From c4c82044bb974f44e5dd5929fedd17c4f0e73be1 Mon Sep 17 00:00:00 2001
From: Nico Boehr <nico@nicoboehr.de>
Date: Sat, 4 Jan 2025 22:25:18 +0100
Subject: [PATCH] more fixes

---
 roles/backbone/tasks/main.yml              |  3 +++
 roles/backbone/templates/bird-peer.conf.j2 |  2 ++
 roles/backbone/templates/bird.conf.j2      | 20 +++++++++++++++++---
 3 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/roles/backbone/tasks/main.yml b/roles/backbone/tasks/main.yml
index 49aa3e5..0868655 100644
--- a/roles/backbone/tasks/main.yml
+++ b/roles/backbone/tasks/main.yml
@@ -39,6 +39,9 @@
     mode: 0640
     owner: bird
     group: bird
+  vars:
+    myip4: "10.191.255.{{ bb_bgp_local_host.ip4offset }}"
+    myip6: "fd21:b4dc::a38:{{ bb_bgp_local_host.ip6offset }}"
 
 - ansible.builtin.set_fact:
     bb_bgp_local_host: ""
diff --git a/roles/backbone/templates/bird-peer.conf.j2 b/roles/backbone/templates/bird-peer.conf.j2
index 9253bea..1763615 100644
--- a/roles/backbone/templates/bird-peer.conf.j2
+++ b/roles/backbone/templates/bird-peer.conf.j2
@@ -2,6 +2,7 @@ protocol bgp {{ bb_bgp_interface_name }}_v6 {
 	local as BB_BGP_ASN;
 	neighbor {{ bb_bgp_remote_ip6 }} as {{ bb_bgp_remote_host.asn }};
 	interface "{{ bb_bgp_interface_name }}";
+	password "reiNgaisah0gee9AiGhoal3eeHooja0eiyejeiphohyaethioKeer8oojedoi1ai";
 	bfd on;
 	ipv6 {
 		import filter ffs_backbone_bgp_import;
@@ -13,6 +14,7 @@ protocol bgp {{ bb_bgp_interface_name }}_v4 {
 	local as BB_BGP_ASN;
 	neighbor {{ bb_bgp_remote_ip4 }} as {{ bb_bgp_remote_host.asn }};
 	interface "{{ bb_bgp_interface_name }}";
+	password "reiNgaisah0gee9AiGhoal3eeHooja0eiyejeiphohyaethioKeer8oojedoi1ai";
 	bfd on;
 	ipv4 {
 		import filter ffs_backbone_bgp_import;
diff --git a/roles/backbone/templates/bird.conf.j2 b/roles/backbone/templates/bird.conf.j2
index efdc6ef..aa384f5 100644
--- a/roles/backbone/templates/bird.conf.j2
+++ b/roles/backbone/templates/bird.conf.j2
@@ -11,12 +11,12 @@ protocol device {
 
 protocol static static_myself_v6 {
 	ipv6;
-	route fd21:b4dc::a38:{{ bb_bgp_local_host.ip6offset  }}/128 via "lo";
+	route {{ myip6 }}/128 via "lo";
 };
 
 protocol static static_myself_v4 {
 	ipv4;
-	route 10.191.255.{{ bb_bgp_local_host.ip4offset  }}/32 via "lo";
+	route {{ myip4 }}/32 via "lo";
 };
 
 function is_default_route() {
@@ -30,25 +30,39 @@ filter nodefaultroute {
 	accept;
 };
 
-protocol kernel t_kernel {
+protocol kernel t_kernel_v6 {
         ipv6 {
                 import none;
                 export filter nodefaultroute;
         };
 };
 
+protocol kernel t_kernel_v4 {
+        ipv4 {
+                import none;
+                export filter nodefaultroute;
+        };
+};
+
 function is_ffs_net() {
 	if net.type = NET_IP4 && net ~ [ 10.190.0.0/15+ ] then return true;
 	if net.type = NET_IP6 && net ~ [ fd21:b4dc:4b00::/40 ] then return true;
 	return false;
 };
 
+function my_ip() {
+	if net.type = NET_IP4 then return {{ myip4 }};
+	if net.type = NET_IP6 then return {{ myip6 }};
+};
+
 filter ffs_backbone_bgp_import {
+	krt_prefsrc = my_ip();
 	if is_ffs_net() then accept;
 	else reject;
 };
 
 filter ffs_backbone_bgp_export {
+	krt_prefsrc = my_ip();
 	if is_ffs_net() then accept;
 	else reject;
 };
-- 
GitLab