Changes in Release 1.9

New Functionality

Release 1.9.6

Release 1.9.6 is mostly a bug fix release with a few new features:

• Add ‘gateway’ as a valid next-hop for static routes

• Rewrite the default gateway processing and add IPv6 default gateways

• Set libvirt MTU to 9500 on bridge-based networks

New device features

FRR:

• Migrate to FRR release 10.2.2

Juniper vMX:

• Use netlab variables to download a license file or use a local license file

Release 1.9.5

Release 1.9.5 includes numerous bug fixes and fixes in device definitions and configuration templates, but also several new features:

• LAG: Support back-2-back dual MLAG use case with any-to-any links

• Support VXLAN anycast VTEP in MLAG deployments

• Use configured node management MAC/IPv4 addresses in vagrant-libvirt DHCP pool

• Change the generation of libvirt management MAC addresses (might be a breaking change)

• Make --instance and --snapshot CLI parameters consistent

• Add the ‘netlab clab cleanup’ command

New device features

Cumulus NVUE:

• VRF route leaking

• Full RFC 8950 support (IPv4 BGP AF over IPv6 BGP session)

• VRF-aware BGP

• Full VXLAN and EVPN implementation

• BGP allowas_in and EBGP multihop

• VLAN-aware router (VLAN subinterfaces) functionality

• Route import into OSPF and BGP

FortiOS:

• Build FortiOS Vagrant boxes with “netlab libvirt package”

Junos:

• Support for anycast gateway on vjunos-switch and vjunos-router

• Support for BGP local-as, allowas-in, EBGP multihop, and selective address family activation

• VXLAN and EVPN support on vjunos-switch

Sonic:

• Collect complete SONiC configuration with ‘netlab collect’

Changes in default Vagrant boxes/containers

• Arista cEOS 4.33.1

• FRR release 10.1.2

• Linux Ubuntu 24.04 Vagrant box and Python 3.13 container

• SR Linux release 24.10.3

Fixes in configuration templates:

Arista EOS:

• Configure IPv6 anycast gateway

Cisco IOS:

• Fix the configuration syntax for Cisco IOS VRF static routes with indirect global next hop

Cumulus NVUE:

• Place MLAG backup IP into the management VRF if needed

Dell OS10:

• Add netlab_save_config parameter to control whether the initial config is saved to the startup config (default: True)

• Disable IPv6 on IPv4-only L3 port channels (#1988)

Fortinet:

• Fix initial- and OSPF configuration

FRR:

• Use Vagrant private key instead of usernames/passwords

• Fix incorrect MTU setting on vxlan devices

Linux:

• Set MTU on bond interfaces on Ubuntu 24.04

• Configure Systemd to set Ethernet NICs to 1G/full-duplex/no-negotiation

Nexus OS:

• Move netlab_check_* variables to group_vars

vjunos-router:

• Add a tweak to support tagged VLAN 1

Release 1.9.4-post2

Release 1.9.4-post2 is a bug-fix release.

Fixes in configuration templates:

Aruba CX:

• Configure IPv6 anycast gateway

• Use ‘tagged native vlan’ to get VLAN 1 to work in a trunk

Cisco IOS platforms:

• Use fake native VLAN on switching platforms to support tagged VLAN 1

• Cisco IOSv cannot configure support tagged VLAN 1

Cumulus NVUE:

• Disable MAC learning on MLAG peerlink

• Fix layer-3 LAG links

• Move initialization of bridge MAC to ‘initial’ configuration step

• Implement per-VLAN STP status

Dell OS10:

• Don’t enable IPv6 LLA on L2-only interfaces

EOS:

• Use ‘tagged native vlan’ to get VLAN 1 to work in a trunk

• Use ‘no switchport’ as default on non-MLAG LAG interfaces

• Check minimum and maximum MTU

FRR:

• Set MTU on VLAN interfaces

Junos:

• Set IPv4/IPv6 MTU on IRB interfaces

Linux:

• LAG member link speed has to be set on all Linux VMs

Nexus OS:

• Refuse to use VLANs above the NXOS-specific upper bound

• Use fake native VLAN to implement tagged VLAN 1

• Do not try to change the VLAN 1 name

VyOS:

• Configure VLAN 1 directly on br0 interface (not on a VIF)

Release 1.9.4-post1

Release 1.9.4-post1 is a bug-fix release.

Fixes in device definitions and configuration templates:

Cumulus NVUE:

• Don’t trunk native VLAN unless requested

• Disable IPv6 on L2-only interfaces

Dell OS10:

• Enable system-wide MTU and ICMP unreachables

• Don’t allow untagged VLAN on trunk unless configured

FRR:

• Disable global enhanced_dad when using VARP and VRRPv3

Release 1.9.4

Release 1.9.4 includes numerous bug fixes and fixes in device definitions and configuration templates.

New device features

• VRRPv3 support on Junos

Fixes in device definitions and configuration templates:

Arista EOS:

• Change interface-to-BGP-neighbor matching in EBGP-LU template

• cEOS stub (dummy) interfaces must have P2P OSPF network type

• Disable bridging between data-plane interfaces before starting the initial configuration process

• Make EOS VRRPv3 checksum compliant with RFC 9568

Aruba CX:

• Configure OSPFv3 timers and DR priority

• Change IPv6 LLA in ArubaCX VRRP configuration template to EUI-64 address

bird:

• bird cannot use indirect next hops in static routes

Cisco IOS/IOS XE:

• Configure MTU on VLAN interfaces

• Add device-specific MTU checks

• Use mtu or ip mtu based on device-specific MTU configuration rules

• IOSv L2 does not support mixed VLAN trunks

• Disable bridging between data-plane interfaces on IOSv/IOL layer-2 image before starting the initial configuration process

• Use hex formatting when generating VRRP IPv6 LLA address

• VRRPv3 is supported on VLAN/BDI interfaces on all platforms apart from IOSv

• Passive RIPng interfaces generate a ‘this will not work as expected’ warning on all platforms

• Reserved VLANs (1002…1006) cannot be used on IOSvL2, IOLL2, and Cat8000v

• Unique per-VRF OSPF router ID is generated only for IOSv and IOSvL2. IOS-XE platforms can reuse the same OSPF router ID for multiple processes

Cisco Nexus OS:

• Configure OSPF router priority on VRF interfaces

• NX-OS VRRP parameters were applied at the wrong config level

• Use hex formatting when generating VRRP IPv6 LLA address

Cumulus Linux 4.x

• Cumulus Linux cannot do DHCPv6 relaying

• Configure MTU on VLAN interfaces

• Implement system default MTU

• DHCP client interface definition on Cumulus Linux needs ‘auto ifname’

• Add IPv6 LLA to VRRPv3 interface- and FRR configuration

Cumulus Linux 5.x (NVUE)

• Implement system default MTU

• Remove STP policer increase

• Limit VLANs allowed on a VLAN trunk

Dell OS10

• Redistribute EVPN prefixes into VRF OSPF instances

• Fix BGP neighbor name for EVPN AF on interface EBGP sessions

• Add IPv6 LLA to VRRPv3 configuration

• VRRP does not work on virtual networks

FRR

• Set MAC address and IPv6 LLA on VLAN interfaces

• Add static FDB entry for anycast MAC address

• Set MTU on VLAN interfaces

• Add IPv6 LLA to VRRPv3 FRR configuration

• Make FRR VRRPv3 checksum compliant with RFC 9568

Junos:

• Explicitly activate the default address family on BGP sessions

• Activate VPNv6 AF when using VRFs with IPv6 subnets

• Sync IBGP and EBGP advertisement policies

• Increase vPTX timeouts in MPLS integration tests to ludicrous values

• vjunos-switch needs ages to wake up on IPv6

• Increase the Junos startup delay in SR/IS-IS integration tests

• Don’t add bogus ‘vlan-id’ to regular interfaces

SR Linux:

• Configure MTU on VLAN interfaces

• Add device-specific MTU checks

• Default passive BGP sessions on SR Linux were a bad idea

• Fix lookup of BGP local IP address based on neighbor ifindex

VyOS:

• VyOS needs ‘dummy’ stub interfaces in containers

Release 1.9.3

• Multi-chassis Link Aggregation (MLAG) support in the Link Aggregation Group (LAG) Configuration Module for IEEE 802.3ad

• Generic object (node, VRF, VLAN) groups

• OSPF interface timers, cleartext passwords, and DR priority

• Global, VRF, and inter-VRF static routes with direct or indirect next hops.

• Consistent selection of prefix pools based on the number of nodes attached to a link (⚠️ breaking change)

• Node cloning plugin simplifies repetitive topologies by cloning nodes

New devices

• vjunos-router (vMX in a single VM)

New external tools

• Cisco NSO

Minor improvements

• Implement containerlab stub links with ‘dummy’ interfaces, removing the need for extra Linux bridges

• Support RFC 8950-style IPv4 next hops over regular IPv6 EBGP sessions

• Add --feature flag to netlab show modules command to display support for a single optional feature

• VRRP version plugin for the gateway module

• Refactor STP port priority to use IEEE values (0…15)

• Make (some) device quirk errors configurable

• Disable STP on libvirt-created bridges to avoid interference with the STP Configuration Module

• Per-node device features allow you to tweak which features individual lab nodes support

• Generic host static routing framework allows you to change the static routes configured on Linux and Bird.

• Global/node setting of default OSPF passive interface state

• Most OSPF parameters can be set on the topology level

• Validated LAG and STP/RSTP/PVRST integration tests (#1739)

• Platform integration tests covering links, multi-provider deployments, and unmanaged nodes

• Improve ‘unmanaged’ node support on point-to-point and multi-provider links

• Print time spent in every successful validation test

New device features

Arista EOS:

• MLAG support

• Static routing

• OSPF interface timers, cleartext password, and DR priority

Aruba CX:

• LAG, MLAG, static routing, and STP support

• OSPF interface timers, cleartext password, and DR priority

Cisco IOS/IOS-XE:

• OSPF interface timers, cleartext password, and DR priority

• Static routing

Cisco NXOS:

• OSPF interface timers, cleartext password, and DR priority

Cumulus Linux:

• RFC 8950-style IPv4 next hops over regular IPv6 EBGP sessions

• Static routing

• OSPF interface timers, cleartext password, and DR priority

Cumulus NVUE:

• VLAN, VRF, LAG, and STP (including PVRST) support

• VRF-aware OSPFv2

• OSPFv2 interface timers and DR priority

• BGP local-as support

• Reject OSPFv3 configuration (OSPFv3 cannot be configured through NVUE)

• Replace the underscore in the node name with a hyphen when setting the hostname.

Dell OS10:

• LAG, MLAG and STP support

• OSPF interface timers, cleartext passwords, and DR priority

• Use VRRPv2 (when requested by the VRRP version plugin) or VRRPv3 (default)

• Set default MTU to 1500

FRR:

• RFC 8950-style IPv4 next hops over regular IPv6 EBGP sessions

• Move from Ubuntu 20.04 VM to Debian/Bookworm64

• OSPF interface timers, cleartext password, and DR priority

• Static routing

Linux:

• Support for LAG and static routing modules

• Uplink bonding plugin

SR Linux:

• Switch to 24.10.1 release

Minor fixes in device configuration templates:

Arista EOS:

• Fix variable name typo in the BFD template

• Support for STP port types

• Configure node-level STP root priority on PVRST-enabled VLANs

Aruba CX:

• Change the default vrnetlab container tag

• Optimize the configuration deployment process – remove the extra auto-confirm task

bird:

• Change the base Docker image to Ubuntu 24.04. The new default bird release is 2.14

• Set a static IPv6 LLA on the loopback interface to make OSPFv3 advertise loopback IPv6 prefix

Cisco ASAv:

• Add legacy SSH algorithms to netlab_ssh_args variable to connect to ASAv without changing the SSH configuration files

Cumulus Linux:

• Use raw and script modules to configure devices to avoid Python version mismatch reported by Ansible 11.x

• Support for STP port types

Cumulus NVUE:

• Change the default Vagrant box to release 5.10.0

• Add support for multiple loopbacks and VRF loopbacks

• Set default MTU to 1500 for all providers to enable interoperability with other OSPF implementations

• Print a warning when using (outdated) Cumulus Linux 5.x containers

• Use password variable in Vagrantfile provisioning script instead of a hardcoded value

• Fix IPv6 LLA-only configuration

• Fix OSPF configuration template

• Set IBGP neighbor AS to ‘internal’ to pass route-reflector-client NVUE schema validation

• Fix the configurable advertisement of BGP communities

• Don’t try to configure MTU on loopback interfaces

Dell OS10:

• Add a check for anycast gateways only being supported on SVI interfaces

• Disable IPv6 on loopbacks when not configured

• Disable IPv6 LLA on IPv4-only interfaces

• Redistribute imported OSPF VRF routes into BGP

• Cleanup BGP configuration template

FRR:

• Invoke the VRF FRR configuration template only if a node has active VRFs

• Install FRR in a Debian VM during ‘vagrant up’ processing

• The per-VLAN Linux bridges used by FRR VMs/containers support only 802.1D STP on non-trunk interfaces

Linux:

• Implement a generic Linux package installation mechanism

• Use netns execution on container host for any script template ending with “-clab.j2”

Junos:

• Set IS-IS router type (L1/L2/L1-2)

• Disable narrow metrics

Junos vPTX:

• Change the default vrnetlab container tag

• VLAN template refactoring

vjunos-switch:

• Change the default vrnetlab container tag

• VLAN template refactoring

Release 1.9.2

• STP Configuration Module

• Link Aggregation Group (LAG) Configuration Module for IEEE 802.3ad

• The netlab exec command can execute the same command on a set of network devices

• netlab supports Cisco IOS on Linux (IOL), IOL layer-2 image, and IOSv/IOSvL2 in vrnetlab containers

• Edgeshark can be used as an external tool to provide GUI-based access to lab packet capture

• Implement the gateway and dhcp modules on VLANs

• You can use ifindex interface parameter to change interface names in virtual machines and containers.

Minor improvements

• Implement netlab capture for vrnetlab containers

• The libvirt.uuid parameter sets a consistent VM UUID that can be used with some devices to generate consistent device serial numbers

• dhcp.client link attribute enables DHCP clients on all non-relay interfaces connected to a link

• Allow per-interface gateway options, including True/False (to enable or turn off FHRP on individual interfaces)

• Node-level gateway parameters can be used to set per-node VRRP priority

• You can set the containerlab ‘prefix’ attribute to change container names

• The clab.dns attribute can be used to set container DNS servers and search domain settings

• Alternate loopback pools can be used to implement a multi-site loopback addressing scheme.

• The check.config plugin removes missing custom configuration templates, ensuring the initial device configuration does not fail even when the configuration templates for a specific device type are missing

New device features

• Consistently implement VRRP preemption feature (new default: True)

Arista EOS:

• STP and LAG support

• You can use the eos.serialnumber and eos.systemmacaddr device properties to set the device serial number and system MAC address on cEOS containers.

• You can also change the management interface name in cEOS containers

Cumulus Linux:

• STP and LAG support

FRR:

• STP and LAG support

Minor fixes in device configuration templates:

Arista EOS:

• Tell the Arista DHCP client to use the default route advertised by the DHCP server

Catalyst 8000v:

• Add an extra license to the box-building process to enable MPLS functionality.

Cisco CSR 1000v

• VLAN configuration template can configure routed subinterfaces

Cisco IOS:

• Specify legacy SSH algorithms in the SSH command using the ‘netlab_ssh_args’ group variable

• Disable VTY timeout

Cumulus Linux:

• Change the default password for Cumulus Linux NVUE device to comply with the newer password rules enforced by Cumulus Linux 5.x

• Add the default route in the management VRF

• Fix the management interface subnet mask on Cumulus Linux containers

FRR:

• Install bridge-utils on FRR VMs

IOS XR:

• Fix hostname mappings for labs with unnumbered interfaces

Junos:

• Fix hostname mappings for labs with unnumbered interfaces

Linux:

• Use containerlab-generated network namespaces to do initial device configuration for Linux containers

New development features

• Local CI/CD script to test transformation cases

• Add ‘cleanup’ module and plugin hook

• Add copy/merge device feature functionality to plugin defaults file

• Implement template devices

• Add Cisco IOS template device as the parent for Cat8000v, CSR, IOSv, IOSvL2, IOL, IOLL2

Release 1.9.1

• netlab capture command implements packet capture on VM- or container interfaces

• IS-IS route import (redistribution)

• IS-IS VRF instances

• RIP VRF instances

• RIPng route import

• Configurable RIPv2/RIPng protocol timers

Minor improvements

• Add the --instance option to the netlab down command

New device features:

Arista EOS:

• Configurable RIPv2/RIPng protocol timers

• IS-IS route import

• IS-IS VRF instances

Cisco IOS/IOS XE:

• Configurable RIPv2/RIPng protocol timers

• Cisco IOSv layer-2 image (device code: iosvl2)

• IS-IS route import

• RIP VRF instances

• RIPng route import

Cumulus Linux:

• Configurable RIPv2/RIPng protocol timers

• Create hostnames that include interface names

• RIP VRF instances

• RIPng route import

FRRouting:

• Anycast gateway and VRRP

• Create hostnames that include interface names

• Configurable RIPv2/RIPng protocol timers

• IS-IS route import

• IS-IS VRF instances

• RIP VRF instances

• RIPng route import

Linux:

• Create hostnames that include interface names

SR Linux:

• Support for SR Linux release 24.7.x (current release: 24.7.2)

