Hello,
On Proxmox v8, EVPN Type-5 routes were working fine, but I was not using the Proxmox node as an exit node. After upgrading to Proxmox v9, the nodes no longer import EVPN Type-5 default routes into the VRFs. Whether the Type-5 route is advertised by a BGP peer or the Proxmox node itself is the exit node, these routes are not installed in the kernel.
Any ideas what could be wrong? Thank you in advance!
sdn.conf:
frr.conf:
On Proxmox v8, EVPN Type-5 routes were working fine, but I was not using the Proxmox node as an exit node. After upgrading to Proxmox v9, the nodes no longer import EVPN Type-5 default routes into the VRFs. Whether the Type-5 route is advertised by a BGP peer or the Proxmox node itself is the exit node, these routes are not installed in the kernel.
Any ideas what could be wrong? Thank you in advance!
Code:
proxmox1-4# show bgp l2vpn evpn route type 5 self-originate
BGP table version is 2, local router ID is 10.0.4.4
Network Next Hop Metric LocPrf Weight Path
Extended Community
Route Distinguisher: 10.0.4.4:2
*> [5]:[0]:[0]:[0.0.0.0]
10.0.4.4(proxmox1-4)
32768 i
ET:8 RT:65000:10002 Rmac:36:e3:5f:63:0e:04
..........
Displayed 8 prefixes (8 paths) (of requested type)
Code:
root@proxmox1-4:~# ip r s vrf vrf_z10002
blackhole 10.0.20.0/24 proto static metric 20
10.0.21.0/24 dev v100002 proto kernel scope link src 10.0.21.1
blackhole 10.0.22.0/24 proto static metric 20sdn.conf:
Code:
root@proxmox1-4:/etc/network/interfaces.d# cat ./sdn
#version:770
auto v100001
iface v100001
address 10.0.20.1/24
address 2001:1ab9:f002:2::4001/118
hwaddress BC:24:11:35:D0:42
bridge_ports vxlan_v100001
bridge_stp off
bridge_fd 0
mtu 1500
ip-forward on
ip6-forward on
arp-accept on
vrf vrf_z10001
auto v100002
iface v100002
address 10.0.21.1/24
hwaddress BC:24:11:A8:42:37
bridge_ports vxlan_v100002
bridge_stp off
bridge_fd 0
mtu 1500
ip-forward on
arp-accept on
vrf vrf_z10002
auto v100004
iface v100004
address 10.0.22.1/24
hwaddress BC:24:11:46:06:73
bridge_ports vxlan_v100004
bridge_stp off
bridge_fd 0
mtu 1500
ip-forward on
arp-accept on
vrf vrf_z10004
auto v100008
iface v100008
hwaddress BC:24:11:7A:20:04
bridge_ports vxlan_v100008
bridge_stp off
bridge_fd 0
mtu 1500
alias Alias-100008
vrf vrf_z10008
auto vrf_z10001
iface vrf_z10001
vrf-table auto
post-up ip route add vrf vrf_z10001 unreachable default metric 4278198272
auto vrf_z10002
iface vrf_z10002
vrf-table auto
post-up ip route del vrf vrf_z10002 unreachable default metric 4278198272
auto vrf_z10004
iface vrf_z10004
vrf-table auto
post-up ip route del vrf vrf_z10004 unreachable default metric 4278198272
auto vrf_z10008
iface vrf_z10008
vrf-table auto
post-up ip route del vrf vrf_z10008 unreachable default metric 4278198272
auto vrfbr_z10001
iface vrfbr_z10001
bridge-ports vrfvx_z10001
bridge_stp off
bridge_fd 0
mtu 1500
vrf vrf_z10001
auto vrfbr_z10002
iface vrfbr_z10002
bridge-ports vrfvx_z10002
bridge_stp off
bridge_fd 0
mtu 1500
vrf vrf_z10002
auto vrfbr_z10004
iface vrfbr_z10004
bridge-ports vrfvx_z10004
bridge_stp off
bridge_fd 0
mtu 1500
vrf vrf_z10004
auto vrfbr_z10008
iface vrfbr_z10008
bridge-ports vrfvx_z10008
bridge_stp off
bridge_fd 0
mtu 1500
vrf vrf_z10008
auto vrfvx_z10001
iface vrfvx_z10001
vxlan-id 10001
vxlan-local-tunnelip 10.0.4.4
bridge-learning off
bridge-arp-nd-suppress on
mtu 1500
auto vrfvx_z10002
iface vrfvx_z10002
vxlan-id 10002
vxlan-local-tunnelip 10.0.4.4
bridge-learning off
bridge-arp-nd-suppress on
mtu 1500
auto vrfvx_z10004
iface vrfvx_z10004
vxlan-id 100004
vxlan-local-tunnelip 10.0.4.4
bridge-learning off
bridge-arp-nd-suppress on
mtu 1500
auto vrfvx_z10008
iface vrfvx_z10008
vxlan-id 100008
vxlan-local-tunnelip 10.0.4.4
bridge-learning off
bridge-arp-nd-suppress on
mtu 1500
auto vxlan_v100001
iface vxlan_v100001
vxlan-id 200001
vxlan-local-tunnelip 10.0.4.4
bridge-learning off
bridge-arp-nd-suppress on
mtu 1500
auto vxlan_v100002
iface vxlan_v100002
vxlan-id 200002
vxlan-local-tunnelip 10.0.4.4
bridge-learning off
bridge-arp-nd-suppress on
mtu 1500
auto vxlan_v100004
iface vxlan_v100004
vxlan-id 200004
vxlan-local-tunnelip 10.0.4.4
bridge-learning off
bridge-arp-nd-suppress on
mtu 1500
auto vxlan_v100008
iface vxlan_v100008
vxlan-id 200008
vxlan-local-tunnelip 10.0.4.4
bridge-learning off
bridge-arp-nd-suppress on
mtu 1500frr.conf:
Code:
frr version 10.3.1
frr defaults datacenter
hostname proxmox1-4
log syslog informational
service integrated-vtysh-config
!
!
vrf vrf_z10001
vni 10001
exit-vrf
!
vrf vrf_z10002
vni 10002
ip route 10.0.20.0/24 null0
ip route 10.0.22.0/24 null0
ipv6 route 2001:1ab9:f002:2::4000/118 null0
exit-vrf
!
vrf vrf_z10004
vni 100004
ip route 10.0.20.0/24 null0
ip route 10.0.21.0/24 null0
ipv6 route 2001:1ab9:f002:2::4000/118 null0
exit-vrf
!
vrf vrf_z10008
vni 100008
ip route 10.0.20.0/24 null0
ip route 10.0.21.0/24 null0
ip route 10.0.22.0/24 null0
ipv6 route 2001:1ab9:f002:2::4000/118 null0
exit-vrf
!
router bgp 65000
bgp router-id 10.0.4.4
no bgp hard-administrative-reset
no bgp default ipv4-unicast
coalesce-time 1000
no bgp graceful-restart notification
neighbor VTEP peer-group
neighbor VTEP remote-as 65000
neighbor VTEP bfd
neighbor 10.0.4.1 peer-group VTEP
neighbor 10.0.4.3 peer-group VTEP
neighbor 192.168.10.1 peer-group VTEP
neighbor 10.0.7.2 peer-group VTEP
!
address-family ipv4 unicast
import vrf vrf_z10002
import vrf vrf_z10004
import vrf vrf_z10008
exit-address-family
!
address-family ipv6 unicast
import vrf vrf_z10002
import vrf vrf_z10004
import vrf vrf_z10008
exit-address-family
!
address-family l2vpn evpn
neighbor VTEP activate
neighbor VTEP route-map MAP_VTEP_IN in
neighbor VTEP route-map MAP_VTEP_OUT out
advertise-all-vni
exit-address-family
exit
!
router bgp 65000 vrf vrf_z10001
bgp router-id 10.0.4.4
no bgp hard-administrative-reset
no bgp graceful-restart notification
!
address-family ipv4 unicast
redistribute connected
exit-address-family
!
address-family ipv6 unicast
redistribute connected
exit-address-family
!
address-family l2vpn evpn
advertise ipv4 unicast
advertise ipv6 unicast
exit-address-family
exit
!
router bgp 65000 vrf vrf_z10002
bgp router-id 10.0.4.4
no bgp hard-administrative-reset
no bgp graceful-restart notification
!
address-family ipv4 unicast
redistribute connected
exit-address-family
!
address-family ipv6 unicast
redistribute connected
exit-address-family
!
address-family l2vpn evpn
default-originate ipv4
default-originate ipv6
exit-address-family
exit
!
router bgp 65000 vrf vrf_z10004
bgp router-id 10.0.4.4
no bgp hard-administrative-reset
no bgp graceful-restart notification
!
address-family ipv4 unicast
redistribute connected
exit-address-family
!
address-family ipv6 unicast
redistribute connected
exit-address-family
!
address-family l2vpn evpn
default-originate ipv4
default-originate ipv6
exit-address-family
exit
!
router bgp 65000 vrf vrf_z10008
bgp router-id 10.0.4.4
no bgp hard-administrative-reset
no bgp graceful-restart notification
!
address-family ipv4 unicast
redistribute connected
exit-address-family
!
address-family ipv6 unicast
redistribute connected
exit-address-family
!
address-family l2vpn evpn
default-originate ipv4
default-originate ipv6
exit-address-family
exit
!
ip prefix-list only_default seq 1 permit 0.0.0.0/0
!
ipv6 prefix-list only_default_v6 seq 1 permit ::/0
!
route-map MAP_VTEP_IN deny 1
match ip address prefix-list only_default
exit
!
route-map MAP_VTEP_IN deny 2
match ipv6 address prefix-list only_default_v6
exit
!
route-map MAP_VTEP_IN deny 3
match ip address prefix-list only_default
exit
!
route-map MAP_VTEP_IN deny 4
match ipv6 address prefix-list only_default_v6
exit
!
route-map MAP_VTEP_IN deny 5
match ip address prefix-list only_default
exit
!
route-map MAP_VTEP_IN deny 6
match ipv6 address prefix-list only_default_v6
exit
!
route-map MAP_VTEP_IN permit 7
exit
!
route-map MAP_VTEP_OUT permit 1
exit
!
line vty
!
Last edited:
