Change MikroTik RouterOS queue type

Create a new queue type

/queue type add name=fq-codel-ethernet-default kind=fq-codel fq-codel-ecn=no

Change the queue type of all wired interfaces

/queue interface set [find default-queue=only-hardware-queue] queue=fq-codel-ethernet-default

Verify the queue type was changed

/queue/interface/print where default-queue=only-hardware-queue

Wireless interfaces defaults to wireless-default and virtual interfaces defaults to `no-queue. These interface queues can be confirmed with.

/queue/interface/print where default-queue!=only-hardware-queue

Sources: [1]

The BGP Multi-Exit Discriminator (MED) Saga « ipSpace.net blog

Martijn Van Overbeek left this comment on my LinkedIn post announcing the BGP MED lab: It might be fixed, but I can recall in the past that there was a lot of quirkiness in multi-vendor environments, especially in how different vendors use it and deal with the setting when the attribute does exist or does not have to exist. TL&DR: He’s right. It has been fixed (mostly), but the nerd knobs never went away. In case you’re wondering about the root cause, it was the vagueness of RFC 1771. Now for the full story 😉

Source: The BGP Multi-Exit Discriminator (MED) Saga « ipSpace.net blog

Temporary postpone upgrading OpenZFS to 2.2.0 – 2.2.1 when upgrading to Proxmox 8.1

Add the following pinning rule for APT to pin proxmox to the 2.1.x branch of OpenZFS.

cat << EOF > /etc/apt/preferences.d/zfs
# Hold back on upgrading to OpenZFS 2.2.* due to a bug currently being investigated in 2.1.4*, 2.2.1* – 2023-11-25
Package: zfs-initramfs zfs-zed zfsutils-linux libzfs4linux libzpool5linux
Pin: version 2.1.13*
Pin-Priority: 900
EOF

Remember to remove the rule when Proxmox confirms the issues reported (and suspected) plaguing OpenZFS releases 2.2.0 – 2.2.1 are confirmed resolved.

Edit 2023-12-01: A fix has been released. https://www.phoronix.com/news/OpenZFS-2.2.2-Released

EVPN Learning Ressources – WIP

Table of Contents

RFC’s

Drafts

YouTube

Playlists

Routing Daemons

Linux Hypervisors

Commercial Vendors

Blog Posts

Side notes

VXLAN Packet

PBB Packet Format

EVPN-VXLAN (MAC-VRF) Routing Instance

Interfaces

interfaces {
  apply-groups [ interfaces-100g interfaces-10g interfaces-1g ];

  et-0/0/24 {
    apply-groups [ ESI-PORT ];
    apply-groups-except MTU-VXLAN;

    description "Internal: to sw2.et-0/0/51";
    mtu 9216;
    gigether-options {
      fec fec91;
    }
    flexible-vlan-tagging;
    encapsulation flexible-ethernet-services;

    esi {
      00:11:11:11:11:11:11:11:11:10;
    }
    unit 1850 {
      encapsulation vlan-bridge;
      vlan-id 1850;
    }
    unit 1851 {
      encapsulation vlan-bridge;
      vlan-id 1851;
    }
    unit 1852 {
      encapsulation vlan-bridge;
      vlan-id 1852;
    }
    unit 1853 {
      encapsulation vlan-bridge;
      vlan-id 1853;
    }
  }
}

Routing Instance

routing-instances {
  evpn-100 {
    instance-type mac-vrf;
    protocols {
      evpn {
        encapsulation vxlan;
        extended-vni-list all;
      }
    }
    vtep-source-interface lo0.0;
    service-type vlan-aware;

    route-distinguisher 10.255.252.0:100;
    vrf-import IMPORT-POLICY-100;
    vrf-target target:64999:100;

    vlans {
      bd-100-1850 {
        vlan-id 1850;
        interface et-0/0/24.1850;
        vxlan {
          vni 1850;
          encapsulate-inner-vlan;
        }
      }
      bd-100-1851 {
        vlan-id 1851;
        interface et-0/0/24.1851;
        vxlan {
          vni 1851;
          encapsulate-inner-vlan;
        }
      }
      bd-100-1852 {
        vlan-id 1852;
        interface et-0/0/24.1852;
        vxlan {
          vni 1852;
          encapsulate-inner-vlan;
        }
      }
      bd-100-1853 {
        vlan-id 1853;
        interface et-0/0/24.1853;
        vxlan {
          vni 1853;
          encapsulate-inner-vlan;
        }
      }
    }
  }
}

Policies

policy-options {
  policy-statement EXPORT-POLICY-100 {
    term ROUTE-TARGET {
      then {
        community add RT100;
      }
    }
  }

  policy-statement IMPORT-POLICY-100 {
    term ROUTE-TARGET-iBGP {
      from community RT100-iBGP;
      then accept;
    }
  }

  community RT100 members [ target:65001:100 target:64999:100 ];
  community RT100-eBGP members target:65001:100;
  community RT100-iBGP members target:64999:100;
}

Groups

groups {
  ESI-PORT {
    interfaces {
      <*> {
        esi {
          all-active;
        }
      }
    }
  }

  interfaces-100g {
    <et-*> {
      description "Reserved for 100 GbE port speeds";
      disable;
    }
  }

  interfaces-10g {
    <xe-*> {
      description "Reserved for 10 GbE port speeds";
      disable;
    }
  }

  interfaces-1g {
    <ge-*> {
      description "Reserved for 1 GbE port speeds";
      disable;
    }
  }
}

Forwarding options

forwarding-options {
  evpn-vxlan {
    shared-tunnels;
  }
}

Protocols

protocols {
  l2-learning {
    decapsulate-accept-inner-vlan;
  }

  bgp {
    group ipv6-backbone {
      family evpn {
        signaling;
      }
    }

    group ipv4-backbone {
      family evpn {
        signaling;
      }
    }
  }
}

Install ifupdown2 on Debian

Install ifupdown2 from proxmox no-subscription repository for Debian 64bit

apt install --yes lsb-release wget curl

wget https://enterprise.proxmox.com/debian/proxmox-release-$(lsb_release -sc).gpg --output-document=/etc/apt/trusted.gpg.d/proxmox-release-$(lsb_release -sc).gpg

echo "deb [arch=amd64 signedby=/etc/apt/trusted.gpg.d/proxmox-release-$(lsb_release -sc).gpg] http://download.proxmox.com/debian/pve $(lsb_release -sc) pve-no-subscription" > /etc/apt/sources.list.d/pve.list

echo "Package: *\nPin: origin \"download.proxmox.com\"\nPin-Priority: 50\n\nPackage: ifupdown2\nPin: origin \"download.proxmox.com\"\nPin-Priority: 500" > /etc/apt/preferences.d/pve

apt update

apt list --upgradeable

apt install --yes ethtool bridge-utils python3-mako ifupdown2