Changes before the presentation at HL2025 v2

README.md

@@ -27,7 +27,7 @@ The details of the EVPN's operation and evpn-connector daemon workflow are descr
 
 ### Prerequisites
 
-*   **Python 3.8
+*   **Python 3.8**
 *   **System Dependencies:**
     *   `gobgp` (for interaction via BGP within the EVPN control plane)
     *   `openvswitch-switch` (for interaction via VXLAN within the EVPN data plane)
@@ -133,5 +133,5 @@ Start the service by specifying the path to your configuration file:
 2.  **Run evpn-connector**
     ```bash
     source evpn/bin/activate
-    evpn-connector --config-file ~/evpn/config/evpn_connector.cfg --daemon-configs_dir "/var/lib/evpn_connector/client_configs/"
+    evpn-connector --config-file /etc/evpn_connector/evpn_connector.conf --daemon-configs_dir "/var/lib/evpn_connector/client_configs/"
     ```

docs/demo/PREPARE_BORDER.md

@@ -0,0 +1,79 @@
+Configuring border for demo env:
+
+Full network scheme ![here](./demo_env_network_scheme.png)
+
+1. Download Debian 12 nocloud image:
+    ```bash
+    wget https://cdimage.debian.org/images/cloud/bookworm/latest/debian-12-nocloud-amd64.qcow2
+    ```
+2. Run virtual machine via virt-manager or qemu:
+    ```
+    Hostname: border, ip_address: 10.10.10.3 on enp1s0
+    ```
+3. Install packages:
+    ```bash
+    sudo apt update
+    sudo apt install screen tcpdump jq git wget
+    ```
+
+4. Install docker on border router
+    ```bash
+    sudo apt install ca-certificates curl
+    sudo install -m 0755 -d /etc/apt/keyrings
+    sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
+    sudo chmod a+r /etc/apt/keyrings/docker.asc
+    echo \
+        "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
+        $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
+        sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+    sudo apt update
+    sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
+    ```
+5. Download CEOS image (cEOS64-lab-4.34.3M.tar) from [Arista oficial repo](https://www.arista.com/en/support/software-download)
+
+6. Import image to docker
+    ```bash
+    docker import cEOS64-lab-4.34.3M.tar ceos:4.34.3M
+    ```
+7. Run CEOS container
+    ```bash
+    docker run --name ceos --network bridge --privileged -p 4443:443 -td --rm -e INTFTYPE=eth -e ETBA=1 -e SKIP_ZEROTOUCH_BARRIER_IN_SYSDBINIT=1 -e CEOS=1 -e EOS_PLATFORM=ceoslab -e container=docker -e MAPETH0=1 -e MGMT_INTF=enp1s0 ceos:4.34.3M /sbin/init systemd.setenv=INTFTYPE=eth systemd.setenv=ETBA=1 systemd.setenv=SKIP_ZEROTOUCH_BARRIER_IN_SYSDBINIT=1 systemd.setenv=CEOS=1 systemd.setenv=EOS_PLATFORM=ceoslab systemd.setenv=container=docker systemd.setenv=MAPETH0=1 systemd.setenv=MGMT_INTF=enp1s0
+    ```
+8. Add veth pairs to CEOS container netns
+    ```bash
+    sudo ip netns attach ceos "$(docker inspect -f '{{.State.Pid}}' ceos)"
+    ip link add veth-11 type veth peer name eth12
+    ip link set netns ceos eth12
+    ip link set veth-11 up
+    ip netns exec ceos ip link set eth12 up
+    ip link add veth22 type veth peer name eth22
+    ip link set veth22 up
+    ip link set netns ceos eth22
+    ip netns exec ceos ip link set eth22 up
+    ```
+9. Configure routing in main netns
+    ```bash
+    ip address add 10.20.20.1/24 dev veth-11
+    ip address add 10.30.30.1/24 dev veth22
+    ip route add 10.40.40.0/24 via 10.20.20.2
+    ip route add 172.16.0.0/24 via 10.30.30.2
+    iptables -t nat -A POSTROUTING -s 172.16.0.0/24 -o enp1s0 -j MASQUERADE
+    iptables -t nat -A POSTROUTING -s 10.30.30.0/24 -o enp1s0 -j MASQUERADE
+    echo 1 > /proc/sys/net/ipv4/ip_forward
+    iptables -P FORWARD ACCEPT
+    ```
+10. Connecting to CEOS CLI
+    ```bash
+    docker exec -it ceos Cli
+    ```
+11. Configuring CEOS router
+    ```bash
+    > no aaa root
+    > enable
+    # agent Fru terminate
+    # agent Ebra terminate
+    # configure
+    (config)# <paste ./border/ceos_config.txt here>
+    (config)# exit
+    # write mem
+    ```

docs/demo/CONFIGURE.md → docs/demo/PREPARE_COMPUTE.md

@@ -6,8 +6,8 @@ Configuring demo env:
     ```
 2. Run virtual machines via virt-manager or qemu:
     ```
-    Hostname: compute1, ip_address: 10.10.10.1
-    Hostname: compute2, ip_address: 10.10.10.2
+    Hostname: compute1, ip_address: 10.10.10.1 on enp1s0
+    Hostname: compute2, ip_address: 10.10.10.2 on enp1s0
     ```
 3. Install packages:
     ```bash
@@ -59,4 +59,11 @@ Configuring demo env:
     ```
 11. Copy configs for all daemons from repo (for each compute host separately):
     ```bash
-    cp -r evpn_connector/docs/source/demo/compute1/* ~/
+    cp -r evpn_connector/docs/demo/compute1/* ~/
+
+12. (Optional) Add routing to work with the border router
+    ```bash
+    ip route add 10.20.20.0/24 via 10.10.10.3
+    ip route add 10.30.30.0/24 via 10.10.10.3
+    ip route add 10.40.40.0/24 via 10.10.10.3
+    ```

docs/demo/border/ceos_config.txt

@@ -0,0 +1,84 @@
+! Command: show running-config
+! device: ceos (cEOSLab, EOS-4.34.3M-44102281.4343M (engineering build))
+!
+no aaa root
+!
+no service interface inactive port-id allocation disabled
+!
+transceiver qsfp default-mode 4x10G
+!
+service routing protocols model multi-agent
+!
+agent PowerManager shutdown
+agent LedPolicy shutdown
+agent Thermostat shutdown
+agent PowerFuse shutdown
+agent StandbyCpld shutdown
+agent LicenseManager shutdown
+!
+hostname ceos
+!
+spanning-tree mode mstp
+!
+system l1
+unsupported speed action error
+unsupported error-correction action error
+!
+vrf instance ext
+rd 1:1
+!
+interface Ethernet12
+no switchport
+ip address 10.20.20.2/24
+!
+interface Ethernet22
+no switchport
+vrf ext
+ip address 10.30.30.2/24
+!
+interface Ethernet510
+!
+interface Loopback0
+ip address 10.40.40.1/32
+!
+interface Vxlan1
+vxlan source-interface Loopback0
+vxlan udp-port 4789
+vxlan vrf ext vni 10
+!
+ip routing
+ip routing vrf ext
+!
+ip route 10.10.10.0/24 10.20.20.1
+ip route vrf ext 0.0.0.0/0 10.30.30.1
+!
+router bgp 65300
+neighbor 10.10.10.1 remote-as 65100
+neighbor 10.10.10.1 ebgp-multihop 7
+neighbor 10.10.10.1 timers min-hold-time 3
+neighbor 10.10.10.1 idle-restart-timer 60
+neighbor 10.10.10.1 send-community extended
+neighbor 10.10.10.2 remote-as 65200
+neighbor 10.10.10.2 ebgp-multihop 7
+neighbor 10.10.10.2 timers min-hold-time 3
+neighbor 10.10.10.2 idle-restart-timer 60
+neighbor 10.10.10.2 send-community extended
+!
+address-family evpn
+neighbor 10.10.10.1 activate
+neighbor 10.10.10.2 activate
+!
+vrf ext
+rd 10.30.30.2:10
+route-target import 65000:10
+route-target export 65000:10
+redistribute static
+!
+router multicast
+ipv4
+software-forwarding kernel
+!
+ipv6
+software-forwarding kernel
+!
+end

docs/demo/compute1/evpn_connector.cfg

@@ -27,6 +27,7 @@ grpc_timeout_sec = 100
 # Don't change this param without gobgp restart
 source_ip = "10.10.10.1"
 as_number = 1
+router_mac_type5 = "12:34:56:78:90:a1"
 
 [ovs]
 switch_name = "evpn"
@@ -37,3 +38,6 @@ ovs_ofctl_bin_path="/usr/bin/ovs-ofctl"
 
 [anycast]
 anycast_status_file = /tmp/anycast_status_file
+
+[daemon]
+configs_dir = /root/vm_conf/

docs/demo/compute2/evpn_connector.cfg

@@ -27,6 +27,7 @@ grpc_timeout_sec = 100
 # Don't change this param without gobgp restart
 source_ip = "10.10.10.2"
 as_number = 1
+router_mac_type5 = "12:34:56:78:90:a2"
 
 [ovs]
 switch_name = "evpn"
@@ -37,3 +38,6 @@ ovs_ofctl_bin_path="/usr/bin/ovs-ofctl"
 
 [anycast]
 anycast_status_file = /tmp/anycast_status_file
+
+[daemon]
+configs_dir = /root/vm_conf/