Service Provider meets Segment Routing...
This repository covers demo of Service Provider multi-vendor network running Segment Routing with various services on top.
... and OpenConfig
Whenever possible OpenConfig YANG modules are used to unify the configuration of Service Provider Fabric. Where it isn't possible (where OpenConfig YANG modules aren't created or not implemented by particular vendor), either vendor-native YANG modules or CLI-based Ansible playbooks are used.
Currently used network operation systems
- Arist EOS 184.108.40.206F
- Cisco IOS XR 6.5.1
- Nokia SR OS 16.0.R5
- Cumulus Linux 3.7.1
- IP VPN for IPV4 and IPV6 between all 3 PE
- EVPN (E-LAN fashion) between all 3 PE
InfluxData TICK (Telegraf and InfluxDB) + Grafana:
- Telegraf is using to collect data over SNMPv3 over IPv6 and store it in InfluxDB
- Another Telegraf insance collects syslog information on UDP port 6514 in RFC5424 format and stores it into another database in InfluxDB
- Grafana polls data out of InfluxDB to build graphs of interfaces' utilization and syslogs information
This repositry is currently being developed, so expect the changes and pull the repository to get the latest version
- Add automation for EVPNoSR services
- Add SR policies (static and dynamic using BGP-SR-TE)
- Add automatic chose of connection method use by device depending on its capabilities (CLI, NETCONF/YANG(native), NETCONF/YANG(OpenConfig))
- Add GRT routing service (BGP-LU for IPv4/IPv6) for Internet traffic
The current version of the repository is
- Initial topology is created.
- IP VPN is deployed.
- Previous files are stored in
backupfolder in proper version.
- Underlay topology is updated. It starts with
- New overlay topology for EVPN (E-LAN) is created. It starts with
evpn_elan_prefix and located within
- Initial configuration files are updated. Now all of them start with
- New final configuration files for EVPN (E-LAN) are created. Their names start with
- Added folder
ansiblewith automation of Service Provider Fabric configuration. More details in
- Initial configuration files are updated to anticipate minimal requirements for automation.
- Underlay topology file
topology/sp_underlay.txtis updated with link prefixes for IPv4 and IPv6.
- Currently only underlay IGP (ISIS) and MPLS data plane (Segment Routing) is automated.
- New file with OOB topology is assed in
- Added LLDP configuration for
underlay_mplsrole. It's configured automatically on all Ethernet interfaces.
- Added BGP configuration for
underla_bgprole to finalize creation of Service Provider Fabric. More details in
- Some changes in tasks structure in
underlay_mplsrole to unify and simplify the configuration and provide possibility to extend for new vendors.
- Added YANG tool
yang_extractor_config.ymlto obtain the configuration/states in particular YANG module from network function. More details in
- New overlay topology for IP VPN (IPv4 and IPv6) is created. It starts with
ip_vpn_prefixi and located within
- Files for EVPN (E-LAN) toplogies are slightly modified.
- Varios updated in
README.mdfiles across sub-folders.
- Underlay topology
sp_underlay.txtis updated with the metic values of the interfaces.
- Template for configuration of Nokia for
underlay_mplsroles is updated to include metric values.
underlay_mpls/tasksis updated to apply via
eos_configon Arista EOS network functions configuration commands not available in OpenConfig YANG modules.
- Configuration of Nokia SR OS for
underlay_mplsrole is converted to NETCONF/YANG using Nokia native YANG modules.
- Configuration of Nokia SR OS for
underlay_bgprole is converted to NETCONF/YANG using Nokia native YANG modules.
- Automation for IP VPN service creation based on IETF L3VPN SVC (RFC 8299) is added. Check
ansible\README.mdfor details how to launch.
- IETF L3VPN SVC service reqest is located in
ansible\varsfolder and starts with
- Information about default route target and route distinguishers range allocated for automated services is stored in
ansible\files\ietffolders there are all IETF YANG models including L3VPN and L2VPN SVC clonned from official GitHub of Yang.
- To role
underlay_bgpadded configuration of default route policy (action: accept_route) to be used later for customer route fileting.
- Added customer provisioning for IP VPN using
- Added automated configuration of SNMP version 3. More details in
- Management IP addresses are changed to IPv6, so from now on the communication between management host and all VNFs is over IPv6.
hostswith actual state of project's
/etc/hostsis added to
- Added monitoring using InfluxData TICK and Grafana. Automated installation and operation over
management_cloud.ymlplaybook. More details in
- OOB topology
topology/oob_management.txtis updated with containers' network (Docker bridge).
- Mapping of IP to VNF hostname for OOB is stored in
- Added ansible role to update
/etc/hostswith proper OOB IPv6 addresses of network VNFs. More details in
topology/monitoring_architecture.txtscheme with explanation how the Service Provider Fabric is monitored.
- Added automated generation of self-signed certificate on InfluxDB.
- Communication between Telegraf and InfluxDB is moved to HTTPS.
- Communication between Grafana and InfluxDB is moved to HTTPS.
- Communication between Grafana and user is moved to HTTPS.
- Automatical linking of IP addresses between containers.
- Rebuild the role of
telegraf_syslogcontainer, which collects the syslog information. BTW, the current limitation that it supports only RFC 5424 format, whereas Cisco, Arista and Nokia send the info in RFC 3164 format, what isn't yet compatible.