[pve-devel] [PATCH pve-docs 3/4] vxlan: add external bgp router documentation
Alexandre Derumier
aderumier at odiso.com
Mon Sep 9 07:46:08 CEST 2019
Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
---
vxlan-and-evpn.adoc | 92 +++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 88 insertions(+), 4 deletions(-)
diff --git a/vxlan-and-evpn.adoc b/vxlan-and-evpn.adoc
index 5f72a88..3d495a3 100644
--- a/vxlan-and-evpn.adoc
+++ b/vxlan-and-evpn.adoc
@@ -1135,8 +1135,8 @@ line vty
!
----
-VXLAN layer3 routing with anycast gateway + routing to outside with external router
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+VXLAN layer3 routing with anycast gateway + routing to outside with external router with static default gw
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Routing to outside need the symmetric model.
1 gateway node
@@ -1952,6 +1952,92 @@ iface vmbr0 inet static
----
+
+gateway node(s) with a upstream bgp router
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+Setup is almost the same than with a static gateway, but we'll connect to an upstream bgp router.
+
+example with node1 as gateway (192.168.0.1) for evpn-bgp, and an upstream bgp router (running frr too) 192.168.0.254.
+
+* node1
+
+frr.conf
+----
+vrf vrf1
+ vni 4000
+ exit-vrf
+!
+router bgp 1234
+ bgp router-id 192.168.0.1
+ no bgp default ipv4-unicast
+ no bgp default ipv6-unicast
+ coalesce-time 1000
+ neighbor 192.168.0.2 remote-as 1234
+ neighbor 192.168.0.3 remote-as 1234
+ neighbor 192.168.0.254 remote-as external
+ !
+ address-family ipv4 unicast
+ import vrf vrf1
+ neighbor 192.168.0.254 activate
+ exit-address-family
+ !
+ address-family ipv6 unicast
+ import vrf vrf1
+ neighbor 192.168.0.254 activate
+ exit-address-family
+ !
+ address-family l2vpn evpn
+ neighbor 192.168.0.1 activate
+ neighbor 192.168.0.2 activate
+ neighbor 192.168.0.254 activate
+ advertise-all-vni
+ exit-address-family
+!
+router bgp 1234 vrf vrf1
+!
+ address-family ipv4 unicast
+ redistribute connected
+ exit-address-family
+ !
+ address-family ipv6 unicast
+ redistribute connected
+ exit-address-family
+ !
+ address-family l2vpn evpn
+ default-originate ipv4
+ default-originate ipv6
+ exit-address-family
+!
+line vty
+!
+----
+
+* bgp router
+
+frr.conf
+----
+ip prefix-list NO32 seq 10 permit 0.0.0.0/0 ge 8 le 24
+ip prefix-list NO32 seq 20 deny any
+!
+router bgp 25253
+ bgp router-id 192.168.0.254
+ bgp bestpath as-path multipath-relax
+ neighbor 192.168.0.1 remote-as external
+ neighbor 192.168.0.1 capability extended-nexthop
+ !
+ address-family ipv4 unicast
+ neighbor 192.168.0.1 default-originate
+ neighbor 192.168.0.1 prefix-list NO32 in #don't import /32 route from evpn
+ exit-address-family
+ !
+ address-family ipv6 unicast
+ neighbor 192.168.0.1 default-originate
+ neighbor 192.168.0.1 prefix-list NO32 in #don't import /32 route from evpn
+ exit-address-family
+ !
+!
+---
+
Route Reflectors
^^^^^^^^^^^^^^^^
If you have a lot of proxmox nodes, or multiple proxmox clusters, you may want
@@ -2028,5 +2114,3 @@ router bgp 1234
exit-address-family
!
----
-
-#TODO : Documentation with bgp upstream router.
--
2.20.1
More information about the pve-devel
mailing list