- Network Automation Cookbook
- Karim Okasha
- 309字
- 2025-04-04 13:10:14
How it works...
We create a new YAML file called l3vpn.yml that describes and models the L3VPN topology and data that we want to implement on all the Juniper devices on our topology. We include this file in the new playbook that we create in order to provision the L3VPNs on our network devices.
In the pb_junos_l3vpn.yml playbook, we use the data from the l3vpn.yml file to capture the data required to provision the L3VPN.
In the first task within our playbook, we create a new variable called l3vpn_intfs that captures all the L3VPN interfaces on each PE device, across all the VPNs that we have defined in our l3vpn.yml file. We loop over all the L3VPNs in this file, and we create a new list data structure for all the interfaces that belong to a specific node. The following snippet outlines the new data structure l3vpn_intfs for mxpe01:
ok: [mxpe01 -> localhost] => {
"l3vpn_intfs": [
{
"ip": "172.10.1.1/24",
"node": "mxpe01",
"port": "ge-0/0/3.10"
},
{
"ip": "172.20.1.1/24",
"node": "mxpe01",
"port": "ge-0/0/3.20"
}
]
}
Next, in our playbook, we divide the provisioning of our L3VPN service to multiple tasks:
- We use the junos_config module to configure all the interfaces that are part of the L3VPNs to be ready to configure virtual LANs (VLANs) on these interfaces.
- We use the junos_l3_interface module to apply the IPv4 addresses on all these interfaces that are part of our L3VPN model.
- We use the junos_vrf module to configure the correct routing instances on the nodes, as per our L3VPN data model.
The following outlines the L3VPN configuration that is applied on mxpe01 after running this playbook:
Ansible@mxpe01> show configuration routing-instances
vpna {
instance-type vrf;
interface ge-0/0/3.10;
route-distinguisher 1:10;
vrf-target target:65400:10;
vrf-table-label;
}
vpnb {
instance-type vrf;
interface ge-0/0/3.20;
route-distinguisher 1:20;
vrf-target target:65400:20;
vrf-table-label;
}