evpn : add advertise-subnets option

allow to advertise type5 routes for evpn subnets, if vms are silents hosts. (don't do any traffic, so anycast gateway don't have their mac-ip) fix: https://bugzilla.proxmox.com/show_bug.cgi?id=3571 Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
2025-04-30 11:27:11 +02:00 · 2021-08-23 15:22:15 +02:00 · 2021-08-23 15:22:15 +02:00 · 92d8effb6e
parent 110b881d49
commit 92d8effb6e
6 changed files with 139 additions and 0 deletions
--- a/PVE/Network/SDN/Controllers/EvpnPlugin.pm
+++ b/PVE/Network/SDN/Controllers/EvpnPlugin.pm
@ -113,6 +113,7 @@ sub generate_controller_zone_config {
    my $vrf = "vrf_$id";
    my $vrfvxlan = $plugin_config->{'vrf-vxlan'};
    my $exitnodes = $plugin_config->{'exitnodes'};
+    my $advertisesubnets = $plugin_config->{'advertise-subnets'};

    my $asn = $controller->{asn};
    my $ebgp = undef;
@ -165,6 +166,19 @@ sub generate_controller_zone_config {
 	push @controller_config, "default-originate ipv4";
 	push @controller_config, "default-originate ipv6";
 	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"l2vpn evpn"}}, @controller_config);
+    } elsif ($advertisesubnets) {
+
+	@controller_config = ();
+	#redistribute connected networks
+	push @controller_config, "redistribute connected";
+	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"ipv4 unicast"}}, @controller_config);
+	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"ipv6 unicast"}}, @controller_config);
+
+	@controller_config = ();
+	#advertise connected networks type5 route in evpn
+	push @controller_config, "advertise ipv4 unicast";
+	push @controller_config, "advertise ipv6 unicast";
+	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"l2vpn evpn"}}, @controller_config);
    }

    return $config;
--- a/PVE/Network/SDN/Zones/EvpnPlugin.pm
+++ b/PVE/Network/SDN/Zones/EvpnPlugin.pm
@ -35,6 +35,11 @@ sub properties {
 	    optional => 1, format => 'mac-addr'
 	},
 	'exitnodes' => get_standard_option('pve-node-list'),
+	'advertise-subnets' => {
+	    type => 'boolean',
+	    description => "Advertise evpn subnets if you have silent hosts",
+	    optional => 1
+	}
    };
 }

@ -44,6 +49,7 @@ sub options {
 	'vrf-vxlan' => { optional => 0 },
 	controller => { optional => 0 },
 	exitnodes => { optional => 1 },
+	'advertise-subnets' => { optional => 1 },
 	mtu => { optional => 1 },
 	mac => { optional => 1 },
 	dns => { optional => 1 },
--- a/test/zones/evpn/advertise_subnets/expected_controller_config
+++ b/test/zones/evpn/advertise_subnets/expected_controller_config
@ -0,0 +1,44 @@
+log syslog informational
+ip forwarding
+ipv6 forwarding
+frr defaults datacenter
+service integrated-vtysh-config
+hostname localhost
+!
+!
+vrf vrf_myzone
+ vni 1000
+exit-vrf
+!
+router bgp 65000
+ bgp router-id 192.168.0.1
+ no bgp default ipv4-unicast
+ coalesce-time 1000
+ neighbor VTEP peer-group
+ neighbor VTEP remote-as 65000
+ neighbor VTEP bfd
+ neighbor 192.168.0.2 peer-group VTEP
+ neighbor 192.168.0.3 peer-group VTEP
+ !
+ address-family l2vpn evpn
+  neighbor VTEP activate
+  advertise-all-vni
+ exit-address-family
+!
+router bgp 65000 vrf vrf_myzone
+ !
+ address-family ipv4 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family ipv6 unicast
+  redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+  advertise ipv4 unicast
+  advertise ipv6 unicast
+ exit-address-family
+!
+line vty
+!
--- a/test/zones/evpn/advertise_subnets/expected_sdn_interfaces
+++ b/test/zones/evpn/advertise_subnets/expected_sdn_interfaces
@ -0,0 +1,42 @@
+#version:1
+
+auto myvnet
+iface myvnet
+	address 10.0.0.1/24
+	hwaddress A2:1D:CB:1A:C0:8B
+	bridge_ports vxlan_myvnet
+	bridge_stp off
+	bridge_fd 0
+	mtu 1450
+	ip-forward on
+	arp-accept on
+	vrf vrf_myzone
+
+auto vrf_myzone
+iface vrf_myzone
+	vrf-table auto
+	post-up ip route add vrf vrf_myzone unreachable default metric 4278198272
+
+auto vrfbr_myzone
+iface vrfbr_myzone
+	bridge-ports vrfvx_myzone
+	bridge_stp off
+	bridge_fd 0
+	mtu 1450
+	vrf vrf_myzone
+
+auto vrfvx_myzone
+iface vrfvx_myzone
+	vxlan-id 1000
+	vxlan-local-tunnelip 192.168.0.1
+	bridge-learning off
+	bridge-arp-nd-suppress on
+	mtu 1450
+
+auto vxlan_myvnet
+iface vxlan_myvnet
+	vxlan-id 100
+	vxlan-local-tunnelip 192.168.0.1
+	bridge-learning off
+	bridge-arp-nd-suppress on
+	mtu 1450
--- a/test/zones/evpn/advertise_subnets/interfaces
+++ b/test/zones/evpn/advertise_subnets/interfaces
@ -0,0 +1,7 @@
+auto vmbr0
+iface vmbr0 inet static
+	address 192.168.0.1/24
+	gateway 192.168.0.254
+        bridge-ports eth0
+        bridge-stp off
+        bridge-fd 0
--- a/test/zones/evpn/advertise_subnets/sdn_config
+++ b/test/zones/evpn/advertise_subnets/sdn_config
@ -0,0 +1,26 @@
+{
+  version => 1,
+  vnets   => {
+               ids => {
+                        myvnet => { tag => "100", type => "vnet", zone => "myzone" },
+                      },
+             },
+
+  zones   => {
+               ids => { myzone => { ipam => "pve", type => "evpn", controller => "evpnctl", 'vrf-vxlan' => 1000, 'mac' => 'A2:1D:CB:1A:C0:8B', 'advertise-subnets' => 1 } },
+             },
+  controllers  => {
+               ids => { evpnctl => { type => "evpn", 'peers' => '192.168.0.1,192.168.0.2,192.168.0.3', asn => "65000" } },
+             },
+
+  subnets => {
+              ids => { 'myzone-10.0.0.0-24' => {
+							'type' => 'subnet',
+							'vnet' => 'myvnet',
+							'gateway' => '10.0.0.1',
+						  }
+		     }
+	     }
+}
+
+