Changes in Release 1.9
New Functionality
Release 1.9.2
The netlab exec command can execute the same command on a set of network devices
netlab supports Cisco IOS on Linux (IOL), IOL layer-2 image, and IOSv/IOSvL2 in vrnetlab containers
Edgeshark can be used as an external tool to provide GUI-based access to lab packet capture
You can use ifindex interface parameter to change interface names in virtual machines and containers.
Minor improvements
Implement netlab capture for vrnetlab containers
The libvirt.uuid parameter sets a consistent VM UUID that can be used with some devices to generate consistent device serial numbers
dhcp.client link attribute enables DHCP clients on all non-relay interfaces connected to a link
Allow per-interface gateway options, including True/False (to enable or turn off FHRP on individual interfaces)
Node-level gateway parameters can be used to set per-node VRRP priority
You can set the containerlab ‘prefix’ attribute to change container names
The clab.dns attribute can be used to set container DNS servers and search domain settings
Alternate loopback pools can be used to implement a multi-site loopback addressing scheme.
The check.config plugin removes missing custom configuration templates, ensuring the initial device configuration does not fail even when the configuration templates for a specific device type are missing
New device features
Consistently implement VRRP preemption feature (new default: True)
Arista EOS:
You can use the eos.serialnumber and eos.systemmacaddr device properties to set the device serial number and system MAC address on cEOS containers.
You can also change the management interface name in cEOS containers
Cumulus Linux:
FRR:
Minor fixes in device configuration templates:
Arista EOS:
Tell the Arista DHCP client to use the default route advertised by the DHCP server
Catalyst 8000v:
Add an extra license to the box-building process to enable MPLS functionality.
Cisco CSR 1000v
VLAN configuration template can configure routed subinterfaces
Cisco IOS:
Specify legacy SSH algorithms in the SSH command using the ‘netlab_ssh_args’ group variable
Disable VTY timeout
Cumulus Linux:
Change the default password for Cumulus Linux NVUE device to comply with the newer password rules enforced by Cumulus Linux 5.x
Add the default route in the management VRF
Fix the management interface subnet mask on Cumulus Linux containers
FRR:
Install
bridge-utils
on FRR VMs
IOS XR:
Fix hostname mappings for labs with unnumbered interfaces
Junos:
Fix hostname mappings for labs with unnumbered interfaces
Linux:
Use containerlab-generated network namespaces to do initial device configuration for Linux containers
New development features
Local CI/CD script to test transformation cases
Add ‘cleanup’ module and plugin hook
Add copy/merge device feature functionality to plugin defaults file
Implement template devices
Add Cisco IOS template device as the parent for Cat8000v, CSR, IOSv, IOSvL2, IOL, IOLL2
Release 1.9.1
netlab capture command implements packet capture on VM- or container interfaces
Minor improvements
Add the
--instance
option to thenetlab down
command
New device features:
Arista EOS:
Configurable RIPv2/RIPng protocol timers
IS-IS route import
IS-IS VRF instances
Cisco IOS/IOS XE:
Configurable RIPv2/RIPng protocol timers
Cisco IOSv layer-2 image (device code:
iosvl2
)IS-IS route import
RIP VRF instances
RIPng route import
Cumulus Linux:
Configurable RIPv2/RIPng protocol timers
Create hostnames that include interface names
RIP VRF instances
RIPng route import
FRRouting:
Anycast gateway and VRRP
Create hostnames that include interface names
Configurable RIPv2/RIPng protocol timers
IS-IS route import
IS-IS VRF instances
RIP VRF instances
RIPng route import
Linux:
Create hostnames that include interface names
SR Linux:
Support for SR Linux release 24.7.x (current release: 24.7.2)
IS-IS IPv6 multi-topology
IS-IS VRF instances
OSPF default route
Route import for BGP, IS-IS, and OSPF
Prefix filters and match.prefix in routing policies
VyOS:
IS-IS IPv6 multi-topology
Minor fixes in device configuration templates:
Arista EOS:
Enable MPLS ICMP tunneling on Arista EOS
Enable local exec authorization on Arista EOS
EOS VRFs don’t need ip-vpn import/exports when we use EVPN
Cumulus Linux:
Configure IPv6 RA only when using IPv6 on an interface
Fix container management IPv4 prefix
Dell OS10:
Increase the VM RAM to 4GB according to vendor recommendations
Fix login credentials for vrnetlab containers
FRRouting:
Limit ARP response scope when using VRRP on FRRouting
SR Linux:
Do not activate IPv6 AF by default on IPv4 BGP session and vice versa
Check for the license needed to run IXR6/IXR10 containers
Simplify the IBGP export policy with the new ‘next-hop: self’ action
Per-interface EBGP peer groups (allowing per-neighbor parameters on unnumbered EBGP sessions)
Route server client support
Redo SR Linux BGP template to make IBGP and EBGP behavior somewhat consistent
Fix BGP MD5 authentication
Routing policies cannot be used on route imports
New development tools:
Implement warning-level validation test failures
Initial developer documentation for the generic routing module
New integration tests:
Gateway module integration tests
Change cost/metric failures into warnings in OSPF default route integration tests
Release 1.9.0-post1
Add a failure barrier to validation tests. This feature allows you to stop the validation process if at least one of the prior tests has failed.
