From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 3CDE863BCB for ; Wed, 25 Nov 2020 13:22:39 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 3A96D19B78 for ; Wed, 25 Nov 2020 13:22:39 +0100 (CET) Received: from kvmformation1.odiso.net (globalOdiso.M6Lille.odiso.net [89.248.211.242]) by firstgate.proxmox.com (Proxmox) with ESMTP id D001619B4D for ; Wed, 25 Nov 2020 13:22:36 +0100 (CET) Received: by kvmformation1.odiso.net (Postfix, from userid 0) id C4B8FBF7B68; Wed, 25 Nov 2020 13:22:35 +0100 (CET) From: Alexandre Derumier To: pve-devel@lists.proxmox.com Date: Wed, 25 Nov 2020 13:22:33 +0100 Message-Id: <20201125122234.3812845-3-aderumier@odiso.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20201125122234.3812845-1-aderumier@odiso.com> References: <20201125122234.3812845-1-aderumier@odiso.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 1 AWL -0.232 Adjusted score from AWL reputation of From: address HEADER_FROM_DIFFERENT_DOMAINS 0.249 From and EnvelopeFrom 2nd level mail domains are different KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery methods KHOP_HELO_FCRDNS 0.4 Relay HELO differs from its IP's reverse DNS NO_DNS_FOR_FROM 0.379 Envelope sender has no MX or A DNS records SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_NONE 0.001 SPF: sender does not publish an SPF Record Subject: [pve-devel] [PATCH V2 frr 2/3] patch : add autort as derivation X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Nov 2020 12:22:39 -0000 pending upstream https://github.com/FRRouting/frr/pull/7535/ This is for ebgp, to avoid to reload frr each time when we define new vxlan. Signed-off-by: Alexandre Derumier --- ...on-for-RT-auto-derivation-to-force-A.patch | 151 ++++++++++++++++++ debian/patches/series | 1 + 2 files changed, 152 insertions(+) create mode 100644 debian/patches/pve/0002-bgpd-add-an-option-for-RT-auto-derivation-to-force-A.patch diff --git a/debian/patches/pve/0002-bgpd-add-an-option-for-RT-auto-derivation-to-force-A.patch b/debian/patches/pve/0002-bgpd-add-an-option-for-RT-auto-derivation-to-force-A.patch new file mode 100644 index 0000000..3306fbc --- /dev/null +++ b/debian/patches/pve/0002-bgpd-add-an-option-for-RT-auto-derivation-to-force-A.patch @@ -0,0 +1,151 @@ +From c3e66b067564281a58fcf3b99559d289a75090e9 Mon Sep 17 00:00:00 2001 +From: Alexandre Derumier +Date: Tue, 17 Nov 2020 06:01:26 +0100 +Subject: [PATCH 1/3] bgpd : add an option for RT auto-derivation to force AS + +Allow to define a custom AS for autort AS:VNI + +Usefull for evpn with ebgp, where we can't auto-derivated from the router AS, +as route-target AS:VNI need to be the same on the each peer + +Signed-off-by: Alexandre Derumier +--- + bgpd/bgp_evpn.c | 12 +++++++++-- + bgpd/bgp_evpn_vty.c | 49 +++++++++++++++++++++++++++++++-------------- + bgpd/bgpd.h | 3 +++ + 3 files changed, 47 insertions(+), 17 deletions(-) + +diff --git a/bgpd/bgp_evpn.c b/bgpd/bgp_evpn.c +index 84e8960ee..73acc5d7b 100644 +--- a/bgpd/bgp_evpn.c ++++ b/bgpd/bgp_evpn.c +@@ -512,7 +512,11 @@ static void form_auto_rt(struct bgp *bgp, vni_t vni, struct list *rtl) + + if (bgp->advertise_autort_rfc8365) + vni |= EVPN_AUTORT_VXLAN; +- encode_route_target_as((bgp->as & 0xFFFF), vni, &eval); ++ if (bgp->autort_as) { ++ encode_route_target_as((bgp->autort_as & 0xFFFF), vni, &eval); ++ } else { ++ encode_route_target_as((bgp->as & 0xFFFF), vni, &eval); ++ } + + ecomadd = ecommunity_new(); + ecommunity_add_val(ecomadd, &eval, false, false); +@@ -4238,7 +4242,11 @@ void evpn_rt_delete_auto(struct bgp *bgp, vni_t vni, struct list *rtl) + + if (bgp->advertise_autort_rfc8365) + vni |= EVPN_AUTORT_VXLAN; +- encode_route_target_as((bgp->as & 0xFFFF), vni, &eval); ++ if (bgp->autort_as) { ++ encode_route_target_as((bgp->autort_as & 0xFFFF), vni, &eval); ++ } else { ++ encode_route_target_as((bgp->as & 0xFFFF), vni, &eval); ++ } + + ecom_auto = ecommunity_new(); + ecommunity_add_val(ecom_auto, &eval, false, false); +diff --git a/bgpd/bgp_evpn_vty.c b/bgpd/bgp_evpn_vty.c +index e9e2aafeb..6cc6bba33 100644 +--- a/bgpd/bgp_evpn_vty.c ++++ b/bgpd/bgp_evpn_vty.c +@@ -3226,32 +3226,48 @@ DEFUN (no_bgp_evpn_advertise_all_vni, + return CMD_SUCCESS; + } + +-DEFUN (bgp_evpn_advertise_autort_rfc8365, +- bgp_evpn_advertise_autort_rfc8365_cmd, +- "autort rfc8365-compatible", +- "Auto-derivation of RT\n" +- "Auto-derivation of RT using RFC8365\n") ++DEFPY(bgp_evpn_advertise_autort, bgp_evpn_advertise_autort_cmd, ++ "autort [rfc8365-compatible]$rfc8365 [as (1-65536)$as]", ++ "Auto-derivation of RT\n" ++ "Auto-derivation of RT using RFC8365\n" ++ "Auto-derivation AS\n") + { + struct bgp *bgp = VTY_GET_CONTEXT(bgp); + + if (!bgp) + return CMD_WARNING; +- evpn_set_advertise_autort_rfc8365(bgp); ++ ++ if (as) { ++ bgp->autort_as = as; ++ bgp_evpn_handle_autort_change(bgp); ++ } ++ ++ if (rfc8365) ++ evpn_set_advertise_autort_rfc8365(bgp); ++ + return CMD_SUCCESS; + } + +-DEFUN (no_bgp_evpn_advertise_autort_rfc8365, +- no_bgp_evpn_advertise_autort_rfc8365_cmd, +- "no autort rfc8365-compatible", +- NO_STR +- "Auto-derivation of RT\n" +- "Auto-derivation of RT using RFC8365\n") ++DEFPY(no_bgp_evpn_advertise_autort, no_bgp_evpn_advertise_autort_cmd, ++ "no autort [rfc8365-compatible]$rfc8365 [as (1-65536)$as]", ++ NO_STR ++ "Auto-derivation of RT\n" ++ "Auto-derivation of RT using RFC8365\n" ++ "Auto-derivation AS\n") + { + struct bgp *bgp = VTY_GET_CONTEXT(bgp); + + if (!bgp) + return CMD_WARNING; +- evpn_unset_advertise_autort_rfc8365(bgp); ++ ++ if (as) { ++ bgp->autort_as = 0; ++ bgp_evpn_handle_autort_change(bgp); ++ } ++ ++ if (rfc8365) ++ evpn_unset_advertise_autort_rfc8365(bgp); ++ + return CMD_SUCCESS; + } + +@@ -5596,6 +5612,9 @@ void bgp_config_write_evpn_info(struct vty *vty, struct bgp *bgp, afi_t afi, + if (bgp->advertise_autort_rfc8365) + vty_out(vty, " autort rfc8365-compatible\n"); + ++ if (bgp->autort_as) ++ vty_out(vty, " autort as %u\n", bgp->autort_as); ++ + if (bgp->advertise_gw_macip) + vty_out(vty, " advertise-default-gw\n"); + +@@ -5732,8 +5751,8 @@ void bgp_ethernetvpn_init(void) + install_element(BGP_EVPN_NODE, &evpnrt5_network_cmd); + install_element(BGP_EVPN_NODE, &bgp_evpn_advertise_all_vni_cmd); + install_element(BGP_EVPN_NODE, &no_bgp_evpn_advertise_all_vni_cmd); +- install_element(BGP_EVPN_NODE, &bgp_evpn_advertise_autort_rfc8365_cmd); +- install_element(BGP_EVPN_NODE, &no_bgp_evpn_advertise_autort_rfc8365_cmd); ++ install_element(BGP_EVPN_NODE, &bgp_evpn_advertise_autort_cmd); ++ install_element(BGP_EVPN_NODE, &no_bgp_evpn_advertise_autort_cmd); + install_element(BGP_EVPN_NODE, &bgp_evpn_advertise_default_gw_cmd); + install_element(BGP_EVPN_NODE, &no_bgp_evpn_advertise_default_gw_cmd); + install_element(BGP_EVPN_NODE, &bgp_evpn_advertise_svi_ip_cmd); +diff --git a/bgpd/bgpd.h b/bgpd/bgpd.h +index d22fd008d..941066e2e 100644 +--- a/bgpd/bgpd.h ++++ b/bgpd/bgpd.h +@@ -614,6 +614,9 @@ struct bgp { + /* EVPN - use RFC 8365 to auto-derive RT */ + int advertise_autort_rfc8365; + ++ /* EVPN - auto-derive RT AS */ ++ uint16_t autort_as; ++ + /* + * Flooding mechanism for BUM packets for VxLAN-EVPN. + */ +-- +2.20.1 + diff --git a/debian/patches/series b/debian/patches/series index b2de4e5..50b22cc 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1,2 @@ pve/0001-enable-bgp-daemon.patch +pve/0002-bgpd-add-an-option-for-RT-auto-derivation-to-force-A.patch -- 2.20.1