From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9])
	by lore.proxmox.com (Postfix) with ESMTPS id C2ACE1FF18C
	for <inbox@lore.proxmox.com>; Tue, 14 Apr 2026 18:34:38 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 191E41F78F;
	Tue, 14 Apr 2026 18:34:03 +0200 (CEST)
From: Stefan Hanreich <s.hanreich@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [PATCH pve-network 10/16] test: evpn: add test for ibgp + ebgp evpn
 controller
Date: Tue, 14 Apr 2026 18:33:07 +0200
Message-ID: <20260414163315.419384-11-s.hanreich@proxmox.com>
X-Mailer: git-send-email 2.47.3
In-Reply-To: <20260414163315.419384-1-s.hanreich@proxmox.com>
References: <20260414163315.419384-1-s.hanreich@proxmox.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2
X-Bm-Transport-Timestamp: 1776184326757
X-SPAM-LEVEL: Spam detection results:  0
	AWL                     0.694 Adjusted score from AWL reputation of From:
 address
	BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
	DMARC_MISSING             0.1 Missing DMARC policy
	KAM_DMARC_STATUS         0.01 Test Rule for DKIM or SPF Failure with Strict
 Alignment
	SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
	SPF_PASS               -0.001 SPF: sender matches SPF record
Message-ID-Hash: OBX6ZVYDWWKOWVIIOVR76V4ZP3ID7CGK
X-Message-ID-Hash: OBX6ZVYDWWKOWVIIOVR76V4ZP3ID7CGK
X-MailFrom: s.hanreich@proxmox.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop;
 banned-address; emergency; member-moderation; nonmember-moderation;
 administrivia; implicit-dest; max-recipients; max-size; news-moderation;
 no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.10
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Owner: <mailto:pve-devel-owner@lists.proxmox.com>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Subscribe: <mailto:pve-devel-join@lists.proxmox.com>
List-Unsubscribe: <mailto:pve-devel-leave@lists.proxmox.com>

A test for an EVPN-only setup that utilizes iBGP for cluster-local
EVPN BGP, but eBGP for connecting to the outside world via eBGP.

Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
 .../expected_controller_config                | 66 +++++++++++++++++++
 .../expected_sdn_interfaces                   | 41 ++++++++++++
 .../evpn_cluster_ibgp_uplink_ebgp/interfaces  |  7 ++
 .../evpn_cluster_ibgp_uplink_ebgp/sdn_config  | 51 ++++++++++++++
 4 files changed, 165 insertions(+)
 create mode 100644 src/test/zones/evpn/evpn_cluster_ibgp_uplink_ebgp/expected_controller_config
 create mode 100644 src/test/zones/evpn/evpn_cluster_ibgp_uplink_ebgp/expected_sdn_interfaces
 create mode 100644 src/test/zones/evpn/evpn_cluster_ibgp_uplink_ebgp/interfaces
 create mode 100644 src/test/zones/evpn/evpn_cluster_ibgp_uplink_ebgp/sdn_config

diff --git a/src/test/zones/evpn/evpn_cluster_ibgp_uplink_ebgp/expected_controller_config b/src/test/zones/evpn/evpn_cluster_ibgp_uplink_ebgp/expected_controller_config
new file mode 100644
index 0000000..0199425
--- /dev/null
+++ b/src/test/zones/evpn/evpn_cluster_ibgp_uplink_ebgp/expected_controller_config
@@ -0,0 +1,66 @@
+frr version 10.4.1
+frr defaults datacenter
+hostname localhost
+log syslog informational
+service integrated-vtysh-config
+!
+vrf vrf_myzone
+ vni 1000
+exit-vrf
+!
+router bgp 65000
+ bgp router-id 192.168.0.1
+ no bgp hard-administrative-reset
+ no bgp default ipv4-unicast
+ coalesce-time 1000
+ no bgp graceful-restart notification
+ neighbor VTEP peer-group
+ neighbor VTEP remote-as 65000
+ neighbor VTEP bfd
+ neighbor 192.168.0.2 peer-group VTEP
+ neighbor 192.168.0.3 peer-group VTEP
+ neighbor uplink peer-group
+ neighbor uplink remote-as external
+ neighbor uplink bfd
+ neighbor 198.51.100.1 peer-group uplink
+ neighbor 198.51.100.2 peer-group uplink
+ !
+ address-family l2vpn evpn
+  neighbor VTEP activate
+  neighbor VTEP route-map MAP_VTEP_IN in
+  neighbor VTEP route-map MAP_VTEP_OUT out
+  neighbor uplink activate
+  neighbor uplink route-map MAP_VTEP_IN_uplink in
+  neighbor uplink route-map MAP_VTEP_OUT_uplink out
+  advertise-all-vni
+ exit-address-family
+exit
+!
+router bgp 65000 vrf vrf_myzone
+ bgp router-id 192.168.0.1
+ no bgp hard-administrative-reset
+ no bgp graceful-restart notification
+exit
+!
+bgp extcommunity-list standard pve_controller_cluster permit rt 65000:1000
+bgp extcommunity-list standard pve_controller_cluster permit rt 65000:100
+!
+bgp extcommunity-list standard pve_controller_uplink permit rt 65000:1000
+bgp extcommunity-list standard pve_controller_uplink permit rt 65000:100
+!
+route-map MAP_VTEP_IN permit 1
+exit
+!
+route-map MAP_VTEP_IN_uplink permit 1
+exit
+!
+route-map MAP_VTEP_OUT permit 1
+ match extcommunity pve_controller_cluster any
+exit
+!
+route-map MAP_VTEP_OUT_uplink permit 1
+ match extcommunity pve_controller_uplink any
+exit
+!
+line vty
+!
diff --git a/src/test/zones/evpn/evpn_cluster_ibgp_uplink_ebgp/expected_sdn_interfaces b/src/test/zones/evpn/evpn_cluster_ibgp_uplink_ebgp/expected_sdn_interfaces
new file mode 100644
index 0000000..4cf13e0
--- /dev/null
+++ b/src/test/zones/evpn/evpn_cluster_ibgp_uplink_ebgp/expected_sdn_interfaces
@@ -0,0 +1,41 @@
+#version:1
+
+auto myvnet
+iface myvnet
+	address 10.0.0.1/24
+	bridge_ports vxlan_myvnet
+	bridge_stp off
+	bridge_fd 0
+	mtu 1450
+	ip-forward on
+	arp-accept on
+	vrf vrf_myzone
+
+auto vrf_myzone
+iface vrf_myzone
+	vrf-table auto
+	post-up ip route add vrf vrf_myzone unreachable default metric 4278198272
+
+auto vrfbr_myzone
+iface vrfbr_myzone
+	bridge-ports vrfvx_myzone
+	bridge_stp off
+	bridge_fd 0
+	mtu 1450
+	vrf vrf_myzone
+
+auto vrfvx_myzone
+iface vrfvx_myzone
+	vxlan-id 1000
+	vxlan-local-tunnelip 192.168.0.1
+	bridge-learning off
+	bridge-arp-nd-suppress on
+	mtu 1450
+
+auto vxlan_myvnet
+iface vxlan_myvnet
+	vxlan-id 100
+	vxlan-local-tunnelip 192.168.0.1
+	bridge-learning off
+	bridge-arp-nd-suppress on
+	mtu 1450
diff --git a/src/test/zones/evpn/evpn_cluster_ibgp_uplink_ebgp/interfaces b/src/test/zones/evpn/evpn_cluster_ibgp_uplink_ebgp/interfaces
new file mode 100644
index 0000000..66bb826
--- /dev/null
+++ b/src/test/zones/evpn/evpn_cluster_ibgp_uplink_ebgp/interfaces
@@ -0,0 +1,7 @@
+auto vmbr0
+iface vmbr0 inet static
+	address 192.168.0.1/24
+	gateway 192.168.0.254
+        bridge-ports eth0
+        bridge-stp off
+        bridge-fd 0
diff --git a/src/test/zones/evpn/evpn_cluster_ibgp_uplink_ebgp/sdn_config b/src/test/zones/evpn/evpn_cluster_ibgp_uplink_ebgp/sdn_config
new file mode 100644
index 0000000..6f285ee
--- /dev/null
+++ b/src/test/zones/evpn/evpn_cluster_ibgp_uplink_ebgp/sdn_config
@@ -0,0 +1,51 @@
+{
+    version => 1,
+    zones   => {
+        ids => {
+            myzone => {
+                ipam => "pve",
+                type => "evpn",
+                controller => "cluster",
+                'vrf-vxlan' => 1000,
+                'secondary-controllers' => ['uplink'],
+            }
+        },
+    },
+    vnets   => {
+        ids => {
+            myvnet => {
+                tag => "100",
+                type => "vnet",
+                zone => "myzone"
+            },
+        },
+    },
+    subnets => {
+        ids => {
+            'myzone-10.0.0.0-24' => {
+                'type' => 'subnet',
+                'vnet' => 'myvnet',
+                'gateway' => '10.0.0.1',
+            }
+        }
+    },
+    controllers  => {
+        ids => {
+            cluster => {
+                type => "evpn",
+                peers => '192.168.0.1,192.168.0.2,192.168.0.3',
+                asn => "65000",
+                'bgp-mode' => 'internal',
+            },
+            uplink => {
+                type => "evpn",
+                peers => '198.51.100.1,198.51.100.2',
+                asn => "65000",
+                nodes => 'localhost',
+                'bgp-mode' => 'external',
+                'peer-group-name' => 'uplink',
+            }
+        },
+    }
+}
+
-- 
2.47.3