diff options
| author | Hafnium <haf@hafnium.me> | 2022-10-11 20:17:39 +0200 |
|---|---|---|
| committer | Emil Renner Berthing <esmil@labitat.dk> | 2022-10-15 00:21:29 +0200 |
| commit | 80c6cf0de448f8fdf10c1e4be82cc7e0ef42abc5 (patch) | |
| tree | dc00f6bf017cc0ab53d67cc726256dd27ece58a6 /roles/space_server/files/networkd/10-locix.sysctl | |
| parent | 526c6c42a07661b9fa0331cb24b423fa1e7024c2 (diff) | |
| download | labitat-ansible-80c6cf0de448f8fdf10c1e4be82cc7e0ef42abc5.tar.gz labitat-ansible-80c6cf0de448f8fdf10c1e4be82cc7e0ef42abc5.tar.xz labitat-ansible-80c6cf0de448f8fdf10c1e4be82cc7e0ef42abc5.zip | |
space_server: networkd: add LocIX connection
systemd mechanics reworked by Esmil
Co-developed-by: Emil Renner Berthing <esmil@labitat.dk>
Diffstat (limited to 'roles/space_server/files/networkd/10-locix.sysctl')
| -rw-r--r-- | roles/space_server/files/networkd/10-locix.sysctl | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/roles/space_server/files/networkd/10-locix.sysctl b/roles/space_server/files/networkd/10-locix.sysctl new file mode 100644 index 0000000..e28f743 --- /dev/null +++ b/roles/space_server/files/networkd/10-locix.sysctl @@ -0,0 +1,25 @@ +# From https://www.ams-ix.net/ams/documentation/config-guide +# file: /etc/sysctl.conf +# These settings should be duplicated for all interfaces that are +# on a peering LAN. + +# Fix the "promiscuous ARP" thing... +net.ipv4.conf.locix.arp_ignore=1 +net.ipv4.conf.locix.arp_announce=1 + +# Turn off RP filtering to allow asymmetric routing +net.ipv4.conf.locix.rp_filter=0 + +# Multiple (non-aggregated) interfaces on the same peering LAN +# READ THE MANUAL FIRST! +#net.ipv4.conf.ifname.arp_filter=1 + +# Keep the IX ARP Police happy :-) +net.ipv4.neigh.locix.base_reachable_time_ms=14400000 +net.ipv6.neigh.locix.base_reachable_time_ms=14400000 + +# No redirects +net.ipv4.conf.locix.accept_redirects=0 +net.ipv4.conf.locix.secure_redirects=0 +net.ipv4.conf.locix.send_redirects=0 +net.ipv6.conf.locix.accept_redirects=0 |