From 1a38e199655f719c1cf68c48560b3312126e6749 Mon Sep 17 00:00:00 2001 From: Leo Maroni Date: Wed, 24 Jun 2020 15:57:44 +0200 Subject: [PATCH] Add possibility to use extra linux network table --- defaults/main.yml | 4 +++- tasks/main.yml | 11 +++++++++++ templates/bird2/bird.conf.j2 | 16 +++++++++++++++- templates/bird2/peer.conf.j2 | 2 +- 4 files changed, 30 insertions(+), 3 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 61eb7c9..2258c15 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -20,6 +20,8 @@ dn42_pingfinder_location: "/usr/bin/dn42_pingfinder" dn42_pingfinder_uuid: "" dn42_pingfinder_logfile: "/dev/null" +dn42_configure_linux_network_table: no + dn42_peers: - name: "neighbour" as: "4242424242" @@ -30,4 +32,4 @@ dn42_peers: port: 42424 endpoint: "example.com:2342" pubkey: "peers_public_key" - privkey: "your_private_key" \ No newline at end of file + privkey: "your_private_key" diff --git a/tasks/main.yml b/tasks/main.yml index 9dc47f4..6886c40 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -35,3 +35,14 @@ - "ip a add {{ dn42_local_v6 }}/128 dev lo" notify: restart networking +- name: Configure DN42 Table on loopback-interface + interfaces_file: + iface: "lo" + option: "post-up" + value: "{{ item }}" + state: present + with_items: + - "ip rule add table 42" + - "ip -6 rule add table 42" + when: dn42_configure_linux_network_table + notify: restart networking diff --git a/templates/bird2/bird.conf.j2 b/templates/bird2/bird.conf.j2 index 6869b07..4179563 100644 --- a/templates/bird2/bird.conf.j2 +++ b/templates/bird2/bird.conf.j2 @@ -15,6 +15,8 @@ define OWNNETSETv6 = [{{ dn42_local_subnet_v6 }}+]; ################################################ router id OWNIP; +ipv4 table dn42_v4; +ipv6 table dn42_v6; protocol device { scan time 10; @@ -71,6 +73,7 @@ protocol kernel { scan time 20; ipv6 { + table dn42_v6; import none; export filter { if source = RTS_STATIC then reject; @@ -78,12 +81,16 @@ protocol kernel { accept; }; }; + {% if dn42_configure_linux_network_table %} + kernel table 42; + {% endif %} }; protocol kernel { scan time 20; ipv4 { + table dn42_v4; import none; export filter { if source = RTS_STATIC then reject; @@ -91,12 +98,16 @@ protocol kernel { accept; }; }; + {% if dn42_configure_linux_network_table %} + kernel table 42; + {% endif %} } protocol static { route OWNNET reject; ipv4 { + table dn42_v4; import all; export none; }; @@ -106,6 +117,7 @@ protocol static { route OWNNETv6 reject; ipv6 { + table dn42_v6; import all; export none; }; @@ -116,6 +128,7 @@ template bgp dnpeers { path metric 1; ipv4 { + table dn42_v4; import filter { if is_valid_network() && !is_self_net() then { {% if dn42_enable_roa %} @@ -134,6 +147,7 @@ template bgp dnpeers { }; ipv6 { + table dn42_v6; import filter { if is_valid_network_v6() && !is_self_net_v6() then { {% if dn42_enable_roa %} @@ -197,4 +211,4 @@ template bgp dnpeers_v6 { } -include "/etc/bird/peers/*"; \ No newline at end of file +include "/etc/bird/peers/*"; diff --git a/templates/bird2/peer.conf.j2 b/templates/bird2/peer.conf.j2 index 3cf289e..6b98147 100644 --- a/templates/bird2/peer.conf.j2 +++ b/templates/bird2/peer.conf.j2 @@ -12,4 +12,4 @@ protocol bgp {{ peer.name }}_v6 from dnpeers{% if not peer.multiprotocol is defi debug {{ peer.debug }}; {% endif %} }; -{% endif %} \ No newline at end of file +{% endif %}