Feat(eos_designs): Add support for l3_port_channel_interfaces for WAN

aristanetworks · Jan 22, 2025 · fd72134 · fd72134
1 parent 8f0daad
commit fd72134
Show file tree

Hide file tree

Showing 70 changed files with 9,345 additions and 1,272 deletions.
diff --git a/...llections/arista/avd/examples/cv-pathfinder/documentation/devices/inet-cloud.md b/...llections/arista/avd/examples/cv-pathfinder/documentation/devices/inet-cloud.md
@@ -26,6 +26,7 @@
   - [Internal VLAN Allocation Policy Device Configuration](#internal-vlan-allocation-policy-device-configuration)
 - [Interfaces](#interfaces)
   - [Ethernet Interfaces](#ethernet-interfaces)
+  - [Port-Channel Interfaces](#port-channel-interfaces)
   - [Loopback Interfaces](#loopback-interfaces)
 - [Routing](#routing)
   - [Service Routing Protocols Model](#service-routing-protocols-model)
@@ -235,7 +236,7 @@ dhcp server
 | -------------- | --------- | --------- |
 | Ethernet5 | True | - |
 | Ethernet6 | True | - |
-| Ethernet8 | True | - |
+| Port-Channel8 | True | - |
 
 ## Monitoring
 
@@ -306,7 +307,9 @@ vlan internal order ascending range 1006 1199
 | Ethernet5 | site1-wan1-Ethernet4 | - | 100.64.10.1/24 | default | - | False | - | - |
 | Ethernet6 | site1-wan2-Ethernet4 | - | 100.64.11.1/24 | default | - | False | - | - |
 | Ethernet7 | site2-wan2-Ethernet4 | - | 100.64.21.1/24 | default | - | False | - | - |
-| Ethernet8 | site3-wan1-Ethernet4 | - | 100.64.30.1/24 | default | - | False | - | - |
+| Ethernet8 | - | 8 | *100.64.30.1/24 | **default | **- | *False | **- | **- |
+
+*Inherited from Port-Channel Interface
 
 #### Ethernet Interfaces Device Configuration
 
@@ -345,7 +348,32 @@ interface Ethernet7
    ip address 100.64.21.1/24
 !
 interface Ethernet8
-   description site3-wan1-Ethernet4
+   no shutdown
+   no switchport
+   channel-group 8 mode active
+```
+
+### Port-Channel Interfaces
+
+#### Port-Channel Interfaces Summary
+
+##### L2
+
+| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI |
+| --------- | ----------- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- |
+
+##### IPv4
+
+| Interface | Description | MLAG ID | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out |
+| --------- | ----------- | ------- | ---------- | --- | --- | -------- | ------ | ------- |
+| Port-Channel8 | site3-wan1-Port-Channel4 | - | 100.64.30.1/24 | default | - | False | - | - |
+
+#### Port-Channel Interfaces Device Configuration
+
+```eos
+!
+interface Port-Channel8
+   description site3-wan1-Port-Channel4
    no shutdown
    no switchport
    ip address 100.64.30.1/24

diff --git a/...llections/arista/avd/examples/cv-pathfinder/documentation/devices/site3-wan1.md b/...llections/arista/avd/examples/cv-pathfinder/documentation/devices/site3-wan1.md
@@ -33,6 +33,7 @@
 - [Interfaces](#interfaces)
   - [DPS Interfaces](#dps-interfaces)
   - [Ethernet Interfaces](#ethernet-interfaces)
+  - [Port-Channel Interfaces](#port-channel-interfaces)
   - [Loopback Interfaces](#loopback-interfaces)
   - [VXLAN Interface](#vxlan-interface)
 - [Routing](#routing)
@@ -287,7 +288,7 @@ daemon TerminAttr
 
 | Tracker Name | Record Export On Inactive Timeout | Record Export On Interval | Number of Exporters | Applied On |
 | ------------ | --------------------------------- | ------------------------- | ------------------- | ---------- |
-| FLOW-TRACKER | 70000 | 5000 | 1 | Dps1<br>Ethernet1.666<br>Ethernet1.42<br>Ethernet4 |
+| FLOW-TRACKER | 70000 | 5000 | 1 | Dps1<br>Ethernet1.666<br>Ethernet1.42<br>Port-Channel4 |
 
