From 064a2ec959dce67758df1f00557e24c9c12da50b Mon Sep 17 00:00:00 2001 From: Philippe Guibert Date: Sat, 15 Aug 2020 07:54:26 -0700 Subject: [PATCH] doc: add some documentation about bgp evpn netns support a linux configuration gives some explanation on how to set up an evpn overlay in network namespaces. Signed-off-by: Philippe Guibert --- doc/user/bgp.rst | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/doc/user/bgp.rst b/doc/user/bgp.rst index b1a7607d97..b580302128 100644 --- a/doc/user/bgp.rst +++ b/doc/user/bgp.rst @@ -2543,6 +2543,26 @@ the same behavior of using same next-hop and RMAC values. Enables or disables advertise-pip feature, specifiy system-IP and/or system-MAC parameters. ++Support with VRF network namespace backend ++^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +It is possible to separate overlay networks contained in VXLAN interfaces from +underlay networks by using VRFs. VRF-lite and VRF-netns backends can be used for +that. In the latter case, it is necessary to set both bridge and vxlan interface +in the same network namespace, as below example illustrates: + +.. code-block:: shell + + # linux shell + ip netns add vrf1 + ip link add name vxlan101 type vxlan id 101 dstport 4789 dev eth0 local 10.1.1.1 + ip link set dev vxlan101 netns vrf1 + ip netns exec vrf1 ip link set dev lo up + ip netns exec vrf1 brctl addbr bridge101 + ip netns exec vrf1 brctl addif bridge101 vxlan101 + +This makes it possible to separate not only layer 3 networks like VRF-lite networks. +Also, VRF netns based make possible to separate layer 2 networks on separate VRF +instances. .. _bgp-debugging: -- 2.39.5