From fc8f7b53797438f4514a2b3f8ce031ac6971fd53 Mon Sep 17 00:00:00 2001 From: Alexandre Derumier Date: Thu, 5 Sep 2019 07:06:30 +0200 Subject: [PATCH] bgp-evpn : use ip-forward options on vnet interfaces Signed-off-by: Alexandre Derumier --- vxlan-and-evpn.adoc | 92 +++++++++++++++++++++++++++++++++++---------- 1 file changed, 72 insertions(+), 20 deletions(-) diff --git a/vxlan-and-evpn.adoc b/vxlan-and-evpn.adoc index 8e56382..5b9a8c2 100644 --- a/vxlan-and-evpn.adoc +++ b/vxlan-and-evpn.adoc @@ -542,15 +542,6 @@ in each direction (always the destination VNI) across the routed infrastructure. image::images/vxlan-l3-asymmetric.svg["vxlan l3 asymmetric",align="center"] - -sysctl.conf tuning - ----- -#enable routing -net.ipv4.ip_forward=1 -net.ipv6.conf.all.forwarding=1 ----- - * node1 ---- @@ -584,7 +575,9 @@ iface vmbr2 inet static bridge_ports vxlan2 bridge_stp off bridge_fd 0 - + ip-forward on + ip6-forward on + arp-accept on auto vxlan3 iface vxlan3 inet manual @@ -604,6 +597,9 @@ iface vmbr3 inet static bridge_ports vxlan3 bridge_stp off bridge_fd 0 + ip-forward on + ip6-forward on + arp-accept on ---- @@ -661,6 +657,9 @@ iface vmbr2 inet static bridge_ports vxlan2 bridge_stp off bridge_fd 0 + ip-forward on + ip6-forward on + arp-accept on auto vxlan3 @@ -681,6 +680,9 @@ iface vmbr3 inet static bridge_ports vxlan3 bridge_stp off bridge_fd 0 + ip-forward on + ip6-forward on + arp-accept on ---- @@ -738,7 +740,9 @@ iface vmbr2 inet static bridge_ports vxlan2 bridge_stp off bridge_fd 0 - + ip-forward on + ip6-forward on + arp-accept on auto vxlan3 iface vxlan3 inet manual @@ -749,7 +753,6 @@ iface vxlan3 inet manual bridge-unicast-flood off bridge-multicast-flood off - auto vmbr3 iface vmbr3 inet static address 10.0.3.254 @@ -758,6 +761,9 @@ iface vmbr3 inet static bridge_ports vxlan3 bridge_stp off bridge_fd 0 + ip-forward on + ip6-forward on + arp-accept on ---- @@ -798,14 +804,6 @@ A vrf is needed for the L3VNI, so all vmbr bridge need to be in the vrf if they image::images/vxlan-l3-symmetric.svg["vxlan l3 symmetric",align="center"] -sysctl.conf tuning - ----- -#enable routing -net.ipv4.ip_forward=1 -net.ipv6.conf.all.forwarding=1 ----- - * node1 ---- @@ -843,6 +841,9 @@ iface vmbr2 inet static netmask 255.255.255.0 hwaddress 44:39:39:FF:40:94 #must be same on each node vmbr2 vrf vrf1 + ip-forward on + ip6-forward on + arp-accept on auto vxlan3 iface vxlan3 inet manual @@ -862,6 +863,9 @@ iface vmbr3 inet static netmask 255.255.255.0 hwaddress 44:39:39:FF:40:94 #must be same on each node vmbr3 vrf vrf1 + ip-forward on + ip6-forward on + arp-accept on #interconnect vxlan-vfr l3vni auto vxlan4000 @@ -944,6 +948,9 @@ iface vmbr2 inet static netmask 255.255.255.0 hwaddress 44:39:39:FF:40:94 #must be same on each node vmbr2 vrf vrf1 + ip-forward on + ip6-forward on + arp-accept on auto vxlan3 iface vxlan3 inet manual @@ -963,6 +970,9 @@ iface vmbr3 inet static netmask 255.255.255.0 hwaddress 44:39:39:FF:40:94 #must be same on each node vmbr3 vrf vrf1 + ip-forward on + ip6-forward on + arp-accept on #interconnect vxlan-vfr l3vni auto vxlan4000 @@ -1046,6 +1056,9 @@ iface vmbr2 inet static netmask 255.255.255.0 hwaddress 44:39:39:FF:40:94 #must be same on each node vmbr2 vrf vrf1 + ip-forward on + ip6-forward on + arp-accept on auto vxlan3 iface vxlan3 inet manual @@ -1065,6 +1078,9 @@ iface vmbr3 inet static netmask 255.255.255.0 hwaddress 44:39:39:FF:40:94 #must be same on each node vmbr3 vrf vrf1 + ip-forward on + ip6-forward on + arp-accept on #interconnect vxlan-vfr l3vni auto vxlan4000 @@ -1158,6 +1174,9 @@ iface vmbr2 inet static netmask 255.255.255.0 hwaddress 44:39:39:FF:40:94 #must be same on each node vmbr2 vrf vrf1 + ip-forward on + ip6-forward on + arp-accept on auto vxlan3 iface vxlan3 inet manual @@ -1177,6 +1196,9 @@ iface vmbr3 inet static netmask 255.255.255.0 hwaddress 44:39:39:FF:40:94 #must be same on each node vmbr3 vrf vrf1 + ip-forward on + ip6-forward on + arp-accept on #interconnect vxlan-vfr l3vni auto vxlan4000 @@ -1269,6 +1291,9 @@ iface vmbr2 inet static netmask 255.255.255.0 hwaddress 44:39:39:FF:40:94 #must be same on each node vmbr2 vrf vrf1 + ip-forward on + ip6-forward on + arp-accept on auto vxlan3 iface vxlan3 inet manual @@ -1288,6 +1313,9 @@ iface vmbr3 inet static netmask 255.255.255.0 hwaddress 44:39:39:FF:40:94 #must be same on each node vmbr3 vrf vrf1 + ip-forward on + ip6-forward on + arp-accept on #interconnect vxlan-vfr l3vni auto vxlan4000 @@ -1371,6 +1399,9 @@ iface vmbr2 inet static netmask 255.255.255.0 hwaddress 44:39:39:FF:40:94 #must be same on each node vmbr2 vrf vrf1 + ip-forward on + ip6-forward on + arp-accept on auto vxlan3 iface vxlan3 inet manual @@ -1390,6 +1421,9 @@ iface vmbr3 inet static netmask 255.255.255.0 hwaddress 44:39:39:FF:40:94 #must be same on each node vmbr3 vrf vrf1 + ip-forward on + ip6-forward on + arp-accept on #interconnect vxlan-vfr l3vni auto vxlan4000 @@ -1482,6 +1516,9 @@ iface vmbr2 inet static netmask 255.255.255.0 hwaddress 44:39:39:FF:40:94 #must be same on each node vmbr2 vrf vrf1 + ip-forward on + ip6-forward on + arp-accept on auto vxlan3 iface vxlan3 inet manual @@ -1501,6 +1538,9 @@ iface vmbr3 inet static netmask 255.255.255.0 hwaddress 44:39:39:FF:40:94 #must be same on each node vmbr3 vrf vrf1 + ip-forward on + ip6-forward on + arp-accept on #interconnect vxlan-vfr l3vni auto vxlan4000 @@ -1594,6 +1634,9 @@ iface vmbr2 inet static netmask 255.255.255.0 hwaddress 44:39:39:FF:40:94 #must be same on each node vmbr2 vrf vrf1 + ip-forward on + ip6-forward on + arp-accept on auto vxlan3 iface vxlan3 inet manual @@ -1613,6 +1656,9 @@ iface vmbr3 inet static netmask 255.255.255.0 hwaddress 44:39:39:FF:40:94 #must be same on each node vmbr3 vrf vrf1 + ip-forward on + ip6-forward on + arp-accept on #interconnect vxlan-vfr l3vni auto vxlan4000 @@ -1705,6 +1751,9 @@ iface vmbr2 inet static netmask 255.255.255.0 hwaddress 44:39:39:FF:40:94 #must be same on each node vmbr2 vrf vrf1 + ip-forward on + ip6-forward on + arp-accept on auto vxlan3 iface vxlan3 inet manual @@ -1724,6 +1773,9 @@ iface vmbr3 inet static netmask 255.255.255.0 hwaddress 44:39:39:FF:40:94 #must be same on each node vmbr3 vrf vrf1 + ip-forward on + ip6-forward on + arp-accept on #interconnect vxlan-vfr l3vni auto vxlan4000 -- 2.39.2