Add files

.gitignore

@@ -0,0 +1 @@
+.*.swp

collector.conf

@@ -0,0 +1,40 @@
+protocol bgp ROUTE_COLLECTOR
+{
+  local as OWNAS;
+  neighbor fd42:4242:2601:ac12::1 as 4242422602;
+
+  # enable multihop as the collector is not locally connected
+  multihop;
+
+  ipv4 {
+    # export all available paths to the collector    
+    add paths tx;
+
+    # import/export filters
+    import none;
+    export filter {
+      # export all valid routes
+      if ( is_valid_network() && source ~ [ RTS_STATIC, RTS_BGP ] )
+      then {
+        accept;
+      }
+      reject;
+    };
+  };
+
+  ipv6 {
+    # export all available paths to the collector    
+    add paths tx;
+
+    # import/export filters
+    import none;
+    export filter {
+      # export all valid routes
+      if ( is_valid_network_v6() && source ~ [ RTS_STATIC, RTS_BGP ] )
+      then {
+        accept;
+      }
+      reject;
+    };
+  };
+}

int-bgp.j2

@@ -0,0 +1,24 @@
+template bgp intpeers {
+    local as OWNAS;
+
+    ipv4 {
+        import where source = RTS_BGP && is_valid_network() && !is_self_net();
+        export where source = RTS_BGP && is_valid_network() && !is_self_net();
+        next hop self;
+        add paths yes;
+    };
+
+    ipv6 {
+        import where source = RTS_BGP && is_valid_network_v6() && !is_self_net_v6();
+        export where source = RTS_BGP && is_valid_network_v6() && !is_self_net_v6();
+        next hop self;
+        add paths yes;
+    };
+}
+{% for host in groups['routers'] %}
+{% if host != inventory_hostname %}
+protocol bgp int_{{ hostvars[host]['pop_loc'] }} from intpeers {
+    neighbor {{ hostvars[host]['unicastv6'] }} as OWNAS;
+}
+{% endif %}
+{% endfor %}

inventory.yml

@@ -0,0 +1,38 @@
+all:
+  children:
+    routers:
+    nameservers:
+routers:
+  hosts:
+    us1.routers.9pfs.dn42:
+      ansible_python_interpreter: "/usr/bin/python3"
+      unicastv6: fd32:6b0:70a6:179::1
+      machine_type: vm
+      pop_loc: us01
+    us2.routers.9pfs.dn42:
+      ansible_python_interpreter: "/usr/bin/python3"
+      machine_type: container
+      unicastv6: fd32:6b0:70a6:179::2
+      pop_loc: us02
+    us3.routers.9pfs.dn42:
+      ansible_python_interpreter: "/usr/bin/python3"
+      machine_type: container
+      unicastv6: fd32:6b0:70a6:179::4
+      pop_loc: us03
+    uk1.routers.9pfs.dn42:
+      ansible_python_interpreter: "/usr/bin/python3"
+      machine_type: container
+      unicastv6: fd32:6b0:70a6:179::3
+      pop_loc: uk01
+services:
+  hosts:
+    mail.9pfs.dn42:
+      ansible_python_interpreter: "/usr/bin/python3"
+      machine_type: vm
+  children:
+    nameservers:
+nameservers:
+  hosts:
+    us1.ns.9pfs.dn42:
+      machine_type: container
+    us2.ns.9pfs.dn42:

update-bgp.yml

@@ -0,0 +1,17 @@
+- hosts: routers
+  remote_user: root
+  tasks:
+    - name: add internal bgp peers
+      template:
+        src: int-bgp.j2
+        dest: /etc/bird/peers/internal.conf
+    - name: add route collector peering
+      copy:
+        src: collector.conf
+        dest: /etc/bird/peers/collector.conf
+    - name: reload bird
+      ansible.builtin.systemd_service:
+        name: bird.service
+        enabled: true
+        state: reloaded
+      when: ansible_service_mgr == 'systemd'

upgrade.yml

@@ -0,0 +1,9 @@
+- hosts: all
+  remote_user: root
+  tasks:
+    - name: upgrade debian systems
+      ansible.builtin.apt:
+        update_cache: yes
+        upgrade: dist
+        cache_valid_time: 3600
+      when: ansible_distribution == 'Debian'