From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
	by lore.proxmox.com (Postfix) with ESMTPS id 417871FF13B
	for <inbox@lore.proxmox.com>; Wed, 25 Mar 2026 10:43:39 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 0B12BFCDD;
	Wed, 25 Mar 2026 10:42:27 +0100 (CET)
From: Stefan Hanreich <s.hanreich@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [PATCH pve-network 11/13] tests: add bgp evpn route map/prefix list
 testcase
Date: Wed, 25 Mar 2026 10:41:36 +0100
Message-ID: <20260325094142.174364-26-s.hanreich@proxmox.com>
X-Mailer: git-send-email 2.47.3
In-Reply-To: <20260325094142.174364-1-s.hanreich@proxmox.com>
References: <20260325094142.174364-1-s.hanreich@proxmox.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2
X-Bm-Transport-Timestamp: 1774431664759
X-SPAM-LEVEL: Spam detection results:  0
	AWL                     0.717 Adjusted score from AWL reputation of From:
 address
	BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
	DMARC_MISSING             0.1 Missing DMARC policy
	KAM_DMARC_STATUS         0.01 Test Rule for DKIM or SPF Failure with Strict
 Alignment
	SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
	SPF_PASS               -0.001 SPF: sender matches SPF record
Message-ID-Hash: NWHO2UZFXZGS2HARXLPVKE7GQPXQV72H
X-Message-ID-Hash: NWHO2UZFXZGS2HARXLPVKE7GQPXQV72H
X-MailFrom: s.hanreich@proxmox.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop;
 banned-address; emergency; member-moderation; nonmember-moderation;
 administrivia; implicit-dest; max-recipients; max-size; news-moderation;
 no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.10
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Owner: <mailto:pve-devel-owner@lists.proxmox.com>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Subscribe: <mailto:pve-devel-join@lists.proxmox.com>
List-Unsubscribe: <mailto:pve-devel-leave@lists.proxmox.com>

Uses a EVPN controller in conjunction with a BGP controller. The
testcases overrides the routemap for one direction in either
controller, but leaves the default incoming route map in the EVPN
controller. Additionally the route map utilizes a custom prefix list
in its matching logic.

Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
 .../expected_controller_config                | 76 ++++++++++++++++
 .../expected_sdn_interfaces                   | 41 +++++++++
 .../bgp_evpn_routemap_prefix_list/interfaces  |  7 ++
 .../bgp_evpn_routemap_prefix_list/sdn_config  | 86 +++++++++++++++++++
 4 files changed, 210 insertions(+)
 create mode 100644 src/test/zones/evpn/bgp_evpn_routemap_prefix_list/expected_controller_config
 create mode 100644 src/test/zones/evpn/bgp_evpn_routemap_prefix_list/expected_sdn_interfaces
 create mode 100644 src/test/zones/evpn/bgp_evpn_routemap_prefix_list/interfaces
 create mode 100644 src/test/zones/evpn/bgp_evpn_routemap_prefix_list/sdn_config

diff --git a/src/test/zones/evpn/bgp_evpn_routemap_prefix_list/expected_controller_config b/src/test/zones/evpn/bgp_evpn_routemap_prefix_list/expected_controller_config
new file mode 100644
index 0000000..1c32221
--- /dev/null
+++ b/src/test/zones/evpn/bgp_evpn_routemap_prefix_list/expected_controller_config
@@ -0,0 +1,76 @@
+frr version 10.4.1
+frr defaults datacenter
+hostname localhost
+log syslog informational
+service integrated-vtysh-config
+!
+vrf vrf_myzone
+ vni 1000
+exit-vrf
+!
+router bgp 65002
+ bgp router-id 192.168.0.1
+ no bgp hard-administrative-reset
+ no bgp default ipv4-unicast
+ coalesce-time 1000
+ no bgp graceful-restart notification
+ neighbor VTEP peer-group
+ neighbor VTEP remote-as external
+ neighbor VTEP bfd
+ neighbor 192.168.0.2 peer-group VTEP
+ neighbor 192.168.0.3 peer-group VTEP
+ neighbor BGP peer-group
+ neighbor BGP remote-as external
+ neighbor BGP bfd
+ neighbor 192.168.0.252 peer-group BGP
+ neighbor 192.168.0.253 peer-group BGP
+ !
+ address-family ipv4 unicast
+  neighbor BGP activate
+  neighbor BGP soft-reconfiguration inbound
+  neighbor BGP route-map map-in in
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  neighbor VTEP activate
+  neighbor VTEP route-map MAP_VTEP_IN in
+  neighbor VTEP route-map map-out out
+  advertise-all-vni
+  autort as 65000
+ exit-address-family
+exit
+!
+router bgp 65002 vrf vrf_myzone
+ bgp router-id 192.168.0.1
+ no bgp hard-administrative-reset
+ no bgp graceful-restart notification
+ !
+ address-family l2vpn evpn
+  route-target import 65000:1000
+  route-target export 65000:1000
+ exit-address-family
+exit
+!
+ip prefix-list some_list deny 192.0.2.0/24 le 25
+ip prefix-list some_list deny 198.51.100.0/25 le 26 ge 25
+ip prefix-list some_list seq 22 permit 203.0.113.0/24
+!
+route-map MAP_VTEP_IN permit 1
+exit
+!
+route-map map-in permit 9
+ match ip next-hop prefix-list some_list
+exit
+!
+route-map map-in permit 99
+ match ip next-hop prefix-list some_list
+ set src 192.0.2.1
+ set ip next-hop 192.0.2.100
+exit
+!
+route-map map-out permit 999
+ match ip next-hop prefix-list some_list
+exit
+!
+line vty
+!
diff --git a/src/test/zones/evpn/bgp_evpn_routemap_prefix_list/expected_sdn_interfaces b/src/test/zones/evpn/bgp_evpn_routemap_prefix_list/expected_sdn_interfaces
new file mode 100644
index 0000000..4cf13e0
--- /dev/null
+++ b/src/test/zones/evpn/bgp_evpn_routemap_prefix_list/expected_sdn_interfaces
@@ -0,0 +1,41 @@
+#version:1
+
+auto myvnet
+iface myvnet
+	address 10.0.0.1/24
+	bridge_ports vxlan_myvnet
+	bridge_stp off
+	bridge_fd 0
+	mtu 1450
+	ip-forward on
+	arp-accept on
+	vrf vrf_myzone
+
+auto vrf_myzone
+iface vrf_myzone
+	vrf-table auto
+	post-up ip route add vrf vrf_myzone unreachable default metric 4278198272
+
+auto vrfbr_myzone
+iface vrfbr_myzone
+	bridge-ports vrfvx_myzone
+	bridge_stp off
+	bridge_fd 0
+	mtu 1450
+	vrf vrf_myzone
+
+auto vrfvx_myzone
+iface vrfvx_myzone
+	vxlan-id 1000
+	vxlan-local-tunnelip 192.168.0.1
+	bridge-learning off
+	bridge-arp-nd-suppress on
+	mtu 1450
+
+auto vxlan_myvnet
+iface vxlan_myvnet
+	vxlan-id 100
+	vxlan-local-tunnelip 192.168.0.1
+	bridge-learning off
+	bridge-arp-nd-suppress on
+	mtu 1450
diff --git a/src/test/zones/evpn/bgp_evpn_routemap_prefix_list/interfaces b/src/test/zones/evpn/bgp_evpn_routemap_prefix_list/interfaces
new file mode 100644
index 0000000..66bb826
--- /dev/null
+++ b/src/test/zones/evpn/bgp_evpn_routemap_prefix_list/interfaces
@@ -0,0 +1,7 @@
+auto vmbr0
+iface vmbr0 inet static
+	address 192.168.0.1/24
+	gateway 192.168.0.254
+        bridge-ports eth0
+        bridge-stp off
+        bridge-fd 0
diff --git a/src/test/zones/evpn/bgp_evpn_routemap_prefix_list/sdn_config b/src/test/zones/evpn/bgp_evpn_routemap_prefix_list/sdn_config
new file mode 100644
index 0000000..24ee624
--- /dev/null
+++ b/src/test/zones/evpn/bgp_evpn_routemap_prefix_list/sdn_config
@@ -0,0 +1,86 @@
+{
+  version => 1,
+  vnets   => {
+               ids => {
+                        myvnet => { tag => "100", type => "vnet", zone => "myzone" },
+                      },
+             },
+
+  zones   => {
+               ids => { myzone => { ipam => "pve", type => "evpn", controller => "evpnctl", 'vrf-vxlan' => 1000, } },
+             },
+  controllers  => {
+               ids => {
+                   evpnctl => {
+                       type => "evpn",
+                       'peers' => '192.168.0.1,192.168.0.2,192.168.0.3',
+                       asn => "65000",
+                       'route-map-out' => 'map-out'
+                   },
+                    localhost => {
+                        type => "bgp",
+                        'peers' => '192.168.0.252,192.168.0.253',
+                        ebgp => "1",
+                        asn => "65002",
+                        node => "localhost",
+                       'route-map-in' => 'map-in'
+                    },
+               },
+             },
+
+  subnets => {
+              ids => { 'myzone-10.0.0.0-24' => {
+							'type' => 'subnet',
+							'vnet' => 'myvnet',
+							'gateway' => '10.0.0.1',
+						  }
+		     }
+	     },
+  'prefix-lists' => {
+        ids => {
+            'some_list' => {
+                id => 'some_list',
+                type => 'prefix-list',
+                entries => [
+                    'action=deny,prefix=192.0.2.0/24,le=25',
+                    'action=deny,prefix=198.51.100.0/25,ge=25,le=26',
+                    'action=permit,prefix=203.0.113.0/24,seq=22',
+                ]
+            }
+        }
+  },
+  'route-maps' => {
+        ids => {
+            'map-in_99' => {
+                id => 'map-in_99',
+                type => 'route-map-entry',
+                action => 'permit',
+                match => [
+                    'key=ip-next-hop-prefix-list,value=some_list'
+                ],
+                set => [
+                    'key=src,value=192.0.2.1',
+                    'key=ip-next-hop,value=192.0.2.100'
+                ]
+            },
+            'map-in_9' => {
+                id => 'map-in_9',
+                type => 'route-map-entry',
+                action => 'permit',
+                match => [
+                    'key=ip-next-hop-prefix-list,value=some_list'
+                ]
+            },
+            'map-out_999' => {
+                id => 'map-out_999',
+                type => 'route-map-entry',
+                action => 'permit',
+                match => [
+                    'key=ip-next-hop-prefix-list,value=some_list'
+                ]
+            }
+        }
+  }
+}
+
+
-- 
2.47.3