Signed-off-by: Alexandre Derumier <aderum...@odiso.com> --- vxlan-and-evpn.adoc | 92 +++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 88 insertions(+), 4 deletions(-)
diff --git a/vxlan-and-evpn.adoc b/vxlan-and-evpn.adoc index 5f72a88..3d495a3 100644 --- a/vxlan-and-evpn.adoc +++ b/vxlan-and-evpn.adoc @@ -1135,8 +1135,8 @@ line vty ! ---- -VXLAN layer3 routing with anycast gateway + routing to outside with external router -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +VXLAN layer3 routing with anycast gateway + routing to outside with external router with static default gw +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Routing to outside need the symmetric model. 1 gateway node @@ -1952,6 +1952,92 @@ iface vmbr0 inet static ---- + +gateway node(s) with a upstream bgp router +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Setup is almost the same than with a static gateway, but we'll connect to an upstream bgp router. + +example with node1 as gateway (192.168.0.1) for evpn-bgp, and an upstream bgp router (running frr too) 192.168.0.254. + +* node1 + +frr.conf +---- +vrf vrf1 + vni 4000 + exit-vrf +! +router bgp 1234 + bgp router-id 192.168.0.1 + no bgp default ipv4-unicast + no bgp default ipv6-unicast + coalesce-time 1000 + neighbor 192.168.0.2 remote-as 1234 + neighbor 192.168.0.3 remote-as 1234 + neighbor 192.168.0.254 remote-as external + ! + address-family ipv4 unicast + import vrf vrf1 + neighbor 192.168.0.254 activate + exit-address-family + ! + address-family ipv6 unicast + import vrf vrf1 + neighbor 192.168.0.254 activate + exit-address-family + ! + address-family l2vpn evpn + neighbor 192.168.0.1 activate + neighbor 192.168.0.2 activate + neighbor 192.168.0.254 activate + advertise-all-vni + exit-address-family +! +router bgp 1234 vrf vrf1 +! + address-family ipv4 unicast + redistribute connected + exit-address-family + ! + address-family ipv6 unicast + redistribute connected + exit-address-family + ! + address-family l2vpn evpn + default-originate ipv4 + default-originate ipv6 + exit-address-family +! +line vty +! +---- + +* bgp router + +frr.conf +---- +ip prefix-list NO32 seq 10 permit 0.0.0.0/0 ge 8 le 24 +ip prefix-list NO32 seq 20 deny any +! +router bgp 25253 + bgp router-id 192.168.0.254 + bgp bestpath as-path multipath-relax + neighbor 192.168.0.1 remote-as external + neighbor 192.168.0.1 capability extended-nexthop + ! + address-family ipv4 unicast + neighbor 192.168.0.1 default-originate + neighbor 192.168.0.1 prefix-list NO32 in #don't import /32 route from evpn + exit-address-family + ! + address-family ipv6 unicast + neighbor 192.168.0.1 default-originate + neighbor 192.168.0.1 prefix-list NO32 in #don't import /32 route from evpn + exit-address-family + ! +! +--- + Route Reflectors ^^^^^^^^^^^^^^^^ If you have a lot of proxmox nodes, or multiple proxmox clusters, you may want @@ -2028,5 +2114,3 @@ router bgp 1234 exit-address-family ! ---- - -#TODO : Documentation with bgp upstream router. -- 2.20.1 _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