 ##### Exporters Summary
 
@@ -430,7 +431,9 @@ interface Dps1
 | --------- | ----------- | ------------- | ---------- | ----| ---- | -------- | ------ | ------- |
 | Ethernet1.42 | RED-TEST | - | 10.42.3.1/24 | RED | - | False | - | - |
 | Ethernet1.666 | BLUE-TEST | - | 10.66.3.1/24 | BLUE | - | False | - | - |
-| Ethernet4 | REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud_Ethernet8 | - | dhcp | default | - | False | ACL-INTERNET-IN_Ethernet4 | - |
+| Ethernet4 | REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud_Ethernet8 | 4 | *dhcp | **default | **- | *False | *ACL-INTERNET-IN_Port-Channel4 | **- |
+
+*Inherited from Port-Channel Interface
 
 #### Ethernet Interfaces Device Configuration
 
@@ -462,10 +465,36 @@ interface Ethernet4
    description REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud_Ethernet8
    no shutdown
    no switchport
+   channel-group 4 mode active
+```
+
+### Port-Channel Interfaces
+
+#### Port-Channel Interfaces Summary
+
+##### L2
+
+| Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI |
+| --------- | ----------- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- |
+
+##### IPv4
+
+| Interface | Description | MLAG ID | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out |
+| --------- | ----------- | ------- | ---------- | --- | --- | -------- | ------ | ------- |
+| Port-Channel4 | REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud_Port-Channel8 | - | dhcp | default | - | False | ACL-INTERNET-IN_Port-Channel4 | - |
+
+#### Port-Channel Interfaces Device Configuration
+
+```eos
+!
+interface Port-Channel4
+   description REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud_Port-Channel8
+   no shutdown
+   no switchport
    flow tracker hardware FLOW-TRACKER
    ip address dhcp
    dhcp client accept default-route
-   ip access-group ACL-INTERNET-IN_Ethernet4 in
+   ip access-group ACL-INTERNET-IN_Port-Channel4 in
 ```
 
 ### Loopback Interfaces
@@ -1011,7 +1040,7 @@ ip extcommunity-list ECL-EVPN-SOO permit soo 192.168.255.11:203
 
 ```eos
 !
-ip access-list ACL-INTERNET-IN_Ethernet4
+ip access-list ACL-INTERNET-IN_Port-Channel4
    1 remark Not for PRODUCTION: This ACL is built this way because the lab has an out-of-band interface
    10 permit udp any host 100.64.30.2 eq isakmp non500-isakmp
    30 permit icmp any host 100.64.30.2
@@ -1168,7 +1197,7 @@ application traffic recognition
 
 | Interface name | Public address | STUN server profile(s) |
 | -------------- | -------------- | ---------------------- |
-| Ethernet4 | - | INTERNET-pf1-Ethernet2<br>INTERNET-pf2-Ethernet2 |
+| Port-Channel4 | - | INTERNET-pf1-Ethernet2<br>INTERNET-pf2-Ethernet2 |
 
 ###### Dynamic Peers Settings
 
@@ -1206,7 +1235,7 @@ router path-selection
    path-group INTERNET id 102
       ipsec profile CP-PROFILE
       !
-      local interface Ethernet4
+      local interface Port-Channel4
          stun server-profile INTERNET-pf1-Ethernet2 INTERNET-pf2-Ethernet2
       !
       peer dynamic

