jcarr
/
wit-network-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
172 Commits 1 Branch 0 Tags 268 KiB
Commit Graph

53 Commits

Author SHA1 Message Date
toby b5caf073ba fixing DNS querry for bastion public IP 2018-11-06 21:14:44 +01:00
toby 01d5a92771 doh... typo... 2018-11-06 19:30:03 +01:00
toby f7738182af fixing sed escape bug 2018-11-06 18:42:11 +01:00
toby d6566cff38 enabling debugging 2018-11-06 18:30:27 +01:00
toby 0868dd4df3 adding some early work for bastion support 2018-11-04 21:02:07 +01:00
toby 188c679218 fixing another bug for ipmi/mgmtgw interfaces 2018-11-03 00:02:42 +01:00
toby 51cef1a3e5 fixing minor bug on ipmigw/mgmtgw interface 2018-11-02 23:54:39 +01:00
toby 6c16ceb2c9 fixing typo 2018-11-01 21:12:23 +01:00
toby 2bfed0b53e leaving strongswan untouched since it would otherwise break a upgrade process 2018-10-31 23:22:31 +01:00
toby a6e4647a9c adding more support for ipmigw/mgmtgw interfaces 2018-10-31 21:02:57 +01:00
toby 65b2ecb368 making sure systemd-timesyncd is enabled as well 2018-10-31 20:40:10 +01:00
toby 8b3d04f16e need the .wit extension otherwise sed won't work ... doh 2018-10-29 20:15:58 +01:00
toby 3f2238a090 adding swanctl draft config. not yet used but wanna eventually switch to it 2018-10-28 20:45:20 +01:00
toby 056ca4c6ea fixing bug in udev rule writing for mgmt/gw interfaces 2018-10-26 20:45:18 +02:00
toby 1dc2ca3525 fixing bug in udev rule writing for mgmt/gw interfaces 2018-10-26 20:24:47 +02:00
toby 87ee7e115e first draft for bastion support, needs to be tested 2018-10-26 19:50:55 +02:00
toby 31abf06342 setting leftsubnet to only be the local loopback instead of a wide range. this will avoid blackholing traffic for edges and potentially other nodes 2018-10-23 23:28:29 +02:00
toby 82146158cd allowing the gre if local asn to be dynamically assigned as well 2018-10-23 16:59:12 +02:00
toby 0eceabfe1d implementing some ad-hoc patches I did yesterday to get it going 2018-10-20 17:51:53 +02:00
toby 3124cda0f2 up1 should not run dad attempts 2018-10-19 23:37:46 +02:00
toby 1003c71e11 have ibgp interface also added to the neighbors obviously... 2018-10-19 23:08:31 +02:00
toby aa0bef898b adding ibgp interface to frrconfig and fixing syntax in up1-interfaces config 2018-10-19 23:01:19 +02:00
toby ea89e74311 removing also test echo output 2018-10-19 21:44:46 +02:00
toby d81aa58f7c doh, actually removing the test code 2018-10-19 21:16:16 +02:00
toby ea70e243fe more work on edge.... adding support for dynamic ipsec subnets and some more minor patches 2018-10-19 19:57:07 +02:00
toby 587bba4290 more work on edge / dynamic frr config... .making progress but still ways to go,... just taking a backup... 2018-10-19 17:03:43 +02:00
toby 7e1d7993fe more work on edge / dynamic frr config... .making progress but still ways to go,... just taking a backup... 2018-10-19 16:56:11 +02:00
toby cfdc1cd3a9 more work ... .still ways to go,... just taking a backup... 2018-10-18 22:12:43 +02:00
toby 0e9142c15e first major commit for edge boxes support, not nearly done yet 2018-10-16 22:44:57 +02:00
toby d30e523aed disabling strongswan service by default. I turn it back on in ansible when certs are in place 2018-10-10 18:59:23 +02:00
toby db5f5107fa nicer output formatting 2018-10-09 18:46:35 +00:00
toby e69f60957c .... me being anal... 2018-10-09 18:09:38 +00:00
toby 347291d1a9 re-factor of interface config compile process 2018-10-09 18:06:28 +00:00
toby 4a89aa2c93 re-arranging before interface config refactor 2018-10-09 16:25:45 +00:00
toby 1f58cd3918 cleaning up leading space vs tab bs 2018-10-09 16:23:52 +00:00
toby 1b891db635 renaming WIT customers prefix-list to be more consistent, in preparation for edge support 2018-10-08 18:20:48 +02:00
toby 460ee34f03 adding support for ibgp interfaces and feth/up/ibgp support for up to 4 nics 2018-10-08 11:33:18 +02:00
toby 836822aebe minor but critical typo in udev rule logic 2018-10-04 19:21:55 +02:00
toby 22edbf98f3 adding mac udev rules through DNS lookup configs 2018-10-04 18:12:55 +02:00
toby 1cff4bac8e keeping the loopback ip as main tld of the host for simplicity of own lookup 2018-10-01 14:59:33 +02:00
toby 1c50cecdb5 adding direct ssh access on default for bastion, and migrating to admin domain instead of 3 different zones 2018-10-01 10:39:17 +02:00
toby d87f7c1720 configuring etc/network/interfaces from postinst instead of installing a static file 2018-09-25 23:24:42 +02:00
toby 4a69025703 removing legacy dhcp stuff and starting to rely on DNS for loopback v4/v6 and asn 2018-09-12 20:01:52 +02:00
toby 4a24a5a513 switching back mgmt1 to ipv6 auto/slaac since ipmi is that way too regardless and finally found jinja2 filter 2018-09-12 12:27:37 +02:00
toby dc6a02d0d4 fixing ipv6 mgmt firewall rules (again) and setting mgmt1 interface to be dhcp as well (not just auto) 2018-09-10 21:03:57 +02:00
toby 4d3026d7c4 fixing a damn typo... 2018-09-10 18:21:04 +02:00
toby 028e2d455d fixing bug in IPv6 LOOPBACK, pulling that from DNS as well, ASN is still generated for now 2018-09-09 23:11:54 +02:00
toby 8a53109d81 fixing typo ... 2018-09-09 13:30:43 +02:00
toby 37125104c3 pulling loopback IP from DNS instead of relaying on dhcp and configfile, moving net-interfaces to each own files in interfaces.d, cleaning up the postinst scritp a bit for easier read 2018-09-09 12:58:45 +02:00
root 9e95ef6478 removing ipsec.secrets from diversion since it breaks apparmor permissions and strongswan 2018-08-14 10:04:59 +00:00