Rework BGP home to iBGP

2020-04-25 11:24:24 +02:00 · 2020-04-25 11:24:24 +02:00 · 622a68301a
parent b9f788336d
commit 622a68301a
4 changed files with 25 additions and 8 deletions
--- a/host_vars/frb1.cph.dk.routers.v6.hessnet.dk.yml
+++ b/host_vars/frb1.cph.dk.routers.v6.hessnet.dk.yml
@ -15,12 +15,17 @@ bgp_peers:
    neighbor_ip: "2a01:4262:1ab:20::1"

  - name: "hessnet_home"
-    template: "peer_hessnet"
-    peer_asn: "64512"
+    template: "ibgp_hessnet"
+    peer_asn: "209616"
    neighbor_ip: "2001:678:15c:a00::1"
    filters:
-      export: "{ peer_export_dfz(); }"
-      import: "myroutes_import_export"
+      import: "{ accept; }"
+      export: "{ if is_own_route() then reject; accept; }"
+
+  - name: "ibgp_fra1"
+    template: "ibgp_hessnet"
+    peer_asn: "209616"
+    neighbor_ip: "2001:678:15c:b00::"

 announce_from_here: true
 configure_static_multihop_routes: false
@ -35,3 +40,4 @@ wireguard:
          36306139376436666165393831363435626633313935333838613938616631666531343964666464
          3833643632343962666464383336626234646362336531366331
  publickey: IBJriIpmeq+hqVCBYPn7PxDXhH/ymxpG+6BOYedfZXY=
+  
--- a/2
+++ b/2
@ -6,7 +6,7 @@ archvm2.hosts.v6.hessnet.dk
 vul1.ams.nl.routers.v6.hessnet.dk

 [routers_copenhagen]
-frb1.cph.dk.routers.v6.hessnet.dk
+frb1.cph.dk.routers.v6.hessnet.dk ansible_host=hessnet-router.hessnet.dk

 [routers:children]
 routers_vultr
--- a/roles/bird/templates/bird.conf.j2
+++ b/roles/bird/templates/bird.conf.j2
@ -92,7 +92,7 @@ function peer_export_dfz_and_default() {
 }

 filter kernel_export {
-	if source !~ [ RTS_BGP, RTS_OSPF, RTS_STATIC ] then reject;
+	if source !~ [ RTS_BGP, RTS_OSPF, RTS_OSPF_EXT1, RTS_OSPF_EXT2, RTS_STATIC ] then reject;
 	if is_default_route() then accept;
 	if is_own_route() then accept;
 	reject;
@ -100,6 +100,7 @@ filter kernel_export {

 filter ospf_export {
 	if source = RTS_DEVICE then accept;
+	if is_own_route() then accept;
 	reject;
 }

@ -119,7 +120,7 @@ filter transit_export {
 }

 filter myroutes_import_export {
-	if source !~ [ RTS_BGP, RTS_OSPF, RTS_STATIC ] then reject;
+	if source !~ [ RTS_BGP, RTS_OSPF, RTS_OSPF_EXT1, RTS_OSPF_EXT2, RTS_STATIC ] then reject;
 	if is_own_route() then accept;
 	reject;
 }
@ -232,6 +233,15 @@ template bgp peer_hessnet {
 	};
 }

+template bgp ibgp_hessnet {
+ 	local as my_asn;
+	ipv6 {
+		next hop self;
+ 		import all;
+		export all;  
+	};
+}
+
 {% for peer in bgp_peers %}
 protocol bgp {{ peer.name }} from {{ peer.template }} {
 	neighbor {{peer.neighbor_ip}} as {{peer.peer_asn}};
@ -257,6 +267,7 @@ protocol ospf v3 {
 		
 		interface "wg*" { };
 		interface "tun*" { };
+		interface "v6tunnel*" { };
 	};
 	
 	ipv6 {
--- a/roles/playbook.yml
+++ b/roles/playbook.yml
@ -19,4 +19,4 @@
  become: "yes"
  roles:
    - { role: "bird", tags: "bird" }
-    - "wireguard-tools"
+    - "wireguard"