SDN + PowerDNS Error [api response is not a json]

F

felipemiranda

New Member
Aug 23, 2022
6
0
1
Proxmox VE 7.2-7
PowerDNS Authoritative Server 4.5.4

create sdn dns object failed: dns api error: api response is not a json at /usr/share/perl5/PVE/Network/SDN.pm line 278. (500)

Does anyone with the same error? Am I missing something?

ID: pdns01
URL: http://10.10.0.90:8081
API KEY: ******
TTL: 300
 
spirit said:
check the doc for the url

https://pve.proxmox.com/pve-docs/chapter-pvesdn.html

should be something like:

http://yourpowerdnserver.domain.com:8081/api/v1/servers/localhost



Note that currently, the ipam/dns plugin are functionnal, but it's missing code in vm/ct part to attribute ip, registere ipam/dns.
Click to expand...
Thank you Spirit, it actually worked with the right URL format, I did a test here by creating a VXLAN zone, vnet and subnet, it got registered in netbox automatically the subnet, the dns I had to manually create on powerdns.

So for now the automation to create the dns zone is not done as well as the dhcp/like to attribute the ip for the vms if I understood correctly, is that right?

Is there a place so I can check the roadmap of SDN?

Sorry, but I'm new to proxmox and networking things specially SDN. I'm trying to achieve on a proxmox cluster something like a VPC, where each client/user will have their own private network.

Best Regards,
Felipe Miranda
 
felipemiranda said:
Thank you Spirit, it actually worked with the right URL format, I did a test here by creating a VXLAN zone, vnet and subnet, it got registered in netbox automatically the subnet, the dns I had to manually create on powerdns.
Click to expand...
yes, currently the subnet && gateway is registered in ipam and dns for the gatway.

felipemiranda said:
So for now the automation to create the dns zone is not done as well as the dhcp/like to attribute the ip for the vms if I understood correctly, is that right?

Is there a place so I can check the roadmap of SDN?
Click to expand...
yes, it's on the roadmap at least for static ip. (dhcp will coming later).

The plan is for vm/ct, when you choose a vnet, a free avaiable ip will be find in the subnet and allocated in the vm. (you can also ofcourse choose manually an specific ip).

Then it'll be registered in ipam/dns , and configured in CT or vm(through cloudinit).

I have already send patch to the dev mailing list some months ago, but they are some changed needed in cloudinit first.

So I hope it'll be ready for the end of the year.

felipemiranda said:
Sorry, but I'm new to proxmox and networking things specially SDN. I'm trying to achieve on a proxmox cluster something like a VPC, where each client/user will have their own private network.
Click to expand...

No problem. You'll be able to do a vpc with vxlan, you just need to allocate ips manually for now.
 
Hi thank you so much for you time to answer my thread. I was playing yesterday with VXLAN but could not get it working. When I set a vm with vnet it can ping the gateway.

ZONE:
ID: zone1
Type: VXLAN
IPAN: Netbox

VNET:
ID: vnet1
Zone: zone1
Tag: 1000

SUBNETS:
ID: 192.168.100.0/24
Gateway: 192.168.100.1

VM:
Static IP: 192.168.100.2

Can you help me understand what I am doing wrong here?

Best Regards,
Felipe Miranda
 
felipemiranda said:
Hi thank you so much for you time to answer my thread. I was playing yesterday with VXLAN but could not get it working. When I set a vm with vnet it can ping the gateway.

ZONE:
ID: zone1
Type: VXLAN
IPAN: Netbox

VNET:
ID: vnet1
Zone: zone1
Tag: 1000

SUBNETS:
ID: 192.168.100.0/24
Gateway: 192.168.100.1

VM:
Static IP: 192.168.100.2

Can you help me understand what I am doing wrong here?

Best Regards,
Felipe Miranda
Click to expand...
Note that the gateway defined in subnet, don't do nothing currently, for simple vxlan tunnel. (It'll be used later when ipam will be plugged in vm code).

The gateway is only used/deployed with bgp-evpn plugin, where you have routed vxlan, with the anycast gateway is deployed on hypervisors.


I don't known which setup you want to do exactly ?
 
spirit said:
Note that the gateway defined in subnet, don't do nothing currently, for simple vxlan tunnel. (It'll be used later when ipam will be plugged in vm code).

The gateway is only used/deployed with bgp-evpn plugin, where you have routed vxlan, with the anycast gateway is deployed on hypervisors.


I don't known which setup you want to do exactly ?
Click to expand...
I Have a Dell R200 running pfSense with 2 WAN and one LAN, which is connected to a Mikrotik Switch that distribute the LAN/VLANs. Then I have 5 HP Proliant nodes with Proxmox installed.

I would like to have somewhat a VPC for each user of my cluster, so i can isolate traffic for each user, and they should be able to have their own internal network and subnets like public/private subnets, they will have their own dhcp/internal dns. What I want is to have something similar to AWS VPC or Digital Ocean VPC.

Best Regards,
Felipe Miranda
 
felipemiranda said:
I Have a Dell R200 running pfSense with 2 WAN and one LAN, which is connected to a Mikrotik Switch that distribute the LAN/VLANs. Then I have 5 HP Proliant nodes with Proxmox installed.

I would like to have somewhat a VPC for each user of my cluster, so i can isolate traffic for each user, and they should be able to have their own internal network and subnets like public/private subnets, they will have their own dhcp/internal dns. What I want is to have something similar to AWS VPC or Digital Ocean VPC.

Best Regards,
Felipe Miranda
Click to expand...
for the private subnet, you can use vxlan zone or evpn zones . (think like 1 zone = 1vpc). with vxlan zone, you can communicate between 2 vnets in the same zones, as they are no routed. With evpn zone, you can communicate between 2 vnets in the same zone.

Now for the public subnets:

a) Do you want to use public address inside your vms ? b) or do you have some kind of nat/firewall in front of them ?

a) if you want to use public address directly inside the vms, you need to use evpn zones, and configure inside this zones 1 or 2 hypervisor as exit-nodes. (as mikrotik don't support evpn currently). The exit-node route between vxlan/evpn network subnet to your mikrotik router.

b) if you use some kind of vm firewall, you could create a vm with 1 interface in vlan with public ip, and 1 interface in the vnets/vxlan.
 
Hi spirit,

I could not yet get this working, but I did notice that even after I delete everything in the SDN menu including the BGP, my syslog is flooding with this message:

Sep 06 15:43:35 pve-srv-004 bgpd[957]: [MJ4D6-VBJKV][EC 33554454] 10.10.0.51 [Error] bgp_read_packet error: Connection reset by peer
Sep 06 15:43:35 pve-srv-004 bgpd[957]: [MJ4D6-VBJKV][EC 33554454] 10.10.0.52 [Error] bgp_read_packet error: Connection reset by peer
Sep 06 15:43:35 pve-srv-004 bgpd[957]: [MJ4D6-VBJKV][EC 33554454] 10.10.0.50 [Error] bgp_read_packet error: Connection reset by peer
Sep 06 15:43:45 pve-srv-004 bgpd[957]: [MJ4D6-VBJKV][EC 33554454] 10.10.0.51 [Error] bgp_read_packet error: Connection reset by peer
Sep 06 15:43:45 pve-srv-004 bgpd[957]: [MJ4D6-VBJKV][EC 33554454] 10.10.0.52 [Error] bgp_read_packet error: Connection reset by peer
Sep 06 15:43:45 pve-srv-004 bgpd[957]: [MJ4D6-VBJKV][EC 33554454] 10.10.0.50 [Error] bgp_read_packet error: Connection reset by peer

How can I get rid off those messages?
 
felipemiranda said:
Hi spirit,

I could not yet get this working, but I did notice that even after I delete everything in the SDN menu including the BGP, my syslog is flooding with this message:

Sep 06 15:43:35 pve-srv-004 bgpd[957]: [MJ4D6-VBJKV][EC 33554454] 10.10.0.51 [Error] bgp_read_packet error: Connection reset by peer
Sep 06 15:43:35 pve-srv-004 bgpd[957]: [MJ4D6-VBJKV][EC 33554454] 10.10.0.52 [Error] bgp_read_packet error: Connection reset by peer
Sep 06 15:43:35 pve-srv-004 bgpd[957]: [MJ4D6-VBJKV][EC 33554454] 10.10.0.50 [Error] bgp_read_packet error: Connection reset by peer
Sep 06 15:43:45 pve-srv-004 bgpd[957]: [MJ4D6-VBJKV][EC 33554454] 10.10.0.51 [Error] bgp_read_packet error: Connection reset by peer
Sep 06 15:43:45 pve-srv-004 bgpd[957]: [MJ4D6-VBJKV][EC 33554454] 10.10.0.52 [Error] bgp_read_packet error: Connection reset by peer
Sep 06 15:43:45 pve-srv-004 bgpd[957]: [MJ4D6-VBJKV][EC 33554454] 10.10.0.50 [Error] bgp_read_packet error: Connection reset by peer

How can I get rid off those messages?
Click to expand...
mmm, I'm not sure, but maybe the /etc/frr/frr.conf is not delete if you delete the zone/controller.

you can delete the file && stop frr service.

(thanks for the report, I'll try to look at this)
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back