aurore/ansible
aurore/ansible
11
2
Fork 0
Code Issues 1 Pull requests 13 Releases Wiki Activity

wip: bird: misc

Browse source
This commit is contained in:
jeltz 2023-09-18 17:15:57 +02:00
parent fbdeddfc72
commit 35cdf782c8
Signed by: jeltz
GPG key ID: 800882B66C0C3326
10 changed files with 469 additions and 472 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
group_vars/all/bird.yml Normal file
View file

@ -0,0 +1,4 @@
---
bird__as:
aurore: 43619
...

47
group_vars/infra/bird.yml Normal file
View file

@ -0,0 +1,47 @@
---
bird__kernel:
kernel:
learn: true
import: accept
export: accept
bird__ospf:
limits:
import: 4000
export: 4000
import: accept
export:
protos: kernel
areas:
0:
broadcast:
- back0
stub:
- monit0
- wifi0
- int0
- sw0
- bmc0
- pve0
- isp0
- ext0
- ups0
1:
broadcast:
- vpn0
bird__bgp:
edge1:
local:
address: "{{ bird__bgp_addr.back }}"
as: "{{ bird__as.aurore }}"
neighbor:
address:
- 2a09:6840:203::1:1
- 10.203.1.1
as: "{{ bird__as.aurore }}"
import:
- pref_src: "{{ bird__pref_src_addr }}"
- accept
export: reject
...

53
group_vars/isp/bird.yml Normal file
View file

@ -0,0 +1,53 @@
---
bird__kernel:
kernel:
learn: true
import: accept
export: accept
bird__ospf:
limits:
import: 4000
export: 4000
import: accept
export:
protos: kernel
areas:
0:
broadcast:
- back0
stub:
- client0
- client1
- client2
- client3
- client4
bird__bgp:
edge1:
local:
address: "{{ bird__bgp_addr.back }}"
as: "{{ bird__as.aurore }}"
neighbor:
address:
- 2a09:6840:203::1:1
- 10.203.1.1
as: "{{ bird__as.aurore }}"
import:
- pref_src: "{{ bird__pref_src_addr }}"
- accept
export: reject
bird__radv:
rdnss:
- 2a09:6840:206::1:1
- 2a09:6840:206::1:2
interfaces:
client0:
max_interval: 5
prefixes:
- 2a09:6841::/64
dnssl: client0.isp.auro.re
domain_search:
- auro.re
...

3
group_vars/isp/keepalived.yml
View file

@ -25,5 +25,8 @@ keepalived__virtual_addresses:
- 2a09:6841:0:4::1/64 - 2a09:6841:0:4::1/64
- fe80::1/10 - fe80::1/10
keepalived__virtual_blackholes:
- 45.66.111.220/32
keepalived__main: "{{ inventory_hostname_short == 'isp-1' }}" keepalived__main: "{{ inventory_hostname_short == 'isp-1' }}"
... ...

11
host_vars/infra-1.back.infra.auro.re.yml
View file

@ -40,4 +40,15 @@ ifupdown2__interfaces:
addresses: addresses:
- 2a09:6840:213::1:1 - 2a09:6840:213::1:1
- 10.213.1.1 - 10.213.1.1
bird__router_id: 10.203.1.3
bird__bgp_addr:
back:
- 2a09:6840:203::1:3
- 10.203.1.3
bird__pref_src_addr:
- 2a09:6840:203::1:3
- 45.66.111.210
... ...

11
host_vars/infra-2.back.infra.auro.re.yml
View file

@ -40,4 +40,15 @@ ifupdown2__interfaces:
addresses: addresses:
- 2a09:6840:213::1:2 - 2a09:6840:213::1:2
- 10.213.1.2 - 10.213.1.2
bird__router_id: 10.203.1.4
bird__bgp_addr:
back:
- 2a09:6840:203::1:4
- 10.203.1.4
bird__pref_src_addr:
- 2a09:6840:203::1:4
- 45.66.111.211
... ...

12
host_vars/isp-1.back.infra.auro.re.yml
View file

@ -13,6 +13,7 @@ ifupdown2__interfaces:
back0: back0:
addresses: addresses:
- 2a09:6840:203::1:5/64 - 2a09:6840:203::1:5/64
- 45.66.111.211/32
- 10.203.1.5/16 - 10.203.1.5/16
trunk0: trunk0:
ipv6_addrgen: false ipv6_addrgen: false
@ -44,4 +45,15 @@ ifupdown2__interfaces:
vlan_id: 1004 vlan_id: 1004
vlan_raw_device: clients0 vlan_raw_device: clients0
ipv6_addrgen: false ipv6_addrgen: false
bird__router_id: 10.203.1.5
bird__bgp_addr:
back:
- 2a09:6840:203::1:5
- 10.203.1.5
bird__pref_src_addr:
- 2a09:6840:203::1:5
- 45.66.111.211
... ...

680
playbooks/bird.yml
View file

@ -1,5 +1,11 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
--- ---
- hosts:
- infra
- isp
roles:
- bird
#- hosts: #- hosts:
# - isp-1.back.infra.auro.re # - isp-1.back.infra.auro.re
# - isp-2.back.infra.auro.re # - isp-2.back.infra.auro.re
@ -85,78 +91,6 @@
# - bird # - bird
- hosts:
- infra-1.back.infra.auro.re
- infra-2.back.infra.auro.re
vars:
bird__as:
aurore: 43619
bird__router_ids:
infra-1: 10.203.1.3
infra-2: 10.203.1.4
bird__pref_src_addrs:
infra-1:
- 2a09:6840:203::1:3
- 45.66.111.210
infra-2:
- 2a09:6840:203::1:4
- 45.66.111.211
bird__bgp_addrs:
infra-1:
back:
- 2a09:6840:203::1:3
- 10.203.1.3
infra-2:
back:
- 2a09:6840:203::1:4
- 10.203.1.4
bird__router_id: "{{ bird__router_ids[inventory_hostname_short] }}"
bird__kernel:
kernel:
learn: true
import: accept
export: accept
bird__ospf:
limits:
import: 4000
export: 4000
import: accept
export:
protos: kernel
areas:
0:
broadcast:
- back0
stub:
- monit0
- wifi0
- int0
- sw0
- bmc0
- pve0
- isp0
- ext0
- ups0
1:
broadcast:
- vpn0
bird__bgp:
edge1:
local:
address: "{{ bird__bgp_addrs[inventory_hostname_short].back }}"
as: "{{ bird__as.aurore }}"
neighbor:
address:
- 2a09:6840:203::1:1
- 10.203.1.1
as: "{{ bird__as.aurore }}"
import:
- pref_src: "{{ bird__pref_src_addrs[inventory_hostname_short] }}"
- accept
export: reject
roles:
- bird
#- hosts: #- hosts:
# - infra-1.back.infra.auro.re # - infra-1.back.infra.auro.re
# - infra-2.back.infra.auro.re # - infra-2.back.infra.auro.re
@ -215,247 +149,247 @@
# roles: # roles:
# - bird # - bird
- hosts: #- hosts:
- edge-1.back.infra.auro.re # - edge-1.back.infra.auro.re
- edge-2.back.infra.auro.re # - edge-2.back.infra.auro.re
vars: # vars:
bird__router_ids: # bird__router_ids:
edge-1.back.infra.auro.re: 10.203.1.1 # edge-1.back.infra.auro.re: 10.203.1.1
edge-2.back.infra.auro.re: 10.203.1.2 # edge-2.back.infra.auro.re: 10.203.1.2
bird__asn: # bird__asn:
aurore: 43619 # aurore: 43619
crans: 204515 # crans: 204515
zayo: 8218 # zayo: 8218
viarezo: 212424 # viarezo: 212424
rezel: 199116 # rezel: 199116
bird__orig_prefixes: # bird__orig_prefixes:
aurore: # aurore:
- 45.66.108.0/22 # - 45.66.108.0/22
- 2a09:6840::/32 # - 2a09:6840::/32
- 2a09:6841::/32 # - 2a09:6841::/32
- 2a09:6842::/32 # - 2a09:6842::/32
crans: # crans:
- 185.230.76.0/22 # - 185.230.76.0/22
- 2a0c:700::/32 # - 2a0c:700::/32
viarezo: # viarezo:
- 138.195.144.0/20 # - 138.195.144.0/20
- 192.159.121.0/24 # - 192.159.121.0/24
- 2a0c:b641:2f0::/44 # - 2a0c:b641:2f0::/44
rezel: # rezel:
- 137.194.8.0/22 # - 137.194.8.0/22
- 2a09:6847::/32 # - 2a09:6847::/32
martians: # martians:
- 10.0.0.0/8 # - 10.0.0.0/8
- 172.16.0.0/12 # - 172.16.0.0/12
- 192.168.0.0/16 # - 192.168.0.0/16
- 100.64.0.0/10 # - 100.64.0.0/10
- 127.0.0.0/8 # - 127.0.0.0/8
- 169.254.0.0/16 # - 169.254.0.0/16
- 192.0.0.0/24 # - 192.0.0.0/24
- 192.0.2.0/24 # - 192.0.2.0/24
- 198.18.0.0/15 # - 198.18.0.0/15
- 198.51.100.0/24 # - 198.51.100.0/24
- 203.0.113.0/24 # - 203.0.113.0/24
- 224.0.0.0/4 # - 224.0.0.0/4
- 240.0.0.0/4 # - 240.0.0.0/4
- ::/128 # - ::/128
- ::1/128 # - ::1/128
- ::ffff:0:0/96 # - ::ffff:0:0/96
- ::/96 # - ::/96
- 100::/64 # - 100::/64
- 2001:10::/28 # - 2001:10::/28
- 2001:db8::/32 # - 2001:db8::/32
- fc00::/7 # - fc00::/7
- fe80::/10 # - fe80::/10
- fec0::/10 # - fec0::/10
- ff00::/8 # - ff00::/8
bird__router_id: "{{ bird__router_ids[inventory_hostname] }}" # bird__router_id: "{{ bird__router_ids[inventory_hostname] }}"
bird__bgp_addresses: # bird__bgp_addresses:
edge: # edge:
edge-1.back.infra.auro.re: # edge-1.back.infra.auro.re:
- 2a09:6840:203::1:1 # - 2a09:6840:203::1:1
- 10.203.1.1 # - 10.203.1.1
edge-2.back.infra.auro.re: # edge-2.back.infra.auro.re:
- 2a09:6840:203::1:2 # - 2a09:6840:203::1:2
- 10.203.1.2 # - 10.203.1.2
legacy: # legacy:
edge-1.back.infra.auro.re: # edge-1.back.infra.auro.re:
- 2a09:6840:129::10:2 # - 2a09:6840:129::10:2
- 10.129.10.2 # - 10.129.10.2
edge-2.back.infra.auro.re: # edge-2.back.infra.auro.re:
- 2a09:6840:129::10:102 # - 2a09:6840:129::10:102
- 10.129.10.102 # - 10.129.10.102
rezel: # rezel:
edge-1.back.infra.auro.re: # edge-1.back.infra.auro.re:
- 2a09:6842:19:9116::1 # - 2a09:6842:19:9116::1
- 45.66.111.1 # - 45.66.111.1
edge-2.back.infra.auro.re: # edge-2.back.infra.auro.re:
- 2a09:6842:19:9116::3 # - 2a09:6842:19:9116::3
- 45.66.111.3 # - 45.66.111.3
bird__bgp_sessions: # bird__bgp_sessions:
edge: # edge:
local: # local:
address: "{{ bird__bgp_addresses.edge[inventory_hostname] }}" # address: "{{ bird__bgp_addresses.edge[inventory_hostname] }}"
as: "{{ bird__asn.aurore }}" # as: "{{ bird__asn.aurore }}"
remote: # remote:
address: "{{ bird__bgp_addresses.edge # address: "{{ bird__bgp_addresses.edge
| dict2items # | dict2items
| selectattr('key', '!=', inventory_hostname) # | selectattr('key', '!=', inventory_hostname)
| map(attribute='value') # | map(attribute='value')
| first }}" # | first }}"
as: "{{ bird__asn.aurore }}" # as: "{{ bird__asn.aurore }}"
import: # import:
- accept: true # - accept: true
export: # export:
- local_pref: 75 # - local_pref: 75
accept: true # accept: true
vpn1: # vpn1:
local: # local:
address: "{{ bird__bgp_addresses.edge[inventory_hostname] }}" # address: "{{ bird__bgp_addresses.edge[inventory_hostname] }}"
as: "{{ bird__asn.aurore }}" # as: "{{ bird__asn.aurore }}"
remote: # remote:
address: # address:
- 2a09:6840:203::1:7 # - 2a09:6840:203::1:7
- 10.203.1.7 # - 10.203.1.7
as: "{{ bird__asn.aurore }}" # as: "{{ bird__asn.aurore }}"
import: # import:
- accept: false # - accept: false
export: # export:
- accept: true # - accept: true
vpn2: # vpn2:
local: # local:
address: "{{ bird__bgp_addresses.edge[inventory_hostname] }}" # address: "{{ bird__bgp_addresses.edge[inventory_hostname] }}"
as: "{{ bird__asn.aurore }}" # as: "{{ bird__asn.aurore }}"
remote: # remote:
address: # address:
- 2a09:6840:203::1:8 # - 2a09:6840:203::1:8
- 10.203.1.8 # - 10.203.1.8
as: "{{ bird__asn.aurore }}" # as: "{{ bird__asn.aurore }}"
import: # import:
- accept: false # - accept: false
export: # export:
- accept: false # - accept: false
legacy: # legacy:
next_hop_self: true # next_hop_self: true
local: # local:
address: "{{ bird__bgp_addresses.legacy[inventory_hostname] }}" # address: "{{ bird__bgp_addresses.legacy[inventory_hostname] }}"
as: "{{ bird__asn.aurore }}" # as: "{{ bird__asn.aurore }}"
remote: # remote:
address: # address:
- 2a09:6840:129::240 # - 2a09:6840:129::240
- 10.129.0.240 # - 10.129.0.240
as: "{{ bird__asn.aurore }}" # as: "{{ bird__asn.aurore }}"
import: # import:
- accept: false # - accept: false
export: # export:
- bgp_proto: # - bgp_proto:
- crans # - crans
- zayo # - zayo
- rezel1 # - rezel1
- rezel2 # - rezel2
accept: true # accept: true
- accept: false # - accept: false
zayo: # zayo:
local: # local:
address: # address:
- 83.167.52.69 # - 83.167.52.69
- 2001:1b48:2:103::d7:2 # - 2001:1b48:2:103::d7:2
as: "{{ bird__asn.aurore }}" # as: "{{ bird__asn.aurore }}"
remote: # remote:
address: # address:
- 83.167.52.68 # - 83.167.52.68
- 2001:1b48:2:103::d7:1 # - 2001:1b48:2:103::d7:1
as: "{{ bird__asn.zayo }}" # as: "{{ bird__asn.zayo }}"
import: # import:
- prefix: "{{ bird__orig_prefixes.martians }}" # - prefix: "{{ bird__orig_prefixes.martians }}"
sub: true # sub: true
accept: false # accept: false
- accept: true # - accept: true
export: # export:
- prefix: "{{ ['aurore', 'crans', 'viarezo', 'rezel'] # - prefix: "{{ ['aurore', 'crans', 'viarezo', 'rezel']
| map('extract', bird__orig_prefixes) # | map('extract', bird__orig_prefixes)
