From: Gabriel Goller <g.goller@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [PATCH network] sdn: vxlan: always set local tunnel IP
Date: Thu, 2 Jul 2026 16:33:47 +0200 [thread overview]
Message-ID: <20260702143349.252142-1-g.goller@proxmox.com> (raw)
Frr 10.6 changed the evpn advertise-all-vni handling and no longer
falls back to the BGP router-id to derive the local vtep address for
vxlan interfaces without an explicit local tunnel IP.
This breaks setups where an evpn controller is used together with a
vxlan zone to get plain L2VNIs. In that setup, the vxlan zone creates
the linux vxlan devices, while the evpn controller advertises them
via frr's advertise-all-vni. Without a local vxlan tunnel IP on the
interface, frr 10.6 cannot reliably determine the local vtep address and
the VNI is not advertised/handled correctly.
Explicitly emit the ifupdown2 `vxlan-local-tunnelip` stanza for vxlan
zones, using the local peer/fabric underlay address that is already
determined while generating the zone configuration. Fail generation if
no local tunnel IP can be determined, since generating such an interface
would result in a broken evpn/vxlan setup with current frr.
evpn zones already emit `vxlan-local-tunnelip` for their vxlan devices
when the local vtep address is known.
Fixes: #7766.
Signed-off-by: Gabriel Goller <g.goller@proxmox.com>
---
src/PVE/Network/SDN/Zones/VxlanPlugin.pm | 4 ++++
src/test/zones/vxlan/basic/expected_sdn_interfaces | 1 +
src/test/zones/vxlan/ipv6/expected_sdn_interfaces | 1 +
src/test/zones/vxlan/vlanawarevnet/expected_sdn_interfaces | 1 +
src/test/zones/vxlan/vxlanport/expected_sdn_interfaces | 1 +
5 files changed, 8 insertions(+)
diff --git a/src/PVE/Network/SDN/Zones/VxlanPlugin.pm b/src/PVE/Network/SDN/Zones/VxlanPlugin.pm
index a40826153d9c..b1bd56db6ea9 100644
--- a/src/PVE/Network/SDN/Zones/VxlanPlugin.pm
+++ b/src/PVE/Network/SDN/Zones/VxlanPlugin.pm
@@ -117,6 +117,9 @@ sub generate_sdn_config {
die "neither peers nor fabric configured for VXLAN zone $plugin_config->{id}";
}
+ die "could not determine local tunnel IP for VXLAN zone $zoneid"
+ if !$ifaceip;
+
my $mtu = 1450;
if ($iface) {
$mtu = $interfaces_config->{$iface}->{mtu} - 50 if $interfaces_config->{$iface}->{mtu};
@@ -126,6 +129,7 @@ sub generate_sdn_config {
#vxlan interface
my @iface_config = ();
push @iface_config, "vxlan-id $tag";
+ push @iface_config, "vxlan-local-tunnelip $ifaceip";
for my $address (sort @peers) {
next if $address eq $ifaceip;
diff --git a/src/test/zones/vxlan/basic/expected_sdn_interfaces b/src/test/zones/vxlan/basic/expected_sdn_interfaces
index 7b73c3e3ca60..ed6869dfa9e6 100644
--- a/src/test/zones/vxlan/basic/expected_sdn_interfaces
+++ b/src/test/zones/vxlan/basic/expected_sdn_interfaces
@@ -10,6 +10,7 @@ iface myvnet
auto vxlan_myvnet
iface vxlan_myvnet
vxlan-id 100
+ vxlan-local-tunnelip 192.168.0.1
vxlan_remoteip 192.168.0.2
vxlan_remoteip 192.168.0.3
mtu 1450
diff --git a/src/test/zones/vxlan/ipv6/expected_sdn_interfaces b/src/test/zones/vxlan/ipv6/expected_sdn_interfaces
index 032ab991826c..14354f61f923 100644
--- a/src/test/zones/vxlan/ipv6/expected_sdn_interfaces
+++ b/src/test/zones/vxlan/ipv6/expected_sdn_interfaces
@@ -10,6 +10,7 @@ iface myvnet
auto vxlan_myvnet
iface vxlan_myvnet
vxlan-id 100
+ vxlan-local-tunnelip 2a08:2200:100:1::10
vxlan_remoteip 2a08:2200:100:1::11
vxlan_remoteip 2a08:2200:100:1::12
mtu 1450
diff --git a/src/test/zones/vxlan/vlanawarevnet/expected_sdn_interfaces b/src/test/zones/vxlan/vlanawarevnet/expected_sdn_interfaces
index 55cdf9cb8887..e6331d2e3807 100644
--- a/src/test/zones/vxlan/vlanawarevnet/expected_sdn_interfaces
+++ b/src/test/zones/vxlan/vlanawarevnet/expected_sdn_interfaces
@@ -12,6 +12,7 @@ iface myvnet
auto vxlan_myvnet
iface vxlan_myvnet
vxlan-id 100
+ vxlan-local-tunnelip 192.168.0.1
vxlan_remoteip 192.168.0.2
vxlan_remoteip 192.168.0.3
mtu 1450
diff --git a/src/test/zones/vxlan/vxlanport/expected_sdn_interfaces b/src/test/zones/vxlan/vxlanport/expected_sdn_interfaces
index 572550a438e7..a3147b66a9c1 100644
--- a/src/test/zones/vxlan/vxlanport/expected_sdn_interfaces
+++ b/src/test/zones/vxlan/vxlanport/expected_sdn_interfaces
@@ -10,6 +10,7 @@ iface myvnet
auto vxlan_myvnet
iface vxlan_myvnet
vxlan-id 100
+ vxlan-local-tunnelip 192.168.0.1
vxlan_remoteip 192.168.0.2
vxlan_remoteip 192.168.0.3
vxlan-port 6000
--
2.47.3
next reply other threads:[~2026-07-02 14:34 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-07-02 14:33 Gabriel Goller [this message]
2026-07-02 14:37 ` [PATCH network] sdn: vxlan: always set local tunnel IP Gabriel Goller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260702143349.252142-1-g.goller@proxmox.com \
--to=g.goller@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox