Skip to content

AlchemiistCreative/mpls-l3vpn-ansible-lab

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
docs
docs
 
 
group_vars
group_vars
 
 
host_vars
host_vars
 
 
inventories
inventories
 
 
roles
roles
 
 
README.md
README.md
 
 
ansible.cfg
ansible.cfg
 
 
playbook.yml
playbook.yml
 
 
reset.yml
reset.yml
 
 

Repository files navigation

EVE-NG MPLS L3VPN with VyOS & Ansible

This project sets up a complete MPLS backbone with VRF isolation for each customer, using VyOS and Ansible.
The configuration is fully generated from an inventory and a clients variable.

Network Schema

MPLS Lab Schema

IP Plan

MPLS Backbone

Device Interface IP / Mask Description
PE1 lo0 1.1.1.1/32 BGP Router-ID
PE2 lo0 2.2.2.2/32 BGP Router-ID
PE-HOUSING lo0 4.4.4.4/32 BGP Router-ID
P-CORE lo0 3.3.3.3/32 OSPF Router-ID
PE1 ↔ P-CORE eth0 / eth0 10.0.0.1/30 - 10.0.0.2/30 MPLS + OSPF
PE2 ↔ P-CORE eth0 / eth1 10.0.0.5/30 - 10.0.0.6/30 MPLS + OSPF
PE-HOUSING ↔ P-CORE eth1 / eth2 10.0.0.9/30 - 10.0.0.10/30 MPLS + OSPF

PE ↔ CPE Interconnections

Example CLIENT1

Link VLAN PE Interface PE IP CPE IP CPE AS
PE1 ↔ CPE1 - eth1 10.1.10.2/30 10.1.10.1 65100
PE2 ↔ CPE2 - eth1 10.1.11.2/30 10.1.11.1 65100

🌐 Internet Access for Clients

If a client has internet: true in clients.yml:

  • PE1 creates a VIF on eth5 with VLAN 1[id_client]0 → IP 10.100.[id_client].2/30
  • PE2 creates a VIF on eth5 with VLAN 1[id_client]1 → IP 10.101.[id_client].2/30
  • A default route is added in the client’s VRF pointing to the firewall.

Housing Services

The housing feature allows multiple clients to host services in a shared datacenter environment.
When a client has housing: true in the clients variable:

  • A dedicated VLAN is configured in PE-HOUSING.

This provides datacenter-hosted services with full MPLS VRF isolation.

clients Variable Structure

Defined in group_vars/all.yml:

clients:
  - name: CLIENT1
    rd: 100:1
    rt: 100:1
    internet: true
    housing: true
    housing_vlan: 110
    sites:
      - site: Site1
        pe_interfaces:
          pe1:
            interface: eth1
            pe_ip: 10.1.10.2/30
            cpe_ip: 10.1.10.1
            cpe_as: 65100
          pe2:
            interface: eth1
            pe_ip: 10.1.11.2/30
            cpe_ip: 10.1.11.1
            cpe_as: 65100
        lans:
          - 10.1.10.0/24
          - 10.1.11.0/24
      - site: Site2
        pe_interfaces:
          pe1:
            interface: eth2
            pe_ip: 10.1.12.2/30
            cpe_ip: 10.1.12.1
            cpe_as: 65100
          pe2:
            interface: eth2
            pe_ip: 10.1.13.2/30
            cpe_ip: 10.1.13.1
            cpe_as: 65100
        lans:
          - 10.1.12.0/24
          - 10.1.13.0/24

  - name: CLIENT2
    rd: 200:1
    rt: 200:1
    internet: true
    housing: false
    sites:
      - site: Site1
        pe_interfaces:
          pe1:
            interface: eth3
            pe_ip: 10.1.20.2/30
            cpe_ip: 10.1.20.1
            cpe_as: 65200
          pe2:
            interface: eth3
            pe_ip: 10.1.21.2/30
            cpe_ip: 10.1.21.1
            cpe_as: 65200
        lans:
          - 10.1.20.0/24
          - 10.1.21.0/24

About

EVE-NG - MPLS L3VPN Ansible LAB

Resources

Readme
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages