From: Gabriel Goller <g.goller@proxmox.com>
To: Hannes Duerr <h.duerr@proxmox.com>
Cc: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Subject: Re: [pve-devel] [PATCH access-control/cluster/docs/gui-tests/manager/network/proxmox{, -firewall, -ve-rs, -perl-rs, -widget-toolkit} v3 00/75] Add SDN Fabrics
Date: Thu, 26 Jun 2025 09:04:55 +0200 [thread overview]
Message-ID: <md7mindeufo7k4g2nhbo575w4e4itqn6blgyar25n7i56p5wvu@doxfh6hgy6he> (raw)
In-Reply-To: <575dc158-c628-4343-ab8e-c3ea75da1507@proxmox.com>
Replying to this, just so that we keep a record on the mailing list.
On 12.06.2025 17:01, Hannes Duerr wrote:
>Tested as follow:
>Created 5 Proxmox VE nodes
>joined them as cluster
>added a two interfaces per node, all interfaces are on the same host bridge.
>Assigned the interfaces VLAN tags so that the nodes form a circle:
> ----1---
> / \
>5 2
> \ /
> 4-------3
>
>== OSPF ==
>
>Created new OSPF fabric `backbone` with area 0.0.0.0 and ipv4 prefix
>192.168.2.0/24
>Added all 5 nodes and assigned them the ipv4 addresses 192.168.0.[1-5]
>(unnumbered)
>Checked routes with vtysh -c 'show ip ospf route' and pinged all ips
>-> works as expected
>
>Added PtP /31 address to the interfaces (numbered) and reloaded the config
>Checked routes with vtysh -c 'show ip ospf route' and pinged all ips
>-> works as expected
>Removed nodes 5 and 4
>
>Created additional OSPF fabric `ospf2` with area 1.1.1.1 and ipv4
>prefix 192.168.1.0/24
>Added nodes 3,4 and 5
>Added PtP /31 address to the interfaces (numbered) and reloaded the config
>┌──────────────────┐ ┌──────────────────┐
>│ Area 0.0.0.0 │ │ Area 1.1.1.1 │
>│ │ │ │
>│ F1 <-> F2 <-> F3 <┼──┼> F3 <-> F4 <-> F5 │
>│ │ │ │
>└──────────────────┘ └──────────────────┘
>Checked routes with vtysh -c 'show ip route'
>Codes: K - kernel route, C - connected, L - local, S - static,
> O - OSPF, * - FIB route
>[...]
>O 192.168.0.1/32 [110/10] via 0.0.0.0, dummy_backbone onlink,
>rmapsrc 192.168.0.1, weight 1, 06:40:38
>O>* 192.168.0.2/32 [110/20] via 192.168.0.2, ens20 onlink, rmapsrc
>192.168.0.1, weight 1, 06:40:23
>O>* 192.168.0.3/32 [110/30] via 192.168.0.2, ens20 onlink, rmapsrc
>192.168.0.1, weight 1, 06:40:18
>O 192.168.1.3/32 [110/30] via 192.168.0.2, ens20 onlink, rmapsrc
>192.168.0.1, weight 1, 06:40:18
>O 192.168.1.4/32 [110/40] via 192.168.0.2, ens20 onlink, rmapsrc
>192.168.0.1, weight 1, 06:40:14
>O 192.168.1.5/32 [110/50] via 192.168.0.2, ens20 onlink, rmapsrc
>192.168.0.1, weight 1, 06:40:08
>
>You can see that the ospf routes are created automatically, but are
>not transferred to the FDB. Accordingly, they are not visible in the
>kernel routing table. The reason for this is the restriction of access
>in the /etc/frr/frr.conf
>`access-list pve_ospf_backbone_ips permit 192.168.0.0/24`
>
>We discussed this already off-list and for now keeping it like this
This will probably be a future addition, something like "import-subnets"
or even "import-fabrics" where you can select other subnets/fabrics that
are allowed. We currently filter all the routes in frr, so that only
routes to the actual fabric ips (from the dummy interface) are inserted
(This is to avoid inserting p2p ip addresses into the fib).
>== Open Fabric ==
>
>Created new OpenFabric fabric `of1` with ipv6 prefix
>2a02:ab8:308:3:eff:0:ff00:1/64
>Added all 5 nodes and assigned them the ipv6
>addresses 2a02:ab8:308:3:eff:0:ff00:[1-5] (unnumbered)
>Checked routes with vtysh -c 'show openfabric route' and pinged all
>ips -> works as expected
>
>Installed Ceph Cluster on all nodes and initialized 2 OSDs per node
>Took one node down and the routes switch as expected
>Took the node up again -> the node was not pingable anymore and the
>routes did not come up again
>even after 10 minutes waiting
>
>Already talked to Gabriel about this but we're not yet sure what the
>issue is here.
The issue here is two-fold:
* IPv6 forwarding was not enabled. Here we need to enable IPv6
forwarding globally because there is no per-interface switch as there
is with IPv4. This is fixed in v4.
* When booting up there is a race between openfabric initiating the
interface (circuit) and the underlying interface coming up. This will
result in fabricd not configuring the circuit. That's also why a FRR
restart after the initial boot fixes the issue. This is fixed with
https://github.com/FRRouting/frr/pull/17083 which is included in the
10.3.1 version which is shipped with debian trixie.
Thanks a lot for testing!
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2025-06-26 7:04 UTC|newest]
Thread overview: 79+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-22 16:16 Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox v3 1/4] network-types: initial commit Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox v3 2/4] network-types: make cidr and mac-address types usable by the api Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox v3 3/4] network-types: add api types for ipv4/6 Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox v3 4/4] api-macro: add allof schema to enum Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-firewall v3 1/1] firewall: nftables: migrate to proxmox-network-types Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 01/21] config: use proxmox_serde perl helpers Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 02/21] ve-config: move types to proxmox-network-types Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 03/21] sdn-types: initial commit Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 04/21] frr: create proxmox-frr crate Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 05/21] frr: add common frr types Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 06/21] frr: add openfabric types Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 07/21] frr: add ospf types Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 08/21] frr: add route-map types Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 09/21] frr: add generic types over openfabric and ospf Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 10/21] config: sdn: fabrics: add section types Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 11/21] config: sdn: fabrics: add node " Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 12/21] config: sdn: fabrics: add interface name struct Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 13/21] config: sdn: fabrics: add openfabric properties Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 14/21] config: sdn: fabrics: add ospf properties Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 15/21] config: sdn: fabrics: add api types Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 16/21] config: sdn: fabrics: add section config Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 17/21] config: sdn: fabrics: add fabric config Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 18/21] common: sdn: fabrics: implement validation Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 19/21] sdn: fabrics: config: add conversion from / to section config Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 20/21] sdn: fabrics: implement FRR configuration generation Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-ve-rs v3 21/21] ve-config: add integrations tests Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-perl-rs v3 1/5] pve-rs: Add PVE::RS::SDN::Fabrics module Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-perl-rs v3 2/5] pve-rs: sdn: fabrics: add api methods Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-perl-rs v3 3/5] pve-rs: sdn: fabrics: add frr config generation Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-perl-rs v3 4/5] pve-rs: sdn: fabrics: add helper to generate ifupdown2 configuration Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH proxmox-perl-rs v3 5/5] pve-rs: sdn: fabrics: add helper for network API endpoint Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-cluster v3 1/1] cfs: add fabrics.cfg to observed files Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-access-control v3 1/1] permissions: add ACL paths for SDN fabrics Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 01/21] sdn: fix value returned by pending_config Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 02/21] debian: add dependency to proxmox-perl-rs Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 03/21] fabrics: add fabrics module Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 04/21] refactor: controller: move frr methods into helper Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 05/21] frr: add new helpers for reloading frr configuration Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 06/21] controllers: define new api for frr config generation Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 07/21] sdn: add frr config generation helpers Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 08/21] sdn: api: add check for rewriting frr configuration Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 09/21] test: isis: add test for standalone configuration Stefan Hanreich
2025-05-22 16:16 ` [pve-devel] [PATCH pve-network v3 10/21] sdn: frr: add daemon status to frr helper Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 11/21] sdn: commit fabrics config to running configuration Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 12/21] fabrics: generate ifupdown configuration Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 13/21] fabrics: add jsonschema for fabrics and nodes Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 14/21] api: fabrics: add root-level module Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 15/21] api: fabrics: add fabric submodule Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 16/21] api: fabrics: add node submodule Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 17/21] api: fabrics: add fabricnode submodule Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 18/21] controller: evpn: add fabrics integration Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 19/21] zone: vxlan: " Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 20/21] test: fabrics: add test cases for ospf and openfabric + evpn Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-network v3 21/21] frr: bump frr config version to 10.2.2 Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH proxmox-widget-toolkit v3 1/1] network selector: add type parameter Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 01/18] api: use new sdn config generation functions Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 02/18] ui: fabrics: add model definitions for fabrics Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 03/18] fabric: add common interface panel Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 04/18] fabric: add OpenFabric interface properties Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 05/18] fabric: add OSPF " Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 06/18] fabric: add generic node edit panel Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 07/18] fabric: add OpenFabric node edit Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 08/18] fabric: add OSPF " Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 09/18] fabric: add generic fabric edit panel Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 10/18] fabric: add OpenFabric " Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 11/18] fabric: add OSPF " Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 12/18] fabrics: Add main FabricView Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 13/18] utils: avoid line-break in pending changes message Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 14/18] ui: permissions: add ACL path for fabrics Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 15/18] api: network: add include_sdn / fabric type Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 16/18] ui: add sdn networks to ceph / migration Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 17/18] ui: sdn: add evpn controller fabric integration Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-manager v3 18/18] ui: sdn: vxlan: add fabric property Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-gui-tests v3 1/1] pve: add sdn/fabrics screenshots Stefan Hanreich
2025-05-22 16:17 ` [pve-devel] [PATCH pve-docs v3 1/1] fabrics: add initial documentation for sdn fabrics Stefan Hanreich
2025-06-12 15:01 ` [pve-devel] [PATCH access-control/cluster/docs/gui-tests/manager/network/proxmox{, -firewall, -ve-rs, -perl-rs, -widget-toolkit} v3 00/75] Add SDN Fabrics Hannes Duerr
2025-06-26 7:04 ` Gabriel Goller [this message]
2025-06-26 8:02 ` Stefan Hanreich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=md7mindeufo7k4g2nhbo575w4e4itqn6blgyar25n7i56p5wvu@doxfh6hgy6he \
--to=g.goller@proxmox.com \
--cc=h.duerr@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.