[FROG] Setting defaults for autodetected VRFs/VxLANx

Eugene Crosser crosser at average.org
Mon Jul 15 06:13:40 EDT 2019


Hello all,

we are trying use BGP-EVPN + VRF on Linux in L3 mode. For each VPN
instance, we add two snippets into the FRR configuration:

Snippet 1:
====
vrf <vrf-iface-name>
  vni <vni> prefix-routes-only
exit-vrf
====

Snippet 2:
====
router bgp 64512 vrf <vrf-iface-name>
  bgp router-id 169.254.0.1
  !
  address-family ipv4 unicast
    redistribute kernel
  exit-address-family
  !
  address-family l2vpn evpn
    advertise ipv4 unicast
  exit-address-family
====

Our use case requires dynamic creation and removal of VRF instances on
demand. I understand that FRRouting can autodetect VRF+VxLAN interface
groups that are already present in the system and start serving them,
but only as "classic" L2VPNs.

My question is: should it be made possible (or maybe it is already
possible?) to set default attributes for VRF/EVPNs that FRR autodetects?
So that one could add something like this just once:

====
vrf DEFAULT
  vni AUTODETECT prefix-routes-only
exit-vrf
====
====
router bgp 64512 vrf DEFAULT
  bgp router-id 169.254.0.1
  !
  address-family ipv4 unicast
    redistribute kernel
  exit-address-family
  !
  address-family l2vpn evpn
    advertise ipv4 unicast
  exit-address-family
====

and then all newly created VRF+VxLAN groups would be automatically
picked up by FRR and configured as L3 EVPNs, without the need to rewrite
configuration file and restart the daemon.

Does this make sense or am I missing something?

On a related note, I understand that currently FRR can fetch FDB only
from 'bridge' interfaces, but not directly from VxLAN interfaces. So
VxLAN interface cannot be directly enslaved into the VRF interface, but
instead we have to add an intermediate bridge: "vrfXX---brXX---vxlanXX".
(while client interfaces are directly enslaved into the VRF interface).
In such setup, 'br' interface seems unnecessary. Should it be made
possible to avoid this redundant 'br' interface?

Thank you, and don't get too angry if I am messing things up: I am
pretty new to this.

Eugene

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.frrouting.org/pipermail/frog/attachments/20190715/2c305c1a/attachment.sig>


More information about the frog mailing list