• IS-IS IPv6 multi-topology

• IS-IS VRF instances

• OSPF default route

• Route import for BGP, IS-IS, and OSPF

• Prefix filters and match.prefix in routing policies

VyOS:

• IS-IS IPv6 multi-topology

Minor fixes in device configuration templates:

Arista EOS:

• Enable MPLS ICMP tunneling on Arista EOS

• Enable local exec authorization on Arista EOS

• EOS VRFs don’t need ip-vpn import/exports when we use EVPN

Cumulus Linux:

• Configure IPv6 RA only when using IPv6 on an interface

• Fix container management IPv4 prefix

Dell OS10:

• Increase the VM RAM to 4GB according to vendor recommendations

• Fix login credentials for vrnetlab containers

FRRouting:

• Limit ARP response scope when using VRRP on FRRouting

SR Linux:

• Do not activate IPv6 AF by default on IPv4 BGP session and vice versa

• Check for the license needed to run IXR6/IXR10 containers

• Simplify the IBGP export policy with the new ‘next-hop: self’ action

• Per-interface EBGP peer groups (allowing per-neighbor parameters on unnumbered EBGP sessions)

• Route server client support

• Redo SR Linux BGP template to make IBGP and EBGP behavior somewhat consistent

• Fix BGP MD5 authentication

• Routing policies cannot be used on route imports

New development tools:

• Implement warning-level validation test failures

• Initial developer documentation for the generic routing module

New integration tests:

• Gateway module integration tests

• Change cost/metric failures into warnings in OSPF default route integration tests

Release 1.9.0-post1

• Add a failure barrier to validation tests. This feature allows you to stop the validation process if at least one of the prior tests has failed.

New device features:

• JSON-RPC (implemented in nokia.srlinux Ansible collection) is used to configure SR Linux nodes. The netlab up process checks for the presence of nokia.srlinux collection and refuses to start the lab if the collection is not installed.

• Check SR Linux Ansible collection (and its version) during the lab startup process

Minor fixes in device configuration templates:

SR Linux:

• BGP configuration template survives L2-only VRFs

• OSPF routes and connected subnets are redistributed into VRF BGP

• BGP-EVPN routes are redistributed into VRF BGP to be propagated to VRF BGP neighbors

• Configure EVPN BGP parameters based on neighbor data, not on evpn.session variable (which does not include bgp.multihop neighbors)

• Configure inter-as-vpn in EVPN AF if a device has at least one EVPN EBGP neighbor

• Redistribute connected, BGP, and BGP-EVPN routes into the VRF OSPF process

• Remove the ancient ‘stubs are loopbacks’ hack from the OSPF template

• Reject lab topologies with interface EBGP neighbors using EVPN address family

• Fix the ‘interface EBGP neighbor’ check in the bgp.policy configuration template

• Use key index 1 (not zero) in the BGP MD5 keychain

• Shut down BGP neighbors before applying bgp.session changes and reenable them after the configuration is complete

• Fix the bgp.multihop template (the previous template was effectively a no-op)

Release 1.9.0

Generic Routing Configuration Module supporting:

• Routing policies (route maps), including match and set commands

• Prefix filters (prefix lists)

• AS-path filters

• BGP community filters

These features are implemented on Arista EOS, ArubaCX, Cisco IOS/IOS-XE, Cumulus Linux, SR Linux, and Vyos.

Other new features:

• Default route origination in OSPFv2 and OSPFv3 on Arista EOS, Aruba CX, Cisco IOS/XE, Cumulus Linux, FRRouting, and Vyos.

• Route import (redistribution) into OSPFv2, OSPFv3, and BGP. This feature works in the global routing table and VRFs and is available on Arista EOS, Aruba CX, Cisco IOS/XE, Cumulus Linux, FRRouting, and Vyos.

• Named prefixes

• Add config action to validation tests

• Use SuzieQ in validation tests

• VRF multihop EBGP sessions, available on Arista EOS, Aruba CX, Cisco IOS/XE, Cumulus Linux, and FRRouting.

• Modify bgp.policy plugin to use routing policies from the Generic Routing Configuration Module.

• Load Linux kernel drivers (VXLAN, MPLS) required by device containers (FRR, VyOS)

Minor improvements:

• Support for containerlab node parameter startup-delay

• Display markdown reports as ASCII text rendered with rich.markdown

• Add linux-headers-generic to the devcontainer to allow VyOS to run in GitHub Codespaces

New device features:

• Support for vJunos-switch running in a vrnetlab container

• Arista cEOS 4.32.1F has a working MPLS data plane

• SR/MPLS on FRR

• Routing policies, prefix lists, and community lists on Arista EOS, Aruba CX, Cisco IOS/XE, Cumulus Linux, FRRouting, and Vyos

• VRF-aware OSPFv3 on ArubaCX and VyOS

• OSPF default route origination on Arista EOS, Aruba CX, Cisco IOS/XE, Cumulus Linux, FRRouting, and Vyos

• OSPF and BGP route import on Arista EOS, Aruba CX, Cisco IOS/XE, Cumulus Linux, FRRouting, and Vyos

• VRF multihop EBGP sessions on Arista EOS, Aruba CX, Cisco IOS/XE, Cumulus Linux, and FRRouting.

Minor fixes in device configuration templates:

ArubaCX:

• Fix BGP next-hop processing on EBGP EVPN AF

• MPLS data plane works only on physical devices

Arista EOS:

• Activate EVPN AF on unnumbered EBGP sessions

• Configure IS-IS IPv4 router-ID in IPv6-only networks

• Change default Arista cEOS release to 4.32.1F

• Arista EOS expects a single EVPN import/export RT per line

Cat8000v:

• Cat8000v does not support SR-MPLS

• Cat8000v is a layer-3 switch

CSR 1000v:

• Cisco CSR 1000v rejects a VNI lower than 4096

Cumulus Linux:

• Missing newline in Cumulus EVPN FRR config

• Explicit configuration of IPv6 LLA on VM interfaces

• RIPv2/ng has to be configured several times to make it work :(

• Add local device name with ‘-’ (instead of ‘_’) to /etc/hosts

• Bump Cumulus Vagrant box release to the latest 4.4 release

FRR:

• Change FRR release to 10.0.1

• FRR supports EVPN Asymmetric IRB

• MPLS VPNv6 does not work

Nexus OS:

• Additional tweaks to make EVPN work over EBGP with NXOS

• Redistribute internal BGP routes to OSPF in EVPN VRFs

• Apply ‘allowas-in’ to EVPN address family

• EVPN L3VNI needs ‘interface-vlan’ feature to work

Junos:

• vPTX EVPN implementation is broken; turning it off

• Remove MTU change from Junos SR configuration template

Sonic:

• Remove redundant ‘do write’ from Sonic BGP configuration template

SR Linux:

• Only specific models of SR Linux support SR-MPLS

VyOS:

• VyOS: enable SSH service when running in containerlab

• MPLS VPNv6 does not work on VyOS (because FRR)

• allowas-in has to be configured on EVPN AF

• Do not set next-hop to self on EBGP EVPN sessions

New development tools:

• Implement ‘valid_with’ data type validation to limit the attributes that can be used together in a data object

• Implement copy/merge between all attribute namespaces to give modules functionality similar to plugins

New integration tests:

• EVPN integration tests, including IRB modes, EBGP unnumbered, IBGP-over-EBGP, EBGP-over-EBGP, L3-only EVPN, and L3VPN with PE-CE routing

• SR-MPLS IPv4 and IPv6 integration tests

• EIGRP integration tests

• EBGP multihop integration tests

• Integration tests for ‘routing’ module and new OSPF functionality

Breaking changes

Release 1.9.5

The default libvirt management MAC addresses had the node ID in the last octet. Starting with release 1.9.5, the node ID is inserted into the fourth octet, giving each node a larger MAC address space (some devices use management MAC addresses to generate internal MAC addresses used on virtual interfaces).

Release 1.9.3

Release 1.9.3 selects the pool used to assign a prefix to a link based on the number of nodes attached to the link, whereas the previous releases used the type parameter that could be set to lan even for some point-to-point links. This change will make the prefix assignment more consistent but might change lab IP prefixes in these scenarios:

• Lab topology sets type: lan on a link to force link prefix assignment from the lan pool. Use pool: lan instead.

• lan pool was used to assign prefixes to tunnels and point-to-point routed VLANs in VLAN trunks[1]. In release 1.9.3, they get prefixes from the p2p pool.

• Links with a single node will get prefixes from the stub pool if the lab topology (or user defaults) defines it. Previously, these links would get their prefix from the lan pool unless the link definition included pool: stub.

• Point-to-point links between a libvirt device and a containerlab device are marked as lan links and got a prefix from the lan pool. These links will now get their prefix from the p2p pool.

Other breaking changes include:

• STP port priority value changed from 0…240 (in increments of 16) to 0…15.

Release 1.9.2

• Previous netlab versions allowed a switch to connect multiple routed VLAN instances, forcing the same IP prefix on all segments. Release 1.9.2 checks the compatibility of VLAN/interface forwarding modes and only allows interfaces with vlan.mode set to route (either via interface attribute, VLAN attribute, or node VLAN attribute) to connect to trunks or access links of VLANs with mode set to route.

• The default value of vrrp.preempt parameter has been changed to True to match most VRRP implementations’ default.

• Previous netlab versions allowed interface attributes on access/trunk links of bridged or IRB VLANs. The attributes from the first such interface would be copied into the SVI interface, resulting in potentially confusing behavior. The recommended (but not enforced) way to set VLAN (SVI) interface attributes was to use the node vlans dictionary (more details), but while the documentation warned about the unsupported practice, the restrictions were not enforced. netlab release 1.9.2 rejects interface attributes on interfaces with vlan.access or vlan.trunk attribute; you have to use the node vlans dictionary to set VLAN/SVI interface parameters.

Release 1.9.0

• The Graphite configuration file format has changed to adapt to the changes made to the netreplica/graphite tool. If your browser fails to display the lab topology, reload the page or clear the browser cache.

• OSPF is no longer disabled in VRFs using EVPN symmetric IRB. That might break existing lab topologies using OSPF routers connected to EVPN-backed VLANs configured in IRB mode. Disable OSPF in a VRF with ospf: False if needed.

• The link transformation module sets the link role to stub on all non-VLAN/non-loopback links with no preset role and a single router, making the behavior in multi-provider topologies identical to that in single-provider topologies. This might impact topologies that define the stub addressing pool, as these links will now get their IP prefixes from the stub pool.

• Cumulus Linux containers are deprecated. While they will continue to work, we won’t run integration tests on them. Use FRRouting containers.

• We will probably change the Cumulus Linux VM version to 5.9 in the future, assuming we can still use direct ifupdown and FRR configuration.

Bug Fixes

Bug Fixes in Release 1.9.6

• Force-install rich package in Ansible installation script and use the pip module instead of pip3 command to work around the broken paramiko version number on Ubuntu 20.04

• Add restart-policy to allowed clab attributes (#2054)

• Treat custom config requests with .j2 suffix differently (#2052)

• Skip creation of host static routes for DHCP clients (#2043)

• Print a warning if a LAG link uses a Linux bridge (#2038)

• Use common nodeset parsing function in netlab exec/inspect/report (#2019)

• Use correct getter function to get per-interface vlan.native value (#2041)

• Add NH- and IBGP-propagation checks to IBGP local-as integration test (#2040)

• ‘routing’ must be added to topology modules when used for host static routes

• Accept category and generate category-specific hint in log.warning function

• Do not assign prefixes to routed VLANs (#2031)

• Cumulus NVUE: Reject routed native vlan on a mixed trunk as unsupported (#2030)

• Set ‘external’ role on inter-AS VLANs (#2025)

• Do not create BGP clist ‘path’ attribute when ‘list’ is present (#2029)

