Skip to content

Input variables for eos_designs

This document describes the supported input variables for the role arista.avd.eos_designs.

Since several data models have changed between AVD versions 3.x and 4.x, it is recommended to study the Porting Guide for AVD 4.x.x for existing deployments.

The input variables are documented below in tables and YAML.

Note

All input variables are validated by a schema. If additional custom keys are desired, a key starting with an underscore _, will be ignored.

Warning

Available features and variables may vary by platforms, refer to documentation on arista.com for specifics.

Supported designs

eos_designs supports multiple options such as L3LS-EVPN with 3-stage or 5-stage, L2LS and MPLS. The sections below highlight these 3 topologies, but you can extend eos_designs to support your own topology by using node_type_keys to create your own node type.

Design type

By setting the design.type variable, the default node-types described in Node Type Variables will be used.

Variable Type Required Default Value Restrictions Description
design Dictionary
  type String l3ls-evpn Valid Values:
- l3ls-evpn
- mpls
- l2ls
By setting the design.type variable, the default node-types and templates described in these documents will be used.
design:
  type: <str>

3-stage clos topology support (Leaf & Spine)

  • The eos_designs role support various deployments with layer 3 leaf and spine (3-stage Clos) and optionally, with dedicated overlay controllers.
  • 3 stage Clos fabric can be represented as spines, L3 leafs and L2 leafs, and also referred to as a “POD”.

See the following examples using the l3ls-evpn design:

5-stage clos topology support (Super Spine)

  • The eos_designs role support lager deployments with super-spines (5-stage Clos) and optionally, with dedicated overlay controllers.
  • 5 stage Clos fabric can be represented as multiple leaf-spine structures (called PODs - Point of Delivery) interconnected by super-spines.
  • The logic to deploy every leaf-spine POD fabric remains unchanged.
  • Super-spines can be deployed as a single plane (typically chassis switches) or multiple planes.

Layer 2 Leaf Spine

  • The eos_designs role support various deployments with layer 2 leaf and spine. For example, routing may terminate at the spine level or an external L3 device.
  • The Clos fabric can be represented as L3 spines, spines, and leafs.

See the following examples using the l2ls design:

MPLS

The eos_designs role with the mpls design type supports any arbitrary physical mesh topology by combining and interconnecting different node types with the core_interfaces settings.

The following underlay routing protocols are supported:

  • ISIS-SR (default)
  • ISIS + LDP
  • ISIS-SR + LDP
  • OSPF + LDP

The following overlay routing protocols are supported:

  • IBGP (default)

Any node group of 2 or more rr-routers will form a Route Reflector cluster.

The MPLS design supports most fabric topology variables already supported by l3ls-evpn, barring the exceptions outlined below:

  • Connectivity is defined with the core_interfaces settings instead of Node type uplink settings.
  • No MLAG support.
  • No VXLAN support.
  • EVPN overlay settings are set with mpls_overlay_role and mpls_route_reflectors instead of evpn_role and evpn_route_servers.
  • No Inband Management support.

See the following example using the mpls design:

Fabric topology hierarchy

As per the diagram above, the topology hierarchy is the following:

  • fabric_name
    • dc_name
      • pod_name

You must define the fabric_name variable and it must match the Ansible inventory group name covering all devices in scope of the fabric.

Variable Type Required Default Value Restrictions Description
dc_name String POD Name is used in:
- Fabric Documentation (Optional, falls back to fabric_name)
- SNMP Location: snmp_settings.location (Optional)
- HER Overlay DC scoped flood lists: overlay_her_flood_list_scope: dc (Required)
fabric_name String Required Fabric Name, required to match Ansible Group name covering all devices in the Fabric, must be an inventory group name.
pod_name String POD Name is used in:
- Fabric Documentation (Optional, falls back to dc_name and then to fabric_name)
- SNMP Location: snmp_settings.location (Optional)
- VRF Loopbacks: vtep_diagnostic.loopback_ip_pools.pod (Required)

Recommended to be common between Spines and Leafs within a POD (One l3ls topology).
dc_name: <str>
fabric_name: <str>
pod_name: <str>

Fabric IP Addressing

Variable Type Required Default Value Restrictions Description
fabric_ip_addressing Dictionary
  mlag Dictionary
    algorithm String first_id Valid Values:
- first_id
- odd_id
- same_subnet
This variable defines the Multi-chassis Link Aggregation (MLAG) algorithm used.
Each MLAG link will have a /31 subnet with each subnet allocated from the relevant MLAG pool via a calculated offset.
The offset is calculated using one of the following algorithms:
- first_id: (mlag_primary_id - 1) * 2 where mlag_primary_id is the ID of the first node defined under the node_group.
This allocation method will skip every other /31 subnet making it less space efficient than odd_id.
- odd_id: (odd_id - 1) / 2. Requires the node_group to have a node with an odd ID and a node with an even ID.
- same_subnet: the offset will always be zero.
This allocation method will cause every MLAG link to be addressed with the same /31 subnet.
fabric_ip_addressing:
  mlag:
    algorithm: <str>

Node Type Variables

The following tables provide information on the default node types that have been pre-defined in eos_designs for each design type.

To customize or create new node types, please refer to node type customization section.

L3LS EVPN

Node Type Key Underlay Router Uplink Type Default EVPN Role L2 Network Services L3 Network Services VTEP MLAG Support Connected Endpoints
super_spine p2p none
spine p2p server
l3leaf p2p client
l2leaf port-channel none
overlay_controller p2p server

L2LS

Node Type Key Underlay Router Uplink Type Default EVPN Role L2 Network Services L3 Network Services VTEP MLAG Support Connected Endpoints
l3spine p2p none
spine port-channel none
leaf port-channel none

MPLS

Node Type Key Underlay Router Uplink Type Default Overlay Role L2 Network Services L3 Network Services VTEP MLAG Support Connected Endpoints
p p2p none
rr p2p server
pe p2p client

Node type customization

AVD provides the capability to customize your node types, supporting a variety of designs.

Note

The default values will be overridden if defining this key, so it is recommended to copy the defaults and modify them.

Default value for design l3ls-evpn
node_type_keys:

  - key: spine
    type: spine
    default_evpn_role: server
    default_ptp_priority1: 20

  - key: l3leaf
    type: l3leaf
    connected_endpoints: true
    default_evpn_role: client
    default_ptp_priority1: 30
    mlag_support: true
    network_services:
      l2: true
      l3: true
    vtep: true

  - key: l2leaf
    type: l2leaf
    connected_endpoints: true
    mlag_support: true
    network_services:
      l2: true
    underlay_router: false
    uplink_type: port-channel

  - key: super_spine
    type: super-spine

  - key: overlay_controller
    type: overlay-controller
    default_evpn_role: server
Default value for design l2ls
node_type_keys:

  - key: l3spine
    type: l3spine
    connected_endpoints: true
    default_overlay_routing_protocol: none
    default_underlay_routing_protocol: none
    mlag_support: true
    network_services:
      l2: true
      l3: true

  - key: spine
    type: spine
    connected_endpoints: true
    mlag_support: true
    network_services:
      l2: true
    underlay_router: false
    uplink_type: port-channel

  - key: leaf
    type: leaf
    connected_endpoints: true
    mlag_support: true
    network_services:
      l2: true
    underlay_router: false
    uplink_type: port-channel
Default value for design mpls
node_type_keys:

  - key: p
    type: p
    default_mpls_overlay_role: none
    default_overlay_routing_protocol: ibgp
    default_underlay_routing_protocol: isis-sr
    mpls_lsr: true

  - key: pe
    type: pe
    connected_endpoints: true
    default_evpn_encapsulation: mpls
    default_evpn_role: client
    default_mpls_overlay_role: client
    default_overlay_address_families:
      - vpn-ipv4
    default_overlay_routing_protocol: ibgp
    default_underlay_routing_protocol: isis-sr
    mpls_lsr: true
    network_services:
      l1: true
      l2: true
      l3: true

  - key: rr
    type: rr
    default_evpn_encapsulation: mpls
    default_evpn_role: server
    default_mpls_overlay_role: server
    default_overlay_address_families:
      - vpn-ipv4
    default_overlay_routing_protocol: ibgp
    default_underlay_routing_protocol: isis-sr
    mpls_lsr: true
Variable Type Required Default Value Restrictions Description
node_type_keys List, items: Dictionary Define Node Type Keys, to specify the properties of each node type in the fabric.
This allows for complete customization of the fabric layout and functionality.
node_type_keys should be defined in top level group_var for the fabric.
The default values will be overridden if defining this key, so it is recommended to copy the defaults and modify them.
  - key String Required, Unique
    type String Type value matching this node_type_key.
    connected_endpoints Boolean False Are endpoints connected to this node type.
    default_evpn_role String none Valid Values:
- none
- client
- server
Default evpn_role. Can be overridden in topology vars.
    default_ptp_priority1 Integer 127 Min: 0
Max: 255
Default PTP priority 1
    default_underlay_routing_protocol String ebgp Value is converted to lower case
Valid Values:
- ebgp
- ibgp
- ospf
- ospf-ldp
- isis
- isis-sr
- isis-ldp
- isis-sr-ldp
- none
Set the default underlay routing_protocol.
Can be overridden by setting “underlay_routing_protocol” host/group_vars.
    default_overlay_routing_protocol String ebgp Value is converted to lower case
Valid Values:
- ebgp
- ibgp
- her
- cvx
- none
Set the default overlay routing_protocol.
Can be overridden by setting “overlay_routing_protocol” host/group_vars.
    default_mpls_overlay_role String Valid Values:
- client
- server
- none
Set the default mpls overlay role.
Acting role in overlay control plane.
    default_overlay_address_families List, items: String Set the default overlay address families.
      - <str> String Value is converted to lower case
Valid Values:
- evpn
- vpn-ipv4
- vpn-ipv6
    default_evpn_encapsulation String Value is converted to lower case
Valid Values:
- mpls
- vxlan
Set the default evpn encapsulation.
    mlag_support Boolean False Can this node type support mlag.
    network_services Dictionary Will network services be deployed on this node type.
      l1 Boolean False ??
      l2 Boolean False Vlans
      l3 Boolean False VRFs, SVIs (if l2 is true).
Only supported with underlay_router.
    underlay_router Boolean True Is this node type a L3 device.
    uplink_type String p2p Valid Values:
- p2p
- port-channel
Uplinks must be p2p if “vtep” or “underlay_router” is true.
    vtep Boolean False Is this switch an EVPN VTEP.
    mpls_lsr Boolean False Is this switch an MPLS LSR.
    ip_addressing Dictionary Override ip_addressing templates.
      python_module String Custom Python Module to import for IP addressing.
      python_class_name String Name of Custom Python Class to import for IP addressing.
      router_id String Path to Custom J2 template.
      router_id_ipv6 String Path to Custom J2 template.
      mlag_ip_primary String Path to Custom J2 template.
      mlag_ip_secondary String Path to Custom J2 template.
      mlag_l3_ip_primary String Path to Custom J2 template.
      mlag_l3_ip_secondary String Path to Custom J2 template.
      mlag_ibgp_peering_ip_primary String Path to Custom J2 template.
      mlag_ibgp_peering_ip_secondary String Path to Custom J2 template.
      p2p_uplinks_ip String Path to Custom J2 template.
      p2p_uplinks_peer_ip String Path to Custom J2 template.
      vtep_ip_mlag String Path to Custom J2 template.
      vtep_ip String Path to Custom J2 template.
    interface_descriptions Dictionary Override interface_descriptions templates
If description templates use Jinja2, they have to strip whitespaces using {%- -%} on any code blocks.
      python_module String Custom Python Module to import for interface descriptions.
      python_class_name String Name of Custom Python Class to import for interface descriptions.
      underlay_ethernet_interfaces String Path to Custom J2 template.
      underlay_port_channel_interfaces String Path to Custom J2 template.
      mlag_ethernet_interfaces String Path to Custom J2 template.
      mlag_port_channel_interfaces String Path to Custom J2 template.
      connected_endpoints_ethernet_interfaces String Path to Custom J2 template.
      connected_endpoints_port_channel_interfaces String Path to Custom J2 template.
      overlay_loopback_interface String Path to Custom J2 template.
      vtep_loopback_interface String Path to Custom J2 template.
node_type_keys:
  - key: <str>
    type: <str>
    connected_endpoints: <bool>
    default_evpn_role: <str>
    default_ptp_priority1: <int>
    default_underlay_routing_protocol: <str>
    default_overlay_routing_protocol: <str>
    default_mpls_overlay_role: <str>
    default_overlay_address_families:
      - <str>
    default_evpn_encapsulation: <str>
    mlag_support: <bool>
    network_services:
      l1: <bool>
      l2: <bool>
      l3: <bool>
    underlay_router: <bool>
    uplink_type: <str>
    vtep: <bool>
    mpls_lsr: <bool>
    ip_addressing:
      python_module: <str>
      python_class_name: <str>
      router_id: <str>
      router_id_ipv6: <str>
      mlag_ip_primary: <str>
      mlag_ip_secondary: <str>
      mlag_l3_ip_primary: <str>
      mlag_l3_ip_secondary: <str>
      mlag_ibgp_peering_ip_primary: <str>
      mlag_ibgp_peering_ip_secondary: <str>
      p2p_uplinks_ip: <str>
      p2p_uplinks_peer_ip: <str>
      vtep_ip_mlag: <str>
      vtep_ip: <str>
    interface_descriptions:
      python_module: <str>
      python_class_name: <str>
      underlay_ethernet_interfaces: <str>
      underlay_port_channel_interfaces: <str>
      mlag_ethernet_interfaces: <str>
      mlag_port_channel_interfaces: <str>
      connected_endpoints_ethernet_interfaces: <str>
      connected_endpoints_port_channel_interfaces: <str>
      overlay_loopback_interface: <str>
      vtep_loopback_interface: <str>

Context for ip_addressing templates

To help calculate the custom IP addressing, the following contextual variables are available to the custom templates:

router_id:

  • {{ switch_id }}
  • {{ loopback_ipv4_pool }}
  • {{ loopback_ipv4_offset }}
  • All group/hostvars

mlag_ip_primary & mlag_ip_secondary:

  • {{ mlag_primary_id }}
  • {{ mlag_secondary_id }}
  • {{ switch_data.combined.mlag_peer_ipv4_pool }}
  • All group/hostvars

mlag_l3_ip_primary & mlag_l3_ip_secondary:

  • {{ mlag_primary_id }}
  • {{ mlag_secondary_id }}
  • {{ switch_data.combined.mlag_peer_l3_ipv4_pool }}
  • All group/hostvars

p2p_uplinks_ip & p2p_uplinks_peer_ip:

  • {{ switch.uplink_ipv4_pool }}
  • {{ switch.id }}
  • {{ switch.max_uplink_switches }}
  • {{ switch.max_parallel_uplinks }}
  • {{ uplink_switch_index }}
  • All group/hostvars

vtep_ip_mlag:

  • {{ switch_vtep_loopback_ipv4_pool }}
  • {{ mlag_primary_id }}
  • {{ loopback_ipv4_offset }}
  • All group/hostvars

vtep_ip:

  • {{ switch_vtep_loopback_ipv4_pool }}
  • {{ switch_id }}
  • {{ loopback_ipv4_offset }}
  • All group/hostvars

While all templates can leverage the internal switch facts (switch.*) to customize the interface descriptions, the values are not part of the officially supported data models, and may change without notice.

Context for interface_descriptions templates

To help format the custom interface descriptions, the following contextual variables are available to the custom templates:

underlay_ethernet_interfaces:

  • {{ link.peer }}
  • {{ link.peer_interface }}
  • {{ link.type }} (underlay_p2p or underlay_l2)
  • All group/hostvars

underlay_port_channel_interfaces:

  • {{ link.channel_description }}
  • {{ link.channel_group_id }}
  • {{ link.peer_channel_group_id }}
  • All group/hostvars

mlag_ethernet_interfaces:

  • {{ mlag_interface }}
  • {{ mlag_peer }}
  • All group/hostvars

mlag_port_channel_interfaces:

  • {{ mlag_interfaces }}
  • {{ mlag_peer }}
  • All group/hostvars

connected_endpoints_ethernet_interfaces:

  • {{ peer }}
  • {{ peer_interface }}
  • All group/hostvars

connected_endpoints_port_channel_interfaces:

  • {{ peer }}
  • {{ adapter_port_channel_description }}
  • All group/hostvars

While all templates can leverage the internal switch facts (switch.*) to customize the interface descriptions, the values are not part of the officially supported data models and may change without notice.

Type setting

  • The type: variable needs to be defined for each device in the fabric.
  • This is leveraged to load the appropriate settings to generate the configuration.

Tip

The node type setting can be automatically derived from a switch name by defining the patterns in the default_node_types data model.

Type setting example
# Defined in SPINE.yml file
# Can also be set directly in your inventory file under spine group
type: spine

# Defined in L3LEAFS.yml
# Can also be set directly in your inventory file under l3leaf group
type: l3leaf

# Defined in L2LEAFS.yml
# Can also be set directly in your inventory file under l2leaf group
type: l2leaf

# Defined in SUPER-SPINES.yml
# Can also be set directly in your inventory file under super-spine group
type: super-spine

# Defined in ROUTE-SERVERS.yml
# Can also be set directly in your inventory file under route-server group
type: overlay-controller
Variable Type Required Default Value Restrictions Description
type String Valid Values:
-
The type: variable needs to be defined for each device in the fabric.
This is leveraged to load the appropriate template to generate the configuration.
type: <str>

Default node types settings

Node types can be defined statically on each node or in each group of nodes. By leveraging default_node_types, regular expressions can be used to determine the node type based on the hostname.

Warning

Please note that using the default_node_types functionality will cause certain tests in the eos_validate_state role to not be executed. This functionality will be restored as part of a later update to eos_validate_state and this note will then be removed.

Variable Type Required Default Value Restrictions Description
default_node_types List, items: Dictionary Uses hostname matches against a regular expression to determine the node type.
  - node_type String Required, Unique Resulting node type when regex matches.
    match_hostnames List, items: String Required Regular expressions to match against hostnames.
      - <str> String Required Regex needs to match full hostname (i.e. is bounded by ^ and $ elements).
default_node_types:
  - node_type: <str>
    match_hostnames:
      - <str>

Node type settings

Node type settings are defined under the node_type_keys.key i.e spine:, l3leaf:, l2leaf: to configure management, underlay, overlay functionality.

Node type structure

All node types have the same structure based on defaults, node_group, node_group.node, node and all variables can be defined in any section and support inheritance like this:

Under node_type_keys.key:

defaults <- node_group <- node_group.node <- node

Tip

Define common node settings under defaults. This reduces user input requirements, limiting errors.

Variable Type Required Default Value Restrictions Description
<node_type_keys.key> Dictionary
  defaults Dictionary Define variables for all nodes of this type.
  node_groups List, items: Dictionary Define variables related to all nodes part of this group.
    - group String Required, Unique The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’.
The Node Group Name is also used for peer description on downstream switches’ uplinks.
      nodes List, items: Dictionary Define variables per node.
        - name String Required, Unique The Node Name is used as “hostname”.
  nodes List, items: Dictionary Define variables per node.
    - name String Required, Unique The Node Name is used as “hostname”.
<node_type_keys.key>:
  defaults:
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
  nodes:
    - name: <str>

Node type common configuration

Define your nodes, id, management and common configuration elements.

Tip

If a node is not deployed, leverage is_deployed: false to indicate the node as offline.

Info

A static unique identifier (id) is assigned to each device. This is leveraged to derive the IP address assignment from each summary defined in the Fabric Underlay and Overlay Topology Variables.

Variable Type Required Default Value Restrictions Description
<node_type_keys.key> Dictionary
  defaults Dictionary Define variables for all nodes of this type.
    id Integer Unique identifier used for IP addressing and other algorithms.
    platform String Arista platform family.
    mac_address String Leverage to document management interface mac address.
    system_mac_address String System MAC Address in this following format: “xx:xx:xx:xx:xx:xx”.
Set to the same MAC address as available in “show version” on the device.
“system_mac_address” can also be set directly as a hostvar.
If both are set, the setting under node type settings takes precedence.
    serial_number String Set to the Serial Number of the device.
Only used for documentation purpose in the fabric documentation and part of the structured_config.
“serial_number” can also be set directly as a hostvar.
If both are set, the setting under node type settings takes precedence.
    rack String Rack that the switch is located in (only used in snmp_settings location).
    mgmt_ip String Format: cidr Node management interface IPv4 address.
    ipv6_mgmt_ip String Format: cidr Node management interface IPv6 address.
    mgmt_interface String Management Interface Name.
Default -> platform_management_interface -> mgmt_interface -> “Management1”.
    lacp_port_id_range Dictionary This will generate the “lacp port-id range”, “begin” and “end” values based on node “id” and the number of nodes in the “node_group”.
Unique LACP port-id ranges are recommended for EVPN Multihoming designs.
      enabled Boolean False
      size Integer 128 Recommended size > = number of ports in the switch.
      offset Integer 0 Offset is used to avoid overlapping port-id ranges of different switches.
Useful when a “connected-endpoint” is connected to switches in different “node_groups”.
    always_configure_ip_routing Boolean False Force configuration of “ip routing” even on L2 devices.
Use this to retain behavior of AVD versions below 4.0.0.
    raw_eos_cli String EOS CLI rendered directly on the root level of the final EOS configuration.
    structured_config Dictionary Custom structured config for eos_cli_config_gen.
  node_groups List, items: Dictionary Define variables related to all nodes part of this group.
    - group String Required, Unique The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’.
The Node Group Name is also used for peer description on downstream switches’ uplinks.
      nodes List, items: Dictionary Define variables per node.
        - name String Required, Unique The Node Name is used as “hostname”.
          id Integer Unique identifier used for IP addressing and other algorithms.
          platform String Arista platform family.
          mac_address String Leverage to document management interface mac address.
          system_mac_address String System MAC Address in this following format: “xx:xx:xx:xx:xx:xx”.
Set to the same MAC address as available in “show version” on the device.
“system_mac_address” can also be set directly as a hostvar.
If both are set, the setting under node type settings takes precedence.
          serial_number String Set to the Serial Number of the device.
Only used for documentation purpose in the fabric documentation and part of the structured_config.
“serial_number” can also be set directly as a hostvar.
If both are set, the setting under node type settings takes precedence.
          rack String Rack that the switch is located in (only used in snmp_settings location).
          mgmt_ip String Format: cidr Node management interface IPv4 address.
          ipv6_mgmt_ip String Format: cidr Node management interface IPv6 address.
          mgmt_interface String Management Interface Name.
Default -> platform_management_interface -> mgmt_interface -> “Management1”.
          lacp_port_id_range Dictionary This will generate the “lacp port-id range”, “begin” and “end” values based on node “id” and the number of nodes in the “node_group”.
Unique LACP port-id ranges are recommended for EVPN Multihoming designs.
            enabled Boolean False
            size Integer 128 Recommended size > = number of ports in the switch.
            offset Integer 0 Offset is used to avoid overlapping port-id ranges of different switches.
Useful when a “connected-endpoint” is connected to switches in different “node_groups”.
          always_configure_ip_routing Boolean False Force configuration of “ip routing” even on L2 devices.
Use this to retain behavior of AVD versions below 4.0.0.
          raw_eos_cli String EOS CLI rendered directly on the root level of the final EOS configuration.
          structured_config Dictionary Custom structured config for eos_cli_config_gen.
      id Integer Unique identifier used for IP addressing and other algorithms.
      platform String Arista platform family.
      mac_address String Leverage to document management interface mac address.
      system_mac_address String System MAC Address in this following format: “xx:xx:xx:xx:xx:xx”.
Set to the same MAC address as available in “show version” on the device.
“system_mac_address” can also be set directly as a hostvar.
If both are set, the setting under node type settings takes precedence.
      serial_number String Set to the Serial Number of the device.
Only used for documentation purpose in the fabric documentation and part of the structured_config.
“serial_number” can also be set directly as a hostvar.
If both are set, the setting under node type settings takes precedence.
      rack String Rack that the switch is located in (only used in snmp_settings location).
      mgmt_ip String Format: cidr Node management interface IPv4 address.
      ipv6_mgmt_ip String Format: cidr Node management interface IPv6 address.
      mgmt_interface String Management Interface Name.
Default -> platform_management_interface -> mgmt_interface -> “Management1”.
      lacp_port_id_range Dictionary This will generate the “lacp port-id range”, “begin” and “end” values based on node “id” and the number of nodes in the “node_group”.
Unique LACP port-id ranges are recommended for EVPN Multihoming designs.
        enabled Boolean False
        size Integer 128 Recommended size > = number of ports in the switch.
        offset Integer 0 Offset is used to avoid overlapping port-id ranges of different switches.
Useful when a “connected-endpoint” is connected to switches in different “node_groups”.
      always_configure_ip_routing Boolean False Force configuration of “ip routing” even on L2 devices.
Use this to retain behavior of AVD versions below 4.0.0.
      raw_eos_cli String EOS CLI rendered directly on the root level of the final EOS configuration.
      structured_config Dictionary Custom structured config for eos_cli_config_gen.
  nodes List, items: Dictionary Define variables per node.
    - name String Required, Unique The Node Name is used as “hostname”.
      id Integer Unique identifier used for IP addressing and other algorithms.
      platform String Arista platform family.
      mac_address String Leverage to document management interface mac address.
      system_mac_address String System MAC Address in this following format: “xx:xx:xx:xx:xx:xx”.
Set to the same MAC address as available in “show version” on the device.
“system_mac_address” can also be set directly as a hostvar.
If both are set, the setting under node type settings takes precedence.
      serial_number String Set to the Serial Number of the device.
Only used for documentation purpose in the fabric documentation and part of the structured_config.
“serial_number” can also be set directly as a hostvar.
If both are set, the setting under node type settings takes precedence.
      rack String Rack that the switch is located in (only used in snmp_settings location).
      mgmt_ip String Format: cidr Node management interface IPv4 address.
      ipv6_mgmt_ip String Format: cidr Node management interface IPv6 address.
      mgmt_interface String Management Interface Name.
Default -> platform_management_interface -> mgmt_interface -> “Management1”.
      lacp_port_id_range Dictionary This will generate the “lacp port-id range”, “begin” and “end” values based on node “id” and the number of nodes in the “node_group”.
Unique LACP port-id ranges are recommended for EVPN Multihoming designs.
        enabled Boolean False
        size Integer 128 Recommended size > = number of ports in the switch.
        offset Integer 0 Offset is used to avoid overlapping port-id ranges of different switches.
Useful when a “connected-endpoint” is connected to switches in different “node_groups”.
      always_configure_ip_routing Boolean False Force configuration of “ip routing” even on L2 devices.
Use this to retain behavior of AVD versions below 4.0.0.
      raw_eos_cli String EOS CLI rendered directly on the root level of the final EOS configuration.
      structured_config Dictionary Custom structured config for eos_cli_config_gen.
<node_type_keys.key>:
  defaults:
    id: <int>
    platform: <str>
    mac_address: <str>
    system_mac_address: <str>
    serial_number: <str>
    rack: <str>
    mgmt_ip: <str>
    ipv6_mgmt_ip: <str>
    mgmt_interface: <str>
    lacp_port_id_range:
      enabled: <bool>
      size: <int>
      offset: <int>
    always_configure_ip_routing: <bool>
    raw_eos_cli: <str>
    structured_config: <dict>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          id: <int>
          platform: <str>
          mac_address: <str>
          system_mac_address: <str>
          serial_number: <str>
          rack: <str>
          mgmt_ip: <str>
          ipv6_mgmt_ip: <str>
          mgmt_interface: <str>
          lacp_port_id_range:
            enabled: <bool>
            size: <int>
            offset: <int>
          always_configure_ip_routing: <bool>
          raw_eos_cli: <str>
          structured_config: <dict>
      id: <int>
      platform: <str>
      mac_address: <str>
      system_mac_address: <str>
      serial_number: <str>
      rack: <str>
      mgmt_ip: <str>
      ipv6_mgmt_ip: <str>
      mgmt_interface: <str>
      lacp_port_id_range:
        enabled: <bool>
        size: <int>
        offset: <int>
      always_configure_ip_routing: <bool>
      raw_eos_cli: <str>
      structured_config: <dict>
  nodes:
    - name: <str>
      id: <int>
      platform: <str>
      mac_address: <str>
      system_mac_address: <str>
      serial_number: <str>
      rack: <str>
      mgmt_ip: <str>
      ipv6_mgmt_ip: <str>
      mgmt_interface: <str>
      lacp_port_id_range:
        enabled: <bool>
        size: <int>
        offset: <int>
      always_configure_ip_routing: <bool>
      raw_eos_cli: <str>
      structured_config: <dict>

Node type inband management

Variable Type Required Default Value Restrictions Description
<node_type_keys.key> Dictionary
  defaults Dictionary Define variables for all nodes of this type.
    inband_mgmt_interface String Pointer to interface used for inband management.
All configuration must be done using other data models like network services or structured_config.
‘inband_mgmt_interface’ is only used to refer to this interface as source in various management protocol settings (future feature).

On L2 switches, this defaults to Vlan if either ‘inband_mgmt_subnet’ or ‘inband_mgmt_ip’ is set.
    inband_mgmt_vlan Integer 4092 VLAN number used for inband management on L2 switches (switches using port-channel trunks as uplinks).
When using ‘inband_mgmt_subnet’ the VLAN and SVIs will be created automatically on this switch as well as all ‘uplink_switches’.
When using ‘inband_mgmt_ip’ the VLAN and SVI will only be created on this device and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models.
    inband_mgmt_subnet String Format: ipv4_cidr Optional IP subnet assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks).
Parent l3leafs will have SVI with “ip virtual-router” and host-route injection based on ARP.
This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension.
SVI IP address will be assigned as follows:
virtual-router: + 1
l3leaf A : + 2 (same IP on all l3leaf A)
l3leaf B : + 3 (same IP on all l3leaf B)
l2leafs : + 3 +
GW on l2leafs : + 1
Assign range larger than total l2leafs + 5

Setting is ignored if ‘inband_mgmt_ip’ is set.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
    inband_mgmt_ip String Format: ipv4_cidr IP address assigned to the inband management interface set with ‘inband_mgmt_vlan’.
This overrides ‘inband_mgmt_subnet’, hence all behavior of ‘inband_mgmt_subnet’ is removed.

If this is set the VLAN and SVI will only be created on the L2 switch and added to uplink trunk.
The VLAN and SVI on the parent switches must be created using network services data models.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
    inband_mgmt_gateway String Format: ipv4 Default gateway configured in the ‘inband_mgmt_vrf’ when using ‘inband_mgmt_ip’. Otherwise gateway is derived from ‘inband_mgmt_subnet’ if set.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
    inband_mgmt_description String Inband Management Description configured on the Inband Management SVI.

This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
    inband_mgmt_vlan_name String Inband Management Name configured on the Inband Management VLAN.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
    inband_mgmt_vrf String default VRF configured on the Inband Management Interface.
The VRF is created if not already created by other means.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
    inband_mgmt_mtu Integer 1500 MTU configured on the Inband Management Interface.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
    inband_management_subnet deprecated String Format: ipv4_cidr Optional IP subnet assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks).
Parent l3leafs will have SVI with “ip virtual-router” and host-route injection based on ARP.
This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension.
SVI IP address will be assigned as follows:
virtual-router: + 1
l3leaf A : + 2 (same IP on all l3leaf A)
l3leaf B : + 3 (same IP on all l3leaf B)
l2leafs : + 3 +
GW on l2leafs : + 1
Assign range larger than total l2leafs + 5

Setting is ignored if ‘inband_mgmt_ip’ is set.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
This key is deprecated. Support will be removed in AVD version 5.0.0. Use inband_mgmt_subnet instead.
    inband_management_vlan deprecated Integer 4092 VLAN number used for inband management on L2 switches (switches using port-channel trunks as uplinks).
When using ‘inband_mgmt_subnet’ the VLAN and SVIs will be created automatically on this switch as well as all ‘uplink_switches’.
When using ‘inband_mgmt_ip’ the VLAN and SVI will only be created on this device and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models.This key is deprecated. Support will be removed in AVD version 5.0.0. Use inband_mgmt_vlan instead.
  node_groups List, items: Dictionary Define variables related to all nodes part of this group.
    - group String Required, Unique The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’.
The Node Group Name is also used for peer description on downstream switches’ uplinks.
      nodes List, items: Dictionary Define variables per node.
        - name String Required, Unique The Node Name is used as “hostname”.
          inband_mgmt_interface String Pointer to interface used for inband management.
All configuration must be done using other data models like network services or structured_config.
‘inband_mgmt_interface’ is only used to refer to this interface as source in various management protocol settings (future feature).

On L2 switches, this defaults to Vlan if either ‘inband_mgmt_subnet’ or ‘inband_mgmt_ip’ is set.
          inband_mgmt_vlan Integer 4092 VLAN number used for inband management on L2 switches (switches using port-channel trunks as uplinks).
When using ‘inband_mgmt_subnet’ the VLAN and SVIs will be created automatically on this switch as well as all ‘uplink_switches’.
When using ‘inband_mgmt_ip’ the VLAN and SVI will only be created on this device and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models.
          inband_mgmt_subnet String Format: ipv4_cidr Optional IP subnet assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks).
Parent l3leafs will have SVI with “ip virtual-router” and host-route injection based on ARP.
This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension.
SVI IP address will be assigned as follows:
virtual-router: + 1
l3leaf A : + 2 (same IP on all l3leaf A)
l3leaf B : + 3 (same IP on all l3leaf B)
l2leafs : + 3 +
GW on l2leafs : + 1
Assign range larger than total l2leafs + 5

Setting is ignored if ‘inband_mgmt_ip’ is set.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
          inband_mgmt_ip String Format: ipv4_cidr IP address assigned to the inband management interface set with ‘inband_mgmt_vlan’.
This overrides ‘inband_mgmt_subnet’, hence all behavior of ‘inband_mgmt_subnet’ is removed.

If this is set the VLAN and SVI will only be created on the L2 switch and added to uplink trunk.
The VLAN and SVI on the parent switches must be created using network services data models.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
          inband_mgmt_gateway String Format: ipv4 Default gateway configured in the ‘inband_mgmt_vrf’ when using ‘inband_mgmt_ip’. Otherwise gateway is derived from ‘inband_mgmt_subnet’ if set.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
          inband_mgmt_description String Inband Management Description configured on the Inband Management SVI.

This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
          inband_mgmt_vlan_name String Inband Management Name configured on the Inband Management VLAN.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
          inband_mgmt_vrf String default VRF configured on the Inband Management Interface.
The VRF is created if not already created by other means.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
          inband_mgmt_mtu Integer 1500 MTU configured on the Inband Management Interface.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
          inband_management_subnet deprecated String Format: ipv4_cidr Optional IP subnet assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks).
Parent l3leafs will have SVI with “ip virtual-router” and host-route injection based on ARP.
This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension.
SVI IP address will be assigned as follows:
virtual-router: + 1
l3leaf A : + 2 (same IP on all l3leaf A)
l3leaf B : + 3 (same IP on all l3leaf B)
l2leafs : + 3 +
GW on l2leafs : + 1
Assign range larger than total l2leafs + 5

Setting is ignored if ‘inband_mgmt_ip’ is set.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
This key is deprecated. Support will be removed in AVD version 5.0.0. Use inband_mgmt_subnet instead.
          inband_management_vlan deprecated Integer 4092 VLAN number used for inband management on L2 switches (switches using port-channel trunks as uplinks).
When using ‘inband_mgmt_subnet’ the VLAN and SVIs will be created automatically on this switch as well as all ‘uplink_switches’.
When using ‘inband_mgmt_ip’ the VLAN and SVI will only be created on this device and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models.This key is deprecated. Support will be removed in AVD version 5.0.0. Use inband_mgmt_vlan instead.
      inband_mgmt_interface String Pointer to interface used for inband management.
All configuration must be done using other data models like network services or structured_config.
‘inband_mgmt_interface’ is only used to refer to this interface as source in various management protocol settings (future feature).

On L2 switches, this defaults to Vlan if either ‘inband_mgmt_subnet’ or ‘inband_mgmt_ip’ is set.
      inband_mgmt_vlan Integer 4092 VLAN number used for inband management on L2 switches (switches using port-channel trunks as uplinks).
When using ‘inband_mgmt_subnet’ the VLAN and SVIs will be created automatically on this switch as well as all ‘uplink_switches’.
When using ‘inband_mgmt_ip’ the VLAN and SVI will only be created on this device and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models.
      inband_mgmt_subnet String Format: ipv4_cidr Optional IP subnet assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks).
Parent l3leafs will have SVI with “ip virtual-router” and host-route injection based on ARP.
This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension.
SVI IP address will be assigned as follows:
virtual-router: + 1
l3leaf A : + 2 (same IP on all l3leaf A)
l3leaf B : + 3 (same IP on all l3leaf B)
l2leafs : + 3 +
GW on l2leafs : + 1
Assign range larger than total l2leafs + 5

Setting is ignored if ‘inband_mgmt_ip’ is set.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
      inband_mgmt_ip String Format: ipv4_cidr IP address assigned to the inband management interface set with ‘inband_mgmt_vlan’.
This overrides ‘inband_mgmt_subnet’, hence all behavior of ‘inband_mgmt_subnet’ is removed.

If this is set the VLAN and SVI will only be created on the L2 switch and added to uplink trunk.
The VLAN and SVI on the parent switches must be created using network services data models.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
      inband_mgmt_gateway String Format: ipv4 Default gateway configured in the ‘inband_mgmt_vrf’ when using ‘inband_mgmt_ip’. Otherwise gateway is derived from ‘inband_mgmt_subnet’ if set.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
      inband_mgmt_description String Inband Management Description configured on the Inband Management SVI.

This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
      inband_mgmt_vlan_name String Inband Management Name configured on the Inband Management VLAN.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
      inband_mgmt_vrf String default VRF configured on the Inband Management Interface.
The VRF is created if not already created by other means.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
      inband_mgmt_mtu Integer 1500 MTU configured on the Inband Management Interface.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
      inband_management_subnet deprecated String Format: ipv4_cidr Optional IP subnet assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks).
Parent l3leafs will have SVI with “ip virtual-router” and host-route injection based on ARP.
This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension.
SVI IP address will be assigned as follows:
virtual-router: + 1
l3leaf A : + 2 (same IP on all l3leaf A)
l3leaf B : + 3 (same IP on all l3leaf B)
l2leafs : + 3 +
GW on l2leafs : + 1
Assign range larger than total l2leafs + 5

Setting is ignored if ‘inband_mgmt_ip’ is set.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
This key is deprecated. Support will be removed in AVD version 5.0.0. Use inband_mgmt_subnet instead.
      inband_management_vlan deprecated Integer 4092 VLAN number used for inband management on L2 switches (switches using port-channel trunks as uplinks).
When using ‘inband_mgmt_subnet’ the VLAN and SVIs will be created automatically on this switch as well as all ‘uplink_switches’.
When using ‘inband_mgmt_ip’ the VLAN and SVI will only be created on this device and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models.This key is deprecated. Support will be removed in AVD version 5.0.0. Use inband_mgmt_vlan instead.
  nodes List, items: Dictionary Define variables per node.
    - name String Required, Unique The Node Name is used as “hostname”.
      inband_mgmt_interface String Pointer to interface used for inband management.
All configuration must be done using other data models like network services or structured_config.
‘inband_mgmt_interface’ is only used to refer to this interface as source in various management protocol settings (future feature).

On L2 switches, this defaults to Vlan if either ‘inband_mgmt_subnet’ or ‘inband_mgmt_ip’ is set.
      inband_mgmt_vlan Integer 4092 VLAN number used for inband management on L2 switches (switches using port-channel trunks as uplinks).
When using ‘inband_mgmt_subnet’ the VLAN and SVIs will be created automatically on this switch as well as all ‘uplink_switches’.
When using ‘inband_mgmt_ip’ the VLAN and SVI will only be created on this device and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models.
      inband_mgmt_subnet String Format: ipv4_cidr Optional IP subnet assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks).
Parent l3leafs will have SVI with “ip virtual-router” and host-route injection based on ARP.
This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension.
SVI IP address will be assigned as follows:
virtual-router: + 1
l3leaf A : + 2 (same IP on all l3leaf A)
l3leaf B : + 3 (same IP on all l3leaf B)
l2leafs : + 3 +
GW on l2leafs : + 1
Assign range larger than total l2leafs + 5

Setting is ignored if ‘inband_mgmt_ip’ is set.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
      inband_mgmt_ip String Format: ipv4_cidr IP address assigned to the inband management interface set with ‘inband_mgmt_vlan’.
This overrides ‘inband_mgmt_subnet’, hence all behavior of ‘inband_mgmt_subnet’ is removed.

If this is set the VLAN and SVI will only be created on the L2 switch and added to uplink trunk.
The VLAN and SVI on the parent switches must be created using network services data models.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
      inband_mgmt_gateway String Format: ipv4 Default gateway configured in the ‘inband_mgmt_vrf’ when using ‘inband_mgmt_ip’. Otherwise gateway is derived from ‘inband_mgmt_subnet’ if set.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
      inband_mgmt_description String Inband Management Description configured on the Inband Management SVI.

This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
      inband_mgmt_vlan_name String Inband Management Name configured on the Inband Management VLAN.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
      inband_mgmt_vrf String default VRF configured on the Inband Management Interface.
The VRF is created if not already created by other means.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
      inband_mgmt_mtu Integer 1500 MTU configured on the Inband Management Interface.
This setting is only applied on the devices where it is set, it does not automatically affect any parent/child devices configuration, so it must be set on each applicable node/node-group/node-type as needed.
      inband_management_subnet deprecated String Format: ipv4_cidr Optional IP subnet assigned to inband management SVIs on L2 switches (switches using port-channels as uplinks).
Parent l3leafs will have SVI with “ip virtual-router” and host-route injection based on ARP.
This allows all l3leafs to reuse the same subnet across multiple racks without VXLAN extension.
SVI IP address will be assigned as follows:
virtual-router: + 1
l3leaf A : + 2 (same IP on all l3leaf A)
l3leaf B : + 3 (same IP on all l3leaf B)
l2leafs : + 3 +
GW on l2leafs : + 1
Assign range larger than total l2leafs + 5

Setting is ignored if ‘inband_mgmt_ip’ is set.

This setting is applicable to L2 switches (switches using port-channel trunks as uplinks).
This key is deprecated. Support will be removed in AVD version 5.0.0. Use inband_mgmt_subnet instead.
      inband_management_vlan deprecated Integer 4092 VLAN number used for inband management on L2 switches (switches using port-channel trunks as uplinks).
When using ‘inband_mgmt_subnet’ the VLAN and SVIs will be created automatically on this switch as well as all ‘uplink_switches’.
When using ‘inband_mgmt_ip’ the VLAN and SVI will only be created on this device and added to uplink trunk. The VLAN and SVI on the parent switches must be created using network services data models.This key is deprecated. Support will be removed in AVD version 5.0.0. Use inband_mgmt_vlan instead.
<node_type_keys.key>:
  defaults:
    inband_mgmt_interface: <str>
    inband_mgmt_vlan: <int>
    inband_mgmt_subnet: <str>
    inband_mgmt_ip: <str>
    inband_mgmt_gateway: <str>
    inband_mgmt_description: <str>
    inband_mgmt_vlan_name: <str>
    inband_mgmt_vrf: <str>
    inband_mgmt_mtu: <int>
    inband_management_subnet: <str>
    inband_management_vlan: <int>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          inband_mgmt_interface: <str>
          inband_mgmt_vlan: <int>
          inband_mgmt_subnet: <str>
          inband_mgmt_ip: <str>
          inband_mgmt_gateway: <str>
          inband_mgmt_description: <str>
          inband_mgmt_vlan_name: <str>
          inband_mgmt_vrf: <str>
          inband_mgmt_mtu: <int>
          inband_management_subnet: <str>
          inband_management_vlan: <int>
      inband_mgmt_interface: <str>
      inband_mgmt_vlan: <int>
      inband_mgmt_subnet: <str>
      inband_mgmt_ip: <str>
      inband_mgmt_gateway: <str>
      inband_mgmt_description: <str>
      inband_mgmt_vlan_name: <str>
      inband_mgmt_vrf: <str>
      inband_mgmt_mtu: <int>
      inband_management_subnet: <str>
      inband_management_vlan: <int>
  nodes:
    - name: <str>
      inband_mgmt_interface: <str>
      inband_mgmt_vlan: <int>
      inband_mgmt_subnet: <str>
      inband_mgmt_ip: <str>
      inband_mgmt_gateway: <str>
      inband_mgmt_description: <str>
      inband_mgmt_vlan_name: <str>
      inband_mgmt_vrf: <str>
      inband_mgmt_mtu: <int>
      inband_management_subnet: <str>
      inband_management_vlan: <int>

Connectivity is defined from the child’s device perspective. Source uplink interfaces and parent interfaces are defined on the child.

Tip

Leverage default_interfaces data model to auto define uplink and downlink interfaces based on the node id.

Variable Type Required Default Value Restrictions Description
<node_type_keys.key> Dictionary
  defaults Dictionary Define variables for all nodes of this type.
    link_tracking Dictionary This configures the Link Tracking Group on a switch as well as adds the p2p-uplinks of the switch as the upstream interfaces.
Useful in EVPN multhoming designs.
      enabled Boolean False
      groups List, items: Dictionary [{'name': 'LT_GROUP1'}] Link Tracking Groups.
By default a single group named “LT_GROUP1” is defined with default values.
Any groups defined under “groups” will replace the default.
        - name String Tracking group name.
          recovery_delay Integer Min: 0
Max: 3600
default -> platform_settings_mlag_reload_delay -> 300.
          links_minimum Integer Min: 1
Max: 100000
    uplink_ipv4_pool String Format: ipv4_cidr IPv4 subnet to use to connect to uplink switches.
    uplink_interfaces List, items: String Local uplink interfaces
Each list item supports range syntax that can be expanded into a list of interfaces.
If uplink_interfaces is not defined, platform-specific defaults (defined under default_interfaces) will be used instead.
Please note that default_interfaces are not defined by default, you should define these yourself.
      - <str> String Pattern: Ethernet[\d/]+
    uplink_switch_interfaces List, items: String Interfaces located on uplink switches.
      - <str> String Pattern: Ethernet[\d/]+
    uplink_switches List, items: String
      - <str> String Required Hostname of uplink switch.
If parallel uplinks are in use, update max_parallel_uplinks below and specify each uplink switch multiple times.
e.g. uplink_switches: [ ‘DC1-SPINE1’, ‘DC1-SPINE1’, ‘DC1-SPINE2’, ‘DC1-SPINE2’ ].
    uplink_interface_speed String Set point-to-Point interface speed and will apply to uplink interfaces on both ends.
interface_speed or forced interface_speed or auto interface_speed.
    max_uplink_switches Integer Maximum number of uplink switches.
Changing this value may change IP Addressing on uplinks.
Can be used to reserve IP space for future expansions.
    max_parallel_uplinks Integer Number of parallel links towards uplink switches.
Changing this value may change interface naming on uplinks (and corresponding downlinks).
Can be used to reserve interfaces for future parallel uplinks.
    uplink_bfd Boolean False Enable bfd on uplink interfaces.
    uplink_native_vlan Integer Min: 1
Max: 4094
Only applicable to switches with layer-2 port-channel uplinks.
A suspended (disabled) vlan will be created in both ends of the link unless the vlan is defined under network services.
By default the uplink will not have a native_vlan configured, so EOS defaults to vlan 1.
    uplink_ptp Dictionary Enable PTP on all infrastructure links.
      enable Boolean False
    uplink_macsec Dictionary Enable MacSec on all uplinks.
      profile String
    uplink_structured_config Dictionary Custom structured config applied to “uplink_interfaces”, and “uplink_switch_interfaces”.
When uplink_type == “p2p”, custom structured config added under ethernet_interfaces.[name=] for eos_cli_config_gen overrides the settings on the ethernet interface level.
When uplink_type == “port-channel”, custom structured config added under port_channel_interfaces.[name=] for eos_cli_config_gen overrides the settings on the port-channel interface level.
“uplink_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
Note! The content of this dictionary is not validated by the schema, since it can be either ethernet_interfaces or port_channel_interfaces.
    short_esi String short_esi only valid for l2leaf devices using port-channel uplink.
Setting short_esi to “auto” generates the short_esi automatically using a hash of configuration elements.
< 0000:0000:0000
  node_groups List, items: Dictionary Define variables related to all nodes part of this group.
    - group String Required, Unique The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’.
The Node Group Name is also used for peer description on downstream switches’ uplinks.
      nodes List, items: Dictionary Define variables per node.
        - name String Required, Unique The Node Name is used as “hostname”.
          link_tracking Dictionary This configures the Link Tracking Group on a switch as well as adds the p2p-uplinks of the switch as the upstream interfaces.
Useful in EVPN multhoming designs.
            enabled Boolean False
            groups List, items: Dictionary [{'name': 'LT_GROUP1'}] Link Tracking Groups.
By default a single group named “LT_GROUP1” is defined with default values.
Any groups defined under “groups” will replace the default.
              - name String Tracking group name.
                recovery_delay Integer Min: 0
Max: 3600
default -> platform_settings_mlag_reload_delay -> 300.
                links_minimum Integer Min: 1
Max: 100000
          uplink_ipv4_pool String Format: ipv4_cidr IPv4 subnet to use to connect to uplink switches.
          uplink_interfaces List, items: String Local uplink interfaces
Each list item supports range syntax that can be expanded into a list of interfaces.
If uplink_interfaces is not defined, platform-specific defaults (defined under default_interfaces) will be used instead.
Please note that default_interfaces are not defined by default, you should define these yourself.
            - <str> String Pattern: Ethernet[\d/]+
          uplink_switch_interfaces List, items: String Interfaces located on uplink switches.
            - <str> String Pattern: Ethernet[\d/]+
          uplink_switches List, items: String
            - <str> String Required Hostname of uplink switch.
If parallel uplinks are in use, update max_parallel_uplinks below and specify each uplink switch multiple times.
e.g. uplink_switches: [ ‘DC1-SPINE1’, ‘DC1-SPINE1’, ‘DC1-SPINE2’, ‘DC1-SPINE2’ ].
          uplink_interface_speed String Set point-to-Point interface speed and will apply to uplink interfaces on both ends.
interface_speed or forced interface_speed or auto interface_speed.
          max_uplink_switches Integer Maximum number of uplink switches.
Changing this value may change IP Addressing on uplinks.
Can be used to reserve IP space for future expansions.
          max_parallel_uplinks Integer Number of parallel links towards uplink switches.
Changing this value may change interface naming on uplinks (and corresponding downlinks).
Can be used to reserve interfaces for future parallel uplinks.
          uplink_bfd Boolean False Enable bfd on uplink interfaces.
          uplink_native_vlan Integer Min: 1
Max: 4094
Only applicable to switches with layer-2 port-channel uplinks.
A suspended (disabled) vlan will be created in both ends of the link unless the vlan is defined under network services.
By default the uplink will not have a native_vlan configured, so EOS defaults to vlan 1.
          uplink_ptp Dictionary Enable PTP on all infrastructure links.
            enable Boolean False
          uplink_macsec Dictionary Enable MacSec on all uplinks.
            profile String
          uplink_structured_config Dictionary Custom structured config applied to “uplink_interfaces”, and “uplink_switch_interfaces”.
When uplink_type == “p2p”, custom structured config added under ethernet_interfaces.[name=] for eos_cli_config_gen overrides the settings on the ethernet interface level.
When uplink_type == “port-channel”, custom structured config added under port_channel_interfaces.[name=] for eos_cli_config_gen overrides the settings on the port-channel interface level.
“uplink_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
Note! The content of this dictionary is not validated by the schema, since it can be either ethernet_interfaces or port_channel_interfaces.
          short_esi String short_esi only valid for l2leaf devices using port-channel uplink.
Setting short_esi to “auto” generates the short_esi automatically using a hash of configuration elements.
< 0000:0000:0000
      link_tracking Dictionary This configures the Link Tracking Group on a switch as well as adds the p2p-uplinks of the switch as the upstream interfaces.
Useful in EVPN multhoming designs.
        enabled Boolean False
        groups List, items: Dictionary [{'name': 'LT_GROUP1'}] Link Tracking Groups.
By default a single group named “LT_GROUP1” is defined with default values.
Any groups defined under “groups” will replace the default.
          - name String Tracking group name.
            recovery_delay Integer Min: 0
Max: 3600
default -> platform_settings_mlag_reload_delay -> 300.
            links_minimum Integer Min: 1
Max: 100000
      uplink_ipv4_pool String Format: ipv4_cidr IPv4 subnet to use to connect to uplink switches.
      uplink_interfaces List, items: String Local uplink interfaces
Each list item supports range syntax that can be expanded into a list of interfaces.
If uplink_interfaces is not defined, platform-specific defaults (defined under default_interfaces) will be used instead.
Please note that default_interfaces are not defined by default, you should define these yourself.
        - <str> String Pattern: Ethernet[\d/]+
      uplink_switch_interfaces List, items: String Interfaces located on uplink switches.
        - <str> String Pattern: Ethernet[\d/]+
      uplink_switches List, items: String
        - <str> String Required Hostname of uplink switch.
If parallel uplinks are in use, update max_parallel_uplinks below and specify each uplink switch multiple times.
e.g. uplink_switches: [ ‘DC1-SPINE1’, ‘DC1-SPINE1’, ‘DC1-SPINE2’, ‘DC1-SPINE2’ ].
      uplink_interface_speed String Set point-to-Point interface speed and will apply to uplink interfaces on both ends.
interface_speed or forced interface_speed or auto interface_speed.
      max_uplink_switches Integer Maximum number of uplink switches.
Changing this value may change IP Addressing on uplinks.
Can be used to reserve IP space for future expansions.
      max_parallel_uplinks Integer Number of parallel links towards uplink switches.
Changing this value may change interface naming on uplinks (and corresponding downlinks).
Can be used to reserve interfaces for future parallel uplinks.
      uplink_bfd Boolean False Enable bfd on uplink interfaces.
      uplink_native_vlan Integer Min: 1
Max: 4094
Only applicable to switches with layer-2 port-channel uplinks.
A suspended (disabled) vlan will be created in both ends of the link unless the vlan is defined under network services.
By default the uplink will not have a native_vlan configured, so EOS defaults to vlan 1.
      uplink_ptp Dictionary Enable PTP on all infrastructure links.
        enable Boolean False
      uplink_macsec Dictionary Enable MacSec on all uplinks.
        profile String
      uplink_structured_config Dictionary Custom structured config applied to “uplink_interfaces”, and “uplink_switch_interfaces”.
When uplink_type == “p2p”, custom structured config added under ethernet_interfaces.[name=] for eos_cli_config_gen overrides the settings on the ethernet interface level.
When uplink_type == “port-channel”, custom structured config added under port_channel_interfaces.[name=] for eos_cli_config_gen overrides the settings on the port-channel interface level.
“uplink_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
Note! The content of this dictionary is not validated by the schema, since it can be either ethernet_interfaces or port_channel_interfaces.
      short_esi String short_esi only valid for l2leaf devices using port-channel uplink.
Setting short_esi to “auto” generates the short_esi automatically using a hash of configuration elements.
< 0000:0000:0000
  nodes List, items: Dictionary Define variables per node.
    - name String Required, Unique The Node Name is used as “hostname”.
      link_tracking Dictionary This configures the Link Tracking Group on a switch as well as adds the p2p-uplinks of the switch as the upstream interfaces.
Useful in EVPN multhoming designs.
        enabled Boolean False
        groups List, items: Dictionary [{'name': 'LT_GROUP1'}] Link Tracking Groups.
By default a single group named “LT_GROUP1” is defined with default values.
Any groups defined under “groups” will replace the default.
          - name String Tracking group name.
            recovery_delay Integer Min: 0
Max: 3600
default -> platform_settings_mlag_reload_delay -> 300.
            links_minimum Integer Min: 1
Max: 100000
      uplink_ipv4_pool String Format: ipv4_cidr IPv4 subnet to use to connect to uplink switches.
      uplink_interfaces List, items: String Local uplink interfaces
Each list item supports range syntax that can be expanded into a list of interfaces.
If uplink_interfaces is not defined, platform-specific defaults (defined under default_interfaces) will be used instead.
Please note that default_interfaces are not defined by default, you should define these yourself.
        - <str> String Pattern: Ethernet[\d/]+
      uplink_switch_interfaces List, items: String Interfaces located on uplink switches.
        - <str> String Pattern: Ethernet[\d/]+
      uplink_switches List, items: String
        - <str> String Required Hostname of uplink switch.
If parallel uplinks are in use, update max_parallel_uplinks below and specify each uplink switch multiple times.
e.g. uplink_switches: [ ‘DC1-SPINE1’, ‘DC1-SPINE1’, ‘DC1-SPINE2’, ‘DC1-SPINE2’ ].
      uplink_interface_speed String Set point-to-Point interface speed and will apply to uplink interfaces on both ends.
interface_speed or forced interface_speed or auto interface_speed.
      max_uplink_switches Integer Maximum number of uplink switches.
Changing this value may change IP Addressing on uplinks.
Can be used to reserve IP space for future expansions.
      max_parallel_uplinks Integer Number of parallel links towards uplink switches.
Changing this value may change interface naming on uplinks (and corresponding downlinks).
Can be used to reserve interfaces for future parallel uplinks.
      uplink_bfd Boolean False Enable bfd on uplink interfaces.
      uplink_native_vlan Integer Min: 1
Max: 4094
Only applicable to switches with layer-2 port-channel uplinks.
A suspended (disabled) vlan will be created in both ends of the link unless the vlan is defined under network services.
By default the uplink will not have a native_vlan configured, so EOS defaults to vlan 1.
      uplink_ptp Dictionary Enable PTP on all infrastructure links.
        enable Boolean False
      uplink_macsec Dictionary Enable MacSec on all uplinks.
        profile String
      uplink_structured_config Dictionary Custom structured config applied to “uplink_interfaces”, and “uplink_switch_interfaces”.
When uplink_type == “p2p”, custom structured config added under ethernet_interfaces.[name=] for eos_cli_config_gen overrides the settings on the ethernet interface level.
When uplink_type == “port-channel”, custom structured config added under port_channel_interfaces.[name=] for eos_cli_config_gen overrides the settings on the port-channel interface level.
“uplink_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
Note! The content of this dictionary is not validated by the schema, since it can be either ethernet_interfaces or port_channel_interfaces.
      short_esi String short_esi only valid for l2leaf devices using port-channel uplink.
Setting short_esi to “auto” generates the short_esi automatically using a hash of configuration elements.
< 0000:0000:0000
<node_type_keys.key>:
  defaults:
    link_tracking:
      enabled: <bool>
      groups:
        - name: <str>
          recovery_delay: <int>
          links_minimum: <int>
    uplink_ipv4_pool: <str>
    uplink_interfaces:
      - <str>
    uplink_switch_interfaces:
      - <str>
    uplink_switches:
      - <str>
    uplink_interface_speed: <str>
    max_uplink_switches: <int>
    max_parallel_uplinks: <int>
    uplink_bfd: <bool>
    uplink_native_vlan: <int>
    uplink_ptp:
      enable: <bool>
    uplink_macsec:
      profile: <str>
    uplink_structured_config: <dict>
    short_esi: <str>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          link_tracking:
            enabled: <bool>
            groups:
              - name: <str>
                recovery_delay: <int>
                links_minimum: <int>
          uplink_ipv4_pool: <str>
          uplink_interfaces:
            - <str>
          uplink_switch_interfaces:
            - <str>
          uplink_switches:
            - <str>
          uplink_interface_speed: <str>
          max_uplink_switches: <int>
          max_parallel_uplinks: <int>
          uplink_bfd: <bool>
          uplink_native_vlan: <int>
          uplink_ptp:
            enable: <bool>
          uplink_macsec:
            profile: <str>
          uplink_structured_config: <dict>
          short_esi: <str>
      link_tracking:
        enabled: <bool>
        groups:
          - name: <str>
            recovery_delay: <int>
            links_minimum: <int>
      uplink_ipv4_pool: <str>
      uplink_interfaces:
        - <str>
      uplink_switch_interfaces:
        - <str>
      uplink_switches:
        - <str>
      uplink_interface_speed: <str>
      max_uplink_switches: <int>
      max_parallel_uplinks: <int>
      uplink_bfd: <bool>
      uplink_native_vlan: <int>
      uplink_ptp:
        enable: <bool>
      uplink_macsec:
        profile: <str>
      uplink_structured_config: <dict>
      short_esi: <str>
  nodes:
    - name: <str>
      link_tracking:
        enabled: <bool>
        groups:
          - name: <str>
            recovery_delay: <int>
            links_minimum: <int>
      uplink_ipv4_pool: <str>
      uplink_interfaces:
        - <str>
      uplink_switch_interfaces:
        - <str>
      uplink_switches:
        - <str>
      uplink_interface_speed: <str>
      max_uplink_switches: <int>
      max_parallel_uplinks: <int>
      uplink_bfd: <bool>
      uplink_native_vlan: <int>
      uplink_ptp:
        enable: <bool>
      uplink_macsec:
        profile: <str>
      uplink_structured_config: <dict>
      short_esi: <str>

Node type L2 and MLAG configuration

Tip

Alternate addressing schemes are available at fabric_ip_addressing.

Variable Type Required Default Value Restrictions Description
<node_type_keys.key> Dictionary
  defaults Dictionary Define variables for all nodes of this type.
    mlag_port_channel_structured_config Dictionary Custom structured config applied to MLAG peer link port-channel id.
Added under port_channel_interfaces.[name=] for eos_cli_config_gen.
Overrides the settings on the port-channel interface level.
“mlag_port_channel_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
    mlag_peer_vlan_structured_config Dictionary Custom structured config applied to MLAG Peer Link (control link) SVI interface id.
Added under vlan_interfaces.[name=] for eos_cli_config_gen.
Overrides the settings on the vlan interface level.
“mlag_peer_vlan_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
    mlag_peer_l3_vlan_structured_config Dictionary Custom structured config applied to MLAG underlay L3 peering SVI interface id.
Added under vlan_interfaces.[name=] for eos_cli_config_gen.
Overrides the settings on the vlan interface level.
“mlag_peer_l3_vlan_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
    mlag Boolean True Enable / Disable auto MLAG, when two nodes are defined in node group.
    mlag_dual_primary_detection Boolean False Enable / Disable MLAG dual primary detection.
    mlag_ibgp_origin_incomplete Boolean True Set origin of routes received from MLAG iBGP peer to incomplete.
The purpose is to optimize routing for leaf loopbacks from spine perspective and
avoid suboptimal routing via peerlink for control plane traffic.
    mlag_interfaces List, items: String Each list item supports range syntax that can be expanded into a list of interfaces.
Required when MLAG leafs are present in the topology.
      - <str> String
    mlag_interfaces_speed String Set MLAG interface speed.
< interface_speed or forced interface_speed or auto interface_speed >.
    mlag_peer_l3_vlan Integer 4093 Min: 0
Max: 4094
Underlay L3 peering SVI interface id.
If set to 0 or the same vlan as mlag_peer_vlan, the mlag_peer_vlan will be used for L3 peering.
    mlag_peer_l3_ipv4_pool String Format: ipv4_cidr IP address pool used for MLAG underlay L3 peering. IP is derived from the node id.
Required when MLAG leafs present in topology and they are using a separate L3 peering VLAN.
    mlag_peer_vlan Integer 4094 Min: 1
Max: 4094
MLAG Peer Link (control link) SVI interface id.
    mlag_peer_link_allowed_vlans String
    mlag_peer_ipv4_pool String Format: ipv4_cidr IP address pool used for MLAG Peer Link (control link). IP is derived from the node id.
Required when MLAG leafs present in topology.
    mlag_port_channel_id Integer If not set, the mlag port-channel id is generated based on the digits of the first interface present in ‘mlag_interfaces’.
Valid port-channel id numbers are < 1-2000 > for EOS < 4.25.0F and < 1 - 999999 > for EOS >= 4.25.0F.
    mlag_domain_id String MLAG Domain ID. If not set the node group name (Set with “group” key) will be used.
    spanning_tree_mode String Valid Values:
- mstp
- rstp
- rapid-pvst
- none
    spanning_tree_priority Integer 32768
    spanning_tree_root_super Boolean False
    virtual_router_mac_address String Format: mac Virtual router mac address for anycast gateway.
  node_groups List, items: Dictionary Define variables related to all nodes part of this group.
    - group String Required, Unique The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’.
The Node Group Name is also used for peer description on downstream switches’ uplinks.
      nodes List, items: Dictionary Define variables per node.
        - name String Required, Unique The Node Name is used as “hostname”.
          mlag_port_channel_structured_config Dictionary Custom structured config applied to MLAG peer link port-channel id.
Added under port_channel_interfaces.[name=] for eos_cli_config_gen.
Overrides the settings on the port-channel interface level.
“mlag_port_channel_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
          mlag_peer_vlan_structured_config Dictionary Custom structured config applied to MLAG Peer Link (control link) SVI interface id.
Added under vlan_interfaces.[name=] for eos_cli_config_gen.
Overrides the settings on the vlan interface level.
“mlag_peer_vlan_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
          mlag_peer_l3_vlan_structured_config Dictionary Custom structured config applied to MLAG underlay L3 peering SVI interface id.
Added under vlan_interfaces.[name=] for eos_cli_config_gen.
Overrides the settings on the vlan interface level.
“mlag_peer_l3_vlan_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
          mlag Boolean True Enable / Disable auto MLAG, when two nodes are defined in node group.
          mlag_dual_primary_detection Boolean False Enable / Disable MLAG dual primary detection.
          mlag_ibgp_origin_incomplete Boolean True Set origin of routes received from MLAG iBGP peer to incomplete.
The purpose is to optimize routing for leaf loopbacks from spine perspective and
avoid suboptimal routing via peerlink for control plane traffic.
          mlag_interfaces List, items: String Each list item supports range syntax that can be expanded into a list of interfaces.
Required when MLAG leafs are present in the topology.
            - <str> String
          mlag_interfaces_speed String Set MLAG interface speed.
< interface_speed or forced interface_speed or auto interface_speed >.
          mlag_peer_l3_vlan Integer 4093 Min: 0
Max: 4094
Underlay L3 peering SVI interface id.
If set to 0 or the same vlan as mlag_peer_vlan, the mlag_peer_vlan will be used for L3 peering.
          mlag_peer_l3_ipv4_pool String Format: ipv4_cidr IP address pool used for MLAG underlay L3 peering. IP is derived from the node id.
Required when MLAG leafs present in topology and they are using a separate L3 peering VLAN.
          mlag_peer_vlan Integer 4094 Min: 1
Max: 4094
MLAG Peer Link (control link) SVI interface id.
          mlag_peer_link_allowed_vlans String
          mlag_peer_ipv4_pool String Format: ipv4_cidr IP address pool used for MLAG Peer Link (control link). IP is derived from the node id.
Required when MLAG leafs present in topology.
          mlag_port_channel_id Integer If not set, the mlag port-channel id is generated based on the digits of the first interface present in ‘mlag_interfaces’.
Valid port-channel id numbers are < 1-2000 > for EOS < 4.25.0F and < 1 - 999999 > for EOS >= 4.25.0F.
          mlag_domain_id String MLAG Domain ID. If not set the node group name (Set with “group” key) will be used.
          spanning_tree_mode String Valid Values:
- mstp
- rstp
- rapid-pvst
- none
          spanning_tree_priority Integer 32768
          spanning_tree_root_super Boolean False
          virtual_router_mac_address String Format: mac Virtual router mac address for anycast gateway.
      mlag_port_channel_structured_config Dictionary Custom structured config applied to MLAG peer link port-channel id.
Added under port_channel_interfaces.[name=] for eos_cli_config_gen.
Overrides the settings on the port-channel interface level.
“mlag_port_channel_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
      mlag_peer_vlan_structured_config Dictionary Custom structured config applied to MLAG Peer Link (control link) SVI interface id.
Added under vlan_interfaces.[name=] for eos_cli_config_gen.
Overrides the settings on the vlan interface level.
“mlag_peer_vlan_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
      mlag_peer_l3_vlan_structured_config Dictionary Custom structured config applied to MLAG underlay L3 peering SVI interface id.
Added under vlan_interfaces.[name=] for eos_cli_config_gen.
Overrides the settings on the vlan interface level.
“mlag_peer_l3_vlan_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
      mlag Boolean True Enable / Disable auto MLAG, when two nodes are defined in node group.
      mlag_dual_primary_detection Boolean False Enable / Disable MLAG dual primary detection.
      mlag_ibgp_origin_incomplete Boolean True Set origin of routes received from MLAG iBGP peer to incomplete.
The purpose is to optimize routing for leaf loopbacks from spine perspective and
avoid suboptimal routing via peerlink for control plane traffic.
      mlag_interfaces List, items: String Each list item supports range syntax that can be expanded into a list of interfaces.
Required when MLAG leafs are present in the topology.
        - <str> String
      mlag_interfaces_speed String Set MLAG interface speed.
< interface_speed or forced interface_speed or auto interface_speed >.
      mlag_peer_l3_vlan Integer 4093 Min: 0
Max: 4094
Underlay L3 peering SVI interface id.
If set to 0 or the same vlan as mlag_peer_vlan, the mlag_peer_vlan will be used for L3 peering.
      mlag_peer_l3_ipv4_pool String Format: ipv4_cidr IP address pool used for MLAG underlay L3 peering. IP is derived from the node id.
Required when MLAG leafs present in topology and they are using a separate L3 peering VLAN.
      mlag_peer_vlan Integer 4094 Min: 1
Max: 4094
MLAG Peer Link (control link) SVI interface id.
      mlag_peer_link_allowed_vlans String
      mlag_peer_ipv4_pool String Format: ipv4_cidr IP address pool used for MLAG Peer Link (control link). IP is derived from the node id.
Required when MLAG leafs present in topology.
      mlag_port_channel_id Integer If not set, the mlag port-channel id is generated based on the digits of the first interface present in ‘mlag_interfaces’.
Valid port-channel id numbers are < 1-2000 > for EOS < 4.25.0F and < 1 - 999999 > for EOS >= 4.25.0F.
      mlag_domain_id String MLAG Domain ID. If not set the node group name (Set with “group” key) will be used.
      spanning_tree_mode String Valid Values:
- mstp
- rstp
- rapid-pvst
- none
      spanning_tree_priority Integer 32768
      spanning_tree_root_super Boolean False
      virtual_router_mac_address String Format: mac Virtual router mac address for anycast gateway.
  nodes List, items: Dictionary Define variables per node.
    - name String Required, Unique The Node Name is used as “hostname”.
      mlag_port_channel_structured_config Dictionary Custom structured config applied to MLAG peer link port-channel id.
Added under port_channel_interfaces.[name=] for eos_cli_config_gen.
Overrides the settings on the port-channel interface level.
“mlag_port_channel_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
      mlag_peer_vlan_structured_config Dictionary Custom structured config applied to MLAG Peer Link (control link) SVI interface id.
Added under vlan_interfaces.[name=] for eos_cli_config_gen.
Overrides the settings on the vlan interface level.
“mlag_peer_vlan_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
      mlag_peer_l3_vlan_structured_config Dictionary Custom structured config applied to MLAG underlay L3 peering SVI interface id.
Added under vlan_interfaces.[name=] for eos_cli_config_gen.
Overrides the settings on the vlan interface level.
“mlag_peer_l3_vlan_structured_config” is applied after “structured_config”, so it can override “structured_config” defined on node-level.
      mlag Boolean True Enable / Disable auto MLAG, when two nodes are defined in node group.
      mlag_dual_primary_detection Boolean False Enable / Disable MLAG dual primary detection.
      mlag_ibgp_origin_incomplete Boolean True Set origin of routes received from MLAG iBGP peer to incomplete.
The purpose is to optimize routing for leaf loopbacks from spine perspective and
avoid suboptimal routing via peerlink for control plane traffic.
      mlag_interfaces List, items: String Each list item supports range syntax that can be expanded into a list of interfaces.
Required when MLAG leafs are present in the topology.
        - <str> String
      mlag_interfaces_speed String Set MLAG interface speed.
< interface_speed or forced interface_speed or auto interface_speed >.
      mlag_peer_l3_vlan Integer 4093 Min: 0
Max: 4094
Underlay L3 peering SVI interface id.
If set to 0 or the same vlan as mlag_peer_vlan, the mlag_peer_vlan will be used for L3 peering.
      mlag_peer_l3_ipv4_pool String Format: ipv4_cidr IP address pool used for MLAG underlay L3 peering. IP is derived from the node id.
Required when MLAG leafs present in topology and they are using a separate L3 peering VLAN.
      mlag_peer_vlan Integer 4094 Min: 1
Max: 4094
MLAG Peer Link (control link) SVI interface id.
      mlag_peer_link_allowed_vlans String
      mlag_peer_ipv4_pool String Format: ipv4_cidr IP address pool used for MLAG Peer Link (control link). IP is derived from the node id.
Required when MLAG leafs present in topology.
      mlag_port_channel_id Integer If not set, the mlag port-channel id is generated based on the digits of the first interface present in ‘mlag_interfaces’.
Valid port-channel id numbers are < 1-2000 > for EOS < 4.25.0F and < 1 - 999999 > for EOS >= 4.25.0F.
      mlag_domain_id String MLAG Domain ID. If not set the node group name (Set with “group” key) will be used.
      spanning_tree_mode String Valid Values:
- mstp
- rstp
- rapid-pvst
- none
      spanning_tree_priority Integer 32768
      spanning_tree_root_super Boolean False
      virtual_router_mac_address String Format: mac Virtual router mac address for anycast gateway.
<node_type_keys.key>:
  defaults:
    mlag_port_channel_structured_config: <dict>
    mlag_peer_vlan_structured_config: <dict>
    mlag_peer_l3_vlan_structured_config: <dict>
    mlag: <bool>
    mlag_dual_primary_detection: <bool>
    mlag_ibgp_origin_incomplete: <bool>
    mlag_interfaces:
      - <str>
    mlag_interfaces_speed: <str>
    mlag_peer_l3_vlan: <int>
    mlag_peer_l3_ipv4_pool: <str>
    mlag_peer_vlan: <int>
    mlag_peer_link_allowed_vlans: <str>
    mlag_peer_ipv4_pool: <str>
    mlag_port_channel_id: <int>
    mlag_domain_id: <str>
    spanning_tree_mode: <str>
    spanning_tree_priority: <int>
    spanning_tree_root_super: <bool>
    virtual_router_mac_address: <str>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          mlag_port_channel_structured_config: <dict>
          mlag_peer_vlan_structured_config: <dict>
          mlag_peer_l3_vlan_structured_config: <dict>
          mlag: <bool>
          mlag_dual_primary_detection: <bool>
          mlag_ibgp_origin_incomplete: <bool>
          mlag_interfaces:
            - <str>
          mlag_interfaces_speed: <str>
          mlag_peer_l3_vlan: <int>
          mlag_peer_l3_ipv4_pool: <str>
          mlag_peer_vlan: <int>
          mlag_peer_link_allowed_vlans: <str>
          mlag_peer_ipv4_pool: <str>
          mlag_port_channel_id: <int>
          mlag_domain_id: <str>
          spanning_tree_mode: <str>
          spanning_tree_priority: <int>
          spanning_tree_root_super: <bool>
          virtual_router_mac_address: <str>
      mlag_port_channel_structured_config: <dict>
      mlag_peer_vlan_structured_config: <dict>
      mlag_peer_l3_vlan_structured_config: <dict>
      mlag: <bool>
      mlag_dual_primary_detection: <bool>
      mlag_ibgp_origin_incomplete: <bool>
      mlag_interfaces:
        - <str>
      mlag_interfaces_speed: <str>
      mlag_peer_l3_vlan: <int>
      mlag_peer_l3_ipv4_pool: <str>
      mlag_peer_vlan: <int>
      mlag_peer_link_allowed_vlans: <str>
      mlag_peer_ipv4_pool: <str>
      mlag_port_channel_id: <int>
      mlag_domain_id: <str>
      spanning_tree_mode: <str>
      spanning_tree_priority: <int>
      spanning_tree_root_super: <bool>
      virtual_router_mac_address: <str>
  nodes:
    - name: <str>
      mlag_port_channel_structured_config: <dict>
      mlag_peer_vlan_structured_config: <dict>
      mlag_peer_l3_vlan_structured_config: <dict>
      mlag: <bool>
      mlag_dual_primary_detection: <bool>
      mlag_ibgp_origin_incomplete: <bool>
      mlag_interfaces:
        - <str>
      mlag_interfaces_speed: <str>
      mlag_peer_l3_vlan: <int>
      mlag_peer_l3_ipv4_pool: <str>
      mlag_peer_vlan: <int>
      mlag_peer_link_allowed_vlans: <str>
      mlag_peer_ipv4_pool: <str>
      mlag_port_channel_id: <int>
      mlag_domain_id: <str>
      spanning_tree_mode: <str>
      spanning_tree_priority: <int>
      spanning_tree_root_super: <bool>
      virtual_router_mac_address: <str>

Node type Loopback and VTEP configuration

Variable Type Required Default Value Restrictions Description
<node_type_keys.key> Dictionary
  defaults Dictionary Define variables for all nodes of this type.
    loopback_ipv4_pool String Format: ipv4_cidr IPv4 subnet for Loopback0 allocation.
    vtep_loopback_ipv4_pool String Format: ipv4_cidr IPv4 subnet for VTEP-Loopback allocation.
    loopback_ipv4_offset Integer 0 Offset all assigned loopback IP addresses.
Required when the < loopback_ipv4_pool > is same for 2 different node_types (like spine and l3leaf) to avoid over-lapping IPs.
For example, set the minimum offset l3leaf.defaults.loopback_ipv4_offset: < total # spine switches > or vice versa.
    loopback_ipv6_pool String Format: ipv6_cidr IPv6 subnet for Loopback0 allocation.
    loopback_ipv6_offset Integer 0 Offset all assigned loopback IPv6 addresses.
Required when the < loopback_ipv6_pool > is same for 2 different node_types (like spine and l3leaf) to avoid overlapping IPs.
For example, set the minimum offset l3leaf.defaults.loopback_ipv6_offset: < total # spine switches > or vice versa.
    vtep_loopback String Pattern: Loopback[\d/]+ Set VXLAN source interface.
  node_groups List, items: Dictionary Define variables related to all nodes part of this group.
    - group String Required, Unique The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’.
The Node Group Name is also used for peer description on downstream switches’ uplinks.
      nodes List, items: Dictionary Define variables per node.
        - name String Required, Unique The Node Name is used as “hostname”.
          loopback_ipv4_pool String Format: ipv4_cidr IPv4 subnet for Loopback0 allocation.
          vtep_loopback_ipv4_pool String Format: ipv4_cidr IPv4 subnet for VTEP-Loopback allocation.
          loopback_ipv4_offset Integer 0 Offset all assigned loopback IP addresses.
Required when the < loopback_ipv4_pool > is same for 2 different node_types (like spine and l3leaf) to avoid over-lapping IPs.
For example, set the minimum offset l3leaf.defaults.loopback_ipv4_offset: < total # spine switches > or vice versa.
          loopback_ipv6_pool String Format: ipv6_cidr IPv6 subnet for Loopback0 allocation.
          loopback_ipv6_offset Integer 0 Offset all assigned loopback IPv6 addresses.
Required when the < loopback_ipv6_pool > is same for 2 different node_types (like spine and l3leaf) to avoid overlapping IPs.
For example, set the minimum offset l3leaf.defaults.loopback_ipv6_offset: < total # spine switches > or vice versa.
          vtep_loopback String Pattern: Loopback[\d/]+ Set VXLAN source interface.
      loopback_ipv4_pool String Format: ipv4_cidr IPv4 subnet for Loopback0 allocation.
      vtep_loopback_ipv4_pool String Format: ipv4_cidr IPv4 subnet for VTEP-Loopback allocation.
      loopback_ipv4_offset Integer 0 Offset all assigned loopback IP addresses.
Required when the < loopback_ipv4_pool > is same for 2 different node_types (like spine and l3leaf) to avoid over-lapping IPs.
For example, set the minimum offset l3leaf.defaults.loopback_ipv4_offset: < total # spine switches > or vice versa.
      loopback_ipv6_pool String Format: ipv6_cidr IPv6 subnet for Loopback0 allocation.
      loopback_ipv6_offset Integer 0 Offset all assigned loopback IPv6 addresses.
Required when the < loopback_ipv6_pool > is same for 2 different node_types (like spine and l3leaf) to avoid overlapping IPs.
For example, set the minimum offset l3leaf.defaults.loopback_ipv6_offset: < total # spine switches > or vice versa.
      vtep_loopback String Pattern: Loopback[\d/]+ Set VXLAN source interface.
  nodes List, items: Dictionary Define variables per node.
    - name String Required, Unique The Node Name is used as “hostname”.
      loopback_ipv4_pool String Format: ipv4_cidr IPv4 subnet for Loopback0 allocation.
      vtep_loopback_ipv4_pool String Format: ipv4_cidr IPv4 subnet for VTEP-Loopback allocation.
      loopback_ipv4_offset Integer 0 Offset all assigned loopback IP addresses.
Required when the < loopback_ipv4_pool > is same for 2 different node_types (like spine and l3leaf) to avoid over-lapping IPs.
For example, set the minimum offset l3leaf.defaults.loopback_ipv4_offset: < total # spine switches > or vice versa.
      loopback_ipv6_pool String Format: ipv6_cidr IPv6 subnet for Loopback0 allocation.
      loopback_ipv6_offset Integer 0 Offset all assigned loopback IPv6 addresses.
Required when the < loopback_ipv6_pool > is same for 2 different node_types (like spine and l3leaf) to avoid overlapping IPs.
For example, set the minimum offset l3leaf.defaults.loopback_ipv6_offset: < total # spine switches > or vice versa.
      vtep_loopback String Pattern: Loopback[\d/]+ Set VXLAN source interface.
<node_type_keys.key>:
  defaults:
    loopback_ipv4_pool: <str>
    vtep_loopback_ipv4_pool: <str>
    loopback_ipv4_offset: <int>
    loopback_ipv6_pool: <str>
    loopback_ipv6_offset: <int>
    vtep_loopback: <str>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          loopback_ipv4_pool: <str>
          vtep_loopback_ipv4_pool: <str>
          loopback_ipv4_offset: <int>
          loopback_ipv6_pool: <str>
          loopback_ipv6_offset: <int>
          vtep_loopback: <str>
      loopback_ipv4_pool: <str>
      vtep_loopback_ipv4_pool: <str>
      loopback_ipv4_offset: <int>
      loopback_ipv6_pool: <str>
      loopback_ipv6_offset: <int>
      vtep_loopback: <str>
  nodes:
    - name: <str>
      loopback_ipv4_pool: <str>
      vtep_loopback_ipv4_pool: <str>
      loopback_ipv4_offset: <int>
      loopback_ipv6_pool: <str>
      loopback_ipv6_offset: <int>
      vtep_loopback: <str>

Node type BGP configuration

Variable Type Required Default Value Restrictions Description
<node_type_keys.key> Dictionary
  defaults Dictionary Define variables for all nodes of this type.
    bgp_as String Required with eBGP.
    bgp_defaults List, items: String List of EOS commands to apply to BGP daemon.
      - <str> String
    evpn_role String Valid Values:
- client
- server
- none
Acting role in EVPN control plane.
Default is set in node_type definition from node_type_keys.
    evpn_route_servers List, items: String List of nodes acting as EVPN Route-Servers / Route-Reflectors.
      - <str> String
  node_groups List, items: Dictionary Define variables related to all nodes part of this group.
    - group String Required, Unique The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’.
The Node Group Name is also used for peer description on downstream switches’ uplinks.
      nodes List, items: Dictionary Define variables per node.
        - name String Required, Unique The Node Name is used as “hostname”.
          bgp_as String Required with eBGP.
          bgp_defaults List, items: String List of EOS commands to apply to BGP daemon.
            - <str> String
          evpn_role String Valid Values:
- client
- server
- none
Acting role in EVPN control plane.
Default is set in node_type definition from node_type_keys.
          evpn_route_servers List, items: String List of nodes acting as EVPN Route-Servers / Route-Reflectors.
            - <str> String
      bgp_as String Required with eBGP.
      bgp_defaults List, items: String List of EOS commands to apply to BGP daemon.
        - <str> String
      evpn_role String Valid Values:
- client
- server
- none
Acting role in EVPN control plane.
Default is set in node_type definition from node_type_keys.
      evpn_route_servers List, items: String List of nodes acting as EVPN Route-Servers / Route-Reflectors.
        - <str> String
  nodes List, items: Dictionary Define variables per node.
    - name String Required, Unique The Node Name is used as “hostname”.
      bgp_as String Required with eBGP.
      bgp_defaults List, items: String List of EOS commands to apply to BGP daemon.
        - <str> String
      evpn_role String Valid Values:
- client
- server
- none
Acting role in EVPN control plane.
Default is set in node_type definition from node_type_keys.
      evpn_route_servers List, items: String List of nodes acting as EVPN Route-Servers / Route-Reflectors.
        - <str> String
<node_type_keys.key>:
  defaults:
    bgp_as: <str>
    bgp_defaults:
      - <str>
    evpn_role: <str>
    evpn_route_servers:
      - <str>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          bgp_as: <str>
          bgp_defaults:
            - <str>
          evpn_role: <str>
          evpn_route_servers:
            - <str>
      bgp_as: <str>
      bgp_defaults:
        - <str>
      evpn_role: <str>
      evpn_route_servers:
        - <str>
  nodes:
    - name: <str>
      bgp_as: <str>
      bgp_defaults:
        - <str>
      evpn_role: <str>
      evpn_route_servers:
        - <str>

Node type network services configuration

Variable Type Required Default Value Restrictions Description
<node_type_keys.key> Dictionary
  defaults Dictionary Define variables for all nodes of this type.
    evpn_services_l2_only Boolean False Possibility to prevent configuration of Tenant VRFs and SVIs.
Override node definition “network_services_l3” from node_type_keys.
This allows support for centralized routing.
    filter Dictionary Filter L3 and L2 network services based on tenant and tags (and operation filter).
If filter is not defined it will default to all.
      tenants List, items: String ['all']
        - <str> String
      tags List, items: String ['all']
        - <str> String
      always_include_vrfs_in_tenants List, items: String List of tenants where VRFs will be configured even if VLANs are not included in tags.
Useful for L3 “border” leaf.
        - <str> String
      only_vlans_in_use Boolean False Only configure VLANs, SVIs, VRFs in use by connected endpoints or downstream L2 switches.
Note! This feature only considers configuration managed by eos_designs.
This excludes structured_config, custom_structured_configuration_, raw_eos_cli, eos_cli, custom templates, configlets etc.
    igmp_snooping_enabled Boolean True Activate or deactivate IGMP snooping on device level.
  node_groups List, items: Dictionary Define variables related to all nodes part of this group.
    - group String Required, Unique The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’.
The Node Group Name is also used for peer description on downstream switches’ uplinks.
      nodes List, items: Dictionary Define variables per node.
        - name String Required, Unique The Node Name is used as “hostname”.
          evpn_services_l2_only Boolean False Possibility to prevent configuration of Tenant VRFs and SVIs.
Override node definition “network_services_l3” from node_type_keys.
This allows support for centralized routing.
          filter Dictionary Filter L3 and L2 network services based on tenant and tags (and operation filter).
If filter is not defined it will default to all.
            tenants List, items: String ['all']
              - <str> String
            tags List, items: String ['all']
              - <str> String
            always_include_vrfs_in_tenants List, items: String List of tenants where VRFs will be configured even if VLANs are not included in tags.
Useful for L3 “border” leaf.
              - <str> String
            only_vlans_in_use Boolean False Only configure VLANs, SVIs, VRFs in use by connected endpoints or downstream L2 switches.
Note! This feature only considers configuration managed by eos_designs.
This excludes structured_config, custom_structured_configuration_, raw_eos_cli, eos_cli, custom templates, configlets etc.
          igmp_snooping_enabled Boolean True Activate or deactivate IGMP snooping on device level.
      evpn_services_l2_only Boolean False Possibility to prevent configuration of Tenant VRFs and SVIs.
Override node definition “network_services_l3” from node_type_keys.
This allows support for centralized routing.
      filter Dictionary Filter L3 and L2 network services based on tenant and tags (and operation filter).
If filter is not defined it will default to all.
        tenants List, items: String ['all']
          - <str> String
        tags List, items: String ['all']
          - <str> String
        always_include_vrfs_in_tenants List, items: String List of tenants where VRFs will be configured even if VLANs are not included in tags.
Useful for L3 “border” leaf.
          - <str> String
        only_vlans_in_use Boolean False Only configure VLANs, SVIs, VRFs in use by connected endpoints or downstream L2 switches.
Note! This feature only considers configuration managed by eos_designs.
This excludes structured_config, custom_structured_configuration_, raw_eos_cli, eos_cli, custom templates, configlets etc.
      igmp_snooping_enabled Boolean True Activate or deactivate IGMP snooping on device level.
  nodes List, items: Dictionary Define variables per node.
    - name String Required, Unique The Node Name is used as “hostname”.
      evpn_services_l2_only Boolean False Possibility to prevent configuration of Tenant VRFs and SVIs.
Override node definition “network_services_l3” from node_type_keys.
This allows support for centralized routing.
      filter Dictionary Filter L3 and L2 network services based on tenant and tags (and operation filter).
If filter is not defined it will default to all.
        tenants List, items: String ['all']
          - <str> String
        tags List, items: String ['all']
          - <str> String
        always_include_vrfs_in_tenants List, items: String List of tenants where VRFs will be configured even if VLANs are not included in tags.
Useful for L3 “border” leaf.
          - <str> String
        only_vlans_in_use Boolean False Only configure VLANs, SVIs, VRFs in use by connected endpoints or downstream L2 switches.
Note! This feature only considers configuration managed by eos_designs.
This excludes structured_config, custom_structured_configuration_, raw_eos_cli, eos_cli, custom templates, configlets etc.
      igmp_snooping_enabled Boolean True Activate or deactivate IGMP snooping on device level.
<node_type_keys.key>:
  defaults:
    evpn_services_l2_only: <bool>
    filter:
      tenants:
        - <str>
      tags:
        - <str>
      always_include_vrfs_in_tenants:
        - <str>
      only_vlans_in_use: <bool>
    igmp_snooping_enabled: <bool>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          evpn_services_l2_only: <bool>
          filter:
            tenants:
              - <str>
            tags:
              - <str>
            always_include_vrfs_in_tenants:
              - <str>
            only_vlans_in_use: <bool>
          igmp_snooping_enabled: <bool>
      evpn_services_l2_only: <bool>
      filter:
        tenants:
          - <str>
        tags:
          - <str>
        always_include_vrfs_in_tenants:
          - <str>
        only_vlans_in_use: <bool>
      igmp_snooping_enabled: <bool>
  nodes:
    - name: <str>
      evpn_services_l2_only: <bool>
      filter:
        tenants:
          - <str>
        tags:
          - <str>
        always_include_vrfs_in_tenants:
          - <str>
        only_vlans_in_use: <bool>
      igmp_snooping_enabled: <bool>

Node type EVPN gateway configuration

Variable Type Required Default Value Restrictions Description
<node_type_keys.key> Dictionary
  defaults Dictionary Define variables for all nodes of this type.
    ipvpn_gateway Dictionary Node is acting as IP-VPN Gateway for EVPN to MPLS-IP-VPN Interworking. The BGP peer group used for this is “bgp_peer_groups.ipvpn_gateway_peers”.
L3 Reachability is required for this to work, the preferred method to establish underlay connectivity is to use core_interfaces.
      enabled Boolean Required
      evpn_domain_id String 65535:1 Domain ID to assign to EVPN address family for use with D-path. Format :.
      ipvpn_domain_id String 65535:2 Domain ID to assign to IPVPN address families for use with D-path. Format :.
      enable_d_path Boolean True Enable D-path for use with BGP bestpath selection algorithm.
      maximum_routes Integer 0 Maximum routes to accept from IPVPN remote peers.
      local_as String none Apply local-as to peering with IPVPN remote peers.
      address_families List, items: String ['vpn-ipv4'] IPVPN address families to enable for remote peers.
        - <str> String
      remote_peers List, items: Dictionary
        - hostname String Required Hostname of remote IPVPN Peer.
          ip_address String Required Format: ipv4 Peering IP of remote IPVPN Peer.
          bgp_as String Required BGP ASN of remote IPVPN Peer.
  node_groups List, items: Dictionary Define variables related to all nodes part of this group.
    - group String Required, Unique The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’.
The Node Group Name is also used for peer description on downstream switches’ uplinks.
      nodes List, items: Dictionary Define variables per node.
        - name String Required, Unique The Node Name is used as “hostname”.
          ipvpn_gateway Dictionary Node is acting as IP-VPN Gateway for EVPN to MPLS-IP-VPN Interworking. The BGP peer group used for this is “bgp_peer_groups.ipvpn_gateway_peers”.
L3 Reachability is required for this to work, the preferred method to establish underlay connectivity is to use core_interfaces.
            enabled Boolean Required
            evpn_domain_id String 65535:1 Domain ID to assign to EVPN address family for use with D-path. Format :.
            ipvpn_domain_id String 65535:2 Domain ID to assign to IPVPN address families for use with D-path. Format :.
            enable_d_path Boolean True Enable D-path for use with BGP bestpath selection algorithm.
            maximum_routes Integer 0 Maximum routes to accept from IPVPN remote peers.
            local_as String none Apply local-as to peering with IPVPN remote peers.
            address_families List, items: String ['vpn-ipv4'] IPVPN address families to enable for remote peers.
              - <str> String
            remote_peers List, items: Dictionary
              - hostname String Required Hostname of remote IPVPN Peer.
                ip_address String Required Format: ipv4 Peering IP of remote IPVPN Peer.
                bgp_as String Required BGP ASN of remote IPVPN Peer.
      ipvpn_gateway Dictionary Node is acting as IP-VPN Gateway for EVPN to MPLS-IP-VPN Interworking. The BGP peer group used for this is “bgp_peer_groups.ipvpn_gateway_peers”.
L3 Reachability is required for this to work, the preferred method to establish underlay connectivity is to use core_interfaces.
        enabled Boolean Required
        evpn_domain_id String 65535:1 Domain ID to assign to EVPN address family for use with D-path. Format :.
        ipvpn_domain_id String 65535:2 Domain ID to assign to IPVPN address families for use with D-path. Format :.
        enable_d_path Boolean True Enable D-path for use with BGP bestpath selection algorithm.
        maximum_routes Integer 0 Maximum routes to accept from IPVPN remote peers.
        local_as String none Apply local-as to peering with IPVPN remote peers.
        address_families List, items: String ['vpn-ipv4'] IPVPN address families to enable for remote peers.
          - <str> String
        remote_peers List, items: Dictionary
          - hostname String Required Hostname of remote IPVPN Peer.
            ip_address String Required Format: ipv4 Peering IP of remote IPVPN Peer.
            bgp_as String Required BGP ASN of remote IPVPN Peer.
  nodes List, items: Dictionary Define variables per node.
    - name String Required, Unique The Node Name is used as “hostname”.
      ipvpn_gateway Dictionary Node is acting as IP-VPN Gateway for EVPN to MPLS-IP-VPN Interworking. The BGP peer group used for this is “bgp_peer_groups.ipvpn_gateway_peers”.
L3 Reachability is required for this to work, the preferred method to establish underlay connectivity is to use core_interfaces.
        enabled Boolean Required
        evpn_domain_id String 65535:1 Domain ID to assign to EVPN address family for use with D-path. Format :.
        ipvpn_domain_id String 65535:2 Domain ID to assign to IPVPN address families for use with D-path. Format :.
        enable_d_path Boolean True Enable D-path for use with BGP bestpath selection algorithm.
        maximum_routes Integer 0 Maximum routes to accept from IPVPN remote peers.
        local_as String none Apply local-as to peering with IPVPN remote peers.
        address_families List, items: String ['vpn-ipv4'] IPVPN address families to enable for remote peers.
          - <str> String
        remote_peers List, items: Dictionary
          - hostname String Required Hostname of remote IPVPN Peer.
            ip_address String Required Format: ipv4 Peering IP of remote IPVPN Peer.
            bgp_as String Required BGP ASN of remote IPVPN Peer.
<node_type_keys.key>:
  defaults:
    ipvpn_gateway:
      enabled: <bool>
      evpn_domain_id: <str>
      ipvpn_domain_id: <str>
      enable_d_path: <bool>
      maximum_routes: <int>
      local_as: <str>
      address_families:
        - <str>
      remote_peers:
        - hostname: <str>
          ip_address: <str>
          bgp_as: <str>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          ipvpn_gateway:
            enabled: <bool>
            evpn_domain_id: <str>
            ipvpn_domain_id: <str>
            enable_d_path: <bool>
            maximum_routes: <int>
            local_as: <str>
            address_families:
              - <str>
            remote_peers:
              - hostname: <str>
                ip_address: <str>
                bgp_as: <str>
      ipvpn_gateway:
        enabled: <bool>
        evpn_domain_id: <str>
        ipvpn_domain_id: <str>
        enable_d_path: <bool>
        maximum_routes: <int>
        local_as: <str>
        address_families:
          - <str>
        remote_peers:
          - hostname: <str>
            ip_address: <str>
            bgp_as: <str>
  nodes:
    - name: <str>
      ipvpn_gateway:
        enabled: <bool>
        evpn_domain_id: <str>
        ipvpn_domain_id: <str>
        enable_d_path: <bool>
        maximum_routes: <int>
        local_as: <str>
        address_families:
          - <str>
        remote_peers:
          - hostname: <str>
            ip_address: <str>
            bgp_as: <str>

Node type EVPN multi-domain gateway configuration

Variable Type Required Default Value Restrictions Description
<node_type_keys.key> Dictionary
  defaults Dictionary Define variables for all nodes of this type.
    evpn_gateway Dictionary Node is acting as EVPN Multi-Domain Gateway.
New BGP peer-group is generated between EVPN GWs in different domains or between GWs and Route Servers.
Name can be changed under “bgp_peer_groups.evpn_overlay_core” variable.
L3 rechability for different EVPN GWs must be already in place, it is recommended to use DCI & L3 Edge if Route Servers and GWs are not defined under the same Ansible inventory.
      remote_peers List, items: Dictionary Define remote peers of the EVPN VXLAN Gateway.
If the hostname can be found in the inventory, ip_address and BGP ASN will be automatically populated. Manual override takes precedence.
If the peer’s hostname can not be found in the inventory, ip_address and bgp_as must be defined.
        - hostname String Hostname of remote EVPN GW server.
          ip_address String Format: ipv4 Peering IP of remote Route Server.
          bgp_as String BGP ASN of remote Route Server.
      evpn_l2 Dictionary Enable EVPN Gateway functionality for route-types 2 (MAC-IP) and 3 (IMET).
        enabled Boolean False
      evpn_l3 Dictionary Enable EVPN Gateway functionality for route-type 5 (IP-PREFIX).
        enabled Boolean False
        inter_domain Boolean True
  node_groups List, items: Dictionary Define variables related to all nodes part of this group.
    - group String Required, Unique The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’.
The Node Group Name is also used for peer description on downstream switches’ uplinks.
      nodes List, items: Dictionary Define variables per node.
        - name String Required, Unique The Node Name is used as “hostname”.
          evpn_gateway Dictionary Node is acting as EVPN Multi-Domain Gateway.
New BGP peer-group is generated between EVPN GWs in different domains or between GWs and Route Servers.
Name can be changed under “bgp_peer_groups.evpn_overlay_core” variable.
L3 rechability for different EVPN GWs must be already in place, it is recommended to use DCI & L3 Edge if Route Servers and GWs are not defined under the same Ansible inventory.
            remote_peers List, items: Dictionary Define remote peers of the EVPN VXLAN Gateway.
If the hostname can be found in the inventory, ip_address and BGP ASN will be automatically populated. Manual override takes precedence.
If the peer’s hostname can not be found in the inventory, ip_address and bgp_as must be defined.
              - hostname String Hostname of remote EVPN GW server.
                ip_address String Format: ipv4 Peering IP of remote Route Server.
                bgp_as String BGP ASN of remote Route Server.
            evpn_l2 Dictionary Enable EVPN Gateway functionality for route-types 2 (MAC-IP) and 3 (IMET).
              enabled Boolean False
            evpn_l3 Dictionary Enable EVPN Gateway functionality for route-type 5 (IP-PREFIX).
              enabled Boolean False
              inter_domain Boolean True
      evpn_gateway Dictionary Node is acting as EVPN Multi-Domain Gateway.
New BGP peer-group is generated between EVPN GWs in different domains or between GWs and Route Servers.
Name can be changed under “bgp_peer_groups.evpn_overlay_core” variable.
L3 rechability for different EVPN GWs must be already in place, it is recommended to use DCI & L3 Edge if Route Servers and GWs are not defined under the same Ansible inventory.
        remote_peers List, items: Dictionary Define remote peers of the EVPN VXLAN Gateway.
If the hostname can be found in the inventory, ip_address and BGP ASN will be automatically populated. Manual override takes precedence.
If the peer’s hostname can not be found in the inventory, ip_address and bgp_as must be defined.
          - hostname String Hostname of remote EVPN GW server.
            ip_address String Format: ipv4 Peering IP of remote Route Server.
            bgp_as String BGP ASN of remote Route Server.
        evpn_l2 Dictionary Enable EVPN Gateway functionality for route-types 2 (MAC-IP) and 3 (IMET).
          enabled Boolean False
        evpn_l3 Dictionary Enable EVPN Gateway functionality for route-type 5 (IP-PREFIX).
          enabled Boolean False
          inter_domain Boolean True
  nodes List, items: Dictionary Define variables per node.
    - name String Required, Unique The Node Name is used as “hostname”.
      evpn_gateway Dictionary Node is acting as EVPN Multi-Domain Gateway.
New BGP peer-group is generated between EVPN GWs in different domains or between GWs and Route Servers.
Name can be changed under “bgp_peer_groups.evpn_overlay_core” variable.
L3 rechability for different EVPN GWs must be already in place, it is recommended to use DCI & L3 Edge if Route Servers and GWs are not defined under the same Ansible inventory.
        remote_peers List, items: Dictionary Define remote peers of the EVPN VXLAN Gateway.
If the hostname can be found in the inventory, ip_address and BGP ASN will be automatically populated. Manual override takes precedence.
If the peer’s hostname can not be found in the inventory, ip_address and bgp_as must be defined.
          - hostname String Hostname of remote EVPN GW server.
            ip_address String Format: ipv4 Peering IP of remote Route Server.
            bgp_as String BGP ASN of remote Route Server.
        evpn_l2 Dictionary Enable EVPN Gateway functionality for route-types 2 (MAC-IP) and 3 (IMET).
          enabled Boolean False
        evpn_l3 Dictionary Enable EVPN Gateway functionality for route-type 5 (IP-PREFIX).
          enabled Boolean False
          inter_domain Boolean True
<node_type_keys.key>:
  defaults:
    evpn_gateway:
      remote_peers:
        - hostname: <str>
          ip_address: <str>
          bgp_as: <str>
      evpn_l2:
        enabled: <bool>
      evpn_l3:
        enabled: <bool>
        inter_domain: <bool>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          evpn_gateway:
            remote_peers:
              - hostname: <str>
                ip_address: <str>
                bgp_as: <str>
            evpn_l2:
              enabled: <bool>
            evpn_l3:
              enabled: <bool>
              inter_domain: <bool>
      evpn_gateway:
        remote_peers:
          - hostname: <str>
            ip_address: <str>
            bgp_as: <str>
        evpn_l2:
          enabled: <bool>
        evpn_l3:
          enabled: <bool>
          inter_domain: <bool>
  nodes:
    - name: <str>
      evpn_gateway:
        remote_peers:
          - hostname: <str>
            ip_address: <str>
            bgp_as: <str>
        evpn_l2:
          enabled: <bool>
        evpn_l3:
          enabled: <bool>
          inter_domain: <bool>

Node type ISIS Configuration

Variable Type Required Default Value Restrictions Description
<node_type_keys.key> Dictionary
  defaults Dictionary Define variables for all nodes of this type.
    isis_system_id_prefix String Pattern: [0-9a-f]{4}.[0-9a-f]{4} (4.4 hexadecimal).
    isis_maximum_paths Integer Number of path to configure in ECMP for ISIS.
    is_type String level-2 Valid Values:
- level-1-2
- level-1
- level-2
    node_sid_base Integer 0 Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID.
  node_groups List, items: Dictionary Define variables related to all nodes part of this group.
    - group String Required, Unique The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’.
The Node Group Name is also used for peer description on downstream switches’ uplinks.
      nodes List, items: Dictionary Define variables per node.
        - name String Required, Unique The Node Name is used as “hostname”.
          isis_system_id_prefix String Pattern: [0-9a-f]{4}.[0-9a-f]{4} (4.4 hexadecimal).
          isis_maximum_paths Integer Number of path to configure in ECMP for ISIS.
          is_type String level-2 Valid Values:
- level-1-2
- level-1
- level-2
          node_sid_base Integer 0 Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID.
      isis_system_id_prefix String Pattern: [0-9a-f]{4}.[0-9a-f]{4} (4.4 hexadecimal).
      isis_maximum_paths Integer Number of path to configure in ECMP for ISIS.
      is_type String level-2 Valid Values:
- level-1-2
- level-1
- level-2
      node_sid_base Integer 0 Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID.
  nodes List, items: Dictionary Define variables per node.
    - name String Required, Unique The Node Name is used as “hostname”.
      isis_system_id_prefix String Pattern: [0-9a-f]{4}.[0-9a-f]{4} (4.4 hexadecimal).
      isis_maximum_paths Integer Number of path to configure in ECMP for ISIS.
      is_type String level-2 Valid Values:
- level-1-2
- level-1
- level-2
      node_sid_base Integer 0 Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID.
<node_type_keys.key>:
  defaults:
    isis_system_id_prefix: <str>
    isis_maximum_paths: <int>
    is_type: <str>
    node_sid_base: <int>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          isis_system_id_prefix: <str>
          isis_maximum_paths: <int>
          is_type: <str>
          node_sid_base: <int>
      isis_system_id_prefix: <str>
      isis_maximum_paths: <int>
      is_type: <str>
      node_sid_base: <int>
  nodes:
    - name: <str>
      isis_system_id_prefix: <str>
      isis_maximum_paths: <int>
      is_type: <str>
      node_sid_base: <int>

Node type MPLS configuration

Variable Type Required Default Value Restrictions Description
<node_type_keys.key> Dictionary
  defaults Dictionary Define variables for all nodes of this type.
    mpls_overlay_role String Valid Values:
- client
- server
- none
Set the default mpls overlay role.
Acting role in overlay control plane.
    overlay_address_families List, items: String Set the default overlay address families.
      - <str> String Valid Values:
- evpn
- vpn-ipv4
- vpn-ipv6
    mpls_route_reflectors List, items: String List of inventory hostname acting as MPLS route-reflectors.
      - <str> String Inventory_hostname_of_mpls_route_reflectors.
    bgp_cluster_id String Set BGP cluster id.
  node_groups List, items: Dictionary Define variables related to all nodes part of this group.
    - group String Required, Unique The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’.
The Node Group Name is also used for peer description on downstream switches’ uplinks.
      nodes List, items: Dictionary Define variables per node.
        - name String Required, Unique The Node Name is used as “hostname”.
          mpls_overlay_role String Valid Values:
- client
- server
- none
Set the default mpls overlay role.
Acting role in overlay control plane.
          overlay_address_families List, items: String Set the default overlay address families.
            - <str> String Valid Values:
- evpn
- vpn-ipv4
- vpn-ipv6
          mpls_route_reflectors List, items: String List of inventory hostname acting as MPLS route-reflectors.
            - <str> String Inventory_hostname_of_mpls_route_reflectors.
          bgp_cluster_id String Set BGP cluster id.
      mpls_overlay_role String Valid Values:
- client
- server
- none
Set the default mpls overlay role.
Acting role in overlay control plane.
      overlay_address_families List, items: String Set the default overlay address families.
        - <str> String Valid Values:
- evpn
- vpn-ipv4
- vpn-ipv6
      mpls_route_reflectors List, items: String List of inventory hostname acting as MPLS route-reflectors.
        - <str> String Inventory_hostname_of_mpls_route_reflectors.
      bgp_cluster_id String Set BGP cluster id.
  nodes List, items: Dictionary Define variables per node.
    - name String Required, Unique The Node Name is used as “hostname”.
      mpls_overlay_role String Valid Values:
- client
- server
- none
Set the default mpls overlay role.
Acting role in overlay control plane.
      overlay_address_families List, items: String Set the default overlay address families.
        - <str> String Valid Values:
- evpn
- vpn-ipv4
- vpn-ipv6
      mpls_route_reflectors List, items: String List of inventory hostname acting as MPLS route-reflectors.
        - <str> String Inventory_hostname_of_mpls_route_reflectors.
      bgp_cluster_id String Set BGP cluster id.
<node_type_keys.key>:
  defaults:
    mpls_overlay_role: <str>
    overlay_address_families:
      - <str>
    mpls_route_reflectors:
      - <str>
    bgp_cluster_id: <str>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          mpls_overlay_role: <str>
          overlay_address_families:
            - <str>
          mpls_route_reflectors:
            - <str>
          bgp_cluster_id: <str>
      mpls_overlay_role: <str>
      overlay_address_families:
        - <str>
      mpls_route_reflectors:
        - <str>
      bgp_cluster_id: <str>
  nodes:
    - name: <str>
      mpls_overlay_role: <str>
      overlay_address_families:
        - <str>
      mpls_route_reflectors:
        - <str>
      bgp_cluster_id: <str>

Node type PTP configuration

Variable Type Required Default Value Restrictions Description
<node_type_keys.key> Dictionary
  defaults Dictionary Define variables for all nodes of this type.
    ptp Dictionary
      enabled Boolean False
      profile String aes67-r16-2016 Valid Values:
- aes67
- smpte2059-2
- aes67-r16-2016
      domain Integer 127 Min: 0
Max: 255
      priority1 Integer Min: 0
Max: 255
default -> automatically set based on node_type.
      priority2 Integer Min: 0
Max: 255
default -> (node_id modulus 256).
      auto_clock_identity Boolean True If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity.
default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + “:00:” + (PTP priority 2 as HEX).
      clock_identity_prefix String PTP clock idetentiy 3-byte prefix. i.e. “01:02:03”.
By default the 3-byte prefix is “00:1C:73”.
This can be overridden if auto_clock_identity is set to true (which is the default).
      clock_identity String Set PTP clock identity manually. 6-byte value i.e. “01:02:03:04:05:06”.
      source_ip String By default in EOS, PTP packets are sourced with an IP address from the routed port or from the relevant SVI, which is the recommended behaviour.
This can be set manually if required, for example, to a value of “10.1.2.3”.
      ttl Integer
      forward_unicast Boolean False Enable PTP unicast forwarding.
      dscp Dictionary
        general_messages Integer
        event_messages Integer
      monitor Dictionary
        enabled Boolean True
        threshold Dictionary
          offset_from_master Integer 250 Min: 0
Max: 1000000000
          mean_path_delay Integer 1500 Min: 0
Max: 1000000000
          drop Dictionary
            offset_from_master Integer Min: 0
Max: 1000000000
            mean_path_delay Integer Min: 0
Max: 1000000000
        missing_message Dictionary
          intervals Dictionary
            announce Integer Min: 2
Max: 255
            follow_up Integer Min: 2
Max: 255
            sync Integer Min: 2
Max: 255
          sequence_ids Dictionary
            enabled Boolean True
            announce Integer 3 Min: 2
Max: 255
            delay_resp Integer 3 Min: 2
Max: 255
            follow_up Integer 3 Min: 2
Max: 255
            sync Integer 3 Min: 2
Max: 255
  node_groups List, items: Dictionary Define variables related to all nodes part of this group.
    - group String Required, Unique The Node Group Name is used for MLAG domain unless set with ‘mlag_domain_id’.
The Node Group Name is also used for peer description on downstream switches’ uplinks.
      nodes List, items: Dictionary Define variables per node.
        - name String Required, Unique The Node Name is used as “hostname”.
          ptp Dictionary
            enabled Boolean False
            profile String aes67-r16-2016 Valid Values:
- aes67
- smpte2059-2
- aes67-r16-2016
            domain Integer 127 Min: 0
Max: 255
            priority1 Integer Min: 0
Max: 255
default -> automatically set based on node_type.
            priority2 Integer Min: 0
Max: 255
default -> (node_id modulus 256).
            auto_clock_identity Boolean True If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity.
default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + “:00:” + (PTP priority 2 as HEX).
            clock_identity_prefix String PTP clock idetentiy 3-byte prefix. i.e. “01:02:03”.
By default the 3-byte prefix is “00:1C:73”.
This can be overridden if auto_clock_identity is set to true (which is the default).
            clock_identity String Set PTP clock identity manually. 6-byte value i.e. “01:02:03:04:05:06”.
            source_ip String By default in EOS, PTP packets are sourced with an IP address from the routed port or from the relevant SVI, which is the recommended behaviour.
This can be set manually if required, for example, to a value of “10.1.2.3”.
            ttl Integer
            forward_unicast Boolean False Enable PTP unicast forwarding.
            dscp Dictionary
              general_messages Integer
              event_messages Integer
            monitor Dictionary
              enabled Boolean True
              threshold Dictionary
                offset_from_master Integer 250 Min: 0
Max: 1000000000
                mean_path_delay Integer 1500 Min: 0
Max: 1000000000
                drop Dictionary
                  offset_from_master Integer Min: 0
Max: 1000000000
                  mean_path_delay Integer Min: 0
Max: 1000000000
              missing_message Dictionary
                intervals Dictionary
                  announce Integer Min: 2
Max: 255
                  follow_up Integer Min: 2
Max: 255
                  sync Integer Min: 2
Max: 255
                sequence_ids Dictionary
                  enabled Boolean True
                  announce Integer 3 Min: 2
Max: 255
                  delay_resp Integer 3 Min: 2
Max: 255
                  follow_up Integer 3 Min: 2
Max: 255
                  sync Integer 3 Min: 2
Max: 255
      ptp Dictionary
        enabled Boolean False
        profile String aes67-r16-2016 Valid Values:
- aes67
- smpte2059-2
- aes67-r16-2016
        domain Integer 127 Min: 0
Max: 255
        priority1 Integer Min: 0
Max: 255
default -> automatically set based on node_type.
        priority2 Integer Min: 0
Max: 255
default -> (node_id modulus 256).
        auto_clock_identity Boolean True If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity.
default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + “:00:” + (PTP priority 2 as HEX).
        clock_identity_prefix String PTP clock idetentiy 3-byte prefix. i.e. “01:02:03”.
By default the 3-byte prefix is “00:1C:73”.
This can be overridden if auto_clock_identity is set to true (which is the default).
        clock_identity String Set PTP clock identity manually. 6-byte value i.e. “01:02:03:04:05:06”.
        source_ip String By default in EOS, PTP packets are sourced with an IP address from the routed port or from the relevant SVI, which is the recommended behaviour.
This can be set manually if required, for example, to a value of “10.1.2.3”.
        ttl Integer
        forward_unicast Boolean False Enable PTP unicast forwarding.
        dscp Dictionary
          general_messages Integer
          event_messages Integer
        monitor Dictionary
          enabled Boolean True
          threshold Dictionary
            offset_from_master Integer 250 Min: 0
Max: 1000000000
            mean_path_delay Integer 1500 Min: 0
Max: 1000000000
            drop Dictionary
              offset_from_master Integer Min: 0
Max: 1000000000
              mean_path_delay Integer Min: 0
Max: 1000000000
          missing_message Dictionary
            intervals Dictionary
              announce Integer Min: 2
Max: 255
              follow_up Integer Min: 2
Max: 255
              sync Integer Min: 2
Max: 255
            sequence_ids Dictionary
              enabled Boolean True
              announce Integer 3 Min: 2
Max: 255
              delay_resp Integer 3 Min: 2
Max: 255
              follow_up Integer 3 Min: 2
Max: 255
              sync Integer 3 Min: 2
Max: 255
  nodes List, items: Dictionary Define variables per node.
    - name String Required, Unique The Node Name is used as “hostname”.
      ptp Dictionary
        enabled Boolean False
        profile String aes67-r16-2016 Valid Values:
- aes67
- smpte2059-2
- aes67-r16-2016
        domain Integer 127 Min: 0
Max: 255
        priority1 Integer Min: 0
Max: 255
default -> automatically set based on node_type.
        priority2 Integer Min: 0
Max: 255
default -> (node_id modulus 256).
        auto_clock_identity Boolean True If you prefer to have PTP clock identity be the system MAC-address of the switch, which is the default EOS behaviour, simply disable the automatic PTP clock identity.
default -> (clock_identity_prefix = 00:1C:73 (default)) + (PTP priority 1 as HEX) + “:00:” + (PTP priority 2 as HEX).
        clock_identity_prefix String PTP clock idetentiy 3-byte prefix. i.e. “01:02:03”.
By default the 3-byte prefix is “00:1C:73”.
This can be overridden if auto_clock_identity is set to true (which is the default).
        clock_identity String Set PTP clock identity manually. 6-byte value i.e. “01:02:03:04:05:06”.
        source_ip String By default in EOS, PTP packets are sourced with an IP address from the routed port or from the relevant SVI, which is the recommended behaviour.
This can be set manually if required, for example, to a value of “10.1.2.3”.
        ttl Integer
        forward_unicast Boolean False Enable PTP unicast forwarding.
        dscp Dictionary
          general_messages Integer
          event_messages Integer
        monitor Dictionary
          enabled Boolean True
          threshold Dictionary
            offset_from_master Integer 250 Min: 0
Max: 1000000000
            mean_path_delay Integer 1500 Min: 0
Max: 1000000000
            drop Dictionary
              offset_from_master Integer Min: 0
Max: 1000000000
              mean_path_delay Integer Min: 0
Max: 1000000000
          missing_message Dictionary
            intervals Dictionary
              announce Integer Min: 2
Max: 255
              follow_up Integer Min: 2
Max: 255
              sync Integer Min: 2
Max: 255
            sequence_ids Dictionary
              enabled Boolean True
              announce Integer 3 Min: 2
Max: 255
              delay_resp Integer 3 Min: 2
Max: 255
              follow_up Integer 3 Min: 2
Max: 255
              sync Integer 3 Min: 2
Max: 255
<node_type_keys.key>:
  defaults:
    ptp:
      enabled: <bool>
      profile: <str>
      domain: <int>
      priority1: <int>
      priority2: <int>
      auto_clock_identity: <bool>
      clock_identity_prefix: <str>
      clock_identity: <str>
      source_ip: <str>
      ttl: <int>
      forward_unicast: <bool>
      dscp:
        general_messages: <int>
        event_messages: <int>
      monitor:
        enabled: <bool>
        threshold:
          offset_from_master: <int>
          mean_path_delay: <int>
          drop:
            offset_from_master: <int>
            mean_path_delay: <int>
        missing_message:
          intervals:
            announce: <int>
            follow_up: <int>
            sync: <int>
          sequence_ids:
            enabled: <bool>
            announce: <int>
            delay_resp: <int>
            follow_up: <int>
            sync: <int>
  node_groups:
    - group: <str>
      nodes:
        - name: <str>
          ptp:
            enabled: <bool>
            profile: <str>
            domain: <int>
            priority1: <int>
            priority2: <int>
            auto_clock_identity: <bool>
            clock_identity_prefix: <str>
            clock_identity: <str>
            source_ip: <str>
            ttl: <int>
            forward_unicast: <bool>
            dscp:
              general_messages: <int>
              event_messages: <int>
            monitor:
              enabled: <bool>
              threshold:
                offset_from_master: <int>
                mean_path_delay: <int>
                drop:
                  offset_from_master: <int>
                  mean_path_delay: <int>
              missing_message:
                intervals:
                  announce: <int>
                  follow_up: <int>
                  sync: <int>
                sequence_ids:
                  enabled: <bool>
                  announce: <int>
                  delay_resp: <int>
                  follow_up: <int>
                  sync: <int>
      ptp:
        enabled: <bool>
        profile: <str>
        domain: <int>
        priority1: <int>
        priority2: <int>
        auto_clock_identity: <bool>
        clock_identity_prefix: <str>
        clock_identity: <str>
        source_ip: <str>
        ttl: <int>
        forward_unicast: <bool>
        dscp:
          general_messages: <int>
          event_messages: <int>
        monitor:
          enabled: <bool>
          threshold:
            offset_from_master: <int>
            mean_path_delay: <int>
            drop:
              offset_from_master: <int>
              mean_path_delay: <int>
          missing_message:
            intervals:
              announce: <int>
              follow_up: <int>
              sync: <int>
            sequence_ids:
              enabled: <bool>
              announce: <int>
              delay_resp: <int>
              follow_up: <int>
              sync: <int>
  nodes:
    - name: <str>
      ptp:
        enabled: <bool>
        profile: <str>
        domain: <int>
        priority1: <int>
        priority2: <int>
        auto_clock_identity: <bool>
        clock_identity_prefix: <str>
        clock_identity: <str>
        source_ip: <str>
        ttl: <int>
        forward_unicast: <bool>
        dscp:
          general_messages: <int>
          event_messages: <int>
        monitor:
          enabled: <bool>
          threshold:
            offset_from_master: <int>
            mean_path_delay: <int>
            drop:
              offset_from_master: <int>
              mean_path_delay: <int>
          missing_message:
            intervals:
              announce: <int>
              follow_up: <int>
              sync: <int>
            sequence_ids:
              enabled: <bool>
              announce: <int>
              delay_resp: <int>
              follow_up: <int>
              sync: <int>

Default interface settings

  • Set default uplink, downlink, and MLAG interfaces, which will be used if these interfaces are not defined on a device (either directly or through inheritance).
  • These are defined based on the combination of node_type (e.g., l3leaf or spine) and a regex for matching the platform.
  • A list of interfaces or interface ranges can be specified.
  • Each list item supports range syntax that can be expanded into a list of interfaces. Interface range examples:
    • Ethernet49-52/1: Expands to [ Ethernet49/1, Ethernet50/1, Ethernet51/1, Ethernet52/1 ]
    • Ethernet1/31-34/1: Expands to [ Ethernet1/31/1, Ethernet1/32/1, Ethernet1/33/1, Ethernet1/34/1 ]
    • Ethernet49-50,53-54: Expands to [ Ethernet49, Ethernet50, Ethernet53, Ethernet54 ]
    • Ethernet1-2/1-4: Expands to [ Ethernet1/1, Ethernet1/2, Ethernet1/3, Ethernet1/4, Ethernet2/1, Ethernet2/2, Ethernet2/3, Ethernet2/4 ]
  • uplink_interfaces and mlag_interfaces under default_interfaces are directly inherited by uplink_interfaces and mlag_interfaces.
  • downlink_interfaces are referenced by the child switch (e.g., the leaf in a leaf/spine network). The child switch leverages an upstream switch’s default_downlink_interfaces using the child switch ID. This is then used to build uplink_switch_interfaces for that child.
    • In the case of max_parallel_uplinks > 1 the default_downlink_interfaces are mapped with consecutive downlinks per child ID.
    • Example for max_parallel_uplinks: 2, downlink interfaces will be mapped as [ <downlink1 to leaf-id1>, <downlink2 to leaf-id1>, <downlink1 to leaf-id2>, <downlink2 to leaf-id2> ...]
  • Please note that no default interfaces are defined in AVD itself. You will need to create your own based on the example below.
Default interfaces example
default_interfaces:
  - types: [ spine, l3leaf ]
    platforms: [ "7050[SC]X3", vEOS.*, default ]
    uplink_interfaces: [ Ethernet49-54/1 ]
    mlag_interfaces: [ Ethernet55-56/1 ]
    downlink_interfaces: [ Ethernet1-32/1 ]
Variable Type Required Default Value Restrictions Description
default_interfaces List, items: Dictionary Default uplink, downlink, and MLAG interfaces, which will be used if these interfaces are not defined on a device (either directly or through inheritance).
  - types List, items: String Required List of node type keys.
      - <str> String
    platforms List, items: String Required List of platform families.
This is defined as a Python regular expression that matches the full platform type.
      - <str> String Arista platform family regular expression.
    uplink_interfaces List, items: String List of uplink interfaces or uplink interface ranges.
      - <str> String Interface range or interface.
    mlag_interfaces List, items: String List of MLAG interfaces or MLAG interface ranges.
      - <str> String Interface range or interface.
    downlink_interfaces List, items: String List of downlink interfaces or downlink interface ranges.
      - <str> String Interface range or interface.
default_interfaces:
  - types:
      - <str>
    platforms:
      - <str>
    uplink_interfaces:
      - <str>
    mlag_interfaces:
      - <str>
    downlink_interfaces:
      - <str>

L3 edge and DCI settings

The l3_edge data model can be used to configure extra L3 P2P links anywhere in the fabric. It can be between two switches that are already part of the fabric inventory, or it can be towards another device, where only one end of the link is on a switch in the fabric.

The data model supports using IP pools, Subnet per link, specifying the IP addresses manually or using ipv6 with rfc5549. One of these options must be set. For BGP peerings the AS number must be specified. If the AS number is different than the AS number configured for the node, the local-as will be replaced on this BGP peering (neighbor <ip> local-as <as> no-prepend replace-as).

Make sure to configure the variables in a group_vars file covering all devices mentioned in the data model.

Variable Type Required Default Value Restrictions Description
l3_edge Dictionary
  p2p_links_ip_pools List, items: Dictionary
    - name String Required, Unique P2P pool name.
      ipv4_pool String IPv4 address/Mask.
      prefix_size Integer 31 Min: 8
Max: 31
Subnet mask size.
  p2p_links_profiles List, items: Dictionary
    - name String Required, Unique P2P profile name. Any variable supported under p2p_links can be inherited from a profile.
      id Integer Unique id per subnet_summary. Used to calculate ip addresses.
Required with ip_pool. ID starting from 1.
      speed String The values can be speed or auto speed or forced speed.
      ip_pool String P2P pool name. IP Pool defined under p2p_links_ip_pools. A /31 will be taken from the pool per P2P link.
      subnet String IPv4 address/Mask. Subnet used on this P2P link.
      ip List, items: String Specific IP addresses used on this P2P link.
        - <str> String Node IPv4 address/Mask.
      ipv6_enable Boolean False Allows turning on ipv6 for the link or profile (also autodetected based on underlay_rfc5549 and include_in_underlay_protocol).
      nodes List, items: String Nodes where this link should be configured.
        - <str> String The values can be < node_a >, < node_b >.
ex.- [ core-1-isis-sr-ldp, core-2-ospf-ldp ].
      interfaces List, items: String Interfaces where this link should be configured and Required unless using port-channels.
        - <str> String The value can be like < node_a_interface >, < node_b_interface >.
ex. - [ Ethernet2, Ethernet2 ].
      as List, items: String AS numbers for BGP.
Required with bgp peering.
        - <str> String The values can be like [“node_a_as”, “node_b_as”].
      descriptions List, items: String Interface description.
        - <str> String
      include_in_underlay_protocol Boolean True Add this interface to underlay routing protocol.
      isis_hello_padding Boolean False
      isis_metric Integer
      isis_circuit_type String Valid Values:
- level-1
- level-2
- level-1-2
      isis_authentication_mode String Valid Values:
- md5
- text
      isis_authentication_key String Type-7 encrypted password.
      mpls_ip Boolean MPLS parameters. Default value is true if switch.mpls_lsr is true.
      mpls_ldp Boolean MPLS parameters. Default value is true for ldp underlay variants, otherwise false.
      mtu Integer MTU for this P2P link. Default value same as p2p_uplinks_mtu.
      bfd Boolean False Enable BFD (only considered for BGP).
      ptp Dictionary PTP parameters.
        enabled Boolean False Enable PTP.
      sflow Boolean Enable sFlow. Overrides fabric_sflow setting.
      qos_profile String QOS service profile.
      macsec_profile String MAC security profile.
      port_channel Dictionary Port-channel parameters.
        mode String active
        nodes_child_interfaces List, items: Dictionary
          - node String Required, Unique
            interfaces List, items: String List of node interfaces. Ex.- [ ‘node1 interface1’, ‘node1 interface2’ ].
              - <str> String
      raw_eos_cli String EOS CLI rendered directly on the point-to-point interface in the final EOS configuration.
      structured_config Dictionary Custom structured config for interfaces
Note! The content of this dictionary is not validated by the schema, since it can be either ethernet_interfaces or port_channel_interfaces.
  p2p_links List, items: Dictionary
    - nodes List, items: String Required Nodes where this link should be configured.
        - <str> String The values can be < node_a >, < node_b >.
ex.- [ core-1-isis-sr-ldp, core-2-ospf-ldp ].
      profile String P2P profile name. Profile defined under p2p_profiles.
      id Integer Unique id per subnet_summary. Used to calculate ip addresses.
Required with ip_pool. ID starting from 1.
      speed String The values can be speed or auto speed or forced speed.
      ip_pool String P2P pool name. IP Pool defined under p2p_links_ip_pools. A /31 will be taken from the pool per P2P link.
      subnet String IPv4 address/Mask. Subnet used on this P2P link.
      ip List, items: String Specific IP addresses used on this P2P link.
        - <str> String Node IPv4 address/Mask.
      ipv6_enable Boolean False Allows turning on ipv6 for the link or profile (also autodetected based on underlay_rfc5549 and include_in_underlay_protocol).
      interfaces List, items: String Interfaces where this link should be configured and Required unless using port-channels.
        - <str> String The value can be like < node_a_interface >, < node_b_interface >.
ex. - [ Ethernet2, Ethernet2 ].
      as List, items: String AS numbers for BGP.
Required with bgp peering.
        - <str> String The values can be like [“node_a_as”, “node_b_as”].
      descriptions List, items: String Interface description.
        - <str> String
      include_in_underlay_protocol Boolean True Add this interface to underlay routing protocol.
      isis_hello_padding Boolean False
      isis_metric Integer
      isis_circuit_type String Valid Values:
- level-1
- level-2
- level-1-2
      isis_authentication_mode String Valid Values:
- md5
- text
      isis_authentication_key String Type-7 encrypted password.
      mpls_ip Boolean MPLS parameters. Default value is true if switch.mpls_lsr is true.
      mpls_ldp Boolean MPLS parameters. Default value is true for ldp underlay variants, otherwise false.
      mtu Integer MTU for this P2P link. Default value same as p2p_uplinks_mtu.
      bfd Boolean False Enable BFD (only considered for BGP).
      ptp Dictionary PTP parameters.
        enabled Boolean False Enable PTP.
      sflow Boolean Enable sFlow. Overrides fabric_sflow setting.
      qos_profile String QOS service profile.
      macsec_profile String MAC security profile.
      port_channel Dictionary Port-channel parameters.
        mode String active
        nodes_child_interfaces List, items: Dictionary
          - node String Required, Unique
            interfaces List, items: String List of node interfaces. Ex.- [ ‘node1 interface1’, ‘node1 interface2’ ].
              - <str> String
      raw_eos_cli String EOS CLI rendered directly on the point-to-point interface in the final EOS configuration.
      structured_config Dictionary Custom structured config for interfaces
Note! The content of this dictionary is not validated by the schema, since it can be either ethernet_interfaces or port_channel_interfaces.
l3_edge:
  p2p_links_ip_pools:
    - name: <str>
      ipv4_pool: <str>
      prefix_size: <int>
  p2p_links_profiles:
    - name: <str>
      id: <int>
      speed: <str>
      ip_pool: <str>
      subnet: <str>
      ip:
        - <str>
      ipv6_enable: <bool>
      nodes:
        - <str>
      interfaces:
        - <str>
      as:
        - <str>
      descriptions:
        - <str>
      include_in_underlay_protocol: <bool>
      isis_hello_padding: <bool>
      isis_metric: <int>
      isis_circuit_type: <str>
      isis_authentication_mode: <str>
      isis_authentication_key: <str>
      mpls_ip: <bool>
      mpls_ldp: <bool>
      mtu: <int>
      bfd: <bool>
      ptp:
        enabled: <bool>
      sflow: <bool>
      qos_profile: <str>
      macsec_profile: <str>
      port_channel:
        mode: <str>
        nodes_child_interfaces:
          - node: <str>
            interfaces:
              - <str>
      raw_eos_cli: <str>
      structured_config: <dict>
  p2p_links:
    - nodes:
        - <str>
      profile: <str>
      id: <int>
      speed: <str>
      ip_pool: <str>
      subnet: <str>
      ip:
        - <str>
      ipv6_enable: <bool>
      interfaces:
        - <str>
      as:
        - <str>
      descriptions:
        - <str>
      include_in_underlay_protocol: <bool>
      isis_hello_padding: <bool>
      isis_metric: <int>
      isis_circuit_type: <str>
      isis_authentication_mode: <str>
      isis_authentication_key: <str>
      mpls_ip: <bool>
      mpls_ldp: <bool>
      mtu: <int>
      bfd: <bool>
      ptp:
        enabled: <bool>
      sflow: <bool>
      qos_profile: <str>
      macsec_profile: <str>
      port_channel:
        mode: <str>
        nodes_child_interfaces:
          - node: <str>
            interfaces:
              - <str>
      raw_eos_cli: <str>
      structured_config: <dict>

Core interfaces settings

The core_interfaces data model can be used to configure L3 P2P links anywhere in the fabric. It can be between two switches that are already part of the fabric inventory, or it can be towards another device, where only one end of the link is on a switch in the fabric.

The data model supports using IP pools, Subnet per link or specifying the IP addresses manually. For BGP peerings the AS number must be specified. If the AS number is different than the AS number configured for the node, the local-as will be replaced on this BGP peering (neighbor <ip> local-as <as> no-prepend replace-as).

Make sure to configure the variables in a group_vars file covering all devices mentioned in the data model.

Variable Type Required Default Value Restrictions Description
core_interfaces Dictionary
  p2p_links_ip_pools List, items: Dictionary
    - name String Required, Unique P2P pool name.
      ipv4_pool String IPv4 address/Mask.
      prefix_size Integer 31 Min: 8
Max: 31
Subnet mask size.
  p2p_links_profiles List, items: Dictionary
    - name String Required, Unique P2P profile name. Any variable supported under p2p_links can be inherited from a profile.
      id Integer Unique id per subnet_summary. Used to calculate ip addresses.
Required with ip_pool. ID starting from 1.
      speed String The values can be speed or auto speed or forced speed.
      ip_pool String P2P pool name. IP Pool defined under p2p_links_ip_pools. A /31 will be taken from the pool per P2P link.
      subnet String IPv4 address/Mask. Subnet used on this P2P link.
      ip List, items: String Specific IP addresses used on this P2P link.
        - <str> String Node IPv4 address/Mask.
      ipv6_enable Boolean False Allows turning on ipv6 for the link or profile (also autodetected based on underlay_rfc5549 and include_in_underlay_protocol).
      nodes List, items: String Nodes where this link should be configured.
        - <str> String The values can be < node_a >, < node_b >.
ex.- [ core-1-isis-sr-ldp, core-2-ospf-ldp ].
      interfaces List, items: String Interfaces where this link should be configured and Required unless using port-channels.
        - <str> String The value can be like < node_a_interface >, < node_b_interface >.
ex. - [ Ethernet2, Ethernet2 ].
      as List, items: String AS numbers for BGP.
Required with bgp peering.
        - <str> String The values can be like [“node_a_as”, “node_b_as”].
      descriptions List, items: String Interface description.
        - <str> String
      include_in_underlay_protocol Boolean True Add this interface to underlay routing protocol.
      isis_hello_padding Boolean False
      isis_metric Integer
      isis_circuit_type String Valid Values:
- level-1
- level-2
- level-1-2
      isis_authentication_mode String Valid Values:
- md5
- text
      isis_authentication_key String Type-7 encrypted password.
      mpls_ip Boolean MPLS parameters. Default value is true if switch.mpls_lsr is true.
      mpls_ldp Boolean MPLS parameters. Default value is true for ldp underlay variants, otherwise false.
      mtu Integer MTU for this P2P link. Default value same as p2p_uplinks_mtu.
      bfd Boolean False Enable BFD (only considered for BGP).
      ptp Dictionary PTP parameters.
        enabled Boolean False Enable PTP.
      sflow Boolean Enable sFlow. Overrides fabric_sflow setting.
      qos_profile String QOS service profile.
      macsec_profile String MAC security profile.
      port_channel Dictionary Port-channel parameters.
        mode String active
        nodes_child_interfaces List, items: Dictionary
          - node String Required, Unique
            interfaces List, items: String List of node interfaces. Ex.- [ ‘node1 interface1’, ‘node1 interface2’ ].
              - <str> String
      raw_eos_cli String EOS CLI rendered directly on the point-to-point interface in the final EOS configuration.
      structured_config Dictionary Custom structured config for interfaces
Note! The content of this dictionary is not validated by the schema, since it can be either ethernet_interfaces or port_channel_interfaces.
  p2p_links List, items: Dictionary
    - nodes List, items: String Required Nodes where this link should be configured.
        - <str> String The values can be < node_a >, < node_b >.
ex.- [ core-1-isis-sr-ldp, core-2-ospf-ldp ].
      profile String P2P profile name. Profile defined under p2p_profiles.
      id Integer Unique id per subnet_summary. Used to calculate ip addresses.
Required with ip_pool. ID starting from 1.
      speed String The values can be speed or auto speed or forced speed.
      ip_pool String P2P pool name. IP Pool defined under p2p_links_ip_pools. A /31 will be taken from the pool per P2P link.
      subnet String IPv4 address/Mask. Subnet used on this P2P link.
      ip List, items: String Specific IP addresses used on this P2P link.
        - <str> String Node IPv4 address/Mask.
      ipv6_enable Boolean False Allows turning on ipv6 for the link or profile (also autodetected based on underlay_rfc5549 and include_in_underlay_protocol).
      interfaces List, items: String Interfaces where this link should be configured and Required unless using port-channels.
        - <str> String The value can be like < node_a_interface >, < node_b_interface >.
ex. - [ Ethernet2, Ethernet2 ].
      as List, items: String AS numbers for BGP.
Required with bgp peering.
        - <str> String The values can be like [“node_a_as”, “node_b_as”].
      descriptions List, items: String Interface description.
        - <str> String
      include_in_underlay_protocol Boolean True Add this interface to underlay routing protocol.
      isis_hello_padding Boolean False
      isis_metric Integer
      isis_circuit_type String Valid Values:
- level-1
- level-2
- level-1-2
      isis_authentication_mode String Valid Values:
- md5
- text
      isis_authentication_key String Type-7 encrypted password.
      mpls_ip Boolean MPLS parameters. Default value is true if switch.mpls_lsr is true.
      mpls_ldp Boolean MPLS parameters. Default value is true for ldp underlay variants, otherwise false.
      mtu Integer MTU for this P2P link. Default value same as p2p_uplinks_mtu.
      bfd Boolean False Enable BFD (only considered for BGP).
      ptp Dictionary PTP parameters.
        enabled Boolean False Enable PTP.
      sflow Boolean Enable sFlow. Overrides fabric_sflow setting.
      qos_profile String QOS service profile.
      macsec_profile String MAC security profile.
      port_channel Dictionary Port-channel parameters.
        mode String active
        nodes_child_interfaces List, items: Dictionary
          - node String Required, Unique
            interfaces List, items: String List of node interfaces. Ex.- [ ‘node1 interface1’, ‘node1 interface2’ ].
              - <str> String
      raw_eos_cli String EOS CLI rendered directly on the point-to-point interface in the final EOS configuration.
      structured_config Dictionary Custom structured config for interfaces
Note! The content of this dictionary is not validated by the schema, since it can be either ethernet_interfaces or port_channel_interfaces.
core_interfaces:
  p2p_links_ip_pools:
    - name: <str>
      ipv4_pool: <str>
      prefix_size: <int>
  p2p_links_profiles:
    - name: <str>
      id: <int>
      speed: <str>
      ip_pool: <str>
      subnet: <str>
      ip:
        - <str>
      ipv6_enable: <bool>
      nodes:
        - <str>
      interfaces:
        - <str>
      as:
        - <str>
      descriptions:
        - <str>
      include_in_underlay_protocol: <bool>
      isis_hello_padding: <bool>
      isis_metric: <int>
      isis_circuit_type: <str>
      isis_authentication_mode: <str>
      isis_authentication_key: <str>
      mpls_ip: <bool>
      mpls_ldp: <bool>
      mtu: <int>
      bfd: <bool>
      ptp:
        enabled: <bool>
      sflow: <bool>
      qos_profile: <str>
      macsec_profile: <str>
      port_channel:
        mode: <str>
        nodes_child_interfaces:
          - node: <str>
            interfaces:
              - <str>
      raw_eos_cli: <str>
      structured_config: <dict>
  p2p_links:
    - nodes:
        - <str>
      profile: <str>
      id: <int>
      speed: <str>
      ip_pool: <str>
      subnet: <str>
      ip:
        - <str>
      ipv6_enable: <bool>
      interfaces:
        - <str>
      as:
        - <str>
      descriptions:
        - <str>
      include_in_underlay_protocol: <bool>
      isis_hello_padding: <bool>
      isis_metric: <int>
      isis_circuit_type: <str>
      isis_authentication_mode: <str>
      isis_authentication_key: <str>
      mpls_ip: <bool>
      mpls_ldp: <bool>
      mtu: <int>
      bfd: <bool>
      ptp:
        enabled: <bool>
      sflow: <bool>
      qos_profile: <str>
      macsec_profile: <str>
      port_channel:
        mode: <str>
        nodes_child_interfaces:
          - node: <str>
            interfaces:
              - <str>
      raw_eos_cli: <str>
      structured_config: <dict>

Flagging a device as not deployed

  • It is possible to provision configurations for a complete topology but flag devices as undeployed using the host level variable is_deployed: false.
  • By default, this will have no impact within the eos_designs role. Configs will still be generated by the eos_cli_config_gen role and will still be pushed by the eos_config_deploy_eapi directly to devices if used.
  • However, if the eos_config_deploy_cvp role is used to push configurations, CloudVision will ignore the devices flagged as is_deployed: false and not attempt to configure them.
  • If the device is not present in the network due to CloudVision not configuring the device, eos_validate_state role will fail lldp_toplogy and interface tests on peers of the undeployed device trying to verify that interfaces are up.
  • To overcome this and shutdown interfaces towards undeployed peers, the variable shutdown_interfaces_towards_undeployed_peers can be used, satisfying the eos_validate_state role interface and lldp_topology tests. Again, this is only an issue if eos_config_deploy_cvp is used and the devices are not present in the network.
Variable Type Required Default Value Restrictions Description
is_deployed Boolean True Is device already deployed in the fabric.
When set to false, interfaces toward this device may be shutdown depending on the shutdown_interfaces_towards_undeployed_peers setting.
Furthermore eos_config_deploy_cvp will not attempt to move or apply configurations to the device.
is_deployed: <bool>

Fabric settings

The following underlay routing protocols are supported:

  • EBGP (default for l3ls-evpn)
  • OSPF.
  • ISIS.
  • ISIS-SR*.
  • ISIS-LDP*.
  • ISIS-SR-LDP*.
  • OSPF-LDP*.
  • none**.

* Only supported with core_interfaces data model.
** For use with design type “l2ls” or other designs where there is no requirement for a routing protocol for underlay and/or overlay on l3 devices.

Details on enable_trunk_groups

Enabling the use of trunk groups will change the behavior of several components in AVD.

Changes:

  • Requires Trunk Groups to be defined on all trunks towards connected endpoints
  • MLAG Trunk Group will be configured on all vlans on MLAG switches
  • Use Trunk Groups for uplinks to L2 switches instead of “switchport trunk allow vlan” lists.
    • On the parent switch a Trunk Group with the name of the L2 switch will be assigned on all vlans that are allowed towards the L2 switch.
    • The port-channel towards the L2 switch will be assigned to this trunk group only
    • Add UPLINK Trunk Group to all vlans on the L2 Switch and assign this to the uplink port-channel

Figure: Enable Trunk Groups

While it is recommended for consistency to set enable_trunk_groups for all devices in the fabric, it can also be set in group_vars or host_vars since trunk-groups are only local to a switch.

Warning

Because of the nature of the EOS Trunk Group feature, enabling this is “all or nothing”. All vlans and all trunks towards connected endpoints must be using trunk groups as well. If trunk groups are not assigned to a trunk, no vlans will be enabled on that trunk.

Details on only_local_vlan_trunk_groups

Enabling this feature will prevent unneeded trunk groups from being configured on vlans.

Using the figure under Details on enable_trunk_groups as basis enabling with feature would remove the unmatched trunk groups like this:

Figure: Enable only_local_vlan_trunk_groups

Variable Type Required Default Value Restrictions Description
enable_trunk_groups Boolean False Enable Trunk Group support across eos_designs.
Warning: Because of the nature of the EOS Trunk Group feature, enabling this is “all or nothing”.
All vlans and all trunks towards connected endpoints must be using trunk groups as well.
If trunk groups are not assigned to a trunk, no vlans will be enabled on that trunk.
See “Details on enable_trunk_groups” below before enabling this feature.
only_local_vlan_trunk_groups Boolean False A vlan can have many trunk_groups assigned.
To avoid unneeded configuration changes on all leaf switches when a new trunk group is added,
this feature will only configure the vlan trunk groups matched with local connected_endpoints.
See “Details on only_local_vlan_trunk_groups” below.
Requires “enable_trunk_groups: true”.
p2p_uplinks_mtu Integer 9214 Min: 68
Max: 65535
Point to Point Links MTU.
p2p_uplinks_qos_profile String QOS Profile assigned on all infrastructure links.
shutdown_interfaces_towards_undeployed_peers Boolean False - It is possible to provision configurations for a complete topology but flag devices as undeployed using the host level variable is_deployed: false.

yaml<br># Use at the host level<br>is_deployed: < true or false or default -> true ><br>

- By default, this will have no impact within the eos_designs role. Configs will still be generated by the eos_cli_config_gen role and will still be pushed by the eos_config_deploy_eapi directly to devices if used.
- However, if the eos_config_deploy_cvp role is used to push configurations, CloudVision will ignore the devices flagged as is_deployed: false and not attempt to configure them.
- If the device is not present in the network due to CloudVision not configuring the device, eos_validate_state role will fail tests on peers of the undeployed device trying to verify that interfaces are up.
- To overcome this and shutdown interfaces towards undeployed peers, the variable shutdown_interfaces_towards_undeployed_peers can be used, satisfying the eos_validate_state role interface tests.
- Again, this is only an issue if eos_config_deploy_cvp is used and the devices are not present in the network.
trunk_groups Dictionary
  mlag Dictionary Trunk Group used for MLAG VLAN (Typically VLAN 4094).
    name String MLAG
  mlag_l3 Dictionary Trunk Group used for MLAG L3 peering VLAN and for VRF L3 peering VLANs (Typically VLAN 4093).
    name String LEAF_PEER_L3
  uplink Dictionary Trunk Group used on L2 Leaf switches when “enable_trunk_groups” is set.
    name String UPLINK
underlay_filter_peer_as Boolean False Configure route-map on eBGP sessions towards underlay peers, where prefixes with the peer’s ASN in the AS Path are filtered away.
This is very useful in very large scale networks not using EVPN overlays, where convergence will be quicker by not having to return
all updates received from Spine-1 to Spine-2 just for Spine-2 to throw them away because of AS Path loop detection.
Note this key is ignored when EVPN is configured.
underlay_filter_redistribute_connected Boolean True Filter redistribution of connected into the underlay routing protocol.
Only applicable when overlay_routing_protocol != ‘none’ and underlay_routing_protocol == BGP.
Creates a route-map and prefix-list assigned to redistribute connected permitting only loopbacks and inband management subnets.
underlay_ipv6 Boolean False This feature allows IPv6 underlay routing protocol with RFC5549 addresses to be used along with IPv4 advertisements as VXLAN tunnel endpoints.
Requires “underlay_rfc5549: true” and “loopback_ipv6_pool” under the node type settings.
underlay_multicast Boolean False Enable Multicast in the underlay on all p2p uplink interfaces and mlag l3 peer interface.
Specifically PIM Sparse-Mode will be configured on all routed underlay interfaces.
No other configuration is added, so the underlay will only support Source-Specific Multicast (SSM).
The configuration is intended to be used as multicast underlay for EVPN OISM overlay.
underlay_multicast_anycast_rp Dictionary If multiple nodes are configured under ‘underlay_multicast_rps.[].nodes’ for the same RP address, they will be configured
with one of the following methods:
- Anycast RP using PIM (RFC4610).
- Anycast RP using MSDP (RFC4611).

NOTE: When using MSDP, all nodes across all MSDP enabled RPs will be added to a single MSDP mesh group named “ANYCAST-RP”.
  mode String pim Valid Values:
- pim
- msdp
underlay_multicast_rps List, items: Dictionary List of PIM Sparse-Mode Rendevouz Points configured for underlay multicast on all devices.
The device(s) listed under ‘nodes’, will be configured as the Rendevouz point router(s).
If multiple nodes are configured under ‘nodes’ for the same RP address, they will be configured
according to the ‘underlay_multicast_anycast_rp.mode’ setting.

Requires ‘underlay_multicast: true’.
  - rp String Required, Unique RP IPv4 address.
    nodes List, items: Dictionary List of nodes where a Loopback interface with the RP address will be configured.
      - name String Required, Unique Hostname.
        loopback_number Integer Required
        description String PIM RP Interface description.
    groups List, items: String List of groups to associate with the RP address set in ‘rp’.
If access_list_name is set, a standard access-list will be configured matching these groups.
Otherwise the groups are configured directly on the RP command.
      - <str> String Multicast Group IPv4 prefix/mask.
    access_list_name String Name of standard Access-List.
underlay_rfc5549 Boolean False Point to Point Underlay with RFC 5549(eBGP), i.e. IPv6 Unnumbered.
Requires “underlay_routing_protocol: ebgp”.
underlay_routing_protocol String Value is converted to lower case
Valid Values:
- ebgp
- ospf
- isis
- isis-sr
- isis-ldp
- isis-sr-ldp
- ospf-ldp
- The following underlay routing protocols are supported:
- EBGP (default for l3ls-evpn)
- OSPF.
- ISIS.
- ISIS-SR*.
- ISIS-LDP*.
- ISIS-SR-LDP*.
- OSPF-LDP*.
- The variables should be applied to all devices in the fabric.
*Only supported with core_interfaces data model.
uplink_ptp Dictionary Enable PTP on all infrastructure links.
  enable Boolean False
enable_trunk_groups: <bool>
only_local_vlan_trunk_groups: <bool>
p2p_uplinks_mtu: <int>
p2p_uplinks_qos_profile: <str>
shutdown_interfaces_towards_undeployed_peers: <bool>
trunk_groups:
  mlag:
    name: <str>
  mlag_l3:
    name: <str>
  uplink:
    name: <str>
underlay_filter_peer_as: <bool>
underlay_filter_redistribute_connected: <bool>
underlay_ipv6: <bool>
underlay_multicast: <bool>
underlay_multicast_anycast_rp:
  mode: <str>
underlay_multicast_rps:
  - rp: <str>
    nodes:
      - name: <str>
        loopback_number: <int>
        description: <str>
    groups:
      - <str>
    access_list_name: <str>
underlay_rfc5549: <bool>
underlay_routing_protocol: <str>
uplink_ptp:
  enable: <bool>

Management interface settings

Variable Type Required Default Value Restrictions Description
mgmt_destination_networks List, items: String List of IPv4 prefixes to configure as static routes towards the OOB Management interface gateway.
Replaces the default route.
  - <str> String IPv4_address/Mask.
mgmt_gateway String OOB Management interface gateway in IPv4 format.
Used as next-hop for default gateway or static routes defined under ‘mgmt_destination_networks’.
mgmt_interface String Management1 OOB Management interface.
mgmt_interface_description String oob_management Management interface description.
mgmt_interface_vrf String MGMT OOB Management VRF.
mgmt_vrf_routing Boolean False Configure IP routing for the OOB Management VRF.
mgmt_destination_networks:
  - <str>
mgmt_gateway: <str>
mgmt_interface: <str>
mgmt_interface_description: <str>
mgmt_interface_vrf: <str>
mgmt_vrf_routing: <bool>

BFD settings

Variable Type Required Default Value Restrictions Description
bfd_multihop Dictionary See (+) on YAML tab BFD Multihop tuning.
  interval Integer Required Min: 50
Max: 60000
  min_rx Integer Required Min: 50
Max: 60000
  multiplier Integer Required Min: 3
Max: 50
bfd_multihop: # (1)!
  interval: <int>
  min_rx: <int>
  multiplier: <int>
  1. Default Value

    bfd_multihop:
      interval: 300
      min_rx: 300
      multiplier: 3
    

BGP settings

Variable Type Required Default Value Restrictions Description
bgp_as String AS number to use to configure overlay when “overlay_routing_protocol” == ibgp.
bgp_default_ipv4_unicast Boolean False Default activation of IPv4 unicast address-family on all IPv4 neighbors.
It is best practice to disable activation.
bgp_distance Dictionary
  external_routes Integer Required Min: 1
Max: 255
  internal_routes Integer Required Min: 1
Max: 255
  local_routes Integer Required Min: 1
Max: 255
bgp_ecmp Integer 4 Maximum ECMP for BGP multi-path.
bgp_graceful_restart Dictionary BGP graceful-restart allows a BGP speaker with separate control plane and data plane processing to continue forwarding traffic during a BGP restart.
Its neighbors (receiving speakers) may retain routing information from the restarting speaker while a BGP session with it is being re-established, reducing route flapping.
  enabled Boolean Required False Enable or disable graceful-restart for all BGP peers.
  restart_time Integer 300 Min: 1
Max: 3600
Restart time in seconds.
bgp_maximum_paths Integer 4 Min: 1
Max: 512
Maximum Paths for BGP multi-path.
bgp_peer_groups Dictionary Leverage an Arista EOS switch to generate the encrypted password using the correct peer group name.
Note that the name of the peer groups use ‘-’ instead of ‘_’ in EOS configuration.
  ipv4_underlay_peers Dictionary
    name String IPv4-UNDERLAY-PEERS Name of peer group.
    password String Type 7 encrypted password.
    bfd Boolean False
    structured_config Dictionary Custom structured config added under router_bgp.peer_groups.[name=] for eos_cli_config_gen.
  mlag_ipv4_underlay_peer Dictionary
    name String MLAG-IPv4-UNDERLAY-PEER Name of peer group.
    password String Type 7 encrypted password.
    bfd Boolean False
    structured_config Dictionary Custom structured config added under router_bgp.peer_groups.[name=] for eos_cli_config_gen.
  evpn_overlay_peers Dictionary
    name String EVPN-OVERLAY-PEERS Name of peer group.
    password String Type 7 encrypted password.
    bfd Boolean True
    structured_config Dictionary Custom structured config added under router_bgp.peer_groups.[name=] for eos_cli_config_gen.
  evpn_overlay_core Dictionary
    name String EVPN-OVERLAY-CORE Name of peer group.
    password String Type 7 encrypted password.
    bfd Boolean True
    structured_config Dictionary Custom structured config added under router_bgp.peer_groups.[name=] for eos_cli_config_gen.
  mpls_overlay_peers Dictionary
    name String MPLS-OVERLAY-PEERS Name of peer group.
    password String Type 7 encrypted password.
    bfd Boolean True
    structured_config Dictionary Custom structured config added under router_bgp.peer_groups.[name=] for eos_cli_config_gen.
  rr_overlay_peers Dictionary
    name String RR-OVERLAY-PEERS Name of peer group.
    password String Type 7 encrypted password.
    bfd Boolean True
    structured_config Dictionary Custom structured config added under router_bgp.peer_groups.[name=] for eos_cli_config_gen.
  ipvpn_gateway_peers Dictionary
    name String IPVPN-GATEWAY-PEERS Name of peer group.
    password String Type 7 encrypted password.
    bfd Boolean True
    structured_config Dictionary Custom structured config added under router_bgp.peer_groups.[name=] for eos_cli_config_gen.
  IPv4_UNDERLAY_PEERS removed Dictionary This key was removed. Support was removed in AVD version 4.0.0. Use bgp_peer_groups.ipv4_underlay_peers instead.
  MLAG_IPv4_UNDERLAY_PEER removed Dictionary This key was removed. Support was removed in AVD version 4.0.0. Use bgp_peer_groups.mlag_ipv4_underlay_peer instead.
  EVPN_OVERLAY_PEERS removed Dictionary This key was removed. Support was removed in AVD version 4.0.0. Use bgp_peer_groups.evpn_overlay_peers instead.
bgp_update_wait_install Boolean Do not advertise reachability to a prefix until that prefix has been installed in hardware.
This will eliminate any temporary black holes due to a BGP speaker advertising reachability to a prefix that may not yet be installed into the forwarding plane.
bgp_update_wait_for_convergence Boolean Disables FIB updates and route advertisement when the BGP instance is initiated until the BGP convergence state is reached.
bgp_as: <str>
bgp_default_ipv4_unicast: <bool>
bgp_distance:
  external_routes: <int>
  internal_routes: <int>
  local_routes: <int>
bgp_ecmp: <int>
bgp_graceful_restart:
  enabled: <bool>
  restart_time: <int>
bgp_maximum_paths: <int>
bgp_peer_groups:
  ipv4_underlay_peers:
    name: <str>
    password: <str>
    bfd: <bool>
    structured_config: <dict>
  mlag_ipv4_underlay_peer:
    name: <str>
    password: <str>
    bfd: <bool>
    structured_config: <dict>
  evpn_overlay_peers:
    name: <str>
    password: <str>
    bfd: <bool>
    structured_config: <dict>
  evpn_overlay_core:
    name: <str>
    password: <str>
    bfd: <bool>
    structured_config: <dict>
  mpls_overlay_peers:
    name: <str>
    password: <str>
    bfd: <bool>
    structured_config: <dict>
  rr_overlay_peers:
    name: <str>
    password: <str>
    bfd: <bool>
    structured_config: <dict>
  ipvpn_gateway_peers:
    name: <str>
    password: <str>
    bfd: <bool>
    structured_config: <dict>
bgp_update_wait_install: <bool>
bgp_update_wait_for_convergence: <bool>

OSPF settings

Variable Type Required Default Value Restrictions Description
underlay_ospf_area String 0.0.0.0 Format: ipv4
underlay_ospf_bfd_enable Boolean False
underlay_ospf_max_lsa Integer 12000
underlay_ospf_process_id Integer 100
underlay_ospf_area: <str>
underlay_ospf_bfd_enable: <bool>
underlay_ospf_max_lsa: <int>
underlay_ospf_process_id: <int>

ISIS settings

Variable Type Required Default Value Restrictions Description
isis_advertise_passive_only Boolean False
isis_area_id String 49.0001
isis_default_circuit_type String level-2 Valid Values:
- level-1-2
- level-1
- level-2
These fabric level parameters can be used with core_interfaces running ISIS, and may be overridden on link profile or link level.
isis_default_is_type String level-2 Valid Values:
- level-1-2
- level-1
- level-2
isis_default_metric Integer 50 These fabric level parameters can be used with core_interfaces running ISIS, and may be overridden at link profile or link level.
isis_maximum_paths Integer Number of path to configure in ECMP for ISIS.
isis_ti_lfa Dictionary
  enabled Boolean False
  protection String Valid Values:
- link
- node
  local_convergence_delay Integer 10000 Local convergence delay in milliseconds.
underlay_isis_instance_name String Default -> “EVPN_UNDERLAY” for l3ls, “CORE” for mpls.
isis_advertise_passive_only: <bool>
isis_area_id: <str>
isis_default_circuit_type: <str>
isis_default_is_type: <str>
isis_default_metric: <int>
isis_maximum_paths: <int>
isis_ti_lfa:
  enabled: <bool>
  protection: <str>
  local_convergence_delay: <int>
underlay_isis_instance_name: <str>

Overlay settings

The following overlay routing protocols are supported:

  • EBGP (default for l3ls-evpn)
  • IBGP (only with OSPF or ISIS variants in underlay)
  • none*
  • HER (Head-End Replication)**
  • CVX (CloudVision eXchange)

* For use with design type “l2ls” or other designs where there is no requirement for a routing protocol for underlay and/or overlay on l3 devices.
** By setting overlay_routing_protocol:HER, eos_designs will configure static VXLAN flood-lists instead of using a dynamic overlay protocol.

Variable Type Required Default Value Restrictions Description
bgp_mesh_pes Boolean False Configure an iBGP full mesh between PEs, either because there is no RR used or other reasons.
Only supported in combination with MPLS overlay.
mlag_ibgp_peering_vrfs Dictionary On mlag leafs, an SVI interface is defined per vrf, to establish iBGP peering (required when there are MLAG leafs in topology).
The SVI id will be derived from the base vlan defined: mlag_ibgp_peering_vrfs.base_vlan + (vrf_id or vrf_vni) - 1.
Depending on the values of vrf_id / vrf_vni it may be required to adjust the base_vlan to avoid overlaps or invalid vlan ids.
The SVI ip address derived from mlag_l3_peer_ipv4_pool is re-used across all iBGP peerings.
  base_vlan Integer 3000 Min: 1
Max: 4093
overlay_cvx_servers List, items: String List of CVX vxlan overlay controllers.
Required if overlay_routing_protocol == CVX.
CVX servers (VMs) are peering using their management interface, so mgmt_ip must be set for all CVX servers.
  - <str> String ‘inventory_hostname’ of CVX server
overlay_her_flood_list_per_vni Boolean False When using Head-End Replication, configure flood-lists per VNI.
By default HER will be configured with a common flood-list containing all VTEPs.
This behavior can be changed to per-VNI flood-lists by setting overlay_her_flood_list_per_vni: true.
This will make eos_designs consider configured VLANs per VTEP, and only include the relevant VTEPs to each VNI’s flood-list.
overlay_her_flood_list_scope String fabric Valid Values:
- fabric
- dc
When using Head-End Replication, set the scope of flood-lists to Fabric or DC.
By default all VTEPs in the Fabric (part of the inventory group referenced by “fabric_name”) are added to the flood-lists.
This can be changed to all VTEPs in the DC (sharing the same “dc_name” value).
This is useful if Border Leaf switches are dividing the VXLAN overlay into separate domains.
overlay_loopback_description String Customize the description on overlay interface Loopback0.
overlay_mlag_rfc5549 Boolean False IPv6 Unnumbered for MLAG iBGP connections.
Requires “underlay_rfc5549: true”.
overlay_rd_type Dictionary Configuration options for the Administrator subfield (first part of RD) and the Assigned Number subfield (second part of RD).

By default Route Distinguishers (RD) are set to:
- <overlay_loopback>:<mac_vrf_id_base + vlan_id or mac_vrf_vni_base + vlan_id> for VLANs and VLAN-Aware Bundles with L2 vlans.
- <overlay_loopback>:<vlan_aware_bundle_number_base + vrf_id> for VLAN-Aware Bundles with SVIs.
- <overlay_loopback>:<vrf_id> for VRFs.

Note:
RD is a 48-bit value which is split into <16-bit>:<32-bit> or <32-bit>:<16-bit>.
When using loopback or 32-bit ASN/number the assigned number can only be a 16-bit number. This may be a problem with large VNIs.
For 16-bit ASN/number the assigned number can be a 32-bit number.
  admin_subfield String overlay_loopback_ip The method for deriving RD Administrator subfield (first part of RD):
- ‘overlay_loopback_ip’ means the IP address of Loopback0.
- ‘vtep_loopback’ means the IP address of the VTEP loopback interface.
- ‘bgp_as’ means the AS number of the device.
- ‘switch_id’ means the ‘id’ value of the device.
- Any without mask.
- Integer between <0-65535>.
- Integer between <0-4294967295>.
  admin_subfield_offset String Offset can only be used if admin_subfield is an integer between <0-4294967295> or ‘switch_id’.
Total value of admin_subfield + admin_subfield_offset must be <= 4294967295.
  vrf_admin_subfield String The method for deriving RD Administrator subfield (first part of RD) for VRF services:
- ‘overlay_loopback_ip’ means the IP address of Loopback0.
- ‘vtep_loopback’ means the IP address of the VTEP loopback interface.
- ‘bgp_as’ means the AS number of the device.
- ‘switch_id’ means the ‘id’ value of the device.
- Any without mask.
- Integer between <0-65535>.
- Integer between <0-4294967295>.

‘vrf_admin_subfield’ takes precedence for VRF RDs if set. Otherwise the ‘admin_subfield’ value will be used.
  vrf_admin_subfield_offset String Offset can only be used if ‘vrf_admin_subfield’ is an integer between <0-4294967295> or ‘switch_id’.
Total value of ‘vrf_admin_subfield’ + ‘vrf_admin_subfield_offset’ must be <= 4294967295.
  vlan_assigned_number_subfield String mac_vrf_id Valid Values:
- mac_vrf_id
- mac_vrf_vni
- vlan_id
The method for deriving RD Assigned Number subfield for VLAN services (second part of RD):
- ‘mac_vrf_id’ means (mac_vrf_id_base or mac_vrf_vni_base) + vlan_id.
- ‘mac_vrf_vni’ means (mac_vrf_vni_base or mac_vrf_id_base) + vlan_id.
- ‘vlan_id’ will only use the ‘vlan_id’ and ignores all base values.

These methods can be overridden per VLAN if either ‘rd_override’, ‘rt_override’ or ‘vni_override’ is set (preferred in this order).
overlay_routing_protocol String ebgp Value is converted to lower case
Valid Values:
- ebgp
- ibgp
- cvx
- her
- none
- The following overlay routing protocols are supported:
- eBGP: Configures fabric with eBGP, default for l3ls-evpn design.
- iBGP: Configured fabric with iBGP, only supported with OSPF or ISIS variants in underlay, default for mpls design.
- CVX: Configures fabric to leverage CloudVision eXchange as the overlay controller.
- HER: Configures fabric with Head-End Replication, configures static VXLAN flood-lists instead of using a dynamic overlay protocol.
- none: No overlay configuration will be generated, default for l2ls design.
overlay_routing_protocol_address_family String ipv4 Valid Values:
- ipv4
- ipv6
When set to ipv6, enable overlay EVPN peering with IPv6 addresses.
This feature depends on underlay_ipv6 variable. As of today, only RFC5549 is capable to transport IPv6 in the underlay.
overlay_rt_type Dictionary Configuration options for the Administrator subfield (first part of RT) and the Assigned Number subfield (second part of RT).

By default Route Targets (RT) are set to:
- <(mac_vrf_id_base or mac_vrf_vni_base) + vlan_id>:<(mac_vrf_id_base or mac_vrf_vni_base) + vlan_id> for VLANs and VLAN-Aware Bundles with L2 vlans.
- <vlan_aware_bundle_number_base + vrf_id>:<vlan_aware_bundle_number_base + vrf_id> for VLAN-Aware Bundles with SVIs.
- <vrf_id>:<vrf_id> for VRFs.

Notes:
RT is a 48-bit value which is split into <16-bit>:<32-bit> or <32-bit>:<16-bit>.
When using 32-bit ASN/number the VNI can only be a 16-bit number. Alternatively use vlan_id/vrf_id as assigned number.
For 16-bit ASN/number the assigned number can be a 32-bit number.
  admin_subfield String vrf_id The method for deriving RT Administrator subfield (first part of RT):
- ‘vrf_id’ means (mac_vrf_id_base or mac_vrf_vni_base) + vlan_id for VLANs and (vrf_id or vrf_vni) for VRFs.
- ‘vrf_vni’ means (mac_vrf_vni_base or mac_vrf_id_base) + vlan_id for VLANs and (vrf_vni or vrf_id) for VRFs.
- ‘id’ means vlan_id for VLANs and (vrf_id or vrf_vni) for VRFs.
- ‘bgp_as’ means the AS number of the device.
- Integer between <0-65535>.
- Integer between <0-4294967295>.

The ‘vrf_id’ and ‘vrf_vni’ methods can be overridden per VLAN if either ‘rt_override’ or ‘vni_override’ is set (preferred in this order).
  vrf_admin_subfield String vrf_id The method for deriving RT Administrator subfield (first part of RT) for VRF services:
- ‘id’ means (vrf_id or vrf_vni).
- ‘vrf_id’ means (vrf_id or vrf_vni).
- ‘vrf_vni’ means (vrf_vni or vrf_id).
- ‘bgp_as’ means the AS number of the device.
- Integer between <0-65535>.
- Integer between <0-4294967295>.

‘vrf_admin_subfield’ takes precedence for VRF RDs if set. Otherwise the ‘admin_subfield’ value will be used.
  vlan_assigned_number_subfield String mac_vrf_id Valid Values:
- mac_vrf_id
- mac_vrf_vni
- vlan_id
The method for deriving RT Assigned Number subfield for VLAN services (second part of RT):
- ‘mac_vrf_id’ means (mac_vrf_id_base or mac_vrf_vni_base) + vlan_id.
- ‘mac_vrf_vni’ means (mac_vrf_vni_base or mac_vrf_id_base) + vlan_id.
- ‘vlan_id’ will only use the ‘vlan_id’ and ignores all base values.

These methods can be overridden per VLAN if either ‘rt_override’ or ‘vni_override’ is set (preferred in this order).
vtep_vvtep_ip String IP Address used as Virtual VTEP. Will be configured as secondary IP on Loopback1.
This is only needed for centralized routing designs.
bgp_mesh_pes: <bool>
mlag_ibgp_peering_vrfs:
  base_vlan: <int>
overlay_cvx_servers:
  - <str>
overlay_her_flood_list_per_vni: <bool>
overlay_her_flood_list_scope: <str>
overlay_loopback_description: <str>
overlay_mlag_rfc5549: <bool>
overlay_rd_type:
  admin_subfield: <str>
  admin_subfield_offset: <str>
  vrf_admin_subfield: <str>
  vrf_admin_subfield_offset: <str>
  vlan_assigned_number_subfield: <str>
overlay_routing_protocol: <str>
overlay_routing_protocol_address_family: <str>
overlay_rt_type:
  admin_subfield: <str>
  vrf_admin_subfield: <str>
  vlan_assigned_number_subfield: <str>
vtep_vvtep_ip: <str>

EVPN settings

Variable Type Required Default Value Restrictions Description
evpn_ebgp_gateway_inter_domain Boolean
evpn_ebgp_gateway_multihop Integer 15 Default of 15, considering a large value to avoid BGP reachability issues in very complex DCI networks.
Adapt the value for your specific topology.
evpn_ebgp_multihop Integer 3 Default of 3, the recommended value for a 3 stage spine and leaf topology.
Set to a higher value to allow for very large and complex topologies.
evpn_hostflap_detection Dictionary
  enabled Boolean True If set to false it will disable EVPN host-flap detection.
  threshold Integer 5 Minimum number of MAC moves that indicate a MAC duplication issue.
  window Integer 180 Time (in seconds) to detect a MAC duplication issue.
  expiry_timeout Integer Time (in seconds) to purge a MAC duplication issue.
evpn_import_pruning Boolean False Enable VPN import pruning (Min. EOS 4.24.2F).
The Route Target extended communities carried by incoming VPN paths will be examined.
If none of those Route Targets have been configured for import, the path will be immediately discarded.
evpn_multicast Boolean False General Configuration required for EVPN Multicast. “evpn_l2_multicast” or “evpn_l3_multicast” must also be configured under the Network Services (tenants).
Requires “underlay_multicast: true” and IGMP snooping enabled globally (default).
For MLAG devices Route Distinguisher must be unique since this feature will create multi-vtep configuration.
Warning !!! For Trident3 based platforms i.e 7050X3, 7300X3, 720XP and 722XP
The Following default platform setting will be configured: “platform trident forwarding-table partition flexible exact-match 16384 l2-shared 98304 l3-shared 131072”
All forwarding agents will be restarted when this configuration is applied.
You can tune the settings by overridding the default variable: “platform_settings[platforms].trident_forwarding_table_partition:”
Please contact an Arista representative for help with determining the appropriate values for your environment.
evpn_overlay_bgp_rtc Boolean False Enable Route Target Membership Constraint Address Family on EVPN overlay BGP peerings (Min. EOS 4.25.1F).
Requires use eBGP as overlay protocol.
evpn_prevent_readvertise_to_server Boolean False Configure route-map on eBGP sessions towards route-servers, where prefixes with the peer’s ASN in the AS Path are filtered away.
This is very useful in large-scale networks, where convergence will be quicker by not returning all updates received
from Route-server-1 to Router-server-2 just for Route-server-2 to throw them away because of AS Path loop detection.
evpn_rd_type removed Dictionary This key was removed. Support was removed in AVD version 4.0.0. Use overlay_rd_type instead.
evpn_rt_type removed Dictionary This key was removed. Support was removed in AVD version 4.0.0. Use overlay_rt_type instead.
evpn_short_esi_prefix String 0000:0000: Configure prefix for “short_esi” values.
evpn_vlan_aware_bundles Boolean False Enable vlan aware bundles for EVPN MAC-VRF.
fabric_evpn_encapsulation String vxlan Valid Values:
- vxlan
- mpls
Should be set to mpls for evpn-mpls scenario.
vxlan_vlan_aware_bundles removed Boolean False This key was removed. Support was removed in AVD version 4.0.0. Use evpn_vlan_aware_bundles instead.
evpn_ebgp_gateway_inter_domain: <bool>
evpn_ebgp_gateway_multihop: <int>
evpn_ebgp_multihop: <int>
evpn_hostflap_detection:
  enabled: <bool>
  threshold: <int>
  window: <int>
  expiry_timeout: <int>
evpn_import_pruning: <bool>
evpn_multicast: <bool>
evpn_overlay_bgp_rtc: <bool>
evpn_prevent_readvertise_to_server: <bool>
evpn_short_esi_prefix: <str>
evpn_vlan_aware_bundles: <bool>
fabric_evpn_encapsulation: <str>

Management settings

Variable Type Required Default Value Restrictions Description
event_handlers List, items: Dictionary Gives the ability to monitor and react to Syslog messages.
Event Handlers provide a powerful and flexible tool that can be used to apply self-healing actions,
customize the system behavior, and implement workarounds to problems discovered in the field.
  - name String Required, Unique Event Handler Name
    action_type String Valid Values:
- bash
- increment
- log
    action String Command to execute
    delay Integer Event-handler delay in seconds
    trigger String Valid Values:
- on-logging
- on-startup-config
Configure event trigger condition.
    regex String Regular expression to use for searching log messages. Required for on-logging trigger
    asynchronous Boolean False Set the action to be non-blocking.
ipv6_mgmt_destination_networks List, items: String List of IPv6 prefixes to configure as static routes towards the OOB IPv6 Management interface gateway.
Replaces the default route.
  - <str> String IPv6_network/Mask.
ipv6_mgmt_gateway String Format: ipv6 OOB Management interface gateway in IPv6 format.
Used as next-hop for default gateway or static routes defined under ‘ipv6_mgmt_destination_networks’.
local_users List, items: Dictionary
  - name String Required, Unique Username
    disabled Boolean If true, the user will be removed and all other settings are ignored.
Useful for removing the default “admin” user.
    privilege Integer Min: 0
Max: 15
Initial privilege level with local EXEC authorization.
    role String EOS RBAC Role to be assigned to the user such as “network-admin” or “network-operator”
    sha512_password String SHA512 Hash of Password
Must be the hash of the password. By default EOS salts the password with the username, so the simplest is to generate the hash on an EOS device using the same username.
    no_password Boolean If set a password will not be configured for this user. “sha512_password” MUST not be defined for this user.
    ssh_key String
    shell String Valid Values:
- /bin/bash
- /bin/sh
- /sbin/nologin
Specify shell for the user
management_eapi Dictionary Default is HTTPS management eAPI enabled.
The VRF is set to < mgmt_interface_vrf >.
  enable_http Boolean False
  enable_https Boolean True
  default_services Boolean
name_servers List, items: String List of DNS servers. The VRF is set to < mgmt_interface_vrf >.
  - <str> String IPv4 address
snmp_settings Dictionary Set SNMP settings (optional).
  contact String SNMP contact.
  location Boolean False Set SNMP location. Formatted as “ “.
  compute_local_engineid Boolean False Generate a local engineId for SNMP using the ‘compute_local_engineid_source’ method.
  compute_local_engineid_source String hostname_and_ip Valid Values:
- hostname_and_ip
- system_mac
compute_local_engineid_source supports:
- hostname_and_ip generate a local engineId for SNMP by hashing via SHA1
the string generated via the concatenation of the hostname plus the management IP.
{{ inventory_hostname }} + {{ switch.mgmt_ip }}.
- system_mac generate the switch default engine id for AVD usage.
To use this, system_mac_address MUST be set for the device.
The formula is f5717f + system_mac_address + 00.
  compute_v3_user_localized_key Boolean False Requires compute_local_engineid to be true.
If enabled, the SNMPv3 passphrases for auth and priv are transformed using RFC 2574, matching the value they would take in EOS CLI.
The algorithm requires a local engineId, which is unknown to AVD, hence the necessity to generate one beforehand.
  users List, items: Dictionary
    - name String Username
      group String Configuration of the SNMP User Groups are currently only possible using structured_config.
      version String Valid Values:
- v1
- v2c
- v3
      auth String Valid Values:
- md5
- sha
- sha256
- sha384
- sha512
      auth_passphrase String Cleartext passphrase so the recommendation is to use vault. Requires ‘auth’ to be set.
      priv String Valid Values:
- des
- aes
- aes192
- aes256
      priv_passphrase String Cleartext passphrase so the recommendation is to use vault. Requires ‘priv’ to be set.
timezone String Clock timezone like “CET” or “US/Pacific”.
event_handlers:
  - name: <str>
    action_type: <str>
    action: <str>
    delay: <int>
    trigger: <str>
    regex: <str>
    asynchronous: <bool>
ipv6_mgmt_destination_networks:
  - <str>
ipv6_mgmt_gateway: <str>
local_users:
  - name: <str>
    disabled: <bool>
    privilege: <int>
    role: <str>
    sha512_password: <str>
    no_password: <bool>
    ssh_key: <str>
    shell: <str>
management_eapi:
  enable_http: <bool>
  enable_https: <bool>
  default_services: <bool>
name_servers:
  - <str>
snmp_settings:
  contact: <str>
  location: <bool>
  compute_local_engineid: <bool>
  compute_local_engineid_source: <str>
  compute_v3_user_localized_key: <bool>
  users:
    - name: <str>
      group: <str>
      version: <str>
      auth: <str>
      auth_passphrase: <str>
      priv: <str>
      priv_passphrase: <str>
timezone: <str>

Source-interfaces settings

Variable Type Required Default Value Restrictions Description
source_interfaces Dictionary Configure source-interfaces based on the management interfaces set for other eos_designs data models.
By default, no source-interfaces will be configured. They can still be configured manually using eos_cli_config_gen and custom structured configuration.
EOS supports a single source-interface per VRF, so an error will be raised in case of conflicts.
Errors will also be raised if an interface is not found for a device.
  domain_lookup Dictionary IP Domain Lookup source-interfaces.
    mgmt_interface Boolean Configure an IP Domain Lookup source-interface with the interface set by mgmt_interface for the VRF set by mgmt_interface_vrf.
mgmt_interface is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var.
    inband_mgmt_interface Boolean Configure an IP Domain Lookup source-interface with the interface set by inband_mgmt_interface for the VRF set by inband_mgmt_vrf.
inband_mgmt_interface is typically a loopback or SVI interface, and can be set under the node settings.
  http_client Dictionary IP HTTP Client source-interfaces.
    mgmt_interface Boolean Configure an IP HTTP Client source-interface with the interface set by mgmt_interface for the VRF set by mgmt_interface_vrf.
mgmt_interface is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var.
    inband_mgmt_interface Boolean Configure an IP HTTP Client source-interface with the interface set by inband_mgmt_interface for the VRF set by inband_mgmt_vrf.
inband_mgmt_interface is typically a loopback or SVI interface, and can be set under the node settings.
  radius Dictionary IP Radius source-interfaces.
    mgmt_interface Boolean Configure an IP Radius source-interface with the interface set by mgmt_interface for the VRF set by mgmt_interface_vrf.
mgmt_interface is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var.
    inband_mgmt_interface Boolean Configure an IP Radius source-interface with the interface set by inband_mgmt_interface for the VRF set by inband_mgmt_vrf.
inband_mgmt_interface is typically a loopback or SVI interface, and can be set under the node settings.
  ssh_client Dictionary IP SSH Client source-interfaces.
    mgmt_interface Boolean Configure an IP SSH Client source-interface with the interface set by mgmt_interface for the VRF set by mgmt_interface_vrf.
mgmt_interface is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var.
    inband_mgmt_interface Boolean Configure an IP SSH Client source-interface with the interface set by inband_mgmt_interface for the VRF set by inband_mgmt_vrf.
inband_mgmt_interface is typically a loopback or SVI interface, and can be set under the node settings.
  tacacs Dictionary IP Tacacs source-interfaces.
    mgmt_interface Boolean Configure an IP Tacacs source-interface with the interface set by mgmt_interface for the VRF set by mgmt_interface_vrf.
mgmt_interface is typically the out-of-band Management interface, and can be set under the node settings, platform settings or as a group/host var.
    inband_mgmt_interface Boolean Configure an IP Tacacs source-interface with the interface set by inband_mgmt_interface for the VRF set by inband_mgmt_vrf.
inband_mgmt_interface is typically a loopback or SVI interface, and can be set under the node settings.
source_interfaces:
  domain_lookup:
    mgmt_interface: <bool>
    inband_mgmt_interface: <bool>
  http_client:
    mgmt_interface: <bool>
    inband_mgmt_interface: <bool>
  radius:
    mgmt_interface: <bool>
    inband_mgmt_interface: <bool>
  ssh_client:
    mgmt_interface: <bool>
    inband_mgmt_interface: <bool>
  tacacs:
    mgmt_interface: <bool>
    inband_mgmt_interface: <bool>

System settings

Variable Type Required Default Value Restrictions Description
default_igmp_snooping_enabled Boolean True When set to false, disables IGMP snooping at fabric level and overrides per vlan settings.
hardware_counters Dictionary
  features List, items: Dictionary This data model allows to configure the list of hardware counters feature
available on Arista platforms.

The name key accepts a list of valid_values which MUST be updated to support
new feature as they are released in EOS.

The available values of the different keys like ‘direction’ or ‘address_type’
are feature and hardware dependent and this model DOES NOT validate that the
combinations are valid. It is the responsability of the user of this data model
to make sure that the rendered CLI is accepted by the targeted device.

Examples:

* Use:
yaml<br> hardware_counters:<br> features:<br> - name: ip<br> direction: out<br> layer3: true<br> units_packets: true<br>

to render:
eos<br> hardware counter feature ip out layer3 units packets<br>
* Use:
yaml<br> hardware_counters:<br> features:<br> - name: route<br> address_type: ipv4<br> vrf: test<br> prefix: 192.168.0.0/24<br>

to render:
eos<br> hardware counter feature route ipv4 vrf test 192.168.0.0/24<br>
    - name String Valid Values:
- acl
- decap-group
- directflow
- ecn
- flow-spec
- gre tunnel interface
- ip
- mpls interface
- mpls lfib
- mpls tunnel
- multicast
- nexthop
- pbr
- pdp
- policing interface
- qos
- qos dual-rate-policer
- route
- routed-port
- subinterface
- tapagg
- traffic-class
- traffic-policy
- vlan
- vlan-interface
- vni decap
- vni encap
- vtep decap
- vtep encap
      direction String Valid Values:
- in
- out
- cpu
Most features support only ‘in’ and ‘out’. Some like traffic-policy support ‘cpu’.
Some features DO NOT have any direction.
This validation IS NOT made by the schemas.
      address_type String Valid Values:
- ipv4
- ipv6
- mac
Supported only for the following features:
- acl: [ipv4, ipv6, mac] if direction is ‘out’
- multicast: [ipv4, ipv6]
- route: [ipv4, ipv6]
This validation IS NOT made by the schemas.
      layer3 Boolean Supported only for the ‘ip’ feature
      vrf String Supported only for the ‘route’ feature.
This validation IS NOT made by the schemas.
      prefix String Supported only for the ‘route’ feature.
Mandatory for the ‘route’ feature.
This validation IS NOT made by the schemas.
      units_packets Boolean
internal_vlan_order Dictionary See (+) on YAML tab Internal vlan allocation order and range.
  allocation String Required Valid Values:
- ascending
- descending
  range Dictionary
    beginning Integer Required Min: 2
Max: 4094
First VLAN ID.
    ending Integer Required Min: 2
Max: 4094
Last VLAN ID.
mac_address_table Dictionary MAC address-table aging time.
Use to change the EOS default of 300.
  aging_time Integer Min: 0
Max: 1000000
Aging time in seconds 10-1000000.
Enter 0 to disable aging.
queue_monitor_length Dictionary
  enabled Boolean Required
  notifying Boolean If True, eos_designs will configure queue-monitor length notifying according to the
platform_settings.[].feature_support.queue_monitor_length_notify setting.
  default_thresholds Dictionary
    high Integer Required Default high threshold for Ethernet Interfaces.
    low Integer Default low threshold for Ethernet Interfaces.
Low threshold support is platform dependent.
  log Integer Logging interval in seconds
  cpu Dictionary
    thresholds Dictionary
      high Integer Required
      low Integer
redundancy Dictionary Redundancy for chassis platforms with dual supervisors
  protocol String Valid Values:
- sso
- rpr
serial_number String Serial Number of the device.
Used for documentation purpose in the fabric documentation as can also be used by the ‘eos_config_deploy_cvp’ role.
“serial_number” can also be set directly under node type settings.
If both are set, the value under node type settings takes precedence.
system_mac_address String Set to the same MAC address as available in “show version” on the device.
“system_mac_address” can also be set under node type settings.
If both are set, the value under node type settings takes precedence.
default_igmp_snooping_enabled: <bool>
hardware_counters:
  features:
    - name: <str>
      direction: <str>
      address_type: <str>
      layer3: <bool>
      vrf: <str>
      prefix: <str>
      units_packets: <bool>
internal_vlan_order: # (1)!
  allocation: <str>
  range:
    beginning: <int>
    ending: <int>
mac_address_table:
  aging_time: <int>
queue_monitor_length:
  enabled: <bool>
  notifying: <bool>
  default_thresholds:
    high: <int>
    low: <int>
  log: <int>
  cpu:
    thresholds:
      high: <int>
      low: <int>
redundancy:
  protocol: <str>
serial_number: <str>
system_mac_address: <str>
  1. Default Value

    internal_vlan_order:
      allocation: ascending
      range:
        beginning: 1006
        ending: 1199
    

CloudVision Settings

Variable Type Required Default Value Restrictions Description
cvp_ingestauth_key String On-premise CVP ingest auth key. If set, TerminAttr will be configured with key-based authentication for on-premise CVP.
If not set, TerminAttr will be configured with certificate based authentication:
- On-premise using token onboarding. Default token path is ‘/tmp/token’.
- CVaaS using token-secure onboarding. Default token path is ‘/tmp/cv-onboarding-token’.
Token must be copied to the device first.
cvp_instance_ip deprecated String IPv4 address or DNS name for CloudVision.
This variable only supports an on-premise single-node cluster or the DNS name of a CloudVision as a Service instance.This key is deprecated. Support will be removed in AVD version 5.0.0. Use cvp_instance_ips instead.
cvp_instance_ips List, items: String List of IPv4 addresses or DNS names for CloudVision.
For on-premise CloudVision enter all the nodes of the cluster.
For CloudVision as a Service enter the DNS name of the instance.
eos_designs only supports one CloudVision cluster.
  - <str> String IPv4 address or DNS name for CloudVision
cvp_token_file String cvp_token_file is the path to the token file on the switch.
If not set the default locations for on-premise or CVaaS will be used.
See cvp_ingestauth_key for details.
terminattr_disable_aaa Boolean False
terminattr_ingestexclude String /Sysdb/cell/1/agent,/Sysdb/cell/2/agent
terminattr_ingestgrpcurl_port Integer 9910 Port number used for Terminattr connection to an on-premise CloudVision cluster.
The port number is always 443 when using CloudVision as a Service, so this value is ignored.
terminattr_smashexcludes String ale,flexCounter,hardware,kni,pulse,strata
cvp_ingestauth_key: <str>
cvp_instance_ip: <str>
cvp_instance_ips:
  - <str>
cvp_token_file: <str>
terminattr_disable_aaa: <bool>
terminattr_ingestexclude: <str>
terminattr_ingestgrpcurl_port: <int>
terminattr_smashexcludes: <str>

Endpoint connectivity

AVD supports two different data models for defining connectivity to endpoints:

  • “Connected Endpoints” is an endpoint-centric model intended for servers or other use cases where most ports have unique configurations.
  • “Network Ports” is a compact and port-centric model intended for configuration of generic port configurations on large ranges of ports.

Both data models share the same underlying implementation and can coexist without conflicts. If a switch port is defined in both “Connected Endpoints” and “Network Ports”, the “Connected Endpoints” configuration will take precedence.

Both data models support variable inheritance from profiles defined under port_profiles. The profiles can be shared between the models. Any setting defined under the port_profiles will be inherited from parent_profile to profile to adapter.

Connected endpoints settings

  • The connected endpoints variables define connectivity from the perspective of the endpoints that connect to the fabric.
  • Each endpoint can have one or more adapters defined, under which the connected switches, switch_ports and endpoint_ports must be set.
  • If port_channel mode is enabled under one “adapter”, all switch_ports connected to that “adapter” will become part of this port-channel.
  • The keys used to define connected endpoints are configurable using connected_endpoints_keys. The default available keys are:
    • servers
    • firewalls
    • routers
    • load_balancers
    • storage_arrays
    • cpes
    • workstations
    • access_points
    • phones
    • printers
    • cameras
    • generic_devices
Example with profiles
port_profiles:

  - profile: VM_Servers
    mode: trunk
    vlans: "110-111,120-121,130-131"
    spanning_tree_portfast: edge

  - profile: MGMT
    mode: access
    vlans: "110"

  - profile: DB_Clusters
    mode: trunk
    vlans: "140-141"

servers:
  - name: server01
    rack: RackB
    adapters:

      # Single homed interface from E0 toward DC1-LEAF1A_Eth5
      - endpoint_ports: [ E0 ]
        switch_ports: [ Ethernet5 ]
        switches: [ DC1-LEAF1A ]
        profile: MGMT

      # MLAG dual-homed connection from E1 to DC1-LEAF2A_Eth10
      #                            from E2 to DC1-LEAF2B_Eth10
      - endpoint_ports: [ E1, E2 ]
        switch_ports: [ Ethernet10, Ethernet10 ]
        switches: [ DC1-LEAF2A, DC1-LEAF2B ]
        profile: DB_Clusters
        port_channel:
          description: PortChanne1
          mode: active

  - name: server03
    rack: RackC
    adapters:

      # MLAG dual-homed connection from E0 to DC1-SVC3A_Eth10
      #                            from E1 to DC1-SVC3B_Eth10
      - endpoint_ports: [ E0, E1 ]
        switch_ports: [ Ethernet10, Ethernet10 ]
        switches: [ DC1-SVC3A, DC1-SVC3B ]
        profile: VM_Servers
        port_channel:
          description: PortChanne1
          mode: active
# Firewall
firewalls:
  - name: FIREWALL01
    rack: RackB
    adapters:
      - endpoint_ports: [ E0, E1 ]
        switch_ports: [ Ethernet20, Ethernet20 ]
        switches: [ DC1-LEAF2A, DC1-LEAF2B ]
        profile: TENANT_A_B
        port_channel:
          description: PortChanne1
          mode: active

# Routers
routers:
  - name: ROUTER01
    rack: RackB
    adapters:
      - endpoint_ports: [ Eth0, Eth1 ]
        switch_ports: [ Ethernet21, Ethernet21 ]
        switches: [ DC1-LEAF2A, DC1-LEAF2B ]
        profile: TENANT_A
Example with single attached endpoint

Single attached interface from E0 toward DC1-LEAF1A interface Eth5

servers:
  - name: server01
    rack: RackB
    adapters:
      - endpoint_ports: [ E0 ]
        switch_ports: [ Ethernet5 ]
        switches: [ DC1-LEAF1A ]
        profile: MGMT
Example with MLAG dual-attached endpoint

MLAG dual-homed connection:

  • From E0 to DC1-SVC3A interface Eth10
  • From E1 to DC1-SVC3B interface Eth10
servers:
  - name: server01
    rack: RackB
    adapters:
      - endpoint_ports: [ E0, E1 ]
        switch_ports: [ Ethernet10, Ethernet10 ]
        switches: [ DC1-SVC3A, DC1-SVC3B ]
        profile: VM_Servers
        port_channel:
          description: PortChanne1
          mode: active
Example with EVPN A/A ESI dual-attached endpoint

To help provide consistency when configuring EVPN A/A ESI values, arista.avd provides an abstraction in the form of a short_esi key. short_esi is an abbreviated 3 octets value to encode Ethernet Segment ID and LACP ID. Transformation from abstraction to network values is managed by a filter_plugin and provides following result:

  • EVPN ESI: 000:000:0303:0202:0101
  • LACP ID: 0303.0202.0101
  • Route Target: 03:03:02:02:01:01

In addition, setting the short_esi key to auto generates the short_esi automatically using a hash of the following data elements:

  • Port-Channel Interfaces: first two uplink switch hostnames, the ports on those switches, the corresponding endpoint ports and the channel-group ID.
  • Port-Channel Subinterface: first two uplink switch hostname, the ports on those switches, the corresponding endpoint ports, the channel-group ID and the subinterface number.
  • Ethernet Interfaces: first two uplink switch hostnames, the ports on those switches, the corresponding endpoint ports and the interface number.

It should be noted that arista.avd does not currently check for hash collisions when using short_esi: auto and while the risk of this happening is non-zero, it is small.

Active/Active multihoming connections:

  • From E0 to DC1-SVC3A interface Eth10
  • From E1 to DC1-SVC4A interface Eth10
servers:
  - name: server01
    rack: RackB
    adapters:
      - endpoint_ports: [ E0, E1 ]
        switch_ports: [ Ethernet10, Ethernet10 ]
        switches: [ DC1-SVC3A, DC1-SVC4A ]
        profile: VM_Servers
        port_channel:
          description: PortChanne1
          mode: active
          short_esi: 0303:0202:0101
Variable Type Required Default Value Restrictions Description
<connected_endpoints_keys.key> List, items: Dictionary This should be applied to group_vars or host_vars where endpoints are connecting.
connected_endpoints_keys.key is one of the keys under “connected_endpoints_keys”.
The default keys are servers, firewalls, routers, load_balancers, and storage_arrays.
  - name String Required, Unique Endpoint name will be used in the switchport description.
    rack String Rack is used for documentation purposes only.
    adapters List, items: Dictionary A list of adapters, group by adapters leveraging the same port-profile.
      - switch_ports List, items: String Required List of switch interfaces.
The lists endpoint_ports, switch_ports, and switches must have the same length.
          - <str> String Switchport interface.
        switches List, items: String Required List of switches.
The lists endpoint_ports, switch_ports, and switches must have the same length.
          - <str> String Device
        endpoint_ports List, items: String Endpoint ports is used for description, required unless description is set.
The lists endpoint_ports, switch_ports, and switches must have the same length.
Each list item is one switchport.
          - <str> String Interface name.
        server_ports removed List, items: String This key was removed. Support was removed in AVD version 4.0.0. Use endpoint_ports instead.
          - <str> String Used for documentation purposes.
        speed String Set adapter speed: < interface_speed >, forced < interface_speed >, auto < interface_speed >.
If not specified will be auto.
        description String By default the description is built leveraging <peer>_<peer_interface>.
When set this key will overide the default value on the physical ports.
        profile String Port-profile name to inherit configuration.
        enabled Boolean True Administrative state, setting to false will set the port to ‘shutdown’ in the intended configuration.
        mode String Valid Values:
- access
- dot1q-tunnel
- trunk
- trunk phone
Interface mode.
        mtu Integer Min: 68
Max: 65535
        l2_mtu Integer Min: 68
Max: 9416
This should only be defined for platforms supporting the “l2 mtu” CLI command.
        native_vlan Integer Min: 1
Max: 4094
Native VLAN for a trunk port.
If both native_vlan and native_vlan_tag, native_vlan_tag takes precedence.
        native_vlan_tag Boolean False If both native_vlan and native_vlan_tag, native_vlan_tag takes precedence.
        trunk_groups List, items: String Required with enable_trunk_groups: true.
Trunk Groups are used for limiting VLANs on trunk ports to VLANs with the same Trunk Group.
          - <str> String
        vlans String Interface VLANs - if not set, the EOS default is that all VLANs are allowed for trunk ports, and VLAN 1 will be used for access ports.
        spanning_tree_portfast String Valid Values:
- edge
- network
        spanning_tree_bpdufilter String Valid Values:
- enabled
- disabled
- True
- False
- true
- false
        spanning_tree_bpduguard String Valid Values:
- enabled
- disabled
- True
- False
- true
- false
        flowcontrol Dictionary
          received String Valid Values:
- received
- send
- on
        qos_profile String QOS profile name
        ptp Dictionary The global PTP profile parameters will be applied to all connected endpoints where ptp is manually enabled.
ptp role master is set to ensure control over the PTP topology.
          enabled Boolean False
          endpoint_role String follower Valid Values:
- bmca
- default
- follower
          profile String aes67-r16-2016 Valid Values:
- aes67
- aes67-r16-2016
- smpte2059-2
        sflow Boolean Configures sFlow on the interface. Overrides fabric_sflow setting.
        link_tracking Dictionary Configure the downstream interfaces of a respective Link Tracking Group.
If port_channel is defined in an adapter, then the port-channel interface is configured to be the downstream.
Else all the ethernet interfaces will be configured as downstream -> to configure single-active EVPN multihomed networks.
          enabled Boolean
          name String Tracking group name.
The default group name is taken from fabric variable of the switch, link_tracking.groups[0].name with default value being “LT_GROUP1”.
Optional if default link_tracking settings are configured on the node.
        dot1x Dictionary 802.1x
          port_control String Valid Values:
- auto
- force-authorized
- force-unauthorized
          port_control_force_authorized_phone Boolean
          reauthentication Boolean
          pae Dictionary
            mode String Valid Values:
- authenticator
          authentication_failure Dictionary
            action String Valid Values:
- allow
- drop
            allow_vlan Integer Min: 1
Max: 4094
          host_mode Dictionary
            mode String Valid Values:
- multi-host
- single-host
            multi_host_authenticated Boolean
          mac_based_authentication Dictionary
            enabled Boolean
            always Boolean
            host_mode_common Boolean
          timeout Dictionary
            idle_host Integer Min: 10
Max: 65535
            quiet_period Integer Min: 1
Max: 65535
            reauth_period String Range 60-4294967295 or “server”.
            reauth_timeout_ignore Boolean
            tx_period Integer Min: 1
Max: 65535
          reauthorization_request_limit Integer Min: 1
Max: 10
        poe Dictionary Power Over Ethernet settings applied on port. Only configured if platform supports PoE.
          disabled Boolean False Disable PoE on a POE capable port. PoE is enabled on all ports that support it by default in EOS.
          priority String Valid Values:
- critical
- high
- medium
- low
Prioritize a port’s power in the event that one of the switch’s power supplies loses power
          reboot Dictionary Set the PoE power behavior for a PoE port when the system is rebooted
            action String Valid Values:
- maintain
- power-off
PoE action for interface
          link_down Dictionary Set the PoE power behavior for a PoE port when the port goes down
            action String Valid Values:
- maintain
- power-off
PoE action for interface
            power_off_delay Integer Min: 1
Max: 86400
Number of seconds to delay shutting the power off after a link down event occurs. Default value is 5 seconds in EOS.
          shutdown Dictionary Set the PoE power behavior for a PoE port when the port is admin down
            action String Valid Values:
- maintain
- power-off
PoE action for interface
          limit Dictionary Override the hardware-negotiated power limit using either wattage or a power class. Note that if using a power class, AVD will automatically convert the class value to the wattage value corresponding to that power class.
            class Integer Min: 0
Max: 8
            watts String
            fixed Boolean Set to ignore hardware classification
          negotiation_lldp Boolean Disable to prevent port from negotiating power with powered devices over LLDP. Enabled by default in EOS.
          legacy_detect Boolean Allow a subset of legacy devices to work with the PoE switch. Disabled by default in EOS because it can cause false positive detections.
        storm_control Dictionary Storm control settings applied on port toward the endpoint.
          all Dictionary
            level String Configure maximum storm-control level.
            unit String percent Valid Values:
- percent
- pps
Optional variable and is hardware dependent.
          broadcast Dictionary
            level String Configure maximum storm-control level.
            unit String percent Valid Values:
- percent
- pps
Optional variable and is hardware dependent.
          multicast Dictionary
            level String Configure maximum storm-control level.
            unit String percent Valid Values:
- percent
- pps
Optional variable and is hardware dependent.
          unknown_unicast Dictionary
            level String Configure maximum storm-control level.
            unit String percent Valid Values:
- percent
- pps
Optional variable and is hardware dependent.
        monitor_sessions List, items: Dictionary Used to define switchports as source or destination for monitoring sessions.
          - name String Required Session name.
            role String Valid Values:
- source
- destination
            source_settings Dictionary
              direction String Valid Values:
- rx
- tx
- both
              access_group Dictionary
                type String Valid Values:
- ip
- ipv6
- mac
                name String ACL name.
                priority Integer
            session_settings Dictionary Session settings are defined per session name.
Different session_settings for the same session name will be combined/merged.
              encapsulation_gre_metadata_tx Boolean
              header_remove_size Integer Number of bytes to remove from header.
              access_group Dictionary
                type String Valid Values:
- ip
- ipv6
- mac
                name String ACL name.
              rate_limit_per_ingress_chip String Ratelimit and unit as string.
Examples:
“100000 bps”
“100 kbps”
“10 mbps”
              rate_limit_per_egress_chip String Ratelimit and unit as string.
Examples:
“100000 bps”
“100 kbps”
“10 mbps”
              sample Integer
              truncate Dictionary
                enabled Boolean
                size Integer Size in bytes
        ethernet_segment Dictionary Settings for all or single-active EVPN multihoming.
          short_esi String Required In format xxxx:xxxx:xxxx or “auto”.
Define a manual short-esi (be careful using this on profiles) or set the value to “auto” to automatically generate the value.
Please see the notes under “EVPN A/A ESI dual and single-attached endpoint scenarios” before setting short_esi: auto.
          redundancy String Valid Values:
- all-active
- single-active
If omitted, Port-Channels use the EOS default of all-active.
If omitted, Ethernet interfaces are configured as single-active.
          designated_forwarder_algorithm String Valid Values:
- auto
- modulus
- preference
Configure DF algorithm and preferences.
- auto: Use preference-based algorithm and assign preference based on position of device in the ‘switches’ list,
e.g., assuming a list of three switches, this would assign a preference of 200 to the first switch, 100 to the 2nd, and 0 to the third.
- preference: Set preference for each switch manually using designated_forwarder_preferences key.
- modulus: Use the default modulus-based algorithm.
If omitted, Port-Channels use the EOS default of modulus.
If omitted, Ethernet interfaces default to the ‘auto’ mechanism detailed above.
          designated_forwarder_preferences List, items: String Manual preference as described above, required only for preference algorithm.
            - <str> String
          dont_preempt Boolean Disable preemption for single-active forwarding when auto/manual DF preference is configured.
        port_channel Dictionary Used for port-channel adapter.
          mode String Valid Values:
- active
- passive
- on
Port-Channel Mode.
          channel_id Integer Port-Channel ID.
If no channel_id is specified, an id is generated from the first switch port in the port channel.
          description String By default the description is built leveraging <peer> name or adapter.description when defined.
When this key is defined, it will append its content to the physical port description.
          enabled Boolean True Port-Channel administrative state.
Setting to false will set port to ‘shutdown’ in intended configuration.
          esi removed String Format xxxx:xxxx:xxxx.This key was removed. Support was removed in AVD version 4.0.0. Use short_esi instead.
          short_esi deprecated String In format xxxx:xxxx:xxxx or “auto”.This key is deprecated. Support will be removed in AVD version 5.0.0. Use ethernet_segment.short_esi instead.
          lacp_fallback Dictionary LACP fallback configuration.
            mode String Valid Values:
- static
Currently only static mode is supported.
            timeout Integer Timeout in seconds. EOS default is 90 seconds.
          lacp_timer Dictionary LACP timer configuration. Applies only when Port-channel mode is not “on”.
            mode String Valid Values:
- normal
- fast
LACP mode for interface members.
            multiplier Integer Number of LACP BPDUs lost before deeming the peer down. EOS default is 3.
          subinterfaces List, items: Dictionary Port-Channel L2 Subinterfaces
Subinterfaces are only supported on routed port-channels, which means they cannot be configured on MLAG port-channels.
Setting short_esi: auto generates the short_esi automatically using a hash of configuration elements.
Please see the notes under “EVPN A/A ESI dual-attached endpoint scenario” before setting short_esi: auto.
            - number Integer Subinterface number
              short_esi String In format xxxx:xxxx:xxxx or “auto”
Required for multihomed port-channels with subinterfaces
              vlan_id Integer Min: 1
Max: 4094
VLAN ID to bridge.
Default is subinterface number.
              encapsulation_vlan Dictionary Client VLAN ID encapsulation.
Default is subinterface number.
                client_dot1q Integer Min: 1
Max: 4094
          raw_eos_cli String EOS CLI rendered directly on the port-channel interface in the final EOS configuration.
          structured_config Dictionary Custom structured config added under port_channel_interfaces.[name=] for eos_cli_config_gen.
        raw_eos_cli String EOS CLI rendered directly on the ethernet interface in the final EOS configuration.
        structured_config Dictionary Custom structured config added under ethernet_interfaces.[name=] for eos_cli_config_gen.
<connected_endpoints_keys.key>:
  - name: <str>
    rack: <str>
    adapters:
      - switch_ports:
          - <str>
        switches:
          - <str>
        endpoint_ports:
          - <str>
        speed: <str>
        description: <str>
        profile: <str>
        enabled: <bool>
        mode: <str>
        mtu: <int>
        l2_mtu: <int>
        native_vlan: <int>
        native_vlan_tag: <bool>
        trunk_groups:
          - <str>
        vlans: <str>
        spanning_tree_portfast: <str>
        spanning_tree_bpdufilter: <str>
        spanning_tree_bpduguard: <str>
        flowcontrol:
          received: <str>
        qos_profile: <str>
        ptp:
          enabled: <bool>
          endpoint_role: <str>
          profile: <str>
        sflow: <bool>
        link_tracking:
          enabled: <bool>
          name: <str>
        dot1x:
          port_control: <str>
          port_control_force_authorized_phone: <bool>
          reauthentication: <bool>
          pae:
            mode: <str>
          authentication_failure:
            action: <str>
            allow_vlan: <int>
          host_mode:
            mode: <str>
            multi_host_authenticated: <bool>
          mac_based_authentication:
            enabled: <bool>
            always: <bool>
            host_mode_common: <bool>
          timeout:
            idle_host: <int>
            quiet_period: <int>
            reauth_period: <str>
            reauth_timeout_ignore: <bool>
            tx_period: <int>
          reauthorization_request_limit: <int>
        poe:
          disabled: <bool>
          priority: <str>
          reboot:
            action: <str>
          link_down:
            action: <str>
            power_off_delay: <int>
          shutdown:
            action: <str>
          limit:
            class: <int>
            watts: <str>
            fixed: <bool>
          negotiation_lldp: <bool>
          legacy_detect: <bool>
        storm_control:
          all:
            level: <str>
            unit: <str>
          broadcast:
            level: <str>
            unit: <str>
          multicast:
            level: <str>
            unit: <str>
          unknown_unicast:
            level: <str>
            unit: <str>
        monitor_sessions:
          - name: <str>
            role: <str>
            source_settings:
              direction: <str>
              access_group:
                type: <str>
                name: <str>
                priority: <int>
            session_settings:
              encapsulation_gre_metadata_tx: <bool>
              header_remove_size: <int>
              access_group:
                type: <str>
                name: <str>
              rate_limit_per_ingress_chip: <str>
              rate_limit_per_egress_chip: <str>
              sample: <int>
              truncate:
                enabled: <bool>
                size: <int>
        ethernet_segment:
          short_esi: <str>
          redundancy: <str>
          designated_forwarder_algorithm: <str>
          designated_forwarder_preferences:
            - <str>
          dont_preempt: <bool>
        port_channel:
          mode: <str>
          channel_id: <int>
          description: <str>
          enabled: <bool>
          short_esi: <str>
          lacp_fallback:
            mode: <str>
            timeout: <int>
          lacp_timer:
            mode: <str>
            multiplier: <int>
          subinterfaces:
            - number: <int>
              short_esi: <str>
              vlan_id: <int>
              encapsulation_vlan:
                client_dot1q: <int>
          raw_eos_cli: <str>
          structured_config: <dict>
        raw_eos_cli: <str>
        structured_config: <dict>

Network ports settings

The network_ports data model is intended to be used with port_profiles and parent_profiles to keep the configuration generic and compact, but all features and keys supported under connected_endpoints.adapters are also supported directly under network_ports.

All ranges defined under switch_ports will be expanded to individual port configuration which leads to a some behavioral differences to connected_endpoints:

  • By default each port will be configured in a port-channel with one member when leveraging automatic channel-id generation. To configure multiple ports as member of the same port-channel set the channel-id key (see the example below).
  • Inconsistent configurations when used with short_esi: auto or designated_forwarder_algorithm: auto, since those rely on information from multiple switches and interfaces.
Example using network ports and profiles
# Port Profiles
# Common settings inherited to network_ports
port_profiles:
  - profile: common
    mode: access
    vlans: "999"
    spanning_tree_portfast: edge
    spanning_tree_bpdufilter: enabled

  - profile: ap_with_port_channel
    parent_profile: common
    vlans: "101"
    port_channel:
      mode: active

  - profile: pc
    parent_profile: common
    vlans: "100"

# Network Ports
# All switch_ports ranges are expanded into individual port configurations
# Switches are matched with regex matching the full hostname.
network_ports:
  - switches:
      - network-ports-tests-1
    switch_ports:
      - Ethernet1-2
    profile: pc
    description: PCs

  - switches:
      - network-ports-tests-2$
    switch_ports:
      - Ethernet1-2
    profile: ap_with_port_channel
    description: AP1 with port_channel

  - switches:
      - network-ports-[est]{5}-.*
    switch_ports:
      - Ethernet3-4
      - Ethernet2/1-48
    profile: pc
    description: PCs
Example using network ports to configure multiple ports in the same port-channel

When defining port-channels, all ranges defined under switch_ports will be expanded to individual port configurations in a port-channel with one member. To configure multiple ports as members of the same port-channel, set the channel-id key manually like in this example:

# Network Ports
# By setting the channel_id key under port-channel, interfaces Ethernet3-4 will
# be configured under the same port-channel.
network_ports:
  - switches:
      - network-ports-tests-1
    switch_ports:
      - Ethernet3-4
    description: Multiple interfaces in the same port-channel
    port_channel:
      mode: active
      channel_id: 42

This will generate the following config:

interface Port-Channel42
  description Multiple interfaces in the same port-channel
  no shutdown
  switchport
!
!
interface Ethernet3
  description Multiple interfaces in the same port-channel
  no shutdown
  channel-group 42 mode active
!
interface Ethernet4
  description Multiple interfaces in the same port-channel
  no shutdown
  channel-group 42 mode active
!

Tip

To leverage automatic channel-id computation and configure port-channel with multiple members, connected_endpoints should be used.

Variable Type Required Default Value Restrictions Description
network_ports List, items: Dictionary
  - switches List, items: String Regex matching the full hostname of one or more switches.
The regular expression must match the full hostname.
      - <str> String
    switch_ports List, items: String List of ranges using AVD range_expand syntax.
For example:

switch_ports:
- Ethernet1
- Ethernet2-48

All switch_ports ranges are expanded into individual port configurations.

For more details and examples of the range_expand syntax, see the arista.avd.range_expand documentation
      - <str> String
    description String Description to be used on all ports.
    speed String Set adapter speed: < interface_speed >, forced < interface_speed >, auto < interface_speed >.
If not specified will be auto.
    profile String Port-profile name to inherit configuration.
    enabled Boolean True Administrative state, setting to false will set the port to ‘shutdown’ in the intended configuration.
    mode String Valid Values:
- access
- dot1q-tunnel
- trunk
- trunk phone
Interface mode.
    mtu Integer Min: 68
Max: 65535
    l2_mtu Integer Min: 68
Max: 9416
This should only be defined for platforms supporting the “l2 mtu” CLI command.
    native_vlan Integer Min: 1
Max: 4094
Native VLAN for a trunk port.
If both native_vlan and native_vlan_tag, native_vlan_tag takes precedence.
    native_vlan_tag Boolean False If both native_vlan and native_vlan_tag, native_vlan_tag takes precedence.
    trunk_groups List, items: String Required with enable_trunk_groups: true.
Trunk Groups are used for limiting VLANs on trunk ports to VLANs with the same Trunk Group.
      - <str> String
    vlans String Interface VLANs - if not set, the EOS default is that all VLANs are allowed for trunk ports, and VLAN 1 will be used for access ports.
    spanning_tree_portfast String Valid Values:
- edge
- network
    spanning_tree_bpdufilter String Valid Values:
- enabled
- disabled
- True
- False
- true
- false
    spanning_tree_bpduguard String Valid Values:
- enabled
- disabled
- True
- False
- true
- false
    flowcontrol Dictionary
      received String Valid Values:
- received
- send
- on
    qos_profile String QOS profile name
    ptp Dictionary The global PTP profile parameters will be applied to all connected endpoints where ptp is manually enabled.
ptp role master is set to ensure control over the PTP topology.
      enabled Boolean False
      endpoint_role String follower Valid Values:
- bmca
- default
- follower
      profile String aes67-r16-2016 Valid Values:
- aes67
- aes67-r16-2016
- smpte2059-2
    sflow Boolean Configures sFlow on the interface. Overrides fabric_sflow setting.
    link_tracking Dictionary Configure the downstream interfaces of a respective Link Tracking Group.
If port_channel is defined in an adapter, then the port-channel interface is configured to be the downstream.
Else all the ethernet interfaces will be configured as downstream -> to configure single-active EVPN multihomed networks.
      enabled Boolean
      name String Tracking group name.
The default group name is taken from fabric variable of the switch, link_tracking.groups[0].name with default value being “LT_GROUP1”.
Optional if default link_tracking settings are configured on the node.
    dot1x Dictionary 802.1x
      port_control String Valid Values:
- auto
- force-authorized
- force-unauthorized
      port_control_force_authorized_phone Boolean
      reauthentication Boolean
      pae Dictionary
        mode String Valid Values:
- authenticator
      authentication_failure Dictionary
        action String Valid Values:
- allow
- drop
        allow_vlan Integer Min: 1
Max: 4094
      host_mode Dictionary
        mode String Valid Values:
- multi-host
- single-host
        multi_host_authenticated Boolean
      mac_based_authentication Dictionary
        enabled Boolean
        always Boolean
        host_mode_common Boolean
      timeout Dictionary
        idle_host Integer Min: 10
Max: 65535
        quiet_period Integer Min: 1
Max: 65535
        reauth_period String Range 60-4294967295 or “server”.
        reauth_timeout_ignore Boolean
        tx_period Integer Min: 1
Max: 65535
      reauthorization_request_limit Integer Min: 1
Max: 10
    poe Dictionary Power Over Ethernet settings applied on port. Only configured if platform supports PoE.
      disabled Boolean False Disable PoE on a POE capable port. PoE is enabled on all ports that support it by default in EOS.
      priority String Valid Values:
- critical
- high
- medium
- low
Prioritize a port’s power in the event that one of the switch’s power supplies loses power
      reboot Dictionary Set the PoE power behavior for a PoE port when the system is rebooted
        action String Valid Values:
- maintain
- power-off
PoE action for interface
      link_down Dictionary Set the PoE power behavior for a PoE port when the port goes down
        action String Valid Values:
- maintain
- power-off
PoE action for interface
        power_off_delay Integer Min: 1
Max: 86400
Number of seconds to delay shutting the power off after a link down event occurs. Default value is 5 seconds in EOS.
      shutdown Dictionary Set the PoE power behavior for a PoE port when the port is admin down
        action String Valid Values:
- maintain
- power-off
PoE action for interface
      limit Dictionary Override the hardware-negotiated power limit using either wattage or a power class. Note that if using a power class, AVD will automatically convert the class value to the wattage value corresponding to that power class.
        class Integer Min: 0
Max: 8
        watts String
        fixed Boolean Set to ignore hardware classification
      negotiation_lldp Boolean Disable to prevent port from negotiating power with powered devices over LLDP. Enabled by default in EOS.
      legacy_detect Boolean Allow a subset of legacy devices to work with the PoE switch. Disabled by default in EOS because it can cause false positive detections.
    storm_control Dictionary Storm control settings applied on port toward the endpoint.
      all Dictionary
        level String Configure maximum storm-control level.
        unit String percent Valid Values:
- percent
- pps
Optional variable and is hardware dependent.
      broadcast Dictionary
        level String Configure maximum storm-control level.
        unit String percent Valid Values:
- percent
- pps
Optional variable and is hardware dependent.
      multicast Dictionary
        level String Configure maximum storm-control level.
        unit String percent Valid Values:
- percent
- pps
Optional variable and is hardware dependent.
      unknown_unicast Dictionary
        level String Configure maximum storm-control level.
        unit String percent Valid Values:
- percent
- pps
Optional variable and is hardware dependent.
    monitor_sessions List, items: Dictionary Used to define switchports as source or destination for monitoring sessions.
      - name String Required Session name.
        role String Valid Values:
- source
- destination
        source_settings Dictionary
          direction String Valid Values:
- rx
- tx
- both
          access_group Dictionary
            type String Valid Values:
- ip
- ipv6
- mac
            name String ACL name.
            priority Integer
        session_settings Dictionary Session settings are defined per session name.
Different session_settings for the same session name will be combined/merged.
          encapsulation_gre_metadata_tx Boolean
          header_remove_size Integer Number of bytes to remove from header.
          access_group Dictionary
            type String Valid Values:
- ip
- ipv6
- mac
            name String ACL name.
          rate_limit_per_ingress_chip String Ratelimit and unit as string.
Examples:
“100000 bps”
“100 kbps”
“10 mbps”
          rate_limit_per_egress_chip String Ratelimit and unit as string.
Examples:
“100000 bps”
“100 kbps”
“10 mbps”
          sample Integer
          truncate Dictionary
            enabled Boolean
            size Integer Size in bytes
    ethernet_segment Dictionary Settings for all or single-active EVPN multihoming.
      short_esi String Required In format xxxx:xxxx:xxxx or “auto”.
Define a manual short-esi (be careful using this on profiles) or set the value to “auto” to automatically generate the value.
Please see the notes under “EVPN A/A ESI dual and single-attached endpoint scenarios” before setting short_esi: auto.
      redundancy String Valid Values:
- all-active
- single-active
If omitted, Port-Channels use the EOS default of all-active.
If omitted, Ethernet interfaces are configured as single-active.
      designated_forwarder_algorithm String Valid Values:
- auto
- modulus
- preference
Configure DF algorithm and preferences.
- auto: Use preference-based algorithm and assign preference based on position of device in the ‘switches’ list,
e.g., assuming a list of three switches, this would assign a preference of 200 to the first switch, 100 to the 2nd, and 0 to the third.
- preference: Set preference for each switch manually using designated_forwarder_preferences key.
- modulus: Use the default modulus-based algorithm.
If omitted, Port-Channels use the EOS default of modulus.
If omitted, Ethernet interfaces default to the ‘auto’ mechanism detailed above.
      designated_forwarder_preferences List, items: String Manual preference as described above, required only for preference algorithm.
        - <str> String
      dont_preempt Boolean Disable preemption for single-active forwarding when auto/manual DF preference is configured.
    port_channel Dictionary Used for port-channel adapter.
      mode String Valid Values:
- active
- passive
- on
Port-Channel Mode.
      channel_id Integer Port-Channel ID.
If no channel_id is specified, an id is generated from the first switch port in the port channel.
      description String By default the description is built leveraging <peer> name or adapter.description when defined.
When this key is defined, it will append its content to the physical port description.
      enabled Boolean True Port-Channel administrative state.
Setting to false will set port to ‘shutdown’ in intended configuration.
      esi removed String Format xxxx:xxxx:xxxx.This key was removed. Support was removed in AVD version 4.0.0. Use short_esi instead.
      short_esi deprecated String In format xxxx:xxxx:xxxx or “auto”.This key is deprecated. Support will be removed in AVD version 5.0.0. Use ethernet_segment.short_esi instead.
      lacp_fallback Dictionary LACP fallback configuration.
        mode String Valid Values:
- static
Currently only static mode is supported.
        timeout Integer Timeout in seconds. EOS default is 90 seconds.
      lacp_timer Dictionary LACP timer configuration. Applies only when Port-channel mode is not “on”.
        mode String Valid Values:
- normal
- fast
LACP mode for interface members.
        multiplier Integer Number of LACP BPDUs lost before deeming the peer down. EOS default is 3.
      subinterfaces List, items: Dictionary Port-Channel L2 Subinterfaces
Subinterfaces are only supported on routed port-channels, which means they cannot be configured on MLAG port-channels.
Setting short_esi: auto generates the short_esi automatically using a hash of configuration elements.
Please see the notes under “EVPN A/A ESI dual-attached endpoint scenario” before setting short_esi: auto.
        - number Integer Subinterface number
          short_esi String In format xxxx:xxxx:xxxx or “auto”
Required for multihomed port-channels with subinterfaces
          vlan_id Integer Min: 1
Max: 4094
VLAN ID to bridge.
Default is subinterface number.
          encapsulation_vlan Dictionary Client VLAN ID encapsulation.
Default is subinterface number.
            client_dot1q Integer Min: 1
Max: 4094
      raw_eos_cli String EOS CLI rendered directly on the port-channel interface in the final EOS configuration.
      structured_config Dictionary Custom structured config added under port_channel_interfaces.[name=] for eos_cli_config_gen.
    raw_eos_cli String EOS CLI rendered directly on the ethernet interface in the final EOS configuration.
    structured_config Dictionary Custom structured config added under ethernet_interfaces.[name=] for eos_cli_config_gen.
network_ports:
  - switches:
      - <str>
    switch_ports:
      - <str>
    description: <str>
    speed: <str>
    profile: <str>
    enabled: <bool>
    mode: <str>
    mtu: <int>
    l2_mtu: <int>
    native_vlan: <int>
    native_vlan_tag: <bool>
    trunk_groups:
      - <str>
    vlans: <str>
    spanning_tree_portfast: <str>
    spanning_tree_bpdufilter: <str>
    spanning_tree_bpduguard: <str>
    flowcontrol:
      received: <str>
    qos_profile: <str>
    ptp:
      enabled: <bool>
      endpoint_role: <str>
      profile: <str>
    sflow: <bool>
    link_tracking:
      enabled: <bool>
      name: <str>
    dot1x:
      port_control: <str>
      port_control_force_authorized_phone: <bool>
      reauthentication: <bool>
      pae:
        mode: <str>
      authentication_failure:
        action: <str>
        allow_vlan: <int>
      host_mode:
        mode: <str>
        multi_host_authenticated: <bool>
      mac_based_authentication:
        enabled: <bool>
        always: <bool>
        host_mode_common: <bool>
      timeout:
        idle_host: <int>
        quiet_period: <int>
        reauth_period: <str>
        reauth_timeout_ignore: <bool>
        tx_period: <int>
      reauthorization_request_limit: <int>
    poe:
      disabled: <bool>
      priority: <str>
      reboot:
        action: <str>
      link_down:
        action: <str>
        power_off_delay: <int>
      shutdown:
        action: <str>
      limit:
        class: <int>
        watts: <str>
        fixed: <bool>
      negotiation_lldp: <bool>
      legacy_detect: <bool>
    storm_control:
      all:
        level: <str>
        unit: <str>
      broadcast:
        level: <str>
        unit: <str>
      multicast:
        level: <str>
        unit: <str>
      unknown_unicast:
        level: <str>
        unit: <str>
    monitor_sessions:
      - name: <str>
        role: <str>
        source_settings:
          direction: <str>
          access_group:
            type: <str>
            name: <str>
            priority: <int>
        session_settings:
          encapsulation_gre_metadata_tx: <bool>
          header_remove_size: <int>
          access_group:
            type: <str>
            name: <str>
          rate_limit_per_ingress_chip: <str>
          rate_limit_per_egress_chip: <str>
          sample: <int>
          truncate:
            enabled: <bool>
            size: <int>
    ethernet_segment:
      short_esi: <str>
      redundancy: <str>
      designated_forwarder_algorithm: <str>
      designated_forwarder_preferences:
        - <str>
      dont_preempt: <bool>
    port_channel:
      mode: <str>
      channel_id: <int>
      description: <str>
      enabled: <bool>
      short_esi: <str>
      lacp_fallback:
        mode: <str>
        timeout: <int>
      lacp_timer:
        mode: <str>
        multiplier: <int>
      subinterfaces:
        - number: <int>
          short_esi: <str>
          vlan_id: <int>
          encapsulation_vlan:
            client_dot1q: <int>
      raw_eos_cli: <str>
      structured_config: <dict>
    raw_eos_cli: <str>
    structured_config: <dict>

Port profiles settings

Optional profiles to share common settings for connected_endpoints and/or network_ports. Keys are the same as used under endpoint adapters. Keys defined under endpoints adapters take precedence.

A port profile can refer to another port profile using parent_profile to inherit settings in up to two levels (adapter->profile->parent_profile).

Variable Type Required Default Value Restrictions Description
port_profiles List, items: Dictionary Optional profiles to share common settings for connected_endpoints and/or network_ports.
Keys are the same used under endpoints adapters. Keys defined under endpoints adapters take precedence.
  - profile String Required, Unique Port profile name.
    parent_profile String </