Add possibility to use extra linux network table

4 years ago · 1a38e19965
parent 7a4fac2d8b
commit 1a38e19965
4 changed files with 30 additions and 3 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -20,6 +20,8 @@ dn42_pingfinder_location: "/usr/bin/dn42_pingfinder"
 dn42_pingfinder_uuid: ""
 dn42_pingfinder_logfile: "/dev/null"

+dn42_configure_linux_network_table: no
+
 dn42_peers:
  - name: "neighbour"
    as: "4242424242"
@ -30,4 +32,4 @@ dn42_peers:
      port: 42424
      endpoint: "example.com:2342"
      pubkey: "peers_public_key"
-      privkey: "your_private_key"
+      privkey: "your_private_key"
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -35,3 +35,14 @@
    - "ip a add {{ dn42_local_v6 }}/128 dev lo"
  notify: restart networking

+- name: Configure DN42 Table on loopback-interface
+  interfaces_file:
+    iface: "lo"
+    option: "post-up"
+    value: "{{ item }}"
+    state: present
+  with_items:
+    - "ip rule add table 42"
+    - "ip -6 rule add table 42"
+  when: dn42_configure_linux_network_table
+  notify: restart networking
--- a/templates/bird2/bird.conf.j2
+++ b/templates/bird2/bird.conf.j2
@ -15,6 +15,8 @@ define OWNNETSETv6 = [{{ dn42_local_subnet_v6 }}+];
 ################################################

 router id OWNIP;
+ipv4 table dn42_v4;
+ipv6 table dn42_v6;

 protocol device {
    scan time 10;
@ -71,6 +73,7 @@ protocol kernel {
    scan time 20;

    ipv6 {
+        table dn42_v6;
        import none;
        export filter {
            if source = RTS_STATIC then reject;
@ -78,12 +81,16 @@ protocol kernel {
            accept;
        };
    };
+    {% if dn42_configure_linux_network_table %}
+    kernel table 42;
+    {% endif %}
 };

 protocol kernel {
    scan time 20;

    ipv4 {
+        table dn42_v4;
        import none;
        export filter {
            if source = RTS_STATIC then reject;
@ -91,12 +98,16 @@ protocol kernel {
            accept;
        };
    };
+    {% if dn42_configure_linux_network_table %}
+    kernel table 42;
+    {% endif %}
 }

 protocol static {
    route OWNNET reject;

    ipv4 {
+        table dn42_v4;
        import all;
        export none;
    };
@ -106,6 +117,7 @@ protocol static {
    route OWNNETv6 reject;

    ipv6 {
+        table dn42_v6;
        import all;
        export none;
    };
@ -116,6 +128,7 @@ template bgp dnpeers {
    path metric 1;

    ipv4 {
+        table dn42_v4;
        import filter {
          if is_valid_network() && !is_self_net() then {
            {% if dn42_enable_roa %}
@ -134,6 +147,7 @@ template bgp dnpeers {
    };

    ipv6 {
+        table dn42_v6;
        import filter {
          if is_valid_network_v6() && !is_self_net_v6() then {
            {% if dn42_enable_roa %}
@ -197,4 +211,4 @@ template bgp dnpeers_v6 {
 }


-include "/etc/bird/peers/*";
+include "/etc/bird/peers/*";
--- a/templates/bird2/peer.conf.j2
+++ b/templates/bird2/peer.conf.j2
@ -12,4 +12,4 @@ protocol bgp {{ peer.name }}_v6 from dnpeers{% if not peer.multiprotocol is defi
  debug {{ peer.debug }};
 {% endif %}
 };
-{% endif %}
+{% endif %}