20 lines
663 B
Django/Jinja
20 lines
663 B
Django/Jinja
# We are router.
|
|
net.ipv4.ip_forward = 1
|
|
net.ipv6.conf.all.forwarding = 1
|
|
|
|
# But not for management interfaces.
|
|
{% for iface in interfaces | selectattr('name', 'match', '^mgmt') %}
|
|
net.ipv4.conf.{{ iface.name }}.forwarding = 0
|
|
net.ipv6.conf.{{ iface.name }}.forwarding = 0
|
|
{% endfor %}
|
|
|
|
# Zebra docs recommend these.
|
|
net.ipv6.conf.all.keep_addr_on_down = 1
|
|
net.ipv6.route.skip_notify_on_dev_down = 1
|
|
|
|
# Do not send ICMP redirects. Happens because firewall sees all office
|
|
# networks coming from the same routers, and gets confused as to why
|
|
# firewall is routing packets between them.
|
|
net.ipv4.conf.all.send_redirects = 0
|
|
net.ipv4.conf.default.send_redirects = 0
|