virtual router: Add route-maps to BGP peers for Routed Mode #9964

wido · 2024-11-22T15:53:39Z

It is best practice, and mandatory in newer version of FRR, that route-maps should be applied to BGP peers. This is to prevent that mistakes can propogate through a network and cause outages.

This change changes the route-maps where the VR will only accept IPv4 and IPv4 default gateways (0.0.0.0/0 and ::/0) to be sent by the upstream router to the VR.

The other way around this change makes sure that FRR will not allow announcing anything else than the locally defined subnets to the upstream BGP router.

codecov · 2024-11-22T16:02:53Z

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 17.76%. Comparing base (5385783) to head (70b6cb4).

Additional details and impacted files

@@            Coverage Diff            @@
##               main    #9964   +/-   ##
=========================================
  Coverage     17.76%   17.76%           
- Complexity    15859    15863    +4     
=========================================
  Files          5923     5923           
  Lines        530606   530606           
  Branches      64835    64835           
=========================================
+ Hits          94251    94277   +26     
+ Misses       425810   425783   -27     
- Partials      10545    10546    +1

Flag	Coverage Δ
uitests	`3.59% <ø> (ø)`
unittests	`18.85% <ø> (+<0.01%)`	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

weizhouapache · 2024-11-24T15:39:24Z

thanks @wido !

weizhouapache · 2024-11-24T15:39:31Z

@blueorangutan package

blueorangutan · 2024-11-24T15:40:04Z

@weizhouapache a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

blueorangutan · 2024-11-24T16:47:43Z

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 11599

weizhouapache · 2024-11-25T07:51:45Z

@blueorangutan test ubuntu24 kvm-ubuntu24

blueorangutan · 2024-11-25T07:54:04Z

@weizhouapache a [SL] Trillian-Jenkins test job (ubuntu24 mgmt + kvm-ubuntu24) has been kicked to run smoke tests

blueorangutan · 2024-11-25T23:28:50Z

[SF] Trillian test result (tid-11794)
Environment: kvm-ubuntu24 (x2), Advanced Networking with Mgmt server u24
Total time taken: 54170 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr9964-t11794-kvm-ubuntu24.zip
Smoke tests completed. 139 look OK, 2 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
test_oobm_background_powerstate_sync	`Failure`	20.83	test_outofbandmanagement.py
test_oobm_enabledisable_across_clusterzones	`Error`	38.04	test_outofbandmanagement.py
test_oobm_issue_power_cycle	`Error`	19.81	test_outofbandmanagement.py
test_oobm_issue_power_off	`Error`	19.77	test_outofbandmanagement.py
test_oobm_issue_power_on	`Error`	19.80	test_outofbandmanagement.py
test_oobm_issue_power_reset	`Error`	19.84	test_outofbandmanagement.py
test_oobm_issue_power_soft	`Error`	19.80	test_outofbandmanagement.py
test_oobm_issue_power_status	`Error`	18.79	test_outofbandmanagement.py
test_oobm_multiple_mgmt_server_ownership	`Failure`	28.12	test_outofbandmanagement.py
test_oobm_zchange_password	`Error`	7.45	test_outofbandmanagement.py
test_hostha_kvm_host_degraded	`Error`	12.65	test_hostha_kvm.py
test_hostha_kvm_host_fencing	`Error`	10.14	test_hostha_kvm.py
test_hostha_kvm_host_recovering	`Error`	10.41	test_hostha_kvm.py

weizhouapache · 2024-11-30T07:57:10Z

@blueorangutan package

blueorangutan · 2024-11-30T07:58:03Z

@weizhouapache a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

blueorangutan · 2024-11-30T08:44:57Z

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 11666

weizhouapache

code lgtm

need testing

rajujith · 2026-01-13T05:31:37Z

@wido Since this is for the 4.22.1 release, could you retarget the PR to the 4.22 branch?

It is best practice, and mandatory in newer version of FRR, that route-maps should be applied to BGP peers. This is to prevent that mistakes can propogate through a network and cause outages. This change changes the route-maps where the VR will only accept IPv4 and IPv4 default gateways (0.0.0.0/0 and ::/0) to be sent by the upstream router to the VR. The other way around this change makes sure that FRR will not allow announcing anything else than the locally defined subnets to the upstream BGP router.

wido · 2026-01-13T11:58:23Z

@wido Since this is for the 4.22.1 release, could you retarget the PR to the 4.22 branch?

When I change the branch to 4.22 a lot of commits seem to break. I'm fine with putting this into main.

wido added component:virtual-router component:networking labels Nov 22, 2024

wido requested a review from weizhouapache November 22, 2024 15:53

boring-cyborg bot added the Python Warning... Python code Ahead! label Nov 22, 2024

alexandremattioli approved these changes Dec 3, 2024

View reviewed changes

weizhouapache approved these changes Dec 3, 2024

View reviewed changes

weizhouapache self-assigned this Dec 3, 2024

weizhouapache added the status:needs-testing label Dec 3, 2024

sureshanaparti added this to the 4.21.0 milestone Jun 5, 2025

sureshanaparti added this to Apache CloudStack 4.21.0 Jun 5, 2025

sureshanaparti moved this to In Progress in Apache CloudStack 4.21.0 Jul 14, 2025

weizhouapache modified the milestones: 4.21.0, 4.22.0 Aug 29, 2025

sureshanaparti removed this from Apache CloudStack 4.21.0 Aug 29, 2025

sureshanaparti added this to Apache CloudStack 4.22.0 Aug 29, 2025

sureshanaparti moved this to In Progress in Apache CloudStack 4.22.0 Aug 29, 2025

harikrishna-patnala modified the milestones: 4.22.0, 4.22.1 Nov 12, 2025

harikrishna-patnala removed this from Apache CloudStack 4.22.0 Nov 12, 2025

rajujith added this to Apache CloudStack 4.22.1 Jan 5, 2026

sureshanaparti moved this to In Progress in Apache CloudStack 4.22.1 Jan 7, 2026

wido force-pushed the frr-conf-virtual-router branch from 14e27de to 70b6cb4 Compare January 13, 2026 11:56

wido changed the base branch from main to 4.22 January 13, 2026 11:56

boring-cyborg bot added component:agent component:api component:build component:integration labels Jan 13, 2026

wido changed the base branch from 4.22 to main January 13, 2026 11:57

DaanHoogland removed this from Apache CloudStack 4.22.1 Jan 13, 2026

DaanHoogland modified the milestones: 4.22.1, 4.23.0 Jan 13, 2026

virtual router: Add route-maps to BGP peers for Routed Mode #9964

Are you sure you want to change the base?

virtual router: Add route-maps to BGP peers for Routed Mode #9964

Conversation

wido commented Nov 22, 2024

Uh oh!

codecov bot commented Nov 22, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

weizhouapache commented Nov 24, 2024

Uh oh!

weizhouapache commented Nov 24, 2024

Uh oh!

blueorangutan commented Nov 24, 2024

Uh oh!

blueorangutan commented Nov 24, 2024

Uh oh!

weizhouapache commented Nov 25, 2024

Uh oh!

blueorangutan commented Nov 25, 2024

Uh oh!

blueorangutan commented Nov 25, 2024

Uh oh!

weizhouapache commented Nov 30, 2024

Uh oh!

blueorangutan commented Nov 30, 2024

Uh oh!

blueorangutan commented Nov 30, 2024

Uh oh!

weizhouapache left a comment

Choose a reason for hiding this comment

Uh oh!

rajujith commented Jan 13, 2026

Uh oh!

wido commented Jan 13, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

8 participants

codecov bot commented Nov 22, 2024 •

edited

Loading