space_server: networkd: add new secondary Labicolo network

This completes the split of Labicolo into two networks.

Henceforth we have two Labicolo network, and any two
Labicolo nodes on different parts of the network will
have to join LabIX, if they want to peer.

Signed-off-by: Asbjørn Sloth Tønnesen <asbjorn@labitat.dk>

6 files changed, 30 insertions, 1 deletions

diff --git a/documentation/addressplan.txt b/documentation/addressplan.txt
index 8a8cce3..8e439be 100644
--- a/documentation/addressplan.txt
+++ b/documentation/addressplan.txt
@@ -6,6 +6,8 @@
         * 185.38.175.065    - space.labitat.dk, labicolo gateway
         * 185.38.175.069    - spacebrain.labitat.dk
         * 185.38.175.087    - blackbox.labitat.dk
+   ****** 185.38.175.096/27 - labicolo network B
+        * 185.38.175.097    - space.labitat.dk, labicolo gateway
     ***** 185.38.175.128/28 - Tor exit nodes
         * 185.38.175.129    - space.labitat.dk - gateway
 
@@ -24,6 +26,7 @@
     ***************** 2a01:4262:1ab:000f::/64  - vlan 15 - member nat64
     ***************** 2a01:4262:1ab:0020::/64  - vlan 20 - labicolo network A
                     * 2a01:4262:1ab:0020::6    - spacebrain.labitat.dk
+    ***************** 2a01:4262:1ab:0021::/64  - vlan 21 - labicolo network B
 
  ******************** 2a01:4262:1ab:1xxx::/52  - labicolo 16x /56
   ******************* 2a01:4262:1ab:10xx::/56  - 256x /64 delegations
diff --git a/documentation/vlans.txt b/documentation/vlans.txt
index 4333e47..429b2e5 100644
--- a/documentation/vlans.txt
+++ b/documentation/vlans.txt
@@ -9,6 +9,7 @@ vlan   14 - wireless compat
 vlan   15 - wireless nat64
 
 vlan   20 - Labicolo network A
+vlan   21 - Labicolo network B
 vlan   25 - Tor network
 vlan   42 - LabIX
 vlan 3145 - LocIX Frankfurt
diff --git a/roles/space_server/files/networkd/10-bond0.network b/roles/space_server/files/networkd/10-bond0.network
index 38c0e49..a305e39 100644
--- a/roles/space_server/files/networkd/10-bond0.network
+++ b/roles/space_server/files/networkd/10-bond0.network
@@ -20,4 +20,5 @@ VLAN=lan13
 VLAN=lan14
 VLAN=lan15
 VLAN=lan20
+VLAN=lan21
 VLAN=lan25
diff --git a/roles/space_server/files/networkd/10-lan21.netdev b/roles/space_server/files/networkd/10-lan21.netdev
new file mode 100644
index 0000000..85a79c2
--- /dev/null
+++ b/roles/space_server/files/networkd/10-lan21.netdev
@@ -0,0 +1,6 @@
+[NetDev]
+Name=lan21
+Kind=vlan
+
+[VLAN]
+Id=21
diff --git a/roles/space_server/files/networkd/10-lan21.network b/roles/space_server/files/networkd/10-lan21.network
new file mode 100644
index 0000000..9828c6d
--- /dev/null
+++ b/roles/space_server/files/networkd/10-lan21.network
@@ -0,0 +1,18 @@
+[Match]
+Name=lan21
+
+[Link]
+ARP=yes
+
+[Network]
+DHCP=no
+IPv6AcceptRA=no
+LinkLocalAddressing=no
+Address=185.38.175.97/27
+Address=2a01:4262:1ab:21::1/64
+Address=fe80::1/64
+IPForward=yes
+LLMNR=no
+MulticastDNS=no
+LLDP=yes
+EmitLLDP=no
diff --git a/roles/space_server/templates/nftables.conf.j2 b/roles/space_server/templates/nftables.conf.j2
index d4fe277..2724ca4 100644
--- a/roles/space_server/templates/nftables.conf.j2
+++ b/roles/space_server/templates/nftables.conf.j2
@@ -46,7 +46,7 @@ define futu_net6 = 2a01:4262:1ab:f::/64
 define nat64_if   = nat64
 define nat64_net4 = 10.42.128.0/17
 
-define colo_if   = lan20
+define colo_if   = { lan20, lan21 }
 
 define tor_if     = lan25
 define tor_net4   = 185.38.175.128/28