L3 EVPN Gateway Issue - T3/Strata

[RestlessWanderer]

Issue Summary

Issues discovered and tracked in TAC SR 617577.

When evpn_gateway.evpn_l2.enabled = true is set, AVD will render the configuration regardless of platform. T3/strata does not support L2 EVPN GW, so this should be rejected when platform type is t3.

When evpn_gateway.evpn_l3.enabled = true, regardless if inter_domain is set to true or false, the configuration of neighbor <x.x.x.x/peer-group> domain remote under the evpn AF is rendered. This is not supported on t3/strata, so it should not be rendered, as it enables vtep-to-vtep bridging, which causes a loop within the evpn overlay.

A Bug is opened due to the neighbor <x.x.x.x/peer-group> domain remote being accepted on t3/strata to reject/hide the command, but we should also add guardrails in AVD.

Which component(s) of AVD impacted

eos_designs

How do you run AVD ?

Ansible CLI (with virtual-env or native python)

Steps to reproduce

Set node_type.defaults.platform = 7050X3, and use the following data model under nodes that would be evpn gateways:

evpn_gateway: 
    evpn_l2:    
       enabled: true
    evpn_l3:    
       enabled: true
       inter_domain: false

Relevant log output

Contributing Guide

• I agree to follow this project's Code of Conduct

[RestlessWanderer]

Can you please assign to me? I would like to take a shot at fixing this.

[ClausHolbechArista]

Will the gateway feature even make sense without the domain remote command? Isn't it just a regular evpn peering then?

[RestlessWanderer]

From my understanding, its still considered an evpn gateway for Type 5 routes only.

See TOI:

https://www.arista.com/en/support/toi/eos-4-25-0f/14591-evpn-l3-gateway