From 6a2521419c0c6fec7f4abac01a646a355889c2fd Mon Sep 17 00:00:00 2001 From: Arthur Dodin Date: Wed, 10 Jun 2026 19:35:55 +0200 Subject: [PATCH] vxlan labs --- vxlan-lab2/leaf01.txt | 406 +++++++++++++++++++++++++++++ vxlan-lab2/leaf02.txt | 403 +++++++++++++++++++++++++++++ vxlan-lab2/spine01.txt | 351 +++++++++++++++++++++++++ vxlan-lab2/spine02.txt | 347 +++++++++++++++++++++++++ vxlan-lab3/leaf01.txt | 414 ++++++++++++++++++++++++++++++ vxlan-lab3/leaf02.txt | 411 ++++++++++++++++++++++++++++++ vxlan-lab3/server01.txt | 300 ++++++++++++++++++++++ vxlan-lab3/spine01.txt | 351 +++++++++++++++++++++++++ vxlan-lab3/spine02.txt | 347 +++++++++++++++++++++++++ vxlan-lab4/access01.txt | 363 ++++++++++++++++++++++++++ vxlan-lab4/leaf01.txt | 430 +++++++++++++++++++++++++++++++ vxlan-lab4/leaf02.txt | 427 +++++++++++++++++++++++++++++++ vxlan-lab4/server01.txt | 300 ++++++++++++++++++++++ vxlan-lab4/spine01.txt | 351 +++++++++++++++++++++++++ vxlan-lab4/spine02.txt | 347 +++++++++++++++++++++++++ vxlan-lab5/access01.txt | 363 ++++++++++++++++++++++++++ vxlan-lab5/leaf01.txt | 430 +++++++++++++++++++++++++++++++ vxlan-lab5/leaf02.txt | 427 +++++++++++++++++++++++++++++++ vxlan-lab5/leaf03.txt | 549 ++++++++++++++++++++++++++++++++++++++++ vxlan-lab5/server01.txt | 300 ++++++++++++++++++++++ vxlan-lab5/spine01.txt | 360 ++++++++++++++++++++++++++ vxlan-lab5/spine02.txt | 356 ++++++++++++++++++++++++++ 22 files changed, 8333 insertions(+) create mode 100644 vxlan-lab2/leaf01.txt create mode 100644 vxlan-lab2/leaf02.txt create mode 100644 vxlan-lab2/spine01.txt create mode 100644 vxlan-lab2/spine02.txt create mode 100644 vxlan-lab3/leaf01.txt create mode 100644 vxlan-lab3/leaf02.txt create mode 100644 vxlan-lab3/server01.txt create mode 100644 vxlan-lab3/spine01.txt create mode 100644 vxlan-lab3/spine02.txt create mode 100644 vxlan-lab4/access01.txt create mode 100644 vxlan-lab4/leaf01.txt create mode 100644 vxlan-lab4/leaf02.txt create mode 100644 vxlan-lab4/server01.txt create mode 100644 vxlan-lab4/spine01.txt create mode 100644 vxlan-lab4/spine02.txt create mode 100644 vxlan-lab5/access01.txt create mode 100644 vxlan-lab5/leaf01.txt create mode 100644 vxlan-lab5/leaf02.txt create mode 100644 vxlan-lab5/leaf03.txt create mode 100644 vxlan-lab5/server01.txt create mode 100644 vxlan-lab5/spine01.txt create mode 100644 vxlan-lab5/spine02.txt diff --git a/vxlan-lab2/leaf01.txt b/vxlan-lab2/leaf01.txt new file mode 100644 index 0000000..c2b8c18 --- /dev/null +++ b/vxlan-lab2/leaf01.txt @@ -0,0 +1,406 @@ +hostname Leaf-01 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +vrf definition green + rd 1:1 + ! + address-family ipv4 + route-target export 1:1 + route-target import 1:1 + route-target export 1:1 stitching + route-target import 1:1 stitching + exit-address-family + ! + address-family ipv6 + route-target export 1:1 + route-target import 1:1 + route-target export 1:1 stitching + route-target import 1:1 stitching + exit-address-family +! +no aaa new-model +switch 1 provision c9300l-24p-4g +! +! +! +! +ip routing +! +! +! +! +! +ip multicast-routing +! +! +! +login on-success log +! +! +! +! +! +! +! +l2vpn evpn + replication-type static + router-id Loopback1 + default-gateway advertise +! +l2vpn evpn instance 101 vlan-based + encapsulation vxlan + replication-type static +! +l2vpn evpn instance 102 vlan-based + encapsulation vxlan + replication-type ingress +! +! +crypto pki trustpoint TP-self-signed-2748515057 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-2748515057 + revocation-check none + rsakeypair TP-self-signed-2748515057 + hash sha512 +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +! +crypto pki certificate chain TP-self-signed-2748515057 + certificate self-signed 01 + 30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 31312F30 2D060355 04030C26 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 32373438 35313530 3537301E 170D3236 30363130 30393433 + 30385A17 0D333630 36303930 39343330 385A3031 312F302D 06035504 030C2649 + 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 37343835 + 31353035 37308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201 + 0A028201 0100A4CA 45163B01 9C334AAA 046F7B18 E9F8D151 8996B5B5 CA96FC78 + 870C057E 929F7011 CAE9A00E E5DDD799 2C2581D3 413DFC7C 49B38DF0 48A0216E + 4EF4C65C F1D1F4EF 545370F3 3FA69C4B 22948881 F7B28644 2A4F2865 026EF500 + F57BBC11 4C13CEC6 841421DB 34EDCB47 510668FF 5FBF525E CF9020ED 51414B3D + 07601E2A 4A30A706 2DDD6EEE B7B2AE7A C37820D3 C08BAA78 C1D030E7 B3F1C8EA + FECCFF10 363296DB 9E0C3A97 C1E7C416 75425A88 AEBB0AA0 6D0BC326 9043BC8C + CB75A544 AA9FFDB0 67E22FD9 5CE66812 B58FADDA 5B7993CA 4F7D7F37 B179642C + 873C129B 2DAC8D5E 4BF6CF5D 03D41302 EA4A481E 53DF7648 00D7668A E6B1672F + 1397D45A 21350203 010001A3 53305130 1D060355 1D0E0416 041447B1 391FE1B2 + 9088CF66 FCA5F571 4DDE8252 2C85301F 0603551D 23041830 16801447 B1391FE1 + B29088CF 66FCA5F5 714DDE82 522C8530 0F060355 1D130101 FF040530 030101FF + 300D0609 2A864886 F70D0101 0D050003 82010100 74081052 95A744B6 9812BACC + 0743C4D2 0957BE9A D49CCB1B 36F41237 0F9C8512 F82BD6CF 7BC20495 C544C441 + B37CC3B6 D3F2A35B 8B47EF95 E6545B01 763887D5 97D4A247 019D3387 D29DC699 + 25C45B3F 674662BB DFF0B1CC 6E50C91B 3C843D3E AEEC6BE1 6577D36F E99946F3 + 52E02B0E 162902B9 F6477EF8 C59D0955 D7351E18 671F96B8 B8569431 4A90FD04 + C543996B 633FB9CB 48BA7FB6 EC39E137 11FA78DE 6E4FD609 FACC9D0C D1ED2A2C + 3B7A7B1C 29D4F096 1CB08698 9E83B983 B4B7045C 7166B0A4 1C3E8E20 75F9FC2D + 202298E3 F6328325 8790A997 C757940F 2B0543EC 3D01B7BC F48D979D 392C21D8 + 3017E967 7743A155 D97B6463 28E467DD 3E8D9D3F + quit +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +vlan configuration 101 + member evpn-instance 101 vni 10101 +vlan configuration 102 + member evpn-instance 102 vni 10102 +vlan configuration 901 + member vni 50901 +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + ip address 172.16.255.3 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback1 + ip address 172.16.254.3 255.255.255.255 + ip pim sparse-mode + ip ospf 1 area 0 +! +interface Port-channel12 + switchport access vlan 101 + switchport mode access + evpn ethernet-segment 1 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet1/0/1 + no switchport + ip address 172.16.13.3 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/2 + no switchport + ip address 172.16.23.3 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/3 +! +interface GigabitEthernet1/0/4 +! +interface GigabitEthernet1/0/5 +! +interface GigabitEthernet1/0/6 +! +interface GigabitEthernet1/0/7 +! +interface GigabitEthernet1/0/8 +! +interface GigabitEthernet1/0/9 +! +interface GigabitEthernet1/0/10 + switchport mode trunk +! +interface GigabitEthernet1/0/11 +! +interface GigabitEthernet1/0/12 +! +interface GigabitEthernet1/0/13 +! +interface GigabitEthernet1/0/14 +! +interface GigabitEthernet1/0/15 +! +interface GigabitEthernet1/0/16 +! +interface GigabitEthernet1/0/17 +! +interface GigabitEthernet1/0/18 +! +interface GigabitEthernet1/0/19 +! +interface GigabitEthernet1/0/20 +! +interface GigabitEthernet1/0/21 +! +interface GigabitEthernet1/0/22 +! +interface GigabitEthernet1/0/23 +! +interface GigabitEthernet1/0/24 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/1/1 +! +interface GigabitEthernet1/1/2 +! +interface GigabitEthernet1/1/3 +! +interface GigabitEthernet1/1/4 +! +interface AppGigabitEthernet1/0/1 +! +interface Vlan1 + no ip address +! +interface Vlan101 + vrf forwarding green + ip address 10.1.101.1 255.255.255.0 +! +interface Vlan102 + vrf forwarding green + ip address 10.1.102.1 255.255.255.0 +! +interface Vlan901 + vrf forwarding green + ip unnumbered Loopback1 + ipv6 enable + no autostate +! +interface nve1 + no ip address + source-interface Loopback1 + host-reachability protocol bgp + member vni 10101 mcast-group 225.0.0.101 + member vni 10102 ingress-replication + member vni 50901 vrf green +! +router ospf 1 + router-id 172.16.255.3 +! +router bgp 65001 + bgp log-neighbor-changes + no bgp default ipv4-unicast + neighbor 172.16.255.1 remote-as 65001 + neighbor 172.16.255.1 update-source Loopback0 + neighbor 172.16.255.2 remote-as 65001 + neighbor 172.16.255.2 update-source Loopback0 + ! + address-family ipv4 + redistribute static + redistribute connected + exit-address-family + ! + address-family l2vpn evpn + neighbor 172.16.255.1 activate + neighbor 172.16.255.1 send-community both + neighbor 172.16.255.2 activate + neighbor 172.16.255.2 send-community both + exit-address-family + ! + address-family ipv4 vrf green + advertise l2vpn evpn + redistribute static + redistribute connected + exit-address-family +! +ip forward-protocol nd +ip http server +ip http authentication local +ip http secure-server +ip pim rp-address 172.16.255.255 +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end diff --git a/vxlan-lab2/leaf02.txt b/vxlan-lab2/leaf02.txt new file mode 100644 index 0000000..d0b7d98 --- /dev/null +++ b/vxlan-lab2/leaf02.txt @@ -0,0 +1,403 @@ +hostname Leaf-02 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +vrf definition green + rd 1:1 + ! + address-family ipv4 + route-target export 1:1 + route-target import 1:1 + route-target export 1:1 stitching + route-target import 1:1 stitching + exit-address-family + ! + address-family ipv6 + route-target export 1:1 + route-target import 1:1 + route-target export 1:1 stitching + route-target import 1:1 stitching + exit-address-family +! +no aaa new-model +switch 1 provision c9300l-24p-4g +! +! +! +! +ip routing +! +! +! +! +! +ip multicast-routing +! +! +! +login on-success log +! +! +! +! +! +! +! +l2vpn evpn + replication-type static + router-id Loopback1 + default-gateway advertise +! +l2vpn evpn instance 101 vlan-based + encapsulation vxlan +! +l2vpn evpn instance 102 vlan-based + encapsulation vxlan + replication-type ingress +! +! +crypto pki trustpoint TP-self-signed-4106980722 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-4106980722 + revocation-check none + rsakeypair TP-self-signed-4106980722 + hash sha512 +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +! +crypto pki certificate chain TP-self-signed-4106980722 + certificate self-signed 01 + 30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 31312F30 2D060355 04030C26 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 34313036 39383037 3232301E 170D3236 30363130 30393433 + 32345A17 0D333630 36303930 39343332 345A3031 312F302D 06035504 030C2649 + 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 31303639 + 38303732 32308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201 + 0A028201 01009849 F78BD093 74C4F07A A3855635 0B226D1D DB524A61 14AB07A6 + 6CC41BC9 29B861FA 10F734FE A0115CFF 44B53345 C2C5CCDB E6508E36 734F83D1 + 2586BBFA 55FBCA7D 731EEA2D 7F9C13F9 B6D04514 DE51D43E DD9BE04C 9841316B + 9CD765D7 2A999541 D078E1F7 4BD9597A 5BA09FBA CBFD2EF7 92BBAD66 C4FA8535 + 2057BC14 1E11B218 7A021057 C7EBCDC9 FCED0B91 FD84E5A2 CAD4F661 FE66AA2B + ABF56705 125F5B97 521EE401 AF66FBAD 42ACAF73 4B7F3A2F 3FA2AE03 69DC2A88 + F7616397 B13E3B37 A762AFA4 D51576B7 3F0A039B 40C64DDB 39F2F686 2EF72BED + 2729B749 FBE8DF8D 8A6FFB1B 569E2220 C1A81171 5481BB56 E470941D 3311E8BD + C9C59E75 06FF0203 010001A3 53305130 1D060355 1D0E0416 04141AB2 BB3AB3AE + 642F201E BA75F878 589FFAEA D5D0301F 0603551D 23041830 1680141A B2BB3AB3 + AE642F20 1EBA75F8 78589FFA EAD5D030 0F060355 1D130101 FF040530 030101FF + 300D0609 2A864886 F70D0101 0D050003 82010100 81BBF69B F9F2A5B6 7F3CF96D + 506E8D43 964DAF2A D9221CF1 D84E4841 CE94D992 2F383B63 A782E3AE 730C0D05 + 9D60B3ED 9A899D23 F4F741F5 B3CCAD4B CBABEDE8 F9151F0A 3917E943 DF117766 + 3EF0FB53 0D5402EC ED33225C C267C600 5E22DD5A 4D62D87B 84D58914 37FA19E6 + F25C4B0E E6A9A72D D82F58C3 3D9BA708 96F92047 443276F4 848F07CB 0275B5D7 + A3A9EA89 76E1C857 9C5C1FD6 C8AD6829 63A45513 4122EE6B 2DC85CDF 6DC4D8F4 + 9A649698 6E60811F 9935D7BD BFC23EAB 6B669C74 FE480A50 DEC87777 6EDF0E59 + D198B7DC 29ADEE47 F562740E 870D9503 36816813 48CACEA0 AB336A54 A25BA97F + A4631BDF 907B0213 DA1B804E 72F4FA8B AFA4F633 + quit +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +vlan configuration 101 + member evpn-instance 101 vni 10101 +vlan configuration 102 + member evpn-instance 102 vni 10102 +vlan configuration 901 + member vni 50901 +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + ip address 172.16.255.4 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback1 + ip address 172.16.254.4 255.255.255.255 + ip pim sparse-mode + ip ospf 1 area 0 +! +interface Port-channel12 + switchport access vlan 101 + switchport mode access + evpn ethernet-segment 1 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet1/0/1 + no switchport + ip address 172.16.14.4 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/2 + no switchport + ip address 172.16.24.4 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/3 +! +interface GigabitEthernet1/0/4 +! +interface GigabitEthernet1/0/5 +! +interface GigabitEthernet1/0/6 +! +interface GigabitEthernet1/0/7 +! +interface GigabitEthernet1/0/8 +! +interface GigabitEthernet1/0/9 +! +interface GigabitEthernet1/0/10 + switchport mode trunk +! +interface GigabitEthernet1/0/11 +! +interface GigabitEthernet1/0/12 +! +interface GigabitEthernet1/0/13 +! +interface GigabitEthernet1/0/14 +! +interface GigabitEthernet1/0/15 +! +interface GigabitEthernet1/0/16 +! +interface GigabitEthernet1/0/17 +! +interface GigabitEthernet1/0/18 +! +interface GigabitEthernet1/0/19 +! +interface GigabitEthernet1/0/20 +! +interface GigabitEthernet1/0/21 +! +interface GigabitEthernet1/0/22 +! +interface GigabitEthernet1/0/23 +! +interface GigabitEthernet1/0/24 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/1/1 +! +interface GigabitEthernet1/1/2 +! +interface GigabitEthernet1/1/3 +! +interface GigabitEthernet1/1/4 +! +interface AppGigabitEthernet1/0/1 +! +interface Vlan1 + no ip address +! +interface Vlan101 + vrf forwarding green + ip address 10.1.101.1 255.255.255.0 +! +interface Vlan102 + vrf forwarding green + ip address 10.1.102.1 255.255.255.0 +! +interface Vlan901 + vrf forwarding green + ip unnumbered Loopback1 + ipv6 enable + no autostate +! +interface nve1 + no ip address + source-interface Loopback1 + host-reachability protocol bgp + member vni 10101 mcast-group 225.0.0.101 + member vni 50901 vrf green + member vni 10102 ingress-replication +! +router ospf 1 + router-id 172.16.255.4 +! +router bgp 65001 + bgp log-neighbor-changes + no bgp default ipv4-unicast + neighbor 172.16.255.1 remote-as 65001 + neighbor 172.16.255.1 update-source Loopback0 + neighbor 172.16.255.2 remote-as 65001 + neighbor 172.16.255.2 update-source Loopback0 + ! + address-family ipv4 + exit-address-family + ! + address-family l2vpn evpn + neighbor 172.16.255.1 activate + neighbor 172.16.255.1 send-community both + neighbor 172.16.255.2 activate + neighbor 172.16.255.2 send-community both + exit-address-family + ! + address-family ipv4 vrf green + advertise l2vpn evpn + redistribute static + redistribute connected + exit-address-family +! +ip forward-protocol nd +ip http server +ip http authentication local +ip http secure-server +ip pim rp-address 172.16.255.255 +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end diff --git a/vxlan-lab2/spine01.txt b/vxlan-lab2/spine01.txt new file mode 100644 index 0000000..bef9654 --- /dev/null +++ b/vxlan-lab2/spine01.txt @@ -0,0 +1,351 @@ +hostname Spine-01 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +no aaa new-model +switch 2 provision c9300l-24p-4g +! +! +! +! +ip routing +! +! +! +! +! +ip multicast-routing +! +ip dhcp pool webuidhcp +! +! +! +login on-success log +ipv6 nd cache expire refresh +ipv6 unicast-routing +! +! +! +! +! +! +! +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +crypto pki trustpoint TP-self-signed-251052295 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-251052295 + revocation-check none + rsakeypair TP-self-signed-251052295 + hash sha512 +! +! +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +crypto pki certificate chain TP-self-signed-251052295 + certificate self-signed 01 + 3082032E 30820216 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 30312E30 2C060355 04030C25 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 32353130 35323239 35301E17 0D323630 36313030 37353733 + 315A170D 33363036 30393037 35373331 5A303031 2E302C06 03550403 0C25494F + 532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3235 31303532 + 32393530 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 82010A02 + 82010100 D89BCFBD 5397ED82 DFCE3396 1664243E F8B16D1A EF4EA9FC 89661810 + B86A1333 F49417A6 D2321D74 E43423FC 99CB1A86 704E5FC1 1F26C7E7 DCDBD99F + D85630C3 59237E9C 9A988DE5 15500356 0FB10E0F 3E8B1401 7C8E06A8 E3493E22 + 93AC7E5D 52433498 490F20EE C966121A 0FFDC547 E9C664D1 766EDF3D 13081CEC + AB2B202C 5FF1BB61 B98593BE 3700930E AF220152 F6BF1D1A 38B9CDC0 CB31C119 + 2E09E5F3 4CA6F02A 1FF916FC 4627CCB9 C32D8573 B69AF79B 699E91F3 0C79FECA + 0DF90FF0 F8B005FA 63DF5302 64C3A1AE 6FD8C78E FE976E0C D03E9139 6B933048 + 13049514 105B1995 1267D0DC 3DA4CCBD 31703F2F 6914C8F3 7B1DB726 A2B07631 + 2180D6F7 02030100 01A35330 51301D06 03551D0E 04160414 147899D8 5CAC32ED + 34315AED 87E8EFCA 2FEC840F 301F0603 551D2304 18301680 14147899 D85CAC32 + ED34315A ED87E8EF CA2FEC84 0F300F06 03551D13 0101FF04 05300301 01FF300D + 06092A86 4886F70D 01010D05 00038201 0100AAA6 FE2EC09B F9769A5C C0DAAE85 + 8D02A258 AB7E4510 807F9FEF 10FE774B 7B0F3EFE 117F850F 833B49B6 C20781B0 + D89F5F9E FDEB06B1 74889F5E 5D2E9EEB 2ECDE82E 58EDA905 AD6D7313 66519DC7 + 6702F569 DDEAE0E6 24C302AF F784DFA3 F3FA0512 DD416C13 8AFC7D09 6EAE05E3 + 5E067BD9 3CC56564 3B92D3C1 1E4BC00C FD3C03A1 0E37A034 1C378323 4080AE0D + AAEB2A55 632CF3C0 35ACBDB4 F118B9FE 53C9D86A 2713FD54 C1ADA68B 043EC657 + 3CE61F31 61FEC1B9 75DCD39B 75E97238 A1CF89E0 47B037C1 8A886AD3 0F3D35DF + 1822F3A2 1AD01417 77D4D683 274034B9 9721C84B A9203A29 06F916BF BEBEB112 + F43BAFEB EC57AECF 57C0AED5 88A8DE69 F5A4 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + ip address 172.16.255.1 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback1 + ip address 172.16.254.1 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback2 + ip address 172.16.255.255 255.255.255.255 + ip pim sparse-mode + ip ospf 1 area 0 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet2/0/1 + no switchport + ip address 172.16.13.1 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet2/0/2 + no switchport + ip address 172.16.14.1 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet2/0/3 +! +interface GigabitEthernet2/0/4 +! +interface GigabitEthernet2/0/5 +! +interface GigabitEthernet2/0/6 +! +interface GigabitEthernet2/0/7 +! +interface GigabitEthernet2/0/8 +! +interface GigabitEthernet2/0/9 +! +interface GigabitEthernet2/0/10 +! +interface GigabitEthernet2/0/11 +! +interface GigabitEthernet2/0/12 +! +interface GigabitEthernet2/0/13 +! +interface GigabitEthernet2/0/14 +! +interface GigabitEthernet2/0/15 +! +interface GigabitEthernet2/0/16 +! +interface GigabitEthernet2/0/17 +! +interface GigabitEthernet2/0/18 +! +interface GigabitEthernet2/0/19 +! +interface GigabitEthernet2/0/20 +! +interface GigabitEthernet2/0/21 +! +interface GigabitEthernet2/0/22 +! +interface GigabitEthernet2/0/23 +! +interface GigabitEthernet2/0/24 +! +interface GigabitEthernet2/1/1 +! +interface GigabitEthernet2/1/2 +! +interface GigabitEthernet2/1/3 +! +interface GigabitEthernet2/1/4 +! +interface AppGigabitEthernet2/0/1 +! +interface Vlan1 + no ip address + shutdown +! +router ospf 1 + router-id 172.16.255.1 +! +router bgp 65001 + template peer-policy RR-PP + route-reflector-client + send-community both + exit-peer-policy + ! + template peer-session RR-PS + remote-as 65001 + update-source Loopback0 + exit-peer-session + ! + bgp router-id 172.16.255.1 + bgp log-neighbor-changes + no bgp default ipv4-unicast + neighbor 172.16.255.3 inherit peer-session RR-PS + neighbor 172.16.255.4 inherit peer-session RR-PS + ! + address-family ipv4 + exit-address-family + ! + address-family l2vpn evpn + neighbor 172.16.255.3 activate + neighbor 172.16.255.3 send-community both + neighbor 172.16.255.3 inherit peer-policy RR-PP + neighbor 172.16.255.4 activate + neighbor 172.16.255.4 send-community both + neighbor 172.16.255.4 inherit peer-policy RR-PP + exit-address-family +! +ip forward-protocol nd +ip http server +ip http secure-server +ip pim rp-address 172.16.255.255 +ip msdp peer 172.16.254.2 connect-source Loopback1 remote-as 65001 +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end diff --git a/vxlan-lab2/spine02.txt b/vxlan-lab2/spine02.txt new file mode 100644 index 0000000..20851e0 --- /dev/null +++ b/vxlan-lab2/spine02.txt @@ -0,0 +1,347 @@ +hostname Spine-02 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +no aaa new-model +switch 1 provision c9300l-24p-4g +! +! +! +! +ip routing +! +! +! +! +! +ip multicast-routing +! +! +! +login on-success log +! +! +! +! +! +! +! +! +crypto pki trustpoint TP-self-signed-430895953 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-430895953 + revocation-check none + rsakeypair TP-self-signed-430895953 + hash sha512 +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +! +crypto pki certificate chain TP-self-signed-430895953 + certificate self-signed 01 + 3082032E 30820216 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 30312E30 2C060355 04030C25 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 34333038 39353935 33301E17 0D323630 36313030 37353931 + 315A170D 33363036 30393037 35393131 5A303031 2E302C06 03550403 0C25494F + 532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3433 30383935 + 39353330 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 82010A02 + 82010100 A71865B6 6C5F0B06 665FCD05 19C66FF3 4D4B9157 EF422949 A4ACD2F2 + ACF5AA84 6B593191 FF34BB5C 2A1F3064 DCF41C32 A8EA567D C7B1400B A9CD2CC6 + 55F61D16 792E6552 31D4B438 137EC154 47503D71 FDB8A4A7 71B3FE2A B36FF58C + F5356063 942A2DBC 99F20FC0 ABE7C186 940AF2A2 E94A30CF 7D6AA5D7 4A9C93BB + 99A5779B A179C130 8839473E 04679619 897E139A 3B883DF0 484060CD 703D25A2 + 01153890 F65AE584 6C403826 7DDD0C8C B76D6690 D7FACB49 89B2CB22 619B1F18 + 3C090DAF 47443412 63FC7B3B DEDED46B 4B19BB16 6C2EA229 1946B513 813645F8 + D029F8B4 878F3581 30A3D42A 37BE3C82 835EDC01 A4D028BC 76F777EC CE9440F2 + 26037F3F 02030100 01A35330 51301D06 03551D0E 04160414 77E8D640 80AF8B64 + B2AFF1D6 AED32E71 F70417EA 301F0603 551D2304 18301680 1477E8D6 4080AF8B + 64B2AFF1 D6AED32E 71F70417 EA300F06 03551D13 0101FF04 05300301 01FF300D + 06092A86 4886F70D 01010D05 00038201 0100177A 72BD66A9 0BFFDBC2 B79A5E60 + 0D47EBD5 A52A2A4F 6CB07B34 55D37A8F 9DE892FB 8AEAD5BF 5D0766DD BC51BD4A + 5D64DCDA 493D2D2E BB01BAC4 6D4AE47E FE0F0DDD 0628328B 9FAB4001 721E4F9A + CF4396D2 AA70CBCA E071F9AF C8248307 D75DABFA A9302E78 7D2AC3FF 2A62FAA7 + E7AE7A15 EAFE2A27 36BE73BF C9B25B68 FE9A3837 715BD0F2 55B3FEBF 02EEAECC + 469280FE B46A8105 C3D36F72 E18F6AC2 B3A62DA1 DE7A80B9 0E382EE0 6DD0315D + 1E4D6120 386CB1E9 48301645 7A8F14F9 3CA2B26F 98C9E634 AB9E0E8A 863B8D1E + B64A5817 C92BEEDA 4086C3F7 81EA3F30 DA66BADA 8A16810F EAC7B4C4 6DF5420A + 4733CCA2 A71746B9 E7762CF6 51C90F36 3E58 + quit +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + ip address 172.16.255.2 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback1 + ip address 172.16.254.2 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback2 + ip address 172.16.255.255 255.255.255.255 + ip pim sparse-mode + ip ospf 1 area 0 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet1/0/1 + no switchport + ip address 172.16.23.2 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/2 + no switchport + ip address 172.16.24.2 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/3 +! +interface GigabitEthernet1/0/4 +! +interface GigabitEthernet1/0/5 +! +interface GigabitEthernet1/0/6 +! +interface GigabitEthernet1/0/7 +! +interface GigabitEthernet1/0/8 +! +interface GigabitEthernet1/0/9 +! +interface GigabitEthernet1/0/10 +! +interface GigabitEthernet1/0/11 +! +interface GigabitEthernet1/0/12 +! +interface GigabitEthernet1/0/13 +! +interface GigabitEthernet1/0/14 +! +interface GigabitEthernet1/0/15 +! +interface GigabitEthernet1/0/16 +! +interface GigabitEthernet1/0/17 +! +interface GigabitEthernet1/0/18 +! +interface GigabitEthernet1/0/19 +! +interface GigabitEthernet1/0/20 +! +interface GigabitEthernet1/0/21 +! +interface GigabitEthernet1/0/22 +! +interface GigabitEthernet1/0/23 +! +interface GigabitEthernet1/0/24 +! +interface GigabitEthernet1/1/1 +! +interface GigabitEthernet1/1/2 +! +interface GigabitEthernet1/1/3 +! +interface GigabitEthernet1/1/4 +! +interface AppGigabitEthernet1/0/1 +! +interface Vlan1 + no ip address +! +router ospf 1 + router-id 172.16.255.2 +! +router bgp 65001 + template peer-policy RR-PP + route-reflector-client + send-community both + exit-peer-policy + ! + template peer-session RR-PS + remote-as 65001 + update-source Loopback0 + exit-peer-session + ! + bgp router-id 172.16.255.2 + bgp log-neighbor-changes + no bgp default ipv4-unicast + neighbor 172.16.255.3 inherit peer-session RR-PS + neighbor 172.16.255.4 inherit peer-session RR-PS + ! + address-family ipv4 + exit-address-family + ! + address-family l2vpn evpn + neighbor 172.16.255.3 activate + neighbor 172.16.255.3 send-community both + neighbor 172.16.255.3 inherit peer-policy RR-PP + neighbor 172.16.255.4 activate + neighbor 172.16.255.4 send-community both + neighbor 172.16.255.4 inherit peer-policy RR-PP + exit-address-family +! +ip forward-protocol nd +ip http server +ip http authentication local +ip http secure-server +ip pim rp-address 172.16.255.255 +ip msdp peer 172.16.254.1 connect-source Loopback1 remote-as 65001 +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end diff --git a/vxlan-lab3/leaf01.txt b/vxlan-lab3/leaf01.txt new file mode 100644 index 0000000..dc8489f --- /dev/null +++ b/vxlan-lab3/leaf01.txt @@ -0,0 +1,414 @@ +hostname Leaf-01 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +vrf definition green + rd 1:1 + ! + address-family ipv4 + route-target export 1:1 + route-target import 1:1 + route-target export 1:1 stitching + route-target import 1:1 stitching + exit-address-family + ! + address-family ipv6 + route-target export 1:1 + route-target import 1:1 + route-target export 1:1 stitching + route-target import 1:1 stitching + exit-address-family +! +no aaa new-model +switch 1 provision c9300l-24p-4g +! +! +! +! +ip routing +! +! +! +! +! +ip multicast-routing +! +! +! +login on-success log +! +! +! +! +! +! +! +l2vpn evpn + replication-type static + router-id Loopback1 + default-gateway advertise +! +l2vpn evpn ethernet-segment 1 + identifier type 0 00.00.00.00.00.00.00.00.01 + redundancy all-active + df-election wait-time 1 +! +l2vpn evpn instance 101 vlan-based + encapsulation vxlan + replication-type static +! +l2vpn evpn instance 102 vlan-based + encapsulation vxlan + replication-type ingress +! +! +crypto pki trustpoint TP-self-signed-2748515057 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-2748515057 + revocation-check none + rsakeypair TP-self-signed-2748515057 + hash sha512 +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +! +crypto pki certificate chain TP-self-signed-2748515057 + certificate self-signed 01 + 30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 31312F30 2D060355 04030C26 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 32373438 35313530 3537301E 170D3236 30363130 30393433 + 30385A17 0D333630 36303930 39343330 385A3031 312F302D 06035504 030C2649 + 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 37343835 + 31353035 37308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201 + 0A028201 0100A4CA 45163B01 9C334AAA 046F7B18 E9F8D151 8996B5B5 CA96FC78 + 870C057E 929F7011 CAE9A00E E5DDD799 2C2581D3 413DFC7C 49B38DF0 48A0216E + 4EF4C65C F1D1F4EF 545370F3 3FA69C4B 22948881 F7B28644 2A4F2865 026EF500 + F57BBC11 4C13CEC6 841421DB 34EDCB47 510668FF 5FBF525E CF9020ED 51414B3D + 07601E2A 4A30A706 2DDD6EEE B7B2AE7A C37820D3 C08BAA78 C1D030E7 B3F1C8EA + FECCFF10 363296DB 9E0C3A97 C1E7C416 75425A88 AEBB0AA0 6D0BC326 9043BC8C + CB75A544 AA9FFDB0 67E22FD9 5CE66812 B58FADDA 5B7993CA 4F7D7F37 B179642C + 873C129B 2DAC8D5E 4BF6CF5D 03D41302 EA4A481E 53DF7648 00D7668A E6B1672F + 1397D45A 21350203 010001A3 53305130 1D060355 1D0E0416 041447B1 391FE1B2 + 9088CF66 FCA5F571 4DDE8252 2C85301F 0603551D 23041830 16801447 B1391FE1 + B29088CF 66FCA5F5 714DDE82 522C8530 0F060355 1D130101 FF040530 030101FF + 300D0609 2A864886 F70D0101 0D050003 82010100 74081052 95A744B6 9812BACC + 0743C4D2 0957BE9A D49CCB1B 36F41237 0F9C8512 F82BD6CF 7BC20495 C544C441 + B37CC3B6 D3F2A35B 8B47EF95 E6545B01 763887D5 97D4A247 019D3387 D29DC699 + 25C45B3F 674662BB DFF0B1CC 6E50C91B 3C843D3E AEEC6BE1 6577D36F E99946F3 + 52E02B0E 162902B9 F6477EF8 C59D0955 D7351E18 671F96B8 B8569431 4A90FD04 + C543996B 633FB9CB 48BA7FB6 EC39E137 11FA78DE 6E4FD609 FACC9D0C D1ED2A2C + 3B7A7B1C 29D4F096 1CB08698 9E83B983 B4B7045C 7166B0A4 1C3E8E20 75F9FC2D + 202298E3 F6328325 8790A997 C757940F 2B0543EC 3D01B7BC F48D979D 392C21D8 + 3017E967 7743A155 D97B6463 28E467DD 3E8D9D3F + quit +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +vlan configuration 101 + member evpn-instance 101 vni 10101 +vlan configuration 102 + member evpn-instance 102 vni 10102 +vlan configuration 901 + member vni 50901 +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + ip address 172.16.255.3 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback1 + ip address 172.16.254.3 255.255.255.255 + ip pim sparse-mode + ip ospf 1 area 0 +! +interface Port-channel12 + switchport access vlan 101 + switchport mode access + evpn ethernet-segment 1 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet1/0/1 + no switchport + ip address 172.16.13.3 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/2 + no switchport + ip address 172.16.23.3 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/3 +! +interface GigabitEthernet1/0/4 +! +interface GigabitEthernet1/0/5 +! +interface GigabitEthernet1/0/6 +! +interface GigabitEthernet1/0/7 +! +interface GigabitEthernet1/0/8 +! +interface GigabitEthernet1/0/9 +! +interface GigabitEthernet1/0/10 + switchport mode trunk +! +interface GigabitEthernet1/0/11 +! +interface GigabitEthernet1/0/12 + switchport access vlan 101 + switchport mode access + channel-group 12 mode active +! +interface GigabitEthernet1/0/13 +! +interface GigabitEthernet1/0/14 +! +interface GigabitEthernet1/0/15 +! +interface GigabitEthernet1/0/16 +! +interface GigabitEthernet1/0/17 +! +interface GigabitEthernet1/0/18 +! +interface GigabitEthernet1/0/19 +! +interface GigabitEthernet1/0/20 +! +interface GigabitEthernet1/0/21 +! +interface GigabitEthernet1/0/22 +! +interface GigabitEthernet1/0/23 +! +interface GigabitEthernet1/0/24 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/1/1 +! +interface GigabitEthernet1/1/2 +! +interface GigabitEthernet1/1/3 +! +interface GigabitEthernet1/1/4 +! +interface AppGigabitEthernet1/0/1 +! +interface Vlan1 + no ip address +! +interface Vlan101 + vrf forwarding green + ip address 10.1.101.1 255.255.255.0 +! +interface Vlan102 + vrf forwarding green + ip address 10.1.102.1 255.255.255.0 +! +interface Vlan901 + vrf forwarding green + ip unnumbered Loopback1 + ipv6 enable + no autostate +! +interface nve1 + no ip address + source-interface Loopback1 + host-reachability protocol bgp + member vni 10101 mcast-group 225.0.0.101 + member vni 10102 ingress-replication + member vni 50901 vrf green +! +router ospf 1 + router-id 172.16.255.3 +! +router bgp 65001 + bgp log-neighbor-changes + no bgp default ipv4-unicast + neighbor 172.16.255.1 remote-as 65001 + neighbor 172.16.255.1 update-source Loopback0 + neighbor 172.16.255.2 remote-as 65001 + neighbor 172.16.255.2 update-source Loopback0 + ! + address-family ipv4 + redistribute static + redistribute connected + exit-address-family + ! + address-family l2vpn evpn + neighbor 172.16.255.1 activate + neighbor 172.16.255.1 send-community both + neighbor 172.16.255.2 activate + neighbor 172.16.255.2 send-community both + exit-address-family + ! + address-family ipv4 vrf green + advertise l2vpn evpn + redistribute static + redistribute connected + exit-address-family +! +ip forward-protocol nd +ip http server +ip http authentication local +ip http secure-server +ip pim rp-address 172.16.255.255 +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end diff --git a/vxlan-lab3/leaf02.txt b/vxlan-lab3/leaf02.txt new file mode 100644 index 0000000..2c5f91d --- /dev/null +++ b/vxlan-lab3/leaf02.txt @@ -0,0 +1,411 @@ +hostname Leaf-02 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +vrf definition green + rd 1:1 + ! + address-family ipv4 + route-target export 1:1 + route-target import 1:1 + route-target export 1:1 stitching + route-target import 1:1 stitching + exit-address-family + ! + address-family ipv6 + route-target export 1:1 + route-target import 1:1 + route-target export 1:1 stitching + route-target import 1:1 stitching + exit-address-family +! +no aaa new-model +switch 1 provision c9300l-24p-4g +! +! +! +! +ip routing +! +! +! +! +! +ip multicast-routing +! +! +! +login on-success log +! +! +! +! +! +! +! +l2vpn evpn + replication-type static + router-id Loopback1 + default-gateway advertise +! +l2vpn evpn ethernet-segment 1 + identifier type 0 00.00.00.00.00.00.00.00.01 + redundancy all-active + df-election wait-time 1 +! +l2vpn evpn instance 101 vlan-based + encapsulation vxlan +! +l2vpn evpn instance 102 vlan-based + encapsulation vxlan + replication-type ingress +! +! +crypto pki trustpoint TP-self-signed-4106980722 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-4106980722 + revocation-check none + rsakeypair TP-self-signed-4106980722 + hash sha512 +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +! +crypto pki certificate chain TP-self-signed-4106980722 + certificate self-signed 01 + 30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 31312F30 2D060355 04030C26 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 34313036 39383037 3232301E 170D3236 30363130 30393433 + 32345A17 0D333630 36303930 39343332 345A3031 312F302D 06035504 030C2649 + 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 31303639 + 38303732 32308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201 + 0A028201 01009849 F78BD093 74C4F07A A3855635 0B226D1D DB524A61 14AB07A6 + 6CC41BC9 29B861FA 10F734FE A0115CFF 44B53345 C2C5CCDB E6508E36 734F83D1 + 2586BBFA 55FBCA7D 731EEA2D 7F9C13F9 B6D04514 DE51D43E DD9BE04C 9841316B + 9CD765D7 2A999541 D078E1F7 4BD9597A 5BA09FBA CBFD2EF7 92BBAD66 C4FA8535 + 2057BC14 1E11B218 7A021057 C7EBCDC9 FCED0B91 FD84E5A2 CAD4F661 FE66AA2B + ABF56705 125F5B97 521EE401 AF66FBAD 42ACAF73 4B7F3A2F 3FA2AE03 69DC2A88 + F7616397 B13E3B37 A762AFA4 D51576B7 3F0A039B 40C64DDB 39F2F686 2EF72BED + 2729B749 FBE8DF8D 8A6FFB1B 569E2220 C1A81171 5481BB56 E470941D 3311E8BD + C9C59E75 06FF0203 010001A3 53305130 1D060355 1D0E0416 04141AB2 BB3AB3AE + 642F201E BA75F878 589FFAEA D5D0301F 0603551D 23041830 1680141A B2BB3AB3 + AE642F20 1EBA75F8 78589FFA EAD5D030 0F060355 1D130101 FF040530 030101FF + 300D0609 2A864886 F70D0101 0D050003 82010100 81BBF69B F9F2A5B6 7F3CF96D + 506E8D43 964DAF2A D9221CF1 D84E4841 CE94D992 2F383B63 A782E3AE 730C0D05 + 9D60B3ED 9A899D23 F4F741F5 B3CCAD4B CBABEDE8 F9151F0A 3917E943 DF117766 + 3EF0FB53 0D5402EC ED33225C C267C600 5E22DD5A 4D62D87B 84D58914 37FA19E6 + F25C4B0E E6A9A72D D82F58C3 3D9BA708 96F92047 443276F4 848F07CB 0275B5D7 + A3A9EA89 76E1C857 9C5C1FD6 C8AD6829 63A45513 4122EE6B 2DC85CDF 6DC4D8F4 + 9A649698 6E60811F 9935D7BD BFC23EAB 6B669C74 FE480A50 DEC87777 6EDF0E59 + D198B7DC 29ADEE47 F562740E 870D9503 36816813 48CACEA0 AB336A54 A25BA97F + A4631BDF 907B0213 DA1B804E 72F4FA8B AFA4F633 + quit +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +vlan configuration 101 + member evpn-instance 101 vni 10101 +vlan configuration 102 + member evpn-instance 102 vni 10102 +vlan configuration 901 + member vni 50901 +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + ip address 172.16.255.4 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback1 + ip address 172.16.254.4 255.255.255.255 + ip pim sparse-mode + ip ospf 1 area 0 +! +interface Port-channel12 + switchport access vlan 101 + switchport mode access + evpn ethernet-segment 1 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet1/0/1 + no switchport + ip address 172.16.14.4 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/2 + no switchport + ip address 172.16.24.4 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/3 +! +interface GigabitEthernet1/0/4 +! +interface GigabitEthernet1/0/5 +! +interface GigabitEthernet1/0/6 +! +interface GigabitEthernet1/0/7 +! +interface GigabitEthernet1/0/8 +! +interface GigabitEthernet1/0/9 +! +interface GigabitEthernet1/0/10 + switchport mode trunk +! +interface GigabitEthernet1/0/11 +! +interface GigabitEthernet1/0/12 + switchport access vlan 101 + switchport mode access + channel-group 12 mode active +! +interface GigabitEthernet1/0/13 +! +interface GigabitEthernet1/0/14 +! +interface GigabitEthernet1/0/15 +! +interface GigabitEthernet1/0/16 +! +interface GigabitEthernet1/0/17 +! +interface GigabitEthernet1/0/18 +! +interface GigabitEthernet1/0/19 +! +interface GigabitEthernet1/0/20 +! +interface GigabitEthernet1/0/21 +! +interface GigabitEthernet1/0/22 +! +interface GigabitEthernet1/0/23 +! +interface GigabitEthernet1/0/24 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/1/1 +! +interface GigabitEthernet1/1/2 +! +interface GigabitEthernet1/1/3 +! +interface GigabitEthernet1/1/4 +! +interface AppGigabitEthernet1/0/1 +! +interface Vlan1 + no ip address +! +interface Vlan101 + vrf forwarding green + ip address 10.1.101.1 255.255.255.0 +! +interface Vlan102 + vrf forwarding green + ip address 10.1.102.1 255.255.255.0 +! +interface Vlan901 + vrf forwarding green + ip unnumbered Loopback1 + ipv6 enable + no autostate +! +interface nve1 + no ip address + source-interface Loopback1 + host-reachability protocol bgp + member vni 10101 mcast-group 225.0.0.101 + member vni 50901 vrf green + member vni 10102 ingress-replication +! +router ospf 1 + router-id 172.16.255.4 +! +router bgp 65001 + bgp log-neighbor-changes + no bgp default ipv4-unicast + neighbor 172.16.255.1 remote-as 65001 + neighbor 172.16.255.1 update-source Loopback0 + neighbor 172.16.255.2 remote-as 65001 + neighbor 172.16.255.2 update-source Loopback0 + ! + address-family ipv4 + exit-address-family + ! + address-family l2vpn evpn + neighbor 172.16.255.1 activate + neighbor 172.16.255.1 send-community both + neighbor 172.16.255.2 activate + neighbor 172.16.255.2 send-community both + exit-address-family + ! + address-family ipv4 vrf green + advertise l2vpn evpn + redistribute static + redistribute connected + exit-address-family +! +ip forward-protocol nd +ip http server +ip http authentication local +ip http secure-server +ip pim rp-address 172.16.255.255 +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end \ No newline at end of file diff --git a/vxlan-lab3/server01.txt b/vxlan-lab3/server01.txt new file mode 100644 index 0000000..d87e402 --- /dev/null +++ b/vxlan-lab3/server01.txt @@ -0,0 +1,300 @@ +hostname Server-01 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +no aaa new-model +switch 1 provision c9300l-24p-4g +! +! +! +! +! +! +! +! +! +! +! +! +login on-success log +! +! +! +! +! +! +! +! +crypto pki trustpoint TP-self-signed-2947407253 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-2947407253 + revocation-check none + rsakeypair TP-self-signed-2947407253 + hash sha512 +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +! +crypto pki certificate chain TP-self-signed-2947407253 + certificate self-signed 01 + 30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 31312F30 2D060355 04030C26 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 32393437 34303732 3533301E 170D3236 30363130 30373537 + 34305A17 0D333630 36303930 37353734 305A3031 312F302D 06035504 030C2649 + 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 39343734 + 30373235 33308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201 + 0A028201 0100D73C 961D9195 D3943475 3D1021D5 5256D366 283AF7EA 7E29EDF7 + D436F20C 2540FD80 151BC2FF D73151B0 5BFEB37A 1BE4D77B 064DEE09 5755F88F + CEECF4B4 650429B9 584658ED 94B60905 3F149C23 BEF50154 40285A5C D299E976 + 260FDCC8 23A6E59F 15663A5A 5CFB84E2 9314243E 339BCF63 3D33F429 4F104A71 + DA40BFDD 5FDA6AFE 4A6795F5 C1044EBA 4A103859 619C5B42 8259B4C2 E14AD3DA + 11DD2F8B CC9FAF07 B034AC36 7B54FD31 098FB3B7 1EBFB9C1 D3F3A97D 3C2B9661 + 3E6D7523 0C0903D4 2D66ACD7 C1E59304 36E45B5D 0D4D1DD3 FA0A8FC5 9AE00618 + 6523D157 CD262001 0D180482 E4125F40 58741CDA 0C0BD373 4735365E 4E859EC2 + 18841214 7C7D0203 010001A3 53305130 1D060355 1D0E0416 041426FB E5DBB36E + EB590719 E507692E B3563C0F 0C60301F 0603551D 23041830 16801426 FBE5DBB3 + 6EEB5907 19E50769 2EB3563C 0F0C6030 0F060355 1D130101 FF040530 030101FF + 300D0609 2A864886 F70D0101 0D050003 82010100 34AF340D 9C10640F F7CD722C + 4F149DFF 30C38F3B B30ADF41 70248500 6E8024C0 0A9D1ACA B5F3CCE6 EA3C982D + DE4F1BEC 8E933EFA B15143B9 1E5502BE BE7B10B5 BDB57038 4AB184DD 0A55BA43 + 37FBB9C4 E1BFE983 960383BB 40F3906D 5C47E3EF BF9BDE3A 6B33C42B F290CF49 + 8E96CC07 A4AA1BD5 1EFD2579 3A195166 287E14B8 4979A3AF DC1718E6 1A820E75 + 1D1ECCC6 B53FBF9C E6589902 BB9021BD 2B387816 28202A9E F7784F8E 7E8E92BA + C0A9AB2C AAA8668C C6AEF3B8 41CBB3C0 A4165D11 B5C1A846 2EA25215 85306E99 + BAAC1EF5 54517D54 BB9EF942 9226C5CE 816801FD E5FCE9DE 5A4B795D 107E6521 + D87398DE EDCDDBD2 045AB631 3D37C325 0149EA49 + quit +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Port-channel10 + no switchport + ip address 10.1.101.100 255.255.255.0 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet1/0/1 + description vers Leaf-01 + no switchport + no ip address + channel-group 10 mode active +! +interface GigabitEthernet1/0/2 + description vers Leaf-02 + no switchport + no ip address + channel-group 10 mode active +! +interface GigabitEthernet1/0/3 +! +interface GigabitEthernet1/0/4 +! +interface GigabitEthernet1/0/5 +! +interface GigabitEthernet1/0/6 +! +interface GigabitEthernet1/0/7 +! +interface GigabitEthernet1/0/8 +! +interface GigabitEthernet1/0/9 +! +interface GigabitEthernet1/0/10 +! +interface GigabitEthernet1/0/11 +! +interface GigabitEthernet1/0/12 +! +interface GigabitEthernet1/0/13 +! +interface GigabitEthernet1/0/14 +! +interface GigabitEthernet1/0/15 +! +interface GigabitEthernet1/0/16 +! +interface GigabitEthernet1/0/17 +! +interface GigabitEthernet1/0/18 +! +interface GigabitEthernet1/0/19 +! +interface GigabitEthernet1/0/20 +! +interface GigabitEthernet1/0/21 +! +interface GigabitEthernet1/0/22 +! +interface GigabitEthernet1/0/23 +! +interface GigabitEthernet1/0/24 +! +interface GigabitEthernet1/1/1 +! +interface GigabitEthernet1/1/2 +! +interface GigabitEthernet1/1/3 +! +interface GigabitEthernet1/1/4 +! +interface AppGigabitEthernet1/0/1 +! +interface Vlan1 + no ip address +! +ip forward-protocol nd +ip http server +ip http authentication local +ip http secure-server +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end diff --git a/vxlan-lab3/spine01.txt b/vxlan-lab3/spine01.txt new file mode 100644 index 0000000..bef9654 --- /dev/null +++ b/vxlan-lab3/spine01.txt @@ -0,0 +1,351 @@ +hostname Spine-01 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +no aaa new-model +switch 2 provision c9300l-24p-4g +! +! +! +! +ip routing +! +! +! +! +! +ip multicast-routing +! +ip dhcp pool webuidhcp +! +! +! +login on-success log +ipv6 nd cache expire refresh +ipv6 unicast-routing +! +! +! +! +! +! +! +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +crypto pki trustpoint TP-self-signed-251052295 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-251052295 + revocation-check none + rsakeypair TP-self-signed-251052295 + hash sha512 +! +! +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +crypto pki certificate chain TP-self-signed-251052295 + certificate self-signed 01 + 3082032E 30820216 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 30312E30 2C060355 04030C25 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 32353130 35323239 35301E17 0D323630 36313030 37353733 + 315A170D 33363036 30393037 35373331 5A303031 2E302C06 03550403 0C25494F + 532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3235 31303532 + 32393530 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 82010A02 + 82010100 D89BCFBD 5397ED82 DFCE3396 1664243E F8B16D1A EF4EA9FC 89661810 + B86A1333 F49417A6 D2321D74 E43423FC 99CB1A86 704E5FC1 1F26C7E7 DCDBD99F + D85630C3 59237E9C 9A988DE5 15500356 0FB10E0F 3E8B1401 7C8E06A8 E3493E22 + 93AC7E5D 52433498 490F20EE C966121A 0FFDC547 E9C664D1 766EDF3D 13081CEC + AB2B202C 5FF1BB61 B98593BE 3700930E AF220152 F6BF1D1A 38B9CDC0 CB31C119 + 2E09E5F3 4CA6F02A 1FF916FC 4627CCB9 C32D8573 B69AF79B 699E91F3 0C79FECA + 0DF90FF0 F8B005FA 63DF5302 64C3A1AE 6FD8C78E FE976E0C D03E9139 6B933048 + 13049514 105B1995 1267D0DC 3DA4CCBD 31703F2F 6914C8F3 7B1DB726 A2B07631 + 2180D6F7 02030100 01A35330 51301D06 03551D0E 04160414 147899D8 5CAC32ED + 34315AED 87E8EFCA 2FEC840F 301F0603 551D2304 18301680 14147899 D85CAC32 + ED34315A ED87E8EF CA2FEC84 0F300F06 03551D13 0101FF04 05300301 01FF300D + 06092A86 4886F70D 01010D05 00038201 0100AAA6 FE2EC09B F9769A5C C0DAAE85 + 8D02A258 AB7E4510 807F9FEF 10FE774B 7B0F3EFE 117F850F 833B49B6 C20781B0 + D89F5F9E FDEB06B1 74889F5E 5D2E9EEB 2ECDE82E 58EDA905 AD6D7313 66519DC7 + 6702F569 DDEAE0E6 24C302AF F784DFA3 F3FA0512 DD416C13 8AFC7D09 6EAE05E3 + 5E067BD9 3CC56564 3B92D3C1 1E4BC00C FD3C03A1 0E37A034 1C378323 4080AE0D + AAEB2A55 632CF3C0 35ACBDB4 F118B9FE 53C9D86A 2713FD54 C1ADA68B 043EC657 + 3CE61F31 61FEC1B9 75DCD39B 75E97238 A1CF89E0 47B037C1 8A886AD3 0F3D35DF + 1822F3A2 1AD01417 77D4D683 274034B9 9721C84B A9203A29 06F916BF BEBEB112 + F43BAFEB EC57AECF 57C0AED5 88A8DE69 F5A4 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + ip address 172.16.255.1 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback1 + ip address 172.16.254.1 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback2 + ip address 172.16.255.255 255.255.255.255 + ip pim sparse-mode + ip ospf 1 area 0 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet2/0/1 + no switchport + ip address 172.16.13.1 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet2/0/2 + no switchport + ip address 172.16.14.1 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet2/0/3 +! +interface GigabitEthernet2/0/4 +! +interface GigabitEthernet2/0/5 +! +interface GigabitEthernet2/0/6 +! +interface GigabitEthernet2/0/7 +! +interface GigabitEthernet2/0/8 +! +interface GigabitEthernet2/0/9 +! +interface GigabitEthernet2/0/10 +! +interface GigabitEthernet2/0/11 +! +interface GigabitEthernet2/0/12 +! +interface GigabitEthernet2/0/13 +! +interface GigabitEthernet2/0/14 +! +interface GigabitEthernet2/0/15 +! +interface GigabitEthernet2/0/16 +! +interface GigabitEthernet2/0/17 +! +interface GigabitEthernet2/0/18 +! +interface GigabitEthernet2/0/19 +! +interface GigabitEthernet2/0/20 +! +interface GigabitEthernet2/0/21 +! +interface GigabitEthernet2/0/22 +! +interface GigabitEthernet2/0/23 +! +interface GigabitEthernet2/0/24 +! +interface GigabitEthernet2/1/1 +! +interface GigabitEthernet2/1/2 +! +interface GigabitEthernet2/1/3 +! +interface GigabitEthernet2/1/4 +! +interface AppGigabitEthernet2/0/1 +! +interface Vlan1 + no ip address + shutdown +! +router ospf 1 + router-id 172.16.255.1 +! +router bgp 65001 + template peer-policy RR-PP + route-reflector-client + send-community both + exit-peer-policy + ! + template peer-session RR-PS + remote-as 65001 + update-source Loopback0 + exit-peer-session + ! + bgp router-id 172.16.255.1 + bgp log-neighbor-changes + no bgp default ipv4-unicast + neighbor 172.16.255.3 inherit peer-session RR-PS + neighbor 172.16.255.4 inherit peer-session RR-PS + ! + address-family ipv4 + exit-address-family + ! + address-family l2vpn evpn + neighbor 172.16.255.3 activate + neighbor 172.16.255.3 send-community both + neighbor 172.16.255.3 inherit peer-policy RR-PP + neighbor 172.16.255.4 activate + neighbor 172.16.255.4 send-community both + neighbor 172.16.255.4 inherit peer-policy RR-PP + exit-address-family +! +ip forward-protocol nd +ip http server +ip http secure-server +ip pim rp-address 172.16.255.255 +ip msdp peer 172.16.254.2 connect-source Loopback1 remote-as 65001 +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end diff --git a/vxlan-lab3/spine02.txt b/vxlan-lab3/spine02.txt new file mode 100644 index 0000000..20851e0 --- /dev/null +++ b/vxlan-lab3/spine02.txt @@ -0,0 +1,347 @@ +hostname Spine-02 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +no aaa new-model +switch 1 provision c9300l-24p-4g +! +! +! +! +ip routing +! +! +! +! +! +ip multicast-routing +! +! +! +login on-success log +! +! +! +! +! +! +! +! +crypto pki trustpoint TP-self-signed-430895953 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-430895953 + revocation-check none + rsakeypair TP-self-signed-430895953 + hash sha512 +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +! +crypto pki certificate chain TP-self-signed-430895953 + certificate self-signed 01 + 3082032E 30820216 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 30312E30 2C060355 04030C25 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 34333038 39353935 33301E17 0D323630 36313030 37353931 + 315A170D 33363036 30393037 35393131 5A303031 2E302C06 03550403 0C25494F + 532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3433 30383935 + 39353330 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 82010A02 + 82010100 A71865B6 6C5F0B06 665FCD05 19C66FF3 4D4B9157 EF422949 A4ACD2F2 + ACF5AA84 6B593191 FF34BB5C 2A1F3064 DCF41C32 A8EA567D C7B1400B A9CD2CC6 + 55F61D16 792E6552 31D4B438 137EC154 47503D71 FDB8A4A7 71B3FE2A B36FF58C + F5356063 942A2DBC 99F20FC0 ABE7C186 940AF2A2 E94A30CF 7D6AA5D7 4A9C93BB + 99A5779B A179C130 8839473E 04679619 897E139A 3B883DF0 484060CD 703D25A2 + 01153890 F65AE584 6C403826 7DDD0C8C B76D6690 D7FACB49 89B2CB22 619B1F18 + 3C090DAF 47443412 63FC7B3B DEDED46B 4B19BB16 6C2EA229 1946B513 813645F8 + D029F8B4 878F3581 30A3D42A 37BE3C82 835EDC01 A4D028BC 76F777EC CE9440F2 + 26037F3F 02030100 01A35330 51301D06 03551D0E 04160414 77E8D640 80AF8B64 + B2AFF1D6 AED32E71 F70417EA 301F0603 551D2304 18301680 1477E8D6 4080AF8B + 64B2AFF1 D6AED32E 71F70417 EA300F06 03551D13 0101FF04 05300301 01FF300D + 06092A86 4886F70D 01010D05 00038201 0100177A 72BD66A9 0BFFDBC2 B79A5E60 + 0D47EBD5 A52A2A4F 6CB07B34 55D37A8F 9DE892FB 8AEAD5BF 5D0766DD BC51BD4A + 5D64DCDA 493D2D2E BB01BAC4 6D4AE47E FE0F0DDD 0628328B 9FAB4001 721E4F9A + CF4396D2 AA70CBCA E071F9AF C8248307 D75DABFA A9302E78 7D2AC3FF 2A62FAA7 + E7AE7A15 EAFE2A27 36BE73BF C9B25B68 FE9A3837 715BD0F2 55B3FEBF 02EEAECC + 469280FE B46A8105 