/home/pipi/.local/lib/python3.10/site-packages/paramiko/pkey.py:100: CryptographyDeprecationWarning: TripleDES has been moved to cryptography.hazmat.decrepit.ciphers.algorithms.TripleDES and will be removed from cryptography.hazmat.primitives.ciphers.algorithms in 48.0.0. "cipher": algorithms.TripleDES, /home/pipi/.local/lib/python3.10/site-packages/paramiko/transport.py:259: CryptographyDeprecationWarning: TripleDES has been moved to cryptography.hazmat.decrepit.ciphers.algorithms.TripleDES and will be removed from cryptography.hazmat.primitives.ciphers.algorithms in 48.0.0. "class": algorithms.TripleDES, [WARNING]: Could not match supplied host pattern, ignoring: unprovisioned [WARNING]: Found variable using reserved name: hosts PLAY [Deploy initial device configuration] ************************************* TASK [Set variables that cannot be set with VARS] ****************************** ok: [h1] ok: [h2] ok: [h3] ok: [h4] ok: [s1] TASK [Find device readiness script] ******************************************** ok: [h1] ok: [h2] ok: [h3] ok: [h4] ok: [s1] TASK [Wait for device to become ready] ***************************************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] skipping: [s1] TASK [Normalize config on bridge-like devices] ********************************* included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for h1, h2, h3, h4, s1 TASK [Figure out whether to deploy the module normalize on current device] ***** ok: [h1] ok: [h2] ok: [h3] ok: [h4] ok: [s1] TASK [Find configuration template for normalize] ******************************* ok: [h1] ok: [h2] ok: [h3] ok: [h4] ok: [s1] TASK [fail] ******************************************************************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] skipping: [s1] TASK [Find configuration deployment deploy_script for normalize] *************** ok: [h1] ok: [h2] ok: [h3] ok: [h4] ok: [s1] TASK [Print deployed configuration when running in verbose mode] *************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] skipping: [s1] TASK [Deploy normalize configuration] ****************************************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] skipping: [s1] TASK [Deploy initial configuration] ******************************************** included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for h1, h2, h3, h4, s1 TASK [Figure out whether to deploy the module initial on current device] ******* ok: [h1] ok: [h2] ok: [h3] ok: [h4] ok: [s1] TASK [Find configuration template for initial] ********************************* ok: [h1] ok: [h2] ok: [h3] ok: [h4] ok: [s1] TASK [fail] ******************************************************************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] skipping: [s1] TASK [Find configuration deployment deploy_script for initial] ***************** ok: [h1] ok: [h2] ok: [h3] ok: [h4] ok: [s1] TASK [Print deployed configuration when running in verbose mode] *************** ok: [h1] => msg: |- initial configuration for h1 ========================================= #!/bin/bash # # This script contains the 'ip' commands needed to set up container # interfaces and route table. It's executed within the container # network namespace on the container host. # # /etc/hosts file is generated as a clab bind. # set -e ### One-Shot configuration (non-Ubuntu VM or container) # # Send ARP requests from a sane source IP address sysctl -w net.ipv4.conf.all.arp_announce=2 # # Disable IPv4 and IPv6 forwarding # sysctl -w net.ipv4.ip_forward=0 sysctl -w net.ipv6.conf.all.forwarding=0 # # Interface addressing, create any bond devices # ip link set dev eth1 up set +e ip addr del 172.16.0.1/24 dev eth1 2>/dev/null set -e ip addr add 172.16.0.1/24 dev eth1 sysctl -w net.ipv6.conf.eth1.disable_ipv6=1 ip link set dev eth1 mtu 1500 ok: [h2] => msg: |- initial configuration for h2 ========================================= #!/bin/bash # # This script contains the 'ip' commands needed to set up container # interfaces and route table. It's executed within the container # network namespace on the container host. # # /etc/hosts file is generated as a clab bind. # set -e ### One-Shot configuration (non-Ubuntu VM or container) # # Send ARP requests from a sane source IP address sysctl -w net.ipv4.conf.all.arp_announce=2 # # Disable IPv4 and IPv6 forwarding # sysctl -w net.ipv4.ip_forward=0 sysctl -w net.ipv6.conf.all.forwarding=0 # # Interface addressing, create any bond devices # ip link set dev eth1 up set +e ip addr del 172.16.0.2/24 dev eth1 2>/dev/null set -e ip addr add 172.16.0.2/24 dev eth1 sysctl -w net.ipv6.conf.eth1.disable_ipv6=1 ip link set dev eth1 mtu 1500 ok: [h3] => msg: |- initial configuration for h3 ========================================= #!/bin/bash # # This script contains the 'ip' commands needed to set up container # interfaces and route table. It's executed within the container # network namespace on the container host. # # /etc/hosts file is generated as a clab bind. # set -e ### One-Shot configuration (non-Ubuntu VM or container) # # Send ARP requests from a sane source IP address sysctl -w net.ipv4.conf.all.arp_announce=2 # # Disable IPv4 and IPv6 forwarding # sysctl -w net.ipv4.ip_forward=0 sysctl -w net.ipv6.conf.all.forwarding=0 # # Interface addressing, create any bond devices # ip link set dev eth1 up set +e ip addr del 172.16.1.3/24 dev eth1 2>/dev/null set -e ip addr add 172.16.1.3/24 dev eth1 sysctl -w net.ipv6.conf.eth1.disable_ipv6=1 ip link set dev eth1 mtu 1500 ok: [h4] => msg: |- initial configuration for h4 ========================================= #!/bin/bash # # This script contains the 'ip' commands needed to set up container # interfaces and route table. It's executed within the container # network namespace on the container host. # # /etc/hosts file is generated as a clab bind. # set -e ### One-Shot configuration (non-Ubuntu VM or container) # # Send ARP requests from a sane source IP address sysctl -w net.ipv4.conf.all.arp_announce=2 # # Disable IPv4 and IPv6 forwarding # sysctl -w net.ipv4.ip_forward=0 sysctl -w net.ipv6.conf.all.forwarding=0 # # Interface addressing, create any bond devices # ip link set dev eth1 up set +e ip addr del 172.16.2.4/24 dev eth1 2>/dev/null set -e ip addr add 172.16.2.4/24 dev eth1 sysctl -w net.ipv6.conf.eth1.disable_ipv6=1 ip link set dev eth1 mtu 1500 ok: [s1] => msg: |- initial configuration for s1 ========================================= hostname s1 ! lldp enable ! ! ! ! default mtu 1532 ! interface mgmt1/1/1 no lldp transmit no lldp receive ! interface loopback0 no shutdown ip address 10.0.0.5/32 no ipv6 enable ! interface ethernet1/1/1 no shutdown no switchport description "[Access VLAN red] s1 -> h1" no ipv6 enable ! interface ethernet1/1/2 no shutdown no switchport description "[Access VLAN red] s1 -> h2" no ipv6 enable ! interface ethernet1/1/3 no shutdown no switchport description "[Access VLAN blue] s1 -> h3" no ipv6 enable ! interface ethernet1/1/4 no shutdown no switchport description "[Access VLAN green] s1 -> h4" no ipv6 enable ! interface vlan700 no shutdown description "VLAN red (700) -> [h1\\,h2] [stub]" no ipv6 enable ! interface vlan701 no shutdown description "VLAN blue (701) -> [h3] [stub]" ip address 172.16.1.5/24 no ipv6 enable ! interface vlan702 no shutdown description "VLAN green (702) -> [h4] [stub]" ip address 172.16.2.5/24 no ipv6 enable ! TASK [Deploy initial configuration] ******************************************** included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-config/linux-clab.yml for h1, h2, h3, h4 included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-config/dellos10.yml for s1 TASK [Define script filename and determine whether to execute in netns] ******** ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Create a temporary file for the rendered script] ************************* changed: [h1 -> localhost] changed: [h3 -> localhost] changed: [h2 -> localhost] changed: [h4 -> localhost] TASK [Create container setup script from /home/pipi/net101/tools/netsim/ansible/templates/initial/linux-clab.j2] *** changed: [h2 -> localhost] changed: [h3 -> localhost] changed: [h4 -> localhost] changed: [h1 -> localhost] TASK [Copy script into running container at /tmp/config-h1_initial.sh] ********* skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Execute /tmp/config-h1_initial.sh to deploy initial config based on /home/pipi/net101/tools/netsim/ansible/templates/initial/linux-clab.j2] *** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Container configuration for initial based on /home/pipi/net101/tools/netsim/ansible/templates/initial/linux-clab.j2 executed in netns] *** changed: [h3 -> localhost] changed: [h2 -> localhost] changed: [h1 -> localhost] changed: [h4 -> localhost] TASK [Remove temporary file /tmp/h1_initial-zj1x7zq8.sh] *********************** changed: [h3 -> localhost] changed: [h1 -> localhost] changed: [h4 -> localhost] changed: [h2 -> localhost] TASK [wait_for_connection] ***************************************************** skipping: [s1] TASK [dellos10_config: deploying initial from /home/pipi/net101/tools/netsim/ansible/templates/initial/dellos10.j2, save to startup=yes] *** changed: [s1] PLAY [Deploy module-specific configurations] *********************************** TASK [Set variables that cannot be set with VARS] ****************************** ok: [h1] ok: [h2] ok: [h3] ok: [h4] ok: [s1] TASK [Deploy individual configuration modules] ********************************* included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for h1, h2, h3, h4, s1 => (item=vlan) included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for h1, h2, h3, h4, s1 => (item=routing) TASK [Figure out whether to deploy the module vlan on current device] ********** ok: [h1] ok: [h2] ok: [h3] ok: [h4] ok: [s1] TASK [Find configuration template for vlan] ************************************ skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] ok: [s1] TASK [fail] ******************************************************************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] skipping: [s1] TASK [Find configuration deployment deploy_script for vlan] ******************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] ok: [s1] TASK [Print deployed configuration when running in verbose mode] *************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] ok: [s1] => msg: |- vlan configuration for s1 ========================================= interface vlan 700 description "VLAN red" exit ! interface vlan 701 description "VLAN blue" exit ! interface vlan 702 description "VLAN green" exit ! ! interface ethernet1/1/1 switchport mode access switchport access vlan 700 ! interface ethernet1/1/2 switchport mode access switchport access vlan 700 ! interface ethernet1/1/3 switchport mode access switchport access vlan 701 ! interface ethernet1/1/4 switchport mode access switchport access vlan 702 ! interface vlan700 ! interface vlan701 ! interface vlan702 TASK [Deploy vlan configuration] *********************************************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-config/dellos10.yml for s1 TASK [wait_for_connection] ***************************************************** skipping: [s1] TASK [dellos10_config: deploying vlan from /home/pipi/net101/tools/netsim/ansible/templates/vlan/dellos10.j2, save to startup=yes] *** changed: [s1] TASK [Figure out whether to deploy the module routing on current device] ******* ok: [h1] ok: [h2] ok: [h3] ok: [h4] ok: [s1] TASK [Find configuration template for routing] ********************************* ok: [h1] skipping: [s1] ok: [h2] ok: [h3] ok: [h4] TASK [fail] ******************************************************************** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] skipping: [s1] TASK [Find configuration deployment deploy_script for routing] ***************** skipping: [s1] ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Print deployed configuration when running in verbose mode] *************** skipping: [s1] ok: [h1] => msg: |- routing configuration for h1 ========================================= #!/bin/bash # # Add static routes (usually IPv4 routes pointing to the first usable gateway) # # # # # # # Print the final routing table ip route ok: [h2] => msg: |- routing configuration for h2 ========================================= #!/bin/bash # # Add static routes (usually IPv4 routes pointing to the first usable gateway) # # # # # # # Print the final routing table ip route ok: [h3] => msg: |- routing configuration for h3 ========================================= #!/bin/bash # # Add static routes (usually IPv4 routes pointing to the first usable gateway) # # echo Removing existing IPv4 routes while ip route del 172.16.0.0/16 2>/dev/null; do : ; done while ip route del 10.0.0.0/24 2>/dev/null; do : ; done while ip route del 10.1.0.0/16 2>/dev/null; do : ; done while ip route del 10.2.0.0/24 2>/dev/null; do : ; done # # # echo Adding direct static routes ip route add 172.16.0.0/16 via 172.16.1.5 dev eth1 protocol static ip route add 10.0.0.0/24 via 172.16.1.5 dev eth1 protocol static ip route add 10.1.0.0/16 via 172.16.1.5 dev eth1 protocol static ip route add 10.2.0.0/24 via 172.16.1.5 dev eth1 protocol static # # Print the final routing table ip route ok: [h4] => msg: |- routing configuration for h4 ========================================= #!/bin/bash # # Add static routes (usually IPv4 routes pointing to the first usable gateway) # # echo Removing existing IPv4 routes while ip route del 172.16.0.0/16 2>/dev/null; do : ; done while ip route del 10.0.0.0/24 2>/dev/null; do : ; done while ip route del 10.1.0.0/16 2>/dev/null; do : ; done while ip route del 10.2.0.0/24 2>/dev/null; do : ; done # # # echo Adding direct static routes ip route add 172.16.0.0/16 via 172.16.2.5 dev eth1 protocol static ip route add 10.0.0.0/24 via 172.16.2.5 dev eth1 protocol static ip route add 10.1.0.0/16 via 172.16.2.5 dev eth1 protocol static ip route add 10.2.0.0/24 via 172.16.2.5 dev eth1 protocol static # # Print the final routing table ip route TASK [Deploy routing configuration] ******************************************** skipping: [s1] included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-config/linux-clab.yml for h2, h1, h3, h4 TASK [Define script filename and determine whether to execute in netns] ******** ok: [h1] ok: [h2] ok: [h3] ok: [h4] TASK [Create a temporary file for the rendered script] ************************* changed: [h1 -> localhost] changed: [h2 -> localhost] changed: [h3 -> localhost] changed: [h4 -> localhost] TASK [Create container setup script from /home/pipi/net101/tools/netsim/ansible/templates/routing/linux-clab.j2] *** changed: [h1 -> localhost] changed: [h2 -> localhost] changed: [h3 -> localhost] changed: [h4 -> localhost] TASK [Copy script into running container at /tmp/config-h1_routing.sh] ********* skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Execute /tmp/config-h1_routing.sh to deploy routing config based on /home/pipi/net101/tools/netsim/ansible/templates/routing/linux-clab.j2] *** skipping: [h1] skipping: [h2] skipping: [h3] skipping: [h4] TASK [Container configuration for routing based on /home/pipi/net101/tools/netsim/ansible/templates/routing/linux-clab.j2 executed in netns] *** changed: [h1 -> localhost] changed: [h2 -> localhost] changed: [h3 -> localhost] changed: [h4 -> localhost] TASK [Remove temporary file /tmp/h1_routing-85406gzt.sh] *********************** changed: [h1 -> localhost] changed: [h2 -> localhost] changed: [h4 -> localhost] changed: [h3 -> localhost] PLAY [Deploy custom deployment templates] ************************************** skipping: no hosts matched PLAY RECAP ********************************************************************* h1 : ok=31 changed=8 unreachable=0 failed=0 skipped=15 rescued=0 ignored=0 h2 : ok=31 changed=8 unreachable=0 failed=0 skipped=15 rescued=0 ignored=0 h3 : ok=31 changed=8 unreachable=0 failed=0 skipped=15 rescued=0 ignored=0 h4 : ok=31 changed=8 unreachable=0 failed=0 skipped=15 rescued=0 ignored=0 s1 : ok=23 changed=2 unreachable=0 failed=0 skipped=13 rescued=0 ignored=0 The device under test is a mixed layer-2/layer-3 switch. Red VLAN is a layer-2-only VLAN, the device acts as a L2/L3 switch on all other VLANs h1 and h2 should be able to ping each other, but not h3 or h4 h3 and h4 should be able to ping each other, but not h1 or h2