Integrate vMX in tungstenfabric environment
Related-PROD: PRODX-20668
Change-Id: I202bf3a25cf7fd4b70b43ce6d0b3e1397872c9ed
diff --git a/de/heat-templates/fragments/NetworkAccVM.yaml b/de/heat-templates/fragments/NetworkAccVM.yaml
index 4954b0f..ee7abab 100644
--- a/de/heat-templates/fragments/NetworkAccVM.yaml
+++ b/de/heat-templates/fragments/NetworkAccVM.yaml
@@ -13,7 +13,7 @@
default: []
tungstenfabric_enabled:
type: boolean
- control_network_vsrx_peering_ip:
+ control_network_ext_router_ip:
type: string
default: ''
private_floating_network_cidr:
@@ -53,7 +53,7 @@
condition: cond_extra_routes
properties:
destination: { get_param: private_floating_network_cidr }
- nexthop: { get_param: control_network_vsrx_peering_ip }
+ nexthop: { get_param: control_network_ext_router_ip }
router_id: { get_resource: router }
diff --git a/de/heat-templates/fragments/NetworkPrvFl.yaml b/de/heat-templates/fragments/NetworkPrvFl.yaml
index 20a50a4..29bd1da 100644
--- a/de/heat-templates/fragments/NetworkPrvFl.yaml
+++ b/de/heat-templates/fragments/NetworkPrvFl.yaml
@@ -7,27 +7,6 @@
type: string
private_floating_network_ipam_pool_end:
type: string
- private_floating_network_gateway:
- type: string
- default: ''
- accessible_network:
- type: string
- default: ''
- control_network_vsrx_peering_ip:
- type: string
- default: ''
- data_network_vsrx_ip:
- type: string
- tun_network:
- type: string
- vsrx_image:
- type: string
- default: mos-vsrx-acc-fl-tun
- vsrx_flavor:
- type: string
- default: oc_vsrx
- public_net_id:
- type: string
resources:
diff --git a/de/heat-templates/fragments/vMX.yaml b/de/heat-templates/fragments/vMX.yaml
new file mode 100644
index 0000000..f0dd60c
--- /dev/null
+++ b/de/heat-templates/fragments/vMX.yaml
@@ -0,0 +1,147 @@
+heat_template_version: queens
+
+parameters:
+ linux_img:
+ type: string
+ description: Name of image to use for servers
+ linux_flav:
+ type: string
+ description: Name of image to use for servers
+ junos_flav:
+ type: string
+ description: Name of image to use for servers
+ junos_img:
+ type: string
+ description: Name of image to use for servers
+ vmx_gateway_ip:
+ type: string
+ description: Default GW for vmx
+ vmx_lo_ip:
+ type: string
+ description: lo ip addr (used for BGP peering)
+ evpn_network_vmx_ip:
+ type: string
+ description: vmx ip addr in a network for evpn test
+
+ accessible_network_id:
+ type: string
+ control_network_cidr:
+ type: string
+ control_network_vmx_ip:
+ type: string
+
+ tun_network_id:
+ type: string
+ tun_network_cidr:
+ type: string
+ tun_network_vmx_ip:
+ type: string
+
+ private_floating_network_id:
+ type: string
+ private_floating_network_cidr:
+ type: string
+ private_floating_network_gateway:
+ type: string
+
+ evpn_network_cidr:
+ type: string
+ evpn_network_ipam_pool_start:
+ type: string
+ evpn_network_ipam_pool_end:
+ type: string
+
+ public_net_id:
+ type: string
+
+resources:
+
+ accessible_server_port:
+ type: OS::Neutron::Port
+ properties:
+ network_id: { get_param: accessible_network_id }
+ port_security_enabled: false
+ fixed_ips:
+ - ip_address: {get_param: control_network_vmx_ip }
+
+ private_floating_server_port:
+ type: OS::Neutron::Port
+ properties:
+ network_id: { get_param: private_floating_network_id }
+ port_security_enabled: false
+ fixed_ips:
+ - ip_address: { get_param: private_floating_network_gateway}
+
+ tun_server_port:
+ type: OS::Neutron::Port
+ properties:
+ network_id: { get_param: tun_network_id }
+ port_security_enabled: false
+ fixed_ips:
+ - ip_address: { get_param: tun_network_vmx_ip}
+
+ server_floating_ip:
+ type: OS::Neutron::FloatingIP
+ properties:
+ floating_network_id: { get_param: public_net_id }
+ port_id: { get_resource: accessible_server_port }
+
+ vmx_int_network:
+ type: OS::Networking::VmxInternalNet
+
+ evpn_network:
+ type: OS::Networking::VmxFpcEvpnNet
+ properties:
+ evpn_network_cidr: { get_param: evpn_network_cidr }
+ evpn_network_ipam_pool_start: { get_param: evpn_network_ipam_pool_start }
+ evpn_network_ipam_pool_end: { get_param: evpn_network_ipam_pool_end }
+
+ evpn_server_port:
+ type: OS::Neutron::Port
+ properties:
+ network_id: { get_attr: [ evpn_network, evpn_network_id ] }
+ port_security_enabled: false
+ fixed_ips:
+ - ip_address: { get_param: evpn_network_vmx_ip }
+
+ re0:
+ type: OS::Nova::VmxRe
+ properties:
+ junos_flav: { get_param: junos_flav }
+ junos_img: { get_param: junos_img }
+ re_pfe_network: { get_attr: [ vmx_int_network, re_pfe_network ] }
+ access_port: { get_resource: accessible_server_port }
+ access_port_ip: {get_param: control_network_vmx_ip }
+ control_network_cidr: { get_param: control_network_cidr }
+ gateway_ip: { get_param: vmx_gateway_ip }
+ lo_ip: { get_param: vmx_lo_ip }
+ floating_port_ip: { get_param: private_floating_network_gateway }
+ tun_network_cidr: { get_param: tun_network_cidr }
+ tun_port_ip: { get_param: tun_network_vmx_ip }
+ evpn_port_ip: { get_param: evpn_network_vmx_ip }
+
+ fpc0:
+ type: OS::Nova::VmxFpcSingle
+ properties:
+ linux_img: { get_param: linux_img }
+ linux_flav: { get_param: linux_flav }
+ id: 0
+ re0_ip: { get_attr: [ fpc0_fixed_net, external_ip ] }
+ all_ports: [ { get_attr: [ fpc0_fixed_net, external_port ] },
+ { get_attr: [ fpc0_fixed_net, internal_port ] },
+ { get_resource: private_floating_server_port },
+ { get_resource: tun_server_port },
+ { get_resource: evpn_server_port } ]
+
+ fpc0_fixed_net:
+ type: OS::Networking::VmxFpcFixedNet
+ properties:
+ public_network: { get_param: accessible_network_id }
+ re_pfe_network: { get_attr: [ vmx_int_network, re_pfe_network ] }
+ id: 0
+ internal_ip: 128.0.0.16
+
+outputs:
+ re_floating_ip:
+ description: Floating IP address of server in public network
+ value: { get_attr: [ server_floating_ip, floating_ip_address ] }
diff --git a/de/heat-templates/fragments/NetworkPrvFlVSRX.yaml b/de/heat-templates/fragments/vSRX.yaml
similarity index 68%
rename from de/heat-templates/fragments/NetworkPrvFlVSRX.yaml
rename to de/heat-templates/fragments/vSRX.yaml
index 988121d..23d64b4 100644
--- a/de/heat-templates/fragments/NetworkPrvFlVSRX.yaml
+++ b/de/heat-templates/fragments/vSRX.yaml
@@ -1,17 +1,13 @@
heat_template_version: queens
parameters:
- private_floating_network_cidr:
- type: string
- private_floating_network_ipam_pool_start:
- type: string
- private_floating_network_ipam_pool_end:
+ private_floating_network_id:
type: string
private_floating_network_gateway:
type: string
accessible_network:
type: string
- control_network_vsrx_peering_ip:
+ control_network_vsrx_ip:
type: string
data_network_vsrx_ip:
type: string
@@ -31,33 +27,18 @@
resources:
- network:
- type: OS::Neutron::Net
- properties:
- port_security_enabled: false
- subnet:
- type: OS::Neutron::Subnet
- properties:
- network: { get_resource: network }
- enable_dhcp: false
- cidr: { get_param: private_floating_network_cidr }
- gateway_ip: ~
- allocation_pools:
- - start: { get_param: private_floating_network_ipam_pool_start }
- end: { get_param: private_floating_network_ipam_pool_end }
-
accessible_server_port:
type: OS::Neutron::Port
properties:
network_id: { get_param: accessible_network }
port_security_enabled: false
fixed_ips:
- - ip_address: {get_param: control_network_vsrx_peering_ip }
+ - ip_address: {get_param: control_network_vsrx_ip }
private_floating_server_port:
type: OS::Neutron::Port
properties:
- network_id: { get_resource: network }
+ network_id: { get_param: private_floating_network_id }
port_security_enabled: false
fixed_ips:
- ip_address: { get_param: private_floating_network_gateway}
@@ -89,10 +70,8 @@
- port: { get_resource: tun_server_port }
outputs:
- private_floating_network_id:
- value: { get_resource: network }
- private_floating_subnet_id:
- value: { get_resource: subnet }
server_public_ip:
description: Floating IP address of server in public network
value: { get_attr: [ server_floating_ip, floating_ip_address ] }
+ vsrx_show:
+ value: { get_attr: [ vsrx_instance, show ] }
diff --git a/de/heat-templates/fragments/vmx-components/bridges/bridges_internal.yaml b/de/heat-templates/fragments/vmx-components/bridges/bridges_internal.yaml
new file mode 100644
index 0000000..4e203bf
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/bridges/bridges_internal.yaml
@@ -0,0 +1,26 @@
+heat_template_version: 2015-10-15
+parameters:
+
+resources:
+ bridge_net_re_pfe:
+ type: OS::Neutron::Net
+ properties:
+ admin_state_up: true
+ name:
+ str_replace:
+ template: "%ident%-vfp0-to-vcp0"
+ params:
+ '%ident%': {get_param: "OS::stack_name"}
+
+ bridge_network_subnet_re_pfe:
+ properties:
+ cidr: 128.0.0.0/24
+ network_id: {get_resource: bridge_net_re_pfe}
+ enable_dhcp: False
+ gateway_ip: 128.0.0.3
+ type: OS::Neutron::Subnet
+
+outputs:
+ re_pfe_network:
+ description: RE-PFE bridge
+ value: {get_resource: bridge_net_re_pfe}
diff --git a/de/heat-templates/fragments/vmx-components/network/evpn_network.yaml b/de/heat-templates/fragments/vmx-components/network/evpn_network.yaml
new file mode 100644
index 0000000..384f3c0
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/network/evpn_network.yaml
@@ -0,0 +1,28 @@
+heat_template_version: queens
+
+parameters:
+ evpn_network_cidr:
+ type: string
+ evpn_network_ipam_pool_start:
+ type: string
+ evpn_network_ipam_pool_end:
+ type: string
+
+resources:
+
+ network:
+ type: OS::Neutron::Net
+ subnet:
+ type: OS::Neutron::Subnet
+ properties:
+ network: { get_resource: network }
+ enable_dhcp: false
+ cidr: { get_param: evpn_network_cidr }
+ gateway_ip: ~
+ allocation_pools:
+ - start: { get_param: evpn_network_ipam_pool_start }
+ end: { get_param: evpn_network_ipam_pool_end }
+
+outputs:
+ evpn_network_id:
+ value: { get_resource: network }
diff --git a/de/heat-templates/fragments/vmx-components/ports/port.yaml b/de/heat-templates/fragments/vmx-components/ports/port.yaml
new file mode 100755
index 0000000..25fbb0c
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/ports/port.yaml
@@ -0,0 +1,26 @@
+heat_template_version: 2015-10-15
+parameters:
+ vnetwork_id: {description: ID of network, type: string}
+ pname: {description: name, type: string}
+
+resources:
+ port:
+ type: OS::Neutron::Port
+ properties:
+ port_security_enabled: false
+ network: {get_param: vnetwork_id}
+ name:
+ str_replace:
+ template: "%ident%_%name%"
+ params:
+ '%ident%': {get_param: "OS::stack_name"}
+ '%name%': {get_param: pname}
+
+outputs:
+ port:
+ description: port
+ value: { get_resource: port}
+ ip:
+ description: The IP address assigned to the VM
+ value: { get_attr: [port, fixed_ips, 0, ip_address] }
+
diff --git a/de/heat-templates/fragments/vmx-components/ports/re_pfe_port.yaml b/de/heat-templates/fragments/vmx-components/ports/re_pfe_port.yaml
new file mode 100755
index 0000000..0e1a1e0
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/ports/re_pfe_port.yaml
@@ -0,0 +1,24 @@
+heat_template_version: 2015-10-15
+parameters:
+ vnetwork_id: {description: ID of network, type: string}
+ ip_addr: {description: Fixed IP, type: string}
+ name: {description: name, type: string}
+
+resources:
+ port:
+ type: OS::Neutron::Port
+ properties:
+ port_security_enabled: false
+ name: {get_param: name}
+ network: {get_param: vnetwork_id}
+ fixed_ips:
+ - ip_address: {get_param: ip_addr}
+
+outputs:
+ port:
+ description: port
+ value: { get_resource: port}
+ ip:
+ description: The IP address assigned to the VM
+ value: { get_attr: [port, fixed_ips, 0, ip_address] }
+
diff --git a/de/heat-templates/fragments/vmx-components/vms/fpc.yaml b/de/heat-templates/fragments/vmx-components/vms/fpc.yaml
new file mode 100644
index 0000000..301e4e2
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/vms/fpc.yaml
@@ -0,0 +1,54 @@
+heat_template_version: 2015-10-15
+parameters:
+ project_name: {description: Project name, type: string}
+ id: {description: FPC id, type: string}
+ linux_img: {description: Linux PFE image, type: string}
+ linux_flav: {description: Type of FPC/linux Image, type: string}
+ gateway_ip: {description: ip of gateway, type: string}
+ re0_ip: {description: ip of RE0, type: string}
+ all_ports: {description: ge port list, type: comma_delimited_list}
+ stack_name: {description: Stack name, type: string}
+
+resources:
+ fpc:
+ properties:
+ config_drive: true
+ flavor: {get_param: linux_flav}
+ image: {get_param: linux_img}
+ metadata:
+ boot_noveriexec: 'yes'
+ gateway: {get_param: gateway_ip}
+ hostname:
+ str_replace:
+ template: "Instance_%proj%-%ident%-fpc%id%"
+ params:
+ '%proj%': {get_param: project_name}
+ '%ident%': {get_param: stack_name}
+ '%id%': {get_param: id}
+ hw.pci.link.0x60.irq: 10
+ netmask: '24'
+ re0_ip: {get_param: re0_ip}
+ vm_chassname: {get_param: stack_name}
+ vm_chassis_i2cid: "161"
+ vm_i2cid: '0xBAA'
+ vm_instance: {get_param: id}
+ vm_is_virtual: 1
+ vm_ore_present: 0
+ vm_retype: RE-VMX
+ vmchtype: mx240
+ vmtype: 1
+ name:
+ str_replace:
+ template: "Instance_%proj%-%ident%_fpc%id%"
+ params:
+ '%proj%': {get_param: project_name}
+ '%ident%': {get_param: stack_name}
+ '%id%': {get_param: id}
+ networks:
+ repeat:
+ for_each:
+ <%ports%>: { get_param: all_ports }
+ template:
+ port: <%ports%>
+ type: OS::Nova::Server
+
diff --git a/de/heat-templates/fragments/vmx-components/vms/fpc_fixed_net.yaml b/de/heat-templates/fragments/vmx-components/vms/fpc_fixed_net.yaml
new file mode 100644
index 0000000..5e0b231
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/vms/fpc_fixed_net.yaml
@@ -0,0 +1,40 @@
+heat_template_version: 2015-10-15
+parameters:
+ public_network: {description: ID of public network, type: string}
+ re_pfe_network: {description: ID of RE-PFE network, type: string}
+ id: {description: ID of port, type: string}
+ internal_ip: {description: IP of internal port, type: string}
+
+resources:
+ external_port:
+ type: ../ports/port.yaml
+ properties:
+ vnetwork_id: {get_param: public_network}
+ pname:
+ str_replace:
+ template: "public_fpc_%id%"
+ params:
+ '%id%': {get_param: id}
+
+ internal_port:
+ type: ../ports/re_pfe_port.yaml
+ properties:
+ vnetwork_id: {get_param: re_pfe_network}
+ ip_addr: {get_param: internal_ip}
+ name:
+ str_replace:
+ template: "Port_%ident%_internal_fpc_%id%"
+ params:
+ '%ident%': {get_param: "OS::stack_name"}
+ '%id%': {get_param: id}
+
+outputs:
+ external_port:
+ description: external port
+ value: {get_attr: [external_port, port]}
+ external_ip:
+ description: external port IP
+ value: {get_attr: [external_port, ip]}
+ internal_port:
+ description: internal port
+ value: {get_attr: [internal_port, port]}
diff --git a/de/heat-templates/fragments/vmx-components/vms/fpc_no_metadata.yaml b/de/heat-templates/fragments/vmx-components/vms/fpc_no_metadata.yaml
new file mode 100644
index 0000000..ba129af
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/vms/fpc_no_metadata.yaml
@@ -0,0 +1,26 @@
+heat_template_version: 2015-10-15
+parameters:
+ id: {description: FPC id, type: string}
+ linux_img: {description: Linux PFE image, type: string}
+ linux_flav: {description: Type of FPC/linux Image, type: string}
+ re0_ip: {description: ip of RE0, type: string}
+ all_ports: {description: ge port list, type: comma_delimited_list}
+
+resources:
+ fpc:
+ type: OS::Nova::Server
+ properties:
+ flavor: {get_param: linux_flav}
+ image: {get_param: linux_img}
+ name:
+ str_replace:
+ template: "vMX_fpc%id%_%ident%"
+ params:
+ '%ident%': {get_param: "OS::stack_name"}
+ '%id%': {get_param: id}
+ networks:
+ repeat:
+ for_each:
+ <%ports%>: { get_param: all_ports }
+ template:
+ port: <%ports%>
diff --git a/de/heat-templates/fragments/vmx-components/vms/re.yaml b/de/heat-templates/fragments/vmx-components/vms/re.yaml
new file mode 100755
index 0000000..0c52f50
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/vms/re.yaml
@@ -0,0 +1,67 @@
+heat_template_version: 2015-10-15
+parameters:
+ access_port: {description: ID of public port, type: string}
+ access_port_ip: {description: IP of public port, type: string}
+ control_network_cidr: { type: string }
+ re_pfe_network: {description: ID of RE-PFE network, type: string}
+ junos_flav: {description: Type of Image, type: string}
+ junos_img: {description: Junos RE image, type: string}
+ gateway_ip: {description: ip of gateway, type: string}
+ lo_ip: {description: ip of lo interface, type: string}
+ floating_port_ip: { type: string }
+ tun_network_cidr: { type: string }
+ tun_port_ip: { description: ip of interface from data (tunnel) network, type: string }
+ evpn_port_ip: { description: ip of interface from network for evpn test, type: string }
+
+resources:
+ re_fixed_net:
+ type: vm_fixed_net.yaml
+ properties:
+ re_pfe_network: { get_param: re_pfe_network }
+ ext_name: public_re
+ int_name: internal_re
+ internal_ip: 128.0.0.1
+
+ re:
+ type: OS::Nova::Server
+ properties:
+ config_drive: true
+ flavor: {get_param: junos_flav}
+ image: {get_param: junos_img}
+ metadata:
+ gateway: { get_param: gateway_ip }
+ hostname: "vMX_re0"
+ hw.pci.link.0x60.irq: 10
+ netmask: '24'
+ re0_ip:
+ {get_param: access_port_ip}
+ vm_chassis_i2cid: "161"
+ vm_chassisname: {get_param: "OS::stack_name"}
+ vm_chassname: {get_param: "OS::stack_name"}
+ vm_i2cid: '0xBAA'
+ vm_instance: 0
+ vm_is_virtual: 1
+ vm_ore_present: 0
+ vm_retype: RE-VMX
+ vmchtype: mx240
+ vmtype: 0
+ console: vidconsole
+ name:
+ str_replace:
+ template: "vMX_re0_%ident%"
+ params:
+ '%ident%': {get_param: "OS::stack_name"}
+ networks:
+ - port: {get_param: access_port}
+ - port: {get_attr: [re_fixed_net, internal_port]}
+ personality:
+ /var/db/cumulus/baseline_config.template:
+ str_replace:
+ template: { get_file: vmx_evpn.conf }
+ params:
+ $lo_ip: { get_param: lo_ip }
+ $floating_port_ip: { get_param: floating_port_ip }
+ $control_network_cidr: { get_param: control_network_cidr }
+ $tun_network_cidr: { get_param: tun_network_cidr }
+ $tun_port_ip: { get_param: tun_port_ip }
+ $evpn_port_ip: { get_param: evpn_port_ip }
diff --git a/de/heat-templates/fragments/vmx-components/vms/vm_fixed_net.yaml b/de/heat-templates/fragments/vmx-components/vms/vm_fixed_net.yaml
new file mode 100644
index 0000000..7e1c0c4
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/vms/vm_fixed_net.yaml
@@ -0,0 +1,24 @@
+heat_template_version: 2015-10-15
+parameters:
+ re_pfe_network: {description: ID of RE-PFE network, type: string}
+ ext_name: {description: name of external port, type: string}
+ int_name: {description: name of internal port, type: string}
+ internal_ip: {description: IP of internal port, type: string}
+
+resources:
+
+ internal_port:
+ type: ../ports/re_pfe_port.yaml
+ properties:
+ vnetwork_id: {get_param: re_pfe_network}
+ ip_addr: {get_param: internal_ip}
+ name:
+ str_replace:
+ template: "Port_%ident%_%name%"
+ params:
