exit: receive VPN IPv6 addresses from firewalls

And share them with peer over backup link.

roles/exit/templates/frr.conf.j2

@@ -229,7 +229,12 @@ ipv6 prefix-list office permit {{ prefix.prefix }} ge 64
 {% endfor %}
 {% endfor %}
 
+{% if wg_net is defined %}
 ip prefix-list vpn permit {{ wg_net | ipaddr('subnet') }}
+{% endif %}
+{% if wg_net6 is defined %}
+ipv6 prefix-list vpn permit {{ wg_net6 | ipaddr('subnet') }}
+{% endif %}
 
 ip prefix-list nat permit {{ wg_ip | ipaddr('host') }}
 {% for network in nat %}
@@ -261,6 +266,8 @@ route-map default-import permit 21
   match ipv6 address prefix-list office
 route-map default-import permit 30
   match ip address prefix-list nat
+route-map default-import permit 31
+  match ipv6 address prefix-list vpn
 
 route-map outside-import permit 10
   match ip address prefix-list dc
@@ -324,6 +331,8 @@ route-map firewall->outside permit 21
   match ipv6 address prefix-list office
 route-map firewall->outside permit 30
   match ip address prefix-list nat
+route-map firewall->outside permit 31
+  match ipv6 address prefix-list vpn
 
 # Tag routes from each firewall. Set weight for primary to 200 and secondary to 100.
 {% for firewall in ifaces_firewall %}
@@ -387,6 +396,8 @@ route-map me->peer.4 permit 111
   match ipv6 address prefix-list default
 route-map me->peer.4 permit 120
   match ip address prefix-list nat
+route-map me->peer.4 permit 121
+  match ipv6 address prefix-list vpn
 route-map me->peer.4 permit 131
   match ipv6 address prefix-list office
 
@@ -397,5 +408,7 @@ route-map peer.4->me permit 111
   match ipv6 address prefix-list default
 route-map peer.4->me permit 120
   match ip address prefix-list nat
+route-map peer.4->me permit 121
+  match ipv6 address prefix-list vpn
 route-map peer.4->me permit 131
   match ipv6 address prefix-list office