Basic ansible server setup playbook
Ansible Configuration for Freifunk Vogtland Gateways
Debian Bullseye, plus:
ansible-playbook site.yml -u $USERansible-playbook site.yml -u $USER --limit vpn01
The vagrant test environment is build around vagrant-libvirt. It requires
The setup of the boxes are automated using
vagrant --provider=libvirt up
The virtual machine can be accessed using
vagrant --provider=libvirt ssh
Commit 02ae492, the addition of an extra vxlan interface for inter-gateway communication, has some nice advantages. Like keeping OSPF/iBGP traffic out of the public mesh zone. Or routing packets between the gateways without batman-adv.
One disadvantage though is: When two client devices in the same domain got different IPv6 routes assigned from different gateways, then they will now always route over the gateways to communicate with each other:
linus@vpn02:~$ ip -6 route get 2a03:2260:200f:401:70db:944f:a956:cc3a
2a03:2260:200f:401:xxxx:xxxx:xxxx:xxxx from :: via fd01::4 dev vxlan0 table freifunk proto bird src fd01::2 metric 1024 pref medium
Before, when only using bat-pl, for instance, without vxlan0 and OSPF on bat-pl a gateway would receive and also forward a packet back through bat-pl. Which would then trigger the Linux kernel to also send an ICMPv6 redirect back to the source:
https://elixir.bootlin.com/linux/v5.18.13/source/net/ipv6/ip6_output.c#L548
-> https://elixir.bootlin.com/linux/v5.18.13/source/net/ipv6/ip6_output.c#L555
-> https://elixir.bootlin.com/linux/v5.18.13/source/net/ipv6/ip6_output.c#L571
After receiving such an ICMPv6 redirect, the original source would have learned that its own and the destination subnet are on the same link. And that it can use IPv6 Neighbor Discovery to find the destination host on the link and that it can send to it directly, without a router.
Question: Would it make sense / would it be possible for a domain bat-X to:
(not that familiar with bird, so not quite sure if that would be easy to configure?)
That way within a certain domain bat-X traffic should be routed back over bat-X instead of through vxlan0 and should then trigger ICMP redirect messages? Which would allow direct communication on the link without routing for clients which got their subnet from different gateways?
The dnsmasq package brings mainly the sysVinit / systemd scripts and a default config file.[0] If you start/run dnsmasq via own scripts then you have no need for the dnsmasq package.
As I see it:
Therefore I do not see any use for the dnsmasq package and recommend to switch to the dnsmasq-base package.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.