Re: [pve-devel] [PATCH pve-manager 0/3] sdn: split vnets/zones/controllers plugins

t: [PATCH pve-manager 0/3] sdn: split vnets/zones/controllers plugins Following the pve-network patch series Alexandre Derumier (3): pvestatd: fix require PVE::Network::SDN api2 : reload : use zones/controllers sdn plugins api2 : nodes : use zones api status PVE/API2/Network.pm | 27 +++

[pve-devel] [PATCH frr] bump to 7.2

+ + * Bump to 7.2 + + -- Alexandre Derumier Fri, 15 Nov 2010 02:01:00 +0200 + frr (6.0.1-0+pve) RELEASED; urgency=medium * Bump to 6.0.1 diff --git a/debian/control b/debian/control index 0ed8bc2..ab2df20 100644 --- a/debian/control +++ b/debian/control @@ -15,7 +15,7 @@ Build-Depends: install

[pve-devel] [PATCH pve-firewall 2/2] add synflood protection

Currently, a virtio-net + vhost-net can handle between 200-300 kpps for each vm (with 1core/queue=1). That mean than a vm can easily overloaded with a simple synflood (hping3 --flood -p 80 -S targetip). Also the conntrack of the host can be saturated easily. This patch introduce a new option,

[pve-devel] [PATCH pve-firewall 1/2] iptables : add raw table support

--- src/PVE/Firewall.pm | 122 +--- src/PVE/Service/pve_firewall.pm | 27 --- test/fwtester.pl| 10 +-- 3 files changed, 119 insertions(+), 40 deletions(-) diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm index 97e5384..8f4ff1a

[pve-devel] [PATCH pve-firewall 0/2] Fix #2450: synflood protection

Alexandre Derumier (2): iptables : add raw table support add synflood protection src/PVE/Firewall.pm | 180 +++- src/PVE/Service/pve_firewall.pm | 27 +++-- test/fwtester.pl| 10 +- 3 files changed, 175 insertions(+), 42 deletions

Re: [pve-devel] applied: [PATCH pve-access-control] ldap auth: add sslversion option

uot;pve-devel" , "aderumier" Envoyé: Mercredi 6 Novembre 2019 20:29:30 Objet: applied: [pve-devel] [PATCH pve-access-control] ldap auth: add sslversion option On 11/4/19 10:18 AM, Alexandre Derumier wrote: > default to tls1.2 > While https://metacpan.org/pod/distrib

[pve-devel] first 20 nodes cluster upgraded to proxmox6 :)

Hi, I have finished to upgraded my first 20 nodes cluster to proxmox6. So far, it's stable, no corosync bug. qemu is working fine too. I just have ldaps auth not working, I have send a patch to the mailing this week. Alexandre ___ pve-devel mailing

Re: [pve-devel] [PATCH manager] add graphite tcp support

Hi, be carefull of timeouts, because it could hang pvestatd. (That's why it was implemented in udp for graphite && influxdb) - Mail original - De: "Martin Verges" À: "pve-devel" Envoyé: Lundi 4 Novembre 2019 16:48:04 Objet: [pve-devel] [PATCH manager] add graphite tcp support This

Re: [pve-devel] qemu : add disk option for physical/logical block (could improve windows guest performance wit ceph)

mu : add disk option for physical/logical block (could improve windows guest performance wit ceph) El 16/5/19 a las 8:57, Alexandre DERUMIER escribió: >>> but all Windows >= 8 or >= 2012 support it for sure, so we could enable it >>> for >>> those. > yes

[pve-devel] [PATCH pve-access-control] ldap auth: add sslversion option

default to tls1.2 Signed-off-by: Alexandre Derumier --- PVE/Auth/AD.pm | 11 +++ PVE/Auth/LDAP.pm | 5 + 2 files changed, 16 insertions(+) diff --git a/PVE/Auth/AD.pm b/PVE/Auth/AD.pm index b924b02..a877a76 100755 --- a/PVE/Auth/AD.pm +++ b/PVE/Auth/AD.pm @@ -33,6 +33,12 @@ sub

[pve-devel] proxmox6 : ldaps to activedirectory2012 not working because of buster ssl settings to min tls 1.2

Hi, since buster, openssl client is forced to minimum tls 1.2, in /etc/ssl/openssl.cnf " [default_conf] ssl_conf = ssl_sect [ssl_sect] system_default = system_default_sect [system_default_sect] MinProtocol = TLSv1.2 CipherString = DEFAULT@SECLEVEL=2 " This is breaking ldaps on

[pve-devel] [PATCH pve-cluster 1/1] add sdn vnets/zones/controllers.cfg

Signed-off-by: Alexandre Derumier --- data/PVE/Cluster.pm | 8 ++-- data/src/status.c | 8 ++-- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/data/PVE/Cluster.pm b/data/PVE/Cluster.pm index 9cb68d8..3a0a35d 100644 --- a/data/PVE/Cluster.pm +++ b/data/PVE/Cluster.pm

[pve-devel] [PATCH pve-manager 1/3] pvestatd: fix require PVE::Network::SDN

Signed-off-by: Alexandre Derumier --- PVE/Service/pvestatd.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/PVE/Service/pvestatd.pm b/PVE/Service/pvestatd.pm index bad1b73d..2723f442 100755 --- a/PVE/Service/pvestatd.pm +++ b/PVE/Service/pvestatd.pm @@ -39,7 +39,7 @@ use

[pve-devel] [PATCH pve-network 1/3] split transport/controllers/vnet to separate plugins

Signed-off-by: Alexandre Derumier --- PVE/Network/SDN.pm| 297 +- PVE/Network/SDN/Controllers.pm| 158 ++ .../FaucetPlugin.pm} | 14 +- .../FrrEvpnPlugin.pm} | 21 +- PVE

[pve-devel] [PATCH pve-manager 0/3] sdn: split vnets/zones/controllers plugins

Following the pve-network patch series Alexandre Derumier (3): pvestatd: fix require PVE::Network::SDN api2 : reload : use zones/controllers sdn plugins api2 : nodes : use zones api status PVE/API2/Network.pm | 27 +-- PVE/API2/Nodes.pm | 7 --- PVE

[pve-devel] [PATCH pve-network 2/3] api2 : split vnets/zones/controllers

Signed-off-by: Alexandre Derumier --- PVE/API2/Network/Makefile | 1 - PVE/API2/Network/SDN.pm | 310 +++- PVE/API2/Network/SDN/Controllers.pm | 288 ++ PVE/API2/Network/SDN/Makefile | 4 +- PVE/API2

[pve-devel] [PATCH pve-manager 3/3] api2 : nodes : use zones api status

Signed-off-by: Alexandre Derumier --- PVE/API2/Nodes.pm | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/PVE/API2/Nodes.pm b/PVE/API2/Nodes.pm index 9e731e05..fa33ae00 100644 --- a/PVE/API2/Nodes.pm +++ b/PVE/API2/Nodes.pm @@ -52,7 +52,7 @@ use Socket; my $have_sdn

[pve-devel] [PATCH pve-manager 2/3] api2 : reload : use zones/controllers sdn plugins

Signed-off-by: Alexandre Derumier --- PVE/API2/Network.pm | 27 +-- 1 file changed, 9 insertions(+), 18 deletions(-) diff --git a/PVE/API2/Network.pm b/PVE/API2/Network.pm index fa605ba7..5e5cb5fd 100644 --- a/PVE/API2/Network.pm +++ b/PVE/API2/Network.pm @@ -18,7 +18,8

[pve-devel] [PATCH pve-cluster 0/1] sdn: split vnets/zones/controllers plugins

Following the pve-network patch series Alexandre Derumier (1): add sdn vnets/zones/controllers.cfg data/PVE/Cluster.pm | 8 ++-- data/src/status.c | 8 ++-- 2 files changed, 12 insertions(+), 4 deletions(-) -- 2.20.1 ___ pve-devel

[pve-devel] [PATCH pve-network 0/3] sdn: split vnets/zones/controllers plugins

Split code in different plugins (vnets/zones/controllers) for better maintenance and readability Alexandre Derumier (3): split transport/controllers/vnet to separate plugins api2 : split vnets/zones/controllers update documentation.txt PVE/API2/Network/Makefile | 1

[pve-devel] [PATCH pve-network 3/3] update documentation.txt

Signed-off-by: Alexandre Derumier --- test/documentation.txt | 22 +++--- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/test/documentation.txt b/test/documentation.txt index 3f70987..8b78d46 100644 --- a/test/documentation.txt +++ b/test/documentation.txt

Re: [pve-devel] [PATCH pve-network 0/8] generic sdn controller plugins + improvments

w) - Mail original - De: "Thomas Lamprecht" À: "pve-devel" , "aderumier" Envoyé: Lundi 14 Octobre 2019 09:21:42 Objet: Re: [pve-devel] [PATCH pve-network 0/8] generic sdn controller plugins + improvments On 10/11/19 1:13 PM, Alexandre DERUMIER wrote: >

Re: [pve-devel] [PATCH pve-network 0/8] generic sdn controller plugins + improvments

buted like proxmox/ceph. It's almost the same than vmware nsx, but opensource and standard. - Mail original - De: "Thomas Lamprecht" À: "pve-devel" , "aderumier" Cc: "Wolfgang Bumiller" Envoyé: Vendredi 11 Octobre 2019 12:42:16 Objet: Re: [pve-devel]

Re: [pve-devel] [PATCH pve-network 0/8] generic sdn controller plugins + improvments

vpn,qinq) to their own plugins. Alexandre Derumier (8): make sdn controller plugin generic vxlan: move transport controller config to frrplugin add faucet sdn controller plugins add evpnplugin (splitted from vxlanplugin) add controller_reload rename plugins with controllers add qinq

Re: [pve-devel] Feature request

ilberto Nunes Ferreira (47) 3025-5907 (47) 99676-7530 - Whatsapp / Telegram Skype: gilberto.nunes36 Em qua, 9 de out de 2019 às 11:03, Alexandre DERUMIER escreveu: > Do you have a specific need to use "slow" LSI or megaraid controller if > you have already virtio-

Re: [pve-devel] Feature request

Do you have a specific need to use "slow" LSI or megaraid controller if you have already virtio-scsi working ? - Mail original - De: "Gilberto Nunes" À: "Thomas Lamprecht" Cc: "pve-devel" Envoyé: Mercredi 9 Octobre 2019 14:10:58 Objet: Re: [pve-devel] Feature request For

[pve-devel] [PATCH v2 pve-manager 4/7] add threshold to cpu/ram target

Signed-off-by: Alexandre Derumier --- PVE/API2/Nodes.pm | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/PVE/API2/Nodes.pm b/PVE/API2/Nodes.pm index f86523b0..3578b6de 100644 --- a/PVE/API2/Nodes.pm +++ b/PVE/API2/Nodes.pm @@ -1979,7 +1979,8 @@ __PACKAGE__

[pve-devel] [PATCH v2 pve-manager 6/7] move code to seperate find_best_node_target sub

Signed-off-by: Alexandre Derumier --- PVE/API2/Nodes.pm | 91 +-- 1 file changed, 49 insertions(+), 42 deletions(-) diff --git a/PVE/API2/Nodes.pm b/PVE/API2/Nodes.pm index 93bf1bd2..25199249 100644 --- a/PVE/API2/Nodes.pm +++ b/PVE/API2/Nodes.pm

[pve-devel] [PATCH v2 pve-manager 7/7] add node rebalance api

This allow to rebalance a node, with defining max mem/cpu threshold. we migrate vms until we are under threshold. Signed-off-by: Alexandre Derumier --- PVE/API2/Nodes.pm | 130 -- 1 file changed, 127 insertions(+), 3 deletions(-) diff --git a/PVE

[pve-devel] [PATCH v2 pve-manager 5/7] use ksm && swap for best node ordering

commented for now, ksm && swap are not streamed currently Signed-off-by: Alexandre Derumier --- PVE/API2/Nodes.pm | 3 +++ 1 file changed, 3 insertions(+) diff --git a/PVE/API2/Nodes.pm b/PVE/API2/Nodes.pm index 3578b6de..93bf1bd2 100644 --- a/PVE/API2/Nodes.pm +++ b/PVE/API2/

[pve-devel] [PATCH v2 pve-manager 2/7] doproduct: add alternatives method

from: https://hal.archives-ouvertes.fr/hal-00868016v2/document Signed-off-by: Alexandre Derumier --- PVE/API2/Nodes.pm | 23 --- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/PVE/API2/Nodes.pm b/PVE/API2/Nodes.pm index 303a7ffb..9202932a 100644 --- a/PVE

[pve-devel] [PATCH v2 pve-manager 1/7] POC: migrate_all: add auto best target selection

) and maybe implement a loadbalancer feature. (Maybe something simple like migrate vm when memory/cpu are bigger than an defined threshold) Signed-off-by: Alexandre Derumier --- PVE/API2/Nodes.pm | 66 ++- 1 file changed, 59 insertions(+), 7 deletions(-) diff

[pve-devel] [PATCH v2 pve-manager 3/7] add storage check

Signed-off-by: Alexandre Derumier --- PVE/API2/Nodes.pm | 8 +--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/PVE/API2/Nodes.pm b/PVE/API2/Nodes.pm index 9202932a..f86523b0 100644 --- a/PVE/API2/Nodes.pm +++ b/PVE/API2/Nodes.pm @@ -1964,6 +1964,7 @@ __PACKAGE__

[pve-devel] [PATCH v2 pve-manager 0/7] POC: load balancing

changelog v2: - implement dotproduct alternative method - move code to find best node to dedicated sub - implement poc balance api (based on threshold to reach) - add some checks Alexandre Derumier (7): POC: migrate_all: add auto best target selection doproduct: add alternatives method add

Re: [pve-devel] stream or rrd for ksm sharing counter ?

hat like your proposed patc yes, agreed too. (My patch was just for the demo of the algo), but yes, something like "rebalance " for example. I'll look at PSI counter in my production, to see how it's work with memory usage + ksm + swap ... - Mail original - De: &qu

[pve-devel] stream or rrd for ksm sharing counter ?

Hi, I'm still trying to improve loadbalancing. Currently we don't stream ksm sharing counter, I think it could be great to stream it or push it to rrd (with extra rrd ? change the current memory format ?) What is the best way to do it ? As we could have 2 servers with 80% memory usage, but

Re: [pve-devel] Feature request

Hi, on qemu side, they are already 2 controllers (1 for scsi disk 1-7 , and 1 for scsi disk 7-14) Exception is virtio-scsi-single, where you have 1 controller by disk. (for iothread) what do you want to do exactly ? - Mail original - De: "Gilberto Nunes" À: "pve-devel" Envoyé:

Re: [pve-devel] [PATCH pve-manager] POC: migrate_all: add auto best target selection

- Mail original - De: "Thomas Lamprecht" À: "pve-devel" , "aderumier" Envoyé: Lundi 7 Octobre 2019 08:32:29 Objet: Re: [pve-devel] [PATCH pve-manager] POC: migrate_all: add auto best target selection On 10/6/19 6:14 AM, Alexandre Derumier wrote: > This is a

Re: [pve-devel] [PATCH pve-manager] POC: migrate_all: add auto best target selection

g simple like migrate vm when memory/cpu are bigger than an defined threshold) Signed-off-by: Alexandre Derumier --- PVE/API2/Nodes.pm | 66 ++- 1 file changed, 59 insertions(+), 7 deletions(-) diff --git a/PVE/API2/Nodes.pm b/PVE/API2/Nodes.pm i

[pve-devel] [PATCH pve-manager] POC: migrate_all: add auto best target selection

) and maybe implement a loadbalancer feature. (Maybe something simple like migrate vm when memory/cpu are bigger than an defined threshold) Signed-off-by: Alexandre Derumier --- PVE/API2/Nodes.pm | 66 ++- 1 file changed, 59 insertions(+), 7 deletions(-) diff

[pve-devel] [PATCH pve-manager] cpumodel: qemu 4.0: add Skylake-Server, Cascadelake-Server, KnightsMill

Signed-off-by: Alexandre Derumier --- www/manager6/form/CPUModelSelector.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/www/manager6/form/CPUModelSelector.js b/www/manager6/form/CPUModelSelector.js index 9eb5b0e9..505d27c8 100644 --- a/www/manager6/form/CPUModelSelector.js +++ b/www

[pve-devel] [PATCH qemu-server] qemu 4.0 : add Cascadelake-Server && KnightsMill cpu models

Signed-off-by: Alexandre Derumier --- PVE/QemuServer.pm | 3 +++ 1 file changed, 3 insertions(+) diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm index 70ed910..8376260 100644 --- a/PVE/QemuServer.pm +++ b/PVE/QemuServer.pm @@ -146,6 +146,9 @@ my $cpu_vendor_list = { 'Skylake-Client-IBRS

[pve-devel] [PATCH v2 pve-manager] api2: network : reload sdn controller generic

use config generation && reloading from plugins (require my last pve-network patch serie) Signed-off-by: Alexandre Derumier --- PVE/API2/Network.pm | 25 + 1 file changed, 5 insertions(+), 20 deletions(-) diff --git a/PVE/API2/Network.pm b/PVE/API2/Network.

[pve-devel] [PATCH pve-network 8/8] api2 : sdn : add role and type to index

Signed-off-by: Alexandre Derumier --- PVE/API2/Network/SDN.pm | 11 ++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/PVE/API2/Network/SDN.pm b/PVE/API2/Network/SDN.pm index 36d293d..b6dd23e 100644 --- a/PVE/API2/Network/SDN.pm +++ b/PVE/API2/Network/SDN.pm @@ -61,7

[pve-devel] [PATCH pve-network 6/8] rename plugins with controllers

For true sdn, We have 2 plugins, 1 for dataplane (switch), 1 for controlplane (controller) rename: - Frr to EvpnController - Faucet to FaucetController - OvsFaucet to Faucet Signed-off-by: Alexandre Derumier --- PVE/API2/Network/SDN.pm | 4 +- PVE/Network/SDN.pm

[pve-devel] [PATCH pve-manager] api2: network : reload sdn controller generic

From: root use config generation && reloading from plugins (require my last pve-network patch serie) Signed-off-by: Alexandre Derumier --- PVE/API2/Network.pm | 25 + 1 file changed, 5 insertions(+), 20 deletions(-) diff --git a/PVE/API2/Network.pm b/

[pve-devel] [PATCH pve-network 7/8] add qinq plugin

move code from vlanplugin, add transport tag option Signed-off-by: Alexandre Derumier --- PVE/API2/Network/SDN.pm | 1 + PVE/Network/SDN.pm| 2 + PVE/Network/SDN/Makefile | 2 +- PVE/Network/SDN/QinQPlugin.pm | 81 +++ PVE/Network/SDN

[pve-devel] [PATCH pve-network 0/8] generic sdn controller plugins + improvments

setup), 1 for controlplane (the controller). (As we can have multiple dataplanes for 1 controller) I have added a (not fully working yet) poc with faucet sdn controller plugin. I have made also split of some plugins (evpn,qinq) to their own plugins. Alexandre Derumier (8): make sdn

[pve-devel] [PATCH pve-network 2/8] vxlan: move transport controller config to frrplugin

To be able to use differents controllers model Signed-off-by: Alexandre Derumier --- PVE/Network/SDN.pm | 4 +-- PVE/Network/SDN/FrrPlugin.pm | 51 ++ PVE/Network/SDN/VxlanPlugin.pm | 50 - 3 files changed, 53

[pve-devel] [PATCH pve-network 1/8] make sdn controller plugin generic

move all code for frr to frrplugin, rename router option to controller. This will allow to manage more controller in the future (ovn, faucet,) Signed-off-by: Alexandre Derumier --- PVE/Network/SDN.pm | 148 +++-- PVE/Network/SDN/FrrPlugin.pm | 114

[pve-devel] [PATCH pve-network 5/8] add controller_reload

Signed-off-by: Alexandre Derumier --- PVE/Network/SDN.pm | 17 + PVE/Network/SDN/FaucetPlugin.pm | 11 +++ PVE/Network/SDN/FrrPlugin.pm| 18 ++ PVE/Network/SDN/Plugin.pm | 6 ++ 4 files changed, 52 insertions(+) diff --git

[pve-devel] [PATCH pve-network 4/8] add evpnplugin (splitted from vxlanplugin)

