Creating Device configuration snippets [CREATED] h1: initial,routing [CREATED] h2: initial,routing [CREATED] h3: initial,routing [CREATED] h4: initial,routing [CREATED] h5: initial,routing [CREATED] h6: initial,routing [CREATED] s1: initial,vlan [CREATED] s2: normalize,initial,vlan Checking Are lab devices ready to be configured? [INFO] Checking SSH server(s) on s2 Config Deploying device configurations [INFO] Executing initial configuration for node h1 (namespace clab- ml-85-h1) [INFO] Executing initial configuration for node h2 (namespace clab- ml-85-h2) [INFO] Executing initial configuration for node h3 (namespace clab- ml-85-h3) [INFO] Executing initial configuration for node h4 (namespace clab- ml-85-h4) [INFO] Executing initial configuration for node h5 (namespace clab- ml-85-h5) [INFO] Executing initial configuration for node h6 (namespace clab- ml-85-h6) [INFO] Executing normalize configuration for node s2 [INFO] Executing routing configuration for node h1 (namespace clab- ml-85-h1) [INFO] Executing routing configuration for node h3 (namespace clab- ml-85-h3) [INFO] Executing routing configuration for node h4 (namespace clab- ml-85-h4) [INFO] Executing routing configuration for node h2 (namespace clab- ml-85-h2) [INFO] Executing routing configuration for node h6 (namespace clab- ml-85-h6) [INFO] Executing routing configuration for node h5 (namespace clab- ml-85-h5) [INFO] Executing initial configuration for node s2 [INFO] Executing vlan configuration for node s2 [INFO] Starting Ansible playbook to deploy the rest of the configurations [WARNING]: Found variable using reserved name: hosts PLAY [Deploy initial device configuration] ************************************* TASK [Set variables that cannot be set with VARS] ****************************** ok: [s1] TASK [Normalize config on bridge-like devices] ********************************* included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for s1 TASK [Figure out whether to deploy the module normalize on current device] ***** ok: [s1] TASK [Find configuration template for normalize] ******************************* ok: [s1] TASK [fail] ******************************************************************** skipping: [s1] TASK [Find configuration deployment deploy_script for normalize] *************** ok: [s1] TASK [Print deployed configuration when running in verbose mode] *************** skipping: [s1] TASK [Deploy normalize configuration] ****************************************** skipping: [s1] TASK [Deploy initial configuration] ******************************************** included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for s1 TASK [Figure out whether to deploy the module initial on current device] ******* ok: [s1] TASK [Find configuration template for initial] ********************************* ok: [s1] TASK [fail] ******************************************************************** skipping: [s1] TASK [Find configuration deployment deploy_script for initial] ***************** ok: [s1] TASK [Print deployed configuration when running in verbose mode] *************** ok: [s1] => { "msg": "initial configuration for s1\n=========================================\n\n/system identity set name=\"s1\"\n\n/interface bridge add name=loopback protocol-mode=none\n\n\n/ip address add interface=loopback address=10.0.0.7/32\n\n\n/interface/bridge/add name=switch vlan-filtering=yes comment=\"Global Switch Bridge\"\n\n/interface/vlan/add name=vlan700 vlan-id=700 interface=switch\n/interface/vlan/add name=vlan701 vlan-id=701 interface=switch\n/interface/vlan/add name=vlan702 vlan-id=702 interface=switch\n\n\n\n\n\n/interface ethernet set comment=\"s1 -> s2\" ether2\n\n\n\n/interface ethernet set comment=\"[Access VLAN red] s1 -> h1\" ether3\n\n\n\n/interface ethernet set comment=\"[Access VLAN blue] s1 -> h3\" ether4\n\n\n\n/interface ethernet set comment=\"[Access VLAN green] s1 -> h5\" ether5\n\n\n\n/interface vlan set comment=\"VLAN red (700) -> [h1,h2,s2]\" vlan700\n\n\n\n/interface vlan set comment=\"VLAN blue (701) -> [h3,h4,s2]\" vlan701\n\n\n\n/interface vlan set comment=\"VLAN green (702) -> [h5,h6,s2]\" vlan702\n\n\n\n/ip neighbor discovery-settings set discover-interface-list=all\n" } TASK [Deploy initial configuration] ******************************************** included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-config/routeros7.yml for s1 TASK [load initial from /work/netlab_cicd/other_vm/node_files/s1/initial] ****** ok: [s1] TASK [Run commands on CHR] ***************************************************** changed: [s1] PLAY [Deploy module-specific configurations] *********************************** TASK [Set variables that cannot be set with VARS] ****************************** ok: [s1] TASK [Deploy individual configuration modules] ********************************* included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for s1 => (item=vlan) included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for s1 => (item=routing) TASK [Figure out whether to deploy the module vlan on current device] ********** ok: [s1] TASK [Find configuration template for vlan] ************************************ ok: [s1] TASK [fail] ******************************************************************** skipping: [s1] TASK [Find configuration deployment deploy_script for vlan] ******************** ok: [s1] TASK [Print deployed configuration when running in verbose mode] *************** ok: [s1] => { "msg": "vlan configuration for s1\n=========================================\n\n\n/interface/bridge/vlan add bridge=switch vlan-ids=700 tagged=switch\n/interface/bridge/vlan add bridge=switch vlan-ids=701 tagged=switch\n/interface/bridge/vlan add bridge=switch vlan-ids=702 tagged=switch\n\n\n/interface/bridge/port add bridge=switch interface=ether2 pvid=700\n\n/interface/bridge/vlan set untagged=([get value-name=untagged [find vlan-ids=700]],\"ether2\") [find vlan-ids=700]\n\n\n/interface/bridge/vlan set tagged=([get value-name=tagged [find vlan-ids=700]],\"ether2\") [find vlan-ids=700]\n/interface/bridge/vlan set tagged=([get value-name=tagged [find vlan-ids=701]],\"ether2\") [find vlan-ids=701]\n\n\n/interface/bridge/port add bridge=switch interface=ether3 pvid=700\n\n/interface/bridge/vlan set untagged=([get value-name=untagged [find vlan-ids=700]],\"ether3\") [find vlan-ids=700]\n\n\n\n\n/interface/bridge/port add bridge=switch interface=ether4 pvid=701\n\n/interface/bridge/vlan set untagged=([get value-name=untagged [find vlan-ids=701]],\"ether4\") [find vlan-ids=701]\n\n\n\n\n/interface/bridge/port add bridge=switch interface=ether5 pvid=702\n\n/interface/bridge/vlan set untagged=([get value-name=untagged [find vlan-ids=702]],\"ether5\") [find vlan-ids=702]\n\n\n\n" } TASK [Deploy vlan configuration] *********************************************** included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-config/routeros7.yml for s1 TASK [load vlan from /work/netlab_cicd/other_vm/node_files/s1/vlan] ************ ok: [s1] TASK [Run commands on CHR] ***************************************************** changed: [s1] TASK [Figure out whether to deploy the module routing on current device] ******* ok: [s1] TASK [Find configuration template for routing] ********************************* skipping: [s1] TASK [fail] ******************************************************************** skipping: [s1] TASK [Find configuration deployment deploy_script for routing] ***************** skipping: [s1] TASK [Print deployed configuration when running in verbose mode] *************** skipping: [s1] TASK [Deploy routing configuration] ******************************************** skipping: [s1] PLAY [Deploy custom deployment templates] ************************************** skipping: no hosts matched PLAY RECAP ********************************************************************* s1 : ok=24 changed=2 unreachable=0 failed=0 skipped=10 rescued=0 ignored=0 Results of configuration script deployments ================================================================================ h1 Script: initial,routing h2 Script: initial,routing h3 Script: initial,routing h4 Script: initial,routing h5 Script: initial,routing h6 Script: initial,routing s2 Script: normalize,initial,vlan The devices under test are simple bridges with a VLAN trunk between them. One of the trunk members is a native VLAN. Both VLANs are using the same IP prefix to identify potential inter-VLAN leaking. * h1 and h2 should be able to ping each other * h3 and h4 should be able to ping each other * h1 should not be able to reach h3 * h5 should not be able to reach h6 Please note it might take a while for the lab to work due to STP learning phase