Home Explore Help
Register Sign In
FreifunkHochstift
/
ffho-salt-public
2
0
Fork 2
Files Issues 0 Pull Requests 0
Browse Source

pppoe: Add magic scripts which make sure ppp0 ends up in vrf_external.

  RFC1925, corollary 6a applies.

Signed-off-by: Maximilian Wilhelm <max@rfc2324.org>
Maximilian Wilhelm 7 years ago
parent
ece8953b47
commit
89145e2650
3 changed files with 56 additions and 1 deletions
Split View Show Diff Stats
  1. 10 0
      pppoe/fix_ppp_vrf
  2. 15 0
      pppoe/init.sls
  3. 31 1
      pppoe/ip-up.local

+ 10 - 0
pppoe/fix_ppp_vrf
View File 

@@ -0,0 +1,10 @@
 
+#!/bin/sh
 
+#
 
+# Simple and stupid wrapper around dynamically generated VRF fix script.
 
+# This wrapper will be run by at.
 
+#
 
+# Maximilian Wilhelm <max@sdn.clinic>
 
+#  -- Tue, 28 Mar 2017 22:57:42 +0200
 
+#
 
+
 
+/usr/local/sbin/fix_ppp_vrf.gen

+ 15 - 0
pppoe/init.sls
View File 

@@ -5,11 +5,24 @@
 
 pppoe:
 
   pkg.installed
 
 
+at:
 
+  pkg.installed
 
+
 
+
 
+# Generate VRF fix script and make sure it's run after session start
 
 /etc/ppp/ip-up.local:
 
   file.managed:
 
     - source: salt://pppoe/ip-up.local
 
     - mode: 755
 
+    - template: jinja
 
 
+/usr/local/sbin/fix_ppp_vrf:
 
+  file.managed:
 
+    - source: salt://pppoe/fix_ppp_vrf
 
+    - mode: 755
 
+
 
+
 
+# Disable all other scripts alltogether
 
 /etc/ppp/ip-down.local:
 
   file.managed:
 
     - source: salt://pppoe/noop.local
 
@@ -25,6 +38,8 @@ pppoe:
 
     - source: salt://pppoe/noop.local
 
     - mode: 755
 
 
+
 
+# Install peer config and password
 
 /etc/ppp/peers/tkom:
 
   file.managed:
 
     - source: salt://pppoe/tkom_peer.tmpl

+ 31 - 1
pppoe/ip-up.local
View File 

@@ -22,4 +22,34 @@
 
 PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin
 
 export PATH
 
 
-ip link set ${1}" master vrf_external
 
+cat << EOF > /usr/local/sbin/fix_ppp_vrf.gen
 
+#!/bin/sh
 
+
 
+while ! ip a s dev ppp0 | grep -q "inet "; do
 
+        sleep 1
 
+done
 
+
 
+ip link set ${1} master vrf_external
 
+ip link set ${1} up
 
+ip route add default via ${5} table 1023
 
+
 
+{%- if grains['id'] == 'bbr-kt.in.ffho.net' %}
 
+# Reload backbone GRE tunnels to rebind them to VRF master device
 
+for pop in ber dus fra; do
 
+	for x in a b; do
 
+		ifdown gre_ffrl_\${pop}_\${x}
 
+		ifup gre_ffrl_\${pop}_\${x}
 
+	done
 
+done
 
+{%- endif %}
 
+
 
+{%- if grains['id'] == 'bbr-wagsh.in.ffho.net' %}
 
+# Reload OpenVPN tunnels
 
+systemctl restart openvpn.service
 
+#systemctl restart fastd@hx-sued_intergw.service
 
+{%- endif %}
 
+EOF
 
+
 
+chmod 755 /usr/local/sbin/fix_ppp_vrf.gen
 
+
 
+at -f /usr/local/sbin/fix_ppp_vrf now