Changes in Release 1.9

New Functionality

Release 1.9.2

Minor improvements

New device features

  • Consistently implement VRRP preemption feature (new default: True)

Arista EOS:

Cumulus Linux:

FRR:

Minor fixes in device configuration templates:

Arista EOS:

  • Tell the Arista DHCP client to use the default route advertised by the DHCP server

Catalyst 8000v:

  • Add an extra license to the box-building process to enable MPLS functionality.

Cisco CSR 1000v

  • VLAN configuration template can configure routed subinterfaces

Cisco IOS:

  • Specify legacy SSH algorithms in the SSH command using the ‘netlab_ssh_args’ group variable

  • Disable VTY timeout

Cumulus Linux:

  • Change the default password for Cumulus Linux NVUE device to comply with the newer password rules enforced by Cumulus Linux 5.x

  • Add the default route in the management VRF

  • Fix the management interface subnet mask on Cumulus Linux containers

FRR:

  • Install bridge-utils on FRR VMs

IOS XR:

  • Fix hostname mappings for labs with unnumbered interfaces

Junos:

  • Fix hostname mappings for labs with unnumbered interfaces

Linux:

  • Use containerlab-generated network namespaces to do initial device configuration for Linux containers

New development features

  • Local CI/CD script to test transformation cases

  • Add ‘cleanup’ module and plugin hook

  • Add copy/merge device feature functionality to plugin defaults file

  • Implement template devices

  • Add Cisco IOS template device as the parent for Cat8000v, CSR, IOSv, IOSvL2, IOL, IOLL2

Release 1.9.1

Minor improvements

  • Add the --instance option to the netlab down command

New device features:

Arista EOS:

  • Configurable RIPv2/RIPng protocol timers

  • IS-IS route import

  • IS-IS VRF instances

Cisco IOS/IOS XE:

  • Configurable RIPv2/RIPng protocol timers

  • Cisco IOSv layer-2 image (device code: iosvl2)

  • IS-IS route import

  • RIP VRF instances

  • RIPng route import

Cumulus Linux:

  • Configurable RIPv2/RIPng protocol timers

  • Create hostnames that include interface names

  • RIP VRF instances

  • RIPng route import

FRRouting:

  • Anycast gateway and VRRP

  • Create hostnames that include interface names

  • Configurable RIPv2/RIPng protocol timers

  • IS-IS route import

  • IS-IS VRF instances

  • RIP VRF instances

  • RIPng route import

Linux:

  • Create hostnames that include interface names

SR Linux:

  • Support for SR Linux release 24.7.x (current release: 24.7.2)

  • IS-IS IPv6 multi-topology

  • IS-IS VRF instances

  • OSPF default route

  • Route import for BGP, IS-IS, and OSPF

  • Prefix filters and match.prefix in routing policies

VyOS:

  • IS-IS IPv6 multi-topology

Minor fixes in device configuration templates:

Arista EOS:

  • Enable MPLS ICMP tunneling on Arista EOS

  • Enable local exec authorization on Arista EOS

  • EOS VRFs don’t need ip-vpn import/exports when we use EVPN

Cumulus Linux:

  • Configure IPv6 RA only when using IPv6 on an interface

  • Fix container management IPv4 prefix

Dell OS10:

  • Increase the VM RAM to 4GB according to vendor recommendations

  • Fix login credentials for vrnetlab containers

FRRouting:

  • Limit ARP response scope when using VRRP on FRRouting

SR Linux:

  • Do not activate IPv6 AF by default on IPv4 BGP session and vice versa

  • Check for the license needed to run IXR6/IXR10 containers

  • Simplify the IBGP export policy with the new ‘next-hop: self’ action

  • Per-interface EBGP peer groups (allowing per-neighbor parameters on unnumbered EBGP sessions)

  • Route server client support

  • Redo SR Linux BGP template to make IBGP and EBGP behavior somewhat consistent

  • Fix BGP MD5 authentication

  • Routing policies cannot be used on route imports

New development tools:

  • Implement warning-level validation test failures

  • Initial developer documentation for the generic routing module

New integration tests:

  • Gateway module integration tests

  • Change cost/metric failures into warnings in OSPF default route integration tests

Release 1.9.0-post1

  • Add a failure barrier to validation tests. This feature allows you to stop the validation process if at least one of the prior tests has failed.

New device features:

  • JSON-RPC (implemented in nokia.srlinux Ansible collection) is used to configure SR Linux nodes. The netlab up process checks for the presence of nokia.srlinux collection and refuses to start the lab if the collection is not installed.

  • Check SR Linux Ansible collection (and its version) during the lab startup process

Minor fixes in device configuration templates:

SR Linux:

  • BGP configuration template survives L2-only VRFs

  • OSPF routes and connected subnets are redistributed into VRF BGP

  • BGP-EVPN routes are redistributed into VRF BGP to be propagated to VRF BGP neighbors

  • Configure EVPN BGP parameters based on neighbor data, not on evpn.session variable (which does not include bgp.multihop neighbors)

  • Configure inter-as-vpn in EVPN AF if a device has at least one EVPN EBGP neighbor

  • Redistribute connected, BGP, and BGP-EVPN routes into the VRF OSPF process

  • Remove the ancient ‘stubs are loopbacks’ hack from the OSPF template

  • Reject lab topologies with interface EBGP neighbors using EVPN address family

  • Fix the ‘interface EBGP neighbor’ check in the bgp.policy configuration template

  • Use key index 1 (not zero) in the BGP MD5 keychain

  • Shut down BGP neighbors before applying bgp.session changes and reenable them after the configuration is complete

  • Fix the bgp.multihop template (the previous template was effectively a no-op)

Release 1.9.0

Generic Routing Configuration Module supporting:

  • Routing policies (route maps), including match and set commands

  • Prefix filters (prefix lists)

  • AS-path filters

  • BGP community filters

These features are implemented on Arista EOS, ArubaCX, Cisco IOS/IOS-XE, Cumulus Linux, SR Linux, and Vyos.

Other new features:

Minor improvements:

  • Support for containerlab node parameter startup-delay

  • Display markdown reports as ASCII text rendered with rich.markdown

  • Add linux-headers-generic to the devcontainer to allow VyOS to run in GitHub Codespaces

New device features:

  • Support for vJunos-switch running in a vrnetlab container

  • Arista cEOS 4.32.1F has a working MPLS data plane

  • SR/MPLS on FRR

  • Routing policies, prefix lists, and community lists on Arista EOS, Aruba CX, Cisco IOS/XE, Cumulus Linux, FRRouting, and Vyos

  • VRF-aware OSPFv3 on ArubaCX and VyOS

  • OSPF default route origination on Arista EOS, Aruba CX, Cisco IOS/XE, Cumulus Linux, FRRouting, and Vyos

  • OSPF and BGP route import on Arista EOS, Aruba CX, Cisco IOS/XE, Cumulus Linux, FRRouting, and Vyos

  • VRF multihop EBGP sessions on Arista EOS, Aruba CX, Cisco IOS/XE, Cumulus Linux, and FRRouting.

Minor fixes in device configuration templates:

ArubaCX:

  • Fix BGP next-hop processing on EBGP EVPN AF

  • MPLS data plane works only on physical devices

Arista EOS:

  • Activate EVPN AF on unnumbered EBGP sessions

  • Configure IS-IS IPv4 router-ID in IPv6-only networks

  • Change default Arista cEOS release to 4.32.1F

  • Arista EOS expects a single EVPN import/export RT per line

Cat8000v:

  • Cat8000v does not support SR-MPLS

  • Cat8000v is a layer-3 switch

CSR 1000v:

  • Cisco CSR 1000v rejects a VNI lower than 4096

Cumulus Linux:

  • Missing newline in Cumulus EVPN FRR config

  • Explicit configuration of IPv6 LLA on VM interfaces

  • RIPv2/ng has to be configured several times to make it work :(

  • Add local device name with ‘-’ (instead of ‘_’) to /etc/hosts

  • Bump Cumulus Vagrant box release to the latest 4.4 release

FRR:

  • Change FRR release to 10.0.1

  • FRR supports EVPN Asymmetric IRB

  • MPLS VPNv6 does not work

Nexus OS:

  • Additional tweaks to make EVPN work over EBGP with NXOS

  • Redistribute internal BGP routes to OSPF in EVPN VRFs

  • Apply ‘allowas-in’ to EVPN address family

  • EVPN L3VNI needs ‘interface-vlan’ feature to work

Junos:

  • vPTX EVPN implementation is broken; turning it off

  • Remove MTU change from Junos SR configuration template

Sonic:

  • Remove redundant ‘do write’ from Sonic BGP configuration template

SR Linux:

  • Only specific models of SR Linux support SR-MPLS

VyOS:

  • VyOS: enable SSH service when running in containerlab

  • MPLS VPNv6 does not work on VyOS (because FRR)

  • allowas-in has to be configured on EVPN AF

  • Do not set next-hop to self on EBGP EVPN sessions

New development tools:

  • Implement ‘valid_with’ data type validation to limit the attributes that can be used together in a data object

  • Implement copy/merge between all attribute namespaces to give modules functionality similar to plugins

New integration tests:

  • EVPN integration tests, including IRB modes, EBGP unnumbered, IBGP-over-EBGP, EBGP-over-EBGP, L3-only EVPN, and L3VPN with PE-CE routing

  • SR-MPLS IPv4 and IPv6 integration tests

  • EIGRP integration tests

  • EBGP multihop integration tests

  • Integration tests for ‘routing’ module and new OSPF functionality

Breaking changes

Release 1.9.2

  • Previous netlab versions allowed a switch to connect multiple routed VLAN instances, forcing the same IP prefix on all segments. Release 1.9.2 checks the compatibility of VLAN/interface forwarding modes and only allows interfaces with vlan.mode set to route (either via interface attribute, VLAN attribute, or node VLAN attribute) to connect to trunks or access links of VLANs with mode set to route.

  • The default value of vrrp.preempt parameter has been changed to True to match most VRRP implementations’ default.

  • Previous netlab versions allowed interface attributes on access/trunk links of bridged or IRB VLANs. The attributes from the first such interface would be copied into the SVI interface, resulting in potentially confusing behavior. The recommended (but not enforced) way to set VLAN (SVI) interface attributes was to use the node vlans dictionary (more details), but while the documentation warned about the unsupported practice, the restrictions were not enforced. netlab release 1.9.2 rejects interface attributes on interfaces with vlan.access or vlan.trunk attribute; you have to use the node vlans dictionary to set VLAN/SVI interface parameters.

Release 1.9.0

  • The Graphite configuration file format has changed to adapt to the changes made to the netreplica/graphite tool. If your browser fails to display the lab topology, reload the page or clear the browser cache.

  • OSPF is no longer disabled in VRFs using EVPN symmetric IRB. That might break existing lab topologies using OSPF routers connected to EVPN-backed VLANs configured in IRB mode. Disable OSPF in a VRF with ospf: False if needed.

  • The link transformation module sets the link role to stub on all non-VLAN/non-loopback links with no preset role and a single router, making the behavior in multi-provider topologies identical to that in single-provider topologies. This might impact topologies that define the stub addressing pool, as these links will now get their IP prefixes from the stub pool.

  • Cumulus Linux containers are deprecated. While they will continue to work, we won’t run integration tests on them. Use FRRouting containers.

  • We will probably change the Cumulus Linux VM version to 5.9 in the future, assuming we can still use direct ifupdown and FRR configuration.

Bug Fixes

Bug Fixes in Release 1.9.2

  • Be extra pedantic about IP address values in initial device configurations

  • Check the VLAN/interface fwd mode compatibility

  • Cache error hints to prevent duplicate display of hints

  • Bump minimal Jinja2 release to 3.1.4 (fixes #1425)

  • Restore neighbors on VLAN access (sub)interfaces

  • Do not create the Vagrant mgmt network when the VMs are running

  • Accept prefix.allocation link parameter

  • Delete libvirt management bridge during cleanup

  • Check for unique ifnames

  • Unify generation of unique ifindex/ifname values

  • Detect duplicate IP addresses on links and bridge/irb VLANs

  • Reject per-link irb/bridge VLAN interface attributes

  • Tell the user to use LAN link type for links using ‘gateway’ module

  • Copy node VLAN data into interface data on all links (#1444)

  • Check for multiple access VLANs per link (#1443)

  • Use containerlab ‘restart-policy’ keyword to prevent FRR restarts

  • Check for the multicast bit in MAC addresses and report an error if it’s set

  • Change VRRP preempt default value to True

  • Copy select node VLAN data into interface data before link transform (#1424)

  • Raise an error when detecting duplicate YAML keys (fixes #1416)

  • Add ‘–reconfigure’ flag to containerlab deploy command

  • Allow additional arguments (e.g. “mapping:ro”) in clab.binds values (#1403)

  • Remove hyphen from Vagrantfile VM variable

  • Survive loopback interfaces with no ‘type’ attribute

  • Always set interface type on loopback interfaces

  • Abort on fatal initialization errors

  • Convert directory name into an id when setting topology.name

  • Netsim requires python-box release 7.2.0 or greater

  • Avoid crashes with invalid link gateway attribute

  • Stricter make_id rules

  • Customized error messages and hints for data model attributes

  • Improve the handling of dhcp.client flag and generation of excluded addresses

  • Fix: allow ‘ipv4: dhcp’ and ‘ipv6: dhcp’ at the same time (fixes #1365)

  • Build VLAN-aware DHCP pools (#1360)

  • Install ‘curl’ and ‘lsb-release’ in ‘netlab install libvirt’ (#1356)

  • Fix: Reserve gateway.id parameters specified on links and global VLANs (#1355)

  • CI/CD: Add python 3.13, remove end-of-support 3.8 (#1354)

  • Use node-level VLAN gateway data on SVI interfaces (#1353)

  • Split processing of link prefix and gateway data (#1352)

  • Allow interface attributes in node VLAN definitions

Bug Fixes in Release 1.9.1

  • Fix the format of the /etc/hosts file (Linux, FRRouting, Cumulus)

  • Sort providers in multi-provider topology

  • Graphviz formatting enhancements

  • Separate ‘hosts on link’ and ‘link is stub’ flags

  • Make the IS-IS instance name a variable

  • Refactor default route and route redistribution templates (FRR, CL, EOS, IOS)

  • netlab up should not report errors after warnings in netlab validate

  • Install iptables as part of containerlab installation

  • The valid validation test option should deal with list results

  • Create Vagrant box metadata in device/version-specific JSON file

  • Set routing protocol address families in VRF RP data

  • Use the existing ‘SSH-in-VM-in-container’ check for OS10

Bug Fixes in Release 1.9.0-post1

  • Enhance diagnostics of L3VPN EVPN integration tests and add a failure barrier

  • Add checks for connected subnet redistribution to complex VRF integration tests

  • Display IPv4 unnumbered and IPv6 LLA in addressing reports instead of ‘True’

  • Change integration test color-coding for “not supported” error

  • Make named prefixes available as part of the ‘all’ group

  • Add ‘–all’ option to ‘netlab inspect’ to add global Ansible vars to node data

Bug Fixes in Release 1.9.0

  • Set source interface name (_source_ifname) on IBGP neighbors to simplify BGP configuration templates

  • Refactor common IGP post-transform processing

  • Use search paths when validating config name in netlab config

  • The ebgp.multihop plugin should use a dummy ifname for the pseudo-tunnel between EBGP endpoints

  • Make OSPF-over-VXLAN test more complex to require OSPF to work

  • Add Sphinx Dark Mode to dev requirements

  • Allow ‘netlab connect’ to pass a command to a tool

  • Improve the validation of ‘validate’ data structures, add hints and tests

  • Add ‘links-as-a-dictionary’ data structure

  • Make ‘prefix_str’ validator accept named prefixes

  • IS-IS needs IPv4 router-id for SR-MPLS to work

  • Do not use hostnames in Suzieq inventory (SuzieQ cannot use the host /etc/hosts file)

  • Use the routing.policy.set device features to set BGP features in bgp.policy plugin

  • Need to wait a bit longer for OSPF convergence in the VRF Lite integration test

  • Increase EBGP session setup wait timer in the bgp.policy integration tests and numerous other timing tweaks (some devices are ridiculously slow)

  • Static VLAN VNI was rejected when a VLAN was used in a group

  • Use netlab_show_config Ansible variable to control the display of device configs during netlab initial process

  • Color-code and timestamp integration test summary printouts

  • Bug fix: use Linux containers (not VMs) in VXLAN integration tests

  • Survive edge cases (hosts without loopbacks, interfaces without names or descriptions) in addressing and wiring reports

  • Include reports in the Python package

Documentation Fixes

Documentation Fixes in Release 1.9.2

  • Document how to use netlab up --snapshot to recover from a server reboot

  • Update IOS XRd caveats (recent Ansible collection does not work with XRd)

  • Warning: VLAN module configures only the data-plane functionality

  • Improve the custom configuration template documentation

Documentation Fixes in Release 1.9.1

  • Describe newer Fortinet caveats

  • Stress the importance of using the hellt fork of vrnetlab

  • Explain the details of setting Graphviz/D2 output defaults

  • Add Linux Host Networking caveats

  • Add favicon

Documentation Fixes in Release 1.9.0-post1

  • Tutorial: add Linux hosts and custom software to a netlab topology

  • Add a more explicit description of how Vagrant treats box names

Documentation Fixes in Release 1.9.0

  • Update EVPN documentation based on the integration test results

  • Rewrite the introduction to the EVPN configuration module

  • Add links to the addressing example documenting the ‘allocation’ attribute

  • Developers should install additional Python modules to run CI/CD tests

  • Reorganize tutorials, add Selecting a Software Release tutorial

  • Minor fixes to SR-MPLS documentation

  • Change the example link used to illustrate the bgp.activate parameter

  • Explain how you can disable IBGP sessions with the bgp.session parameter

  • Remove extra CSS styling that appeared in the final documentation

  • Document FRRouting/VyOS limitations in GitHub Codespaces