Signed-off-by: Alexandre Derumier --- PVE/API2/Network/SDN.pm| 1 + PVE/Network/SDN.pm | 2 + PVE/Network/SDN/EvpnPlugin.pm | 200 + PVE/Network/SDN/Makefile | 2 +- PVE/Network/SDN/VxlanPlugin.pm | 54 - test

[pve-devel] [PATCH pve-network 3/8] add faucet sdn controller plugins

1 plugin for controller, 1 plugin for dataplane This is not 100% complete, but it's a proof of concept to test differents sdn controller Signed-off-by: Alexandre Derumier --- PVE/API2/Network/SDN.pm| 3 + PVE/Network/SDN.pm | 19 ++ PVE/Network/SDN

[pve-devel] libknet1 update don't restart corosync

Hi, I have noticed that when you upgrade libknet1 (and fix the crash of corosync), corosync is not auto restarted. Maybe should we bump the corosync package too to force a restart ? ___ pve-devel mailing list pve-devel@pve.proxmox.com

[pve-devel] [PATCH pve-common] etc_network_interfaces : handle autostart for ovs

Signed-off-by: Alexandre Derumier --- src/PVE/INotify.pm | 16 +--- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm index 65b2d91..e224f78 100644 --- a/src/PVE/INotify.pm +++ b/src/PVE/INotify.pm @@ -902,8 +902,8 @@ sub

Re: [pve-devel] [PATCH pve-common] network_interfaces: use allow-ovs for OVSBridge

"Thomas Lamprecht" À: "pve-devel" , "aderumier" Envoyé: Vendredi 20 Septembre 2019 10:19:42 Objet: Re: [pve-devel] [PATCH pve-common] network_interfaces: use allow-ovs for OVSBridge On 20.09.19 08:45, Alexandre Derumier wrote: > new openvswitch-switch service use "if

Re: [pve-devel] [PATCH pve-common] network_interfaces: use allow-ovs for OVSBridge

;pve-devel" , "aderumier" Envoyé: Vendredi 20 Septembre 2019 10:19:42 Objet: Re: [pve-devel] [PATCH pve-common] network_interfaces: use allow-ovs for OVSBridge On 20.09.19 08:45, Alexandre Derumier wrote: > new openvswitch-switch service use "ifup --allow-ovs",

[pve-devel] [PATCH pve-common] network_interfaces: use allow-ovs for OVSBridge

Openvswitch github have a note about this: https://github.com/openvswitch/ovs/commit/e0dfd67b456c8ea36cc2e2f23039a300dbbedfed#diff-555e6da95251766b76e83867900bd8fe Signed-off-by: Alexandre Derumier --- src/PVE/INotify.pm| 20 ++- .../

[pve-devel] openvswitch /etc/network/interfaces -> auto xxx need to be removed

Hi, user have reported problem with openvswitch here: https://forum.proxmox.com/threads/so-is-openvswitch-bonding-just-broken-on-pve-6-whats-going-on.58020/ "auto ..." should be removed , to avoid race condition with systemd. The official documentation have been updated for this, with config

[pve-devel] [PATCH ifupdown2] config: keep addon_syntax_check=0

It was wrong set to 1, and break openvswitch Ifupdown2 was 1 by default last year, and the first version ofpatch was setting to 0. But ifupdown2 was reverted to 0 in 2019, and I wrongly change the patch to 1. So now, it's default to 0 , no need to patch it. Signed-off-by: Alexandre Derumier

[pve-devel] [PATCH pve-network 1/2] add format for ip-list and mtu

Signed-off-by: Alexandre Derumier --- PVE/Network/SDN/FrrPlugin.pm | 4 ++-- PVE/Network/SDN/VnetPlugin.pm | 2 +- PVE/Network/SDN/VxlanPlugin.pm | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/PVE/Network/SDN/FrrPlugin.pm b/PVE/Network/SDN/FrrPlugin.pm index 79214a7

[pve-devel] [PATCH pve-network 0/2] add missing formats

add missing format for ip-list,mtu and multicast-address Alexandre Derumier (2): add format for ip-list and mtu add format for multicast-address PVE/Network/SDN/FrrPlugin.pm | 4 ++-- PVE/Network/SDN/VnetPlugin.pm | 2 +- PVE/Network/SDN/VxlanPlugin.pm | 25 ++--- 3

[pve-devel] [PATCH pve-network 2/2] add format for multicast-address

Signed-off-by: Alexandre Derumier --- PVE/Network/SDN/VxlanPlugin.pm | 23 +-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/PVE/Network/SDN/VxlanPlugin.pm b/PVE/Network/SDN/VxlanPlugin.pm index c5ecea6..1860490 100644 --- a/PVE/Network/SDN/VxlanPlugin.pm

Re: [pve-devel] [PATCH pve-manager] api2 : network : use vtysh for frr reload instead systemd

019 10:22:28 Objet: [PATCH pve-manager] api2 : network : use vtysh for frr reload instead systemd avoid extra dep on frr-pythontools and parse error messages Signed-off-by: Alexandre Derumier --- PVE/API2/Network.pm | 11 +-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/

[pve-devel] [PATCH pve-docs] vxlan: remove "no bgp default ipv6-unicast"

This syntax don't exist Signed-off-by: Alexandre Derumier --- vxlan-and-evpn.adoc | 19 --- 1 file changed, 19 deletions(-) diff --git a/vxlan-and-evpn.adoc b/vxlan-and-evpn.adoc index 0a05cfb..ec1bc07 100644 --- a/vxlan-and-evpn.adoc +++ b/vxlan-and-evpn.adoc @@ -367,7 +367,6

[pve-devel] [PATCH pve-network] frr: remove "no bgp default ipv6-unicast"

Signed-off-by: Alexandre Derumier --- PVE/Network/SDN/FrrPlugin.pm | 1 - 1 file changed, 1 deletion(-) diff --git a/PVE/Network/SDN/FrrPlugin.pm b/PVE/Network/SDN/FrrPlugin.pm index 8a1f86c..79214a7 100644 --- a/PVE/Network/SDN/FrrPlugin.pm +++ b/PVE/Network/SDN/FrrPlugin.pm @@ -74,7 +74,6

[pve-devel] proxmox5: can you bump kernel to ubuntu 4.15.0-59 ? (mellanox bug)

Hi, I have a bug on last pve-kernel 4.15 related to mellanox nic https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1840854 seem to be fixed in 4.15.0-59. could you bump it to last version ? Thanks Alexandre ___ pve-devel mailing list

[pve-devel] [PATCH pve-manager] api2 : network : use vtysh for frr reload instead systemd

avoid extra dep on frr-pythontools and parse error messages Signed-off-by: Alexandre Derumier --- PVE/API2/Network.pm | 11 +-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/PVE/API2/Network.pm b/PVE/API2/Network.pm index ac5571a7..fa605ba7 100644 --- a/PVE/API2

[pve-devel] [PATCH v2 pve-network 4/4] move gateway-nodes option to frr plugin and add gateway-external-peers

It's make more sense, as We use default vrf for routing. Also add gateway-external-peers to define an external bgp peer. Signed-off-by: Alexandre Derumier --- PVE/Network/SDN.pm | 24 +-- PVE/Network/SDN/FrrPlugin.pm | 43 +- PVE

[pve-devel] [PATCH v2 pve-network 3/4] vxlan: frr : remove unneeded prefix-list

no bgp default ipv4-unicast already deny redistribution of routes in default vrf Signed-off-by: Alexandre Derumier --- PVE/Network/SDN.pm | 1 - PVE/Network/SDN/FrrPlugin.pm | 10 ++ 2 files changed, 2 insertions(+), 9 deletions(-) diff --git a/PVE/Network/SDN.pm b/PVE

[pve-devel] [PATCH v2 pve-network 0/4] vxlan-evpn: fix routing for local vms on gateway nodes

config Alexandre Derumier (4): generate_frr_config: cleanup hash and ordering vxlan: evpn: fix routing to local vms on gateway nodes vxlan: frr : remove unneeded prefix-list move gateway-nodes option to frr plugin and add gateway-external-peers PVE/Network/SDN.pm | 120

[pve-devel] [PATCH v2 pve-network 1/4] generate_frr_config: cleanup hash and ordering

Signed-off-by: Alexandre Derumier --- PVE/Network/SDN.pm | 99 ++ PVE/Network/SDN/FrrPlugin.pm | 13 +++-- PVE/Network/SDN/VxlanPlugin.pm | 18 ++- 3 files changed, 87 insertions(+), 43 deletions(-) diff --git a/PVE/Network/SDN.pm b/PVE/Network

[pve-devel] [PATCH v2 pve-network 2/4] vxlan: evpn: fix routing to local vms on gateway nodes

Signed-off-by: Alexandre Derumier --- PVE/Network/SDN.pm | 2 ++ PVE/Network/SDN/FrrPlugin.pm | 8 PVE/Network/SDN/VxlanPlugin.pm | 4 3 files changed, 14 insertions(+) diff --git a/PVE/Network/SDN.pm b/PVE/Network/SDN.pm index d72b94a..528437f 100644 --- a/PVE

[pve-devel] [PATCH pve-docs 4/4] vxlan: add rp_filter sysctl for multiple gateway nodes

Signed-off-by: Alexandre Derumier --- vxlan-and-evpn.adoc | 10 ++ 1 file changed, 10 insertions(+) diff --git a/vxlan-and-evpn.adoc b/vxlan-and-evpn.adoc index 3d495a3..0a05cfb 100644 --- a/vxlan-and-evpn.adoc +++ b/vxlan-and-evpn.adoc @@ -1505,6 +1505,16 @@ The external router have

[pve-devel] [PATCH pve-docs 1/4] vxlan-evpn: remove prefix-route deny

no bgp default ipv4-unicast no bgp default ipv6-unicast already deny by restribution of default vrf routes Signed-off-by: Alexandre Derumier --- vxlan-and-evpn.adoc | 34 ++ 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/vxlan-and-evpn.adoc b

[pve-devel] [PATCH pve-docs 2/4] vxlan: add ipv6 missing config

Signed-off-by: Alexandre Derumier --- vxlan-and-evpn.adoc | 36 1 file changed, 36 insertions(+) diff --git a/vxlan-and-evpn.adoc b/vxlan-and-evpn.adoc index e1dfe87..5f72a88 100644 --- a/vxlan-and-evpn.adoc +++ b/vxlan-and-evpn.adoc @@ -1249,6 +1249,10

[pve-devel] [PATCH pve-docs 3/4] vxlan: add external bgp router documentation

Signed-off-by: Alexandre Derumier --- vxlan-and-evpn.adoc | 92 +++-- 1 file changed, 88 insertions(+), 4 deletions(-) diff --git a/vxlan-and-evpn.adoc b/vxlan-and-evpn.adoc index 5f72a88..3d495a3 100644 --- a/vxlan-and-evpn.adoc +++ b/vxlan-and-evpn.adoc

[pve-devel] [PATCH pve-docs 0/4] vxlan: improve gateway doc

cleanup config for gateway nodes add documentation for external bgp router add missing ipv6 conf Alexandre Derumier (4): vxlan-evpn: remove prefix-route deny vxlan: add ipv6 missing config vxlan: add external bgp router documentation vxlan: add rp_filter sysctl for multiple gateway nodes

[pve-devel] [PATCH pve-network 2/2] vxlan: evpn: fix routing to local vms on gateway nodes

Signed-off-by: Alexandre Derumier --- PVE/Network/SDN.pm | 2 ++ PVE/Network/SDN/FrrPlugin.pm | 8 PVE/Network/SDN/VxlanPlugin.pm | 4 3 files changed, 14 insertions(+) diff --git a/PVE/Network/SDN.pm b/PVE/Network/SDN.pm index d72b94a..528437f 100644 --- a/PVE

[pve-devel] [PATCH pve-network 1/2] generate_frr_config: cleanup hash and ordering

Signed-off-by: Alexandre Derumier --- PVE/Network/SDN.pm | 99 ++ PVE/Network/SDN/FrrPlugin.pm | 13 +++-- PVE/Network/SDN/VxlanPlugin.pm | 18 ++- 3 files changed, 87 insertions(+), 43 deletions(-) diff --git a/PVE/Network/SDN.pm b/PVE/Network

[pve-devel] [PATCH pve-network 0/2] vxlan-evpn: fix routing for local vms on gateway nodes

It was not possible to route from external to a local vm on a gateway node. I have reworked the config hash with better ordering and sub keys Alexandre Derumier (2): generate_frr_config: cleanup hash and ordering vxlan: evpn: fix routing to local vms on gateway nodes PVE/Network/SDN.pm

[pve-devel] [PATCH pve-docs] vxlan: allowed routing to local vm on gateway nodes

We need to redistributed connected network to be able to join a vm running on a gateway nodes. also add a prefix-list in default vrf, to not propagate theses connected routes. (avoid loop) Signed-off-by: Alexandre Derumier --- vxlan-and-evpn.adoc | 44

Re: [pve-devel] [PATCH pve-common] etc_network_interfaces : add uplink-id option

r" Envoyé: Jeudi 5 Septembre 2019 11:28:02 Objet: Re: [pve-devel] [PATCH pve-common] etc_network_interfaces : add uplink-id option On 04.09.19 09:47, Alexandre Derumier wrote: > Signed-off-by: Alexandre Derumier hmm, this ringed some bells, this was sent to the list with a bit mo

[pve-devel] [PATCH pve-docs] bgp-evpn : use ip-forward options on vnet interfaces

Signed-off-by: Alexandre Derumier --- vxlan-and-evpn.adoc | 92 +++-- 1 file changed, 72 insertions(+), 20 deletions(-) diff --git a/vxlan-and-evpn.adoc b/vxlan-and-evpn.adoc index 09babf3..f4465d6 100644 --- a/vxlan-and-evpn.adoc +++ b/vxlan

Re: [pve-devel] applied: [PATCH pve-docs] bgp-evpn : add route reflectors documentation

cumentation On 04.09.19 09:02, Alexandre Derumier wrote: > Signed-off-by: Alexandre Derumier > --- > vxlan-and-evpn.adoc | 75 + > 1 file changed, 75 insertions(+) > > diff --git a/vxlan-and-evpn.adoc b/vxlan-and-evpn.adoc > index 7

[pve-devel] [PATCH pve-common] etc_network_interfaces : add uplink-id option

Signed-off-by: Alexandre Derumier --- src/PVE/INotify.pm | 18 +- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm index 8b49f5a..fd54313 100644 --- a/src/PVE/INotify.pm +++ b/src/PVE/INotify.pm @@ -955,6 +955,7 @@ sub

[pve-devel] [PATCH pve-docs] bgp-evpn : add route reflectors documentation

Signed-off-by: Alexandre Derumier --- vxlan-and-evpn.adoc | 75 + 1 file changed, 75 insertions(+) diff --git a/vxlan-and-evpn.adoc b/vxlan-and-evpn.adoc index 703329d..09babf3 100644 --- a/vxlan-and-evpn.adoc +++ b/vxlan-and-evpn.adoc @@ -1824,4

[pve-devel] [PATCH pve-manager] api2: network reload: add frr config generation and reload

Signed-off-by: Alexandre Derumier --- PVE/API2/Network.pm | 7 +-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/PVE/API2/Network.pm b/PVE/API2/Network.pm index 07c3e6d3..d50a808d 100644 --- a/PVE/API2/Network.pm +++ b/PVE/API2/Network.pm @@ -561,8 +561,10 @@ __PACKAGE__

