FFRL Internet Exit: move IPv4 NAT address to a single dummy interface

2017-10-04 13:38:00 +02:00 · 2017-10-04 13:38:00 +02:00 · 94da0613a4
parent cc43741a91
commit 94da0613a4
4 changed files with 16 additions and 3 deletions
--- a/roles/network-ffrl/tasks/main.yml
+++ b/roles/network-ffrl/tasks/main.yml
@ -5,3 +5,9 @@
    dest: "/etc/network/interfaces.d/{{ item.key }}"
  notify: reload network interfaces
  with_dict: "{{ ffrl_exit_server }}"
+
+- name: create ffrl-nat dummy interface
+  template:
+    src: ffrl_nat.j2
+    dest: "/etc/network/interfaces.d/ffrl-nat"
+  notify: reload network interfaces
--- a/roles/network-ffrl/templates/ffrl.j2
+++ b/roles/network-ffrl/templates/ffrl.j2
@ -13,4 +13,3 @@ iface {{ item.key }} inet tunnel

    address {{ item.value.tunnel_ipv4_network | ipaddr('net') | ipaddr('1') | ipaddr('address') }}/{{ item.value.tunnel_ipv4_network | ipaddr('net') | ipaddr('prefix') }}
    address {{ item.value.tunnel_ipv6_network | ipaddr('net') | ipaddr('2') | ipaddr('address')  }}/{{ item.value.tunnel_ipv6_network | ipaddr('net') | ipaddr('prefix') }}
-    address {{ ffrl_public_ipv4_nat | ipaddr('address') }}/{{ ffrl_public_ipv4_nat | ipaddr('prefix') }}
--- a/roles/network-ffrl/templates/ffrl_nat.j2
+++ b/roles/network-ffrl/templates/ffrl_nat.j2
@ -0,0 +1,7 @@
+#
+# {{ ansible_managed }}
+#
+auto ffrl-nat
+iface ffrl-nat
+    link-type dummy
+    address {{ ffrl_public_ipv4_nat | ipaddr('address') }}/{{ ffrl_public_ipv4_nat | ipaddr('prefix') }}
--- a/roles/service-bird-ffrl/templates/ffrl_ipv4.conf.j2
+++ b/roles/service-bird-ffrl/templates/ffrl_ipv4.conf.j2
@ -36,9 +36,10 @@ filter ebgp_ffrl_export_filter {
 }

 # Protocols
-protocol static ffrl_uplink_hostroute {
+protocol direct ffrl_nat {
    table ffrl;
-    route {{ ffrl_public_ipv4_nat | ipaddr('address') }}/{{ ffrl_public_ipv4_nat | ipaddr('prefix') }} reject;
+    interface "ffrl-nat";
+    import where is_ffrl_nat();
 }

 protocol direct ffrl_tunnels {