From 92d8effb6e5973c918f7dc83c214ffddcb80c25a Mon Sep 17 00:00:00 2001 From: Alexandre Derumier Date: Mon, 23 Aug 2021 15:22:15 +0200 Subject: [PATCH] evpn : add advertise-subnets option allow to advertise type5 routes for evpn subnets, if vms are silents hosts. (don't do any traffic, so anycast gateway don't have their mac-ip) fix: https://bugzilla.proxmox.com/show_bug.cgi?id=3571 Signed-off-by: Alexandre Derumier --- PVE/Network/SDN/Controllers/EvpnPlugin.pm | 14 ++++++ PVE/Network/SDN/Zones/EvpnPlugin.pm | 6 +++ .../expected_controller_config | 44 +++++++++++++++++++ .../advertise_subnets/expected_sdn_interfaces | 42 ++++++++++++++++++ test/zones/evpn/advertise_subnets/interfaces | 7 +++ test/zones/evpn/advertise_subnets/sdn_config | 26 +++++++++++ 6 files changed, 139 insertions(+) create mode 100644 test/zones/evpn/advertise_subnets/expected_controller_config create mode 100644 test/zones/evpn/advertise_subnets/expected_sdn_interfaces create mode 100644 test/zones/evpn/advertise_subnets/interfaces create mode 100644 test/zones/evpn/advertise_subnets/sdn_config diff --git a/PVE/Network/SDN/Controllers/EvpnPlugin.pm b/PVE/Network/SDN/Controllers/EvpnPlugin.pm index 55828ef..d629140 100644 --- a/PVE/Network/SDN/Controllers/EvpnPlugin.pm +++ b/PVE/Network/SDN/Controllers/EvpnPlugin.pm @@ -113,6 +113,7 @@ sub generate_controller_zone_config { my $vrf = "vrf_$id"; my $vrfvxlan = $plugin_config->{'vrf-vxlan'}; my $exitnodes = $plugin_config->{'exitnodes'}; + my $advertisesubnets = $plugin_config->{'advertise-subnets'}; my $asn = $controller->{asn}; my $ebgp = undef; @@ -165,6 +166,19 @@ sub generate_controller_zone_config { push @controller_config, "default-originate ipv4"; push @controller_config, "default-originate ipv6"; push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"l2vpn evpn"}}, @controller_config); + } elsif ($advertisesubnets) { + + @controller_config = (); + #redistribute connected networks + push @controller_config, "redistribute connected"; + push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"ipv4 unicast"}}, @controller_config); + push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"ipv6 unicast"}}, @controller_config); + + @controller_config = (); + #advertise connected networks type5 route in evpn + push @controller_config, "advertise ipv4 unicast"; + push @controller_config, "advertise ipv6 unicast"; + push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"l2vpn evpn"}}, @controller_config); } return $config; diff --git a/PVE/Network/SDN/Zones/EvpnPlugin.pm b/PVE/Network/SDN/Zones/EvpnPlugin.pm index 36edccd..c463851 100644 --- a/PVE/Network/SDN/Zones/EvpnPlugin.pm +++ b/PVE/Network/SDN/Zones/EvpnPlugin.pm @@ -35,6 +35,11 @@ sub properties { optional => 1, format => 'mac-addr' }, 'exitnodes' => get_standard_option('pve-node-list'), + 'advertise-subnets' => { + type => 'boolean', + description => "Advertise evpn subnets if you have silent hosts", + optional => 1 + } }; } @@ -44,6 +49,7 @@ sub options { 'vrf-vxlan' => { optional => 0 }, controller => { optional => 0 }, exitnodes => { optional => 1 }, + 'advertise-subnets' => { optional => 1 }, mtu => { optional => 1 }, mac => { optional => 1 }, dns => { optional => 1 }, diff --git a/test/zones/evpn/advertise_subnets/expected_controller_config b/test/zones/evpn/advertise_subnets/expected_controller_config new file mode 100644 index 0000000..aa6b3bd --- /dev/null +++ b/test/zones/evpn/advertise_subnets/expected_controller_config @@ -0,0 +1,44 @@ +log syslog informational +ip forwarding +ipv6 forwarding +frr defaults datacenter +service integrated-vtysh-config +hostname localhost +! +! +vrf vrf_myzone + vni 1000 +exit-vrf +! +router bgp 65000 + bgp router-id 192.168.0.1 + no bgp default ipv4-unicast + coalesce-time 1000 + neighbor VTEP peer-group + neighbor VTEP remote-as 65000 + neighbor VTEP bfd + neighbor 192.168.0.2 peer-group VTEP + neighbor 192.168.0.3 peer-group VTEP + ! + address-family l2vpn evpn + neighbor VTEP activate + advertise-all-vni + exit-address-family +! +router bgp 65000 vrf vrf_myzone + ! + address-family ipv4 unicast + redistribute connected + exit-address-family + ! + address-family ipv6 unicast + redistribute connected + exit-address-family + ! + address-family l2vpn evpn + advertise ipv4 unicast + advertise ipv6 unicast + exit-address-family +! +line vty +! \ No newline at end of file diff --git a/test/zones/evpn/advertise_subnets/expected_sdn_interfaces b/test/zones/evpn/advertise_subnets/expected_sdn_interfaces new file mode 100644 index 0000000..9d1c64c --- /dev/null +++ b/test/zones/evpn/advertise_subnets/expected_sdn_interfaces @@ -0,0 +1,42 @@ +#version:1 + +auto myvnet +iface myvnet + address 10.0.0.1/24 + hwaddress A2:1D:CB:1A:C0:8B + bridge_ports vxlan_myvnet + bridge_stp off + bridge_fd 0 + mtu 1450 + ip-forward on + arp-accept on + vrf vrf_myzone + +auto vrf_myzone +iface vrf_myzone + vrf-table auto + post-up ip route add vrf vrf_myzone unreachable default metric 4278198272 + +auto vrfbr_myzone +iface vrfbr_myzone + bridge-ports vrfvx_myzone + bridge_stp off + bridge_fd 0 + mtu 1450 + vrf vrf_myzone + +auto vrfvx_myzone +iface vrfvx_myzone + vxlan-id 1000 + vxlan-local-tunnelip 192.168.0.1 + bridge-learning off + bridge-arp-nd-suppress on + mtu 1450 + +auto vxlan_myvnet +iface vxlan_myvnet + vxlan-id 100 + vxlan-local-tunnelip 192.168.0.1 + bridge-learning off + bridge-arp-nd-suppress on + mtu 1450 diff --git a/test/zones/evpn/advertise_subnets/interfaces b/test/zones/evpn/advertise_subnets/interfaces new file mode 100644 index 0000000..66bb826 --- /dev/null +++ b/test/zones/evpn/advertise_subnets/interfaces @@ -0,0 +1,7 @@ +auto vmbr0 +iface vmbr0 inet static + address 192.168.0.1/24 + gateway 192.168.0.254 + bridge-ports eth0 + bridge-stp off + bridge-fd 0 diff --git a/test/zones/evpn/advertise_subnets/sdn_config b/test/zones/evpn/advertise_subnets/sdn_config new file mode 100644 index 0000000..76f16a1 --- /dev/null +++ b/test/zones/evpn/advertise_subnets/sdn_config @@ -0,0 +1,26 @@ +{ + version => 1, + vnets => { + ids => { + myvnet => { tag => "100", type => "vnet", zone => "myzone" }, + }, + }, + + zones => { + ids => { myzone => { ipam => "pve", type => "evpn", controller => "evpnctl", 'vrf-vxlan' => 1000, 'mac' => 'A2:1D:CB:1A:C0:8B', 'advertise-subnets' => 1 } }, + }, + controllers => { + ids => { evpnctl => { type => "evpn", 'peers' => '192.168.0.1,192.168.0.2,192.168.0.3', asn => "65000" } }, + }, + + subnets => { + ids => { 'myzone-10.0.0.0-24' => { + 'type' => 'subnet', + 'vnet' => 'myvnet', + 'gateway' => '10.0.0.1', + } + } + } +} + + -- 2.39.2