diff --git a/ansible_collections/arista/avd/examples/cv-pathfinder/group_vars/SITE3.yml b/ansible_collections/arista/avd/examples/cv-pathfinder/group_vars/SITE3.yml
@@ -23,10 +23,19 @@ wan_router:
       id: 11
       mgmt_ip: 192.168.17.20/24
       uplink_switches: [site3-leaf1]
-      l3_interfaces:
-        - name: Ethernet4
-          peer_interface: Ethernet8
+      l3_port_channels:
+        - name: Port-Channel4
+          mode: active
+          member_interfaces:
+            - name: Ethernet4
+              peer_interface: Ethernet8
+          peer: inet-cloud
+          ip_address: dhcp
           dhcp_ip: 100.64.30.2
-          profile: INTERNET-WAN-INTERFACE
+          dhcp_accept_default_route: true
+          ipv4_acl_in: ACL-INTERNET-IN
+          peer_port_channel: Port-Channel8
           wan_carrier: REGION2-INTERNET-CORP
           wan_circuit_id: inet-site3-wan1
+          flow_tracking:
+            enabled: true
diff --git a/ansible_collections/arista/avd/examples/cv-pathfinder/group_vars/TRANSPORTS.yml b/ansible_collections/arista/avd/examples/cv-pathfinder/group_vars/TRANSPORTS.yml
@@ -50,8 +50,12 @@ spine:
         - name: Ethernet7
           description: site2-wan2-Ethernet4
           ip_address: 100.64.21.1/24
-        - name: Ethernet8
-          description: site3-wan1-Ethernet4
+      l3_port_channels:
+        - name: Port-Channel8
+          mode: active
+          description: site3-wan1-Port-Channel4
+          member_interfaces:
+            - name: Ethernet8
           ip_address: 100.64.30.1/24
           structured_config:
             dhcp_server_ipv4: true

diff --git a/ansible_collections/arista/avd/examples/cv-pathfinder/intended/configs/inet-cloud.cfg b/ansible_collections/arista/avd/examples/cv-pathfinder/intended/configs/inet-cloud.cfg
@@ -54,6 +54,13 @@ management api http-commands
 !
 aaa authorization exec default local
 !
+interface Port-Channel8
+   description site3-wan1-Port-Channel4
+   no shutdown
+   no switchport
+   ip address 100.64.30.1/24
+   dhcp server ipv4
+!
 interface Ethernet1
    description pf1-Ethernet2
    no shutdown
@@ -87,11 +94,9 @@ interface Ethernet7
    ip address 100.64.21.1/24
 !
 interface Ethernet8
-   description site3-wan1-Ethernet4
    no shutdown
    no switchport
-   ip address 100.64.30.1/24
-   dhcp server ipv4
+   channel-group 8 mode active
 !
 interface Loopback0
    description ROUTER_ID

diff --git a/ansible_collections/arista/avd/examples/cv-pathfinder/intended/configs/site3-wan1.cfg b/ansible_collections/arista/avd/examples/cv-pathfinder/intended/configs/site3-wan1.cfg
@@ -104,7 +104,7 @@ router path-selection
    path-group INTERNET id 102
       ipsec profile CP-PROFILE
       !
-      local interface Ethernet4
+      local interface Port-Channel4
          stun server-profile INTERNET-pf1-Ethernet2 INTERNET-pf2-Ethernet2
       !
       peer dynamic
@@ -196,6 +196,15 @@ ip security
    key controller
       profile DP-PROFILE
 !
+interface Port-Channel4
+   description REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud_Port-Channel8
+   no shutdown
+   no switchport
+   flow tracker hardware FLOW-TRACKER
+   ip address dhcp
+   dhcp client accept default-route
+   ip access-group ACL-INTERNET-IN_Port-Channel4 in
+!
 interface Dps1
    description DPS Interface
    mtu 9194
@@ -228,10 +237,7 @@ interface Ethernet4
    description REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud_Ethernet8
    no shutdown
    no switchport
-   flow tracker hardware FLOW-TRACKER
-   ip address dhcp
-   dhcp client accept default-route
-   ip access-group ACL-INTERNET-IN_Ethernet4 in
+   channel-group 4 mode active
 !
 interface Loopback0
    description ROUTER_ID
@@ -296,7 +302,7 @@ application traffic recognition
    field-set l4-port VOICE-PORTS
       666-667
 !
-ip access-list ACL-INTERNET-IN_Ethernet4
+ip access-list ACL-INTERNET-IN_Port-Channel4
    1 remark Not for PRODUCTION: This ACL is built this way because the lab has an out-of-band interface
    10 permit udp any host 100.64.30.2 eq isakmp non500-isakmp
    30 permit icmp any host 100.64.30.2

diff --git a/..._collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/inet-cloud.yml b/..._collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/inet-cloud.yml
@@ -56,11 +56,11 @@ ethernet_interfaces:
   switchport:
     enabled: false
 - name: Ethernet8
-  description: site3-wan1-Ethernet4
   shutdown: false
-  ip_address: 100.64.30.1/24
-  dhcp_server_ipv4: true
-  peer_type: l3_interface
+  channel_group:
+    id: 8
+    mode: active
+  peer_type: l3_port_channel_member
   switchport:
     enabled: false
 hostname: inet-cloud
@@ -112,6 +112,15 @@ ntp:
   - name: 0.pool.ntp.org
     preferred: true
     vrf: MGMT
+port_channel_interfaces:
+- name: Port-Channel8
+  description: site3-wan1-Port-Channel4
+  shutdown: false
+  ip_address: 100.64.30.1/24
+  dhcp_server_ipv4: true
+  peer_type: l3_port_channel
+  switchport:
+    enabled: false
 router_bgp:
   as: '65666'
   router_id: 172.31.255.23

diff --git a/..._collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/site3-wan1.yml b/..._collections/arista/avd/examples/cv-pathfinder/intended/structured_configs/site3-wan1.yml
@@ -116,14 +116,12 @@ ethernet_interfaces:
 - name: Ethernet4
   description: REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud_Ethernet8
   shutdown: false
-  flow_tracker:
-    hardware: FLOW-TRACKER
-  ip_address: dhcp
-  dhcp_client_accept_default_route: true
-  access_group_in: ACL-INTERNET-IN_Ethernet4
+  channel_group:
+    id: 4
+    mode: active
   peer: inet-cloud
   peer_interface: Ethernet8
-  peer_type: l3_interface
+  peer_type: l3_port_channel_member
   switchport:
     enabled: false
 flow_tracking:
@@ -141,7 +139,7 @@ flow_tracking:
     shutdown: false
 hostname: site3-wan1
 ip_access_lists:
-- name: ACL-INTERNET-IN_Ethernet4
+- name: ACL-INTERNET-IN_Port-Channel4
   entries:
   - sequence: 1
     remark: 'Not for PRODUCTION: This ACL is built this way because the lab has an out-of-band interface'
@@ -276,14 +274,6 @@ metadata:
       tags:
       - name: Type
         value: lan
-    - interface: Ethernet4
-      tags:
-      - name: Type
-        value: wan
-      - name: Carrier
-        value: REGION2-INTERNET-CORP
-      - name: Circuit
-        value: inet-site3-wan1
   cv_pathfinder:
     role: edge
     region: REGION2
@@ -295,7 +285,7 @@ metadata:
     - vtep_ip: 192.168.42.1
     - vtep_ip: 192.168.42.2
     interfaces:
-    - name: Ethernet4
+    - name: Port-Channel4
       carrier: REGION2-INTERNET-CORP
       circuit_id: inet-site3-wan1
       pathgroup: INTERNET
@@ -307,6 +297,20 @@ ntp:
   - name: 0.pool.ntp.org
     preferred: true
     vrf: MGMT
+port_channel_interfaces:
+- name: Port-Channel4
+  description: REGION2-INTERNET-CORP_inet-site3-wan1_inet-cloud_Port-Channel8
+  shutdown: false
+  ip_address: dhcp
+  dhcp_client_accept_default_route: true
+  access_group_in: ACL-INTERNET-IN_Port-Channel4
+  flow_tracker:
+    hardware: FLOW-TRACKER
+  peer: inet-cloud
+  peer_interface: Port-Channel8
+  peer_type: l3_port_channel
+  switchport:
+    enabled: false
 prefix_lists:
 - name: PL-LOOPBACKS-EVPN-OVERLAY
   sequence_numbers:
@@ -532,7 +536,7 @@ router_path_selection:
     id: 102
     ipsec_profile: CP-PROFILE
     local_interfaces:
-    - name: Ethernet4
+    - name: Port-Channel4
       stun:
         server_profiles:
         - INTERNET-pf1-Ethernet2