diff options
Diffstat (limited to 'roles/setup_ffrl_tunnel/templates')
-rw-r--r-- | roles/setup_ffrl_tunnel/templates/bird.conf | 24 | ||||
-rw-r--r-- | roles/setup_ffrl_tunnel/templates/netctl | 4 |
2 files changed, 28 insertions, 0 deletions
diff --git a/roles/setup_ffrl_tunnel/templates/bird.conf b/roles/setup_ffrl_tunnel/templates/bird.conf index c609a5b..7e3db92 100644 --- a/roles/setup_ffrl_tunnel/templates/bird.conf +++ b/roles/setup_ffrl_tunnel/templates/bird.conf @@ -3,21 +3,31 @@ timeformat protocol iso long; #log "bird.log" all; # debug protocols all; +{% if ffrl_ip4 is defined %} define ffrl_nat_address = {{ ffrl_ip4 }}; +{% endif %} define ffmyk_as = 65032; # private AS of ffmyk define ffrl_as = 201701; # public AS of rheinland +{% if ffrl_ip4 is defined %} router id ffrl_nat_address; +{% else %} +router id {{ ffrl_router_id }}; +{% endif %} +{% if ffrl_ip4 is defined %} ipv4 table ffrl4; +{% endif %} ipv6 table ffrl6; +{% if ffrl_ip4 is defined %} function is_default4() { return net ~ [ 0.0.0.0/0 ]; } +{% endif %} function is_default6() { return net ~ [ @@ -25,11 +35,13 @@ function is_default6() { ]; } +{% if ffrl_ip4 is defined %} function is_ffrl_nat4() { return net ~ [ {{ ffrl_ip4 }}/32 ]; } +{% endif %} function is_ffrl_public_nets6() { return net ~ [ @@ -37,11 +49,13 @@ function is_ffrl_public_nets6() { ]; } +{% if ffrl_ip4 is defined %} function is_ffrl_tunnel_nets4() { return net ~ [ 100.64.0.0/10 ]; } +{% endif %} function is_ffrl_tunnel_nets6() { return net ~ [ @@ -49,6 +63,7 @@ function is_ffrl_tunnel_nets6() { ]; } +{% if ffrl_ip4 is defined %} # BGP Import Filter für Rheinland filter ebgp_ffrl_import_filter4 { if is_default4() then accept; @@ -60,6 +75,7 @@ filter ebgp_ffrl_export_filter4 { if is_ffrl_nat4() then accept; reject; } +{% endif %} filter ebgp_ffrl_import_filter6 { if is_default6() then accept; @@ -75,11 +91,13 @@ protocol device { scan time 10; } +{% if ffrl_ip4 is defined %} # IP-NAT-Adresse legen wir in die interne BIRD Routing Table protocol static ffrl_uplink_hostroute4 { ipv4 { table ffrl4; }; route {{ ffrl_ip4 }}/32 reject; } +{% endif %} protocol static ffrl_public_routes6 { ipv6 { table ffrl6; }; @@ -95,6 +113,7 @@ protocol static ffrl_public_routes6 { # import where is_ffrl_tunnel_nets4(); #} +{% if ffrl_ip4 is defined %} # Wir exportieren über Rheinland gelernte Routen in die Kernel Table 47 (ffrl) protocol kernel kernel_ffrl4 { scan time 30; @@ -108,6 +127,7 @@ protocol kernel kernel_ffrl4 { }; kernel table 42; }; +{% endif %} protocol kernel kernel_ffrl6 { scan time 30; @@ -122,6 +142,7 @@ protocol kernel kernel_ffrl6 { kernel table 42; }; +{% if ffrl_ip4 is defined %} # BGP Template für Rheinland Peerings template bgp ffrl_uplink4 { local as ffmyk_as; @@ -134,6 +155,7 @@ template bgp ffrl_uplink4 { }; direct; }; +{% endif %} template bgp ffrl_uplink6 { local as ffmyk_as; @@ -148,10 +170,12 @@ template bgp ffrl_uplink6 { }; {% for peer in ffrl_peers %} +{% if ffrl_ip4 is defined %} protocol bgp ffrl_{{ peer.name }}4 from ffrl_uplink4 { source address {{ peer.ip4 }}; neighbor {{ peer.peer_ip4 }} as 201701; }; +{% endif %} protocol bgp ffrl_{{ peer.name }}6 from ffrl_uplink6 { source address {{ peer.ip6 }}; diff --git a/roles/setup_ffrl_tunnel/templates/netctl b/roles/setup_ffrl_tunnel/templates/netctl index 98e8af4..65bbd7c 100644 --- a/roles/setup_ffrl_tunnel/templates/netctl +++ b/roles/setup_ffrl_tunnel/templates/netctl @@ -8,7 +8,11 @@ Remote={{ item.remote }} ExecUpPost="/usr/bin/ip link set dev {{ item.name }} mtu 1400; /usr/bin/ip tunnel change {{ item.name }} ttl 64" IP=static +{% if ffrl_ip4 is defined %} Address=('{{ item.ip4 }}/31' '{{ ffrl_ip4 }}/32') +{% else %} +Address=('{{ item.ip4 }}/31') +{% endif %} IP6=static Address6=('{{ item.ip6 }}/64') |