Back to Portfolio
Network Automation April 2025

Arista AVD 6.0: What's New and What Changed from v5

AVD 6.0 is a major release — not a minor bump. Roles have been removed, schemas restructured, and 60+ deprecated keys are gone for good. Here's a practical breakdown of everything that changed and what you need to do before upgrading.

By Muhammad Lateef Senior Network Engineer · CCNP · Edinburgh

A quick refresher: what is AVD?

Arista Validated Designs (AVD) is an open-source Ansible collection maintained by Arista Networks that delivers Network-as-Code for EOS environments. You define your fabric in YAML — spines, leaves, VLANs, BGP policy, VXLAN EVPN overlays — and AVD renders structured configs, deploys them, and runs automated tests. It's the closest thing networking has to Terraform for physical infrastructure.

Version 6.0 is the biggest release since the project matured. The headline: Arista have ripped out legacy integration layers, standardised on ANTA for testing, overhauled the CloudVision deployment model, and cleaned up years of deprecated schema debt. If you're running v5 in production, this post will tell you exactly what to expect.

What's gone: three roles removed

The most impactful change in 6.0 for most teams will be the removal of three core roles. These are not soft-deprecated — they are gone entirely. Update your playbooks before you do anything else.

Removed in v6
eos_validate_state eos_config_deploy_cvp cvp_configlet_upload dhcp_provisioner
Replacement in v6
anta_runner cv_deploy cv_deploy — (no replacement)

eos_validate_state → anta_runner: The old validation role ran tests directly. The new anta_runner role is built on top of ANTA (Arista Network Test Automation), an open-source framework that gives you a proper test catalog, structured results, Markdown reporting, and the ability to write custom tests. It's a significant improvement — ANTA tests are typed, composable, and version-controlled like code.

eos_config_deploy_cvp + cvp_configlet_upload → cv_deploy: Both legacy CloudVision roles have been consolidated into cv_deploy. The new role integrates directly with CloudVision's Static Configuration Studio instead of the older configlet-based workflow. It also drops the dependency on the arista.cvp collection entirely — one less thing to maintain.

dhcp_provisioner: Removed with no replacement. It was not compatible with modern DHCP server implementations and had been functionally broken for some time. ZTP workflows should be handled outside AVD.

New features in 6.0

ANTA testing — properly integrated

The new anta_runner role is not just a drop-in replacement for eos_validate_state — it's a much more capable test framework. AVD 6.0 ships with a greatly expanded test catalog:

  • OSPF tests: VerifyOSPFMaxLSA, VerifyOSPFNeighborState
  • WAN DPS-to-DPS reachability tests between DC and WAN VTEP devices
  • Inband management reachability tests
  • BGP tests for non-default VRFs using metadata
  • Transceiver manufacturer verification
  • Power supply validation
  • Inventory verification with VerifyInventory
  • Custom user-defined tests via the ANTA framework
  • Markdown test result reports sortable by status

IPv6 across the board

IPv6 support has been significantly expanded. SLAAC (ipv6_address_auto_config) and IPv6 ND (Neighbor Discovery) are now supported across all interface types: management, Ethernet, port-channel, VLAN, and tunnel interfaces. IPv6 addressing also now works on core_interfaces and l3_edge links — something that was a common pain point in v5.

Dot1x security model

A dedicated dot1x_settings model has been introduced, replacing the fragmented dot1x configuration that was scattered across AAA settings in v5. You can now configure interface dot1x supplicant support, dynamic authorisation, and radius group linking in a single structured model.

CloudVision and flow telemetry

Flow tracking export to CloudVision is now natively supported, as is sFlow VRF export. The cv_deploy role gains proxy support and better error reporting when workspace submission fails — it now surfaces the list of inactive devices rather than a generic failure.

BGP enhancements

  • BGP Auto-RD support — automatic route distinguisher assignment
  • BGP large communities support
  • BGP aggregate addresses support
  • RCF (Routing Control Functions) with BGP network and aggregate statements
  • EVPN remote domain VRF support
  • asdot notation support in AS-path ACLs

Platform additions

New default platform profiles for the 7388X5 and 7060X5. MTU defaults adjusted for the CCS 710, 720, 722, and 750 families. cEOS default management interface changed to Management1. The 7358 platform gains feature support. Transceiver data model extended for 400G hardware.

Other additions worth noting

  • Regex pattern support in platform_settings[].platforms
  • Monitor link-flap and loop-protection support
  • Spanning-tree link-type support
  • ARP persistent, aging, and IP ICMP redirect settings
  • ARP static entries in network services
  • L2VLAN profiles support
  • PTP source IP support via router_id
  • PREVIEW: devices and device_profiles configuration models

WAN and CV Pathfinder changes

If you're running CV Pathfinder or AutoVPN topologies, pay close attention here.