| flatten }}" # | flatten }}"
sub: true # sub: true
accept: true # accept: true
- accept: false ## - accept: false
crans: # crans:
local: # local:
address: # address:
- 185.230.79.254 # - 185.230.79.254
- 2a0c:700:28::2 # - 2a0c:700:28::2
as: "{{ bird__asn.aurore }}" # as: "{{ bird__asn.aurore }}"
remote: # remote:
address: # address:
- 185.230.79.253 # - 185.230.79.253
- 2a0c:700:28::1 # - 2a0c:700:28::1
as: "{{ bird__asn.crans }}" # as: "{{ bird__asn.crans }}"
import: # import:
- prefix: "{{ bird__orig_prefixes.crans }}" # - prefix: "{{ bird__orig_prefixes.crans }}"
sub: true # sub: true
accept: true # accept: true
- accept: false # - accept: false
export: # export:
- bgp_proto: # - bgp_proto:
- viarezo # - viarezo
- rezel1 # - rezel1
- rezel2 # - rezel2
- zayo # - zayo
accept: true # accept: true
- prefix: "{{ bird__orig_prefixes.aurore }}" # - prefix: "{{ bird__orig_prefixes.aurore }}"
sub: true # sub: true
accept: true # accept: true
- accept: false # - accept: false
rezel1: # rezel1:
local: # local:
address: "{{ bird__bgp_addresses.rezel[inventory_hostname] }}" # address: "{{ bird__bgp_addresses.rezel[inventory_hostname] }}"
as: "{{ bird__asn.aurore }}" # as: "{{ bird__asn.aurore }}"
remote: # remote:
address: # address:
- 2a09:6842:19:9116::2 # - 2a09:6842:19:9116::2
- 45.66.111.2 # - 45.66.111.2
as: "{{ bird__asn.rezel }}" # as: "{{ bird__asn.rezel }}"
import: # import:
- prefix: "{{ bird__orig_prefixes.rezel }}" # - prefix: "{{ bird__orig_prefixes.rezel }}"
sub: true # sub: true
accept: true # accept: true
- accept: false # - accept: false
export: # export:
- bgp_proto: # - bgp_proto:
- edge # - edge
- viarezo # - viarezo
- crans # - crans
- zayo # - zayo
accept: true # accept: true
- prefix: "{{ bird__orig_prefixes.aurore }}" # - prefix: "{{ bird__orig_prefixes.aurore }}"
sub: true # sub: true
accept: true # accept: true
- accept: false # - accept: false
rezel2: # rezel2:
local: # local:
address: "{{ bird__bgp_addresses.rezel[inventory_hostname] }}" # address: "{{ bird__bgp_addresses.rezel[inventory_hostname] }}"
as: "{{ bird__asn.aurore }}" # as: "{{ bird__asn.aurore }}"
remote: # remote:
address: # address:
- 2a09:6842:19:9116::4 # - 2a09:6842:19:9116::4
- 45.66.111.4 # - 45.66.111.4
as: "{{ bird__asn.rezel }}" # as: "{{ bird__asn.rezel }}"
import: # import:
- local_pref: 75 # - local_pref: 75
- prefix: "{{ bird__orig_prefixes.rezel }}" # - prefix: "{{ bird__orig_prefixes.rezel }}"
sub: true # sub: true
accept: true # accept: true
- accept: false # - accept: false
export: # export:
- bgp_proto: # - bgp_proto:
- edge # - edge
- viarezo # - viarezo
- crans # - crans
- zayo # - zayo
accept: true # accept: true
- prefix: "{{ bird__orig_prefixes.aurore }}" # - prefix: "{{ bird__orig_prefixes.aurore }}"
sub: true # sub: true
accept: true # accept: true
- accept: false # - accept: false
# viarezo: # viarezo:
# local: # local:
# address: # address:
@ -485,65 +419,65 @@
# - zayo # - zayo
# accept: true # accept: true
# - accept: false # - accept: false
bird__ospf_broadcast_interfaces: # bird__ospf_broadcast_interfaces:
back0: null # back0: null
bird__ospf_stub_interfaces: # bird__ospf_stub_interfaces:
- crans0 # - crans0
- zayo0 # - zayo0
- rezel0 # - rezel0
- viarezo0 # - viarezo0
bird__static_unreachable: "{{ bird__orig_prefixes.aurore }}" # bird__static_unreachable: "{{ bird__orig_prefixes.aurore }}"
roles: # roles:
- bird # - bird
- hosts: #- hosts:
- vpn-1.back.infra.auro.re # - vpn-1.back.infra.auro.re
- vpn-2.back.infra.auro.re # - vpn-2.back.infra.auro.re
vars: # vars:
bird__asn: # bird__asn:
aurore: 43619 # aurore: 43619
bird__router_ids: # bird__router_ids:
vpn-1.back.infra.auro.re: 10.203.1.7 # vpn-1.back.infra.auro.re: 10.203.1.7
vpn-2.back.infra.auro.re: 10.203.1.8 # vpn-2.back.infra.auro.re: 10.203.1.8
bird__router_id: "{{ bird__router_ids[inventory_hostname] }}" # bird__router_id: "{{ bird__router_ids[inventory_hostname] }}"
bird__bgp_addresses: # bird__bgp_addresses:
vpn-1.back.infra.auro.re: # vpn-1.back.infra.auro.re:
- 2a09:6840:203::1:7 # - 2a09:6840:203::1:7
- 10.203.1.7 # - 10.203.1.7
vpn-2.back.infra.auro.re: # vpn-2.back.infra.auro.re:
- 2a09:6840:203::1:8 # - 2a09:6840:203::1:8
- 10.203.1.8 # - 10.203.1.8
bird__bgp_sessions: # bird__bgp_sessions:
edge1: # edge1:
local: # local:
address: "{{ bird__bgp_addresses[inventory_hostname] }}" # address: "{{ bird__bgp_addresses[inventory_hostname] }}"
as: "{{ bird__asn.aurore }}" # as: "{{ bird__asn.aurore }}"
remote: # remote:
address: # address:
- 2a09:6840:203::1:1 # - 2a09:6840:203::1:1
- 10.203.1.1 # - 10.203.1.1
as: "{{ bird__asn.aurore }}" # as: "{{ bird__asn.aurore }}"
import: # import:
- accept: true # - accept: true
export: # export:
- accept: false # - accept: false
edge2: # edge2:
local: # local:
address: "{{ bird__bgp_addresses[inventory_hostname] }}" # address: "{{ bird__bgp_addresses[inventory_hostname] }}"
as: "{{ bird__asn.aurore }}" # as: "{{ bird__asn.aurore }}"
remote: # remote:
address: # address:
- 2a09:6840:203::1:2 # - 2a09:6840:203::1:2
- 10.203.1.2 # - 10.203.1.2
as: "{{ bird__asn.aurore }}" # as: "{{ bird__asn.aurore }}"
import: # import:
- accept: true # - accept: true
export: # export:
- accept: false # - accept: false
bird__ospf_broadcast_interfaces: # bird__ospf_broadcast_interfaces:
back0: null # back0: null
bird__ospf_stub_interfaces: # bird__ospf_stub_interfaces:
- wg0 ## - wg0
roles: # roles:
- bird # - bird
... ...

BIN
roles/bird/templates/.bird.conf.j2.swp Normal file
View file

Binary file not shown.

120
roles/bird/templates/bird.conf.j2
View file

@ -112,6 +112,27 @@ protocol bgp {{ name | bird_name(ipv4) }} {
{% endfor %} {% endfor %}
{% endfor %} {% endfor %}
{% if bird__radv is defined %}
protocol radv {
{% set interfaces = bird__radv.interfaces | default({}) %}
{% for iface, radv in interfaces.items() %}
interface {{ iface | enquote }} {
max ra interval {{ radv.max_interval
| default(bird__radv_max_interval) }};
{% for prefix in radv.prefixes | default([]) %}
prefix {{ prefix }};
{% endfor %}
{% for domain in radv.domain_search | default([]) %}
dnssl {{ domain | enquote }};
{% endfor %}
};
{% endfor %}
{% for addr in bird__radv.rdnss | default([]) %}
rdnss {{ addr }};
{% endfor %}
}
{% endif %}
{# {% if bird__static_unreachable | ansible.utils.ipv4 %} {# {% if bird__static_unreachable | ansible.utils.ipv4 %}
protocol static unreachable4 { protocol static unreachable4 {
ipv4 { ipv4 {
@ -133,102 +154,3 @@ protocol static unreachable6 {
{% endfor %} {% endfor %}
} }
{% endif %} #} {% endif %} #}
{# {% macro bird_filter(filter, last) %}
{% if filter.as_prepend is defined %}
{% for _ in range(filter.as_prepend.size) %}
bgp_path.prepend({{ filter.as_prepend.asn }});
{% endfor %}
{% endif %}
{% if filter.local_pref is defined %}
bgp_local_pref = {{ filter.local_pref }};
{% endif %}
{% if filter.accept is defined %}
{{ filter.accept | ternary("accept", "reject") }};
{% endif %}
{% endmacro %}
{% for name, session in bird__bgp_sessions.items() %}
{% for version in [4, 6] %}
{% for direction in ["import", "export"] %}
filter bgp{{ version }}_{{ direction }}_{{ name }} {
{% for filter in session[direction] %}
{% set negate = filter.negate | default(False) %}
{% set networks =
filter.prefix
| default([])
| ansible.utils.ipaddr(version=version)
| map("suffix", filter.sub
| default(False)
| ternary("+", ""))
| list %}
{% set bgp_protos =
filter.bgp_proto
| default([])
| map("format_rev", 'proto {1} "bgp{2}_{0}"',
negate | ternary("!=", "="), version)
| list %}
{% if networks or bgp_protos %}
{% if networks %}
{% set op = negate | ternary("!~", "~") %}
if net {{ op }} [ {{ networks | join(", ") }} ] then {
{% elif bgp_protos %}
{% set op = negate | ternary("&&", "||") %}
if {{ bgp_protos | join(" " + op + " ") }} then {
{% endif %}
{{ bird_filter(filter) | indent(8) }}
}
{% else %}
{{ bird_filter(filter) | indent(4) }}
{% endif %}
{% endfor %}
}
{% endfor %}
{% endfor %}
{% endfor %}
{% for name, session in bird__bgp_sessions.items() %}
{% for local_address in session.local.address %}
{% set version =
local_address
| ansible.utils.ipaddr(query="version") %}
{% set remote_address =
session.remote.address
| ansible.utils.ipaddr(version=version)
| first %}
protocol bgp bgp{{ version }}_{{ name }} {
local {{ local_address }} as {{ session.local.as }};
neighbor {{ remote_address }} as {{ session.remote.as }};
{{ "ipv4" if version == 4 else "ipv6" }} {
{% if session.next_hop_self | default(False) %}
next hop self;
{% endif %}
{% if session.direct | default(False) %}
direct;
{% endif %}
import filter bgp{{ version }}_import_{{ name }};
export filter bgp{{ version }}_export_{{ name }};
};
}
{% endfor %}
{% endfor %}
{% if bird__radv_interfaces %}
protocol radv {
{% for name, iface in bird__radv_interfaces.items() %}
interface {{ name | enquote }} {
max ra interval {{ bird__radv_max_interval | int }};
{% for prefix in iface.prefix | default([]) %}
prefix {{ prefix | ipaddr }};
{% endfor %}
{% for domain in iface.domain_search | default([]) %}
dnssl {{ domain | enquote }};
{% endfor %}
};
{% endfor %}
{% for address in bird__radv_dns_servers %}
rdnss {{ address | ipaddr }};
{% endfor %}
}
{% endif %} #}