From: Hannes Laimer <h.laimer@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [PATCH pve-network v6 6/9] sdn: evpn: support eBGP VTEPs over BGP fabric underlays
Date: Fri, 15 May 2026 12:24:57 +0200 [thread overview]
Message-ID: <20260515102500.216264-7-h.laimer@proxmox.com> (raw)
In-Reply-To: <20260515102500.216264-1-h.laimer@proxmox.com>
When the EVPN underlay is a BGP fabric, every node already has a unique
per-node ASN for eBGP unnumbered peering. Reuse that ASN for the EVPN
overlay too when the user picks bgp-mode=external, so VTEP sessions
naturally form as eBGP between different ASNs without needing a separate
overlay-ASN scheme. The existing local-as plumbing handles the resulting
mismatch with the router's main ASN.
The EVPN controller's own ASN is still used for autoderived route-target
values, keeping route-targets consistent across the fabric even though
each VTEP advertises under its own per-node ASN.
Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
---
src/PVE/Network/SDN/Controllers/EvpnPlugin.pm | 26 +++++++++++++++++--
1 file changed, 24 insertions(+), 2 deletions(-)
diff --git a/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm b/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
index b62fdff..8953418 100644
--- a/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
+++ b/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
@@ -115,6 +115,7 @@ sub generate_frr_config {
my $ifaceip = undef;
my $routerid = undef;
my $bgp_mode = $plugin_config->{'bgp-mode'} // 'auto';
+ my $use_per_node_asn = 0;
my $bgp_controller = find_bgp_controller($local_node, $controller_cfg);
my $isis_controller = find_isis_controller($local_node, $controller_cfg);
@@ -153,6 +154,21 @@ sub generate_frr_config {
$ifaceip = $current_node->{ip};
$routerid = $current_node->{ip};
+ if ($fabric->{protocol} eq 'bgp' && $bgp_mode eq 'external') {
+ if (!$current_node->{asn}) {
+ log_warn(
+ "Node $local_node has no ASN in BGP fabric $fabric->{id};"
+ . " cannot configure eBGP VTEPs for EVPN controller"
+ . " $plugin_config->{id}"
+ );
+ return;
+ }
+ $asn = int($current_node->{asn});
+ $ebgp = 1;
+ $autortas = $plugin_config->{asn};
+ $use_per_node_asn = 1;
+ }
+
} elsif ($plugin_config->{'peers'}) {
@peers = PVE::Tools::split_list($plugin_config->{'peers'});
@@ -212,8 +228,14 @@ sub generate_frr_config {
if ($bgp_mode eq 'auto') {
$neighbor_group->{ebgp_multihop} = 10 if $ebgp && $loopback;
} elsif ($bgp_mode eq 'external') {
- $neighbor_group->{ebgp_multihop} = int($plugin_config->{'ebgp-multihop'})
- if $ebgp && $plugin_config->{'ebgp-multihop'};
+ if ($ebgp && $plugin_config->{'ebgp-multihop'}) {
+ $neighbor_group->{ebgp_multihop} = int($plugin_config->{'ebgp-multihop'});
+ } elsif ($use_per_node_asn) {
+ # eBGP VTEPs over a BGP fabric reach each peer via the per-node
+ # fabric loopback. The peers are not directly connected, so the
+ # session needs multihop to form.
+ $neighbor_group->{ebgp_multihop} = 10;
+ }
}
if ($asn != int($bgp_router->{asn})) {
--
2.47.3
next prev parent reply other threads:[~2026-05-15 10:25 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-15 10:24 [PATCH docs/manager/network/proxmox{-ve-rs,-perl-rs} v6 0/9] sdn: add BGP fabric Hannes Laimer
2026-05-15 10:24 ` [PATCH proxmox-ve-rs v6 1/9] sdn: fabric: add BGP protocol support Hannes Laimer
2026-05-15 10:24 ` [PATCH proxmox-perl-rs v6 2/9] sdn: fabrics: add BGP config generation Hannes Laimer
2026-05-15 10:24 ` [PATCH proxmox-perl-rs v6 3/9] sdn: fabrics: add BGP status endpoints Hannes Laimer
2026-05-15 10:24 ` [PATCH pve-network v6 4/9] sdn: fabrics: register bgp as a fabric protocol type Hannes Laimer
2026-05-15 10:24 ` [PATCH pve-network v6 5/9] sdn: forbid BGP controller and BGP fabric coexistence Hannes Laimer
2026-05-15 10:24 ` Hannes Laimer [this message]
2026-05-15 10:24 ` [PATCH pve-network v6 7/9] test: evpn: add integration test for EVPN over BGP fabric Hannes Laimer
2026-05-15 10:24 ` [PATCH pve-manager v6 8/9] ui: sdn: add BGP fabric support Hannes Laimer
2026-05-15 10:25 ` [PATCH pve-docs v6 9/9] sdn: add bgp fabric section Hannes Laimer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260515102500.216264-7-h.laimer@proxmox.com \
--to=h.laimer@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.