From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id E7FB01FF136 for ; Mon, 04 May 2026 18:35:07 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id B760BC69B; Mon, 4 May 2026 18:35:07 +0200 (CEST) From: Stefan Hanreich To: pve-devel@lists.proxmox.com Subject: [PATCH proxmox-ve-rs 1/1] fabrics: allow overlapping ip prefixes in fabrics Date: Mon, 4 May 2026 18:34:23 +0200 Message-ID: <20260504163426.432326-1-s.hanreich@proxmox.com> X-Mailer: git-send-email 2.47.3 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1777912368391 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.655 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Message-ID-Hash: 3QVGXPZ35LPOKXVYYDZUSUA7N5CA5Q5P X-Message-ID-Hash: 3QVGXPZ35LPOKXVYYDZUSUA7N5CA5Q5P X-MailFrom: s.hanreich@proxmox.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Proxmox VE development discussion List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: This allows for reusing the same loopback IP across multiple fabrics. This enables using multiple routing protocols for complex network topologies (e.g. using OSPF as IGP, but BGP for exchanging routes via WAN). When re-using an IP, two dummy interfaces with the same /32 are generated. The kernel does not generate routes for /32 IPs in the kernel routing table. The main idea is that this simplifies the config generation logic and makes it deterministic (i.e. the generated config for a fabric cannot change when adding / removing another fabric). Additionally, it allows the SDN stack to rely on the fact that each fabric has a dedicated loopback interface that can be referenced (for instance when utilizing the update-source directive in FRR). Signed-off-by: Stefan Hanreich --- proxmox-ve-config/src/sdn/fabric/mod.rs | 30 ------------------------- 1 file changed, 30 deletions(-) diff --git a/proxmox-ve-config/src/sdn/fabric/mod.rs b/proxmox-ve-config/src/sdn/fabric/mod.rs index a30b346..fc441d6 100644 --- a/proxmox-ve-config/src/sdn/fabric/mod.rs +++ b/proxmox-ve-config/src/sdn/fabric/mod.rs @@ -643,36 +643,6 @@ impl Validatable for FabricConfig { let mut node_interfaces = HashSet::new(); let mut ospf_area = HashSet::new(); - // Check for overlapping IP prefixes across fabrics - let fabrics: Vec<_> = self.fabrics.values().map(|f| f.fabric()).collect(); - let cartesian_product = fabrics - .iter() - .enumerate() - .flat_map(|(i, f1)| fabrics.iter().skip(i + 1).map(move |f2| (f1, f2))); - - for (fabric1, fabric2) in cartesian_product { - if let (Some(prefix1), Some(prefix2)) = (fabric1.ip_prefix(), fabric2.ip_prefix()) { - if prefix1.overlaps(&prefix2) { - return Err(FabricConfigError::OverlappingIp4Prefix( - prefix2.to_string(), - fabric2.id().to_string(), - prefix1.to_string(), - fabric1.id().to_string(), - )); - } - } - if let (Some(prefix1), Some(prefix2)) = (fabric1.ip6_prefix(), fabric2.ip6_prefix()) { - if prefix1.overlaps(&prefix2) { - return Err(FabricConfigError::OverlappingIp6Prefix( - prefix2.to_string(), - fabric2.id().to_string(), - prefix1.to_string(), - fabric1.id().to_string(), - )); - } - } - } - // validate that each (node, interface) combination exists only once across all fabrics // additionally, for wireguard check the listen ports of the interfaces as well for entry in self.fabrics.values() { -- 2.47.3