diff --git a/README.md b/README.md index bdf30cd..f565124 100644 --- a/README.md +++ b/README.md @@ -118,6 +118,12 @@ ffnord::mesh { , '10.35.15.1' , '10.35.20.1' ], + + fastd_igw_enable => true, + fastd_igw_secret => "/root/fastd_igw_secret.key", + fastd_igw_port => 11281, + fastd_igw_peers_git => 'git://somehost/peersigw.git', + igw_mtu => '1280', } ffnord::named::zone { diff --git a/manifests/batman-adv.pp b/manifests/batman-adv.pp index e243082..bf05687 100644 --- a/manifests/batman-adv.pp +++ b/manifests/batman-adv.pp @@ -2,7 +2,7 @@ $mesh_code, $mesh_hop_penalty, $batman_it = 5000, - $batman_version = $::class::params::batman_version + $batman_version = $ffnord::params::batman_version ) { include ffnord::resources::batman-adv include ffnord::firewall diff --git a/manifests/fastd.pp b/manifests/fastd.pp index 9910a0e..cdf957a 100644 --- a/manifests/fastd.pp +++ b/manifests/fastd.pp @@ -1,4 +1,5 @@ define ffnord::fastd( $mesh_code, + $batman_code, $mesh_interface, # may not be more than 10 characters $mesh_mac, $mesh_hop_penalty = 60, # hop penalty for batman advanced diff --git a/manifests/init.pp b/manifests/init.pp index 89c44e6..8ae3fd6 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -18,6 +18,15 @@ $dhcp_ranges = [], # dhcp pool $dns_servers = [], # other dns servers in your network $mesh_hop_penalty = 60, # hop_penalty for gateway hops + + $fastd_igw_enable = false, # enable fastd inter gateway instance + $fastd_igw_peers_git = '', # fastd inter gateway peers + $fastd_igw_secret = '', # fastd inter gateway secret + $fastd_igw_port = 11281, # fastd inter gateway port + $fastd_igw_verify = '', # fastd backbone verification override + + $igw_mtu = 1448, # fastd inter gateway mtu + $igw_hop_penalty = 60, # hop_penalty for inter gateway traffic ) { # TODO We should handle parameters in a param class pattern. @@ -66,6 +75,7 @@ } -> ffnord::fastd { "fastd_${mesh_code}": mesh_code => $mesh_code, + batman_code => $mesh_code, mesh_interface => $mesh_code, mesh_mac => $mesh_mac, mesh_hop_penalty=> $mesh_hop_penalty, @@ -94,6 +104,22 @@ ip_prefixlen => $mesh_ipv6_prefixlen; } + if $fastd_igw_enable { + Class['ffnord::ntp'] -> ffnord::fastd { "fastd_igw_${mesh_code}": + mesh_code => "igw-${mesh_code}", + batman_code => $mesh_code, + mesh_interface => "igw-${mesh_code}", + mesh_mac => $mesh_mac, + mesh_hop_penalty=> $igw_hop_penalty, + vpn_mac => $vpn_mac, + mesh_mtu => $igw_mtu, + fastd_secret => $fastd_igw_secret, + fastd_port => $fastd_igw_port, + fastd_peers_git => $fastd_igw_peers_git, + fastd_verify => $fastd_igw_verify; + } + } + if $ffnord::params::include_bird6 { ffnord::bird6::mesh { "bird6-${mesh_code}": mesh_code => $mesh_code, diff --git a/templates/etc/fastd/fastd.conf.erb b/templates/etc/fastd/fastd.conf.erb index 8e2e1f0..cfb7e10 100644 --- a/templates/etc/fastd/fastd.conf.erb +++ b/templates/etc/fastd/fastd.conf.erb @@ -18,7 +18,7 @@ on verify "<%= @fastd_verify %>"; on up " modprobe batman-adv ip link set address <%= @vpn_mac %> dev $INTERFACE - /usr/sbin/batctl -m bat-<%= @mesh_code %> if add $INTERFACE + /usr/sbin/batctl -m bat-<%= @batman_code %> if add $INTERFACE ip link set address <%= @mesh_mac %> dev bat-<%= @mesh_code %> ifup bat-<%= @mesh_code %> ip link set up dev $INTERFACE diff --git a/templates/etc/network/mesh-bridge.erb b/templates/etc/network/mesh-bridge.erb index a050d53..31cbf05 100644 --- a/templates/etc/network/mesh-bridge.erb +++ b/templates/etc/network/mesh-bridge.erb @@ -2,7 +2,7 @@ auto br-<%= @mesh_code %> iface br-<%= @mesh_code %> inet6 static bridge-ports none - bridge_hw <%= mesh_mac %> + bridge_hw <%= @mesh_mac %> pre-up /sbin/ip -6 rule add pref 31000 iif $IFACE table 42 pre-up /sbin/ip -6 rule add pref 31001 iif $IFACE unreachable post-down /sbin/ip -6 rule del pref 31000 iif $IFACE table 42