clerie/nixfiles
1
0
Fork 0
Code

Remove iBGP

Browse Source
This commit is contained in:
clerie 2020-12-17 23:43:52 +01:00
parent 28c585cd57
commit 9e7a395187
4 changed files with 52 additions and 224 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
hosts/carbon/configuration.nix
View File

@ -79,8 +79,6 @@
ipv6 table ospf6; ipv6 table ospf6;
ipv4 table ospf4; ipv4 table ospf4;
ipv6 table bgp6;
ipv4 table bgp4;
protocol direct direct_lo { protocol direct direct_lo {
interface "lo"; interface "lo";
@ -126,30 +124,6 @@
}; };
} }
protocol kernel kernel_bgp6 {
kernel table 2000;
ipv6 {
table bgp6;
export filter {
krt_prefsrc=${ (lib.head config.networking.interfaces.lo.ipv6.addresses).address };
accept;
};
import none;
};
}
protocol kernel kernel_bgp4 {
kernel table 2000;
ipv4 {
table bgp4;
export filter {
krt_prefsrc=${ (lib.head config.networking.interfaces.lo.ipv4.addresses).address };
accept;
};
import none;
};
}
protocol ospf v3 ospf_6 { protocol ospf v3 ospf_6 {
ipv6 { ipv6 {
table ospf6; table ospf6;
@ -178,50 +152,6 @@
}; };
} }
template bgp ibgp6 {
local as 4200002574;
graceful restart on;
source address ${ (lib.head config.networking.interfaces.lo.ipv6.addresses).address };
ipv6 {
table bgp6;
igp table ospf6;
next hop self;
import keep filtered;
import all;
export all;
};
}
template bgp ibgp4 {
local as 4200002574;
graceful restart on;
source address ${ (lib.head config.networking.interfaces.lo.ipv4.addresses).address };
ipv4 {
table bgp4;
igp table ospf4;
next hop self;
import keep filtered;
import all;
export all;
};
}
protocol bgp bgp_nonat6 from ibgp6 {
neighbor fd00:152:152:103::1 as 4200002574;
}
protocol bgp bgp_nonat4 from ibgp4 {
neighbor 10.152.103.1 as 4200002574;
}
protocol bgp bgp_porter6 from ibgp6 {
neighbor fd00:152:152:102::1 as 4200002574;
}
protocol bgp bgp_porter4 from ibgp4 {
neighbor 10.152.102.1 as 4200002574;
}
protocol device { protocol device {
scan time 10; scan time 10;
} }

84
hosts/nonat/configuration.nix
View File

@ -87,22 +87,6 @@
ipv6 table ospf6; ipv6 table ospf6;
ipv4 table ospf4; ipv4 table ospf4;
ipv6 table bgp6;
ipv4 table bgp4;
protocol static static_bgp6 {
ipv6 {
table bgp6;
};
route 2001:638:904::/48 via ${config.networking.defaultGateway6.address};
}
protocol static static_bgp4 {
ipv4 {
table bgp4;
};
route 141.24.0.0/16 via ${config.networking.defaultGateway.address};
}
protocol direct direct_lo { protocol direct direct_lo {
interface "lo"; interface "lo";
@ -148,30 +132,6 @@
}; };
} }
protocol kernel kernel_bgp6 {
kernel table 2000;
ipv6 {
table bgp6;
export filter {
krt_prefsrc=${ (lib.head config.networking.interfaces.lo.ipv6.addresses).address };
accept;
};
import none;
};
}
protocol kernel kernel_bgp4 {
kernel table 2000;
ipv4 {
table bgp4;
export filter {
krt_prefsrc=${ (lib.head config.networking.interfaces.lo.ipv4.addresses).address };
accept;
};
import none;
};
}
protocol ospf v3 ospf_6 { protocol ospf v3 ospf_6 {
ipv6 { ipv6 {
table ospf6; table ospf6;
@ -200,50 +160,6 @@
}; };
} }
template bgp ibgp6 {
local as 4200002574;
graceful restart on;
source address ${ (lib.head config.networking.interfaces.lo.ipv6.addresses).address };
ipv6 {
table bgp6;
igp table ospf6;
next hop self;
import keep filtered;
import all;
export all;
};
}
template bgp ibgp4 {
local as 4200002574;
graceful restart on;
source address ${ (lib.head config.networking.interfaces.lo.ipv4.addresses).address };
ipv4 {
table bgp4;
igp table ospf4;
next hop self;
import keep filtered;
import all;
export all;
};
}
protocol bgp bgp_carbon6 from ibgp6 {
neighbor fd00:152:152:104::1 as 4200002574;
}
protocol bgp bgp_carbon4 from ibgp4 {
neighbor 10.152.104.1 as 4200002574;
}
protocol bgp bgp_porter6 from ibgp6 {
neighbor fd00:152:152:102::1 as 4200002574;
}
protocol bgp bgp_porter4 from ibgp4 {
neighbor 10.152.102.1 as 4200002574;
}
protocol device { protocol device {
scan time 10; scan time 10;
} }

70
hosts/porter/configuration.nix
View File

@ -78,8 +78,6 @@
ipv6 table ospf6; ipv6 table ospf6;
ipv4 table ospf4; ipv4 table ospf4;
ipv6 table bgp6;
ipv4 table bgp4;
protocol direct { protocol direct {
interface "lo"; interface "lo";
@ -115,30 +113,6 @@
}; };
} }
protocol kernel kernel_bgp6 {
kernel table 2000;
ipv6 {
table bgp6;
export filter {
krt_prefsrc=${ (lib.head config.networking.interfaces.lo.ipv6.addresses).address };
accept;
};
import none;
};
}
protocol kernel kernel_bgp4 {
kernel table 2000;
ipv4 {
table bgp4;
export filter {
krt_prefsrc=${ (lib.head config.networking.interfaces.lo.ipv4.addresses).address };
accept;
};
import none;
};
}
protocol ospf v3 ospf_6 { protocol ospf v3 ospf_6 {
ipv6 { ipv6 {
table ospf6; table ospf6;
@ -175,50 +149,6 @@
}; };
} }
template bgp ibgp6 {
local as 4200002574;
graceful restart on;
source address ${ (lib.head config.networking.interfaces.lo.ipv6.addresses).address };
ipv6 {
table bgp6;
igp table ospf6;
next hop self;
import keep filtered;
import all;
export all;
};
}
template bgp ibgp4 {
local as 4200002574;
graceful restart on;
source address ${ (lib.head config.networking.interfaces.lo.ipv4.addresses).address };
ipv4 {
table bgp4;
igp table ospf4;
next hop self;
import keep filtered;
import all;
export all;
};
}
protocol bgp bgp_carbon6 from ibgp6 {
neighbor fd00:152:152:104::1 as 4200002574;
}
protocol bgp bgp_carbon4 from ibgp4 {
neighbor 10.152.104.1 as 4200002574;
}
protocol bgp bgp_nonat6 from ibgp6 {
neighbor fd00:152:152:103::1 as 4200002574;
}
protocol bgp bgp_nonat4 from ibgp4 {
neighbor 10.152.103.1 as 4200002574;
}
protocol device { protocol device {
scan time 10; scan time 10;
} }

52
modules/gre-tunnel/default.nix Normal file
View File

@ -0,0 +1,52 @@
{ config, lib, ... }:
with lib;
let
cfg = config.clerie.gre-tunnel;
checkOpts = { config, ... }@moduleAttrs: {
options = {
remote = mkOption {
type = types.str;
};
local = mkOption {
type = types.str;
};
address = mkOption {
type = types.str;
};
};
};
in {
options = {
clerie.gre-tunnel = {
enable = mkEnableOption "Declarative Policy-Routing";
ipv6 = mkOption {
type = with types; attrsOf (submodule checkOpts);
};
ipv4 = mkOption {
type = with types; attrsOf (submodule checkOpts);
};
};
};
config = mkIf cfg.enable {
clerie.gre-tunnel.rules = [
{ rule = "lookup main"; prio = 32000; }
];
networking.localCommands = ''
${concatMapStringsSep "\n" ( mapAttrsToList ( name: tunnel: ''
ip -6 tunnel add ${name} mode gre remote ${tunnel.remote} local ${tunnel.local}
ip link set ${name} up
ip -6 a add ${tunnel.address} dev ${name}
'') cfg.ipv6 ) }
${concatMapStringsSep "\n" ( mapAttrsToList ( name: tunnel: ''
ip -4 tunnel add ${name} mode gre remote ${tunnel.remote} local ${tunnel.local}
ip link set ${name} up
ip -4 a add ${tunnel.address} dev ${name}
'') cfg.ipv4 ) }
'';
};
}