Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

--- freifunk:infrastruktur:server:vpn1 [23.05.2016 23:21] – mape2k
+++ freifunk:infrastruktur:server:vpn1 [28.06.2020 21:05] (aktuell) – hipposen
@@ Zeile 60: / Zeile 60: @@
   * gesonderte Routingtabelle für Freifunk-internen Datenverkehr
-<file|/etc/iproute2/rt_table>
+<file|/etc/iproute2/rt_tables>
 ffef
 </file>
@@ Zeile 214: / Zeile 214: @@
 on up "
+   ip link set address de:ff:ef:ff:ef:01 up dev $INTERFACE
+   ip link set up dev $INTERFACE
    echo 1 > /proc/sys/net/ipv4/conf/$INTERFACE/forwarding
 ";
@@ Zeile 229: / Zeile 231: @@
 allow-hotplug mesh-vpn
 iface mesh-vpn inet6 manual
-  hwaddress       ether    de:ff:ef:ff:ef:01
+  post-up         /usr/local/sbin/batctl -m bat0 if add $IFACE
-  post-up         /usr/sbin/batctl -m bat0 if add $IFACE
   post-up         /sbin/ip link set dev bat0 up
 </file>
@@ Zeile 241: / Zeile 242: @@
 <file|/etc/crontab>
 # Get vpn keys for nodes
-* *	* * *	root	[[ $(rsync -ai --delete 10.99.254.43::peers/ /etc/fastd/nodes/peers/) ]] && killall -SIGHUP fastd
+* *	* * *	root	[[ $(rsync -ai --delete 10.99.254.10::nodes/ /etc/fastd/nodes/peers/) ]] && killall -SIGHUP fastd
 </file>
@@ Zeile 248: / Zeile 249: @@
   * systemctl start fastd@backbone
   * systemctl enable fastd@backbone
+  * systemctl start fastd@nodes
+  * systemctl enable fastd@nodes
 ==== Batman ====
@@ Zeile 297: / Zeile 300: @@
 iface bat0 inet6 manual
   post-up         /sbin/brctl addif brffef $IFACE
-  post-up         /usr/sbin/batctl -m $IFACE it 10000
+  post-up         /usr/local/sbin/batctl -m $IFACE it 10000
-  post-up         /usr/sbin/batctl -m $IFACE vm server
+  post-up         /usr/local/sbin/batctl -m $IFACE gw server 96mbit/96mbit
-  post-up         /usr/sbin/batctl -m $IFACE gw server 96mbit/96mbit
   pre-down        /sbin/brctl delif bat0 $IFACE || true
+</file>
+====Quagga====
+* FIXME: Generell überprüfen, ICVPN1 Konfiganpassung
+=== Pakete ===
+  * quagga
+  * telnet
+<file|/etc/quagga/daemons>
+zebra=yes
+bgpd=yes
+</file>
+<file|/etc/quagga/zebra.conf>
+! -*- zebra -*-
+!
+! zebra sample configuration file
+!
+! $Id: zebra.conf.sample,v 1.1 2002/12/13 20:15:30 paul Exp $
+!
+hostname vpn1.erfurt.freifunk.net
+password xxxx
+enable password xxxx
+!
+! Interface's description.
+!
+!interface lo
+! description test of desc.
+!
+!interface sit0
+! multicast
+!
+! Static default route sample.
+!
+!ip route 0.0.0.0/0 203.181.89.241
+!
+log file /var/log/quagga/zebra.log
+! use src ip for local connection
+route-map RM_SET_SOURCE permit 10
+set src 10.99.254.7
+ip protocol bgp route-map RM_SET_SOURCE
+table 23
+</file>
+<file|/etc/quagga/bgp.conf>
+hostname vpn1
+password [PASSWORD]
+!
+! enable debug log
+!
+debug bgp updates
+!
+!
+router bgp 65099002
+ bgp router-id 10.99.254.7
+ bgp confederation identifier 65099
+ bgp confederation peers 65099001
+ network 10.99.8.0/22
+ neighbor ffef-backbone peer-group
+ neighbor ffef-backbone soft-reconfiguration inbound
+ neighbor ffef-backbone prefix-list ffef-backbone-in in
+ neighbor ffef-backbone prefix-list ffef-backbone-out out
+! neighbor 10.99.254.1 remote-as 65099001
+! neighbor 10.99.254.1 description icvpn2_suicider
+! neighbor 10.99.254.1 prefix-list ffef-backbone-in in
+! neighbor 10.99.254.1 prefix-list ffef-backbone-out out
+ neighbor 10.99.254.10 remote-as 65099001
+ neighbor 10.99.254.10 description icvpn2_hipposen
+ neighbor 10.99.254.10 prefix-list ffef-backbone-in in
+ neighbor 10.99.254.10 prefix-list ffef-backbone-out out
+! neighbor 10.99.254.8 remote-as 65099002
+! neighbor 10.99.254.8 description vpn3_ichirou
+! neighbor 10.99.254.8 peer-group ffef-backbone
+ neighbor 10.99.254.9 remote-as 65099002
+ neighbor 10.99.254.9 description vpn2_bt909
+ neighbor 10.99.254.9 peer-group ffef-backbone
+ip prefix-list ffef-backbone-in description *** Backbone IP-Filter eingehend ***
+ip prefix-list ffef-backbone-in seq 10 permit 0.0.0.0/0
+ip prefix-list ffef-backbone-in seq 19 deny 10.99.16.0/22
+ip prefix-list ffef-backbone-in seq 20 permit 10.99.0.0/16 le 32
+ip prefix-list ffef-backbone-in seq 21 permit 10.0.0.0/8 le 32
+ip prefix-list ffef-backbone-in seq 30 permit 172.16.0.0/12 le 32
+ip prefix-list ffef-backbone-in seq 99 deny 0.0.0.0/0 le 32
+ip prefix-list ffef-backbone-out description *** Backbone IP-Filter ausgehend ***
+ip prefix-list ffef-backbone-out seq 10 deny 0.0.0.0/0
+ip prefix-list ffef-backbone-out seq 20 permit 10.99.0.0/16 le 32
+ip prefix-list ffef-backbone-out seq 99 deny 0.0.0.0/0 le 32
+!
+!
+log file /var/log/quagga/bgpd.log
+!
+!log stdout
 </file>