eos: add ip source and mac address-table entries

dd-ix · Feb 25, 2024 · 37fd51f · 37fd51f
1 parent 82735d5
commit 37fd51f
Show file tree

Hide file tree

Showing 4 changed files with 66 additions and 4 deletions.
diff --git a/templates/eos/DCS-7050SX-64.conf.j2 b/templates/eos/DCS-7050SX-64.conf.j2
@@ -13,6 +13,9 @@ service interface unconnected expose
 !
 transceiver qsfp default-mode 4x10G
 !
+{% block ip_source_binding %}
+{% endblock %}
+!
 service routing protocols model multi-agent
 !
 logging monitor warnings
@@ -44,6 +47,9 @@ aaa authentication login console local group radius
 !
 {% block interfaces %}
 {% endblock %}
+!
+{% block mac_address_table %}
+{% endblock %}
 {# RFC8327: BGP Culling ACLs #}
 ipv6 access-list bgp-culling-ipv6
    10 deny tcp 2001:7f8:19:1::/64 eq bgp 2001:7f8:19:1::/64

diff --git a/templates/eos/DCS-MACROS.j2 b/templates/eos/DCS-MACROS.j2
@@ -34,15 +34,15 @@ interface {{ iface }}
 {{ undef(hint='ASSERTION: peering iface %s has unexpected vid %d'|format(iface, peer.vlanid)) }}
 {% endif %}
    description IXP AS{{ peer.asn }} {{ peer.slug }}
-   switchport mode access
    switchport access vlan 600
-   sflow enable
+   ip verify source
    mac access-group peer-eth{{ ifnum }} in
+   no lldp transmit
+   no lldp receive
+   sflow enable
    storm-control broadcast level 0.01
    storm-control multicast level 0.01
    storm-control unknown-unicast level 0.01
-   no lldp transmit
-   no lldp receive
 {% else %}
 {{ undef(hint='ASSERTION: found more than a single peer for iface %s'|format(iface)) }}
 {% endif %}
@@ -119,3 +119,23 @@ mac access-list peer-eth{{ ifnum }}
 {{ undef(hint='ASSERTION: found more than a single peer for iface %s'|format(iface)) }}
 {% endif %}
 {%- endmacro -%}
+
+
+
+{% macro ip_source_binding() -%}
+{% for peer in ixp_manager_peers.query_result|first|selectattr('switchname', 'equalto', switch_vars.inventory_hostname_short)|sort(attribute='l2address') %}
+{% if peer.l2address %}
+ip source binding {{ peer.ipv4address }} {{ peer.l2address|ansible.utils.hwaddr('linux') }} vlan 600 interface {{ peer.switchport }}
+{% endif %}
+{% endfor %}
+{%- endmacro -%}
+
+
+
+{% macro mac_address_table() -%}
+{% for peer in ixp_manager_peers.query_result|first|selectattr('switchname', 'equalto', switch_vars.inventory_hostname_short)|sort(attribute='l2address') %}
+{% if peer.l2address %}
+mac address-table static {{ peer.l2address|ansible.utils.hwaddr('cisco') }} vlan 600 interface {{ peer.switchport }}
+{% endif %}
+{% endfor %}
+{%- endmacro -%}
diff --git a/templates/eos/ixp-c2-sw01.dd-ix.net.conf.j2 b/templates/eos/ixp-c2-sw01.dd-ix.net.conf.j2
@@ -15,6 +15,8 @@ vlan 666
 !
 {% endblock %}
 
+
+
 {% block interfaces %}
 interface Port-Channel43
    description L2T ixp-rs02
@@ -54,3 +56,19 @@ interface UnconnectedEthernet{{ ifnum }}
 {% endfor %}
 !
 {% endblock %}
+
+
+
+{% block ip_source_binding %}
+{# Peers: ip source bindings #}
+{{ dcs.ip_source_binding() -}}
+!
+{% endblock %}
+
+
+
+{% block mac_address_table %}
+{# Peers: static mac-address table entries #}
+{{ dcs.mac_address_table() }}
+!
+{% endblock %}
diff --git a/templates/eos/ixp-cc-sw01.dd-ix.net.conf.j2 b/templates/eos/ixp-cc-sw01.dd-ix.net.conf.j2
@@ -14,6 +14,8 @@ vlan 666
 !
 {% endblock %}
 
+
+
 {% block interfaces %}
 interface Port-Channel43
    description L2T ixp-rs01
@@ -53,3 +55,19 @@ interface UnconnectedEthernet{{ ifnum }}
 {% endfor %}
 !
 {% endblock %}
+
+
+
+{% block ip_source_binding %}
+{# Peers: ip source bindings #}
+{{ dcs.ip_source_binding() -}}
+!
+{% endblock %}
+
+
+
+{% block mac_address_table %}
+{# Peers: static mac-address table entries #}
+{{ dcs.mac_address_table() -}}
+!
+{% endblock %}