Skip to content
Snippets Groups Projects
Unverified Commit c4c82044 authored by Nico's avatar Nico
Browse files

more fixes

parent 2d3ebd11
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
roles/backbone/tasks/main.yml
+ 3
0
View file @ c4c82044
...@@ -39,6 +39,9 @@ ...@@ -39,6 +39,9 @@
mode: 0640 mode: 0640
owner: bird owner: bird
group: bird group: bird
vars:
myip4: "10.191.255.{{ bb_bgp_local_host.ip4offset }}"
myip6: "fd21:b4dc::a38:{{ bb_bgp_local_host.ip6offset }}"
- ansible.builtin.set_fact: - ansible.builtin.set_fact:
bb_bgp_local_host: "" bb_bgp_local_host: ""
......
roles/backbone/templates/bird-peer.conf.j2
+ 2
0
View file @ c4c82044
...@@ -2,6 +2,7 @@ protocol bgp {{ bb_bgp_interface_name }}_v6 { ...@@ -2,6 +2,7 @@ protocol bgp {{ bb_bgp_interface_name }}_v6 {
local as BB_BGP_ASN; local as BB_BGP_ASN;
neighbor {{ bb_bgp_remote_ip6 }} as {{ bb_bgp_remote_host.asn }}; neighbor {{ bb_bgp_remote_ip6 }} as {{ bb_bgp_remote_host.asn }};
interface "{{ bb_bgp_interface_name }}"; interface "{{ bb_bgp_interface_name }}";
password "reiNgaisah0gee9AiGhoal3eeHooja0eiyejeiphohyaethioKeer8oojedoi1ai";
bfd on; bfd on;
ipv6 { ipv6 {
import filter ffs_backbone_bgp_import; import filter ffs_backbone_bgp_import;
...@@ -13,6 +14,7 @@ protocol bgp {{ bb_bgp_interface_name }}_v4 { ...@@ -13,6 +14,7 @@ protocol bgp {{ bb_bgp_interface_name }}_v4 {
local as BB_BGP_ASN; local as BB_BGP_ASN;
neighbor {{ bb_bgp_remote_ip4 }} as {{ bb_bgp_remote_host.asn }}; neighbor {{ bb_bgp_remote_ip4 }} as {{ bb_bgp_remote_host.asn }};
interface "{{ bb_bgp_interface_name }}"; interface "{{ bb_bgp_interface_name }}";
password "reiNgaisah0gee9AiGhoal3eeHooja0eiyejeiphohyaethioKeer8oojedoi1ai";
bfd on; bfd on;
ipv4 { ipv4 {
import filter ffs_backbone_bgp_import; import filter ffs_backbone_bgp_import;
......
roles/backbone/templates/bird.conf.j2
+ 17
3
View file @ c4c82044
...@@ -11,12 +11,12 @@ protocol device { ...@@ -11,12 +11,12 @@ protocol device {
protocol static static_myself_v6 { protocol static static_myself_v6 {
ipv6; ipv6;
route fd21:b4dc::a38:{{ bb_bgp_local_host.ip6offset }}/128 via "lo"; route {{ myip6 }}/128 via "lo";
}; };
protocol static static_myself_v4 { protocol static static_myself_v4 {
ipv4; ipv4;
route 10.191.255.{{ bb_bgp_local_host.ip4offset }}/32 via "lo"; route {{ myip4 }}/32 via "lo";
}; };
function is_default_route() { function is_default_route() {
...@@ -30,25 +30,39 @@ filter nodefaultroute { ...@@ -30,25 +30,39 @@ filter nodefaultroute {
accept; accept;
}; };
protocol kernel t_kernel { protocol kernel t_kernel_v6 {
ipv6 { ipv6 {
import none; import none;
export filter nodefaultroute; export filter nodefaultroute;
}; };
}; };
protocol kernel t_kernel_v4 {
ipv4 {
import none;
export filter nodefaultroute;
};
};
function is_ffs_net() { function is_ffs_net() {
if net.type = NET_IP4 && net ~ [ 10.190.0.0/15+ ] then return true; if net.type = NET_IP4 && net ~ [ 10.190.0.0/15+ ] then return true;
if net.type = NET_IP6 && net ~ [ fd21:b4dc:4b00::/40 ] then return true; if net.type = NET_IP6 && net ~ [ fd21:b4dc:4b00::/40 ] then return true;
return false; return false;
}; };
function my_ip() {
if net.type = NET_IP4 then return {{ myip4 }};
if net.type = NET_IP6 then return {{ myip6 }};
};
filter ffs_backbone_bgp_import { filter ffs_backbone_bgp_import {
krt_prefsrc = my_ip();
if is_ffs_net() then accept; if is_ffs_net() then accept;
else reject; else reject;
}; };
filter ffs_backbone_bgp_export { filter ffs_backbone_bgp_export {
krt_prefsrc = my_ip();
if is_ffs_net() then accept; if is_ffs_net() then accept;
else reject; else reject;
}; };
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Impressum - Datenschutz