aurore/ansible
aurore/ansible
11
2
Fork 0
Code Issues 1 Pull requests 13 Releases Wiki Activity
ansible/roles/bird/templates/bird.conf.j2
jeltz 99ba67f074
bird: add IPv6 support
2022-12-21 18:43:00 +01:00

245 lines
6.2 KiB
Django/Jinja
Raw Blame History

P{{ ansible_managed | comment }}
log syslog all;
router id {{ bird__router_id }};
protocol device {
scan time 10;
}
protocol direct {
ipv4;
ipv6;
}
protocol kernel kernel4 {
ipv4 {
import all;
export where source != RTS_DEVICE;
};
}
protocol kernel kernel6 {
ipv6 {
import all;
export where source != RTS_DEVICE;
};
}
{% if bird__static_unreachable | ansible.utils.ipv4 %}
protocol static unreachable4 {
ipv4 {
export all;
};
{% for route in bird__static_unreachable | ansible.utils.ipv4 %}
route {{ route }} unreachable;
{% endfor %}
}
{% endif %}
{% if bird__static_unreachable | ansible.utils.ipv6 %}
protocol static unreachable6 {
ipv6 {
export all;
};
{% for route in bird__static_unreachable | ansible.utils.ipv6 %}
route {{ route }} unreachable;
{% endfor %}
}
{% endif %}
protocol ospf v2 ospf4 {
ipv4 {
import all;
export where source ~ [ RTS_STATIC, RTS_DEVICE ];
};
area 0 {
{% for network in bird__ospf_stub_networks | ansible.utils.ipv4 %}
stubnet {{ network }};
{% endfor %}
{% for name, iface in bird__ospf_broadcast_interfaces.items() %}
interface {{ name | enquote }} {
type broadcast;
hello {{ iface.hello | default(bird__ospf_hello) | int }};
retransmit {{ iface.retransmit
| default(bird__ospf_retransmit)
| int }};
wait {{ iface.wait | default(bird__ospf_wait) | int }};
dead {{ iface.dead | default(bird__ospf_dead) | int }};
};
{% endfor %}
{% for name in bird__ospf_stub_interfaces %}
interface {{ name | enquote }} {
stub;
};
{% endfor %}
};
}
protocol ospf v3 ospf6 {
ipv6 {
import all;
export where source ~ [ RTS_STATIC, RTS_DEVICE ];
};
area 0 {
{% for network in bird__ospf_stub_networks | ansible.utils.ipv6 %}
stubnet {{ network }};
{% endfor %}
{% for name, iface in bird__ospf_broadcast_interfaces.items() %}
interface {{ name | enquote }} {
type broadcast;
hello {{ iface.hello | default(bird__ospf_hello) | int }};
retransmit {{ iface.retransmit
| default(bird__ospf_retransmit)
| int }};
wait {{ iface.wait | default(bird__ospf_wait) | int }};
dead {{ iface.dead | default(bird__ospf_dead) | int }};
};
{% endfor %}
{% for name in bird__ospf_stub_interfaces %}
interface {{ name | enquote }} {
stub;
};
{% endfor %}
};
}
{% for session in bird__bgp_sessions %}
{% for local_address in session.local.address %}
{%
set version =
local_address
| ansible.utils.ipaddr(query="version")
%}
{%
set remote_address =
session.remote.address
| ansible.utils.ipaddr(version=version)
| first
%}
protocol bgp bgp_{{ session.name }}{{ version }} {
local {{ local_address }} as {{ session.local.as }};
neighbor {{ remote_address }} as {{ session.remote.as }};
{{ "ipv4" if version == 4 else "ipv6" }} {
import filter {
{% for pref in session.import.local_pref | default([]) %}
{%
set networks =
pref.prefix
| default([])
| ansible.utils.ipaddr(version=version)
| map("suffix", pref.sub
| default(False)
| ternary("+", ""))
%}
{% set operator = pref.negate | default(False) | ternary("!~", "~") %}
{% if networks %}
if net {{ operator }} [ {{ networks | join(", ") }} ] then {
bgp_local_pref = {{ pref.pref | int }};
}
{% endif %}
{% endfor %}
{% if session.import.accept == "all" %}
accept;
{% else %}
{% for accept in session.import.accept | default([]) %}
{%
set networks =
accept.prefix
| default([])
| ansible.utils.ipaddr(version=version)
| map("suffix", accept.sub
| default(False)
| ternary("+", ""))
%}
{% set operator = accept.negate | default(False) | ternary("!~", "~") %}
{% if networks %}
if net {{ operator }} [ {{ networks | join(",") }} ] then accept;
{% endif %}
{% endfor %}
reject;
{% endif %}
};
export filter {
{% for prepend in session.export.as_prepend | default([]) %}
{%
set networks =
prepend.prefix
| default([])
| ansible.utils.ipaddr(version=version)
| map("suffix", prepend.sub
| default(False)
| ternary("+", ""))
%}
{% set operator = prepend.negate | default(False) | ternary("!~", "~") %}
{% if networks %}
if net {{ operator }} [ {{ networks | join(", ") }} ] then {
{% for _ in range(prepend.size) %}
bgp_path.prepend({{ session.local.as }});
{% endfor %}
}
{% endif %}
{% endfor %}
{% if session.export.accept == "all" %}
accept;
{% else %}
{% for accept in session.export.accept | default([]) %}
{%
set networks =
accept.prefix
| default([])
| ansible.utils.ipaddr(version=version)
| map("suffix", accept.sub
| default(False)
| ternary("+", ""))
%}
{% set operator = accept.negate | default(False) | ternary("!~", "~") %}
{% if networks %}
if net {{ operator }} [ {{ networks | join(", ") }} ] then accept;
{% endif %}
{% endfor %}
reject;
{% endif %}
};
};
}
{% endfor %}
{% endfor %}
{% if bird__radv_interfaces %}
protocol radv {
{% for name, iface in bird__radv_interfaces.items() %}
interface {{ name | enquote }} {
max ra interval {{ bird__radv_max_interval | int }};
{% for prefix in iface.prefix | default([]) %}
prefix {{ prefix | ipaddr }};
{% endfor %}
{% for domain in iface.domain_search | default([]) %}
dnssl {{ domain | enquote }};
{% endfor %}
};
{% endfor %}
{% for address in bird__radv_dns_servers %}
rdnss {{ address | ipaddr }};
{% endfor %}
}
{% endif %}
Reference in a new issue View git blame Copy permalink