ffnord · TobleMiner · May 2, 2017 · May 2, 2017 · May 2, 2017 · May 2, 2017
diff --git a/README.md b/README.md
@@ -118,6 +118,12 @@ ffnord::mesh {
                    , '10.35.15.1'
                    , '10.35.20.1'
                    ],
+
+    fastd_igw_enable     => true,
+    fastd_igw_secret     => "/root/fastd_igw_secret.key",
+    fastd_igw_port       => 11281,
+    fastd_igw_peers_git  => 'git://somehost/peersigw.git',
+    igw_mtu              => '1280',
 }
 
 ffnord::named::zone {

diff --git a/manifests/batman-adv.pp b/manifests/batman-adv.pp
@@ -2,7 +2,7 @@
   $mesh_code,
   $mesh_hop_penalty,
   $batman_it = 5000,
-  $batman_version = $::class::params::batman_version
+  $batman_version = $ffnord::params::batman_version
 ) {
   include ffnord::resources::batman-adv
   include ffnord::firewall

diff --git a/manifests/fastd.pp b/manifests/fastd.pp
@@ -1,4 +1,5 @@
 define ffnord::fastd( $mesh_code,
+  $batman_code,
   $mesh_interface, # may not be more than 10 characters
   $mesh_mac,
   $mesh_hop_penalty = 60, # hop penalty for batman advanced

diff --git a/manifests/init.pp b/manifests/init.pp
@@ -18,6 +18,15 @@
   $dhcp_ranges = [],  # dhcp pool
   $dns_servers = [],  # other dns servers in your network
   $mesh_hop_penalty = 60, # hop_penalty for gateway hops
+
+  $fastd_igw_enable = false, # enable fastd inter gateway instance
+  $fastd_igw_peers_git = '', # fastd inter gateway peers
+  $fastd_igw_secret = '',    # fastd inter gateway secret
+  $fastd_igw_port = 11281,   # fastd inter gateway port
+  $fastd_igw_verify = '',    # fastd backbone verification override
+
+  $igw_mtu = 1448,       # fastd inter gateway mtu
+  $igw_hop_penalty = 60, # hop_penalty for inter gateway traffic
 ) {
 
   # TODO We should handle parameters in a param class pattern.
@@ -66,6 +75,7 @@
   } ->
   ffnord::fastd { "fastd_${mesh_code}":
     mesh_code       => $mesh_code,
+    batman_code     => $mesh_code,
     mesh_interface  => $mesh_code,
     mesh_mac        => $mesh_mac,
     mesh_hop_penalty=> $mesh_hop_penalty,
@@ -94,6 +104,22 @@
       ip_prefixlen => $mesh_ipv6_prefixlen;
   }
 
+  if $fastd_igw_enable {
+    Class['ffnord::ntp'] -> ffnord::fastd { "fastd_igw_${mesh_code}":
+      mesh_code       => "igw-${mesh_code}",
+      batman_code     => $mesh_code,
+      mesh_interface  => "igw-${mesh_code}",
+      mesh_mac        => $mesh_mac,
+      mesh_hop_penalty=> $igw_hop_penalty,
+      vpn_mac         => $vpn_mac,
+      mesh_mtu        => $igw_mtu,
+      fastd_secret    => $fastd_igw_secret,
+      fastd_port      => $fastd_igw_port,
+      fastd_peers_git => $fastd_igw_peers_git,
+      fastd_verify    => $fastd_igw_verify;
+    }
+  }
+
   if $ffnord::params::include_bird6 {
     ffnord::bird6::mesh { "bird6-${mesh_code}":
       mesh_code           => $mesh_code,

diff --git a/templates/etc/fastd/fastd.conf.erb b/templates/etc/fastd/fastd.conf.erb
@@ -18,7 +18,7 @@ on verify "<%= @fastd_verify %>";
 on up "
  modprobe batman-adv
  ip link set address <%= @vpn_mac %> dev $INTERFACE
- /usr/sbin/batctl -m bat-<%= @mesh_code %> if add $INTERFACE
+ /usr/sbin/batctl -m bat-<%= @batman_code %> if add $INTERFACE
  ip link set address <%= @mesh_mac %> dev bat-<%= @mesh_code %>
  ifup bat-<%= @mesh_code %>
  ip link set up dev $INTERFACE

diff --git a/templates/etc/network/mesh-bridge.erb b/templates/etc/network/mesh-bridge.erb
@@ -2,7 +2,7 @@
 auto br-<%= @mesh_code %>
 iface br-<%= @mesh_code %> inet6 static
   bridge-ports none
-  bridge_hw <%= mesh_mac %>
+  bridge_hw <%= @mesh_mac %>
   pre-up    /sbin/ip -6 rule add pref 31000 iif $IFACE table 42
   pre-up    /sbin/ip -6 rule add pref 31001 iif $IFACE unreachable
   post-down /sbin/ip -6 rule del pref 31000 iif $IFACE table 42