From a9886bf2f8a35369a2c42070c5f83504dfab2bc5 Mon Sep 17 00:00:00 2001 From: Jasper Ras Date: Fri, 27 Jun 2025 10:56:03 +0200 Subject: vault backup: 2025-06-27 10:56:02 --- IP migration API.md | 57 ++++++++++++++++++++++++++--------------------------- 1 file changed, 28 insertions(+), 29 deletions(-) (limited to 'IP migration API.md') diff --git a/IP migration API.md b/IP migration API.md index c6bd91b..d567ab5 100644 --- a/IP migration API.md +++ b/IP migration API.md @@ -2,33 +2,7 @@ tags: - work --- -# Previous IP migration API -Stateful: sqlite db: -- subnet state (mode: `migrating`) -- ip state: active location (`CPH|AMS`) - -config: -- LR map file -- db config -- tls -- ip announcement file -- hosts -- key -- user -IP announcement file. - -Flow: -- Prepare subnet (out-of-band) - - Creates a record for the subnet, and puts it in "migrating" mode. -- Call migrate IP (ip, dest) - - Fails if subnet not prepared prior. - - Fails if destination not exists. - - Fails if invalid ip address - - -# New IP migration API - -What is a "link scope"? +[[GroupVPS Migration]] API: - Prepare subnet : cidr @@ -51,6 +25,31 @@ Alle stappen moeten reversable zijn. stap 2 roze: test vm, routes op os verwijderen, op src net toevoegen stap 3 geel: switch network naar openstack, switch gateway ip +# Meeting @ 23 jun 2025 -**How ARP works** -Host A thinks it has direct conn to Host B, thus sends ARP request to learn its MAC. \ No newline at end of file +*cidr/24 subnet scope link maybe monitor for its existence.* + +To handle failover the static routes we configure on the tunnel-dst should not have a nexthop, but a nexthop id. This points the route to a virtual nexthop - if it is updated, all routes pointing to that are updated. + +`ip route add 192.168.0.1/32 nhid 1` + +tunnel-src also just add ip routes +failover: just periodically cmp route and push diff + +![[Pasted image 20250623162525.png]] + + +``` +#!/bin/sh + +# Check all /32 for migrated networks +(ip r; ip -6 r) | grep -E "dev wg. (scope link|metric)" | cut -d ' ' -f1 | grep -v default | sort >/tmp/A +sort routes-in-dst.txt >/tmp/B +for X in $(comm -13 /tmp/A /tmp/B); do echo ip route add $X dev wg0; done +for X in $(comm -23 /tmp/A /tmp/B); do echo ip route del $X dev wg0; done + +# Check for missing IPv6 proxy NDP entries +ip -6 neigh show proxy | cut -d ' ' -f1 | sort >/tmp/A +grep -F : routes-in-dst.txt | sort >/tmp/B +for X in $(comm -13 /tmp/A /tmp/B); do echo ip -6 neigh add proxy $X dev vrrp.98; done +``` \ No newline at end of file -- cgit v1.2.3