jcarr
/
wit-network-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
148 Commits 1 Branch 0 Tags 268 KiB
Commit Graph

148 Commits

Author SHA1 Message Date
toby 467548f6e8 ipsec: adding new key-proposal that we wanna move towards to. once rolled out, we'd like to deprecate the old weak ones 2018-10-26 21:46:49 +02:00
toby 056ca4c6ea fixing bug in udev rule writing for mgmt/gw interfaces 2018-10-26 20:45:18 +02:00
toby 1dc2ca3525 fixing bug in udev rule writing for mgmt/gw interfaces 2018-10-26 20:24:47 +02:00
toby 87ee7e115e first draft for bastion support, needs to be tested 2018-10-26 19:50:55 +02:00
toby 67c3928413 updateing updating/unifiying build with other repos 2018-10-26 00:36:25 +02:00
toby 11a6b51343 pushing the unsigned deb to the new v2 cloud 2018-10-26 00:17:45 +02:00
toby b9049ea671 pushing the unsigned deb to the new v2 cloud 2018-10-26 00:03:59 +02:00
toby d4c2dc33f3 pushing the unsigned deb to the new v2 cloud 2018-10-25 23:59:12 +02:00
toby 808090a480 build trigger 2018-10-25 19:55:05 +02:00
toby b1e994cb79 build trigger 2018-10-25 19:54:18 +02:00
toby f925ad46a0 updated IP for new mirrors in usw2 2018-10-24 23:07:54 +02:00
toby 31abf06342 setting leftsubnet to only be the local loopback instead of a wide range. this will avoid blackholing traffic for edges and potentially other nodes 2018-10-23 23:28:29 +02:00
toby f9ed8fe88b adding allowas-in 1 to iBGP peergroup. this allows routes coming in from peer-edge over the gre to be learn 2018-10-23 18:27:55 +02:00
toby eb8a990fc8 tiny but major bug in frr config 2018-10-23 17:39:54 +02:00
toby 82146158cd allowing the gre if local asn to be dynamically assigned as well 2018-10-23 16:59:12 +02:00
toby d67b225792 cleanup firewall rules and making unnumbered bgp rules a tad more restrictive 2018-10-21 23:08:58 +02:00
toby c7d116d1c1 adding firewall rules for edge boxes 2018-10-20 18:55:45 +02:00
toby 0eceabfe1d implementing some ad-hoc patches I did yesterday to get it going 2018-10-20 17:51:53 +02:00
toby 3124cda0f2 up1 should not run dad attempts 2018-10-19 23:37:46 +02:00
toby f2777bdbee adding broadcom nic firmware as dependency 2018-10-19 23:18:44 +02:00
toby 1003c71e11 have ibgp interface also added to the neighbors obviously... 2018-10-19 23:08:31 +02:00
toby aa0bef898b adding ibgp interface to frrconfig and fixing syntax in up1-interfaces config 2018-10-19 23:01:19 +02:00
toby ea89e74311 removing also test echo output 2018-10-19 21:44:46 +02:00
toby d81aa58f7c doh, actually removing the test code 2018-10-19 21:16:16 +02:00
toby d446f995c8 adding edge-support branch to the drone pipeline 2018-10-19 20:45:19 +02:00
toby ea70e243fe more work on edge.... adding support for dynamic ipsec subnets and some more minor patches 2018-10-19 19:57:07 +02:00
toby 587bba4290 more work on edge / dynamic frr config... .making progress but still ways to go,... just taking a backup... 2018-10-19 17:03:43 +02:00
toby 7e1d7993fe more work on edge / dynamic frr config... .making progress but still ways to go,... just taking a backup... 2018-10-19 16:56:11 +02:00
toby cfdc1cd3a9 more work ... .still ways to go,... just taking a backup... 2018-10-18 22:12:43 +02:00
toby 0e9142c15e first major commit for edge boxes support, not nearly done yet 2018-10-16 22:44:57 +02:00
toby fc2e803533 adding a function to build only on the master branch. this avoids releasing packages to the repo before they are at least somewhat ready 2018-10-15 18:04:41 +02:00
toby d30e523aed disabling strongswan service by default. I turn it back on in ansible when certs are in place 2018-10-10 18:59:23 +02:00
toby db5f5107fa nicer output formatting 2018-10-09 18:46:35 +00:00
toby e69f60957c .... me being anal... 2018-10-09 18:09:38 +00:00
toby 347291d1a9 re-factor of interface config compile process 2018-10-09 18:06:28 +00:00
toby 4a89aa2c93 re-arranging before interface config refactor 2018-10-09 16:25:45 +00:00
toby 1f58cd3918 cleaning up leading space vs tab bs 2018-10-09 16:23:52 +00:00
toby 4f7f177cc6 fixing bug in regex of qemu-ifup-public public IP matching 2018-10-08 18:22:22 +02:00
toby 1b891db635 renaming WIT customers prefix-list to be more consistent, in preparation for edge support 2018-10-08 18:20:48 +02:00
toby 460ee34f03 adding support for ibgp interfaces and feth/up/ibgp support for up to 4 nics 2018-10-08 11:33:18 +02:00
toby a343ade9c4 adding new firewall rule for stackapi 2018-10-05 22:27:10 +00:00
toby 928142ce70 updating the qemu-ifup scripts to reflect the new versions usling local files 2018-10-05 18:29:12 +00:00
toby bc97208b34 typo in ipv6 prefix list for new customer blocks 2018-10-04 20:07:50 +02:00
toby 836822aebe minor but critical typo in udev rule logic 2018-10-04 19:21:55 +02:00
toby 23c5b533c1 adding more IPv6 customer blocks for paul for the new v2 stack in usw2 2018-10-04 18:22:45 +02:00
toby 22edbf98f3 adding mac udev rules through DNS lookup configs 2018-10-04 18:12:55 +02:00
toby b5860daf1d typo in firewall rule 2018-10-01 18:25:50 +02:00
toby 7a948a6fbf adding ipv6 ssh support from bastion (in theory we should actually only need that, but keep ipv4 for now ... just in case) 2018-10-01 15:04:23 +02:00
toby 1cff4bac8e keeping the loopback ip as main tld of the host for simplicity of own lookup 2018-10-01 14:59:33 +02:00
toby 45a70bc9b6 build trigger 2018-10-01 10:57:10 +02:00