• Perform _valid_with validation on all dictionaries

• Cumulus NVUE STP: Don’t configure STP priority on routed vlans (#2027)

• Cumulus NVUE: Fix untagged vlan on br_default (#2026)

• Do not propagate global static routes into node data

• Add IGP information to loopback interface (#2021)

• Use IOL as one of the nodes in the EIGRP integration test

• Add pointer to relevant loopback interface to BGP neighbor data (#2018)

• Remove .vagrant directory with ‘netlab down –cleanup’

• IPv4-only EBGP multihop integration test

• max_length parameter of ‘id’ type can refer to a constant (#2017)

• Cumulus NVUE: Add support for vrrp.version plugin (#2014)

• FRR: Only configure active LDP address families (#2012)

• Cumulus NVUE: enable VRF BGP local_as (#2008)

Bug Fixes in Release 1.9.5

• Detect invalid device test parameters in ‘netlab validate’

• Fix indent in the list of docker commands in edgetools.yml

• Update ‘netlab up’ error after changing ‘netlab status’ parameters

• Use FRR/EOS devices as probes in VLAN integration tests

• Use the new ‘bgp_prefix’ test in the VRF BGP community integration test

• Gateway: Remove node level protocol attribute

• Change the L3 LAG integration test to use static routing

• Check the validity of management IP addresses

• Remove dependence on EOS image from transformation tests

• Set ‘role: router’ in initial integration tests

• Test: Inter-VRF static routing with indirect next-hops

• Use clab for Linux hosts in EVPN 20-vxlan-irb-ospf.yml test

• Fix config deployment for devices without configuration templates

• Implement subparsers and use them for ‘netlab clab’ command

• Use list format for CMD parameter in Dockerfile(s)

• Fix incorrect merging of “gateway” non-protocol attributes

• Migrate from netaddr to ipaddress

• Add device SW release to integration test results

• Add a slight delay to inter-VRF static routing integration test

• Use ‘none’ device instead of ‘frr’ in transformation tests

• Wait a bit for MPLS data plane in MPLS integration tests

• Wait for IPv6 BGP sessions in BGP policy integration tests

• Wrap long error messages

• Make IPv4/IPv6 address/prefix validation more granular

Bug Fixes in Release 1.9.4-post2

• Display ‘disable check’ or ‘hide warning’ in device quirks

• Be careful when fetching ‘parentindex’ from a VLAN interface

• Display int device feature values in ‘netlab show modules’ command

• Display MTU parameters in ‘netlab show modules -m initial’ printout

• The value of missing _parentindex on LAG interfaces must be ‘None’, not ‘False’(==0) (#1898)

• Doc fix: interfaces w/o IP address or l2only links do not imply bridging.

• Postpone LAG link cleanup until after vlan module_post_link_transform runs

Integration test fixes:

• Add integration tests for routed VLAN trunk over LAG in tagged VLAN 1 in VLAN trunk

• Disable the FRR anycast interface before IPv6 anycast gateway tests

• Expand “multiple IRB VLANs” integration test with IPv6 checks

• Add a VLAN trunk to OSPF/SVI-MTU integration test to test MTU on pure SVI interfaces

• Add “leaked VLAN 1” scenario to VLAN bridged trunk integration test

• Add failover/orphan scenario to MLAG integration test

Bug Fixes in Release 1.9.4-post1

• Use ‘shutdown’ instead of ‘no switchport’ during the configuration normalization phase on Arista EOS and Cisco IOS layer-2 images to avoid premature allocation of internal VLANs

Bug Fixes in Release 1.9.4

• Add regular interfaces to VLAN integration tests

• Copy node MTU to SVI interfaces

• VXLAN: Avoid creating an empty vni attribute on VLANs

• Use Cumulus VMs DHCPv4 clients and Cisco IOSv as DHCPv6 client in integration tests

• Add OSPFv2 and OSPFv3 VLAN MTU integration test

• Implement an interface IGP iterator

• Check for the existence of IS-IS L1 prefix before checking its cost

• Quote variable arguments in netlab validate ‘config’ action

• Make LDP data structures similar to other IGPs

• Change topology provider when all nodes have the same ‘provider’ attribute (fixes #1790)

• Check the validity of all IP addresses assigned to node interfaces

• Increase integration test delays for Junos devices

• MTU cannot be larger than 9216 (implements #1849)

• New MTU-checking initial config integration test

• Implement a generic MTU checking code (fixes #1846)

• Use deepcopy when copying group data to nodes (fixes #1847)

• Implement common log.warning function

• Check for ovs-vsctl presence when using OVS with clab

• Update to the latest Containerlab version

• Fix the VRRP integration test

• Simplified anycast gateway integration test

• Avoid python-box release 7.3.1

• Resolve static route next hops to interfaces

• Exec+wait validation function passes when the device type is unknown

• Use hex formatting when generating MAC addresses

• Enable IGP on DHCP client interfaces

Bug Fixes in Release 1.9.3-post1

• python-box 7.3.1 breaks netlab. Pin the version to 7.2 … 7.3.0

• Fix MAC address generation after changes in SVI ifindex (fixes #1806)

• Set logging flags in ‘netlab down’ (fixes #1798)

• Use just the filename of custom config template as netsim_action (fixes #1797)

• Cumulus Linux 4.x: Insert newline before bond-lacp-rate slow (#1794)

• Cumulux Linux 4.x / Cumulus Linux NVUE: Limit VLANs on bonds to those actually part of the trunk (#1795)

Bug Fixes in Release 1.9.3

• Check for reserved VRF names (#1512)

• Limit libvirt management DHCP pool size to 254 hosts (#1525)

• Check for unnumbered/LLA loopback addresses (#1506)

• Node VRFs should not have any EVPN attributes (#1507)

• Fix order of VRF normalization (#1489)

• Move check for supported STP protocols to post_transform hook (#1487)

• Set ‘no-change’ on another shell task in iosxr-libvirt.yml (#1485)

