From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 877D7D439 for ; Wed, 30 Nov 2022 16:19:41 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 4F9D1204E0 for ; Wed, 30 Nov 2022 16:19:11 +0100 (CET) Received: from bastionodiso.odiso.net (bastionodiso.odiso.net [IPv6:2a0a:1580:2000::2d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Wed, 30 Nov 2022 16:19:09 +0100 (CET) Received: from kvmformation3.odiso.net (formationkvm3.odiso.net [10.3.94.12]) by bastionodiso.odiso.net (Postfix) with ESMTP id 2673380B8; Wed, 30 Nov 2022 16:19:02 +0100 (CET) Received: by kvmformation3.odiso.net (Postfix, from userid 0) id 0E98D17BD8E; Wed, 30 Nov 2022 16:19:02 +0100 (CET) From: Alexandre Derumier To: pve-devel@lists.proxmox.com Date: Wed, 30 Nov 2022 16:18:59 +0100 Message-Id: <20221130151859.2795918-1-aderumier@odiso.com> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.033 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% HEADER_FROM_DIFFERENT_DOMAINS 0.249 From and EnvelopeFrom 2nd level mail domains are different KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery methods NO_DNS_FOR_FROM 0.001 Envelope sender has no MX or A DNS records SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_NONE 0.001 SPF: sender does not publish an SPF Record Subject: [pve-devel] [PATCH pve-network] frr: add prefix-list support X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Nov 2022 15:19:41 -0000 parsing of prefix-list in frr.conf.local was missing reported on forum: https://forum.proxmox.com/threads/using-the-proxmox-sdn-to-manage-host-connectivity-with-bgp.118553 Signed-off-by: Alexandre Derumier --- PVE/Network/SDN/Controllers/BgpPlugin.pm | 2 +- PVE/Network/SDN/Controllers/EvpnPlugin.pm | 20 +++++++++++-------- .../ebgp_loopback/expected_controller_config | 3 ++- 3 files changed, 15 insertions(+), 10 deletions(-) diff --git a/PVE/Network/SDN/Controllers/BgpPlugin.pm b/PVE/Network/SDN/Controllers/BgpPlugin.pm index 6e69f67..0b8cf1a 100644 --- a/PVE/Network/SDN/Controllers/BgpPlugin.pm +++ b/PVE/Network/SDN/Controllers/BgpPlugin.pm @@ -118,7 +118,7 @@ sub generate_controller_config { } if ($loopback) { - push(@{$config->{frr}->{''}}, "ip prefix-list loopbacks_ips seq 10 permit 0.0.0.0/0 le 32"); + $config->{frr_prefix_list}->{loopbacks_ips}->{10} = "permit 0.0.0.0/0 le 32"; push(@{$config->{frr}->{''}}, "ip protocol bgp route-map correct_src"); my $routemap_config = (); diff --git a/PVE/Network/SDN/Controllers/EvpnPlugin.pm b/PVE/Network/SDN/Controllers/EvpnPlugin.pm index 74ec018..b72d669 100644 --- a/PVE/Network/SDN/Controllers/EvpnPlugin.pm +++ b/PVE/Network/SDN/Controllers/EvpnPlugin.pm @@ -384,17 +384,17 @@ sub generate_frr_routemap { } } -sub generate_frr_accesslist { - my ($final_config, $accesslists) = @_; +sub generate_frr_list { + my ($final_config, $lists, $type) = @_; my $config = []; - for my $id (sort keys %$accesslists) { - my $accesslist = $accesslists->{$id}; + for my $id (sort keys %$lists) { + my $list = $lists->{$id}; - for my $seq (sort keys %$accesslist) { - my $rule = $accesslist->{$seq}; - push @$config, "access-list $id seq $seq $rule"; + for my $seq (sort keys %$list) { + my $rule = $list->{$seq}; + push @$config, "$type $id seq $seq $rule"; } } @@ -422,7 +422,8 @@ sub generate_controller_rawconfig { } generate_frr_recurse($final_config, $config->{frr}, undef, 0); - generate_frr_accesslist($final_config, $config->{frr_access_list}); + generate_frr_list($final_config, $config->{frr_access_list}, "access-list"); + generate_frr_list($final_config, $config->{frr_prefix_list}, "ip prefix-list"); generate_frr_routemap($final_config, $config->{frr_routemap}); push @{$final_config}, "!"; @@ -467,6 +468,9 @@ sub parse_merge_frr_local_config { } elsif ($line =~ m/^access-list (.+) seq (\d+) (.+)$/) { $config->{'frr_access_list'}->{$1}->{$2} = $3; next; + } elsif ($line =~ m/^ip prefix-list (.+) seq (\d+) (.*)$/) { + $config->{'frr_prefix_list'}->{$1}->{$2} = $3; + next; } elsif($line =~ m/^exit-address-family$/) { next; } elsif($line =~ m/^exit$/) { diff --git a/test/zones/evpn/ebgp_loopback/expected_controller_config b/test/zones/evpn/ebgp_loopback/expected_controller_config index 64fca31..548d532 100644 --- a/test/zones/evpn/ebgp_loopback/expected_controller_config +++ b/test/zones/evpn/ebgp_loopback/expected_controller_config @@ -4,7 +4,6 @@ hostname localhost log syslog informational service integrated-vtysh-config ! -ip prefix-list loopbacks_ips seq 10 permit 0.0.0.0/0 le 32 ip protocol bgp route-map correct_src ! vrf vrf_myzone @@ -53,6 +52,8 @@ router bgp 65001 vrf vrf_myzone exit-address-family exit ! +ip prefix-list loopbacks_ips seq 10 permit 0.0.0.0/0 le 32 +! route-map MAP_VTEP_IN permit 1 exit ! -- 2.30.2