wip: bird: misc

2023-09-18 17:15:57 +02:00 · 2023-09-18 17:15:57 +02:00 · 35cdf782c8
parent fbdeddfc72
commit 35cdf782c8
10 changed files with 469 additions and 472 deletions
--- a/group_vars/all/bird.yml
+++ b/group_vars/all/bird.yml
@ -0,0 +1,4 @@
+---
+bird__as:
+  aurore: 43619
+...
--- a/group_vars/infra/bird.yml
+++ b/group_vars/infra/bird.yml
@ -0,0 +1,47 @@
+---
+bird__kernel:
+  kernel:
+    learn: true
+    import: accept
+    export: accept
+
+bird__ospf:
+  limits:
+    import: 4000
+    export: 4000
+  import: accept
+  export:
+    protos: kernel
+  areas:
+    0:
+      broadcast:
+        - back0
+      stub:
+        - monit0
+        - wifi0
+        - int0
+        - sw0
+        - bmc0
+        - pve0
+        - isp0
+        - ext0
+        - ups0
+    1:
+      broadcast:
+        - vpn0
+
+bird__bgp:
+  edge1:
+    local:
+      address: "{{ bird__bgp_addr.back }}"
+      as: "{{ bird__as.aurore }}"
+    neighbor:
+      address:
+        - 2a09:6840:203::1:1
+        - 10.203.1.1
+      as: "{{ bird__as.aurore }}"
+    import:
+      - pref_src: "{{ bird__pref_src_addr }}"
+      - accept
+    export: reject
+...
--- a/group_vars/isp/bird.yml
+++ b/group_vars/isp/bird.yml
@ -0,0 +1,53 @@
+---
+bird__kernel:
+  kernel:
+    learn: true
+    import: accept
+    export: accept
+
+bird__ospf:
+  limits:
+    import: 4000
+    export: 4000
+  import: accept
+  export:
+    protos: kernel
+  areas:
+    0:
+      broadcast:
+        - back0
+      stub:
+        - client0
+        - client1
+        - client2
+        - client3
+        - client4
+
+bird__bgp:
+  edge1:
+    local:
+      address: "{{ bird__bgp_addr.back }}"
+      as: "{{ bird__as.aurore }}"
+    neighbor:
+      address:
+        - 2a09:6840:203::1:1
+        - 10.203.1.1
+      as: "{{ bird__as.aurore }}"
+    import:
+      - pref_src: "{{ bird__pref_src_addr }}"
+      - accept
+    export: reject
+
+bird__radv:
+  rdnss:
+    - 2a09:6840:206::1:1
+    - 2a09:6840:206::1:2
+  interfaces:
+    client0:
+      max_interval: 5
+      prefixes:
+        - 2a09:6841::/64
+      dnssl: client0.isp.auro.re
+      domain_search:
+        - auro.re
+...
--- a/group_vars/isp/keepalived.yml
+++ b/group_vars/isp/keepalived.yml
@ -25,5 +25,8 @@ keepalived__virtual_addresses:
    - 2a09:6841:0:4::1/64
    - fe80::1/10

+keepalived__virtual_blackholes:
+  - 45.66.111.220/32
+
 keepalived__main: "{{ inventory_hostname_short == 'isp-1' }}"
 ...
--- a/host_vars/infra-1.back.infra.auro.re.yml
+++ b/host_vars/infra-1.back.infra.auro.re.yml
@ -40,4 +40,15 @@ ifupdown2__interfaces:
    addresses:
      - 2a09:6840:213::1:1
      - 10.213.1.1
+
+bird__router_id: 10.203.1.3
+
+bird__bgp_addr:
+  back:
+    - 2a09:6840:203::1:3
+    - 10.203.1.3
+
+bird__pref_src_addr:
+  - 2a09:6840:203::1:3
+  - 45.66.111.210
 ...
--- a/host_vars/infra-2.back.infra.auro.re.yml
+++ b/host_vars/infra-2.back.infra.auro.re.yml
@ -40,4 +40,15 @@ ifupdown2__interfaces:
    addresses:
      - 2a09:6840:213::1:2
      - 10.213.1.2
+
+bird__router_id: 10.203.1.4
+
+bird__bgp_addr:
+  back:
+    - 2a09:6840:203::1:4
+    - 10.203.1.4
+
+bird__pref_src_addr:
+  - 2a09:6840:203::1:4
+  - 45.66.111.211
 ...
--- a/host_vars/isp-1.back.infra.auro.re.yml
+++ b/host_vars/isp-1.back.infra.auro.re.yml
@ -13,6 +13,7 @@ ifupdown2__interfaces:
  back0:
    addresses:
      - 2a09:6840:203::1:5/64
+      - 45.66.111.211/32
      - 10.203.1.5/16
  trunk0:
    ipv6_addrgen: false
@ -44,4 +45,15 @@ ifupdown2__interfaces:
    vlan_id: 1004
    vlan_raw_device: clients0
    ipv6_addrgen: false
+
+bird__router_id: 10.203.1.5
+
+bird__bgp_addr:
+  back:
+    - 2a09:6840:203::1:5
+    - 10.203.1.5
+
+bird__pref_src_addr:
+  - 2a09:6840:203::1:5
+  - 45.66.111.211
 ...
--- a/playbooks/bird.yml
+++ b/playbooks/bird.yml
@ -1,5 +1,11 @@
 #!/usr/bin/env ansible-playbook
 ---
+- hosts:
+    - infra
+    - isp
+  roles:
+    - bird
+
 #- hosts:
 #    - isp-1.back.infra.auro.re
 #    - isp-2.back.infra.auro.re
@ -85,78 +91,6 @@
 #    - bird


- hosts:
-    - infra-1.back.infra.auro.re
-    - infra-2.back.infra.auro.re
-  vars:
-    bird__as:
-      aurore: 43619
-    bird__router_ids:
-      infra-1: 10.203.1.3
-      infra-2: 10.203.1.4
-    bird__pref_src_addrs:
-      infra-1:
-        - 2a09:6840:203::1:3
-        - 45.66.111.210
-      infra-2:
-        - 2a09:6840:203::1:4
-        - 45.66.111.211
-    bird__bgp_addrs:
-      infra-1:
-        back:
-          - 2a09:6840:203::1:3
-          - 10.203.1.3
-      infra-2:
-        back:
-          - 2a09:6840:203::1:4
-          - 10.203.1.4
-    bird__router_id: "{{ bird__router_ids[inventory_hostname_short] }}"
-    bird__kernel:
-      kernel:
-        learn: true
-        import: accept
-        export: accept
-    bird__ospf:
-      limits:
-        import: 4000
-        export: 4000
-      import: accept
-      export:
-        protos: kernel
-      areas:
-        0:
-          broadcast:
-            - back0
-          stub:
-            - monit0
-            - wifi0
-            - int0
-            - sw0
-            - bmc0
-            - pve0
-            - isp0
-            - ext0
-            - ups0
-        1:
-          broadcast:
-            - vpn0
-    bird__bgp:
-      edge1:
-        local:
-          address: "{{ bird__bgp_addrs[inventory_hostname_short].back }}"
-          as: "{{ bird__as.aurore }}"
-        neighbor:
-          address:
-            - 2a09:6840:203::1:1
-            - 10.203.1.1
-          as: "{{ bird__as.aurore }}"
-        import:
-          - pref_src: "{{ bird__pref_src_addrs[inventory_hostname_short] }}"
-          - accept
-        export: reject
-  roles:
-    - bird
-
 #- hosts:
 #    - infra-1.back.infra.auro.re
 #    - infra-2.back.infra.auro.re
@ -215,247 +149,247 @@
 #  roles:
 #    - bird

- hosts:
-    - edge-1.back.infra.auro.re
-    - edge-2.back.infra.auro.re
-  vars:
-    bird__router_ids:
-      edge-1.back.infra.auro.re: 10.203.1.1
-      edge-2.back.infra.auro.re: 10.203.1.2
-    bird__asn:
-      aurore: 43619
-      crans: 204515
-      zayo: 8218
-      viarezo: 212424
-      rezel: 199116
-    bird__orig_prefixes:
-      aurore:
-        - 45.66.108.0/22
-        - 2a09:6840::/32
-        - 2a09:6841::/32
-        - 2a09:6842::/32
-      crans:
-        - 185.230.76.0/22
-        - 2a0c:700::/32
-      viarezo:
-        - 138.195.144.0/20
-        - 192.159.121.0/24
-        - 2a0c:b641:2f0::/44
-      rezel:
-        - 137.194.8.0/22
-        - 2a09:6847::/32
-      martians:
-        - 10.0.0.0/8
-        - 172.16.0.0/12
-        - 192.168.0.0/16
-        - 100.64.0.0/10
-        - 127.0.0.0/8
-        - 169.254.0.0/16
-        - 192.0.0.0/24
-        - 192.0.2.0/24
-        - 198.18.0.0/15
-        - 198.51.100.0/24
-        - 203.0.113.0/24
-        - 224.0.0.0/4
-        - 240.0.0.0/4
-        - ::/128
-        - ::1/128
-        - ::ffff:0:0/96
-        - ::/96
-        - 100::/64
-        - 2001:10::/28
-        - 2001:db8::/32
-        - fc00::/7
-        - fe80::/10
-        - fec0::/10
-        - ff00::/8
-    bird__router_id: "{{ bird__router_ids[inventory_hostname] }}"
-    bird__bgp_addresses:
-      edge:
-        edge-1.back.infra.auro.re:
-          - 2a09:6840:203::1:1
-          - 10.203.1.1
-        edge-2.back.infra.auro.re:
-            - 2a09:6840:203::1:2
-            - 10.203.1.2
-      legacy:
-        edge-1.back.infra.auro.re:
-          - 2a09:6840:129::10:2
-          - 10.129.10.2
-        edge-2.back.infra.auro.re:
-          - 2a09:6840:129::10:102
-          - 10.129.10.102
-      rezel:
-        edge-1.back.infra.auro.re:
-          - 2a09:6842:19:9116::1
-          - 45.66.111.1
-        edge-2.back.infra.auro.re:
-          - 2a09:6842:19:9116::3
-          - 45.66.111.3
-    bird__bgp_sessions:
-      edge:
-        local:
-          address: "{{ bird__bgp_addresses.edge[inventory_hostname] }}"
-          as: "{{ bird__asn.aurore }}"
-        remote:
-          address: "{{ bird__bgp_addresses.edge
-                       | dict2items
-                       | selectattr('key', '!=', inventory_hostname)
-                       | map(attribute='value')
-                       | first }}"
-          as: "{{ bird__asn.aurore }}"
-        import:
-          - accept: true
-        export:
-          - local_pref: 75
-            accept: true
-      vpn1:
-        local:
-          address: "{{ bird__bgp_addresses.edge[inventory_hostname] }}"
-          as: "{{ bird__asn.aurore }}"
-        remote:
-          address:
-            - 2a09:6840:203::1:7
-            - 10.203.1.7
-          as: "{{ bird__asn.aurore }}"
-        import:
-          - accept: false
-        export:
-          - accept: true
-      vpn2:
-        local:
-          address: "{{ bird__bgp_addresses.edge[inventory_hostname] }}"
-          as: "{{ bird__asn.aurore }}"
-        remote:
-          address:
-            - 2a09:6840:203::1:8
-            - 10.203.1.8
-          as: "{{ bird__asn.aurore }}"
-        import:
-          - accept: false
-        export:
-          - accept: false
-      legacy:
-        next_hop_self: true
-        local:
-          address: "{{ bird__bgp_addresses.legacy[inventory_hostname] }}"
-          as: "{{ bird__asn.aurore }}"
-        remote:
-          address:
-            - 2a09:6840:129::240
-            - 10.129.0.240
-          as: "{{ bird__asn.aurore }}"
-        import:
-          - accept: false
-        export:
-          - bgp_proto:
-              - crans
-              - zayo
-              - rezel1
-              - rezel2
-            accept: true
-          - accept: false
-      zayo:
-        local:
-          address:
-            - 83.167.52.69
-            - 2001:1b48:2:103::d7:2
-          as: "{{ bird__asn.aurore }}"
-        remote:
-          address:
-            - 83.167.52.68
-            - 2001:1b48:2:103::d7:1
-          as: "{{ bird__asn.zayo }}"
-        import:
-          - prefix: "{{ bird__orig_prefixes.martians }}"
-            sub: true
-            accept: false
-          - accept: true
-        export:
-          - prefix: "{{ ['aurore', 'crans', 'viarezo', 'rezel']
-                        | map('extract', bird__orig_prefixes)
-                        | flatten }}"
-            sub: true
-            accept: true
-          - accept: false
-      crans:
-        local:
-          address:
-            - 185.230.79.254
-            - 2a0c:700:28::2
-          as: "{{ bird__asn.aurore }}"
-        remote:
-          address:
-            - 185.230.79.253
-            - 2a0c:700:28::1
-          as: "{{ bird__asn.crans }}"
-        import:
-          - prefix: "{{ bird__orig_prefixes.crans }}"
-            sub: true
-            accept: true
-          - accept: false
-        export:
-          - bgp_proto:
-              - viarezo
-              - rezel1
-              - rezel2
-              - zayo
-            accept: true
-          - prefix: "{{ bird__orig_prefixes.aurore }}"
-            sub: true
-            accept: true
-          - accept: false
-      rezel1:
-        local:
-          address: "{{ bird__bgp_addresses.rezel[inventory_hostname] }}"
-          as: "{{ bird__asn.aurore }}"
-        remote:
-          address:
-            - 2a09:6842:19:9116::2
-            - 45.66.111.2
-          as: "{{ bird__asn.rezel }}"
-        import:
-          - prefix: "{{ bird__orig_prefixes.rezel }}"
-            sub: true
-            accept: true
-          - accept: false
-        export:
-          - bgp_proto:
-              - edge
-              - viarezo
-              - crans
-              - zayo
-            accept: true
-          - prefix: "{{ bird__orig_prefixes.aurore }}"
-            sub: true
-            accept: true
-          - accept: false
-      rezel2:
-        local:
-          address: "{{ bird__bgp_addresses.rezel[inventory_hostname] }}"
-          as: "{{ bird__asn.aurore }}"
-        remote:
-          address:
-            - 2a09:6842:19:9116::4
-            - 45.66.111.4
-          as: "{{ bird__asn.rezel }}"
-        import:
-          - local_pref: 75
-          - prefix: "{{ bird__orig_prefixes.rezel }}"
-            sub: true
-            accept: true
-          - accept: false
-        export:
-          - bgp_proto:
-              - edge
-              - viarezo
-              - crans
-              - zayo
-            accept: true
-          - prefix: "{{ bird__orig_prefixes.aurore }}"
-            sub: true
-            accept: true
-          - accept: false
+#- hosts:
+#    - edge-1.back.infra.auro.re
+#    - edge-2.back.infra.auro.re
+#  vars:
+#    bird__router_ids:
+#      edge-1.back.infra.auro.re: 10.203.1.1
+#      edge-2.back.infra.auro.re: 10.203.1.2
+#    bird__asn:
+#      aurore: 43619
+#      crans: 204515
+#      zayo: 8218
+#      viarezo: 212424
+#      rezel: 199116
+#    bird__orig_prefixes:
+#      aurore:
+#        - 45.66.108.0/22
+#        - 2a09:6840::/32
+#        - 2a09:6841::/32
+#        - 2a09:6842::/32
+#      crans:
+#        - 185.230.76.0/22
+#        - 2a0c:700::/32
+#      viarezo:
+#        - 138.195.144.0/20
+#        - 192.159.121.0/24
+#        - 2a0c:b641:2f0::/44
+#      rezel:
+#        - 137.194.8.0/22
+#        - 2a09:6847::/32
+#      martians:
+#        - 10.0.0.0/8
+#        - 172.16.0.0/12
+#        - 192.168.0.0/16
+#        - 100.64.0.0/10
+#        - 127.0.0.0/8
+#        - 169.254.0.0/16
+#        - 192.0.0.0/24
+#        - 192.0.2.0/24
+#        - 198.18.0.0/15
+#        - 198.51.100.0/24
+#        - 203.0.113.0/24
+#        - 224.0.0.0/4
+#        - 240.0.0.0/4
+#        - ::/128
+#        - ::1/128
+#        - ::ffff:0:0/96
+#        - ::/96
+#        - 100::/64
+#        - 2001:10::/28
+#        - 2001:db8::/32
+#        - fc00::/7
+#        - fe80::/10
+#        - fec0::/10
+#        - ff00::/8
+#    bird__router_id: "{{ bird__router_ids[inventory_hostname] }}"
+#    bird__bgp_addresses:
+#      edge:
+#        edge-1.back.infra.auro.re:
+#          - 2a09:6840:203::1:1
+#          - 10.203.1.1
+#        edge-2.back.infra.auro.re:
+#            - 2a09:6840:203::1:2
+#            - 10.203.1.2
+#      legacy:
+#        edge-1.back.infra.auro.re:
+#          - 2a09:6840:129::10:2
+#          - 10.129.10.2
+#        edge-2.back.infra.auro.re:
+#          - 2a09:6840:129::10:102
+#          - 10.129.10.102
+#      rezel:
+#        edge-1.back.infra.auro.re:
+#          - 2a09:6842:19:9116::1
+#          - 45.66.111.1
+#        edge-2.back.infra.auro.re:
+#          - 2a09:6842:19:9116::3
+#          - 45.66.111.3
+#    bird__bgp_sessions:
+#      edge:
+#        local:
+#          address: "{{ bird__bgp_addresses.edge[inventory_hostname] }}"
+#          as: "{{ bird__asn.aurore }}"
+#        remote:
+#          address: "{{ bird__bgp_addresses.edge
+#                       | dict2items
+#                       | selectattr('key', '!=', inventory_hostname)
+#                       | map(attribute='value')
+#                       | first }}"
+#          as: "{{ bird__asn.aurore }}"
+#        import:
+#          - accept: true
+#        export:
+#          - local_pref: 75
+#            accept: true
+#      vpn1:
+#        local:
+#          address: "{{ bird__bgp_addresses.edge[inventory_hostname] }}"
+#          as: "{{ bird__asn.aurore }}"
+#        remote:
+#          address:
+#            - 2a09:6840:203::1:7
+#            - 10.203.1.7
+#          as: "{{ bird__asn.aurore }}"
+#        import:
+#          - accept: false
+#        export:
+#          - accept: true
+#      vpn2:
+#        local:
+#          address: "{{ bird__bgp_addresses.edge[inventory_hostname] }}"
+#          as: "{{ bird__asn.aurore }}"
+#        remote:
+#          address:
+#            - 2a09:6840:203::1:8
+#            - 10.203.1.8
+#          as: "{{ bird__asn.aurore }}"
+#        import:
+#          - accept: false
+#        export:
+#          - accept: false
+#      legacy:
+#        next_hop_self: true
+#        local:
+#          address: "{{ bird__bgp_addresses.legacy[inventory_hostname] }}"
+#          as: "{{ bird__asn.aurore }}"
+#        remote:
+#          address:
+#            - 2a09:6840:129::240
+#            - 10.129.0.240
+#          as: "{{ bird__asn.aurore }}"
+#        import:
+#          - accept: false
+#        export:
+#          - bgp_proto:
+#              - crans
+#              - zayo
+#              - rezel1
+#              - rezel2
+#            accept: true
+#          - accept: false
+#      zayo:
+#        local:
+#          address:
+#            - 83.167.52.69
+#            - 2001:1b48:2:103::d7:2
+#          as: "{{ bird__asn.aurore }}"
+#        remote:
+#          address:
+#            - 83.167.52.68
+#            - 2001:1b48:2:103::d7:1
+#          as: "{{ bird__asn.zayo }}"
+#        import:
+#          - prefix: "{{ bird__orig_prefixes.martians }}"
+#            sub: true
+#            accept: false
+#          - accept: true
+#        export:
+#          - prefix: "{{ ['aurore', 'crans', 'viarezo', 'rezel']
+#                        | map('extract', bird__orig_prefixes)
+#                        | flatten }}"
+#            sub: true
+#            accept: true
+##          - accept: false
+#      crans:
+#        local:
+#          address:
+#            - 185.230.79.254
+#            - 2a0c:700:28::2
+#          as: "{{ bird__asn.aurore }}"
+#        remote:
+#          address:
+#            - 185.230.79.253
+#            - 2a0c:700:28::1
+#          as: "{{ bird__asn.crans }}"
+#        import:
+#          - prefix: "{{ bird__orig_prefixes.crans }}"
+#            sub: true
+#            accept: true
+#          - accept: false
+#        export:
+#          - bgp_proto:
+#              - viarezo
+#              - rezel1
+#              - rezel2
+#              - zayo
+#            accept: true
+#          - prefix: "{{ bird__orig_prefixes.aurore }}"
+#            sub: true
+#            accept: true
+#          - accept: false
+#      rezel1:
+#        local:
+#          address: "{{ bird__bgp_addresses.rezel[inventory_hostname] }}"
+#          as: "{{ bird__asn.aurore }}"
+#        remote:
+#          address:
+#            - 2a09:6842:19:9116::2
+#            - 45.66.111.2
+#          as: "{{ bird__asn.rezel }}"
+#        import:
+#          - prefix: "{{ bird__orig_prefixes.rezel }}"
+#            sub: true
+#            accept: true
+#          - accept: false
+#        export:
+#          - bgp_proto:
+#              - edge
+#              - viarezo
+#              - crans
+#              - zayo
+#            accept: true
+#          - prefix: "{{ bird__orig_prefixes.aurore }}"
+#            sub: true
+#            accept: true
+#          - accept: false
+#      rezel2:
+#        local:
+#          address: "{{ bird__bgp_addresses.rezel[inventory_hostname] }}"
+#          as: "{{ bird__asn.aurore }}"
+#        remote:
+#          address:
+#            - 2a09:6842:19:9116::4
+#            - 45.66.111.4
+#          as: "{{ bird__asn.rezel }}"
+#        import:
+#          - local_pref: 75
+#          - prefix: "{{ bird__orig_prefixes.rezel }}"
+#            sub: true
+#            accept: true
+#          - accept: false
+#        export:
+#          - bgp_proto:
+#              - edge
+#              - viarezo
+#              - crans
+#              - zayo
+#            accept: true
+#          - prefix: "{{ bird__orig_prefixes.aurore }}"
+#            sub: true
+#            accept: true
+#          - accept: false
 #      viarezo:
 #        local:
 #          address:
@ -485,65 +419,65 @@
 #              - zayo
 #            accept: true
 #          - accept: false
-    bird__ospf_broadcast_interfaces:
-      back0: null
-    bird__ospf_stub_interfaces:
-      - crans0
-      - zayo0
-      - rezel0
-      - viarezo0
-    bird__static_unreachable: "{{ bird__orig_prefixes.aurore }}"
-  roles:
-    - bird
+#    bird__ospf_broadcast_interfaces:
+#      back0: null
+#    bird__ospf_stub_interfaces:
+#      - crans0
+#      - zayo0
+#      - rezel0
+#      - viarezo0
+#    bird__static_unreachable: "{{ bird__orig_prefixes.aurore }}"
+#  roles:
+#    - bird

- hosts:
-    - vpn-1.back.infra.auro.re
-    - vpn-2.back.infra.auro.re
-  vars:
-    bird__asn:
-      aurore: 43619
-    bird__router_ids:
-      vpn-1.back.infra.auro.re: 10.203.1.7
-      vpn-2.back.infra.auro.re: 10.203.1.8
-    bird__router_id: "{{ bird__router_ids[inventory_hostname] }}"
-    bird__bgp_addresses:
-      vpn-1.back.infra.auro.re:
-        - 2a09:6840:203::1:7
-        - 10.203.1.7
-      vpn-2.back.infra.auro.re:
-        - 2a09:6840:203::1:8
-        - 10.203.1.8
-    bird__bgp_sessions:
-      edge1:
-        local:
-          address: "{{ bird__bgp_addresses[inventory_hostname] }}"
-          as: "{{ bird__asn.aurore }}"
-        remote:
-          address:
-            - 2a09:6840:203::1:1
-            - 10.203.1.1
-          as: "{{ bird__asn.aurore }}"
-        import:
-          - accept: true
-        export:
-          - accept: false
-      edge2:
-        local:
-          address: "{{ bird__bgp_addresses[inventory_hostname] }}"
-          as: "{{ bird__asn.aurore }}"
-        remote:
-          address:
-            - 2a09:6840:203::1:2
-            - 10.203.1.2
-          as: "{{ bird__asn.aurore }}"
-        import:
-          - accept: true
-        export:
-          - accept: false
-    bird__ospf_broadcast_interfaces:
-      back0: null
-    bird__ospf_stub_interfaces:
-      - wg0
-  roles:
-    - bird
+#- hosts:
+#    - vpn-1.back.infra.auro.re
+#    - vpn-2.back.infra.auro.re
+#  vars:
+#    bird__asn:
+#      aurore: 43619
+#    bird__router_ids:
+#      vpn-1.back.infra.auro.re: 10.203.1.7
+#      vpn-2.back.infra.auro.re: 10.203.1.8
+#    bird__router_id: "{{ bird__router_ids[inventory_hostname] }}"
+#    bird__bgp_addresses:
+#      vpn-1.back.infra.auro.re:
+#        - 2a09:6840:203::1:7
+#        - 10.203.1.7
+#      vpn-2.back.infra.auro.re:
+#        - 2a09:6840:203::1:8
+#        - 10.203.1.8
+#    bird__bgp_sessions:
+#      edge1:
+#        local:
+#          address: "{{ bird__bgp_addresses[inventory_hostname] }}"
+#          as: "{{ bird__asn.aurore }}"
+#        remote:
+#          address:
+#            - 2a09:6840:203::1:1
+#            - 10.203.1.1
+#          as: "{{ bird__asn.aurore }}"
+#        import:
+#          - accept: true
+#        export:
+#          - accept: false
+#      edge2:
+#        local:
+#          address: "{{ bird__bgp_addresses[inventory_hostname] }}"
+#          as: "{{ bird__asn.aurore }}"
+#        remote:
+#          address:
+#            - 2a09:6840:203::1:2
+#            - 10.203.1.2
+#          as: "{{ bird__asn.aurore }}"
+#        import:
+#          - accept: true
+#        export:
+#          - accept: false
+#    bird__ospf_broadcast_interfaces:
+#      back0: null
+#    bird__ospf_stub_interfaces:
+##      - wg0
+#  roles:
+#    - bird
 ...
--- a/roles/bird/templates/.bird.conf.j2.swp
+++ b/roles/bird/templates/.bird.conf.j2.swp
--- a/roles/bird/templates/bird.conf.j2
+++ b/roles/bird/templates/bird.conf.j2
@ -112,6 +112,27 @@ protocol bgp {{ name | bird_name(ipv4) }} {
 {% endfor %}
 {% endfor %}

+{% if bird__radv is defined %}
+protocol radv {
+{% set interfaces = bird__radv.interfaces | default({}) %}
+{% for iface, radv in interfaces.items() %}
+    interface {{ iface | enquote }} {
+        max ra interval {{ radv.max_interval
+                           | default(bird__radv_max_interval) }};
+{% for prefix in radv.prefixes | default([]) %}
+        prefix {{ prefix }};
+{% endfor %}
+{% for domain in radv.domain_search | default([]) %}
+        dnssl {{ domain | enquote }};
+{% endfor %}
+    };
+{% endfor %}
+{% for addr in bird__radv.rdnss | default([]) %}
+    rdnss {{ addr }};
+{% endfor %}
+}
+{% endif %}
+
 {# {% if bird__static_unreachable | ansible.utils.ipv4 %}
 protocol static unreachable4 {
    ipv4 {
@ -133,102 +154,3 @@ protocol static unreachable6 {
 {% endfor %}
 }
 {% endif %} #}
-
-{# {% macro bird_filter(filter, last) %}
-{% if filter.as_prepend is defined %}
-{% for _ in range(filter.as_prepend.size) %}
-bgp_path.prepend({{ filter.as_prepend.asn }});
-{% endfor %}
-{% endif %}
-{% if filter.local_pref is defined %}
-bgp_local_pref = {{ filter.local_pref }};
-{% endif %}
-{% if filter.accept is defined %}
-{{ filter.accept | ternary("accept", "reject") }};
-{% endif %}
-{% endmacro %}
-
-{% for name, session in bird__bgp_sessions.items() %}
-{% for version in [4, 6] %}
-{% for direction in ["import", "export"] %}
-filter bgp{{ version }}_{{ direction }}_{{ name }} {
-{% for filter in session[direction] %}
-{% set negate = filter.negate | default(False) %}
-{% set networks =
-       filter.prefix
-       | default([])
-       | ansible.utils.ipaddr(version=version)
-       | map("suffix", filter.sub
-                       | default(False)
-                       | ternary("+", ""))
-       | list %}
-{% set bgp_protos =
-       filter.bgp_proto
-       | default([])
-       | map("format_rev", 'proto {1} "bgp{2}_{0}"',
-             negate | ternary("!=", "="), version)
-       | list %}
-{% if networks or bgp_protos %}
-{% if networks %}
-{% set op = negate | ternary("!~", "~") %}
-    if net {{ op }} [ {{ networks | join(", ") }} ] then {
-{% elif bgp_protos %}
-{% set op = negate | ternary("&&", "||") %}
-    if {{ bgp_protos | join(" " + op  + " ") }} then {
-{% endif %}
-        {{ bird_filter(filter) | indent(8) }}
-    }
-{% else %}
-    {{ bird_filter(filter) | indent(4) }}
-{% endif %}
-{% endfor %}
-}
-
-{% endfor %}
-{% endfor %}
-{% endfor %}
-
-{% for name, session in bird__bgp_sessions.items() %}
-{% for local_address in session.local.address %}
-{% set version =
-       local_address
-       | ansible.utils.ipaddr(query="version") %}
-{% set remote_address =
-       session.remote.address
-       | ansible.utils.ipaddr(version=version)
-       | first %}
-protocol bgp bgp{{ version }}_{{ name }} {
-    local {{ local_address }} as {{ session.local.as }};
-    neighbor {{ remote_address }} as {{ session.remote.as }};
-    {{ "ipv4" if version == 4 else "ipv6" }} {
-{% if session.next_hop_self | default(False) %}
-        next hop self;
-{% endif %}
-{% if session.direct | default(False) %}
-        direct;
-{% endif %}
-        import filter bgp{{ version }}_import_{{ name }};
-        export filter bgp{{ version }}_export_{{ name }};
-    };
-}
-{% endfor %}
-{% endfor %}
-
-{% if bird__radv_interfaces %}
-protocol radv {
-{% for name, iface in bird__radv_interfaces.items() %}
-    interface {{ name | enquote }} {
-        max ra interval {{ bird__radv_max_interval | int }};
-{% for prefix in iface.prefix | default([]) %}
-        prefix {{ prefix | ipaddr }};
-{% endfor %}
-{% for domain in iface.domain_search | default([]) %}
-        dnssl {{ domain | enquote }};
-{% endfor %}
-    };
-{% endfor %}
-{% for address in bird__radv_dns_servers %}
-    rdnss {{ address | ipaddr }};
-{% endfor %}
-}
-{% endif %} #}