rc/network
2
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
78 commits 1 branch 0 tags 216 KiB
Commit graph

17 commits

Author SHA1 Message Date
Timotej Lazar ae1cfd5337 exit: enable forwarding directed broadcasts for WoL 
Must be set in IPv4 sysctls for all interfaces and every input
interface from which broadcasts are sent. These are the virtual
MLAG interfaces (bridge-*-v0), which are created dynamically.

We enable directed broadcasts for (only MLAG) interfaces enumerated by
the ifaces_directed_broadcast value in NetBox device local context.
 2024-09-18 14:27:30 +02:00
Timotej Lazar 5032d1ac84 fabric: fix a template 
This worked. Updated ansible. Then it didn’t.
 2024-08-15 17:22:55 +02:00
Timotej Lazar c741b90981 fabric: disable less-than-sane Cumulus SSH default options 
Why no ed25519 keys?
 2024-07-26 14:27:34 +02:00
Timotej Lazar 2327b42412 fabric: disable nvue-startup service 2024-07-04 15:36:02 +02:00
Timotej Lazar 0e9dac6985 fabric: support arbitrary port breakouts 
Not that we use anything but 1x and 4x. Mainly done so I can drop
nonexistent (because they have been broken out) interfaces from NetBox.
 2024-05-13 17:44:39 +02:00
Timotej Lazar 1c0709a6a6 fabric: allow all VLANs on bridge 
Don’t try to guess what should be allowed because not all switch links
are tagged in NetBox. For now we limit mainly on access switches.
 2024-04-27 11:30:20 +02:00
Timotej Lazar 2443a90bc5 fabric: use FHRP groups for virtual router IPs 
More realistic- and supported-like and also avoids duplicated gateway
addresses.
 2024-04-14 15:15:48 +02:00
Timotej Lazar db397cb2b1 exit: store VLAN interface addresses in NetBox 
… instead of generating them from prefixes. A NetBox script can be
used to create and configure all necessary data for a new VLAN.

Instead of VLAN roles “inside" and “outside” we now create separate
VRFs for inside VLANs to match the actual exit/firewall configuration.
The “outside” VRF is for all VLANs that are directly accessible from
the internet.
 2024-04-10 14:03:50 +02:00
Timotej Lazar a97d133873 fabric: don’t set bond slaves if there are none 
Not that that should happen except by mistake.
 2024-03-05 12:46:26 +01:00
Timotej Lazar dbc00fd448 fabric: add custom field on dcim.Interface for bond mode 2024-02-27 13:35:29 +01:00
Timotej Lazar ce7c1bd49e fabric: consolidate interface templates 
Mostly to avoid special‐casing bond interfaces, and to support BGP
connections over virtual interfaces.
 2024-02-27 13:35:29 +01:00
Timotej Lazar 5381fecaa4 fabric: fix check for peer switch 2024-02-27 13:35:29 +01:00
Timotej Lazar be398e54fe fabric: sort bridge VLANs by ID 
Instead of barfing on unsortable dicts.
 2023-12-29 13:52:05 +01:00
Timotej Lazar 6fd5432b69 fabric: reload switchd before reloading interfaces 
Don’t want to bring up a nonexisting interface.
 2023-12-29 09:01:01 +01:00
Timotej Lazar 9e8db74d24 fabric: allow setting bridge access VLANs on non-bond ports 2023-12-18 12:55:50 +01:00
Timotej Lazar 950cd41c33 fabric: only add enabled ports to bridge 2023-12-18 12:55:50 +01:00
Timotej Lazar 158e8740b8 Initial commit, squashed 2023-12-18 12:55:47 +01:00