rc/network
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Query prefixes once for all hosts

Browse source 
And group them into vrf_prefixes for VLAN networks and bgp_prefixes for
servers plugged directly into fabric.

This should reduce the number of queries to NetBox when configuring
firewalls and exit switches. Not sure but I think set_fact helps to
avoid queries (as opposed to setting group_vars).
This commit is contained in:
Timotej Lazar 2024-04-28 10:59:32 +02:00
parent 1c0709a6a6
commit 457ab7d3b7
10 changed files with 52 additions and 50 deletions
Download patch file Download diff file Expand all files Collapse all files

7
roles/firewall/templates/frr.conf.j2
View file

@ -82,16 +82,13 @@ ipv6 prefix-list default permit ::/0
ip prefix-list fabric permit 10.34.0.0/24 ge 32
{% for vlan in vlans %}
{% for prefix in query('netbox.netbox.nb_lookup', 'prefixes', api_filter='vlan_id='~vlan.id, raw_data=true) %}
{% if prefix.vrf and prefix.vrf.name != 'outside' %}
{% for prefix in vrf_prefixes | rejectattr('vrf.name', '==', 'outside')
| sort(attribute='family.value') %}
{% if prefix.family.value == 4 %}
ip prefix-list office permit {{ prefix.prefix }} ge 24
{% elif prefix.family.value == 6 %}
ipv6 prefix-list office permit {{ prefix.prefix }} ge 64
{% endif %}
{% endif %}
{% endfor %}
{% endfor %}
{% if wg_net is defined %}