Skip to content

Bird: add bgp/evpn support with vxlan and anycast gateway#3475

Open
jbemmel wants to merge 18 commits into
ipspace:devfrom
jbemmel:feature/bird-evpn
Open

Bird: add bgp/evpn support with vxlan and anycast gateway#3475
jbemmel wants to merge 18 commits into
ipspace:devfrom
jbemmel:feature/bird-evpn

Conversation

@jbemmel

@jbemmel jbemmel commented Jun 14, 2026
edited
Loading

Copy link
Copy Markdown
Collaborator

This depends on #3470 for the new 2.19.1 release

  • Adds support for evpn, vxlan and gateway (anycast) modules
  • Reusing FRR logic/scripts for VLAN and VXLAN provisioning

Couple of highlights:

  • Needed a way to sync daemon startup with Netlab running config scripts -> touches a 'done' file that the container waits for
  • Had to make frr scripts more idempotent and reusable in some places
  • Switches bird from :ns to :sh provisioning (like frr)
  • Putting bird error log on stderr so that docker logs shows it - optional
  • bird/vlan.j2 is a bash script while bird/vxlan.j2 is config, might benefit from cleaner separation (but then lookup paths need to be changed)

device-module-test: 4 new cases OK

./device-module-test -d bird -p clab evpn
Pre-test cleanup: 
* 19:53:59 evpn/01-vxlan-bridging.yml: create(ok) up(ok) config(ok) validate(ok) cleanup(ok) OK
* 19:54:26 evpn/02-vxlan-asymmetric-irb.yml: create(ok) up(ok) config(ok) validate(ok) cleanup(ok) OK
19:54:48 evpn/03-vxlan-symmetric-irb.yml: create(FAIL) 
19:54:48 evpn/04-vxlan-central-routing.yml: create(FAIL) 
19:54:49 evpn/05-vxlan-l3only.yml: create(FAIL) 
19:54:50 evpn/06-vxlan-bridging-vlan-bundle.yml: create(FAIL) 
19:54:50 evpn/10-vxlan-rr.yml: create(ok) up(FAIL) cleanup(ok)
* 19:54:52 evpn/11-vxlan-ebgp.yml: create(ok) up(ok) config(ok) validate(ok) cleanup(ok) OK
* 19:55:13 evpn/12-vxlan-ibgp-ebgp.yml: create(ok) up(ok) config(ok) validate(ok) cleanup(ok) OK
19:55:22 evpn/13-vxlan-ebgp-allowas.yml: create(FAIL) 
19:55:23 evpn/14-vxlan-ebgp-ebgp.yml: create(FAIL) 
19:55:23 evpn/15-vxlan-ebgp-unnumbered.yml: create(FAIL) 
19:55:24 evpn/20-vxlan-irb-ospf.yml: create(FAIL) 
19:55:25 evpn/21-bgp-ce-router.yml: create(FAIL) 
19:55:25 evpn/22-ospf-ce-router.yml: create(FAIL) 
19:55:26 evpn/30-cs-bridging.yml: create(FAIL) 
19:55:26 evpn/41-vxlan-ipv6-bridging.yml: create(FAIL) 
19:55:27 evpn/51-mpls-bridging.yml: create(FAIL) 
19:55:28 evpn/52-mpls-asymmetric-irb.yml: create(FAIL) 
19:55:28 evpn/53-evpn-l3only.yml: create(FAIL) 
19:55:29 evpn/54-evpn-l3vpn.yml: create(FAIL) 
19:55:29 evpn/61-sr-bridging.yml: create(FAIL)

Most failures are due to missing vrf support; 10 fails because I don't have cEOS locally

jbemmel and others added 17 commits June 13, 2026 09:01
@jbemmel @cursoragent
Add BIRD EVPN/VXLAN configuration templates.
1bf6d25 
Enable EVPN and VXLAN on the bird daemon, split L2 eth tables into a vxlan module config, and fold VXLAN interface setup into the vlan startup script.

Co-authored-by: Cursor <cursoragent@cursor.com>
@jbemmel @cursoragent
Fix BIRD EVPN/VXLAN container startup and BGP session handling.
17853b7 
Run netlab config scripts before BIRD starts, make VXLAN setup idempotent, and activate EVPN on the existing BGP session instead of a duplicate peer.

Co-authored-by: Cursor <cursoragent@cursor.com>
@jbemmel @cursoragent
Fix BIRD EVPN route reflection over EBGP sessions.
c855257 
Enable gateway recursive and next-hop keep on EBGP EVPN channels for route reflectors, and export OSPF routes into BGP so PE devices can resolve remote VTEP addresses.

