I have thinked about the external gateway with vxlan ebgp, it's not so difficult,
1)if the upstream router can't do bgp or other routing protocol, we simply need to manage an ha vip on our side (vrrp) for the ingress traffic from the router and routed inside the vxlan. the egress traffic will directly go out from the proxmox nodes. This is asymetric routing. This should work with a public hosting, like ovh. (you have your failover ip, which is the ha vip, and your differents ripe block are routed in proxmox vxlan). 2)if a routing protocol exist between the proxmox nodes and the router, the router can send directly traffic to the correct proxmox node. (symetric routing). I have attached an svg schema to this mail. ----- Mail original ----- De: "aderumier" <[email protected]> À: "dietmar" <[email protected]> Cc: "pve-devel" <[email protected]> Envoyé: Mardi 30 Janvier 2018 00:02:55 Objet: Re: [pve-devel] proxmox 2018 : add support for "virtual" network and network plugins ? >>Looks we simply need a flexible plugin architecture ... I think, first, we can try to implement only the virtual network, without focus on external gateway. I'm seeing 2 good candidate: for linux bridge : vxlan ebgp-vpn for ovs : ovn network (http://openvswitch.org/support/slides/OVN_LinuxCon_Toronto.pdf) Both have almost the same architecture. -a distributed controlplane controller. (vxlan ebgp: a routing daemon like frr/quagga, ovn : ovn controller). It can be deployed on all proxmox nodes -a distributed "anycast" local router -vm can used them as gateway. we can implement dhcp,dns,cloudinit. -we can get ip/mac from control plane. (could be used to add auto ipfiltering on vm firewall for example, maybe other stuff) So 1) implement the "network" create (create bridge/ovs, configure the controllers) 2) configure the local router and services When this is implemented, we could focus on external network access. - ovn need a gateway node - linux evpn-bgp can peer with external router if bgp is supported, or use 1 gateway node with a simple default gw.(+ a backup gateway node) then implement s-nat and floating ip as option if user want them. and finally (next year ;) maybe other stuff like loadbalancing as a service, vpn as a service, what do you think about this ? ----- Mail original ----- De: "dietmar" <[email protected]> À: "Alexandre Derumier" <[email protected]>, "pve-devel" <[email protected]> Envoyé: Lundi 29 Janvier 2018 12:22:09 Objet: Re: [pve-devel] proxmox 2018 : add support for "virtual" network and network plugins ? > It's not difficult if we can do bgp to the router. but I think Dietmar want > something > for user with a simple router/default gw. (so with some proxy-arp trick). No, I still do not know what I want - too many options ;-) Looks we simply need a flexible plugin architecture ... _______________________________________________ pve-devel mailing list [email protected] https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel _______________________________________________ pve-devel mailing list [email protected] https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
