You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
ffmyk-ansible/roles/install_babeld/templates/babeld.conf.j2

75 lines
2.2 KiB
Django/Jinja

# Configuration for babeld. See the man page babeld(8) for
# details on the configuration format.
# Works on Linux > 3.11
ipv6-subtrees true
# You must provide at least one interface for babeld to operate on.
{% if ('fastd' in group_names) or ('nat64' in group_names) %}
{% for peer in groups['uplink'] %}
interface bb{{ hostvars[peer]['wireguard_bb_name'] }}
{% endfor %}
{% endif %}
{% if 'uplink' in group_names %}
{% for peer in groups['fastd'] %}
interface bb{{ hostvars[peer]['wireguard_bb_name'] }}
{% endfor %}
{% for peer in groups['nat64'] %}
interface bb{{ hostvars[peer]['wireguard_bb_name'] }}
{% endfor %}
{% for peer in groups['uplink'] | difference([inventory_hostname]) %}
interface bb{{ hostvars[peer]['wireguard_bb_name'] }}
{% endfor %}
{% for peer in wireguard_bb_peers|default([]) %}
interface bb{{ peer.name }}
{% endfor %}
{% endif %}
# Global options you might want to set. There are many more, see the man page.
#debug 1
local-port 33123
#diversity true
random-id true
default type tunnel rtt-min 1 rtt-max 25 max-rtt-penalty 128
smoothing-half-life 10
export-table 42
import-table 42
reflect-kernel-metric true
# Filtering rules.
{% if 'uplink' in group_names %}
in ip 10.222.0.0/16 allow
in ip 2a03:2260:1016::/48 allow
in ip 2003:46:e028::/48 allow # finzelberg
in ip 64:ff9b::/96 allow # nat64
in ip fd62:44e1:da::/48 allow
in deny # ignore default routes on uplinks
{% endif %}
{% if 'mullvad_uplink' in group_names %}
redistribute if mullvad metric 256
{% endif %}
{% if 'ffrl_uplink' in group_names %}
{% for peer in ffrl_peers %}
redistribute if {{ peer.name }} metric 128
{% endfor %}
{% endif %}
# Only redistribute addresses from a given prefix, to avoid redistributing
# all local addresses
redistribute ip 10.222.0.0/16 allow
redistribute ip 2a03:2260:1016::/48 allow
redistribute ip 64:ff9b::/96 allow
redistribute ip fd62:44e1:da::/48 allow
redistribute local deny
{% if ('fastd' in group_names or 'nat64' in group_names) and preferred_uplink is defined %}
{% for peer in groups['uplink'] %}
{% if not hostvars[peer]['wireguard_bb_name'] == preferred_uplink %}
in if bb{{ hostvars[peer]['wireguard_bb_name'] }} metric 64
{% endif %}
{% endfor %}
{% endif %}