Skip to content

network: Declare the new opnsense vpn network range

  • rename the current vpn and gateway as legacy
  • allow the new vpn network range to query the dns
  • declare the new route to this range

Related to T1526

Test Plan

octocatalog-diff pergamon:

diff origin/production/pergamon.softwareheritage.org current/pergamon.softwareheritage.org
*******************************************
  Bind::View[private] =>
   parameters =>
     match_clients =>
      - ["192.168.50.0/24", "192.168.100.0/24", "192.168.101.0/24", "192.168.130.0/24", "192.168.200.0/21", "127.0.0.0/8", "::1/128"]
      + ["192.168.50.0/24", "192.168.100.0/24", "192.168.101.0/24", "192.168.102.0/23", "192.168.130.0/24", "192.168.200.0/21", "127.0.0.0/8", "::1/128"]
*******************************************
  Concat::Fragment[bind-view-private] =>
   parameters =>
     content =>
      @@ -5,4 +5,5 @@
       		192.168.100.0/24;
       		192.168.101.0/24;
      +		192.168.102.0/23;
       		192.168.130.0/24;
       		192.168.200.0/21;
*******************************************
  Concat::Fragment[eth1_stanza] =>
   parameters =>
     content =>
      @@ -5,4 +5,5 @@
         netmask 255.255.255.0
         up ip route add 192.168.101.0/24 via 192.168.100.1
      +  up ip route add 192.168.102.0/23 via 192.168.100.130
         up ip route add 192.168.200.0/21 via 192.168.100.1
         up ip route add 192.168.128.0/24 via 192.168.100.125
      @@ -20,4 +21,5 @@
         down ip route del 192.168.128.0/24 via 192.168.100.125
         down ip route del 192.168.200.0/21 via 192.168.100.1
      +  down ip route del 192.168.102.0/23 via 192.168.100.130
         down ip route del 192.168.101.0/24 via 192.168.100.1
         down ip route flush cache
*******************************************
  Concat_fragment[bind-view-private] =>
   parameters =>
     content =>
      @@ -5,4 +5,5 @@
       		192.168.100.0/24;
       		192.168.101.0/24;
      +		192.168.102.0/23;
       		192.168.130.0/24;
       		192.168.200.0/21;
*******************************************
  Concat_fragment[eth1_stanza] =>
   parameters =>
     content =>
      @@ -5,4 +5,5 @@
         netmask 255.255.255.0
         up ip route add 192.168.101.0/24 via 192.168.100.1
      +  up ip route add 192.168.102.0/23 via 192.168.100.130
         up ip route add 192.168.200.0/21 via 192.168.100.1
         up ip route add 192.168.128.0/24 via 192.168.100.125
      @@ -20,4 +21,5 @@
         down ip route del 192.168.128.0/24 via 192.168.100.125
         down ip route del 192.168.200.0/21 via 192.168.100.1
      +  down ip route del 192.168.102.0/23 via 192.168.100.130
         down ip route del 192.168.101.0/24 via 192.168.100.1
         down ip route flush cache
*******************************************
  Debnet::Iface[eth1] =>
   parameters =>
     downs =>
      - ["ip route del default via 192.168.100.1 dev eth1 table private", "ip route del 192.168.100.0/24 src 192.168.100.29 dev eth1 table private", "ip rule del from 192.168.100.29 table private", "ip route del 192.168.50.0/24 via 192.168.100.130", "ip route del 192.168.130.0/24 via 192.168.100.130", "ip route del 192.168.128.0/24 via 192.168.100.125", "ip route del 192.168.200.0/21 via 192.168.100.1", "ip route del 192.168.101.0/24 via 192.168.100.1", "ip route flush cache"]
      + ["ip route del default via 192.168.100.1 dev eth1 table private", "ip route del 192.168.100.0/24 src 192.168.100.29 dev eth1 table private", "ip rule del from 192.168.100.29 table private", "ip route del 192.168.50.0/24 via 192.168.100.130", "ip route del 192.168.130.0/24 via 192.168.100.130", "ip route del 192.168.128.0/24 via 192.168.100.125", "ip route del 192.168.200.0/21 via 192.168.100.1", "ip route del 192.168.102.0/23 via 192.168.100.130", "ip route del 192.168.101.0/24 via 192.168.100.1", "ip route flush cache"]
     ups =>
      - ["ip route add 192.168.101.0/24 via 192.168.100.1", "ip route add 192.168.200.0/21 via 192.168.100.1", "ip route add 192.168.128.0/24 via 192.168.100.125", "ip route add 192.168.130.0/24 via 192.168.100.130", "ip route add 192.168.50.0/24 via 192.168.100.130", "ip rule add from 192.168.100.29 table private", "ip route add 192.168.100.0/24 src 192.168.100.29 dev eth1 table private", "ip route add default via 192.168.100.1 dev eth1 table private", "ip route flush cache"]
      + ["ip route add 192.168.101.0/24 via 192.168.100.1", "ip route add 192.168.102.0/23 via 192.168.100.130", "ip route add 192.168.200.0/21 via 192.168.100.1", "ip route add 192.168.128.0/24 via 192.168.100.125", "ip route add 192.168.130.0/24 via 192.168.100.130", "ip route add 192.168.50.0/24 via 192.168.100.130", "ip rule add from 192.168.100.29 table private", "ip route add 192.168.100.0/24 src 192.168.100.29 dev eth1 table private", "ip route add default via 192.168.100.1 dev eth1 table private", "ip route flush cache"]
*******************************************
*** End octocatalog-diff on pergamon.softwareheritage.org
  • tate:
diff origin/production/tate.softwareheritage.org current/tate.softwareheritage.org
*******************************************
  Concat::Fragment[eth1_stanza] =>
   parameters =>
     content =>
      @@ -5,4 +5,5 @@
         netmask 255.255.255.0
         up ip route add 192.168.101.0/24 via 192.168.100.1
      +  up ip route add 192.168.102.0/23 via 192.168.100.130
         up ip route add 192.168.200.0/21 via 192.168.100.1
         up ip rule add from 192.168.100.30 table private
      @@ -14,4 +15,5 @@
         down ip rule del from 192.168.100.30 table private
         down ip route del 192.168.200.0/21 via 192.168.100.1
      +  down ip route del 192.168.102.0/23 via 192.168.100.130
         down ip route del 192.168.101.0/24 via 192.168.100.1
         down ip route flush cache
*******************************************
  Concat_fragment[eth1_stanza] =>
   parameters =>
     content =>
      @@ -5,4 +5,5 @@
         netmask 255.255.255.0
         up ip route add 192.168.101.0/24 via 192.168.100.1
      +  up ip route add 192.168.102.0/23 via 192.168.100.130
         up ip route add 192.168.200.0/21 via 192.168.100.1
         up ip rule add from 192.168.100.30 table private
      @@ -14,4 +15,5 @@
         down ip rule del from 192.168.100.30 table private
         down ip route del 192.168.200.0/21 via 192.168.100.1
      +  down ip route del 192.168.102.0/23 via 192.168.100.130
         down ip route del 192.168.101.0/24 via 192.168.100.1
         down ip route flush cache
*******************************************
  Debnet::Iface[eth1] =>
   parameters =>
     downs =>
      - ["ip route del default via 192.168.100.1 dev eth1 table private", "ip route del 192.168.100.0/24 src 192.168.100.30 dev eth1 table private", "ip rule del from 192.168.100.30 table private", "ip route del 192.168.200.0/21 via 192.168.100.1", "ip route del 192.168.101.0/24 via 192.168.100.1", "ip route flush cache"]
      + ["ip route del default via 192.168.100.1 dev eth1 table private", "ip route del 192.168.100.0/24 src 192.168.100.30 dev eth1 table private", "ip rule del from 192.168.100.30 table private", "ip route del 192.168.200.0/21 via 192.168.100.1", "ip route del 192.168.102.0/23 via 192.168.100.130", "ip route del 192.168.101.0/24 via 192.168.100.1", "ip route flush cache"]
     ups =>
      - ["ip route add 192.168.101.0/24 via 192.168.100.1", "ip route add 192.168.200.0/21 via 192.168.100.1", "ip rule add from 192.168.100.30 table private", "ip route add 192.168.100.0/24 src 192.168.100.30 dev eth1 table private", "ip route add default via 192.168.100.1 dev eth1 table private", "ip route flush cache"]
      + ["ip route add 192.168.101.0/24 via 192.168.100.1", "ip route add 192.168.102.0/23 via 192.168.100.130", "ip route add 192.168.200.0/21 via 192.168.100.1", "ip rule add from 192.168.100.30 table private", "ip route add 192.168.100.0/24 src 192.168.100.30 dev eth1 table private", "ip route add default via 192.168.100.1 dev eth1 table private", "ip route flush cache"]
*******************************************
*** End octocatalog-diff on tate.softwareheritage.org
  • moma:
diff origin/production/moma.softwareheritage.org current/moma.softwareheritage.org
*******************************************
  Concat::Fragment[eth1_stanza] =>
   parameters =>
     content =>
      @@ -5,4 +5,5 @@
         netmask 255.255.255.0
         up ip route add 192.168.101.0/24 via 192.168.100.1
      +  up ip route add 192.168.102.0/23 via 192.168.100.130
         up ip route add 192.168.200.0/21 via 192.168.100.1
         up ip rule add from 192.168.100.31 table private
      @@ -14,4 +15,5 @@
         down ip rule del from 192.168.100.31 table private
         down ip route del 192.168.200.0/21 via 192.168.100.1
      +  down ip route del 192.168.102.0/23 via 192.168.100.130
         down ip route del 192.168.101.0/24 via 192.168.100.1
         down ip route flush cache
*******************************************
  Concat_fragment[eth1_stanza] =>
   parameters =>
     content =>
      @@ -5,4 +5,5 @@
         netmask 255.255.255.0
         up ip route add 192.168.101.0/24 via 192.168.100.1
      +  up ip route add 192.168.102.0/23 via 192.168.100.130
         up ip route add 192.168.200.0/21 via 192.168.100.1
         up ip rule add from 192.168.100.31 table private
      @@ -14,4 +15,5 @@
         down ip rule del from 192.168.100.31 table private
         down ip route del 192.168.200.0/21 via 192.168.100.1
      +  down ip route del 192.168.102.0/23 via 192.168.100.130
         down ip route del 192.168.101.0/24 via 192.168.100.1
         down ip route flush cache
*******************************************
  Debnet::Iface[eth1] =>
   parameters =>
     downs =>
      - ["ip route del default via 192.168.100.1 dev eth1 table private", "ip route del 192.168.100.0/24 src 192.168.100.31 dev eth1 table private", "ip rule del from 192.168.100.31 table private", "ip route del 192.168.200.0/21 via 192.168.100.1", "ip route del 192.168.101.0/24 via 192.168.100.1", "ip route flush cache"]
      + ["ip route del default via 192.168.100.1 dev eth1 table private", "ip route del 192.168.100.0/24 src 192.168.100.31 dev eth1 table private", "ip rule del from 192.168.100.31 table private", "ip route del 192.168.200.0/21 via 192.168.100.1", "ip route del 192.168.102.0/23 via 192.168.100.130", "ip route del 192.168.101.0/24 via 192.168.100.1", "ip route flush cache"]
     ups =>
      - ["ip route add 192.168.101.0/24 via 192.168.100.1", "ip route add 192.168.200.0/21 via 192.168.100.1", "ip rule add from 192.168.100.31 table private", "ip route add 192.168.100.0/24 src 192.168.100.31 dev eth1 table private", "ip route add default via 192.168.100.1 dev eth1 table private", "ip route flush cache"]
      + ["ip route add 192.168.101.0/24 via 192.168.100.1", "ip route add 192.168.102.0/23 via 192.168.100.130", "ip route add 192.168.200.0/21 via 192.168.100.1", "ip rule add from 192.168.100.31 table private", "ip route add 192.168.100.0/24 src 192.168.100.31 dev eth1 table private", "ip route add default via 192.168.100.1 dev eth1 table private", "ip route flush cache"]
*******************************************
*** End octocatalog-diff on moma.softwareheritage.org

Migrated from D5800 (view on Phabricator)

Merge request reports