C3D36F72 E18F6AC2 B3A62DA1 DE7A80B9 0E382EE0 6DD0315D + 1E4D6120 386CB1E9 48301645 7A8F14F9 3CA2B26F 98C9E634 AB9E0E8A 863B8D1E + B64A5817 C92BEEDA 4086C3F7 81EA3F30 DA66BADA 8A16810F EAC7B4C4 6DF5420A + 4733CCA2 A71746B9 E7762CF6 51C90F36 3E58 + quit +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + ip address 172.16.255.2 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback1 + ip address 172.16.254.2 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback2 + ip address 172.16.255.255 255.255.255.255 + ip pim sparse-mode + ip ospf 1 area 0 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet1/0/1 + no switchport + ip address 172.16.23.2 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/2 + no switchport + ip address 172.16.24.2 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/3 +! +interface GigabitEthernet1/0/4 +! +interface GigabitEthernet1/0/5 +! +interface GigabitEthernet1/0/6 +! +interface GigabitEthernet1/0/7 +! +interface GigabitEthernet1/0/8 +! +interface GigabitEthernet1/0/9 +! +interface GigabitEthernet1/0/10 +! +interface GigabitEthernet1/0/11 +! +interface GigabitEthernet1/0/12 +! +interface GigabitEthernet1/0/13 +! +interface GigabitEthernet1/0/14 +! +interface GigabitEthernet1/0/15 +! +interface GigabitEthernet1/0/16 +! +interface GigabitEthernet1/0/17 +! +interface GigabitEthernet1/0/18 +! +interface GigabitEthernet1/0/19 +! +interface GigabitEthernet1/0/20 +! +interface GigabitEthernet1/0/21 +! +interface GigabitEthernet1/0/22 +! +interface GigabitEthernet1/0/23 +! +interface GigabitEthernet1/0/24 +! +interface GigabitEthernet1/1/1 +! +interface GigabitEthernet1/1/2 +! +interface GigabitEthernet1/1/3 +! +interface GigabitEthernet1/1/4 +! +interface AppGigabitEthernet1/0/1 +! +interface Vlan1 + no ip address +! +router ospf 1 + router-id 172.16.255.2 +! +router bgp 65001 + template peer-policy RR-PP + route-reflector-client + send-community both + exit-peer-policy + ! + template peer-session RR-PS + remote-as 65001 + update-source Loopback0 + exit-peer-session + ! + bgp router-id 172.16.255.2 + bgp log-neighbor-changes + no bgp default ipv4-unicast + neighbor 172.16.255.3 inherit peer-session RR-PS + neighbor 172.16.255.4 inherit peer-session RR-PS + ! + address-family ipv4 + exit-address-family + ! + address-family l2vpn evpn + neighbor 172.16.255.3 activate + neighbor 172.16.255.3 send-community both + neighbor 172.16.255.3 inherit peer-policy RR-PP + neighbor 172.16.255.4 activate + neighbor 172.16.255.4 send-community both + neighbor 172.16.255.4 inherit peer-policy RR-PP + exit-address-family +! +ip forward-protocol nd +ip http server +ip http authentication local +ip http secure-server +ip pim rp-address 172.16.255.255 +ip msdp peer 172.16.254.1 connect-source Loopback1 remote-as 65001 +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end diff --git a/vxlan-lab4/access01.txt b/vxlan-lab4/access01.txt new file mode 100644 index 0000000..3d422b3 --- /dev/null +++ b/vxlan-lab4/access01.txt @@ -0,0 +1,363 @@ +hostname Acces-01 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +no aaa new-model +switch 1 provision c9300l-24t-4g +switch 2 provision c9300l-24t-4g +! +! +! +! +! +! +! +! +! +! +! +! +login on-success log +! +! +! +! +! +! +! +! +crypto pki trustpoint TP-self-signed-1855158953 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-1855158953 + revocation-check none + rsakeypair TP-self-signed-1855158953 + hash sha512 +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +! +crypto pki certificate chain TP-self-signed-1855158953 + certificate self-signed 01 + 30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 31312F30 2D060355 04030C26 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 31383535 31353839 3533301E 170D3236 30363130 31323030 + 32385A17 0D333630 36303931 32303032 385A3031 312F302D 06035504 030C2649 + 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 38353531 + 35383935 33308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201 + 0A028201 0100A0FC 28DCFEB1 51334B66 82B2D625 997681D2 239049D2 C3F1DAD3 + 0DFB7A79 48B494AF 4E9A63E4 A62D1AE9 2F3959FB 6153BB07 0C1DDEDC 1D9F4E27 + BD56DF67 562E608D D6B7EE68 E75125A5 EE04B02B A8EE23C4 5E2E80D5 0F75F349 + 4CAB259F 57DE2459 0595C89B 8F972F29 54006AD7 0C67F416 5BDBE29E 6557695D + 0763F793 1D7BBA4C E1445C4D C26B4CFD C58FF8B8 DC91A9A7 D5EC287A F167B3CB + 16DEB643 601C98AD 90D76C1E 0E0DD88E 464F906D F0D5C5C1 AE17A694 90775093 + AE20CAF8 F05C3974 2A2A8668 322DDB03 05621885 E6E7C1B7 AF6384FC F8D1B865 + E1BB5788 704FE5CA 6096BE5A 7CDADEE1 0FFEC364 46470AE7 BBA09990 15DA18FF + E05E7D46 B1770203 010001A3 53305130 1D060355 1D0E0416 0414D225 6A1B1A99 + A5FBF7FB DC557609 45A053B7 9516301F 0603551D 23041830 168014D2 256A1B1A + 99A5FBF7 FBDC5576 0945A053 B7951630 0F060355 1D130101 FF040530 030101FF + 300D0609 2A864886 F70D0101 0D050003 82010100 021970C7 4E6C0C86 56C38FEA + EF075272 9B2FF043 3B7D2C1C D0BB7C83 0F06ECC9 F380AA49 E0A41706 194EF7AC + 1BE8BFA8 9B7C335A A8E66C84 89945443 B9F6FF1F 2BB06B5B 16E29073 07364FE2 + 3705AB86 31B4A086 FB2E9663 FFE621D5 A4B0A061 B6B53967 F791EF19 0207B5E5 + 40D4BD4D F55C43F0 2C8A4C28 FF935D32 BBC00FBD D2E1B111 57EB0539 88864EA7 + 5BF6B49E 29721B90 17395B19 E23B84E9 FE3A4267 01A5AA4F 2F2C87EC ACC1A22C + ABF60ACE 6F0D7B31 D6C8DF51 654309EA 25497513 819269A6 DDC8D7EC 99135A7C + 895B1320 AF02B0E1 6207D49A 8FA483BF F96F04EB 4A9783E1 0F9E3D54 97428020 + 071BCF24 08F5C4E3 5BDB06EF 00A20C74 3AFE60BB + quit +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Port-channel24 + switchport trunk allowed vlan 101,102 + switchport mode trunk +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet1/0/1 +! +interface GigabitEthernet1/0/2 +! +interface GigabitEthernet1/0/3 +! +interface GigabitEthernet1/0/4 +! +interface GigabitEthernet1/0/5 +! +interface GigabitEthernet1/0/6 +! +interface GigabitEthernet1/0/7 +! +interface GigabitEthernet1/0/8 +! +interface GigabitEthernet1/0/9 +! +interface GigabitEthernet1/0/10 +! +interface GigabitEthernet1/0/11 +! +interface GigabitEthernet1/0/12 +! +interface GigabitEthernet1/0/13 +! +interface GigabitEthernet1/0/14 +! +interface GigabitEthernet1/0/15 +! +interface GigabitEthernet1/0/16 +! +interface GigabitEthernet1/0/17 +! +interface GigabitEthernet1/0/18 +! +interface GigabitEthernet1/0/19 +! +interface GigabitEthernet1/0/20 +! +interface GigabitEthernet1/0/21 +! +interface GigabitEthernet1/0/22 +! +interface GigabitEthernet1/0/23 + switchport trunk allowed vlan 101,102 + switchport mode trunk + channel-group 24 mode active +! +interface GigabitEthernet1/0/24 + switchport trunk allowed vlan 101,102 + switchport mode trunk + channel-group 24 mode active +! +interface GigabitEthernet1/1/1 +! +interface GigabitEthernet1/1/2 +! +interface GigabitEthernet1/1/3 +! +interface GigabitEthernet1/1/4 +! +interface AppGigabitEthernet1/0/1 +! +interface GigabitEthernet2/0/1 +! +interface GigabitEthernet2/0/2 +! +interface GigabitEthernet2/0/3 +! +interface GigabitEthernet2/0/4 +! +interface GigabitEthernet2/0/5 +! +interface GigabitEthernet2/0/6 +! +interface GigabitEthernet2/0/7 +! +interface GigabitEthernet2/0/8 +! +interface GigabitEthernet2/0/9 +! +interface GigabitEthernet2/0/10 +! +interface GigabitEthernet2/0/11 +! +interface GigabitEthernet2/0/12 +! +interface GigabitEthernet2/0/13 +! +interface GigabitEthernet2/0/14 +! +interface GigabitEthernet2/0/15 +! +interface GigabitEthernet2/0/16 +! +interface GigabitEthernet2/0/17 +! +interface GigabitEthernet2/0/18 +! +interface GigabitEthernet2/0/19 +! +interface GigabitEthernet2/0/20 +! +interface GigabitEthernet2/0/21 +! +interface GigabitEthernet2/0/22 +! +interface GigabitEthernet2/0/23 + switchport trunk allowed vlan 101,102 + switchport mode trunk + channel-group 24 mode active +! +interface GigabitEthernet2/0/24 + switchport trunk allowed vlan 101,102 + switchport mode trunk + channel-group 24 mode active +! +interface GigabitEthernet2/1/1 +! +interface GigabitEthernet2/1/2 +! +interface GigabitEthernet2/1/3 +! +interface GigabitEthernet2/1/4 +! +interface AppGigabitEthernet2/0/1 +! +interface Vlan1 + no ip address +! +ip forward-protocol nd +ip http server +ip http authentication local +ip http secure-server +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end diff --git a/vxlan-lab4/leaf01.txt b/vxlan-lab4/leaf01.txt new file mode 100644 index 0000000..f9a521e --- /dev/null +++ b/vxlan-lab4/leaf01.txt @@ -0,0 +1,430 @@ +hostname Leaf-01 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +vrf definition green + rd 1:1 + ! + address-family ipv4 + route-target export 1:1 + route-target import 1:1 + route-target export 1:1 stitching + route-target import 1:1 stitching + exit-address-family + ! + address-family ipv6 + route-target export 1:1 + route-target import 1:1 + route-target export 1:1 stitching + route-target import 1:1 stitching + exit-address-family +! +no aaa new-model +switch 1 provision c9300l-24p-4g +! +! +! +! +ip routing +! +! +! +! +! +ip multicast-routing +! +! +! +login on-success log +! +! +! +! +! +! +! +l2vpn evpn + replication-type static + router-id Loopback1 + default-gateway advertise +! +l2vpn evpn ethernet-segment 1 + identifier type 0 00.00.00.00.00.00.00.00.01 + redundancy all-active + df-election wait-time 1 +! +l2vpn evpn ethernet-segment 2 + identifier type 0 00.00.00.00.00.00.00.00.02 + redundancy all-active + df-election wait-time 1 +! +l2vpn evpn instance 101 vlan-based + encapsulation vxlan + replication-type static +! +l2vpn evpn instance 102 vlan-based + encapsulation vxlan + replication-type ingress +! +! +crypto pki trustpoint TP-self-signed-2748515057 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-2748515057 + revocation-check none + rsakeypair TP-self-signed-2748515057 + hash sha512 +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +! +crypto pki certificate chain TP-self-signed-2748515057 + certificate self-signed 01 + 30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 31312F30 2D060355 04030C26 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 32373438 35313530 3537301E 170D3236 30363130 30393433 + 30385A17 0D333630 36303930 39343330 385A3031 312F302D 06035504 030C2649 + 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 37343835 + 31353035 37308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201 + 0A028201 0100A4CA 45163B01 9C334AAA 046F7B18 E9F8D151 8996B5B5 CA96FC78 + 870C057E 929F7011 CAE9A00E E5DDD799 2C2581D3 413DFC7C 49B38DF0 48A0216E + 4EF4C65C F1D1F4EF 545370F3 3FA69C4B 22948881 F7B28644 2A4F2865 026EF500 + F57BBC11 4C13CEC6 841421DB 34EDCB47 510668FF 5FBF525E CF9020ED 51414B3D + 07601E2A 4A30A706 2DDD6EEE B7B2AE7A C37820D3 C08BAA78 C1D030E7 B3F1C8EA + FECCFF10 363296DB 9E0C3A97 C1E7C416 75425A88 AEBB0AA0 6D0BC326 9043BC8C + CB75A544 AA9FFDB0 67E22FD9 5CE66812 B58FADDA 5B7993CA 4F7D7F37 B179642C + 873C129B 2DAC8D5E 4BF6CF5D 03D41302 EA4A481E 53DF7648 00D7668A E6B1672F + 1397D45A 21350203 010001A3 53305130 1D060355 1D0E0416 041447B1 391FE1B2 + 9088CF66 FCA5F571 4DDE8252 2C85301F 0603551D 23041830 16801447 B1391FE1 + B29088CF 66FCA5F5 714DDE82 522C8530 0F060355 1D130101 FF040530 030101FF + 300D0609 2A864886 F70D0101 0D050003 82010100 74081052 95A744B6 9812BACC + 0743C4D2 0957BE9A D49CCB1B 36F41237 0F9C8512 F82BD6CF 7BC20495 C544C441 + B37CC3B6 D3F2A35B 8B47EF95 E6545B01 763887D5 97D4A247 019D3387 D29DC699 + 25C45B3F 674662BB DFF0B1CC 6E50C91B 3C843D3E AEEC6BE1 6577D36F E99946F3 + 52E02B0E 162902B9 F6477EF8 C59D0955 D7351E18 671F96B8 B8569431 4A90FD04 + C543996B 633FB9CB 48BA7FB6 EC39E137 11FA78DE 6E4FD609 FACC9D0C D1ED2A2C + 3B7A7B1C 29D4F096 1CB08698 9E83B983 B4B7045C 7166B0A4 1C3E8E20 75F9FC2D + 202298E3 F6328325 8790A997 C757940F 2B0543EC 3D01B7BC F48D979D 392C21D8 + 3017E967 7743A155 D97B6463 28E467DD 3E8D9D3F + quit +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +vlan configuration 101 + member evpn-instance 101 vni 10101 +vlan configuration 102 + member evpn-instance 102 vni 10102 +vlan configuration 901 + member vni 50901 +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + ip address 172.16.255.3 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback1 + ip address 172.16.254.3 255.255.255.255 + ip pim sparse-mode + ip ospf 1 area 0 +! +interface Port-channel12 + switchport access vlan 101 + switchport mode access + evpn ethernet-segment 1 +! +interface Port-channel14 + switchport trunk allowed vlan 101,102 + switchport mode trunk + evpn ethernet-segment 2 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet1/0/1 + no switchport + ip address 172.16.13.3 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/2 + no switchport + ip address 172.16.23.3 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/3 +! +interface GigabitEthernet1/0/4 +! +interface GigabitEthernet1/0/5 +! +interface GigabitEthernet1/0/6 +! +interface GigabitEthernet1/0/7 +! +interface GigabitEthernet1/0/8 +! +interface GigabitEthernet1/0/9 +! +interface GigabitEthernet1/0/10 + switchport mode trunk +! +interface GigabitEthernet1/0/11 +! +interface GigabitEthernet1/0/12 + switchport access vlan 101 + switchport mode access + channel-group 12 mode active +! +interface GigabitEthernet1/0/13 + switchport trunk allowed vlan 101,102 + switchport mode trunk + channel-group 14 mode active +! +interface GigabitEthernet1/0/14 + switchport trunk allowed vlan 101,102 + switchport mode trunk + channel-group 14 mode active +! +interface GigabitEthernet1/0/15 +! +interface GigabitEthernet1/0/16 +! +interface GigabitEthernet1/0/17 +! +interface GigabitEthernet1/0/18 +! +interface GigabitEthernet1/0/19 +! +interface GigabitEthernet1/0/20 +! +interface GigabitEthernet1/0/21 +! +interface GigabitEthernet1/0/22 +! +interface GigabitEthernet1/0/23 +! +interface GigabitEthernet1/0/24 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/1/1 +! +interface GigabitEthernet1/1/2 +! +interface GigabitEthernet1/1/3 +! +interface GigabitEthernet1/1/4 +! +interface AppGigabitEthernet1/0/1 +! +interface Vlan1 + no ip address +! +interface Vlan101 + vrf forwarding green + ip address 10.1.101.1 255.255.255.0 +! +interface Vlan102 + vrf forwarding green + ip address 10.1.102.1 255.255.255.0 +! +interface Vlan901 + vrf forwarding green + ip unnumbered Loopback1 + ipv6 enable + no autostate +! +interface nve1 + no ip address + source-interface Loopback1 + host-reachability protocol bgp + member vni 10101 mcast-group 225.0.0.101 + member vni 10102 ingress-replication + member vni 50901 vrf green +! +router ospf 1 + router-id 172.16.255.3 +! +router bgp 65001 + bgp log-neighbor-changes + no bgp default ipv4-unicast + neighbor 172.16.255.1 remote-as 65001 + neighbor 172.16.255.1 update-source Loopback0 + neighbor 172.16.255.2 remote-as 65001 + neighbor 172.16.255.2 update-source Loopback0 + ! + address-family ipv4 + redistribute static + redistribute connected + exit-address-family + ! + address-family l2vpn evpn + neighbor 172.16.255.1 activate + neighbor 172.16.255.1 send-community both + neighbor 172.16.255.2 activate + neighbor 172.16.255.2 send-community both + exit-address-family + ! + address-family ipv4 vrf green + advertise l2vpn evpn + redistribute static + redistribute connected + exit-address-family +! +ip forward-protocol nd +ip http server +ip http authentication local +ip http secure-server +ip pim rp-address 172.16.255.255 +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end \ No newline at end of file diff --git a/vxlan-lab4/leaf02.txt b/vxlan-lab4/leaf02.txt new file mode 100644 index 0000000..f8873a5 --- /dev/null +++ b/vxlan-lab4/leaf02.txt @@ -0,0 +1,427 @@ +hostname Leaf-02 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +vrf definition green + rd 1:1 + ! + address-family ipv4 + route-target export 1:1 + route-target import 1:1 + route-target export 1:1 stitching + route-target import 1:1 stitching + exit-address-family + ! + address-family ipv6 + route-target export 1:1 + route-target import 1:1 + route-target export 1:1 stitching + route-target import 1:1 stitching + exit-address-family +! +no aaa new-model +switch 1 provision c9300l-24p-4g +! +! +! +! +ip routing +! +! +! +! +! +ip multicast-routing +! +! +! +login on-success log +! +! +! +! +! +! +! +l2vpn evpn + replication-type static + router-id Loopback1 + default-gateway advertise +! +l2vpn evpn ethernet-segment 1 + identifier type 0 00.00.00.00.00.00.00.00.01 + redundancy all-active + df-election wait-time 1 +! +l2vpn evpn ethernet-segment 2 + identifier type 0 00.00.00.00.00.00.00.00.02 + redundancy all-active + df-election wait-time 1 +! +l2vpn evpn instance 101 vlan-based + encapsulation vxlan +! +l2vpn evpn instance 102 vlan-based + encapsulation vxlan + replication-type ingress +! +! +crypto pki trustpoint TP-self-signed-4106980722 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-4106980722 + revocation-check none + rsakeypair TP-self-signed-4106980722 + hash sha512 +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +! +crypto pki certificate chain TP-self-signed-4106980722 + certificate self-signed 01 + 30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 31312F30 2D060355 04030C26 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 34313036 39383037 3232301E 170D3236 30363130 30393433 + 32345A17 0D333630 36303930 39343332 345A3031 312F302D 06035504 030C2649 + 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 31303639 + 38303732 32308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201 + 0A028201 01009849 F78BD093 74C4F07A A3855635 0B226D1D DB524A61 14AB07A6 + 6CC41BC9 29B861FA 10F734FE A0115CFF 44B53345 C2C5CCDB E6508E36 734F83D1 + 2586BBFA 55FBCA7D 731EEA2D 7F9C13F9 B6D04514 DE51D43E DD9BE04C 9841316B + 9CD765D7 2A999541 D078E1F7 4BD9597A 5BA09FBA CBFD2EF7 92BBAD66 C4FA8535 + 2057BC14 1E11B218 7A021057 C7EBCDC9 FCED0B91 FD84E5A2 CAD4F661 FE66AA2B + ABF56705 125F5B97 521EE401 AF66FBAD 42ACAF73 4B7F3A2F 3FA2AE03 69DC2A88 + F7616397 B13E3B37 A762AFA4 D51576B7 3F0A039B 40C64DDB 39F2F686 2EF72BED + 2729B749 FBE8DF8D 8A6FFB1B 569E2220 C1A81171 5481BB56 E470941D 3311E8BD + C9C59E75 06FF0203 010001A3 53305130 1D060355 1D0E0416 04141AB2 BB3AB3AE + 642F201E BA75F878 589FFAEA D5D0301F 0603551D 23041830 1680141A B2BB3AB3 + AE642F20 1EBA75F8 78589FFA EAD5D030 0F060355 1D130101 FF040530 030101FF + 300D0609 2A864886 F70D0101 0D050003 82010100 81BBF69B F9F2A5B6 7F3CF96D + 506E8D43 964DAF2A D9221CF1 D84E4841 CE94D992 2F383B63 A782E3AE 730C0D05 + 9D60B3ED 9A899D23 F4F741F5 B3CCAD4B CBABEDE8 F9151F0A 3917E943 DF117766 + 3EF0FB53 0D5402EC ED33225C C267C600 5E22DD5A 4D62D87B 84D58914 37FA19E6 + F25C4B0E E6A9A72D D82F58C3 3D9BA708 96F92047 443276F4 848F07CB 0275B5D7 + A3A9EA89 76E1C857 9C5C1FD6 C8AD6829 63A45513 4122EE6B 2DC85CDF 6DC4D8F4 + 9A649698 6E60811F 9935D7BD BFC23EAB 6B669C74 FE480A50 DEC87777 6EDF0E59 + D198B7DC 29ADEE47 F562740E 870D9503 36816813 48CACEA0 AB336A54 A25BA97F + A4631BDF 907B0213 DA1B804E 72F4FA8B AFA4F633 + quit +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +vlan configuration 101 + member evpn-instance 101 vni 10101 +vlan configuration 102 + member evpn-instance 102 vni 10102 +vlan configuration 901 + member vni 50901 +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + ip address 172.16.255.4 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback1 + ip address 172.16.254.4 255.255.255.255 + ip pim sparse-mode + ip ospf 1 area 0 +! +interface Port-channel12 + switchport access vlan 101 + switchport mode access + evpn ethernet-segment 1 +! +interface Port-channel14 + switchport trunk allowed vlan 101,102 + switchport mode trunk + evpn ethernet-segment 2 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet1/0/1 + no switchport + ip address 172.16.14.4 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/2 + no switchport + ip address 172.16.24.4 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/3 +! +interface GigabitEthernet1/0/4 +! +interface GigabitEthernet1/0/5 +! +interface GigabitEthernet1/0/6 +! +interface GigabitEthernet1/0/7 +! +interface GigabitEthernet1/0/8 +! +interface GigabitEthernet1/0/9 +! +interface GigabitEthernet1/0/10 + switchport mode trunk +! +interface GigabitEthernet1/0/11 +! +interface GigabitEthernet1/0/12 + switchport access vlan 101 + switchport mode access + channel-group 12 mode active +! +interface GigabitEthernet1/0/13 + switchport trunk allowed vlan 101,102 + switchport mode trunk + channel-group 14 mode active +! +interface GigabitEthernet1/0/14 + switchport trunk allowed vlan 101,102 + switchport mode trunk + channel-group 14 mode active +! +interface GigabitEthernet1/0/15 +! +interface GigabitEthernet1/0/16 +! +interface GigabitEthernet1/0/17 +! +interface GigabitEthernet1/0/18 +! +interface GigabitEthernet1/0/19 +! +interface GigabitEthernet1/0/20 +! +interface GigabitEthernet1/0/21 +! +interface GigabitEthernet1/0/22 +! +interface GigabitEthernet1/0/23 +! +interface GigabitEthernet1/0/24 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/1/1 +! +interface GigabitEthernet1/1/2 +! +interface GigabitEthernet1/1/3 +! +interface GigabitEthernet1/1/4 +! +interface AppGigabitEthernet1/0/1 +! +interface Vlan1 + no ip address +! +interface Vlan101 + vrf forwarding green + ip address 10.1.101.1 255.255.255.0 +! +interface Vlan102 + vrf forwarding green + ip address 10.1.102.1 255.255.255.0 +! +interface Vlan901 + vrf forwarding green + ip unnumbered Loopback1 + ipv6 enable + no autostate +! +interface nve1 + no ip address + source-interface Loopback1 + host-reachability protocol bgp + member vni 10101 mcast-group 225.0.0.101 + member vni 50901 vrf green + member vni 10102 ingress-replication +! +router ospf 1 + router-id 172.16.255.4 +! +router bgp 65001 + bgp log-neighbor-changes + no bgp default ipv4-unicast + neighbor 172.16.255.1 remote-as 65001 + neighbor 172.16.255.1 update-source Loopback0 + neighbor 172.16.255.2 remote-as 65001 + neighbor 172.16.255.2 update-source Loopback0 + ! + address-family ipv4 + exit-address-family + ! + address-family l2vpn evpn + neighbor 172.16.255.1 activate + neighbor 172.16.255.1 send-community both + neighbor 172.16.255.2 activate + neighbor 172.16.255.2 send-community both + exit-address-family + ! + address-family ipv4 vrf green + advertise l2vpn evpn + redistribute static + redistribute connected + exit-address-family +! +ip forward-protocol nd +ip http server +ip http authentication local +ip http secure-server +ip pim rp-address 172.16.255.255 +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end diff --git a/vxlan-lab4/server01.txt b/vxlan-lab4/server01.txt new file mode 100644 index 0000000..d87e402 --- /dev/null +++ b/vxlan-lab4/server01.txt @@ -0,0 +1,300 @@ +hostname Server-01 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +no aaa new-model +switch 1 provision c9300l-24p-4g +! +! +! +! +! +! +! +! +! +! +! +! +login on-success log +! +! +! +! +! +! +! +! +crypto pki trustpoint TP-self-signed-2947407253 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-2947407253 + revocation-check none + rsakeypair TP-self-signed-2947407253 + hash sha512 +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +! +crypto pki certificate chain TP-self-signed-2947407253 + certificate self-signed 01 + 30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 31312F30 2D060355 04030C26 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 32393437 34303732 3533301E 170D3236 30363130 30373537 + 34305A17 0D333630 36303930 37353734 305A3031 312F302D 06035504 030C2649 + 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 39343734 + 30373235 33308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201 + 0A028201 0100D73C 961D9195 D3943475 3D1021D5 5256D366 283AF7EA 7E29EDF7 + D436F20C 2540FD80 151BC2FF D73151B0 5BFEB37A 1BE4D77B 064DEE09 5755F88F + CEECF4B4 650429B9 584658ED 94B60905 3F149C23 BEF50154 40285A5C D299E976 + 260FDCC8 23A6E59F 15663A5A 5CFB84E2 9314243E 339BCF63 3D33F429 4F104A71 + DA40BFDD 5FDA6AFE 4A6795F5 C1044EBA 4A103859 619C5B42 8259B4C2 E14AD3DA + 11DD2F8B CC9FAF07 B034AC36 7B54FD31 098FB3B7 1EBFB9C1 D3F3A97D 3C2B9661 + 3E6D7523 0C0903D4 2D66ACD7 C1E59304 36E45B5D 0D4D1DD3 FA0A8FC5 9AE00618 + 6523D157 CD262001 0D180482 E4125F40 58741CDA 0C0BD373 4735365E 4E859EC2 + 18841214 7C7D0203 010001A3 53305130 1D060355 1D0E0416 041426FB E5DBB36E + EB590719 E507692E B3563C0F 0C60301F 0603551D 23041830 16801426 FBE5DBB3 + 6EEB5907 19E50769 2EB3563C 0F0C6030 0F060355 1D130101 FF040530 030101FF + 300D0609 2A864886 F70D0101 0D050003 82010100 34AF340D 9C10640F F7CD722C + 4F149DFF 30C38F3B B30ADF41 70248500 6E8024C0 0A9D1ACA B5F3CCE6 EA3C982D + DE4F1BEC 8E933EFA B15143B9 1E5502BE BE7B10B5 BDB57038 4AB184DD 0A55BA43 + 37FBB9C4 E1BFE983 960383BB 40F3906D 5C47E3EF BF9BDE3A 6B33C42B F290CF49 + 8E96CC07 A4AA1BD5 1EFD2579 3A195166 287E14B8 4979A3AF DC1718E6 1A820E75 + 1D1ECCC6 B53FBF9C E6589902 BB9021BD 2B387816 28202A9E F7784F8E 7E8E92BA + C0A9AB2C AAA8668C C6AEF3B8 41CBB3C0 A4165D11 B5C1A846 2EA25215 85306E99 + BAAC1EF5 54517D54 BB9EF942 9226C5CE 816801FD E5FCE9DE 5A4B795D 107E6521 + D87398DE EDCDDBD2 045AB631 3D37C325 0149EA49 + quit +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Port-channel10 + no switchport + ip address 10.1.101.100 255.255.255.0 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet1/0/1 + description vers Leaf-01 + no switchport + no ip address + channel-group 10 mode active +! +interface GigabitEthernet1/0/2 + description vers Leaf-02 + no switchport + no ip address + channel-group 10 mode active +! +interface GigabitEthernet1/0/3 +! +interface GigabitEthernet1/0/4 +! +interface GigabitEthernet1/0/5 +! +interface GigabitEthernet1/0/6 +! +interface GigabitEthernet1/0/7 +! +interface GigabitEthernet1/0/8 +! +interface GigabitEthernet1/0/9 +! +interface GigabitEthernet1/0/10 +! +interface GigabitEthernet1/0/11 +! +interface GigabitEthernet1/0/12 +! +interface GigabitEthernet1/0/13 +! +interface GigabitEthernet1/0/14 +! +interface GigabitEthernet1/0/15 +! +interface GigabitEthernet1/0/16 +! +interface GigabitEthernet1/0/17 +! +interface GigabitEthernet1/0/18 +! +interface GigabitEthernet1/0/19 +! +interface GigabitEthernet1/0/20 +! +interface GigabitEthernet1/0/21 +! +interface GigabitEthernet1/0/22 +! +interface GigabitEthernet1/0/23 +! +interface GigabitEthernet1/0/24 +! +interface GigabitEthernet1/1/1 +! +interface GigabitEthernet1/1/2 +! +interface GigabitEthernet1/1/3 +! +interface GigabitEthernet1/1/4 +! +interface AppGigabitEthernet1/0/1 +! +interface Vlan1 + no ip address +! +ip forward-protocol nd +ip http server +ip http authentication local +ip http secure-server +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end diff --git a/vxlan-lab4/spine01.txt b/vxlan-lab4/spine01.txt new file mode 100644 index 0000000..bef9654 --- /dev/null +++ b/vxlan-lab4/spine01.txt @@ -0,0 +1,351 @@ +hostname Spine-01 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +no aaa new-model +switch 2 provision c9300l-24p-4g +! +! +! +! +ip routing +! +! +! +! +! +ip multicast-routing +! +ip dhcp pool webuidhcp +! +! +! +login on-success log +ipv6 nd cache expire refresh +ipv6 unicast-routing +! +! +! +! +! +! +! +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +crypto pki trustpoint TP-self-signed-251052295 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-251052295 + revocation-check none + rsakeypair TP-self-signed-251052295 + hash sha512 +! +! +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +crypto pki certificate chain TP-self-signed-251052295 + certificate self-signed 01 + 3082032E 30820216 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 30312E30 2C060355 04030C25 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 32353130 35323239 35301E17 0D323630 36313030 37353733 + 315A170D 33363036 30393037 35373331 5A303031 2E302C06 03550403 0C25494F + 532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3235 31303532 + 32393530 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 82010A02 + 82010100 D89BCFBD 5397ED82 DFCE3396 1664243E F8B16D1A EF4EA9FC 89661810 + B86A1333 F49417A6 D2321D74 E43423FC 99CB1A86 704E5FC1 1F26C7E7 DCDBD99F + D85630C3 59237E9C 9A988DE5 15500356 0FB10E0F 3E8B1401 7C8E06A8 E3493E22 + 93AC7E5D 52433498 490F20EE C966121A 0FFDC547 E9C664D1 766EDF3D 13081CEC + AB2B202C 5FF1BB61 B98593BE 3700930E AF220152 F6BF1D1A 38B9CDC0 CB31C119 + 2E09E5F3 4CA6F02A 1FF916FC 4627CCB9 C32D8573 B69AF79B 699E91F3 0C79FECA + 0DF90FF0 F8B005FA 63DF5302 64C3A1AE 6FD8C78E FE976E0C D03E9139 6B933048 + 13049514 105B1995 1267D0DC 3DA4CCBD 31703F2F 6914C8F3 7B1DB726 A2B07631 + 2180D6F7 02030100 01A35330 51301D06 03551D0E 04160414 147899D8 5CAC32ED + 34315AED 87E8EFCA 2FEC840F 301F0603 551D2304 18301680 14147899 D85CAC32 + ED34315A ED87E8EF CA2FEC84 0F300F06 03551D13 0101FF04 05300301 01FF300D + 06092A86 4886F70D 01010D05 00038201 0100AAA6 FE2EC09B F9769A5C C0DAAE85 + 8D02A258 AB7E4510 807F9FEF 10FE774B 7B0F3EFE 117F850F 833B49B6 C20781B0 + D89F5F9E FDEB06B1 74889F5E 5D2E9EEB 2ECDE82E 58EDA905 AD6D7313 66519DC7 + 6702F569 DDEAE0E6 24C302AF F784DFA3 F3FA0512 DD416C13 8AFC7D09 6EAE05E3 + 5E067BD9 3CC56564 3B92D3C1 1E4BC00C FD3C03A1 0E37A034 1C378323 4080AE0D + AAEB2A55 632CF3C0 35ACBDB4 F118B9FE 53C9D86A 2713FD54 C1ADA68B 043EC657 + 3CE61F31 61FEC1B9 75DCD39B 75E97238 A1CF89E0 47B037C1 8A886AD3 0F3D35DF + 1822F3A2 1AD01417 77D4D683 274034B9 9721C84B A9203A29 06F916BF BEBEB112 + F43BAFEB EC57AECF 57C0AED5 88A8DE69 F5A4 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + ip address 172.16.255.1 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback1 + ip address 172.16.254.1 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback2 + ip address 172.16.255.255 255.255.255.255 + ip pim sparse-mode + ip ospf 1 area 0 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet2/0/1 + no switchport + ip address 172.16.13.1 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet2/0/2 + no switchport + ip address 172.16.14.1 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet2/0/3 +! +interface GigabitEthernet2/0/4 +! +interface GigabitEthernet2/0/5 +! +interface GigabitEthernet2/0/6 +! +interface GigabitEthernet2/0/7 +! +interface GigabitEthernet2/0/8 +! +interface GigabitEthernet2/0/9 +! +interface GigabitEthernet2/0/10 +! +interface GigabitEthernet2/0/11 +! +interface GigabitEthernet2/0/12 +! +interface GigabitEthernet2/0/13 +! +interface GigabitEthernet2/0/14 +! +interface GigabitEthernet2/0/15 +! +interface GigabitEthernet2/0/16 +! +interface GigabitEthernet2/0/17 +! +interface GigabitEthernet2/0/18 +! +interface GigabitEthernet2/0/19 +! +interface GigabitEthernet2/0/20 +! +interface GigabitEthernet2/0/21 +! +interface GigabitEthernet2/0/22 +! +interface GigabitEthernet2/0/23 +! +interface GigabitEthernet2/0/24 +! +interface GigabitEthernet2/1/1 +! +interface GigabitEthernet2/1/2 +! +interface GigabitEthernet2/1/3 +! +interface GigabitEthernet2/1/4 +! +interface AppGigabitEthernet2/0/1 +! +interface Vlan1 + no ip address + shutdown +! +router ospf 1 + router-id 172.16.255.1 +! +router bgp 65001 + template peer-policy RR-PP + route-reflector-client + send-community both + exit-peer-policy + ! + template peer-session RR-PS + remote-as 65001 + update-source Loopback0 + exit-peer-session + ! + bgp router-id 172.16.255.1 + bgp log-neighbor-changes + no bgp default ipv4-unicast + neighbor 172.16.255.3 inherit peer-session RR-PS + neighbor 172.16.255.4 inherit peer-session RR-PS + ! + address-family ipv4 + exit-address-family + ! + address-family l2vpn evpn + neighbor 172.16.255.3 activate + neighbor 172.16.255.3 send-community both + neighbor 172.16.255.3 inherit peer-policy RR-PP + neighbor 172.16.255.4 activate + neighbor 172.16.255.4 send-community both + neighbor 172.16.255.4 inherit peer-policy RR-PP + exit-address-family +! +ip forward-protocol nd +ip http server +ip http secure-server +ip pim rp-address 172.16.255.255 +ip msdp peer 172.16.254.2 connect-source Loopback1 remote-as 65001 +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end diff --git a/vxlan-lab4/spine02.txt b/vxlan-lab4/spine02.txt new file mode 100644 index 0000000..20851e0 --- /dev/null +++ b/vxlan-lab4/spine02.txt @@ -0,0 +1,347 @@ +hostname Spine-02 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +no aaa new-model +switch 1 provision c9300l-24p-4g +! +! +! +! +ip routing +! +! +! +! +! +ip multicast-routing +! +! +! +login on-success log +! +! +! +! +! +! +! +! +crypto pki trustpoint TP-self-signed-430895953 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-430895953 + revocation-check none + rsakeypair TP-self-signed-430895953 + hash sha512 +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +! +crypto pki certificate chain TP-self-signed-430895953 + certificate self-signed 01 + 3082032E 30820216 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 30312E30 2C060355 04030C25 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 34333038 39353935 33301E17 0D323630 36313030 37353931 + 315A170D 33363036 30393037 35393131 5A303031 2E302C06 03550403 0C25494F + 532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3433 30383935 + 39353330 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 82010A02 + 82010100 A71865B6 6C5F0B06 665FCD05 19C66FF3 4D4B9157 EF422949 A4ACD2F2 + ACF5AA84 6B593191 FF34BB5C 2A1F3064 DCF41C32 A8EA567D C7B1400B A9CD2CC6 + 55F61D16 792E6552 31D4B438 137EC154 47503D71 FDB8A4A7 71B3FE2A B36FF58C + F5356063 942A2DBC 99F20FC0 ABE7C186 940AF2A2 E94A30CF 7D6AA5D7 4A9C93BB + 99A5779B A179C130 8839473E 04679619 897E139A 3B883DF0 484060CD 703D25A2 + 01153890 F65AE584 6C403826 7DDD0C8C B76D6690 D7FACB49 89B2CB22 619B1F18 + 3C090DAF 47443412 63FC7B3B DEDED46B 4B19BB16 6C2EA229 1946B513 813645F8 + D029F8B4 878F3581 30A3D42A 37BE3C82 835EDC01 A4D028BC 76F777EC CE9440F2 + 26037F3F 02030100 01A35330 51301D06 03551D0E 04160414 77E8D640 80AF8B64 + B2AFF1D6 AED32E71 F70417EA 301F0603 551D2304 18301680 1477E8D6 4080AF8B + 64B2AFF1 D6AED32E 71F70417 EA300F06 03551D13 0101FF04 05300301 01FF300D + 06092A86 4886F70D 01010D05 00038201 0100177A 72BD66A9 0BFFDBC2 B79A5E60 + 0D47EBD5 A52A2A4F 6CB07B34 55D37A8F 9DE892FB 8AEAD5BF 5D0766DD BC51BD4A + 5D64DCDA 493D2D2E BB01BAC4 6D4AE47E FE0F0DDD 0628328B 9FAB4001 721E4F9A + CF4396D2 AA70CBCA E071F9AF C8248307 D75DABFA A9302E78 7D2AC3FF 2A62FAA7 + E7AE7A15 EAFE2A27 36BE73BF C9B25B68 FE9A3837 715BD0F2 55B3FEBF 02EEAECC + 469280FE B46A8105 C3D36F72 E18F6AC2 B3A62DA1 DE7A80B9 0E382EE0 6DD0315D + 1E4D6120 386CB1E9 48301645 7A8F14F9 3CA2B26F 98C9E634 AB9E0E8A 863B8D1E + B64A5817 C92BEEDA 4086C3F7 81EA3F30 DA66BADA 8A16810F EAC7B4C4 6DF5420A + 4733CCA2 A71746B9 E7762CF6 51C90F36 3E58 + quit +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + ip address 172.16.255.2 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback1 + ip address 172.16.254.2 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback2 + ip address 172.16.255.255 255.255.255.255 + ip pim sparse-mode + ip ospf 1 area 0 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet1/0/1 + no switchport + ip address 172.16.23.2 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/2 + no switchport + ip address 172.16.24.2 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/3 +! +interface GigabitEthernet1/0/4 +! +interface GigabitEthernet1/0/5 +! +interface GigabitEthernet1/0/6 +! +interface GigabitEthernet1/0/7 +! +interface GigabitEthernet1/0/8 +! +interface GigabitEthernet1/0/9 +! +interface GigabitEthernet1/0/10 +! +interface GigabitEthernet1/0/11 +! +interface GigabitEthernet1/0/12 +! +interface GigabitEthernet1/0/13 +! +interface GigabitEthernet1/0/14 +! +interface GigabitEthernet1/0/15 +! +interface GigabitEthernet1/0/16 +! +interface GigabitEthernet1/0/17 +! +interface GigabitEthernet1/0/18 +! +interface GigabitEthernet1/0/19 +! +interface GigabitEthernet1/0/20 +! +interface GigabitEthernet1/0/21 +! +interface GigabitEthernet1/0/22 +! +interface GigabitEthernet1/0/23 +! +interface GigabitEthernet1/0/24 +! +interface GigabitEthernet1/1/1 +! +interface GigabitEthernet1/1/2 +! +interface GigabitEthernet1/1/3 +! +interface GigabitEthernet1/1/4 +! +interface AppGigabitEthernet1/0/1 +! +interface Vlan1 + no ip address +! +router ospf 1 + router-id 172.16.255.2 +! +router bgp 65001 + template peer-policy RR-PP + route-reflector-client + send-community both + exit-peer-policy + ! + template peer-session RR-PS + remote-as 65001 + update-source Loopback0 + exit-peer-session + ! + bgp router-id 172.16.255.2 + bgp log-neighbor-changes + no bgp default ipv4-unicast + neighbor 172.16.255.3 inherit peer-session RR-PS + neighbor 172.16.255.4 inherit peer-session RR-PS + ! + address-family ipv4 + exit-address-family + ! + address-family l2vpn evpn + neighbor 172.16.255.3 activate + neighbor 172.16.255.3 send-community both + neighbor 172.16.255.3 inherit peer-policy RR-PP + neighbor 172.16.255.4 activate + neighbor 172.16.255.4 send-community both + neighbor 172.16.255.4 inherit peer-policy RR-PP + exit-address-family +! +ip forward-protocol nd +ip http server +ip http authentication local +ip http secure-server +ip pim rp-address 172.16.255.255 +ip msdp peer 172.16.254.1 connect-source Loopback1 remote-as 65001 +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end diff --git a/vxlan-lab5/access01.txt b/vxlan-lab5/access01.txt new file mode 100644 index 0000000..3d422b3 --- /dev/null +++ b/vxlan-lab5/access01.txt @@ -0,0 +1,363 @@ +hostname Acces-01 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +no aaa new-model +switch 1 provision c9300l-24t-4g +switch 2 provision c9300l-24t-4g +! +! +! +! +! +! +! +! +! +! +! +! +login on-success log +! +! +! +! +! +! +! +! +crypto pki trustpoint TP-self-signed-1855158953 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-1855158953 + revocation-check none + rsakeypair TP-self-signed-1855158953 + hash sha512 +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +! +crypto pki certificate chain TP-self-signed-1855158953 + certificate self-signed 01 + 30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 31312F30 2D060355 04030C26 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 31383535 31353839 3533301E 170D3236 30363130 31323030 + 32385A17 0D333630 36303931 32303032 385A3031 312F302D 06035504 030C2649 + 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 38353531 + 35383935 33308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201 + 0A028201 0100A0FC 28DCFEB1 51334B66 82B2D625 997681D2 239049D2 C3F1DAD3 + 0DFB7A79 48B494AF 4E9A63E4 A62D1AE9 2F3959FB 6153BB07 0C1DDEDC 1D9F4E27 + BD56DF67 562E608D D6B7EE68 E75125A5 EE04B02B A8EE23C4 5E2E80D5 0F75F349 + 4CAB259F 57DE2459 0595C89B 8F972F29 54006AD7 0C67F416 5BDBE29E 6557695D + 0763F793 1D7BBA4C E1445C4D C26B4CFD C58FF8B8 DC91A9A7 D5EC287A F167B3CB + 16DEB643 601C98AD 90D76C1E 0E0DD88E 464F906D F0D5C5C1 AE17A694 90775093 + AE20CAF8 F05C3974 2A2A8668 322DDB03 05621885 E6E7C1B7 AF6384FC F8D1B865 + E1BB5788 704FE5CA 6096BE5A 7CDADEE1 0FFEC364 46470AE7 BBA09990 15DA18FF + E05E7D46 B1770203 010001A3 53305130 1D060355 1D0E0416 0414D225 6A1B1A99 + A5FBF7FB DC557609 45A053B7 9516301F 0603551D 23041830 168014D2 256A1B1A + 99A5FBF7 FBDC5576 0945A053 B7951630 0F060355 1D130101 FF040530 030101FF + 300D0609 2A864886 F70D0101 0D050003 82010100 021970C7 4E6C0C86 56C38FEA + EF075272 9B2FF043 3B7D2C1C D0BB7C83 0F06ECC9 F380AA49 E0A41706 194EF7AC + 1BE8BFA8 9B7C335A A8E66C84 89945443 B9F6FF1F 2BB06B5B 16E29073 07364FE2 + 3705AB86 31B4A086 FB2E9663 FFE621D5 A4B0A061 B6B53967 F791EF19 0207B5E5 + 40D4BD4D F55C43F0 2C8A4C28 FF935D32 BBC00FBD D2E1B111 57EB0539 88864EA7 + 5BF6B49E 29721B90 17395B19 E23B84E9 FE3A4267 01A5AA4F 2F2C87EC ACC1A22C + ABF60ACE 6F0D7B31 D6C8DF51 654309EA 25497513 819269A6 DDC8D7EC 99135A7C + 895B1320 AF02B0E1 6207D49A 8FA483BF F96F04EB 4A9783E1 0F9E3D54 97428020 + 071BCF24 08F5C4E3 5BDB06EF 00A20C74 3AFE60BB + quit +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Port-channel24 + switchport trunk allowed vlan 101,102 + switchport mode trunk +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet1/0/1 +! +interface GigabitEthernet1/0/2 +! +interface GigabitEthernet1/0/3 +! +interface GigabitEthernet1/0/4 +! +interface GigabitEthernet1/0/5 +! +interface GigabitEthernet1/0/6 +! +interface GigabitEthernet1/0/7 +! +interface GigabitEthernet1/0/8 +! +interface GigabitEthernet1/0/9 +! +interface GigabitEthernet1/0/10 +! +interface GigabitEthernet1/0/11 +! +interface GigabitEthernet1/0/12 +! +interface GigabitEthernet1/0/13 +! +interface GigabitEthernet1/0/14 +! +interface GigabitEthernet1/0/15 +! +interface GigabitEthernet1/0/16 +! +interface GigabitEthernet1/0/17 +! +interface GigabitEthernet1/0/18 +! +interface GigabitEthernet1/0/19 +! +interface GigabitEthernet1/0/20 +! +interface GigabitEthernet1/0/21 +! +interface GigabitEthernet1/0/22 +! +interface GigabitEthernet1/0/23 + switchport trunk allowed vlan 101,102 + switchport mode trunk + channel-group 24 mode active +! +interface GigabitEthernet1/0/24 + switchport trunk allowed vlan 101,102 + switchport mode trunk + channel-group 24 mode active +! +interface GigabitEthernet1/1/1 +! +interface GigabitEthernet1/1/2 +! +interface GigabitEthernet1/1/3 +! +interface GigabitEthernet1/1/4 +! +interface AppGigabitEthernet1/0/1 +! +interface GigabitEthernet2/0/1 +! +interface GigabitEthernet2/0/2 +! +interface GigabitEthernet2/0/3 +! +interface GigabitEthernet2/0/4 +! +interface GigabitEthernet2/0/5 +! +interface GigabitEthernet2/0/6 +! +interface GigabitEthernet2/0/7 +! +interface GigabitEthernet2/0/8 +! +interface GigabitEthernet2/0/9 +! +interface GigabitEthernet2/0/10 +! +interface GigabitEthernet2/0/11 +! +interface GigabitEthernet2/0/12 +! +interface GigabitEthernet2/0/13 +! +interface GigabitEthernet2/0/14 +! +interface GigabitEthernet2/0/15 +! +interface GigabitEthernet2/0/16 +! +interface GigabitEthernet2/0/17 +! +interface GigabitEthernet2/0/18 +! +interface GigabitEthernet2/0/19 +! +interface GigabitEthernet2/0/20 +! +interface GigabitEthernet2/0/21 +! +interface GigabitEthernet2/0/22 +! +interface GigabitEthernet2/0/23 + switchport trunk allowed vlan 101,102 + switchport mode trunk + channel-group 24 mode active +! +interface GigabitEthernet2/0/24 + switchport trunk allowed vlan 101,102 + switchport mode trunk + channel-group 24 mode active +! +interface GigabitEthernet2/1/1 +! +interface GigabitEthernet2/1/2 +! +interface GigabitEthernet2/1/3 +! +interface GigabitEthernet2/1/4 +! +interface AppGigabitEthernet2/0/1 +! +interface Vlan1 + no ip address +! +ip forward-protocol nd +ip http server +ip http authentication local +ip http secure-server +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end diff --git a/vxlan-lab5/leaf01.txt b/vxlan-lab5/leaf01.txt new file mode 100644 index 0000000..f9a521e --- /dev/null +++ b/vxlan-lab5/leaf01.txt @@ -0,0 +1,430 @@ +hostname Leaf-01 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +vrf definition green + rd 1:1 + ! + address-family ipv4 + route-target export 1:1 + route-target import 1:1 + route-target export 1:1 stitching + route-target import 1:1 stitching + exit-address-family + ! + address-family ipv6 + route-target export 1:1 + route-target import 1:1 + route-target export 1:1 stitching + route-target import 1:1 stitching + exit-address-family +! +no aaa new-model +switch 1 provision c9300l-24p-4g +! +! +! +! +ip routing +! +! +! +! +! +ip multicast-routing +! +! +! +login on-success log +! +! +! +! +! +! +! +l2vpn evpn + replication-type static + router-id Loopback1 + default-gateway advertise +! +l2vpn evpn ethernet-segment 1 + identifier type 0 00.00.00.00.00.00.00.00.01 + redundancy all-active + df-election wait-time 1 +! +l2vpn evpn ethernet-segment 2 + identifier type 0 00.00.00.00.00.00.00.00.02 + redundancy all-active + df-election wait-time 1 +! +l2vpn evpn instance 101 vlan-based + encapsulation vxlan + replication-type static +! +l2vpn evpn instance 102 vlan-based + encapsulation vxlan + replication-type ingress +! +! +crypto pki trustpoint TP-self-signed-2748515057 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-2748515057 + revocation-check none + rsakeypair TP-self-signed-2748515057 + hash sha512 +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +! +crypto pki certificate chain TP-self-signed-2748515057 + certificate self-signed 01 + 30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 31312F30 2D060355 04030C26 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 32373438 35313530 3537301E 170D3236 30363130 30393433 + 30385A17 0D333630 36303930 39343330 385A3031 312F302D 06035504 030C2649 + 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 37343835 + 31353035 37308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201 + 0A028201 0100A4CA 45163B01 9C334AAA 046F7B18 E9F8D151 8996B5B5 CA96FC78 + 870C057E 929F7011 CAE9A00E E5DDD799 2C2581D3 413DFC7C 49B38DF0 48A0216E + 4EF4C65C F1D1F4EF 545370F3 3FA69C4B 22948881 F7B28644 2A4F2865 026EF500 + F57BBC11 4C13CEC6 841421DB 34EDCB47 510668FF 5FBF525E CF9020ED 51414B3D + 07601E2A 4A30A706 2DDD6EEE B7B2AE7A C37820D3 C08BAA78 C1D030E7 B3F1C8EA + FECCFF10 363296DB 9E0C3A97 C1E7C416 75425A88 AEBB0AA0 6D0BC326 9043BC8C + CB75A544 AA9FFDB0 67E22FD9 5CE66812 B58FADDA 5B7993CA 4F7D7F37 B179642C + 873C129B 2DAC8D5E 4BF6CF5D 03D41302 EA4A481E 53DF7648 00D7668A E6B1672F + 1397D45A 21350203 010001A3 53305130 1D060355 1D0E0416 041447B1 391FE1B2 + 9088CF66 FCA5F571 4DDE8252 2C85301F 0603551D 23041830 16801447 B1391FE1 + B29088CF 66FCA5F5 714DDE82 522C8530 0F060355 1D130101 FF040530 030101FF + 300D0609 2A864886 F70D0101 0D050003 82010100 74081052 95A744B6 9812BACC + 0743C4D2 0957BE9A D49CCB1B 36F41237 0F9C8512 F82BD6CF 7BC20495 C544C441 + B37CC3B6 D3F2A35B 8B47EF95 E6545B01 763887D5 97D4A247 019D3387 D29DC699 + 25C45B3F 674662BB DFF0B1CC 6E50C91B 3C843D3E AEEC6BE1 6577D36F E99946F3 + 52E02B0E 162902B9 F6477EF8 C59D0955 D7351E18 671F96B8 B8569431 4A90FD04 + C543996B 633FB9CB 48BA7FB6 EC39E137 11FA78DE 6E4FD609 FACC9D0C D1ED2A2C + 3B7A7B1C 29D4F096 1CB08698 9E83B983 B4B7045C 7166B0A4 1C3E8E20 75F9FC2D + 202298E3 F6328325 8790A997 C757940F 2B0543EC 3D01B7BC F48D979D 392C21D8 + 3017E967 7743A155 D97B6463 28E467DD 3E8D9D3F + quit +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +vlan configuration 101 + member evpn-instance 101 vni 10101 +vlan configuration 102 + member evpn-instance 102 vni 10102 +vlan configuration 901 + member vni 50901 +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + ip address 172.16.255.3 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback1 + ip address 172.16.254.3 255.255.255.255 + ip pim sparse-mode + ip ospf 1 area 0 +! +interface Port-channel12 + switchport access vlan 101 + switchport mode access + evpn ethernet-segment 1 +! +interface Port-channel14 + switchport trunk allowed vlan 101,102 + switchport mode trunk + evpn ethernet-segment 2 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet1/0/1 + no switchport + ip address 172.16.13.3 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/2 + no switchport + ip address 172.16.23.3 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/3 +! +interface GigabitEthernet1/0/4 +! +interface GigabitEthernet1/0/5 +! +interface GigabitEthernet1/0/6 +! +interface GigabitEthernet1/0/7 +! +interface GigabitEthernet1/0/8 +! +interface GigabitEthernet1/0/9 +! +interface GigabitEthernet1/0/10 + switchport mode trunk +! +interface GigabitEthernet1/0/11 +! +interface GigabitEthernet1/0/12 + switchport access vlan 101 + switchport mode access + channel-group 12 mode active +! +interface GigabitEthernet1/0/13 + switchport trunk allowed vlan 101,102 + switchport mode trunk + channel-group 14 mode active +! +interface GigabitEthernet1/0/14 + switchport trunk allowed vlan 101,102 + switchport mode trunk + channel-group 14 mode active +! +interface GigabitEthernet1/0/15 +! +interface GigabitEthernet1/0/16 +! +interface GigabitEthernet1/0/17 +! +interface GigabitEthernet1/0/18 +! +interface GigabitEthernet1/0/19 +! +interface GigabitEthernet1/0/20 +! +interface GigabitEthernet1/0/21 +! +interface GigabitEthernet1/0/22 +! +interface GigabitEthernet1/0/23 +! +interface GigabitEthernet1/0/24 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/1/1 +! +interface GigabitEthernet1/1/2 +! +interface GigabitEthernet1/1/3 +! +interface GigabitEthernet1/1/4 +! +interface AppGigabitEthernet1/0/1 +! +interface Vlan1 + no ip address +! +interface Vlan101 + vrf forwarding green + ip address 10.1.101.1 255.255.255.0 +! +interface Vlan102 + vrf forwarding green + ip address 10.1.102.1 255.255.255.0 +! +interface Vlan901 + vrf forwarding green + ip unnumbered Loopback1 + ipv6 enable + no autostate +! +interface nve1 + no ip address + source-interface Loopback1 + host-reachability protocol bgp + member vni 10101 mcast-group 225.0.0.101 + member vni 10102 ingress-replication + member vni 50901 vrf green +! +router ospf 1 + router-id 172.16.255.3 +! +router bgp 65001 + bgp log-neighbor-changes + no bgp default ipv4-unicast + neighbor 172.16.255.1 remote-as 65001 + neighbor 172.16.255.1 update-source Loopback0 + neighbor 172.16.255.2 remote-as 65001 + neighbor 172.16.255.2 update-source Loopback0 + ! + address-family ipv4 + redistribute static + redistribute connected + exit-address-family + ! + address-family l2vpn evpn + neighbor 172.16.255.1 activate + neighbor 172.16.255.1 send-community both + neighbor 172.16.255.2 activate + neighbor 172.16.255.2 send-community both + exit-address-family + ! + address-family ipv4 vrf green + advertise l2vpn evpn + redistribute static + redistribute connected + exit-address-family +! +ip forward-protocol nd +ip http server +ip http authentication local +ip http secure-server +ip pim rp-address 172.16.255.255 +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end \ No newline at end of file diff --git a/vxlan-lab5/leaf02.txt b/vxlan-lab5/leaf02.txt new file mode 100644 index 0000000..f8873a5 --- /dev/null +++ b/vxlan-lab5/leaf02.txt @@ -0,0 +1,427 @@ +hostname Leaf-02 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +vrf definition green + rd 1:1 + ! + address-family ipv4 + route-target export 1:1 + route-target import 1:1 + route-target export 1:1 stitching + route-target import 1:1 stitching + exit-address-family + ! + address-family ipv6 + route-target export 1:1 + route-target import 1:1 + route-target export 1:1 stitching + route-target import 1:1 stitching + exit-address-family +! +no aaa new-model +switch 1 provision c9300l-24p-4g +! +! +! +! +ip routing +! +! +! +! +! +ip multicast-routing +! +! +! +login on-success log +! +! +! +! +! +! +! +l2vpn evpn + replication-type static + router-id Loopback1 + default-gateway advertise +! +l2vpn evpn ethernet-segment 1 + identifier type 0 00.00.00.00.00.00.00.00.01 + redundancy all-active + df-election wait-time 1 +! +l2vpn evpn ethernet-segment 2 + identifier type 0 00.00.00.00.00.00.00.00.02 + redundancy all-active + df-election wait-time 1 +! +l2vpn evpn instance 101 vlan-based + encapsulation vxlan +! +l2vpn evpn instance 102 vlan-based + encapsulation vxlan + replication-type ingress +! +! +crypto pki trustpoint TP-self-signed-4106980722 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-4106980722 + revocation-check none + rsakeypair TP-self-signed-4106980722 + hash sha512 +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +! +crypto pki certificate chain TP-self-signed-4106980722 + certificate self-signed 01 + 30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 31312F30 2D060355 04030C26 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 34313036 39383037 3232301E 170D3236 30363130 30393433 + 32345A17 0D333630 36303930 39343332 345A3031 312F302D 06035504 030C2649 + 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 31303639 + 38303732 32308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201 + 0A028201 01009849 F78BD093 74C4F07A A3855635 0B226D1D DB524A61 14AB07A6 + 6CC41BC9 29B861FA 10F734FE A0115CFF 44B53345 C2C5CCDB E6508E36 734F83D1 + 2586BBFA 55FBCA7D 731EEA2D 7F9C13F9 B6D04514 DE51D43E DD9BE04C 9841316B + 9CD765D7 2A999541 D078E1F7 4BD9597A 5BA09FBA CBFD2EF7 92BBAD66 C4FA8535 + 2057BC14 1E11B218 7A021057 C7EBCDC9 FCED0B91 FD84E5A2 CAD4F661 FE66AA2B + ABF56705 125F5B97 521EE401 AF66FBAD 42ACAF73 4B7F3A2F 3FA2AE03 69DC2A88 + F7616397 B13E3B37 A762AFA4 D51576B7 3F0A039B 40C64DDB 39F2F686 2EF72BED + 2729B749 FBE8DF8D 8A6FFB1B 569E2220 C1A81171 5481BB56 E470941D 3311E8BD + C9C59E75 06FF0203 010001A3 53305130 1D060355 1D0E0416 04141AB2 BB3AB3AE + 642F201E BA75F878 589FFAEA D5D0301F 0603551D 23041830 1680141A B2BB3AB3 + AE642F20 1EBA75F8 78589FFA EAD5D030 0F060355 1D130101 FF040530 030101FF + 300D0609 2A864886 F70D0101 0D050003 82010100 81BBF69B F9F2A5B6 7F3CF96D + 506E8D43 964DAF2A D9221CF1 D84E4841 CE94D992 2F383B63 A782E3AE 730C0D05 + 9D60B3ED 9A899D23 F4F741F5 B3CCAD4B CBABEDE8 F9151F0A 3917E943 DF117766 + 3EF0FB53 0D5402EC ED33225C C267C600 5E22DD5A 4D62D87B 84D58914 37FA19E6 + F25C4B0E E6A9A72D D82F58C3 3D9BA708 96F92047 443276F4 848F07CB 0275B5D7 + A3A9EA89 76E1C857 9C5C1FD6 C8AD6829 63A45513 4122EE6B 2DC85CDF 6DC4D8F4 + 9A649698 6E60811F 9935D7BD BFC23EAB 6B669C74 FE480A50 DEC87777 6EDF0E59 + D198B7DC 29ADEE47 F562740E 870D9503 36816813 48CACEA0 AB336A54 A25BA97F + A4631BDF 907B0213 DA1B804E 72F4FA8B AFA4F633 + quit +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +vlan configuration 101 + member evpn-instance 101 vni 10101 +vlan configuration 102 + member evpn-instance 102 vni 10102 +vlan configuration 901 + member vni 50901 +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + ip address 172.16.255.4 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback1 + ip address 172.16.254.4 255.255.255.255 + ip pim sparse-mode + ip ospf 1 area 0 +! +interface Port-channel12 + switchport access vlan 101 + switchport mode access + evpn ethernet-segment 1 +! +interface Port-channel14 + switchport trunk allowed vlan 101,102 + switchport mode trunk + evpn ethernet-segment 2 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet1/0/1 + no switchport + ip address 172.16.14.4 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/2 + no switchport + ip address 172.16.24.4 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/3 +! +interface GigabitEthernet1/0/4 +! +interface GigabitEthernet1/0/5 +! +interface GigabitEthernet1/0/6 +! +interface GigabitEthernet1/0/7 +! +interface GigabitEthernet1/0/8 +! +interface GigabitEthernet1/0/9 +! +interface GigabitEthernet1/0/10 + switchport mode trunk +! +interface GigabitEthernet1/0/11 +! +interface GigabitEthernet1/0/12 + switchport access vlan 101 + switchport mode access + channel-group 12 mode active +! +interface GigabitEthernet1/0/13 + switchport trunk allowed vlan 101,102 + switchport mode trunk + channel-group 14 mode active +! +interface GigabitEthernet1/0/14 + switchport trunk allowed vlan 101,102 + switchport mode trunk + channel-group 14 mode active +! +interface GigabitEthernet1/0/15 +! +interface GigabitEthernet1/0/16 +! +interface GigabitEthernet1/0/17 +! +interface GigabitEthernet1/0/18 +! +interface GigabitEthernet1/0/19 +! +interface GigabitEthernet1/0/20 +! +interface GigabitEthernet1/0/21 +! +interface GigabitEthernet1/0/22 +! +interface GigabitEthernet1/0/23 +! +interface GigabitEthernet1/0/24 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/1/1 +! +interface GigabitEthernet1/1/2 +! +interface GigabitEthernet1/1/3 +! +interface GigabitEthernet1/1/4 +! +interface AppGigabitEthernet1/0/1 +! +interface Vlan1 + no ip address +! +interface Vlan101 + vrf forwarding green + ip address 10.1.101.1 255.255.255.0 +! +interface Vlan102 + vrf forwarding green + ip address 10.1.102.1 255.255.255.0 +! +interface Vlan901 + vrf forwarding green + ip unnumbered Loopback1 + ipv6 enable + no autostate +! +interface nve1 + no ip address + source-interface Loopback1 + host-reachability protocol bgp + member vni 10101 mcast-group 225.0.0.101 + member vni 50901 vrf green + member vni 10102 ingress-replication +! +router ospf 1 + router-id 172.16.255.4 +! +router bgp 65001 + bgp log-neighbor-changes + no bgp default ipv4-unicast + neighbor 172.16.255.1 remote-as 65001 + neighbor 172.16.255.1 update-source Loopback0 + neighbor 172.16.255.2 remote-as 65001 + neighbor 172.16.255.2 update-source Loopback0 + ! + address-family ipv4 + exit-address-family + ! + address-family l2vpn evpn + neighbor 172.16.255.1 activate + neighbor 172.16.255.1 send-community both + neighbor 172.16.255.2 activate + neighbor 172.16.255.2 send-community both + exit-address-family + ! + address-family ipv4 vrf green + advertise l2vpn evpn + redistribute static + redistribute connected + exit-address-family +! +ip forward-protocol nd +ip http server +ip http authentication local +ip http secure-server +ip pim rp-address 172.16.255.255 +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end diff --git a/vxlan-lab5/leaf03.txt b/vxlan-lab5/leaf03.txt new file mode 100644 index 0000000..6046f59 --- /dev/null +++ b/vxlan-lab5/leaf03.txt @@ -0,0 +1,549 @@ +hostname Leaf-03 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +vrf definition green + rd 1:1 + ! + address-family ipv4 + route-target export 1:1 + route-target import 1:1 + route-target export 1:1 stitching + route-target import 1:1 stitching + exit-address-family + ! + address-family ipv6 + route-target export 1:1 + route-target import 1:1 + route-target export 1:1 stitching + route-target import 1:1 stitching + exit-address-family +! +no aaa new-model +switch 1 provision c9300l-24t-4g +switch 2 provision c9300l-24t-4g +! +! +! +! +ip routing +! +! +! +! +! +ip multicast-routing +! +! +! +login on-success log +! +! +! +! +! +! +! +l2vpn evpn + replication-type static + router-id Loopback1 + default-gateway advertise +! +l2vpn evpn instance 101 vlan-based + encapsulation vxlan + replication-type static +! +l2vpn evpn instance 102 vlan-based + encapsulation vxlan + replication-type ingress +! +! +crypto pki trustpoint TP-self-signed-1165940199 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-1165940199 + revocation-check none + rsakeypair TP-self-signed-1165940199 + hash sha512 +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +! +crypto pki certificate chain TP-self-signed-1165940199 + certificate self-signed 01 + 30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 31312F30 2D060355 04030C26 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 31313635 39343031 3939301E 170D3236 30363130 31323030 + 31305A17 0D333630 36303931 32303031 305A3031 312F302D 06035504 030C2649 + 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 31363539 + 34303139 39308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201 + 0A028201 0100BFED A9B16BF7 8EB63CA6 7C16F131 53AB77A6 E419BAFB 116A9319 + E03D77D4 C071ABBD F44C6249 93ACAAF0 48976F5B 1B8F03B0 ABDC9ED6 504644BF + 1F5E3603 2868B384 6AAD2757 3AF9C344 55775D9A 4B301D8D A7EB7E2F 4A85D8B5 + 8D39A506 60603F96 15EB419D 236B0877 1D1D0094 09C5A306 7702F9BB CA682072 + 6428E39D B6F946A6 05597FDA 44CF35FB 8152CCBA CCB9A493 766D5338 69E87038 + E823A301 74B6EE6A 90CC91BC F1D25EAA DACADFFF 4EDE3460 B891401D 085EB209 + BF9220AB DE0C6739 A2906A43 72EBE5D0 85FFA128 53D25903 80D1D63C 3F5FD86D + 48F7C064 D5C7087E 3FFD8D6C 6A522D58 E52F9E9D D4F0F055 B63A3727 F19003F6 + 58691FD7 FB670203 010001A3 53305130 1D060355 1D0E0416 0414B542 47476136 + 18061EFB 2A22F6AE 3E5FBC5F EB39301F 0603551D 23041830 168014B5 42474761 + 3618061E FB2A22F6 AE3E5FBC 5FEB3930 0F060355 1D130101 FF040530 030101FF + 300D0609 2A864886 F70D0101 0D050003 82010100 590CC34F 4F943E79 C73DD7FC + 0B04FFA3 4EAB60EA 2FCFC025 658E7E15 219D4095 80FB1728 511B4DF3 1697F42C + BA848247 E3C0761B 9C409EF9 8BE32F72 36AC8795 D693DDCB E663DA96 FF973CDE + 1E38E03F EF6A4704 9D08DDAD 261A5793 E78BFABD 8B5D2F8B E1EFFD35 FF231255 + E7497E8B 31FB7725 4A053DB5 918A68DF CEF70F05 B5A90DA5 FC3062E9 B4EF4E6D + F119F79E 380E26CE E26E197B 26294C23 EA783CC5 1D1AC6EA 801CA1CA CF4C62E1 + 30E2EA9C 2B03CB42 814625B4 D38547BB A6D967E4 8BA516A1 32DC84C0 FD4FF63C + 6F668633 DFDEC198 DA27C3AB D3869173 BC7A7134 E934DADE D41AD88B ADADC24F + A2A0BE37 0B14C122 BC64C74B 83B0E5C7 587E43BE + quit +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +vlan configuration 101 + member evpn-instance 101 vni 10101 +vlan configuration 102 + member evpn-instance 102 vni 10102 +vlan configuration 901 + member vni 50901 +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + ip address 172.16.255.5 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback1 + ip address 172.16.254.5 255.255.255.255 + ip pim sparse-mode + ip ospf 1 area 0 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet1/0/1 + no switchport + ip address 172.16.15.5 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/2 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/3 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/4 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/5 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/6 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/7 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/8 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/9 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/10 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/11 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/12 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/13 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/14 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/15 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/16 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/17 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/18 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/19 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/20 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/21 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/22 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/23 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/0/24 + switchport access vlan 101 + switchport mode access +! +interface GigabitEthernet1/1/1 +! +interface GigabitEthernet1/1/2 +! +interface GigabitEthernet1/1/3 +! +interface GigabitEthernet1/1/4 +! +interface AppGigabitEthernet1/0/1 +! +interface GigabitEthernet2/0/1 + no switchport + ip address 172.16.25.5 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet2/0/2 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/3 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/4 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/5 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/6 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/7 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/8 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/9 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/10 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/11 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/12 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/13 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/14 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/15 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/16 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/17 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/18 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/19 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/20 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/21 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/22 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/23 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/0/24 + switchport access vlan 102 + switchport mode access +! +interface GigabitEthernet2/1/1 +! +interface GigabitEthernet2/1/2 +! +interface GigabitEthernet2/1/3 +! +interface GigabitEthernet2/1/4 +! +interface AppGigabitEthernet2/0/1 +! +interface Vlan1 + no ip address +! +interface Vlan101 + vrf forwarding green + ip address 10.1.101.1 255.255.255.0 +! +interface Vlan102 + vrf forwarding green + ip address 10.1.102.1 255.255.255.0 +! +interface Vlan901 + vrf forwarding green + ip unnumbered Loopback1 + ipv6 enable + no autostate +! +interface nve1 + no ip address + source-interface Loopback1 + host-reachability protocol bgp + member vni 10101 mcast-group 225.0.0.101 + member vni 50901 vrf green + member vni 10102 ingress-replication +! +router ospf 1 + router-id 172.16.255.5 +! +router bgp 65001 + bgp log-neighbor-changes + no bgp default ipv4-unicast + neighbor 172.16.255.1 remote-as 65001 + neighbor 172.16.255.1 update-source Loopback0 + neighbor 172.16.255.2 remote-as 65001 + neighbor 172.16.255.2 update-source Loopback0 + ! + address-family ipv4 + redistribute static + redistribute connected + exit-address-family + ! + address-family l2vpn evpn + neighbor 172.16.255.1 activate + neighbor 172.16.255.1 send-community both + neighbor 172.16.255.2 activate + neighbor 172.16.255.2 send-community both + exit-address-family + ! + address-family ipv4 vrf green + advertise l2vpn evpn + redistribute static + redistribute connected + exit-address-family +! +ip forward-protocol nd +ip http server +ip http authentication local +ip http secure-server +ip pim rp-address 172.16.255.255 +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end \ No newline at end of file diff --git a/vxlan-lab5/server01.txt b/vxlan-lab5/server01.txt new file mode 100644 index 0000000..d87e402 --- /dev/null +++ b/vxlan-lab5/server01.txt @@ -0,0 +1,300 @@ +hostname Server-01 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +no aaa new-model +switch 1 provision c9300l-24p-4g +! +! +! +! +! +! +! +! +! +! +! +! +login on-success log +! +! +! +! +! +! +! +! +crypto pki trustpoint TP-self-signed-2947407253 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-2947407253 + revocation-check none + rsakeypair TP-self-signed-2947407253 + hash sha512 +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +! +crypto pki certificate chain TP-self-signed-2947407253 + certificate self-signed 01 + 30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 31312F30 2D060355 04030C26 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 32393437 34303732 3533301E 170D3236 30363130 30373537 + 34305A17 0D333630 36303930 37353734 305A3031 312F302D 06035504 030C2649 + 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 39343734 + 30373235 33308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201 + 0A028201 0100D73C 961D9195 D3943475 3D1021D5 5256D366 283AF7EA 7E29EDF7 + D436F20C 2540FD80 151BC2FF D73151B0 5BFEB37A 1BE4D77B 064DEE09 5755F88F + CEECF4B4 650429B9 584658ED 94B60905 3F149C23 BEF50154 40285A5C D299E976 + 260FDCC8 23A6E59F 15663A5A 5CFB84E2 9314243E 339BCF63 3D33F429 4F104A71 + DA40BFDD 5FDA6AFE 4A6795F5 C1044EBA 4A103859 619C5B42 8259B4C2 E14AD3DA + 11DD2F8B CC9FAF07 B034AC36 7B54FD31 098FB3B7 1EBFB9C1 D3F3A97D 3C2B9661 + 3E6D7523 0C0903D4 2D66ACD7 C1E59304 36E45B5D 0D4D1DD3 FA0A8FC5 9AE00618 + 6523D157 CD262001 0D180482 E4125F40 58741CDA 0C0BD373 4735365E 4E859EC2 + 18841214 7C7D0203 010001A3 53305130 1D060355 1D0E0416 041426FB E5DBB36E + EB590719 E507692E B3563C0F 0C60301F 0603551D 23041830 16801426 FBE5DBB3 + 6EEB5907 19E50769 2EB3563C 0F0C6030 0F060355 1D130101 FF040530 030101FF + 300D0609 2A864886 F70D0101 0D050003 82010100 34AF340D 9C10640F F7CD722C + 4F149DFF 30C38F3B B30ADF41 70248500 6E8024C0 0A9D1ACA B5F3CCE6 EA3C982D + DE4F1BEC 8E933EFA B15143B9 1E5502BE BE7B10B5 BDB57038 4AB184DD 0A55BA43 + 37FBB9C4 E1BFE983 960383BB 40F3906D 5C47E3EF BF9BDE3A 6B33C42B F290CF49 + 8E96CC07 A4AA1BD5 1EFD2579 3A195166 287E14B8 4979A3AF DC1718E6 1A820E75 + 1D1ECCC6 B53FBF9C E6589902 BB9021BD 2B387816 28202A9E F7784F8E 7E8E92BA + C0A9AB2C AAA8668C C6AEF3B8 41CBB3C0 A4165D11 B5C1A846 2EA25215 85306E99 + BAAC1EF5 54517D54 BB9EF942 9226C5CE 816801FD E5FCE9DE 5A4B795D 107E6521 + D87398DE EDCDDBD2 045AB631 3D37C325 0149EA49 + quit +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Port-channel10 + no switchport + ip address 10.1.101.100 255.255.255.0 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet1/0/1 + description vers Leaf-01 + no switchport + no ip address + channel-group 10 mode active +! +interface GigabitEthernet1/0/2 + description vers Leaf-02 + no switchport + no ip address + channel-group 10 mode active +! +interface GigabitEthernet1/0/3 +! +interface GigabitEthernet1/0/4 +! +interface GigabitEthernet1/0/5 +! +interface GigabitEthernet1/0/6 +! +interface GigabitEthernet1/0/7 +! +interface GigabitEthernet1/0/8 +! +interface GigabitEthernet1/0/9 +! +interface GigabitEthernet1/0/10 +! +interface GigabitEthernet1/0/11 +! +interface GigabitEthernet1/0/12 +! +interface GigabitEthernet1/0/13 +! +interface GigabitEthernet1/0/14 +! +interface GigabitEthernet1/0/15 +! +interface GigabitEthernet1/0/16 +! +interface GigabitEthernet1/0/17 +! +interface GigabitEthernet1/0/18 +! +interface GigabitEthernet1/0/19 +! +interface GigabitEthernet1/0/20 +! +interface GigabitEthernet1/0/21 +! +interface GigabitEthernet1/0/22 +! +interface GigabitEthernet1/0/23 +! +interface GigabitEthernet1/0/24 +! +interface GigabitEthernet1/1/1 +! +interface GigabitEthernet1/1/2 +! +interface GigabitEthernet1/1/3 +! +interface GigabitEthernet1/1/4 +! +interface AppGigabitEthernet1/0/1 +! +interface Vlan1 + no ip address +! +ip forward-protocol nd +ip http server +ip http authentication local +ip http secure-server +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end diff --git a/vxlan-lab5/spine01.txt b/vxlan-lab5/spine01.txt new file mode 100644 index 0000000..5a85afb --- /dev/null +++ b/vxlan-lab5/spine01.txt @@ -0,0 +1,360 @@ +hostname Spine-01 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +no aaa new-model +switch 2 provision c9300l-24p-4g +! +! +! +! +ip routing +! +! +! +! +! +ip multicast-routing +! +ip dhcp pool webuidhcp +! +! +! +login on-success log +ipv6 nd cache expire refresh +ipv6 unicast-routing +! +! +! +! +! +! +! +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +crypto pki trustpoint TP-self-signed-251052295 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-251052295 + revocation-check none + rsakeypair TP-self-signed-251052295 + hash sha512 +! +! +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +crypto pki certificate chain TP-self-signed-251052295 + certificate self-signed 01 + 3082032E 30820216 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 30312E30 2C060355 04030C25 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 32353130 35323239 35301E17 0D323630 36313030 37353733 + 315A170D 33363036 30393037 35373331 5A303031 2E302C06 03550403 0C25494F + 532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3235 31303532 + 32393530 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 82010A02 + 82010100 D89BCFBD 5397ED82 DFCE3396 1664243E F8B16D1A EF4EA9FC 89661810 + B86A1333 F49417A6 D2321D74 E43423FC 99CB1A86 704E5FC1 1F26C7E7 DCDBD99F + D85630C3 59237E9C 9A988DE5 15500356 0FB10E0F 3E8B1401 7C8E06A8 E3493E22 + 93AC7E5D 52433498 490F20EE C966121A 0FFDC547 E9C664D1 766EDF3D 13081CEC + AB2B202C 5FF1BB61 B98593BE 3700930E AF220152 F6BF1D1A 38B9CDC0 CB31C119 + 2E09E5F3 4CA6F02A 1FF916FC 4627CCB9 C32D8573 B69AF79B 699E91F3 0C79FECA + 0DF90FF0 F8B005FA 63DF5302 64C3A1AE 6FD8C78E FE976E0C D03E9139 6B933048 + 13049514 105B1995 1267D0DC 3DA4CCBD 31703F2F 6914C8F3 7B1DB726 A2B07631 + 2180D6F7 02030100 01A35330 51301D06 03551D0E 04160414 147899D8 5CAC32ED + 34315AED 87E8EFCA 2FEC840F 301F0603 551D2304 18301680 14147899 D85CAC32 + ED34315A ED87E8EF CA2FEC84 0F300F06 03551D13 0101FF04 05300301 01FF300D + 06092A86 4886F70D 01010D05 00038201 0100AAA6 FE2EC09B F9769A5C C0DAAE85 + 8D02A258 AB7E4510 807F9FEF 10FE774B 7B0F3EFE 117F850F 833B49B6 C20781B0 + D89F5F9E FDEB06B1 74889F5E 5D2E9EEB 2ECDE82E 58EDA905 AD6D7313 66519DC7 + 6702F569 DDEAE0E6 24C302AF F784DFA3 F3FA0512 DD416C13 8AFC7D09 6EAE05E3 + 5E067BD9 3CC56564 3B92D3C1 1E4BC00C FD3C03A1 0E37A034 1C378323 4080AE0D + AAEB2A55 632CF3C0 35ACBDB4 F118B9FE 53C9D86A 2713FD54 C1ADA68B 043EC657 + 3CE61F31 61FEC1B9 75DCD39B 75E97238 A1CF89E0 47B037C1 8A886AD3 0F3D35DF + 1822F3A2 1AD01417 77D4D683 274034B9 9721C84B A9203A29 06F916BF BEBEB112 + F43BAFEB EC57AECF 57C0AED5 88A8DE69 F5A4 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + ip address 172.16.255.1 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback1 + ip address 172.16.254.1 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback2 + ip address 172.16.255.255 255.255.255.255 + ip pim sparse-mode + ip ospf 1 area 0 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet2/0/1 + no switchport + ip address 172.16.13.1 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet2/0/2 + no switchport + ip address 172.16.14.1 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet2/0/3 + no switchport + ip address 172.16.15.1 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet2/0/4 +! +interface GigabitEthernet2/0/5 +! +interface GigabitEthernet2/0/6 +! +interface GigabitEthernet2/0/7 +! +interface GigabitEthernet2/0/8 +! +interface GigabitEthernet2/0/9 +! +interface GigabitEthernet2/0/10 +! +interface GigabitEthernet2/0/11 +! +interface GigabitEthernet2/0/12 +! +interface GigabitEthernet2/0/13 +! +interface GigabitEthernet2/0/14 +! +interface GigabitEthernet2/0/15 +! +interface GigabitEthernet2/0/16 +! +interface GigabitEthernet2/0/17 +! +interface GigabitEthernet2/0/18 +! +interface GigabitEthernet2/0/19 +! +interface GigabitEthernet2/0/20 +! +interface GigabitEthernet2/0/21 +! +interface GigabitEthernet2/0/22 +! +interface GigabitEthernet2/0/23 +! +interface GigabitEthernet2/0/24 +! +interface GigabitEthernet2/1/1 +! +interface GigabitEthernet2/1/2 +! +interface GigabitEthernet2/1/3 +! +interface GigabitEthernet2/1/4 +! +interface AppGigabitEthernet2/0/1 +! +interface Vlan1 + no ip address + shutdown +! +router ospf 1 + router-id 172.16.255.1 +! +router bgp 65001 + template peer-policy RR-PP + route-reflector-client + send-community both + exit-peer-policy + ! + template peer-session RR-PS + remote-as 65001 + update-source Loopback0 + exit-peer-session + ! + bgp router-id 172.16.255.1 + bgp log-neighbor-changes + no bgp default ipv4-unicast + neighbor 172.16.255.3 inherit peer-session RR-PS + neighbor 172.16.255.4 inherit peer-session RR-PS + neighbor 172.16.255.5 inherit peer-session RR-PS + ! + address-family ipv4 + exit-address-family + ! + address-family l2vpn evpn + neighbor 172.16.255.3 activate + neighbor 172.16.255.3 send-community both + neighbor 172.16.255.3 inherit peer-policy RR-PP + neighbor 172.16.255.4 activate + neighbor 172.16.255.4 send-community both + neighbor 172.16.255.4 inherit peer-policy RR-PP + neighbor 172.16.255.5 activate + neighbor 172.16.255.5 send-community both + neighbor 172.16.255.5 inherit peer-policy RR-PP + exit-address-family +! +ip forward-protocol nd +ip http server +ip http secure-server +ip pim rp-address 172.16.255.255 +ip msdp peer 172.16.254.2 connect-source Loopback1 remote-as 65001 +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end \ No newline at end of file diff --git a/vxlan-lab5/spine02.txt b/vxlan-lab5/spine02.txt new file mode 100644 index 0000000..7082fee --- /dev/null +++ b/vxlan-lab5/spine02.txt @@ -0,0 +1,356 @@ +hostname Spine-02 +! +! +vrf definition Mgmt-vrf + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +no aaa new-model +switch 1 provision c9300l-24p-4g +! +! +! +! +ip routing +! +! +! +! +! +ip multicast-routing +! +! +! +login on-success log +! +! +! +! +! +! +! +! +crypto pki trustpoint TP-self-signed-430895953 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-430895953 + revocation-check none + rsakeypair TP-self-signed-430895953 + hash sha512 +! +crypto pki trustpoint SLA-TrustPoint + enrollment pkcs12 + revocation-check crl + hash sha512 +! +! +crypto pki certificate chain TP-self-signed-430895953 + certificate self-signed 01 + 3082032E 30820216 A0030201 02020101 300D0609 2A864886 F70D0101 0D050030 + 30312E30 2C060355 04030C25 494F532D 53656C66 2D536967 6E65642D 43657274 + 69666963 6174652D 34333038 39353935 33301E17 0D323630 36313030 37353931 + 315A170D 33363036 30393037 35393131 5A303031 2E302C06 03550403 0C25494F + 532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3433 30383935 + 39353330 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 82010A02 + 82010100 A71865B6 6C5F0B06 665FCD05 19C66FF3 4D4B9157 EF422949 A4ACD2F2 + ACF5AA84 6B593191 FF34BB5C 2A1F3064 DCF41C32 A8EA567D C7B1400B A9CD2CC6 + 55F61D16 792E6552 31D4B438 137EC154 47503D71 FDB8A4A7 71B3FE2A B36FF58C + F5356063 942A2DBC 99F20FC0 ABE7C186 940AF2A2 E94A30CF 7D6AA5D7 4A9C93BB + 99A5779B A179C130 8839473E 04679619 897E139A 3B883DF0 484060CD 703D25A2 + 01153890 F65AE584 6C403826 7DDD0C8C B76D6690 D7FACB49 89B2CB22 619B1F18 + 3C090DAF 47443412 63FC7B3B DEDED46B 4B19BB16 6C2EA229 1946B513 813645F8 + D029F8B4 878F3581 30A3D42A 37BE3C82 835EDC01 A4D028BC 76F777EC CE9440F2 + 26037F3F 02030100 01A35330 51301D06 03551D0E 04160414 77E8D640 80AF8B64 + B2AFF1D6 AED32E71 F70417EA 301F0603 551D2304 18301680 1477E8D6 4080AF8B + 64B2AFF1 D6AED32E 71F70417 EA300F06 03551D13 0101FF04 05300301 01FF300D + 06092A86 4886F70D 01010D05 00038201 0100177A 72BD66A9 0BFFDBC2 B79A5E60 + 0D47EBD5 A52A2A4F 6CB07B34 55D37A8F 9DE892FB 8AEAD5BF 5D0766DD BC51BD4A + 5D64DCDA 493D2D2E BB01BAC4 6D4AE47E FE0F0DDD 0628328B 9FAB4001 721E4F9A + CF4396D2 AA70CBCA E071F9AF C8248307 D75DABFA A9302E78 7D2AC3FF 2A62FAA7 + E7AE7A15 EAFE2A27 36BE73BF C9B25B68 FE9A3837 715BD0F2 55B3FEBF 02EEAECC + 469280FE B46A8105 C3D36F72 E18F6AC2 B3A62DA1 DE7A80B9 0E382EE0 6DD0315D + 1E4D6120 386CB1E9 48301645 7A8F14F9 3CA2B26F 98C9E634 AB9E0E8A 863B8D1E + B64A5817 C92BEEDA 4086C3F7 81EA3F30 DA66BADA 8A16810F EAC7B4C4 6DF5420A + 4733CCA2 A71746B9 E7762CF6 51C90F36 3E58 + quit +crypto pki certificate chain SLA-TrustPoint + certificate ca 01 + 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 + 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 + 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 + 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 + 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 + 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 + 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D + CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 + 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE + 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC + 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 + 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 + C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 + C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 + DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 + 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 + 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 + 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 + 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B + D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 + 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C + 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B + 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 + 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB + 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 + D697DF7F 28 + quit +! +! +license boot level network-advantage addon dna-advantage +memory free low-watermark processor 104985 +! +diagnostic bootup level minimal +! +spanning-tree mode rapid-pvst +spanning-tree extend system-id +! +! +! +! +redundancy + mode sso +crypto engine compliance shield disable +! +! +! +! +! +transceiver type all + monitoring +! +! +class-map match-any system-cpp-police-ewlc-control + description EWLC Control +class-map match-any system-cpp-police-topology-control + description Topology control +class-map match-any system-cpp-police-sw-forward + description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic +class-map match-any system-cpp-default + description EWLC Data, Inter FED Traffic +class-map match-any system-cpp-police-sys-data + description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed +class-map match-any system-cpp-police-punt-webauth + description Punt Webauth +class-map match-any system-cpp-police-l2lvx-control + description L2 LVX control packets +class-map match-any system-cpp-police-forus + description Forus traffic +class-map match-any system-cpp-police-multicast-end-station + description MCAST END STATION +class-map match-any system-cpp-police-forus-addr-resolution + description Forus address resolution +class-map match-any system-cpp-police-high-rate-app + description High Rate Applications +class-map match-any system-cpp-police-multicast + description MCAST Data +class-map match-any system-cpp-police-meraki-next-tunnel + description Meraki Next tunnel +class-map match-any system-cpp-police-l2-control + description L2 control +class-map match-any system-cpp-police-dot1x-auth + description DOT1X Auth +class-map match-any system-cpp-police-data + description ICMP redirect, ICMP_GEN and BROADCAST +class-map match-any system-cpp-police-stackwise-virt-control + description Stackwise Virtual OOB +class-map match-any non-client-nrt-class +class-map match-any system-cpp-police-routing-control + description Routing control and Low Latency +class-map match-any system-cpp-police-protocol-snooping + description Protocol snooping +class-map match-any system-cpp-police-dhcp-snooping + description DHCP snooping +class-map match-any system-cpp-police-ios-routing + description L2 control, Topology control, Routing control, Low Latency +class-map match-any system-cpp-police-system-critical + description System Critical and Gold Pkt +class-map match-any system-cpp-police-ios-feature + description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed +! +policy-map system-cpp-policy +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + ip address 172.16.255.2 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback1 + ip address 172.16.254.2 255.255.255.255 + ip ospf 1 area 0 +! +interface Loopback2 + ip address 172.16.255.255 255.255.255.255 + ip pim sparse-mode + ip ospf 1 area 0 +! +interface GigabitEthernet0/0 + vrf forwarding Mgmt-vrf + no ip address + shutdown + negotiation auto +! +interface GigabitEthernet1/0/1 + no switchport + ip address 172.16.23.2 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/2 + no switchport + ip address 172.16.24.2 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/3 + no switchport + ip address 172.16.25.2 255.255.255.0 + ip pim sparse-mode + ip ospf network point-to-point + ip ospf 1 area 0 +! +interface GigabitEthernet1/0/4 +! +interface GigabitEthernet1/0/5 +! +interface GigabitEthernet1/0/6 +! +interface GigabitEthernet1/0/7 +! +interface GigabitEthernet1/0/8 +! +interface GigabitEthernet1/0/9 +! +interface GigabitEthernet1/0/10 +! +interface GigabitEthernet1/0/11 +! +interface GigabitEthernet1/0/12 +! +interface GigabitEthernet1/0/13 +! +interface GigabitEthernet1/0/14 +! +interface GigabitEthernet1/0/15 +! +interface GigabitEthernet1/0/16 +! +interface GigabitEthernet1/0/17 +! +interface GigabitEthernet1/0/18 +! +interface GigabitEthernet1/0/19 +! +interface GigabitEthernet1/0/20 +! +interface GigabitEthernet1/0/21 +! +interface GigabitEthernet1/0/22 +! +interface GigabitEthernet1/0/23 +! +interface GigabitEthernet1/0/24 +! +interface GigabitEthernet1/1/1 +! +interface GigabitEthernet1/1/2 +! +interface GigabitEthernet1/1/3 +! +interface GigabitEthernet1/1/4 +! +interface AppGigabitEthernet1/0/1 +! +interface Vlan1 + no ip address +! +router ospf 1 + router-id 172.16.255.2 +! +router bgp 65001 + template peer-policy RR-PP + route-reflector-client + send-community both + exit-peer-policy + ! + template peer-session RR-PS + remote-as 65001 + update-source Loopback0 + exit-peer-session + ! + bgp router-id 172.16.255.2 + bgp log-neighbor-changes + no bgp default ipv4-unicast + neighbor 172.16.255.3 inherit peer-session RR-PS + neighbor 172.16.255.4 inherit peer-session RR-PS + neighbor 172.16.255.5 inherit peer-session RR-PS + ! + address-family ipv4 + exit-address-family + ! + address-family l2vpn evpn + neighbor 172.16.255.3 activate + neighbor 172.16.255.3 send-community both + neighbor 172.16.255.3 inherit peer-policy RR-PP + neighbor 172.16.255.4 activate + neighbor 172.16.255.4 send-community both + neighbor 172.16.255.4 inherit peer-policy RR-PP + neighbor 172.16.255.5 activate + neighbor 172.16.255.5 send-community both + neighbor 172.16.255.5 inherit peer-policy RR-PP + exit-address-family +! +ip forward-protocol nd +ip http server +ip http authentication local +ip http secure-server +ip pim rp-address 172.16.255.255 +ip msdp peer 172.16.254.1 connect-source Loopback1 remote-as 65001 +ip ssh bulk-mode 131072 +! +! +! +! +control-plane + service-policy input system-cpp-policy +! +! +! +line con 0 + stopbits 1 +line vty 0 4 + login + transport input ssh +line vty 5 31 + login + transport input ssh +! +! +! +! +! +! +! +end \ No newline at end of file