ansible/roles/bird/templates/bird.conf.j2

212 lines
5.6 KiB
Text
Raw Normal View History

2022-12-21 21:01:47 +01:00
{{ ansible_managed | comment }}
log syslog all;
router id {{ bird__router_id }};
protocol device {
scan time 10;
}
2022-09-04 07:40:51 +02:00
protocol direct {
ipv4;
ipv6;
}
protocol kernel kernel4 {
ipv4 {
import all;
export where source !~ [ RTS_DEVICE, RTS_STATIC ];
};
}
2022-09-04 07:40:51 +02:00
protocol kernel kernel6 {
ipv6 {
import all;
export where source !~ [ RTS_DEVICE, RTS_STATIC ];
};
}
2022-12-21 16:39:28 +01:00
{% if bird__static_unreachable | ansible.utils.ipv4 %}
protocol static unreachable4 {
2022-12-21 19:53:40 +01:00
ipv4 {
2022-12-22 11:00:37 +01:00
import all;
2022-12-21 19:53:40 +01:00
};
2022-12-21 16:39:28 +01:00
{% for route in bird__static_unreachable | ansible.utils.ipv4 %}
2022-12-21 19:53:40 +01:00
route {{ route }} unreachable;
2022-12-21 16:39:28 +01:00
{% endfor %}
}
{% endif %}
{% if bird__static_unreachable | ansible.utils.ipv6 %}
protocol static unreachable6 {
2022-12-21 19:53:40 +01:00
ipv6 {
2022-12-22 11:00:37 +01:00
import all;
2022-12-21 19:53:40 +01:00
};
2022-12-21 16:39:28 +01:00
{% for route in bird__static_unreachable | ansible.utils.ipv6 %}
2022-12-21 19:53:40 +01:00
route {{ route }} unreachable;
2022-12-21 16:39:28 +01:00
{% endfor %}
}
{% endif %}
{% if bird__ospf_broadcast_interfaces %}
2022-09-04 07:40:51 +02:00
protocol ospf v2 ospf4 {
ipv4 {
import all;
2022-09-04 07:40:51 +02:00
export where source ~ [ RTS_STATIC, RTS_DEVICE ];
};
area 0 {
2022-12-22 12:02:56 +01:00
{% for network in bird__ospf_stub_networks | ansible.utils.ipv4 %}
2022-12-21 16:51:43 +01:00
stubnet {{ network }};
2022-12-22 12:02:56 +01:00
{% endfor %}
{% for name, iface in bird__ospf_broadcast_interfaces.items() %}
interface {{ name | enquote }} {
type broadcast;
hello {{ iface.hello | default(bird__ospf_hello) | int }};
retransmit {{ iface.retransmit
| default(bird__ospf_retransmit)
| int }};
wait {{ iface.wait | default(bird__ospf_wait) | int }};
dead {{ iface.dead | default(bird__ospf_dead) | int }};
};
2022-12-22 12:02:56 +01:00
{% endfor %}
{% for name in bird__ospf_stub_interfaces %}
interface {{ name | enquote }} {
stub;
};
2022-12-22 12:02:56 +01:00
{% endfor %}
};
}
{% endif %}
{% if bird__ospf_broadcast_interfaces %}
2022-09-04 07:40:51 +02:00
protocol ospf v3 ospf6 {
ipv6 {
import all;
2022-09-04 07:40:51 +02:00
export where source ~ [ RTS_STATIC, RTS_DEVICE ];
};
area 0 {
2022-12-22 12:02:56 +01:00
{% for network in bird__ospf_stub_networks | ansible.utils.ipv6 %}
2022-12-21 16:51:43 +01:00
stubnet {{ network }};
2022-12-22 12:02:56 +01:00
{% endfor %}
{% for name, iface in bird__ospf_broadcast_interfaces.items() %}
interface {{ name | enquote }} {
type broadcast;
hello {{ iface.hello | default(bird__ospf_hello) | int }};
retransmit {{ iface.retransmit
| default(bird__ospf_retransmit)
| int }};
wait {{ iface.wait | default(bird__ospf_wait) | int }};
dead {{ iface.dead | default(bird__ospf_dead) | int }};
};
2022-12-22 12:02:56 +01:00
{% endfor %}
{% for name in bird__ospf_stub_interfaces %}
interface {{ name | enquote }} {
stub;
};
{% endfor %}
};
}
{% endif %}
2023-01-07 08:53:44 +01:00
{% macro bird_filter(filter, last) %}
2022-12-22 12:02:56 +01:00
{% if filter.as_prepend is defined %}
{% for _ in range(filter.as_prepend.size) %}
bgp_path.prepend({{ filter.as_prepend.asn }});
{% endfor %}
{% endif %}
{% if filter.local_pref is defined %}
bgp_local_pref = {{ filter.local_pref }};
{% endif %}
2023-01-07 08:53:44 +01:00
{% if filter.accept is defined %}
2022-12-22 12:35:32 +01:00
{{ filter.accept | ternary("accept", "reject") }};
2022-12-22 12:02:56 +01:00
{% endif %}
2022-12-22 13:12:24 +01:00
{% endmacro %}
2023-01-07 08:53:44 +01:00
{# FIXME: massive cleanup required #}
{% for name, session in bird__bgp_sessions.items() %}
2022-12-22 12:02:56 +01:00
{% for version in [4, 6] %}
{% for direction in ["import", "export"] %}
filter bgp{{ version }}_{{ direction }}_{{ name }} {
2022-12-22 12:02:56 +01:00
{% for filter in session[direction] %}
2023-01-07 08:53:44 +01:00
{% set negate = filter.negate | default(False) %}
2022-12-22 12:02:56 +01:00
{% set networks =
filter.prefix
| default([])
| ansible.utils.ipaddr(version=version)
| map("suffix", filter.sub
| default(False)
2023-01-07 08:53:44 +01:00
| ternary("+", ""))
| list %}
{% set bgp_protos =
filter.bgp_proto
| default([])
| map("format_rev", 'proto {1} "bgp{2}_{0}"',
negate | ternary("!=", "="), version)
| list %}
{% if networks or bgp_protos %}
2022-12-22 12:02:56 +01:00
{% if networks %}
2023-01-07 08:53:44 +01:00
{% set op = negate | ternary("!~", "~") %}
2022-12-22 12:02:56 +01:00
if net {{ op }} [ {{ networks | join(", ") }} ] then {
2023-01-07 08:53:44 +01:00
{% elif bgp_protos %}
{% set op = negate | ternary("&&", "||") %}
if {{ bgp_protos | join(" " + op + " ") }} then {
{% endif %}
2022-12-22 12:12:01 +01:00
{{ bird_filter(filter) | indent(8) }}
2022-12-22 12:02:56 +01:00
}
{% else %}
2022-12-22 12:12:01 +01:00
{{ bird_filter(filter) | indent(4) }}
2022-12-22 12:02:56 +01:00
{% endif %}
{% endfor %}
}
2022-12-22 13:12:24 +01:00
2022-12-22 12:02:56 +01:00
{% endfor %}
{% endfor %}
{% endfor %}
{% for name, session in bird__bgp_sessions.items() %}
2022-12-22 12:02:56 +01:00
{% for local_address in session.local.address %}
{% set version =
local_address
| ansible.utils.ipaddr(query="version") %}
{% set remote_address =
session.remote.address
| ansible.utils.ipaddr(version=version)
| first %}
protocol bgp bgp{{ version }}_{{ name }} {
2022-12-21 18:43:00 +01:00
local {{ local_address }} as {{ session.local.as }};
neighbor {{ remote_address }} as {{ session.remote.as }};
{{ "ipv4" if version == 4 else "ipv6" }} {
2023-01-07 08:53:44 +01:00
{% if session.next_hop_self | default(False) %}
next hop self;
{% endif %}
{% if session.direct | default(False) %}
direct;
2023-01-07 08:53:44 +01:00
{% endif %}
import filter bgp{{ version }}_import_{{ name }};
export filter bgp{{ version }}_export_{{ name }};
2022-12-21 16:39:28 +01:00
};
}
2022-12-22 12:02:56 +01:00
{% endfor %}
2022-12-21 16:39:28 +01:00
{% endfor %}
{% if bird__radv_interfaces %}
protocol radv {
{% for name, iface in bird__radv_interfaces.items() %}
interface {{ name | enquote }} {
max ra interval {{ bird__radv_max_interval | int }};
{% for prefix in iface.prefix | default([]) %}
prefix {{ prefix | ipaddr }};
{% endfor %}
{% for domain in iface.domain_search | default([]) %}
dnssl {{ domain | enquote }};
{% endfor %}
};
{% endfor %}
{% for address in bird__radv_dns_servers %}
rdnss {{ address | ipaddr }};
{% endfor %}
}
{% endif %}