Move Router Advertisements from daemon radvd to bird6

roles/service-bird/README.md

@@ -6,6 +6,7 @@ Diese Ansible role installiert und konfiguriert den bird daemon.
 - aktiviert systemd units bird + bird6
 - schreibt bird.conf + bird6.conf
 - konfiguriert bird für iBGP mit allen anderen FFMWU-Servern
+- konfiguriert Router Advertisements für die Mesh Interfaces
 
 Im iBGP peeren wir mangels separatem Transfernetz (im Moment) im Mainzer Mesh Netz.
 
@@ -39,6 +40,13 @@ meshes:
     ipv4_network:
     ipv6_ula:
       - # IPv6-ULA Network
+    ipv6_public:
+      - # IPv6-Public Network
+    radvd:
+      maxrtradvinterval: <integer> # seconds
+      advvalidlifetime: <integer> # seconds
+      advpreferredlifetime: <integer> # seconds
+
 ```
 
 - Host Variable `magic`

roles/service-bird/tasks/main.yml

@@ -51,6 +51,15 @@
   tags: sync-peers
   notify: reload systemd unit bird6
 
+- name: write radv.conf
+  template:
+    src: radv.conf.j2
+    dest: /etc/bird/radv.conf
+    mode: 0640
+    owner: bird
+    group: bird
+  notify: reload systemd unit bird6
+
 - name: enable + start systemd units bird + bird6
   systemd:
     name: bird{{ item }}

roles/service-bird/templates/bird6.conf.j2

@@ -122,4 +122,7 @@ include "icvpn_ipv6.con?";
 
 # Include IPv6 FFRL configuration
 include "ffrl_ipv6.con?";
+
+# Include IPv6 Router Advertisement configuration
+include "radv.con?";
 {% endif %}

roles/service-bird/templates/radv.conf.j2

@@ -0,0 +1,38 @@
+{% for mesh in meshes %}
+protocol radv radv_{{ mesh.id }} {
+	interface "{{ mesh.id }}br" {
+		max ra interval {{ mesh.radvd.maxrtradvinterval }};
+
+{% for prefix in mesh.ipv6_ula %}
+		prefix {{ prefix | ipaddr('net') | ipsubnet(64, 0) | ipaddr('subnet') }} {
+			valid lifetime {{ mesh.radvd.advvalidlifetime }};
+			preferred lifetime {{ mesh.radvd.advpreferredlifetime }};
+		};
+{% endfor %}
+
+{% for prefix in mesh.ipv6_public %}
+		prefix {{ prefix | ipaddr('net') | ipsubnet(56, magic) | ipsubnet(64, 0) | ipaddr('subnet') }} {
+			valid lifetime {{ mesh.radvd.advvalidlifetime }};
+			preferred lifetime {{ mesh.radvd.advpreferredlifetime }};
+		};
+{% endfor %}
+
+		rdnss {
+{% for prefix in mesh.ipv6_ula %}
+			ns {{ prefix | ipaddr('net') | ipsubnet(64, 0) | ipaddr(magic) | ipaddr('address') }};
+{% endfor %}
+		};
+
+		dnssl {
+{% for dnssl in mesh.dnssl %}
+			domain "{{ dnssl }}";
+{% endfor %}
+		};
+
+		link mtu {{ mesh.iface_mtu }};
+	};
+}
+{% if not loop.last %}
+
+{% endif %}
+{% endfor %}

roles/service-radvd/README.md

@@ -1,24 +1,3 @@
 # Ansible role service-radvd
 
-Diese Ansible role installiert und konfiguriert den radvd daemon.
-
-- installiert radvd
-- aktiviert systemd unit
-- schreibt radvd.conf
-
-## Benötigte Variablen
-
-- Dictionary `meshes`
-
-```
-meshes:
-  - id: xx
-...
-    ipv6_ula:
-      - # ULA-Prefix - String
-    ipv6_public:
-      - # Public-Prefix - String
-    iface_mtu: # Integer
-```
-
-- Host Variable `magic`
+Diese Ansible role entfernt den zuvor genutzten radvd.

roles/service-radvd/handlers/main.yml

@@ -1,5 +0,0 @@
----
-- name: restart systemd unit radvd
-  systemd:
-    name: radvd
-    state: restarted

roles/service-radvd/tasks/main.yml

@@ -1,17 +1,10 @@
 ---
-- name: install radvd packages
+- name: ensure radvd is not installed
   package:
     name: radvd
-    state: present
+    state: absent
 
-- name: configure radvd
-  template:
-    src: radvd.conf.j2
-    dest: /etc/radvd.conf
-  notify: restart systemd unit radvd
-
-- name: enable systemd unit radvd
-  systemd:
-    name: radvd
-    enabled: yes
-    state: started
+- name: remove radvd config file
+  file:
+    path: /etc/radvd.conf
+    state: absent

roles/service-radvd/templates/radvd.conf.j2

@@ -1,44 +0,0 @@
-
-#
-# {{ ansible_managed }}
-#
-{% for mesh in meshes %}
-interface {{ mesh.id }}br
-{
-	AdvSendAdvert on;
-	IgnoreIfMissing on;
-	MaxRtrAdvInterval {{ mesh.radvd.maxrtradvinterval }};
-	AdvLinkMTU {{ mesh.iface_mtu }};
-
-	RDNSS {% for prefix in mesh.ipv6_ula %}{{ prefix | ipaddr('net') | ipsubnet(64, 0) | ipaddr(magic) | ipaddr('address') }}
-{% endfor %}
-	{
-		FlushRDNSS off;
-	};
-
-{% for prefix in mesh.ipv6_ula %}
-	prefix {{ prefix | ipaddr('net') | ipsubnet(64, 0) | ipaddr('subnet') }}
-	{
-		AdvValidLifetime {{ mesh.radvd.advvalidlifetime }};
-		AdvPreferredLifetime {{ mesh.radvd.advpreferredlifetime }};
-	};
-{% if not loop.last %}
-
-{% endif %}
-{% endfor %}
-
-{% for prefix in mesh.ipv6_public %}
-	prefix {{ prefix | ipaddr('net') | ipsubnet(56, magic) | ipsubnet(64, 0) | ipaddr('subnet') }}
-	{
-		AdvValidLifetime {{ mesh.radvd.advvalidlifetime }};
-		AdvPreferredLifetime {{ mesh.radvd.advpreferredlifetime }};
-	};
-{% if not loop.last %}
-
-{% endif %}
-{% endfor %}
-};
-{% if not loop.last %}
-
-{% endif %}
-{% endfor %}