From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id E15EB71CF2 for ; Fri, 9 Apr 2021 15:51:24 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id D065D275E8 for ; Fri, 9 Apr 2021 15:50:54 +0200 (CEST) Received: from mail-wm1-x334.google.com (mail-wm1-x334.google.com [IPv6:2a00:1450:4864:20::334]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 53294275DB for ; Fri, 9 Apr 2021 15:50:54 +0200 (CEST) Received: by mail-wm1-x334.google.com with SMTP id y204so1574028wmg.2 for ; Fri, 09 Apr 2021 06:50:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=odiso-com.20150623.gappssmtp.com; s=20150623; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=v2f53qhFq2FnSYrgafpyTq8DUiM1Jy6AnyD62c1clZ0=; b=DgWdYNQEHBIjyxYizTB2GjnurhSA1EGK+OcRSrQeDn63S/SqJa8CC8BuzYJMwjGiLn GQtZPkgZYU7XggVrlrKxv2YV7d5hQ5ExbHFckohvpyWwS0PEEcyjgTG2m9iA9di1nD84 xQ09TUuPF18vJ6ezZADQqlH/Mce5VaFMBeGOFq4PGLzKk1BQsNbCYIc8omDaEQFyezG6 utH/dCPBLrNQ6aWX5xTxQFRlrYfVi3qgp4R6QU1cjrgECTlX/BPychkn0xVVeakcE/HM LIS6PsgSwP/uU6E2S2PUIeSA/kYu1dGm6PfYpoFHEQPAdexERMOxf+bnwfGxQUO5pLWe AC0w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=v2f53qhFq2FnSYrgafpyTq8DUiM1Jy6AnyD62c1clZ0=; b=mQGhBySEMo9NMYhc+l+G4Q5hO5e5tYhgm0bWyDXLNr0JFQKddFO+VqcjvppcP+L5LO nceCuxGTDMn7YL69K1vrJE2N/tFX+2zYQzh2kAzX0zJ4WciYJ4Kbi5nOxyjrICtpE4G9 49Z5rlP1gQ762ezmCfyDZ/JISUrCXLqgdsEYZws02IDnI4b3SeL8NambF+ozd4V+9jbq Lhu25aHk2ftb4W5Vn2oawY9NzBx5MNEAa1oeyMCxvtbFWtMjTBmoRG+6DcHDpn0dbXwA 0eKxGvyskog4M3FkVmizTptJNlZKBQ3G63ZMq1smsYECg3QIzsxO1bEy58ZSsDGdOucK +BmA== X-Gm-Message-State: AOAM532LimS9hc+ExozDrnKoKrwROsdAECGfYYGFJDmeGTq/KD2SVhA4 zGVlrssA8lcAA1dNSzYr77VVZ3lXwCDJ1ov3poc= X-Google-Smtp-Source: ABdhPJxUucCy4zEGVd3ONO8iezJ1msimo22I30XFYJC3TxzMuJslZAkDUqXGFYi2kcMjxYSJgH6Nug== X-Received: by 2002:a05:600c:1898:: with SMTP id x24mr2285640wmp.17.1617976248047; Fri, 09 Apr 2021 06:50:48 -0700 (PDT) Received: from ?IPv6:2a0a:1580:0:1::100c? (ovpn1.odiso.net. [2a0a:1580:2000::3f]) by smtp.gmail.com with ESMTPSA id u9sm3925484wmq.30.2021.04.09.06.50.47 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 09 Apr 2021 06:50:47 -0700 (PDT) To: Proxmox VE development discussion , Alexandre Bruyelles Cc: Alexandre Bruyelles References: <20210409122137.9557-1-px@jack.fr.eu.org> From: alexandre derumier Message-ID: Date: Fri, 9 Apr 2021 15:50:46 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.9.0 MIME-Version: 1.0 In-Reply-To: <20210409122137.9557-1-px@jack.fr.eu.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-SPAM-LEVEL: Spam detection results: 0 AWL -0.086 Adjusted score from AWL reputation of From: address DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not necessarily valid DKIM_VALID -0.1 Message has at least one valid DKIM or DK signature NICE_REPLY_A -0.001 Looks like a legit reply (A) RCVD_IN_DNSWL_NONE -0.0001 Sender listed at https://www.dnswl.org/, no trust SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [bgpplugin.pm] Subject: Re: [pve-devel] [PATCH] controllers: bgp: enable multihop on the underlay X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Apr 2021 13:51:24 -0000 Hi, any impact to enable it by default ? if user have only 1 peer for example ? maybe is is better to only enable it if we have more than 1 peer in the group ? and check that we use ebgp. something like: push @controller_config, "neighbor BGP ebgp-multihop 3" if $ebgp && scalar @peers > 1; On 09/04/2021 14:21, Alexandre Bruyelles wrote: > From: Alexandre Bruyelles > > Multihop is required when the bgpd are running across > a pair of MLAG routers. > In such scenario, TCP trafic from Proxmox to router A > may pass through router B, which will decrease the TTL. > > Signed-off-by: Alexandre Bruyelles > --- > PVE/Network/SDN/Controllers/BgpPlugin.pm | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/PVE/Network/SDN/Controllers/BgpPlugin.pm b/PVE/Network/SDN/Controllers/BgpPlugin.pm > index e5d8490..69436a0 100644 > --- a/PVE/Network/SDN/Controllers/BgpPlugin.pm > +++ b/PVE/Network/SDN/Controllers/BgpPlugin.pm > @@ -85,6 +85,7 @@ sub generate_controller_config { > push @controller_config, "neighbor BGP peer-group"; > push @controller_config, "neighbor BGP remote-as $remoteas"; > push @controller_config, "neighbor BGP bfd"; > + push @controller_config, "neighbor BGP ebgp-multihop 3"; > } > > # BGP peers