From: Alexandre Derumier <aderumier@odiso.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH pve-network 1/5] evpn : add "ip route del vrf vrf_myzone unreachable default metric 4278198272" on exit node
Date: Mon, 23 Aug 2021 15:22:14 +0200 [thread overview]
Message-ID: <20210823132218.3558949-2-aderumier@odiso.com> (raw)
In-Reply-To: <20210823132218.3558949-1-aderumier@odiso.com>
This is breaking routing between the evpn vrf && default vrf leak on exit node only
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---
PVE/Network/SDN/Zones/EvpnPlugin.pm | 10 +++++++---
test/zones/evpn/exitnode/expected_sdn_interfaces | 2 +-
test/zones/evpn/exitnode_snat/expected_sdn_interfaces | 2 +-
3 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/PVE/Network/SDN/Zones/EvpnPlugin.pm b/PVE/Network/SDN/Zones/EvpnPlugin.pm
index 4fa46f7..36edccd 100644
--- a/PVE/Network/SDN/Zones/EvpnPlugin.pm
+++ b/PVE/Network/SDN/Zones/EvpnPlugin.pm
@@ -73,6 +73,7 @@ sub generate_sdn_config {
my $bgprouter = PVE::Network::SDN::Controllers::EvpnPlugin::find_bgp_controller($local_node, $controller_cfg);
my $loopback = $bgprouter->{loopback} if $bgprouter->{loopback};
my ($ifaceip, $iface) = PVE::Network::SDN::Zones::Plugin::find_local_ip_interface_peers(\@peers, $loopback);
+ my $is_evpn_gateway = $plugin_config->{'exitnodes'}->{$local_node};
my $mtu = 1450;
$mtu = $interfaces_config->{$iface}->{mtu} - 50 if $interfaces_config->{$iface}->{mtu};
@@ -127,8 +128,6 @@ sub generate_sdn_config {
if ($subnet->{snat}) {
- my $is_evpn_gateway = $plugin_config->{'exitnodes'}->{$local_node};
-
#find outgoing interface
my ($outip, $outiface) = PVE::Network::SDN::Zones::Plugin::get_local_route_ip($checkrouteip);
if ($outip && $outiface && $is_evpn_gateway) {
@@ -158,7 +157,12 @@ sub generate_sdn_config {
#vrf interface
@iface_config = ();
push @iface_config, "vrf-table auto";
- push @iface_config, "post-up ip route add vrf $vrf_iface unreachable default metric 4278198272";
+ if(!$is_evpn_gateway) {
+ push @iface_config, "post-up ip route add vrf $vrf_iface unreachable default metric 4278198272";
+ } else {
+ push @iface_config, "post-up ip route del vrf $vrf_iface unreachable default metric 4278198272";
+ }
+
push(@{$config->{$vrf_iface}}, @iface_config) if !$config->{$vrf_iface};
if ($vrfvxlan) {
diff --git a/test/zones/evpn/exitnode/expected_sdn_interfaces b/test/zones/evpn/exitnode/expected_sdn_interfaces
index 4cf13e0..5ab3084 100644
--- a/test/zones/evpn/exitnode/expected_sdn_interfaces
+++ b/test/zones/evpn/exitnode/expected_sdn_interfaces
@@ -14,7 +14,7 @@ iface myvnet
auto vrf_myzone
iface vrf_myzone
vrf-table auto
- post-up ip route add vrf vrf_myzone unreachable default metric 4278198272
+ post-up ip route del vrf vrf_myzone unreachable default metric 4278198272
auto vrfbr_myzone
iface vrfbr_myzone
diff --git a/test/zones/evpn/exitnode_snat/expected_sdn_interfaces b/test/zones/evpn/exitnode_snat/expected_sdn_interfaces
index a2a183e..47df77a 100644
--- a/test/zones/evpn/exitnode_snat/expected_sdn_interfaces
+++ b/test/zones/evpn/exitnode_snat/expected_sdn_interfaces
@@ -33,7 +33,7 @@ iface myvnet2
auto vrf_myzone
iface vrf_myzone
vrf-table auto
- post-up ip route add vrf vrf_myzone unreachable default metric 4278198272
+ post-up ip route del vrf vrf_myzone unreachable default metric 4278198272
auto vrfbr_myzone
iface vrfbr_myzone
--
2.30.2
next prev parent reply other threads:[~2021-08-23 13:23 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-23 13:22 [pve-devel] [PATCH pve-network 0/5] evpn improvments + fixes Alexandre Derumier
2021-08-23 13:22 ` Alexandre Derumier [this message]
2021-08-23 13:22 ` [pve-devel] [PATCH pve-network 2/5] evpn : add advertise-subnets option Alexandre Derumier
2021-08-23 13:22 ` [pve-devel] [PATCH pve-network 3/5] evpn: add exitnodes-local-routing Alexandre Derumier
2021-08-23 13:22 ` [pve-devel] [PATCH pve-network 4/5] vnet : alias : check pattern Alexandre Derumier
2021-08-23 13:22 ` [pve-devel] [PATCH pve-network 5/5] get_local_vnets: add permissions on /sdn/vnets/* Alexandre Derumier
2021-08-24 12:26 ` [pve-devel] applied-series: Re: [PATCH pve-network 0/5] evpn improvments + fixes Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210823132218.3558949-2-aderumier@odiso.com \
--to=aderumier@odiso.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox