[WARNING]: Could not match supplied host pattern, ignoring: unprovisioned [WARNING]: Found variable using reserved name: hosts PLAY [Deploy initial device configuration] ************************************* TASK [Set variables that cannot be set with VARS] ****************************** ok: [h1] ok: [s1] ok: [h2] ok: [h3] ok: [h4] ok: [s2] ok: [h5] ok: [h6] TASK [Find device readiness script] ******************************************** ok: [h1] ok: [s1] ok: [h2] ok: [h4] ok: [h3] ok: [s2] ok: [h6] ok: [h5] TASK [Wait for device to become ready] ***************************************** skipping: [s1] skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] skipping: [h5] skipping: [h6] included: /home/pipi/netlab_gh/netsim/ansible/tasks/readiness-check/eos-clab.yml for s2 TASK [Wait for cEOS SSH daemon to start] *************************************** ok: [s2] TASK [Normalize config on bridge-like devices] ********************************* included: /home/pipi/netlab_gh/netsim/ansible/tasks/deploy-module.yml for s1, s2, h1, h2, h3, h4, h5, h6 TASK [Figure out whether to deploy the module normalize on current device] ***** ok: [h1] ok: [h2] ok: [s1] ok: [h3] ok: [h4] ok: [h5] ok: [s2] ok: [h6] TASK [Find configuration template for normalize] ******************************* ok: [h1] ok: [h2] ok: [s1] ok: [h3] ok: [h4] ok: [s2] ok: [h6] ok: [h5] TASK [fail] ******************************************************************** skipping: [s1] skipping: [s2] skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] skipping: [h5] skipping: [h6] TASK [Find configuration deployment deploy_script for normalize] *************** ok: [h1] ok: [h2] ok: [s1] ok: [h3] ok: [s2] ok: [h4] ok: [h6] ok: [h5] TASK [Print deployed configuration when running in verbose mode] *************** skipping: [s1] skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] skipping: [h5] skipping: [h6] ok: [s2] => msg: |- normalize configuration for s2 ========================================= ! interface Ethernet1 shutdown mac-address 52dc.cafe.0801 ! interface Ethernet2 shutdown mac-address 52dc.cafe.0802 ! interface Ethernet3 shutdown mac-address 52dc.cafe.0803 ! interface Ethernet4 shutdown mac-address 52dc.cafe.0804 TASK [Deploy normalize configuration] ****************************************** skipping: [s1] skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] skipping: [h5] skipping: [h6] included: /home/pipi/netlab_gh/netsim/ansible/tasks/deploy-config/eos.yml for s2 TASK [eos_config: deploying normalize from /home/pipi/netlab_gh/netsim/ansible/templates/normalize/eos.j2] *** [WARNING]: To ensure idempotency and correct diff the input configuration lines should be similar to how they appear if present in the running configuration on device including the indentation changed: [s2] TASK [Deploy initial configuration] ******************************************** included: /home/pipi/netlab_gh/netsim/ansible/tasks/deploy-module.yml for s1, s2, h1, h2, h3, h4, h5, h6 TASK [Figure out whether to deploy the module initial on current device] ******* ok: [h1] ok: [h2] ok: [h3] ok: [h4] ok: [h5] ok: [h6] ok: [s1] ok: [s2] TASK [Find configuration template for initial] ********************************* ok: [h1] ok: [h2] ok: [h3] ok: [h5] ok: [h4] ok: [h6] ok: [s1] ok: [s2] TASK [fail] ******************************************************************** skipping: [s1] skipping: [s2] skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] skipping: [h5] skipping: [h6] TASK [Find configuration deployment deploy_script for initial] ***************** ok: [h1] ok: [h2] ok: [h3] ok: [h4] ok: [h5] ok: [h6] ok: [s1] ok: [s2] TASK [Print deployed configuration when running in verbose mode] *************** ok: [h1] => msg: |- initial configuration for h1 ========================================= #!/bin/bash # # This script contains the 'ip' commands needed to set up container # interfaces and route table. It's executed within the container # network namespace on the container host. # # /etc/hosts file is generated as a clab bind. # set -e ### One-Shot configuration (non-Ubuntu VM or container) # # Disable IPv4 and IPv6 forwarding # sysctl -w net.ipv4.ip_forward=0 sysctl -w net.ipv6.conf.all.forwarding=0 # # Interface addressing, create any bond devices # ip link set dev eth1 up set +e ip addr del 172.31.1.1/24 dev eth1 2>/dev/null set -e ip addr add 172.31.1.1/24 dev eth1 ip link set dev eth1 mtu 1500 # # Add static routes (usually IPv4 routes pointing to the first usable gateway) # # # # # Print the final routing table ip route ok: [s1] => msg: |- initial configuration for s1 ========================================= hostname s1 ! lldp ! ! vlan 701 name blue ! vlan 702 name green ! vlan 700 name red ! ! ! interface loopback 0 ip address 10.0.0.7/32 ! interface mgmt no lldp transmit no lldp receive ! interface 1/1/1 shutdown mtu 9198 description s1 -> s2 no shutdown ! interface 1/1/2 shutdown mtu 9198 description [Access VLAN red] s1 -> h1 no shutdown ! interface 1/1/3 shutdown mtu 9198 description [Access VLAN blue] s1 -> h3 no shutdown ! interface 1/1/4 shutdown mtu 9198 description [Access VLAN green] s1 -> h5 no shutdown ! interface vlan700 description VLAN red (700) -> [s2,h1,h2] ! interface vlan701 description VLAN blue (701) -> [h3,s2,h4] ! interface vlan702 description VLAN green (702) -> [h5,h6,s2] ! ! ok: [h2] => msg: |- initial configuration for h2 ========================================= #!/bin/bash # # This script contains the 'ip' commands needed to set up container # interfaces and route table. It's executed within the container # network namespace on the container host. # # /etc/hosts file is generated as a clab bind. # set -e ### One-Shot configuration (non-Ubuntu VM or container) # # Disable IPv4 and IPv6 forwarding # sysctl -w net.ipv4.ip_forward=0 sysctl -w net.ipv6.conf.all.forwarding=0 # # Interface addressing, create any bond devices # ip link set dev eth1 up set +e ip addr del 172.31.1.2/24 dev eth1 2>/dev/null set -e ip addr add 172.31.1.2/24 dev eth1 ip link set dev eth1 mtu 1500 # # Add static routes (usually IPv4 routes pointing to the first usable gateway) # # # # # Print the final routing table ip route ok: [h3] => msg: |- initial configuration for h3 ========================================= #!/bin/bash # # This script contains the 'ip' commands needed to set up container # interfaces and route table. It's executed within the container # network namespace on the container host. # # /etc/hosts file is generated as a clab bind. # set -e ### One-Shot configuration (non-Ubuntu VM or container) # # Disable IPv4 and IPv6 forwarding # sysctl -w net.ipv4.ip_forward=0 sysctl -w net.ipv6.conf.all.forwarding=0 # # Interface addressing, create any bond devices # ip link set dev eth1 up set +e ip addr del 172.31.1.3/24 dev eth1 2>/dev/null set -e ip addr add 172.31.1.3/24 dev eth1 ip link set dev eth1 mtu 1500 # # Add static routes (usually IPv4 routes pointing to the first usable gateway) # # # # # Print the final routing table ip route ok: [h4] => msg: |- initial configuration for h4 ========================================= #!/bin/bash # # This script contains the 'ip' commands needed to set up container # interfaces and route table. It's executed within the container # network namespace on the container host. # # /etc/hosts file is generated as a clab bind. # set -e ### One-Shot configuration (non-Ubuntu VM or container) # # Disable IPv4 and IPv6 forwarding # sysctl -w net.ipv4.ip_forward=0 sysctl -w net.ipv6.conf.all.forwarding=0 # # Interface addressing, create any bond devices # ip link set dev eth1 up set +e ip addr del 172.31.1.4/24 dev eth1 2>/dev/null set -e ip addr add 172.31.1.4/24 dev eth1 ip link set dev eth1 mtu 1500 # # Add static routes (usually IPv4 routes pointing to the first usable gateway) # # # # # Print the final routing table ip route ok: [h6] => msg: |- initial configuration for h6 ========================================= #!/bin/bash # # This script contains the 'ip' commands needed to set up container # interfaces and route table. It's executed within the container # network namespace on the container host. # # /etc/hosts file is generated as a clab bind. # set -e ### One-Shot configuration (non-Ubuntu VM or container) # # Disable IPv4 and IPv6 forwarding # sysctl -w net.ipv4.ip_forward=0 sysctl -w net.ipv6.conf.all.forwarding=0 # # Interface addressing, create any bond devices # ip link set dev eth1 up set +e ip addr del 172.31.1.6/24 dev eth1 2>/dev/null set -e ip addr add 172.31.1.6/24 dev eth1 ip link set dev eth1 mtu 1500 # # Add static routes (usually IPv4 routes pointing to the first usable gateway) # # # # # Print the final routing table ip route ok: [h5] => msg: |- initial configuration for h5 ========================================= #!/bin/bash # # This script contains the 'ip' commands needed to set up container # interfaces and route table. It's executed within the container # network namespace on the container host. # # /etc/hosts file is generated as a clab bind. # set -e ### One-Shot configuration (non-Ubuntu VM or container) # # Disable IPv4 and IPv6 forwarding # sysctl -w net.ipv4.ip_forward=0 sysctl -w net.ipv6.conf.all.forwarding=0 # # Interface addressing, create any bond devices # ip link set dev eth1 up set +e ip addr del 172.31.1.5/24 dev eth1 2>/dev/null set -e ip addr add 172.31.1.5/24 dev eth1 ip link set dev eth1 mtu 1500 # # Add static routes (usually IPv4 routes pointing to the first usable gateway) # # # # # Print the final routing table ip route ok: [s2] => msg: |- initial configuration for s2 ========================================= hostname s2 ! logging monitor debugging aaa authorization exec default local ! lldp run ip routing ! ! ip host h1 172.31.1.1 ip host h2 172.31.1.2 ip host h3 172.31.1.3 ip host h4 172.31.1.4 ip host h5 172.31.1.5 ip host h6 172.31.1.6 ip host s1 10.0.0.7 ! interface Management0 no lldp transmit no lldp receive ! interface Loopback0 ip address 10.0.0.8/32 ! interface Ethernet1 no switchport description s2 -> s1 ! mac-address 52dc.cafe.0801 no shutdown ! interface Ethernet2 no switchport description [Access VLAN red] s2 -> h2 ! mac-address 52dc.cafe.0802 no shutdown ! interface Ethernet3 no switchport description [Access VLAN blue] s2 -> h4 ! mac-address 52dc.cafe.0803 no shutdown ! interface Ethernet4 no switchport description [Access VLAN green] s2 -> h6 ! mac-address 52dc.cafe.0804 no shutdown ! interface Vlan700 description VLAN red (700) -> [s1,h1,h2] ! interface Vlan701 description VLAN blue (701) -> [h3,s1,h4] ! interface Vlan702 description VLAN green (702) -> [h5,s1,h6] ! TASK [Deploy initial configuration] ******************************************** included: /home/pipi/netlab_gh/netsim/ansible/tasks/deploy-config/arubacx.yml for s1 included: /home/pipi/netlab_gh/netsim/ansible/tasks/deploy-config/eos.yml for s2 included: /home/pipi/netlab_gh/netsim/ansible/tasks/deploy-config/linux-clab.yml for h1, h2, h3, h4, h5, h6 TASK [tempfile] **************************************************************** changed: [s1 -> localhost] TASK [template] **************************************************************** changed: [s1 -> localhost] TASK [aoscx_config: deploying initial from /home/pipi/netlab_gh/netsim/ansible/templates/initial/arubacx.j2] *** changed: [s1] TASK [file] ******************************************************************** changed: [s1 -> localhost] TASK [eos_config: deploying initial from /home/pipi/netlab_gh/netsim/ansible/templates/initial/eos.j2] *** changed: [s2] TASK [Define script filename and determine whether to execute in netns] ******** ok: [h1] ok: [h2] ok: [h3] ok: [h4] ok: [h5] ok: [h6] TASK [Create a temporary file for the rendered script] ************************* changed: [h1 -> localhost] changed: [h2 -> localhost] changed: [h3 -> localhost] changed: [h4 -> localhost] changed: [h5 -> localhost] changed: [h6 -> localhost] TASK [Create container setup script from /home/pipi/netlab_gh/netsim/ansible/templates/initial/linux-clab.j2] *** changed: [h3 -> localhost] changed: [h4 -> localhost] changed: [h6 -> localhost] changed: [h1 -> localhost] changed: [h2 -> localhost] changed: [h5 -> localhost] TASK [Copy script into running container at /tmp/config-h1_initial.sh] ********* skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] skipping: [h5] skipping: [h6] TASK [Execute /tmp/config-h1_initial.sh to deploy initial config based on /home/pipi/netlab_gh/netsim/ansible/templates/initial/linux-clab.j2] *** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] skipping: [h5] skipping: [h6] TASK [Container configuration for initial based on /home/pipi/netlab_gh/netsim/ansible/templates/initial/linux-clab.j2 executed in netns] *** changed: [h5 -> localhost] changed: [h1 -> localhost] changed: [h3 -> localhost] changed: [h6 -> localhost] changed: [h4 -> localhost] changed: [h2 -> localhost] TASK [Remove temporary file /tmp/h1_initial-rmvsn9tj.sh] *********************** changed: [h2 -> localhost] changed: [h3 -> localhost] changed: [h5 -> localhost] changed: [h6 -> localhost] changed: [h1 -> localhost] changed: [h4 -> localhost] PLAY [Deploy module-specific configurations] *********************************** TASK [Set variables that cannot be set with VARS] ****************************** ok: [s1] ok: [s2] TASK [Deploy individual configuration modules] ********************************* included: /home/pipi/netlab_gh/netsim/ansible/tasks/deploy-module.yml for s1, s2 => (item=vlan) TASK [Figure out whether to deploy the module vlan on current device] ********** ok: [s1] ok: [s2] TASK [Find configuration template for vlan] ************************************ ok: [s1] ok: [s2] TASK [fail] ******************************************************************** skipping: [s1] skipping: [s2] TASK [Find configuration deployment deploy_script for vlan] ******************** ok: [s1] ok: [s2] TASK [Print deployed configuration when running in verbose mode] *************** ok: [s1] => msg: |- vlan configuration for s1 ========================================= ! ! interface 1/1/1 no routing vlan trunk allow 700,701 vlan trunk native 700 ! interface 1/1/2 no routing vlan access 700 ! interface 1/1/3 no routing vlan access 701 ! interface 1/1/4 no routing vlan access 702 ! interface vlan700 ! interface vlan701 ! interface vlan702 ok: [s2] => msg: |- vlan configuration for s2 ========================================= vlan 701 name blue ! vlan 702 name green ! vlan 700 name red ! ! interface Ethernet1 switchport switchport mode trunk switchport trunk allowed vlan 700,701,702 switchport trunk native vlan 700 ! interface Ethernet2 switchport switchport access vlan 700 ! interface Ethernet3 switchport switchport access vlan 701 ! interface Ethernet4 switchport switchport access vlan 702 ! interface Vlan700 ! interface Vlan701 ! interface Vlan702 TASK [Deploy vlan configuration] *********************************************** included: /home/pipi/netlab_gh/netsim/ansible/tasks/deploy-config/arubacx.yml for s1 included: /home/pipi/netlab_gh/netsim/ansible/tasks/deploy-config/eos.yml for s2 TASK [tempfile] **************************************************************** changed: [s1 -> localhost] TASK [template] **************************************************************** changed: [s1 -> localhost] TASK [aoscx_config: deploying vlan from /home/pipi/netlab_gh/netsim/ansible/templates/vlan/arubacx.j2] *** changed: [s1] TASK [file] ******************************************************************** changed: [s1 -> localhost] TASK [eos_config: deploying vlan from /home/pipi/netlab_gh/netsim/ansible/templates/vlan/eos.j2] *** changed: [s2] PLAY [Deploy custom deployment templates] ************************************** skipping: no hosts matched PLAY RECAP ********************************************************************* h1 : ok=17 changed=4 unreachable=0 failed=0 skipped=7 rescued=0 ignored=0 h2 : ok=17 changed=4 unreachable=0 failed=0 skipped=7 rescued=0 ignored=0 h3 : ok=17 changed=4 unreachable=0 failed=0 skipped=7 rescued=0 ignored=0 h4 : ok=17 changed=4 unreachable=0 failed=0 skipped=7 rescued=0 ignored=0 h5 : ok=17 changed=4 unreachable=0 failed=0 skipped=7 rescued=0 ignored=0 h6 : ok=17 changed=4 unreachable=0 failed=0 skipped=7 rescued=0 ignored=0 s1 : ok=27 changed=8 unreachable=0 failed=0 skipped=6 rescued=0 ignored=0 s2 : ok=26 changed=3 unreachable=0 failed=0 skipped=3 rescued=0 ignored=0 The devices under test are simple bridges with a VLAN trunk between them. One of the trunk members is a native VLAN. Both VLANs are using the same IP prefix to identify potential inter-VLAN leaking. * h1 and h2 should be able to ping each other * h3 and h4 should be able to ping each other * h1 should not be able to reach h3 * h5 should not be able to reach h6 Please note it might take a while for the lab to work due to STP learning phase