From: "DERUMIER, Alexandre via pve-devel" <pve-devel@lists.proxmox.com>
To: "pve-devel@lists.proxmox.com" <pve-devel@lists.proxmox.com>,
"t.lamprecht@proxmox.com" <t.lamprecht@proxmox.com>
Cc: "DERUMIER, Alexandre" <alexandre.derumier@groupe-cyllene.com>
Subject: Re: [pve-devel] [PATCH frr 0/2] Bump FRR to 10.4.1
Date: Thu, 11 Dec 2025 06:05:19 +0000 [thread overview]
Message-ID: <mailman.503.1765433160.399.pve-devel@lists.proxmox.com> (raw)
In-Reply-To: <yhxsxfgzbesxasci72kmtb63ug43lqnth6udeh6kuvkn4uay7z@vnvxstqunfic>
[-- Attachment #1: Type: message/rfc822, Size: 16816 bytes --]
From: "DERUMIER, Alexandre" <alexandre.derumier@groupe-cyllene.com>
To: "pve-devel@lists.proxmox.com" <pve-devel@lists.proxmox.com>, "t.lamprecht@proxmox.com" <t.lamprecht@proxmox.com>
Subject: Re: [pve-devel] [PATCH frr 0/2] Bump FRR to 10.4.1
Date: Thu, 11 Dec 2025 06:05:19 +0000
Message-ID: <9fcb92c222a931110010ae0be8d102cb4194ec99.camel@groupe-cyllene.com>
Hi,
sorry I didn't see your message and was super busy
>>Yeah, that's exactly why I want to release every minor FRR version
>>(while staying one release behind). This approach should minimize
>>the impact when a major version is released. The big issue with PVE
>>8.5 was jumping from FRR 8 to 10 -- that's two major versions at
>>once, which caused many problems. I believe it's better to do
>>frequent small updates where issues are discovered quickly, rather
>>than large yearly updates where many problems surface at once.
>>
>>What do you think about this?
Well, It's like ceph, you don't want uncontrolled major upgrade. (Minor
are ok, because they are only backporting small patches).
so , doing it during major PVE upgrade is ok. or adding a version
handling like ceph.
The only problem is that they don't have an LTS for security upgrade
This is a criticial part of infrastructure, even more criticial than
ceph
>>That said, I understand your concerns. We've also seen FRR being
>>quite unstable lately with many regressions in recent releases.
>>
>>>>
FRR updates always had regression, when I had implement evpn I had
regression with 7.5,7.6,7.8,8.0,8.1 as far I remember.
so, you really don't need to big gap to have problem, it's occur all
time (I don't known, they don't seem to have automatic test on readl
infra)
here we go again.... :/
https://forum.proxmox.com/threads/frr-update-to-10-4-1-1-broke-external-routing.177736/
>>The maintainers have told me this should improve going forward.
don't trust them ;)
-------- Message initial --------
De: Gabriel Goller <g.goller@proxmox.com>
À: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Cc: "DERUMIER, Alexandre" <alexandre.derumier@groupe-cyllene.com>,
Thomas Lamprecht <t.lamprecht@proxmox.com>
Objet: Re: [pve-devel] [PATCH frr 0/2] Bump FRR to 10.4.1
Date: 26/11/2025 13:59:00
On 25.11.2025 16:53, DERUMIER, Alexandre via pve-devel wrote:
> Hi,
>
> 10.4.2 has been released last week.
I don't think so? At least I can't see the tag on github...
> be carefull with frr updates, from my experience they are always to a
> lot of bugs && regression when new major version is release,
> and sometime it take weeks to triggers specific bugs in production.
> (and even more to debug)
Yeah, that's exactly why I want to release every minor FRR version
(while staying one release behind). This approach should minimize
the impact when a major version is released. The big issue with PVE
8.5 was jumping from FRR 8 to 10 -- that's two major versions at
once, which caused many problems. I believe it's better to do
frequent small updates where issues are discovered quickly, rather
than large yearly updates where many problems surface at once.
What do you think about this?
That said, I understand your concerns. We've also seen FRR being
quite unstable lately with many regressions in recent releases. The
maintainers have told me this should improve going forward.
> and frr still maintain 10.2 branch for example (10.2.5).
>
>
> Personnaly, for my pve9 production, I'll pin my frr version to 10.2,
> because I don't have time to retest new version each 6 months.
Pinning is always possible and something the user can do. Maybe we
should create a official "guide" or article on how pin in case of
critical network bugs.
Obviously the newer features (e.g. fabrics) won't work.
I don't know how we handle other upstream dependencies that are
critical
yet optional? @Thomas?
Gabriel
[-- Attachment #2: Type: text/plain, Size: 160 bytes --]
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2025-12-11 6:05 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-21 14:13 Gabriel Goller
2025-11-21 14:13 ` [pve-devel] [PATCH frr 1/2] bump frr to 10.4.1, remove obsolete patches Gabriel Goller
2025-11-21 14:13 ` [pve-devel] [PATCH frr 2/2] d/changelog: bump package version Gabriel Goller
2025-11-25 16:53 ` [pve-devel] [PATCH frr 0/2] Bump FRR to 10.4.1 DERUMIER, Alexandre via pve-devel
2025-11-26 12:59 ` Gabriel Goller
2025-11-26 16:00 ` Thomas Lamprecht
2025-12-11 6:05 ` DERUMIER, Alexandre via pve-devel [this message]
[not found] ` <9fcb92c222a931110010ae0be8d102cb4194ec99.camel@groupe-cyllene.com>
2025-12-15 7:57 ` Thomas Lamprecht
2025-12-15 9:32 ` Gabriel Goller
2025-11-26 17:57 ` [pve-devel] applied: " Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=mailman.503.1765433160.399.pve-devel@lists.proxmox.com \
--to=pve-devel@lists.proxmox.com \
--cc=alexandre.derumier@groupe-cyllene.com \
--cc=t.lamprecht@proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox