From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id B1C481FF140 for ; Fri, 27 Mar 2026 16:10:50 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 0B1E311ABC; Fri, 27 Mar 2026 16:11:09 +0100 (CET) From: Hannes Laimer To: pve-devel@lists.proxmox.com Subject: [PATCH manager/network/proxmox{-ve-rs,-perl-rs} 0/6] sdn: add BGP fabric Date: Fri, 27 Mar 2026 16:10:25 +0100 Message-ID: <20260327151031.149360-1-h.laimer@proxmox.com> X-Mailer: git-send-email 2.47.3 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1774624182651 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.080 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Message-ID-Hash: DPZZLZJZXWU5PXCD2T6OBJOYX2HDH235 X-Message-ID-Hash: DPZZLZJZXWU5PXCD2T6OBJOYX2HDH235 X-MailFrom: h.laimer@proxmox.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Proxmox VE development discussion List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: This patch series adds BGP as a third fabric protocol alongside OpenFabric and OSPF. It targets eBGP unnumbered underlays where each node has a unique ASN and peers over physical interfaces without IP assignment on fabric links. ## eBGP underlay Each node gets its own ASN (e.g. 65001, 65002, 65003) and peers with its neighbors using 'remote-as external' on unnumbered interfaces. The fabric peer-group is named after the fabric ID and uses BFD when enabled. ## EVPN overlay When the EVPN controller references a BGP fabric, the overlay sessions run as eBGP too. The node's fabric ASN becomes the 'router bgp' process ASN. Since every node has a different ASN, auto-derived route targets would differ per node, so the EVPN controller ASN is used via 'autort as' to produce uniform RTs. This relies on a patch we ship with our frr, upstream reference: [1]. Two additional flags are enabled: 'bestpath as-path multipath-relax' for ECMP across different ASNs, and 'disable-ebgp-connected-route-check' for loopback-based VTEP peers. An iBGP overlay using 'local-as' was considered but rejected due to a limitation in how FRR handles hop limits. See the EVPN commit message for details. ## Single BGP process Unlike OSPF and OpenFabric which have their own FRR protocol blocks, BGP fabric config must coexist with the EVPN BGP config in one 'router bgp' instance. The fabric generates its own BgpRouter and merges it into the existing one via merge_fabric(), appending neighbor groups and address families without overwriting the EVPN settings. Thanks a lot @Stefan for the base of this series! [1] https://github.com/FRRouting/frr/issues/17945 proxmox-ve-rs: Hannes Laimer (1): sdn: fabric: add BGP protocol support proxmox-frr/src/ser/bgp.rs | 66 +++++ proxmox-frr/src/ser/mod.rs | 1 + proxmox-ve-config/src/sdn/fabric/frr.rs | 258 ++++++++++++++++- proxmox-ve-config/src/sdn/fabric/mod.rs | 100 +++++++ .../src/sdn/fabric/section_config/fabric.rs | 22 ++ .../src/sdn/fabric/section_config/mod.rs | 19 ++ .../src/sdn/fabric/section_config/node.rs | 21 ++ .../sdn/fabric/section_config/protocol/bgp.rs | 266 ++++++++++++++++++ .../sdn/fabric/section_config/protocol/mod.rs | 1 + .../tests/fabric/cfg/bgp_default/fabrics.cfg | 17 ++ .../fabric/cfg/bgp_ipv6_only/fabrics.cfg | 17 ++ proxmox-ve-config/tests/fabric/main.rs | 58 ++++ .../snapshots/fabric__bgp_default_pve.snap | 28 ++ .../snapshots/fabric__bgp_default_pve1.snap | 27 ++ .../snapshots/fabric__bgp_ipv6_only_pve.snap | 29 ++ .../snapshots/fabric__bgp_ipv6_only_pve1.snap | 28 ++ 16 files changed, 955 insertions(+), 3 deletions(-) create mode 100644 proxmox-ve-config/src/sdn/fabric/section_config/protocol/bgp.rs create mode 100644 proxmox-ve-config/tests/fabric/cfg/bgp_default/fabrics.cfg create mode 100644 proxmox-ve-config/tests/fabric/cfg/bgp_ipv6_only/fabrics.cfg create mode 100644 proxmox-ve-config/tests/fabric/snapshots/fabric__bgp_default_pve.snap create mode 100644 proxmox-ve-config/tests/fabric/snapshots/fabric__bgp_default_pve1.snap create mode 100644 proxmox-ve-config/tests/fabric/snapshots/fabric__bgp_ipv6_only_pve.snap create mode 100644 proxmox-ve-config/tests/fabric/snapshots/fabric__bgp_ipv6_only_pve1.snap proxmox-perl-rs: Hannes Laimer (2): sdn: fabrics: add BGP config generation sdn: fabrics: add BGP status endpoints pve-rs/src/bindings/sdn/fabrics.rs | 100 +++++++++++++++++++++++++++ pve-rs/src/sdn/status.rs | 105 ++++++++++++++++++++++++++++- 2 files changed, 203 insertions(+), 2 deletions(-) pve-network: Hannes Laimer (2): sdn: fabrics: register bgp as a fabric protocol type sdn: evpn: support eBGP EVPN over BGP fabric underlay src/PVE/Network/SDN/Controllers/EvpnPlugin.pm | 40 ++++++++- src/PVE/Network/SDN/Fabrics.pm | 18 +++- .../bgp_fabric/expected_controller_config | 73 ++++++++++++++++ .../evpn/bgp_fabric/expected_sdn_interfaces | 56 ++++++++++++ src/test/zones/evpn/bgp_fabric/interfaces | 6 ++ src/test/zones/evpn/bgp_fabric/sdn_config | 85 +++++++++++++++++++ 6 files changed, 275 insertions(+), 3 deletions(-) create mode 100644 src/test/zones/evpn/bgp_fabric/expected_controller_config create mode 100644 src/test/zones/evpn/bgp_fabric/expected_sdn_interfaces create mode 100644 src/test/zones/evpn/bgp_fabric/interfaces create mode 100644 src/test/zones/evpn/bgp_fabric/sdn_config pve-manager: Hannes Laimer (1): ui: sdn: add BGP fabric support www/manager6/Makefile | 3 ++ www/manager6/sdn/FabricsView.js | 12 +++++ www/manager6/sdn/fabrics/NodeEdit.js | 1 + www/manager6/sdn/fabrics/bgp/FabricEdit.js | 52 +++++++++++++++++++ .../sdn/fabrics/bgp/InterfacePanel.js | 15 ++++++ www/manager6/sdn/fabrics/bgp/NodeEdit.js | 32 ++++++++++++ 6 files changed, 115 insertions(+) create mode 100644 www/manager6/sdn/fabrics/bgp/FabricEdit.js create mode 100644 www/manager6/sdn/fabrics/bgp/InterfacePanel.js create mode 100644 www/manager6/sdn/fabrics/bgp/NodeEdit.js Summary over all repositories: 30 files changed, 1548 insertions(+), 8 deletions(-) -- Generated by murpp 0.9.0