Skip to content

update for manual underlay ipv6 #552

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 6 commits into
base: develop
Choose a base branch
from
Draft

update for manual underlay ipv6 #552

wants to merge 6 commits into from

Conversation

ccoueffe
Copy link
Collaborator

@ccoueffe ccoueffe commented Aug 12, 2025
edited
Loading

Related Issue(s)

Related Collection Role

  • cisco.nac_dc_vxlan.validate
  • cisco.nac_dc_vxlan.dtc.create
  • cisco.nac_dc_vxlan.dtc.deploy
  • cisco.nac_dc_vxlan.dtc.remove
  • other

Related Data Model Element

  • vxlan.fabric
  • vxlan.global
  • vxlan.topology
  • vxlan.underlay
  • vxlan.overlay
  • vxlan.overlay_extensions
  • vxlan.policy
  • vxlan.multisite
  • defaults.vxlan
  • other

Proposed Changes

Add support for manual IPv6 underlay.
Need to add a key: manual_ipv6_router_id in schema to defined router_id on Nexus device.
In IPv6 we cannot use Loopback IPv6 and we need to provide an additional value.

Example:

vxlan:
  topology:
    switches:
      - name: ipv6-bgw1
        role: spine
        management:
          default_gateway_v4: 10.229.42.254
          management_ipv4_address: 10.229.42.180
          subnet_mask_ipv4: 24
        manual_ipv6_router_id: 1.1.1.180 <<< New key
        serial_number: 9B9EAU0DP6F

Jinja template for underlay renders this data:

---
- entity_name: "9B9EAU0DP6F~loopback0"
  pool_type: IP
  pool_name: "LOOPBACK0_IP_POOL"
  scope_type: device_interface
  resource: "fd00::a:180"
  switch:
    - "10.229.42.180"
- entity_name: "9FC431O3ALV~loopback0"
  pool_type: IP
  pool_name: "LOOPBACK0_IP_POOL"
  scope_type: device_interface
  resource: "fd00::a:181"
  switch:
    - "10.229.42.181"

- entity_name: "9B9EAU0DP6F~loopback1"
  pool_type: IP
  pool_name: "LOOPBACK1_IP_POOL"
  scope_type: device_interface
  resource: "fd00::b:180"
  switch:
    - "10.229.42.180"
- entity_name: "9FC431O3ALV~loopback1"
  pool_type: IP
  pool_name: "LOOPBACK1_IP_POOL"
  scope_type: device_interface
  resource: "fd00::b:181"
  switch:
    - "10.229.42.181"

- entity_name: "9B9EAU0DP6F"
  pool_type: IP
  pool_name: "ROUTER_ID_POOL"
  scope_type: device
  resource: "1.1.1.180"
  switch:
    - "10.229.42.180"
- entity_name: "9FC431O3ALV"
  pool_type: IP
  pool_name: "ROUTER_ID_POOL"
  scope_type: device
  resource: "1.1.1.181"
  switch:
    - "10.229.42.181"


- entity_name: "9B9EAU0DP6F~Ethernet1/1~9FC431O3ALV~Ethernet1/1"
  pool_type: SUBNET
  pool_name: "SUBNET"
  scope_type: link
  resource: "ffd0::a04:0/127"
  switch:
  - "10.229.42.180"

- entity_name: "9B9EAU0DP6F~Ethernet1/1"
  pool_type: IP
  pool_name: "ffd0::a04:0/127"
  scope_type: device_interface
  resource: "ffd0::a04:0"
  switch:
  - "10.229.42.180"

- entity_name: "9FC431O3ALV~Ethernet1/1"
  pool_type: IP
  pool_name: "ffd0::a04:0/127"
  scope_type: device_interface
  resource: "ffd0::a04:1"
  switch:
  - "10.229.42.181"

Rule 208 is updated to check both IPv4 and IPv6. There is also a special thing to check router_id in IPv6.

Condition in Create Fabric task is updated to limit Anycast only when replication is multicast. It's not required in Ingress. Resource: anycast is updated to use ipv4 or ipv6 value depending on ipv6_underlay configuration.

Example of data source:

---
vxlan:
  topology:
    # vpc_peers:
    #   - peer1: ipv6-leaf1
    #     peer2: ipv6-leaf2
    #     peer1_peerlink_interfaces:
    #       - name: Ethernet1/3
    #     peer2_peerlink_interfaces:
    #       - name: Ethernet1/3
    #     domain_id: 10
    #     fabric_peering: false
    #     vtep_vip: fd00::a:180

    fabric_links:
      # Example of P2P w/ physical interfaces
      # Required only if vxlan.underlay.ipv6.enable_ipv6_link_local_address is false.
      # In that case we need to provide IPv6. Could be compared to p2p vs unnumbered in IPv4
      - source_device: ipv6-bgw1
        source_interface: Ethernet1/1
        dest_device: ipv6-leaf1
        dest_interface: Ethernet1/1
        ipv6:
          subnet: "ffd0::a04:0/127"
          source_ipv6: "ffd0::a04:0"
          dest_ipv6: "ffd0::a04:1"

    switches:
      - name: ipv6-bgw1
        role: spine
        management:
          default_gateway_v4: 10.229.42.254
          management_ipv4_address: 10.229.42.180
          subnet_mask_ipv4: 24
        manual_ipv6_router_id: 1.1.1.180
        serial_number: 9B9EAU0DP6F
        interfaces:
          - name: Loopback0
            mode: fabric_loopback
            enabled: true
            ipv6_address: fd00::a:180
            description: Routing loopback interface
          - name: Loopback1
            mode: fabric_loopback
            enabled: true
            ipv6_address: fd00::b:180
            description: VTEP loopback interface
      - name: ipv6-leaf1
        role: leaf
        management:
          default_gateway_v4: 10.229.42.254/24
          management_ipv4_address: 10.229.42.181
        manual_ipv6_router_id: 1.1.1.181
        serial_number: 9FC431O3ALV
        interfaces:
          - name: Loopback0
            mode: fabric_loopback
            enabled: true
            ipv6_address: fd00::a:181
            description: Routing loopback interface
          - name: Loopback1
            mode: fabric_loopback
            enabled: true
            ipv6_address: fd00::b:181
            description: VTEP loopback interface

Test Notes

Cisco NDFC Version

Checklist

  • Latest commit is rebased from develop with merge conflicts resolved
  • New or updates to documentation has been made accordingly
  • Assigned the proper reviewers

@ccoueffe ccoueffe self-assigned this Aug 12, 2025
mtarking
mtarking requested changes Aug 14, 2025
View reviewed changes
roles/dtc/create/tasks/common/fabric.yml Outdated
@@ -51,7 +51,8 @@
skip_validation: "{{ True if vxlan.fabric.type == 'ISN' else omit }}"
config: "{{ vars_common_local.fabric_config }}"

- name: Create ANYCAST_RP in Nexus Dashboard

- name: Set and Create ANYCAST_RP in Nexus Dashboard
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lets keep the same: Create ANYCAST_RP in Nexus Dashboard

roles/dtc/create/tasks/common/fabric.yml Outdated
resource: >-
{{
vxlan.underlay.multicast.ipv6.anycast_rp
if vxlan.underlay.general.enable_ipv6_underlay | default(false)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lets use the shipped defaults variable here

roles/validate/files/rules/ibgp_vxlan/208_manual_ipaddress_allocation.py Outdated
Comment on lines 23 to 24
# Check if anycast_rp is configured:
# Check if anycast_rp is configured
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Duplicate lines

@mtarking mtarking mentioned this pull request Aug 14, 2025
Open
18 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mtarking mtarking mtarking requested changes

Requested changes must be addressed to merge this pull request.

Assignees

@ccoueffe ccoueffe

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ccoueffe @mtarking