Merge branch 'babeld'

ansible/configure.yaml

@@ -83,31 +83,31 @@
     - name: ocserv pre-configure
       include_tasks: 'protocols/oc/ocserv-pre.yaml'
       when: ocservNeeded and not noBird
+    - name: disable bug self-link
+      become: true
+      ignore_errors: true
+      systemd:
+        name: 'wg-quick@{{item}}'
+        state: stopped
+        enabled: false
+        masked: true
+      with_items:
+        - mc-{{inventory_hostname_short}}
+        - mci{{inventory_hostname_short}}
 # 为了提高测试时候的性能，不改动wg的时候注释掉这段
     - name: 'clean up null connections first'
       include_tasks: 'protocols/{{item.protocol}}/configure.yaml'
       vars:
         conn: '{{item}}'
       with_items: '{{ connections }}'
-      when: "not noUpdateLinks and (not onlyUpdateLink or item.name == onlyUpdateLink) and item.protocol == 'null'"
+      when: "not noUpdateLinks and item.protocol == 'null' and not item.noUpdate"
     - name: 'loop through list from a variable'
       include_tasks: 'protocols/{{item.protocol}}/configure.yaml'
       vars:
         conn: '{{item}}'
       with_items: '{{ connections }}'
-      when: "not noUpdateLinks and (not onlyUpdateLink or item.name == onlyUpdateLink) and item.protocol != 'null'"
+      when: "not noUpdateLinks and item.protocol != 'null' and not item.noUpdate"
 # end
-    - name: disable bug self-link
-      become: true
-      ignore_errors: true
-      systemd:
-        name: 'wg-quick@{{item}}'
-        state: stopped
-        enabled: false
-        masked: true
-      with_items:
-        - mc-{{inventory_hostname_short}}
-        - mci{{inventory_hostname_short}}
     - name: services conf
       copy:
         content: '{{dockerServices | to_yaml}}'
@@ -123,13 +123,13 @@
       template:
         src: babeld.conf.j2
         dest: '{{ansible_user_dir}}/nextgen-network/services/babeld.conf'
-      notify: restart_babeld
+      #notify: restart_babeld
       when: not noBird
-    #- name: babeld reload conf
-    #  template:
-    #    src: babeld-reload.conf.j2
-    #    dest: /tmp/babeld-reload.conf
-    #  notify: reload_babeld
+    - name: babeld reload conf
+      template:
+        src: babeld-reload.conf.j2
+        dest: /tmp/babeld-reload.conf
+      notify: reload_babeld
     - name: frps conf
       template:
         src: protocols/wgfrp/frps.ini.j2
@@ -162,7 +162,7 @@
       template:
         src: babeld.conf.j2
         dest: '/etc/babeld.conf'
-      notify: restart_babeld_systemd
+      #notify: restart_babeld_systemd
       when: systemBird
     - name: enable systemd babeld
       become: true
@@ -206,7 +206,7 @@
         services:
           - frpc-{{item.name}}
       with_items: '{{connections}}'
-      when: 'item.protocol == "wgfrp" and item.frpType == "frpc" and not noBird'
+      when: 'item.protocol == "wgfrp" and item.frpType == "frpc" and not noBird and not item.noUpdate'
     - name: restart_ocserv
       docker_compose:
         project_src: '{{ansible_user_dir}}/nextgen-network/services'
@@ -221,7 +221,7 @@
         services:
           - openconnect-{{item.name}}
       with_items: '{{connections}}'
-      when: 'item.protocol == "oc" and item.ocType == "client" and not noBird'
+      when: 'item.protocol == "oc" and item.ocType == "client" and not noBird and not item.noUpdate'
     - name: restart_bird_systemd
       become: true
       systemd:
@@ -232,6 +232,7 @@
       systemd:
         name: babeld
         state: restarted
+      when: systemBird
     - name: reload_chnroute
       become: true
       shell: |

ansible/install.yaml

@@ -31,9 +31,13 @@
           Pin-Priority: 90
         dest: /etc/apt/preferences.d/limit-unstable
       when: systemBird and ansible_distribution == 'Debian' and ansible_distribution_release != 'sid'
-    - name: install packages for systemd things
+    - name: netcat-openbsd
       become: true
       apt:
         update_cache: true
+        name: netcat-openbsd
+    - name: install packages for systemd things
+      become: true
+      apt:
         name: babeld,bird2
       when: systemBird

ansible/protocols/oc/ocserv-user-env.j2

@@ -3,7 +3,8 @@ export localAddress={{address}}
 export remoteLocalAddress={{conn.remoteLocalAddress}}
 export localPeerAddress={{conn.localPeerAddress}}
 export remotePeerAddress={{conn.remotePeerAddress}}
-export link6Address={{conn.link6Address}}
+export localPeerAddress6={{conn.localPeerAddress6}}
+export remotePeerAddress6={{conn.remotePeerAddress6}}
 export localRubbishAddress=10.199.{{id}}.1
 export remoteNextMark={{conn.remoteNextMark}}
 export inbound={{conn.inbound}}

ansible/protocols/oc/openconnect-post-scripts/disconnect.sh.j2

 #!/bin/bash
-dev="$TUNDEV" localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} link6Address={{conn.link6Address}} remoteNextMark={{conn.remoteNextMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} mtu={{conn.mtu|int - 58}} {{ansible_user_dir}}/nextgen-network/scripts/predown.sh
+dev="$TUNDEV" localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} localPeerAddress6={{conn.localPeerAddress6}} remotePeerAddress6={{conn.remotePeerAddress6}} remoteNextMark={{conn.remoteNextMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} mtu={{conn.mtu|int - 58}} {{ansible_user_dir}}/nextgen-network/scripts/predown.sh
 
 true

ansible/protocols/oc/openconnect-post-scripts/post-connect.sh.j2

 #!/bin/bash
-dev="$TUNDEV" localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} link6Address={{conn.link6Address}} remoteNextMark={{conn.remoteNextMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} mtu={{conn.mtu|int - 58}} {{ansible_user_dir}}/nextgen-network/scripts/predown.sh
-dev="$TUNDEV" localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} link6Address={{conn.link6Address}} remoteNextMark={{conn.remoteNextMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} mtu={{conn.mtu|int - 58}} {{ansible_user_dir}}/nextgen-network/scripts/postup.sh
+# Force reload at 12.23
+
+dev="$TUNDEV" localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} localPeerAddress6={{conn.localPeerAddress6}} remotePeerAddress6={{conn.remotePeerAddress6}} remoteNextMark={{conn.remoteNextMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} mtu={{conn.mtu|int - 58}} {{ansible_user_dir}}/nextgen-network/scripts/predown.sh
+dev="$TUNDEV" localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} localPeerAddress6={{conn.localPeerAddress6}} remotePeerAddress6={{conn.remotePeerAddress6}} remoteNextMark={{conn.remoteNextMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} mtu={{conn.mtu|int - 58}} {{ansible_user_dir}}/nextgen-network/scripts/postup.sh
 
 true

ansible/protocols/wg/wg.conf.j2

@@ -8,8 +8,8 @@ FwMark = {{conn.localGatewayMark}}
 
 MTU = {{conn.mtu|int - 80}}
 Table = off
-PostUp = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} link6Address={{conn.link6Address}} remoteNextMark={{conn.remoteNextMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} mtu={{conn.mtu|int - 80}} {{ansible_user_dir}}/nextgen-network/scripts/postup.sh
-PreDown = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} link6Address={{conn.link6Address}} remoteNextMark={{conn.remoteNextMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} mtu={{conn.mtu|int - 80}} {{ansible_user_dir}}/nextgen-network/scripts/predown.sh
+PostUp = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} localPeerAddress6={{conn.localPeerAddress6}} remotePeerAddress6={{conn.remotePeerAddress6}} remoteNextMark={{conn.remoteNextMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} mtu={{conn.mtu|int - 80}} {{ansible_user_dir}}/nextgen-network/scripts/postup.sh
+PreDown = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} localPeerAddress6={{conn.localPeerAddress6}} remotePeerAddress6={{conn.remotePeerAddress6}} remoteNextMark={{conn.remoteNextMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} mtu={{conn.mtu|int - 80}} {{ansible_user_dir}}/nextgen-network/scripts/predown.sh
 
 [Peer]
 PublicKey = {{conn.wgPublicKey}}
@@ -19,4 +19,4 @@ Endpoint = {{conn.remoteAddress}}:{{conn.remotePort}}
 PersistentKeepalive = 1
 {% endif %}
 
-# forced change 12.12
+# forced change 12.23

ansible/protocols/wgfrp/wgfrp.conf.j2

@@ -6,8 +6,8 @@ ListenPort = {{conn.localPort}}
 {% endif %}
 MTU = {{conn.mtu|int - 80}}
 Table = off
-PostUp = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} link6Address={{conn.link6Address}} remoteNextMark={{conn.remoteNextMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} mtu={{conn.mtu|int - 80}} {{ansible_user_dir}}/nextgen-network/scripts/postup.sh
-PreDown = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} link6Address={{conn.link6Address}} remoteNextMark={{conn.remoteNextMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} mtu={{conn.mtu|int - 80}} {{ansible_user_dir}}/nextgen-network/scripts/predown.sh
+PostUp = dev=%i localPeerAddress={{conn.localPeerAddress}} localPeerAddress6={{conn.localPeerAddress6}} remotePeerAddress6={{conn.remotePeerAddress6}} remoteNextMark={{conn.remoteNextMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} mtu={{conn.mtu|int - 80}} {{ansible_user_dir}}/nextgen-network/scripts/postup.sh
+PreDown = dev=%i localPeerAddress={{conn.localPeerAddress}} localPeerAddress6={{conn.localPeerAddress6}} remotePeerAddress6={{conn.remotePeerAddress6}} remoteNextMark={{conn.remoteNextMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} mtu={{conn.mtu|int - 80}} {{ansible_user_dir}}/nextgen-network/scripts/predown.sh
 [Peer]
 PublicKey = {{conn.wgPublicKey}}
 AllowedIPs = 0.0.0.0/0, ::/0

ansible/restart-babeld.yaml

+---
+- hosts: wg
+  tasks:
+    - name: load vars
+      include_vars:
+        file: '../result/{{item}}.yaml'
+      with_items:
+        # - global-vars
+        - vars-{{inventory_hostname_short}}
+    - name: restart_babeld_systemd
+      become: true
+      systemd:
+        name: babeld
+        state: restarted
+      when: systemBird
+    - name: restart_babeld # ocserv would be always restarted whenever key changes..
+      docker_compose:
+        project_src: '{{ansible_user_dir}}/nextgen-network/services'
+        restarted: true
+        services:
+          - babeld
+      when: not noBird
+    - name: restart ocserv
+      docker_compose:
+        project_src: '{{ansible_user_dir}}/nextgen-network/services'
+        restarted: true
+        services:
+          - ocserv
+      when: ocservNeeded and not noBird

ansible/scripts/global-postup.sh.j2

 #!/usr/bin/env bash
-# Forced update 12.22
+# Forced update 12.23
 source {{ansible_user_dir}}/nextgen-network/scripts/utility.sh
 
 echo "running" > /tmp/mycard_global_postup_done

ansible/scripts/postup.sh.j2

@@ -4,7 +4,7 @@ source {{ansible_user_dir}}/nextgen-network/scripts/utility.sh
 #set -e
 
 ip addr add "$localPeerAddress" peer "$remotePeerAddress" dev "$dev" scope link
-ip -6 addr add "$link6Address" dev "$dev" scope link
+ip addr add "$localPeerAddress6" peer "$remotePeerAddress6" dev "$dev" scope link
 
 if [ "$outbound" == True ] ; then
   ip route add default dev "$dev" table "$remoteNextMark"

src/inventory.ts

@@ -25,6 +25,7 @@ class InventoryBuilder {
   resolveCache: Map<string, string>;
   resolver: dns.Resolver;
   vars: any;
+  linksOnly: string[];
 
   constructor() {
     this.resolveCache = new Map();
@@ -95,6 +96,9 @@ class InventoryBuilder {
     for (const host of Object.values(this.hosts)) {
       host.wgPublickey = await this.wgPublickey(host.wgPrivateKey);
     }
+    if (process.env.ONLY_LINKS) {
+      this.linksOnly = process.env.ONLY_LINKS.split(",");
+    }
     this.vars = await this.loadUtilities();
     const inventoryValue = { wg: {hosts: Object.fromEntries(Object.values(this.hosts).map(host => [host.name, this.getHostConnectionInfo(host)]))} };
     await fs.promises.writeFile('result/inventory.yaml', YAML.stringify(inventoryValue));
@@ -128,8 +132,7 @@ class InventoryBuilder {
     const vars = {
       routeLists: this.routeLists,
       routeListNames: Object.keys(this.routeLists),
-      noUpdateLinks: !!process.env.NO_LINK,
-      onlyUpdateLink: process.env.ONLY_LINK || null
+      noUpdateLinks: !!process.env.NO_LINK
     };
     for (let col in raw_utility) {
       vars[col] = raw_utility[col].value;
@@ -267,7 +270,11 @@ class InventoryBuilder {
     const wgPublicKey = remote.wgPublickey;
     const localPeerAddress = primary ? `10.200.${local.id}.${remote.id}` : `10.201.${local.id}.${remote.id}`;
     const remotePeerAddress = primary ? `10.200.${remote.id}.${local.id}` : `10.201.${remote.id}.${local.id}`;
-    const link6Address = `fe80::${primary ? 1 : 2}:${local.id}:${remote.id}/64`;
+    const localPeerAddress6Block = ((local.id << 8) | remote.id).toString(16);
+    const remotePeerAddress6Block = ((remote.id << 8) | local.id).toString(16);
+
+    const localPeerAddress6 = `fe80::${primary ? 1 : 2}:${localPeerAddress6Block}`;
+    const remotePeerAddress6 = `fe80::${primary ? 1 : 2}:${remotePeerAddress6Block}`;
 
     const frpType = protocol === 'wgfrp' ? (this.gatewayCompare(localGateway, remoteGateway) ? 'frps' : 'frpc') : undefined;
     const ocType = protocol === 'oc' ? (this.gatewayCompareOcserv(local, remote, localGateway, remoteGateway) ? 'server' : 'client') : undefined;
@@ -342,6 +349,8 @@ class InventoryBuilder {
       console.log(`${local.name} GW ${localGateway.isp} ${inbound ? '<' : '='}=${frpType === 'frps' ? 's' : '='}=[${protocol}]=${frpType === 'frpc' ? 's' : '='}=> ${remote.name} GW ${remoteGateway.isp}`);
     }
 
+    const noUpdate = this.linksOnly && !(this.linksOnly.includes(remote.name) || this.linksOnly.includes(local.name));
+
     return {
       name,
       metric,
@@ -358,14 +367,16 @@ class InventoryBuilder {
       wgPublicKey,
       localPeerAddress,
       remotePeerAddress,
-      link6Address,
+      localPeerAddress6,
+      remotePeerAddress6,
       remoteFrpsPort,
       //remoteOcservPort,
       frpType,
       ocType,
       inbound,
       outbound,
-      mtu
+      mtu,
+      noUpdate,
     };
   }
 

update-all.sh

+#!/bin/bash
+
+./update.sh "$@"
+
+cd ansible
+ansible-playbook -i ../result/inventory.yaml "$@" restart-babeld.yaml
+cd ..

update.sh

@@ -28,7 +28,7 @@ _strip_wg_conf() {
 # _strip_wg_conf ./protocols/wg/wg.conf.j2 ./protocols/wg/wg-setconf.conf.j2
 _strip_wg_conf ./protocols/wgfrp/wgfrp.conf.j2 ./protocols/wgfrp/wgfrp-setconf.conf.j2
 
-cat babeld.conf.j2 > babeld-reload.conf.j2
+sed -r '/^(#.*)?$/d;/^reflect-kernel-metric/d;/^local-port-readwrite/d;/^redistribute/d' babeld.conf.j2 > babeld-reload.conf.j2
 echo 'quit' >> babeld-reload.conf.j2
 
 ansible-playbook -i ../result/inventory.yaml "$@" configure.yaml