Currently, when multiple exit-nodes are defined, each exit-nodes exchanges
their own default route, so traffic is looping between both exit nodes
instead going out.
This add a new route-map to filter received type-5 on exit node
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
frr reload is not 100% perfect, and sometime is not able to
apply correctly changes.
Use restart in this case to be sure to have the correct config.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Forwarding is enabled by default since frr 7.4
also add frr version && reorder some options to avoid warning message on frr reload
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Allow to import external route target list from external evpn network
(main usecase is DC inter-connect)
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
evpn route distinguisher is compute from bgp router-id.
if not defined, it take random ip or 0.0.0.0 and could result collisions between hosts
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
exitnodes-primary option force traffic to a primary node
A route-map is used to increase metric on backup nodes.
This can be usefull for snat or avoid asymetric routing.
Route-map is rework to handle multiple sequences of route map.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
can be usefull if we want to join other loopback ips,
like a ceph cluster in the underlay network
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
commit 7c5b0f6 not only reduced the possible length but also the
accepted character set, revert the latter partially again and allow
using minus and underscore for characters not being the start or end.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
arp-nd-suppression can break ip mobility,
when an ip from a vm is moved to another vm, with different mac.
For example, with a keepalived vip, the garp is filtered.
This option allow an exit-node to reach itself a guest in evpn network.
Forum user have requested it, the exitnode need to reach virtual dns server in evpn.
This use a veth-pair instead a simple leak.
It's not enable by default is slowing down a little bit the routing.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
allow to advertise type5 routes for evpn subnets, if vms are silents hosts.
(don't do any traffic, so anycast gateway don't have their mac-ip)
fix: https://bugzilla.proxmox.com/show_bug.cgi?id=3571
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
- add lost is_gateway in subnets subnet when creating subnet
- allow reuse ip as gateway in subnet create if it's already flagged gateway in the ipamdb
- add tests
some user want to be able to define a vnet without vlan,
so at qinq zone level, to be able to see traffic from others vnets of this
qinq zone.
Some example of usage is a inter-vnet firewall/gateway vm.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
