Freifunk-Troisdorf/ansible.fftdf.supernode
5
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity
cfc6abc2d0
ansible.fftdf.supernode/files/interfaces-troisdorf5
Ansible Admin a8ec5b477c IPv6 address changing
2016-07-02 23:11:08 +02:00

104 lines
4.3 KiB
Plaintext
Raw Blame History

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
up ip address add 185.66.193.105/32 dev lo
iface lo inet6 loopback
up ip address add 203:2260:121:5000::105/52 dev lo
# The primary network interface
allow-hotplug eth0
iface eth0 inet static
address 62.210.5.90
netmask 255.255.255.255
gateway 163.172.210.1
pointopoint 163.172.210.1
post-up iptables -P OUTPUT ACCEPT
post-up iptables -A OUTPUT -o eth0 -d 10.0.0.0/8 -j DROP
post-up iptables -A OUTPUT -o eth0 -d 172.16.0.0/12 -j DROP
post-up iptables -A OUTPUT -o eth0 -d 169.254.0.0/16 -j DROP
post-up iptables -A OUTPUT -o eth0 -d 192.168.0.0/16 -j DROP
post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
auto 6to4
iface 6to4 inet6 6to4
local 62.210.5.90
# GRE Tunnel zum Rheinland Backbone
# - Die Konfigurationsdaten werden vom Rheinland Backbone vergeben und zugewiesen
# Berlin Router A
auto gre-bb-a.ak.ber
iface gre-bb-a.ak.ber inet static
address 100.64.2.151
netmask 255.255.255.254
pre-up ip tunnel add $IFACE mode gre local 62.210.5.90 remote 185.66.195.0 ttl 255
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
post-up ip link set $IFACE mtu 1400
post-down iptables -t nat -D POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105
post-down ip tunnel del $IFACE
iface gre-bb-a.ak.ber inet6 static
address 2a03:2260:0:155::2/64
netmask 64
post-up ip6tables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
# Berlin Router B
auto gre-bb-b.ak.ber
iface gre-bb-b.ak.ber inet static
address 100.64.2.153
netmask 255.255.255.254
pre-up ip tunnel add $IFACE mode gre local 62.210.5.90 remote 185.66.195.1 ttl 255
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
post-up ip link set $IFACE mtu 1400
post-down iptables -t nat -D POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105
post-down ip tunnel del $IFACE
iface gre-bb-b.ak.ber inet6 static
address 2a03:2260:0:156::2/64
netmask 64
post-up ip6tables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
# Duesseldorf Router A
auto gre-bb-a.ix.dus
iface gre-bb-a.ix.dus inet static
address 100.64.2.155
netmask 255.255.255.254
pre-up ip tunnel add $IFACE mode gre local 62.210.5.90 remote 185.66.193.0 ttl 255
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
post-up ip link set $IFACE mtu 1400
post-down iptables -t nat -D POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105
post-down ip tunnel del $IFACE
iface gre-bb-a.ix.dus inet6 static
address 2a03:2260:0:157::2/64
netmask 64
post-up ip6tables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
# Duesseldorf Router B
auto gre-bb-b.ix.dus
iface gre-bb-b.ix.dus inet static
address 100.64.2.157
netmask 255.255.255.254
pre-up ip tunnel add $IFACE mode gre local 62.210.5.90 remote 185.66.193.1 ttl 255
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
post-up ip link set $IFACE mtu 1400
post-down iptables -t nat -D POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105
post-down ip tunnel del $IFACE
iface gre-bb-b.ix.dus inet6 static
address 2a03:2260:0:158::2/64
netmask 64
post-up ip6tables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
Reference in New Issue View Git Blame Copy Permalink