proxmox-mirrors/frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/frr synced 2025-04-28 10:49:48 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

frr: port patches to latest stable version, add topotests

Browse Source 
These patches enable the bgp daemon per default and implement the
bgp-evpn autort feature. Also add the topotest for the autort feature.

Signed-off-by: Gabriel Goller <g.goller@proxmox.com>
This commit is contained in:
Gabriel Goller 2025-03-07 13:29:43 +01:00 committed by Thomas Lamprecht
parent d0d67f7b33
commit 13542661ab
4 changed files with 381 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
debian/patches/pve/0001-enable-bgp-daemon.patch → debian/patches/pve/0001-enable-bgp-bfd-daemons.patch vendored
View File

@ -1,17 +1,18 @@
From f098e90f4d690e771f63f48e0540a470faa91892 Mon Sep 17 00:00:00 2001
From e608bc29e66291f7eafb9a9e17b13cc49ae0b726 Mon Sep 17 00:00:00 2001
From: Alexandre Derumier <aderumier@odiso.com>
Date: Wed, 25 Nov 2020 12:41:32 +0100
Subject: [PATCH] enable bgp && bfd daemons
Subject: [PATCH 1/6] enable bgp && bfd daemons
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Signed-off-by: Gabriel Goller <g.goller@proxmox.com>
---
tools/etc/frr/daemons | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tools/etc/frr/daemons b/tools/etc/frr/daemons
index b1526888e..27bc120a7 100644
--- a/tools/etc/frr/daemons
+++ b/tools/etc/frr/daemons
Index: b/tools/etc/frr/daemons
===================================================================
--- a/tools/etc/frr/daemons 2025-03-07 11:09:47.197423679 +0100
+++ b/tools/etc/frr/daemons 2025-03-07 11:09:47.194423675 +0100
@@ -14,7 +14,7 @@
#
# The watchfrr, zebra and staticd daemons are always started.
@ -21,7 +22,7 @@ index b1526888e..27bc120a7 100644
ospfd=no
ospf6d=no
ripd=no
@@ -27,7 +27,7 @@ eigrpd=no
@@ -28,7 +28,7 @@
babeld=no
sharpd=no
pbrd=no
@ -30,6 +31,4 @@ index b1526888e..27bc120a7 100644
fabricd=no
vrrpd=no
pathd=no
--
2.30.2

77
debian/patches/pve/0002-bgpd-add-an-option-for-RT-auto-derivation-to-force-A.patch vendored
View File

@ -1,55 +1,59 @@
From f5658ed4cecb3ad81cb838fb90467930943ab2ef Mon Sep 17 00:00:00 2001
From dbbe4040299d2a02179cc390d9d7e2aab59833da Mon Sep 17 00:00:00 2001
From: Alexandre Derumier <aderumier@odiso.com>
Date: Mon, 22 May 2023 19:31:28 +0200
Subject: [PATCH] bgpd : add an option for RT auto-derivation to force AS
Subject: [PATCH 2/6] bgpd : add an option for RT auto-derivation to force AS
Allow to define a custom AS for autort AS:VNI
Usefull for evpn with ebgp, where we can't auto-derivated from the router AS,
as route-target AS:VNI need to be the same on the each peer
Link: https://github.com/FRRouting/frr/pull/7535
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
[ GG: ported to latest stable 10.2.1 ]
Signed-off-by: Gabriel Goller <g.goller@proxmox.com>
---
bgpd/bgp_evpn.c | 12 ++++++++++--
bgpd/bgp_evpn_vty.c | 47 +++++++++++++++++++++++++++++++++------------
bgpd/bgp_evpn.c | 13 +++++++++++--
bgpd/bgp_evpn_vty.c | 46 +++++++++++++++++++++++++++++++++------------
bgpd/bgpd.h | 3 +++
3 files changed, 48 insertions(+), 14 deletions(-)
diff --git a/bgpd/bgp_evpn.c b/bgpd/bgp_evpn.c
index 28ea443c6..d44c6bd5d 100644
--- a/bgpd/bgp_evpn.c
+++ b/bgpd/bgp_evpn.c
@@ -591,7 +591,11 @@ static void form_auto_rt(struct bgp *bgp, vni_t vni, struct list *rtl,
Index: b/bgpd/bgp_evpn.c
===================================================================
--- a/bgpd/bgp_evpn.c 2025-03-07 11:09:47.315423809 +0100
+++ b/bgpd/bgp_evpn.c 2025-03-07 11:09:47.312423806 +0100
@@ -622,7 +622,12 @@
if (bgp->advertise_autort_rfc8365)
vni |= EVPN_AUTORT_VXLAN;
- encode_route_target_as((bgp->as & 0xFFFF), vni, &eval);
SET_FLAG(vni, EVPN_AUTORT_VXLAN);
- encode_route_target_as((bgp->as & 0xFFFF), vni, &eval, true);
+
+ if (bgp->autort_as) {
+ encode_route_target_as((bgp->autort_as & 0xFFFF), vni, &eval);
+ } else {
+ encode_route_target_as((bgp->as & 0xFFFF), vni, &eval);
+ encode_route_target_as((bgp->autort_as & 0xFFFF), vni, &eval, true);
+ }else {
+ encode_route_target_as((bgp->as & 0xFFFF), vni, &eval, true);
+ }
ecomadd = ecommunity_new();
ecommunity_add_val(ecomadd, &eval, false, false);
@@ -5174,7 +5178,11 @@ void evpn_rt_delete_auto(struct bgp *bgp, vni_t vni, struct list *rtl,
@@ -5490,7 +5495,11 @@
if (bgp->advertise_autort_rfc8365)
vni |= EVPN_AUTORT_VXLAN;
SET_FLAG(vni, EVPN_AUTORT_VXLAN);
- encode_route_target_as((bgp->as & 0xFFFF), vni, &eval);
- encode_route_target_as((bgp->as & 0xFFFF), vni, &eval, true);
+ if (bgp->autort_as) {
+ encode_route_target_as((bgp->autort_as & 0xFFFF), vni, &eval);
+ } else {
+ encode_route_target_as((bgp->as & 0xFFFF), vni, &eval);
+ encode_route_target_as((bgp->autort_as & 0xFFFF), vni, &eval, true);
+ }else {
+ encode_route_target_as((bgp->as & 0xFFFF), vni, &eval, true);
+ }
ecom_auto = ecommunity_new();
ecommunity_add_val(ecom_auto, &eval, false, false);
diff --git a/bgpd/bgp_evpn_vty.c b/bgpd/bgp_evpn_vty.c
index 6b63c6e3a..11012f3b8 100644
--- a/bgpd/bgp_evpn_vty.c
+++ b/bgpd/bgp_evpn_vty.c
@@ -3649,32 +3649,52 @@ DEFUN (no_bgp_evpn_advertise_all_vni,
Index: b/bgpd/bgp_evpn_vty.c
===================================================================
--- a/bgpd/bgp_evpn_vty.c 2025-03-07 11:09:47.315423809 +0100
+++ b/bgpd/bgp_evpn_vty.c 2025-03-07 11:09:47.313423807 +0100
@@ -3744,32 +3744,51 @@
return CMD_SUCCESS;
}
@ -59,11 +63,11 @@ index 6b63c6e3a..11012f3b8 100644
+DEFPY (bgp_evpn_advertise_autort,
+ bgp_evpn_advertise_autort_cmd,
+ "autort [rfc8365-compatible]$rfc8365 [as (1-65536)$as]",
+ NO_STR
"Auto-derivation of RT\n"
- "Auto-derivation of RT using RFC8365\n")
+ "Auto-derivation of RT using RFC8365\n"
+ "Auto-derivation AS\n"
+ "ASN\n")
+ "Auto-derivation AS\n")
{
struct bgp *bgp = VTY_GET_CONTEXT(bgp);
@ -92,8 +96,7 @@ index 6b63c6e3a..11012f3b8 100644
"Auto-derivation of RT\n"
- "Auto-derivation of RT using RFC8365\n")
+ "Auto-derivation of RT using RFC8365\n"
+ "Auto-derivation AS\n"
+ "ASN\n")
+ "Auto-derivation AS\n")
{
struct bgp *bgp = VTY_GET_CONTEXT(bgp);
@ -112,7 +115,7 @@ index 6b63c6e3a..11012f3b8 100644
return CMD_SUCCESS;
}
@@ -7121,6 +7141,9 @@ void bgp_config_write_evpn_info(struct vty *vty, struct bgp *bgp, afi_t afi,
@@ -7286,6 +7305,9 @@
if (bgp->advertise_autort_rfc8365)
vty_out(vty, " autort rfc8365-compatible\n");
@ -122,7 +125,7 @@ index 6b63c6e3a..11012f3b8 100644
if (bgp->advertise_gw_macip)
vty_out(vty, " advertise-default-gw\n");
@@ -7354,8 +7377,8 @@ void bgp_ethernetvpn_init(void)
@@ -7528,8 +7550,8 @@
install_element(BGP_EVPN_NODE, &evpnrt5_network_cmd);
install_element(BGP_EVPN_NODE, &bgp_evpn_advertise_all_vni_cmd);
install_element(BGP_EVPN_NODE, &no_bgp_evpn_advertise_all_vni_cmd);
@ -133,11 +136,11 @@ index 6b63c6e3a..11012f3b8 100644
install_element(BGP_EVPN_NODE, &bgp_evpn_advertise_default_gw_cmd);
install_element(BGP_EVPN_NODE, &no_bgp_evpn_advertise_default_gw_cmd);
install_element(BGP_EVPN_NODE, &bgp_evpn_advertise_svi_ip_cmd);
diff --git a/bgpd/bgpd.h b/bgpd/bgpd.h
index 72b5b50fb..452062e3d 100644
--- a/bgpd/bgpd.h
+++ b/bgpd/bgpd.h
@@ -685,6 +685,9 @@ struct bgp {
Index: b/bgpd/bgpd.h
===================================================================
--- a/bgpd/bgpd.h 2025-03-07 11:09:47.315423809 +0100
+++ b/bgpd/bgpd.h 2025-03-07 11:09:47.313423807 +0100
@@ -745,6 +745,9 @@
/* EVPN - use RFC 8365 to auto-derive RT */
int advertise_autort_rfc8365;
@ -147,6 +150,4 @@ index 72b5b50fb..452062e3d 100644
/*
* Flooding mechanism for BUM packets for VxLAN-EVPN.
*/
--
2.30.2

332
debian/patches/pve/0003-tests-add-bgp-evpn-autort-test.patch vendored Normal file
View File

@ -0,0 +1,332 @@
From 641f5b043f8aeb81b66882d6b86d62572e95af1d Mon Sep 17 00:00:00 2001
From: Alexandre Derumier <aderumier@odiso.com>
Date: Sat, 21 Nov 2020 01:28:42 +0100
Subject: [PATCH 3/6] tests: add bgp evpn autort test
Link: https://github.com/FRRouting/frr/pull/7535
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
[ GG: ported to latest master ]
Signed-off-by: Gabriel Goller <g.goller@proxmox.com>
---
tests/topotests/bgp_evpn_autort/__init__.py | 0
tests/topotests/bgp_evpn_autort/r1/bgpd.conf | 12 +
tests/topotests/bgp_evpn_autort/r1/zebra.conf | 6 +
tests/topotests/bgp_evpn_autort/r2/bgpd.conf | 12 +
tests/topotests/bgp_evpn_autort/r2/zebra.conf | 6 +
.../bgp_evpn_autort/test_bgp_evpn_autort.py | 246 ++++++++++++++++++
6 files changed, 282 insertions(+)
create mode 100644 tests/topotests/bgp_evpn_autort/__init__.py
create mode 100644 tests/topotests/bgp_evpn_autort/r1/bgpd.conf
create mode 100644 tests/topotests/bgp_evpn_autort/r1/zebra.conf
create mode 100644 tests/topotests/bgp_evpn_autort/r2/bgpd.conf
create mode 100644 tests/topotests/bgp_evpn_autort/r2/zebra.conf
create mode 100644 tests/topotests/bgp_evpn_autort/test_bgp_evpn_autort.py
Index: b/tests/topotests/bgp_evpn_autort/r1/bgpd.conf
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ b/tests/topotests/bgp_evpn_autort/r1/bgpd.conf 2025-03-07 11:09:47.441423948 +0100
@@ -0,0 +1,12 @@
+router bgp 65000
+ no bgp ebgp-requires-policy
+ neighbor 192.168.255.2 remote-as 65001
+ address-family ipv4 unicast
+ neighbor 192.168.255.2 activate
+ exit-address-family
+ !
+ address-family l2vpn evpn
+ neighbor 192.168.255.2 activate
+ advertise-all-vni
+ exit-address-family
+!
Index: b/tests/topotests/bgp_evpn_autort/r1/zebra.conf
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ b/tests/topotests/bgp_evpn_autort/r1/zebra.conf 2025-03-07 11:09:47.441423948 +0100
@@ -0,0 +1,6 @@
+!
+interface r1-eth0
+ ip address 192.168.255.1/24
+!
+ip forwarding
+!
Index: b/tests/topotests/bgp_evpn_autort/r2/bgpd.conf
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ b/tests/topotests/bgp_evpn_autort/r2/bgpd.conf 2025-03-07 11:09:47.441423948 +0100
@@ -0,0 +1,12 @@
+router bgp 65001
+ no bgp ebgp-requires-policy
+ neighbor 192.168.255.1 remote-as 65000
+ address-family ipv4 unicast
+ neighbor 192.168.255.1 activate
+ exit-address-family
+ !
+ address-family l2vpn evpn
+ neighbor 192.168.255.1 activate
+ advertise-all-vni
+ exit-address-family
+!
Index: b/tests/topotests/bgp_evpn_autort/r2/zebra.conf
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ b/tests/topotests/bgp_evpn_autort/r2/zebra.conf 2025-03-07 11:09:47.441423948 +0100
@@ -0,0 +1,6 @@
+!
+interface r2-eth0
+ ip address 192.168.255.2/24
+!
+ip forwarding
+!
Index: b/tests/topotests/bgp_evpn_autort/test_bgp_evpn_autort.py
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ b/tests/topotests/bgp_evpn_autort/test_bgp_evpn_autort.py 2025-03-07 11:09:47.441423948 +0100
@@ -0,0 +1,246 @@
+#!/usr/bin/env python
+
+#
+# bgp_evpn_autort.py
+# Part of NetDEF Topology Tests
+#
+# Copyright (c) 2019 by
+# Alexandre Derumier <aderumier@odiso.com>
+#
+# Permission to use, copy, modify, and/or distribute this software
+# for any purpose with or without fee is hereby granted, provided
+# that the above copyright notice and this permission notice appear
+# in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NETDEF DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NETDEF BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY
+# DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
+# WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
+# OF THIS SOFTWARE.
+#
+
+"""
+bgp_evpn_autort.py:
+
+"""
+
+import os
+import sys
+import json
+import time
+import pytest
+import functools
+
+CWD = os.path.dirname(os.path.realpath(__file__))
+sys.path.append(os.path.join(CWD, "../"))
+
+# pylint: disable=C0413
+from lib import topotest
+from lib.topogen import Topogen, TopoRouter, get_topogen
+from lib.topolog import logger
+from mininet.topo import Topo
+
+
+def build_topo(tgen):
+ "Build function"
+
+ for routern in range(1, 3):
+ tgen.add_router("r{}".format(routern))
+
+ switch = tgen.add_switch("s1")
+ switch.add_link(tgen.gears["r1"])
+ switch.add_link(tgen.gears["r2"])
+
+
+def setup_module(mod):
+ tgen = Topogen(build_topo, mod.__name__)
+ tgen.start_topology()
+
+ router_list = tgen.routers()
+
+ for i, (rname, router) in enumerate(router_list.items(), 1):
+ router.load_config(
+ TopoRouter.RD_ZEBRA, os.path.join(CWD, "{}/zebra.conf".format(rname))
+ )
+ router.load_config(
+ TopoRouter.RD_BGP, os.path.join(CWD, "{}/bgpd.conf".format(rname))
+ )
+
+ tgen.start_router()
+
+ router = tgen.gears["r2"]
+
+ cmds_r2 = [ # config routing 101
+ "ip link add name bridge-101 up type bridge stp_state 0",
+ "ip link set bridge-101 master {}-vrf-101",
+ "ip link set dev bridge-101 up",
+ "ip link add name vxlan-101 type vxlan id 101 dstport 4789 dev r2-eth0 local 192.168.255.2",
+ "ip link set dev vxlan-101 master bridge-101",
+ "ip link set vxlan-101 up type bridge_slave learning off flood off mcast_flood off",
+ ]
+
+ for cmd in cmds_r2:
+ logger.info("cmd to r2: " + cmd.format("r2"))
+ output = router.run(cmd.format("r2"))
+ logger.info("result: " + output)
+
+
+def teardown_module(mod):
+ tgen = get_topogen()
+ tgen.stop_topology()
+
+
+def test_bgp_evpn_autort():
+ tgen = get_topogen()
+
+ if tgen.routers_have_failure():
+ pytest.skip(tgen.errors)
+
+ def _verify_vni_65000(router):
+ output = json.loads(router.vtysh_cmd("sh bgp l2vpn evpn vni 101 json"))
+ expected = {
+ "vni":101,
+ "type":"L2",
+ "inKernel":"True",
+ "rd":"192.168.255.2:2",
+ "originatorIp":"192.168.255.2",
+ "mcastGroup":"0.0.0.0",
+ "advertiseGatewayMacip":"Disabled",
+ "advertiseSviMacIp":"Disabled",
+ "importRts":[
+ "65000:101"
+ ],
+ "exportRts":[
+ "65000:101"
+ ]
+ }
+ return topotest.json_cmp(output, expected)
+
+ def _verify_vni_65001(router):
+ output = json.loads(router.vtysh_cmd("sh bgp l2vpn evpn vni 101 json"))
+ expected = {
+ "vni":101,
+ "type":"L2",
+ "inKernel":"True",
+ "rd":"192.168.255.2:2",
+ "originatorIp":"192.168.255.2",
+ "mcastGroup":"0.0.0.0",
+ "advertiseGatewayMacip":"Disabled",
+ "advertiseSviMacIp":"Disabled",
+ "importRts":[
+ "65001:101"
+ ],
+ "exportRts":[
+ "65001:101"
+ ]
+ }
+ return topotest.json_cmp(output, expected)
+
+ def _verify_vni_65001_rfc8365(router):
+ output = json.loads(router.vtysh_cmd("sh bgp l2vpn evpn vni 101 json"))
+ expected = {
+ "vni":101,
+ "type":"L2",
+ "inKernel":"True",
+ "rd":"192.168.255.2:2",
+ "originatorIp":"192.168.255.2",
+ "mcastGroup":"0.0.0.0",
+ "advertiseGatewayMacip":"Disabled",
+ "advertiseSviMacIp":"Disabled",
+ "importRts":[
+ "65001:268435557"
+ ],
+ "exportRts":[
+ "65001:268435557"
+ ]
+ }
+ return topotest.json_cmp(output, expected)
+
+ def _remove_autort_as(router):
+ router.vtysh_cmd(
+ """
+ configure terminal
+ router bgp 65001
+ address-family l2vpn evpn
+ no autort as 65000
+ """
+ )
+
+ def _add_autort_as(router):
+ router.vtysh_cmd(
+ """
+ configure terminal
+ router bgp 65001
+ address-family l2vpn evpn
+ autort as 65000
+ """
+ )
+
+ def _add_autort_rfc8365(router):
+ router.vtysh_cmd(
+ """
+ configure terminal
+ router bgp 65001
+ address-family l2vpn evpn
+ autort rfc8365-compatible
+ """
+ )
+
+ def _remove_autort_rfc8365(router):
+ router.vtysh_cmd(
+ """
+ configure terminal
+ router bgp 65001
+ address-family l2vpn evpn
+ no autort rfc8365-compatible
+ """
+ )
+
+ router = tgen.gears["r2"]
+
+ test_func = functools.partial(_verify_vni_65001, router)
+ success, result = topotest.run_and_expect(test_func, None, count=15, wait=0.5)
+
+ assert result is None, 'wrong auto route-target "{}"'.format(
+ router
+ )
+
+ _add_autort_as(router)
+
+ test_func = functools.partial(_verify_vni_65000, router)
+ success, result = topotest.run_and_expect(test_func, None, count=15, wait=0.5)
+
+ assert result is None, 'wrong auto route-target "{}"'.format(router)
+
+ _remove_autort_as(router)
+
+ test_func = functools.partial(_verify_vni_65001, router)
+ success, result = topotest.run_and_expect(test_func, None, count=15, wait=0.5)
+
+ assert result is None, 'wrong auto route-target "{}"'.format(
+ router
+ )
+
+ _add_autort_rfc8365(router)
+
+ test_func = functools.partial(_verify_vni_65001_rfc8365, router)
+ success, result = topotest.run_and_expect(test_func, None, count=15, wait=0.5)
+
+ assert result is None, 'wrong auto route-target "{}"'.format(router)
+
+ _remove_autort_rfc8365(router)
+
+ test_func = functools.partial(_verify_vni_65001, router)
+ success, result = topotest.run_and_expect(test_func, None, count=15, wait=0.5)
+
+ assert result is None, 'wrong auto route-target "{}"'.format(
+ router
+ )
+
+
+if __name__ == "__main__":
+ args = ["-s"] + sys.argv[1:]
+ sys.exit(pytest.main(args))

3
debian/patches/series vendored
View File

@ -1,2 +1,3 @@
pve/0001-enable-bgp-daemon.patch
pve/0001-enable-bgp-bfd-daemons.patch
pve/0002-bgpd-add-an-option-for-RT-auto-derivation-to-force-A.patch
pve/0003-tests-add-bgp-evpn-autort-test.patch