keepalived + bird: fix IP addrs + OSPF

2023-01-07 03:19:40 +01:00 · 2023-01-07 03:19:40 +01:00 · 5eff05f8c5
commit 5eff05f8c5
parent eca5d1563d
5 changed files with 42 additions and 30 deletions
--- a/all.yml
+++ b/all.yml
@ -5,7 +5,10 @@
 - import_playbook: playbooks/ssh.yml
 - import_playbook: playbooks/chronyd.yml
 - import_playbook: playbooks/kresd.yml
 - import_playbook: playbooks/knotd.yml
 - import_playbook: playbooks/resolvconf.yml
 - import_playbook: playbooks/ifupdown2.yml
 - import_playbook: playbooks/keepalived.yml
 - import_playbook: playbooks/dhcpd.yml
 - import_playbook: playbooks/bird.yml
 ...
--- a/playbooks/bird.yml
+++ b/playbooks/bird.yml
@ -36,6 +36,14 @@
          - client-4.isp.auro.re
    bird__radv_dns_servers:
      - 2a09:6840:128::10:3
    bird__ospf_broadcast_interfaces:
      ens19: null
    bird__ospf_stub_interfaces:
      - clients-0
      - clients-1
      - clients-2
      - clients-3
      - clients-4
  roles:
    - bird
@ -47,6 +55,16 @@
      infra-1.rtr.infra.auro.re: 10.203.0.3
      infra-2.rtr.infra.auro.re: 10.203.0.4
    bird__router_id: "{{ bird__router_ids[inventory_hostname] }}"
    bird__ospf_broadcast_interfaces:
      ens19: null
    bird__ospf_stub_interfaces:
      - ens20
      - ens21
      - ens22
      - ens23
      - enp2s1
      - enp2s2
      - enp2s3
  roles:
    - bird
@ -99,11 +117,9 @@
        - fec0::/10
        - ff00::/8
    bird__router_id: "{{ bird__router_ids[inventory_hostname] }}"
-    bird__ospf_broadcast_interfaces:
+    #bird__ospf_stub_networks:
-      ens22: null
+    #  - 0.0.0.0/0
-    bird__ospf_stub_networks:
+    #  - ::/0
      - 0.0.0.0/0
      - ::/0
    bird__bgp_sessions:
      - name: zayo
        local:
@ -168,9 +184,15 @@
              asn: "{{ bird__asn.aurore }}"
              size: 3
          - accept: true
-    bird__static_unreachable:
+    bird__ospf_broadcast_interfaces:
-      - 45.66.108.0/22
+      ens22: null
-      - 2a09:6840::/29
+    bird__ospf_stub_interfaces:
      - ens19
      - ens20
      - ens21
    #bird__static_unreachable:
    #  - 45.66.108.0/22
    #  - 2a09:6840::/29
  roles:
    - bird
 ...
--- a/playbooks/ifupdown2.yml
+++ b/playbooks/ifupdown2.yml
@ -108,13 +108,13 @@
        ens23:
          ipv6_addrgen: false
          forward: true
-        ens1:
+        enp2s1:
          ipv6_addrgen: false
          forward: true
-        ens2:
+        enp2s2:
          ipv6_addrgen: false
          forward: true
-        enp1s3:
+        enp2s3:
          ipv6_addrgen: false
          forward: true
      infra-2.rtr.infra.auro.re:
@ -140,13 +140,13 @@
        ens23:
          ipv6_addrgen: false
          forward: true
-        ens1:
+        enp2s1:
          ipv6_addrgen: false
          forward: true
-        ens2:
+        enp2s2:
          ipv6_addrgen: false
          forward: true
-        enp1s3:
+        enp2s3:
          ipv6_addrgen: false
          forward: true
      isp-1.rtr.infra.auro.re:
--- a/playbooks/keepalived.yml
+++ b/playbooks/keepalived.yml
@ -75,15 +75,15 @@
        - 10.207.0.1/16
        - 2a09:6840:207::1/56
        - fe80::1/10
-      ens1:
+      enp2s1:
        - 10.208.0.1/16
        - 2a09:6840:208::1/56
        - fe80::1/10
-      ens2:
+      enp2s2:
        - 10.209.0.1/16
        - 2a09:6840:209::1/56
        - fe80::1/10
-      enp1s3:
+      enp2s3:
        - 10.210.0.1/16
        - 2a09:6840:210::1/56
        - fe80::1/10
--- a/roles/bird/templates/bird.conf.j2
+++ b/roles/bird/templates/bird.conf.j2
@ -27,7 +27,6 @@ protocol kernel kernel6 {
    };
 }
 {% if bird__static_unreachable | ansible.utils.ipv4 %}
 protocol static unreachable4 {
    ipv4 {
@ -52,12 +51,10 @@ protocol static unreachable6 {
 {% if bird__ospf_broadcast_interfaces %}
 protocol ospf v2 ospf4 {
    ipv4 {
        import all;
        export where source ~ [ RTS_STATIC, RTS_DEVICE ];
    };
    area 0 {
 {% for network in bird__ospf_stub_networks | ansible.utils.ipv4 %}
        stubnet {{ network }};
@ -85,12 +82,10 @@ protocol ospf v2 ospf4 {
 {% if bird__ospf_broadcast_interfaces %}
 protocol ospf v3 ospf6 {
    ipv6 {
        import all;
        export where source ~ [ RTS_STATIC, RTS_DEVICE ];
    };
    area 0 {
 {% for network in bird__ospf_stub_networks | ansible.utils.ipv6 %}
        stubnet {{ network }};
@ -112,7 +107,6 @@ protocol ospf v3 ospf6 {
        };
 {% endfor %}
    };
 }
 {% endif %}
@ -172,23 +166,18 @@ filter bgp{{ version }}_{{ direction }}_{{ session.name }} {
       | ansible.utils.ipaddr(version=version)
       | first %}
 protocol bgp bgp{{ version }}_{{ session.name }} {
    local {{ local_address }} as {{ session.local.as }};
    neighbor {{ remote_address }} as {{ session.remote.as }};
    {{ "ipv4" if version == 4 else "ipv6" }} {
        import filter bgp{{ version }}_import_{{ session.name }};
        export filter bgp{{ version }}_export_{{ session.name }};
    };
 }
 {% endfor %}
 {% endfor %}
 {% if bird__radv_interfaces %}
 protocol radv {
 {% for name, iface in bird__radv_interfaces.items() %}
    interface {{ name | enquote }} {
        max ra interval {{ bird__radv_max_interval | int }};
@ -200,10 +189,8 @@ protocol radv {
 {% endfor %}
    };
 {% endfor %}
 {% for address in bird__radv_dns_servers %}
    rdnss {{ address | ipaddr }};
 {% endfor %}
 }
 {% endif %}