snster bootstrap

2022-12-22 17:25:05 +01:00
parent 5545db5891
commit 0733aa3ae8
26 changed files with 898 additions and 119 deletions
--- a/files/snster-kaz/transit-a/group.yml
+++ b/files/snster-kaz/transit-a/group.yml
@ -0,0 +1,27 @@
+version: 1
+
+header:
+  name: Transit-A
+  comment: Transit-A IXP
+
+hosts:
+  router:
+    master: alpine
+    network:
+      interfaces:
+        eth0:
+          bridge: nat-bridge
+          ipv4: dhcp
+        eth1:
+          bridge: transit-a
+          ipv4: 100.64.0.1/24
+          ipv6: 2001:db8:b000::1/48
+    templates:
+      - bgprouter:
+          asn: 30
+          asdev: eth1
+          neighbors4: 100.64.0.10 as 10;100.64.0.30 as 7;100.64.0.40 as 8; 100.64.0.2 as 31; 100.64.0.20 as 6; 100.64.0.50 as 13; 100.64.0.110 as 20; 100.64.1.140 as 12
+          neighbors6: 2001:db8:b000::10 as 10; 2001:db8:b000::30 as 7;2001:db8:b000::40 as 8; 2001:db8:b000::2 as 31; 2001:db8:b000::20 as 6; 2001:db8:b000::50 as 13; 2001:db8:b000::110 as 20; 2001:db8:b001::140 as 12
+      - resolv:
+          nameserver: 100.100.100.100
+          domain: transit-a.milxc
--- a/files/snster-kaz/transit-a/router/provision.sh
+++ b/files/snster-kaz/transit-a/router/provision.sh
@ -0,0 +1,38 @@
+#!/bin/sh
+# Transit A with alpine
+set -e
+if [ -z $MILXCGUARD ] ; then exit 1; fi
+DIR=`dirname $0`
+cd `dirname $0`
+
+echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories
+apk update
+apk add bird iptables
+rc-update add bird
+
+# echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
+echo -e '#!/bin/sh\niptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE' > /etc/local.d/iptables.start
+chmod +x /etc/local.d/iptables.start
+rc-update add local
+
+# keep DHCP on eth0
+touch /etc/network/keepdhcp
+
+# Force lxc bridged interface metric (else, it grows to 200+interface_index, which can be large with successive  stop/start)
+# This metric must be lower than the one exported by BGP for the default route (static part below)
+mkdir /etc/udhcpc
+echo "IF_METRIC=200" > /etc/udhcpc/udhcpc.conf
+
+#echo "supersede domain-name-servers 10.10.10.10;" >> /etc/dhcp/dhclient.conf
+#echo "supersede domain-name \"internet.milxc\";" >> /etc/dhcp/dhclient.conf
+
+
+# customize bird config (BGP)
+sed -i "s/protocol kernel {/protocol kernel { metric 2000;/" /etc/bird.conf
+# sed -i "s/\#.*export all/\texport all/" /etc/bird/bird.conf
+echo -e "
+protocol static {
+	ipv4;
+	route 0.0.0.0/0 via 100.64.0.1;
+}
+" >> /etc/bird.conf