From: Hannes Laimer <h.laimer@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [PATCH proxmox-ve-rs v2 01/11] frr: add IPv6 router advertisement support
Date: Thu, 30 Apr 2026 16:29:43 +0200 [thread overview]
Message-ID: <20260430142953.315412-2-h.laimer@proxmox.com> (raw)
In-Reply-To: <20260430142953.315412-1-h.laimer@proxmox.com>
Add typed configuration for emitting IPv6 Router Advertisements from
FRR, alongside the existing per-protocol configs. The shape mirrors
the protocol's two layers, keeping interface-level fields separate
from per-prefix flags so neither overloads the other.
Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
---
.../templates/frr.conf.jinja | 1 +
.../templates/nd_interfaces.jinja | 33 +++++++++
proxmox-frr/src/ser/mod.rs | 6 ++
proxmox-frr/src/ser/nd.rs | 71 +++++++++++++++++++
proxmox-frr/src/ser/serializer.rs | 6 +-
5 files changed, 116 insertions(+), 1 deletion(-)
create mode 100644 proxmox-frr-templates/templates/nd_interfaces.jinja
create mode 100644 proxmox-frr/src/ser/nd.rs
diff --git a/proxmox-frr-templates/templates/frr.conf.jinja b/proxmox-frr-templates/templates/frr.conf.jinja
index 1f98489..8b07088 100644
--- a/proxmox-frr-templates/templates/frr.conf.jinja
+++ b/proxmox-frr-templates/templates/frr.conf.jinja
@@ -10,3 +10,4 @@
{% include "route_maps.jinja" %}
{% include "ip_routes.jinja" %}
{% include "protocol_routemaps.jinja" %}
+{% include "nd_interfaces.jinja" %}
diff --git a/proxmox-frr-templates/templates/nd_interfaces.jinja b/proxmox-frr-templates/templates/nd_interfaces.jinja
new file mode 100644
index 0000000..79cc16b
--- /dev/null
+++ b/proxmox-frr-templates/templates/nd_interfaces.jinja
@@ -0,0 +1,33 @@
+{% for name, iface in nd_interfaces|items %}
+!
+interface {{ name }}
+ no ipv6 nd suppress-ra
+{% if iface.managed_config_flag %}
+ ipv6 nd managed-config-flag
+{% endif %}
+{% if iface.other_config_flag %}
+ ipv6 nd other-config-flag
+{% endif %}
+{% if iface.router_lifetime is not none %}
+ ipv6 nd ra-lifetime {{ iface.router_lifetime }}
+{% endif %}
+{% if iface.interval is not none %}
+ ipv6 nd ra-interval {{ iface.interval }}
+{% endif %}
+{% if iface.mtu is not none %}
+ ipv6 nd mtu {{ iface.mtu }}
+{% endif %}
+{% for rdnss in iface.rdnss %}
+ ipv6 nd rdnss {{ rdnss }}
+{% endfor %}
+{% for prefix in iface.prefixes %}
+{% if prefix.mode.kind == "autoconfig" %}
+ ipv6 nd prefix {{ prefix.cidr }} {{ prefix.mode.valid }} {{ prefix.mode.preferred }}{% if not prefix.on_link %} off-link{% endif %}
+
+{% elif prefix.mode.kind == "no-autoconfig" %}
+ ipv6 nd prefix {{ prefix.cidr }} no-autoconfig{% if not prefix.on_link %} off-link{% endif %}
+
+{% endif %}
+{% endfor %}
+exit
+{% endfor %}
diff --git a/proxmox-frr/src/ser/mod.rs b/proxmox-frr/src/ser/mod.rs
index cf7ae19..70a08b6 100644
--- a/proxmox-frr/src/ser/mod.rs
+++ b/proxmox-frr/src/ser/mod.rs
@@ -1,5 +1,6 @@
pub mod bgp;
pub mod isis;
+pub mod nd;
pub mod openfabric;
pub mod ospf;
pub mod route_map;
@@ -234,6 +235,11 @@ pub struct FrrConfig {
#[serde(default)]
pub prefix_lists: BTreeMap<PrefixListName, Vec<PrefixListRule>>,
+ /// `interface <name> / ipv6 nd ...` blocks emitted for subnets with Router
+ /// Advertisements enabled. Presence of an entry implies `no ipv6 nd suppress-ra`.
+ #[serde(default)]
+ pub nd_interfaces: BTreeMap<InterfaceName, nd::NdInterface>,
+
#[serde(default)]
pub custom_frr_config: Vec<String>,
}
diff --git a/proxmox-frr/src/ser/nd.rs b/proxmox-frr/src/ser/nd.rs
new file mode 100644
index 0000000..baa6210
--- /dev/null
+++ b/proxmox-frr/src/ser/nd.rs
@@ -0,0 +1,71 @@
+use std::net::Ipv6Addr;
+
+use proxmox_network_types::ip_address::Ipv6Cidr;
+use serde::{Deserialize, Serialize};
+
+/// Per-prefix advertisement mode.
+///
+/// `Autoconfig` sets the autonomous flag on the prefix and carries the valid and preferred
+/// lifetimes. `NoAutoconfig` announces the prefix with the autonomous flag cleared, so
+/// hosts use it for routing decisions but do not derive addresses from it via SLAAC.
+#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(rename_all = "kebab-case", tag = "kind")]
+pub enum NdPrefixMode {
+ Autoconfig {
+ #[serde(deserialize_with = "proxmox_serde::perl::deserialize_u32")]
+ valid: u32,
+ #[serde(deserialize_with = "proxmox_serde::perl::deserialize_u32")]
+ preferred: u32,
+ },
+ NoAutoconfig,
+}
+
+fn default_true() -> bool {
+ true
+}
+
+/// A single prefix advertised in Router Advertisements on an interface.
