[pve-devel] rfc : /etc/pve/networks.cfg implementation
Dietmar Maurer
dietmar at proxmox.com
Fri Mar 1 06:36:02 CET 2019
> >>Not sure if we need those extra switch settings?
>
> yes, indeed, I think something like vnet[0-4096] could be better,
>
> Can't we combine
> >>switch and transportzones? i.e.
> >>
> >>vnet1: vxlanfrr
> >> name: zone4 # not really required
> >> transportzone zone4
> >> ...
> >> l3vni: id
> >> l3vnihwaddres: macaddress
> >> allowedid: 1-16millions
>
>
> It's more to avoid to redone all config each time.
>
> for example,
>
> you define 1000 vnet, with unicast vxlan
> with option:
> vxlan_remoteip proxmoxip1,proxmoxip2,proxmoxip3,....
>
>
> and one day, you want to add a new node (could be an external proxmox cluster too),
> you need to edit the 1000 vnet
>
> same with multicast, if you want to change multicast address, or another attribute
>
> also, some attribute need to be common, like a vrf (you can't have a different vrf applied on the real interface, and others vrf on differents vxlan)
OK, got it - this makes sense now.
> (vmware nsx is doing that too, creating logical/distributed switch on top of a transport zone)
>
> > 3)
> >
> > After that, I think we need a new daemon, to generate /etc/network/interfaces locally
> > on each node, do ifupdown2 reload on change,.... maybe do we need to manage that on a separate config ? /etc/network/interfaces.d/networks.cfg ?
>
> >>Or just activate when needed (at VM start)? But yes, a separate config is preferable.
>
> Yes, I was thinking about this.
>
> The only case, is with frr + asymetric routing, it's a problem, because if you want
>
> host1: vxlan1 - vm1
> host2: vxlan2 - vm2
>
> when vm1->vm2, it's correctly routed, but the reply of vm2 need to go through vxlan1 directly. (so vxlan1 need to active on host2 too).
> (I'm not a big fan of asymmetric, so we could only implement symetric routing with frr, where the l3vni which is doing the routing)
>
> Maybe another thing, if one day we want to implement dhcp,I don't known if it's more easy to have all network always up ?
Yes, OK for me ...
More information about the pve-devel
mailing list