-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathnew-l2l3vni.yml
111 lines (95 loc) · 3.12 KB
/
new-l2l3vni.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
---
- hosts: leaf
vars:
asn: 65401
vlans_l2vni:
- { vlan_id: 13, vni_id: 10013, addr: 10.0.11.1, mask: 24, mcast_grp: 239.1.1.0, vrf: dmz, interfaces: ["ethernet1/2"]}
#- { vlan_id: 2300, vni_id: 30000, addr: 172.10.10.1, mask: 24, mcast_grp: 239.1.1.0, vrf: prod-internal, interfaces: ["ethernet1/3"]}
vlans_l3vni:
- { vlan_id: 1300, vni_id: 13000, vrf: dmz }
#- { vlan_id: 2000, vni_id: 50000, vrf: prod-internal }
vrfs:
- { vrf: dmz, vni_id: 13000, afi: ipv4, safi: unicast }
tasks:
- name: CONFIGURE TENANT VRFs
nxos_vrf:
vrf: "{{ item.vrf }}"
vni: "{{ item.vni_id }}"
rd: auto
state: present
with_items: "{{ vrfs }}"
- name: CONFIGURE VLAN TO VNI MAPPING
nxos_vlan:
vlan_id: "{{ item.vlan_id }}"
mapped_vni: "{{ item.vni_id }}"
with_items:
- "{{ vlans_l2vni }}"
- "{{ vlans_l3vni }}"
- name: CONFIGURE VXLAN VTEP NVE INTERFACE L2VNI MAPPING WITH INGRESS REPLICATION
nxos_vxlan_vtep_vni:
interface: nve1
vni: "{{ item.vni_id }}"
ingress_replication: bgp
#multicast_group: "{{ item.mcast_grp }}"
suppress_arp: false
with_items: "{{ vlans_l2vni }}"
- name: CONFIGURE SVIs THAT ARE MAPPED TO VNIs
nxos_interface:
interface: "vlan{{ item.vlan_id }}"
admin_state: up
with_items:
- "{{ vlans_l2vni }}"
- "{{ vlans_l3vni }}"
- name: ASSOCIATE INTERFACES TO TENANT VRF
nxos_vrf_interface:
vrf: "{{ item.vrf }}"
interface: "vlan{{ item.vlan_id }}"
with_items:
- "{{ vlans_l2vni }}"
- "{{ vlans_l3vni }}"
- name: ENABLE ANYCAST GW UNDER L2VNI SVI
nxos_interface:
interface: "vlan{{ item.vlan_id }}"
fabric_forwarding_anycast_gateway: true
with_items: "{{ vlans_l2vni }}"
- name: CONFIGURE IP ADDRESS TO L2VNI SVI
nxos_l3_interface:
name: "vlan{{ item.vlan_id }}"
ipv4: "{{ item.addr }}/{{ item.mask }}"
with_items: "{{ vlans_l2vni }}"
- name: CONFIGURE L2 ACCESS PORTS
cisco.nxos.nxos_l2_interfaces:
config:
- name: "{{ item.1 }}" #"Ethernet1/2"
access:
vlan: "{{ item.0.vlan_id }}"
loop: "{{ vlans_l2vni| subelements('interfaces') }}"
tags: "accessports"
#L3 VNI section
- name: CONFIGURE VXLAN VTEP NVE INTERFACE L3VNI MAPPING
nxos_vxlan_vtep_vni:
interface: nve1
vni: "{{ item.vni_id }}"
assoc_vrf: "true"
with_items: "{{ vlans_l3vni }}"
- name: CONFIGURE IP FORWARD UNDER L3VNI SVI
nxos_interface:
interface: "vlan{{ item.vlan_id }}"
ip_forward: enable
with_items: "{{ vlans_l3vni }}"
- name: CONFIGURE TENANT VRFs UNDER BGP PROCESS
nxos_bgp_af:
asn: "{{ asn }}"
vrf: "{{ item.vrf }}"
afi: "{{ item.afi }}"
safi: "{{ item.safi }}"
advertise_l2vpn_evpn: "true"
with_items: "{{ vrfs }}"
- name: CONFIGURE EVPN CONTROL PLANE FOR L2 SERVICES
cisco.nxos.nxos_evpn_vni:
vni: "{{ item.vni_id }}"
route_distinguisher: auto
route_target_export: auto
route_target_import: auto
#route_target_both: default
with_items: "{{ vlans_l2vni }}"