Hello,
I’m new here, and also I’m not so expert in some network subjects, but I’m using vyos in this version: VyOS 1.4.0-epa2+onedr0p.2 that is connected to 3 proxmox servers in the same network segment, and they integrate a EVPN network. My setup is having multi tenant cluster, but my problem is that I receive correctly the BGP routes of the tenant VMs, but when I create a new VRF to create a new tenant and associate a route table, this BGP routes disappear from the from the first tenant. However, if I issue all the commands required to create both tenants, I have all the BGP routes of both tenants on each VRF on the vyos router. Below is my configuration, and also the commands I use to create each VRF (I appologize for long text):
interfaces {
bridge br5000 {
description tenantA
member {
interface vxlan5000 {
}
}
vrf tenantA
}
bridge br5002 {
description tenantB
member {
interface vxlan5002 {
}
}
vrf tenantB
}
ethernet eth0 {
address 192.168.1.4/24
hw-id bc:24:11:3c:ae:d5
vrf management
}
ethernet eth1 {
address 10.2.2.8/24
description "proxmox nodes"
hw-id bc:24:11:a1:9a:4d
mtu 1600
}
ethernet eth2 {
hw-id bc:24:11:00:ff:40
}
loopback lo {
}
pseudo-ethernet peth2 {
source-interface eth2
vif 2 {
address 10.2.0.3/28
description PseudTenantA
vrf tenantA
}
}
vxlan vxlan5000 {
mtu 1550
parameters {
nolearning
}
port 4789
source-address 10.2.2.8
vni 5000
}
vxlan vxlan5002 {
mtu 1550
parameters {
nolearning
}
port 4789
source-address 10.2.2.8
vni 5002
}
}
protocols {
bgp {
address-family {
l2vpn-evpn {
advertise {
ipv4 {
unicast {
}
}
}
advertise-all-vni
}
}
neighbor 10.2.2.4 {
peer-group ibgp
}
neighbor 10.2.2.6 {
peer-group ibgp
}
neighbor 10.2.2.7 {
peer-group ibgp
}
parameters {
log-neighbor-changes
}
peer-group ibgp {
address-family {
l2vpn-evpn {
}
}
remote-as 64512
update-source eth1
}
system-as 64512
}
}
service {
ntp {
allow-client {
address 0.0.0.0/0
address ::/0
}
server time1.vyos.net {
}
server time2.vyos.net {
}
server time3.vyos.net {
}
}
ssh {
vrf management
}
}
system {
config-management {
commit-revisions 100
}
conntrack {
modules {
ftp
h323
nfs
pptp
sip
sqlnet
tftp
}
}
console {
device ttyS0 {
speed 115200
}
}
host-name R6
login {
user vyos {
authentication {
encrypted-password ****************
plaintext-password ****************
}
}
}
name-server 192.168.1.5
syslog {
global {
facility all {
level info
}
facility local7 {
level debug
}
}
}
}
vrf {
name management {
table 100
}
name tenantA {
protocols {
bgp {
address-family {
ipv4-unicast {
redistribute {
connected {
}
static {
}
}
}
l2vpn-evpn {
advertise {
ipv4 {
unicast {
}
}
}
}
}
system-as 64512
}
static {
route 0.0.0.0/0 {
next-hop 10.2.0.1 {
}
}
}
}
table 5000
vni 5000
}
name tenantB {
protocols {
bgp {
address-family {
ipv4-unicast {
redistribute {
connected {
}
static {
}
}
}
l2vpn-evpn {
advertise {
ipv4 {
unicast {
}
}
}
}
}
system-as 64512
}
}
table 5002
vni 5002
}
}
set interfaces ethernet eth1 address 10.2.2.8/24
set interfaces ethernet eth1 description 'proxmox nodes'
set interfaces ethernet eth1 mtu 1600
set protocols bgp address-family l2vpn-evpn advertise ipv4 unicast
set protocols bgp address-family l2vpn-evpn advertise-all-vni
set protocols bgp system-as 64512
set protocols bgp neighbor 10.2.2.4 peer-group ibgp
set protocols bgp neighbor 10.2.2.6 peer-group ibgp
set protocols bgp neighbor 10.2.2.7 peer-group ibgp
set protocols bgp parameters log-neighbor-changes
set protocols bgp peer-group ibgp address-family l2vpn-evpn
set protocols bgp peer-group ibgp remote-as 64512
set protocols bgp peer-group ibgp update-source eth1
set protocols bgp parameters router-id '10.2.2.8'
set interfaces vxlan vxlan5000 mtu 1550
set interfaces vxlan vxlan5000 parameters nolearning
set interfaces vxlan vxlan5000 port 4789
set interfaces vxlan vxlan5000 source-address 10.2.2.8
set interfaces vxlan vxlan5000 vni 5000
set vrf name tenantA
set vrf name tenantA protocols bgp address-family ipv4-unicast redistribute connected
set vrf name tenantA protocols bgp address-family l2vpn-evpn advertise ipv4 unicast
set vrf name tenantA protocols bgp system-as 64512
set vrf name tenantA protocols bgp address-family ipv4-unicast redistribute static
set vrf name tenantA table 5000
set vrf name tenantA vni 5000
set interfaces bridge br5000 description tenantA
set interfaces bridge br5000 member interface vxlan5000
set interfaces bridge br5000 vrf tenantA
set interfaces vxlan vxlan5002 mtu 1550
set interfaces vxlan vxlan5002 parameters nolearning
set interfaces vxlan vxlan5002 port 4789
set interfaces vxlan vxlan5002 source-address 10.2.2.8
set interfaces vxlan vxlan5002 vni 5002
set vrf name tenantB
set vrf name tenantB protocols bgp address-family ipv4-unicast redistribute connected
set vrf name tenantB protocols bgp address-family l2vpn-evpn advertise ipv4 unicast
set vrf name tenantB protocols bgp system-as 64512
set vrf name tenantB protocols bgp address-family ipv4-unicast redistribute static
set vrf name tenantB table 5002
set vrf name tenantB vni 5002
set interfaces bridge br5002 description tenantB
set interfaces bridge br5002 member interface vxlan5002
set interfaces bridge br5002 vrf tenantB