fix routing to Internet

610de7a6 · Attila Farkas · a097e8dc · 610de7a6 · 610de7a6 · 610de7a6
Commit 610de7a6 authored 5 years ago by Attila Farkas
--- a/modules/file_generator.py
+++ b/modules/file_generator.py
@@ -3,7 +3,7 @@ import os

 from modules.device_creator import create_devices
 from modules.ansible_data_generator import create_network_map, create_host_map, create_network_ips
-from modules.routing import BORDER_ROUTER_IP, BORDER_ROUTER_NAME, BORDER_ROUTER_NETWORK_NAME
+from modules.routing import BORDER_ROUTER_IP, BORDER_ROUTER_NAME, BORDER_ROUTER_NETWORK_NAME, BORDER_ROUTER_PUBLIC_IP

 def _load_template(template_name):
    """ Returns a loaded jinja2 template. """
@@ -185,7 +185,7 @@ def _generate_br_role(definitions):
    routers_in_br_network = _get_br_routers(definitions)

    template = _load_template("br")
-    output = template.render(hosts = host_map, routers=network, br_routes=routers_in_br_network, border_router_name=BORDER_ROUTER_NAME)
+    output = template.render(hosts = host_map, routers=network, br_routes=routers_in_br_network, border_router_name=BORDER_ROUTER_NAME, border_router_public_ip=BORDER_ROUTER_PUBLIC_IP)

    _create_role_directory("br")
    _generate_file("./provisioning/roles/br/tasks/main.yml", output)

--- a/modules/network_parser.py
+++ b/modules/network_parser.py
 """ This module handles network creation. """

 import sys
+from modules.routing import BORDER_ROUTER_NAME, BORDER_ROUTER_PUBLIC_IP


 def _find_networks(hostname, mappings, device_type):
@@ -50,6 +51,9 @@ def _add_interfaces(hostname, mapping, device_type, networks, definitions):
    definitions[hostname].append(
        "device.vm.network :private_network, ip: \"" + mapping["ip"]
        + "\", virtualbox__intnet: \"" + mapping["network"] + "\"")
+    
+    if hostname == BORDER_ROUTER_NAME:
+        definitions[BORDER_ROUTER_NAME].append("device.vm.network :public_network, ip: \" " + BORDER_ROUTER_PUBLIC_IP + "\"") 

    _add_netmask(hostname, mapping["network"], networks, definitions)


--- a/modules/routing.py
+++ b/modules/routing.py
@@ -2,6 +2,7 @@ import sys

 BORDER_ROUTER_NAME = "br"
 BORDER_ROUTER_IP = "172.18.0.1"
+BORDER_ROUTER_PUBLIC_IP = "172.18.10.1"
 BORDER_ROUTER_NETWORK_NAME = "BR"
 BORDER_ROUTER_NETWORK_IP = "172.18.0.0/24"


--- a/templates/br
+++ b/templates/br
@@ -27,5 +27,14 @@
 {% for target_cidr, router_ip in br_routes.items() %} 
 - name: Add routing to network {{ target_cidr }} 
  command: route add -net {{ target_cidr }} gw {{ router_ip }} eth1
-{% endfor %}  
+{% endfor %}
+
+- name: Add postrouting
+  # ssh connection fails without async after execution of iptables commands
+  shell: "sleep 2 && sudo iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source {{ border_router_public_ip }}"
+  async: 1
+  poll: 0
+
+- name: Save postrouting rule
+  command: su -c 'iptables-save > /etc/iptables.rules'
 ...