[pve-devel] [PATCH pve-network] don't regenerate frr config if no router is defined

Signed-off-by: Alexandre Derumier --- PVE/Network/SDN.pm | 2 ++ test/generateconfig.pl | 8 +--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/PVE/Network/SDN.pm b/PVE/Network/SDN.pm index 1e89d97..1d84a32 100644 --- a/PVE/Network/SDN.pm +++ b/PVE/Network/SDN.pm

[pve-devel] [PATCH pve-network 2/2] vxlan: add ip-forward|ip6-forward|arp-accept for routing

Signed-off-by: Alexandre Derumier --- PVE/Network/SDN/VxlanPlugin.pm | 3 +++ 1 file changed, 3 insertions(+) diff --git a/PVE/Network/SDN/VxlanPlugin.pm b/PVE/Network/SDN/VxlanPlugin.pm index ec1729c..733412e 100644 --- a/PVE/Network/SDN/VxlanPlugin.pm +++ b/PVE/Network/SDN/VxlanPlugin.pm

[pve-devel] [PATCH pve-network 1/2] vxlan: add gateway-nodes option

Allow to define 1 or more gateway node, to route the traffic to the outside world import vrf is bugged in frr 7.1 works fine with current stable/7.1 branch https://github.com/FRRouting/frr/issues/4905 Signed-off-by: Alexandre Derumier --- PVE/Network/SDN/VxlanPlugin.pm | 56

[pve-devel] [PATCH pve-network 0/2] vxlan bgp-evpn : add gateway-nodes options

Add a gateway-nodes options to define exit nodes to outside work also add sysctl forwarding option to network interfaces Alexandre Derumier (2): vxlan: add gateway-nodes option vxlan: add ip-forward|ip6-forward|arp-accept for routing PVE/Network/SDN/VxlanPlugin.pm | 59

Re: [pve-devel] applied-series: [PATCH v2 pve-network 00/13] pve-network improvements

CH v2 pve-network 00/13] pve-network improvements Hi, On 29.08.19 12:32, Alexandre Derumier wrote: > pve-network is now able to generate bgp evpn configuration, > so we have a true anycast routable vxlan sdn now :) great! > > It's still missing configuration for outside gateway, > but

[pve-devel] [PATCH ifupdown2] add patch to add arp-accept option

needed for bgp-evpn upstream pull request: https://github.com/CumulusNetworks/ifupdown2/pull/121 Signed-off-by: Alexandre Derumier --- .../pve/0009-add-arp-accept-option.patch | 55 +++ debian/patches/series | 1 + 2 files changed, 56 insertions

[pve-devel] [PATCH v2 pve-docs] update vxlan-evpn doc

Now that vrf leaking is supported with default vrf, setup is more simple for exit node. (not need extra interface) Also cleanup symmetric config Signed-off-by: Alexandre Derumier --- vxlan-and-evpn.adoc | 231 1 file changed, 63 insertions(+), 168

Re: [pve-devel] ifupdown2 pve package missing in buster/proxmox6 repo

sues/92#issuecomment-458135952 Without this change you get "error: ignoring interface . Only one object with attribute 'bridge-vlan-aware yes' allowed." for every additional bridge that has bridge-vlan-aware yes in its config. On 8/27/19 4:28 PM, Alexandre DERUMIER wrote: > Hi

[pve-devel] [PATCH pve-docs] update vxlan-evpn doc

Now that vrf leaking is supported with default vrf, setup is more simple for exit node. (not need extra interface) Also cleanup symmetric config Signed-off-by: Alexandre Derumier --- vxlan-and-evpn.adoc | 239 +++- 1 file changed, 59 insertions(+), 180

[pve-devel] [PATCH v2 pve-network 05/13] make Vxlanplugin generic for multicast/unicast/frr

if no multicast or unicast address is defined, default to frr Signed-off-by: Alexandre Derumier --- PVE/API2/Network/SDN.pm | 2 +- PVE/Network/SDN.pm| 4 +- PVE/Network/SDN/Makefile | 2 +- PVE/Network/SDN/Plugin.pm

[pve-devel] [PATCH v2 pve-network 11/13] add update_delete hook on frr related options

Signed-off-by: Alexandre Derumier --- PVE/Network/SDN/FrrPlugin.pm | 20 --- PVE/Network/SDN/VxlanPlugin.pm | 35 ++ 2 files changed, 52 insertions(+), 3 deletions(-) diff --git a/PVE/Network/SDN/FrrPlugin.pm b/PVE/Network/SDN/FrrPlugin.pm index

[pve-devel] [PATCH v2 pve-network 07/13] vxlanplugin: add vrf and vrfvxlan

Signed-off-by: Alexandre Derumier --- PVE/Network/SDN/VxlanPlugin.pm | 45 -- 1 file changed, 43 insertions(+), 2 deletions(-) diff --git a/PVE/Network/SDN/VxlanPlugin.pm b/PVE/Network/SDN/VxlanPlugin.pm index ae1f86a..c93dbc4 100644 --- a/PVE/Network/SDN

<    1   2   3   4   5   6   7   8   9   10   >