From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
	by lore.proxmox.com (Postfix) with ESMTPS id 3CDF51FF146
	for <inbox@lore.proxmox.com>; Tue, 23 Jun 2026 14:57:47 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id E570534AD5;
	Tue, 23 Jun 2026 14:57:33 +0200 (CEST)
From: Hannes Laimer <h.laimer@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [PATCH docs/manager/network/proxmox{-perl-rs,-ve-rs} v3 0/9] add IPv6
 RA / SLAAC support to EVPN zones
Date: Tue, 23 Jun 2026 14:56:17 +0200
Message-ID: <20260623125626.1195681-1-h.laimer@proxmox.com>
X-Mailer: git-send-email 2.47.3
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2
X-Bm-Transport-Timestamp: 1782219403440
X-SPAM-LEVEL: Spam detection results:  0
	AWL                     0.087 Adjusted score from AWL reputation of From:
 address
	BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
	DMARC_MISSING             0.1 Missing DMARC policy
	KAM_DMARC_STATUS         0.01 Test Rule for DKIM or SPF Failure with Strict
 Alignment
	SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
	SPF_PASS               -0.001 SPF: sender matches SPF record
Message-ID-Hash: RUTY7OKVZQVDGCXD2IWC5U76MYAFTFNQ
X-Message-ID-Hash: RUTY7OKVZQVDGCXD2IWC5U76MYAFTFNQ
X-MailFrom: h.laimer@proxmox.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop;
 banned-address; emergency; member-moderation; nonmember-moderation;
 administrivia; implicit-dest; max-recipients; max-size; news-moderation;
 no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.10
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Owner: <mailto:pve-devel-owner@lists.proxmox.com>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Subscribe: <mailto:pve-devel-join@lists.proxmox.com>
List-Unsubscribe: <mailto:pve-devel-leave@lists.proxmox.com>

This series adds IPv6 Router Advertisement / SLAAC support to EVPN zones.

RA settings sit on the vnet (`vnets.cfg`), per-prefix overrides on the subnet
(`subnets.cfg`). Defaults are chosen so that most IPv6 subnets work without
explicit per-prefix configuration.

It also enables `accept_untracked_na=2` on every EVPN vnet bridge that has an
IPv6 subnet, to keep first-packet IPv6 return traffic reliable in the
distributed anycast-gateway topology. The dedicated commit carries the full
rationale.

v3, thanks @Lukas S!:
 - validation no longer rejects valid IPv6 subnets: non-/64 prefixes and IPv6
   subnets using SNAT are accepted and editable again
 - improve FRR config generation so a single malformed subnet or a non-member
   node can no longer break it, and so configured prefix lifetimes are no
   longer silently dropped
 - cleaner EVPN gating and better per-prefix defaults, so most IPv6 subnets
   work without explicit configuration
 - cleanup UI, only persists meaningful settings
 - some smaller fixups


proxmox-perl-rs:

Hannes Laimer (1):
  pve-rs: sdn: add IPv6 RA builder binding

 pve-rs/Makefile                    |  1 +
 pve-rs/src/bindings/sdn/ipv6_ra.rs | 50 ++++++++++++++++++++++++++++++
 pve-rs/src/bindings/sdn/mod.rs     |  1 +
 3 files changed, 52 insertions(+)
 create mode 100644 pve-rs/src/bindings/sdn/ipv6_ra.rs


proxmox-ve-rs:

Hannes Laimer (2):
  frr: add IPv6 router advertisement support
  ve-config: add per-vnet IPv6 RA configuration

 .../templates/frr.conf.jinja                  |   1 +
 .../templates/nd_interfaces.jinja             |  28 +++
 proxmox-frr/src/ser/mod.rs                    |   6 +
 proxmox-frr/src/ser/nd.rs                     |  75 ++++++++
 proxmox-frr/src/ser/serializer.rs             |   6 +-
 proxmox-ve-config/src/sdn/config.rs           | 146 +++++++++++++++-
 proxmox-ve-config/src/sdn/mod.rs              |   1 +
 proxmox-ve-config/src/sdn/nd.rs               | 131 ++++++++++++++
 proxmox-ve-config/tests/nd/main.rs            | 164 ++++++++++++++++++
 .../nd__explicit_lifetimes_are_preserved.snap |   9 +
 .../nd__mixed_subnets_under_one_vnet.snap     |  14 ++
 .../snapshots/nd__no_autoconfig_prefix.snap   |   9 +
 ...sh64_prefix_defaults_to_no_autoconfig.snap |   9 +
 .../nd__off_link_emits_off_link_modifier.snap |   9 +
 ...__preferred_lifetime_clamped_to_valid.snap |   9 +
 ...vel_optional_knobs_are_passed_through.snap |  12 ++
 .../nd__slaac_with_default_lifetimes.snap     |   9 +
 17 files changed, 630 insertions(+), 8 deletions(-)
 create mode 100644 proxmox-frr-templates/templates/nd_interfaces.jinja
 create mode 100644 proxmox-frr/src/ser/nd.rs
 create mode 100644 proxmox-ve-config/src/sdn/nd.rs
 create mode 100644 proxmox-ve-config/tests/nd/main.rs
 create mode 100644 proxmox-ve-config/tests/nd/snapshots/nd__explicit_lifetimes_are_preserved.snap
 create mode 100644 proxmox-ve-config/tests/nd/snapshots/nd__mixed_subnets_under_one_vnet.snap
 create mode 100644 proxmox-ve-config/tests/nd/snapshots/nd__no_autoconfig_prefix.snap
 create mode 100644 proxmox-ve-config/tests/nd/snapshots/nd__non_slash64_prefix_defaults_to_no_autoconfig.snap
 create mode 100644 proxmox-ve-config/tests/nd/snapshots/nd__off_link_emits_off_link_modifier.snap
 create mode 100644 proxmox-ve-config/tests/nd/snapshots/nd__preferred_lifetime_clamped_to_valid.snap
 create mode 100644 proxmox-ve-config/tests/nd/snapshots/nd__ra_level_optional_knobs_are_passed_through.snap
 create mode 100644 proxmox-ve-config/tests/nd/snapshots/nd__slaac_with_default_lifetimes.snap


pve-manager:

Hannes Laimer (1):
  ui: sdn: add IPv6 RA / SLAAC support

 www/manager6/form/SDNVnetSelector.js |   2 +-
 www/manager6/sdn/SubnetEdit.js       | 130 ++++++++++++++++-
 www/manager6/sdn/SubnetView.js       |   7 +-
 www/manager6/sdn/VnetEdit.js         | 202 ++++++++++++++++++++++++++-
 www/manager6/sdn/VnetView.js         |   6 +-
 5 files changed, 339 insertions(+), 8 deletions(-)


pve-network:

Hannes Laimer (4):
  sdn: evpn: add IPv6 RA / SLAAC support
  sdn: evpn: derive IP version from CIDR for gateway-less subnets
  sdn: evpn: accept untracked IPv6 NA on EVPN vnet bridges
  api: vnet: include zone-type in vnet list

 src/PVE/API2/Network/SDN/Vnets.pm             | 13 +++
 src/PVE/Network/SDN.pm                        |  1 +
 src/PVE/Network/SDN/Controllers.pm            | 21 ++++-
 src/PVE/Network/SDN/Controllers/EvpnPlugin.pm | 22 ++++-
 src/PVE/Network/SDN/Controllers/Plugin.pm     |  2 +-
 src/PVE/Network/SDN/SubnetPlugin.pm           | 68 +++++++++++++++
 src/PVE/Network/SDN/VnetPlugin.pm             | 85 +++++++++++++++++++
 src/PVE/Network/SDN/Zones/EvpnPlugin.pm       | 24 ++++--
 src/PVE/Network/SDN/Zones/Plugin.pm           |  6 ++
 .../expected_sdn_interfaces                   |  1 +
 .../exitnode_snat/expected_sdn_interfaces     |  1 +
 .../exitnodenullroute/expected_sdn_interfaces |  1 +
 .../evpn/ipv4ipv6/expected_sdn_interfaces     |  1 +
 .../ipv4ipv6nogateway/expected_sdn_interfaces |  1 +
 .../zones/evpn/ipv6/expected_sdn_interfaces   |  1 +
 .../evpn/ipv6underlay/expected_sdn_interfaces |  1 +
 .../evpn/slaac/expected_controller_config     | 53 ++++++++++++
 .../zones/evpn/slaac/expected_sdn_interfaces  | 44 ++++++++++
 src/test/zones/evpn/slaac/interfaces          |  7 ++
 src/test/zones/evpn/slaac/sdn_config          | 41 +++++++++
 20 files changed, 384 insertions(+), 10 deletions(-)
 create mode 100644 src/test/zones/evpn/slaac/expected_controller_config
 create mode 100644 src/test/zones/evpn/slaac/expected_sdn_interfaces
 create mode 100644 src/test/zones/evpn/slaac/interfaces
 create mode 100644 src/test/zones/evpn/slaac/sdn_config


pve-docs:

Hannes Laimer (1):
  sdn: add IPv6 RA / SLAAC section

 pvesdn.adoc | 68 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 68 insertions(+)


Summary over all repositories:
  46 files changed, 1473 insertions(+), 26 deletions(-)

-- 
Generated by murpp 0.12.0