REPLICATION_LD classes: - name: CM_REPLICATION_LD diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/port-channel-interfaces.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/port-channel-interfaces.yml index 8c4d4e37f40..fd3e9e47e70 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/port-channel-interfaces.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/port-channel-interfaces.yml @@ -56,6 +56,19 @@ port_channel_interfaces: - name: ACL1 - name: ACL2 version: 2 + ptp: + enable: true + mpass: true + delay_mechanism: e2e + sync_message: + interval: 1 + role: dynamic + vlan: 2 + transport: layer2 + profile: + g8275_1: + destination_mac_address: forwardable + - name: Port-Channel15 description: DC1_L2LEAF3_Po1 link_tracking_groups: @@ -86,6 +99,16 @@ port_channel_interfaces: key: password mode: text rx_disabled: true + service_profile: experiment + service_policy: + qos: + input: pmap_test1 + qos: + trust: cos + cos: 2 + traffic_policy: + input: BLUE-C1-POLICY + output: BLUE-C2-POLICY - name: Port-Channel16 description: DC1_L2LEAF4_Po1 @@ -712,6 +735,11 @@ port_channel_interfaces: native_vlan_tag: true native_vlan: 100 mode: trunk + flow_tracker: + sampled: T3 + hardware: T3 + l2_protocol: + forwarding_profile: TEST2 - name: Port-Channel117 description: interface_with_sflow_ingress_egress_enabled diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/prefix-lists.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/prefix-lists.yml new file mode 100644 index 00000000000..3b7e0c9a9a4 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/prefix-lists.yml @@ -0,0 +1,12 @@ +--- +### IPv4 Prefix-Lists ### +prefix_lists: + - name: PL-LOOPBACKS-EVPN-OVERLAY + sequence_numbers: + - sequence: 10 + action: "permit 192.168.255.0/24 eq 32" + - sequence: 20 + action: "permit 192.168.254.0/24 eq 32" + + # prefix_list without sequence_numbers + - name: PL-IPV4-LOOPBACKS diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/priority-flow-control.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/priority-flow-control.yml new file mode 100644 index 00000000000..94df1ee37cc --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/priority-flow-control.yml @@ -0,0 +1,9 @@ +--- +priority_flow_control: + all_off: true + watchdog: + action: no-drop + timeout: "0.05" + polling_interval: 10.001 + recovery_time: 1.22 + override_action_drop: false diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ptp.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ptp.yml new file mode 100644 index 00000000000..44a20724f3e --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/ptp.yml @@ -0,0 +1,38 @@ +--- +### ptp +ptp: + clock_identity: "11:11:11:11:11:11" + source: + ip: 1.1.2.3 + priority1: 101 + priority2: 102 + ttl: 12 + domain: 17 + message_type: + general: + dscp: 36 + event: + dscp: 46 + mode: boundary + mode_one_step: true + forward_unicast: true + profile: "g8275.1" + monitor: + # enabled: true (default) + threshold: + offset_from_master: 11 + mean_path_delay: 12 + drop: + offset_from_master: 13 + mean_path_delay: 14 + missing_message: + intervals: + announce: 101 + follow_up: 102 + sync: 103 + sequence_ids: + enabled: true + announce: 201 + delay_resp: 202 + follow_up: 203 + sync: 204 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/qos.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/qos-profiles.yml similarity index 58% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/qos.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/qos-profiles.yml index 8a9e9fcef35..a6d86ee7257 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/qos.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/qos-profiles.yml @@ -1,35 +1,4 @@ -### QOS ### -qos: - map: - cos: - - "1 2 3 4 to traffic-class 2" - - "3 to traffic-class 3" - dscp: - - "8 9 10 11 12 13 14 15 16 17 19 21 23 24 25 27 29 31 32 33 35 37 39 40 41 42 43 44 45 47 49 50 51 52 53 54 55 57 58 59 60 61 62 63 to traffic-class 1" - - "46 to traffic-class 5" - - "18 20 22 26 28 30 34 36 38 to traffic-class 4 drop-precedence 2" - exp: - - "0 to traffic-class 0" - traffic_class: - - "2 4 5 to cos 7" - - "1 to dscp 56" - - "6 to tx-queue 2" - rewrite_dscp: true - random_detect: - ecn: - allow_non_ect: - enabled: true - chip_based: true - -priority_flow_control: - all_off: true - watchdog: - action: no-drop - timeout: "0.05" - polling_interval: 10.001 - recovery_time: 