New device features:
JSON-RPC (implemented in nokia.srlinux Ansible collection) is used to configure SR Linux nodes. The netlab up process checks for the presence of nokia.srlinux collection and refuses to start the lab if the collection is not installed.
Check SR Linux Ansible collection (and its version) during the lab startup process
Minor fixes in device configuration templates:
SR Linux:
BGP configuration template survives L2-only VRFs
OSPF routes and connected subnets are redistributed into VRF BGP
BGP-EVPN routes are redistributed into VRF BGP to be propagated to VRF BGP neighbors
Configure EVPN BGP parameters based on neighbor data, not on evpn.session variable (which does not include bgp.multihop neighbors)
Configure inter-as-vpn in EVPN AF if a device has at least one EVPN EBGP neighbor
Redistribute connected, BGP, and BGP-EVPN routes into the VRF OSPF process
Remove the ancient ‘stubs are loopbacks’ hack from the OSPF template
Reject lab topologies with interface EBGP neighbors using EVPN address family
Fix the ‘interface EBGP neighbor’ check in the bgp.policy configuration template
Use key index 1 (not zero) in the BGP MD5 keychain
Shut down BGP neighbors before applying bgp.session changes and reenable them after the configuration is complete
Fix the bgp.multihop template (the previous template was effectively a no-op)
Release 1.9.0
Generic Routing Configuration Module supporting:
Routing policies (route maps), including match and set commands
Prefix filters (prefix lists)
AS-path filters
BGP community filters
These features are implemented on Arista EOS, ArubaCX, Cisco IOS/IOS-XE, Cumulus Linux, SR Linux, and Vyos.
Other new features:
Default route origination in OSPFv2 and OSPFv3 on Arista EOS, Aruba CX, Cisco IOS/XE, Cumulus Linux, FRRouting, and Vyos.
Route import (redistribution) into OSPFv2, OSPFv3, and BGP. This feature works in the global routing table and VRFs and is available on Arista EOS, Aruba CX, Cisco IOS/XE, Cumulus Linux, FRRouting, and Vyos.
VRF multihop EBGP sessions, available on Arista EOS, Aruba CX, Cisco IOS/XE, Cumulus Linux, and FRRouting.
Modify bgp.policy plugin to use routing policies from the Generic Routing Configuration Module.
Load Linux kernel drivers (VXLAN, MPLS) required by device containers (FRR, VyOS)
Minor improvements:
Support for containerlab node parameter startup-delay
Display markdown reports as ASCII text rendered with rich.markdown
Add
linux-headers-generic
to the devcontainer to allow VyOS to run in GitHub Codespaces
New device features:
Support for vJunos-switch running in a vrnetlab container
Arista cEOS 4.32.1F has a working MPLS data plane
SR/MPLS on FRR
Routing policies, prefix lists, and community lists on Arista EOS, Aruba CX, Cisco IOS/XE, Cumulus Linux, FRRouting, and Vyos
VRF-aware OSPFv3 on ArubaCX and VyOS
OSPF default route origination on Arista EOS, Aruba CX, Cisco IOS/XE, Cumulus Linux, FRRouting, and Vyos
OSPF and BGP route import on Arista EOS, Aruba CX, Cisco IOS/XE, Cumulus Linux, FRRouting, and Vyos
VRF multihop EBGP sessions on Arista EOS, Aruba CX, Cisco IOS/XE, Cumulus Linux, and FRRouting.
