From 2f32bd6c1e6da0a8c8988c9e503cf7fcb2585508 Mon Sep 17 00:00:00 2001 From: Tobias Hachmer Date: Tue, 3 Oct 2017 14:37:39 +0200 Subject: [PATCH] Restructure network interfaces in order to use ifupdown2 - rewrite interface templates for batman, fastd, ffrl and meshbridge - add package ethtool to role server-basic - use more ipaddr filters and get rid of unneeded variables in dict ffrl_exit_server - change ffrl_public_ipv4_nat variable to ip/prefix format - update readme files --- inventory/group_vars/all | 2 ++ roles/network-batman/handlers/main.yml | 6 +++--- roles/network-batman/tasks/main.yml | 9 ++------- roles/network-batman/templates/batman.j2 | 20 ++++++++----------- roles/network-batman/templates/dummy.j2 | 9 +++------ roles/network-batman/templates/sysfs.j2 | 4 ---- roles/network-fastd/handlers/main.yml | 5 +++++ roles/network-fastd/tasks/main.yml | 2 ++ .../templates/fastd-intragate.j2 | 8 +++----- roles/network-fastd/templates/fastd-mesh.j2 | 8 +++----- roles/network-ffrl/README.md | 18 ----------------- roles/network-ffrl/handlers/main.yml | 5 +++++ roles/network-ffrl/tasks/main.yml | 1 + roles/network-ffrl/templates/ffrl.j2 | 20 +++++++++---------- roles/network-iptables-gateway/README.md | 2 +- .../templates/rules.v4.j2 | 2 +- roles/network-meshbridge/handlers/main.yml | 5 +++++ roles/network-meshbridge/tasks/main.yml | 1 + roles/network-meshbridge/templates/bridge.j2 | 17 +++++----------- roles/server-basic/vars/main.yml | 1 + roles/service-bird-ffrl/README.md | 20 +------------------ .../templates/ffrl_ipv4.conf.j2 | 6 +++--- .../templates/ffrl_ipv4_peers.conf.j2 | 4 ++-- .../templates/fastd-intragate.conf.j2 | 14 +++++++++++++ .../templates/fastd-mesh.conf.j2 | 14 +++++++++++++ roles/service-rclocal/README.md | 2 +- roles/service-rclocal/templates/rc.local.j2 | 4 ++-- 27 files changed, 98 insertions(+), 111 deletions(-) delete mode 100644 roles/network-batman/templates/sysfs.j2 create mode 100644 roles/network-fastd/handlers/main.yml create mode 100644 roles/network-ffrl/handlers/main.yml diff --git a/inventory/group_vars/all b/inventory/group_vars/all index 94a0b71..d6edaf7 100644 --- a/inventory/group_vars/all +++ b/inventory/group_vars/all @@ -35,6 +35,7 @@ meshes: gw: server 96mbit/96mbit mm: 0 dat: 0 + hop_penalty: 60 iface_mtu: 1350 peers_mesh_repo: https://github.com/freifunk-mwu/peers-ffmz.git peers_intragate_repo: https://github.com/freifunk-mwu/ffmz-infrastructure-peers.git @@ -66,6 +67,7 @@ meshes: gw: server 96mbit/96mbit mm: 0 dat: 0 + hop_penalty: 60 iface_mtu: 1350 peers_mesh_repo: https://github.com/freifunk-mwu/peers-ffwi.git peers_intragate_repo: https://github.com/freifunk-mwu/ffwi-infrastructure-peers.git diff --git a/roles/network-batman/handlers/main.yml b/roles/network-batman/handlers/main.yml index 6eb2fa0..191d07d 100644 --- a/roles/network-batman/handlers/main.yml +++ b/roles/network-batman/handlers/main.yml @@ -1,5 +1,5 @@ --- -- name: activate sysfs variables +- name: reload network interfaces systemd: - name: sysfsutils - state: restarted + name: networking + state: reloaded diff --git a/roles/network-batman/tasks/main.yml b/roles/network-batman/tasks/main.yml index 9e181cb..d4e065e 100644 --- a/roles/network-batman/tasks/main.yml +++ b/roles/network-batman/tasks/main.yml @@ -3,17 +3,12 @@ template: src: dummy.j2 dest: "/etc/network/interfaces.d/{{ item.key }}0" + notify: reload network interfaces with_dict: "{{ meshes }}" - name: create batman interfaces template: src: batman.j2 dest: "/etc/network/interfaces.d/{{ item.key }}BAT" + notify: reload network interfaces with_dict: "{{ meshes }}" - -- name: set sysfs variables - template: - src: sysfs.j2 - dest: "/etc/sysfs.d/99-{{ item.key }}BAT.conf" - with_dict: "{{ meshes }}" - notify: activate sysfs variables diff --git a/roles/network-batman/templates/batman.j2 b/roles/network-batman/templates/batman.j2 index 4a21e56..b907e87 100644 --- a/roles/network-batman/templates/batman.j2 +++ b/roles/network-batman/templates/batman.j2 @@ -4,15 +4,11 @@ # {{ ansible_managed }} # auto {{ item.key }}BAT -iface {{ item.key }}BAT inet manual - pre-up /sbin/ip link add name $IFACE type batadv - pre-up /sbin/ip link set address {{ mac | hwaddr('linux') }} dev $IFACE - pre-up /sbin/ip link set dev {{ item.key }}0 master $IFACE - pre-up /sbin/ip link set up dev $IFACE - post-up /sbin/ip addr flush dev $IFACE - post-up /usr/sbin/batctl -m $IFACE it {{ item.value.batman.it }} - post-up /usr/sbin/batctl -m $IFACE gw {{ item.value.batman.gw }} - post-up /usr/sbin/batctl -m $IFACE mm {{ item.value.batman.mm }} - post-up /usr/sbin/batctl -m $IFACE dat {{ item.value.batman.dat }} - post-down /sbin/ip link set dev {{ item.key }}0 nomaster - post-down /sbin/ip link delete $IFACE 2>&1 || true +iface {{ item.key }}BAT + hwaddress {{ mac | hwaddr('linux') }} + batman-ifaces {{ item.key }}0 {{ item.key }}VPN {{ item.key }}igVPN + batman-hop-penalty {{ item.value.batman.hop_penalty }} + post-up /usr/sbin/batctl -m $IFACE it {{ item.value.batman.it }} + post-up /usr/sbin/batctl -m $IFACE gw {{ item.value.batman.gw }} + post-up /usr/sbin/batctl -m $IFACE mm {{ item.value.batman.mm }} + post-up /usr/sbin/batctl -m $IFACE dat {{ item.value.batman.dat }} diff --git a/roles/network-batman/templates/dummy.j2 b/roles/network-batman/templates/dummy.j2 index 6427cf2..6c6af99 100644 --- a/roles/network-batman/templates/dummy.j2 +++ b/roles/network-batman/templates/dummy.j2 @@ -4,9 +4,6 @@ # {{ ansible_managed }} # auto {{ item.key }}0 -iface {{ item.key }}0 inet manual - pre-up /sbin/ip link add $IFACE type dummy - pre-up /sbin/ip link set address {{ mac | hwaddr('linux') }} dev $IFACE - pre-up /sbin/ip link set up dev $IFACE - post-up /sbin/ip addr flush dev $IFACE - post-down /sbin/ip link delete $IFACE 2>&1 || true +iface {{ item.key }}0 + link-type dummy + hwaddress {{ mac | hwaddr('linux') }} diff --git a/roles/network-batman/templates/sysfs.j2 b/roles/network-batman/templates/sysfs.j2 deleted file mode 100644 index 63aeea6..0000000 --- a/roles/network-batman/templates/sysfs.j2 +++ /dev/null @@ -1,4 +0,0 @@ -# -# {{ ansible_managed }} -# -class/net/{{ item.key }}BAT/mesh/hop_penalty = 60 diff --git a/roles/network-fastd/handlers/main.yml b/roles/network-fastd/handlers/main.yml new file mode 100644 index 0000000..191d07d --- /dev/null +++ b/roles/network-fastd/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: reload network interfaces + systemd: + name: networking + state: reloaded diff --git a/roles/network-fastd/tasks/main.yml b/roles/network-fastd/tasks/main.yml index 978d76d..d1b2ab5 100644 --- a/roles/network-fastd/tasks/main.yml +++ b/roles/network-fastd/tasks/main.yml @@ -3,10 +3,12 @@ template: src: fastd-mesh.j2 dest: "/etc/network/interfaces.d/{{ item.key }}VPN" + notify: reload network interfaces with_dict: "{{ meshes }}" - name: create fastd intragate interfaces template: src: fastd-intragate.j2 dest: "/etc/network/interfaces.d/{{ item.key }}igVPN" + notify: reload network interfaces with_dict: "{{ meshes }}" diff --git a/roles/network-fastd/templates/fastd-intragate.j2 b/roles/network-fastd/templates/fastd-intragate.j2 index f9d105b..838ddc5 100644 --- a/roles/network-fastd/templates/fastd-intragate.j2 +++ b/roles/network-fastd/templates/fastd-intragate.j2 @@ -3,8 +3,6 @@ # # {{ ansible_managed }} # -allow-hotplug {{ item.key }}igVPN -iface {{ item.key }}igVPN inet manual - pre-up /sbin/ip link set address {{ mac | hwaddr('linux') }} dev $IFACE - post-up /sbin/ip link set dev $IFACE up - post-up /sbin/ip link set dev $IFACE master {{ item.key }}BAT +auto {{ item.key }}igVPN +iface {{ item.key }}igVPN + hwaddress {{ mac | hwaddr('linux') }} diff --git a/roles/network-fastd/templates/fastd-mesh.j2 b/roles/network-fastd/templates/fastd-mesh.j2 index cc64fcb..1a41329 100644 --- a/roles/network-fastd/templates/fastd-mesh.j2 +++ b/roles/network-fastd/templates/fastd-mesh.j2 @@ -3,8 +3,6 @@ # # {{ ansible_managed }} # -allow-hotplug {{ item.key }}VPN -iface {{ item.key }}VPN inet manual - pre-up /sbin/ip link set address {{ mac | hwaddr('linux') }} dev $IFACE - post-up /sbin/ip link set dev $IFACE up - post-up /sbin/ip link set dev $IFACE master {{ item.key }}BAT +auto {{ item.key }}VPN +iface {{ item.key }}VPN + hwaddress {{ mac | hwaddr('linux') }} diff --git a/roles/network-ffrl/README.md b/roles/network-ffrl/README.md index c19e007..4ba787e 100644 --- a/roles/network-ffrl/README.md +++ b/roles/network-ffrl/README.md @@ -9,43 +9,25 @@ ffrl_exit_server: ffrl-a-ak-ber: public_ipv4_address: 185.66.195.0 tunnel_ipv4_network: # IPv4 Tunnel Transfernetz - tunnel_ipv4_address: # Eigene Tunnel IPv4 Adresse - tunnel_ipv4_netmask: 255.255.255.254 tunnel_ipv6_network: # IPv6 Tunnel Transfernetz - tunnel_ipv6_netmask: 64 ffrl-b-ak-ber: public_ipv4_address: 185.66.195.1 tunnel_ipv4_network: - tunnel_ipv4_address: - tunnel_ipv4_netmask: 255.255.255.254 tunnel_ipv6_network: - tunnel_ipv6_netmask: 64 ffrl-a-ix-dus: public_ipv4_address: 185.66.193.0 tunnel_ipv4_network: - tunnel_ipv4_address: - tunnel_ipv4_netmask: 255.255.255.254 tunnel_ipv6_network: - tunnel_ipv6_netmask: 64 ffrl-b-ix-dus: public_ipv4_address: 185.66.193.1 tunnel_ipv4_network: - tunnel_ipv4_address: - tunnel_ipv4_netmask: 255.255.255.254 tunnel_ipv6_network: - tunnel_ipv6_netmask: 64 ffrl-a-fra2-fra: public_ipv4_address: 185.66.194.0 tunnel_ipv4_network: - tunnel_ipv4_address: - tunnel_ipv4_netmask: 255.255.255.254 tunnel_ipv6_network: - tunnel_ipv6_netmask: 64 ffrl-b-fra2-fra: public_ipv4_address: 