Add possibility of configuring static routes in the router yml files and clean up OSPF filters

This commit is contained in:
Jesper Hess 2020-04-27 08:56:13 +02:00
parent d49d45d3f6
commit cc2e9cd1c5
Signed by: graffen
GPG key ID: 351A89E40D763F0F
2 changed files with 20 additions and 8 deletions

View file

@ -30,6 +30,12 @@ bgp_peers:
announce_from_here: true
configure_static_multihop_routes: false
extra_static_routes:
- route: "2001:678:15c:b00::/128"
destination: "wg-fra1"
- route: "2001:678:15c:c00::/128"
destination: "v6tunnel-home"
wireguard:
privatekey: !vault |
$ANSIBLE_VAULT;1.1;AES256

View file

@ -99,7 +99,7 @@ filter kernel_export {
}
filter ospf_export {
if source = RTS_DEVICE then accept;
if source !~ [ RTS_DEVICE ] then reject;
if is_own_route() then accept;
reject;
}
@ -111,16 +111,14 @@ filter transit_import {
}
filter transit_export {
{% if configure_static_multihop_routes is sameas true %}
if proto = "noAnnounce_v6" then reject;
if proto = "noAnnounce_v4" then reject;
{% endif %}
if is_own_aggregated_net() then accept;
reject;
}
filter myroutes_import_export {
if source !~ [ RTS_BGP, RTS_OSPF, RTS_OSPF_EXT1, RTS_OSPF_EXT2, RTS_STATIC ] then reject;
if source !~ [ RTS_BGP, RTS_STATIC ] then reject;
if is_own_route() then accept;
reject;
}
@ -141,25 +139,33 @@ protocol static announce_v4 {
}
{% endif %}
{% if configure_static_multihop_routes is sameas true %}
protocol static noAnnounce_v6 {
ipv6;
{% if configure_static_multihop_routes is sameas true %}
{% for peer in bgp_peers %}
{% if peer.neighbor_ip | ipv6 %}
route {{ peer.neighbor_ip }}/128 via {{ router_v6_ip }};
{% endif %}
{% endfor %}
{% endif %}
{% if extra_static_routes is defined %}
# other static routes
{% for route in extra_static_routes %}
route {{ route.route }} via "{{ route.destination }}";
{% endfor %}
{% endif %}
}
protocol static noAnnounce_v4 {
ipv4;
{% if configure_static_multihop_routes is sameas true %}
{% for peer in bgp_peers %}
{% if peer.neighbor_ip | ipv4 %}
route {{ peer.neighbor_ip }}/32 via {{ router_v4_ip }};
{% endif %}
{% endfor %}
}
{% endif %}
}
protocol device {
scan time 5;
@ -238,7 +244,7 @@ template bgp ibgp_hessnet {
ipv6 {
next hop self;
import all;
export all;
export filter { if is_own_route() then reject; accept; };
};
}