[pve-devel] [PATCH network 0/5] Improve documentation for SDN API endpoints used by PDM

[pve-devel] [PATCH network 0/5] Improve documentation for SDN API endpoints used by PDM

[Stefan Hanreich]

This patch series is a preparatory patch series for the Proxmox Datacenter
Manager SDN / EVPN integration. It updates the API documentation of all
endpoints that are used by the initial patch series for integrating the SDN
stack into the Proxmox Datacenter Manager. This makes it possible to generate
the Rust structs in proxmox-api-types.

pve-network:

Stefan Hanreich (5):
  controllers: fix maximum value for ASN
  api: add state standard option
  api: controllers: update schema of endpoints
  api: vnets: update schema of endpoints
  api: zones: update schema of endpoints

 src/PVE/API2/Network/SDN/Controllers.pm       | 111 +++++++++-
 src/PVE/API2/Network/SDN/Vnets.pm             |  88 +++++++-
 src/PVE/API2/Network/SDN/Zones.pm             | 190 ++++++++++++++++--
 src/PVE/Network/SDN.pm                        |   7 +
 src/PVE/Network/SDN/Controllers/BgpPlugin.pm  |   6 +-
 src/PVE/Network/SDN/Controllers/EvpnPlugin.pm |   5 +-
 src/PVE/Network/SDN/Controllers/IsisPlugin.pm |  12 +-
 src/PVE/Network/SDN/VnetPlugin.pm             |  37 ++--
 src/PVE/Network/SDN/Zones/EvpnPlugin.pm       |  22 +-
 src/PVE/Network/SDN/Zones/QinQPlugin.pm       |   5 +-
 src/PVE/Network/SDN/Zones/VlanPlugin.pm       |   1 +
 src/PVE/Network/SDN/Zones/VxlanPlugin.pm      |  21 +-
 12 files changed, 440 insertions(+), 65 deletions(-)


Summary over all repositories:
  12 files changed, 440 insertions(+), 65 deletions(-)

-- 
Generated by git-murpp 0.8.0

_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] [PATCH pve-network 1/5] controllers: fix maximum value for ASN

[Stefan Hanreich]

ASNs are 32-bit unsigned integers where the maximum value is
4294967295.

Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
 src/PVE/Network/SDN/Controllers/EvpnPlugin.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm b/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
index c245ea2..78c9798 100644
--- a/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
+++ b/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
@@ -24,7 +24,7 @@ sub properties {
 	    type => 'integer',
 	    description => "autonomous system number",
 	    minimum => 0,
-	    maximum => 4294967296
+	    maximum => 4294967295
 	},
 	peers => {
 	    description => "peers address list.",
-- 
2.39.5


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] [PATCH pve-network 2/5] api: add state standard option

[Stefan Hanreich]

GET calls on SDN entities with pending=1 show the state of the entity.
Define a common option for this, since it is the same across all SDN
entities. This will be used for improving the API documentation later
on.

Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
 src/PVE/Network/SDN.pm | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/PVE/Network/SDN.pm b/src/PVE/Network/SDN.pm
index 0f6754a..cedbfd8 100644
--- a/src/PVE/Network/SDN.pm
+++ b/src/PVE/Network/SDN.pm
@@ -52,6 +52,13 @@ PVE::Cluster::cfs_register_file(
     sub { my ($filename, $data) = @_; return $data; }
 );
 
+PVE::JSONSchema::register_standard_option('pve-sdn-config-state', {
+    type => 'string',
+    enum => ['new', 'changed', 'deleted'],
+    description => 'State of the SDN configuration object.',
+    optional => 1,
+});
+
 PVE::JSONSchema::register_standard_option('pve-sdn-lock-secret', {
     type => 'string',
     description => "the secret for unlocking the global SDN configuration",
-- 
2.39.5


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] [PATCH pve-network 3/5] api: controllers: update schema of endpoints

[Stefan Hanreich]

The possible properties returned by the controller endpoints were only
partly documented. Add all missing properties and update descriptions
for existing properties.

Update the descriptions of the schemas in the plugin to provide more
detailed information about the different configuration options.

Move all duplicate properties between the GET endpoints into its own
variable, so we can reuse them.

Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
 src/PVE/API2/Network/SDN/Controllers.pm       | 111 +++++++++++++++++-
 src/PVE/Network/SDN/Controllers/BgpPlugin.pm  |   6 +-
 src/PVE/Network/SDN/Controllers/EvpnPlugin.pm |   3 +-
 src/PVE/Network/SDN/Controllers/IsisPlugin.pm |  12 +-
 4 files changed, 119 insertions(+), 13 deletions(-)

diff --git a/src/PVE/API2/Network/SDN/Controllers.pm b/src/PVE/API2/Network/SDN/Controllers.pm
index 29f6ca4..29f54ee 100644
--- a/src/PVE/API2/Network/SDN/Controllers.pm
+++ b/src/PVE/API2/Network/SDN/Controllers.pm
@@ -34,6 +34,63 @@ my $api_sdn_controllers_config = sub {
     return $scfg;
 };
 
+my $CONTROLLER_PROPERTIES = {
+    asn => {
+	type => 'integer',
+	description => 'The local ASN of the controller. BGP & EVPN only.',
+	optional => 1,
+	minimum => 0,
+	maximum => 4294967295
+    },
+    node => {
+	type => 'string',
+	optional => 1,
+	description => 'Node(s) where this controller is active.',
+    },
+    peers => {
+	type => 'string',
+	optional => 1,
+	description => 'Comma-separated list of the peers IP addresses.',
+    },
+    'bgp-multipath-as-relax' => {
+	type => 'boolean',
+	optional => 1,
+	description => 'Consider different AS paths of equal length for multipath computation. BGP only.',
+    },
+    ebgp => {
+	type => 'boolean',
+	optional => 1,
+	description => "Enable eBGP (remote-as external). BGP only.",
+    },
+    'ebgp-multihop' => {
+	type => 'integer',
+	optional => 1,
+	description => "Set maximum amount of hops for eBGP peers. Needs ebgp set to 1. BGP only.",
+    },
+    loopback => {
+	description => "Name of the loopback/dummy interface that provides the Router-IP. BGP only.",
+	optional => 1,
+	type => 'string'
+    },
+    'isis-domain' => {
+	description => "Name of the IS-IS domain. IS-IS only.",
+	optional => 1,
+	type => 'string'
+    },
+    'isis-ifaces' => {
+	description => "Comma-separated list of interfaces where IS-IS should be active. IS-IS only.",
+	optional => 1,
+	type => 'string',
+	format => 'pve-iface-list',
+    },
+    'isis-net' => {
+	description => "Network Entity title for this node in the IS-IS network. IS-IS only.",
+	optional => 1,
+	type => 'string',
+	format => 'pve-sdn-isis-net',
+    },
+};
+
 __PACKAGE__->register_method ({
     name => 'index',
     path => '',
@@ -68,10 +125,29 @@ __PACKAGE__->register_method ({
 	type => 'array',
 	items => {
 	    type => "object",
-	    properties => { controller => { type => 'string' },
-			    type => { type => 'string' },
-			    state => { type => 'string', optional => 1 },
-			    pending => { type => 'boolean', optional => 1 },
+	    properties => {
+		digest => {
+		    type => 'string',
+		    description => 'Digest of the controller section.',
+		    optional => 1,
+		},
+		state => get_standard_option('pve-sdn-config-state'),
+		controller => {
+		    type => 'string',
+		    description => 'Name of the controller.',
+		},
+		type => {
+		    type => 'string',
+		    description => 'Type of the controller',
+		    enum => PVE::Network::SDN::Controllers::Plugin->lookup_types(),
+		},
+		pending => {
+		    type => 'object',
+		    description => 'Changes that have not yet been applied to the running configuration.',
+		    optional => 1,
+		    properties => $CONTROLLER_PROPERTIES,
+		},
+		%$CONTROLLER_PROPERTIES,
 	    },
 	},
 	links => [ { rel => 'child', href => "{controller}" } ],
@@ -136,7 +212,32 @@ __PACKAGE__->register_method ({
 	    },
 	},
     },
-    returns => { type => 'object' },
+    returns => {
+	properties => {
+	    digest => {
+		type => 'string',
+		description => 'Digest of the controller section.',
+		optional => 1,
+	    },
+	    state => get_standard_option('pve-sdn-config-state'),
+	    controller => {
+		type => 'string',
+		description => 'Name of the controller.',
+	    },
+	    type => {
+		type => 'string',
+		description => 'Type of the controller',
+		enum => PVE::Network::SDN::Controllers::Plugin->lookup_types(),
+	    },
+	    pending => {
+		type => 'object',
+		description => 'Changes that have not yet been applied to the running configuration.',
+		optional => 1,
+		properties => $CONTROLLER_PROPERTIES,
+	    },
+	    %$CONTROLLER_PROPERTIES,
+	},
+    },
     code => sub {
 	my ($param) = @_;
 
diff --git a/src/PVE/Network/SDN/Controllers/BgpPlugin.pm b/src/PVE/Network/SDN/Controllers/BgpPlugin.pm
index 53963e5..278097f 100644
--- a/src/PVE/Network/SDN/Controllers/BgpPlugin.pm
+++ b/src/PVE/Network/SDN/Controllers/BgpPlugin.pm
@@ -22,18 +22,20 @@ sub properties {
 	'bgp-multipath-as-path-relax' => {
 	    type => 'boolean',
 	    optional => 1,
+	    description => 'Consider different AS paths of equal length for multipath computation.'
 	},
 	ebgp => {
 	    type => 'boolean',
 	    optional => 1,
-	    description => "Enable ebgp. (remote-as external)",
+	    description => "Enable eBGP (remote-as external).",
 	},
 	'ebgp-multihop' => {
 	    type => 'integer',
 	    optional => 1,
+	    description => 'Set maximum amount of hops for eBGP peers.'
 	},
 	loopback => {
-	    description => "source loopback interface.",
+	    description => "Name of the loopback/dummy interface that provides the Router-IP.",
 	    type => 'string'
 	},
         node => get_standard_option('pve-node'),
diff --git a/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm b/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
index 78c9798..6aa6825 100644
--- a/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
+++ b/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
@@ -28,7 +28,8 @@ sub properties {
 	},
 	peers => {
 	    description => "peers address list.",
-	    type => 'string', format => 'ip-list'
+	    type => 'string',
+	    format => 'ip-list'
 	},
     };
 }
diff --git a/src/PVE/Network/SDN/Controllers/IsisPlugin.pm b/src/PVE/Network/SDN/Controllers/IsisPlugin.pm
index 97c6876..e9f4147 100644
--- a/src/PVE/Network/SDN/Controllers/IsisPlugin.pm
+++ b/src/PVE/Network/SDN/Controllers/IsisPlugin.pm
@@ -30,16 +30,18 @@ sub pve_verify_sdn_isis_net {
 sub properties {
     return {
 	'isis-domain' => {
-	    description => "ISIS domain.",
+	    description => "Name of the IS-IS domain.",
 	    type => 'string'
 	},
 	'isis-ifaces' => {
-	    description => "ISIS interface.",
-	    type => 'string', format => 'pve-iface-list',
+	    description => "Comma-separated list of interfaces where IS-IS should be active.",
+	    type => 'string',
+	    format => 'pve-iface-list',
 	},
 	'isis-net' => {
-	    description => "ISIS network entity title.",
-	    type => 'string', format => 'pve-sdn-isis-net',
+	    description => "Network Entity title for this node in the IS-IS network.",
+	    type => 'string',
+	    format => 'pve-sdn-isis-net',
 	},
     };
 }
-- 
2.39.5


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] [PATCH pve-network 4/5] api: vnets: update schema of endpoints

[Stefan Hanreich]

The possible properties returned by the vnet endpoints were only
partly documented. Add all missing properties and improve descriptions
for existing properties.

Extract all duplicate properties into a separate variable, so we
don't have to rewrite the whole API definition for every endpoint.

Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
 src/PVE/API2/Network/SDN/Vnets.pm | 88 ++++++++++++++++++++++++++++++-
 src/PVE/Network/SDN/VnetPlugin.pm | 37 +++++++------
 2 files changed, 108 insertions(+), 17 deletions(-)

diff --git a/src/PVE/API2/Network/SDN/Vnets.pm b/src/PVE/API2/Network/SDN/Vnets.pm
index bd37dd3..a579c36 100644
--- a/src/PVE/API2/Network/SDN/Vnets.pm
+++ b/src/PVE/API2/Network/SDN/Vnets.pm
@@ -73,6 +73,38 @@ my $check_vnet_access = sub {
     $rpcenv->check_any($authuser, "/sdn/zones/$zoneid/$vnet", $privs);
 };
 
+my $VNET_PROPERTIES = {
+    alias => {
+	type => 'string',
+	description => "Alias name of the VNet.",
+	pattern => qr/[\(\)-_.\w\d\s]{0,256}/i,
+	maxLength => 256,
+	optional => 1,
+    },
+    'isolate-ports' => {
+	type => 'boolean',
+	description => "If true, sets the isolated property for all interfaces on the bridge of this VNet.",
+	optional => 1,
+    },
+    tag => {
+	type => 'integer',
+	description => 'VLAN Tag (for VLAN or QinQ zones) or VXLAN VNI (for VXLAN or EVPN zones).',
+	optional => 1,
+	minimum => 1,
+	maximum => 16777215,
+    },
+    vlanaware => {
+	type => 'boolean',
+	description => 'Allow VLANs to pass through this VNet.',
+	optional => 1,
+    },
+    zone => {
+	type => 'string',
+	description => 'Name of the zone this VNet belongs to.',
+	optional => 1,
+    },
+};
+
 __PACKAGE__->register_method ({
     name => 'index',
     path => '',
@@ -102,7 +134,32 @@ __PACKAGE__->register_method ({
 	type => 'array',
 	items => {
 	    type => "object",
-	    properties => {},
+	    properties => {
+		digest => {
+		    type => 'string',
+		    optional => 1,
+		    description => 'Digest of the VNet section.',
+		},
+		state => get_standard_option('pve-sdn-config-state'),
+		type => {
+		    type => 'string',
+		    enum => ['vnet'],
+		    optional => 0,
+		    description => 'Type of the VNet.',
+		},
+		vnet => {
+		    type => 'string',
+		    optional => 0,
+		    description => 'Name of the VNet.',
+		},
+		pending => {
+		    type => 'object',
+		    description => 'Changes that have not yet been applied to the running configuration.',
+		    optional => 1,
+		    properties => $VNET_PROPERTIES
+		},
+		%$VNET_PROPERTIES,
+	    },
 	},
 	links => [ { rel => 'child', href => "{vnet}" } ],
     },
@@ -165,7 +222,34 @@ __PACKAGE__->register_method ({
 	    },
 	},
     },
-    returns => { type => 'object' },
+    returns => {
+	properties => {
+	    digest => {
+		type => 'string',
+		optional => 1,
+		description => 'Digest of the VNet section.',
+	    },
+	    state => get_standard_option('pve-sdn-config-state'),
+	    type => {
+		type => 'string',
+		enum => ['vnet'],
+		optional => 0,
+		description => 'Type of the VNet.',
+	    },
+	    vnet => {
+		type => 'string',
+		optional => 0,
+		description => 'Name of the VNet.',
+	    },
+	    pending => {
+		type => 'object',
+		description => 'Changes that have not yet been applied to the running configuration.',
+		optional => 1,
+		properties => $VNET_PROPERTIES,
+	    },
+	    %$VNET_PROPERTIES,
+	},
+    },
     code => sub {
 	my ($param) = @_;
 
diff --git a/src/PVE/Network/SDN/VnetPlugin.pm b/src/PVE/Network/SDN/VnetPlugin.pm
index f44380a..1fca9c1 100644
--- a/src/PVE/Network/SDN/VnetPlugin.pm
+++ b/src/PVE/Network/SDN/VnetPlugin.pm
@@ -50,31 +50,38 @@ sub private {
 sub properties {
     return {
 	zone => {
-            type => 'string',
-            description => "zone id",
+	    type => 'string',
+	    description => 'Name of the zone this VNet belongs to.',
 	},
         type => {
-            description => "Type",
-            optional => 1,
-        },
+	    type => 'string',
+	    enum => ['vnet'],
+	    description => 'Type of the VNet.',
+	    optional => 1,
+	},
 	tag => {
-            type => 'integer',
-            description => "vlan or vxlan id",
+	    type => 'integer',
+	    description => 'VLAN Tag (for VLAN or QinQ zones) or VXLAN VNI (for VXLAN or EVPN zones).',
+	    optional => 1,
+	    minimum => 1,
+	    maximum => 16777215,
 	},
 	vlanaware => {
 	    type => 'boolean',
-	    description => 'Allow vm VLANs to pass through this vnet.',
+	    description => 'Allow VLANs to pass through this vnet.',
+	    optional => 1,
 	},
-        alias => {
-            type => 'string',
-            description => "alias name of the vnet",
-            pattern => qr/[\(\)-_.\w\d\s]{0,256}/i,
-            maxLength => 256,
+	alias => {
+	    type => 'string',
+	    description => "Alias name of the VNet.",
+	    pattern => qr/[\(\)-_.\w\d\s]{0,256}/i,
+	    maxLength => 256,
 	    optional => 1,
-        },
+	},
 	'isolate-ports' => {
 	    type => 'boolean',
-	    description => "If true, sets the isolated property for all members of this VNet",
+	    description => "If true, sets the isolated property for all interfaces on the bridge of this VNet.",
+	    optional => 1,
 	}
     };
 }
-- 
2.39.5


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] [PATCH pve-network 5/5] api: zones: update schema of endpoints

[Stefan Hanreich]

The possible properties returned by the zone endpoints were only
partly documented. Add all missing properties and improve descriptions
for existing properties.

Extract all duplicate properties into a separate variable, so we
don't have to rewrite the whole API definition for every endpoint.

Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
---
 src/PVE/API2/Network/SDN/Zones.pm        | 190 +++++++++++++++++++++--
 src/PVE/Network/SDN/Zones/EvpnPlugin.pm  |  22 +--
 src/PVE/Network/SDN/Zones/QinQPlugin.pm  |   5 +-
 src/PVE/Network/SDN/Zones/VlanPlugin.pm  |   1 +
 src/PVE/Network/SDN/Zones/VxlanPlugin.pm |  21 +--
 5 files changed, 205 insertions(+), 34 deletions(-)

diff --git a/src/PVE/API2/Network/SDN/Zones.pm b/src/PVE/API2/Network/SDN/Zones.pm
index 6baee52..7b28199 100644
--- a/src/PVE/API2/Network/SDN/Zones.pm
+++ b/src/PVE/API2/Network/SDN/Zones.pm
@@ -58,6 +58,133 @@ my $api_sdn_zones_config = sub {
     return $scfg;
 };
 
+my $ZONE_PROPERTIES = {
+    mtu => {
+	type => 'integer',
+	optional => 1,
+	description => 'MTU of the zone, will be used for the created VNet bridges.'
+    },
+    dns => {
+	type => 'string',
+	optional => 1,
+	description => 'ID of the DNS server for this zone.'
+    },
+    reversedns => {
+	type => 'string',
+	optional => 1,
+	description => 'ID of the reverse DNS server for this zone.'
+    },
+    dnszone => {
+	type => 'string',
+	optional => 1,
+	description => 'Domain name for this zone.'
+    },
+    ipam => {
+	type => 'string',
+	optional => 1,
+	description => 'ID of the IPAM for this zone.'
+    },
+    dhcp => {
+	type => 'string',
+	enum => ['dnsmasq'],
+	optional => 1,
+	description => 'Name of DHCP server backend for this zone.'
+    },
+    'rt-import' => {
+	type => 'string',
+	optional => 1,
+	description => 'Comma-separated list of Route Targets that should be imported into the VRF of the zone. EVPN zone only.',
+	format => 'pve-sdn-bgp-rt-list'
+    },
+    'vrf-vxlan' => {
+	type => 'integer',
+	optional => 1,
+	description => 'VNI for the zone VRF. EVPN zone only.',
+	minimum => 1,
+	maximum => 16777215
+    },
+    mac => {
+	type => 'string',
+	optional => 1,
+	description => 'MAC address of the anycast router for this zone.'
+    },
+    controller => {
+	type => 'string',
+	optional => 1,
+	description => 'ID of the controller for this zone. EVPN zone only.'
+    },
+    nodes => {
+	type => 'string',
+	optional => 1,
+	description => 'Nodes where this zone should be created.'
+    },
+    'exitnodes' => get_standard_option('pve-node-list', {
+	description => "List of PVE Nodes that should act as exit node for this zone. EVPN zone only.",
+	optional => 1,
+    }),
+    'exitnodes-local-routing' => {
+	type => 'boolean',
+	description => "Create routes on the exit nodes, so they can connect to EVPN guests. EVPN zone only.",
+	optional => 1
+    },
+    'exitnodes-primary' => get_standard_option('pve-node', {
+	description => "Force traffic through this exitnode first. EVPN zone only.",
+	optional => 1,
+    }),
+    'advertise-subnets' => {
+	type => 'boolean',
+	description => "Advertise IP prefixes (Type-5 routes) instead of MAC/IP pairs (Type-2 routes). EVPN zone only.",
+	optional => 1
+    },
+    'disable-arp-nd-suppression' => {
+	type => 'boolean',
+	description => "Suppress IPv4 ARP && IPv6 Neighbour Discovery messages. EVPN zone only.",
+	optional => 1
+    },
+    'rt-import' => {
+	type => 'string',
+	description => "Route-Targets that should be imported into the VRF of this zone via BGP. EVPN zone only.",
+	optional => 1,
+	format => 'pve-sdn-bgp-rt-list'
+    },
+    tag => {
+	type => 'integer',
+	minimum => 0,
+	optional => 1,
+	description => "Service-VLAN Tag (outer VLAN). QinQ zone only",
+    },
+    'vlan-protocol' => {
+	type => 'string',
+	enum => ['802.1q', '802.1ad'],
+	default => '802.1q',
+	optional => 1,
+	description => "VLAN protocol for the creation of the QinQ zone. QinQ zone only.",
+    },
+    'peers' => {
+	description => "Comma-separated list of peers, that are part of the VXLAN zone. Usually the IPs of the nodes. VXLAN zone only.",
+	type => 'string',
+	format => 'ip-list',
+	optional => 1,
+    },
+    'vxlan-port' => {
+	description => "UDP port that should be used for the VXLAN tunnel (default 4789). VXLAN zone only.",
+	minimum => 1,
+	maximum => 65536,
+	type => 'integer',
+	optional => 1,
+    },
+    'bridge' => {
+	type => 'string',
+	description => 'the bridge for which VLANs should be managed. VLAN & QinQ zone only.',
+	optional => 1,
+    },
+    'bridge-disable-mac-learning' => {
+	type => 'boolean',
+	description => "Disable auto mac learning. VLAN zone only.",
+	optional => 1,
+    },
+};
+
 __PACKAGE__->register_method ({
     name => 'index',
     path => '',
@@ -92,18 +219,30 @@ __PACKAGE__->register_method ({
 	type => 'array',
 	items => {
 	    type => "object",
-	    properties => { zone => { type => 'string'},
-			    type => { type => 'string'},
-			    mtu => { type => 'integer', optional => 1 },
-			    dns => { type => 'string', optional => 1},
-			    reversedns => { type => 'string', optional => 1},
-			    dnszone => { type => 'string', optional => 1},
-			    ipam => { type => 'string', optional => 1},
-			    dhcp => { type => 'string', optional => 1},
-			    pending => { type => 'boolean', optional => 1 },
-			    state => { type => 'string', optional => 1},
-			    nodes => { type => 'string', optional => 1},
-			  },
+	    properties => {
+		digest => {
+		    type => 'string',
+		    description => 'Digest of the controller section.',
+		    optional => 1,
+		},
+		state => get_standard_option('pve-sdn-config-state'),
+		zone => {
+		    type => 'string',
+		    description => 'Name of the zone.'
+		},
+		type => {
+		    type => 'string',
+		    description => 'Type of the zone.',
+		    enum => PVE::Network::SDN::Zones::Plugin->lookup_types(),
+		},
+		pending => {
+		    type => 'object',
+		    description => 'Changes that have not yet been applied to the running configuration.',
+		    optional => 1,
+		    properties => $ZONE_PROPERTIES,
+		},
+		%$ZONE_PROPERTIES,
+	  },
 	},
 	links => [ { rel => 'child', href => "{zone}" } ],
     },
@@ -167,7 +306,32 @@ __PACKAGE__->register_method ({
 	    }
 	},
     },
-    returns => { type => 'object' },
+    returns => {
+	properties => {
+	    digest => {
+		type => 'string',
+		description => 'Digest of the controller section.',
+		optional => 1,
+	    },
+	    state => get_standard_option('pve-sdn-config-state'),
+	    zone => {
+		type => 'string',
+		description => 'Name of the zone.'
+	    },
+	    type => {
+		type => 'string',
+		description => 'Type of the zone.',
+		enum => PVE::Network::SDN::Zones::Plugin->lookup_types(),
+	    },
+	    pending => {
+		type => 'object',
+		description => 'Changes that have not yet been applied to the running configuration.',
+		optional => 1,
+		properties => $ZONE_PROPERTIES,
+	    },
+	    %$ZONE_PROPERTIES,
+	}
+    },
     code => sub {
 	my ($param) = @_;
 
diff --git a/src/PVE/Network/SDN/Zones/EvpnPlugin.pm b/src/PVE/Network/SDN/Zones/EvpnPlugin.pm
index 4843756..f3504d5 100644
--- a/src/PVE/Network/SDN/Zones/EvpnPlugin.pm
+++ b/src/PVE/Network/SDN/Zones/EvpnPlugin.pm
@@ -44,39 +44,43 @@ sub properties {
     return {
 	'vrf-vxlan' => {
 	    type => 'integer',
-	    description => "l3vni.",
+	    description => "VNI for the zone VRF.",
+	    minimum => 1,
+	    maximum => 16777215,
 	},
 	'controller' => {
 	    type => 'string',
-	    description => "Frr router name",
+	    description => 'Controller for this zone.',
 	},
 	'mac' => {
 	    type => 'string',
-	    description => "Anycast logical router mac address",
+	    description => "Anycast logical router mac address.",
 	    optional => 1, format => 'mac-addr'
 	},
 	'exitnodes' => get_standard_option('pve-node-list'),
 	'exitnodes-local-routing' => {
 	    type => 'boolean',
-	    description => "Allow exitnodes to connect to evpn guests",
+	    description => "Allow exitnodes to connect to EVPN guests.",
 	    optional => 1
 	},
 	'exitnodes-primary' => get_standard_option('pve-node', {
-	    description => "Force traffic to this exitnode first."}),
+	    description => "Force traffic through this exitnode first."
+	}),
 	'advertise-subnets' => {
 	    type => 'boolean',
-	    description => "Advertise evpn subnets if you have silent hosts",
+	    description => "Advertise IP prefixes (Type-5 routes) instead of MAC/IP pairs (Type-2 routes).",
 	    optional => 1
 	},
 	'disable-arp-nd-suppression' => {
 	    type => 'boolean',
-	    description => "Disable ipv4 arp && ipv6 neighbour discovery suppression",
+	    description => "Suppress IPv4 ARP && IPv6 Neighbour Discovery messages.",
 	    optional => 1
 	},
 	'rt-import' => {
 	    type => 'string',
-	    description => "Route-Target import",
-	    optional => 1, format => 'pve-sdn-bgp-rt-list'
+	    description => 'List of Route Targets that should be imported into the VRF of the zone',
+	    optional => 1,
+	    format => 'pve-sdn-bgp-rt-list'
         }
     };
 }
diff --git a/src/PVE/Network/SDN/Zones/QinQPlugin.pm b/src/PVE/Network/SDN/Zones/QinQPlugin.pm
index 4c4be64..9346043 100644
--- a/src/PVE/Network/SDN/Zones/QinQPlugin.pm
+++ b/src/PVE/Network/SDN/Zones/QinQPlugin.pm
@@ -18,11 +18,11 @@ sub properties {
 	tag => {
 	    type => 'integer',
 	    minimum => 0,
-	    description => "Service-VLAN Tag",
+	    description => "Service-VLAN Tag (outer VLAN)",
 	},
 	mtu => {
 	    type => 'integer',
-	    description => "MTU",
+	    description => "MTU of the zone, will be used for the created VNet bridges.",
 	    optional => 1,
 	},
 	'vlan-protocol' => {
@@ -30,6 +30,7 @@ sub properties {
 	    enum => ['802.1q', '802.1ad'],
 	    default => '802.1q',
 	    optional => 1,
+	    description => "Which VLAN protocol should be used for the creation of the QinQ zone",
 	}
     };
 }
diff --git a/src/PVE/Network/SDN/Zones/VlanPlugin.pm b/src/PVE/Network/SDN/Zones/VlanPlugin.pm
index 13fb49e..05d1ae8 100644
--- a/src/PVE/Network/SDN/Zones/VlanPlugin.pm
+++ b/src/PVE/Network/SDN/Zones/VlanPlugin.pm
@@ -24,6 +24,7 @@ sub properties {
     return {
 	'bridge' => {
 	    type => 'string',
+	    description => 'the bridge for which VLANs should be managed',
 	},
 	'bridge-disable-mac-learning' => {
 	    type => 'boolean',
diff --git a/src/PVE/Network/SDN/Zones/VxlanPlugin.pm b/src/PVE/Network/SDN/Zones/VxlanPlugin.pm
index 9a77bb9..19996ce 100644
--- a/src/PVE/Network/SDN/Zones/VxlanPlugin.pm
+++ b/src/PVE/Network/SDN/Zones/VxlanPlugin.pm
@@ -25,16 +25,17 @@ sub type {
 
 sub properties {
     return {
-        'peers' => {
-            description => "peers address list.",
-            type => 'string', format => 'ip-list'
-        },
-        'vxlan-port' => {
-            description => "Vxlan tunnel udp port (default 4789).",
-            minimum => 1,
-            maximum => 65536,
-            type => 'integer'
-        },
+	'peers' => {
+	    description => "Comma-separated list of peers, that are part of the VXLAN zone. Usually the IPs of the nodes.",
+	    type => 'string',
+	    format => 'ip-list'
+	},
+	'vxlan-port' => {
+	    description => "UDP port that should be used for the VXLAN tunnel (default 4789).",
+	    minimum => 1,
+	    maximum => 65536,
+	    type => 'integer'
+	},
     };
 }
 
-- 
2.39.5


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

Re: [pve-devel] [PATCH pve-network 1/5] controllers: fix maximum value for ASN

[Shannon Sterz]

On Fri Feb 28, 2025 at 3:01 PM CET, Stefan Hanreich wrote:
> ASNs are 32-bit unsigned integers where the maximum value is
> 4294967295.
>
> Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
> ---
>  src/PVE/Network/SDN/Controllers/EvpnPlugin.pm | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm b/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
> index c245ea2..78c9798 100644
> --- a/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
> +++ b/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
> @@ -24,7 +24,7 @@ sub properties {
>  	    type => 'integer',
>  	    description => "autonomous system number",
>  	    minimum => 0,
> -	    maximum => 4294967296
> +	    maximum => 4294967295

just a small nit, it might be nicer to express that as `2**32-1` if
that's an option.

>  	},
>  	peers => {
>  	    description => "peers address list.",



_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

Re: [pve-devel] [PATCH pve-network 1/5] controllers: fix maximum value for ASN

[Matthieu Pignolet via pve-devel]

[-- Attachment #1: Type: message/rfc822, Size: 6311 bytes --]

From: Matthieu Pignolet <m@mpgn.dev>
To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Cc: pve-devel <pve-devel-bounces@lists.proxmox.com>
Subject: Re: [pve-devel] [PATCH pve-network 1/5] controllers: fix maximum value for ASN
Date: Tue, 11 Mar 2025 09:53:22 +0400
Message-ID: <CAB+WsT0gqCbcZCvhVSewYF-15dM05YGEx=-bhT2W1Njd_poO_g@mail.gmail.com>

According to my testing, when using the `autort` for RT auto-derivation
(from the frr patch) causes issues because it doesn't work with 32 bits
ASNs, effectively calling the fallback to restarting frr to apply the
config (which ignores the autort instruction).

Le lun. 10 mars 2025, 19:30, Shannon Sterz <s.sterz@proxmox.com> a écrit :

> On Fri Feb 28, 2025 at 3:01 PM CET, Stefan Hanreich wrote:
> > ASNs are 32-bit unsigned integers where the maximum value is
> > 4294967295.
> >
> > Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
> > ---
> >  src/PVE/Network/SDN/Controllers/EvpnPlugin.pm | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
> b/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
> > index c245ea2..78c9798 100644
> > --- a/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
> > +++ b/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
> > @@ -24,7 +24,7 @@ sub properties {
> >           type => 'integer',
> >           description => "autonomous system number",
> >           minimum => 0,
> > -         maximum => 4294967296
> > +         maximum => 4294967295
>
> just a small nit, it might be nicer to express that as `2**32-1` if
> that's an option.
>
> >       },
> >       peers => {
> >           description => "peers address list.",
>
>
>
> _______________________________________________
> pve-devel mailing list
> pve-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>
>
>

[-- Attachment #2: Type: text/plain, Size: 160 bytes --]

_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

Re: [pve-devel] [PATCH pve-network 1/5] controllers: fix maximum value for ASN

[DERUMIER, Alexandre via pve-devel]

[-- Attachment #1: Type: message/rfc822, Size: 12796 bytes --]

From: "DERUMIER, Alexandre" <alexandre.derumier@groupe-cyllene.com>
To: "pve-devel@lists.proxmox.com" <pve-devel@lists.proxmox.com>
Cc: "pve-devel-bounces@lists.proxmox.com" <pve-devel-bounces@lists.proxmox.com>, "m@mpgn.dev" <m@mpgn.dev>
Subject: Re: [pve-devel] [PATCH pve-network 1/5] controllers: fix maximum value for ASN
Date: Tue, 11 Mar 2025 10:50:50 +0000
Message-ID: <ed3068f4374e35ef9187013e2e581369e2aec1eb.camel@groupe-cyllene.com>

>>According to my testing, when using the `autort` for RT auto-
>>derivation
>>(from the frr patch) causes issues because it doesn't work with 32
>>bits
>>ASNs, effectively calling the fallback to restarting frr to apply the
>>config (which ignores the autort instruction).

yes, this is a limitation because route-target AS:VNI  is 48bits,

and VNI can go up to 32bits , so AS can't be more than 16bits.

I don't known if it's working if you only use small VNI 



I think they are the  RFC 5668 to handle it, but I never had time to
dig it



[-- Attachment #2: Type: text/plain, Size: 160 bytes --]

_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel