From 1c847d3edaa527815bdfb99b07c08df0c910927c Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Fri, 28 Jul 2023 21:13:35 +0000 Subject: [PATCH] etheroute-lon01: set up gsl1 --- ops/nixos/etheroute-lon01/default.nix | 34 +++++++++++++++++++++++++++ ops/nixos/lib/bgp.nix | 12 +++++++--- 2 files changed, 43 insertions(+), 3 deletions(-) diff --git a/ops/nixos/etheroute-lon01/default.nix b/ops/nixos/etheroute-lon01/default.nix index 51b61128c1..97fd8e59d5 100644 --- a/ops/nixos/etheroute-lon01/default.nix +++ b/ops/nixos/etheroute-lon01/default.nix @@ -158,6 +158,26 @@ }]; }; + systemd.network.netdevs.gsl1 = { + netdevConfig = { + Name = "gsl1"; + Kind = "vxlan"; + }; + + vxlanConfig = { + VNI = 242; + Remote = "203.57.82.5"; + Local = "103.141.25.50"; + DestinationPort = 4789; + }; + }; + systemd.network.networks."40-eno1".vxlan = [ "gsl1" ]; + systemd.network.networks.gsl1 = { + matchConfig.Name = "gsl1"; + address = [ "10.0.0.22/30" "2401:3bc0::4:16/126" ]; + }; + + services.openssh.hostKeys = [ { path = "/persist/etc/ssh/ssh_host_ed25519_key"; @@ -198,6 +218,20 @@ }]; }; }; + gsl = { + local = local // { + v4 = "10.0.0.22"; + v6 = "2401:3bc0::4:16"; + }; + remote = { + asn = 137409; + export_community = 4002; + routers = [{ + v4 = "10.0.0.21"; + v6 = "2401:3bc0::4:15"; + }]; + }; + }; bgptoolscollector = { local = local // { v4 = "103.141.25.50"; diff --git a/ops/nixos/lib/bgp.nix b/ops/nixos/lib/bgp.nix index 3f3f794f5c..71125a4f22 100644 --- a/ops/nixos/lib/bgp.nix +++ b/ops/nixos/lib/bgp.nix @@ -325,6 +325,14 @@ in { protocol static export4 { ipv4 { import filter { + + if net = 92.118.31.0/24 then { + # bgp_path.prepend(197753); + bgp_ext_community.add((ro, 205479, 1000)); + bgp_ext_community.add((ro, 205479, 4002)); + accept; + } + bgp_ext_community.add((ro, 205479, 1000)); bgp_ext_community.add((ro, 205479, 2000)); bgp_ext_community.add((ro, 205479, 2001)); @@ -350,8 +358,6 @@ in { # do not export to clouvider; they do... strange things. bgp_ext_community.add((rt, 0, 62240)); - if net = 92.118.31.0/24 then bgp_path.prepend(197753); - accept; }; }; @@ -369,7 +375,7 @@ in { bgp_ext_community.add((ro, 205479, 3000)); # clouvider from clouvider-lon01 bgp_ext_community.add((ro, 205479, 4000)); # frantech from frantech-nyc01/veloxserv from etheroute-lon01 bgp_ext_community.add((ro, 205479, 4001)); # veloxserv from blade-tuvok/blade-paris - bgp_ext_community.add((ro, 205479, 4002)); # + bgp_ext_community.add((ro, 205479, 4002)); # mercury from etheroute-lon01 bgp_ext_community.add((ro, 205479, 5000)); # linx route collector from blade-tuvok bgp_ext_community.add((ro, 205479, 5001)); # linx route server from blade-tuvok bgp_ext_community.add((ro, 205479, 5002)); # facebook from blade-tuvok