diff --git a/ansible_collections/arista/avd/docs/porting-guides/5.x.x.md b/ansible_collections/arista/avd/docs/porting-guides/5.x.x.md
index f8c86189d9e..c82ba9a0a6b 100644
--- a/ansible_collections/arista/avd/docs/porting-guides/5.x.x.md
+++ b/ansible_collections/arista/avd/docs/porting-guides/5.x.x.md
@@ -315,6 +315,15 @@ The description can be reverted manually if needed:
+mgmt_interface_description: "oob_management"
```
+### `wan_mode: autovpn` renamed `wan_mode: legacy-autovpn`
+
+With AVD version 5.0.0 the valid values for `wan_mode` key have changed. If using the `autovpn` mode in AVD 4.x, the `wan_mode` key needs to be updated to `legacy-autovpn`.
+
+```diff
+- wan_mode: autovpn
++ wan_mode: legacy-autovpn
+```
+
### custom_structured_configuration_prefix no longer accepts a string
Starting AVD 5.0.0, `custom_structured_configuration_prefix` only accepts a list of strings.
diff --git a/ansible_collections/arista/avd/docs/release-notes/5.x.x.md b/ansible_collections/arista/avd/docs/release-notes/5.x.x.md
index df27ee0a46d..3716166b920 100644
--- a/ansible_collections/arista/avd/docs/release-notes/5.x.x.md
+++ b/ansible_collections/arista/avd/docs/release-notes/5.x.x.md
@@ -190,6 +190,12 @@ The updated version gives more flexibility to customizing interface descriptions
See the [Porting guide for AVD 5.x.x](../porting-guides/5.x.x.md#avdinterfacedescriptions-breaking-changes)
+#### `wan_mode: autovpn` renamed `wan_mode: legacy-autovpn`
+
+With AVD version 5.0.0 the valid values for `wan_mode` key are now `legacy-autovpn | cv-pathfinder`.
+
+See the [porting guide](../porting-guides/5.x.x.md#wan-mode-autovpn-renamed-wan-mode-legacy-vpn) for details.
+
### Other breaking or behavioral changes
Breaking changes may require modifications to the inventory or playbook. See the [Porting guide for AVD 5.x.x](../porting-guides/5.x.x.md)
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_negative_unit_tests/inventory/host_vars/invalid-wan-role-overlay-routing-protocol.yml b/ansible_collections/arista/avd/molecule/eos_designs_negative_unit_tests/inventory/host_vars/invalid-wan-role-overlay-routing-protocol.yml
index 26f78e6f2ce..12c81ec9a84 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_negative_unit_tests/inventory/host_vars/invalid-wan-role-overlay-routing-protocol.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_negative_unit_tests/inventory/host_vars/invalid-wan-role-overlay-routing-protocol.yml
@@ -1,5 +1,5 @@
---
-wan_mode: autovpn
+wan_mode: legacy-autovpn
type: wan_router
fabric_name: FABRIC_WAN_ROLE_OVERLAY_ROUTING_PROTOCOL
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_negative_unit_tests/inventory/host_vars/ipv4-acl-in-missing-on-wan-interface.yml b/ansible_collections/arista/avd/molecule/eos_designs_negative_unit_tests/inventory/host_vars/ipv4-acl-in-missing-on-wan-interface.yml
index 0c2656b2281..f538738b46c 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_negative_unit_tests/inventory/host_vars/ipv4-acl-in-missing-on-wan-interface.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_negative_unit_tests/inventory/host_vars/ipv4-acl-in-missing-on-wan-interface.yml
@@ -1,6 +1,6 @@
---
type: wan_router
-wan_mode: autovpn
+wan_mode: legacy-autovpn
wan_router:
nodes:
- bgp_as: 65000
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-edge-no-default-policy.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/legacy-autovpn-edge-no-default-policy.cfg
similarity index 94%
rename from ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-edge-no-default-policy.cfg
rename to ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/legacy-autovpn-edge-no-default-policy.cfg
index 0cc6abd53e5..16e2a1820df 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-edge-no-default-policy.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/legacy-autovpn-edge-no-default-policy.cfg
@@ -23,7 +23,7 @@ flow tracking hardware
!
service routing protocols model multi-agent
!
-hostname autovpn-edge-no-default-policy
+hostname legacy-autovpn-edge-no-default-policy
!
router path-selection
tcp mss ceiling ipv4 ingress
@@ -32,12 +32,12 @@ router path-selection
ipsec profile AUTOVPN
!
local interface Ethernet1
- stun server-profile INET-autovpn-rr3-Ethernet1
+ stun server-profile INET-legacy-autovpn-rr3-Ethernet1
!
peer dynamic
!
peer static router-ip 2.2.2.2
- name autovpn-rr3
+ name legacy-autovpn-rr3
ipv4 address 10.7.7.7
!
load-balance policy LB-DEFAULT-POLICY-CONTROL-PLANE
@@ -116,7 +116,7 @@ interface Loopback0
ip address 192.168.30.1/32
!
interface Vxlan1
- description autovpn-edge-no-default-policy_VTEP
+ description legacy-autovpn-edge-no-default-policy_VTEP
vxlan source-interface Dps1
vxlan udp-port 4789
vxlan vrf default vni 1
@@ -177,7 +177,7 @@ router bgp 65000
neighbor WAN-OVERLAY-PEERS send-community
neighbor WAN-OVERLAY-PEERS maximum-routes 0
neighbor 2.2.2.2 peer group WAN-OVERLAY-PEERS
- neighbor 2.2.2.2 description autovpn-rr3
+ neighbor 2.2.2.2 description legacy-autovpn-rr3
redistribute connected route-map RM-CONN-2-BGP
!
address-family evpn
@@ -215,7 +215,7 @@ router bgp 65000
!
stun
client
- server-profile INET-autovpn-rr3-Ethernet1
+ server-profile INET-legacy-autovpn-rr3-Ethernet1
ip address 10.7.7.7
ssl profile STUN-DTLS
!
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-edge.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/legacy-autovpn-edge.cfg
similarity index 92%
rename from ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-edge.cfg
rename to ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/legacy-autovpn-edge.cfg
index ebe0cfdcb30..36c6e962ec9 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-edge.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/legacy-autovpn-edge.cfg
@@ -23,7 +23,7 @@ flow tracking hardware
!
service routing protocols model multi-agent
!
-hostname autovpn-edge
+hostname legacy-autovpn-edge
!
router path-selection
tcp mss ceiling ipv4 ingress
@@ -32,16 +32,16 @@ router path-selection
ipsec profile AUTOVPN
!
local interface Ethernet1
- stun server-profile INET-autovpn-rr1-Ethernet1 INET-autovpn-rr2-Ethernet1
+ stun server-profile INET-legacy-autovpn-rr1-Ethernet1 INET-legacy-autovpn-rr2-Ethernet1
!
peer dynamic
!
peer static router-ip 192.168.131.1
- name autovpn-rr1
+ name legacy-autovpn-rr1
ipv4 address 10.7.7.7
!
peer static router-ip 192.168.131.2
- name autovpn-rr2
+ name legacy-autovpn-rr2
ipv4 address 10.8.8.8
!
path-group MPLS id 100
@@ -139,7 +139,7 @@ interface Loopback0
ip address 192.168.30.1/32
!
interface Vxlan1
- description autovpn-edge_VTEP
+ description legacy-autovpn-edge_VTEP
vxlan source-interface Dps1
vxlan udp-port 4789
vxlan vrf default vni 1
@@ -205,9 +205,9 @@ router bgp 65000
neighbor WAN-OVERLAY-PEERS send-community
neighbor WAN-OVERLAY-PEERS maximum-routes 0
neighbor 192.168.131.1 peer group WAN-OVERLAY-PEERS
- neighbor 192.168.131.1 description autovpn-rr1
+ neighbor 192.168.131.1 description legacy-autovpn-rr1
neighbor 192.168.131.2 peer group WAN-OVERLAY-PEERS
- neighbor 192.168.131.2 description autovpn-rr2
+ neighbor 192.168.131.2 description legacy-autovpn-rr2
redistribute connected route-map RM-CONN-2-BGP
!
address-family evpn
@@ -238,9 +238,9 @@ router bgp 65000
!
stun
client
- server-profile INET-autovpn-rr1-Ethernet1
+ server-profile INET-legacy-autovpn-rr1-Ethernet1
ip address 10.7.7.7
- server-profile INET-autovpn-rr2-Ethernet1
+ server-profile INET-legacy-autovpn-rr2-Ethernet1
ip address 10.8.8.8
!
end
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-rr1.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/legacy-autovpn-rr1.cfg
similarity index 97%
rename from ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-rr1.cfg
rename to ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/legacy-autovpn-rr1.cfg
index 933d30515b6..d8c0bde580a 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-rr1.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/legacy-autovpn-rr1.cfg
@@ -23,7 +23,7 @@ flow tracking hardware
!
service routing protocols model multi-agent
!
-hostname autovpn-rr1
+hostname legacy-autovpn-rr1
!
router path-selection
peer dynamic source stun
@@ -35,7 +35,7 @@ router path-selection
local interface Ethernet1
!
peer static router-ip 192.168.131.2
- name autovpn-rr2
+ name legacy-autovpn-rr2
ipv4 address 10.8.8.8
!
path-group LTE id 102
@@ -119,7 +119,7 @@ interface Loopback0
ip address 192.168.31.1/32
!
interface Vxlan1
- description autovpn-rr1_VTEP
+ description legacy-autovpn-rr1_VTEP
vxlan source-interface Dps1
vxlan udp-port 4789
vxlan vrf default vni 1
@@ -187,7 +187,7 @@ router bgp 65000
neighbor WAN-RR-OVERLAY-PEERS send-community
neighbor WAN-RR-OVERLAY-PEERS maximum-routes 0
neighbor 192.168.131.2 peer group WAN-RR-OVERLAY-PEERS
- neighbor 192.168.131.2 description autovpn-rr2
+ neighbor 192.168.131.2 description legacy-autovpn-rr2
redistribute connected route-map RM-CONN-2-BGP
!
address-family evpn
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-rr2.cfg b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/legacy-autovpn-rr2.cfg
similarity index 97%
rename from ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-rr2.cfg
rename to ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/legacy-autovpn-rr2.cfg
index 77a897c870b..f515dbfe5c3 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/autovpn-rr2.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/legacy-autovpn-rr2.cfg
@@ -23,7 +23,7 @@ flow tracking hardware
!
service routing protocols model multi-agent
!
-hostname autovpn-rr2
+hostname legacy-autovpn-rr2
!
router path-selection
peer dynamic source stun
@@ -35,7 +35,7 @@ router path-selection
local interface Ethernet1
!
peer static router-ip 192.168.131.1
- name autovpn-rr1
+ name legacy-autovpn-rr1
ipv4 address 10.7.7.7
!
path-group LTE id 102
@@ -118,7 +118,7 @@ interface Loopback0
ip address 192.168.31.2/32
!
interface Vxlan1
- description autovpn-rr2_VTEP
+ description legacy-autovpn-rr2_VTEP
vxlan source-interface Dps1
vxlan udp-port 4789
vxlan vrf default vni 1
@@ -188,7 +188,7 @@ router bgp 65000
neighbor WAN-RR-OVERLAY-PEERS send-community
neighbor WAN-RR-OVERLAY-PEERS maximum-routes 0
neighbor 192.168.131.1 peer group WAN-RR-OVERLAY-PEERS
- neighbor 192.168.131.1 description autovpn-rr1
+ neighbor 192.168.131.1 description legacy-autovpn-rr1
redistribute connected route-map RM-CONN-2-BGP
!
address-family evpn
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge-no-default-policy.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/legacy-autovpn-edge-no-default-policy.yml
similarity index 95%
rename from ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge-no-default-policy.yml
rename to ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/legacy-autovpn-edge-no-default-policy.yml
index e365cbf138c..33db2865401 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge-no-default-policy.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/legacy-autovpn-edge-no-default-policy.yml
@@ -1,4 +1,4 @@
-hostname: autovpn-edge-no-default-policy
+hostname: legacy-autovpn-edge-no-default-policy
is_deployed: true
router_bgp:
as: '65000'
@@ -49,8 +49,8 @@ router_bgp:
neighbors:
- ip_address: 2.2.2.2
peer_group: WAN-OVERLAY-PEERS
- peer: autovpn-rr3
- description: autovpn-rr3
+ peer: legacy-autovpn-rr3
+ description: legacy-autovpn-rr3
vrfs:
- name: default
rd: 192.168.30.1:1
@@ -216,12 +216,12 @@ router_path_selection:
- name: Ethernet1
stun:
server_profiles:
- - INET-autovpn-rr3-Ethernet1
+ - INET-legacy-autovpn-rr3-Ethernet1
dynamic_peers:
enabled: true
static_peers:
- router_ip: 2.2.2.2
- name: autovpn-rr3
+ name: legacy-autovpn-rr3
ipv4_addresses:
- 10.7.7.7
ipsec_profile: AUTOVPN
@@ -253,7 +253,7 @@ router_path_selection:
stun:
client:
server_profiles:
- - name: INET-autovpn-rr3-Ethernet1
+ - name: INET-legacy-autovpn-rr3-Ethernet1
ip_address: 10.7.7.7
ssl_profile: STUN-DTLS
application_traffic_recognition:
@@ -279,7 +279,7 @@ dps_interfaces:
hardware: FLOW-TRACKER
vxlan_interface:
vxlan1:
- description: autovpn-edge-no-default-policy_VTEP
+ description: legacy-autovpn-edge-no-default-policy_VTEP
vxlan:
udp_port: 4789
source_interface: Dps1
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/legacy-autovpn-edge.yml
similarity index 93%
rename from ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge.yml
rename to ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/legacy-autovpn-edge.yml
index 02ced461ac7..9c334bd2449 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-edge.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/legacy-autovpn-edge.yml
@@ -1,4 +1,4 @@
-hostname: autovpn-edge
+hostname: legacy-autovpn-edge
is_deployed: true
router_bgp:
as: '65000'
@@ -49,12 +49,12 @@ router_bgp:
neighbors:
- ip_address: 192.168.131.1
peer_group: WAN-OVERLAY-PEERS
- peer: autovpn-rr1
- description: autovpn-rr1
+ peer: legacy-autovpn-rr1
+ description: legacy-autovpn-rr1
- ip_address: 192.168.131.2
peer_group: WAN-OVERLAY-PEERS
- peer: autovpn-rr2
- description: autovpn-rr2
+ peer: legacy-autovpn-rr2
+ description: legacy-autovpn-rr2
vrfs:
- name: default
rd: 192.168.30.1:1
@@ -202,17 +202,17 @@ router_path_selection:
- name: Ethernet1
stun:
server_profiles:
- - INET-autovpn-rr1-Ethernet1
- - INET-autovpn-rr2-Ethernet1
+ - INET-legacy-autovpn-rr1-Ethernet1
+ - INET-legacy-autovpn-rr2-Ethernet1
dynamic_peers:
enabled: true
static_peers:
- router_ip: 192.168.131.1
- name: autovpn-rr1
+ name: legacy-autovpn-rr1
ipv4_addresses:
- 10.7.7.7
- router_ip: 192.168.131.2
- name: autovpn-rr2
+ name: legacy-autovpn-rr2
ipv4_addresses:
- 10.8.8.8
ipsec_profile: AUTOVPN
@@ -270,9 +270,9 @@ router_path_selection:
stun:
client:
server_profiles:
- - name: INET-autovpn-rr1-Ethernet1
+ - name: INET-legacy-autovpn-rr1-Ethernet1
ip_address: 10.7.7.7
- - name: INET-autovpn-rr2-Ethernet1
+ - name: INET-legacy-autovpn-rr2-Ethernet1
ip_address: 10.8.8.8
application_traffic_recognition:
application_profiles:
@@ -301,7 +301,7 @@ dps_interfaces:
hardware: FLOW-TRACKER
vxlan_interface:
vxlan1:
- description: autovpn-edge_VTEP
+ description: legacy-autovpn-edge_VTEP
vxlan:
udp_port: 4789
source_interface: Dps1
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr1.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/legacy-autovpn-rr1.yml
similarity index 97%
rename from ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr1.yml
rename to ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/legacy-autovpn-rr1.yml
index 701f3b30fa6..506ced5238f 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr1.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/legacy-autovpn-rr1.yml
@@ -1,4 +1,4 @@
-hostname: autovpn-rr1
+hostname: legacy-autovpn-rr1
is_deployed: true
router_bgp:
as: '65000'
@@ -74,8 +74,8 @@ router_bgp:
neighbors:
- ip_address: 192.168.131.2
peer_group: WAN-RR-OVERLAY-PEERS
- peer: autovpn-rr2
- description: autovpn-rr2
+ peer: legacy-autovpn-rr2
+ description: legacy-autovpn-rr2
vrfs:
- name: default
rd: 192.168.31.1:1
@@ -186,7 +186,7 @@ router_path_selection:
- name: Ethernet1
static_peers:
- router_ip: 192.168.131.2
- name: autovpn-rr2
+ name: legacy-autovpn-rr2
ipv4_addresses:
- 10.8.8.8
ipsec_profile: AUTOVPN
@@ -267,7 +267,7 @@ dps_interfaces:
hardware: FLOW-TRACKER
vxlan_interface:
vxlan1:
- description: autovpn-rr1_VTEP
+ description: legacy-autovpn-rr1_VTEP
vxlan:
udp_port: 4789
source_interface: Dps1
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr2.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/legacy-autovpn-rr2.yml
similarity index 97%
rename from ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr2.yml
rename to ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/legacy-autovpn-rr2.yml
index 66123820bb6..fd5ca92631b 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/autovpn-rr2.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/structured_configs/legacy-autovpn-rr2.yml
@@ -1,4 +1,4 @@
-hostname: autovpn-rr2
+hostname: legacy-autovpn-rr2
is_deployed: true
router_bgp:
as: '65000'
@@ -74,8 +74,8 @@ router_bgp:
neighbors:
- ip_address: 192.168.131.1
peer_group: WAN-RR-OVERLAY-PEERS
- peer: autovpn-rr1
- description: autovpn-rr1
+ peer: legacy-autovpn-rr1
+ description: legacy-autovpn-rr1
vrfs:
- name: default
rd: 192.168.31.2:1
@@ -188,7 +188,7 @@ router_path_selection:
- name: Ethernet1
static_peers:
- router_ip: 192.168.131.1
- name: autovpn-rr1
+ name: legacy-autovpn-rr1
ipv4_addresses:
- 10.7.7.7
ipsec_profile: AUTOVPN
@@ -269,7 +269,7 @@ dps_interfaces:
hardware: FLOW-TRACKER
vxlan_interface:
vxlan1:
- description: autovpn-rr2_VTEP
+ description: legacy-autovpn-rr2_VTEP
vxlan:
udp_port: 4789
source_interface: Dps1
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/AUTOVPN_TESTS.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/LEGACY_AUTOVPN_TESTS.yml
similarity index 93%
rename from ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/AUTOVPN_TESTS.yml
rename to ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/LEGACY_AUTOVPN_TESTS.yml
index 46d42ebde5d..3be354280cf 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/AUTOVPN_TESTS.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/LEGACY_AUTOVPN_TESTS.yml
@@ -1,6 +1,6 @@
---
-# Testing autovpn
-wan_mode: autovpn
+# Testing legacy-autovpn
+wan_mode: legacy-autovpn
# Disabling underlay for tests
underlay_routing_protocol: none
@@ -16,13 +16,13 @@ wan_stun_dtls_disable: true
wan_route_servers:
# Testing having the interface configured with DHCP
- - hostname: autovpn-rr1
+ - hostname: legacy-autovpn-rr1
path_groups:
- name: INET
interfaces:
- name: Ethernet1
public_ip: 10.7.7.7
- - hostname: autovpn-rr2
+ - hostname: legacy-autovpn-rr2
wan_ipsec_profiles:
control_plane:
@@ -34,10 +34,10 @@ wan_ipsec_profiles:
default_node_types:
- node_type: wan_rr
match_hostnames:
- - "autovpn-rr.*"
+ - "legacy-autovpn-rr.*"
- node_type: wan_router
match_hostnames:
- - "autovpn-edge"
+ - "legacy-autovpn-edge"
wan_router:
defaults:
@@ -47,7 +47,7 @@ wan_router:
# TODO find a way to not need this
always_include_vrfs_in_tenants: [TenantA]
nodes:
- - name: autovpn-edge
+ - name: legacy-autovpn-edge
id: 1
l3_interfaces:
- name: Ethernet1
@@ -66,7 +66,7 @@ wan_rr:
vtep_loopback_ipv4_pool: 192.168.131.0/24
data_plane_cpu_allocation_max: 2
nodes:
- - name: autovpn-rr1
+ - name: legacy-autovpn-rr1
id: 1
l3_interfaces:
- name: Ethernet1
@@ -74,7 +74,7 @@ wan_rr:
wan_circuit_id: 777
ip_address: dhcp
dhcp_accept_default_route: true
- - name: autovpn-rr2
+ - name: legacy-autovpn-rr2
id: 2
l3_interfaces:
- name: Ethernet1
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/autovpn-edge-no-default-policy.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/legacy-autovpn-edge-no-default-policy.yml
similarity index 87%
rename from ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/autovpn-edge-no-default-policy.yml
rename to ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/legacy-autovpn-edge-no-default-policy.yml
index 9c0b58220d7..ae12dd4a4bf 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/autovpn-edge-no-default-policy.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/host_vars/legacy-autovpn-edge-no-default-policy.yml
@@ -1,7 +1,7 @@
---
-# Testing autovpn edge with no policy in VRF default to make sure the correct
+# Testing legacy-autovpn edge with no policy in VRF default to make sure the correct
# default policy is auto generated by AVD
-wan_mode: autovpn
+wan_mode: legacy-autovpn
# Disabling underlay for tests
underlay_routing_protocol: none
@@ -14,7 +14,7 @@ bgp_peer_groups:
- 192.168.255.0/24
wan_route_servers:
- - hostname: autovpn-rr3
+ - hostname: legacy-autovpn-rr3
vtep_ip: 2.2.2.2
path_groups:
- name: INET
@@ -32,7 +32,7 @@ wan_ipsec_profiles:
default_node_types:
- node_type: wan_router
match_hostnames:
- - "autovpn-edge.*"
+ - "legacy-autovpn-edge.*"
wan_router:
defaults:
@@ -42,7 +42,7 @@ wan_router:
# TODO find a way to not need this
always_include_vrfs_in_tenants: [TenantA]
nodes:
- - name: autovpn-edge-no-default-policy
+ - name: legacy-autovpn-edge-no-default-policy
id: 1
l3_interfaces:
- name: Ethernet1
diff --git a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml
index 7184e7067dd..9fd45310fdf 100644
--- a/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml
+++ b/ansible_collections/arista/avd/molecule/eos_designs_unit_tests/inventory/hosts.yml
@@ -350,11 +350,11 @@ all:
TEST-MGMT-GATEWAY-IN-NODE-GROUP:
WAN_TESTS:
children:
- AUTOVPN_TESTS:
+ LEGACY_AUTOVPN_TESTS:
hosts:
- autovpn-rr1:
- autovpn-rr2:
- autovpn-edge:
+ legacy-autovpn-rr1:
+ legacy-autovpn-rr2:
+ legacy-autovpn-edge:
CV_PATHFINDER_TESTS:
children:
SITE_HA_ENABLED:
@@ -396,7 +396,7 @@ all:
cv-pathfinder-custom-control-plane-policy-edge-3:
WAN_UNIT_TESTS:
hosts:
- autovpn-edge-no-default-policy:
+ legacy-autovpn-edge-no-default-policy:
cv-pathfinder-edge-no-default-policy:
cv-pathfinder-edge-custom-default-policy:
UPLINK_P2P_VRFS_TESTS:
diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/router-adaptive-virtual-topology.md b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/router-adaptive-virtual-topology.md
index 942430773e8..674b00b1bb1 100644
--- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/router-adaptive-virtual-topology.md
+++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/router-adaptive-virtual-topology.md
@@ -22,7 +22,7 @@
| [ - name](## "router_adaptive_virtual_topology.profiles.[].name") | String | Required, Unique | | | AVT Name. |
| [ load_balance_policy](## "router_adaptive_virtual_topology.profiles.[].load_balance_policy") | String | | | | Name of the load-balance policy. |
| [ internet_exit_policy](## "router_adaptive_virtual_topology.profiles.[].internet_exit_policy") | String | | | | Name of the internet exit policy. |
- | [ policies](## "router_adaptive_virtual_topology.policies") | List, items: Dictionary | | | | A sequence of application profiles mapped to some virtual topologies.
When `wan_mode` is set to `autovpn`, the rules are indexed using 10* in the list. |
+ | [ policies](## "router_adaptive_virtual_topology.policies") | List, items: Dictionary | | | | A sequence of application profiles mapped to some virtual topologies. |
| [ - name](## "router_adaptive_virtual_topology.policies.[].name") | String | Required, Unique | | | Policy name. |
| [ matches](## "router_adaptive_virtual_topology.policies.[].matches") | List, items: Dictionary | | | | |
| [ - application_profile](## "router_adaptive_virtual_topology.policies.[].matches.[].application_profile") | String | | | | Application profile name. |
@@ -70,8 +70,6 @@
internet_exit_policy:
# A sequence of application profiles mapped to some virtual topologies.
- #
- # When `wan_mode` is set to `autovpn`, the rules are indexed using 10* in the list.
policies:
# Policy name.
diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/how-to/wan.md b/ansible_collections/arista/avd/roles/eos_designs/docs/how-to/wan.md
index acf973b506f..0a44e8e918f 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/docs/how-to/wan.md
+++ b/ansible_collections/arista/avd/roles/eos_designs/docs/how-to/wan.md
@@ -106,7 +106,7 @@ The following table list the `eos_designs` top level keys used for WAN and how t
| Key | Must be the same for all the WAN routers | Comment |
| --- | ---------------------------------------- | ------- |
-| `wan_mode` | ✅ | Two possible modes, `autovpn` and `cv-pathfinder` (default). |
+| `wan_mode` | ✅ | Two possible modes, `legacy-autovpn` and `cv-pathfinder` (default). |
| `wan_virtual_topologies` | ✅ | to define the Policies and the VRF to policy mappings. |
| `wan_path_groups` | ✅ | to define the list of path-groups in the network. |
| `wan_carriers` | ✅ | to define the list of carriers in the network, each carrier is assigned to a path-group. |
@@ -134,14 +134,14 @@ Additionally, following keys must be set for the WAN route servers for the conne
AVD supports two design types for WAN:
-- AutoVPN
+- Legacy AutoVPN
- CV Pathfinder
By default the mode is set to `cv-pathfinder` and can be changed using:
```yaml
---
-wan_mode: autovpn | cv-pathfinder # default: cv-pathfinder
+wan_mode: legacy-autovpn | cv-pathfinder # default: cv-pathfinder
```
#### WAN node_types
diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-keys.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-keys.md
index 8013f2e4fcf..c6d1aca5cf2 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-keys.md
+++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-keys.md
@@ -19,7 +19,7 @@
| [ default_overlay_address_families](## "custom_node_type_keys.[].default_overlay_address_families") | List, items: String | | | | Set the default overlay address families.
|
| [ - <str>](## "custom_node_type_keys.[].default_overlay_address_families.[]") | String | | | Value is converted to lower case.
Valid Values:
- evpn
- vpn-ipv4
- vpn-ipv6 | |
| [ default_evpn_encapsulation](## "custom_node_type_keys.[].default_evpn_encapsulation") | String | | | Value is converted to lower case.
Valid Values:
- mpls
- vxlan | Set the default evpn encapsulation.
|
- | [ default_wan_role](## "custom_node_type_keys.[].default_wan_role") | String | | | Valid Values:
- client
- server | Set the default WAN role.
This is used both for AutoVPN and Pathfinder designs.
That means if `wan_mode` root key is set to `autovpn` or `cv-pathfinder`.
`server` indicates that the router is a route-reflector.
Only supported if `overlay_routing_protocol` is set to `ibgp`.
|
+ | [ default_wan_role](## "custom_node_type_keys.[].default_wan_role") | String | | | Valid Values:
- client
- server | Set the default WAN role.
This is used both for AutoVPN and Pathfinder designs.
That means if `wan_mode` root key is set to `legacy-autovpn` or `cv-pathfinder`.
`server` indicates that the router is a route-reflector.
Only supported if `overlay_routing_protocol` is set to `ibgp`.
|
| [ default_flow_tracker_type](## "custom_node_type_keys.[].default_flow_tracker_type") | String | | `sampled` | Valid Values:
- sampled
- hardware | Set the default flow tracker type. |
| [ mlag_support](## "custom_node_type_keys.[].mlag_support") | Boolean | | `False` | | Can this node type support mlag. |
| [ network_services](## "custom_node_type_keys.[].network_services") | Dictionary | | | | Will network services be deployed on this node type. |
@@ -69,7 +69,7 @@
| [ default_overlay_address_families](## "node_type_keys.[].default_overlay_address_families") | List, items: String | | | | Set the default overlay address families.
|
| [ - <str>](## "node_type_keys.[].default_overlay_address_families.[]") | String | | | Value is converted to lower case.
Valid Values:
- evpn
- vpn-ipv4
- vpn-ipv6 | |
| [ default_evpn_encapsulation](## "node_type_keys.[].default_evpn_encapsulation") | String | | | Value is converted to lower case.
Valid Values:
- mpls
- vxlan | Set the default evpn encapsulation.
|
- | [ default_wan_role](## "node_type_keys.[].default_wan_role") | String | | | Valid Values:
- client
- server | Set the default WAN role.
This is used both for AutoVPN and Pathfinder designs.
That means if `wan_mode` root key is set to `autovpn` or `cv-pathfinder`.
`server` indicates that the router is a route-reflector.
Only supported if `overlay_routing_protocol` is set to `ibgp`.
|
+ | [ default_wan_role](## "node_type_keys.[].default_wan_role") | String | | | Valid Values:
- client
- server | Set the default WAN role.
This is used both for AutoVPN and Pathfinder designs.
That means if `wan_mode` root key is set to `legacy-autovpn` or `cv-pathfinder`.
`server` indicates that the router is a route-reflector.
Only supported if `overlay_routing_protocol` is set to `ibgp`.
|
| [ default_flow_tracker_type](## "node_type_keys.[].default_flow_tracker_type") | String | | `sampled` | Valid Values:
- sampled
- hardware | Set the default flow tracker type. |
| [ mlag_support](## "node_type_keys.[].mlag_support") | Boolean | | `False` | | Can this node type support mlag. |
| [ network_services](## "node_type_keys.[].network_services") | Dictionary | | | | Will network services be deployed on this node type. |
@@ -153,7 +153,7 @@
# Set the default WAN role.
#
# This is used both for AutoVPN and Pathfinder designs.
- # That means if `wan_mode` root key is set to `autovpn` or `cv-pathfinder`.
+ # That means if `wan_mode` root key is set to `legacy-autovpn` or `cv-pathfinder`.
# `server` indicates that the router is a route-reflector.
#
# Only supported if `overlay_routing_protocol` is set to `ibgp`.
@@ -333,7 +333,7 @@
# Set the default WAN role.
#
# This is used both for AutoVPN and Pathfinder designs.
- # That means if `wan_mode` root key is set to `autovpn` or `cv-pathfinder`.
+ # That means if `wan_mode` root key is set to `legacy-autovpn` or `cv-pathfinder`.
# `server` indicates that the router is a route-reflector.
#
# Only supported if `overlay_routing_protocol` is set to `ibgp`.
diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-wan-configuration.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-wan-configuration.md
index 27a6d547aad..b396664d70a 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-wan-configuration.md
+++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/node-type-wan-configuration.md
@@ -9,7 +9,7 @@
| -------- | ---- | -------- | ------- | ------------------ | ----------- |
| [<node_type_keys.key>](## "") | Dictionary | | | | |
| [ defaults](## ".defaults") | Dictionary | | | | Define variables for all nodes of this type. |
- | [ wan_role](## ".defaults.wan_role") | String | | | Valid Values:
- client
- server | Override the default WAN role.
This is used both for AutoVPN and Pathfinder designs.
That means if `wan_mode` root key is set to `autovpn` or `cv-pathfinder`.
`server` indicates that the router is a route-reflector.
Only supported if `overlay_routing_protocol` is set to `ibgp`. |
+ | [ wan_role](## ".defaults.wan_role") | String | | | Valid Values:
- client
- server | Override the default WAN role.
This is used both for AutoVPN and Pathfinder designs.
That means if `wan_mode` root key is set to `legacy-autovpn` or `cv-pathfinder`.
`server` indicates that the router is a route-reflector.
Only supported if `overlay_routing_protocol` is set to `ibgp`. |
| [ cv_pathfinder_transit_mode](## ".defaults.cv_pathfinder_transit_mode") | String | | | Valid Values:
- region
- zone | Configure the transit mode for a WAN client for CV Pathfinder designs
only when the `wan_mode` root key is set to `cv_pathfinder`.
'zone' is currently not supported. |
| [ cv_pathfinder_region](## ".defaults.cv_pathfinder_region") | String | | | | The CV Pathfinder region name.
This key is required for WAN routers but optional for pathfinders.
The region name must be defined under 'cv_pathfinder_regions'. |
| [ cv_pathfinder_site](## ".defaults.cv_pathfinder_site") | String | | | | The CV Pathfinder site name.
This key is required for WAN routers but optional for pathfinders.
For WAN routers and pathfinders with `cv_pathfinder_region`, the site name must be defined for the relevant region under 'cv_pathfinder_regions'.
For pathfinders without `cv_pathfinder_region` set, the site must be defined under `cv_pathfinder_global_sites`. |
@@ -29,7 +29,7 @@
| [ - group](## ".node_groups.[].group") | String | Required, Unique | | | The Node Group Name is used for MLAG domain unless set with 'mlag_domain_id'.
The Node Group Name is also used for peer description on downstream switches' uplinks.
|
| [ nodes](## ".node_groups.[].nodes") | List, items: Dictionary | | | | Define variables per node. |
| [ - name](## ".node_groups.[].nodes.[].name") | String | Required, Unique | | | The Node Name is used as "hostname". |
- | [ wan_role](## ".node_groups.[].nodes.[].wan_role") | String | | | Valid Values:
- client
- server | Override the default WAN role.
This is used both for AutoVPN and Pathfinder designs.
That means if `wan_mode` root key is set to `autovpn` or `cv-pathfinder`.
`server` indicates that the router is a route-reflector.
Only supported if `overlay_routing_protocol` is set to `ibgp`. |
+ | [ wan_role](## ".node_groups.[].nodes.[].wan_role") | String | | | Valid Values:
- client
- server | Override the default WAN role.
This is used both for AutoVPN and Pathfinder designs.
That means if `wan_mode` root key is set to `legacy-autovpn` or `cv-pathfinder`.
`server` indicates that the router is a route-reflector.
Only supported if `overlay_routing_protocol` is set to `ibgp`. |
| [ cv_pathfinder_transit_mode](## ".node_groups.[].nodes.[].cv_pathfinder_transit_mode") | String | | | Valid Values:
- region
- zone | Configure the transit mode for a WAN client for CV Pathfinder designs
only when the `wan_mode` root key is set to `cv_pathfinder`.
'zone' is currently not supported. |
| [ cv_pathfinder_region](## ".node_groups.[].nodes.[].cv_pathfinder_region") | String | | | | The CV Pathfinder region name.
This key is required for WAN routers but optional for pathfinders.
The region name must be defined under 'cv_pathfinder_regions'. |
| [ cv_pathfinder_site](## ".node_groups.[].nodes.[].cv_pathfinder_site") | String | | | | The CV Pathfinder site name.
This key is required for WAN routers but optional for pathfinders.
For WAN routers and pathfinders with `cv_pathfinder_region`, the site name must be defined for the relevant region under 'cv_pathfinder_regions'.
For pathfinders without `cv_pathfinder_region` set, the site must be defined under `cv_pathfinder_global_sites`. |
@@ -45,7 +45,7 @@
| [ enabled](## ".node_groups.[].nodes.[].wan_ha.flow_tracking.enabled") | Boolean | | | | |
| [ name](## ".node_groups.[].nodes.[].wan_ha.flow_tracking.name") | String | | | | Flow tracker name as defined in flow_tracking_settings. |
| [ dps_mss_ipv4](## ".node_groups.[].nodes.[].dps_mss_ipv4") | String | | `auto` | | IPv4 MSS value configured under "router path-selection" on WAN Devices. |
- | [ wan_role](## ".node_groups.[].wan_role") | String | | | Valid Values:
- client
- server | Override the default WAN role.
This is used both for AutoVPN and Pathfinder designs.
That means if `wan_mode` root key is set to `autovpn` or `cv-pathfinder`.
`server` indicates that the router is a route-reflector.
Only supported if `overlay_routing_protocol` is set to `ibgp`. |
+ | [ wan_role](## ".node_groups.[].wan_role") | String | | | Valid Values:
- client
- server | Override the default WAN role.
This is used both for AutoVPN and Pathfinder designs.
That means if `wan_mode` root key is set to `legacy-autovpn` or `cv-pathfinder`.
`server` indicates that the router is a route-reflector.
Only supported if `overlay_routing_protocol` is set to `ibgp`. |
| [ cv_pathfinder_transit_mode](## ".node_groups.[].cv_pathfinder_transit_mode") | String | | | Valid Values:
- region
- zone | Configure the transit mode for a WAN client for CV Pathfinder designs
only when the `wan_mode` root key is set to `cv_pathfinder`.
'zone' is currently not supported. |
| [ cv_pathfinder_region](## ".node_groups.[].cv_pathfinder_region") | String | | | | The CV Pathfinder region name.
This key is required for WAN routers but optional for pathfinders.
The region name must be defined under 'cv_pathfinder_regions'. |
| [ cv_pathfinder_site](## ".node_groups.[].cv_pathfinder_site") | String | | | | The CV Pathfinder site name.
This key is required for WAN routers but optional for pathfinders.
For WAN routers and pathfinders with `cv_pathfinder_region`, the site name must be defined for the relevant region under 'cv_pathfinder_regions'.
For pathfinders without `cv_pathfinder_region` set, the site must be defined under `cv_pathfinder_global_sites`. |
@@ -63,7 +63,7 @@
| [ dps_mss_ipv4](## ".node_groups.[].dps_mss_ipv4") | String | | `auto` | | IPv4 MSS value configured under "router path-selection" on WAN Devices. |
| [ nodes](## ".nodes") | List, items: Dictionary | | | | Define variables per node. |
| [ - name](## ".nodes.[].name") | String | Required, Unique | | | The Node Name is used as "hostname". |
- | [ wan_role](## ".nodes.[].wan_role") | String | | | Valid Values:
- client
- server | Override the default WAN role.
This is used both for AutoVPN and Pathfinder designs.
That means if `wan_mode` root key is set to `autovpn` or `cv-pathfinder`.
`server` indicates that the router is a route-reflector.
Only supported if `overlay_routing_protocol` is set to `ibgp`. |
+ | [ wan_role](## ".nodes.[].wan_role") | String | | | Valid Values:
- client
- server | Override the default WAN role.
This is used both for AutoVPN and Pathfinder designs.
That means if `wan_mode` root key is set to `legacy-autovpn` or `cv-pathfinder`.
`server` indicates that the router is a route-reflector.
Only supported if `overlay_routing_protocol` is set to `ibgp`. |
| [ cv_pathfinder_transit_mode](## ".nodes.[].cv_pathfinder_transit_mode") | String | | | Valid Values:
- region
- zone | Configure the transit mode for a WAN client for CV Pathfinder designs
only when the `wan_mode` root key is set to `cv_pathfinder`.
'zone' is currently not supported. |
| [ cv_pathfinder_region](## ".nodes.[].cv_pathfinder_region") | String | | | | The CV Pathfinder region name.
This key is required for WAN routers but optional for pathfinders.
The region name must be defined under 'cv_pathfinder_regions'. |
| [ cv_pathfinder_site](## ".nodes.[].cv_pathfinder_site") | String | | | | The CV Pathfinder site name.
This key is required for WAN routers but optional for pathfinders.
For WAN routers and pathfinders with `cv_pathfinder_region`, the site name must be defined for the relevant region under 'cv_pathfinder_regions'.
For pathfinders without `cv_pathfinder_region` set, the site must be defined under `cv_pathfinder_global_sites`. |
@@ -91,7 +91,7 @@
# Override the default WAN role.
#
# This is used both for AutoVPN and Pathfinder designs.
- # That means if `wan_mode` root key is set to `autovpn` or `cv-pathfinder`.
+ # That means if `wan_mode` root key is set to `legacy-autovpn` or `cv-pathfinder`.
# `server` indicates that the router is a route-reflector.
#
# Only supported if `overlay_routing_protocol` is set to `ibgp`.
@@ -175,7 +175,7 @@
# Override the default WAN role.
#
# This is used both for AutoVPN and Pathfinder designs.
- # That means if `wan_mode` root key is set to `autovpn` or `cv-pathfinder`.
+ # That means if `wan_mode` root key is set to `legacy-autovpn` or `cv-pathfinder`.
# `server` indicates that the router is a route-reflector.
#
# Only supported if `overlay_routing_protocol` is set to `ibgp`.
@@ -246,7 +246,7 @@
# Override the default WAN role.
#
# This is used both for AutoVPN and Pathfinder designs.
- # That means if `wan_mode` root key is set to `autovpn` or `cv-pathfinder`.
+ # That means if `wan_mode` root key is set to `legacy-autovpn` or `cv-pathfinder`.
# `server` indicates that the router is a route-reflector.
#
# Only supported if `overlay_routing_protocol` is set to `ibgp`.
@@ -323,7 +323,7 @@
# Override the default WAN role.
#
# This is used both for AutoVPN and Pathfinder designs.
- # That means if `wan_mode` root key is set to `autovpn` or `cv-pathfinder`.
+ # That means if `wan_mode` root key is set to `legacy-autovpn` or `cv-pathfinder`.
# `server` indicates that the router is a route-reflector.
#
# Only supported if `overlay_routing_protocol` is set to `ibgp`.
diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-route-servers.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-route-servers.md
index cb09c828b5d..c2af8f11f96 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-route-servers.md
+++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-route-servers.md
@@ -7,7 +7,7 @@
| Variable | Type | Required | Default | Value Restrictions | Description |
| -------- | ---- | -------- | ------- | ------------------ | ----------- |
- | [wan_route_servers](## "wan_route_servers") | List, items: Dictionary | | | | List of the AutoVPN RRs when using `wan_mode`=`autovpn`, or the Pathfinders
when using `wan_mode`=`cv-pathfinder`, to which the device should connect to.
This is also used to establish iBGP sessions between WAN route servers.
When the route server is part of the same inventory as the WAN routers,
only the name is required. |
+ | [wan_route_servers](## "wan_route_servers") | List, items: Dictionary | | | | List of the AutoVPN RRs when using `wan_mode: legacy-autovpn`, or the Pathfinders
when using `wan_mode: cv-pathfinder`, to which the device should connect to.
This is also used to establish iBGP sessions between WAN route servers.
When the route server is part of the same inventory as the WAN routers,
only the name is required. |
| [ - hostname](## "wan_route_servers.[].hostname") | String | Required, Unique | | | Route-Reflector hostname. |
| [ vtep_ip](## "wan_route_servers.[].vtep_ip") | String | | | | Route-Reflector VTEP IP Address. This is usually the IP address under `interface Dps1`. |
| [ path_groups](## "wan_route_servers.[].path_groups") | List, items: Dictionary | | | | Path-groups through which the Route Reflector/Pathfinder is reached. |
@@ -19,8 +19,8 @@
=== "YAML"
```yaml
- # List of the AutoVPN RRs when using `wan_mode`=`autovpn`, or the Pathfinders
- # when using `wan_mode`=`cv-pathfinder`, to which the device should connect to.
+ # List of the AutoVPN RRs when using `wan_mode: legacy-autovpn`, or the Pathfinders
+ # when using `wan_mode: cv-pathfinder`, to which the device should connect to.
# This is also used to establish iBGP sessions between WAN route servers.
#
# When the route server is part of the same inventory as the WAN routers,
diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-settings.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-settings.md
index 854b4be0c49..3aaa8d0c344 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-settings.md
+++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-settings.md
@@ -20,7 +20,7 @@
| [ sa_policy_name](## "wan_ipsec_profiles.data_plane.sa_policy_name") | String | | `DP-SA-POLICY` | | Name of the SA policy. |
| [ profile_name](## "wan_ipsec_profiles.data_plane.profile_name") | String | | `DP-PROFILE` | | Name of the IPSec profile. |
| [ shared_key](## "wan_ipsec_profiles.data_plane.shared_key") | String | Required | | | The type 7 encrypted IPSec shared key.
This variable is sensitive and should be configured using some vault mechanism. |
- | [wan_mode](## "wan_mode") | String | | `cv-pathfinder` | Valid Values:
- autovpn
- cv-pathfinder | Select if the WAN should be run using CV Pathfinder or AutoVPN only. |
+ | [wan_mode](## "wan_mode") | String | | `cv-pathfinder` | Valid Values:
- legacy-autovpn
- cv-pathfinder | Select if the WAN should be run using CV Pathfinder or Legacy AutoVPN only. |
| [wan_stun_dtls_disable](## "wan_stun_dtls_disable") | Boolean | | `False` | | WAN STUN connections are authenticated and secured with DTLS by default.
For CV Pathfinder deployments CloudVision will automatically deploy certificates on the devices.
In case of AutoVPN the certificates must be deployed manually to all devices.
For LAB environments this can be disabled, if there are no certificates available.
This should NOT be disabled for a WAN network connected to the internet, since it will leave the STUN service exposed with no authentication. |
| [wan_stun_dtls_profile_name](## "wan_stun_dtls_profile_name") | String | | `STUN-DTLS` | | Name of the SSL profile used for DTLS on WAN STUN connections.
When using automatic ceritficate deployment via CloudVision this name must be the same on all WAN routers. |
@@ -67,8 +67,8 @@
# This variable is sensitive and should be configured using some vault mechanism.
shared_key:
- # Select if the WAN should be run using CV Pathfinder or AutoVPN only.
- wan_mode:
+ # Select if the WAN should be run using CV Pathfinder or Legacy AutoVPN only.
+ wan_mode:
# WAN STUN connections are authenticated and secured with DTLS by default.
# For CV Pathfinder deployments CloudVision will automatically deploy certificates on the devices.
diff --git a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-virtual-topologies.md b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-virtual-topologies.md
index 8cfdbda184d..89023d0012f 100644
--- a/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-virtual-topologies.md
+++ b/ansible_collections/arista/avd/roles/eos_designs/docs/tables/wan-virtual-topologies.md
@@ -28,7 +28,7 @@
| [ preference](## "wan_virtual_topologies.control_plane_virtual_topology.path_groups.[].preference") | String | | | | Valid values are 1-65535 | "preferred" | "alternate".
"preferred" is converted to priority 1.
"alternate" is converted to priority 2.
If not set, each path-group in `names` will be attributed its `default_preference`. |
| [ internet_exit](## "wan_virtual_topologies.control_plane_virtual_topology.internet_exit") | Dictionary | | | | |
| [ policy](## "wan_virtual_topologies.control_plane_virtual_topology.internet_exit.policy") | String | | | | PREVIEW: This key is in preview mode.
Internet-exit policy name associated with this virtual_topology.
The policy must be defined under `cv_pathfinder_internet_exit_policies`. |
- | [ policies](## "wan_virtual_topologies.policies") | List, items: Dictionary | | | | List of virtual toplogies policies.
For AutoVPN, each item in the list creates:
* one policy with:
* one `match` entry per `application_virtual_topologies` item
they are indexed using `10 * ` where `list_index` starts at `1`.
* one `default-match`
* one load-balance policy per `application_virtual_topologies` and one for the `default_virtual_topology`.
* if the policy is associated with the default VRF, a special control-plane rule is injected
in the policy with index `1` referring to a control-plane load-balance policy as defined under
`control_plane_virtual_topology` or if not set, the default one.
For CV Pathfinder, each item in the list creates:
* one policy with:
* one `match` entry per `application_virtual_topologies` item ordered as in the data.
* one last match entry for the `default` application-profile using `default_virtual_topology` information.
* one profile per `application_virtual_topologies` item.
* one profile for the `default_virtual_topology`.
* one load-balance policy per `application_virtual_topologies`.
* one load_balance policy for the `default_virtual_topology`.
* if the policy is associated with the default VRF, a special control-plane profile is configured
and injected first in the policy assigned to the `default` VRF. This profile points to a
control-plane load-balance policy as defined under `control_plane_virtual_topology` or if not set, the default one. |
+ | [ policies](## "wan_virtual_topologies.policies") | List, items: Dictionary | | | | List of virtual toplogies policies.
For Legacy AutoVPN, each item in the list creates:
* one policy with:
* one `match` entry per `application_virtual_topologies` item
they are indexed using `10 * ` where `list_index` starts at `1`.
* one `default-match`
* one load-balance policy per `application_virtual_topologies` and one for the `default_virtual_topology`.
* if the policy is associated with the default VRF, a special control-plane rule is injected
in the policy with index `1` referring to a control-plane load-balance policy as defined under
`control_plane_virtual_topology` or if not set, the default one.
For CV Pathfinder, each item in the list creates:
* one policy with:
* one `match` entry per `application_virtual_topologies` item ordered as in the data.
* one last match entry for the `default` application-profile using `default_virtual_topology` information.
* one profile per `application_virtual_topologies` item.
* one profile for the `default_virtual_topology`.
* one load-balance policy per `application_virtual_topologies`.
* one load_balance policy for the `default_virtual_topology`.
* if the policy is associated with the default VRF, a special control-plane profile is configured
and injected first in the policy assigned to the `default` VRF. This profile points to a
control-plane load-balance policy as defined under `control_plane_virtual_topology` or if not set, the default one. |
| [ - name](## "wan_virtual_topologies.policies.[].name") | String | Required, Unique | | | Name of the AVT policy. |
| [ application_virtual_topologies](## "wan_virtual_topologies.policies.[].application_virtual_topologies") | List, items: Dictionary | | | | List of application specific virtual topologies. |
| [ - application_profile](## "wan_virtual_topologies.policies.[].application_virtual_topologies.[].application_profile") | String | Required, Unique | | | The application profile to use for this virtual topology. It must be a defined `application_classification.application_profile`. |
@@ -154,7 +154,7 @@
# List of virtual toplogies policies.
#
- # For AutoVPN, each item in the list creates:
+ # For Legacy AutoVPN, each item in the list creates:
# * one policy with:
# * one `match` entry per `application_virtual_topologies` item
# they are indexed using `10 * ` where `list_index` starts at `1`.
diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml
index 91cbc4aafdc..e7571fdc2b6 100644
--- a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml
+++ b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml
@@ -11559,11 +11559,7 @@ keys:
policies:
type: list
primary_key: name
- description: 'A sequence of application profiles mapped to some virtual topologies.
-
-
- When `wan_mode` is set to `autovpn`, the rules are indexed using 10*
- in the list.'
+ description: A sequence of application profiles mapped to some virtual topologies.
items:
type: dict
keys:
diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/router_adaptive_virtual_topology.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/router_adaptive_virtual_topology.schema.yml
index 29bc735bf09..52f59aef78b 100644
--- a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/router_adaptive_virtual_topology.schema.yml
+++ b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/router_adaptive_virtual_topology.schema.yml
@@ -82,8 +82,6 @@ keys:
primary_key: name
description: |-
A sequence of application profiles mapped to some virtual topologies.
-
- When `wan_mode` is set to `autovpn`, the rules are indexed using 10* in the list.
items:
type: dict
keys:
diff --git a/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml b/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml
index ad3eb9c32f5..0f3f59fe782 100644
--- a/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml
+++ b/python-avd/pyavd/_eos_designs/schema/eos_designs.schema.yml
@@ -2222,7 +2222,7 @@ keys:
This is used both for AutoVPN and Pathfinder designs.
- That means if `wan_mode` root key is set to `autovpn` or `cv-pathfinder`.
+ That means if `wan_mode` root key is set to `legacy-autovpn` or `cv-pathfinder`.
`server` indicates that the router is a route-reflector.
@@ -4313,11 +4313,12 @@ keys:
wan_mode:
documentation_options:
table: wan-settings
- description: Select if the WAN should be run using CV Pathfinder or AutoVPN only.
+ description: Select if the WAN should be run using CV Pathfinder or Legacy AutoVPN
+ only.
type: str
default: cv-pathfinder
valid_values:
- - autovpn
+ - legacy-autovpn
- cv-pathfinder
wan_path_groups:
documentation_options:
@@ -4417,10 +4418,10 @@ keys:
convert_types:
- str
wan_route_servers:
- description: 'List of the AutoVPN RRs when using `wan_mode`=`autovpn`, or the
- Pathfinders
+ description: 'List of the AutoVPN RRs when using `wan_mode: legacy-autovpn`, or
+ the Pathfinders
- when using `wan_mode`=`cv-pathfinder`, to which the device should connect to.
+ when using `wan_mode: cv-pathfinder`, to which the device should connect to.
This is also used to establish iBGP sessions between WAN route servers.
@@ -4581,10 +4582,10 @@ keys:
or destined to the WAN route servers.'
policies:
type: list
- description: "List of virtual toplogies policies.\n\nFor AutoVPN, each item
- in the list creates:\n * one policy with:\n * one `match` entry per
- `application_virtual_topologies` item\n they are indexed using `10
- * ` where `list_index` starts at `1`.\n * one `default-match`\n
+ description: "List of virtual toplogies policies.\n\nFor Legacy AutoVPN, each
+ item in the list creates:\n * one policy with:\n * one `match` entry
+ per `application_virtual_topologies` item\n they are indexed using
+ `10 * ` where `list_index` starts at `1`.\n * one `default-match`\n
\ * one load-balance policy per `application_virtual_topologies` and one
for the `default_virtual_topology`.\n * if the policy is associated with
the default VRF, a special control-plane rule is injected\n in the policy
@@ -8790,7 +8791,7 @@ $defs:
This is used both for AutoVPN and Pathfinder designs.
- That means if `wan_mode` root key is set to `autovpn` or `cv-pathfinder`.
+ That means if `wan_mode` root key is set to `legacy-autovpn` or `cv-pathfinder`.
`server` indicates that the router is a route-reflector.
diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_node_type.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_node_type.schema.yml
index c2798db8482..c16592d7a63 100644
--- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_node_type.schema.yml
+++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/defs_node_type.schema.yml
@@ -1253,7 +1253,7 @@ $defs:
Override the default WAN role.
This is used both for AutoVPN and Pathfinder designs.
- That means if `wan_mode` root key is set to `autovpn` or `cv-pathfinder`.
+ That means if `wan_mode` root key is set to `legacy-autovpn` or `cv-pathfinder`.
`server` indicates that the router is a route-reflector.
Only supported if `overlay_routing_protocol` is set to `ibgp`.
diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/node_type_keys.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/node_type_keys.schema.yml
index f2771b0ad21..c3fb5c3b9cc 100644
--- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/node_type_keys.schema.yml
+++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/node_type_keys.schema.yml
@@ -119,7 +119,7 @@ keys:
Set the default WAN role.
This is used both for AutoVPN and Pathfinder designs.
- That means if `wan_mode` root key is set to `autovpn` or `cv-pathfinder`.
+ That means if `wan_mode` root key is set to `legacy-autovpn` or `cv-pathfinder`.
`server` indicates that the router is a route-reflector.
Only supported if `overlay_routing_protocol` is set to `ibgp`.
diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/wan_mode.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/wan_mode.schema.yml
index 6da45150462..84c0259456d 100644
--- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/wan_mode.schema.yml
+++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/wan_mode.schema.yml
@@ -9,9 +9,9 @@ keys:
wan_mode:
documentation_options:
table: wan-settings
- description: Select if the WAN should be run using CV Pathfinder or AutoVPN only.
+ description: Select if the WAN should be run using CV Pathfinder or Legacy AutoVPN only.
type: str
default: cv-pathfinder
valid_values:
- - autovpn
+ - legacy-autovpn
- cv-pathfinder
diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/wan_route_servers.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/wan_route_servers.schema.yml
index 13a8d4e85be..04aef5ef5cd 100644
--- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/wan_route_servers.schema.yml
+++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/wan_route_servers.schema.yml
@@ -8,8 +8,8 @@ type: dict
keys:
wan_route_servers:
description: |-
- List of the AutoVPN RRs when using `wan_mode`=`autovpn`, or the Pathfinders
- when using `wan_mode`=`cv-pathfinder`, to which the device should connect to.
+ List of the AutoVPN RRs when using `wan_mode: legacy-autovpn`, or the Pathfinders
+ when using `wan_mode: cv-pathfinder`, to which the device should connect to.
This is also used to establish iBGP sessions between WAN route servers.
When the route server is part of the same inventory as the WAN routers,
diff --git a/python-avd/pyavd/_eos_designs/schema/schema_fragments/wan_virtual_topologies.schema.yml b/python-avd/pyavd/_eos_designs/schema/schema_fragments/wan_virtual_topologies.schema.yml
index eaebab180fc..e11a22833bc 100644
--- a/python-avd/pyavd/_eos_designs/schema/schema_fragments/wan_virtual_topologies.schema.yml
+++ b/python-avd/pyavd/_eos_designs/schema/schema_fragments/wan_virtual_topologies.schema.yml
@@ -84,7 +84,7 @@ keys:
description: |-
List of virtual toplogies policies.
- For AutoVPN, each item in the list creates:
+ For Legacy AutoVPN, each item in the list creates:
* one policy with:
* one `match` entry per `application_virtual_topologies` item
they are indexed using `10 * ` where `list_index` starts at `1`.
diff --git a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_path_selection.py b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_path_selection.py
index 7c08ecdfaea..a4fb65343ec 100644
--- a/python-avd/pyavd/_eos_designs/structured_config/network_services/router_path_selection.py
+++ b/python-avd/pyavd/_eos_designs/structured_config/network_services/router_path_selection.py
@@ -32,13 +32,13 @@ def router_path_selection(self: AvdStructuredConfigNetworkServices) -> dict | No
}
# When running CV Pathfinder, only load balance policies are configured
- # for AutoVPN, need also vrfs and policies.
- if self.shared_utils.wan_mode == "autovpn":
+ # for Legacy AutoVPN, need also vrfs and policies.
+ if self.shared_utils.wan_mode == "legacy-autovpn":
vrfs = [{"name": vrf["name"], "path_selection_policy": vrf["policy"]} for vrf in self._filtered_wan_vrfs]
router_path_selection.update(
{
- "policies": self._autovpn_policies(),
+ "policies": self._legacy_autovpn_policies(),
"vrfs": vrfs,
},
)
@@ -68,8 +68,8 @@ def _wan_load_balance_policies(self: AvdStructuredConfigNetworkServices) -> list
return load_balance_policies
- def _autovpn_policies(self: AvdStructuredConfigNetworkServices) -> list:
- """Return a list of policies for AutoVPN."""
+ def _legacy_autovpn_policies(self: AvdStructuredConfigNetworkServices) -> list:
+ """Return a list of policies for Legacy AutoVPN."""
policies = []
for policy in self._filtered_wan_policies:
autovpn_policy = {"name": policy["name"], "rules": []}