+#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
+pub struct NdPrefix {
+ pub cidr: Ipv6Cidr,
+ /// On-link (L) flag. Defaults to `true`. Clear to emit the prefix with the off-link
+ /// modifier so hosts reach addresses in the prefix only via the router rather than
+ /// directly on the link.
+ #[serde(
+ default = "default_true",
+ deserialize_with = "proxmox_serde::perl::deserialize_bool"
+ )]
+ pub on_link: bool,
+ pub mode: NdPrefixMode,
+}
+
+/// IPv6 Neighbor Discovery / Router Advertisement configuration for an interface.
+///
+/// Presence of an [`NdInterface`] for an interface implies RAs are enabled on it
+/// (i.e. the generated config emits `no ipv6 nd suppress-ra`). The remaining fields map
+/// 1:1 to FRR `ipv6 nd ...` interface commands.
+#[derive(Clone, Debug, Default, PartialEq, Eq, Serialize, Deserialize)]
+pub struct NdInterface {
+ /// Sets the `M` bit in emitted RAs. Guests should obtain addresses via DHCPv6.
+ #[serde(default, deserialize_with = "proxmox_serde::perl::deserialize_bool")]
+ pub managed_config_flag: bool,
+ /// Sets the `O` bit in emitted RAs. Guests should obtain other configuration via DHCPv6.
+ #[serde(default, deserialize_with = "proxmox_serde::perl::deserialize_bool")]
+ pub other_config_flag: bool,
+ /// RDNSS entries to advertise. Each produces its own `ipv6 nd rdnss <addr>` line.
+ #[serde(default)]
+ pub rdnss: Vec<Ipv6Addr>,
+ /// Default-router lifetime (seconds) advertised in RAs. `0` tells hosts the emitter is not
+ /// a default router. `None` lets FRR use its built-in default (1800s).
+ #[serde(default)]
+ pub router_lifetime: Option<u32>,
+ /// Maximum interval between unsolicited RAs (seconds). `None` keeps the FRR default (600s).
+ #[serde(default)]
+ pub interval: Option<u32>,
+ /// MTU advertised in the RA. `None` omits the MTU option from the RA.
+ #[serde(default)]
+ pub mtu: Option<u32>,
+ /// Prefix advertisements emitted on this interface, in declaration order.
+ #[serde(default)]
+ pub prefixes: Vec<NdPrefix>,
+}
diff --git a/proxmox-frr/src/ser/serializer.rs b/proxmox-frr/src/ser/serializer.rs
index 2ac85d8..5b5d5a5 100644
--- a/proxmox-frr/src/ser/serializer.rs
+++ b/proxmox-frr/src/ser/serializer.rs
@@ -5,7 +5,7 @@ use crate::ser::FrrConfig;
use proxmox_sortable_macro::sortable;
#[sortable]
-pub static TEMPLATES: [(&str, &str); 12] = sorted!([
+pub static TEMPLATES: [(&str, &str); 13] = sorted!([
(
"fabricd.jinja",
include_str!("/usr/share/proxmox-frr/templates/fabricd.jinja"),
@@ -50,6 +50,10 @@ pub static TEMPLATES: [(&str, &str); 12] = sorted!([
"protocol_routemaps.jinja",
include_str!("/usr/share/proxmox-frr/templates/protocol_routemaps.jinja"),
),
+ (
+ "nd_interfaces.jinja",
+ include_str!("/usr/share/proxmox-frr/templates/nd_interfaces.jinja"),
+ ),
(
"frr.conf.jinja",
include_str!("/usr/share/proxmox-frr/templates/frr.conf.jinja"),
--
2.47.3
next prev parent reply other threads:[~2026-04-30 14:31 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-30 14:29 [PATCH docs/manager/network/proxmox{-ve-rs,-perl-rs} v2 00/11] sdn: evpn: add IPv6 RA / SLAAC support Hannes Laimer
2026-04-30 14:29 ` Hannes Laimer [this message]
2026-04-30 14:29 ` [PATCH proxmox-ve-rs v2 02/11] ve-config: add per-vnet IPv6 RA configuration Hannes Laimer
2026-04-30 14:29 ` [PATCH proxmox-perl-rs v2 03/11] pve-rs: sdn: add IPv6 RA builder binding Hannes Laimer
2026-04-30 14:29 ` [PATCH pve-network v2 04/11] sdn: evpn: add IPv6 RA / SLAAC support Hannes Laimer
2026-04-30 14:29 ` [PATCH pve-network v2 05/11] sdn: evpn: derive IP version from CIDR for gateway-less subnets Hannes Laimer
2026-04-30 14:29 ` [PATCH pve-network v2 06/11] sdn: evpn: accept untracked IPv6 NA on EVPN vnet bridges Hannes Laimer
2026-04-30 14:29 ` [PATCH pve-network v2 07/11] api: vnet: include zone-type in vnet list Hannes Laimer
2026-04-30 14:29 ` [PATCH pve-manager v2 08/11] ui: sdn: disable SNAT for IPv6 subnets Hannes Laimer
2026-04-30 14:29 ` [PATCH pve-manager v2 09/11] ui: sdn: add IPv6 RA / SLAAC support Hannes Laimer
2026-04-30 14:29 ` [PATCH pve-docs v2 10/11] sdn: document IPv6 RA / SLAAC configuration Hannes Laimer
2026-04-30 14:29 ` [PATCH pve-docs v2 11/11] sdn: add example for IPv6 in an EVPN zone Hannes Laimer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260430142953.315412-2-h.laimer@proxmox.com \
--to=h.laimer@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox