ROUTING: uplinks and routing stuff

routing/iproute2/rt_tables

@@ -0,0 +1,13 @@
+#
+# reserved values
+#
+255	local
+254	main
+253	default
+0	unspec
+#
+# local
+#
+##1	inr.ruhep
+2	tbc
+3	tpark

routing/network/interfaces

@@ -0,0 +1,99 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# video personel
+auto eth0
+iface eth0 inet static
+	address 10.23.0.1
+	netmask 255.255.255.0
+
+#real config
+auto eth1.999
+iface eth1.999 inet static
+        address 172.31.42.100
+        netmask 255.255.255.0
+iface eth1.999 inet6 static
+        address 2001:67c:21bc:7fff:f0f:fcf0::100
+        netmask 120
+        dad-attempts 0
+
+auto eth1
+iface eth1 inet static
+	address 192.168.192.168
+	netmask 255.255.255.255
+
+# management
+auto eth1.20
+iface eth1.20 inet static
+	address 10.20.0.1
+	netmask 255.255.255.0
+	up ip a add 185.117.82.237/32 dev eth1.20
+
+# wired
+auto eth1.21
+iface eth1.21 inet static
+	address 10.21.0.1
+	netmask 255.255.252.0
+
+iface eth1.21 inet6 static
+	address 2001:67c:21bc:30::1
+	netmask 64
+	dad-attempts 0
+
+# wireless
+auto eth1.22
+iface eth1.22 inet static
+	address 10.22.0.1
+	netmask 255.255.252.0
+
+iface eth1.22 inet6 static
+	address 2001:67c:21bc:31::1
+	netmask 64
+	dad-attempts 0
+
+# overflow (TV)
+auto eth1.24
+iface eth1.24 inet static
+	address 10.24.0.1
+	netmask 255.255.255.0
+
+# phones
+auto eth1.25
+iface eth1.25 inet static
+	address 10.25.0.1
+	netmask 255.255.255.0
+
+# security
+auto eth1.26
+iface eth1.26 inet static
+	address 10.2.2.1
+	netmask 255.255.255.0
+
+
+auto eth1.6
+iface eth1.6 inet static
+        address 94.26.100.155
+        netmask 255.255.255.224
+#       gateway 94.26.100.129
+        up ip r add 94.26.100.128/27 dev eth1.6 table tbc
+        up ip r add default via 94.26.100.129 table tbc
+
+# tmp initlab bgp link
+auto eth1.1024
+iface eth1.1024 inet static
+	address 185.117.82.24
+	netmask 255.255.255.240
+
+# techpark
+auto eth1.2464
+iface eth1.2464 inet static
+	address 194.141.112.139
+	netmask 255.255.255.192
+	post-up ip r add 194.141.112.128/26 dev eth1.2464 table tpark
+	post-up ip r add default via 194.141.112.129 table tpark

routing/openvpn/.gitignore

@@ -0,0 +1 @@
+*.key

routing/openvpn/marla.conf

@@ -0,0 +1,22 @@
+dev tun0
+
+tun-ipv6
+remote 185.117.82.66
+local 194.141.112.139
+
+proto udp
+
+tun-mtu 1500
+ifconfig 172.31.43.3 172.31.43.2
+ifconfig-ipv6 2001:67c:21bc:7fff:f0f:fcf1::2/120 2001:67c:21bc:7fff:f0f:fcf1::1
+
+secret /etc/openvpn/eric.key
+
+port 4299
+
+; user nobody
+; group nobody
+
+ping 15
+verb 1
+script-security 2

routing/quagga/bgpd.conf

@@ -0,0 +1,55 @@
+!
+! Zebra configuration saved from vty
+!   2017/11/04 13:22:45
+!
+hostname eric-bgpd
+password password
+log stdout
+!
+router bgp 65500
+ bgp router-id 192.168.192.168
+ network 185.117.82.237/32
+ neighbor 172.31.42.1 remote-as 200533
+ neighbor 172.31.42.1 description marla-pri
+ neighbor 172.31.42.1 soft-reconfiguration inbound
+ neighbor 172.31.42.1 prefix-list openfest out
+ neighbor 172.31.42.1 route-map ipacct-in in
+ neighbor 172.31.43.2 remote-as 200533
+ neighbor 172.31.43.2 description marla-bckp
+ neighbor 172.31.43.2 soft-reconfiguration inbound
+ neighbor 172.31.43.2 prefix-list openfest out
+ neighbor 185.117.82.20 remote-as 65535
+ neighbor 185.117.82.20 description spitfire
+ neighbor 185.117.82.20 soft-reconfiguration inbound
+ neighbor 185.117.82.20 prefix-list openfest out
+ neighbor 2001:67c:21bc:7fff:f0f:fcf0:0:1 remote-as 200533
+ neighbor 2001:67c:21bc:7fff:f0f:fcf0:0:1 description marla6-pri
+ no neighbor 2001:67c:21bc:7fff:f0f:fcf0:0:1 activate
+ neighbor 2001:67c:21bc:7fff:f0f:fcf1:0:1 remote-as 200533
+ neighbor 2001:67c:21bc:7fff:f0f:fcf1:0:1 description marla6-bckp
+ no neighbor 2001:67c:21bc:7fff:f0f:fcf1:0:1 activate
+!
+ address-family ipv6
+ network 2001:67c:21bc:30::/60
+ neighbor 2001:67c:21bc:7fff:f0f:fcf0:0:1 activate
+ neighbor 2001:67c:21bc:7fff:f0f:fcf0:0:1 soft-reconfiguration inbound
+ neighbor 2001:67c:21bc:7fff:f0f:fcf0:0:1 route-map ipacct-in6 in
+ neighbor 2001:67c:21bc:7fff:f0f:fcf1:0:1 activate
+ neighbor 2001:67c:21bc:7fff:f0f:fcf1:0:1 soft-reconfiguration inbound
+ neighbor 2001:67c:21bc:7fff:f0f:fcf1:0:1 prefix-list openfest6 out
+ exit-address-family
+!
+ip prefix-list openfest seq 5 permit 185.117.82.237/32
+ip prefix-list openfest seq 10 deny any
+!
+ipv6 prefix-list openfest6 seq 5 permit 2001:67c:21bc:30::/60
+ipv6 prefix-list openfest6 seq 10 deny any
+!
+route-map ipacct-in permit 10
+ set local-preference 150
+!
+route-map ipacct-in6 permit 10
+ set local-preference 150
+!
+line vty
+!

routing/quagga/daemons

@@ -0,0 +1,31 @@
+# This file tells the quagga package which daemons to start.
+#
+# Entries are in the format: <daemon>=(yes|no|priority)
+#   0, "no"  = disabled
+#   1, "yes" = highest priority
+#   2 .. 10  = lower priorities
+# Read /usr/share/doc/quagga/README.Debian for details.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/quagga/examples/.
+#
+# ATTENTION: 
+#
+# When activation a daemon at the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "quagga", else
+# the daemon will not be started by /etc/init.d/quagga. The permissions should
+# be u=rw,g=r,o=.
+# When using "vtysh" such a config file is also needed. It should be owned by
+# group "quaggavty" and set to ug=rw,o= though. Check /etc/pam.d/quagga, too.
+#
+# The watchquagga daemon is always started. Per default in monitoring-only but
+# that can be changed via /etc/quagga/debian.conf.
+#
+zebra=yes
+bgpd=yes
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+babeld=no

routing/quagga/debian.conf

@@ -0,0 +1,24 @@
+#
+# If this option is set the /etc/init.d/quagga script automatically loads
+# the config via "vtysh -b" when the servers are started. 
+# Check /etc/pam.d/quagga if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  --daemon -A 127.0.0.1"
+bgpd_options="   --daemon -A 127.0.0.1"
+ospfd_options="  --daemon -A 127.0.0.1"
+ospf6d_options=" --daemon -A ::1"
+ripd_options="   --daemon -A 127.0.0.1"
+ripngd_options=" --daemon -A ::1"
+isisd_options="  --daemon -A 127.0.0.1"
+babeld_options=" --daemon -A 127.0.0.1"
+#
+# Please note that watchquagga_options is an array and not a string so that
+# quotes can be used.
+#
+# The list of daemons to watch is automatically generated by the init script
+# from daemons.conf and appended to the watchquagga_options.
+# Example:
+#    watchquagga_options=("-Adz" "-r" '/sbin/service %s restart' -s '/sbin/service %s start'  -k '/sbin/service %s stop')
+watchquagga_enable=yes
+watchquagga_options=(--daemon)

routing/quagga/zebra.conf

@@ -0,0 +1,50 @@
+!
+! Zebra configuration saved from vty
+!   2017/10/30 12:20:35
+!
+hostname eric-zebra
+password password
+enable password password
+!
+interface eth0
+ ipv6 nd suppress-ra
+!
+interface eth1
+ ipv6 nd suppress-ra
+!
+interface eth1.2
+ ipv6 nd suppress-ra
+!
+interface eth1.6
+ ipv6 nd suppress-ra
+!
+interface eth1.10
+ ipv6 nd suppress-ra
+!
+interface eth1.20
+ ipv6 nd suppress-ra
+!
+interface eth1.21
+ ipv6 nd suppress-ra
+!
+interface eth1.22
+ ipv6 nd suppress-ra
+!
+interface eth1.24
+ ipv6 nd suppress-ra
+!
+interface lo
+!
+interface tun0
+ ipv6 nd suppress-ra
+!
+route-map RM_SET_SRC permit 10
+ set src 185.117.82.237
+!
+ip forwarding
+ipv6 forwarding
+!
+ip protocol bgp route-map RM_SET_SRC
+!
+line vty
+!