aboutsummaryrefslogtreecommitdiffstats
path: root/roles/space_server
diff options
context:
space:
mode:
Diffstat (limited to 'roles/space_server')
-rw-r--r--roles/space_server/files/networkd/10-lan11.network9
-rw-r--r--roles/space_server/files/networkd/10-lan12.network9
-rw-r--r--roles/space_server/files/networkd/10-lan13.network11
-rw-r--r--roles/space_server/files/networkd/10-lan14.network10
-rw-r--r--roles/space_server/files/networkd/10-lan15.network10
-rw-r--r--roles/space_server/files/networkd/10-lan25.network2
-rw-r--r--roles/space_server/templates/nftables.conf.j222
7 files changed, 45 insertions, 28 deletions
diff --git a/roles/space_server/files/networkd/10-lan11.network b/roles/space_server/files/networkd/10-lan11.network
index add8dd1..064c8a2 100644
--- a/roles/space_server/files/networkd/10-lan11.network
+++ b/roles/space_server/files/networkd/10-lan11.network
@@ -8,6 +8,7 @@ ARP=yes
DHCP=no
IPv6AcceptRA=no
Address=10.42.1.1/24
+#Address=2a00:fbe4:1ab:b::1/64
#Address=2a01:4262:1ab:b::1/64
Address=fe80::1/64
IPForward=yes
@@ -18,6 +19,10 @@ EmitLLDP=yes
IPv6SendRA=yes
[Route]
+Destination=2a00:fbe4:1ab:b::/64
+PreferredSource=2a00:fbe4:1ab::
+
+[Route]
Destination=2a01:4262:1ab:b::/64
PreferredSource=2a01:4262:1ab::
@@ -25,10 +30,10 @@ PreferredSource=2a01:4262:1ab::
RouterLifetimeSec=9000
RouterPreference=medium
EmitDNS=yes
-DNS=2a01:4262:1ab::
+DNS=2a00:fbe4:1ab::
DNSLifetimeSec=14400
[IPv6Prefix]
-Prefix=2a01:4262:1ab:b::/64
+Prefix=2a00:fbe4:1ab:b::/64
ValidLifetimeSec=86400
PreferredLifetimeSec=14400
diff --git a/roles/space_server/files/networkd/10-lan12.network b/roles/space_server/files/networkd/10-lan12.network
index 0887100..1bb2b43 100644
--- a/roles/space_server/files/networkd/10-lan12.network
+++ b/roles/space_server/files/networkd/10-lan12.network
@@ -8,6 +8,7 @@ ARP=yes
DHCP=no
IPv6AcceptRA=no
Address=10.42.2.1/24
+#Address=2a00:fbe4:1ab:c::1/64
#Address=2a01:4262:1ab:c::1/64
Address=fe80::1/64
IPForward=yes
@@ -18,6 +19,10 @@ EmitLLDP=yes
IPv6SendRA=yes
[Route]
+Destination=2a00:fbe4:1ab:c::/64
+PreferredSource=2a00:fbe4:1ab::
+
+[Route]
Destination=2a01:4262:1ab:c::/64
PreferredSource=2a01:4262:1ab::
@@ -25,10 +30,10 @@ PreferredSource=2a01:4262:1ab::
RouterLifetimeSec=9000
RouterPreference=medium
EmitDNS=yes
-DNS=2a01:4262:1ab::
+DNS=2a00:fbe4:1ab::
DNSLifetimeSec=14400
[IPv6Prefix]
-Prefix=2a01:4262:1ab:c::/64
+Prefix=2a00:fbe4:1ab:c::/64
ValidLifetimeSec=86400
PreferredLifetimeSec=14400
diff --git a/roles/space_server/files/networkd/10-lan13.network b/roles/space_server/files/networkd/10-lan13.network
index a36dd5a..f83c843 100644
--- a/roles/space_server/files/networkd/10-lan13.network
+++ b/roles/space_server/files/networkd/10-lan13.network
@@ -8,6 +8,7 @@ ARP=yes
DHCP=no
IPv6AcceptRA=no
Address=10.42.3.1/24
+#Address=2a00:fbe4:1ab:d::1/64
#Address=2a01:4262:1ab:d::1/64
Address=fe80::1/64
IPForward=yes
@@ -18,17 +19,21 @@ EmitLLDP=yes
IPv6SendRA=yes
[Route]
+Destination=2a00:fbe4:1ab:d::/64
+PreferredSource=2a00:fbe4:1ab::
+
+[Route]
Destination=2a01:4262:1ab:d::/64
-PreferredSource=2a01:4262:1ab::
+PreferredSource=2a00:fbe4:1ab::
[IPv6SendRA]
RouterLifetimeSec=9000
RouterPreference=medium
EmitDNS=yes
-DNS=2a01:4262:1ab::
+DNS=2a00:fbe4:1ab::
DNSLifetimeSec=14400
[IPv6Prefix]
-Prefix=2a01:4262:1ab:d::/64
+Prefix=2a00:fbe4:1ab:d::/64
ValidLifetimeSec=86400
PreferredLifetimeSec=14400
diff --git a/roles/space_server/files/networkd/10-lan14.network b/roles/space_server/files/networkd/10-lan14.network
index 018441e..90f2677 100644
--- a/roles/space_server/files/networkd/10-lan14.network
+++ b/roles/space_server/files/networkd/10-lan14.network
@@ -8,7 +8,7 @@ ARP=yes
DHCP=no
IPv6AcceptRA=no
Address=10.42.4.1/24
-#Address=2a01:4262:1ab:e::1/64
+#Address=2a00:fbe4:1ab:e::1/64
Address=fe80::1/64
IPForward=yes
LLMNR=yes
@@ -18,17 +18,17 @@ EmitLLDP=yes
IPv6SendRA=yes
[Route]
-Destination=2a01:4262:1ab:e::/64
-PreferredSource=2a01:4262:1ab::
+Destination=2a00:fbe4:1ab:e::/64
+PreferredSource=2a00:fbe4:1ab::
[IPv6SendRA]
RouterLifetimeSec=9000
RouterPreference=medium
EmitDNS=yes
-DNS=2a01:4262:1ab::
+DNS=2a00:fbe4:1ab::
DNSLifetimeSec=14400
[IPv6Prefix]
-Prefix=2a01:4262:1ab:e::/64
+Prefix=2a00:fbe4:1ab:e::/64
ValidLifetimeSec=86400
PreferredLifetimeSec=14400
diff --git a/roles/space_server/files/networkd/10-lan15.network b/roles/space_server/files/networkd/10-lan15.network
index 202e07a..6e6e493 100644
--- a/roles/space_server/files/networkd/10-lan15.network
+++ b/roles/space_server/files/networkd/10-lan15.network
@@ -10,7 +10,7 @@ IPv6AcceptRA=no
# systemd-networkd thinks link is degraded
# unless it has an ipv4 address :(
Address=10.42.5.1/24
-#Address=2a01:4262:1ab:f::1/64
+#Address=2a00:fbe4:1ab:f::1/64
Address=fe80::1/64
IPForward=ipv6
LLMNR=yes
@@ -20,17 +20,17 @@ EmitLLDP=yes
IPv6SendRA=yes
[Route]
-Destination=2a01:4262:1ab:f::/64
-PreferredSource=2a01:4262:1ab::
+Destination=2a00:fbe4:1ab:f::/64
+PreferredSource=2a00:fbe4:1ab::
[IPv6SendRA]
RouterLifetimeSec=9000
RouterPreference=medium
EmitDNS=yes
-DNS=2a01:4262:1ab::
+DNS=2a00:fbe4:1ab::
DNSLifetimeSec=14400
[IPv6Prefix]
-Prefix=2a01:4262:1ab:f::/64
+Prefix=2a00:fbe4:1ab:f::/64
ValidLifetimeSec=86400
PreferredLifetimeSec=14400
diff --git a/roles/space_server/files/networkd/10-lan25.network b/roles/space_server/files/networkd/10-lan25.network
index e77b459..db7f55b 100644
--- a/roles/space_server/files/networkd/10-lan25.network
+++ b/roles/space_server/files/networkd/10-lan25.network
@@ -8,7 +8,9 @@ ARP=yes
DHCP=no
IPv6AcceptRA=no
LinkLocalAddressing=no
+Address=45.145.93.129/28
Address=185.38.175.129/28
+Address=2a00:fbe4:1ab:ffff::1/64
Address=2a01:4262:1ab:ffff::1/64
Address=fe80::1/64
IPForward=yes
diff --git a/roles/space_server/templates/nftables.conf.j2 b/roles/space_server/templates/nftables.conf.j2
index 002a107..cccdc71 100644
--- a/roles/space_server/templates/nftables.conf.j2
+++ b/roles/space_server/templates/nftables.conf.j2
@@ -7,8 +7,8 @@ define jumbotron_ip6 = {{ local_hosts['jumbotron'].ipv6[0] }}
# internal stuff
define ext_if = wan
-define ext_ip4 = 185.38.175.0
-define ext_ip6 = 2a01:4262:1ab::
+define ext_ip4 = 45.145.93.0
+define ext_ip6 = 2a00:fbe4:1ab::
define int_net4 = 10.42.0.0/16
define ext_net4 = { 185.38.175.0/24, 45.145.93.0/24 }
define ext_net6 = { 2a01:4262:1ab::/48, 2a00:fbe4:1ab::/48 }
@@ -22,26 +22,26 @@ define adm_net4 = 10.42.0.0/24
define wire_if = lan11
define wire_ip4 = 10.42.1.1
define wire_net4 = 10.42.1.0/24
-define wire_net6 = 2a01:4262:1ab:b::/64
+define wire_net6 = { 2a01:4262:1ab:b::/64, 2a00:fbe4:1ab:b::/64 }
define priv_if = lan12
define priv_ip4 = 10.42.2.1
define priv_net4 = 10.42.2.0/24
-define priv_net6 = 2a01:4262:1ab:c::/64
+define priv_net6 = { 2a01:4262:1ab:c::/64, 2a00:fbe4:1ab:c::/64 }
define free_if = lan13
define free_ip4 = 10.42.3.1
-define free_nat = 185.38.175.1
+define free_nat = 45.145.93.1
define free_net4 = 10.42.3.0/24
-define free_net6 = 2a01:4262:1ab:d::/64
+define free_net6 = { 2a01:4262:1ab:d::/64, 2a00:fbe4:1ab:d::/64 }
define pass_if = lan14
define pass_ip4 = 10.42.4.1
define pass_net4 = 10.42.4.0/24
-define pass_net6 = 2a01:4262:1ab:e::/64
+define pass_net6 = { 2a01:4262:1ab:e::/64, 2a00:fbe4:1ab:e::/64 }
define futu_if = lan15
-define futu_net6 = 2a01:4262:1ab:f::/64
+define futu_net6 = { 2a01:4262:1ab:f::/64, 2a00:fbe4:1ab:f::/64 }
define nat64_if = nat64
define nat64_net4 = 10.42.128.0/17
@@ -49,13 +49,13 @@ define nat64_net4 = 10.42.128.0/17
define colo_if = { lan20, lan21 }
define tor_if = lan25
-define tor_net4 = 185.38.175.128/28
-define tor_net6 = 2a01:4262:1ab:ffff::/64
+define tor_net4 = { 185.38.175.128/28, 45.145.93.128/28 }
+define tor_net6 = { 2a01:4262:1ab:ffff::/64, 2a00:fbe4:1ab:ffff::/64 }
define local_ip4 = { $ext_ip4, $adm_ip4, $wire_ip4, $priv_ip4, $free_ip4, $pass_ip4 }
define local_ip6 = { $ext_ip6 }
define local_net4 = { $ext_ip4, $free_nat, $int_net4 }
-define local_net6 = 2a01:4262:1ab::/52
+define local_net6 = { 2a01:4262:1ab::/52, 2a00:fbe4:1ab::/52 }
define avahi_ifs = { $wire_if, $priv_if, $pass_if }
generated by cgit v1.2.1 (git 2.18.0) at 2025-06-08 07:00:21 +0000