[pve-devel] [PATCH pve-docs 0/1] vxlan l3 routing

Alexandre DERUMIER aderumier at odiso.com
Sat Aug 25 02:10:33 CEST 2018 

>>Just try - maybe you can find a way to define a cluster wide config 
>>(etc/pve/network.cfg) for those bridges.
>>
>>vnet1000: vxlan        # VNI 1000
>>       device vmbr0    # => vxlan-local-tunnelip
>>       group 239.0.0.1

>>above would create the vtep and the bridge called 'vnet1000'?

Hi Dietmar,

I think I have found a way.

ifupdown2 support "alias" options

"
auto eno1
iface eno1
    alias hypervisor_port_1
"


ip link set dev ${interface name} alias "${description}"

Examples:
ip link set dev eno1 alias "hypervisor_port_1"
Link aliases show up in "ip link show" output, like:
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT qlen 1000
    link/ether 22:ce:e0:99:63:6f brd ff:ff:ff:ff:ff:ff
    alias hypervisor_port_1



Like this, we could define a common alias on differents hosts, with differents interfaces,
and no need to use a vmbr0.  (I'm thinking of layer3 underlay, with multiple interfaces with ecmp)



Some examples:
---------------

multicast setup
---------------
vnet1000: vxlan        # VNI 1000
          device hypervisor_port_1    
          type multicast
          group 239.0.0.1



this will add a vxlan1000 interface with "vxlan-svcnodeip ..." option (with multicast address)
 and vxlan-physdev (interface enX with hypervisor_port_1 alias)



node1
-----
auto eno1
iface eno1 inet static
     address 192.168.0.1/24
     alias hypervisor_port_1

auto vxlan1000
iface vxlan1000 inet manual
     vxlan-svcnodeip 239.0.0.1
     vxlan-physdev eno1

auto vmbr1000
iface vmbr1000 inet manual
         bridge_ports vxlan1000
         bridge_stp off
         bridge_fd 0

node2
-----
auto eno2
iface eno2 inet static
     address 192.168.0.2/24
     alias hypervisor_port_1

auto vxlan1000
iface vxlan1000 inet manual
     vxlan-svcnodeip 239.0.0.1
     vxlan-physdev eno2

auto vmbr1000
iface vmbr1000 inet manual
         bridge_ports vxlan1000
         bridge_stp off
         bridge_fd 0


unicast setup
-------------
vnet1000: vxlan        # VNI 1000
          device hypervisor_port_1 
          type unicast
          group 192.168.0.1,192.168.0.2,192.168.0.3,ip4,ip5,.. (all proxmox nodes ips or others ip)


this will add a vxlan1000 interface with "vxlan_remoteip ..." option, with all ips from "group", excluding ip of hypervisor_port_1 on each host,
and a vmbr1000 with 192.168.0.1 (anycast gateway)

node1
-----
auto eno1
iface eno1 inet static
     address 192.168.0.1/24
     alias hypervisor_port_1

auto vxlan1000
iface vxlan1000 inet manual
         vxlan_remoteip 192.168.0.2
         vxlan_remoteip 192.168.0.3

auto vmbr1000
iface vmbr1000 inet manual
         bridge_ports vxlan1000
         bridge_stp off
         bridge_fd 0

node2
-----
auto eno2
iface eno2 inet static
     address 192.168.0.2/24
     alias hypervisor_port_1

auto vxlan1000
iface vxlan1000 inet manual
         vxlan_remoteip 192.168.0.1
         vxlan_remoteip 192.168.0.3

auto vmbr1000
iface vmbr1000 inet manual
         bridge_ports vxlan1000
         bridge_stp off
         bridge_fd 0




evpn-bgp setup
--------------
vnet1000: vxlan        # VNI 1000
          device hypervisor_port_1    
          type evpn-bgp
          gateway 10.0.0.1

this will add a vxlan1000 interface "vxlan-local-tunnelip ..." with ip address of hypervisor_port_1 on each host,
and a vmbr1000 with 192.168.0.1 (anycast gateway)


node1
-----
auto eno1
iface eno1 inet static
     address 192.168.0.1/24
     alias hypervisor_port_1

auto vxlan1000
iface vxlan1000 inet manual
        vxlan-id 1000
        vxlan-local-tunnelip 192.168.0.1
        bridge-learning off
        bridge-arp-nd-suppress on
        bridge-unicast-flood off
        bridge-multicast-flood off

auto vmbr1000
iface vmbr1000 inet static
        address 10.0.0.1/24
        bridge_ports vxlan1000
        bridge_stp off
        bridge_fd 0
node2
-----
auto eno2
iface eno2 inet static
     address 192.168.0.2/24
     alias hypervisor_port_1

auto vxlan1000
iface vxlan1000 inet manual
        vxlan-id 1000
        vxlan-local-tunnelip 192.168.0.2
        bridge-learning off
        bridge-arp-nd-suppress on
        bridge-unicast-flood off
        bridge-multicast-flood off

auto vmbr1000
iface vmbr1000 inet static
        address 10.0.0.1/24
        bridge_ports vxlan1000
        bridge_stp off
        bridge_fd 0





What do you think about this ?




----- Mail original -----
De: "dietmar" <dietmar at proxmox.com>
À: "aderumier" <aderumier at odiso.com>
Cc: "pve-devel" <pve-devel at pve.proxmox.com>
Envoyé: Mardi 14 Août 2018 12:09:20
Objet: Re: [pve-devel] [PATCH pve-docs 0/1] vxlan l3 routing

> >>Not sure if the vxlan config is most times node related, so you always have 
> >>node 
> >>related config anyways? 
> with frr, The vxlan interface indeed have the local ip vxlan-local-tunnelip. 
> (this could be found in frr.conf). 
> This could be managed with ifupdown2 template (as vxlan-local-tunnelip is 
> always the same). 
> 
> I was thinking of vmbr definition, as it's exactly the same on all nodes. (and 
> can't be managed easily with ifupdown2 template). 
> We can manage this with puppet without problem, but I was thinking for users 
> which only manage this through proxmox. 

Just try - maybe you can find a way to define a cluster wide config 
(etc/pve/network.cfg) for those bridges. 

vnet1000: vxlan # VNI 1000 
device vmbr0 # => vxlan-local-tunnelip 
group 239.0.0.1 

above would create the vtep and the bridge called 'vnet1000'? 

...

More information about the pve-devel mailing list