Add direct routing (external IPv4 via internal mesh)
smaller improvements
This commit is contained in:
parent
d6dde73fff
commit
4254a646e9
@ -15,8 +15,6 @@ iface lo inet6 loopback
|
|||||||
# The primary network interface
|
# The primary network interface
|
||||||
allow-hotplug eth0
|
allow-hotplug eth0
|
||||||
iface eth0 inet dhcp
|
iface eth0 inet dhcp
|
||||||
post-up ip route add 185.66.193.106/32 via 10.188.255.6 table 42
|
|
||||||
post-up ip route add 185.66.193.106/32 via 10.188.255.6
|
|
||||||
allow-hotplug eth1
|
allow-hotplug eth1
|
||||||
iface eth1 inet6 static
|
iface eth1 inet6 static
|
||||||
address 2a01:4f8:161:62a9::5
|
address 2a01:4f8:161:62a9::5
|
||||||
|
@ -20,8 +20,6 @@ iface eth0 inet static
|
|||||||
netmask 255.255.255.192
|
netmask 255.255.255.192
|
||||||
gateway 46.4.138.129
|
gateway 46.4.138.129
|
||||||
dns-nameserver 213.133.100.100 213.133.99.99 213.133.98.98
|
dns-nameserver 213.133.100.100 213.133.99.99 213.133.98.98
|
||||||
post-up ip route add 185.66.193.105/32 via 10.188.255.5 table 42
|
|
||||||
post-up ip route add 185.66.193.105/32 via 10.188.255.5
|
|
||||||
|
|
||||||
iface eth0 inet6 static
|
iface eth0 inet6 static
|
||||||
address 2a01:4f8:11d:600::189
|
address 2a01:4f8:11d:600::189
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
# Version 1.9
|
# Version 1.91
|
||||||
|
|
||||||
curl -X POST --data-urlencode 'payload={"text": "{{ sn_hostname }} is rebooted", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":floppy_disk:"}' https://hooks.slack.com/services/{{ slack_token }}
|
curl -X POST --data-urlencode 'payload={"text": "{{ sn_hostname }} is rebooted", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":floppy_disk:"}' https://hooks.slack.com/services/{{ slack_token }}
|
||||||
|
|
||||||
@ -49,6 +49,8 @@ done
|
|||||||
/sbin/ip link set dev br-nodes up address 2E:9D:FA:A1:6B:0{{ sn_number }}
|
/sbin/ip link set dev br-nodes up address 2E:9D:FA:A1:6B:0{{ sn_number }}
|
||||||
/sbin/ebtables -A FORWARD --logical-in br-nodes -j DROP
|
/sbin/ebtables -A FORWARD --logical-in br-nodes -j DROP
|
||||||
/usr/local/sbin/batctl if add br-nodes
|
/usr/local/sbin/batctl if add br-nodes
|
||||||
|
/sbin/ip route add {{ snx_ffrl_IPv4 }}/32 via {{ snx_mesh_IPv4 }} table 42
|
||||||
|
/sbin/ip route add {{ snx_ffrl_IPv4 }}/32 via {{ snx_mesh_IPv4 }}
|
||||||
|
|
||||||
sleep 5
|
sleep 5
|
||||||
|
|
||||||
|
@ -9,7 +9,7 @@
|
|||||||
user: root
|
user: root
|
||||||
gather_facts: False
|
gather_facts: False
|
||||||
vars:
|
vars:
|
||||||
snversion: master_v3.0.3
|
snversion: master_v3.0.4
|
||||||
batmanversion: v2015.2
|
batmanversion: v2015.2
|
||||||
common_required_packages:
|
common_required_packages:
|
||||||
- git
|
- git
|
||||||
@ -278,12 +278,19 @@
|
|||||||
copy: src=./files/bird6-{{ sn_hostname }}.conf dest=/etc/bird/bird6.conf owner=bird group=bird mode=0444
|
copy: src=./files/bird6-{{ sn_hostname }}.conf dest=/etc/bird/bird6.conf owner=bird group=bird mode=0444
|
||||||
when: sn_exit is defined
|
when: sn_exit is defined
|
||||||
- name: set netfilter rules
|
- name: set netfilter rules
|
||||||
lineinfile: dest=/etc/sysctl.conf line={{ item }}
|
lineinfile: dest=/etc/sysctl.conf line="{{ item }}"
|
||||||
with_items:
|
with_items:
|
||||||
- "net.ipv4.netfilter.ip_conntrack_generic_timeout = 240"
|
- net.ipv4.netfilter.ip_conntrack_generic_timeout = 240
|
||||||
- "net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 54000"
|
- net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 54000
|
||||||
- "net.netfilter.nf_conntrack_max = 262144"
|
- net.netfilter.nf_conntrack_max = 262144
|
||||||
- lineinfile: dest=/etc/modprobe.conf line="options ip_conntrack hashsize=65536"
|
- name: check modprobe.conf
|
||||||
|
stat: path=/etc/modprobe.conf
|
||||||
|
register: modprobe1
|
||||||
|
- name: create /etc/modprobe.conf when not present
|
||||||
|
file: path=/etc/modprobe.conf state=touch owner=root group=root mode=0544
|
||||||
|
when: modprobe1.stat.exists == False
|
||||||
|
- name: check /etc/modprobe.conf
|
||||||
|
lineinfile: dest=/etc/modprobe.conf line="options ip_conntrack hashsize=65536"
|
||||||
- name: Reboot the server finally
|
- name: Reboot the server finally
|
||||||
shell: sleep 2 && shutdown -r now "Ansible updates triggered"
|
shell: sleep 2 && shutdown -r now "Ansible updates triggered"
|
||||||
async: 1
|
async: 1
|
||||||
|
Loading…
Reference in New Issue
Block a user