freifunk: implement new gateway selection

2022-12-28 00:58:57 +01:00 · 2022-12-28 00:58:57 +01:00 · f31bde14f7
parent 5982ce9166
commit f31bde14f7
1 changed files with 37 additions and 8 deletions
--- a/hosts/freifunk/default.nix
+++ b/hosts/freifunk/default.nix
@ -14,6 +14,7 @@ let
  rt_table_hosts = 7;
  rt_table_nets = rt_table_hosts + 1;
  rt_table_tuns = rt_table_hosts + 2;
+  rt_table_ffgw = 244;
  sysinfo-json = import ./sysinfo-json.nix { inherit pkgs ddmeshNode; };

  upstreams = [ "upstream4" "upstream3" ];
@ -26,6 +27,29 @@ let
    core = "00:de:13:cb:9a:7b";
    bmx = "00:de:13:cb:9a:7c";
  };
+  bmxdGatewayScript = with pkgs; writeScript "bmxd-gateway.sh" ''
+    #! ${runtimeShell} -e
+
+    echo "bmxd-gateway.sh: $@" >&2
+
+    PATH=${lib.makeBinPath [ iproute2 ]}
+    case "$1" in
+      gateway)
+        ;;
+      del|init)
+        ;;
+      *)
+        ip tunnel del ffgw || true
+
+        ip tunnel add ffgw mode ipip local 10.200.${ddmeshAddrPart} remote "$1"
+        ip link set ffgw up
+        ip addr add 10.200.${ddmeshAddrPart}/32 dev ffgw
+        ip route add 0/0 dev ffgw table ${toString rt_table_ffgw}
+        ip rule add pref 33500 table ${toString rt_table_ffgw} || true
+        ;;
+    esac
+  '';
+
 in {
  imports = [
    "${modulesPath}/profiles/minimal.nix"
@ -234,8 +258,6 @@ in {
            FirewallMark = upstreamMark;
          };
        } ];
-        # reverse dependency
-        networkConfig.Tunnel = [ "wg-vpn6" ];
      };
    };
  };
@ -250,13 +272,20 @@ in {
          --no_fork 1 \
          --throw-rules 0 \
          --prio-rules 0 \
-          --gateway_tunnel_network 10.200.0.0/16 \
-          --purge_timeout 20 \
-          --one_way_tunnel 1 \
+          --network 10.200.0.0/16 \
+          --netid 0 \
+          --only_community_gw 1 \
+          --script ${bmxdGatewayScript} \
+          --hop_penalty 1 \
+          --lateness_penalty 10 \
+          --ogm_broadcasts 100 \
+          --udp_data_size 512 \
+          --ogm_interval 5000 \
+          --purge_timeout 35 \
          -r 3 --gateway_hysteresis 20 \
-          dev=${meshLoopback} /linklayer 0 \
-          dev=${meshInterface} /linklayer 1 \
-          dev=ipip-node51001 /linklayer 1
+          --dev ${meshLoopback} /linklayer 0 \
+          --dev ${meshInterface} /linklayer 1 \
+          --dev ipip-node51001 /linklayer 1
      '';
      Restart = "always";
      RestartSec = "60";