diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index 7989d0a78..b5eed5f53 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -6,6 +6,26 @@ # ports_externally_visible: 3 # https://github.com/iiab/iiab/wiki/IIAB-Networking#firewall-iptables +# Ethernet - IF NECESSARY, CUSTOMIZE THESE 4+3 VARS IN /etc/iiab/local_vars.yml +# +# See "How do I set a static IP Address?" for Ethernet, in http://FAQ.IIAB.IO +# wan_ip: dhcp # wan_ip: 192.168.1.99 +# wan_netmask: # wan_netmask: 255.255.255.0 +# wan_gateway: # wan_gateway: 192.168.1.1 +# wan_nameserver: # wan_nameserver: 192.168.1.1 +# +# wan_can_use_dhcp_ip: True # Facilitate field updates w/ cablemodems. +# dhcp_timeout: 10 # Revert to Static IP or 169.254.x.y if DHCP isn't +# detected on the Ethernet network in 10 seconds (dhcpcd default is 30 sec). +# wan_link_local: False # Keep this as 'False' to strongly mandate Ethernet +# Static IP (and avoid link-local 169.254.x.y if DHCP isn't detected). +# +# Change this to 'True' if you want the 3-steps below: (e.g. for eth0 or eno1) +# 1. Try to set Ethernet Static IP (if 'arp ' responds). +# 2. Try to set Ethernet IP using DHCP, if DHCP responds within ~10 seconds. +# 3. Set Ethernet IP to a link-local address 169.254.x.y if both above fail. +# Details @ roles/network/templates/network/dhcpcd.conf.j2 for /etc/dhcpcd.conf + # Wi-Fi - IF NECESSARY, CUSTOMIZE THESE 6 VARIABLES IN /etc/iiab/local_vars.yml # host_country_code: US # host_ssid: "Internet in a Box" diff --git a/roles/network/templates/network/dhcpcd.conf.j2 b/roles/network/templates/network/dhcpcd.conf.j2 index 3000a4aad..0d9654509 100644 --- a/roles/network/templates/network/dhcpcd.conf.j2 +++ b/roles/network/templates/network/dhcpcd.conf.j2 @@ -39,13 +39,19 @@ slaac private # IIAB -# always support Ethernet-to-Internet on RPi (avoid "denyinterfaces eth0") +# How many seconds to wait for DHCP (e.g. from cablemodem) before IIAB's +# Ethernet falls back to Static IP below (e.g. for Mexican schools with +# Static IP-based Ethernet networks) +timeout {{ dhcp_timeout }} + +# Always support Ethernet-to-Internet on RPi, to facilitate field updates +# (avoid "denyinterfaces eth0" below!) {% if is_rpi and hostapd_enabled %} -denyinterfaces {% if discovered_wireless_iface != "none" %} {{ discovered_wireless_iface }} {% endif %} +denyinterfaces{% if discovered_wireless_iface != "none" %} {{ discovered_wireless_iface }}{% endif %} {% elif is_rpi %} -#denyinterfaces {% if discovered_wireless_iface != "none" %} {{ discovered_wireless_iface }} {% endif %} +#denyinterfaces{% if discovered_wireless_iface != "none" %} {{ discovered_wireless_iface }}{% endif %} {% else %} -denyinterfaces {% if iiab_wireless_lan_iface is defined %} {{ iiab_wireless_lan_iface }} {% endif %} {% if iiab_wired_lan_iface is defined %} {{ iiab_wired_lan_iface }} {% endif %} +denyinterfaces{% if iiab_wireless_lan_iface is defined %} {{ iiab_wireless_lan_iface }}{% endif %}{% if iiab_wired_lan_iface is defined %} {{ iiab_wired_lan_iface }}{% endif %} {% endif %} {# {% if iiab_lan_iface != "br0" %} {{ iiab_lan_iface }} {% endif %} #} @@ -56,10 +62,20 @@ static ip_address={{ lan_ip }}/19 static domain_name_servers=127.0.0.1 {% endif %} -# IIAB static IP configuration: +# IIAB static IP configuration, alongside optional DHCP & link-local {% if wan_ip != "dhcp" %} -interface {{ iiab_wan_iface }} +profile {{ wan_gateway }} static ip_address={{ wan_ip }}/24 static routers={{ wan_gateway }} static domain_name_servers={{ wan_nameserver }} +{% if wan_can_use_dhcp_ip %} + +interface {{ iiab_wan_iface }} +{% if not wan_link_local %} +arping 192.0.2.1 # Set Ethernet IP per "cablemodem" DHCP, if DHCP's on wire (after arp request to non-existent IP 192.0.2.1 fails on purpose, per RFC5737) +fallback {{ wan_gateway }} # If DHCP not detected after {{ dhcp_timeout }} seconds, set Ethernet Static IP per above "profile {{ wan_gateway }}" +{% else %} +arping {{ wan_gateway }} # Perform up to 3 steps: 1. arp (if detected, set Ethernet Static IP per "profile {{ wan_gateway }}") 2. Set Ethernet IP per "cablemodem" DHCP, if DHCP's on wire 3. If nec, set Ethernet IP to a link-local address (169.254.x.y) +{% endif %} +{% endif %} {% endif %} diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 8d3400a65..3789400f6 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -160,10 +160,26 @@ wondershaper_enabled: False # The following 2 override the detection when not "auto" user_wan_iface: auto user_lan_iface: auto -wan_ip: dhcp -wan_netmask: -wan_gateway: -wan_nameserver: + +# Ethernet - IF NECESSARY, CUSTOMIZE THESE 4+3 VARS IN /etc/iiab/local_vars.yml +# +# See "How do I set a static IP Address?" for Ethernet, in http://FAQ.IIAB.IO +wan_ip: dhcp # wan_ip: 192.168.1.99 +wan_netmask: # wan_netmask: 255.255.255.0 +wan_gateway: # wan_gateway: 192.168.1.1 +wan_nameserver: # wan_nameserver: 192.168.1.1 +# +wan_can_use_dhcp_ip: True # Facilitate field updates w/ cablemodems. +dhcp_timeout: 10 # Revert to Static IP or 169.254.x.y if DHCP isn't +# detected on the Ethernet network in 10 seconds (dhcpcd default is 30 sec). +wan_link_local: False # Keep this as 'False' to strongly mandate Ethernet +# Static IP (and avoid link-local 169.254.x.y if DHCP isn't detected). +# +# Change this to 'True' if you want the 3-steps below: (e.g. for eth0 or eno1) +# 1. Try to set Ethernet Static IP (if 'arp ' responds). +# 2. Try to set Ethernet IP using DHCP, if DHCP responds within ~10 seconds. +# 3. Set Ethernet IP to a link-local address 169.254.x.y if both above fail. +# Details @ roles/network/templates/network/dhcpcd.conf.j2 for /etc/dhcpcd.conf # Parameters for Aggregate Roles diff --git a/vars/local_vars_big.yml b/vars/local_vars_big.yml index 2b5ce6171..fa18c771d 100644 --- a/vars/local_vars_big.yml +++ b/vars/local_vars_big.yml @@ -40,6 +40,24 @@ host_channel: 6 hostapd_secure: False hostapd_password: changeme +# See "How do I set a static IP Address?" for Ethernet, in http://FAQ.IIAB.IO +wan_ip: dhcp # wan_ip: 192.168.1.99 +wan_netmask: # wan_netmask: 255.255.255.0 +wan_gateway: # wan_gateway: 192.168.1.1 +wan_nameserver: # wan_nameserver: 192.168.1.1 +# +wan_can_use_dhcp_ip: True # Facilitate field updates w/ cablemodems. +dhcp_timeout: 10 # Revert to Static IP or 169.254.x.y if DHCP isn't +# detected on the Ethernet network in 10 seconds (dhcpcd default is 30 sec). +wan_link_local: False # Keep this as 'False' to strongly mandate Ethernet +# Static IP (and avoid link-local 169.254.x.y if DHCP isn't detected). +# +# Change this to 'True' if you want the 3-steps below: (e.g. for eth0 or eno1) +# 1. Try to set Ethernet Static IP (if 'arp ' responds). +# 2. Try to set Ethernet IP using DHCP, if DHCP responds within ~10 seconds. +# 3. Set Ethernet IP to a link-local address 169.254.x.y if both above fail. +# Details @ roles/network/templates/network/dhcpcd.conf.j2 for /etc/dhcpcd.conf + # Enable "campus access" to ~10 common IIAB services like Kiwix (3000), KA Lite # (8008) and Calibre (8010 or 8080) etc, on the WAN side of your IIAB server. # Only 1 of the 6 lines below should be uncommented: diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index d03e5ce42..5d0c064d3 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -40,6 +40,24 @@ host_channel: 6 hostapd_secure: False hostapd_password: changeme +# See "How do I set a static IP Address?" for Ethernet, in http://FAQ.IIAB.IO +wan_ip: dhcp # wan_ip: 192.168.1.99 +wan_netmask: # wan_netmask: 255.255.255.0 +wan_gateway: # wan_gateway: 192.168.1.1 +wan_nameserver: # wan_nameserver: 192.168.1.1 +# +wan_can_use_dhcp_ip: True # Facilitate field updates w/ cablemodems. +dhcp_timeout: 10 # Revert to Static IP or 169.254.x.y if DHCP isn't +# detected on the Ethernet network in 10 seconds (dhcpcd default is 30 sec). +wan_link_local: False # Keep this as 'False' to strongly mandate Ethernet +# Static IP (and avoid link-local 169.254.x.y if DHCP isn't detected). +# +# Change this to 'True' if you want the 3-steps below: (e.g. for eth0 or eno1) +# 1. Try to set Ethernet Static IP (if 'arp ' responds). +# 2. Try to set Ethernet IP using DHCP, if DHCP responds within ~10 seconds. +# 3. Set Ethernet IP to a link-local address 169.254.x.y if both above fail. +# Details @ roles/network/templates/network/dhcpcd.conf.j2 for /etc/dhcpcd.conf + # Enable "campus access" to ~10 common IIAB services like Kiwix (3000), KA Lite # (8008) and Calibre (8010 or 8080) etc, on the WAN side of your IIAB server. # Only 1 of the 6 lines below should be uncommented: diff --git a/vars/local_vars_min.yml b/vars/local_vars_min.yml index e93148cd6..fd9795880 100644 --- a/vars/local_vars_min.yml +++ b/vars/local_vars_min.yml @@ -40,6 +40,24 @@ host_channel: 6 hostapd_secure: False hostapd_password: changeme +# See "How do I set a static IP Address?" for Ethernet, in http://FAQ.IIAB.IO +wan_ip: dhcp # wan_ip: 192.168.1.99 +wan_netmask: # wan_netmask: 255.255.255.0 +wan_gateway: # wan_gateway: 192.168.1.1 +wan_nameserver: # wan_nameserver: 192.168.1.1 +# +wan_can_use_dhcp_ip: True # Facilitate field updates w/ cablemodems. +dhcp_timeout: 10 # Revert to Static IP or 169.254.x.y if DHCP isn't +# detected on the Ethernet network in 10 seconds (dhcpcd default is 30 sec). +wan_link_local: False # Keep this as 'False' to strongly mandate Ethernet +# Static IP (and avoid link-local 169.254.x.y if DHCP isn't detected). +# +# Change this to 'True' if you want the 3-steps below: (e.g. for eth0 or eno1) +# 1. Try to set Ethernet Static IP (if 'arp ' responds). +# 2. Try to set Ethernet IP using DHCP, if DHCP responds within ~10 seconds. +# 3. Set Ethernet IP to a link-local address 169.254.x.y if both above fail. +# Details @ roles/network/templates/network/dhcpcd.conf.j2 for /etc/dhcpcd.conf + # Enable "campus access" to ~10 common IIAB services like Kiwix (3000), KA Lite # (8008) and Calibre (8010 or 8080) etc, on the WAN side of your IIAB server. # Only 1 of the 6 lines below should be uncommented: