rc/network
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

exit: work around Cumulus FRR issues

Browse source 
Not sure if it works or if the issue has been fixed in Cumulus 5.14.
Doesn’t harm so let’s leave it.

See: https://docs.nvidia.com/networking-ethernet-software/cumulus-linux-514/Whats-New/rn/#4548512
This commit is contained in:
Timotej Lazar 2025-10-06 17:02:06 +02:00
parent beaa977e21
commit 2c93cab682
1 changed files with 16 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

19
roles/exit/templates/frr.conf.j2
View file

@ -100,7 +100,7 @@ router bgp {{ asn.asn }} vrf outside
{% endfor %} {% endfor %}
redistribute static redistribute static
redistribute connected redistribute connected route-map ifaces-outside
import vrf default import vrf default
import vrf route-map outside-import import vrf route-map outside-import
exit-address-family exit-address-family
@ -122,7 +122,7 @@ router bgp {{ asn.asn }} vrf outside
{% endfor %} {% endfor %}
redistribute static redistribute static
redistribute connected redistribute connected route-map ifaces-outside
import vrf default import vrf default
import vrf route-map outside-import import vrf route-map outside-import
exit-address-family exit-address-family
@ -177,7 +177,7 @@ router bgp {{ asn.asn }} vrf {{ vrf.name }}
{% for family in ['ipv4', 'ipv6'] %} {% for family in ['ipv4', 'ipv6'] %}
address-family {{ family }} unicast address-family {{ family }} unicast
redistribute connected redistribute connected route-map ifaces-{{ vrf.name }}
import vrf inside import vrf inside
{% if vrf.custom_fields.imports %} {% if vrf.custom_fields.imports %}
{% for import in vrf.custom_fields.imports %} {% for import in vrf.custom_fields.imports %}
@ -268,6 +268,19 @@ route-map loopback-inside permit 1
route-map loopback-outside permit 1 route-map loopback-outside permit 1
match interface outside match interface outside
# Route maps for local interfaces for each inside VRF. These are used to
# prevent individual tenant VRFs from redistributing routes from virtual
# ("-v0") interfaces into the common inside VRF. These routes don’t work.
# For each VRF, a route map ifaces-vrf is defined that only permits bridge.*
# interfaces in that VRF. Not sure if this actually helps, but doesn’t hurt.
# Probably related to Cumulus issues 4531952, 4548512 and/or 4548514.
{% for vrf in vrfs.values() %}
{% for vlan_id in vrf_prefixes | selectattr('vrf.id', '==', vrf.id) | map(attribute='vlan.vid') | sort | unique %}
route-map ifaces-{{ vrf.name }} permit {{ loop.index }}
match interface bridge.{{ vlan_id }}
{% endfor %}
{% endfor %}
# Route maps for importing between VRFs. # Route maps for importing between VRFs.
route-map default-import permit 10 route-map default-import permit 10
match ip address prefix-list default match ip address prefix-list default