service vlan:: The main VLAN tag of this zone
+service vlan protocol:: allow to define a 802.1q (default) or 802.1ad service vlan type.
+
mtu:: Due to the double stacking of tags you need 4 more bytes for QinQ VLANs.
For example, you reduce the MTU to `1496` if you physical interface MTU is
`1500`.
Specific EVPN configuration options:
-VRF VXLAN Tag:: This is a vxlan-id used for routing interconnect between vnets,
+VRF VXLAN tag:: This is a vxlan-id used for routing interconnect between vnets,
it must be different than VXLAN-id of VNets
controller:: an EVPN-controller need to be defined first (see controller
plugins section)
+VNet MAC address:: A unique anycast MAC address for all VNets in this zone.
+ Will be auto-generated if not defined.
-Exit Nodes:: This is used if you want to defined some proxmox nodes, as
- exit gateway from evpn network through real network. This nodes
- will announce a default route in the evpn network.
+Exit Nodes:: This is used if you want to define some proxmox nodes, as exit
+ gateway from evpn network through real network. The configured nodes will
+ announce a default route in the EVPN network.
-mtu:: because VXLAN encapsulation use 50bytes, the MTU need to be 50 bytes
-lower than the outgoing physical interface.
+MTU:: because VXLAN encapsulation use 50 bytes, the MTU needs to be 50 bytes
+ lower than the maximal MTU of the outgoing physical interface.
[[pvesdn_config_vnet]]
Configuration options:
+node:: The node of this BGP controller
+
asn:: A unique BGP ASN number. It's highly recommended to use private ASN
number from the range (64512 - 65534) or (4200000000 - 4294967294), as else
you could end up breaking, or get broken, by global routing by mistake.
ebgp:: If your peer's remote-AS is different, it's enabling EBGP.
-node:: The node of this BGP controller
-
loopback:: If you want to use a loopback or dummy interface as source for the
evpn network. (for multipath)
+ebgp-mutltihop:: if the peers are not directly connected or use loopback, you can increase the
+ number of hops to reach them.
[[pvesdn_config_ipam]]
IPAMs
Create an EVPN zone named `myevpnzone' using the previously created
EVPN-controller Define 'node1' and 'node2' as exit nodes.
-
----
id: myevpnzone
vrf vxlan tag: 10000
controller: myevpnctl
mtu: 1450
+vnet mac address: 32:F4:05:FE:6C:0A
exitnodes: node1,node2
----
id: myvnet1
zone: myevpnzone
tag: 11000
-mac address: 8C:73:B2:7B:F9:60 #random generate mac address
----
-Create a subnet 10.0.1.0/24 with 10.0.1.1 as gateway
+Create a subnet 10.0.1.0/24 with 10.0.1.1 as gateway on vnet1
+
----
-id: 10.0.1.0/24
+subnet: 10.0.1.0/24
gateway: 10.0.1.1
----
Create the second VNet named `myvnet2' using the same EVPN zone `myevpnzone', a
-different IPv4 CIDR network and a different random MAC address than `myvnet1'.
+different IPv4 CIDR network.
----
id: myvnet2
zone: myevpnzone
tag: 12000
-mac address: 8C:73:B2:7B:F9:61 #random mac, need to be different on each vnet
----
-Create a different subnet 10.0.2.0/24 with 10.0.2.1 as gateway
+Create a different subnet 10.0.2.0/24 with 10.0.2.1 as gateway on vnet2
+
----
-id: 10.0.2.0/24
+subnet: 10.0.2.0/24
gateway: 10.0.2.1
----
Apply the configuration on the main SDN web-interface panel to create VNets
locally on each nodes and generate the FRR config.
-
Create a Debian-based Virtual Machine (vm1) on node1, with a vNIC on `myvnet1'.
Use the following network configuration for this VM: