IPv4 routing is now managed by routeur-aurore
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
This commit is contained in:
parent
a6ebdd0d3e
commit
fc8e8de428
GPG key ID:
3A75C55819C8CF85
2 changed files with 127 additions and 86 deletions
|
|
@ -8,13 +8,13 @@ global_defs {
|
|||
|
||||
|
||||
vrrp_instance VI_ROUT_aurore_IPv4 {
|
||||
{% if 'backup' in inventory_hostname %}
|
||||
{% if 'backup' in inventory_hostname %}
|
||||
state BACKUP
|
||||
priority 100
|
||||
{% else %}
|
||||
{% else %}
|
||||
state MASTER
|
||||
priority 150
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
|
||||
|
||||
# Interface used for VRRP communication.
|
||||
|
|
@ -35,6 +35,9 @@ vrrp_instance VI_ROUT_aurore_IPv4 {
|
|||
smtp_alert
|
||||
|
||||
virtual_ipaddress {
|
||||
# Hello Zayo
|
||||
83.167.52.69/31 dev ens1 scope global
|
||||
|
||||
# Routing
|
||||
10.129.0.254/16 brd 10.129.255.255 dev ens18 scope global
|
||||
|
||||
|
|
@ -54,21 +57,69 @@ vrrp_instance VI_ROUT_aurore_IPv4 {
|
|||
10.131.0.254/16 brd 10.131.255.255 dev ens23 scope global
|
||||
}
|
||||
|
||||
|
||||
virtual_routes {
|
||||
# IPv4 gateway: yggdrasil
|
||||
src 10.129.0.254 to 0.0.0.0/0 via 10.129.0.1 dev ens18
|
||||
src 10.129.0.254 to 10.129.0.0/16 dev ens18
|
||||
|
||||
# Fleming NAT
|
||||
src 10.129.0.254 to 10.10.0.0/16 via 10.129.1.254 dev ens18
|
||||
src 10.129.0.254 to 10.11.0.0/16 via 10.129.1.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.108.0/27 via 10.129.1.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.108.32/29 via 10.129.1.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.108.251 via 10.129.1.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.109.0/27 via 10.129.1.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.109.32/29 via 10.129.1.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.109.251 via 10.129.1.254 dev ens18
|
||||
# Pacaterie NAT
|
||||
src 10.129.0.254 to 10.20.0.0/16 via 10.129.2.254 dev ens18
|
||||
src 10.129.0.254 to 10.21.0.0/16 via 10.129.2.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.108.40/29 via 10.129.2.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.108.48/28 via 10.129.2.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.108.64/28 via 10.129.2.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.108.252 via 10.129.2.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.109.40/29 via 10.129.2.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.109.48/28 via 10.129.2.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.109.64/28 via 10.129.2.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.109.252 via 10.129.2.254 dev ens18
|
||||
# Rives NAT
|
||||
src 10.129.0.254 to 10.30.0.0/16 via 10.129.3.254 dev ens18
|
||||
src 10.129.0.254 to 10.31.0.0/16 via 10.129.3.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.108.80/28 via 10.129.3.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.108.96/28 via 10.129.3.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.108.112/29 via 10.129.3.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.108.253 via 10.129.3.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.109.80/28 via 10.129.3.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.109.96/28 via 10.129.3.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.109.112/29 via 10.129.3.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.109.253 via 10.129.3.254 dev ens18
|
||||
# EDC NAT
|
||||
src 10.129.0.254 to 10.40.0.0/16 via 10.129.4.254 dev ens18
|
||||
src 10.129.0.254 to 10.41.0.0/16 via 10.129.4.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.108.120/29 via 10.129.4.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.108.128/27 via 10.129.4.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.108.254 via 10.129.4.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.109.120/29 via 10.129.4.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.109.128/27 via 10.129.4.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.109.254 via 10.129.4.254 dev ens18
|
||||
# George Sand NAT
|
||||
src 10.129.0.254 to 10.50.0.0/16 via 10.129.5.254 dev ens18
|
||||
src 10.129.0.254 to 10.51.0.0/16 via 10.129.5.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.108.160/27 via 10.129.5.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.108.192/29 via 10.129.5.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.108.255 via 10.129.5.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.109.160/27 via 10.129.5.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.109.192/29 via 10.129.5.254 dev ens18
|
||||
src 10.129.0.254 to 45.66.109.255 via 10.129.5.254 dev ens18
|
||||
}
|
||||
}
|
||||
|
||||
vrrp_instance VI_ROUT_aurore_IPv6 {
|
||||
{% if 'backup' in inventory_hostname %}
|
||||
{% if 'backup' in inventory_hostname %}
|
||||
state BACKUP
|
||||
priority 100
|
||||
{% else %}
|
||||
{% else %}
|
||||
state MASTER
|
||||
priority 150
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
|
||||
|
||||
# Interface used for VRRP communication.
|
||||
|
|
@ -111,12 +162,7 @@ vrrp_instance VI_ROUT_aurore_IPv6 {
|
|||
2a09:6840:131::254/64 dev ens23 scope global
|
||||
}
|
||||
|
||||
|
||||
virtual_routes {
|
||||
# For IPv6, the master router is routeur-aurore, NOT yggdrasil,
|
||||
# because yggdrasil doesn't support BGPv6 announcements.
|
||||
src 2001:1b48:2:103::d7:2/126 to ::/0 via 2001:1b48:2:103::d7:1 dev ens1
|
||||
|
||||
# Routes return for ipv6 connectivity
|
||||
2a09:6840:10::/64 via 2a09:6840:129::1:254 dev ens18
|
||||
2a09:6840:11::/64 via 2a09:6840:129::1:254 dev ens18
|
||||
|
|
@ -128,4 +174,3 @@ vrrp_instance VI_ROUT_aurore_IPv6 {
|
|||
2a09:6840:51::/64 via 2a09:6840:129::5:254 dev ens18
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -8,13 +8,13 @@ global_defs {
|
|||
|
||||
|
||||
vrrp_instance VI_ROUT_{{ apartment_block }}_IPv4 {
|
||||
{% if 'backup' in inventory_hostname %}
|
||||
{% if 'backup' in inventory_hostname %}
|
||||
state BACKUP
|
||||
priority 100
|
||||
{% else %}
|
||||
{% else %}
|
||||
state MASTER
|
||||
priority 150
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
|
||||
|
||||
# Interface used for VRRP communication.
|
||||
|
|
@ -55,21 +55,20 @@ vrrp_instance VI_ROUT_{{ apartment_block }}_IPv4 {
|
|||
10.{{ subnet_ids.users_accueil }}.0.254/16 brd 10.{{ subnet_ids.users_accueil }}.255.255 dev ens23 scope global
|
||||
}
|
||||
|
||||
|
||||
virtual_routes {
|
||||
# 10.129.0.1 is Yggdrasil
|
||||
src 10.129.{{ apartment_block_id }}.254 to 0.0.0.0/0 via 10.129.0.1 dev ens19
|
||||
# gateway to routeur-aurore
|
||||
src 45.66.109.25{{ apartment_block_id }} to 0.0.0.0/0 via 10.129.0.254 dev ens19
|
||||
}
|
||||
}
|
||||
|
||||
vrrp_instance VI_ROUT_{{ apartment_block }}_IPv6 {
|
||||
{% if 'backup' in inventory_hostname %}
|
||||
{% if 'backup' in inventory_hostname %}
|
||||
state BACKUP
|
||||
priority 100
|
||||
{% else %}
|
||||
{% else %}
|
||||
state MASTER
|
||||
priority 150
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
|
||||
|
||||
# Interface used for VRRP communication.
|
||||
|
|
@ -103,10 +102,7 @@ vrrp_instance VI_ROUT_{{ apartment_block }}_IPv6 {
|
|||
|
||||
|
||||
virtual_routes {
|
||||
# For IPv6, the master router is routeur-aurore, NOT yggdrasil,
|
||||
# because yggdrasil doesn't support BGPv6 announcements.
|
||||
# gateway to routeur-aurore
|
||||
src {{ ipv6_base_prefix }}:129::{{ apartment_block_id }}:254 to ::/0 via {{ ipv6_base_prefix }}:129::0:254 dev ens19
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue