aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ansible/group_vars/all/ipam.yml1
-rw-r--r--config/lhn2ix.txt41
-rw-r--r--lhn2ix.config90
-rw-r--r--tnet/host_vars/knot/wg.yml3
-rw-r--r--tnet/host_vars/kv24ix/wg.yml3
5 files changed, 27 insertions, 111 deletions
diff --git a/ansible/group_vars/all/ipam.yml b/ansible/group_vars/all/ipam.yml
index 5621385..d83de64 100644
--- a/ansible/group_vars/all/ipam.yml
+++ b/ansible/group_vars/all/ipam.yml
@@ -50,6 +50,7 @@ ipam6:
lhn2_dn42:
range: "fdb1:4242:3538:2008::/64"
hosts:
+ lhn2ix: "fdb1:4242:3538:2008::1"
lhn2pi: "fdb1:4242:3538:2008::ffff"
lhn2-z2m: "fdb1:4242:3538:2008:9aed:e460:1711:07dd"
ha-lhn2: "fdb1:4242:3538:2008:9c59:926f:1dc9:89db"
diff --git a/config/lhn2ix.txt b/config/lhn2ix.txt
index 8442f03..cc0b688 100644
--- a/config/lhn2ix.txt
+++ b/config/lhn2ix.txt
@@ -1,9 +1,9 @@
set interfaces ethernet eth0 address dhcp
set interfaces ethernet eth0 description Internet
-set interfaces ethernet eth0 dhcpv6-pd pd 1 interface switch0 host-address '::1'
-set interfaces ethernet eth0 dhcpv6-pd pd 1 interface switch0 prefix-id ':1'
-set interfaces ethernet eth0 dhcpv6-pd pd 1 interface switch0 service slaac
-set interfaces ethernet eth0 dhcpv6-pd pd 1 prefix-length /56
+set interfaces ethernet eth0 dhcpv6-pd pd 0 interface switch0 host-address '::1'
+set interfaces ethernet eth0 dhcpv6-pd pd 0 interface switch0 prefix-id ':1'
+set interfaces ethernet eth0 dhcpv6-pd pd 0 interface switch0 service slaac
+set interfaces ethernet eth0 dhcpv6-pd pd 0 prefix-length 56
set interfaces ethernet eth0 dhcpv6-pd rapid-commit enable
set interfaces ethernet eth0 duplex auto
set interfaces ethernet eth0 ipv6 dup-addr-detect-transmits 1
@@ -31,6 +31,7 @@ set interfaces ethernet eth5 speed auto
set interfaces loopback lo
set interfaces switch switch0 address 'fdb1:4242:3538:2008::1/64'
set interfaces switch switch0 address 192.168.11.1/24
+set interfaces switch switch0 address '2a06:2240:f00d:b50d::/64'
set interfaces switch switch0 description Local
set interfaces switch switch0 ipv6 address
set interfaces switch switch0 ipv6 dup-addr-detect-transmits 1
@@ -40,14 +41,14 @@ set interfaces switch switch0 switch-port interface eth2
set interfaces switch switch0 switch-port interface eth3
set interfaces switch switch0 switch-port interface eth4
set interfaces switch switch0 switch-port vlan-aware disable
-set interfaces wireguard wg0 address 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9b/64'
-set interfaces wireguard wg0 description tnet-knot
-set interfaces wireguard wg0 mtu 1420
-set interfaces wireguard wg0 peer Up8+DhBlMp+/fpaxyGDQBnH/4tZnHojcAKZWCr5sSAk= allowed-ips '::0/0'
-set interfaces wireguard wg0 peer Up8+DhBlMp+/fpaxyGDQBnH/4tZnHojcAKZWCr5sSAk= endpoint 'knot.inamo.no:51002'
-set interfaces wireguard wg0 peer Up8+DhBlMp+/fpaxyGDQBnH/4tZnHojcAKZWCr5sSAk= persistent-keepalive 60
-set interfaces wireguard wg0 private-key 4IhYSjPBx5K2TuEYs2bl3rjaKSLdx3HNgbjn2BpJimg=
-set interfaces wireguard wg0 route-allowed-ips false
+set interfaces wireguard wg1 address 'fdb1:4242:3538:2f02::b/64'
+set interfaces wireguard wg1 description tnet-knot
+set interfaces wireguard wg1 mtu 1420
+set interfaces wireguard wg1 peer Up8+DhBlMp+/fpaxyGDQBnH/4tZnHojcAKZWCr5sSAk= allowed-ips '::0/0'
+set interfaces wireguard wg1 peer Up8+DhBlMp+/fpaxyGDQBnH/4tZnHojcAKZWCr5sSAk= endpoint 'knot.inamo.no:51002'
+set interfaces wireguard wg1 peer Up8+DhBlMp+/fpaxyGDQBnH/4tZnHojcAKZWCr5sSAk= persistent-keepalive 60
+set interfaces wireguard wg1 private-key 4IhYSjPBx5K2TuEYs2bl3rjaKSLdx3HNgbjn2BpJimg=
+set interfaces wireguard wg1 route-allowed-ips false
set policy prefix-list6 bitraf-dn42 rule 1 action permit
set policy prefix-list6 bitraf-dn42 rule 1 description 'tnet subnetworks'
set policy prefix-list6 bitraf-dn42 rule 1 le 128
@@ -55,13 +56,13 @@ set policy prefix-list6 bitraf-dn42 rule 1 prefix 'fdb1:4242:3538:2000::/60'
set policy route-map bitraf-dn42 rule 1 action permit
set policy route-map bitraf-dn42 rule 1 match ipv6 address prefix-list bitraf-dn42
set protocols bgp 4242423538 address-family ipv6-unicast redistribute connected route-map bitraf-dn42
-set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' address-family ipv6-unicast capability graceful-restart
-set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' address-family ipv6-unicast nexthop-self
-set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' address-family ipv6-unicast route-reflector-client
-set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' address-family ipv6-unicast soft-reconfiguration inbound
-set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' description knot
-set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' password trygvis
-set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' remote-as 4242423538
+set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:2f02::a' address-family ipv6-unicast capability graceful-restart
+set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:2f02::a' address-family ipv6-unicast nexthop-self
+set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:2f02::a' address-family ipv6-unicast route-reflector-client
+set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:2f02::a' address-family ipv6-unicast soft-reconfiguration inbound
+set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:2f02::a' description knot
+set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:2f02::a' password trygvis
+set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:2f02::a' remote-as 4242423538
set protocols bgp 4242423538 parameters graceful-restart
set protocols static route6 'fdb1:4242:3538:2008::/64' blackhole
set service dhcp-server disabled false
@@ -72,6 +73,8 @@ set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 dns-serve
set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 dns-server 8.8.8.8
set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 lease 86400
set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 start 192.168.11.100 stop 192.168.11.199
+set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 static-mapping conflatorio ip-address 192.168.11.3
+set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 static-mapping conflatorio mac-address '82:42:32:0c:71:61'
set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 static-mapping teknisk ip-address 192.168.11.2
set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 static-mapping teknisk mac-address 'f4:e2:c6:1c:f9:e3'
set service dhcp-server static-arp disable
diff --git a/lhn2ix.config b/lhn2ix.config
deleted file mode 100644
index fbdf3c6..0000000
--- a/lhn2ix.config
+++ /dev/null
@@ -1,90 +0,0 @@
-set interfaces ethernet eth0 description Internet
-set interfaces ethernet eth0 duplex auto
-set interfaces ethernet eth0 poe output off
-set interfaces ethernet eth0 speed auto
-set interfaces ethernet eth1 description conflatorio
-set interfaces ethernet eth1 duplex auto
-set interfaces ethernet eth1 poe output off
-set interfaces ethernet eth1 speed auto
-set interfaces ethernet eth2 description Local
-set interfaces ethernet eth2 duplex auto
-set interfaces ethernet eth2 poe output off
-set interfaces ethernet eth2 speed auto
-set interfaces ethernet eth3 description Local
-set interfaces ethernet eth3 duplex auto
-set interfaces ethernet eth3 poe output off
-set interfaces ethernet eth3 speed auto
-set interfaces ethernet eth4 description Wifi
-set interfaces ethernet eth4 duplex auto
-set interfaces ethernet eth4 poe output 24v
-set interfaces ethernet eth4 speed auto
-set interfaces ethernet eth5 duplex auto
-set interfaces ethernet eth5 mac '48:FD:8E:B5:98:49'
-set interfaces ethernet eth5 speed auto
-set interfaces loopback lo
-set interfaces switch switch0 address dhcp
-set interfaces switch switch0 address 'fdb1:4242:3538:2008::1/64'
-set interfaces switch switch0 description Local
-set interfaces switch switch0 ipv6 address
-set interfaces switch switch0 ipv6 dup-addr-detect-transmits 1
-set interfaces switch switch0 mtu 1500
-set interfaces switch switch0 switch-port interface eth0
-set interfaces switch switch0 switch-port interface eth1
-set interfaces switch switch0 switch-port interface eth2
-set interfaces switch switch0 switch-port interface eth3
-set interfaces switch switch0 switch-port interface eth4
-set interfaces switch switch0 switch-port vlan-aware disable
-set interfaces wireguard wg0 address 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9b/64'
-set interfaces wireguard wg0 description tnet-knot
-set interfaces wireguard wg0 listen-port 51820
-set interfaces wireguard wg0 mtu 1420
-set interfaces wireguard wg0 peer Up8+DhBlMp+/fpaxyGDQBnH/4tZnHojcAKZWCr5sSAk= allowed-ips '::0/0'
-set interfaces wireguard wg0 peer Up8+DhBlMp+/fpaxyGDQBnH/4tZnHojcAKZWCr5sSAk= description knot
-set interfaces wireguard wg0 peer Up8+DhBlMp+/fpaxyGDQBnH/4tZnHojcAKZWCr5sSAk= endpoint 'knot.inamo.no:51002'
-set interfaces wireguard wg0 peer Up8+DhBlMp+/fpaxyGDQBnH/4tZnHojcAKZWCr5sSAk= persistent-keepalive 60
-set interfaces wireguard wg0 private-key 4IhYSjPBx5K2TuEYs2bl3rjaKSLdx3HNgbjn2BpJimg=
-set interfaces wireguard wg0 route-allowed-ips false
-set policy prefix-list6 bitraf-dn42 rule 1 action permit
-set policy prefix-list6 bitraf-dn42 rule 1 description 'tnet subnetworks'
-set policy prefix-list6 bitraf-dn42 rule 1 le 128
-set policy prefix-list6 bitraf-dn42 rule 1 prefix 'fdb1:4242:3538:2000::/60'
-set policy route-map bitraf-dn42 rule 1 action permit
-set policy route-map bitraf-dn42 rule 1 match ipv6 address prefix-list bitraf-dn42
-set protocols bgp 4242423538 address-family ipv6-unicast redistribute connected route-map bitraf-dn42
-set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' address-family ipv6-unicast capability graceful-restart
-set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' address-family ipv6-unicast nexthop-self
-set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' address-family ipv6-unicast route-reflector-client
-set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' address-family ipv6-unicast soft-reconfiguration inbound
-set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' description knot
-set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' password trygvis
-set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' remote-as 4242423538
-set protocols bgp 4242423538 parameters graceful-restart
-set protocols static route6 'fdb1:4242:3538:2008::/64' blackhole
-set service dns forwarding cache-size 150
-set service dns forwarding listen-on switch0
-set service gui http-port 80
-set service gui https-port 443
-set service gui older-ciphers enable
-set service snmp community public authorization ro
-set service snmp location lhn2ix
-set service ssh port 22
-set service ssh protocol-version v2
-set service unms disable
-set system analytics-handler send-analytics-report false
-set system config-management commit-revisions 10
-set system crash-handler send-crash-report false
-set system domain-name trygvis.io
-set system host-name lhn2ix
-set system login user ubnt authentication encrypted-password '$5$ucVLbcMWY6pqMscw$uTjpyafVQ9Qj7nfKEOsurrfRgFhTb6ZbANgAsdRfWo8'
-set system login user ubnt authentication plaintext-password ''
-set system login user ubnt full-name ''
-set system login user ubnt level admin
-set system name-server 8.8.8.8
-set system ntp server 0.ubnt.pool.ntp.org
-set system ntp server 1.ubnt.pool.ntp.org
-set system ntp server 2.ubnt.pool.ntp.org
-set system ntp server 3.ubnt.pool.ntp.org
-set system syslog console facility all level debug
-set system syslog global facility all level notice
-set system syslog global facility protocols level debug
-set system time-zone Europe/Oslo
diff --git a/tnet/host_vars/knot/wg.yml b/tnet/host_vars/knot/wg.yml
index 64595ed..e64a4a6 100644
--- a/tnet/host_vars/knot/wg.yml
+++ b/tnet/host_vars/knot/wg.yml
@@ -6,7 +6,8 @@ tnet_wg:
address: fe80:3b20:4cb0:5315:22a:c7de:a45b:8a7c
lhn2ix:
port: 51002
- address: fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a
+# address: fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a
+ address: fdb1:4242:3538:2f02::a
kv24ix:
port: 51003
address: fdb1:4242:3538:2f01::a
diff --git a/tnet/host_vars/kv24ix/wg.yml b/tnet/host_vars/kv24ix/wg.yml
index fb215e8..4a4c833 100644
--- a/tnet/host_vars/kv24ix/wg.yml
+++ b/tnet/host_vars/kv24ix/wg.yml
@@ -1,3 +1,4 @@
tnet_wg:
knot:
- address: fdb1:4242:3538:ffff:18b7:d3ec:5608:db9b
+# address: fdb1:4242:3538:ffff:18b7:d3ec:5608:db9b
+ address: fdb1:4242:3538:2f02::b/64
generated by cgit v1.2.3 (git 2.46.0) at 2025-07-27 04:57:59 +0000