From: Gabriel Goller <g.goller@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [PATCH network] sdn: vxlan: always set local tunnel IP
Date: Thu, 2 Jul 2026 16:33:47 +0200 [thread overview]
Message-ID: <20260702143349.252142-1-g.goller@proxmox.com> (raw)
Frr 10.6 changed the evpn advertise-all-vni handling and no longer
falls back to the BGP router-id to derive the local vtep address for
vxlan interfaces without an explicit local tunnel IP.
This breaks setups where an evpn controller is used together with a
vxlan zone to get plain L2VNIs. In that setup, the vxlan zone creates
the linux vxlan devices, while the evpn controller advertises them
via frr's advertise-all-vni. Without a local vxlan tunnel IP on the
interface, frr 10.6 cannot reliably determine the local vtep address and
the VNI is not advertised/handled correctly.
Explicitly emit the ifupdown2 `vxlan-local-tunnelip` stanza for vxlan
zones, using the local peer/fabric underlay address that is already
determined while generating the zone configuration. Fail generation if
no local tunnel IP can be determined, since generating such an interface
would result in a broken evpn/vxlan setup with current frr.
evpn zones already emit `vxlan-local-tunnelip` for their vxlan devices
when the local vtep address is known.
Fixes: #7766.
Signed-off-by: Gabriel Goller <g.goller@proxmox.com>
---
src/PVE/Network/SDN/Zones/VxlanPlugin.pm | 4 ++++
src/test/zones/vxlan/basic/expected_sdn_interfaces | 1 +
src/test/zones/vxlan/ipv6/expected_sdn_interfaces | 1 +
src/test/zones/vxlan/vlanawarevnet/expected_sdn_interfaces | 1 +
src/test/zones/vxlan/vxlanport/expected_sdn_interfaces | 1 +
5 files changed, 8 insertions(+)
diff --git a/src/PVE/Network/SDN/Zones/VxlanPlugin.pm b/src/PVE/Network/SDN/Zones/VxlanPlugin.pm
index a40826153d9c..b1bd56db6ea9 100644
--- a/src/PVE/Network/SDN/Zones/VxlanPlugin.pm
+++ b/src/PVE/Network/SDN/Zones/VxlanPlugin.pm
@@ -117,6 +117,9 @@ sub generate_sdn_config {
die "neither peers nor fabric configured for VXLAN zone $plugin_config->{id}";
}
+ die "could not determine local tunnel IP for VXLAN zone $zoneid"
+ if !$ifaceip;
+
my $mtu = 1450;
if ($iface) {
$mtu = $interfaces_config->{$iface}->{mtu} - 50 if $interfaces_config->{$iface}->{mtu};
@@ -126,6 +129,7 @@ sub generate_sdn_config {
#vxlan interface
my @iface_config = ();
push @iface_config, "vxlan-id $tag";
+ push @iface_config, "vxlan-local-tunnelip $ifaceip";
for my $address (sort @peers) {
next if $address eq $ifaceip;
diff --git a/src/test/zones/vxlan/basic/expected_sdn_interfaces b/src/test/zones/vxlan/basic/expected_sdn_interfaces
index 7b73c3e3ca60..ed6869dfa9e6 100644
--- a/src/test/zones/vxlan/basic/expected_sdn_interfaces
+++ b/src/test/zones/vxlan/basic/expected_sdn_interfaces
@@ -10,6 +10,7 @@ iface myvnet
auto vxlan_myvnet
iface vxlan_myvnet
vxlan-id 100
+ vxlan-local-tunnelip 192.168.0.1
vxlan_remoteip 192.168.0.2
vxlan_remoteip 192.168.0.3
mtu 1450
diff --git a/src/test/zones/vxlan/ipv6/expected_sdn_interfaces b/src/test/zones/vxlan/ipv6/expected_sdn_interfaces
index 032ab991826c..14354f61f923 100644
--- a/src/test/zones/vxlan/ipv6/expected_sdn_interfaces
+++ b/src/test/zones/vxlan/ipv6/expected_sdn_interfaces
@@ -10,6 +10,7 @@ iface myvnet
auto vxlan_myvnet
iface vxlan_myvnet
vxlan-id 100
+ vxlan-local-tunnelip 2a08:2200:100:1::10
vxlan_remoteip 2a08:2200:100:1::11
vxlan_remoteip 2a08:2200:100:1::12
mtu 1450
diff --git a/src/test/zones/vxlan/vlanawarevnet/expected_sdn_interfaces b/src/test/zones/vxlan/vlanawarevnet/expected_sdn_interfaces
index 55cdf9cb8887..e6331d2e3807 100644
--- a/src/test/zones/vxlan/vlanawarevnet/expected_sdn_interfaces
+++ b/src/test/zones/vxlan/vlanawarevnet/expected_sdn_interfaces
@@ -12,6 +12,7 @@ iface myvnet
auto vxlan_myvnet
iface vxlan_myvnet
vxlan-id 100
+ vxlan-local-tunnelip 192.168.0.1
vxlan_remoteip 192.168.0.2
vxlan_remoteip 192.168.0.3
mtu 1450
diff --git a/src/test/zones/vxlan/vxlanport/expected_sdn_interfaces b/src/test/zones/vxlan/vxlanport/expected_sdn_interfaces
index 572550a438e7..a3147b66a9c1 100644
--- a/src/test/zones/vxlan/vxlanport/expected_sdn_interfaces
+++ b/src/test/zones/vxlan/vxlanport/expected_sdn_interfaces
@@ -10,6 +10,7 @@ iface myvnet
auto vxlan_myvnet
iface vxlan_myvnet
vxlan-id 100
+ vxlan-local-tunnelip 192.168.0.1
vxlan_remoteip 192.168.0.2
vxlan_remoteip 192.168.0.3
vxlan-port 6000
--
2.47.3
next reply other threads:[~2026-07-02 14:34 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-07-02 14:33 Gabriel Goller [this message]
2026-07-02 14:37 ` [PATCH network] sdn: vxlan: always set local tunnel IP Gabriel Goller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260702143349.252142-1-g.goller@proxmox.com \
--to=g.goller@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.