Roles network-*: enable forwarding

With newer versions of ifupdown2 it is necessary to enable IPv4/6
forwarding explicitly on required interfaces.
This commit is contained in:
Julian Labus 2019-03-25 10:13:01 +01:00
parent 6239a876bb
commit 59045bc400
No known key found for this signature in database
GPG key ID: 8AF209F2C6B3572A
3 changed files with 10 additions and 0 deletions

View file

@ -10,6 +10,8 @@ iface {{ item.key }} inet tunnel
ttl 64 ttl 64
mtu 1400 mtu 1400
tunnel-physdev {{ ansible_default_ipv4.interface }} tunnel-physdev {{ ansible_default_ipv4.interface }}
ip-forward on
ip6-forward on
address {{ item.value.tunnel_ipv4_network | ipaddr('net') | ipaddr('1') | ipaddr('ip/prefix') }} address {{ item.value.tunnel_ipv4_network | ipaddr('net') | ipaddr('1') | ipaddr('ip/prefix') }}
address {{ item.value.tunnel_ipv6_network | ipaddr('net') | ipaddr('2') | ipaddr('ip/prefix') }} address {{ item.value.tunnel_ipv6_network | ipaddr('net') | ipaddr('2') | ipaddr('ip/prefix') }}

View file

@ -17,3 +17,7 @@ iface {{ item.id }}br
{% endfor %} {% endfor %}
{% endif %} {% endif %}
bridge-ports {{ item.id }}bat bridge-ports {{ item.id }}bat
{% if server_type == 'gateway' %}
ip-forward on
ip6-forward on
{% endif %}

View file

@ -5,6 +5,10 @@
auto wg-{{ network.remote[:11] }} auto wg-{{ network.remote[:11] }}
iface wg-{{ network.remote[:11] }} iface wg-{{ network.remote[:11] }}
mtu 1420 mtu 1420
{% if server_type == 'gateway' %}
ip-forward on
ip6-forward on
{% endif %}
ipv6-addrgen off ipv6-addrgen off
{% if magic < network.remote_magic %} {% if magic < network.remote_magic %}
address {{ network.ipv4 | ipaddr('ip/prefix') }} address {{ network.ipv4 | ipaddr('ip/prefix') }}