1.22 - override_action_drop: false - +--- qos_profiles: - name: test trust: dscp @@ -260,153 +229,3 @@ qos_profiles: min: 1 max: 10 drop_probability: 90 - -policy_maps: - qos: - - name: pmap_test1 - classes: - - name: cmap_tc0_v4 - set: - traffic_class: 0 - - name: cmap_tc5_v4 - set: - traffic_class: 5 - - name: cmap_tc5_v6 - set: - traffic_class: 5 - - name: cmap_tc0_v6 - set: - traffic_class: 0 - - name: class-default - set: - traffic_class: 1 - -### Ethernet Interfaces ### -ethernet_interfaces: - - name: Ethernet1 - peer: DC1-SPINE1 - peer_interface: Ethernet1 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE1_Ethernet1 - mtu: 1500 - switchport: - enabled: false - ip_address: 172.31.255.1/31 - service_profile: test - service_policy: - qos: - input: pmap_test1 - qos: - trust: dscp - dscp: 48 - - - name: Ethernet6 - peer: SRV-POD02 - peer_interface: Eth1 - peer_type: server - description: SRV-POD02_Eth1 - switchport: - enabled: true - mode: trunk - trunk: - allowed_vlan: 110-111,210-211 - service_profile: experiment - qos: - trust: cos - cos: 2 - tx_queues: - - id: 2 - random_detect: - ecn: - count: true - - - name: Ethernet3 - peer: DC1-LEAF1B - peer_interface: Ethernet3 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF1B_Ethernet3 - channel_group: - id: 3 - mode: active - - - name: Ethernet4 - peer: DC1-LEAF1B - peer_interface: Ethernet4 - peer_type: mlag_peer - description: MLAG_PEER_DC1-LEAF1B_Ethernet4 - channel_group: - id: 3 - mode: active - - - name: Ethernet7 - peer: SRV-POD03 - peer_interface: Eth1 - peer_type: server - description: Test-with-policymap - switchport: - enabled: true - mode: trunk - trunk: - allowed_vlan: 110-111,210-211 - service_profile: qprof_testwithpolicy - uc_tx_queues: - - id: 4 - random_detect: - ecn: - count: true - -### Port-Channel Interfaces ### -port_channel_interfaces: - - name: Port-Channel3 - description: MLAG_PEER_DC1-LEAF1B_Po3 - switchport: - enabled: true - trunk: - allowed_vlan: "2-4094" - groups: - - LEAF_PEER_L3 - - MLAG - mode: trunk - service_profile: experiment - service_policy: - qos: - input: pmap_test1 - qos: - trust: cos - cos: 2 - -### ACLs and Class Maps ### -access_lists: - - name: acl_qos_tc0_v4 - sequence_numbers: - - sequence: 10 - action: "permit ip any 192.0.2.0/29" - - name: acl_qos_tc5_v4 - sequence_numbers: - - sequence: 10 - action: "permit ip any any dscp ef" - -ipv6_access_lists: - - name: acl_qos_tc0_v6 - sequence_numbers: - - sequence: 10 - action: "permit ipv6 any any dscp cs1" - - name: acl_qos_tc5_v6 - sequence_numbers: - - sequence: 10 - action: "permit ipv6 any 2001:db8::/48" - -class_maps: - qos: - - name: cmap_tc5_v4 - ip: - access_group: acl_qos_tc5_v4 - - name: cmap_tc0_v6 - ipv6: - access_group: acl_qos_tc0_v6 - - name: cmap_tc0_v4 - ip: - access_group: acl_qos_tc0_v4 - - name: cmap_tc5_v6 - ipv6: - access_group: acl_qos_tc5_v6 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/qos.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/qos.yml new file mode 100644 index 00000000000..74c01a7d7c4 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/qos.yml @@ -0,0 +1,23 @@ +--- +### QOS ### +qos: + map: + cos: + - "1 2 3 4 to traffic-class 2" + - "3 to traffic-class 3" + dscp: + - "8 9 10 11 12 13 14 15 16 17 19 21 23 24 25 27 29 31 32 33 35 37 39 40 41 42 43 44 45 47 49 50 51 52 53 54 55 57 58 59 60 61 62 63 to traffic-class 1" + - "46 to traffic-class 5" + - "18 20 22 26 28 30 34 36 38 to traffic-class 4 drop-precedence 2" + exp: + - "0 to traffic-class 0" + traffic_class: + - "2 4 5 to cos 7" + - "1 to dscp 56" + - "6 to tx-queue 2" + rewrite_dscp: true + random_detect: + ecn: + allow_non_ect: + enabled: true + chip_based: true diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/router-bgp.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/router-bgp.yml index f78f4424c4a..b860b4235ee 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/router-bgp.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/router-bgp.yml @@ -1761,6 +1761,7 @@ router_bgp: - name: VRF02 neighbors: - ip_address: 1.1.1.1 + password: CRWZZy7NjZF5vUQbiZLrzw== additional_paths: receive: true send: ecmp diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/switchport-mode.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/switchport-default.yml similarity index 100% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/switchport-mode.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/switchport-default.yml diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/sync-e.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/sync-e.yml new file mode 100644 index 00000000000..9b85c8ba08a --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/sync-e.yml @@ -0,0 +1,5 @@ +--- +### sync-e + +sync_e: + network_option: 2 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/tcam-profile.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/tcam-profile.yml new file mode 100644 index 00000000000..49ae825bb08 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/tcam-profile.yml @@ -0,0 +1,6 @@ +--- +tcam_profile: + system: traffic_policy + profiles: + - name: MY_TCAM_PROFILE + source: "flash:/TCAM_PROFILES/MY_TCAM_PROFILE.conf" diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/traffic-policies.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/traffic-policies.yml similarity index 94% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/traffic-policies.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/traffic-policies.yml index 4fa1eea253c..dbdfcdab64a 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/traffic-policies.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/traffic-policies.yml @@ -210,18 +210,3 @@ traffic_policies: protocols: - protocol: neighbors enforce_gtsm: true -ethernet_interfaces: - - name: Ethernet1 - switchport: - enabled: false - traffic_policy: - input: BLUE-C1-POLICY - output: BLUE-C2-POLICY - -port_channel_interfaces: - - name: Port-Channel2 - switchport: - enabled: false - traffic_policy: - input: BLUE-C1-POLICY - output: BLUE-C2-POLICY diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/vrf-instances.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/vrf-instances.yml index 18d5bcac3f5..0c648b9dc40 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/vrf-instances.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host1/vrf-instances.yml @@ -13,3 +13,14 @@ vrfs: - name: BLAH - name: defauls - name: defaulu + - name: TEST1 + ip_routing: true + ipv6_routing: true + - name: TEST2 + ip_routing: false + ipv6_routing: false + ip_routing_ipv6_interfaces: true + - name: default + ip_routing: true + ipv6_routing: true + ip_routing_ipv6_interfaces: true diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/banners.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/banners.yml new file mode 100644 index 00000000000..d2b6b7cd193 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/banners.yml @@ -0,0 +1,13 @@ +--- +banners: + login: | + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + !***!!!Unauthorized access prohibited!!!***! + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + EOF + motd: | + . Switch : $(hostname) . + . Site : DC1 . + . Type info for information about the device . + . Type help for information about the aliases . + EOF diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/flow-tracking-2.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/flow-tracking.yml similarity index 100% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/flow-tracking-2.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/flow-tracking.yml diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ip-icmp-redirect.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ip-icmp-redirect.yml new file mode 100644 index 00000000000..7b3673e357a --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ip-icmp-redirect.yml @@ -0,0 +1,2 @@ +--- +ip_icmp_redirect: false diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ip-routing.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ip-routing.yml new file mode 100644 index 00000000000..78b313479f4 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ip-routing.yml @@ -0,0 +1,3 @@ +--- +### IP routing ### +ip_routing: false diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ipv6-icmp-redirect.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ipv6-icmp-redirect.yml new file mode 100644 index 00000000000..3878a280f00 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/ipv6-icmp-redirect.yml @@ -0,0 +1,2 @@ +--- +ipv6_icmp_redirect: false diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/switchport-default.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/switchport-default.yml new file mode 100644 index 00000000000..bc6e752e1c0 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/switchport-default.yml @@ -0,0 +1,3 @@ +--- +switchport_default: + mode: routed diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/traffic-policies-2.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/traffic-policies.yml similarity index 70% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/traffic-policies-2.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/traffic-policies.yml index 0097265181b..7db31bb1914 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/traffic-policies-2.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host2/traffic-policies.yml @@ -1,3 +1,4 @@ +--- ### Traffic Policies to cover IPv6 field and none policy case traffic_policies: field_sets: @@ -6,7 +7,3 @@ traffic_policies: prefixes: - 11:22:33:44:55:66:77:88 - name: IPv6-DEMO-2 -port_channel_interfaces: - - name: Port-Channel2 - switchport: - enabled: false diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/traffic-policies-3.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host3/traffic-policies.yml similarity index 60% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/traffic-policies-3.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host3/traffic-policies.yml index 1b858f826b4..4a40dc8f08d 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/traffic-policies-3.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host3/traffic-policies.yml @@ -1,8 +1,5 @@ +--- ### Traffic policies for without field_sets option case traffic_policies: options: counter_per_interface: false -ethernet_interfaces: - - name: Ethernet1 - switchport: - enabled: false diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/custom-templates.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host4_inline_jinja/custom-templates.yml similarity index 97% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/custom-templates.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host4_inline_jinja/custom-templates.yml index b23615ef583..236a508a5e6 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/custom-templates.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host4_inline_jinja/custom-templates.yml @@ -1,3 +1,4 @@ +--- custom_templates: - 'custom_templates/test-template-1.j2' - 'custom_templates/test-template-2.j2' diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/tcam-profile.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host4_inline_jinja/tcam-profile.yml similarity index 66% rename from ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/tcam-profile.yml rename to ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host4_inline_jinja/tcam-profile.yml index 30a8898a170..961a9196024 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/tcam-profile.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host4_inline_jinja/tcam-profile.yml @@ -1,7 +1,6 @@ +--- tcam_profile: system: traffic_policy profiles: - name: traffic_policy config: "{{ lookup('file', '{{ root_dir }}/inventory/TCAM_TRAFFIC_POLICY.conf') }}" - - name: MY_TCAM_PROFILE - source: "flash:/TCAM_PROFILES/MY_TCAM_PROFILE.conf" diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host6/eos-cli-config-gen-configuration.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host6/eos-cli-config-gen-configuration.yml new file mode 100644 index 00000000000..346c7cb00ee --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host6/eos-cli-config-gen-configuration.yml @@ -0,0 +1,4 @@ +--- +eos_cli_config_gen_configuration: + enable: true + hide_passwords: true diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host6/eos-cli-config-gen-documentation.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host6/eos-cli-config-gen-documentation.yml new file mode 100644 index 00000000000..8aeef1e7803 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host6/eos-cli-config-gen-documentation.yml @@ -0,0 +1,4 @@ +--- +eos_cli_config_gen_documentation: + enable: true + hide_passwords: false diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host6/snmp-server.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host6/snmp-server.yml new file mode 100644 index 00000000000..73950596f56 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/host6/snmp-server.yml @@ -0,0 +1,11 @@ +--- +snmp_server: + hosts: + - host: 10.6.75.121 + vrf: MGMT + version: 1 + community: SNMP-COMMUNITY-1 + - host: 10.6.75.121 + vrf: MGMT + version: 2c + community: SNMP-COMMUNITY-2 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-routing-fib.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-routing-fib.yml deleted file mode 100644 index da77aee0bef..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-routing-fib.yml +++ /dev/null @@ -1,14 +0,0 @@ -### IP routing ### - -ip_routing: true -ipv6_unicast_routing: true -ip_hardware: - fib: - optimize: - prefixes: - profile: urpf-internet -ipv6_hardware: - fib: - optimize: - prefixes: - profile: internet diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-routing.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-routing.yml deleted file mode 100644 index d444954fc78..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ip-routing.yml +++ /dev/null @@ -1,19 +0,0 @@ -### IP routing ### - -ip_routing: false -ipv6_unicast_routing: true -ip_routing_ipv6_interfaces: true -vrfs: - - name: TEST1 - ip_routing: true - ipv6_routing: true - - name: TEST2 - ip_routing: false - ipv6_routing: false - ip_routing_ipv6_interfaces: true - - name: default - ip_routing: true - ipv6_routing: true - ip_routing_ipv6_interfaces: true -ip_icmp_redirect: false -ipv6_icmp_redirect: false diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/lldp.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/lldp.yml deleted file mode 100644 index fde465d50e8..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/lldp.yml +++ /dev/null @@ -1,46 +0,0 @@ -### LLDP ### -lldp: - run: false - timer: 30 - holdtime: 90 - management_address: 192.168.1.1/24 - vrf: Management - tlvs: - - name: system-capabilities - transmit: false - - name: system-description - transmit: true - -ethernet_interfaces: - - name: Ethernet1 - description: to WAN-ISP1-01 Ethernet2 - switchport: - enabled: false - lldp: - transmit: false - receive: false - - - name: Ethernet2 - description: Switched port with no LLDP rx/tx - switchport: - enabled: true - mode: access - access_vlan: 110 - lldp: - transmit: false - receive: true - - - name: Ethernet3 - description: No special LLDP settings - switchport: - enabled: true - mode: access - access_vlan: 110 - - - name: Ethernet4 - description: test - switchport: - enabled: false - lldp: - transmit: true - receive: false diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/poe.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/poe.yml deleted file mode 100644 index 2edd1f8286f..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/poe.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -### PoE Global ### -poe: - reboot: - action: maintain - interface_shutdown: - action: power-off - -lldp: - tlvs: - - name: power-via-mdi - transmit: false - - name: system-capabilities - transmit: true diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/prefix-lists.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/prefix-lists.yml deleted file mode 100644 index bdc2c68f477..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/prefix-lists.yml +++ /dev/null @@ -1,46 +0,0 @@ -### IPv4 Prefix-Lists ### -dynamic_prefix_lists: - - name: DYNAMIC_PREFIX_LIST_NAME_3 - match_map: Test_2 - prefix_list: - ipv4: IPV4_PREFIX_LIST - ipv6: IPV6_PREFIX_LIST - - name: DYNAMIC_PREFIX_LIST_NAME_1 - match_map: Test_1 - prefix_list: - ipv4: IPV4_PREFIX_LIST - - name: DYNAMIC_PREFIX_LIST_NAME_2 - match_map: Test_2 - prefix_list: - ipv6: IPV6_PREFIX_LIST - -### IPv4 Prefix-Lists ### -prefix_lists: - - name: PL-BGP-DEFAULT-BLUE-C1 - sequence_numbers: - - sequence: 10 - action: permit 0.0.0.0/0 le 1 - - name: PL-BGP-DEFAULT-RED-OUT-C1 - sequence_numbers: - - sequence: 10 - action: permit 10.0.0.0/8 - - name: PL-BGP-DEFAULT-RED-IN-C1 - sequence_numbers: - - sequence: 10 - action: permit 0.0.0.0/0 - - name: PL-LOOPBACKS-EVPN-OVERLAY - sequence_numbers: - - sequence: 10 - action: "permit 192.168.255.0/24 eq 32" - - sequence: 20 - action: "permit 192.168.254.0/24 eq 32" - - # prefix_list without sequence_numbers - - name: PL-IPV4-LOOPBACKS - -### IPv6 Prefix-lists ### -ipv6_prefix_lists: - - name: PL-IPV6-LOOPBACKS - sequence_numbers: - - sequence: 10 - action: permit 1b11:3a00:22b0:0082::/64 eq 128 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ptp.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ptp.yml deleted file mode 100644 index 2df8864d931..