freifunk/ansible-ffibk
9
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Role service-bird: export anycast address on gateway, import anycast+loopback on other servers

Browse source
This commit is contained in:
Tobias Hachmer 2018-11-30 18:18:25 +01:00
parent 2100842bcb
commit 38399e5b7a
No known key found for this signature in database
GPG key ID: E112788464CA5C60
2 changed files with 12 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
roles/service-bird/templates/bird.conf.j2
View file

@ -98,7 +98,11 @@ protocol kernel kernel_mwu {
scan time 30; scan time 30;
import none; import none;
export filter { export filter {
{% if ffmwu_server_type == "gateway" %}
if is_mwu_anycast() then reject; if is_mwu_anycast() then reject;
{% else %}
if is_mwu_anycast() then accept;
{% endif %}
if is_mwu_loopback() then accept; if is_mwu_loopback() then accept;
reject; reject;
}; };
@ -110,7 +114,9 @@ template bgp ibgp_mwu {
local mwu_address as mwu_as; local mwu_address as mwu_as;
import keep filtered on; import keep filtered on;
import filter { import filter {
{% if ffmwu_server_type == "gateway" %}
if is_mwu_anycast() then reject; if is_mwu_anycast() then reject;
{% endif %}
if is_mwu_self_nets_loose() then accept; if is_mwu_self_nets_loose() then accept;
if is_freifunk() then accept; if is_freifunk() then accept;
if is_chaosvpn() then accept; if is_chaosvpn() then accept;
@ -118,7 +124,6 @@ template bgp ibgp_mwu {
reject; reject;
}; };
export filter { export filter {
if is_mwu_anycast() then reject;
if is_mwu_self_nets_loose() then accept; if is_mwu_self_nets_loose() then accept;
if source = RTS_BGP then accept; if source = RTS_BGP then accept;
reject; reject;

7
roles/service-bird/templates/bird6.conf.j2
View file

@ -86,7 +86,11 @@ protocol kernel kernel_mwu {
scan time 30; scan time 30;
import none; import none;
export filter { export filter {
{% if ffmwu_server_type == "gateway" %}
if is_mwu_anycast() then reject; if is_mwu_anycast() then reject;
{% else %}
if is_mwu_anycast() then accept;
{% endif %}
if is_mwu_loopback() then accept; if is_mwu_loopback() then accept;
reject; reject;
}; };
@ -98,13 +102,14 @@ template bgp ibgp_mwu {
local mwu_address as mwu_as; local mwu_address as mwu_as;
import keep filtered on; import keep filtered on;
import filter { import filter {
{% if ffmwu_server_type == "gateway" %}
if is_mwu_anycast() then reject; if is_mwu_anycast() then reject;
{% endif %}
if is_mwu_self_nets_loose() then accept; if is_mwu_self_nets_loose() then accept;
if is_ula() then accept; if is_ula() then accept;
reject; reject;
}; };
export filter { export filter {
if is_mwu_anycast() then reject;
if is_mwu_self_nets_loose() then accept; if is_mwu_self_nets_loose() then accept;
if source = RTS_BGP then accept; if source = RTS_BGP then accept;
reject; reject;