[routeur-gulp] routage

2021-05-23 18:19:49 +02:00 · 2021-05-23 18:19:49 +02:00 · 317bf148b6
parent f7347e41d2
commit 317bf148b6
5 changed files with 59 additions and 17 deletions
--- a/host_vars/routeur-gulp.cachan-adm.crans.org/cachan.yml
+++ b/host_vars/routeur-gulp.cachan-adm.crans.org/cachan.yml
@ -16,7 +16,7 @@ debian_mirror: http://172.17.10.202/debian

 loc_mirror:
  name: mirror.cachan-adm.crans.org
-  ip: "{{ query('ldap','ip','mirror','cachan.adm') | ipv4 | first }}"
+  ip: "{{ query('ldap','ip','terenez','cachan-adm') | ipv4 | first }}"

 loc_borg:
  remote:
--- a/host_vars/routeur-gulp.cachan-adm.crans.org/dhcp.yml
+++ b/host_vars/routeur-gulp.cachan-adm.crans.org/dhcp.yml
@ -16,18 +16,39 @@ loc_dhcp:
      domain_search: "adh.crans.org"
      options: []
      lease_file: "/var/local/services/dhcp/generated/dhcp.cachan-adh.crans.org.list"
-#    - network: 100.65.0.0/16
-#      vlan: "federez"
+    - network: "100.64.0.0/16"
+      deny_unknown: True
+      vlan: "adh_nat"
+      default_lease_time: "600"
+      max_lease_time: "7200"
+      routers: "100.64.0.99"
+      dns: ["100.64.0.99"]
+      domain_name: "adh-nat.crans.org"
+      domain_search: "adh-nat.crans.org"
+      options: []
+      lease_file: "/var/local/services/dhcp/generated/dhcp.adh-nat.crans.org.list"
+#    - network: "172.16.32.0/22"
+#      deny_unknown: True
+#      vlan: "infra"
 #      default_lease_time: "600"
 #      max_lease_time: "7200"
-#      routers: "100.65.0.99"
-#      dns: ["100.65.0.99"]
-#      domain_name: "federez.net"
-#      domain_search: "federez.net"
-#      ranges:
-#        - min: 100.65.1.0
-#          max: 100.65.255.254
+#      dns: ["172.16.32.99"]
+#      domain_name: "infra.crans.org"
+#      domain_search: "infra.crans.org"
 #      options: []
+#      lease_file: "/var/local/services/dhcp/generated/dhcp.infra.crans.org.list"
+    - network: 100.65.0.0/16
+      vlan: "federez"
+      default_lease_time: "600"
+      max_lease_time: "7200"
+      routers: "100.65.0.99"
+      dns: ["100.65.0.99"]
+      domain_name: "federez.net"
+      domain_search: "federez.net"
+      ranges:
+        - min: 100.65.1.0
+          max: 100.65.255.254
+      options: []

 loc_service_dhcp:
  re2o:
@ -46,4 +67,6 @@ loc_service_dhcp:
    version: cachan
  config:
    subnets:
+      adh-nat.crans.org: 100.64.0.0/16
      cachan-adh.crans.org: 185.230.76.0/26
+      infra.crans.org: 172.16.32.0/22
--- a/host_vars/routeur-gulp.cachan-adm.crans.org/firewall.yml
+++ b/host_vars/routeur-gulp.cachan-adm.crans.org/firewall.yml
@ -14,4 +14,4 @@ loc_service_firewall:
    - python3-ldap
  git:
    remote: https://gitlab.adm.crans.org/nounous/firewall.git
-    version: cachan
+    version: gulp
--- a/host_vars/routeur-gulp.cachan-adm.crans.org/radvd.yml
+++ b/host_vars/routeur-gulp.cachan-adm.crans.org/radvd.yml
@ -1,13 +1,24 @@
 ---
 loc_radvd:
  subnets:
-    - name: cachan-adh
+    - name: cachan_adh
      prefix: 2a0c:700:3012::/64
      dnssl: adh.crans.org
      dns:
        - "{{ query('ldap', 'ip', 'routeur-gulp', 'cachan-adh') | ipv6 | first }}"
-#    - name: federez
-#      prefix: 2a0c:700:254::/64
-#      dnssl: federez.net
+    - name: adh_nat
+      prefix: 2a0c:700:3013::/64
+      dnssl: adh-nat.crans.org
+      dns:
+        - "{{ query('ldap', 'ip', 'routeur-gulp', 'cachan-adh') | ipv6 | first }}"
+    - name: federez
+      prefix: 2a0c:700:254::/64
+      dnssl: federez.net
+      dns:
+        - 2a0c:700:254::ff:fe00:99fe
+#    - name: infra
+#      prefix: fd00:0:0:11::/64
+#      no_gateway: yes
+#      dnssl: infra.crans.org
 #      dns:
-#        - 2a0c:700:254::ff:fe00:99fe
+#        - fd00::11:0:ff:fe00:9911
--- a/host_vars/routeur-gulp.cachan-adm.crans.org/vars.yml
+++ b/host_vars/routeur-gulp.cachan-adm.crans.org/vars.yml
@ -1,3 +1,11 @@
 ---
 interfaces:
-  cachan-adh: "ens22"
+  adm: ens18
+  srv: ens20
+  srv_nat: ens21
+  cachan_adh: ens22
+  adh_nat: ens23
+  infra: ens1
+  zayo: ens2
+  federez: enp1s3
+