Fabric Variables
Fabric Variables¶
- The fabric underlay and overlay topology variables, define the elements related to build the L3 Leaf and Spine fabric.
- The following underlay routing protocols are supported:
- EBGP (default)
- OSPF.
- ISIS.
- The following overlay routing protocols are supported:
- EBGP (default)
- IBGP (only with OSPF or ISIS in underlay)
- Only summary network addresses need to be defined. IP addresses are then assigned to each node, based on its unique device id.
- To view IP address allocation and consumption, a summary is provided in the auto-generated fabric documentation in Markdown and CSV format.
- The variables should be applied to all devices in the fabric.
Variables and Options:
# Underlay routing protocol | Required.
underlay_routing_protocol: < EBGP or OSPF or ISIS | Default -> EBGP >
overlay_routing_protocol: <EBGP or IBGP | default -> EBGP >
# Point to Point Underlay with RFC 5549(eBGP), i.e. IPv6 Unnumberred.
# Requires "underlay_routing_protocol: EBGP"
underlay_rfc5549: < true | false | Default -> false >
# Underlay OSFP | Required when < underlay_routing_protocol > == OSPF
underlay_ospf_process_id: < process_id | Default -> 100 >
underlay_ospf_area: < ospf_area | Default -> 0.0.0.0 >
underlay_ospf_max_lsa: < lsa | Default -> 12000 >
underlay_ospf_bfd_enable: < true | false | Default -> false >
# Underlay ISIS | Required when < underlay_routing_protocol > == ISIS
isis_area_id: < isis area | Default -> "49.0001" >
isis_site_id: < isis site ID | Default -> "0001" >
# AS number to use to configure overlay when < overlay_routing_protocol > == IBGP
bgp_as: < AS number >
# Point to Point Links MTU | Required.
p2p_uplinks_mtu: < 0-9216 | default -> 9000 >
# IP Summary for Point to Point interfaces between L3 leafs and spines used for underlay peering | Required
# Assigned as /31 for each uplink interfaces
# Needs to be unique per pod
# Assign network summary larger then:
# [ total spines * total potential L3 leafs * 2 * max_l3leaf_to_spine_links(default: 1) ]
underlay_p2p_network_summary: < IPv4_network/Mask >
# IP address summary for BGP evpn overlay peering loopback for L3 leafs and spines | Required
# Assigned as /32 to Loopback0
# Assign range larger then:
# [ total spines + total potential L3 leafs ]
overlay_loopback_network_summary: < IPv4_network/Mask >
# IP address summary VTEP VXLAN Tunnel source loopback1 IP for L3 leafs | Required
# Assigned as /32 to Loopback1
# Assign range larger then total L3 leafs
vtep_loopback_network_summary: < IPv4_network/Mask >
# IP Address used as Virtual VTEP. Will be configured as secondary IP on loopback1 | Optional
# This is only needed for centralized routing designs
vtep_vvtep_ip: < IPv4_address/Mask >
# IP address summary used for MLAG Peer Link (control link) and underlay L3 peering | *Required
# * When MLAG leafs present in topology.
# Assign range larger then total: L3 Leafs + 2 ]
mlag_ips:
leaf_peer_l3: < IPv4_network/Mask >
mlag_peer: < IPv4_network/Mask >
# BGP multi-path | Optional
bgp_maximum_paths: < number_of_max_paths | default -> 4 >
bgp_ecmp: < number_of_ecmp_paths | default -> 4 >
# EVPN ebgp-multihop | Optional
# Default of 3, the recommended value for a 3 stage spine and leaf topology.
# Set to a higher value to allow for very large and complex topologies.
evpn_ebgp_multihop: < ebgp_multihop | default -> 3 >
# BGP peer groups encrypted password
# IPv4_UNDERLAY_PEERS and MLAG_IPv4_UNDERLAY_PEER | Required when < underlay_routing_protocol > == BGP
# EVPN_OVERLAY_PEERS | Required
# Leverage an Arista EOS switch to generate the encrypted password using the correct peer group name.
# Note that the name of the peer groups use '-' instead of '_' in EOS configuration.
bgp_peer_groups:
IPv4_UNDERLAY_PEERS:
name: < name of peer group | default -> IPv4-UNDERLAY-PEERS >
password: "< encrypted password >"
MLAG_IPv4_UNDERLAY_PEER:
name: < name of peer group | default -> MLAG-IPv4-UNDERLAY-PEER >
password: "< encrypted password >"
EVPN_OVERLAY_PEERS:
name: < name of peer group | default -> EVPN-OVERLAY-PEERS >
password: "< encrypted password >"
# Spine BGP Tuning | Optional.
spine_bgp_defaults:
- update wait-for-convergence
- update wait-install
- no bgp default ipv4-unicast
- distance bgp 20 200 200
- graceful-restart restart-time 300
- graceful-restart
# Leaf BGP Tuning | Optional.
leaf_bgp_defaults:
- update wait-install
- no bgp default ipv4-unicast
- distance bgp 20 200 200
- graceful-restart restart-time 300
- graceful-restart
# Enable vlan aware bundles for EVPN MAC-VRF | Required.
vxlan_vlan_aware_bundles: < boolean | default -> false >
# Disable IGMP snooping at fabric level.
# If set, it overrides per vlan settings
default_igmp_snooping_enabled: < boolean | default -> true >
# BFD Multihop tunning | Required.
bfd_multihop:
interval: < | default -> 300 >
min_rx: < | default -> 300 >
multiplier: < | default -> 3 >
## EVPN Host Flapping Settings
evpn_hostflap_detection:
# If set to false it will disable EVPN host-flap detection
enabled: < true | false | default -> true >
# Minimum number of MAC moves that indicate a MAC duplication issue
threshold: < number | default 5 >
# Time (in seconds) to detect a MAC duplication issue
window: < seconds | default 180 >
# Enable Route Target Membership Constraint Address Family on EVPN overlay BGP peerings (Min. EOS 4.25.1F)
# Requires use eBGP as overlay protocol.
evpn_overlay_bgp_rtc: < true | false , default -> false >
# Configure route-map on eBGP sessions towards route-servers, where prefixes with the peer's ASN in the AS Path are filtered away.
# This is very useful in very large scale networks, where convergence will be quicker by not having to return all updates received
# from Route-server-1 to Router-server-2 just for Route-server-2 to throw them away because of AS Path loop detection.
evpn_prevent_readvertise_to_server : < true | false , default -> false >
# Configure prefix for "short_esi" values | Optional
evpn_short_esi_prefix: < string, default -> "0000:0000:" >
# Optional IP subnet assigned to Inband Management SVI on l2leafs in default VRF.
# Parent l3leafs will have SVI with "ip virtual-router" and host-route injection based on ARP. This allows all l3leafs to reuse the same subnet
# SVI IP address will be assigned as follows:
# virtual-router: <subnet> + 1
# l3leaf A : <subnet> + 2 (same IP on all l3leaf A)
# l3leaf B : <subnet> + 3 (same IP on all l3leaf B)
# l2leafs : <subnet> + 3 + <l2leaf id>
# GW on l2leafs : <subnet> + 1
# Assign range larger than total l2leafs + 5
l2leaf_inband_management_subnet: < IPv4_network/Mask >
# VLAN number assigned to Inband Management SVI on l2leafs in default VRF.
# Optional - default -> 4092
l2leaf_inband_management_vlan: < vlan_id >
# QOS Profile assigned on all infrastructure links | Optional
p2p_uplinks_qos_profile: < qos_profile_name >
# Enable PTP on all infrastructure links | Optional
p2p_uplinks_ptp:
enable: < boolean | default -> false >
Example:
note: Default values are commented
# Defined in FABRIC.yml
fabric_name: DC1_FABRIC
# underlay_routing_protocol: BGP
# underlay_ospf_process_id: 100
# underlay_ospf_area: 0.0.0.0
# underlay_ospf_max_lsa: 12000
# underlay_ospf_bfd_enable: true
# p2p_uplinks_mtu: 9000
underlay_p2p_network_summary: 172.31.255.0/24
overlay_loopback_network_summary: 192.168.255.0/24
vtep_loopback_network_summary: 192.168.254.0/24
mlag_ips:
leaf_peer_l3: 10.255.251.0/24
mlag_peer: 10.255.252.0/24
bgp_peer_groups:
IPv4_UNDERLAY_PEERS:
password: "AQQvKeimxJu+uGQ/yYvv9w=="
EVPN_OVERLAY_PEERS:
password: "q+VNViP5i4rVjW1cxFv2wA=="
MLAG_IPv4_UNDERLAY_PEER:
password: "vnEaG8gMeQf3d3cN6PktXQ=="
# spine_bgp_defaults:
# - update wait-for-convergence
# - update wait-install
# - no bgp default ipv4-unicast
# - distance bgp 20 200 200
# - graceful-restart restart-time 300
# - graceful-restart
# leaf_bgp_defaults:
# - update wait-install
# - no bgp default ipv4-unicast
# - distance bgp 20 200 200
# - graceful-restart restart-time 300
# - graceful-restart
# vxlan_vlan_aware_bundles: false
# bfd_multihop:
# interval: 300
# min_rx: 300
# multiplier: 3
Last update: May 8, 2021