• Mark shell actions in vm-clab-ssh-check.yml as “not changed” (#1483)

• Refactor EBGP IPv6 LLA/RFC 8950 code (#1575)

• Multiple LAG module fixes & cleanup (#1541)

• Fix Linux IPv4 ping validation (#1568)

• Add target IP address to ‘ping failed’ validation message

• Run mypy in incremental mode for local tests

• Skip unmanaged nodes in libvirt batches

• Check the libvirt uplink interface name

• Retain _linkname attribute on links to get more meaningful error messages late in the transformation process

• Improve the ‘device missing’ error for unmanaged nodes

• Skip unmanaged nodes in the libvirt provider module

• Check for STP being applied to L3 interfaces

• Skip FHRP calculation if link.prefix == False

• Refactor Linux bridge group_fwd_mask setup

• Add ‘initial’ to clab device-specific kernel module loading

• Replace ‘frr’ with ‘none’ device in transformation tests

• Replace use of ‘netlab_provider’ with ‘node_provider’ in templates to fix multi-provider deployments (#1618)

• Display netlab command as module in error_and_exit

• Check node MTU value, not its existence

• Test all combinations of IPv4/IPv6 addresses in integration tests

• Avoid empty ‘libvirt’ box in node interfaces

• Add yamllint to local and CI-CD tests (#1578)

• Check ‘IBGP source interface support’ in IBGP integration tests

• Parent_ifindex of a VLAN subinterface could be zero

• Remove gateway config/module if it is not used on a node

• Skip groups with no members when applying custom configs

• Document reason for escaping commas in OS10 interface description

• Fix localas_ibgp inconsistencies

• Deal with hosts attached to unnumbered links

• ebgp.multihop: Include localas_ibgp neighbors

• Use ‘role: router’ in most OSPFv2/OSPFv3/BGP integration tests

• Unchecked reference to ‘loopback’ data when creating IBGP sessions

• Routing protocols have to be configured after generic routing

• Vagrant/Libvirt: Fix VM name constant to be lowercase

• Fix: catch SIGINT for non-interactive ‘netlab connect’ sessions

• STP: Set ‘intf_to_neighbor’ to False to prevent propagation to neighbor data

• Configurable propagation of module intf attributes into neighbors

• Add module link attributes to displayed interface attributes

• Generate a single instance of Vagrant provisioning script

• Document CL 4.X Ansible caveats, use Linux in tests

• Use P2P allocation policy on /31 prefixes

• Add ‘group_vars’ when creating provider configurations

• Use –allow-downgrades to reinstall the tested Vagrant version

• Use single brackets in bash tests

• Set MTU on LAG interfaces

• Libvirt: Don’t depend on ifindex to identify physical interfaces

• Start SVI ifindex values at 40000

• Ubuntu: Add static routes per interface instead of a separate single file

• Increase initial delay for Junos IS-IS integration tests

• Add device-specific wait times to validation tests

• Use timeout to kill vrnetlab readiness check SSH sessions

• Fail the configuration playbook when a template is missing

• Restrict interface description length

• Disallow direct IP addressing on MLAG interfaces, not supported on multiple platforms (#1713)

• Add device features to ansible group_vars to make them available in configuration templates

• LAG: deprecate ‘mode’ to only support 802.3ad

• Cumulus NVUE: Fail in case of errors in “nv config apply”

• Add validation to clab- and multi-provider integration tests

• Ignore user defaults in CI/CD tests

• Cleanup ‘unnumbered’ references

• Cleanup error messages in links.py/check_link_type

• Add check for static loopback interface address validity (#1777)

• Set node MTU on OSPFv2 integration tests

• AOS-CX: fix typo in STP template (#1770)

• Increase readiness check counters for Cisco devices

• Ensure ‘node_provider’ is set in all Ansible playbooks

• Dell OS10: Reduce MLAG delay-restore timer from 90 to 30

• CL NVUE: reduce the MLAG init-delay to 10 seconds

Bug Fixes in Release 1.9.2-post1

• Use Linux (not Cumulus VX 4.x) in the Libvirt and Virtualbox tests executed by netlab test. Cumulus VX 4.x does not work with recent versions of Ansible due to a large mismatch in Python versions.

Bug Fixes in Release 1.9.2

• Be extra pedantic about IP address values in initial device configurations

• Check the VLAN/interface fwd mode compatibility

• Cache error hints to prevent duplicate display of hints

• Bump minimal Jinja2 release to 3.1.4 (fixes #1425)

• Restore neighbors on VLAN access (sub)interfaces

• Do not create the Vagrant mgmt network when the VMs are running

• Accept prefix.allocation link parameter

• Delete libvirt management bridge during cleanup

• Check for unique ifnames

• Unify generation of unique ifindex/ifname values

• Detect duplicate IP addresses on links and bridge/irb VLANs

• Reject per-link irb/bridge VLAN interface attributes

• Tell the user to use LAN link type for links using ‘gateway’ module

• Copy node VLAN data into interface data on all links (#1444)

• Check for multiple access VLANs per link (#1443)

• Use containerlab ‘restart-policy’ keyword to prevent FRR restarts

• Check for the multicast bit in MAC addresses and report an error if it’s set

• Change VRRP preempt default value to True

• Copy select node VLAN data into interface data before link transform (#1424)

• Raise an error when detecting duplicate YAML keys (fixes #1416)

• Add ‘–reconfigure’ flag to containerlab deploy command

• Allow additional arguments (e.g. “mapping:ro”) in clab.binds values (#1403)

• Remove hyphen from Vagrantfile VM variable

• Survive loopback interfaces with no ‘type’ attribute

• Always set interface type on loopback interfaces

• Abort on fatal initialization errors

• Convert directory name into an id when setting topology.name

• Netsim requires python-box release 7.2.0 or greater

• Avoid crashes with invalid link gateway attribute

• Stricter make_id rules

• Customized error messages and hints for data model attributes

• Improve the handling of dhcp.client flag and generation of excluded addresses

• Fix: allow ‘ipv4: dhcp’ and ‘ipv6: dhcp’ at the same time (fixes #1365)

• Build VLAN-aware DHCP pools (#1360)

• Install ‘curl’ and ‘lsb-release’ in ‘netlab install libvirt’ (#1356)

• Fix: Reserve gateway.id parameters specified on links and global VLANs (#1355)

• CI/CD: Add python 3.13, remove end-of-support 3.8 (#1354)

• Use node-level VLAN gateway data on SVI interfaces (#1353)

• Split processing of link prefix and gateway data (#1352)

• Allow interface attributes in node VLAN definitions

Bug Fixes in Release 1.9.1

• Fix the format of the /etc/hosts file (Linux, FRRouting, Cumulus)

• Sort providers in multi-provider topology

• Graphviz formatting enhancements

• Separate ‘hosts on link’ and ‘link is stub’ flags

• Make the IS-IS instance name a variable

• Refactor default route and route redistribution templates (FRR, CL, EOS, IOS)

• netlab up should not report errors after warnings in netlab validate

• Install iptables as part of containerlab installation

• The valid validation test option should deal with list results

• Create Vagrant box metadata in device/version-specific JSON file

• Set routing protocol address families in VRF RP data

• Use the existing ‘SSH-in-VM-in-container’ check for OS10

Bug Fixes in Release 1.9.0-post1

• Enhance diagnostics of L3VPN EVPN integration tests and add a failure barrier

• Add checks for connected subnet redistribution to complex VRF integration tests

• Display IPv4 unnumbered and IPv6 LLA in addressing reports instead of ‘True’

• Change integration test color-coding for “not supported” error

• Make named prefixes available as part of the ‘all’ group

• Add ‘–all’ option to ‘netlab inspect’ to add global Ansible vars to node data

Bug Fixes in Release 1.9.0

• Set source interface name (_source_ifname) on IBGP neighbors to simplify BGP configuration templates

• Refactor common IGP post-transform processing

• Use search paths when validating config name in netlab config

• The ebgp.multihop plugin should use a dummy ifname for the pseudo-tunnel between EBGP endpoints

• Make OSPF-over-VXLAN test more complex to require OSPF to work

• Add Sphinx Dark Mode to dev requirements

• Allow ‘netlab connect’ to pass a command to a tool

• Improve the validation of ‘validate’ data structures, add hints and tests

• Add ‘links-as-a-dictionary’ data structure

• Make ‘prefix_str’ validator accept named prefixes

• IS-IS needs IPv4 router-id for SR-MPLS to work

• Do not use hostnames in Suzieq inventory (SuzieQ cannot use the host /etc/hosts file)

• Use the routing.policy.set device features to set BGP features in bgp.policy plugin

• Need to wait a bit longer for OSPF convergence in the VRF Lite integration test

• Increase EBGP session setup wait timer in the bgp.policy integration tests and numerous other timing tweaks (some devices are ridiculously slow)

• Static VLAN VNI was rejected when a VLAN was used in a group

• Use netlab_show_config Ansible variable to control the display of device configs during netlab initial process

• Color-code and timestamp integration test summary printouts

• Bug fix: use Linux containers (not VMs) in VXLAN integration tests

• Survive edge cases (hosts without loopbacks, interfaces without names or descriptions) in addressing and wiring reports

• Include reports in the Python package

Documentation Fixes

Documentation Fixes in Release 1.9.6

• Some routing.static attributes are mutually exclusive

• Clarify addressing rules on routed VLANs (#2023)

Documentation Fixes in Release 1.9.5

• Document lag.mlag.peer.backup_ip parameter

• Cumulus Linux 5.x: add instructions on how to fix the default password expiration settings

• Document integration tests

• AOS-CX: document MC-LAG caveats

Documentation Fixes in Release 1.9.3-post1

• Add notes about containerlab interaction with iptables/nftables (#1801)

• Add new features to netlab.tools home page

• Move Linux caveats to the proper place

• Link to release 1.9.3 was broken

• Fix links to Topology Defaults document

Documentation Fixes in Release 1.9.3

• Better description of the release 1.9.2 breaking changes

• Document use of an obsolete version of VRRP on Dell OS10

• Warning: default values are not checked during the validation process

• Document VRF configuration module optional features

• Cumulus Linux 4.4 supports OSPFv3

• Fix a confusing type in vlan-interface-attributes.md

• Document commands executed by ‘netlab status’

• Bird is available only as a container

• Junos devices need ncclient on the Ansible host

• Rewrite the multi-provider LAG limitations

Documentation Fixes in Release 1.9.2

• Document how to use netlab up --snapshot to recover from a server reboot

• Update IOS XRd caveats (recent Ansible collection does not work with XRd)

• Warning: VLAN module configures only the data-plane functionality

• Improve the custom configuration template documentation

Documentation Fixes in Release 1.9.1

• Describe newer Fortinet caveats

• Stress the importance of using the hellt fork of vrnetlab

• Explain the details of setting Graphviz/D2 output defaults

• Add Linux Host Networking caveats

• Add favicon

Documentation Fixes in Release 1.9.0-post1

• Tutorial: add Linux hosts and custom software to a netlab topology

• Add a more explicit description of how Vagrant treats box names

Documentation Fixes in Release 1.9.0

• Update EVPN documentation based on the integration test results

• Rewrite the introduction to the EVPN configuration module

• Add links to the addressing example documenting the ‘allocation’ attribute

• Developers should install additional Python modules to run CI/CD tests

• Reorganize tutorials, add Selecting a Software Release tutorial

• Minor fixes to SR-MPLS documentation

• Change the example link used to illustrate the bgp.activate parameter

• Explain how you can disable IBGP sessions with the bgp.session parameter

• Remove extra CSS styling that appeared in the final documentation

• Document FRRouting/VyOS limitations in GitHub Codespaces

---

[1]

Access links of routed VLANs with two routers attached to them already used the p2p pool.