From 247ff8517216f16e0f7aaaee57c9b6c8b97e5019 Mon Sep 17 00:00:00 2001
From: networkop <mmkashin@gmail.com>
Date: Thu, 8 Jul 2021 22:00:00 +0100
Subject: [PATCH 1/7] mh lab 1st try

---
 lab-examples/cvx04/README.md                  |   4 +
 lab-examples/cvx04/border01/etc/frr/daemons   |  86 +++++++++
 lab-examples/cvx04/border01/etc/frr/frr.conf  |  93 ++++++++++
 .../cvx04/border01/etc/network/interfaces     | 125 +++++++++++++
 lab-examples/cvx04/border02/etc/frr/daemons   |  86 +++++++++
 lab-examples/cvx04/border02/etc/frr/frr.conf  |  93 ++++++++++
 .../cvx04/border02/etc/network/interfaces     | 125 +++++++++++++
 lab-examples/cvx04/leaf01/etc/frr/daemons     |  86 +++++++++
 lab-examples/cvx04/leaf01/etc/frr/frr.conf    |  97 ++++++++++
 .../cvx04/leaf01/etc/network/interfaces       | 171 ++++++++++++++++++
 lab-examples/cvx04/leaf02/etc/frr/daemons     |  86 +++++++++
 lab-examples/cvx04/leaf02/etc/frr/frr.conf    |  97 ++++++++++
 .../cvx04/leaf02/etc/network/interfaces       | 171 ++++++++++++++++++
 lab-examples/cvx04/leaf03/etc/frr/daemons     |  86 +++++++++
 lab-examples/cvx04/leaf03/etc/frr/frr.conf    |  97 ++++++++++
 .../cvx04/leaf03/etc/network/interfaces       | 171 ++++++++++++++++++
 lab-examples/cvx04/leaf04/etc/frr/daemons     |  86 +++++++++
 lab-examples/cvx04/leaf04/etc/frr/frr.conf    |  97 ++++++++++
 .../cvx04/leaf04/etc/network/interfaces       | 171 ++++++++++++++++++
 .../cvx04/server01/etc/network/interfaces     |  31 ++++
 .../cvx04/server02/etc/network/interfaces     |  31 ++++
 .../cvx04/server03/etc/network/interfaces     |  31 ++++
 .../cvx04/server04/etc/network/interfaces     |  31 ++++
 .../cvx04/server05/etc/network/interfaces     |  31 ++++
 .../cvx04/server06/etc/network/interfaces     |  31 ++++
 lab-examples/cvx04/spine01/etc/frr/daemons    |  86 +++++++++
 lab-examples/cvx04/spine01/etc/frr/frr.conf   |  54 ++++++
 .../cvx04/spine01/etc/network/interfaces      |  39 ++++
 lab-examples/cvx04/spine02/etc/frr/daemons    |  86 +++++++++
 lab-examples/cvx04/spine02/etc/frr/frr.conf   |  54 ++++++
 .../cvx04/spine02/etc/network/interfaces      |  39 ++++
 lab-examples/cvx04/symm-mh.yml                | 141 +++++++++++++++
 32 files changed, 2713 insertions(+)
 create mode 100644 lab-examples/cvx04/README.md
 create mode 100755 lab-examples/cvx04/border01/etc/frr/daemons
 create mode 100755 lab-examples/cvx04/border01/etc/frr/frr.conf
 create mode 100755 lab-examples/cvx04/border01/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/border02/etc/frr/daemons
 create mode 100755 lab-examples/cvx04/border02/etc/frr/frr.conf
 create mode 100755 lab-examples/cvx04/border02/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/leaf01/etc/frr/daemons
 create mode 100755 lab-examples/cvx04/leaf01/etc/frr/frr.conf
 create mode 100755 lab-examples/cvx04/leaf01/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/leaf02/etc/frr/daemons
 create mode 100755 lab-examples/cvx04/leaf02/etc/frr/frr.conf
 create mode 100755 lab-examples/cvx04/leaf02/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/leaf03/etc/frr/daemons
 create mode 100755 lab-examples/cvx04/leaf03/etc/frr/frr.conf
 create mode 100755 lab-examples/cvx04/leaf03/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/leaf04/etc/frr/daemons
 create mode 100755 lab-examples/cvx04/leaf04/etc/frr/frr.conf
 create mode 100755 lab-examples/cvx04/leaf04/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/server01/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/server02/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/server03/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/server04/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/server05/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/server06/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/spine01/etc/frr/daemons
 create mode 100755 lab-examples/cvx04/spine01/etc/frr/frr.conf
 create mode 100755 lab-examples/cvx04/spine01/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/spine02/etc/frr/daemons
 create mode 100755 lab-examples/cvx04/spine02/etc/frr/frr.conf
 create mode 100755 lab-examples/cvx04/spine02/etc/network/interfaces
 create mode 100644 lab-examples/cvx04/symm-mh.yml

