Add interface & routing for ipv4 NAT address

roles/gateway-nat/handlers/bird.yml

@@ -0,0 +1,7 @@
+---
+
+- name: Reload bird daemons
+  service: name={{item}} state=reloaded
+  with_items:
+  - bird
+  - bird6

roles/gateway-nat/handlers/main.yml

@@ -0,0 +1,3 @@
+---
+
+- include: bird.yml

roles/gateway-nat/tasks/address.yml

@@ -0,0 +1,6 @@
+---
+
+- name: Install NAT IP address dummy interface
+  template:
+    dest: "/etc/network/interfaces.d/10_nat-address.cfg"
+    src: "nat-address.cfg.j2"

roles/gateway-nat/tasks/bird.yml

@@ -0,0 +1,5 @@
+---
+
+- name: Install IPv4 BGP configuration for bird
+  template: src=nat.conf.j2 dest=/etc/bird/conf.d/nat.conf
+  notify: Reload bird daemons

roles/gateway-nat/tasks/main.yml

@@ -0,0 +1,4 @@
+---
+
+- include: address.yml
+- include: bird.yml

roles/gateway-nat/templates/nat-address.cfg.j2

@@ -0,0 +1,12 @@
+auto nat0
+iface nat0 inet static
+    address {{ nat_ipv4|ipaddr('address') }}
+    netmask 255.255.255.255
+    pre-up ip link add $IFACE type dummy
+    pre-up ip link set up dev $IFACE
+    pre-up ip rule add from {{ nat_ipv4 }} table 42
+    pre-up ip rule add to {{ nat_ipv4 }} table 42
+    post-down ip rule del from {{ nat_ipv4 }} table 42
+    post-down ip rule del to {{ nat_ipv4 }} table 42
+    post-down ip link set down dev $IFACE
+    post-down ip link del dev $IFACE

roles/gateway-nat/templates/nat.conf.j2

@@ -0,0 +1,18 @@
+protocol direct nat0 {
+	interface "nat0";
+}
+
+template bgp uplink {
+        local as {{ as }};
+        import where net ~ 0.0.0.0/0;
+        export where net ~ {{ nat_ipv4 }};
+};
+
+{% if peers is defined %}
+{% for peer in peers %}
+protocol bgp '{{ peer.name }}' from uplink {
+        neighbor {{ peer.peer_ipv4 }} as {{ peer.as }};
+};
+
+{% endfor %}
+{% endif %}

roles/gateway-peering/tasks/main.yml

@@ -11,7 +11,3 @@
 - name: Install Bird6 configuration for eBGP
   template: src=peering6.conf.j2 dest=/etc/bird/conf6.d/peering6.conf
   notify: Reload bird daemons
-
-# - name: Install Bird configuration for eBGP
-#   template: src=peering.conf.j2 dest=/etc/bird/conf.d/peering.conf
-#   notify: Reload bird daemons

roles/gateway-peering/templates/peering.conf.j2

@@ -1,22 +0,0 @@
-#
-# This file is managed by ansible. Do not edit by hand!
-#
-
-template bgp uplink {
-        local as {{as}};
-        import all;
-        export all;
-        next hop self;
-        multihop 64;
-};
-
-{% if peers is defined %}
-{% for peer in peers %}
-protocol bgp {{peer.name}} from uplink {
-        source address {{peer.source_ipv4}};
-        neighbor {{peer.peer_ipv4}} as {{peer.as}};
-        default bgp_med 2;
-};
-
-{% endfor %}
-{% endif %}

roles/gateway-peering/templates/peering6.conf.j2

@@ -1,6 +1,6 @@
 template bgp uplink {
-        local as {{as}};
-        import where net ~ [::/0];
+        local as {{ as }};
+        import where net ~ ::/0;
         export where net ~ {{ ipv6_network }};
 }
 

roles/mesh-batman/tasks/main.yml

@@ -22,3 +22,7 @@
 - name: Install IPv6 routing to bat0
   template: src=batman6.conf.j2 dest=/etc/bird/conf6.d/batman6.conf
   notify: Reload bird daemons
+
+- name: Install IPv4 routing to bat0
+  template: src=batman.conf.j2 dest=/etc/bird/conf.d/batman.conf
+  notify: Reload bird daemons

roles/mesh-batman/templates/batman.conf.j2

@@ -0,0 +1,3 @@
+protocol direct bat0 {
+	interface "bat0";
+}

roles/mesh-interfaces/tasks/igp.yml

@@ -1,9 +1,5 @@
 ---
 
-# - name: Install OSPF IGP configuration for bird
-#   template: src=igp.conf.j2 dest=/etc/bird/conf.d/igp.conf
-#   notify: Reload bird daemons
-
 - name: Install OSPF IGP configuration for bird6
   template: src=igp6.conf.j2 dest=/etc/bird/conf6.d/igp6.conf
   notify: Reload bird daemons

roles/mesh-interfaces/templates/igp.conf.j2

@@ -1,17 +0,0 @@
-protocol direct {
-        interface "bat*";
-        interface "mesh-*";
-        interface "lo";
-};
-
-protocol ospf IGP {
-        area 0.0.0.0 {
-                interface "bat-*";
-                interface "lo" {
-                        stub;
-                };
-        };
-
-        import all;
-        export none;
-}

roles/mesh-routing/tasks/bird.yml

@@ -14,19 +14,19 @@
 - name: Ensure bird include dirs exists
   file: name=/etc/bird/{{item}} state=directory
   with_items:
-    - conf.d
     - conf6.d
-
-- name: Install bird.conf
-  template: src=bird.conf.j2 dest=/etc/bird/bird.conf
-  notify: Reload bird daemons
+    - conf.d
 
 - name: Install bird6.conf
   template: src=bird6.conf.j2 dest=/etc/bird/bird6.conf
   notify: Reload bird daemons
 
+- name: Install bird.conf
+  template: src=bird.conf.j2 dest=/etc/bird/bird.conf
+  notify: Reload bird daemons
+
 - name: Enable and start bird and bird6
   service: name={{item}} state=started enabled=yes
   with_items:
-    - bird
     - bird6
+    - bird

roles/mesh-routing/templates/bird.conf.j2

@@ -3,18 +3,18 @@ log syslog all;
 
 protocol kernel {
 	persist;
-    scan time 20;
+    scan time 10;
     device routes;
     import all;
     export all;
     kernel table 42;
-}
+};
 
 protocol device {
     scan time 10;
-}
+};
 
-protocol static unreachable_default {
+protocol static unr_def {
     preference 1;
     route 0.0.0.0/0 unreachable;
 };

site.yml

@@ -15,7 +15,7 @@
 - hosts: supernodes
   roles:
     - gateway-peering
-#     - gateway-nat
+    - gateway-nat
     - mesh-batman
     - mesh-vpn-fastd
     - service-ntp