109 lines
2.7 KiB
Text
109 lines
2.7 KiB
Text
global_defs {
|
|
notification_email {
|
|
monitoring.aurore@lists.crans.org
|
|
}
|
|
notification_email_from routeur-{{ apartment_block }}{% if 'backup' in inventory_hostname %}-backup{% endif %}@auro.re
|
|
smtp_server smtp.crans.org
|
|
}
|
|
|
|
|
|
vrrp_instance VI_ROUT_{{ apartment_block }}_IPv4 {
|
|
{% if 'backup' in inventory_hostname %}
|
|
state BACKUP
|
|
priority 100
|
|
{% else %}
|
|
state MASTER
|
|
priority 150
|
|
{% endif %}
|
|
|
|
|
|
# Interface used for VRRP communication.
|
|
interface ens18
|
|
|
|
# Shared by MASTER and BACKUP
|
|
virtual_router_id 4{{ apartment_block_id }}
|
|
|
|
# Timeout in seconds before failover kicks in.
|
|
advert_int 2
|
|
|
|
# Used to authenticate VRRP communication between master and backup.
|
|
authentication {
|
|
auth_type PASS
|
|
auth_pass {{ keepalived_password }}
|
|
}
|
|
|
|
smtp_alert
|
|
|
|
virtual_ipaddress {
|
|
# Routing subnet
|
|
10.129.{{ apartment_block_id }}.254/16 brd 10.129.255.255 dev ens19 scope global
|
|
|
|
|
|
# NATed subnet: wired
|
|
45.66.108.25{{ apartment_block_id }}/24 brd 45.66.108.255 dev ens19 scope global
|
|
|
|
# NATed subnet: wifi
|
|
45.66.109.25{{ apartment_block_id }}/24 brd 45.66.109.255 dev ens19 scope global
|
|
|
|
# Wired
|
|
10.{{ subnet_ids.users_wired }}.0.254/16 brd 10.{{ subnet_ids.users_wired }}.255.255 dev ens20 scope global
|
|
|
|
# Wifi
|
|
10.{{ subnet_ids.users_wifi }}.0.254/16 brd 10.{{ subnet_ids.users_wifi }}.255.255 dev ens21 scope global
|
|
}
|
|
|
|
|
|
virtual_routes {
|
|
# 10.129.0.1 is Yggdrasil
|
|
src 10.129.{{ apartment_block_id }}.254 to 0.0.0.0/0 via 10.129.0.1 dev ens19
|
|
}
|
|
}
|
|
|
|
vrrp_instance VI_ROUT_{{ apartment_block }}_IPv6 {
|
|
{% if 'backup' in inventory_hostname %}
|
|
state BACKUP
|
|
priority 100
|
|
{% else %}
|
|
state MASTER
|
|
priority 150
|
|
{% endif %}
|
|
|
|
|
|
# Interface used for VRRP communication.
|
|
interface ens18
|
|
|
|
# Shared by MASTER and BACKUP
|
|
virtual_router_id 6{{ apartment_block_id }}
|
|
|
|
# Timeout in seconds before failover kicks in.
|
|
advert_int 2
|
|
|
|
# Used to authenticate VRRP communication between master and backup.
|
|
authentication {
|
|
auth_type PASS
|
|
auth_pass {{ keepalived_password }}
|
|
}
|
|
|
|
smtp_alert
|
|
|
|
virtual_ipaddress {
|
|
# Routing subnet
|
|
fe80::1/64 dev ens19 scope global
|
|
{{ ipv6_base_prefix }}:129::{{ apartment_block_id }}:254/64 dev ens19 scope global
|
|
|
|
# Wired
|
|
fe80::1/64 dev ens20 scope global
|
|
|
|
# Wifi
|
|
fe80::1/64 dev ens21 scope global
|
|
}
|
|
|
|
|
|
virtual_routes {
|
|
# For IPv6, the master router is routeur-aurore, NOT yggdrasil,
|
|
# because yggdrasil doesn't support BGPv6 announcements.
|
|
src {{ ipv6_base_prefix }}:129::{{ apartment_block_id }}:254 to ::/0 via {{ ipv6_base_prefix }}:129::0:254 dev ens19
|
|
}
|
|
}
|
|
|
|
|