search

freifunkh / ansible

Here we store all Ansible roles and configs used for Freifunk Hannover.
MIT License
7 stars 3 forks source link

Hotfix wrong default routers #189

Closed AiyionPrime closed 3 years ago

AiyionPrime commented 3 years ago

This is a draft for #155.

Currently it introduces a lookuptable which specifies a defaultrouters LL address in order to route 'its' traffic to him.

The same goes for sn01. Sn01 should route packets to leintor, if they are supposed to be ausgeleitet by leintor (by their source ip).

This has only been roled out to sn01 yet, as it would introduce changes to the other supernodes, that are not useful, yet.

For this to become useful for them as well we need to decide on @lemoer s raised options:

  1. ... add a route on sn05, sn09 and sn10 towards sn01 (based on source).

Alternatively instead of 2., we could let sn05, sn09 and sn10 let route packets first to leintor (as they would normally do) and install a source specific route on leintor then. This would also direct packets to the correct destination. This one might be easier as gre-tunnels tunnels are existing and it has to be installed only at one place.

Originally posted by @lemoer in https://github.com/freifunkh/ansible/issues/155#issuecomment-786523227

Either way, this currently only changes the supernodes role, not the ones of exitnodes.

lemoer commented 3 years ago

Thanks for picking this up! :)

Let's discuss the two options tomorrow.

On Wed, 10 Mar, 2021, 15:53 J. Burfeind, notifications@github.com wrote:

@AiyionPrime https://github.com/AiyionPrime requested your review on:

189 https://github.com/freifunkh/ansible/pull/189 Hotfix wrong default

routers.

— You are receiving this because your review was requested. Reply to this email directly, view it on GitHub https://github.com/freifunkh/ansible/pull/189#event-4436936778, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAESYQNNBZR25U6WNQBG7JTTC6BU5ANCNFSM4Y6F4V5Q .

lemoer commented 3 years ago

This currently only adds source specific routes on sn01 to leintor since sn05, sn09 and sn09 do not have interfaces gre interfaces "gre-sn01".

However currently this only a theoretical problem. We only observed problems when sn01 routes packets from 2a02:790::/48 to the internet. But we have not observed any issue, when leintor routes packets from 2001:678:978::/48 to the internet. Therefore I'll merge this onto master now and leave #155 opened.

lemoer commented 3 years ago

lgm now.