[pve-devel] [PATCH pve-network 1/6] fix #4657 : evpn: fix exit-node with multiple vrf

all lists on lists.proxmox.com
 help / color / mirror / Atom feed

From: Alexandre Derumier <aderumier@odiso.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH pve-network 1/6] fix #4657 : evpn: fix exit-node with multiple vrf
Date: Thu, 20 Apr 2023 23:36:17 +0200	[thread overview]
Message-ID: <20230420213622.685809-2-aderumier@odiso.com> (raw)
In-Reply-To: <20230420213622.685809-1-aderumier@odiso.com>

Currently, if a node is primary exit-node for 1 vrf,
and secondary exit-node for another vrf,

the deny route-map is filtering routes imports for both
vrf.

This patch add filtering only for vrf where the node is secondary.

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---
 PVE/Network/SDN/Controllers/EvpnPlugin.pm                        | 1 +
 test/zones/evpn/exitnode/expected_controller_config              | 1 +
 .../zones/evpn/exitnode_local_routing/expected_controller_config | 1 +
 test/zones/evpn/exitnode_snat/expected_controller_config         | 1 +
 4 files changed, 4 insertions(+)

diff --git a/PVE/Network/SDN/Controllers/EvpnPlugin.pm b/PVE/Network/SDN/Controllers/EvpnPlugin.pm
index 727aeaa..9d39b9b 100644
--- a/PVE/Network/SDN/Controllers/EvpnPlugin.pm
+++ b/PVE/Network/SDN/Controllers/EvpnPlugin.pm
@@ -168,6 +168,7 @@ sub generate_controller_zone_config {
 	if (!$exitnodes_primary || $exitnodes_primary eq $local_node) {
 	    #filter default type5 route coming from other exit nodes on primary node or both nodes if no primary is defined.
 	    my $routemap_config = ();
+	    push @{$routemap_config}, "match evpn vni $vrfvxlan";
 	    push @{$routemap_config}, "match evpn route-type prefix";
 	    my $routemap = { rule => $routemap_config, action => "deny" };
 	    unshift(@{$config->{frr_routemap}->{'MAP_VTEP_IN'}}, $routemap);
diff --git a/test/zones/evpn/exitnode/expected_controller_config b/test/zones/evpn/exitnode/expected_controller_config
index 48830a3..2c3f19e 100644
--- a/test/zones/evpn/exitnode/expected_controller_config
+++ b/test/zones/evpn/exitnode/expected_controller_config
@@ -53,6 +53,7 @@ router bgp 65000 vrf vrf_myzone
 exit
 !
 route-map MAP_VTEP_IN deny 1
+ match evpn vni 1000
  match evpn route-type prefix
 exit
 !
diff --git a/test/zones/evpn/exitnode_local_routing/expected_controller_config b/test/zones/evpn/exitnode_local_routing/expected_controller_config
index f671b63..c557a7e 100644
--- a/test/zones/evpn/exitnode_local_routing/expected_controller_config
+++ b/test/zones/evpn/exitnode_local_routing/expected_controller_config
@@ -38,6 +38,7 @@ router bgp 65000 vrf vrf_myzone
 exit
 !
 route-map MAP_VTEP_IN deny 1
+ match evpn vni 1000
  match evpn route-type prefix
 exit
 !
diff --git a/test/zones/evpn/exitnode_snat/expected_controller_config b/test/zones/evpn/exitnode_snat/expected_controller_config
index 48830a3..2c3f19e 100644
--- a/test/zones/evpn/exitnode_snat/expected_controller_config
+++ b/test/zones/evpn/exitnode_snat/expected_controller_config
@@ -53,6 +53,7 @@ router bgp 65000 vrf vrf_myzone
 exit
 !
 route-map MAP_VTEP_IN deny 1
+ match evpn vni 1000
  match evpn route-type prefix
 exit
 !
-- 
2.30.2

next prev parent reply	other threads:[~2023-04-20 21:36 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-04-20 21:36 [pve-devel] [PATCH pve-network 0/6] sdn multiples fixes Alexandre Derumier
2023-04-20 21:36 ` Alexandre Derumier [this message]
2023-04-20 21:36 ` [pve-devel] [PATCH pve-network 2/6] fix #4425: vxlan|evpn: add vxlan-port option Alexandre Derumier
2023-04-20 21:36 ` [pve-devel] [PATCH pve-network 3/6] fix #4662 : frr: fix config generation ordering Alexandre Derumier
2023-04-20 21:36 ` [pve-devel] [PATCH pve-network 4/6] fix #4389 : evpn: exit nodes : null routes subnets from other zones Alexandre Derumier
2023-04-20 21:36 ` [pve-devel] [PATCH pve-network 5/6] fix #4683 : zones: qinq: fix vlan-protocol with bridge vlan aware Alexandre Derumier
2023-04-20 21:36 ` [pve-devel] [PATCH pve-network 6/6] network reload: fix UPID parsing Alexandre Derumier
2023-06-06  8:42 ` [pve-devel] applied: [PATCH pve-network 0/6] sdn multiples fixes Thomas Lamprecht

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20230420213622.685809-2-aderumier@odiso.com \
    --to=aderumier@odiso.com \
    --cc=pve-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.

Service provided by Proxmox Server Solutions GmbH | Privacy | Legal