185.66.194.1 tunnel_ipv4_network: - tunnel_ipv4_address: - tunnel_ipv4_netmask: 255.255.255.254 tunnel_ipv6_network: - tunnel_ipv6_netmask: 64 ´´´ diff --git a/roles/network-ffrl/handlers/main.yml b/roles/network-ffrl/handlers/main.yml new file mode 100644 index 0000000..191d07d --- /dev/null +++ b/roles/network-ffrl/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: reload network interfaces + systemd: + name: networking + state: reloaded diff --git a/roles/network-ffrl/tasks/main.yml b/roles/network-ffrl/tasks/main.yml index 13c7fd0..6a0050b 100644 --- a/roles/network-ffrl/tasks/main.yml +++ b/roles/network-ffrl/tasks/main.yml @@ -3,4 +3,5 @@ template: src: ffrl.j2 dest: "/etc/network/interfaces.d/{{ item.key }}" + notify: reload network interfaces with_dict: "{{ ffrl_exit_server }}" diff --git a/roles/network-ffrl/templates/ffrl.j2 b/roles/network-ffrl/templates/ffrl.j2 index 2dddfc0..4dbc6f1 100644 --- a/roles/network-ffrl/templates/ffrl.j2 +++ b/roles/network-ffrl/templates/ffrl.j2 @@ -2,15 +2,15 @@ # {{ ansible_managed }} # auto {{ item.key }} -iface {{ item.key }} inet static - address {{ item.value.tunnel_ipv4_address }} - netmask {{ item.value.tunnel_ipv4_netmask }} - pre-up /sbin/ip tunnel add $IFACE mode gre local {{ ansible_default_ipv4.address | ipaddr('public') }} remote {{ item.value.public_ipv4_address | ipaddr('public') }} ttl 255 - post-up /sbin/ip link set $IFACE mtu 1400 - post-up /sbin/ip addr add {{ ffrl_public_ipv4_nat }}/32 dev $IFACE - post-down /sbin/ip tunnel del $IFACE +iface {{ item.key }} inet tunnel + mode gre + local {{ ansible_default_ipv4.address | ipaddr('public') | ipaddr('address') }} + endpoint {{ item.value.public_ipv4_address | ipaddr('public') | ipaddr('address') }} -iface {{ item.key }} inet6 static - address {{ item.value.tunnel_ipv6_network | ipaddr('net') | ipaddr('2') | ipaddr('address') }} - netmask {{ item.value.tunnel_ipv6_netmask }} + ttl 64 + mtu 1400 + tunnel-physdev {{ ansible_default_ipv4.interface }} + address {{ item.value.tunnel_ipv4_network | ipaddr('net') | ipaddr('1') | ipaddr('address') }}/{{ item.value.tunnel_ipv4_network | ipaddr('net') | ipaddr('prefix') }} + address {{ item.value.tunnel_ipv6_network | ipaddr('net') | ipaddr('2') | ipaddr('address') }}/{{ item.value.tunnel_ipv6_network | ipaddr('net') | ipaddr('prefix') }} + address {{ ffrl_public_ipv4_nat | ipaddr('address') }}/{{ ffrl_public_ipv4_nat | ipaddr('prefix') }} diff --git a/roles/network-iptables-gateway/README.md b/roles/network-iptables-gateway/README.md index 75cc545..3809044 100644 --- a/roles/network-iptables-gateway/README.md +++ b/roles/network-iptables-gateway/README.md @@ -26,4 +26,4 @@ meshes: ´´´ - Variable `internet_exit_mtu_ipv4` - Variable `internet_exit_mtu_ipv6` -- Host Variable `ffrl_public_ipv4_nat` +- Host Variable `ffrl_public_ipv4_nat` # Format ip-adresse/prefix diff --git a/roles/network-iptables-gateway/templates/rules.v4.j2 b/roles/network-iptables-gateway/templates/rules.v4.j2 index b3f0cce..f348113 100644 --- a/roles/network-iptables-gateway/templates/rules.v4.j2 +++ b/roles/network-iptables-gateway/templates/rules.v4.j2 @@ -34,5 +34,5 @@ COMMIT {% for mesh_id, mesh_value in meshes.iteritems() %} -A POSTROUTING -s {{ mesh_value.ipv4_network | ipaddr('private') | ipaddr('net') }} -o ffrl+ -j ffrl-nat {% endfor %} --A ffrl-nat -o ffrl+ -j SNAT --to-source {{ ffrl_public_ipv4_nat }} +-A ffrl-nat -o ffrl+ -j SNAT --to-source {{ ffrl_public_ipv4_nat | ipaddr('address') }} COMMIT diff --git a/roles/network-meshbridge/handlers/main.yml b/roles/network-meshbridge/handlers/main.yml index 6eb2fa0..a07c6fa 100644 --- a/roles/network-meshbridge/handlers/main.yml +++ b/roles/network-meshbridge/handlers/main.yml @@ -3,3 +3,8 @@ systemd: name: sysfsutils state: restarted + +- name: reload network interfaces + systemd: + name: networking + state: reloaded diff --git a/roles/network-meshbridge/tasks/main.yml b/roles/network-meshbridge/tasks/main.yml index 3b360e3..a8717c5 100644 --- a/roles/network-meshbridge/tasks/main.yml +++ b/roles/network-meshbridge/tasks/main.yml @@ -3,6 +3,7 @@ template: src: bridge.j2 dest: "/etc/network/interfaces.d/{{ item.key }}BR" + notify: reload network interfaces with_dict: "{{ meshes }}" - name: set sysfs variables diff --git a/roles/network-meshbridge/templates/bridge.j2 b/roles/network-meshbridge/templates/bridge.j2 index 7a81040..b3f47ec 100644 --- a/roles/network-meshbridge/templates/bridge.j2 +++ b/roles/network-meshbridge/templates/bridge.j2 @@ -4,19 +4,12 @@ # {{ ansible_managed }} # auto {{ item.key }}BR -iface {{ item.key }}BR inet manual - address {{ item.value.ipv4_network | ipaddr('net') | ipaddr(magic) | ipaddr('address') }} - network {{ item.value.ipv4_network | ipaddr('net') | ipaddr(magic) | ipaddr('network') }} - netmask {{ item.value.ipv4_network | ipaddr('net') | ipaddr(magic) | ipaddr('netmask') }} - broadcast {{ item.value.ipv4_network | ipaddr('net') | ipaddr(magic) | ipaddr('broadcast') }} - pre-up /sbin/ip link add name $IFACE type bridge - pre-up /sbin/ip link set address {{ mac | hwaddr('linux') }} dev $IFACE - pre-up /sbin/ip link set dev {{ item.key }}BAT master $IFACE - pre-up /sbin/ip link set up dev $IFACE +iface {{ item.key }}BR + hwaddress {{ mac | hwaddr('linux') }} + address {{ item.value.ipv4_network | ipaddr('net') | ipaddr(magic) | ipaddr('address') }}/{{ item.value.ipv4_network | ipaddr('net') | ipaddr('prefix') }} {% for ip_type, ip_list in item.value.ipv6.iteritems() %} {% for ip in ip_list %} - up /sbin/ip address add {{ ip | ipaddr('net') | ipsubnet(64, 0) | ipaddr(magic) }} dev $IFACE + address {{ ip | ipaddr('net') | ipsubnet(64, 0) | ipaddr(magic) | ipaddr('address') }}/{{ ip | ipaddr('net') | ipsubnet(64, 0) | ipaddr('prefix') }} {% endfor %} {% endfor %} - post-down /sbin/ip link set dev {{ item.key }}BAT nomaster - post-down /sbin/ip link delete $IFACE 2>&1 || true + bridge-ports {{ item.key }}BAT diff --git a/roles/server-basic/vars/main.yml b/roles/server-basic/vars/main.yml index ea015d5..68bc696 100644 --- a/roles/server-basic/vars/main.yml +++ b/roles/server-basic/vars/main.yml @@ -2,6 +2,7 @@ packages: - apt-transport-https - bridge-utils + - ethtool - ifupdown2 - man-db - mlocate diff --git a/roles/service-bird-ffrl/README.md b/roles/service-bird-ffrl/README.md index 5bed19b..63cd910 100644 --- a/roles/service-bird-ffrl/README.md +++ b/roles/service-bird-ffrl/README.md @@ -23,47 +23,29 @@ ffrl_exit_server: ffrl-a-ak-ber: public_ipv4_address: 185.66.195.0 tunnel_ipv4_network: # Tunnel-Netzwerk in CIDR - tunnel_ipv4_address: # Eigene Tunnel IPv4 Adresse - tunnel_ipv4_netmask: 255.255.255.254 tunnel_ipv6_network: # IPv6 Transfernetz - tunnel_ipv6_netmask: 64 ffrl-b-ak-ber: public_ipv4_address: 185.66.195.1 tunnel_ipv4_network: - tunnel_ipv4_address: - tunnel_ipv4_netmask: 255.255.255.254 tunnel_ipv6_network: - tunnel_ipv6_netmask: 64 ffrl-a-ix-dus: public_ipv4_address: 185.66.193.0 tunnel_ipv4_network: - tunnel_ipv4_address: - tunnel_ipv4_netmask: 255.255.255.254 tunnel_ipv6_network: - tunnel_ipv6_netmask: 64 ffrl-b-ix-dus: public_ipv4_address: 185.66.193.1 tunnel_ipv4_network: - tunnel_ipv4_address: - tunnel_ipv4_netmask: 255.255.255.254 tunnel_ipv6_network: - tunnel_ipv6_netmask: 64 ffrl-a-fra2-fra: public_ipv4_address: 185.66.194.0 tunnel_ipv4_network: - tunnel_ipv4_address: - tunnel_ipv4_netmask: 255.255.255.254 tunnel_ipv6_network: - tunnel_ipv6_netmask: 64 ffrl-b-fra2-fra: public_ipv4_address: 185.66.194.1 tunnel_ipv4_network: - tunnel_ipv4_address: - tunnel_ipv4_netmask: 255.255.255.254 tunnel_ipv6_network: - tunnel_ipv6_netmask: 64 ´´´ -- Host Variable `ffrl_public_ipv4_nat` # IPv4 NAT Adresse für das Gateway +- Host Variable `ffrl_public_ipv4_nat` # Format ip-adresse/prefix - Host Variable `magic` ## Benötigte roles diff --git a/roles/service-bird-ffrl/templates/ffrl_ipv4.conf.j2 b/roles/service-bird-ffrl/templates/ffrl_ipv4.conf.j2 index ba7c5b3..66d8fd8 100644 --- a/roles/service-bird-ffrl/templates/ffrl_ipv4.conf.j2 +++ b/roles/service-bird-ffrl/templates/ffrl_ipv4.conf.j2 @@ -4,7 +4,7 @@ # Variables define ffrl_as = {{ as_public_ffrl }}; -define ffrl_nat_address = {{ ffrl_public_ipv4_nat }}; +define ffrl_nat_address = {{ ffrl_public_ipv4_nat | ipaddr('address') }}; # Routing Table table ffrl; @@ -12,7 +12,7 @@ table ffrl; # Functions function is_ffrl_nat() { return net ~ [ - {{ ffrl_public_ipv4_nat }} + {{ ffrl_public_ipv4_nat | ipaddr('address') }}/{{ ffrl_public_ipv4_nat | ipaddr('prefix') }} ]; } @@ -38,7 +38,7 @@ filter ebgp_ffrl_export_filter { # Protocols protocol static ffrl_uplink_hostroute { table ffrl; - route {{ ffrl_public_ipv4_nat }}/32 reject; + route {{ ffrl_public_ipv4_nat | ipaddr('address') }}/{{ ffrl_public_ipv4_nat | ipaddr('prefix') }} reject; } protocol direct ffrl_tunnels { diff --git a/roles/service-bird-ffrl/templates/ffrl_ipv4_peers.conf.j2 b/roles/service-bird-ffrl/templates/ffrl_ipv4_peers.conf.j2 index d646e33..5f6f1fb 100644 --- a/roles/service-bird-ffrl/templates/ffrl_ipv4_peers.conf.j2 +++ b/roles/service-bird-ffrl/templates/ffrl_ipv4_peers.conf.j2 @@ -4,8 +4,8 @@ {% for peer_id, peer_value in ffrl_exit_server.iteritems() %} protocol bgp '{{ peer_id }}' from ffrl_uplink { - source address {{ peer_value.tunnel_ipv4_address | ipaddr('address') }}; - neighbor {{ peer_value.tunnel_ipv4_network | ipaddr('address') }} as ffrl_as; + source address {{ peer_value.tunnel_ipv4_network | ipaddr('net') | ipaddr('1') | ipaddr('address') }}; + neighbor {{ peer_value.tunnel_ipv4_network | ipaddr('net') | ipaddr('address') }} as ffrl_as; }; {% if not loop.last %} diff --git a/roles/service-fastd-intragate/templates/fastd-intragate.conf.j2 b/roles/service-fastd-intragate/templates/fastd-intragate.conf.j2 index 7f84c1c..d9e435d 100644 --- a/roles/service-fastd-intragate/templates/fastd-intragate.conf.j2 +++ b/roles/service-fastd-intragate/templates/fastd-intragate.conf.j2 @@ -1,3 +1,5 @@ +{% set ip4hex = item.value.ipv4_network | ipaddr('net') | ipaddr(magic) | ipaddr('address') | ip4_hex() -%} +{% set mac = '0212' + ip4hex -%} # # {{ ansible_managed }} # @@ -20,4 +22,16 @@ peer group "servers" { include peers from "peers/services"; } +on up " + ip link set $INTERFACE down + ip link set address {{ mac }} dev $INTERFACE + ip link set $INTERFACE up + + batctl -m {{ item.key }}BAT if add $INTERFACE +"; + +on down " + batctl -m {{ item.key }}BAT if del $INTERFACE +"; + status socket "/var/run/fastd-{{ item.key }}ig.status"; diff --git a/roles/service-fastd-mesh/templates/fastd-mesh.conf.j2 b/roles/service-fastd-mesh/templates/fastd-mesh.conf.j2 index eb81c7b..33d919c 100644 --- a/roles/service-fastd-mesh/templates/fastd-mesh.conf.j2 +++ b/roles/service-fastd-mesh/templates/fastd-mesh.conf.j2 @@ -1,3 +1,5 @@ +{% set ip4hex = item.value.ipv4_network | ipaddr('net') | ipaddr(magic) | ipaddr('address') | ip4_hex() -%} +{% set mac = '0211' + ip4hex -%} # # {{ ansible_managed }} # @@ -27,4 +29,16 @@ peer group "servers" { include peers from "peers/servers"; } +on up " + ip link set $INTERFACE down + ip link set address {{ mac }} dev $INTERFACE + ip link set $INTERFACE up + + batctl -m {{ item.key }}BAT if add $INTERFACE +"; + +on down " + batctl -m {{ item.key }}BAT if del $INTERFACE +"; + status socket "/var/run/fastd-{{ item.key }}.status"; diff --git a/roles/service-rclocal/README.md b/roles/service-rclocal/README.md index bc3d228..5725ae6 100644 --- a/roles/service-rclocal/README.md +++ b/roles/service-rclocal/README.md @@ -22,5 +22,5 @@ meshes: iface_mtu: # integer ´´´ - Host Variable `magic` -- Host Variable `ffrl_public_ipv4_nat` +- Host Variable `ffrl_public_ipv4_nat` # Format ip-adresse/prefix - Host Dictionary `ffrl_exit_server` diff --git a/roles/service-rclocal/templates/rc.local.j2 b/roles/service-rclocal/templates/rc.local.j2 index 797a2fa..144e106 100644 --- a/roles/service-rclocal/templates/rc.local.j2 +++ b/roles/service-rclocal/templates/rc.local.j2 @@ -64,8 +64,8 @@ ip -6 rule add to {{ public }} lookup internet priority 41 {% endfor %} ip -6 rule add from all oif {{ key }}BR lookup internet priority 41 {% endfor %} -ip -4 rule add from {{ ffrl_public_ipv4_nat }}/32 lookup internet priority 41 -ip -4 rule add to {{ ffrl_public_ipv4_nat }}/32 lookup internet priority 41 +ip -4 rule add from {{ ffrl_public_ipv4_nat | ipaddr('address') }}/{{ ffrl_public_ipv4_nat | ipaddr('prefix') }} lookup internet priority 41 +ip -4 rule add to {{ ffrl_public_ipv4_nat | ipaddr('address') }}/{{ ffrl_public_ipv4_nat | ipaddr('prefix') }} lookup internet priority 41 # Priority 61 - at this point this is the end of policy routing for freifunk related routes {% for key, value in meshes.iteritems() %}