Hello,

This is a follow up to my previous blog regarding PVE SDN and NXOS .

Astute readers which all of you are, would have realized that in order to go across  VXLAN segments, the default gateway for each VNET is located at the PVE nodes.

This is not really a an efficient way of routing across an EVPN SDN layout. The default gateway should be local to the VTEPs in which your VNIs are located.

A way of accomplishing this, is to use the  “anycast-gateway” feature. To do this will create a SVI on the 9k, and assign it to the vrf (the L3 vrf we configured) and give it an IP address.

Looking at the configuration we have:

vlan 1,100,200,1000,2000
vlan 100
  vn-segment 31000
vlan 200
  vn-segment 41000
vlan 1000
  vn-segment 30000
vlan 2000
  vn-segment 40000

vrf context management
vrf context vrfvx_v100
  vni 30000
  rd auto
  address-family ipv4 unicast
    route-target both auto
    route-target both auto evpn
vrf context vrfvx_v200
  vni 40000
  address-family ipv4 unicast
    route-target both auto
    route-target both auto evpn

Thus we need to create a VLAN 100 and assign it to vrf vrfvx_100 and _200.

Before we do this we need to make note of the MAC addresses the PVE is giving to the VNETs we configured. This will be under the “sdn” file in the “interface.d” folder. This ensures that the gateways we create will have the same MAC addresses, so if you were to migrate a VM it will not have a conflict between ARP entries and MAC addresses on the different leaf it now resides.

In our case we will use the static method or manual MAC configuration. Another way is to use MAC aliasing.

Now we can configure both VLANS:

interface Vlan100
 no shutdown
 mac-address bc24.11e7.f432 
 vrf member vrfvx_v100
 ip address 10.100.1.1/24 
 fabric forwarding mode anycast-gateway

interface Vlan200
 no shutdown
 mac-address BC:24:11:58:A1:F9
 vrf member vrfvx_v200
 ip address 10.200.1.1/24
 fabric forwarding mode anycast-gateway

Notice that we defined the mac addresses for each VNET and then we use the any-cast gateway command.

The interfaces should be up and if the PVE allowed this you would be able to ping across VNIs. How to allow access across VNIs will be a topic for another blog.

Cheers,

Ciao.

 

Well after the series regarding integration with a Cisco 9k, I thought that we also needed something regarding Open-Source.

Well VyOS does not get any more open source than that, we will integrate a PVE cluster with a VyOS as a leaf. In addition we will use VyOS as an eBGP peer to access external clients. Read on! Continue reading “PVE SDN VyOS Integration Oh My!”

Introduction

In the final part of these series, we will integrate a Cisco 9k with a PVE cluster using the previous configurations we did setup.

Continue reading “PVE SDN NXOS Integration Oh My!”

Introduction

In part 2 we will continue with integration of a PVE cluster with a Cisco 9kv running NXOS.

Figure 1. shows the network diagram.

 We are using the 9000v as an eBGP peer for the PVE cluster. Any device that supports BGP can replace the Cisco 9k. Continue reading “PVE VXLAN NXOS Integration Continued Oh My!”

Introduction

The purpose of the following proof of concept is to demonstrate integration between Proxmox PVE and a Cisco 9000v.

PVE is a fantastic open-source virtualization environment. Recently it has gained a lot of traction in particular with the issues with VSphere licensing.

However, while I see several blogs and videos regarding it and in particular its SDN capabilities, I have not seen detail setups involving integration with other SDN devices.

This is unfortunate since the Cisco 9000 for example is very prevalent and at one point if someone decides to move to PVE, they will need to integrate Cisco or another device to it.

In any case, from the perspective of learning I think the following will be very instructional. Continue reading “PVE VXLAN NXOS Integration Oh My!”

Hello there,

It has been a while since I posted.

I decided to do DDNS on my home network using Bind9 and the ISC DHCP server.

As always you test on a lab first.

I have EVE-NG and I was running a lab with DDNS and IPV6.

I used Fedora core so to make it like my network I replaced the server with Ubuntu 20.04.

However, I run into an interesting problem.

Continue reading “DDNS IPV4, IPV6 Togetherness”

A few weeks ago, my Internet router died suddenly.

Not that much of an issue unless you use a custom box as a modem and you have your website hosted on it.

The server I was using for this was a Fedora Core 9 machine. I know an ancient OS.

The machine itself was not that old, I found about 4 years a cheap Intel 386 with ISA support so I replaced the really old server I had. I was able to migrate to the new box, I was running a hardware raid setup using an ISA card. Talk about making things complicated.

I initially tried using a virtual server to have things running quickly, I had a backup of the server running on a VMware workstation however, I could not make it a go for reasons that may merit another blog.

However, I had laying around my old media server, 4 Gb of ram and 500 GB of disk space. Too much space but that was the only thing I had. It only had one NIC but I found a USB to Ethernet dongle.

This time I decided to use HAproxy to present my website and blog and have proper SSL certs for each.

Continue reading “Cerbot, Oh My!”

You can use a Linux server as a managed bridge if you would want to.

The discerning reader would point out that this is already possible however, without spoiling the ending I will come back to this point at the end.

Keep on reading…

Continue reading “VLANs, Bridges, Managed Bridge On Linux Oh My!”

Hello there,

I have used VXLANs with EVPN using Cisco ACI and the APIC controller. While the APIC controller is great, it masks a lot of the configurations done on the spines and leaf devices.

I currently do not use VXLANS at all so I decided to circle back and reacquaint with it. However, since I decided to do this in my home office lab environment I said to myself let’s use CLI commands.

Got the lab working and it was great to a point, run into an issue that drove me crazy for quite a bit.

Continue reading “VXLAN, EVPN, NXOS and Route Targets.”

Hello there,

Recently I encountered an issue, which is rampant, and people complaint a lot about it.

All of a sudden, Chrome would not load. I was getting “Page unresponsive”.

This is happened to me once before, on my work computer Chrome become sluggish as molasses. Try a few of the things you find on the Internet, did not work.

Then as sudden as it started it went away. No explanation.

A few days ago, on my home computer Chrome started to behave that way. Nothing worked.

I started using Firefox again which was fine, this was a clue that the culprit was Chrome.

I know what you are going to say, there was a virus, blah, blah, blah.

Nope, there was no virus. Will not go onto how I was certain, I have AV plus other things and after checking there was no virus.

Finally, I decided to uninstall and reinstall Chrome. No luck.

What was one to do? Then it dawned on me. Why don’t I try the 32-bit version? Yes, you can still get it and it is not as much of a memory hog as the 64-bit version.

So, I did uninstall the 64-bit version and install the 32-bit version.

What do you know it resolved the issue, for a while it seemed that the issue was still there however after a couple of minutes Chrome started to behave normally.

Once again, I have no explanation.

Weird.

Take care.

Ciao.