diff --git a/lab-examples/cvx04/README.md b/lab-examples/cvx04/README.md
new file mode 100644
index 000000000..90d1afcf0
--- /dev/null
+++ b/lab-examples/cvx04/README.md
@@ -0,0 +1,4 @@
+[Cumulus In The Cloud](https://www.nvidia.com/en-gb/networking/network-simulation/)
+
+`symm-mh` is symmetric EVPN with multi-homing and PIM-SM replication
+
diff --git a/lab-examples/cvx04/border01/etc/frr/daemons b/lab-examples/cvx04/border01/etc/frr/daemons
new file mode 100755
index 000000000..8b9ff81c8
--- /dev/null
+++ b/lab-examples/cvx04/border01/etc/frr/daemons
@@ -0,0 +1,86 @@
+# Ansible Managed File
+# This file tells the frr package which daemons to start.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/frr/examples/.
+#
+# ATTENTION:
+#
+# When activating a daemon for the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "frr", else
+# the daemon will not be started by /etc/init.d/frr. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
+#
+# The watchfrr, zebra and staticd daemons are always started.
+#
+bgpd=yes
+pimd=yes
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+ldpd=no
+nhrpd=no
+eigrpd=no
+babeld=no
+sharpd=no
+pbrd=no
+bfdd=no
+fabricd=no
+vrrpd=no
+
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+ospfd_options="  -A 127.0.0.1"
+ospf6d_options=" -A ::1"
+ripd_options="   -A 127.0.0.1"
+ripngd_options=" -A ::1"
+isisd_options="  -A 127.0.0.1"
+pimd_options="   -A 127.0.0.1"
+ldpd_options="   -A 127.0.0.1"
+nhrpd_options="  -A 127.0.0.1"
+eigrpd_options=" -A 127.0.0.1"
+babeld_options=" -A 127.0.0.1"
+sharpd_options=" -A 127.0.0.1"
+pbrd_options="   -A 127.0.0.1"
+staticd_options="-A 127.0.0.1"
+bfdd_options="   -A 127.0.0.1"
+fabricd_options="-A 127.0.0.1"
+vrrpd_options="  -A 127.0.0.1"
+
+# configuration profile
+#
+#frr_profile="traditional"
+#frr_profile="datacenter"
+
+#
+# This is the maximum number of FD's that will be available.
+# Upon startup this is read by the control files and ulimit
+# is called.  Uncomment and use a reasonable value for your
+# setup if you are expecting a large number of peers in
+# say BGP.
+#MAX_FDS=1024
+
+# The list of daemons to watch is automatically generated by the init script.
+#watchfrr_options=""
+
+# To make watchfrr create/join the specified netns, use the following option:
+#watchfrr_options="--netns"
+# This only has an effect in /etc/frr/<somename>/daemons, and you need to
+# start FRR with "/usr/lib/frr/frrinit.sh start <somename>".
+
+# for debugging purposes, you can specify a "wrap" command to start instead
+# of starting the daemon directly, e.g. to use valgrind on ospfd:
+#   ospfd_wrap="/usr/bin/valgrind"
+# or you can use "all_wrap" for all daemons, e.g. to use perf record:
+#   all_wrap="/usr/bin/perf record --call-graph -"
+# the normal daemon command is added to this at the end.
diff --git a/lab-examples/cvx04/border01/etc/frr/frr.conf b/lab-examples/cvx04/border01/etc/frr/frr.conf
new file mode 100755
index 000000000..d3ab7ba59
--- /dev/null
+++ b/lab-examples/cvx04/border01/etc/frr/frr.conf
@@ -0,0 +1,93 @@
+# Ansible Managed File
+frr defaults datacenter
+hostname border01
+log syslog informational
+zebra nexthop proto only
+service integrated-vtysh-config
+!
+ip pim rp 10.10.100.100 239.1.1.0/24
+ip pim ecmp
+ip pim keep-alive-timer 3600
+ip msdp mesh-group rpmesh source 10.10.10.63
+ip msdp mesh-group rpmesh member 10.10.10.64
+interface lo
+  ip igmp
+  ip pim
+  ip pim use-source 10.10.10.63
+interface swp51
+  evpn mh uplink
+  ip pim
+interface swp52
+  evpn mh uplink
+  ip pim
+interface swp53
+  evpn mh uplink
+  ip pim
+interface swp54
+  evpn mh uplink
+  ip pim
+interface bond1
+  evpn mh es-df-pref 50000
+  evpn mh es-id 1
+  evpn mh es-sys-mac 44:38:39:BE:EF:FF
+
+vrf mgmt
+ ip route 0.0.0.0/0 192.168.200.1
+ exit-vrf
+!
+vrf RED
+ vni 4001
+ ip route 10.1.30.0/24 10.1.101.4
+ exit-vrf
+!
+vrf BLUE
+ vni 4002
+ ip route 10.1.10.0/24 10.1.102.4
+ ip route 10.1.20.0/24 10.1.102.4
+ exit-vrf
+!
+!
+router bgp 65163
+ bgp router-id 10.10.10.63
+ neighbor underlay peer-group
+ neighbor underlay remote-as external
+ neighbor swp51 interface peer-group underlay
+ neighbor swp52 interface peer-group underlay
+ neighbor swp53 interface peer-group underlay
+ neighbor swp54 interface peer-group underlay
+ !
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  neighbor underlay activate
+  advertise-all-vni
+ exit-address-family
+!
+router bgp 65163 vrf RED
+ bgp router-id 10.10.10.63
+ !
+ address-family ipv4 unicast
+  redistribute static
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+router bgp 65163 vrf BLUE
+ bgp router-id 10.10.10.63
+ !
+ address-family ipv4 unicast
+  redistribute static
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+!
+line vty
+!
diff --git a/lab-examples/cvx04/border01/etc/network/interfaces b/lab-examples/cvx04/border01/etc/network/interfaces
new file mode 100755
index 000000000..691dec2de
--- /dev/null
+++ b/lab-examples/cvx04/border01/etc/network/interfaces
@@ -0,0 +1,125 @@
+# Ansible Managed File
+auto lo
+iface lo inet loopback
+    address 10.10.10.63/32
+    address 10.10.100.100/32
+    vxlan-local-tunnelip 10.10.10.63
+
+auto eth0
+iface eth0 inet dhcp
+    vrf mgmt
+
+auto mgmt
+iface mgmt
+  vrf-table auto
+  address 127.0.0.1/8
+  address ::1/128
+
+auto RED
+iface RED
+  vrf-table auto
+
+auto BLUE
+iface BLUE
+  vrf-table auto
+
+auto bridge
+iface bridge
+    bridge-ports vni101 vni102 vniRED vniBLUE bond1 
+    bridge-vids 101 102  
+    bridge-vlan-aware yes
+
+auto vni101
+iface vni101
+    bridge-access 101
+    vxlan-id 101
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+    vxlan-mcastgrp 239.1.1.101
+
+auto vni102
+iface vni102
+    bridge-access 102
+    vxlan-id 102
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+    vxlan-mcastgrp 239.1.1.102
+
+auto vniRED
+iface vniRED
+    bridge-access 4001
+    vxlan-id 4001
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vniBLUE
+iface vniBLUE
+    bridge-access 4002
+    vxlan-id 4002
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vlan101
+iface vlan101
+    address 10.1.101.64/24
+    address-virtual 00:00:00:00:00:01 10.1.101.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 101
+
+auto vlan102
+iface vlan102
+    address 10.1.102.64/24
+    address-virtual 00:00:00:00:00:02 10.1.102.1/24
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 102
+
+auto vlan4001
+iface vlan4001
+    hwaddress 44:38:39:BE:EF:FF
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 4001
+
+auto vlan4002
+iface vlan4002
+    hwaddress 44:38:39:BE:EF:FF
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 4002
+
+auto swp51
+iface swp51
+    alias to spine
+
+auto swp52
+iface swp52
+    alias to spine
+
+auto swp53
+iface swp53
+    alias to spine
+
+auto swp54
+iface swp54
+    alias to spine
+
+auto swp3
+iface swp3
+    alias bond member of bond1
+auto bond1
+iface bond1
+    bond-slaves swp3 
+    es-sys-mac 44:38:39:BE:EF:FF
+    bridge-vids 101 102
+    mtu 9000
+
diff --git a/lab-examples/cvx04/border02/etc/frr/daemons b/lab-examples/cvx04/border02/etc/frr/daemons
new file mode 100755
index 000000000..8b9ff81c8
--- /dev/null
+++ b/lab-examples/cvx04/border02/etc/frr/daemons
@@ -0,0 +1,86 @@
+# Ansible Managed File
+# This file tells the frr package which daemons to start.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/frr/examples/.
+#
+# ATTENTION:
+#
+# When activating a daemon for the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "frr", else
+# the daemon will not be started by /etc/init.d/frr. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
+#
+# The watchfrr, zebra and staticd daemons are always started.
+#
+bgpd=yes
+pimd=yes
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+ldpd=no
+nhrpd=no
+eigrpd=no
+babeld=no
+sharpd=no
+pbrd=no
+bfdd=no
+fabricd=no
+vrrpd=no
+
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+ospfd_options="  -A 127.0.0.1"
+ospf6d_options=" -A ::1"
+ripd_options="   -A 127.0.0.1"
+ripngd_options=" -A ::1"
+isisd_options="  -A 127.0.0.1"
+pimd_options="   -A 127.0.0.1"
+ldpd_options="   -A 127.0.0.1"
+nhrpd_options="  -A 127.0.0.1"
+eigrpd_options=" -A 127.0.0.1"
+babeld_options=" -A 127.0.0.1"
+sharpd_options=" -A 127.0.0.1"
+pbrd_options="   -A 127.0.0.1"
+staticd_options="-A 127.0.0.1"
+bfdd_options="   -A 127.0.0.1"
+fabricd_options="-A 127.0.0.1"
+vrrpd_options="  -A 127.0.0.1"
+
+# configuration profile
+#
+#frr_profile="traditional"
+#frr_profile="datacenter"
+
+#
+# This is the maximum number of FD's that will be available.
+# Upon startup this is read by the control files and ulimit
+# is called.  Uncomment and use a reasonable value for your
+# setup if you are expecting a large number of peers in
+# say BGP.
+#MAX_FDS=1024
+
+# The list of daemons to watch is automatically generated by the init script.
+#watchfrr_options=""
+
+# To make watchfrr create/join the specified netns, use the following option:
+#watchfrr_options="--netns"
+# This only has an effect in /etc/frr/<somename>/daemons, and you need to
+# start FRR with "/usr/lib/frr/frrinit.sh start <somename>".
+
+# for debugging purposes, you can specify a "wrap" command to start instead
+# of starting the daemon directly, e.g. to use valgrind on ospfd:
+#   ospfd_wrap="/usr/bin/valgrind"
+# or you can use "all_wrap" for all daemons, e.g. to use perf record:
+#   all_wrap="/usr/bin/perf record --call-graph -"
+# the normal daemon command is added to this at the end.
diff --git a/lab-examples/cvx04/border02/etc/frr/frr.conf b/lab-examples/cvx04/border02/etc/frr/frr.conf
new file mode 100755
index 000000000..7b86ce77f
--- /dev/null
+++ b/lab-examples/cvx04/border02/etc/frr/frr.conf
@@ -0,0 +1,93 @@
+# Ansible Managed File
+frr defaults datacenter
+hostname border02
+log syslog informational
+zebra nexthop proto only
+service integrated-vtysh-config
+!
+ip pim rp 10.10.100.100 239.1.1.0/24
+ip pim ecmp
+ip pim keep-alive-timer 3600
+ip msdp mesh-group rpmesh source 10.10.10.64
+ip msdp mesh-group rpmesh member 10.10.10.63
+interface lo
+  ip igmp
+  ip pim
+  ip pim use-source 10.10.10.64
+interface swp51
+  evpn mh uplink
+  ip pim
+interface swp52
+  evpn mh uplink
+  ip pim
+interface swp53
+  evpn mh uplink
+  ip pim
+interface swp54
+  evpn mh uplink
+  ip pim
+interface bond1
+  evpn mh es-df-pref 1
+  evpn mh es-id 1
+  evpn mh es-sys-mac 44:38:39:BE:EF:FF
+
+vrf mgmt
+ ip route 0.0.0.0/0 192.168.200.1
+ exit-vrf
+!
+vrf RED
+ vni 4001
+ ip route 10.1.30.0/24 10.1.101.4
+ exit-vrf
+!
+vrf BLUE
+ vni 4002
+ ip route 10.1.10.0/24 10.1.102.4
+ ip route 10.1.20.0/24 10.1.102.4
+ exit-vrf
+!
+!
+router bgp 65164
+ bgp router-id 10.10.10.64
+ neighbor underlay peer-group
+ neighbor underlay remote-as external
+ neighbor swp51 interface peer-group underlay
+ neighbor swp52 interface peer-group underlay
+ neighbor swp53 interface peer-group underlay
+ neighbor swp54 interface peer-group underlay
+ !
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  neighbor underlay activate
+  advertise-all-vni
+ exit-address-family
+!
+router bgp 65164 vrf RED
+ bgp router-id 10.10.10.64
+ !
+ address-family ipv4 unicast
+  redistribute static
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+router bgp 65164 vrf BLUE
+ bgp router-id 10.10.10.64
+ !
+ address-family ipv4 unicast
+  redistribute static
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+!
+line vty
+!
diff --git a/lab-examples/cvx04/border02/etc/network/interfaces b/lab-examples/cvx04/border02/etc/network/interfaces
new file mode 100755
index 000000000..b0416c29e
--- /dev/null
+++ b/lab-examples/cvx04/border02/etc/network/interfaces
@@ -0,0 +1,125 @@
+# Ansible Managed File
+auto lo
+iface lo inet loopback
+    address 10.10.10.64/32
+    address 10.10.100.100/32
+    vxlan-local-tunnelip 10.10.10.64
+
+auto eth0
+iface eth0 inet dhcp
+    vrf mgmt
+
+auto mgmt
+iface mgmt
+  vrf-table auto
+  address 127.0.0.1/8
+  address ::1/128
+
+auto RED
+iface RED
+  vrf-table auto
+
+auto BLUE
+iface BLUE
+  vrf-table auto
+
+auto bridge
+iface bridge
+    bridge-ports vni101 vni102 vniRED vniBLUE bond1 
+    bridge-vids 101 102  
+    bridge-vlan-aware yes
+
+auto vni101
+iface vni101
+    bridge-access 101
+    vxlan-id 101
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+    vxlan-mcastgrp 239.1.1.101
+
+auto vni102
+iface vni102
+    bridge-access 102
+    vxlan-id 102
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+    vxlan-mcastgrp 239.1.1.102
+
+auto vniRED
+iface vniRED
+    bridge-access 4001
+    vxlan-id 4001
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vniBLUE
+iface vniBLUE
+    bridge-access 4002
+    vxlan-id 4002
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vlan101
+iface vlan101
+    address 10.1.101.65/24
+    address-virtual 00:00:00:00:00:01 10.1.101.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 101
+
+auto vlan102
+iface vlan102
+    address 10.1.102.65/24
+    address-virtual 00:00:00:00:00:02 10.1.102.1/24
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 102
+
+auto vlan4001
+iface vlan4001
+    hwaddress 44:38:39:BE:EF:FF
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 4001
+
+auto vlan4002
+iface vlan4002
+    hwaddress 44:38:39:BE:EF:FF
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 4002
+
+auto swp51
+iface swp51
+    alias to spine
+
+auto swp52
+iface swp52
+    alias to spine
+
+auto swp53
+iface swp53
+    alias to spine
+
+auto swp54
+iface swp54
+    alias to spine
+
+auto swp3
+iface swp3
+    alias bond member of bond1
+auto bond1
+iface bond1
+    bond-slaves swp3 
+    es-sys-mac 44:38:39:BE:EF:FF
+    bridge-vids 101 102
+    mtu 9000
+
diff --git a/lab-examples/cvx04/leaf01/etc/frr/daemons b/lab-examples/cvx04/leaf01/etc/frr/daemons
new file mode 100755
index 000000000..8b9ff81c8
--- /dev/null
+++ b/lab-examples/cvx04/leaf01/etc/frr/daemons
@@ -0,0 +1,86 @@
+# Ansible Managed File
+# This file tells the frr package which daemons to start.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/frr/examples/.
+#
+# ATTENTION:
+#
+# When activating a daemon for the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "frr", else
+# the daemon will not be started by /etc/init.d/frr. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
+#
+# The watchfrr, zebra and staticd daemons are always started.
+#
+bgpd=yes
+pimd=yes
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+ldpd=no
+nhrpd=no
+eigrpd=no
+babeld=no
+sharpd=no
+pbrd=no
+bfdd=no
+fabricd=no
+vrrpd=no
+
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+ospfd_options="  -A 127.0.0.1"
+ospf6d_options=" -A ::1"
+ripd_options="   -A 127.0.0.1"
+ripngd_options=" -A ::1"
+isisd_options="  -A 127.0.0.1"
+pimd_options="   -A 127.0.0.1"
+ldpd_options="   -A 127.0.0.1"
+nhrpd_options="  -A 127.0.0.1"
+eigrpd_options=" -A 127.0.0.1"
+babeld_options=" -A 127.0.0.1"
+sharpd_options=" -A 127.0.0.1"
+pbrd_options="   -A 127.0.0.1"
+staticd_options="-A 127.0.0.1"
+bfdd_options="   -A 127.0.0.1"
+fabricd_options="-A 127.0.0.1"
+vrrpd_options="  -A 127.0.0.1"
+
+# configuration profile
+#
+#frr_profile="traditional"
+#frr_profile="datacenter"
+
+#
+# This is the maximum number of FD's that will be available.
+# Upon startup this is read by the control files and ulimit
+# is called.  Uncomment and use a reasonable value for your
+# setup if you are expecting a large number of peers in
+# say BGP.
+#MAX_FDS=1024
+
+# The list of daemons to watch is automatically generated by the init script.
+#watchfrr_options=""
+
+# To make watchfrr create/join the specified netns, use the following option:
+#watchfrr_options="--netns"
+# This only has an effect in /etc/frr/<somename>/daemons, and you need to
+# start FRR with "/usr/lib/frr/frrinit.sh start <somename>".
+
+# for debugging purposes, you can specify a "wrap" command to start instead
+# of starting the daemon directly, e.g. to use valgrind on ospfd:
+#   ospfd_wrap="/usr/bin/valgrind"
+# or you can use "all_wrap" for all daemons, e.g. to use perf record:
+#   all_wrap="/usr/bin/perf record --call-graph -"
+# the normal daemon command is added to this at the end.
diff --git a/lab-examples/cvx04/leaf01/etc/frr/frr.conf b/lab-examples/cvx04/leaf01/etc/frr/frr.conf
new file mode 100755
index 000000000..e006aed7f
--- /dev/null
+++ b/lab-examples/cvx04/leaf01/etc/frr/frr.conf
@@ -0,0 +1,97 @@
+# Ansible Managed File
+frr defaults datacenter
+hostname leaf01
+log syslog informational
+zebra nexthop proto only
+service integrated-vtysh-config
+!
+ip pim rp 10.10.100.100 239.1.1.0/24
+ip pim ecmp
+ip pim keep-alive-timer 3600
+interface lo
+  ip igmp
+  ip pim
+  ip pim use-source 10.10.10.1
+interface swp51
+  evpn mh uplink
+  ip pim
+interface swp52
+  evpn mh uplink
+  ip pim
+interface swp53
+  evpn mh uplink
+  ip pim
+interface swp54
+  evpn mh uplink
+  ip pim
+interface bond1
+  evpn mh es-df-pref 50000
+  evpn mh es-id 1
+  evpn mh es-sys-mac 44:38:39:BE:EF:AA
+interface bond2
+  evpn mh es-df-pref 50000
+  evpn mh es-id 2
+  evpn mh es-sys-mac 44:38:39:BE:EF:AA
+interface bond3
+  evpn mh es-df-pref 50000
+  evpn mh es-id 3
+  evpn mh es-sys-mac 44:38:39:BE:EF:AA
+
+ evpn mh startup-delay 10
+vrf mgmt
+ ip route 0.0.0.0/0 192.168.200.1
+ exit-vrf
+!
+vrf RED
+ vni 4001
+ exit-vrf
+!
+vrf BLUE
+ vni 4002
+ exit-vrf
+!
+!
+router bgp 65101
+ bgp router-id 10.10.10.1
+ neighbor underlay peer-group
+ neighbor underlay remote-as external
+ neighbor swp51 interface peer-group underlay
+ neighbor swp52 interface peer-group underlay
+ neighbor swp53 interface peer-group underlay
+ neighbor swp54 interface peer-group underlay
+ !
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  neighbor underlay activate
+  advertise-all-vni
+ exit-address-family
+!
+router bgp 65101 vrf RED
+ bgp router-id 10.10.10.1
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+router bgp 65101 vrf BLUE
+ bgp router-id 10.10.10.1
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+!
+line vty
+!
diff --git a/lab-examples/cvx04/leaf01/etc/network/interfaces b/lab-examples/cvx04/leaf01/etc/network/interfaces
new file mode 100755
index 000000000..56106aa74
--- /dev/null
+++ b/lab-examples/cvx04/leaf01/etc/network/interfaces
@@ -0,0 +1,171 @@
+# Ansible Managed File
+auto lo
+iface lo inet loopback
+    address 10.10.10.1/32
+    vxlan-local-tunnelip 10.10.10.1
+
+auto eth0
+iface eth0 inet dhcp
+    vrf mgmt
+
+auto mgmt
+iface mgmt
+  vrf-table auto
+  address 127.0.0.1/8
+  address ::1/128
+
+auto RED
+iface RED
+  vrf-table auto
+
+auto BLUE
+iface BLUE
+  vrf-table auto
+
+auto bridge
+iface bridge
+    bridge-ports vni10 vni20 vni30 vniRED vniBLUE bond1 bond2 bond3 
+    bridge-vids 10 20 30  
+    bridge-vlan-aware yes
+
+auto vni10
+iface vni10
+    bridge-access 10
+    vxlan-id 10
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+    vxlan-mcastgrp 239.1.1.10
+
+auto vni20
+iface vni20
+    bridge-access 20
+    vxlan-id 20
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+    vxlan-mcastgrp 239.1.1.20
+
+auto vni30
+iface vni30
+    bridge-access 30
+    vxlan-id 30
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+    vxlan-mcastgrp 239.1.1.30
+
+auto vniRED
+iface vniRED
+    bridge-access 4001
+    vxlan-id 4001
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vniBLUE
+iface vniBLUE
+    bridge-access 4002
+    vxlan-id 4002
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vlan10
+iface vlan10
+    address 10.1.10.2/24
+    address-virtual 00:00:00:00:00:10 10.1.10.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 10
+
+auto vlan20
+iface vlan20
+    address 10.1.20.2/24
+    address-virtual 00:00:00:00:00:20 10.1.20.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 20
+
+auto vlan30
+iface vlan30
+    address 10.1.30.2/24
+    address-virtual 00:00:00:00:00:30 10.1.30.1/24
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 30
+
+auto vlan4001
+iface vlan4001
+    hwaddress 44:38:39:BE:EF:AA
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 4001
+
+auto vlan4002
+iface vlan4002
+    hwaddress 44:38:39:BE:EF:AA
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 4002
+
+auto swp51
+iface swp51
+    alias to spine
+
+auto swp52
+iface swp52
+    alias to spine
+
+auto swp53
+iface swp53
+    alias to spine
+
+auto swp54
+iface swp54
+    alias to spine
+
+auto swp1
+iface swp1
+    alias bond member of bond1
+auto bond1
+iface bond1
+    bond-slaves swp1 
+    es-sys-mac 44:38:39:BE:EF:AA
+    bridge-access 10
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
+auto swp2
+iface swp2
+    alias bond member of bond2
+auto bond2
+iface bond2
+    bond-slaves swp2 
+    es-sys-mac 44:38:39:BE:EF:AA
+    bridge-access 20
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
+auto swp3
+iface swp3
+    alias bond member of bond3
+auto bond3
+iface bond3
+    bond-slaves swp3 
+    es-sys-mac 44:38:39:BE:EF:AA
+    bridge-access 30
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
diff --git a/lab-examples/cvx04/leaf02/etc/frr/daemons b/lab-examples/cvx04/leaf02/etc/frr/daemons
new file mode 100755
index 000000000..8b9ff81c8
--- /dev/null
+++ b/lab-examples/cvx04/leaf02/etc/frr/daemons
@@ -0,0 +1,86 @@
+# Ansible Managed File
+# This file tells the frr package which daemons to start.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/frr/examples/.
+#
+# ATTENTION:
+#
+# When activating a daemon for the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "frr", else
+# the daemon will not be started by /etc/init.d/frr. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
+#
+# The watchfrr, zebra and staticd daemons are always started.
+#
+bgpd=yes
+pimd=yes
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+ldpd=no
+nhrpd=no
+eigrpd=no
+babeld=no
+sharpd=no
+pbrd=no
+bfdd=no
+fabricd=no
+vrrpd=no
+
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+ospfd_options="  -A 127.0.0.1"
+ospf6d_options=" -A ::1"
+ripd_options="   -A 127.0.0.1"
+ripngd_options=" -A ::1"
+isisd_options="  -A 127.0.0.1"
+pimd_options="   -A 127.0.0.1"
+ldpd_options="   -A 127.0.0.1"
+nhrpd_options="  -A 127.0.0.1"
+eigrpd_options=" -A 127.0.0.1"
+babeld_options=" -A 127.0.0.1"
+sharpd_options=" -A 127.0.0.1"
+pbrd_options="   -A 127.0.0.1"
+staticd_options="-A 127.0.0.1"
+bfdd_options="   -A 127.0.0.1"
+fabricd_options="-A 127.0.0.1"
+vrrpd_options="  -A 127.0.0.1"
+
+# configuration profile
+#
+#frr_profile="traditional"
+#frr_profile="datacenter"
+
+#
+# This is the maximum number of FD's that will be available.
+# Upon startup this is read by the control files and ulimit
+# is called.  Uncomment and use a reasonable value for your
+# setup if you are expecting a large number of peers in
+# say BGP.
+#MAX_FDS=1024
+
+# The list of daemons to watch is automatically generated by the init script.
+#watchfrr_options=""
+
+# To make watchfrr create/join the specified netns, use the following option:
+#watchfrr_options="--netns"
+# This only has an effect in /etc/frr/<somename>/daemons, and you need to
+# start FRR with "/usr/lib/frr/frrinit.sh start <somename>".
+
+# for debugging purposes, you can specify a "wrap" command to start instead
+# of starting the daemon directly, e.g. to use valgrind on ospfd:
+#   ospfd_wrap="/usr/bin/valgrind"
+# or you can use "all_wrap" for all daemons, e.g. to use perf record:
+#   all_wrap="/usr/bin/perf record --call-graph -"
+# the normal daemon command is added to this at the end.
diff --git a/lab-examples/cvx04/leaf02/etc/frr/frr.conf b/lab-examples/cvx04/leaf02/etc/frr/frr.conf
new file mode 100755
index 000000000..73023ede7
--- /dev/null
+++ b/lab-examples/cvx04/leaf02/etc/frr/frr.conf
@@ -0,0 +1,97 @@
+# Ansible Managed File
+frr defaults datacenter
+hostname leaf02
+log syslog informational
+zebra nexthop proto only
+service integrated-vtysh-config
+!
+ip pim rp 10.10.100.100 239.1.1.0/24
+ip pim ecmp
+ip pim keep-alive-timer 3600
+interface lo
+  ip igmp
+  ip pim
+  ip pim use-source 10.10.10.2
+interface swp51
+  evpn mh uplink
+  ip pim
+interface swp52
+  evpn mh uplink
+  ip pim
+interface swp53
+  evpn mh uplink
+  ip pim
+interface swp54
+  evpn mh uplink
+  ip pim
+interface bond1
+  evpn mh es-df-pref 1
+  evpn mh es-id 1
+  evpn mh es-sys-mac 44:38:39:BE:EF:AA
+interface bond2
+  evpn mh es-df-pref 1
+  evpn mh es-id 2
+  evpn mh es-sys-mac 44:38:39:BE:EF:AA
+interface bond3
+  evpn mh es-df-pref 1
+  evpn mh es-id 3
+  evpn mh es-sys-mac 44:38:39:BE:EF:AA
+
+ evpn mh startup-delay 10
+vrf mgmt
+ ip route 0.0.0.0/0 192.168.200.1
+ exit-vrf
+!
+vrf RED
+ vni 4001
+ exit-vrf
+!
+vrf BLUE
+ vni 4002
+ exit-vrf
+!
+!
+router bgp 65102
+ bgp router-id 10.10.10.2
+ neighbor underlay peer-group
+ neighbor underlay remote-as external
+ neighbor swp51 interface peer-group underlay
+ neighbor swp52 interface peer-group underlay
+ neighbor swp53 interface peer-group underlay
+ neighbor swp54 interface peer-group underlay
+ !
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  neighbor underlay activate
+  advertise-all-vni
+ exit-address-family
+!
+router bgp 65102 vrf RED
+ bgp router-id 10.10.10.2
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+router bgp 65102 vrf BLUE
+ bgp router-id 10.10.10.2
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+!
+line vty
+!
diff --git a/lab-examples/cvx04/leaf02/etc/network/interfaces b/lab-examples/cvx04/leaf02/etc/network/interfaces
new file mode 100755
index 000000000..221a20f86
--- /dev/null
+++ b/lab-examples/cvx04/leaf02/etc/network/interfaces
@@ -0,0 +1,171 @@
+# Ansible Managed File
+auto lo
+iface lo inet loopback
+    address 10.10.10.2/32
+    vxlan-local-tunnelip 10.10.10.2
+
+auto eth0
+iface eth0 inet dhcp
+    vrf mgmt
+
+auto mgmt
+iface mgmt
+  vrf-table auto
+  address 127.0.0.1/8
+  address ::1/128
+
+auto RED
+iface RED
+  vrf-table auto
+
+auto BLUE
+iface BLUE
+  vrf-table auto
+
+auto bridge
+iface bridge
+    bridge-ports vni10 vni20 vni30 vniRED vniBLUE bond1 bond2 bond3 
+    bridge-vids 10 20 30  
+    bridge-vlan-aware yes
+
+auto vni10
+iface vni10
+    bridge-access 10
+    vxlan-id 10
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+    vxlan-mcastgrp 239.1.1.10
+
+auto vni20
+iface vni20
+    bridge-access 20
+    vxlan-id 20
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+    vxlan-mcastgrp 239.1.1.20
+
+auto vni30
+iface vni30
+    bridge-access 30
+    vxlan-id 30
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+    vxlan-mcastgrp 239.1.1.30
+
+auto vniRED
+iface vniRED
+    bridge-access 4001
+    vxlan-id 4001
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vniBLUE
+iface vniBLUE
+    bridge-access 4002
+    vxlan-id 4002
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vlan10
+iface vlan10
+    address 10.1.10.3/24
+    address-virtual 00:00:00:00:00:10 10.1.10.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 10
+
+auto vlan20
+iface vlan20
+    address 10.1.20.3/24
+    address-virtual 00:00:00:00:00:20 10.1.20.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 20
+
+auto vlan30
+iface vlan30
+    address 10.1.30.3/24
+    address-virtual 00:00:00:00:00:30 10.1.30.1/24
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 30
+
+auto vlan4001
+iface vlan4001
+    hwaddress 44:38:39:BE:EF:AA
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 4001
+
+auto vlan4002
+iface vlan4002
+    hwaddress 44:38:39:BE:EF:AA
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 4002
+
+auto swp51
+iface swp51
+    alias to spine
+
+auto swp52
+iface swp52
+    alias to spine
+
+auto swp53
+iface swp53
+    alias to spine
+
+auto swp54
+iface swp54
+    alias to spine
+
+auto swp1
+iface swp1
+    alias bond member of bond1
+auto bond1
+iface bond1
+    bond-slaves swp1 
+    es-sys-mac 44:38:39:BE:EF:AA
+    bridge-access 10
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
+auto swp2
+iface swp2
+    alias bond member of bond2
+auto bond2
+iface bond2
+    bond-slaves swp2 
+    es-sys-mac 44:38:39:BE:EF:AA
+    bridge-access 20
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
+auto swp3
+iface swp3
+    alias bond member of bond3
+auto bond3
+iface bond3
+    bond-slaves swp3 
+    es-sys-mac 44:38:39:BE:EF:AA
+    bridge-access 30
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
diff --git a/lab-examples/cvx04/leaf03/etc/frr/daemons b/lab-examples/cvx04/leaf03/etc/frr/daemons
new file mode 100755
index 000000000..8b9ff81c8
--- /dev/null
+++ b/lab-examples/cvx04/leaf03/etc/frr/daemons
@@ -0,0 +1,86 @@
+# Ansible Managed File
+# This file tells the frr package which daemons to start.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/frr/examples/.
+#
+# ATTENTION:
+#
+# When activating a daemon for the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "frr", else
+# the daemon will not be started by /etc/init.d/frr. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
+#
+# The watchfrr, zebra and staticd daemons are always started.
+#
+bgpd=yes
+pimd=yes
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+ldpd=no
+nhrpd=no
+eigrpd=no
+babeld=no
+sharpd=no
+pbrd=no
+bfdd=no
+fabricd=no
+vrrpd=no
+
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+ospfd_options="  -A 127.0.0.1"
+ospf6d_options=" -A ::1"
+ripd_options="   -A 127.0.0.1"
+ripngd_options=" -A ::1"
+isisd_options="  -A 127.0.0.1"
+pimd_options="   -A 127.0.0.1"
+ldpd_options="   -A 127.0.0.1"
+nhrpd_options="  -A 127.0.0.1"
+eigrpd_options=" -A 127.0.0.1"
+babeld_options=" -A 127.0.0.1"
+sharpd_options=" -A 127.0.0.1"
+pbrd_options="   -A 127.0.0.1"
+staticd_options="-A 127.0.0.1"
+bfdd_options="   -A 127.0.0.1"
+fabricd_options="-A 127.0.0.1"
+vrrpd_options="  -A 127.0.0.1"
+
+# configuration profile
+#
+#frr_profile="traditional"
+#frr_profile="datacenter"
+
+#
+# This is the maximum number of FD's that will be available.
+# Upon startup this is read by the control files and ulimit
+# is called.  Uncomment and use a reasonable value for your
+# setup if you are expecting a large number of peers in
+# say BGP.
+#MAX_FDS=1024
+
+# The list of daemons to watch is automatically generated by the init script.
+#watchfrr_options=""
+
+# To make watchfrr create/join the specified netns, use the following option:
+#watchfrr_options="--netns"
+# This only has an effect in /etc/frr/<somename>/daemons, and you need to
+# start FRR with "/usr/lib/frr/frrinit.sh start <somename>".
+
+# for debugging purposes, you can specify a "wrap" command to start instead
+# of starting the daemon directly, e.g. to use valgrind on ospfd:
+#   ospfd_wrap="/usr/bin/valgrind"
+# or you can use "all_wrap" for all daemons, e.g. to use perf record:
+#   all_wrap="/usr/bin/perf record --call-graph -"
+# the normal daemon command is added to this at the end.
diff --git a/lab-examples/cvx04/leaf03/etc/frr/frr.conf b/lab-examples/cvx04/leaf03/etc/frr/frr.conf
new file mode 100755
index 000000000..e4afcc48b
--- /dev/null
+++ b/lab-examples/cvx04/leaf03/etc/frr/frr.conf
@@ -0,0 +1,97 @@
+# Ansible Managed File
+frr defaults datacenter
+hostname leaf03
+log syslog informational
+zebra nexthop proto only
+service integrated-vtysh-config
+!
+ip pim rp 10.10.100.100 239.1.1.0/24
+ip pim ecmp
+ip pim keep-alive-timer 3600
+interface lo
+  ip igmp
+  ip pim
+  ip pim use-source 10.10.10.3
+interface swp51
+  evpn mh uplink
+  ip pim
+interface swp52
+  evpn mh uplink
+  ip pim
+interface swp53
+  evpn mh uplink
+  ip pim
+interface swp54
+  evpn mh uplink
+  ip pim
+interface bond1
+  evpn mh es-df-pref 50000
+  evpn mh es-id 1
+  evpn mh es-sys-mac 44:38:39:BE:EF:BB
+interface bond2
+  evpn mh es-df-pref 50000
+  evpn mh es-id 2
+  evpn mh es-sys-mac 44:38:39:BE:EF:BB
+interface bond3
+  evpn mh es-df-pref 50000
+  evpn mh es-id 3
+  evpn mh es-sys-mac 44:38:39:BE:EF:BB
+
+ evpn mh startup-delay 10
+vrf mgmt
+ ip route 0.0.0.0/0 192.168.200.1
+ exit-vrf
+!
+vrf RED
+ vni 4001
+ exit-vrf
+!
+vrf BLUE
+ vni 4002
+ exit-vrf
+!
+!
+router bgp 65103
+ bgp router-id 10.10.10.3
+ neighbor underlay peer-group
+ neighbor underlay remote-as external
+ neighbor swp51 interface peer-group underlay
+ neighbor swp52 interface peer-group underlay
+ neighbor swp53 interface peer-group underlay
+ neighbor swp54 interface peer-group underlay
+ !
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  neighbor underlay activate
+  advertise-all-vni
+ exit-address-family
+!
+router bgp 65103 vrf RED
+ bgp router-id 10.10.10.3
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+router bgp 65103 vrf BLUE
+ bgp router-id 10.10.10.3
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+!
+line vty
+!
diff --git a/lab-examples/cvx04/leaf03/etc/network/interfaces b/lab-examples/cvx04/leaf03/etc/network/interfaces
new file mode 100755
index 000000000..288644eba
--- /dev/null
+++ b/lab-examples/cvx04/leaf03/etc/network/interfaces
@@ -0,0 +1,171 @@
+# Ansible Managed File
+auto lo
+iface lo inet loopback
+    address 10.10.10.3/32
+    vxlan-local-tunnelip 10.10.10.3
+
+auto eth0
+iface eth0 inet dhcp
+    vrf mgmt
+
+auto mgmt
+iface mgmt
+  vrf-table auto
+  address 127.0.0.1/8
+  address ::1/128
+
+auto RED
+iface RED
+  vrf-table auto
+
+auto BLUE
+iface BLUE
+  vrf-table auto
+
+auto bridge
+iface bridge
+    bridge-ports vni10 vni20 vni30 vniRED vniBLUE bond1 bond2 bond3 
+    bridge-vids 10 20 30  
+    bridge-vlan-aware yes
+
+auto vni10
+iface vni10
+    bridge-access 10
+    vxlan-id 10
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+    vxlan-mcastgrp 239.1.1.10
+
+auto vni20
+iface vni20
+    bridge-access 20
+    vxlan-id 20
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+    vxlan-mcastgrp 239.1.1.20
+
+auto vni30
+iface vni30
+    bridge-access 30
+    vxlan-id 30
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+    vxlan-mcastgrp 239.1.1.30
+
+auto vniRED
+iface vniRED
+    bridge-access 4001
+    vxlan-id 4001
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vniBLUE
+iface vniBLUE
+    bridge-access 4002
+    vxlan-id 4002
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vlan10
+iface vlan10
+    address 10.1.10.4/24
+    address-virtual 00:00:00:00:00:10 10.1.10.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 10
+
+auto vlan20
+iface vlan20
+    address 10.1.20.4/24
+    address-virtual 00:00:00:00:00:20 10.1.20.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 20
+
+auto vlan30
+iface vlan30
+    address 10.1.30.4/24
+    address-virtual 00:00:00:00:00:30 10.1.30.1/24
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 30
+
+auto vlan4001
+iface vlan4001
+    hwaddress 44:38:39:BE:EF:BB
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 4001
+
+auto vlan4002
+iface vlan4002
+    hwaddress 44:38:39:BE:EF:BB
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 4002
+
+auto swp51
+iface swp51
+    alias to spine
+
+auto swp52
+iface swp52
+    alias to spine
+
+auto swp53
+iface swp53
+    alias to spine
+
+auto swp54
+iface swp54
+    alias to spine
+
+auto swp1
+iface swp1
+    alias bond member of bond1
+auto bond1
+iface bond1
+    bond-slaves swp1 
+    es-sys-mac 44:38:39:BE:EF:BB
+    bridge-access 10
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
+auto swp2
+iface swp2
+    alias bond member of bond2
+auto bond2
+iface bond2
+    bond-slaves swp2 
+    es-sys-mac 44:38:39:BE:EF:BB
+    bridge-access 20
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
+auto swp3
+iface swp3
+    alias bond member of bond3
+auto bond3
+iface bond3
+    bond-slaves swp3 
+    es-sys-mac 44:38:39:BE:EF:BB
+    bridge-access 30
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
diff --git a/lab-examples/cvx04/leaf04/etc/frr/daemons b/lab-examples/cvx04/leaf04/etc/frr/daemons
new file mode 100755
index 000000000..8b9ff81c8
--- /dev/null
+++ b/lab-examples/cvx04/leaf04/etc/frr/daemons
@@ -0,0 +1,86 @@
+# Ansible Managed File
+# This file tells the frr package which daemons to start.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/frr/examples/.
+#
+# ATTENTION:
+#
+# When activating a daemon for the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "frr", else
+# the daemon will not be started by /etc/init.d/frr. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
+#
+# The watchfrr, zebra and staticd daemons are always started.
+#
+bgpd=yes
+pimd=yes
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+ldpd=no
+nhrpd=no
+eigrpd=no
+babeld=no
+sharpd=no
+pbrd=no
+bfdd=no
+fabricd=no
+vrrpd=no
+
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+ospfd_options="  -A 127.0.0.1"
+ospf6d_options=" -A ::1"
+ripd_options="   -A 127.0.0.1"
+ripngd_options=" -A ::1"
+isisd_options="  -A 127.0.0.1"
+pimd_options="   -A 127.0.0.1"
+ldpd_options="   -A 127.0.0.1"
+nhrpd_options="  -A 127.0.0.1"
+eigrpd_options=" -A 127.0.0.1"
+babeld_options=" -A 127.0.0.1"
+sharpd_options=" -A 127.0.0.1"
+pbrd_options="   -A 127.0.0.1"
+staticd_options="-A 127.0.0.1"
+bfdd_options="   -A 127.0.0.1"
+fabricd_options="-A 127.0.0.1"
+vrrpd_options="  -A 127.0.0.1"
+
+# configuration profile
+#
+#frr_profile="traditional"
+#frr_profile="datacenter"
+
+#
+# This is the maximum number of FD's that will be available.
+# Upon startup this is read by the control files and ulimit
+# is called.  Uncomment and use a reasonable value for your
+# setup if you are expecting a large number of peers in
+# say BGP.
+#MAX_FDS=1024
+
+# The list of daemons to watch is automatically generated by the init script.
+#watchfrr_options=""
+
+# To make watchfrr create/join the specified netns, use the following option:
+#watchfrr_options="--netns"
+# This only has an effect in /etc/frr/<somename>/daemons, and you need to
+# start FRR with "/usr/lib/frr/frrinit.sh start <somename>".
+
+# for debugging purposes, you can specify a "wrap" command to start instead
+# of starting the daemon directly, e.g. to use valgrind on ospfd:
+#   ospfd_wrap="/usr/bin/valgrind"
+# or you can use "all_wrap" for all daemons, e.g. to use perf record:
+#   all_wrap="/usr/bin/perf record --call-graph -"
+# the normal daemon command is added to this at the end.
diff --git a/lab-examples/cvx04/leaf04/etc/frr/frr.conf b/lab-examples/cvx04/leaf04/etc/frr/frr.conf
new file mode 100755
index 000000000..97dcfe43b
--- /dev/null
+++ b/lab-examples/cvx04/leaf04/etc/frr/frr.conf
@@ -0,0 +1,97 @@
+# Ansible Managed File
+frr defaults datacenter
+hostname leaf04
+log syslog informational
+zebra nexthop proto only
+service integrated-vtysh-config
+!
+ip pim rp 10.10.100.100 239.1.1.0/24
+ip pim ecmp
+ip pim keep-alive-timer 3600
+interface lo
+  ip igmp
+  ip pim
+  ip pim use-source 10.10.10.4
+interface swp51
+  evpn mh uplink
+  ip pim
+interface swp52
+  evpn mh uplink
+  ip pim
+interface swp53
+  evpn mh uplink
+  ip pim
+interface swp54
+  evpn mh uplink
+  ip pim
+interface bond1
+  evpn mh es-df-pref 1
+  evpn mh es-id 1
+  evpn mh es-sys-mac 44:38:39:BE:EF:BB
+interface bond2
+  evpn mh es-df-pref 1
+  evpn mh es-id 2
+  evpn mh es-sys-mac 44:38:39:BE:EF:BB
+interface bond3
+  evpn mh es-df-pref 1
+  evpn mh es-id 3
+  evpn mh es-sys-mac 44:38:39:BE:EF:BB
+
+ evpn mh startup-delay 10
+vrf mgmt
+ ip route 0.0.0.0/0 192.168.200.1
+ exit-vrf
+!
+vrf RED
+ vni 4001
+ exit-vrf
+!
+vrf BLUE
+ vni 4002
+ exit-vrf
+!
+!
+router bgp 65104
+ bgp router-id 10.10.10.4
+ neighbor underlay peer-group
+ neighbor underlay remote-as external
+ neighbor swp51 interface peer-group underlay
+ neighbor swp52 interface peer-group underlay
+ neighbor swp53 interface peer-group underlay
+ neighbor swp54 interface peer-group underlay
+ !
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  neighbor underlay activate
+  advertise-all-vni
+ exit-address-family
+!
+router bgp 65104 vrf RED
+ bgp router-id 10.10.10.4
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+router bgp 65104 vrf BLUE
+ bgp router-id 10.10.10.4
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+!
+line vty
+!
diff --git a/lab-examples/cvx04/leaf04/etc/network/interfaces b/lab-examples/cvx04/leaf04/etc/network/interfaces
new file mode 100755
index 000000000..3314eb90a
--- /dev/null
+++ b/lab-examples/cvx04/leaf04/etc/network/interfaces
@@ -0,0 +1,171 @@
+# Ansible Managed File
+auto lo
+iface lo inet loopback
+    address 10.10.10.4/32
+    vxlan-local-tunnelip 10.10.10.4
+
+auto eth0
+iface eth0 inet dhcp
+    vrf mgmt
+
+auto mgmt
+iface mgmt
+  vrf-table auto
+  address 127.0.0.1/8
+  address ::1/128
+
+auto RED
+iface RED
+  vrf-table auto
+
+auto BLUE
+iface BLUE
+  vrf-table auto
+
+auto bridge
+iface bridge
+    bridge-ports vni10 vni20 vni30 vniRED vniBLUE bond1 bond2 bond3 
+    bridge-vids 10 20 30  
+    bridge-vlan-aware yes
+
+auto vni10
+iface vni10
+    bridge-access 10
+    vxlan-id 10
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+    vxlan-mcastgrp 239.1.1.10
+
+auto vni20
+iface vni20
+    bridge-access 20
+    vxlan-id 20
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+    vxlan-mcastgrp 239.1.1.20
+
+auto vni30
+iface vni30
+    bridge-access 30
+    vxlan-id 30
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+    vxlan-mcastgrp 239.1.1.30
+
+auto vniRED
+iface vniRED
+    bridge-access 4001
+    vxlan-id 4001
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vniBLUE
+iface vniBLUE
+    bridge-access 4002
+    vxlan-id 4002
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vlan10
+iface vlan10
+    address 10.1.10.5/24
+    address-virtual 00:00:00:00:00:10 10.1.10.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 10
+
+auto vlan20
+iface vlan20
+    address 10.1.20.5/24
+    address-virtual 00:00:00:00:00:20 10.1.20.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 20
+
+auto vlan30
+iface vlan30
+    address 10.1.30.5/24
+    address-virtual 00:00:00:00:00:30 10.1.30.1/24
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 30
+
+auto vlan4001
+iface vlan4001
+    hwaddress 44:38:39:BE:EF:BB
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 4001
+
+auto vlan4002
+iface vlan4002
+    hwaddress 44:38:39:BE:EF:BB
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 4002
+
+auto swp51
+iface swp51
+    alias to spine
+
+auto swp52
+iface swp52
+    alias to spine
+
+auto swp53
+iface swp53
+    alias to spine
+
+auto swp54
+iface swp54
+    alias to spine
+
+auto swp1
+iface swp1
+    alias bond member of bond1
+auto bond1
+iface bond1
+    bond-slaves swp1 
+    es-sys-mac 44:38:39:BE:EF:BB
+    bridge-access 10
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
+auto swp2
+iface swp2
+    alias bond member of bond2
+auto bond2
+iface bond2
+    bond-slaves swp2 
+    es-sys-mac 44:38:39:BE:EF:BB
+    bridge-access 20
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
+auto swp3
+iface swp3
+    alias bond member of bond3
+auto bond3
+iface bond3
+    bond-slaves swp3 
+    es-sys-mac 44:38:39:BE:EF:BB
+    bridge-access 30
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
diff --git a/lab-examples/cvx04/server01/etc/network/interfaces b/lab-examples/cvx04/server01/etc/network/interfaces
new file mode 100755
index 000000000..6bc2eee43
--- /dev/null
+++ b/lab-examples/cvx04/server01/etc/network/interfaces
@@ -0,0 +1,31 @@
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The OOB network interface
+auto eth0
+iface eth0 inet dhcp
+
+# The data plane network interfaces
+auto eth1
+iface eth1 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth1
+
+auto eth2
+iface eth2 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth2
+
+auto uplink
+iface uplink inet static
+  address 10.1.10.101
+  netmask 255.255.255.0
+  mtu 9000
+  bond-slaves eth1 eth2
+  bond-mode 802.3ad
+  bond-miimon 100
+  bond-lacp-rate 1
+  bond-min-links 1
+  bond-xmit-hash-policy layer3+4
+  post-up ip route add 10.0.0.0/8 via 10.1.10.1
diff --git a/lab-examples/cvx04/server02/etc/network/interfaces b/lab-examples/cvx04/server02/etc/network/interfaces
new file mode 100755
index 000000000..4d5037e9d
--- /dev/null
+++ b/lab-examples/cvx04/server02/etc/network/interfaces
@@ -0,0 +1,31 @@
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The OOB network interface
+auto eth0
+iface eth0 inet dhcp
+
+# The data plane network interfaces
+auto eth1
+iface eth1 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth1
+
+auto eth2
+iface eth2 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth2
+
+auto uplink
+iface uplink inet static
+  address 10.1.20.102
+  netmask 255.255.255.0
+  mtu 9000
+  bond-slaves eth1 eth2
+  bond-mode 802.3ad
+  bond-miimon 100
+  bond-lacp-rate 1
+  bond-min-links 1
+  bond-xmit-hash-policy layer3+4
+  post-up ip route add 10.0.0.0/8 via 10.1.20.1
diff --git a/lab-examples/cvx04/server03/etc/network/interfaces b/lab-examples/cvx04/server03/etc/network/interfaces
new file mode 100755
index 000000000..ddc571cfe
--- /dev/null
+++ b/lab-examples/cvx04/server03/etc/network/interfaces
@@ -0,0 +1,31 @@
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The OOB network interface
+auto eth0
+iface eth0 inet dhcp
+
+# The data plane network interfaces
+auto eth1
+iface eth1 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth1
+
+auto eth2
+iface eth2 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth2
+
+auto uplink
+iface uplink inet static
+  address 10.1.30.103
+  netmask 255.255.255.0
+  mtu 9000
+  bond-slaves eth1 eth2
+  bond-mode 802.3ad
+  bond-miimon 100
+  bond-lacp-rate 1
+  bond-min-links 1
+  bond-xmit-hash-policy layer3+4
+  post-up ip route add 10.0.0.0/8 via 10.1.30.1
diff --git a/lab-examples/cvx04/server04/etc/network/interfaces b/lab-examples/cvx04/server04/etc/network/interfaces
new file mode 100755
index 000000000..dfc8ee4d5
--- /dev/null
+++ b/lab-examples/cvx04/server04/etc/network/interfaces
@@ -0,0 +1,31 @@
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The OOB network interface
+auto eth0
+iface eth0 inet dhcp
+
+# The data plane network interfaces
+auto eth1
+iface eth1 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth1
+
+auto eth2
+iface eth2 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth2
+
+auto uplink
+iface uplink inet static
+  address 10.1.10.104
+  netmask 255.255.255.0
+  mtu 9000
+  bond-slaves eth1 eth2
+  bond-mode 802.3ad
+  bond-miimon 100
+  bond-lacp-rate 1
+  bond-min-links 1
+  bond-xmit-hash-policy layer3+4
+  post-up ip route add 10.0.0.0/8 via 10.1.10.1
diff --git a/lab-examples/cvx04/server05/etc/network/interfaces b/lab-examples/cvx04/server05/etc/network/interfaces
new file mode 100755
index 000000000..5bfea664f
--- /dev/null
+++ b/lab-examples/cvx04/server05/etc/network/interfaces
@@ -0,0 +1,31 @@
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The OOB network interface
+auto eth0
+iface eth0 inet dhcp
+
+# The data plane network interfaces
+auto eth1
+iface eth1 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth1
+
+auto eth2
+iface eth2 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth2
+
+auto uplink
+iface uplink inet static
+  address 10.1.20.105
+  netmask 255.255.255.0
+  mtu 9000
+  bond-slaves eth1 eth2
+  bond-mode 802.3ad
+  bond-miimon 100
+  bond-lacp-rate 1
+  bond-min-links 1
+  bond-xmit-hash-policy layer3+4
+  post-up ip route add 10.0.0.0/8 via 10.1.20.1
diff --git a/lab-examples/cvx04/server06/etc/network/interfaces b/lab-examples/cvx04/server06/etc/network/interfaces
new file mode 100755
index 000000000..b11779477
--- /dev/null
+++ b/lab-examples/cvx04/server06/etc/network/interfaces
@@ -0,0 +1,31 @@
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The OOB network interface
+auto eth0
+iface eth0 inet dhcp
+
+# The data plane network interfaces
+auto eth1
+iface eth1 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth1
+
+auto eth2
+iface eth2 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth2
+
+auto uplink
+iface uplink inet static
+  address 10.1.30.106
+  netmask 255.255.255.0
+  mtu 9000
+  bond-slaves eth1 eth2
+  bond-mode 802.3ad
+  bond-miimon 100
+  bond-lacp-rate 1
+  bond-min-links 1
+  bond-xmit-hash-policy layer3+4
+  post-up ip route add 10.0.0.0/8 via 10.1.30.1
diff --git a/lab-examples/cvx04/spine01/etc/frr/daemons b/lab-examples/cvx04/spine01/etc/frr/daemons
new file mode 100755
index 000000000..8b9ff81c8
--- /dev/null
+++ b/lab-examples/cvx04/spine01/etc/frr/daemons
@@ -0,0 +1,86 @@
+# Ansible Managed File
+# This file tells the frr package which daemons to start.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/frr/examples/.
+#
+# ATTENTION:
+#
+# When activating a daemon for the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "frr", else
+# the daemon will not be started by /etc/init.d/frr. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
+#
+# The watchfrr, zebra and staticd daemons are always started.
+#
+bgpd=yes
+pimd=yes
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+ldpd=no
+nhrpd=no
+eigrpd=no
+babeld=no
+sharpd=no
+pbrd=no
+bfdd=no
+fabricd=no
+vrrpd=no
+
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+ospfd_options="  -A 127.0.0.1"
+ospf6d_options=" -A ::1"
+ripd_options="   -A 127.0.0.1"
+ripngd_options=" -A ::1"
+isisd_options="  -A 127.0.0.1"
+pimd_options="   -A 127.0.0.1"
+ldpd_options="   -A 127.0.0.1"
+nhrpd_options="  -A 127.0.0.1"
+eigrpd_options=" -A 127.0.0.1"
+babeld_options=" -A 127.0.0.1"
+sharpd_options=" -A 127.0.0.1"
+pbrd_options="   -A 127.0.0.1"
+staticd_options="-A 127.0.0.1"
+bfdd_options="   -A 127.0.0.1"
+fabricd_options="-A 127.0.0.1"
+vrrpd_options="  -A 127.0.0.1"
+
+# configuration profile
+#
+#frr_profile="traditional"
+#frr_profile="datacenter"
+
+#
+# This is the maximum number of FD's that will be available.
+# Upon startup this is read by the control files and ulimit
+# is called.  Uncomment and use a reasonable value for your
+# setup if you are expecting a large number of peers in
+# say BGP.
+#MAX_FDS=1024
+
+# The list of daemons to watch is automatically generated by the init script.
+#watchfrr_options=""
+
+# To make watchfrr create/join the specified netns, use the following option:
+#watchfrr_options="--netns"
+# This only has an effect in /etc/frr/<somename>/daemons, and you need to
+# start FRR with "/usr/lib/frr/frrinit.sh start <somename>".
+
+# for debugging purposes, you can specify a "wrap" command to start instead
+# of starting the daemon directly, e.g. to use valgrind on ospfd:
+#   ospfd_wrap="/usr/bin/valgrind"
+# or you can use "all_wrap" for all daemons, e.g. to use perf record:
+#   all_wrap="/usr/bin/perf record --call-graph -"
+# the normal daemon command is added to this at the end.
diff --git a/lab-examples/cvx04/spine01/etc/frr/frr.conf b/lab-examples/cvx04/spine01/etc/frr/frr.conf
new file mode 100755
index 000000000..8dd5aa73f
--- /dev/null
+++ b/lab-examples/cvx04/spine01/etc/frr/frr.conf
@@ -0,0 +1,54 @@
+# Ansible Managed File
+frr defaults datacenter
+hostname spine01
+log syslog informational
+zebra nexthop proto only
+service integrated-vtysh-config
+!
+ip pim rp 10.10.100.100 239.1.1.0/24
+ip pim ecmp
+ip pim keep-alive-timer 3600
+interface lo
+  ip igmp
+  ip pim
+  ip pim use-source 10.10.10.101
+interface swp1
+  ip pim
+interface swp2
+  ip pim
+interface swp3
+  ip pim
+interface swp4
+  ip pim
+interface swp5
+  ip pim
+interface swp6
+  ip pim
+vrf mgmt
+ ip route 0.0.0.0/0 192.168.200.1
+ exit-vrf
+!
+!
+router bgp 65100
+ bgp router-id 10.10.10.101
+ neighbor underlay peer-group
+ neighbor underlay remote-as external
+ neighbor swp1 interface peer-group underlay
+ neighbor swp2 interface peer-group underlay
+ neighbor swp3 interface peer-group underlay
+ neighbor swp4 interface peer-group underlay
+ neighbor swp5 interface peer-group underlay
+ neighbor swp6 interface peer-group underlay
+ !
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  neighbor underlay activate
+ exit-address-family
+!
+!
+line vty
+!
diff --git a/lab-examples/cvx04/spine01/etc/network/interfaces b/lab-examples/cvx04/spine01/etc/network/interfaces
new file mode 100755
index 000000000..386ec2695
--- /dev/null
+++ b/lab-examples/cvx04/spine01/etc/network/interfaces
@@ -0,0 +1,39 @@
+# Ansible Managed File
+auto lo
+iface lo inet loopback
+    address 10.10.10.101/32
+
+auto eth0
+iface eth0 inet dhcp
+    vrf mgmt
+
+auto mgmt
+iface mgmt
+  vrf-table auto
+  address 127.0.0.1/8
+  address ::1/128
+
+auto swp1
+iface swp1
+    alias to leaf
+
+auto swp2
+iface swp2
+    alias to leaf
+
+auto swp3
+iface swp3
+    alias to leaf
+
+auto swp4
+iface swp4
+    alias to leaf
+
+auto swp5
+iface swp5
+    alias to leaf
+
+auto swp6
+iface swp6
+    alias to leaf
+
diff --git a/lab-examples/cvx04/spine02/etc/frr/daemons b/lab-examples/cvx04/spine02/etc/frr/daemons
new file mode 100755
index 000000000..8b9ff81c8
--- /dev/null
+++ b/lab-examples/cvx04/spine02/etc/frr/daemons
@@ -0,0 +1,86 @@
+# Ansible Managed File
+# This file tells the frr package which daemons to start.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/frr/examples/.
+#
+# ATTENTION:
+#
+# When activating a daemon for the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "frr", else
+# the daemon will not be started by /etc/init.d/frr. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
+#
+# The watchfrr, zebra and staticd daemons are always started.
+#
+bgpd=yes
+pimd=yes
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+ldpd=no
+nhrpd=no
+eigrpd=no
+babeld=no
+sharpd=no
+pbrd=no
+bfdd=no
+fabricd=no
+vrrpd=no
+
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+ospfd_options="  -A 127.0.0.1"
+ospf6d_options=" -A ::1"
+ripd_options="   -A 127.0.0.1"
+ripngd_options=" -A ::1"
+isisd_options="  -A 127.0.0.1"
+pimd_options="   -A 127.0.0.1"
+ldpd_options="   -A 127.0.0.1"
+nhrpd_options="  -A 127.0.0.1"
+eigrpd_options=" -A 127.0.0.1"
+babeld_options=" -A 127.0.0.1"
+sharpd_options=" -A 127.0.0.1"
+pbrd_options="   -A 127.0.0.1"
+staticd_options="-A 127.0.0.1"
+bfdd_options="   -A 127.0.0.1"
+fabricd_options="-A 127.0.0.1"
+vrrpd_options="  -A 127.0.0.1"
+
+# configuration profile
+#
+#frr_profile="traditional"
+#frr_profile="datacenter"
+
+#
+# This is the maximum number of FD's that will be available.
+# Upon startup this is read by the control files and ulimit
+# is called.  Uncomment and use a reasonable value for your
+# setup if you are expecting a large number of peers in
+# say BGP.
+#MAX_FDS=1024
+
+# The list of daemons to watch is automatically generated by the init script.
+#watchfrr_options=""
+
+# To make watchfrr create/join the specified netns, use the following option:
+#watchfrr_options="--netns"
+# This only has an effect in /etc/frr/<somename>/daemons, and you need to
+# start FRR with "/usr/lib/frr/frrinit.sh start <somename>".
+
+# for debugging purposes, you can specify a "wrap" command to start instead
+# of starting the daemon directly, e.g. to use valgrind on ospfd:
+#   ospfd_wrap="/usr/bin/valgrind"
+# or you can use "all_wrap" for all daemons, e.g. to use perf record:
+#   all_wrap="/usr/bin/perf record --call-graph -"
+# the normal daemon command is added to this at the end.
diff --git a/lab-examples/cvx04/spine02/etc/frr/frr.conf b/lab-examples/cvx04/spine02/etc/frr/frr.conf
new file mode 100755
index 000000000..fa9c086c2
--- /dev/null
+++ b/lab-examples/cvx04/spine02/etc/frr/frr.conf
@@ -0,0 +1,54 @@
+# Ansible Managed File
+frr defaults datacenter
+hostname spine02
+log syslog informational
+zebra nexthop proto only
+service integrated-vtysh-config
+!
+ip pim rp 10.10.100.100 239.1.1.0/24
+ip pim ecmp
+ip pim keep-alive-timer 3600
+interface lo
+  ip igmp
+  ip pim
+  ip pim use-source 10.10.10.102
+interface swp1
+  ip pim
+interface swp2
+  ip pim
+interface swp3
+  ip pim
+interface swp4
+  ip pim
+interface swp5
+  ip pim
+interface swp6
+  ip pim
+vrf mgmt
+ ip route 0.0.0.0/0 192.168.200.1
+ exit-vrf
+!
+!
+router bgp 65100
+ bgp router-id 10.10.10.102
+ neighbor underlay peer-group
+ neighbor underlay remote-as external
+ neighbor swp1 interface peer-group underlay
+ neighbor swp2 interface peer-group underlay
+ neighbor swp3 interface peer-group underlay
+ neighbor swp4 interface peer-group underlay
+ neighbor swp5 interface peer-group underlay
+ neighbor swp6 interface peer-group underlay
+ !
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  neighbor underlay activate
+ exit-address-family
+!
+!
+line vty
+!
diff --git a/lab-examples/cvx04/spine02/etc/network/interfaces b/lab-examples/cvx04/spine02/etc/network/interfaces
new file mode 100755
index 000000000..4ab9a2c6b
--- /dev/null
+++ b/lab-examples/cvx04/spine02/etc/network/interfaces
@@ -0,0 +1,39 @@
+# Ansible Managed File
+auto lo
+iface lo inet loopback
+    address 10.10.10.102/32
+
+auto eth0
+iface eth0 inet dhcp
+    vrf mgmt
+
+auto mgmt
+iface mgmt
+  vrf-table auto
+  address 127.0.0.1/8
+  address ::1/128
+
+auto swp1
+iface swp1
+    alias to leaf
+
+auto swp2
+iface swp2
+    alias to leaf
+
+auto swp3
+iface swp3
+    alias to leaf
+
+auto swp4
+iface swp4
+    alias to leaf
+
+auto swp5
+iface swp5
+    alias to leaf
+
+auto swp6
+iface swp6
+    alias to leaf
+
diff --git a/lab-examples/cvx04/symm-mh.yml b/lab-examples/cvx04/symm-mh.yml
new file mode 100644
index 000000000..44c9a7fa0
--- /dev/null
+++ b/lab-examples/cvx04/symm-mh.yml
@@ -0,0 +1,141 @@
+name: citc # Cumulus In The Cloud
+
+topology:
+  nodes:
+    border01:
+      kind: cvx
+      image: networkop/cx:4.3.0
+      binds:
+      - border01/etc/network/interfaces:/etc/network/interfaces
+      - border01/etc/frr/daemons:/etc/frr/daemons
+      - border01/etc/frr/frr.conf:/etc/frr/frr.conf
+
+    border02:
+      kind: cvx
+      image: networkop/cx:4.3.0
+      binds:
+      - border02/etc/network/interfaces:/etc/network/interfaces
+      - border02/etc/frr/daemons:/etc/frr/daemons
+      - border02/etc/frr/frr.conf:/etc/frr/frr.conf
+
+    spine01:
+      kind: cvx
+      image: networkop/cx:4.3.0
+      binds:
+      - spine01/etc/network/interfaces:/etc/network/interfaces
+      - spine01/etc/frr/daemons:/etc/frr/daemons
+      - spine01/etc/frr/frr.conf:/etc/frr/frr.conf
+
+    spine02:
+      kind: cvx
+      image: networkop/cx:4.3.0
+      binds:
+      - spine02/etc/network/interfaces:/etc/network/interfaces
+      - spine02/etc/frr/daemons:/etc/frr/daemons
+      - spine02/etc/frr/frr.conf:/etc/frr/frr.conf
+
+    leaf01:
+      kind: cvx
+      image: networkop/cx:4.3.0
+      binds:
+      - leaf01/etc/network/interfaces:/etc/network/interfaces
+      - leaf01/etc/frr/daemons:/etc/frr/daemons
+      - leaf01/etc/frr/frr.conf:/etc/frr/frr.conf
+
+    leaf02:
+      kind: cvx
+      image: networkop/cx:4.3.0
+      binds:
+      - leaf02/etc/network/interfaces:/etc/network/interfaces
+      - leaf02/etc/frr/daemons:/etc/frr/daemons
+      - leaf02/etc/frr/frr.conf:/etc/frr/frr.conf
+
+    leaf03:
+      kind: cvx
+      image: networkop/cx:4.3.0
+      binds:
+      - leaf03/etc/network/interfaces:/etc/network/interfaces
+      - leaf03/etc/frr/daemons:/etc/frr/daemons
+      - leaf03/etc/frr/frr.conf:/etc/frr/frr.conf
+
+    leaf04:
+      kind: cvx
+      image: networkop/cx:4.3.0
+      binds:
+      - leaf04/etc/network/interfaces:/etc/network/interfaces
+      - leaf04/etc/frr/daemons:/etc/frr/daemons
+      - leaf04/etc/frr/frr.conf:/etc/frr/frr.conf
+
+    server01:
+      kind: linux
+      image: networkop/host:ifreload
+      binds:
+      - server01/etc/network/interfaces:/etc/network/interfaces
+
+    server02:
+      kind: linux
+      image: networkop/host:ifreload
+      binds:
+      - server02/etc/network/interfaces:/etc/network/interfaces
+
+    server03:
+      kind: linux
+      image: networkop/host:ifreload
+      binds:
+      - server03/etc/network/interfaces:/etc/network/interfaces
+
+    server04:
+      kind: linux
+      image: networkop/host:ifreload
+      binds:
+      - server04/etc/network/interfaces:/etc/network/interfaces
+
+    server05:
+      kind: linux
+      image: networkop/host:ifreload
+      binds:
+      - server05/etc/network/interfaces:/etc/network/interfaces
+
+    server06:
+      kind: linux
+      image: networkop/host:ifreload
+      binds:
+      - server06/etc/network/interfaces:/etc/network/interfaces
+
+
+  links:
+    - endpoints: ["spine01:swp1", "leaf01:swp51"]
+    - endpoints: ["spine02:swp1", "leaf01:swp52"]
+
+    - endpoints: ["spine01:swp2", "leaf02:swp51"]
+    - endpoints: ["spine02:swp2", "leaf02:swp52"]
+
+    - endpoints: ["spine01:swp3", "leaf03:swp51"]
+    - endpoints: ["spine02:swp3", "leaf03:swp52"]
+
+    - endpoints: ["spine01:swp4", "leaf04:swp51"]
+    - endpoints: ["spine02:swp4", "leaf04:swp52"]
+
+    - endpoints: ["spine01:swp5", "border01:swp51"]
+    - endpoints: ["spine02:swp5", "border01:swp52"]
+
+    - endpoints: ["spine01:swp6", "border02:swp51"]
+    - endpoints: ["spine02:swp6", "border02:swp52"]
+
+    - endpoints: ["server01:eth1", "leaf01:swp1"]
+    - endpoints: ["server01:eth2", "leaf02:swp1"]
+
+    - endpoints: ["server02:eth1", "leaf01:swp2"]
+    - endpoints: ["server02:eth2", "leaf02:swp2"]
+
+    - endpoints: ["server03:eth1", "leaf01:swp3"]
+    - endpoints: ["server03:eth2", "leaf02:swp3"]
+
+    - endpoints: ["server04:eth1", "leaf03:swp1"]
+    - endpoints: ["server04:eth2", "leaf04:swp1"]
+
+    - endpoints: ["server05:eth1", "leaf03:swp2"]
+    - endpoints: ["server05:eth2", "leaf04:swp2"]
+
+    - endpoints: ["server06:eth1", "leaf03:swp3"]
+    - endpoints: ["server06:eth2", "leaf04:swp3"]
\ No newline at end of file

From 7250b66596328bd6153f7671fa94253eaee60a88 Mon Sep 17 00:00:00 2001
From: networkop <mmkashin@gmail.com>
Date: Fri, 9 Jul 2021 14:06:38 +0100
Subject: [PATCH 2/7] added mlag lab

---
 .../{ => evpn-mh}/border01/etc/frr/daemons    |   0
 .../{ => evpn-mh}/border01/etc/frr/frr.conf   |   0
 .../border01/etc/network/interfaces           |   0
 .../{ => evpn-mh}/border02/etc/frr/daemons    |   0
 .../{ => evpn-mh}/border02/etc/frr/frr.conf   |   0
 .../border02/etc/network/interfaces           |   0
 .../{ => evpn-mh}/leaf01/etc/frr/daemons      |   0
 .../{ => evpn-mh}/leaf01/etc/frr/frr.conf     |   0
 .../leaf01/etc/network/interfaces             |   0
 .../{ => evpn-mh}/leaf02/etc/frr/daemons      |   0
 .../{ => evpn-mh}/leaf02/etc/frr/frr.conf     |   0
 .../leaf02/etc/network/interfaces             |   0
 .../{ => evpn-mh}/leaf03/etc/frr/daemons      |   0
 .../{ => evpn-mh}/leaf03/etc/frr/frr.conf     |   0
 .../leaf03/etc/network/interfaces             |   0
 .../{ => evpn-mh}/leaf04/etc/frr/daemons      |   0
 .../{ => evpn-mh}/leaf04/etc/frr/frr.conf     |   0
 .../leaf04/etc/network/interfaces             |   0
 .../server01/etc/network/interfaces           |   0
 .../server02/etc/network/interfaces           |   0
 .../server03/etc/network/interfaces           |   0
 .../server04/etc/network/interfaces           |   0
 .../server05/etc/network/interfaces           |   0
 .../server06/etc/network/interfaces           |   0
 .../{ => evpn-mh}/spine01/etc/frr/daemons     |   0
 .../{ => evpn-mh}/spine01/etc/frr/frr.conf    |   0
 .../spine01/etc/network/interfaces            |   0
 .../{ => evpn-mh}/spine02/etc/frr/daemons     |   0
 .../{ => evpn-mh}/spine02/etc/frr/frr.conf    |   0
 .../spine02/etc/network/interfaces            |   0
 .../cvx04/evpn-mlag/border01/etc/frr/daemons  |  86 ++++++++
 .../cvx04/evpn-mlag/border01/etc/frr/frr.conf |  75 +++++++
 .../evpn-mlag/border01/etc/network/interfaces | 125 ++++++++++++
 .../cvx04/evpn-mlag/border02/etc/frr/daemons  |  86 ++++++++
 .../cvx04/evpn-mlag/border02/etc/frr/frr.conf |  75 +++++++
 .../evpn-mlag/border02/etc/network/interfaces | 125 ++++++++++++
 .../cvx04/evpn-mlag/leaf01/etc/frr/daemons    |  86 ++++++++
 .../cvx04/evpn-mlag/leaf01/etc/frr/frr.conf   |  74 +++++++
 .../evpn-mlag/leaf01/etc/network/interfaces   | 189 ++++++++++++++++++
 .../cvx04/evpn-mlag/leaf02/etc/frr/daemons    |  86 ++++++++
 .../cvx04/evpn-mlag/leaf02/etc/frr/frr.conf   |  74 +++++++
 .../evpn-mlag/leaf02/etc/network/interfaces   | 189 ++++++++++++++++++
 .../cvx04/evpn-mlag/leaf03/etc/frr/daemons    |  86 ++++++++
 .../cvx04/evpn-mlag/leaf03/etc/frr/frr.conf   |  74 +++++++
 .../evpn-mlag/leaf03/etc/network/interfaces   | 189 ++++++++++++++++++
 .../cvx04/evpn-mlag/leaf04/etc/frr/daemons    |  86 ++++++++
 .../cvx04/evpn-mlag/leaf04/etc/frr/frr.conf   |  74 +++++++
 .../evpn-mlag/leaf04/etc/network/interfaces   | 189 ++++++++++++++++++
 .../evpn-mlag/server01/etc/network/interfaces |  31 +++
 .../evpn-mlag/server02/etc/network/interfaces |  31 +++
 .../evpn-mlag/server03/etc/network/interfaces |  31 +++
 .../evpn-mlag/server04/etc/network/interfaces |  31 +++
 .../evpn-mlag/server05/etc/network/interfaces |  31 +++
 .../evpn-mlag/server06/etc/network/interfaces |  31 +++
 .../cvx04/evpn-mlag/spine01/etc/frr/daemons   |  86 ++++++++
 .../cvx04/evpn-mlag/spine01/etc/frr/frr.conf  |  42 ++++
 .../evpn-mlag/spine01/etc/network/interfaces  |  39 ++++
 .../cvx04/evpn-mlag/spine02/etc/frr/daemons   |  86 ++++++++
 .../cvx04/evpn-mlag/spine02/etc/frr/frr.conf  |  42 ++++
 .../evpn-mlag/spine02/etc/network/interfaces  |  39 ++++
 lab-examples/cvx04/symm-mh.yml                |  62 +++---
 lab-examples/cvx04/symm-mlag.yml              | 141 +++++++++++++
 62 files changed, 2660 insertions(+), 31 deletions(-)
 rename lab-examples/cvx04/{ => evpn-mh}/border01/etc/frr/daemons (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/border01/etc/frr/frr.conf (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/border01/etc/network/interfaces (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/border02/etc/frr/daemons (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/border02/etc/frr/frr.conf (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/border02/etc/network/interfaces (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/leaf01/etc/frr/daemons (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/leaf01/etc/frr/frr.conf (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/leaf01/etc/network/interfaces (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/leaf02/etc/frr/daemons (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/leaf02/etc/frr/frr.conf (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/leaf02/etc/network/interfaces (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/leaf03/etc/frr/daemons (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/leaf03/etc/frr/frr.conf (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/leaf03/etc/network/interfaces (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/leaf04/etc/frr/daemons (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/leaf04/etc/frr/frr.conf (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/leaf04/etc/network/interfaces (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/server01/etc/network/interfaces (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/server02/etc/network/interfaces (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/server03/etc/network/interfaces (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/server04/etc/network/interfaces (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/server05/etc/network/interfaces (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/server06/etc/network/interfaces (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/spine01/etc/frr/daemons (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/spine01/etc/frr/frr.conf (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/spine01/etc/network/interfaces (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/spine02/etc/frr/daemons (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/spine02/etc/frr/frr.conf (100%)
 rename lab-examples/cvx04/{ => evpn-mh}/spine02/etc/network/interfaces (100%)
 create mode 100755 lab-examples/cvx04/evpn-mlag/border01/etc/frr/daemons
 create mode 100755 lab-examples/cvx04/evpn-mlag/border01/etc/frr/frr.conf
 create mode 100755 lab-examples/cvx04/evpn-mlag/border01/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/evpn-mlag/border02/etc/frr/daemons
 create mode 100755 lab-examples/cvx04/evpn-mlag/border02/etc/frr/frr.conf
 create mode 100755 lab-examples/cvx04/evpn-mlag/border02/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/evpn-mlag/leaf01/etc/frr/daemons
 create mode 100755 lab-examples/cvx04/evpn-mlag/leaf01/etc/frr/frr.conf
 create mode 100755 lab-examples/cvx04/evpn-mlag/leaf01/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/evpn-mlag/leaf02/etc/frr/daemons
 create mode 100755 lab-examples/cvx04/evpn-mlag/leaf02/etc/frr/frr.conf
 create mode 100755 lab-examples/cvx04/evpn-mlag/leaf02/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/evpn-mlag/leaf03/etc/frr/daemons
 create mode 100755 lab-examples/cvx04/evpn-mlag/leaf03/etc/frr/frr.conf
 create mode 100755 lab-examples/cvx04/evpn-mlag/leaf03/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/evpn-mlag/leaf04/etc/frr/daemons
 create mode 100755 lab-examples/cvx04/evpn-mlag/leaf04/etc/frr/frr.conf
 create mode 100755 lab-examples/cvx04/evpn-mlag/leaf04/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/evpn-mlag/server01/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/evpn-mlag/server02/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/evpn-mlag/server03/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/evpn-mlag/server04/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/evpn-mlag/server05/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/evpn-mlag/server06/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/evpn-mlag/spine01/etc/frr/daemons
 create mode 100755 lab-examples/cvx04/evpn-mlag/spine01/etc/frr/frr.conf
 create mode 100755 lab-examples/cvx04/evpn-mlag/spine01/etc/network/interfaces
 create mode 100755 lab-examples/cvx04/evpn-mlag/spine02/etc/frr/daemons
 create mode 100755 lab-examples/cvx04/evpn-mlag/spine02/etc/frr/frr.conf
 create mode 100755 lab-examples/cvx04/evpn-mlag/spine02/etc/network/interfaces
 create mode 100644 lab-examples/cvx04/symm-mlag.yml

diff --git a/lab-examples/cvx04/border01/etc/frr/daemons b/lab-examples/cvx04/evpn-mh/border01/etc/frr/daemons
similarity index 100%
rename from lab-examples/cvx04/border01/etc/frr/daemons
rename to lab-examples/cvx04/evpn-mh/border01/etc/frr/daemons
diff --git a/lab-examples/cvx04/border01/etc/frr/frr.conf b/lab-examples/cvx04/evpn-mh/border01/etc/frr/frr.conf
similarity index 100%
rename from lab-examples/cvx04/border01/etc/frr/frr.conf
rename to lab-examples/cvx04/evpn-mh/border01/etc/frr/frr.conf
diff --git a/lab-examples/cvx04/border01/etc/network/interfaces b/lab-examples/cvx04/evpn-mh/border01/etc/network/interfaces
similarity index 100%
rename from lab-examples/cvx04/border01/etc/network/interfaces
rename to lab-examples/cvx04/evpn-mh/border01/etc/network/interfaces
diff --git a/lab-examples/cvx04/border02/etc/frr/daemons b/lab-examples/cvx04/evpn-mh/border02/etc/frr/daemons
similarity index 100%
rename from lab-examples/cvx04/border02/etc/frr/daemons
rename to lab-examples/cvx04/evpn-mh/border02/etc/frr/daemons
diff --git a/lab-examples/cvx04/border02/etc/frr/frr.conf b/lab-examples/cvx04/evpn-mh/border02/etc/frr/frr.conf
similarity index 100%
rename from lab-examples/cvx04/border02/etc/frr/frr.conf
rename to lab-examples/cvx04/evpn-mh/border02/etc/frr/frr.conf
diff --git a/lab-examples/cvx04/border02/etc/network/interfaces b/lab-examples/cvx04/evpn-mh/border02/etc/network/interfaces
similarity index 100%
rename from lab-examples/cvx04/border02/etc/network/interfaces
rename to lab-examples/cvx04/evpn-mh/border02/etc/network/interfaces
diff --git a/lab-examples/cvx04/leaf01/etc/frr/daemons b/lab-examples/cvx04/evpn-mh/leaf01/etc/frr/daemons
similarity index 100%
rename from lab-examples/cvx04/leaf01/etc/frr/daemons
rename to lab-examples/cvx04/evpn-mh/leaf01/etc/frr/daemons
diff --git a/lab-examples/cvx04/leaf01/etc/frr/frr.conf b/lab-examples/cvx04/evpn-mh/leaf01/etc/frr/frr.conf
similarity index 100%
rename from lab-examples/cvx04/leaf01/etc/frr/frr.conf
rename to lab-examples/cvx04/evpn-mh/leaf01/etc/frr/frr.conf
diff --git a/lab-examples/cvx04/leaf01/etc/network/interfaces b/lab-examples/cvx04/evpn-mh/leaf01/etc/network/interfaces
similarity index 100%
rename from lab-examples/cvx04/leaf01/etc/network/interfaces
rename to lab-examples/cvx04/evpn-mh/leaf01/etc/network/interfaces
diff --git a/lab-examples/cvx04/leaf02/etc/frr/daemons b/lab-examples/cvx04/evpn-mh/leaf02/etc/frr/daemons
similarity index 100%
rename from lab-examples/cvx04/leaf02/etc/frr/daemons
rename to lab-examples/cvx04/evpn-mh/leaf02/etc/frr/daemons
diff --git a/lab-examples/cvx04/leaf02/etc/frr/frr.conf b/lab-examples/cvx04/evpn-mh/leaf02/etc/frr/frr.conf
similarity index 100%
rename from lab-examples/cvx04/leaf02/etc/frr/frr.conf
rename to lab-examples/cvx04/evpn-mh/leaf02/etc/frr/frr.conf
diff --git a/lab-examples/cvx04/leaf02/etc/network/interfaces b/lab-examples/cvx04/evpn-mh/leaf02/etc/network/interfaces
similarity index 100%
rename from lab-examples/cvx04/leaf02/etc/network/interfaces
rename to lab-examples/cvx04/evpn-mh/leaf02/etc/network/interfaces
diff --git a/lab-examples/cvx04/leaf03/etc/frr/daemons b/lab-examples/cvx04/evpn-mh/leaf03/etc/frr/daemons
similarity index 100%
rename from lab-examples/cvx04/leaf03/etc/frr/daemons
rename to lab-examples/cvx04/evpn-mh/leaf03/etc/frr/daemons
diff --git a/lab-examples/cvx04/leaf03/etc/frr/frr.conf b/lab-examples/cvx04/evpn-mh/leaf03/etc/frr/frr.conf
similarity index 100%
rename from lab-examples/cvx04/leaf03/etc/frr/frr.conf
rename to lab-examples/cvx04/evpn-mh/leaf03/etc/frr/frr.conf
diff --git a/lab-examples/cvx04/leaf03/etc/network/interfaces b/lab-examples/cvx04/evpn-mh/leaf03/etc/network/interfaces
similarity index 100%
rename from lab-examples/cvx04/leaf03/etc/network/interfaces
rename to lab-examples/cvx04/evpn-mh/leaf03/etc/network/interfaces
diff --git a/lab-examples/cvx04/leaf04/etc/frr/daemons b/lab-examples/cvx04/evpn-mh/leaf04/etc/frr/daemons
similarity index 100%
rename from lab-examples/cvx04/leaf04/etc/frr/daemons
rename to lab-examples/cvx04/evpn-mh/leaf04/etc/frr/daemons
diff --git a/lab-examples/cvx04/leaf04/etc/frr/frr.conf b/lab-examples/cvx04/evpn-mh/leaf04/etc/frr/frr.conf
similarity index 100%
rename from lab-examples/cvx04/leaf04/etc/frr/frr.conf
rename to lab-examples/cvx04/evpn-mh/leaf04/etc/frr/frr.conf
diff --git a/lab-examples/cvx04/leaf04/etc/network/interfaces b/lab-examples/cvx04/evpn-mh/leaf04/etc/network/interfaces
similarity index 100%
rename from lab-examples/cvx04/leaf04/etc/network/interfaces
rename to lab-examples/cvx04/evpn-mh/leaf04/etc/network/interfaces
diff --git a/lab-examples/cvx04/server01/etc/network/interfaces b/lab-examples/cvx04/evpn-mh/server01/etc/network/interfaces
similarity index 100%
rename from lab-examples/cvx04/server01/etc/network/interfaces
rename to lab-examples/cvx04/evpn-mh/server01/etc/network/interfaces
diff --git a/lab-examples/cvx04/server02/etc/network/interfaces b/lab-examples/cvx04/evpn-mh/server02/etc/network/interfaces
similarity index 100%
rename from lab-examples/cvx04/server02/etc/network/interfaces
rename to lab-examples/cvx04/evpn-mh/server02/etc/network/interfaces
diff --git a/lab-examples/cvx04/server03/etc/network/interfaces b/lab-examples/cvx04/evpn-mh/server03/etc/network/interfaces
similarity index 100%
rename from lab-examples/cvx04/server03/etc/network/interfaces
rename to lab-examples/cvx04/evpn-mh/server03/etc/network/interfaces
diff --git a/lab-examples/cvx04/server04/etc/network/interfaces b/lab-examples/cvx04/evpn-mh/server04/etc/network/interfaces
similarity index 100%
rename from lab-examples/cvx04/server04/etc/network/interfaces
rename to lab-examples/cvx04/evpn-mh/server04/etc/network/interfaces
diff --git a/lab-examples/cvx04/server05/etc/network/interfaces b/lab-examples/cvx04/evpn-mh/server05/etc/network/interfaces
similarity index 100%
rename from lab-examples/cvx04/server05/etc/network/interfaces
rename to lab-examples/cvx04/evpn-mh/server05/etc/network/interfaces
diff --git a/lab-examples/cvx04/server06/etc/network/interfaces b/lab-examples/cvx04/evpn-mh/server06/etc/network/interfaces
similarity index 100%
rename from lab-examples/cvx04/server06/etc/network/interfaces
rename to lab-examples/cvx04/evpn-mh/server06/etc/network/interfaces
diff --git a/lab-examples/cvx04/spine01/etc/frr/daemons b/lab-examples/cvx04/evpn-mh/spine01/etc/frr/daemons
similarity index 100%
rename from lab-examples/cvx04/spine01/etc/frr/daemons
rename to lab-examples/cvx04/evpn-mh/spine01/etc/frr/daemons
diff --git a/lab-examples/cvx04/spine01/etc/frr/frr.conf b/lab-examples/cvx04/evpn-mh/spine01/etc/frr/frr.conf
similarity index 100%
rename from lab-examples/cvx04/spine01/etc/frr/frr.conf
rename to lab-examples/cvx04/evpn-mh/spine01/etc/frr/frr.conf
diff --git a/lab-examples/cvx04/spine01/etc/network/interfaces b/lab-examples/cvx04/evpn-mh/spine01/etc/network/interfaces
similarity index 100%
rename from lab-examples/cvx04/spine01/etc/network/interfaces
rename to lab-examples/cvx04/evpn-mh/spine01/etc/network/interfaces
diff --git a/lab-examples/cvx04/spine02/etc/frr/daemons b/lab-examples/cvx04/evpn-mh/spine02/etc/frr/daemons
similarity index 100%
rename from lab-examples/cvx04/spine02/etc/frr/daemons
rename to lab-examples/cvx04/evpn-mh/spine02/etc/frr/daemons
diff --git a/lab-examples/cvx04/spine02/etc/frr/frr.conf b/lab-examples/cvx04/evpn-mh/spine02/etc/frr/frr.conf
similarity index 100%
rename from lab-examples/cvx04/spine02/etc/frr/frr.conf
rename to lab-examples/cvx04/evpn-mh/spine02/etc/frr/frr.conf
diff --git a/lab-examples/cvx04/spine02/etc/network/interfaces b/lab-examples/cvx04/evpn-mh/spine02/etc/network/interfaces
similarity index 100%
rename from lab-examples/cvx04/spine02/etc/network/interfaces
rename to lab-examples/cvx04/evpn-mh/spine02/etc/network/interfaces
diff --git a/lab-examples/cvx04/evpn-mlag/border01/etc/frr/daemons b/lab-examples/cvx04/evpn-mlag/border01/etc/frr/daemons
new file mode 100755
index 000000000..6568bfe7d
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/border01/etc/frr/daemons
@@ -0,0 +1,86 @@
+# Ansible Managed File
+# This file tells the frr package which daemons to start.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/frr/examples/.
+#
+# ATTENTION:
+#
+# When activating a daemon for the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "frr", else
+# the daemon will not be started by /etc/init.d/frr. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
+#
+# The watchfrr, zebra and staticd daemons are always started.
+#
+bgpd=yes
+pimd=no
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+ldpd=no
+nhrpd=no
+eigrpd=no
+babeld=no
+sharpd=no
+pbrd=no
+bfdd=no
+fabricd=no
+vrrpd=no
+
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+ospfd_options="  -A 127.0.0.1"
+ospf6d_options=" -A ::1"
+ripd_options="   -A 127.0.0.1"
+ripngd_options=" -A ::1"
+isisd_options="  -A 127.0.0.1"
+pimd_options="   -A 127.0.0.1"
+ldpd_options="   -A 127.0.0.1"
+nhrpd_options="  -A 127.0.0.1"
+eigrpd_options=" -A 127.0.0.1"
+babeld_options=" -A 127.0.0.1"
+sharpd_options=" -A 127.0.0.1"
+pbrd_options="   -A 127.0.0.1"
+staticd_options="-A 127.0.0.1"
+bfdd_options="   -A 127.0.0.1"
+fabricd_options="-A 127.0.0.1"
+vrrpd_options="  -A 127.0.0.1"
+
+# configuration profile
+#
+#frr_profile="traditional"
+#frr_profile="datacenter"
+
+#
+# This is the maximum number of FD's that will be available.
+# Upon startup this is read by the control files and ulimit
+# is called.  Uncomment and use a reasonable value for your
+# setup if you are expecting a large number of peers in
+# say BGP.
+#MAX_FDS=1024
+
+# The list of daemons to watch is automatically generated by the init script.
+#watchfrr_options=""
+
+# To make watchfrr create/join the specified netns, use the following option:
+#watchfrr_options="--netns"
+# This only has an effect in /etc/frr/<somename>/daemons, and you need to
+# start FRR with "/usr/lib/frr/frrinit.sh start <somename>".
+
+# for debugging purposes, you can specify a "wrap" command to start instead
+# of starting the daemon directly, e.g. to use valgrind on ospfd:
+#   ospfd_wrap="/usr/bin/valgrind"
+# or you can use "all_wrap" for all daemons, e.g. to use perf record:
+#   all_wrap="/usr/bin/perf record --call-graph -"
+# the normal daemon command is added to this at the end.
diff --git a/lab-examples/cvx04/evpn-mlag/border01/etc/frr/frr.conf b/lab-examples/cvx04/evpn-mlag/border01/etc/frr/frr.conf
new file mode 100755
index 000000000..305f70616
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/border01/etc/frr/frr.conf
@@ -0,0 +1,75 @@
+# Ansible Managed File
+frr defaults datacenter
+hostname border01
+log syslog informational
+zebra nexthop proto only
+service integrated-vtysh-config
+!
+interface lo
+interface swp51
+interface swp52
+interface swp53
+interface swp54
+interface bond1
+
+vrf mgmt
+ ip route 0.0.0.0/0 192.168.200.1
+ exit-vrf
+!
+vrf RED
+ vni 4001
+ ip route 10.1.30.0/24 10.1.101.4
+ exit-vrf
+!
+vrf BLUE
+ vni 4002
+ ip route 10.1.10.0/24 10.1.102.4
+ ip route 10.1.20.0/24 10.1.102.4
+ exit-vrf
+!
+!
+router bgp 65163
+ bgp router-id 10.10.10.63
+ neighbor underlay peer-group
+ neighbor underlay remote-as external
+ neighbor peerlink.4094 interface peer-group underlay
+ neighbor swp51 interface peer-group underlay
+ neighbor swp52 interface peer-group underlay
+ neighbor swp53 interface peer-group underlay
+ neighbor swp54 interface peer-group underlay
+ !
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  neighbor underlay activate
+  advertise-all-vni
+ exit-address-family
+!
+router bgp 65163 vrf RED
+ bgp router-id 10.10.10.63
+ !
+ address-family ipv4 unicast
+  redistribute static
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+router bgp 65163 vrf BLUE
+ bgp router-id 10.10.10.63
+ !
+ address-family ipv4 unicast
+  redistribute static
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+!
+line vty
+!
diff --git a/lab-examples/cvx04/evpn-mlag/border01/etc/network/interfaces b/lab-examples/cvx04/evpn-mlag/border01/etc/network/interfaces
new file mode 100755
index 000000000..45305cf6c
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/border01/etc/network/interfaces
@@ -0,0 +1,125 @@
+# Ansible Managed File
+auto lo
+iface lo inet loopback
+    address 10.10.10.63/32
+    clagd-vxlan-anycast-ip 10.0.1.255
+    vxlan-local-tunnelip 10.10.10.63
+
+auto eth0
+iface eth0 inet dhcp
+    vrf mgmt
+
+auto mgmt
+iface mgmt
+  vrf-table auto
+  address 127.0.0.1/8
+  address ::1/128
+
+auto RED
+iface RED
+  vrf-table auto
+
+auto BLUE
+iface BLUE
+  vrf-table auto
+
+auto bridge
+iface bridge
+    bridge-ports peerlink bond1 vniRED vniBLUE 
+    bridge-vids 101 102  
+    bridge-vlan-aware yes
+
+auto vniRED
+iface vniRED
+    bridge-access 4001
+    vxlan-id 4001
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vniBLUE
+iface vniBLUE
+    bridge-access 4002
+    vxlan-id 4002
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vlan101
+iface vlan101
+    address 10.1.101.64/24
+    address-virtual 00:00:00:00:00:01 10.1.101.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 101
+
+auto vlan102
+iface vlan102
+    address 10.1.102.64/24
+    address-virtual 00:00:00:00:00:02 10.1.102.1/24
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 102
+
+auto vlan4001
+iface vlan4001
+    hwaddress 44:38:39:BE:EF:FF
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 4001
+
+auto vlan4002
+iface vlan4002
+    hwaddress 44:38:39:BE:EF:FF
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 4002
+
+auto swp51
+iface swp51
+    alias to spine
+
+auto swp52
+iface swp52
+    alias to spine
+
+auto swp53
+iface swp53
+    alias to spine
+
+auto swp54
+iface swp54
+    alias to spine
+
+auto swp49
+iface swp49
+    alias peerlink
+
+auto swp50
+iface swp50
+    alias peerlink
+
+auto peerlink
+iface peerlink
+    bond-slaves swp49 swp50 
+
+auto peerlink.4094
+iface peerlink.4094
+    clagd-backup-ip 10.10.10.64
+    clagd-peer-ip linklocal
+    clagd-priority 1000
+    clagd-sys-mac 44:38:39:BE:EF:FF
+    clagd-args --initDelay 10
+
+auto swp3
+iface swp3
+    alias bond member of bond1
+auto bond1
+iface bond1
+    bond-slaves swp3 
+    clag-id 1
+    bridge-vids 101 102
+    mtu 9000
+
diff --git a/lab-examples/cvx04/evpn-mlag/border02/etc/frr/daemons b/lab-examples/cvx04/evpn-mlag/border02/etc/frr/daemons
new file mode 100755
index 000000000..6568bfe7d
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/border02/etc/frr/daemons
@@ -0,0 +1,86 @@
+# Ansible Managed File
+# This file tells the frr package which daemons to start.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/frr/examples/.
+#
+# ATTENTION:
+#
+# When activating a daemon for the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "frr", else
+# the daemon will not be started by /etc/init.d/frr. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
+#
+# The watchfrr, zebra and staticd daemons are always started.
+#
+bgpd=yes
+pimd=no
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+ldpd=no
+nhrpd=no
+eigrpd=no
+babeld=no
+sharpd=no
+pbrd=no
+bfdd=no
+fabricd=no
+vrrpd=no
+
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+ospfd_options="  -A 127.0.0.1"
+ospf6d_options=" -A ::1"
+ripd_options="   -A 127.0.0.1"
+ripngd_options=" -A ::1"
+isisd_options="  -A 127.0.0.1"
+pimd_options="   -A 127.0.0.1"
+ldpd_options="   -A 127.0.0.1"
+nhrpd_options="  -A 127.0.0.1"
+eigrpd_options=" -A 127.0.0.1"
+babeld_options=" -A 127.0.0.1"
+sharpd_options=" -A 127.0.0.1"
+pbrd_options="   -A 127.0.0.1"
+staticd_options="-A 127.0.0.1"
+bfdd_options="   -A 127.0.0.1"
+fabricd_options="-A 127.0.0.1"
+vrrpd_options="  -A 127.0.0.1"
+
+# configuration profile
+#
+#frr_profile="traditional"
+#frr_profile="datacenter"
+
+#
+# This is the maximum number of FD's that will be available.
+# Upon startup this is read by the control files and ulimit
+# is called.  Uncomment and use a reasonable value for your
+# setup if you are expecting a large number of peers in
+# say BGP.
+#MAX_FDS=1024
+
+# The list of daemons to watch is automatically generated by the init script.
+#watchfrr_options=""
+
+# To make watchfrr create/join the specified netns, use the following option:
+#watchfrr_options="--netns"
+# This only has an effect in /etc/frr/<somename>/daemons, and you need to
+# start FRR with "/usr/lib/frr/frrinit.sh start <somename>".
+
+# for debugging purposes, you can specify a "wrap" command to start instead
+# of starting the daemon directly, e.g. to use valgrind on ospfd:
+#   ospfd_wrap="/usr/bin/valgrind"
+# or you can use "all_wrap" for all daemons, e.g. to use perf record:
+#   all_wrap="/usr/bin/perf record --call-graph -"
+# the normal daemon command is added to this at the end.
diff --git a/lab-examples/cvx04/evpn-mlag/border02/etc/frr/frr.conf b/lab-examples/cvx04/evpn-mlag/border02/etc/frr/frr.conf
new file mode 100755
index 000000000..d297dc9b9
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/border02/etc/frr/frr.conf
@@ -0,0 +1,75 @@
+# Ansible Managed File
+frr defaults datacenter
+hostname border02
+log syslog informational
+zebra nexthop proto only
+service integrated-vtysh-config
+!
+interface lo
+interface swp51
+interface swp52
+interface swp53
+interface swp54
+interface bond1
+
+vrf mgmt
+ ip route 0.0.0.0/0 192.168.200.1
+ exit-vrf
+!
+vrf RED
+ vni 4001
+ ip route 10.1.30.0/24 10.1.101.4
+ exit-vrf
+!
+vrf BLUE
+ vni 4002
+ ip route 10.1.10.0/24 10.1.102.4
+ ip route 10.1.20.0/24 10.1.102.4
+ exit-vrf
+!
+!
+router bgp 65164
+ bgp router-id 10.10.10.64
+ neighbor underlay peer-group
+ neighbor underlay remote-as external
+ neighbor peerlink.4094 interface peer-group underlay
+ neighbor swp51 interface peer-group underlay
+ neighbor swp52 interface peer-group underlay
+ neighbor swp53 interface peer-group underlay
+ neighbor swp54 interface peer-group underlay
+ !
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  neighbor underlay activate
+  advertise-all-vni
+ exit-address-family
+!
+router bgp 65164 vrf RED
+ bgp router-id 10.10.10.64
+ !
+ address-family ipv4 unicast
+  redistribute static
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+router bgp 65164 vrf BLUE
+ bgp router-id 10.10.10.64
+ !
+ address-family ipv4 unicast
+  redistribute static
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+!
+line vty
+!
diff --git a/lab-examples/cvx04/evpn-mlag/border02/etc/network/interfaces b/lab-examples/cvx04/evpn-mlag/border02/etc/network/interfaces
new file mode 100755
index 000000000..d6312242e
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/border02/etc/network/interfaces
@@ -0,0 +1,125 @@
+# Ansible Managed File
+auto lo
+iface lo inet loopback
+    address 10.10.10.64/32
+    clagd-vxlan-anycast-ip 10.0.1.255
+    vxlan-local-tunnelip 10.10.10.64
+
+auto eth0
+iface eth0 inet dhcp
+    vrf mgmt
+
+auto mgmt
+iface mgmt
+  vrf-table auto
+  address 127.0.0.1/8
+  address ::1/128
+
+auto RED
+iface RED
+  vrf-table auto
+
+auto BLUE
+iface BLUE
+  vrf-table auto
+
+auto bridge
+iface bridge
+    bridge-ports peerlink bond1 vniRED vniBLUE 
+    bridge-vids 101 102  
+    bridge-vlan-aware yes
+
+auto vniRED
+iface vniRED
+    bridge-access 4001
+    vxlan-id 4001
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vniBLUE
+iface vniBLUE
+    bridge-access 4002
+    vxlan-id 4002
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vlan101
+iface vlan101
+    address 10.1.101.65/24
+    address-virtual 00:00:00:00:00:01 10.1.101.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 101
+
+auto vlan102
+iface vlan102
+    address 10.1.102.65/24
+    address-virtual 00:00:00:00:00:02 10.1.102.1/24
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 102
+
+auto vlan4001
+iface vlan4001
+    hwaddress 44:38:39:BE:EF:FF
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 4001
+
+auto vlan4002
+iface vlan4002
+    hwaddress 44:38:39:BE:EF:FF
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 4002
+
+auto swp51
+iface swp51
+    alias to spine
+
+auto swp52
+iface swp52
+    alias to spine
+
+auto swp53
+iface swp53
+    alias to spine
+
+auto swp54
+iface swp54
+    alias to spine
+
+auto swp49
+iface swp49
+    alias peerlink
+
+auto swp50
+iface swp50
+    alias peerlink
+
+auto peerlink
+iface peerlink
+    bond-slaves swp49 swp50 
+
+auto peerlink.4094
+iface peerlink.4094
+    clagd-backup-ip 10.10.10.63
+    clagd-peer-ip linklocal
+    clagd-priority 32768
+    clagd-sys-mac 44:38:39:BE:EF:FF
+    clagd-args --initDelay 10
+
+auto swp3
+iface swp3
+    alias bond member of bond1
+auto bond1
+iface bond1
+    bond-slaves swp3 
+    clag-id 1
+    bridge-vids 101 102
+    mtu 9000
+
diff --git a/lab-examples/cvx04/evpn-mlag/leaf01/etc/frr/daemons b/lab-examples/cvx04/evpn-mlag/leaf01/etc/frr/daemons
new file mode 100755
index 000000000..6568bfe7d
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/leaf01/etc/frr/daemons
@@ -0,0 +1,86 @@
+# Ansible Managed File
+# This file tells the frr package which daemons to start.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/frr/examples/.
+#
+# ATTENTION:
+#
+# When activating a daemon for the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "frr", else
+# the daemon will not be started by /etc/init.d/frr. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
+#
+# The watchfrr, zebra and staticd daemons are always started.
+#
+bgpd=yes
+pimd=no
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+ldpd=no
+nhrpd=no
+eigrpd=no
+babeld=no
+sharpd=no
+pbrd=no
+bfdd=no
+fabricd=no
+vrrpd=no
+
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+ospfd_options="  -A 127.0.0.1"
+ospf6d_options=" -A ::1"
+ripd_options="   -A 127.0.0.1"
+ripngd_options=" -A ::1"
+isisd_options="  -A 127.0.0.1"
+pimd_options="   -A 127.0.0.1"
+ldpd_options="   -A 127.0.0.1"
+nhrpd_options="  -A 127.0.0.1"
+eigrpd_options=" -A 127.0.0.1"
+babeld_options=" -A 127.0.0.1"
+sharpd_options=" -A 127.0.0.1"
+pbrd_options="   -A 127.0.0.1"
+staticd_options="-A 127.0.0.1"
+bfdd_options="   -A 127.0.0.1"
+fabricd_options="-A 127.0.0.1"
+vrrpd_options="  -A 127.0.0.1"
+
+# configuration profile
+#
+#frr_profile="traditional"
+#frr_profile="datacenter"
+
+#
+# This is the maximum number of FD's that will be available.
+# Upon startup this is read by the control files and ulimit
+# is called.  Uncomment and use a reasonable value for your
+# setup if you are expecting a large number of peers in
+# say BGP.
+#MAX_FDS=1024
+
+# The list of daemons to watch is automatically generated by the init script.
+#watchfrr_options=""
+
+# To make watchfrr create/join the specified netns, use the following option:
+#watchfrr_options="--netns"
+# This only has an effect in /etc/frr/<somename>/daemons, and you need to
+# start FRR with "/usr/lib/frr/frrinit.sh start <somename>".
+
+# for debugging purposes, you can specify a "wrap" command to start instead
+# of starting the daemon directly, e.g. to use valgrind on ospfd:
+#   ospfd_wrap="/usr/bin/valgrind"
+# or you can use "all_wrap" for all daemons, e.g. to use perf record:
+#   all_wrap="/usr/bin/perf record --call-graph -"
+# the normal daemon command is added to this at the end.
diff --git a/lab-examples/cvx04/evpn-mlag/leaf01/etc/frr/frr.conf b/lab-examples/cvx04/evpn-mlag/leaf01/etc/frr/frr.conf
new file mode 100755
index 000000000..c18e29da3
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/leaf01/etc/frr/frr.conf
@@ -0,0 +1,74 @@
+# Ansible Managed File
+frr defaults datacenter
+hostname leaf01
+log syslog informational
+zebra nexthop proto only
+service integrated-vtysh-config
+!
+interface lo
+interface swp51
+interface swp52
+interface swp53
+interface swp54
+interface bond1
+interface bond2
+interface bond3
+
+vrf mgmt
+ ip route 0.0.0.0/0 192.168.200.1
+ exit-vrf
+!
+vrf RED
+ vni 4001
+ exit-vrf
+!
+vrf BLUE
+ vni 4002
+ exit-vrf
+!
+!
+router bgp 65101
+ bgp router-id 10.10.10.1
+ neighbor underlay peer-group
+ neighbor underlay remote-as external
+ neighbor peerlink.4094 interface peer-group underlay
+ neighbor swp51 interface peer-group underlay
+ neighbor swp52 interface peer-group underlay
+ neighbor swp53 interface peer-group underlay
+ neighbor swp54 interface peer-group underlay
+ !
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  neighbor underlay activate
+  advertise-all-vni
+ exit-address-family
+!
+router bgp 65101 vrf RED
+ bgp router-id 10.10.10.1
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+router bgp 65101 vrf BLUE
+ bgp router-id 10.10.10.1
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+!
+line vty
+!
diff --git a/lab-examples/cvx04/evpn-mlag/leaf01/etc/network/interfaces b/lab-examples/cvx04/evpn-mlag/leaf01/etc/network/interfaces
new file mode 100755
index 000000000..fd8e6102f
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/leaf01/etc/network/interfaces
@@ -0,0 +1,189 @@
+# Ansible Managed File
+auto lo
+iface lo inet loopback
+    address 10.10.10.1/32
+    clagd-vxlan-anycast-ip 10.0.1.12
+    vxlan-local-tunnelip 10.10.10.1
+
+auto eth0
+iface eth0 inet dhcp
+    vrf mgmt
+
+auto mgmt
+iface mgmt
+  vrf-table auto
+  address 127.0.0.1/8
+  address ::1/128
+
+auto RED
+iface RED
+  vrf-table auto
+
+auto BLUE
+iface BLUE
+  vrf-table auto
+
+auto bridge
+iface bridge
+    bridge-ports vni10 vni20 vni30 vniRED vniBLUE peerlink bond1 bond2 bond3 
+    bridge-vids 10 20 30  
+    bridge-vlan-aware yes
+
+auto vni10
+iface vni10
+    bridge-access 10
+    vxlan-id 10
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vni20
+iface vni20
+    bridge-access 20
+    vxlan-id 20
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vni30
+iface vni30
+    bridge-access 30
+    vxlan-id 30
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vniRED
+iface vniRED
+    bridge-access 4001
+    vxlan-id 4001
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vniBLUE
+iface vniBLUE
+    bridge-access 4002
+    vxlan-id 4002
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vlan10
+iface vlan10
+    address 10.1.10.2/24
+    address-virtual 00:00:00:00:00:10 10.1.10.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 10
+
+auto vlan20
+iface vlan20
+    address 10.1.20.2/24
+    address-virtual 00:00:00:00:00:20 10.1.20.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 20
+
+auto vlan30
+iface vlan30
+    address 10.1.30.2/24
+    address-virtual 00:00:00:00:00:30 10.1.30.1/24
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 30
+
+auto vlan4001
+iface vlan4001
+    hwaddress 44:38:39:BE:EF:AA
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 4001
+
+auto vlan4002
+iface vlan4002
+    hwaddress 44:38:39:BE:EF:AA
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 4002
+
+auto swp51
+iface swp51
+    alias to spine
+
+auto swp52
+iface swp52
+    alias to spine
+
+auto swp53
+iface swp53
+    alias to spine
+
+auto swp54
+iface swp54
+    alias to spine
+
+auto swp49
+iface swp49
+    alias peerlink
+
+auto swp50
+iface swp50
+    alias peerlink
+
+auto peerlink
+iface peerlink
+    bond-slaves swp49 swp50 
+
+auto peerlink.4094
+iface peerlink.4094
+    clagd-backup-ip 10.10.10.2
+    clagd-peer-ip linklocal
+    clagd-priority 1000
+    clagd-sys-mac 44:38:39:BE:EF:AA
+    clagd-args --initDelay 10
+
+auto swp1
+iface swp1
+    alias bond member of bond1
+auto bond1
+iface bond1
+    bond-slaves swp1 
+    clag-id 1
+    bridge-access 10
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
+auto swp2
+iface swp2
+    alias bond member of bond2
+auto bond2
+iface bond2
+    bond-slaves swp2 
+    clag-id 2
+    bridge-access 20
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
+auto swp3
+iface swp3
+    alias bond member of bond3
+auto bond3
+iface bond3
+    bond-slaves swp3 
+    clag-id 3
+    bridge-access 30
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
diff --git a/lab-examples/cvx04/evpn-mlag/leaf02/etc/frr/daemons b/lab-examples/cvx04/evpn-mlag/leaf02/etc/frr/daemons
new file mode 100755
index 000000000..6568bfe7d
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/leaf02/etc/frr/daemons
@@ -0,0 +1,86 @@
+# Ansible Managed File
+# This file tells the frr package which daemons to start.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/frr/examples/.
+#
+# ATTENTION:
+#
+# When activating a daemon for the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "frr", else
+# the daemon will not be started by /etc/init.d/frr. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
+#
+# The watchfrr, zebra and staticd daemons are always started.
+#
+bgpd=yes
+pimd=no
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+ldpd=no
+nhrpd=no
+eigrpd=no
+babeld=no
+sharpd=no
+pbrd=no
+bfdd=no
+fabricd=no
+vrrpd=no
+
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+ospfd_options="  -A 127.0.0.1"
+ospf6d_options=" -A ::1"
+ripd_options="   -A 127.0.0.1"
+ripngd_options=" -A ::1"
+isisd_options="  -A 127.0.0.1"
+pimd_options="   -A 127.0.0.1"
+ldpd_options="   -A 127.0.0.1"
+nhrpd_options="  -A 127.0.0.1"
+eigrpd_options=" -A 127.0.0.1"
+babeld_options=" -A 127.0.0.1"
+sharpd_options=" -A 127.0.0.1"
+pbrd_options="   -A 127.0.0.1"
+staticd_options="-A 127.0.0.1"
+bfdd_options="   -A 127.0.0.1"
+fabricd_options="-A 127.0.0.1"
+vrrpd_options="  -A 127.0.0.1"
+
+# configuration profile
+#
+#frr_profile="traditional"
+#frr_profile="datacenter"
+
+#
+# This is the maximum number of FD's that will be available.
+# Upon startup this is read by the control files and ulimit
+# is called.  Uncomment and use a reasonable value for your
+# setup if you are expecting a large number of peers in
+# say BGP.
+#MAX_FDS=1024
+
+# The list of daemons to watch is automatically generated by the init script.
+#watchfrr_options=""
+
+# To make watchfrr create/join the specified netns, use the following option:
+#watchfrr_options="--netns"
+# This only has an effect in /etc/frr/<somename>/daemons, and you need to
+# start FRR with "/usr/lib/frr/frrinit.sh start <somename>".
+
+# for debugging purposes, you can specify a "wrap" command to start instead
+# of starting the daemon directly, e.g. to use valgrind on ospfd:
+#   ospfd_wrap="/usr/bin/valgrind"
+# or you can use "all_wrap" for all daemons, e.g. to use perf record:
+#   all_wrap="/usr/bin/perf record --call-graph -"
+# the normal daemon command is added to this at the end.
diff --git a/lab-examples/cvx04/evpn-mlag/leaf02/etc/frr/frr.conf b/lab-examples/cvx04/evpn-mlag/leaf02/etc/frr/frr.conf
new file mode 100755
index 000000000..6455f5421
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/leaf02/etc/frr/frr.conf
@@ -0,0 +1,74 @@
+# Ansible Managed File
+frr defaults datacenter
+hostname leaf02
+log syslog informational
+zebra nexthop proto only
+service integrated-vtysh-config
+!
+interface lo
+interface swp51
+interface swp52
+interface swp53
+interface swp54
+interface bond1
+interface bond2
+interface bond3
+
+vrf mgmt
+ ip route 0.0.0.0/0 192.168.200.1
+ exit-vrf
+!
+vrf RED
+ vni 4001
+ exit-vrf
+!
+vrf BLUE
+ vni 4002
+ exit-vrf
+!
+!
+router bgp 65102
+ bgp router-id 10.10.10.2
+ neighbor underlay peer-group
+ neighbor underlay remote-as external
+ neighbor peerlink.4094 interface peer-group underlay
+ neighbor swp51 interface peer-group underlay
+ neighbor swp52 interface peer-group underlay
+ neighbor swp53 interface peer-group underlay
+ neighbor swp54 interface peer-group underlay
+ !
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  neighbor underlay activate
+  advertise-all-vni
+ exit-address-family
+!
+router bgp 65102 vrf RED
+ bgp router-id 10.10.10.2
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+router bgp 65102 vrf BLUE
+ bgp router-id 10.10.10.2
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+!
+line vty
+!
diff --git a/lab-examples/cvx04/evpn-mlag/leaf02/etc/network/interfaces b/lab-examples/cvx04/evpn-mlag/leaf02/etc/network/interfaces
new file mode 100755
index 000000000..bec645131
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/leaf02/etc/network/interfaces
@@ -0,0 +1,189 @@
+# Ansible Managed File
+auto lo
+iface lo inet loopback
+    address 10.10.10.2/32
+    clagd-vxlan-anycast-ip 10.0.1.12
+    vxlan-local-tunnelip 10.10.10.2
+
+auto eth0
+iface eth0 inet dhcp
+    vrf mgmt
+
+auto mgmt
+iface mgmt
+  vrf-table auto
+  address 127.0.0.1/8
+  address ::1/128
+
+auto RED
+iface RED
+  vrf-table auto
+
+auto BLUE
+iface BLUE
+  vrf-table auto
+
+auto bridge
+iface bridge
+    bridge-ports vni10 vni20 vni30 vniRED vniBLUE peerlink bond1 bond2 bond3 
+    bridge-vids 10 20 30  
+    bridge-vlan-aware yes
+
+auto vni10
+iface vni10
+    bridge-access 10
+    vxlan-id 10
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vni20
+iface vni20
+    bridge-access 20
+    vxlan-id 20
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vni30
+iface vni30
+    bridge-access 30
+    vxlan-id 30
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vniRED
+iface vniRED
+    bridge-access 4001
+    vxlan-id 4001
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vniBLUE
+iface vniBLUE
+    bridge-access 4002
+    vxlan-id 4002
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vlan10
+iface vlan10
+    address 10.1.10.3/24
+    address-virtual 00:00:00:00:00:10 10.1.10.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 10
+
+auto vlan20
+iface vlan20
+    address 10.1.20.3/24
+    address-virtual 00:00:00:00:00:20 10.1.20.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 20
+
+auto vlan30
+iface vlan30
+    address 10.1.30.3/24
+    address-virtual 00:00:00:00:00:30 10.1.30.1/24
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 30
+
+auto vlan4001
+iface vlan4001
+    hwaddress 44:38:39:BE:EF:AA
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 4001
+
+auto vlan4002
+iface vlan4002
+    hwaddress 44:38:39:BE:EF:AA
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 4002
+
+auto swp51
+iface swp51
+    alias to spine
+
+auto swp52
+iface swp52
+    alias to spine
+
+auto swp53
+iface swp53
+    alias to spine
+
+auto swp54
+iface swp54
+    alias to spine
+
+auto swp49
+iface swp49
+    alias peerlink
+
+auto swp50
+iface swp50
+    alias peerlink
+
+auto peerlink
+iface peerlink
+    bond-slaves swp49 swp50 
+
+auto peerlink.4094
+iface peerlink.4094
+    clagd-backup-ip 10.10.10.1
+    clagd-peer-ip linklocal
+    clagd-priority 32768
+    clagd-sys-mac 44:38:39:BE:EF:AA
+    clagd-args --initDelay 10
+
+auto swp1
+iface swp1
+    alias bond member of bond1
+auto bond1
+iface bond1
+    bond-slaves swp1 
+    clag-id 1
+    bridge-access 10
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
+auto swp2
+iface swp2
+    alias bond member of bond2
+auto bond2
+iface bond2
+    bond-slaves swp2 
+    clag-id 2
+    bridge-access 20
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
+auto swp3
+iface swp3
+    alias bond member of bond3
+auto bond3
+iface bond3
+    bond-slaves swp3 
+    clag-id 3
+    bridge-access 30
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
diff --git a/lab-examples/cvx04/evpn-mlag/leaf03/etc/frr/daemons b/lab-examples/cvx04/evpn-mlag/leaf03/etc/frr/daemons
new file mode 100755
index 000000000..6568bfe7d
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/leaf03/etc/frr/daemons
@@ -0,0 +1,86 @@
+# Ansible Managed File
+# This file tells the frr package which daemons to start.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/frr/examples/.
+#
+# ATTENTION:
+#
+# When activating a daemon for the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "frr", else
+# the daemon will not be started by /etc/init.d/frr. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
+#
+# The watchfrr, zebra and staticd daemons are always started.
+#
+bgpd=yes
+pimd=no
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+ldpd=no
+nhrpd=no
+eigrpd=no
+babeld=no
+sharpd=no
+pbrd=no
+bfdd=no
+fabricd=no
+vrrpd=no
+
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+ospfd_options="  -A 127.0.0.1"
+ospf6d_options=" -A ::1"
+ripd_options="   -A 127.0.0.1"
+ripngd_options=" -A ::1"
+isisd_options="  -A 127.0.0.1"
+pimd_options="   -A 127.0.0.1"
+ldpd_options="   -A 127.0.0.1"
+nhrpd_options="  -A 127.0.0.1"
+eigrpd_options=" -A 127.0.0.1"
+babeld_options=" -A 127.0.0.1"
+sharpd_options=" -A 127.0.0.1"
+pbrd_options="   -A 127.0.0.1"
+staticd_options="-A 127.0.0.1"
+bfdd_options="   -A 127.0.0.1"
+fabricd_options="-A 127.0.0.1"
+vrrpd_options="  -A 127.0.0.1"
+
+# configuration profile
+#
+#frr_profile="traditional"
+#frr_profile="datacenter"
+
+#
+# This is the maximum number of FD's that will be available.
+# Upon startup this is read by the control files and ulimit
+# is called.  Uncomment and use a reasonable value for your
+# setup if you are expecting a large number of peers in
+# say BGP.
+#MAX_FDS=1024
+
+# The list of daemons to watch is automatically generated by the init script.
+#watchfrr_options=""
+
+# To make watchfrr create/join the specified netns, use the following option:
+#watchfrr_options="--netns"
+# This only has an effect in /etc/frr/<somename>/daemons, and you need to
+# start FRR with "/usr/lib/frr/frrinit.sh start <somename>".
+
+# for debugging purposes, you can specify a "wrap" command to start instead
+# of starting the daemon directly, e.g. to use valgrind on ospfd:
+#   ospfd_wrap="/usr/bin/valgrind"
+# or you can use "all_wrap" for all daemons, e.g. to use perf record:
+#   all_wrap="/usr/bin/perf record --call-graph -"
+# the normal daemon command is added to this at the end.
diff --git a/lab-examples/cvx04/evpn-mlag/leaf03/etc/frr/frr.conf b/lab-examples/cvx04/evpn-mlag/leaf03/etc/frr/frr.conf
new file mode 100755
index 000000000..eb353fb83
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/leaf03/etc/frr/frr.conf
@@ -0,0 +1,74 @@
+# Ansible Managed File
+frr defaults datacenter
+hostname leaf03
+log syslog informational
+zebra nexthop proto only
+service integrated-vtysh-config
+!
+interface lo
+interface swp51
+interface swp52
+interface swp53
+interface swp54
+interface bond1
+interface bond2
+interface bond3
+
+vrf mgmt
+ ip route 0.0.0.0/0 192.168.200.1
+ exit-vrf
+!
+vrf RED
+ vni 4001
+ exit-vrf
+!
+vrf BLUE
+ vni 4002
+ exit-vrf
+!
+!
+router bgp 65103
+ bgp router-id 10.10.10.3
+ neighbor underlay peer-group
+ neighbor underlay remote-as external
+ neighbor peerlink.4094 interface peer-group underlay
+ neighbor swp51 interface peer-group underlay
+ neighbor swp52 interface peer-group underlay
+ neighbor swp53 interface peer-group underlay
+ neighbor swp54 interface peer-group underlay
+ !
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  neighbor underlay activate
+  advertise-all-vni
+ exit-address-family
+!
+router bgp 65103 vrf RED
+ bgp router-id 10.10.10.3
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+router bgp 65103 vrf BLUE
+ bgp router-id 10.10.10.3
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+!
+line vty
+!
diff --git a/lab-examples/cvx04/evpn-mlag/leaf03/etc/network/interfaces b/lab-examples/cvx04/evpn-mlag/leaf03/etc/network/interfaces
new file mode 100755
index 000000000..e8d5f59be
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/leaf03/etc/network/interfaces
@@ -0,0 +1,189 @@
+# Ansible Managed File
+auto lo
+iface lo inet loopback
+    address 10.10.10.3/32
+    clagd-vxlan-anycast-ip 10.0.1.34
+    vxlan-local-tunnelip 10.10.10.3
+
+auto eth0
+iface eth0 inet dhcp
+    vrf mgmt
+
+auto mgmt
+iface mgmt
+  vrf-table auto
+  address 127.0.0.1/8
+  address ::1/128
+
+auto RED
+iface RED
+  vrf-table auto
+
+auto BLUE
+iface BLUE
+  vrf-table auto
+
+auto bridge
+iface bridge
+    bridge-ports vni10 vni20 vni30 vniRED vniBLUE peerlink bond1 bond2 bond3 
+    bridge-vids 10 20 30  
+    bridge-vlan-aware yes
+
+auto vni10
+iface vni10
+    bridge-access 10
+    vxlan-id 10
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vni20
+iface vni20
+    bridge-access 20
+    vxlan-id 20
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vni30
+iface vni30
+    bridge-access 30
+    vxlan-id 30
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vniRED
+iface vniRED
+    bridge-access 4001
+    vxlan-id 4001
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vniBLUE
+iface vniBLUE
+    bridge-access 4002
+    vxlan-id 4002
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vlan10
+iface vlan10
+    address 10.1.10.4/24
+    address-virtual 00:00:00:00:00:10 10.1.10.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 10
+
+auto vlan20
+iface vlan20
+    address 10.1.20.4/24
+    address-virtual 00:00:00:00:00:20 10.1.20.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 20
+
+auto vlan30
+iface vlan30
+    address 10.1.30.4/24
+    address-virtual 00:00:00:00:00:30 10.1.30.1/24
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 30
+
+auto vlan4001
+iface vlan4001
+    hwaddress 44:38:39:BE:EF:BB
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 4001
+
+auto vlan4002
+iface vlan4002
+    hwaddress 44:38:39:BE:EF:BB
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 4002
+
+auto swp51
+iface swp51
+    alias to spine
+
+auto swp52
+iface swp52
+    alias to spine
+
+auto swp53
+iface swp53
+    alias to spine
+
+auto swp54
+iface swp54
+    alias to spine
+
+auto swp49
+iface swp49
+    alias peerlink
+
+auto swp50
+iface swp50
+    alias peerlink
+
+auto peerlink
+iface peerlink
+    bond-slaves swp49 swp50 
+
+auto peerlink.4094
+iface peerlink.4094
+    clagd-backup-ip 10.10.10.4
+    clagd-peer-ip linklocal
+    clagd-priority 1000
+    clagd-sys-mac 44:38:39:BE:EF:BB
+    clagd-args --initDelay 10
+
+auto swp1
+iface swp1
+    alias bond member of bond1
+auto bond1
+iface bond1
+    bond-slaves swp1 
+    clag-id 1
+    bridge-access 10
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
+auto swp2
+iface swp2
+    alias bond member of bond2
+auto bond2
+iface bond2
+    bond-slaves swp2 
+    clag-id 2
+    bridge-access 20
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
+auto swp3
+iface swp3
+    alias bond member of bond3
+auto bond3
+iface bond3
+    bond-slaves swp3 
+    clag-id 3
+    bridge-access 30
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
diff --git a/lab-examples/cvx04/evpn-mlag/leaf04/etc/frr/daemons b/lab-examples/cvx04/evpn-mlag/leaf04/etc/frr/daemons
new file mode 100755
index 000000000..6568bfe7d
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/leaf04/etc/frr/daemons
@@ -0,0 +1,86 @@
+# Ansible Managed File
+# This file tells the frr package which daemons to start.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/frr/examples/.
+#
+# ATTENTION:
+#
+# When activating a daemon for the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "frr", else
+# the daemon will not be started by /etc/init.d/frr. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
+#
+# The watchfrr, zebra and staticd daemons are always started.
+#
+bgpd=yes
+pimd=no
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+ldpd=no
+nhrpd=no
+eigrpd=no
+babeld=no
+sharpd=no
+pbrd=no
+bfdd=no
+fabricd=no
+vrrpd=no
+
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+ospfd_options="  -A 127.0.0.1"
+ospf6d_options=" -A ::1"
+ripd_options="   -A 127.0.0.1"
+ripngd_options=" -A ::1"
+isisd_options="  -A 127.0.0.1"
+pimd_options="   -A 127.0.0.1"
+ldpd_options="   -A 127.0.0.1"
+nhrpd_options="  -A 127.0.0.1"
+eigrpd_options=" -A 127.0.0.1"
+babeld_options=" -A 127.0.0.1"
+sharpd_options=" -A 127.0.0.1"
+pbrd_options="   -A 127.0.0.1"
+staticd_options="-A 127.0.0.1"
+bfdd_options="   -A 127.0.0.1"
+fabricd_options="-A 127.0.0.1"
+vrrpd_options="  -A 127.0.0.1"
+
+# configuration profile
+#
+#frr_profile="traditional"
+#frr_profile="datacenter"
+
+#
+# This is the maximum number of FD's that will be available.
+# Upon startup this is read by the control files and ulimit
+# is called.  Uncomment and use a reasonable value for your
+# setup if you are expecting a large number of peers in
+# say BGP.
+#MAX_FDS=1024
+
+# The list of daemons to watch is automatically generated by the init script.
+#watchfrr_options=""
+
+# To make watchfrr create/join the specified netns, use the following option:
+#watchfrr_options="--netns"
+# This only has an effect in /etc/frr/<somename>/daemons, and you need to
+# start FRR with "/usr/lib/frr/frrinit.sh start <somename>".
+
+# for debugging purposes, you can specify a "wrap" command to start instead
+# of starting the daemon directly, e.g. to use valgrind on ospfd:
+#   ospfd_wrap="/usr/bin/valgrind"
+# or you can use "all_wrap" for all daemons, e.g. to use perf record:
+#   all_wrap="/usr/bin/perf record --call-graph -"
+# the normal daemon command is added to this at the end.
diff --git a/lab-examples/cvx04/evpn-mlag/leaf04/etc/frr/frr.conf b/lab-examples/cvx04/evpn-mlag/leaf04/etc/frr/frr.conf
new file mode 100755
index 000000000..7a6d279f3
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/leaf04/etc/frr/frr.conf
@@ -0,0 +1,74 @@
+# Ansible Managed File
+frr defaults datacenter
+hostname leaf04
+log syslog informational
+zebra nexthop proto only
+service integrated-vtysh-config
+!
+interface lo
+interface swp51
+interface swp52
+interface swp53
+interface swp54
+interface bond1
+interface bond2
+interface bond3
+
+vrf mgmt
+ ip route 0.0.0.0/0 192.168.200.1
+ exit-vrf
+!
+vrf RED
+ vni 4001
+ exit-vrf
+!
+vrf BLUE
+ vni 4002
+ exit-vrf
+!
+!
+router bgp 65104
+ bgp router-id 10.10.10.4
+ neighbor underlay peer-group
+ neighbor underlay remote-as external
+ neighbor peerlink.4094 interface peer-group underlay
+ neighbor swp51 interface peer-group underlay
+ neighbor swp52 interface peer-group underlay
+ neighbor swp53 interface peer-group underlay
+ neighbor swp54 interface peer-group underlay
+ !
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  neighbor underlay activate
+  advertise-all-vni
+ exit-address-family
+!
+router bgp 65104 vrf RED
+ bgp router-id 10.10.10.4
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+router bgp 65104 vrf BLUE
+ bgp router-id 10.10.10.4
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+ exit-address-family
+!
+!
+line vty
+!
diff --git a/lab-examples/cvx04/evpn-mlag/leaf04/etc/network/interfaces b/lab-examples/cvx04/evpn-mlag/leaf04/etc/network/interfaces
new file mode 100755
index 000000000..9a9e585f0
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/leaf04/etc/network/interfaces
@@ -0,0 +1,189 @@
+# Ansible Managed File
+auto lo
+iface lo inet loopback
+    address 10.10.10.4/32
+    clagd-vxlan-anycast-ip 10.0.1.34
+    vxlan-local-tunnelip 10.10.10.4
+
+auto eth0
+iface eth0 inet dhcp
+    vrf mgmt
+
+auto mgmt
+iface mgmt
+  vrf-table auto
+  address 127.0.0.1/8
+  address ::1/128
+
+auto RED
+iface RED
+  vrf-table auto
+
+auto BLUE
+iface BLUE
+  vrf-table auto
+
+auto bridge
+iface bridge
+    bridge-ports vni10 vni20 vni30 vniRED vniBLUE peerlink bond1 bond2 bond3 
+    bridge-vids 10 20 30  
+    bridge-vlan-aware yes
+
+auto vni10
+iface vni10
+    bridge-access 10
+    vxlan-id 10
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vni20
+iface vni20
+    bridge-access 20
+    vxlan-id 20
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vni30
+iface vni30
+    bridge-access 30
+    vxlan-id 30
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vniRED
+iface vniRED
+    bridge-access 4001
+    vxlan-id 4001
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vniBLUE
+iface vniBLUE
+    bridge-access 4002
+    vxlan-id 4002
+    mstpctl-portbpdufilter yes
+    mstpctl-bpduguard yes
+    bridge-learning off
+    bridge-arp-nd-suppress on
+
+auto vlan10
+iface vlan10
+    address 10.1.10.5/24
+    address-virtual 00:00:00:00:00:10 10.1.10.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 10
+
+auto vlan20
+iface vlan20
+    address 10.1.20.5/24
+    address-virtual 00:00:00:00:00:20 10.1.20.1/24
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 20
+
+auto vlan30
+iface vlan30
+    address 10.1.30.5/24
+    address-virtual 00:00:00:00:00:30 10.1.30.1/24
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 30
+
+auto vlan4001
+iface vlan4001
+    hwaddress 44:38:39:BE:EF:BB
+    vrf RED
+    vlan-raw-device bridge
+    vlan-id 4001
+
+auto vlan4002
+iface vlan4002
+    hwaddress 44:38:39:BE:EF:BB
+    vrf BLUE
+    vlan-raw-device bridge
+    vlan-id 4002
+
+auto swp51
+iface swp51
+    alias to spine
+
+auto swp52
+iface swp52
+    alias to spine
+
+auto swp53
+iface swp53
+    alias to spine
+
+auto swp54
+iface swp54
+    alias to spine
+
+auto swp49
+iface swp49
+    alias peerlink
+
+auto swp50
+iface swp50
+    alias peerlink
+
+auto peerlink
+iface peerlink
+    bond-slaves swp49 swp50 
+
+auto peerlink.4094
+iface peerlink.4094
+    clagd-backup-ip 10.10.10.3
+    clagd-peer-ip linklocal
+    clagd-priority 32768
+    clagd-sys-mac 44:38:39:BE:EF:BB
+    clagd-args --initDelay 10
+
+auto swp1
+iface swp1
+    alias bond member of bond1
+auto bond1
+iface bond1
+    bond-slaves swp1 
+    clag-id 1
+    bridge-access 10
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
+auto swp2
+iface swp2
+    alias bond member of bond2
+auto bond2
+iface bond2
+    bond-slaves swp2 
+    clag-id 2
+    bridge-access 20
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
+auto swp3
+iface swp3
+    alias bond member of bond3
+auto bond3
+iface bond3
+    bond-slaves swp3 
+    clag-id 3
+    bridge-access 30
+    mtu 9000
+    bond-lacp-bypass-allow yes
+    mstpctl-bpduguard yes
+    mstpctl-portadminedge yes
+
diff --git a/lab-examples/cvx04/evpn-mlag/server01/etc/network/interfaces b/lab-examples/cvx04/evpn-mlag/server01/etc/network/interfaces
new file mode 100755
index 000000000..6bc2eee43
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/server01/etc/network/interfaces
@@ -0,0 +1,31 @@
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The OOB network interface
+auto eth0
+iface eth0 inet dhcp
+
+# The data plane network interfaces
+auto eth1
+iface eth1 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth1
+
+auto eth2
+iface eth2 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth2
+
+auto uplink
+iface uplink inet static
+  address 10.1.10.101
+  netmask 255.255.255.0
+  mtu 9000
+  bond-slaves eth1 eth2
+  bond-mode 802.3ad
+  bond-miimon 100
+  bond-lacp-rate 1
+  bond-min-links 1
+  bond-xmit-hash-policy layer3+4
+  post-up ip route add 10.0.0.0/8 via 10.1.10.1
diff --git a/lab-examples/cvx04/evpn-mlag/server02/etc/network/interfaces b/lab-examples/cvx04/evpn-mlag/server02/etc/network/interfaces
new file mode 100755
index 000000000..4d5037e9d
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/server02/etc/network/interfaces
@@ -0,0 +1,31 @@
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The OOB network interface
+auto eth0
+iface eth0 inet dhcp
+
+# The data plane network interfaces
+auto eth1
+iface eth1 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth1
+
+auto eth2
+iface eth2 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth2
+
+auto uplink
+iface uplink inet static
+  address 10.1.20.102
+  netmask 255.255.255.0
+  mtu 9000
+  bond-slaves eth1 eth2
+  bond-mode 802.3ad
+  bond-miimon 100
+  bond-lacp-rate 1
+  bond-min-links 1
+  bond-xmit-hash-policy layer3+4
+  post-up ip route add 10.0.0.0/8 via 10.1.20.1
diff --git a/lab-examples/cvx04/evpn-mlag/server03/etc/network/interfaces b/lab-examples/cvx04/evpn-mlag/server03/etc/network/interfaces
new file mode 100755
index 000000000..ddc571cfe
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/server03/etc/network/interfaces
@@ -0,0 +1,31 @@
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The OOB network interface
+auto eth0
+iface eth0 inet dhcp
+
+# The data plane network interfaces
+auto eth1
+iface eth1 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth1
+
+auto eth2
+iface eth2 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth2
+
+auto uplink
+iface uplink inet static
+  address 10.1.30.103
+  netmask 255.255.255.0
+  mtu 9000
+  bond-slaves eth1 eth2
+  bond-mode 802.3ad
+  bond-miimon 100
+  bond-lacp-rate 1
+  bond-min-links 1
+  bond-xmit-hash-policy layer3+4
+  post-up ip route add 10.0.0.0/8 via 10.1.30.1
diff --git a/lab-examples/cvx04/evpn-mlag/server04/etc/network/interfaces b/lab-examples/cvx04/evpn-mlag/server04/etc/network/interfaces
new file mode 100755
index 000000000..dfc8ee4d5
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/server04/etc/network/interfaces
@@ -0,0 +1,31 @@
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The OOB network interface
+auto eth0
+iface eth0 inet dhcp
+
+# The data plane network interfaces
+auto eth1
+iface eth1 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth1
+
+auto eth2
+iface eth2 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth2
+
+auto uplink
+iface uplink inet static
+  address 10.1.10.104
+  netmask 255.255.255.0
+  mtu 9000
+  bond-slaves eth1 eth2
+  bond-mode 802.3ad
+  bond-miimon 100
+  bond-lacp-rate 1
+  bond-min-links 1
+  bond-xmit-hash-policy layer3+4
+  post-up ip route add 10.0.0.0/8 via 10.1.10.1
diff --git a/lab-examples/cvx04/evpn-mlag/server05/etc/network/interfaces b/lab-examples/cvx04/evpn-mlag/server05/etc/network/interfaces
new file mode 100755
index 000000000..5bfea664f
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/server05/etc/network/interfaces
@@ -0,0 +1,31 @@
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The OOB network interface
+auto eth0
+iface eth0 inet dhcp
+
+# The data plane network interfaces
+auto eth1
+iface eth1 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth1
+
+auto eth2
+iface eth2 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth2
+
+auto uplink
+iface uplink inet static
+  address 10.1.20.105
+  netmask 255.255.255.0
+  mtu 9000
+  bond-slaves eth1 eth2
+  bond-mode 802.3ad
+  bond-miimon 100
+  bond-lacp-rate 1
+  bond-min-links 1
+  bond-xmit-hash-policy layer3+4
+  post-up ip route add 10.0.0.0/8 via 10.1.20.1
diff --git a/lab-examples/cvx04/evpn-mlag/server06/etc/network/interfaces b/lab-examples/cvx04/evpn-mlag/server06/etc/network/interfaces
new file mode 100755
index 000000000..b11779477
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/server06/etc/network/interfaces
@@ -0,0 +1,31 @@
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The OOB network interface
+auto eth0
+iface eth0 inet dhcp
+
+# The data plane network interfaces
+auto eth1
+iface eth1 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth1
+
+auto eth2
+iface eth2 inet manual
+  # Required for Vagrant
+  post-up ip link set promisc on dev eth2
+
+auto uplink
+iface uplink inet static
+  address 10.1.30.106
+  netmask 255.255.255.0
+  mtu 9000
+  bond-slaves eth1 eth2
+  bond-mode 802.3ad
+  bond-miimon 100
+  bond-lacp-rate 1
+  bond-min-links 1
+  bond-xmit-hash-policy layer3+4
+  post-up ip route add 10.0.0.0/8 via 10.1.30.1
diff --git a/lab-examples/cvx04/evpn-mlag/spine01/etc/frr/daemons b/lab-examples/cvx04/evpn-mlag/spine01/etc/frr/daemons
new file mode 100755
index 000000000..6568bfe7d
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/spine01/etc/frr/daemons
@@ -0,0 +1,86 @@
+# Ansible Managed File
+# This file tells the frr package which daemons to start.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/frr/examples/.
+#
+# ATTENTION:
+#
+# When activating a daemon for the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "frr", else
+# the daemon will not be started by /etc/init.d/frr. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
+#
+# The watchfrr, zebra and staticd daemons are always started.
+#
+bgpd=yes
+pimd=no
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+ldpd=no
+nhrpd=no
+eigrpd=no
+babeld=no
+sharpd=no
+pbrd=no
+bfdd=no
+fabricd=no
+vrrpd=no
+
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+ospfd_options="  -A 127.0.0.1"
+ospf6d_options=" -A ::1"
+ripd_options="   -A 127.0.0.1"
+ripngd_options=" -A ::1"
+isisd_options="  -A 127.0.0.1"
+pimd_options="   -A 127.0.0.1"
+ldpd_options="   -A 127.0.0.1"
+nhrpd_options="  -A 127.0.0.1"
+eigrpd_options=" -A 127.0.0.1"
+babeld_options=" -A 127.0.0.1"
+sharpd_options=" -A 127.0.0.1"
+pbrd_options="   -A 127.0.0.1"
+staticd_options="-A 127.0.0.1"
+bfdd_options="   -A 127.0.0.1"
+fabricd_options="-A 127.0.0.1"
+vrrpd_options="  -A 127.0.0.1"
+
+# configuration profile
+#
+#frr_profile="traditional"
+#frr_profile="datacenter"
+
+#
+# This is the maximum number of FD's that will be available.
+# Upon startup this is read by the control files and ulimit
+# is called.  Uncomment and use a reasonable value for your
+# setup if you are expecting a large number of peers in
+# say BGP.
+#MAX_FDS=1024
+
+# The list of daemons to watch is automatically generated by the init script.
+#watchfrr_options=""
+
+# To make watchfrr create/join the specified netns, use the following option:
+#watchfrr_options="--netns"
+# This only has an effect in /etc/frr/<somename>/daemons, and you need to
+# start FRR with "/usr/lib/frr/frrinit.sh start <somename>".
+
+# for debugging purposes, you can specify a "wrap" command to start instead
+# of starting the daemon directly, e.g. to use valgrind on ospfd:
+#   ospfd_wrap="/usr/bin/valgrind"
+# or you can use "all_wrap" for all daemons, e.g. to use perf record:
+#   all_wrap="/usr/bin/perf record --call-graph -"
+# the normal daemon command is added to this at the end.
diff --git a/lab-examples/cvx04/evpn-mlag/spine01/etc/frr/frr.conf b/lab-examples/cvx04/evpn-mlag/spine01/etc/frr/frr.conf
new file mode 100755
index 000000000..f8191584f
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/spine01/etc/frr/frr.conf
@@ -0,0 +1,42 @@
+# Ansible Managed File
+frr defaults datacenter
+hostname spine01
+log syslog informational
+zebra nexthop proto only
+service integrated-vtysh-config
+!
+interface lo
+interface swp1
+interface swp2
+interface swp3
+interface swp4
+interface swp5
+interface swp6
+vrf mgmt
+ ip route 0.0.0.0/0 192.168.200.1
+ exit-vrf
+!
+!
+router bgp 65100
+ bgp router-id 10.10.10.101
+ neighbor underlay peer-group
+ neighbor underlay remote-as external
+ neighbor swp1 interface peer-group underlay
+ neighbor swp2 interface peer-group underlay
+ neighbor swp3 interface peer-group underlay
+ neighbor swp4 interface peer-group underlay
+ neighbor swp5 interface peer-group underlay
+ neighbor swp6 interface peer-group underlay
+ !
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  neighbor underlay activate
+ exit-address-family
+!
+!
+line vty
+!
diff --git a/lab-examples/cvx04/evpn-mlag/spine01/etc/network/interfaces b/lab-examples/cvx04/evpn-mlag/spine01/etc/network/interfaces
new file mode 100755
index 000000000..386ec2695
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/spine01/etc/network/interfaces
@@ -0,0 +1,39 @@
+# Ansible Managed File
+auto lo
+iface lo inet loopback
+    address 10.10.10.101/32
+
+auto eth0
+iface eth0 inet dhcp
+    vrf mgmt
+
+auto mgmt
+iface mgmt
+  vrf-table auto
+  address 127.0.0.1/8
+  address ::1/128
+
+auto swp1
+iface swp1
+    alias to leaf
+
+auto swp2
+iface swp2
+    alias to leaf
+
+auto swp3
+iface swp3
+    alias to leaf
+
+auto swp4
+iface swp4
+    alias to leaf
+
+auto swp5
+iface swp5
+    alias to leaf
+
+auto swp6
+iface swp6
+    alias to leaf
+
diff --git a/lab-examples/cvx04/evpn-mlag/spine02/etc/frr/daemons b/lab-examples/cvx04/evpn-mlag/spine02/etc/frr/daemons
new file mode 100755
index 000000000..6568bfe7d
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/spine02/etc/frr/daemons
@@ -0,0 +1,86 @@
+# Ansible Managed File
+# This file tells the frr package which daemons to start.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/frr/examples/.
+#
+# ATTENTION:
+#
+# When activating a daemon for the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "frr", else
+# the daemon will not be started by /etc/init.d/frr. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too.
+#
+# The watchfrr, zebra and staticd daemons are always started.
+#
+bgpd=yes
+pimd=no
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+ldpd=no
+nhrpd=no
+eigrpd=no
+babeld=no
+sharpd=no
+pbrd=no
+bfdd=no
+fabricd=no
+vrrpd=no
+
+#
+# If this option is set the /etc/init.d/frr script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/frr if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  -A 127.0.0.1 -s 90000000"
+bgpd_options="   -A 127.0.0.1"
+ospfd_options="  -A 127.0.0.1"
+ospf6d_options=" -A ::1"
+ripd_options="   -A 127.0.0.1"
+ripngd_options=" -A ::1"
+isisd_options="  -A 127.0.0.1"
+pimd_options="   -A 127.0.0.1"
+ldpd_options="   -A 127.0.0.1"
+nhrpd_options="  -A 127.0.0.1"
+eigrpd_options=" -A 127.0.0.1"
+babeld_options=" -A 127.0.0.1"
+sharpd_options=" -A 127.0.0.1"
+pbrd_options="   -A 127.0.0.1"
+staticd_options="-A 127.0.0.1"
+bfdd_options="   -A 127.0.0.1"
+fabricd_options="-A 127.0.0.1"
+vrrpd_options="  -A 127.0.0.1"
+
+# configuration profile
+#
+#frr_profile="traditional"
+#frr_profile="datacenter"
+
+#
+# This is the maximum number of FD's that will be available.
+# Upon startup this is read by the control files and ulimit
+# is called.  Uncomment and use a reasonable value for your
+# setup if you are expecting a large number of peers in
+# say BGP.
+#MAX_FDS=1024
+
+# The list of daemons to watch is automatically generated by the init script.
+#watchfrr_options=""
+
+# To make watchfrr create/join the specified netns, use the following option:
+#watchfrr_options="--netns"
+# This only has an effect in /etc/frr/<somename>/daemons, and you need to
+# start FRR with "/usr/lib/frr/frrinit.sh start <somename>".
+
+# for debugging purposes, you can specify a "wrap" command to start instead
+# of starting the daemon directly, e.g. to use valgrind on ospfd:
+#   ospfd_wrap="/usr/bin/valgrind"
+# or you can use "all_wrap" for all daemons, e.g. to use perf record:
+#   all_wrap="/usr/bin/perf record --call-graph -"
+# the normal daemon command is added to this at the end.
diff --git a/lab-examples/cvx04/evpn-mlag/spine02/etc/frr/frr.conf b/lab-examples/cvx04/evpn-mlag/spine02/etc/frr/frr.conf
new file mode 100755
index 000000000..e72dddfbc
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/spine02/etc/frr/frr.conf
@@ -0,0 +1,42 @@
+# Ansible Managed File
+frr defaults datacenter
+hostname spine02
+log syslog informational
+zebra nexthop proto only
+service integrated-vtysh-config
+!
+interface lo
+interface swp1
+interface swp2
+interface swp3
+interface swp4
+interface swp5
+interface swp6
+vrf mgmt
+ ip route 0.0.0.0/0 192.168.200.1
+ exit-vrf
+!
+!
+router bgp 65100
+ bgp router-id 10.10.10.102
+ neighbor underlay peer-group
+ neighbor underlay remote-as external
+ neighbor swp1 interface peer-group underlay
+ neighbor swp2 interface peer-group underlay
+ neighbor swp3 interface peer-group underlay
+ neighbor swp4 interface peer-group underlay
+ neighbor swp5 interface peer-group underlay
+ neighbor swp6 interface peer-group underlay
+ !
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  neighbor underlay activate
+ exit-address-family
+!
+!
+line vty
+!
diff --git a/lab-examples/cvx04/evpn-mlag/spine02/etc/network/interfaces b/lab-examples/cvx04/evpn-mlag/spine02/etc/network/interfaces
new file mode 100755
index 000000000..4ab9a2c6b
--- /dev/null
+++ b/lab-examples/cvx04/evpn-mlag/spine02/etc/network/interfaces
@@ -0,0 +1,39 @@
+# Ansible Managed File
+auto lo
+iface lo inet loopback
+    address 10.10.10.102/32
+
+auto eth0
+iface eth0 inet dhcp
+    vrf mgmt
+
+auto mgmt
+iface mgmt
+  vrf-table auto
+  address 127.0.0.1/8
+  address ::1/128
+
+auto swp1
+iface swp1
+    alias to leaf
+
+auto swp2
+iface swp2
+    alias to leaf
+
+auto swp3
+iface swp3
+    alias to leaf
+
+auto swp4
+iface swp4
+    alias to leaf
+
+auto swp5
+iface swp5
+    alias to leaf
+
+auto swp6
+iface swp6
+    alias to leaf
+
diff --git a/lab-examples/cvx04/symm-mh.yml b/lab-examples/cvx04/symm-mh.yml
index 44c9a7fa0..6ba29c31d 100644
--- a/lab-examples/cvx04/symm-mh.yml
+++ b/lab-examples/cvx04/symm-mh.yml
@@ -1,4 +1,4 @@
-name: citc # Cumulus In The Cloud
+name: citc # Cumulus In The Cloud -- EVPN Multihoming Lab https://gitlab.com/cumulus-consulting/goldenturtle/cumulus_ansible_modules/-/tree/master/inventories/evpn_mh
 
 topology:
   nodes:
@@ -6,101 +6,101 @@ topology:
       kind: cvx
       image: networkop/cx:4.3.0
       binds:
-      - border01/etc/network/interfaces:/etc/network/interfaces
-      - border01/etc/frr/daemons:/etc/frr/daemons
-      - border01/etc/frr/frr.conf:/etc/frr/frr.conf
+      - evpn-mh/border01/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mh/border01/etc/frr/daemons:/etc/frr/daemons
+      - evpn-mh/border01/etc/frr/frr.conf:/etc/frr/frr.conf
 
     border02:
       kind: cvx
       image: networkop/cx:4.3.0
       binds:
-      - border02/etc/network/interfaces:/etc/network/interfaces
-      - border02/etc/frr/daemons:/etc/frr/daemons
-      - border02/etc/frr/frr.conf:/etc/frr/frr.conf
+      - evpn-mh/border02/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mh/border02/etc/frr/daemons:/etc/frr/daemons
+      - evpn-mh/border02/etc/frr/frr.conf:/etc/frr/frr.conf
 
     spine01:
       kind: cvx
       image: networkop/cx:4.3.0
       binds:
-      - spine01/etc/network/interfaces:/etc/network/interfaces
-      - spine01/etc/frr/daemons:/etc/frr/daemons
-      - spine01/etc/frr/frr.conf:/etc/frr/frr.conf
+      - evpn-mh/spine01/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mh/spine01/etc/frr/daemons:/etc/frr/daemons
+      - evpn-mh/spine01/etc/frr/frr.conf:/etc/frr/frr.conf
 
     spine02:
       kind: cvx
       image: networkop/cx:4.3.0
       binds:
-      - spine02/etc/network/interfaces:/etc/network/interfaces
-      - spine02/etc/frr/daemons:/etc/frr/daemons
-      - spine02/etc/frr/frr.conf:/etc/frr/frr.conf
+      - evpn-mh/spine02/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mh/spine02/etc/frr/daemons:/etc/frr/daemons
+      - evpn-mh/spine02/etc/frr/frr.conf:/etc/frr/frr.conf
 
     leaf01:
       kind: cvx
       image: networkop/cx:4.3.0
       binds:
-      - leaf01/etc/network/interfaces:/etc/network/interfaces
-      - leaf01/etc/frr/daemons:/etc/frr/daemons
-      - leaf01/etc/frr/frr.conf:/etc/frr/frr.conf
+      - evpn-mh/leaf01/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mh/leaf01/etc/frr/daemons:/etc/frr/daemons
+      - evpn-mh/leaf01/etc/frr/frr.conf:/etc/frr/frr.conf
 
     leaf02:
       kind: cvx
       image: networkop/cx:4.3.0
       binds:
-      - leaf02/etc/network/interfaces:/etc/network/interfaces
-      - leaf02/etc/frr/daemons:/etc/frr/daemons
-      - leaf02/etc/frr/frr.conf:/etc/frr/frr.conf
+      - evpn-mh/leaf02/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mh/leaf02/etc/frr/daemons:/etc/frr/daemons
+      - evpn-mh/leaf02/etc/frr/frr.conf:/etc/frr/frr.conf
 
     leaf03:
       kind: cvx
       image: networkop/cx:4.3.0
       binds:
-      - leaf03/etc/network/interfaces:/etc/network/interfaces
-      - leaf03/etc/frr/daemons:/etc/frr/daemons
-      - leaf03/etc/frr/frr.conf:/etc/frr/frr.conf
+      - evpn-mh/leaf03/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mh/leaf03/etc/frr/daemons:/etc/frr/daemons
+      - evpn-mh/leaf03/etc/frr/frr.conf:/etc/frr/frr.conf
 
     leaf04:
       kind: cvx
       image: networkop/cx:4.3.0
       binds:
-      - leaf04/etc/network/interfaces:/etc/network/interfaces
-      - leaf04/etc/frr/daemons:/etc/frr/daemons
-      - leaf04/etc/frr/frr.conf:/etc/frr/frr.conf
+      - evpn-mh/leaf04/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mh/leaf04/etc/frr/daemons:/etc/frr/daemons
+      - evpn-mh/leaf04/etc/frr/frr.conf:/etc/frr/frr.conf
 
     server01:
       kind: linux
       image: networkop/host:ifreload
       binds:
-      - server01/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mh/server01/etc/network/interfaces:/etc/network/interfaces
 
     server02:
       kind: linux
       image: networkop/host:ifreload
       binds:
-      - server02/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mh/server02/etc/network/interfaces:/etc/network/interfaces
 
     server03:
       kind: linux
       image: networkop/host:ifreload
       binds:
-      - server03/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mh/server03/etc/network/interfaces:/etc/network/interfaces
 
     server04:
       kind: linux
       image: networkop/host:ifreload
       binds:
-      - server04/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mh/server04/etc/network/interfaces:/etc/network/interfaces
 
     server05:
       kind: linux
       image: networkop/host:ifreload
       binds:
-      - server05/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mh/server05/etc/network/interfaces:/etc/network/interfaces
 
     server06:
       kind: linux
       image: networkop/host:ifreload
       binds:
-      - server06/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mh/server06/etc/network/interfaces:/etc/network/interfaces
 
 
   links:
diff --git a/lab-examples/cvx04/symm-mlag.yml b/lab-examples/cvx04/symm-mlag.yml
new file mode 100644
index 000000000..9b5431cc4
--- /dev/null
+++ b/lab-examples/cvx04/symm-mlag.yml
@@ -0,0 +1,141 @@
+name: citc # Cumulus In The Cloud -- EVPN Multihoming Lab https://gitlab.com/cumulus-consulting/goldenturtle/cumulus_ansible_modules/-/tree/master/inventories/evpn_mh
+
+topology:
+  nodes:
+    border01:
+      kind: cvx
+      image: networkop/cx:4.3.0
+      binds:
+      - evpn-mlag/border01/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mlag/border01/etc/frr/daemons:/etc/frr/daemons
+      - evpn-mlag/border01/etc/frr/frr.conf:/etc/frr/frr.conf
+
+    border02:
+      kind: cvx
+      image: networkop/cx:4.3.0
+      binds:
+      - evpn-mlag/border02/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mlag/border02/etc/frr/daemons:/etc/frr/daemons
+      - evpn-mlag/border02/etc/frr/frr.conf:/etc/frr/frr.conf
+
+    spine01:
+      kind: cvx
+      image: networkop/cx:4.3.0
+      binds:
+      - evpn-mlag/spine01/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mlag/spine01/etc/frr/daemons:/etc/frr/daemons
+      - evpn-mlag/spine01/etc/frr/frr.conf:/etc/frr/frr.conf
+
+    spine02:
+      kind: cvx
+      image: networkop/cx:4.3.0
+      binds:
+      - evpn-mlag/spine02/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mlag/spine02/etc/frr/daemons:/etc/frr/daemons
+      - evpn-mlag/spine02/etc/frr/frr.conf:/etc/frr/frr.conf
+
+    leaf01:
+      kind: cvx
+      image: networkop/cx:4.3.0
+      binds:
+      - evpn-mlag/leaf01/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mlag/leaf01/etc/frr/daemons:/etc/frr/daemons
+      - evpn-mlag/leaf01/etc/frr/frr.conf:/etc/frr/frr.conf
+
+    leaf02:
+      kind: cvx
+      image: networkop/cx:4.3.0
+      binds:
+      - evpn-mlag/leaf02/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mlag/leaf02/etc/frr/daemons:/etc/frr/daemons
+      - evpn-mlag/leaf02/etc/frr/frr.conf:/etc/frr/frr.conf
+
+    leaf03:
+      kind: cvx
+      image: networkop/cx:4.3.0
+      binds:
+      - evpn-mlag/leaf03/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mlag/leaf03/etc/frr/daemons:/etc/frr/daemons
+      - evpn-mlag/leaf03/etc/frr/frr.conf:/etc/frr/frr.conf
+
+    leaf04:
+      kind: cvx
+      image: networkop/cx:4.3.0
+      binds:
+      - evpn-mlag/leaf04/etc/network/interfaces:/etc/network/interfaces
+      - evpn-mlag/leaf04/etc/frr/daemons:/etc/frr/daemons
+      - evpn-mlag/leaf04/etc/frr/frr.conf:/etc/frr/frr.conf
+
+    server01:
+      kind: linux
+      image: networkop/host:ifreload
+      binds:
+      - evpn-mlag/server01/etc/network/interfaces:/etc/network/interfaces
+
+    server02:
+      kind: linux
+      image: networkop/host:ifreload
+      binds:
+      - evpn-mlag/server02/etc/network/interfaces:/etc/network/interfaces
+
+    server03:
+      kind: linux
+      image: networkop/host:ifreload
+      binds:
+      - evpn-mlag/server03/etc/network/interfaces:/etc/network/interfaces
+
+    server04:
+      kind: linux
+      image: networkop/host:ifreload
+      binds:
+      - evpn-mlag/server04/etc/network/interfaces:/etc/network/interfaces
+
+    server05:
+      kind: linux
+      image: networkop/host:ifreload
+      binds:
+      - evpn-mlag/server05/etc/network/interfaces:/etc/network/interfaces
+
+    server06:
+      kind: linux
+      image: networkop/host:ifreload
+      binds:
+      - evpn-mlag/server06/etc/network/interfaces:/etc/network/interfaces
+
+
+  links:
+    - endpoints: ["spine01:swp1", "leaf01:swp51"]
+    - endpoints: ["spine02:swp1", "leaf01:swp52"]
+
+    - endpoints: ["spine01:swp2", "leaf02:swp51"]
+    - endpoints: ["spine02:swp2", "leaf02:swp52"]
+
+    - endpoints: ["spine01:swp3", "leaf03:swp51"]
+    - endpoints: ["spine02:swp3", "leaf03:swp52"]
+
+    - endpoints: ["spine01:swp4", "leaf04:swp51"]
+    - endpoints: ["spine02:swp4", "leaf04:swp52"]
+
+    - endpoints: ["spine01:swp5", "border01:swp51"]
+    - endpoints: ["spine02:swp5", "border01:swp52"]
+
+    - endpoints: ["spine01:swp6", "border02:swp51"]
+    - endpoints: ["spine02:swp6", "border02:swp52"]
+
+    - endpoints: ["server01:eth1", "leaf01:swp1"]
+    - endpoints: ["server01:eth2", "leaf02:swp1"]
+
+    - endpoints: ["server02:eth1", "leaf01:swp2"]
+    - endpoints: ["server02:eth2", "leaf02:swp2"]
+
+    - endpoints: ["server03:eth1", "leaf01:swp3"]
+    - endpoints: ["server03:eth2", "leaf02:swp3"]
+
+    - endpoints: ["server04:eth1", "leaf03:swp1"]
+    - endpoints: ["server04:eth2", "leaf04:swp1"]
+
+    - endpoints: ["server05:eth1", "leaf03:swp2"]
+    - endpoints: ["server05:eth2", "leaf04:swp2"]
+
+    - endpoints: ["server06:eth1", "leaf03:swp3"]
+    - endpoints: ["server06:eth2", "leaf04:swp3"]
\ No newline at end of file

From 787c9bdceacb123e3e2913c219388ba087747faf Mon Sep 17 00:00:00 2001
From: networkop <mmkashin@gmail.com>
Date: Fri, 9 Jul 2021 15:25:02 +0100
Subject: [PATCH 3/7] Final checks passed

---
 Makefile                          |  4 +++
 docs/lab-examples/cvx04.md        | 48 +++++++++++++++++++++++++++++++
 docs/lab-examples/lab-examples.md | 10 +++++++
 lab-examples/cvx04/symm-mlag.yml  |  8 +++++-
 mkdocs.yml                        |  1 +
 5 files changed, 70 insertions(+), 1 deletion(-)
 create mode 100644 docs/lab-examples/cvx04.md

diff --git a/Makefile b/Makefile
index 66ac15816..bb71af7a3 100644
--- a/Makefile
+++ b/Makefile
@@ -16,6 +16,10 @@ lint:
 clint:
 	docker run -it --rm -v $$(pwd):/app -w /app golangci/golangci-lint:v1.40.1 golangci-lint run -v
 
+.PHONY: docs
 docs:
 	docker run -v $$(pwd):/docs --entrypoint mkdocs squidfunk/mkdocs-material:7.1.8 build --clean --strict
 
+.PHONY: site
+site:
+	docker run -it --rm -p 8000:8000 -v $$(pwd):/docs squidfunk/mkdocs-material:7.1.8
\ No newline at end of file
diff --git a/docs/lab-examples/cvx04.md b/docs/lab-examples/cvx04.md
new file mode 100644
index 000000000..8d4bd1af7
--- /dev/null
+++ b/docs/lab-examples/cvx04.md
@@ -0,0 +1,48 @@
+|                               |                                                                                          |
+| ----------------------------- | ---------------------------------------------------------------------------------------- |
+| **Description**               | Cumulus In The Cloud                                                                 |
+| **Components**                | [Cumulus Linux][cvx]                                                                     |
+| **Resource requirements**[^1] | :fontawesome-solid-microchip: 2 <br/>:fontawesome-solid-memory: 4 GB                     |
+| **Topology file**             | [symm-mh.yml][topo-mh] <br/>[symm-mlag.yml][topo-mlag]                                                                     |
+| **Name**                      | cvx04                                                                                    |
+| **Version information**[^2]   | `cvx:4.3.0` `docker-ce:19.03.13`                                                         |
+
+## Description
+The lab is a multi-node topology that consists of two racks with two dual-homed servers connected with a leaf-spine network.
+
+
+<div class="mxgraph" style="max-width:100%;border:1px solid transparent;margin:0 auto; display:block;" data-mxgraph="{&quot;page&quot;:1,&quot;zoom&quot;:1.5,&quot;highlight&quot;:&quot;#0000ff&quot;,&quot;nav&quot;:true,&quot;check-visible-state&quot;:true,&quot;resize&quot;:true,&quot;url&quot;:&quot;https://raw.githubusercontent.com/srl-labs/containerlab/diagrams/cvx.drawio&quot;}"></div>
+
+## Use cases
+This is a "Cumulus In The Cloud" topology designed to demonstrate some of the advanced features of Cumulus Linux. It is based on the [original CITC demo environment](https://www.nvidia.com/en-gb/networking/network-simulation/) with the only exception being the reduced number of spine switches (2 instead of 4). The topology can be spun up fully provisioned with the following two configuration options:
+
+1. [EVPN Multi-Homing](topo-mh) -- an EVPN-VXLAN environment with layer 2 extension, layer 3 VXLAN routing and VRFs for multi-tenancy that uses a multicast underlay for VXLAN packet replication and does not use MLAG or CLAG.
+2. [EVPN Symmetric Mode](topo-mlag) -- an EVPN-VXLAN environment with layer 2 extension, layer 3 VXLAN routing, VRFs for multi-tenancy and MLAG/CLAG for server multi-homing.
+
+## Instructions
+
+Each configuration option is provided in its own configuration file -- [`symm-mh.yml`](topo-mh) or [`symm-mlag.yml`](topo-mlag). See [instructions](/lab-examples/lab-examples/#how-to-deploy-a-lab-from-the-lab-catalog) for how to deploy a topology. 
+
+Once up, each node can be accessed via ssh using its hostname (automatically populated in your `/etc/hosts` file) and the default credentials `root/root`:
+
+```
+ssh root@clab-citc-leaf01
+Warning: Permanently added 'clab-citc-leaf01,192.168.223.3' (ECDSA) to the list of known hosts.
+root@clab-citc-leaf01's password:
+Linux 94992c82719f1172 4.19.0-cl-1-amd64 #1 SMP Cumulus 4.19.149-1+cl4.3u1 (2021-01-28) x86_64
+Last login: Fri Jul  9 13:35:48 2021 from 192.168.223.1
+root@94992c82719f1172:mgmt:~# 
+```
+
+!!!note
+    Due to the different boot order inside a container, BGPd may come up stuck waiting for IPv6 LLA of the peer. This issue only appears on the initial boot and can be fixed with the `vtysh -c 'clear ip bgp *` command.
+
+
+[cvx]: https://www.nvidia.com/en-gb/networking/ethernet-switching/cumulus-vx/
+[topo-mh]: https://github.com/srl-labs/containerlab/tree/master/lab-examples/cvx04/symm-mh.yml
+[topo-mlag]: https://github.com/srl-labs/containerlab/tree/master/lab-examples/cvx03/symm-mlag.yml
+
+[^1]: Resource requirements are provisional. Consult with the installation guides for additional information.
+[^2]: The lab has been validated using these versions of the required tools/components. Using versions other than stated might lead to a non-operational setup process.
+
+<script type="text/javascript" src="https://cdn.jsdelivr.net/gh/hellt/drawio-js@main/embed2.js" async></script>
\ No newline at end of file
diff --git a/docs/lab-examples/lab-examples.md b/docs/lab-examples/lab-examples.md
index 3e378cfc1..1153a94b0 100644
--- a/docs/lab-examples/lab-examples.md
+++ b/docs/lab-examples/lab-examples.md
@@ -56,6 +56,16 @@ You are ready to deploy!
 containerlab deploy -t <topo-file>
 ```
 
+#### SSH access
+For nodes that come up with `sshd` enabled, the following lines can be added to `~/.ssh/config` file to simplify access and prevent future ssh key warnings:
+
+```
+Host clab-*
+  User root
+  StrictHostKeyChecking no
+  UserKnownHostsFile /dev/null
+```
+
 ## Public clab catalogs
 As mentioned in the introduction of this article, the lab examples shipped with containerlab explain the features containerlab offers. The comprehensive lab examples are not part of containerlab installation as we want the community to own their work.
 
diff --git a/lab-examples/cvx04/symm-mlag.yml b/lab-examples/cvx04/symm-mlag.yml
index 9b5431cc4..175654be0 100644
--- a/lab-examples/cvx04/symm-mlag.yml
+++ b/lab-examples/cvx04/symm-mlag.yml
@@ -138,4 +138,10 @@ topology:
     - endpoints: ["server05:eth2", "leaf04:swp2"]
 
     - endpoints: ["server06:eth1", "leaf03:swp3"]
-    - endpoints: ["server06:eth2", "leaf04:swp3"]
\ No newline at end of file
+    - endpoints: ["server06:eth2", "leaf04:swp3"]
+
+    - endpoints: ["leaf01:swp49", "leaf02:swp49"]
+    - endpoints: ["leaf01:swp50", "leaf02:swp50"]
+
+    - endpoints: ["leaf03:swp49", "leaf04:swp49"]
+    - endpoints: ["leaf03:swp50", "leaf04:swp50"]
\ No newline at end of file
diff --git a/mkdocs.yml b/mkdocs.yml
index bec87e28e..e07c5d36a 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -72,6 +72,7 @@ nav:
       - Nokia SR Linux and FRR: lab-examples/srl-frr.md
       - FRR: lab-examples/frr01.md
       - Cumulus Test Drive: lab-examples/cvx03.md
+      - Cumulus In The CLoud: lab-examples/cvx04.md
       - BGP VPLS between Nokia and Juniper: lab-examples/bgp-vpls-nok-jun.md
       - Multi-node labs: lab-examples/multinode.md
   - Release notes:

From 983b21bc686ce415066e815f7cf70ab747f30d40 Mon Sep 17 00:00:00 2001
From: networkop <mmkashin@gmail.com>
Date: Fri, 9 Jul 2021 15:55:16 +0100
Subject: [PATCH 4/7] fixed up link

---
 docs/lab-examples/cvx04.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/lab-examples/cvx04.md b/docs/lab-examples/cvx04.md
index 8d4bd1af7..865c83dfa 100644
--- a/docs/lab-examples/cvx04.md
+++ b/docs/lab-examples/cvx04.md
@@ -11,7 +11,7 @@
 The lab is a multi-node topology that consists of two racks with two dual-homed servers connected with a leaf-spine network.
 
 
-<div class="mxgraph" style="max-width:100%;border:1px solid transparent;margin:0 auto; display:block;" data-mxgraph="{&quot;page&quot;:1,&quot;zoom&quot;:1.5,&quot;highlight&quot;:&quot;#0000ff&quot;,&quot;nav&quot;:true,&quot;check-visible-state&quot;:true,&quot;resize&quot;:true,&quot;url&quot;:&quot;https://raw.githubusercontent.com/srl-labs/containerlab/diagrams/cvx.drawio&quot;}"></div>
+<div class="mxgraph" style="max-width:100%;border:1px solid transparent;margin:0 auto; display:block;" data-mxgraph="{&quot;page&quot;:2,&quot;zoom&quot;:1.5,&quot;highlight&quot;:&quot;#0000ff&quot;,&quot;nav&quot;:true,&quot;check-visible-state&quot;:true,&quot;resize&quot;:true,&quot;url&quot;:&quot;https://raw.githubusercontent.com/srl-labs/containerlab/diagrams/cvx.drawio&quot;}"></div>
 
 ## Use cases
 This is a "Cumulus In The Cloud" topology designed to demonstrate some of the advanced features of Cumulus Linux. It is based on the [original CITC demo environment](https://www.nvidia.com/en-gb/networking/network-simulation/) with the only exception being the reduced number of spine switches (2 instead of 4). The topology can be spun up fully provisioned with the following two configuration options:

From 439442c49436a6c2ff04317f149050fae4e8215d Mon Sep 17 00:00:00 2001
From: networkop <mmkashin@gmail.com>
Date: Fri, 9 Jul 2021 16:50:19 +0100
Subject: [PATCH 5/7] changes

---
 docs/lab-examples/lab-examples.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/lab-examples/lab-examples.md b/docs/lab-examples/lab-examples.md
index 1153a94b0..ac7bdf362 100644
--- a/docs/lab-examples/lab-examples.md
+++ b/docs/lab-examples/lab-examples.md
@@ -57,7 +57,7 @@ containerlab deploy -t <topo-file>
 ```
 
 #### SSH access
-For nodes that come up with `sshd` enabled, the following lines can be added to `~/.ssh/config` file to simplify access and prevent future ssh key warnings:
+For nodes that come up with `ssh` enabled, the following lines can be added to the `~/.ssh/config` file on the containerlab host system to simplify access and prevent future ssh key warnings:
 
 ```
 Host clab-*

From 674b8932e1522e04cad1116ebc0a421e9a010662 Mon Sep 17 00:00:00 2001
From: networkop <mmkashin@gmail.com>
Date: Fri, 9 Jul 2021 16:52:38 +0100
Subject: [PATCH 6/7] typo

---
 docs/lab-examples/cvx04.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/lab-examples/cvx04.md b/docs/lab-examples/cvx04.md
index 865c83dfa..e001cd272 100644
--- a/docs/lab-examples/cvx04.md
+++ b/docs/lab-examples/cvx04.md
@@ -40,7 +40,7 @@ root@94992c82719f1172:mgmt:~#
 
 [cvx]: https://www.nvidia.com/en-gb/networking/ethernet-switching/cumulus-vx/
 [topo-mh]: https://github.com/srl-labs/containerlab/tree/master/lab-examples/cvx04/symm-mh.yml
-[topo-mlag]: https://github.com/srl-labs/containerlab/tree/master/lab-examples/cvx03/symm-mlag.yml
+[topo-mlag]: https://github.com/srl-labs/containerlab/tree/master/lab-examples/cvx04/symm-mlag.yml
 
 [^1]: Resource requirements are provisional. Consult with the installation guides for additional information.
 [^2]: The lab has been validated using these versions of the required tools/components. Using versions other than stated might lead to a non-operational setup process.

From 1a09b765fd84cce629fe876b0711bacd89848d77 Mon Sep 17 00:00:00 2001
From: networkop <mmkashin@gmail.com>
Date: Sat, 10 Jul 2021 12:10:11 +0100
Subject: [PATCH 7/7] added intf num cmd argument

---
 lab-examples/cvx04/symm-mh.yml   | 6 ++++++
 lab-examples/cvx04/symm-mlag.yml | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/lab-examples/cvx04/symm-mh.yml b/lab-examples/cvx04/symm-mh.yml
index 6ba29c31d..2437cb0ba 100644
--- a/lab-examples/cvx04/symm-mh.yml
+++ b/lab-examples/cvx04/symm-mh.yml
@@ -71,36 +71,42 @@ topology:
       image: networkop/host:ifreload
       binds:
       - evpn-mh/server01/etc/network/interfaces:/etc/network/interfaces
+      cmd: 3
 
     server02:
       kind: linux
       image: networkop/host:ifreload
       binds:
       - evpn-mh/server02/etc/network/interfaces:/etc/network/interfaces
+      cmd: 3
 
     server03:
       kind: linux
       image: networkop/host:ifreload
       binds:
       - evpn-mh/server03/etc/network/interfaces:/etc/network/interfaces
+      cmd: 3
 
     server04:
       kind: linux
       image: networkop/host:ifreload
       binds:
       - evpn-mh/server04/etc/network/interfaces:/etc/network/interfaces
+      cmd: 3
 
     server05:
       kind: linux
       image: networkop/host:ifreload
       binds:
       - evpn-mh/server05/etc/network/interfaces:/etc/network/interfaces
+      cmd: 3
 
     server06:
       kind: linux
       image: networkop/host:ifreload
       binds:
       - evpn-mh/server06/etc/network/interfaces:/etc/network/interfaces
+      cmd: 3
 
 
   links:
diff --git a/lab-examples/cvx04/symm-mlag.yml b/lab-examples/cvx04/symm-mlag.yml
index 175654be0..8cb5c0922 100644
--- a/lab-examples/cvx04/symm-mlag.yml
+++ b/lab-examples/cvx04/symm-mlag.yml
@@ -71,36 +71,42 @@ topology:
       image: networkop/host:ifreload
       binds:
       - evpn-mlag/server01/etc/network/interfaces:/etc/network/interfaces
+      cmd: 3
 
     server02:
       kind: linux
       image: networkop/host:ifreload
       binds:
       - evpn-mlag/server02/etc/network/interfaces:/etc/network/interfaces
+      cmd: 3
 
     server03:
       kind: linux
       image: networkop/host:ifreload
       binds:
       - evpn-mlag/server03/etc/network/interfaces:/etc/network/interfaces
+      cmd: 3
 
     server04:
       kind: linux
       image: networkop/host:ifreload
       binds:
       - evpn-mlag/server04/etc/network/interfaces:/etc/network/interfaces
+      cmd: 3
 
     server05:
       kind: linux
       image: networkop/host:ifreload
       binds:
       - evpn-mlag/server05/etc/network/interfaces:/etc/network/interfaces
+      cmd: 3
 
     server06:
       kind: linux
       image: networkop/host:ifreload
       binds:
       - evpn-mlag/server06/etc/network/interfaces:/etc/network/interfaces
+      cmd: 3
 
 
   links: