Mirror/pve-network
1
0
Fork 1
mirror of git://git.proxmox.com/git/pve-network.git synced 2025-04-30 11:27:11 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix #4662: frr: fix config generation ordering

Browse source 
vrf and router bgp vrf need to be ordered by vrf name

ip protocol need to be at the end

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Alexandre Derumier 2023-04-20 23:36:19 +02:00 committed by Thomas Lamprecht
parent b84eacc86a
commit f56311de97
8 changed files with 217 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/PVE/Network/SDN/Controllers/BgpPlugin.pm
View file

@ -119,7 +119,7 @@ sub generate_controller_config {
if ($loopback) {
$config->{frr_prefix_list}->{loopbacks_ips}->{10} = "permit 0.0.0.0/0 le 32";
push(@{$config->{frr}->{''}}, "ip protocol bgp route-map correct_src");
push(@{$config->{frr_ip_protocol}}, "ip protocol bgp route-map correct_src");
my $routemap_config = ();
push @{$routemap_config}, "match ip address prefix-list loopbacks_ips";

67
src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
View file

@ -247,7 +247,7 @@ sub generate_controller_vnet_config {
my $cidr = $subnet->{cidr};
push @controller_config, "ip route $cidr 10.255.255.2 xvrf_$zoneid";
}
push(@{$config->{frr}->{''}}, @controller_config);
push(@{$config->{frr_ip_protocol}}, @controller_config);
}
sub on_delete_hook {
@ -291,41 +291,14 @@ sub find_bgp_controller {
}
sub sort_frr_config {
my $order = {};
$order->{''} = 0;
$order->{'vrf'} = 1;
$order->{'ipv4 unicast'} = 1;
$order->{'ipv6 unicast'} = 2;
$order->{'l2vpn evpn'} = 3;
my $a_val = 100;
my $b_val = 100;
$a_val = $order->{$a} if defined($order->{$a});
$b_val = $order->{$b} if defined($order->{$b});
if ($a =~ /bgp (\d+)$/) {
$a_val = 2;
}
if ($b =~ /bgp (\d+)$/) {
$b_val = 2;
}
return $a_val <=> $b_val;
}
sub generate_frr_recurse{
my ($final_config, $content, $parentkey, $level) = @_;
my $keylist = {};
$keylist->{vrf} = 1;
$keylist->{'address-family'} = 1;
$keylist->{router} = 1;
my $exitkeylist = {};
$exitkeylist->{vrf} = 1;
$exitkeylist->{'address-family'} = 1;
my $simple_exitkeylist = {};
@ -343,7 +316,8 @@ sub generate_frr_recurse{
$padding = ' ' x ($paddinglevel) if $paddinglevel;
if (ref $content eq 'HASH') {
foreach my $key (sort sort_frr_config keys %$content) {
foreach my $key (sort keys %$content) {
next if $key eq 'vrf';
if ($parentkey && defined($keylist->{$parentkey})) {
push @{$final_config}, $padding."!";
push @{$final_config}, $padding."$parentkey $key";
@ -364,6 +338,39 @@ sub generate_frr_recurse{
}
}
sub generate_frr_vrf {
my ($final_config, $vrfs) = @_;
return if !$vrfs;
my @config = ();
foreach my $id (sort keys %$vrfs) {
my $vrf = $vrfs->{$id};
push @config, "!";
push @config, "vrf $id";
foreach my $rule (@$vrf) {
push @config, " $rule";
}
push @config, "exit-vrf";
}
push @{$final_config}, @config;
}
sub generate_frr_ip_protocol {
my ($final_config, $ips) = @_;
return if !$ips;
my @config = ();
push @{$final_config}, "!";
foreach my $rule (sort @$ips) {
push @{$final_config}, $rule;
}
}
sub generate_frr_routemap {
my ($final_config, $routemaps) = @_;
@ -422,10 +429,12 @@ sub generate_controller_rawconfig {
parse_merge_frr_local_config($config, $local_conf);
}
generate_frr_vrf($final_config, $config->{frr}->{vrf});
generate_frr_recurse($final_config, $config->{frr}, undef, 0);
generate_frr_list($final_config, $config->{frr_access_list}, "access-list");
generate_frr_list($final_config, $config->{frr_prefix_list}, "ip prefix-list");
generate_frr_routemap($final_config, $config->{frr_routemap});
generate_frr_ip_protocol($final_config, $config->{frr_ip_protocol});
push @{$final_config}, "!";
push @{$final_config}, "line vty";

3
src/test/zones/evpn/ebgp_loopback/expected_controller_config
View file

@ -4,7 +4,6 @@ hostname localhost
log syslog informational
service integrated-vtysh-config
!
ip protocol bgp route-map correct_src
!
vrf vrf_myzone
vni 1000
@ -65,5 +64,7 @@ route-map correct_src permit 1
set src 192.168.0.1
exit
!
ip protocol bgp route-map correct_src
!
line vty
!

3
src/test/zones/evpn/exitnode_local_routing/expected_controller_config
View file

@ -4,7 +4,6 @@ hostname localhost
log syslog informational
service integrated-vtysh-config
!
ip route 10.0.0.0/24 10.255.255.2 xvrf_myzone
!
vrf vrf_myzone
vni 1000
@ -48,5 +47,7 @@ exit
route-map MAP_VTEP_OUT permit 1
exit
!
ip route 10.0.0.0/24 10.255.255.2 xvrf_myzone
!
line vty
!

49
src/test/zones/evpn/multiplezones/expected_controller_config Normal file
View file

@ -0,0 +1,49 @@
frr version 8.2.2
frr defaults datacenter
hostname localhost
log syslog informational
service integrated-vtysh-config
!
!
vrf vrf_myzone
vni 1000
exit-vrf
!
vrf vrf_myzone2
vni 1001
exit-vrf
!
router bgp 65000
bgp router-id 192.168.0.1
no bgp default ipv4-unicast
coalesce-time 1000
neighbor VTEP peer-group
neighbor VTEP remote-as 65000
neighbor VTEP bfd
neighbor 192.168.0.2 peer-group VTEP
neighbor 192.168.0.3 peer-group VTEP
!
address-family l2vpn evpn
neighbor VTEP route-map MAP_VTEP_IN in
neighbor VTEP route-map MAP_VTEP_OUT out
neighbor VTEP activate
advertise-all-vni
exit-address-family
exit
!
router bgp 65000 vrf vrf_myzone
bgp router-id 192.168.0.1
exit
!
router bgp 65000 vrf vrf_myzone2
bgp router-id 192.168.0.1
exit
!
route-map MAP_VTEP_IN permit 1
exit
!
route-map MAP_VTEP_OUT permit 1
exit
!
line vty
!

81
src/test/zones/evpn/multiplezones/expected_sdn_interfaces Normal file
View file

@ -0,0 +1,81 @@
#version:1
auto myvnet
iface myvnet
address 10.0.0.1/24
bridge_ports vxlan_myvnet
bridge_stp off
bridge_fd 0
mtu 1450
ip-forward on
arp-accept on
vrf vrf_myzone
auto myvnet2
iface myvnet2
address 172.16.0.1/24
bridge_ports vxlan_myvnet2
bridge_stp off
bridge_fd 0
mtu 1450
ip-forward on
arp-accept on
vrf vrf_myzone2
auto vrf_myzone
iface vrf_myzone
vrf-table auto
post-up ip route add vrf vrf_myzone unreachable default metric 4278198272
auto vrf_myzone2
iface vrf_myzone2
vrf-table auto
post-up ip route add vrf vrf_myzone2 unreachable default metric 4278198272
auto vrfbr_myzone
iface vrfbr_myzone
bridge-ports vrfvx_myzone
bridge_stp off
bridge_fd 0
mtu 1450
vrf vrf_myzone
auto vrfbr_myzone2
iface vrfbr_myzone2
bridge-ports vrfvx_myzone2
bridge_stp off
bridge_fd 0
mtu 1450
vrf vrf_myzone2
auto vrfvx_myzone
iface vrfvx_myzone
vxlan-id 1000
vxlan-local-tunnelip 192.168.0.1
bridge-learning off
bridge-arp-nd-suppress on
mtu 1450
auto vrfvx_myzone2
iface vrfvx_myzone2
vxlan-id 1001
vxlan-local-tunnelip 192.168.0.1
bridge-learning off
bridge-arp-nd-suppress on
mtu 1450
auto vxlan_myvnet
iface vxlan_myvnet
vxlan-id 100
vxlan-local-tunnelip 192.168.0.1
bridge-learning off
bridge-arp-nd-suppress on
mtu 1450
auto vxlan_myvnet2
iface vxlan_myvnet2
vxlan-id 101
vxlan-local-tunnelip 192.168.0.1
bridge-learning off
bridge-arp-nd-suppress on
mtu 1450

7
src/test/zones/evpn/multiplezones/interfaces Normal file
View file

@ -0,0 +1,7 @@
auto vmbr0
iface vmbr0 inet static
address 192.168.0.1/24
gateway 192.168.0.254
bridge-ports eth0
bridge-stp off
bridge-fd 0

37
src/test/zones/evpn/multiplezones/sdn_config Normal file
View file

@ -0,0 +1,37 @@
{
version => 1,
vnets => {
ids => {
myvnet => { tag => "100", type => "vnet", zone => "myzone" },
myvnet2 => { tag => "101", type => "vnet", zone => "myzone2" },
},
},
zones => {
ids => {
myzone => { ipam => "pve", type => "evpn", controller => "evpnctl", 'vrf-vxlan' => 1000 },
myzone2 => { ipam => "pve", type => "evpn", controller => "evpnctl", 'vrf-vxlan' => 1001 },
}
},
controllers => {
ids => { evpnctl => { type => "evpn", 'peers' => '192.168.0.1,192.168.0.2,192.168.0.3', asn => "65000" } },
},
subnets => {
ids => {
'myzone-10.0.0.0-24' => {
'type' => 'subnet',
'vnet' => 'myvnet',
'gateway' => '10.0.0.1',
},
'myzone2-172.16.0.0-24' => {
'type' => 'subnet',
'vnet' => 'myvnet2',
'gateway' => '172.16.0.1',
},
}
}
}