Minor fixes in device configuration templates:
ArubaCX:
Fix BGP next-hop processing on EBGP EVPN AF
MPLS data plane works only on physical devices
Arista EOS:
Activate EVPN AF on unnumbered EBGP sessions
Configure IS-IS IPv4 router-ID in IPv6-only networks
Change default Arista cEOS release to 4.32.1F
Arista EOS expects a single EVPN import/export RT per line
Cat8000v:
Cat8000v does not support SR-MPLS
Cat8000v is a layer-3 switch
CSR 1000v:
Cisco CSR 1000v rejects a VNI lower than 4096
Cumulus Linux:
Missing newline in Cumulus EVPN FRR config
Explicit configuration of IPv6 LLA on VM interfaces
RIPv2/ng has to be configured several times to make it work :(
Add local device name with ‘-’ (instead of ‘_’) to /etc/hosts
Bump Cumulus Vagrant box release to the latest 4.4 release
FRR:
Change FRR release to 10.0.1
FRR supports EVPN Asymmetric IRB
MPLS VPNv6 does not work
Nexus OS:
Additional tweaks to make EVPN work over EBGP with NXOS
Redistribute internal BGP routes to OSPF in EVPN VRFs
Apply ‘allowas-in’ to EVPN address family
EVPN L3VNI needs ‘interface-vlan’ feature to work
Junos:
vPTX EVPN implementation is broken; turning it off
Remove MTU change from Junos SR configuration template
Sonic:
Remove redundant ‘do write’ from Sonic BGP configuration template
SR Linux:
Only specific models of SR Linux support SR-MPLS
VyOS:
VyOS: enable SSH service when running in containerlab
MPLS VPNv6 does not work on VyOS (because FRR)
allowas-in has to be configured on EVPN AF
Do not set next-hop to self on EBGP EVPN sessions
New development tools:
Implement ‘valid_with’ data type validation to limit the attributes that can be used together in a data object
Implement copy/merge between all attribute namespaces to give modules functionality similar to plugins
New integration tests:
EVPN integration tests, including IRB modes, EBGP unnumbered, IBGP-over-EBGP, EBGP-over-EBGP, L3-only EVPN, and L3VPN with PE-CE routing
SR-MPLS IPv4 and IPv6 integration tests
EIGRP integration tests
EBGP multihop integration tests
Integration tests for ‘routing’ module and new OSPF functionality
Breaking changes
Release 1.9.2
Previous netlab versions allowed a switch to connect multiple routed VLAN instances, forcing the same IP prefix on all segments. Release 1.9.2 checks the compatibility of VLAN/interface forwarding modes and only allows interfaces with vlan.mode set to route (either via interface attribute, VLAN attribute, or node VLAN attribute) to connect to trunks or access links of VLANs with mode set to route.
The default value of vrrp.preempt parameter has been changed to True to match most VRRP implementations’ default.
Previous netlab versions allowed interface attributes on access/trunk links of bridged or IRB VLANs. The attributes from the first such interface would be copied into the SVI interface, resulting in potentially confusing behavior. The recommended (but not enforced) way to set VLAN (SVI) interface attributes was to use the node vlans dictionary (more details), but while the documentation warned about the unsupported practice, the restrictions were not enforced. netlab release 1.9.2 rejects interface attributes on interfaces with vlan.access or vlan.trunk attribute; you have to use the node vlans dictionary to set VLAN/SVI interface parameters.
Release 1.9.0
The Graphite configuration file format has changed to adapt to the changes made to the netreplica/graphite tool. If your browser fails to display the lab topology, reload the page or clear the browser cache.
OSPF is no longer disabled in VRFs using EVPN symmetric IRB. That might break existing lab topologies using OSPF routers connected to EVPN-backed VLANs configured in IRB mode. Disable OSPF in a VRF with ospf: False if needed.
The link transformation module sets the link role to stub on all non-VLAN/non-loopback links with no preset role and a single router, making the behavior in multi-provider topologies identical to that in single-provider topologies. This might impact topologies that define the stub addressing pool, as these links will now get their IP prefixes from the stub pool.
Cumulus Linux containers are deprecated. While they will continue to work, we won’t run integration tests on them. Use FRRouting containers.
We will probably change the Cumulus Linux VM version to 5.9 in the future, assuming we can still use direct ifupdown and FRR configuration.
Bug Fixes
Bug Fixes in Release 1.9.2
Be extra pedantic about IP address values in initial device configurations
Check the VLAN/interface fwd mode compatibility
Cache error hints to prevent duplicate display of hints
Bump minimal Jinja2 release to 3.1.4 (fixes #1425)
Restore neighbors on VLAN access (sub)interfaces
Do not create the Vagrant mgmt network when the VMs are running
Accept prefix.allocation link parameter
Delete libvirt management bridge during cleanup
Check for unique ifnames
Unify generation of unique ifindex/ifname values
Detect duplicate IP addresses on links and bridge/irb VLANs
Reject per-link irb/bridge VLAN interface attributes
Tell the user to use LAN link type for links using ‘gateway’ module
Copy node VLAN data into interface data on all links (#1444)
Check for multiple access VLANs per link (#1443)
Use containerlab ‘restart-policy’ keyword to prevent FRR restarts
Check for the multicast bit in MAC addresses and report an error if it’s set
Change VRRP preempt default value to True
Copy select node VLAN data into interface data before link transform (#1424)
Raise an error when detecting duplicate YAML keys (fixes #1416)
Add ‘–reconfigure’ flag to containerlab deploy command
Allow additional arguments (e.g. “mapping:ro”) in clab.binds values (#1403)
Remove hyphen from Vagrantfile VM variable
Survive loopback interfaces with no ‘type’ attribute
Always set interface type on loopback interfaces
Abort on fatal initialization errors
Convert directory name into an id when setting topology.name
Netsim requires python-box release 7.2.0 or greater
Avoid crashes with invalid link gateway attribute
Stricter make_id rules
Customized error messages and hints for data model attributes
Improve the handling of dhcp.client flag and generation of excluded addresses
Fix: allow ‘ipv4: dhcp’ and ‘ipv6: dhcp’ at the same time (fixes #1365)
Build VLAN-aware DHCP pools (#1360)
Install ‘curl’ and ‘lsb-release’ in ‘netlab install libvirt’ (#1356)
Fix: Reserve gateway.id parameters specified on links and global VLANs (#1355)
CI/CD: Add python 3.13, remove end-of-support 3.8 (#1354)
Use node-level VLAN gateway data on SVI interfaces (#1353)
Split processing of link prefix and gateway data (#1352)
Allow interface attributes in node VLAN definitions
Bug Fixes in Release 1.9.1
Fix the format of the
/etc/hosts
file (Linux, FRRouting, Cumulus)Sort providers in multi-provider topology
Graphviz formatting enhancements
Separate ‘hosts on link’ and ‘link is stub’ flags
Make the IS-IS instance name a variable
Refactor default route and route redistribution templates (FRR, CL, EOS, IOS)
netlab up should not report errors after warnings in netlab validate
Install iptables as part of containerlab installation
The valid validation test option should deal with list results
Create Vagrant box metadata in device/version-specific JSON file
Set routing protocol address families in VRF RP data
Use the existing ‘SSH-in-VM-in-container’ check for OS10
Bug Fixes in Release 1.9.0-post1
Enhance diagnostics of L3VPN EVPN integration tests and add a failure barrier
Add checks for connected subnet redistribution to complex VRF integration tests
Display IPv4 unnumbered and IPv6 LLA in addressing reports instead of ‘True’
Change integration test color-coding for “not supported” error
Make named prefixes available as part of the ‘all’ group
Add ‘–all’ option to ‘netlab inspect’ to add global Ansible vars to node data
Bug Fixes in Release 1.9.0
Set source interface name (_source_ifname) on IBGP neighbors to simplify BGP configuration templates
Refactor common IGP post-transform processing
Use search paths when validating config name in netlab config
The ebgp.multihop plugin should use a dummy ifname for the pseudo-tunnel between EBGP endpoints
Make OSPF-over-VXLAN test more complex to require OSPF to work
Add Sphinx Dark Mode to dev requirements
Allow ‘netlab connect’ to pass a command to a tool
Improve the validation of ‘validate’ data structures, add hints and tests
Add ‘links-as-a-dictionary’ data structure
Make ‘prefix_str’ validator accept named prefixes
IS-IS needs IPv4 router-id for SR-MPLS to work
Do not use hostnames in Suzieq inventory (SuzieQ cannot use the host /etc/hosts file)
Use the routing.policy.set device features to set BGP features in bgp.policy plugin
Need to wait a bit longer for OSPF convergence in the VRF Lite integration test
Increase EBGP session setup wait timer in the bgp.policy integration tests and numerous other timing tweaks (some devices are ridiculously slow)
Static VLAN VNI was rejected when a VLAN was used in a group
Use netlab_show_config Ansible variable to control the display of device configs during netlab initial process
Color-code and timestamp integration test summary printouts
Bug fix: use Linux containers (not VMs) in VXLAN integration tests
Survive edge cases (hosts without loopbacks, interfaces without names or descriptions) in addressing and wiring reports
Include reports in the Python package
Documentation Fixes
Documentation Fixes in Release 1.9.2
Document how to use
netlab up --snapshot
to recover from a server rebootUpdate IOS XRd caveats (recent Ansible collection does not work with XRd)
Warning: VLAN module configures only the data-plane functionality
Improve the custom configuration template documentation
Documentation Fixes in Release 1.9.1
Describe newer Fortinet caveats
Stress the importance of using the hellt fork of vrnetlab
Explain the details of setting Graphviz/D2 output defaults
Add Linux Host Networking caveats
Add favicon
Documentation Fixes in Release 1.9.0-post1
Tutorial: add Linux hosts and custom software to a netlab topology
Add a more explicit description of how Vagrant treats box names
Documentation Fixes in Release 1.9.0
Update EVPN documentation based on the integration test results
Rewrite the introduction to the EVPN configuration module
Add links to the addressing example documenting the ‘allocation’ attribute
Developers should install additional Python modules to run CI/CD tests
Reorganize tutorials, add Selecting a Software Release tutorial
Minor fixes to SR-MPLS documentation
Change the example link used to illustrate the bgp.activate parameter
Explain how you can disable IBGP sessions with the bgp.session parameter
Remove extra CSS styling that appeared in the final documentation
Document FRRouting/VyOS limitations in GitHub Codespaces