From 6f24f19eb461971f6935232bc764dbc4992a670f Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Fri, 20 Dec 2024 16:48:58 +0000 Subject: [PATCH] Direct AWS IPv6 traffic in Dublin via Equinix --- cookbooks/networking/recipes/default.rb | 2 ++ .../networking/templates/default/network.erb | 34 +++++++++++++++++++ roles/equinix-dub.rb | 6 ++-- 3 files changed, 39 insertions(+), 3 deletions(-) diff --git a/cookbooks/networking/recipes/default.rb b/cookbooks/networking/recipes/default.rb index 2f60280f0..2b4d96761 100644 --- a/cookbooks/networking/recipes/default.rb +++ b/cookbooks/networking/recipes/default.rb @@ -78,12 +78,14 @@ node[:networking][:interfaces].each do |name, interface| node.default_unless[:networking][:interfaces][name][:inet][:prefix] = role[:inet][:prefix] node.default_unless[:networking][:interfaces][name][:inet][:gateway] = role[:inet][:gateway] node.default_unless[:networking][:interfaces][name][:inet][:routes] = role[:inet][:routes] + node.default_unless[:networking][:interfaces][name][:inet][:rules] = role[:inet][:rules] end if interface[:inet6] && role[:inet6] node.default_unless[:networking][:interfaces][name][:inet6][:prefix] = role[:inet6][:prefix] node.default_unless[:networking][:interfaces][name][:inet6][:gateway] = role[:inet6][:gateway] node.default_unless[:networking][:interfaces][name][:inet6][:routes] = role[:inet6][:routes] + node.default_unless[:networking][:interfaces][name][:inet6][:rules] = role[:inet6][:rules] end node.default_unless[:networking][:interfaces][name][:metric] = role[:metric] diff --git a/cookbooks/networking/templates/default/network.erb b/cookbooks/networking/templates/default/network.erb index d2c34bfbf..7f38de3c5 100644 --- a/cookbooks/networking/templates/default/network.erb +++ b/cookbooks/networking/templates/default/network.erb @@ -53,6 +53,7 @@ Table=<%= @interface[:source_route_table] %> [RoutingPolicyRule] From=<%= @interface[:inet][:address] %> Table=<%= @interface[:source_route_table] %> +Priority=1000 <% end -%> <% end -%> <% if @interface.dig(:inet6, :gateway) && @interface[:inet6][:gateway] != @interface[:inet6][:address] -%> @@ -76,6 +77,7 @@ Table=<%= @interface[:source_route_table] %> [RoutingPolicyRule] From=<%= @interface[:inet6][:address] %> Table=<%= @interface[:source_route_table] %> +Priority=1000 <% end -%> <% end -%> <% Hash(@interface.dig(:inet, :routes)).sort.each do |destination, details| -%> @@ -110,3 +112,35 @@ Type=<%= details[:type] %> <% end -%> <% end -%> <% end -%> +<% Array(@interface.dig(:inet, :rules)).each do |rule| -%> + +[RoutingPolicyRule] +<% if rule[:from] -%> +From=<%= rule[:from] %> +<% end -%> +<% if rule[:to] -%> +To=<%= rule[:to] %> +<% end -%> +<% if rule[:table] -%> +Table=<%= rule[:table] %> +<% end -%> +<% if rule[:priority] -%> +Priority=<%= rule[:priority] %> +<% end -%> +<% end -%> +<% Array(@interface.dig(:inet6, :rules)).each do |rule| -%> + +[RoutingPolicyRule] +<% if rule[:from] -%> +From=<%= rule[:from] %> +<% end -%> +<% if rule[:to] -%> +To=<%= rule[:to] %> +<% end -%> +<% if rule[:table] -%> +Table=<%= rule[:table] %> +<% end -%> +<% if rule[:priority] -%> +Priority=<%= rule[:priority] %> +<% end -%> +<% end -%> diff --git a/roles/equinix-dub.rb b/roles/equinix-dub.rb index 11e6ea85d..6561d3019 100644 --- a/roles/equinix-dub.rb +++ b/roles/equinix-dub.rb @@ -25,9 +25,9 @@ default_attributes( :external => { :zone => "dub", :inet6 => { - :routes => { - "2600:9000::/28" => { :type => "unreachable" } - } + :rules => [ + { :to => "2600:9000::/28", :table => 150, :priority => 100 } + ] } } } -- 2.39.5