rc/network
2
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
network/roles/exit/templates/networks.intf.j2

12 lines
455 B
Plaintext
Raw Normal View History

exit: store VLAN interface addresses in NetBox … instead of generating them from prefixes. A NetBox script can be used to create and configure all necessary data for a new VLAN. Instead of VLAN roles “inside" and “outside” we now create separate VRFs for inside VLANs to match the actual exit/firewall configuration. The “outside” VRF is for all VLANs that are directly accessible from the internet.
2024-04-10 12:03:50 +00:00
{# VRF outside is special, all others are inside but also firewalled from each other. #}
{% set inside_vrfs = interfaces | selectattr('parent') | selectattr('parent.name', '==', 'bridge')
| selectattr('vrf') | map(attribute='vrf') | rejectattr('name', '==', 'outside') -%}
Initial commit, squashed
2023-12-18 10:22:14 +00:00
Add inside and outside roles for VLANs Will probably rename inside/outside and office/server to int/ext.
2024-01-30 11:35:33 +00:00
# A separate VRF for each inside network so we can firewall between them.
exit: store VLAN interface addresses in NetBox … instead of generating them from prefixes. A NetBox script can be used to create and configure all necessary data for a new VLAN. Instead of VLAN roles “inside" and “outside” we now create separate VRFs for inside VLANs to match the actual exit/firewall configuration. The “outside” VRF is for all VLANs that are directly accessible from the internet.
2024-04-10 12:03:50 +00:00
{% for vrf in inside_vrfs %}
auto {{ vrf.name }}
iface {{ vrf.name }}
Initial commit, squashed
2023-12-18 10:22:14 +00:00
vrf-table auto
{% endfor %}
Reference in a new issue Copy permalink