From 851a1ddc003fd023ae7e3d515732f21f40969de8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Asbj=C3=B8rn=20Sloth=20T=C3=B8nnesen?= Date: Wed, 21 Feb 2024 23:11:19 +0000 Subject: space_server: networkd: add new secondary Labicolo network MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This completes the split of Labicolo into two networks. Henceforth we have two Labicolo network, and any two Labicolo nodes on different parts of the network will have to join LabIX, if they want to peer. Signed-off-by: Asbjørn Sloth Tønnesen --- documentation/addressplan.txt | 3 +++ documentation/vlans.txt | 1 + roles/space_server/files/networkd/10-bond0.network | 1 + roles/space_server/files/networkd/10-lan21.netdev | 6 ++++++ roles/space_server/files/networkd/10-lan21.network | 18 ++++++++++++++++++ roles/space_server/templates/nftables.conf.j2 | 2 +- 6 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 roles/space_server/files/networkd/10-lan21.netdev create mode 100644 roles/space_server/files/networkd/10-lan21.network diff --git a/documentation/addressplan.txt b/documentation/addressplan.txt index 8a8cce3..8e439be 100644 --- a/documentation/addressplan.txt +++ b/documentation/addressplan.txt @@ -6,6 +6,8 @@ * 185.38.175.065 - space.labitat.dk, labicolo gateway * 185.38.175.069 - spacebrain.labitat.dk * 185.38.175.087 - blackbox.labitat.dk + ****** 185.38.175.096/27 - labicolo network B + * 185.38.175.097 - space.labitat.dk, labicolo gateway ***** 185.38.175.128/28 - Tor exit nodes * 185.38.175.129 - space.labitat.dk - gateway @@ -24,6 +26,7 @@ ***************** 2a01:4262:1ab:000f::/64 - vlan 15 - member nat64 ***************** 2a01:4262:1ab:0020::/64 - vlan 20 - labicolo network A * 2a01:4262:1ab:0020::6 - spacebrain.labitat.dk + ***************** 2a01:4262:1ab:0021::/64 - vlan 21 - labicolo network B ******************** 2a01:4262:1ab:1xxx::/52 - labicolo 16x /56 ******************* 2a01:4262:1ab:10xx::/56 - 256x /64 delegations diff --git a/documentation/vlans.txt b/documentation/vlans.txt index 4333e47..429b2e5 100644 --- a/documentation/vlans.txt +++ b/documentation/vlans.txt @@ -9,6 +9,7 @@ vlan 14 - wireless compat vlan 15 - wireless nat64 vlan 20 - Labicolo network A +vlan 21 - Labicolo network B vlan 25 - Tor network vlan 42 - LabIX vlan 3145 - LocIX Frankfurt diff --git a/roles/space_server/files/networkd/10-bond0.network b/roles/space_server/files/networkd/10-bond0.network index 38c0e49..a305e39 100644 --- a/roles/space_server/files/networkd/10-bond0.network +++ b/roles/space_server/files/networkd/10-bond0.network @@ -20,4 +20,5 @@ VLAN=lan13 VLAN=lan14 VLAN=lan15 VLAN=lan20 +VLAN=lan21 VLAN=lan25 diff --git a/roles/space_server/files/networkd/10-lan21.netdev b/roles/space_server/files/networkd/10-lan21.netdev new file mode 100644 index 0000000..85a79c2 --- /dev/null +++ b/roles/space_server/files/networkd/10-lan21.netdev @@ -0,0 +1,6 @@ +[NetDev] +Name=lan21 +Kind=vlan + +[VLAN] +Id=21 diff --git a/roles/space_server/files/networkd/10-lan21.network b/roles/space_server/files/networkd/10-lan21.network new file mode 100644 index 0000000..9828c6d --- /dev/null +++ b/roles/space_server/files/networkd/10-lan21.network @@ -0,0 +1,18 @@ +[Match] +Name=lan21 + +[Link] +ARP=yes + +[Network] +DHCP=no +IPv6AcceptRA=no +LinkLocalAddressing=no +Address=185.38.175.97/27 +Address=2a01:4262:1ab:21::1/64 +Address=fe80::1/64 +IPForward=yes +LLMNR=no +MulticastDNS=no +LLDP=yes +EmitLLDP=no diff --git a/roles/space_server/templates/nftables.conf.j2 b/roles/space_server/templates/nftables.conf.j2 index d4fe277..2724ca4 100644 --- a/roles/space_server/templates/nftables.conf.j2 +++ b/roles/space_server/templates/nftables.conf.j2 @@ -46,7 +46,7 @@ define futu_net6 = 2a01:4262:1ab:f::/64 define nat64_if = nat64 define nat64_net4 = 10.42.128.0/17 -define colo_if = lan20 +define colo_if = { lan20, lan21 } define tor_if = lan25 define tor_net4 = 185.38.175.128/28 -- cgit v1.2.1