+ '%ident%': {get_param: "OS::stack_name"}
+ '%name%': {get_param: int_name}
+outputs:
+ internal_port:
+ description: internal port
+ value: {get_attr: [internal_port, port]}
diff --git a/de/heat-templates/fragments/vmx-components/vms/vmx_evpn.conf b/de/heat-templates/fragments/vmx-components/vms/vmx_evpn.conf
new file mode 100755
index 0000000..9fe0dc7
--- /dev/null
+++ b/de/heat-templates/fragments/vmx-components/vms/vmx_evpn.conf
@@ -0,0 +1,177 @@
+groups {
+ re0 {
+ system {
+ host-name %hostname%;
+ backup-router %gateway%;
+ }
+ interfaces {
+ fxp0 { # Management/telnet Interface
+ unit 0 {
+ family inet {
+ address %re0_ip%/%netmask%; # Management/telnet address
+ }
+ }
+ }
+ }
+ }
+ global {
+ system {
+ debugger-on-panic;
+ debugger-on-break;
+ dump-on-panic;
+ services {
+ finger;
+ ftp;
+ rlogin;
+ rsh;
+ ssh;
+ telnet;
+ xnm-clear-text;
+ }
+ syslog {
+ host log {
+ kernel info;
+ any notice;
+ pfe info;
+ interactive-commands any;
+ }
+ file messages {
+ kernel info;
+ any notice;
+ authorization info;
+ pfe info;
+ archive world-readable;
+ }
+ file security {
+ interactive-commands any;
+ archive world-readable;
+ }
+ }
+ processes {
+ routing enable;
+ ntp enable;
+ management enable;
+ watchdog enable;
+ snmp enable;
+ inet-process enable;
+ mib-process enable;
+ }
+ }
+ chassis {
+ dump-on-panic;
+ }
+ interfaces {
+ lo0 { # Local Loopback interface.
+ unit 0 {
+ family inet {
+ address $lo_ip/32;
+ }
+ }
+ }
+ ge-0/0/0 {
+ unit 0 {
+ family inet {
+ address $floating_port_ip/24;
+ }
+ }
+ }
+ ge-0/0/1 {
+ unit 0 {
+ family inet {
+ address $tun_port_ip/24;
+ }
+ }
+ }
+ ge-0/0/2 {
+ unit 0 {
+ family bridge {
+ interface-mode access;
+ vlan-id 100;
+ }
+ }
+ }
+ irb {
+ unit 100 {
+ family inet {
+ address $evpn_port_ip/24;
+ }
+ }
+ }
+ }
+ snmp {
+ interface fxp0.0;
+ community public {
+ authorization read-only;
+ }
+ community private {
+ authorization read-write;
+ }
+ }
+ routing-options {
+ static {
+ route 0.0.0.0/0 next-hop %gateway%;
+ }
+ router-id $lo_ip;
+ route-distinguisher-id $lo_ip;
+ autonomous-system 64512;
+ }
+ protocols {
+ bgp {
+ group Contrail_Controller {
+ type internal;
+ local-address $lo_ip;
+ keep all;
+ family evpn {
+ signaling;
+ }
+ allow [ $control_network_cidr $tun_network_cidr ];
+ }
+ }
+ }
+ routing-instances {
+ VIRTUAL_SWITCH {
+ vtep-source-interface lo0.0;
+ instance-type virtual-switch;
+ interface ge-0/0/2.0;
+ route-distinguisher 64512:100;
+ vrf-target target:64512:100;
+ protocols {
+ evpn {
+ encapsulation vxlan;
+ extended-vni-list 100;
+ multicast-mode ingress-replication;
+ }
+ }
+ bridge-domains {
+ BD100 {
+ domain-type bridge;
+ vlan-id 100;
+ routing-interface irb.100;
+ vxlan {
+ vni 100;
+ ingress-node-replication;
+ }
+ }
+ }
+ }
+ }
+ }
+}
+apply-groups [ global re0 ];
+system {
+ root-authentication {
+ encrypted-password "$6$.5tcJTSN$KPRcnIU50oyAWSanuWg7Hktab.kBauqIrjO33YERofHkD0nTTELOLVHnkA/sdoW5.qzg6IVBTg3xQE6wmnuaT0"; ## SECRET-DATA
+ }
+ ports {
+ console log-out-on-disconnect;
+ }
+ services {
+ netconf {
+ ssh;
+ rfc-compliant;
+ }
+ }
+}
+chassis {
+ network-services enhanced-ip;
+}