zentralwerk/network
zentralwerk
/
network
12
4
Fork 2
Code Issues 4 Pull Requests 1 Releases Wiki Activity

config: remove upstream1 and upstream2 entirely

This commit is contained in:
Astro 2022-06-10 18:55:25 +02:00
parent 22e4e19a5b
commit 6f8dfc8859
9 changed files with 13 additions and 172 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
config/net/c3d2.nix
View File

@ -112,21 +112,21 @@
c3d2.hwaddr = "0A:14:48:01:21:01"; c3d2.hwaddr = "0A:14:48:01:21:01";
core.hwaddr = "0A:14:48:01:21:00"; core.hwaddr = "0A:14:48:01:21:00";
}; };
ospf.allowedUpstreams = [ "upstream3" "upstream4" "upstream1" "anon1" "freifunk" ]; ospf.allowedUpstreams = [ "freifunk" "upstream4" "upstream3" "anon1" ];
}; };
c3d2-gw2 = makeGateway { c3d2-gw2 = makeGateway {
interfaces = { interfaces = {
c3d2.hwaddr = "0A:14:48:01:21:03"; c3d2.hwaddr = "0A:14:48:01:21:03";
core.hwaddr = "0A:14:48:01:21:02"; core.hwaddr = "0A:14:48:01:21:02";
}; };
ospf.allowedUpstreams = [ "upstream1" "upstream3" "upstream4" "anon1" "freifunk" ]; ospf.allowedUpstreams = [ "upstream3" "upstream4" "anon1" "freifunk" ];
}; };
c3d2-gw3 = makeGateway { c3d2-gw3 = makeGateway {
interfaces = { interfaces = {
c3d2.hwaddr = "0A:14:48:01:21:05"; c3d2.hwaddr = "0A:14:48:01:21:05";
core.hwaddr = "0A:14:48:01:21:04"; core.hwaddr = "0A:14:48:01:21:04";
}; };
ospf.allowedUpstreams = [ "upstream4" "upstream3" "upstream1" "anon1" "freifunk" ]; ospf.allowedUpstreams = [ "upstream4" "upstream3" "anon1" "freifunk" ];
}; };
}; };
} }

2
config/net/cluster.nix
View File

@ -155,7 +155,7 @@ in
type = "veth"; type = "veth";
}; };
}; };
ospf.allowedUpstreams = [ "upstream4" "upstream1" "upstream3" "anon1" "freifunk" ]; ospf.allowedUpstreams = [ "upstream4" "upstream3" "anon1" "freifunk" ];
}; };
server3 = makeServer; server3 = makeServer;
server5 = makeServer; server5 = makeServer;

7
config/net/core.nix
View File

@ -64,8 +64,6 @@
server7 = "172.20.72.57"; server7 = "172.20.72.57";
server8 = "172.20.72.58"; server8 = "172.20.72.58";
server9 = "172.20.72.59"; server9 = "172.20.72.59";
upstream1 = "172.20.72.6";
upstream2 = "172.20.72.10";
upstream3 = "172.20.72.11"; upstream3 = "172.20.72.11";
upstream4 = "172.20.72.12"; upstream4 = "172.20.72.12";
yggdrasil = "172.20.72.62"; yggdrasil = "172.20.72.62";
@ -126,8 +124,6 @@
priv9-gw = "fd23:42:c3d2:581::c:8"; priv9-gw = "fd23:42:c3d2:581::c:8";
pub-gw = "fd23:42:c3d2:581::8:2"; pub-gw = "fd23:42:c3d2:581::8:2";
serv-gw = "fd23:42:c3d2:581::8:1"; serv-gw = "fd23:42:c3d2:581::8:1";
upstream1 = "fd23:42:c3d2:581::b:0";
upstream2 = "fd23:42:c3d2:581::b:1";
upstream3 = "fd23:42:c3d2:581::b:2"; upstream3 = "fd23:42:c3d2:581::b:2";
upstream4 = "fd23:42:c3d2:581::b:3"; upstream4 = "fd23:42:c3d2:581::b:3";
yggdrasil = "fd23:42:c3d2:581:9000::1"; yggdrasil = "fd23:42:c3d2:581:9000::1";
@ -187,7 +183,6 @@
priv8-gw = "2a00:8180:2c00:281::c:7"; priv8-gw = "2a00:8180:2c00:281::c:7";
priv9-gw = "2a00:8180:2c00:281::c:8"; priv9-gw = "2a00:8180:2c00:281::c:8";
serv-gw = "2a00:8180:2c00:281::8:1"; serv-gw = "2a00:8180:2c00:281::8:1";
upstream1 = "2a00:8180:2c00:281::b:0";
upstream4 = "2a00:8180:2c00:281::b:1"; upstream4 = "2a00:8180:2c00:281::b:1";
yggdrasil = "2a00:8180:2c00:281:9000::1"; yggdrasil = "2a00:8180:2c00:281:9000::1";
vpn-gw = "2a00:8180:2c00:281:9001::1"; vpn-gw = "2a00:8180:2c00:281:9001::1";
@ -221,7 +216,7 @@
}; };
ospf = { ospf = {
allowedUpstreams = allowedUpstreams =
[ "upstream4" "upstream1" "upstream3" "anon1" "freifunk" ]; [ "upstream4" "upstream3" "anon1" "freifunk" ];
stubNets4 = [ "172.20.0.0/14" "10.0.0.0/8" ]; stubNets4 = [ "172.20.0.0/14" "10.0.0.0/8" ];
stubNets6 = stubNets6 =
[ "fd00::/8" "2a02:8106:208:5200::/56" "2a02:8106:211:e900::/56" ]; [ "fd00::/8" "2a02:8106:208:5200::/56" "2a02:8106:211:e900::/56" ];

2
config/net/mgmt.nix
View File

@ -191,7 +191,7 @@
}; };
ospf = { ospf = {
allowedUpstreams = allowedUpstreams =
[ "upstream4" "upstream1" "upstream3" "anon1" "freifunk" ]; [ "upstream4" "upstream3" "anon1" "freifunk" ];
}; };
role = "container"; role = "container";
}; };

4
config/net/priv.nix
View File

@ -38,7 +38,7 @@ lib.mkMerge (
core.type = "veth"; core.type = "veth";
"priv${toString n}".type = "veth"; "priv${toString n}".type = "veth";
}; };
ospf.allowedUpstreams = [ "upstream4" "upstream3" "upstream1" "anon1" "freifunk" ]; ospf.allowedUpstreams = [ "upstream4" "upstream3" "anon1" "freifunk" ];
}; };
} }
) (seq 1 privCount) ) (seq 1 privCount)
@ -520,7 +520,7 @@ lib.mkMerge (
hwaddr = "0A:14:47:02:2A:19"; hwaddr = "0A:14:47:02:2A:19";
}; };
}; };
ospf.allowedUpstreams = [ "upstream3" "upstream4" "upstream1" "anon1" "freifunk" ]; ospf.allowedUpstreams = [ "upstream3" "upstream4" "anon1" "freifunk" ];
}; };
priv18-gw = { priv18-gw = {
interfaces = { interfaces = {

2
config/net/serv.nix
View File

@ -176,7 +176,7 @@
}; };
}; };
ospf.allowedUpstreams = ospf.allowedUpstreams =
[ "upstream4" "upstream1" "upstream3" "anon1" "freifunk" ]; [ "upstream4" "upstream3" "anon1" "freifunk" ];
}; };
stats = makeContainer { stats = makeContainer {
interfaces.serv.hwaddr = "0A:14:48:01:15:00"; interfaces.serv.hwaddr = "0A:14:48:01:15:00";

152
config/net/upstream.nix
View File

@ -5,156 +5,6 @@ let
in in
{ {
site.hosts = { site.hosts = {
upstream1 = {
forwardPorts = [
{ # http
destination = "${servHosts.public-access-proxy}:80";
proto = "tcp";
reflect = true;
sourcePort = 80;
}
{ # https
destination = "${servHosts.public-access-proxy}:443";
proto = "tcp";
reflect = true;
sourcePort = 443;
}
{
destination = dn42;
proto = "udp";
reflect = true;
sourcePort = 2325;
}
{
destination = dn42;
proto = "udp";
reflect = true;
sourcePort = 2399;
}
{
destination = dn42;
proto = "udp";
reflect = true;
sourcePort = 2327;
}
{
destination = dn42;
proto = "udp";
reflect = true;
sourcePort = 2338;
}
{
destination = dn42;
proto = "udp";
reflect = true;
sourcePort = 2339;
}
{
destination = dn42;
proto = "udp";
reflect = true;
sourcePort = 40533;
}
{
destination = dn42;
proto = "udp";
reflect = true;
sourcePort = 61699;
}
{
destination = "172.20.74.210:22";
proto = "tcp";
reflect = true;
sourcePort = 2222;
}
{
destination = "172.20.74.210:443";
proto = "tcp";
reflect = true;
sourcePort = 8443;
}
{
destination = "172.20.73.47:22";
proto = "tcp";
reflect = true;
sourcePort = 2223;
}
{
destination = "172.20.73.48:30000";
proto = "udp";
reflect = true;
sourcePort = 30000;
}
{
destination = config.site.net.core.hosts4.yggdrasil;
proto = "tcp";
reflect = true;
sourcePort = 1337;
}
];
interfaces = {
core = {
hwaddr = "0A:14:48:01:26:00";
type = "veth";
};
up1 = {
hwaddr = "00:23:74:D7:2D:7C";
type = "veth";
upstream = {
link = null;
noNat = { subnets6 = [ "2a02:8106:208:5200::/56" ]; };
provider = "vodafone";
staticIpv4Address = "24.134.104.53";
upBandwidth = 52500;
};
};
};
ospf.upstreamInstance = 3;
role = "container";
};
upstream2 = {
forwardPorts = [
{
destination = "172.20.75.9:1194";
proto = "udp";
reflect = true;
sourcePort = 1194;
}
{
destination = "172.20.74.210:22";
proto = "tcp";
reflect = true;
sourcePort = 2222;
}
{
destination = "172.20.74.210:443";
proto = "tcp";
reflect = true;
sourcePort = 8443;
}
];
interfaces = {
core = {
hwaddr = "0A:14:48:01:27:00";
type = "veth";
};
up2 = {
hwaddr = "00:23:74:D7:42:7C";
type = "veth";
upstream = {
link = null;
noNat = { subnets6 = [ "2a02:8106:208:e900::/56" ]; };
provider = "vodafone";
staticIpv4Address = null;
upBandwidth = 52500;
};
};
};
ospf.upstreamInstance = 4;
role = "container";
};
upstream3 = { upstream3 = {
interfaces = { interfaces = {
core = { core = {
@ -449,7 +299,7 @@ in
}; };
}; };
ospf = { ospf = {
allowedUpstreams = [ "upstream1" "upstream3" "upstream4" "freifunk" ]; allowedUpstreams = [ "upstream3" "upstream4" "freifunk" ];
upstreamInstance = 5; upstreamInstance = 5;
}; };
role = "container"; role = "container";

2
config/net/yggdrasil.nix
View File

@ -9,7 +9,7 @@
}; };
ospf = { ospf = {
allowedUpstreams = allowedUpstreams =
[ "upstream4" "upstream1" "upstream3" "anon1" "freifunk" ]; [ "upstream4" "upstream3" "anon1" "freifunk" ];
stubNets6 = [ "200::/7" ]; stubNets6 = [ "200::/7" ];
}; };

8
nix/lib/dns.nix
View File

@ -167,13 +167,9 @@ rec {
name = "dyn.zentralwerk.org"; name = "dyn.zentralwerk.org";
ns = publicNS; ns = publicNS;
records = [ { records = [ {
name = "upstream1"; name = "upstream4";
type = "A"; type = "A";
data = "24.134.104.53"; data = "81.201.149.152";
} {
name = "upstream2";
type = "A";
data = "24.134.252.105";
} ]; } ];
} ] ++ builtins.concatLists ( } ] ++ builtins.concatLists (
builtins.attrValues ( builtins.attrValues (