ansible-ffibk/roles/service-bird-ffrl/templates/ffrl_ipv6.conf.j2

80 lines
1.5 KiB
Text
Raw Normal View History

2017-09-11 23:49:11 +02:00
#
# {{ ansible_managed }}
#
# Variables
define ffrl_as = {{ as_public_ffrl }};
# Routing Table
table ffrl;
# Functions
function is_ffrl_public_nets() {
return net ~ [
2019-03-02 18:10:48 +01:00
{% for prefix in public_gw_prefixes %}
{{ prefix.ipv6 }}{48,56}{{ "," if not loop.last else "" }}
2017-09-11 23:49:11 +02:00
{% endfor %}
];
}
function is_ffrl_tunnel_nets() {
return net ~ [
{% for peer_id, peer_value in ffrl_exit_server.items() %}
2017-09-11 23:49:11 +02:00
{{ peer_value.tunnel_ipv6_network }}{{ "," if not loop.last else "" }}
{% endfor %}
];
}
# Filters
filter ebgp_ffrl_import_filter {
if is_default() then accept;
reject;
}
filter ebgp_ffrl_export_filter {
if is_ffrl_public_nets() then accept;
reject;
}
# Protocols
protocol static ffrl_public_routes {
table ffrl;
2019-03-02 18:10:48 +01:00
{% for prefix in public_prefixes %}
route {{ prefix.ipv6 }} reject;
2017-09-11 23:49:11 +02:00
{% endfor %}
2019-03-02 18:10:48 +01:00
{% for prefix in public_gw_prefixes %}
route {{ prefix.ipv6 }} reject;
2017-09-11 23:49:11 +02:00
{% endfor %}
}
protocol direct ffrl_tunnels {
table ffrl;
interface "ffrl-*";
import where is_ffrl_tunnel_nets();
}
protocol kernel kernel_ffrl {
scan time 30;
import none;
export filter {
if is_default() then accept;
reject;
};
table ffrl;
kernel table ipt_internet;
};
# Templates
template bgp ffrl_uplink {
table ffrl;
local as mwu_as;
import keep filtered;
import filter ebgp_ffrl_import_filter;
export filter ebgp_ffrl_export_filter;
next hop self;
direct;
};
# Include FFRL IPv4 peers
include "ffrl_ipv6_peers.con?";