From 9b72475b8b8e5627b678a356e232e82a6c61f8c5 Mon Sep 17 00:00:00 2001 From: Trygve Laugstøl Date: Sun, 8 Oct 2023 19:31:37 +0200 Subject: bgp --- ansible/bgp/bgp.yml | 6 +----- ansible/bgp/templates/bird.conf.j2 | 19 +------------------ ansible/inventory | 9 ++++++++- 3 files changed, 10 insertions(+), 24 deletions(-) diff --git a/ansible/bgp/bgp.yml b/ansible/bgp/bgp.yml index 4c7787a..a3e6ce3 100644 --- a/ansible/bgp/bgp.yml +++ b/ansible/bgp/bgp.yml @@ -1,9 +1,5 @@ - hosts: - - akili - - arius - - astyanax - - hash - - knot + - bgp tasks: - debug: msg: "Hello World!" diff --git a/ansible/bgp/templates/bird.conf.j2 b/ansible/bgp/templates/bird.conf.j2 index dfda44b..1d7ff19 100644 --- a/ansible/bgp/templates/bird.conf.j2 +++ b/ansible/bgp/templates/bird.conf.j2 @@ -7,24 +7,6 @@ define tnet_link = {{ tnet_link }}; log syslog all; debug protocols all; -{# - -filter tnet_import -{ -{% if bgp_mynet|default(false) %} - if net ~ mynet6 then reject "tnet_import reject mynet"; -{% endif %} - accept "tnet_import accept other"; -} - -filter tnet_export -{ -{% if bgp_mynet|default(false) %} - if net ~ mynet6 then accept "tnet_export accept mynet"; -{% endif %} - reject "tnet_export reject other"; -} -#} function is_tnet() { @@ -64,6 +46,7 @@ protocol bgp {{ peer.name }} { password "trygvis"; ipv6 { + next hop self; import filter { if is_tnet() then accept "from {{ peer.name }}, import accept"; reject "from {{ peer.name }}, invalid tnet"; diff --git a/ansible/inventory b/ansible/inventory index 71b25fa..46f8543 100644 --- a/ansible/inventory +++ b/ansible/inventory @@ -34,7 +34,7 @@ all: babypi: ansible_host: 192.168.10.159 astyanax: - ansible_host: 2a01:79d:4698:96bc:d804:e55d:ee18:b7ba + ansible_host: astyanax.vpn.trygvis.io sweetzpot-mobile: ansible_host: 192.168.10.123 sweetzpot-macos: @@ -172,4 +172,11 @@ all: lhnpi: lhnix: + bgp: + hosts: + akili: + arius: + astyanax: + hash: + knot: # vim: set filetype=yaml: -- cgit v1.2.3