From 4a40030a65f8029740d5c9ccb226114073f52eb8 Mon Sep 17 00:00:00 2001 From: Trygve Laugstøl Date: Sun, 18 Aug 2024 09:43:30 +0200 Subject: Better if support --- tnet/files/akili/bird-tnet-pre.conf | 9 ++++----- tnet/files/astyanax/bird-tnet-pre.conf | 9 ++++----- tnet/files/conflatorio/bird-tnet-pre.conf | 9 ++++----- tnet/files/hash/bird-tnet-pre.conf | 9 ++++----- tnet/files/hash/bird-tnet.conf | 6 +++--- tnet/files/knot/bird-tnet-pre.conf | 9 ++++----- tnet/files/knot/bird-tnet.conf | 7 +++++++ tnet/files/lhn2pi/bird-tnet-pre.conf | 9 ++++----- tnet/files/node1/bird-tnet-pre.conf | 9 ++++----- tnet/files/node2/bird-tnet-pre.conf | 9 ++++----- tnet/host_vars/conflatorio/bird.yml | 2 ++ tnet/host_vars/hash/bird.yml | 3 ++- tnet/host_vars/knot/bird.yml | 3 +++ tnet/templates/bird-tnet-pre.conf.j2 | 9 ++++----- tnet/templates/bird-tnet.conf.j2 | 4 ++++ tnet/wg-links-link.yml | 17 ++++++++++++----- 16 files changed, 69 insertions(+), 54 deletions(-) (limited to 'tnet') diff --git a/tnet/files/akili/bird-tnet-pre.conf b/tnet/files/akili/bird-tnet-pre.conf index 383c050..61669a1 100644 --- a/tnet/files/akili/bird-tnet-pre.conf +++ b/tnet/files/akili/bird-tnet-pre.conf @@ -1,9 +1,8 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; +define tnet = fdb1:4242:3538:a000::/52; -function is_tnet() # -> bool +function is_tnet() { - return net ~ tnet && (net !~ tnet_router); + return net ~ tnet; } roa6 table dn42_roa; @@ -13,7 +12,7 @@ protocol static { include "/etc/bird/dn42_roa_bird2_6.conf"; }; -function dn42_is_valid_network() # -> bool +function dn42_is_valid_network() { return net ~ [ fd00::/8{44,64} # ULA address space as per RFC 4193 diff --git a/tnet/files/astyanax/bird-tnet-pre.conf b/tnet/files/astyanax/bird-tnet-pre.conf index 383c050..61669a1 100644 --- a/tnet/files/astyanax/bird-tnet-pre.conf +++ b/tnet/files/astyanax/bird-tnet-pre.conf @@ -1,9 +1,8 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; +define tnet = fdb1:4242:3538:a000::/52; -function is_tnet() # -> bool +function is_tnet() { - return net ~ tnet && (net !~ tnet_router); + return net ~ tnet; } roa6 table dn42_roa; @@ -13,7 +12,7 @@ protocol static { include "/etc/bird/dn42_roa_bird2_6.conf"; }; -function dn42_is_valid_network() # -> bool +function dn42_is_valid_network() { return net ~ [ fd00::/8{44,64} # ULA address space as per RFC 4193 diff --git a/tnet/files/conflatorio/bird-tnet-pre.conf b/tnet/files/conflatorio/bird-tnet-pre.conf index 383c050..895ac54 100644 --- a/tnet/files/conflatorio/bird-tnet-pre.conf +++ b/tnet/files/conflatorio/bird-tnet-pre.conf @@ -1,9 +1,8 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; +define tnet = fdb1:4242:3538:a000::/52; -function is_tnet() # -> bool +function is_tnet() -> bool { - return net ~ tnet && (net !~ tnet_router); + return net ~ tnet; } roa6 table dn42_roa; @@ -13,7 +12,7 @@ protocol static { include "/etc/bird/dn42_roa_bird2_6.conf"; }; -function dn42_is_valid_network() # -> bool +function dn42_is_valid_network() -> bool { return net ~ [ fd00::/8{44,64} # ULA address space as per RFC 4193 diff --git a/tnet/files/hash/bird-tnet-pre.conf b/tnet/files/hash/bird-tnet-pre.conf index 383c050..61669a1 100644 --- a/tnet/files/hash/bird-tnet-pre.conf +++ b/tnet/files/hash/bird-tnet-pre.conf @@ -1,9 +1,8 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; +define tnet = fdb1:4242:3538:a000::/52; -function is_tnet() # -> bool +function is_tnet() { - return net ~ tnet && (net !~ tnet_router); + return net ~ tnet; } roa6 table dn42_roa; @@ -13,7 +12,7 @@ protocol static { include "/etc/bird/dn42_roa_bird2_6.conf"; }; -function dn42_is_valid_network() # -> bool +function dn42_is_valid_network() { return net ~ [ fd00::/8{44,64} # ULA address space as per RFC 4193 diff --git a/tnet/files/hash/bird-tnet.conf b/tnet/files/hash/bird-tnet.conf index b105201..5ac9690 100644 --- a/tnet/files/hash/bird-tnet.conf +++ b/tnet/files/hash/bird-tnet.conf @@ -37,9 +37,9 @@ template bgp tnet_tpl { }; } -protocol bgp tnet_astyanax from tnet_tpl { - neighbor fe80:a0fd:89e4:42c6:f617:7398:abf4:b517; - interface "tnet-astyanax"; +protocol bgp tnet_conflatorio from tnet_tpl { + neighbor fe80:4540:476c:d432:2f32:818b:811b:bb60; + interface "tnet-confltrio"; rr client; } diff --git a/tnet/files/knot/bird-tnet-pre.conf b/tnet/files/knot/bird-tnet-pre.conf index 383c050..61669a1 100644 --- a/tnet/files/knot/bird-tnet-pre.conf +++ b/tnet/files/knot/bird-tnet-pre.conf @@ -1,9 +1,8 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; +define tnet = fdb1:4242:3538:a000::/52; -function is_tnet() # -> bool +function is_tnet() { - return net ~ tnet && (net !~ tnet_router); + return net ~ tnet; } roa6 table dn42_roa; @@ -13,7 +12,7 @@ protocol static { include "/etc/bird/dn42_roa_bird2_6.conf"; }; -function dn42_is_valid_network() # -> bool +function dn42_is_valid_network() { return net ~ [ fd00::/8{44,64} # ULA address space as per RFC 4193 diff --git a/tnet/files/knot/bird-tnet.conf b/tnet/files/knot/bird-tnet.conf index 60c00ed..fd5332a 100644 --- a/tnet/files/knot/bird-tnet.conf +++ b/tnet/files/knot/bird-tnet.conf @@ -37,6 +37,13 @@ template bgp tnet_tpl { }; } +protocol bgp tnet_conflatorio from tnet_tpl { + neighbor fe80:47fc:660:b91f:1063:a6ae:46bb:7588; + interface "tnet-confltrio"; + + rr client; +} + protocol bgp tnet_hash from tnet_tpl { neighbor fe80:3b20:4cb0:5315:22a:c7de:a45b:8a7d; interface "tnet-hash"; diff --git a/tnet/files/lhn2pi/bird-tnet-pre.conf b/tnet/files/lhn2pi/bird-tnet-pre.conf index 383c050..61669a1 100644 --- a/tnet/files/lhn2pi/bird-tnet-pre.conf +++ b/tnet/files/lhn2pi/bird-tnet-pre.conf @@ -1,9 +1,8 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; +define tnet = fdb1:4242:3538:a000::/52; -function is_tnet() # -> bool +function is_tnet() { - return net ~ tnet && (net !~ tnet_router); + return net ~ tnet; } roa6 table dn42_roa; @@ -13,7 +12,7 @@ protocol static { include "/etc/bird/dn42_roa_bird2_6.conf"; }; -function dn42_is_valid_network() # -> bool +function dn42_is_valid_network() { return net ~ [ fd00::/8{44,64} # ULA address space as per RFC 4193 diff --git a/tnet/files/node1/bird-tnet-pre.conf b/tnet/files/node1/bird-tnet-pre.conf index 383c050..61669a1 100644 --- a/tnet/files/node1/bird-tnet-pre.conf +++ b/tnet/files/node1/bird-tnet-pre.conf @@ -1,9 +1,8 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; +define tnet = fdb1:4242:3538:a000::/52; -function is_tnet() # -> bool +function is_tnet() { - return net ~ tnet && (net !~ tnet_router); + return net ~ tnet; } roa6 table dn42_roa; @@ -13,7 +12,7 @@ protocol static { include "/etc/bird/dn42_roa_bird2_6.conf"; }; -function dn42_is_valid_network() # -> bool +function dn42_is_valid_network() { return net ~ [ fd00::/8{44,64} # ULA address space as per RFC 4193 diff --git a/tnet/files/node2/bird-tnet-pre.conf b/tnet/files/node2/bird-tnet-pre.conf index 383c050..61669a1 100644 --- a/tnet/files/node2/bird-tnet-pre.conf +++ b/tnet/files/node2/bird-tnet-pre.conf @@ -1,9 +1,8 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; +define tnet = fdb1:4242:3538:a000::/52; -function is_tnet() # -> bool +function is_tnet() { - return net ~ tnet && (net !~ tnet_router); + return net ~ tnet; } roa6 table dn42_roa; @@ -13,7 +12,7 @@ protocol static { include "/etc/bird/dn42_roa_bird2_6.conf"; }; -function dn42_is_valid_network() # -> bool +function dn42_is_valid_network() { return net ~ [ fd00::/8{44,64} # ULA address space as per RFC 4193 diff --git a/tnet/host_vars/conflatorio/bird.yml b/tnet/host_vars/conflatorio/bird.yml index b59526c..a976306 100644 --- a/tnet/host_vars/conflatorio/bird.yml +++ b/tnet/host_vars/conflatorio/bird.yml @@ -1,3 +1,5 @@ tnet_bird_peers: hash: knot: + +birdv: 2015 diff --git a/tnet/host_vars/hash/bird.yml b/tnet/host_vars/hash/bird.yml index 17cb4cd..663f8e1 100644 --- a/tnet/host_vars/hash/bird.yml +++ b/tnet/host_vars/hash/bird.yml @@ -1,6 +1,7 @@ tnet_bird_peers: - astyanax: + conflatorio: rr_client: true + interface: tnet-confltrio knot: rr_client: true node1: diff --git a/tnet/host_vars/knot/bird.yml b/tnet/host_vars/knot/bird.yml index 12dffeb..73f2ad7 100644 --- a/tnet/host_vars/knot/bird.yml +++ b/tnet/host_vars/knot/bird.yml @@ -1,4 +1,7 @@ tnet_bird_peers: + conflatorio: + rr_client: true + interface: tnet-confltrio hash: rr_client: true node1: diff --git a/tnet/templates/bird-tnet-pre.conf.j2 b/tnet/templates/bird-tnet-pre.conf.j2 index 383c050..e762cd5 100644 --- a/tnet/templates/bird-tnet-pre.conf.j2 +++ b/tnet/templates/bird-tnet-pre.conf.j2 @@ -1,9 +1,8 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; +define tnet = {{ ipam6.networks.tnet_dn42.range }}; -function is_tnet() # -> bool +function is_tnet(){{ " -> bool" if birdv >= 2015 }} { - return net ~ tnet && (net !~ tnet_router); + return net ~ tnet; } roa6 table dn42_roa; @@ -13,7 +12,7 @@ protocol static { include "/etc/bird/dn42_roa_bird2_6.conf"; }; -function dn42_is_valid_network() # -> bool +function dn42_is_valid_network(){{ " -> bool" if birdv >= 2015 }} { return net ~ [ fd00::/8{44,64} # ULA address space as per RFC 4193 diff --git a/tnet/templates/bird-tnet.conf.j2 b/tnet/templates/bird-tnet.conf.j2 index 49e9410..2ba456b 100644 --- a/tnet/templates/bird-tnet.conf.j2 +++ b/tnet/templates/bird-tnet.conf.j2 @@ -43,7 +43,11 @@ template bgp tnet_tpl { {% if policy == "tnet" %} protocol bgp tnet_{{ p }} from tnet_tpl { neighbor {{ hostvars[p].tnet_wg[inventory_hostname].address }}; +{% if peer.interface is defined %} + interface "{{ peer.interface }}"; +{% else %} interface "tnet-{{ p }}"; +{% endif %} {% if peer.rr_client|default(False) %} rr client; diff --git a/tnet/wg-links-link.yml b/tnet/wg-links-link.yml index 632024e..c1c520b 100644 --- a/tnet/wg-links-link.yml +++ b/tnet/wg-links-link.yml @@ -1,3 +1,12 @@ +- set_fact: + if_name: tnet-{{ item.value.if_name|default(item.key) }} + +#- debug: +# msg: | +# if_name {{ if_name }} +# item.value.if_name {{ item.value.if_name|default("NOT SET") }} +# item.key {{ item.key }} + - notify: systemctl restart systemd-networkd become: yes file: @@ -7,10 +16,8 @@ - name: "Make netdev for {{ inventory_hostname }} -> {{ item.key }}" notify: systemctl restart systemd-networkd become: yes - vars: - if_name: tnet-{{ item.if_name|default(item.key) }} copy: - dest: "/etc/systemd/network/50-tnet-{{ item.key }}.netdev" + dest: "/etc/systemd/network/50-{{ if_name }}.netdev" owner: systemd-network group: adm mode: 0640 @@ -44,12 +51,12 @@ notify: systemctl restart systemd-networkd become: yes copy: - dest: "/etc/systemd/network/50-tnet-{{ item.key }}.network" + dest: "/etc/systemd/network/50-{{ if_name }}.network" owner: systemd-network group: adm content: | [Match] - Name=tnet-{{ item.key }} + Name={{ if_name }} [Network] Address={{ item.value.address }}/64 -- cgit v1.2.3