Integrating a Proxmox VE with an External SDN, Applicable?

[spirit]

not working!.
Also, it doesn't make sense to use the same ASN with eBGP and NSX-T ASN (65004) is required to define NSX-T as a remote peer

I don't use the same asn (65014 for proxmox, for both evpn/bgp).

maybe, try something simple first, with only proxmox evpn

evpn: evpn
asn 65014
peers 192.168.100.105,192.168.100.106,192.168.100.107

proxmox vm should be able to communicate, even if they are in a different vnet/subnet.

 

[iami]

I don't use the same asn (65014 for proxmox, for both evpn/bgp).

How to define the NSX-T ASN (remote asn 65004)?

proxmox vm should be able to communicate, even if they are in a different vnet/subnet.

as I mentioned, the VMs can communicate if bgp controller is not enabled

 

[spirit]

How to define the NSX-T ASN (remote asn 65004)?

you don't need to defined it. simply enable "ebgp" option. (frr router use a syntax like "remote-external", like any different asn wildcard)

as I mentioned, the VMs can communicate if bgp controller is not enabled

mmm,I'll test on my side to see what's going on.


just to be sure, do you have last pve8.X packages ?

can you send result of

#pve-version -v

?

 

[iami]

Hi Spirit,

# pveversion -v
proxmox-ve: 8.1.0 (running kernel: 6.5.11-7-pve)
pve-manager: 8.1.4 (running version: 8.1.4/ec5affc9e41f1d79)
proxmox-kernel-helper: 8.1.0
proxmox-kernel-6.5: 6.5.11-8
proxmox-kernel-6.5.11-8-pve-signed: 6.5.11-8
proxmox-kernel-6.5.11-7-pve-signed: 6.5.11-7
proxmox-kernel-6.5.11-4-pve-signed: 6.5.11-4
ceph-fuse: 18.2.1-pve2
corosync: 3.1.7-pve3
criu: 3.17.1-2
frr-pythontools: 8.5.2-1+pve1
glusterfs-client: 10.3-5
ifupdown2: 3.2.0-1+pmx8
ksm-control-daemon: 1.4-1
libjs-extjs: 7.0.0-4
libknet1: 1.28-pve1
libproxmox-acme-perl: 1.5.0
libproxmox-backup-qemu0: 1.4.1
libproxmox-rs-perl: 0.3.3
libpve-access-control: 8.1.1
libpve-apiclient-perl: 3.3.1
libpve-common-perl: 8.1.0
libpve-guest-common-perl: 5.0.6
libpve-http-server-perl: 5.0.5
libpve-network-perl: 0.9.5
libpve-rs-perl: 0.8.8
libpve-storage-perl: 8.0.5
libspice-server1: 0.15.1-1
lvm2: 2.03.16-2
lxc-pve: 5.0.2-4
lxcfs: 5.0.3-pve4
novnc-pve: 1.4.0-3
proxmox-backup-client: 3.1.4-1
proxmox-backup-file-restore: 3.1.4-1
proxmox-kernel-helper: 8.1.0
proxmox-mail-forward: 0.2.3
proxmox-mini-journalreader: 1.4.0
proxmox-offline-mirror-helper: 0.6.4
proxmox-widget-toolkit: 4.1.3
pve-cluster: 8.0.5
pve-container: 5.0.8
pve-docs: 8.1.3
pve-edk2-firmware: 4.2023.08-3
pve-firewall: 5.0.3
pve-firmware: 3.9-1
pve-ha-manager: 4.0.3
pve-i18n: 3.2.0
pve-qemu-kvm: 8.1.5-2
pve-xtermjs: 5.3.0-3
qemu-server: 8.0.10
smartmontools: 7.3-pve1
spiceterm: 3.3.0
swtpm: 0.8.0+pve1
vncterm: 1.8.0
zfsutils-linux: 2.2.2-pve1

 

[spirit]

I have tested on my side, it's working fine for me with:

zones.cfg

evpn: zoneevpn
        controller evpnctl
        vrf-vxlan 10000
        advertise-subnets 1
        exitnodes node1
        ipam pve
        mac BC:24:11:B0:85:2C

controllers:

evpn: evpnctl
        asn 65000
        peers 192.168.0.1,192.168.0.2,192.168.0.3

bgp: bgpnode1
        asn 65000
        node node1
        peers 10.0.0.1
        bgp-multipath-as-path-relax 4
        ebgp 1

3 proxmox node with 192.168.0.1,192.168.0.2,192.168.0.3 with node1 as exit-node

and node1 announcing routes to an external router 10.0.0.1 is a different asn through ebgp

 

[iami]

Yes, I did the same before but it doesn't working sometimes. So, I need to apply the configurations again.
The issue now, I cannot reach any vm behind the router from any vm hosting on non-exit node. can you simulate and test that?

Thanks.