- Create a new file called l3vpn.yml with the following content:
---
l3vpns:
vpna:
state: present
rt: "target:{{bgp_asn}}:10"
rd: "1:10"
sites:
- node: mxpe01
port: ge-0/0/3.10
ip: 172.10.1.1/24
- node: mxpe02
port: ge-0/0/3.10
ip: 172.10.2.1/24
vpnb:
state: present
rt: "target:{{bgp_asn}}:20"
rd: "1:20"
sites:
- node: mxpe01
port: ge-0/0/3.20
ip: 172.20.1.1/24
- node: mxpe02
port: ge-0/0/3.20
ip: 172.20.2.1/24
- Create a new playbook called pb_junos_l3vpn.yml with the following tasks to configure the PE-Customer Edge (CE) links:
---
- name: "Deploy L3VPNs on Juniper Devices"
hosts: pe
vars_files:
- "l3vpn.yml"
tasks:
- name: "Set VPN Interfaces"
set_fact:
l3vpn_intfs: "{{ l3vpn_intfs|default([]) +
l3vpns[item.key].sites |
selectattr('node','equalto',inventory_hostname) | list}}"
with_dict: "{{l3vpns}}"
delegate_to: localhost
- name: "Configure Interfaces for L3VPN Sites"
junos_config:
lines:
- set interfaces {{ item.port.split('.')[0]}} vlan-tagging
- set interfaces {{ item.port}} vlan-id {{ item.port.split('.')[1] }}
loop: "{{ l3vpn_intfs }}"
- Add the following tasks in pb_junos_l3vpn.yml to set up the P2P IP address on the PE-CE links:
- name: "Configure IP address for L3VPN Interfaces"
junos_l3_interface:
name: "{{ item.port.split('.')[0]}}"
ipv4: "{{ item.ip }}"
unit: "{{ item.port.split('.')[1] }}"
loop: "{{l3vpn_intfs}}"
tags: intf_ip
- Add the following task in pb_junos_l3vpn.yml to configure the virtual routings and forwardings (VRFs) on the PE nodes:
- name: "Configure L3VPNs"
junos_vrf:
name: "{{ item.key }}"
rd: "{{item.value.rd}}"
target: "{{ item.value.rt }}"
interfaces: "{{ l3vpns[item.key].sites |
map(attribute='port') | list }}"
state: "{{ item.value.state }}"
with_dict: "{{l3vpns}}"
when: inventory_hostname in (l3vpns[item.key].sites | map(attribute='node') | list)
tags: l3vpn