  • wan_mode: autovpn renamed to wan_mode: legacy-autovpn — update your inventory files.
  • CV Pathfinder now requires wan_route_servers to be explicitly set — AVD will raise an error if you're in CV Pathfinder mode without this configured.
  • wan_use_evpn_node_settings_for_lan variable removed — this is now always the default behaviour.
  • BGP ECMP default of 4 removed for non-WAN routers — check your underlay if this was implicit in your design.
  • When cv_settings is defined, NTP and DNS configuration is now required. Previously optional — AVD will error if absent.

Schema and data model changes

This is where the upgrade work lives. AVD 6.0 removes 60+ deprecated keys that have been flagged since v4 and v5. The full porting guide is the authoritative reference, but here are the categories most teams will hit:

Key renames and moves

eos_designs — key migrations
# DNS settings
name_servers → dns_settings.servers
source_interfaces.domain_lookup → dns_settings

# SNMP
snmp_settings.enable_inband_mgmt_vrf → snmp_settings.vrfs[name="use_inband_mgmt_vrf"].enabled
snmp_settings.ipv4_acls → snmp_settings.vrfs[].ipv4_acl

# CloudVision / TerminAttr
terminattr_smashexcludes → cv_settings.terminattr.smashexcludes
cvp_instance_ips, cvp_token_file → cv_settings

# Static routes
static_routes[].destination_address_prefix → .prefix
static_routes[].gateway → .next_hop

# Loopback
overlay_loopback_description → router_id_loopback_description

Metadata consolidation in eos_cli_config_gen

A large structural refactor moved peer and tenant metadata into explicit metadata sub-keys across multiple resource types. If you use structured config directly (rather than purely through eos_designs), you'll need to update these:

  • Ethernet/port-channel interfaces: peer, peer_interface, peer_typemetadata.*
  • VLAN interfaces: tenant, tags, typemetadata.*
  • Router BGP peers: description, tenantmetadata.*
  • VLANs/VRFs: tenantmetadata.tenant

Strict schema validation — no more warnings

In v5, you could set avd_data_validation_mode: warning to suppress schema violations. That option is gone in 6.0. All schema violations now produce hard errors. Custom keys must be prefixed with an underscore (_my_key) to bypass validation. Run your playbooks in check mode against v6 before you upgrade production.

Pattern matching now uses fullmatch

Schema pattern validation changed from re.match() to re.fullmatch(). Patterns must match the entire string. If you have custom schema extensions with patterns like Ethernet.*, update them to fully qualified patterns like Ethernet[\d/]+.

Python and dependency changes

Ansible Core 2.16–2.20 is now the supported range. If you're on ansible-core 2.19+, be aware it introduces stricter Jinja2 templating — undefined variables that were silently ignored in earlier versions will now surface as errors.

The cvprac, treelib, jsonschema libraries have been removed as dependencies. The arista.cvp and ansible.utils collections are no longer bundled — install ansible.utils separately if your playbooks use it.

The anta library is now a core dependency (previously optional), pinned to v1.7+. Jinja2 extensions previously required in ansible.cfg (jinja2.ext.loopcontrols, jinja2.ext.do) can be removed — they are auto-loaded by PyAVD now.

Before you upgrade: a practical checklist

Update your playbooks — replace eos_validate_state with anta_runner, and both CVP roles with cv_deploy.
Audit your inventory — search for all 60+ removed keys using the v6 porting guide. Pay particular attention to name_servers, terminattr_*, snmp_settings, and static route keys.
WAN teams — rename wan_mode: autovpn to legacy-autovpn and add wan_route_servers if running CV Pathfinder.
Remove avd_data_validation_mode: warning — fix the underlying schema issues instead. Warnings are now errors.
Update your Python environment — install anta>=1.7, cryptography>=43.0.0, remove cvprac. Drop the Jinja2 extensions from ansible.cfg.
Test in a lab first — run ansible-playbook --check against your inventory before touching production. The strict schema validation will surface issues immediately.

Is it worth upgrading?

Yes — but do your homework first. AVD 6.0 is a cleaner, more maintainable codebase than v5. The ANTA integration alone is worth it for teams that take validation seriously: you get a real test framework with proper test catalogs, not a collection of ad-hoc checks. The removal of the arista.cvp dependency simplifies environments considerably, and the new cv_deploy role is a better CloudVision integration story.

The migration cost is real — particularly for large inventories with lots of custom variables. Budget time to go through the porting guide systematically. The AVD team have documented every change and provide migration guides for all three removed roles.

For greenfield deployments, start on v6 immediately. For production upgrades, plan a lab validation sprint before you touch anything live.