In the ever-evolving landscape of network virtualization, Ethernet VPN (EVPN) and Virtual Extensible LAN (VXLAN) have emerged as powerful technologies for creating scalable and efficient network overlays. EVPN, combined with VXLAN, offers robust support for multi-tenancy and simplifies the management of large, complex networks. In this guide, we'll walk through the process of setting up EVPN on Proxmox SDN, leveraging the advanced features of Proxmox VE to create a flexible and resilient network infrastructure.
Understanding EVPN and VXLAN
What is EVPN?
Ethernet VPN (EVPN) is a modern control plane technology designed to carry Layer 2 Ethernet traffic over a wide area network (WAN) using protocols such as BGP (Border Gateway Protocol). EVPN provides efficient MAC address learning and distribution, reducing the need for traditional flooding mechanisms and enhancing scalability. It supports advanced features like active-active multihoming, MAC mobility, and ARP suppression, making it ideal for multi-tenant environments.
What is VXLAN?
Virtual Extensible LAN (VXLAN) is a network virtualization technology that encapsulates Layer 2 Ethernet frames within Layer 3 UDP packets. This encapsulation allows for the creation of virtual networks that can span large Layer 3 networks, enabling greater scalability and flexibility. VXLAN uses a 24-bit segment ID, known as the VXLAN Network Identifier (VNI), to uniquely identify each virtual network, supporting up to 16 million unique VNIs.
Setting Up EVPN on Proxmox SDN
To harness the power of EVPN and VXLAN in your Proxmox environment, follow these steps to set up EVPN on Proxmox SDN.
Prerequisites
- Proxmox VE 8.1 or later: Ensure you are running Proxmox VE 8.1 or later, as the core SDN packages are installed by default.
- FRRouting: Install the frr-pythontools package on all nodes for advanced routing setups.
- Network Configuration: Ensure your network interfaces are correctly configured and the ifupdown2 package is installed.
Step-by-Step Guide
1. Install Required Packages
If upgrading from an older version, install the necessary packages:
apt update apt install libpve-network-perl frr-pythontools dnsmasq
Ensure the following line is present at the end of /etc/network/interfaces on all nodes:
source /etc/network/interfaces.d/*
2. Configure FRRouting
Configure FRRouting by editing /etc/frr/frr.conf on each node. Ensure the BGP router ID and neighbors are correctly set up:
interface lo ip address 172.16.0.1/32 ip router openfabric 1 openfabric passive router bgp 65000 bgp router-id 172.16.0.1 no bgp hard-administrative-reset no bgp graceful-restart notification no bgp default ipv4-unicast coalesce-time 1000 neighbor VTEP peer-group neighbor VTEP remote-as 65000 neighbor VTEP bfd neighbor 172.16.0.2 peer-group VTEP neighbor 172.16.0.3 peer-group VTEP router bgp 65000 vrf vrf_evpnPRD bgp router-id 172.16.0.1 no bgp hard-administrative-reset no bgp graceful-restart notification exit
3. Create an EVPN Controller
- Open the Proxmox Admin web UI.
- Navigate to Datacenter > SDN > Options.
- Add an EVPN Controller with the following details:
- ID: myevpnctl
- ASN: 65000 (use a private ASN not already in use)
- Peers: 192.168.0.1, 192.168.0.2, 192.168.0.3 (IP addresses of your nodes)
4. Create an EVPN Zone
- In the Proxmox Admin web UI, go to Datacenter > SDN > Zones.
- Add an EVPN zone with the following details:
- ID: evpnPRD
- Controller: myevpnctl
- VRF-VXLAN Tag: 10000
- MTU: auto (adjust according to your NIC's MTU)
5. Create a VXLAN VNet
- In the Proxmox Admin web UI, navigate to Datacenter > SDN > VNets.
- Add a VNet with the following details:
- Name: vxnet1
- Zone: evpnPRD
- Tag: 10500 (VXLAN ID)
6. Add Subnets within Your VXLAN VNet
- Follow the Proxmox SDN documentation to add subnets to your VNet.
- Ensure you do not configure any related VNet's subnet gateway if you don't want Proxmox to handle outgoing traffic directly.
7. Apply SDN Changes
- In the Proxmox Admin web UI, go to Datacenter > SDN.
- Click on Apply to propagate the changes across all nodes.
8. Verify Configuration
- Ensure the EVPN and VXLAN configurations are correctly applied.
- Check the status of the BGP sessions and routing tables using FRRouting commands:
vtysh -c "show bgp summary" vtysh -c "show evpn vni"
Conclusion
Setting up EVPN on Proxmox SDN involves configuring the necessary packages, setting up FRRouting, and creating EVPN controllers and zones through the Proxmox web interface. This setup allows for scalable and efficient network overlays, making it suitable for complex and multi-tenant environments. By leveraging the advanced features of EVPN and VXLAN, you can create a flexible and resilient network infrastructure that meets the demands of modern data centers and cloud environments.
By following this guide, you'll be well on your way to harnessing the full potential of EVPN and VXLAN in your Proxmox SDN setup, ensuring a robust and scalable network for your virtualized environments.