From: Hannes Laimer <h.laimer@proxmox.com>
To: Stefan Hanreich <s.hanreich@proxmox.com>, pve-devel@lists.proxmox.com
Subject: Re: [PATCH pve-network 08/13] evpn controller: add route_map_{in,out} parameter
Date: Fri, 27 Mar 2026 11:44:43 +0100 [thread overview]
Message-ID: <04425c42-4037-4ce8-b81b-9c1eb0398373@proxmox.com> (raw)
In-Reply-To: <20260325094142.174364-23-s.hanreich@proxmox.com>
in `generate_zone_frr_config` we probably also want to use the newly
introduced `route-map-[in|out]` parameter, not the hard coded ones
On 2026-03-25 10:42, Stefan Hanreich wrote:
> This parameter allows overriding the default MAP_VTEP_{IN,OUT} route
> maps by specifying a custom route map configured in route-maps.cfg.
> This can be used for filtering incoming and outgoing routes, e.g. for
> only advertising type-5 routes to external peers or only allow
> importing routes with specific route targets.
>
> Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
> ---
> src/PVE/Network/SDN/Controllers/EvpnPlugin.pm | 19 +++++++++++++------
> src/PVE/Network/SDN/Controllers/Plugin.pm | 14 ++++++++++++++
> 2 files changed, 27 insertions(+), 6 deletions(-)
>
> diff --git a/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm b/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
> index 3e643b1..d7b838b 100644
> --- a/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
> +++ b/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
> @@ -45,6 +45,8 @@ sub options {
> 'asn' => { optional => 0 },
> 'peers' => { optional => 1 },
> 'fabric' => { optional => 1 },
> + 'route-map-in' => { optional => 1 },
> + 'route-map-out' => { optional => 1 },
> };
> }
>
> @@ -153,23 +155,28 @@ sub generate_frr_config {
>
> push @{ $bgp_router->{neighbor_groups} }, $neighbor_group;
>
> + my $route_map_in = $plugin_config->{'route-map-in'} // 'MAP_VTEP_IN';
> + my $route_map_out = $plugin_config->{'route-map-out'} // 'MAP_VTEP_OUT';
> +
> # Configure l2vpn evpn address family
> $bgp_router->{address_families}->{l2vpn_evpn} //= {
> neighbors => [{
> name => "VTEP",
> - route_map_in => 'MAP_VTEP_IN',
> - route_map_out => 'MAP_VTEP_OUT',
> + route_map_in => $route_map_in,
> + route_map_out => $route_map_out,
> }],
> advertise_all_vni => 1,
> };
>
> $bgp_router->{address_families}->{l2vpn_evpn}->{autort_as} = $autortas if $autortas;
>
> - my $routemap_in = { seq => 1, action => "permit" };
> - my $routemap_out = { seq => 1, action => "permit" };
> + if ($route_map_in eq 'MAP_VTEP_IN' && !$config->{frr}->{routemaps}->{'MAP_VTEP_IN'}) {
> + push($config->{frr}->{routemaps}->{'MAP_VTEP_IN'}->@*, { seq => 1, action => "permit" });
> + }
>
> - push($config->{frr}->{routemaps}->{'MAP_VTEP_IN'}->@*, $routemap_in);
> - push($config->{frr}->{routemaps}->{'MAP_VTEP_OUT'}->@*, $routemap_out);
> + if ($route_map_out eq 'MAP_VTEP_OUT' && !$config->{frr}->{routemaps}->{'MAP_VTEP_OUT'}) {
> + push($config->{frr}->{routemaps}->{'MAP_VTEP_OUT'}->@*, { seq => 1, action => "permit" });
> + }
>
> return $config;
> }
> diff --git a/src/PVE/Network/SDN/Controllers/Plugin.pm b/src/PVE/Network/SDN/Controllers/Plugin.pm
> index d70e518..5f9f1ef 100644
> --- a/src/PVE/Network/SDN/Controllers/Plugin.pm
> +++ b/src/PVE/Network/SDN/Controllers/Plugin.pm
> @@ -7,6 +7,8 @@ use PVE::Tools;
> use PVE::JSONSchema;
> use PVE::Cluster;
>
> +use PVE::Network::SDN::RouteMaps;
> +
> use PVE::JSONSchema qw(get_standard_option);
> use base qw(PVE::SectionConfig);
>
> @@ -51,6 +53,18 @@ my $defaultData = {
> 'pve-sdn-controller-id',
> { completion => \&PVE::Network::SDN::complete_sdn_controller },
> ),
> + 'route-map-in' => {
> + description => "Route Map that should be applied for incoming routes",
> + type => 'string',
> + format => 'pve-sdn-route-map-id',
> + optional => 1,
> + },
> + 'route-map-out' => {
> + description => "Route Map that should be applied for outgoing routes",
> + type => 'string',
> + format => 'pve-sdn-route-map-id',
> + optional => 1,
> + },
> },
> };
>
next prev parent reply other threads:[~2026-03-27 10:44 UTC|newest]
Thread overview: 62+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-25 9:41 [PATCH cluster/network/proxmox{-ve-rs,-perl-rs} 00/27] Add support for route maps / prefix lists to SDN Stefan Hanreich
2026-03-25 9:41 ` [PATCH pve-cluster 1/2] cfs: add 'sdn/route-maps.cfg' to observed files Stefan Hanreich
2026-03-25 9:41 ` [PATCH pve-cluster 2/2] cfs: add 'sdn/prefix-lists.cfg' " Stefan Hanreich
2026-03-25 9:41 ` [PATCH proxmox-ve-rs 1/9] sdn-types: add common route-map helper types Stefan Hanreich
2026-03-25 9:41 ` [PATCH proxmox-ve-rs 2/9] frr: implement routemap match/set statements via adjacent tagging Stefan Hanreich
2026-03-26 14:44 ` Hannes Laimer
2026-03-27 9:02 ` Stefan Hanreich
2026-03-25 9:41 ` [PATCH proxmox-ve-rs 3/9] frr: allow rendering prefix-lists/route-maps separately Stefan Hanreich
2026-03-25 14:32 ` Gabriel Goller
2026-03-26 12:17 ` Stefan Hanreich
2026-03-27 10:50 ` Hannes Laimer
2026-03-27 11:34 ` Stefan Hanreich
2026-03-25 9:41 ` [PATCH proxmox-ve-rs 4/9] frr-templates: change route maps template to adapt to new types Stefan Hanreich
2026-03-25 14:33 ` Gabriel Goller
2026-03-25 14:58 ` Gabriel Goller
2026-03-27 11:01 ` Hannes Laimer
2026-03-27 11:17 ` Stefan Hanreich
2026-03-25 9:41 ` [PATCH proxmox-ve-rs 5/9] ve-config: add prefix list section config Stefan Hanreich
2026-03-25 9:41 ` [PATCH proxmox-ve-rs 6/9] ve-config: frr: implement frr config generation for prefix lists Stefan Hanreich
2026-03-25 9:41 ` [PATCH proxmox-ve-rs 7/9] ve-config: add route map section config Stefan Hanreich
2026-03-25 14:35 ` Gabriel Goller
2026-03-26 13:49 ` Stefan Hanreich
2026-03-25 9:41 ` [PATCH proxmox-ve-rs 8/9] ve-config: frr: implement frr config generation for route maps Stefan Hanreich
2026-03-25 15:03 ` Gabriel Goller
2026-03-26 13:50 ` Stefan Hanreich
2026-03-27 11:17 ` Hannes Laimer
2026-03-27 11:21 ` Stefan Hanreich
2026-03-25 9:41 ` [PATCH proxmox-ve-rs 9/9] ve-config: fabrics: adapt frr config generation to new format Stefan Hanreich
2026-03-25 9:41 ` [PATCH proxmox-perl-rs 1/3] pve-rs: sdn: add route maps module Stefan Hanreich
2026-03-26 10:32 ` Wolfgang Bumiller
2026-03-26 13:57 ` Stefan Hanreich
2026-03-25 9:41 ` [PATCH proxmox-perl-rs 2/3] pve-rs: sdn: add prefix lists module Stefan Hanreich
2026-03-25 9:41 ` [PATCH proxmox-perl-rs 3/3] sdn: add prefix list / route maps to frr config generation helper Stefan Hanreich
2026-03-25 9:41 ` [PATCH pve-network 01/13] controller: bgp: evpn: adapt to new match / set frr config syntax Stefan Hanreich
2026-03-26 15:19 ` Hannes Laimer
2026-03-27 10:05 ` Stefan Hanreich
2026-03-25 9:41 ` [PATCH pve-network 02/13] sdn: add prefix lists module Stefan Hanreich
2026-03-25 9:41 ` [PATCH pve-network 03/13] api2: add prefix list module Stefan Hanreich
2026-03-26 15:01 ` Hannes Laimer
2026-03-27 9:57 ` Stefan Hanreich
2026-03-25 9:41 ` [PATCH pve-network 04/13] sdn: add route map module Stefan Hanreich
2026-03-25 9:41 ` [PATCH pve-network 05/13] api2: add route maps api module Stefan Hanreich
2026-03-26 15:05 ` Hannes Laimer
2026-03-27 9:57 ` Stefan Hanreich
2026-03-25 9:41 ` [PATCH pve-network 06/13] api2: add route map module Stefan Hanreich
2026-03-26 15:07 ` Hannes Laimer
2026-03-27 9:57 ` Stefan Hanreich
2026-03-25 9:41 ` [PATCH pve-network 07/13] api2: add route map entry module Stefan Hanreich
2026-03-26 15:13 ` Hannes Laimer
2026-03-27 10:01 ` Stefan Hanreich
2026-03-25 9:41 ` [PATCH pve-network 08/13] evpn controller: add route_map_{in,out} parameter Stefan Hanreich
2026-03-27 10:44 ` Hannes Laimer [this message]
2026-03-27 11:12 ` Stefan Hanreich
2026-03-25 9:41 ` [PATCH pve-network 09/13] sdn: generate route map / prefix list configuration on sdn apply Stefan Hanreich
2026-03-27 10:47 ` Hannes Laimer
2026-03-27 11:13 ` Stefan Hanreich
2026-03-25 9:41 ` [PATCH pve-network 10/13] tests: add simple route map test case Stefan Hanreich
2026-03-25 9:41 ` [PATCH pve-network 11/13] tests: add bgp evpn route map/prefix list testcase Stefan Hanreich
2026-03-25 9:41 ` [PATCH pve-network 12/13] tests: add route map with prefix " Stefan Hanreich
2026-03-25 9:41 ` [PATCH pve-network 13/13] bgp controller: allow configuring custom route maps Stefan Hanreich
2026-03-25 11:38 ` [PATCH cluster/network/proxmox{-ve-rs,-perl-rs} 00/27] Add support for route maps / prefix lists to SDN Stefan Hanreich
2026-03-27 10:17 ` Stefan Hanreich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=04425c42-4037-4ce8-b81b-9c1eb0398373@proxmox.com \
--to=h.laimer@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
--cc=s.hanreich@proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox