[pve-devel] [PATCH pve-network 2/2] vxlan: evpn: fix routing to local vms on gateway nodes

Fri, 06 Sep 2019 06:15:48 -0700 

Signed-off-by: Alexandre Derumier <aderum...@odiso.com>
---
 PVE/Network/SDN.pm             | 2 ++
 PVE/Network/SDN/FrrPlugin.pm   | 8 ++++++++
 PVE/Network/SDN/VxlanPlugin.pm | 4 ++++
 3 files changed, 14 insertions(+)

diff --git a/PVE/Network/SDN.pm b/PVE/Network/SDN.pm
index d72b94a..528437f 100644
--- a/PVE/Network/SDN.pm
+++ b/PVE/Network/SDN.pm
@@ -223,6 +223,8 @@ sub generate_frr_config {
 
     my $final_config = [];
     push @{$final_config}, "log syslog informational";
+    push @{$final_config}, "!";
+    push @{$final_config}, "ip prefix-list deny seq 10 deny any";
 
     generate_frr_recurse($final_config, $config, undef, 0);
 
diff --git a/PVE/Network/SDN/FrrPlugin.pm b/PVE/Network/SDN/FrrPlugin.pm
index 772d7d2..b227745 100644
--- a/PVE/Network/SDN/FrrPlugin.pm
+++ b/PVE/Network/SDN/FrrPlugin.pm
@@ -68,6 +68,14 @@ sub generate_frr_config {
     push @router_config, "advertise-all-vni";
     push(@{$config->{router}->{"bgp $asn"}->{"address-family"}->{"l2vpn 
evpn"}}, @router_config);
 
+    #don't distribute default vrf route to other peers
+    @router_config = ();
+    foreach my $address (@peers) {
+       next if $address eq $ifaceip;
+       push @router_config, "neighbor $address prefix-list deny out";
+    }
+    push(@{$config->{router}->{"bgp $asn"}->{"address-family"}->{"ipv4 
unicast"}}, @router_config);
+
     return $config;
 }
 
diff --git a/PVE/Network/SDN/VxlanPlugin.pm b/PVE/Network/SDN/VxlanPlugin.pm
index 9ab0ade..3e18de3 100644
--- a/PVE/Network/SDN/VxlanPlugin.pm
+++ b/PVE/Network/SDN/VxlanPlugin.pm
@@ -199,7 +199,11 @@ sub generate_frr_config {
        push(@{$config->{router}->{"bgp $asn"}->{"address-family"}->{"ipv4 
unicast"}}, @router_config);
 
        @router_config = ();
+       #redistribute connected to be able to route to local vms on the gateway
+       push @router_config, "redistribute connected";
+       push(@{$config->{router}->{"bgp $asn vrf 
$vrf"}->{"address-family"}->{"ipv4 unicast"}}, @router_config);
 
+       @router_config = ();
        #add default originate to announce 0.0.0.0/0 type5 route in evpn
        push @router_config, "default-originate ipv4";
        push(@{$config->{router}->{"bgp $asn vrf 
$vrf"}->{"address-family"}->{"l2vpn evpn"}}, @router_config);
-- 
2.20.1

_______________________________________________
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

Reply via email to