[pve-devel] [PATCH pve-network 1/5] evpn : add "ip route del vrf vrf_myzone unreachable default metric 4278198272" on exit node

[Alexandre Derumier]

This is breaking routing between the evpn vrf && default vrf leak  on exit node only

Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
---
 PVE/Network/SDN/Zones/EvpnPlugin.pm                   | 10 +++++++---
 test/zones/evpn/exitnode/expected_sdn_interfaces      |  2 +-
 test/zones/evpn/exitnode_snat/expected_sdn_interfaces |  2 +-
 3 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/PVE/Network/SDN/Zones/EvpnPlugin.pm b/PVE/Network/SDN/Zones/EvpnPlugin.pm
index 4fa46f7..36edccd 100644
--- a/PVE/Network/SDN/Zones/EvpnPlugin.pm
+++ b/PVE/Network/SDN/Zones/EvpnPlugin.pm
@@ -73,6 +73,7 @@ sub generate_sdn_config {
     my $bgprouter = PVE::Network::SDN::Controllers::EvpnPlugin::find_bgp_controller($local_node, $controller_cfg);
     my $loopback = $bgprouter->{loopback} if $bgprouter->{loopback};
     my ($ifaceip, $iface) = PVE::Network::SDN::Zones::Plugin::find_local_ip_interface_peers(\@peers, $loopback);
+    my $is_evpn_gateway = $plugin_config->{'exitnodes'}->{$local_node};
 
     my $mtu = 1450;
     $mtu = $interfaces_config->{$iface}->{mtu} - 50 if $interfaces_config->{$iface}->{mtu};
@@ -127,8 +128,6 @@ sub generate_sdn_config {
 
 	if ($subnet->{snat}) {
 
-	    my $is_evpn_gateway = $plugin_config->{'exitnodes'}->{$local_node};
-
             #find outgoing interface
             my ($outip, $outiface) = PVE::Network::SDN::Zones::Plugin::get_local_route_ip($checkrouteip);
             if ($outip && $outiface && $is_evpn_gateway) {
@@ -158,7 +157,12 @@ sub generate_sdn_config {
 	#vrf interface
 	@iface_config = ();
 	push @iface_config, "vrf-table auto";
-	push @iface_config, "post-up ip route add vrf $vrf_iface unreachable default metric 4278198272";
+	if(!$is_evpn_gateway) {
+	    push @iface_config, "post-up ip route add vrf $vrf_iface unreachable default metric 4278198272";
+	} else {
+	    push @iface_config, "post-up ip route del vrf $vrf_iface unreachable default metric 4278198272";
+	}
+
 	push(@{$config->{$vrf_iface}}, @iface_config) if !$config->{$vrf_iface};
 
 	if ($vrfvxlan) {
diff --git a/test/zones/evpn/exitnode/expected_sdn_interfaces b/test/zones/evpn/exitnode/expected_sdn_interfaces
index 4cf13e0..5ab3084 100644
--- a/test/zones/evpn/exitnode/expected_sdn_interfaces
+++ b/test/zones/evpn/exitnode/expected_sdn_interfaces
@@ -14,7 +14,7 @@ iface myvnet
 auto vrf_myzone
 iface vrf_myzone
 	vrf-table auto
-	post-up ip route add vrf vrf_myzone unreachable default metric 4278198272
+	post-up ip route del vrf vrf_myzone unreachable default metric 4278198272
 
 auto vrfbr_myzone
 iface vrfbr_myzone
diff --git a/test/zones/evpn/exitnode_snat/expected_sdn_interfaces b/test/zones/evpn/exitnode_snat/expected_sdn_interfaces
index a2a183e..47df77a 100644
--- a/test/zones/evpn/exitnode_snat/expected_sdn_interfaces
+++ b/test/zones/evpn/exitnode_snat/expected_sdn_interfaces
@@ -33,7 +33,7 @@ iface myvnet2
 auto vrf_myzone
 iface vrf_myzone
 	vrf-table auto
-	post-up ip route add vrf vrf_myzone unreachable default metric 4278198272
+	post-up ip route del vrf vrf_myzone unreachable default metric 4278198272
 
 auto vrfbr_myzone
 iface vrfbr_myzone
-- 
2.30.2