ipspace
diff --git a/‎EVPN/mpls-vlan-bundle/README.md
+11 b/‎EVPN/mpls-vlan-bundle/README.md
+11
diff --git a/‎EVPN/mpls-vlan-bundle/evpn-mpls-vlan-bundle.png
78.7 KB b/‎EVPN/mpls-vlan-bundle/evpn-mpls-vlan-bundle.png
78.7 KB
diff --git a/‎EVPN/mpls-vlan-bundle/saved_config/p.cfg
+105 b/‎EVPN/mpls-vlan-bundle/saved_config/p.cfg
+105
diff --git a/‎EVPN/mpls-vlan-bundle/saved_config/pe1.cfg
+147 b/‎EVPN/mpls-vlan-bundle/saved_config/pe1.cfg
+147
@@ -0,0 +1,11 @@
+# EVPN/MPLS bridging
+
+This directory contains *netlab* topology file for an EVPN VLAN-Aware Bundle Service running over MPLS transport.
+
+![EVPN/MPLS bridging topology](evpn-mpls-vlan-bundle.png)
+
+The lab uses three PE-routers to illustrate a mesh of MPLS circuits between them, and hosts attached to two VLANs on one of the PE-routers to illustrate sharing of MPLS labels between different VLANs.
+ 
+After starting the lab, hosts in the same lab should be able to ping each other.
+
+This topology was tested with Arista EOS PE-routers running vEOS 4.28.2F. EVPN control plane probably works with cEOS containers, [MPLS data plane might not](https://blog.ipspace.net/2022/03/dataplane-quirks-virtual-devices.html).
@@ -0,0 +1,105 @@
+! Command: show running-config
+! device: p (vEOS-lab, EOS-4.28.2F)
+!
+! boot system flash:/vEOS-lab.swi
+!
+no aaa root
+!
+username vagrant privilege 15 secret sha512 $6$3kgdKcJLJ3j/0N51$a0YshIzKL3xtdwP6XXXRlY9B8yHFK/tLdg0I95YUIaW7oHqLsgK9TxMg8/0bL6VDkImuWT.g7WRKTxi8nNPtA1
+username vagrant ssh-key ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key
+!
+transceiver qsfp default-mode 4x10G
+!
+service routing protocols model multi-agent
+!
+hostname p
+ip host h1 172.16.0.5
+ip host h2 172.16.1.6
+ip host h3 172.16.0.7
+ip host h4 172.16.1.8
+ip host pe1 10.0.0.1 10.1.0.2
+ip host pe2 10.0.0.2 10.1.0.6
+ip host pe3 10.0.0.3 10.1.0.10
+!
+spanning-tree mode mstp
+!
+vrf instance management
+!
+management api http-commands
+   no shutdown
+   !
+   vrf management
+      no shutdown
+!
+management api netconf
+   transport ssh default
+!
+management api restconf
+   transport https default
+      ssl profile default
+      port 6040
+!
+management security
+   ssl profile default
+      certificate default key default
+!
+aaa authorization exec default local
+!
+interface Ethernet1
+   description p -> pe1
+   mac-address 52:dc:ca:fe:04:01
+   no switchport
+   ip address 10.1.0.1/30
+   mpls ldp interface
+   ip ospf network point-to-point
+   ip ospf area 0.0.0.0
+!
+interface Ethernet2
+   description p -> pe2
+   mac-address 52:dc:ca:fe:04:02
+   no switchport
+   ip address 10.1.0.5/30
+   mpls ldp interface
+   ip ospf network point-to-point
+   ip ospf area 0.0.0.0
+!
+interface Ethernet3
+   description p -> pe3
+   mac-address 52:dc:ca:fe:04:03
+   no switchport
+   ip address 10.1.0.9/30
+   mpls ldp interface
+   ip ospf network point-to-point
+   ip ospf area 0.0.0.0
+!
+interface Loopback0
+   ip address 10.0.0.4/32
+   mpls ldp interface
+   ip ospf area 0.0.0.0
+!
+interface Management1
+   vrf management
+   ip address dhcp
+   no lldp transmit
+   no lldp receive
+!
+ip routing
+no ip routing vrf management
+!
+mpls ip
+!
+mpls ldp
+   router-id 10.0.0.4
+   transport-address interface Loopback0
+   interface disabled default
+   no shutdown
+!
+router ospf 1
+   router-id 10.0.0.4
+   max-lsa 12000
+!
+management ssh
+   vrf management
+      no shutdown
+!
+end
@@ -0,0 +1,147 @@
+! Command: show running-config
+! device: pe1 (vEOS-lab, EOS-4.28.2F)
+!
+! boot system flash:/vEOS-lab.swi
+!
+no aaa root
+!
+username vagrant privilege 15 secret sha512 $6$3kgdKcJLJ3j/0N51$a0YshIzKL3xtdwP6XXXRlY9B8yHFK/tLdg0I95YUIaW7oHqLsgK9TxMg8/0bL6VDkImuWT.g7WRKTxi8nNPtA1
+username vagrant ssh-key ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key
+!
+transceiver qsfp default-mode 4x10G
+!
+service routing protocols model multi-agent
+!
+hostname pe1
+ip host h1 172.16.0.5
+ip host h2 172.16.1.6
+ip host h3 172.16.0.7
+ip host h4 172.16.1.8
+ip host p 10.0.0.4 10.1.0.1 10.1.0.5 10.1.0.9
+ip host pe2 10.0.0.2 10.1.0.6
+ip host pe3 10.0.0.3 10.1.0.10
+!
+spanning-tree mode mstp
+!
+vlan 1000
+   name red
+!
+vrf instance management
+!
+vrf instance tenant
+   rd 65000:1
+!
+management api http-commands
+   no shutdown
+   !
+   vrf management
+      no shutdown
+!
+management api netconf
+   transport ssh default
+!
+management api restconf
+   transport https default
+      ssl profile default
+      port 6040
+!
+management security
+   ssl profile default
+      certificate default key default
+!
+aaa authorization exec default local
+!
+interface Ethernet1
+   description pe1 -> p
+   mac-address 52:dc:ca:fe:01:01
+   no switchport
+   ip address 10.1.0.2/30
+   mpls ldp interface
+   ip ospf network point-to-point
+   ip ospf area 0.0.0.0
+!
+interface Ethernet2
+   mac-address 52:dc:ca:fe:01:02
+   switchport access vlan 1000
+!
+interface Loopback0
+   ip address 10.0.0.1/32
+   mpls ldp interface
+   ip ospf area 0.0.0.0
+!
+interface Management1
+   vrf management
+   ip address dhcp
+   no lldp transmit
+   no lldp receive
+!
+ip routing
+no ip routing vrf management
+no ip routing vrf tenant
+!
+mpls ip
+!
+mpls ldp
+   router-id 10.0.0.1
+   transport-address interface Loopback0
+   interface disabled default
+   no shutdown
+!
+route-map next-hop-self-ipv4 permit 10
+   match route-type external
+   set ip next-hop peer-address
+!
+route-map next-hop-self-ipv4 permit 20
+!
+route-map next-hop-self-ipv6 permit 10
+   match route-type external
+   set ipv6 next-hop peer-address
+!
+route-map next-hop-self-ipv6 permit 20
+!
+router bgp 65000
+   router-id 10.0.0.1
+   no bgp default ipv4-unicast
+   bgp advertise-inactive
+   neighbor 10.0.0.2 remote-as 65000
+   neighbor 10.0.0.2 update-source Loopback0
+   neighbor 10.0.0.2 description pe2
+   neighbor 10.0.0.2 send-community standard extended
+   neighbor 10.0.0.3 remote-as 65000
+   neighbor 10.0.0.3 update-source Loopback0
+   neighbor 10.0.0.3 description pe3
+   neighbor 10.0.0.3 send-community standard extended
+   !
+   vlan-aware-bundle tenant
+      rd 65000:1
+      route-target import 65000:1
+      route-target export 65000:1
+      redistribute learned
+      vlan 1000-1001
+   !
+   address-family evpn
+      neighbor default encapsulation mpls next-hop-self source-interface Loopback0
+      neighbor 10.0.0.2 activate
+      neighbor 10.0.0.3 activate
+   !
+   address-family ipv4
+      neighbor 10.0.0.2 activate
+      neighbor 10.0.0.2 route-map next-hop-self-ipv4 out
+      neighbor 10.0.0.3 activate
+      neighbor 10.0.0.3 route-map next-hop-self-ipv4 out
+      network 10.0.0.1/32
+   !
+   vrf tenant
+      rd 65000:1
+      router-id 10.0.0.1
+      redistribute connected
+!
+router ospf 1
+   router-id 10.0.0.1
+   max-lsa 12000
+!
+management ssh
+   vrf management
+      no shutdown
+!
+end