diff options
Diffstat (limited to 'roles/vm/network/templates/interfaces_public.j2')
-rw-r--r-- | roles/vm/network/templates/interfaces_public.j2 | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/roles/vm/network/templates/interfaces_public.j2 b/roles/vm/network/templates/interfaces_public.j2 new file mode 100644 index 00000000..2e8583ab --- /dev/null +++ b/roles/vm/network/templates/interfaces_public.j2 @@ -0,0 +1,63 @@ +# This file describes the network interfaces available on your system +# and how to activate them. For more information, see interfaces(5). + +source /etc/network/interfaces.d/* + +# The loopback network interface +auto lo +iface lo inet loopback + +# The internal network interface +auto {{ srv_network.internal.interface }} +iface {{ srv_network.internal.interface }} inet static + address {{ srv_network.internal.ip }} + netmask 255.255.255.0 + pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra + pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf + up ip route add default via 192.168.1.254 table default + up ip rule add pref 42000 lookup default + up ip rule del pref 32767 + down ip rule add pref 32767 lookup default + down ip rule del pref 42000 + down ip route del default via 192.168.1.254 table default + + +# The public network interface +auto {{ srv_network.public.interface }} +iface {{ srv_network.public.interface }} inet static + address {{ srv_network.public.ip }} + netmask 255.255.255.0 + pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra + pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf + ## mur.at + up ip addr add dev $IFACE {{ srv_network.public.ip_mur }}/28 + up ip route add default via 89.106.215.14 src {{ srv_network.public.ip_mur }} table mur-default + up ip rule add pref 33000 from {{ srv_network.public.ip_mur }} lookup mur-default + ## upc + up ip addr add dev $IFACE {{ srv_network.public.ip_upc }}/32 + up ip route add default via 192.168.3.254 src {{ srv_network.public.ip_upc }} table upc-default + up ip rule add pref 35000 from {{ srv_network.public.ip_upc }} lookup upc-default + ### firewall + up /etc/network/firewall4.sh start $IFACE + ########## + down /etc/network/firewall4.sh stop $IFACE + ## upc + down ip rule del pref 35000 + down ip route del default via 192.168.3.254 src {{ srv_network.public.ip_upc }} table upc-default + down ip addr del dev $IFACE {{ srv_network.public.ip_upc }}/32 + ## mur.at + down ip rule del pref 33000 + down ip route del default via 89.106.215.14 src {{ srv_network.public.ip_mur }} table mur-default + down ip addr del dev $IFACE {{ srv_network.public.ip_mur }}/28 + +iface {{ srv_network.public.interface }} inet6 static + address {{ srv_network.public.ip_mur6 }} + netmask 64 + pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra + pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf + up ip -6 route add default via 2a02:3e0:2003::e src {{ srv_network.public.ip_mur6 }} table mur-default + up ip -6 rule add pref 33000 from {{ srv_network.public.ip_mur6 }} lookup mur-default + up /etc/network/firewall6.sh start $IFACE + down /etc/network/firewall6.sh stop $IFACE + down ip -6 rule del pref 33000 + down ip -6 route del default via 2a02:3e0:2003::e src {{ srv_network.public.ip_mur6 }} table mur-default |