From: Alexandre Derumier <aderumier@odiso.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH pve-network] evpn : remove "ip route add vrf vrf_myzone unreachable default metric 4278198272" on exit node
Date: Wed, 21 Jul 2021 08:22:28 +0200 [thread overview]
Message-ID: <20210721062228.1343888-1-aderumier@odiso.com> (raw)
This is breaking routing between the evpn vrf && default vrf leak on exit node only
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---
PVE/Network/SDN/Zones/EvpnPlugin.pm | 5 ++---
test/zones/evpn/exitnode/expected_sdn_interfaces | 1 -
test/zones/evpn/exitnode_snat/expected_sdn_interfaces | 1 -
3 files changed, 2 insertions(+), 5 deletions(-)
diff --git a/PVE/Network/SDN/Zones/EvpnPlugin.pm b/PVE/Network/SDN/Zones/EvpnPlugin.pm
index 4fa46f7..6dd970b 100644
--- a/PVE/Network/SDN/Zones/EvpnPlugin.pm
+++ b/PVE/Network/SDN/Zones/EvpnPlugin.pm
@@ -73,6 +73,7 @@ sub generate_sdn_config {
my $bgprouter = PVE::Network::SDN::Controllers::EvpnPlugin::find_bgp_controller($local_node, $controller_cfg);
my $loopback = $bgprouter->{loopback} if $bgprouter->{loopback};
my ($ifaceip, $iface) = PVE::Network::SDN::Zones::Plugin::find_local_ip_interface_peers(\@peers, $loopback);
+ my $is_evpn_gateway = $plugin_config->{'exitnodes'}->{$local_node};
my $mtu = 1450;
$mtu = $interfaces_config->{$iface}->{mtu} - 50 if $interfaces_config->{$iface}->{mtu};
@@ -127,8 +128,6 @@ sub generate_sdn_config {
if ($subnet->{snat}) {
- my $is_evpn_gateway = $plugin_config->{'exitnodes'}->{$local_node};
-
#find outgoing interface
my ($outip, $outiface) = PVE::Network::SDN::Zones::Plugin::get_local_route_ip($checkrouteip);
if ($outip && $outiface && $is_evpn_gateway) {
@@ -158,7 +157,7 @@ sub generate_sdn_config {
#vrf interface
@iface_config = ();
push @iface_config, "vrf-table auto";
- push @iface_config, "post-up ip route add vrf $vrf_iface unreachable default metric 4278198272";
+ push @iface_config, "post-up ip route add vrf $vrf_iface unreachable default metric 4278198272" if !$is_evpn_gateway;
push(@{$config->{$vrf_iface}}, @iface_config) if !$config->{$vrf_iface};
if ($vrfvxlan) {
diff --git a/test/zones/evpn/exitnode/expected_sdn_interfaces b/test/zones/evpn/exitnode/expected_sdn_interfaces
index 4cf13e0..ca691cd 100644
--- a/test/zones/evpn/exitnode/expected_sdn_interfaces
+++ b/test/zones/evpn/exitnode/expected_sdn_interfaces
@@ -14,7 +14,6 @@ iface myvnet
auto vrf_myzone
iface vrf_myzone
vrf-table auto
- post-up ip route add vrf vrf_myzone unreachable default metric 4278198272
auto vrfbr_myzone
iface vrfbr_myzone
diff --git a/test/zones/evpn/exitnode_snat/expected_sdn_interfaces b/test/zones/evpn/exitnode_snat/expected_sdn_interfaces
index a2a183e..77168ad 100644
--- a/test/zones/evpn/exitnode_snat/expected_sdn_interfaces
+++ b/test/zones/evpn/exitnode_snat/expected_sdn_interfaces
@@ -33,7 +33,6 @@ iface myvnet2
auto vrf_myzone
iface vrf_myzone
vrf-table auto
- post-up ip route add vrf vrf_myzone unreachable default metric 4278198272
auto vrfbr_myzone
iface vrfbr_myzone
--
2.30.2
next reply other threads:[~2021-07-21 6:22 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-21 6:22 Alexandre Derumier [this message]
2021-08-23 17:41 ` alexandre derumier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210721062228.1343888-1-aderumier@odiso.com \
--to=aderumier@odiso.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox