50 lines
1.4 KiB
Bash
Executable File
50 lines
1.4 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
. "$(dirname -- "$0")/netdev.sh"
|
|
|
|
# VRFs
|
|
VRF="vrf-wgate"
|
|
new_if_vrf "$VRF" 20
|
|
if_route_vrf_sink_unreach "$VRF" "2a04:5b81:2060::/48"
|
|
if_route_vrf_sink_unreach "$VRF" "2a04:5b81:2010::/44"
|
|
if_route_vrf_default_unreach "$VRF"
|
|
|
|
# Bridges
|
|
IFACE="br-uplink"
|
|
if_slave "$VRF" "$IFACE"
|
|
new_if_bridge "$IFACE"
|
|
if_bridge_property 'stp_state' "$IFACE"
|
|
if_bridge_property 'forward_delay' "$IFACE" '400' # 4 seconds, 8 seconds total (listen>learn)
|
|
if_bridge_property 'hello_time' "$IFACE" '100' # every 1 second
|
|
if_bridge_property 'mcast_router' "$IFACE"
|
|
if_bridge_property 'mcast_snooping' "$IFACE" '0' '' # TODO: Remove such entries when bridges play well with multicasting
|
|
if_bridge_property 'mcast_querier' "$IFACE"
|
|
if_bridge_property 'mcast_mld_version' "$IFACE" '2' ''
|
|
new_forward "$IFACE"
|
|
|
|
if_slave "$IFACE" "vnet0"
|
|
new_if_phys "vnet0"
|
|
|
|
|
|
# Wireguard
|
|
IFACE="tristan"
|
|
if_slave "$VRF" "$IFACE"
|
|
new_if_wg "$IFACE"
|
|
new_forward "$IFACE"
|
|
if_ip_addr "$IFACE" "fe80::1/64"
|
|
if_route_vrf_addr "$VRF" "$IFACE" "2a04:5b81:2010::/48"
|
|
|
|
IFACE="gustav"
|
|
if_slave "$VRF" "$IFACE"
|
|
new_if_wg "$IFACE"
|
|
new_forward "$IFACE"
|
|
if_ip_addr "$IFACE" "fe80::1/64"
|
|
if_route_vrf_addr "$VRF" "$IFACE" "2a04:5b81:2011::/48"
|
|
|
|
IFACE="caskd"
|
|
if_slave "$VRF" "$IFACE"
|
|
new_if_wg "$IFACE"
|
|
new_forward "$IFACE"
|
|
if_ip_addr "$IFACE" "fe80::1/64"
|
|
if_route_vrf_addr "$VRF" "$IFACE" "2a04:5b81:2060::/48"
|