fickit: dedicate an IP address to DNS/routing on frontend

2019-01-17 08:47:23 +01:00 · 2019-01-17 08:47:23 +01:00 · e5a9a2ecba
commit e5a9a2ecba
parent dd2f7b0bd5
2 changed files with 4 additions and 25 deletions
--- a/configs/dhcpd.conf
+++ b/configs/dhcpd.conf
@ -4,11 +4,11 @@ authoritative;
 option subnet-mask 255.255.255.0;
 option broadcast-address 172.23.42.255;
 option routers 172.23.42.254;
-option domain-name-servers 9.9.9.9, 1.1.1.1;
+option domain-name-servers 172.23.42.254;
 option rfc3442-classless-static-routes code 121 = array of integer 8;
 option ms-classless-static-routes code 249 = array of integer 8;
 option rfc3442-classless-static-routes 32, 163, 5, 55, 58, 172, 23, 42, 1;
 option ms-classless-static-routes 32, 163, 5, 55, 58, 172, 23, 42, 1;
 subnet 172.23.42.0 netmask 255.255.255.0 {
-  range  172.23.42.10  172.23.42.254;
+  range  172.23.42.10  172.23.42.253;
 }
--- a/fickit-frontend.yml
+++ b/fickit-frontend.yml
@ -42,7 +42,7 @@ onboot:
        net: /run/netns/nginx
 #  - name: frontal-ip-setup # without bonding
 #    image: linuxkit/ip:v0.6
-#    command: ["/bin/sh", "-c", "ip link set eth1 up; ip a add 172.23.42.1/24 dev eth1; ip a add 163.5.55.58/32 dev eth1; ip link add link eth1 name internet type vlan id 1; ip link set internet up;" ]
+#    command: ["/bin/sh", "-c", "ip link set eth1 up; ip a add 172.23.42.1/24 dev eth1; ip a add 172.23.42.254/24 dev eth1; ip a add 163.5.55.58/32 dev eth1; ip link add link eth1 name internet type vlan id 1; ip link set internet up;" ]
 #    net: /run/netns/nginx
 #    runtime:
 #      interfaces:
@ -51,7 +51,7 @@ onboot:
 #        - name: eth3
  - name: frontal-ip-setup # with bonding
    image: linuxkit/ip:v0.6
-    command: ["/bin/sh", "-c", "ip link set bond-frontal up; ifenslave bond-frontal eth1 eth2 eth3; ip a add 172.23.42.1/24 dev bond-frontal; ip a add 163.5.55.58/32 dev bond-frontal; ip link add link bond-frontal name internet type vlan id 1; ip link set internet up;" ]
+    command: ["/bin/sh", "-c", "ip link set bond-frontal up; ifenslave bond-frontal eth1 eth2 eth3; ip a add 172.23.42.1/24 dev bond-frontal; ip a add 172.23.42.254/24 dev bond-frontal; ip a add 163.5.55.58/32 dev bond-frontal; ip link add link bond-frontal name internet type vlan id 1; ip link set internet up;" ]
    net: /run/netns/nginx
    runtime:
      interfaces:
@ -369,39 +369,18 @@ files:
  - path: etc/dhcpcd.conf
    contents: |
      # Only configure standard external ethernet
      allowinterfaces internet
      # Inform the DHCP server of our hostname for DDNS.
      hostname
      # Use the hardware address of the interface for the Client ID.
      clientid
      # or
      # Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361.
      # Some non-RFC compliant DHCP servers do not reply with this set.
      # In this case, comment out duid and enable clientid above.
      #duid
      # Persist interface configuration when dhcpcd exits.
      persistent
      # Rapid commit support.
      # Safe to enable by default because it requires the equivalent option set
      # on the server to actually work.
      option rapid_commit
      # A list of options to request from the DHCP server.
      option domain_name_servers, domain_name, domain_search, host_name
      option classless_static_routes
      # Most distributions have NTP support.
      option ntp_servers
      # Respect the network MTU. This is applied to DHCP routes.
      option interface_mtu
      # A ServerID is required by RFC2131.
      require dhcp_server_identifier
      # Generate Stable Private IPv6 Addresses instead of hardware based ones
      slaac private
      # Do not wait
      nodelay
      # Do not arp to check IP
      noarp
      # wait for ipv4 address
      waitip 4
    mode: "0440"
  - path: etc/unbound/unbound.d/access-control.conf