From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id 5E4131FF15E for ; Wed, 21 Jan 2026 20:05:11 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 3350B69B4; Wed, 21 Jan 2026 20:05:28 +0100 (CET) Date: Wed, 21 Jan 2026 20:04:48 +0100 To: pve-devel@lists.proxmox.com References: <20260109121049.70740-1-klein@aetherus.de> <20260109121049.70740-2-klein@aetherus.de> <021b748f-44db-4546-8399-c6f7312a11fc@proxmox.com> In-Reply-To: <021b748f-44db-4546-8399-c6f7312a11fc@proxmox.com> MIME-Version: 1.0 Message-ID: List-Id: Proxmox VE development discussion List-Post: From: Maurice Klein via pve-devel Precedence: list Cc: Maurice Klein X-Mailman-Version: 2.1.29 X-BeenThere: pve-devel@lists.proxmox.com List-Subscribe: , List-Unsubscribe: , List-Archive: Reply-To: Proxmox VE development discussion List-Help: Subject: Re: [pve-devel] [PATCH container 1/1] Signed-off-by: Maurice Klein Content-Type: multipart/mixed; boundary="===============3053230635354561714==" Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" --===============3053230635354561714== Content-Type: message/rfc822 Content-Disposition: inline Return-Path: X-Original-To: pve-devel@lists.proxmox.com Delivered-To: pve-devel@lists.proxmox.com Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id A9D1BDF928 for ; Wed, 21 Jan 2026 20:05:26 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 8B4A76923 for ; Wed, 21 Jan 2026 20:04:56 +0100 (CET) Received: from plesk01.aetherus.io (plesk01.aetherus.io [195.5.114.20]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Wed, 21 Jan 2026 20:04:55 +0100 (CET) Received: from [10.95.12.26] (10268-1.kunden.mk-netzdienste.de [31.209.125.237]) by plesk01.aetherus.io (Postfix) with ESMTPSA id 1F087301ABC for ; Wed, 21 Jan 2026 20:04:49 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aetherus.de; s=default; t=1769022289; bh=4EooX4Txmti/xlkiJ35GbnKG5cpjHiu7U6hmhLnfv4Y=; h=From:Subject:To; b=YK+vgtP/RxrlwIRvj+tfAiE4uOHQ5pvk2woGOwn5plQ5Eo9JA2KM4OjJ1c+4SQtaM lcK64DRzSvnY7OIieIM4cOBQ1YPzdxTUV1SpJPTrLlw5fMM42GQCCfc7ECYOxMnc8i fu8TprPPgo7RsgCjRRZm0ppo84ZuEM2Tibrgnny1tYhCIv1YkVEEObmw+sO6Nkc8pP HmsPq9U4oug7ekpGD8KaQiEMeZgoWE2VqL6ALQ2gnveZ7m4a7o3F7HLtzvj7fH4Gni HEe7R9Ke9G30AHOla0E9RQlPKKtnyOj27MoDQSwI14CDxUWJQXqMSciaSu+eR03uxn uZbnQuu/bAbjw== Authentication-Results: plesk01; spf=pass (sender IP is 31.209.125.237) smtp.mailfrom=klein@aetherus.de smtp.helo=[10.95.12.26] Received-SPF: pass (plesk01: connection is authenticated) Message-ID: Date: Wed, 21 Jan 2026 20:04:48 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird From: Maurice Klein Subject: Re: [pve-devel] [PATCH container 1/1] Signed-off-by: Maurice Klein To: pve-devel@lists.proxmox.com References: <20260109121049.70740-1-klein@aetherus.de> <20260109121049.70740-2-klein@aetherus.de> <021b748f-44db-4546-8399-c6f7312a11fc@proxmox.com> Content-Language: en-US In-Reply-To: <021b748f-44db-4546-8399-c6f7312a11fc@proxmox.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-PPP-Message-ID: <176902228925.620375.9588259777730161915@plesk01.aetherus.io> X-PPP-Vhost: aetherus.de X-SPAM-LEVEL: Spam detection results: 0 BAYES_00 -1.9 Bayes spam probability is 0 to 1% DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not necessarily valid DKIM_VALID -0.1 Message has at least one valid DKIM or DK signature DKIM_VALID_AU -0.1 Message has a valid DKIM or DK signature from author's domain DKIM_VALID_EF -0.1 Message has a valid DKIM or DK signature from envelope-from domain DMARC_PASS -0.1 DMARC pass policy RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [aetherus.de,proxmox.com] Hi, Thanks for getting back to me! I did sign a CLA and it is on record since 12.01. I agree it would work nicely as a SDN plugin and I was also considering that approach. The problem I saw with that is that SDN relies on there being a bridge for every zone and making it work without one seems to be a huge refactor. Do you think the bridge should not be removed at all, even for a pure l3 routed setup? It could also work with one bridge per guest but that would, in my opinion, bring unnecessary overhead. The motivation on my side comes from setups where L2 between guests is not required at all, and where using routing protocols (OSPF, IS-IS, BGP) to the hosts simplifies redundancy and failure handling significantly. I'd love to get a conversation going on how something could be implemented, and what would be the best way to go about it. Mit freundlichen Grüßen, Maurice Klein Aetherus TEL: 0212 7846460 Mail:Klein@aetherus.de Am 19.01.26 um 15:35 schrieb Stefan Hanreich: > Hi! > > Thanks for your contribution, did you already check out our guidelines > [1] [2] and send a signed CLA? Without it, we cannot accept any > contributions. > > > I've looked at the proposal, but I wanted to take some time to think > more about the general concept. It seems like you want to build > something similar to current Kubernetes networking solutions that > utilize BGP but without the whole EVPN / VXLAN stuff? > > Maybe it'd make more sense to discuss about how we could improve the > EVPN zone or SDN in general to make such setups easier - potentially a > new zone that is something of an inbetween of the simple zone and EVPN > zone could make sense. In any case, I think removing the bridge and > implementing it this way is the wrong way to go about this. > > [1]https://www.proxmox.com/en/about/open-source/developers > [2]https://pve.proxmox.com/wiki/Developer_Documentation > > > _______________________________________________ > pve-devel mailing list > pve-devel@lists.proxmox.com > https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel > --===============3053230635354561714== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel --===============3053230635354561714==--