Co-authored-by: Cursor <cursoragent@cursor.com>
@jbemmel @cursoragent
Inline BIRD source-build entrypoint and drop build context copy.
c62264e 
Generate the EVPN/VXLAN startup script in Dockerfile.v2_from_src.j2 so
clab build no longer needs supplemental files, and restore simple CMD
startup for package-based bird and bird.v3 images.

Co-authored-by: Cursor <cursoragent@cursor.com>
@jbemmel @cursoragent
Remove unused EXPOSE from BIRD source-build Dockerfile.
209eb66 
Containerlab connects routing protocols over lab interfaces, so Docker
port publishing is not used for BGP, OSPF, or BFD.

Co-authored-by: Cursor <cursoragent@cursor.com>
@jbemmel @cursoragent
Move BIRD VXLAN interface setup from vlan.j2 to vxlan.j2.
ce10613 
Keep VXLAN kernel setup with the vxlan module template and nest EVPN
eth-table generation under a single vxlan guard.

Co-authored-by: Cursor <cursoragent@cursor.com>
@jbemmel @cursoragent
Split BIRD VXLAN shell setup from daemon configuration.
f5345c2 
Use vxlan.j2 for kernel interface setup and vxlan@config.j2 for EVPN
eth-table generation, matching the vlan.j2 versus bgp@session pattern.

Co-authored-by: Cursor <cursoragent@cursor.com>
@jbemmel @cursoragent
Rename BIRD VXLAN daemon template to vxlan.mod.j2.
c0b88e7 
Use vxlan@mod in bird.yml to match bgp.mod.conf naming while keeping
Box-safe daemon_config keys.

Co-authored-by: Cursor <cursoragent@cursor.com>
@jbemmel @cursoragent
Fix BIRD EVPN containerlab startup and VXLAN interface ordering.
991a9b4 
Wait for netlab initial to finish before starting BIRD, create VXLAN
interfaces after VLAN bridges are ready, and keep an upstream EVPN patch
on file without applying it in the Docker build.

Co-authored-by: Cursor <cursoragent@cursor.com>
@jbemmel @cursoragent
Fix duplicate BIRD BGP protocol names in IBGP-over-EBGP labs.
e1dff3a 
Include the session type in each BGP protocol instance name so EVPN IBGP and link EBGP sessions to the same neighbor no longer collide.

Co-authored-by: Cursor <cursoragent@cursor.com>
@jbemmel @cursoragent
Revert FRR VLAN bridge MAC address setup change.
e68e756 
Set the SVI bridge MAC when the bridge is created, not on every script run.

Co-authored-by: Cursor <cursoragent@cursor.com>
@jbemmel @cursoragent
Simplify BIRD container entrypoint to wait for netlab initial only.
ebe51df 
Drop EVPN interface polling, config pre-checks, and verbose startup logging; start BIRD once the netlab-config-done marker appears.

Co-authored-by: Cursor <cursoragent@cursor.com>
@jbemmel @cursoragent
Remove redundant runtime directory creation from BIRD image.
621c9f0 
Docker creates /etc/config on file bind mounts and /var/run already exists in the base image.

Co-authored-by: Cursor <cursoragent@cursor.com>
@jbemmel @cursoragent
Inline netlab config done marker lookup in mark_config_done.
e3db717 
Remove the single-use config_done_marker helper.

Co-authored-by: Cursor <cursoragent@cursor.com>
@jbemmel @cursoragent
Stop tracking local BIRD source patches in git.
9ca1373 
Remove evpn-bridge-master.patch from the branch and gitignore the patches directory so it can stay local only.

Co-authored-by: Cursor <cursoragent@cursor.com>
@jbemmel @cursoragent
Mark clab config done only after all deploy scripts succeed.
62ba689 
Use existing deploy success/failure state instead of a separate ran_executable flag.

Co-authored-by: Cursor <cursoragent@cursor.com>
@jbemmel @cursoragent
Revert .gitignore change for local BIRD patches.
584641a 
Keep patch directory handling out of the branch; local ignores can stay uncommitted.

Co-authored-by: Cursor <cursoragent@cursor.com>
@jbemmel

jbemmel commented Jun 14, 2026

Copy link
Copy Markdown
Collaborator Author

Could add a version check that aborts when the image isn't 2.19.0 or newer

@jbemmel @cursoragent
Fix ruff I001 import formatting in clab configs.
fe39d5b 
Co-authored-by: Cursor <cursoragent@cursor.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jbemmel