stack-orchestrator

Go to file

A. F. Dudley 6841d5e3c3 feat: ashburn validator relay playbooks Three playbooks for routing all validator traffic through 137.239.194.65: - was-sw01: Loopback101 + PBR redirect on Et1/1 (already applied/committed) Will be simplified to a static route in next iteration. - mia-sw01: ACL permit for src 137.239.194.65 on Tunnel500 + default route in vrf1 via egress-vrf default to was-sw01 backbone. No PBR needed — per-tunnel ACLs already scope what enters vrf1. - biscayne: DNAT inbound (137.239.194.65 → kind node), SNAT + policy routing outbound (validator sport 8001,9000-9025 → doublezero0 GRE). Inbound already applied. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-06 21:08:48 +00:00
docs/switch-configs	chore: snapshot mia-sw01 and was-sw01 running configs	2026-03-06 20:45:32 +00:00
playbooks	feat: ashburn validator relay playbooks	2026-03-06 21:08:48 +00:00

A. F. Dudley 6841d5e3c3 feat: ashburn validator relay playbooks

Three playbooks for routing all validator traffic through 137.239.194.65:

- was-sw01: Loopback101 + PBR redirect on Et1/1 (already applied/committed)
  Will be simplified to a static route in next iteration.

- mia-sw01: ACL permit for src 137.239.194.65 on Tunnel500 + default route
  in vrf1 via egress-vrf default to was-sw01 backbone. No PBR needed —
  per-tunnel ACLs already scope what enters vrf1.

- biscayne: DNAT inbound (137.239.194.65 → kind node), SNAT + policy
  routing outbound (validator sport 8001,9000-9025 → doublezero0 GRE).
  Inbound already applied.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-06 21:08:48 +00:00

docs/switch-configs

chore: snapshot mia-sw01 and was-sw01 running configs

2026-03-06 20:45:32 +00:00

playbooks

feat: ashburn validator relay playbooks

2026-03-06 21:08:48 +00:00