diff --git a/docs/ipam.sexp b/docs/ipam.sexp index fbed40b2..c7e3f3cf 100644 --- a/docs/ipam.sexp +++ b/docs/ipam.sexp @@ -1,4 +1,7 @@ (net ULA-V6 fc00::/7 + (net DC-ROUTER-SWITCHING "fd67:0113:7c37:3339::/64" + (description "Inter-router switch net") + ) (net CA7DC fca7:b01:f00d::/48 (description "IPs for the primary datacenter") diff --git a/machines/boop/net.nix b/machines/boop/net.nix index 2f502615..1f3e3fd9 100644 --- a/machines/boop/net.nix +++ b/machines/boop/net.nix @@ -60,6 +60,10 @@ in { Name = "prodbr"; Kind = "bridge"; }; + extraConfig = '' + [Bridge] + STP = yes + ''; }; networks."30-prodbr" = { name = "prodbr"; diff --git a/netconf/charon.rkt b/netconf/charon.rkt index 1907c879..d123a963 100644 --- a/netconf/charon.rkt +++ b/netconf/charon.rkt @@ -4,8 +4,8 @@ (require "dn42.rkt") (require "vyos-firewall.rkt") -(define upstream-ll-addr6 "fe80::5054:ff:fed6:96c") -(define upstream-ll-addr4 "169.254.0.1") +(define upstream-addr4 "169.254.0.1") +(define upstream-addr6 "fd67:0113:7c37:3339::1") (define wan "eth0") (define k8sbr "eth1") @@ -16,17 +16,18 @@ (delete interfaces) (set interfaces [(loopback lo) (ethernet ,wan [(hw-id "52:54:00:0c:b0:df") - (description "Link to upstream firewall") - (address "169.254.0.2/24")]) + (description "Inter-router network") + (address "169.254.0.2/24") + (address "fd67:0113:7c37:3339::2/64")]) (ethernet ,k8sbr [(hw-id "52:54:00:06:8c:9a") (description "k8sbr") (address "fca7:b01:f00d:c00b::1/64") (address "2001:5a8:4002:9388::1/64")])]) (delete protocols static) - (set protocols static [(route "0.0.0.0/0" [(next-hop ,upstream-ll-addr4) + (set protocols static [(route "0.0.0.0/0" [(next-hop ,upstream-addr4) (interface ,wan)]) - (route6 "::/0" [(next-hop ,upstream-ll-addr6) + (route6 "::/0" [(next-hop ,upstream-addr6) (interface ,wan)])]) (delete service router-advert)