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/ptp.yml +++ /dev/null @@ -1,114 +0,0 @@ -### ptp - -ptp: - clock_identity: "11:11:11:11:11:11" - source: - ip: 1.1.2.3 - priority1: 101 - priority2: 102 - ttl: 12 - domain: 17 - message_type: - general: - dscp: 36 - event: - dscp: 46 - mode: boundary - mode_one_step: true - forward_unicast: true - profile: "g8275.1" - monitor: - # enabled: true (default) - threshold: - offset_from_master: 11 - mean_path_delay: 12 - drop: - offset_from_master: 13 - mean_path_delay: 14 - missing_message: - intervals: - announce: 101 - follow_up: 102 - sync: 103 - sequence_ids: - enabled: true - announce: 201 - delay_resp: 202 - follow_up: 203 - sync: 204 - -# port-channels -port_channel_interfaces: - - name: Port-Channel5 - description: DC1_L2LEAF1_Po1 - switchport: - enabled: true - trunk: - allowed_vlan: 110,201 - mode: trunk - mlag: 5 - ptp: - enable: true - mpass: true - delay_mechanism: e2e - sync_message: - interval: 1 - role: dynamic - vlan: 2 - transport: layer2 - profile: - g8275_1: - destination_mac_address: forwardable - -### interface -ethernet_interfaces: - - name: Ethernet3 - peer: DC1-SPINE2 - peer_interface: Ethernet5 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE2_Ethernet5 - switchport: - enabled: true - mode: trunk - trunk: - allowed_vlan: 2,14 - ptp: - enable: true - delay_mechanism: e2e - sync_message: - interval: 1 - role: dynamic - vlan: 2 - transport: layer2 - - name: Ethernet6 - peer: DC1-SPINE1 - peer_interface: Ethernet6 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE1_Ethernet6 - mtu: 1500 - switchport: - enabled: false - ip_address: 172.31.255.15/31 - ptp: - enable: true - announce: - interval: 3 - timeout: 9 - delay_req: -7 - delay_mechanism: e2e - sync_message: - interval: 1 - role: dynamic - transport: ipv4 - profile: - g8275_1: - destination_mac_address: non-forwardable -# port-channel interfaces - - name: Ethernet5 - peer: DC1-AGG01 - peer_interface: Ethernet1 - peer_type: l2leaf - description: DC1-AGG01_Ethernet1 - channel_group: - id: 5 - mode: active diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/sync-e.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/sync-e.yml deleted file mode 100644 index f55d3fe5e33..00000000000 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/sync-e.yml +++ /dev/null @@ -1,40 +0,0 @@ -### sync-e - -sync_e: - network_option: 2 - -### interface -ethernet_interfaces: - - name: Ethernet3 - peer: DC1-SPINE2 - peer_interface: Ethernet5 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE2_Ethernet5 - switchport: - enabled: true - mode: trunk - trunk: - allowed_vlan: 2,14 - sync_e: - enable: true - priority: 10 - - name: Ethernet6 - peer: DC1-SPINE1 - peer_interface: Ethernet6 - peer_type: spine - description: P2P_LINK_TO_DC1-SPINE1_Ethernet6 - mtu: 1500 - switchport: - enabled: false - ip_address: 172.31.255.15/31 - sync_e: - enable: true - priority: disabled -# port-channel interfaces - - name: Ethernet5 - peer: DC1-AGG01 - peer_interface: Ethernet1 - peer_type: l2leaf - description: DC1-AGG01_Ethernet1 - sync_e: - enable: true diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/hosts.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/hosts.yml index 5a635b1f507..a78f3f7ceab 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/hosts.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/hosts.yml @@ -4,40 +4,16 @@ test_hosts: IGNORE_IN_PYTEST: hosts: host4_inline_jinja: - custom-templates: # TODO: Remove inline jinja - tcam-profile: # TODO: Remove inline jinja hosts: host1: host2: host3: host4_inline_jinja: - address-locking: - base: - banners_without_eof: - custom-templates: + host6: daemon_terminattr: - dns-ntp: - eos_cli_config_gen_configuration.enable: - eos_cli_config_gen_documentation.enable: - flow-tracking: - flow-tracking-2: - hardware-counter: - hardware: - hide-passwords: - interface-defaults: - ip-routing: - ip-routing-fib: - l2-protocol-forwarding: - lldp: - mac-security-eth-po-entropy: mpls: mpls-2: mpls-3: - platform: - poe: - prefix-lists: - ptp: - qos: router-isis: router-isis-new: router-isis-1: @@ -49,8 +25,6 @@ test_hosts: spanning-tree-bpdu: spanning-tree-rstp: spanning-tree-rapid-pvst: - sync-e: - tcam-profile: terminattr-cloud: terminattr-extra-flags: terminattr-multi-cluster-certs: @@ -60,6 +34,3 @@ test_hosts: terminattr-prem: terminattr-prem-no-ingestkey: terminattr-prem-disableaaa: - traffic-policies: - traffic-policies-2: - traffic-policies-3: