1 files changed, 55 insertions, 0 deletions

diff --git a/IP migration API.md b/IP migration API.md
new file mode 100644
index 0000000..d567ab5
--- /dev/null
+++ b/IP migration API.md
@@ -0,0 +1,55 @@
+---
+tags:
+  - work
+---
+[[GroupVPS Migration]]
+
+API:
+- Prepare subnet : cidr
+- Migrate IP
+	- os set allowed address pair
+	- tun src: add /32 
+- Migrate gateway
+
+Kevin meet:
+tunnel-dst vm in openstack
+tunnel-src hardware ding
+puppet op tunnels
+
+stap 1 paars = api doet: op os router route voor elk ip in subnet aanmaken en proxy arp shit per subnet. AllowedAddrPair op port tunnel-dst. In eerste instantie gewoon alle IPs uit het subnet toevoegen.
+
+Beide IPv4 en IPv6 (6 kan iets later)
+
+Alle stappen moeten reversable zijn.
+
+stap 2 roze: test vm, routes op os verwijderen, op src net toevoegen
+stap 3 geel: switch network naar openstack, switch gateway ip
+
+# Meeting @ 23 jun 2025
+
+*cidr/24 subnet scope link maybe monitor for its existence.*
+
+To handle failover the static routes we configure on the tunnel-dst should not have a nexthop, but a nexthop id. This points the route to a virtual nexthop - if it is updated, all routes pointing to that are updated.
+
+`ip route add 192.168.0.1/32 nhid 1`
+
+tunnel-src also just add ip routes
+failover: just periodically cmp route and push diff
+
+![[Pasted image 20250623162525.png]]
+
+
+```
+#!/bin/sh
+
+# Check all /32 for migrated networks
+(ip r; ip -6 r) | grep -E "dev wg. (scope link|metric)" | cut -d ' ' -f1 | grep -v default | sort >/tmp/A
+sort routes-in-dst.txt >/tmp/B
+for X in $(comm -13 /tmp/A /tmp/B); do echo ip route add $X dev wg0; done
+for X in $(comm -23 /tmp/A /tmp/B); do echo ip route del $X dev wg0; done
+
+# Check for missing IPv6 proxy NDP entries
+ip -6 neigh show proxy | cut -d ' ' -f1 | sort >/tmp/A
+grep -F : routes-in-dst.txt | sort >/tmp/B
+for X in $(comm -13 /tmp/A /tmp/B); do echo ip -6 neigh add proxy $X dev vrrp.98; done
+```
\ No newline at end of file