diff options
author | Trygve Laugstøl <trygvis@inamo.no> | 2024-06-13 22:39:18 +0200 |
---|---|---|
committer | Trygve Laugstøl <trygvis@inamo.no> | 2024-06-13 22:39:18 +0200 |
commit | 972364516ba400878b9e06fe239c1f07d751d4fa (patch) | |
tree | 192cbde5b2502db476b237baa9f973b406f1951e | |
parent | 76e3c7f247f16056129d945e9002730329e57ad6 (diff) | |
download | infra-972364516ba400878b9e06fe239c1f07d751d4fa.tar.gz infra-972364516ba400878b9e06fe239c1f07d751d4fa.tar.bz2 infra-972364516ba400878b9e06fe239c1f07d751d4fa.tar.xz infra-972364516ba400878b9e06fe239c1f07d751d4fa.zip |
tnet
-rw-r--r-- | ansible/inventory | 4 | ||||
-rw-r--r-- | tnet/bird-deploy.yml (renamed from tnet/bird-config.yml) | 12 | ||||
-rw-r--r-- | tnet/bird-gen.yml | 20 | ||||
-rw-r--r-- | tnet/bird-install.yml | 2 | ||||
-rw-r--r-- | tnet/files/akili/bird-tnet-pre.conf | 7 | ||||
-rw-r--r-- | tnet/files/akili/bird-tnet.conf | 8 | ||||
-rw-r--r-- | tnet/files/astyanax/bird-tnet-pre.conf | 7 | ||||
-rw-r--r-- | tnet/files/astyanax/bird-tnet.conf | 8 | ||||
-rw-r--r-- | tnet/files/hash/bird-tnet-pre.conf | 7 | ||||
-rw-r--r-- | tnet/files/hash/bird-tnet.conf | 8 | ||||
-rw-r--r-- | tnet/files/knot/bird-tnet-pre.conf | 7 | ||||
-rw-r--r-- | tnet/files/knot/bird-tnet.conf | 8 | ||||
-rw-r--r-- | tnet/files/kv24ix/bird-tnet.conf | 41 | ||||
-rw-r--r-- | tnet/files/lhn2ix/bird-tnet.conf | 41 | ||||
-rw-r--r-- | tnet/files/lhn2pi/bird-tnet-pre.conf | 7 | ||||
-rw-r--r-- | tnet/files/lhn2pi/bird-tnet.conf | 8 | ||||
-rw-r--r-- | tnet/files/node1/bird-tnet-pre.conf | 7 | ||||
-rw-r--r-- | tnet/files/node1/bird-tnet.conf | 8 | ||||
-rw-r--r-- | tnet/files/node2/bird-tnet-pre.conf | 7 | ||||
-rw-r--r-- | tnet/files/node2/bird-tnet.conf | 8 | ||||
-rw-r--r-- | tnet/templates/bird-tnet-pre.conf.j2 | 7 | ||||
-rw-r--r-- | tnet/templates/bird-tnet.conf.j2 | 8 |
22 files changed, 86 insertions, 154 deletions
diff --git a/ansible/inventory b/ansible/inventory index f94f73a..4e2d0b2 100644 --- a/ansible/inventory +++ b/ansible/inventory @@ -181,11 +181,13 @@ all: node1: node2: - tnet_bgp: + tnet_bird: hosts: akili: + astyanax: hash: knot: + lhn2pi: node1: node2: diff --git a/tnet/bird-config.yml b/tnet/bird-deploy.yml index fcffa4d..ed7cecf 100644 --- a/tnet/bird-config.yml +++ b/tnet/bird-deploy.yml @@ -1,10 +1,16 @@ -- hosts: tnet +- hosts: tnet_bird tasks: - become: yes copy: - dest: /etc/bird/bird-tnet.conf - src: "{{ inventory_hostname }}/bird-tnet.conf" + dest: "/etc/bird/{{ item }}" + src: "{{ inventory_hostname }}/{{ item }}" + owner: bird + group: bird + mode: 0640 register: bird_conf + loop: + - bird-tnet-pre.conf + - bird-tnet.conf - systemd: state: reloaded diff --git a/tnet/bird-gen.yml b/tnet/bird-gen.yml index 17e8128..9fa71b1 100644 --- a/tnet/bird-gen.yml +++ b/tnet/bird-gen.yml @@ -1,11 +1,25 @@ +- name: Remove old configuration + hosts: localhost + connection: local + gather_facts: False + tasks: + - file: + path: files + state: absent + changed_when: False + - name: Generate Bird configuration - hosts: tnet + hosts: tnet_bird connection: local gather_facts: False tasks: - file: path: files/{{ inventory_hostname }} state: directory + changed_when: False - template: - src: bird-tnet.conf.j2 - dest: files/{{ inventory_hostname }}/bird-tnet.conf + src: "{{ item }}.j2" + dest: "files/{{ inventory_hostname }}/{{ item }}" + loop: + - bird-tnet-pre.conf + - bird-tnet.conf diff --git a/tnet/bird-install.yml b/tnet/bird-install.yml index c52ce50..49aed92 100644 --- a/tnet/bird-install.yml +++ b/tnet/bird-install.yml @@ -1,5 +1,5 @@ - hosts: - - bgp + - tnet_bird tasks: - name: Install bird2 become: yes diff --git a/tnet/files/akili/bird-tnet-pre.conf b/tnet/files/akili/bird-tnet-pre.conf new file mode 100644 index 0000000..7994dfe --- /dev/null +++ b/tnet/files/akili/bird-tnet-pre.conf @@ -0,0 +1,7 @@ +define tnet = fdb1:4242:3538::/48; +define tnet_router = fdb1:4242:3538:ffff::/64; + +function is_tnet() # -> bool +{ + return net ~ tnet && ! (net ~ tnet_router); +} diff --git a/tnet/files/akili/bird-tnet.conf b/tnet/files/akili/bird-tnet.conf index 3c53d79..f9b9d08 100644 --- a/tnet/files/akili/bird-tnet.conf +++ b/tnet/files/akili/bird-tnet.conf @@ -1,11 +1,3 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - template bgp tnet_tpl { local as 4242423538; neighbor internal; diff --git a/tnet/files/astyanax/bird-tnet-pre.conf b/tnet/files/astyanax/bird-tnet-pre.conf new file mode 100644 index 0000000..7994dfe --- /dev/null +++ b/tnet/files/astyanax/bird-tnet-pre.conf @@ -0,0 +1,7 @@ +define tnet = fdb1:4242:3538::/48; +define tnet_router = fdb1:4242:3538:ffff::/64; + +function is_tnet() # -> bool +{ + return net ~ tnet && ! (net ~ tnet_router); +} diff --git a/tnet/files/astyanax/bird-tnet.conf b/tnet/files/astyanax/bird-tnet.conf index 8fa46b9..d697e54 100644 --- a/tnet/files/astyanax/bird-tnet.conf +++ b/tnet/files/astyanax/bird-tnet.conf @@ -1,11 +1,3 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - template bgp tnet_tpl { local as 4242423538; neighbor internal; diff --git a/tnet/files/hash/bird-tnet-pre.conf b/tnet/files/hash/bird-tnet-pre.conf new file mode 100644 index 0000000..7994dfe --- /dev/null +++ b/tnet/files/hash/bird-tnet-pre.conf @@ -0,0 +1,7 @@ +define tnet = fdb1:4242:3538::/48; +define tnet_router = fdb1:4242:3538:ffff::/64; + +function is_tnet() # -> bool +{ + return net ~ tnet && ! (net ~ tnet_router); +} diff --git a/tnet/files/hash/bird-tnet.conf b/tnet/files/hash/bird-tnet.conf index b2afdc8..16ce2cc 100644 --- a/tnet/files/hash/bird-tnet.conf +++ b/tnet/files/hash/bird-tnet.conf @@ -1,11 +1,3 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - template bgp tnet_tpl { local as 4242423538; neighbor internal; diff --git a/tnet/files/knot/bird-tnet-pre.conf b/tnet/files/knot/bird-tnet-pre.conf new file mode 100644 index 0000000..7994dfe --- /dev/null +++ b/tnet/files/knot/bird-tnet-pre.conf @@ -0,0 +1,7 @@ +define tnet = fdb1:4242:3538::/48; +define tnet_router = fdb1:4242:3538:ffff::/64; + +function is_tnet() # -> bool +{ + return net ~ tnet && ! (net ~ tnet_router); +} diff --git a/tnet/files/knot/bird-tnet.conf b/tnet/files/knot/bird-tnet.conf index 32f06cb..fcecc19 100644 --- a/tnet/files/knot/bird-tnet.conf +++ b/tnet/files/knot/bird-tnet.conf @@ -1,11 +1,3 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - template bgp tnet_tpl { local as 4242423538; neighbor internal; diff --git a/tnet/files/kv24ix/bird-tnet.conf b/tnet/files/kv24ix/bird-tnet.conf deleted file mode 100644 index a8fb14c..0000000 --- a/tnet/files/kv24ix/bird-tnet.conf +++ /dev/null @@ -1,41 +0,0 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - -template bgp tnet_tpl { - local as 4242423538; - neighbor internal; - - direct; - - password "trygvis"; - - ipv6 { - next hop self; - import filter { - if is_tnet() then { - print proto, ": import accept, net=", net, ", from=", from, ", gw=", gw; - accept; - } - print proto, ": import reject, reason=not tnet"; reject; - }; - # newer bird's only - # import keep filtered; - export filter { - if is_tnet() then { - print proto, ": export accept, net=", net, ", from=", from, ", gw=", gw; - accept; - } - print proto, ": export reject, reason=not tnet"; reject; - }; - }; -} - -protocol bgp tnet_knot from tnet_tpl { - neighbor fdb1:4242:3538:ffff:ea4:11cb:863:5252; - interface "tnet-knot"; -} diff --git a/tnet/files/lhn2ix/bird-tnet.conf b/tnet/files/lhn2ix/bird-tnet.conf deleted file mode 100644 index b020368..0000000 --- a/tnet/files/lhn2ix/bird-tnet.conf +++ /dev/null @@ -1,41 +0,0 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - -template bgp tnet_tpl { - local as 4242423538; - neighbor internal; - - direct; - - password "trygvis"; - - ipv6 { - next hop self; - import filter { - if is_tnet() then { - print proto, ": import accept, net=", net, ", from=", from, ", gw=", gw; - accept; - } - print proto, ": import reject, reason=not tnet"; reject; - }; - # newer bird's only - # import keep filtered; - export filter { - if is_tnet() then { - print proto, ": export accept, net=", net, ", from=", from, ", gw=", gw; - accept; - } - print proto, ": export reject, reason=not tnet"; reject; - }; - }; -} - -protocol bgp tnet_knot from tnet_tpl { - neighbor fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a; - interface "tnet-knot"; -} diff --git a/tnet/files/lhn2pi/bird-tnet-pre.conf b/tnet/files/lhn2pi/bird-tnet-pre.conf new file mode 100644 index 0000000..7994dfe --- /dev/null +++ b/tnet/files/lhn2pi/bird-tnet-pre.conf @@ -0,0 +1,7 @@ +define tnet = fdb1:4242:3538::/48; +define tnet_router = fdb1:4242:3538:ffff::/64; + +function is_tnet() # -> bool +{ + return net ~ tnet && ! (net ~ tnet_router); +} diff --git a/tnet/files/lhn2pi/bird-tnet.conf b/tnet/files/lhn2pi/bird-tnet.conf index 5d5939b..864ad0b 100644 --- a/tnet/files/lhn2pi/bird-tnet.conf +++ b/tnet/files/lhn2pi/bird-tnet.conf @@ -1,11 +1,3 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - template bgp tnet_tpl { local as 4242423538; neighbor internal; diff --git a/tnet/files/node1/bird-tnet-pre.conf b/tnet/files/node1/bird-tnet-pre.conf new file mode 100644 index 0000000..7994dfe --- /dev/null +++ b/tnet/files/node1/bird-tnet-pre.conf @@ -0,0 +1,7 @@ +define tnet = fdb1:4242:3538::/48; +define tnet_router = fdb1:4242:3538:ffff::/64; + +function is_tnet() # -> bool +{ + return net ~ tnet && ! (net ~ tnet_router); +} diff --git a/tnet/files/node1/bird-tnet.conf b/tnet/files/node1/bird-tnet.conf index ebf0160..88bd6f8 100644 --- a/tnet/files/node1/bird-tnet.conf +++ b/tnet/files/node1/bird-tnet.conf @@ -1,11 +1,3 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - template bgp tnet_tpl { local as 4242423538; neighbor internal; diff --git a/tnet/files/node2/bird-tnet-pre.conf b/tnet/files/node2/bird-tnet-pre.conf new file mode 100644 index 0000000..7994dfe --- /dev/null +++ b/tnet/files/node2/bird-tnet-pre.conf @@ -0,0 +1,7 @@ +define tnet = fdb1:4242:3538::/48; +define tnet_router = fdb1:4242:3538:ffff::/64; + +function is_tnet() # -> bool +{ + return net ~ tnet && ! (net ~ tnet_router); +} diff --git a/tnet/files/node2/bird-tnet.conf b/tnet/files/node2/bird-tnet.conf index 813b0f5..99dfc5e 100644 --- a/tnet/files/node2/bird-tnet.conf +++ b/tnet/files/node2/bird-tnet.conf @@ -1,11 +1,3 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - template bgp tnet_tpl { local as 4242423538; neighbor internal; diff --git a/tnet/templates/bird-tnet-pre.conf.j2 b/tnet/templates/bird-tnet-pre.conf.j2 new file mode 100644 index 0000000..ba012cf --- /dev/null +++ b/tnet/templates/bird-tnet-pre.conf.j2 @@ -0,0 +1,7 @@ +define tnet = fdb1:4242:3538::/48; +define tnet_router = fdb1:4242:3538:ffff::/64; + +function is_tnet() -> bool +{ + return net ~ tnet && ! (net ~ tnet_router); +} diff --git a/tnet/templates/bird-tnet.conf.j2 b/tnet/templates/bird-tnet.conf.j2 index 6e1ba0e..57e557a 100644 --- a/tnet/templates/bird-tnet.conf.j2 +++ b/tnet/templates/bird-tnet.conf.j2 @@ -1,11 +1,3 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - template bgp tnet_tpl { local as 4242423538; neighbor internal; |