#!/bin/sh . "$(dirname -- "$0")/netdev.sh" # VRFs VRF="vrf-wgate" new_if_vrf "$VRF" 20 if_route_vrf_sink_unreach "$VRF" "2a04:5b81:2060::/48" if_route_vrf_sink_unreach "$VRF" "2a04:5b81:2010::/44" if_route_vrf_default_unreach "$VRF" # Bridges IFACE="br-uplink" if_slave "$VRF" "$IFACE" new_if_bridge "$IFACE" if_bridge_property 'stp_state' "$IFACE" if_bridge_property 'forward_delay' "$IFACE" '400' # 4 seconds, 8 seconds total (listen>learn) if_bridge_property 'hello_time' "$IFACE" '100' # every 1 second if_bridge_property 'mcast_router' "$IFACE" if_bridge_property 'mcast_snooping' "$IFACE" '0' '' # TODO: Remove such entries when bridges play well with multicasting if_bridge_property 'mcast_querier' "$IFACE" if_bridge_property 'mcast_mld_version' "$IFACE" '2' '' new_forward "$IFACE" if_slave "$IFACE" "vnet0" new_if_phys "vnet0" # Wireguard IFACE="tristan" if_slave "$VRF" "$IFACE" new_if_wg "$IFACE" new_forward "$IFACE" if_ip_addr "$IFACE" "fe80::1/64" if_route_vrf_addr "$VRF" "$IFACE" "2a04:5b81:2010::/48" IFACE="gustav" if_slave "$VRF" "$IFACE" new_if_wg "$IFACE" new_forward "$IFACE" if_ip_addr "$IFACE" "fe80::1/64" if_route_vrf_addr "$VRF" "$IFACE" "2a04:5b81:2011::/48" IFACE="caskd" if_slave "$VRF" "$IFACE" new_if_wg "$IFACE" new_forward "$IFACE" if_ip_addr "$IFACE" "fe80::1/64" if_route_vrf_addr "$VRF" "$IFACE" "2a04:5b81:2060::/48"