feat(routing): Chaque vlan a une IP différente et policyrules

This commit is contained in:
catvayor 2024-04-25 18:41:10 +02:00
parent 93bf6f8baa
commit 150e741263

View file

@ -47,15 +47,35 @@ let
name = "vlan-user-${builtins.toString vlan}"; name = "vlan-user-${builtins.toString vlan}";
value = { value = {
Id = vlan; Id = vlan;
extraNetwork.routes = [ address = [ ];
extraNetwork = {
addresses = [
{ {
routeConfig = { addressConfig = {
Destination = "10.0.${builtins.toString prefix24nb}.${builtins.toString prefix27nb}/27"; Address = "10.0.${builtins.toString prefix24nb}.${builtins.toString (prefix27nb + 1)}/27";
Source = "10.0.0.1/17"; AddPrefixRoute = false;
}; };
} }
]; ];
address = [ "10.0.0.1/17" ]; routes = [
{
routeConfig = {
Destination = "10.0.${builtins.toString prefix24nb}.${builtins.toString prefix27nb}/27";
Table = "user";
};
}
];
routingPolicyRules = [
{
routingPolicyRuleConfig = {
From = "10.0.${builtins.toString prefix24nb}.${builtins.toString prefix27nb}/27";
To = "10.0.0.0/27";
IncomingInterface = "vlan-user-${builtins.toString vlan}";
Table = "user";
};
}
];
};
}; };
}; };
@ -91,12 +111,37 @@ let
extraNetwork.networkConfig.DHCPServer = "yes"; extraNetwork.networkConfig.DHCPServer = "yes";
}; };
} // builtins.listToAttrs (builtins.genList mkUserVlan 300); # 850 when we can } // builtins.listToAttrs (builtins.genList mkUserVlan 10); # 850 when we can
in in
{ {
systemd.network = { systemd.network = {
config.routeTables."user" = 1000;
networks = { networks = {
"10-lo" = {
name = "lo";
address = [
"::1/128"
"127.0.0.1/8"
"10.0.0.1/16"
];
routes = [
{
routeConfig = {
Destination = "10.0.0.0/27";
Table = "user";
};
}
];
routingPolicyRules = [
{
routingPolicyRuleConfig = {
IncomingInterface = "lo";
Table = "user";
};
}
];
};
"10-enp67s0f0np0" = { "10-enp67s0f0np0" = {
name = "enp67s0f0np0"; name = "enp67s0f0np0";
networkConfig = { networkConfig = {