rc/network
2
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
48 commits 1 branch 0 tags 211 KiB
Commit graph

9 commits

Author SHA1 Message Date
Timotej Lazar 457ab7d3b7 Query prefixes once for all hosts 
And group them into vrf_prefixes for VLAN networks and bgp_prefixes for
servers plugged directly into fabric.

This should reduce the number of queries to NetBox when configuring
firewalls and exit switches. Not sure but I think set_fact helps to
avoid queries (as opposed to setting group_vars).
 2024-04-28 12:14:05 +02:00
Timotej Lazar db397cb2b1 exit: store VLAN interface addresses in NetBox 
… instead of generating them from prefixes. A NetBox script can be
used to create and configure all necessary data for a new VLAN.

Instead of VLAN roles “inside" and “outside” we now create separate
VRFs for inside VLANs to match the actual exit/firewall configuration.
The “outside” VRF is for all VLANs that are directly accessible from
the internet.
 2024-04-10 14:03:50 +02:00
Timotej Lazar ece3b8a377 exit: sort prefixes by family values 
Because I made some seemingly unrelated changes in NetBox and they all
got flipped‐turned upside down.
 2024-04-09 10:47:51 +02:00
Timotej Lazar 65c16dbc63 Drop BGP update-delay option 
Dropped from Cumulus manual and advised by seniors.
 2024-02-27 13:35:29 +01:00
Timotej Lazar c20c47709c exit: fix keepalive configuration 
There will be order or there will be chaos.
 2024-02-18 16:28:35 +01:00
Timotej Lazar 161ce73be7 exit: restart keepalived on DHCP config update 2024-01-30 12:36:19 +01:00
Timotej Lazar aeb124e346 Add inside and outside roles for VLANs 
Will probably rename inside/outside and office/server to int/ext.
 2024-01-30 12:35:33 +01:00
Timotej Lazar 2b275c2ab4 exit: receive VPN IPv6 addresses from firewalls 
And share them with peer over backup link.
 2023-12-18 12:55:50 +01:00
Timotej Lazar 158e8740b8 Initial commit, squashed 2023-12-18 12:55:47 +01:00