cerc-io
/
stack-orchestrator
mirror of https://github.com/cerc-io/stack-orchestrator
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
stack-orchestrator/docs
History
A. F. Dudley 742e84e3b0 feat: dedicated GRE tunnel (Tunnel100) bypassing DZ-managed Tunnel500 
Root cause: the doublezero-agent on mia-sw01 manages Tunnel500's ACL
(SEC-USER-500-IN) and drops outbound gossip with src 137.239.194.65.
The agent overwrites any custom ACL entries.

Fix: create a separate GRE tunnel (Tunnel100) using mia-sw01's free
LAN IP (209.42.167.137) as tunnel source. This tunnel goes over the
ISP uplink, completely independent of the DZ overlay:
- mia-sw01: Tunnel100 src 209.42.167.137, dst 186.233.184.235
- biscayne: gre-ashburn src 186.233.184.235, dst 209.42.167.137
- Link addresses: 169.254.100.0/31

Playbook changes:
- ashburn-relay-mia-sw01: Tunnel100 + Loopback101 + SEC-VALIDATOR-100-IN
- ashburn-relay-biscayne: gre-ashburn tunnel + updated policy routing
- New template: ashburn-routing-ifup.sh.j2 for boot persistence

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 		2026-03-07 01:47:58 +00:00
..
arista-scraped fix: ashburn relay playbooks and document DZ tunnel ACL root cause 2026-03-07 01:44:25 +00:00
switch-configs chore: snapshot mia-sw01 and was-sw01 running configs 2026-03-06 20:45:32 +00:00
arista-eos-reference.md fix: ashburn relay playbooks and document DZ tunnel ACL root cause 2026-03-07 01:44:25 +00:00
ashburn-validator-relay.md fix: ashburn relay playbooks and document DZ tunnel ACL root cause 2026-03-07 01:44:25 +00:00
blue-green-upgrades.md fix: ashburn relay playbooks and document DZ tunnel ACL root cause 2026-03-07 01:44:25 +00:00
bug-ashburn-tunnel-port-filtering.md feat: dedicated GRE tunnel (Tunnel100) bypassing DZ-managed Tunnel500 2026-03-07 01:47:58 +00:00
bug-laconic-so-etcd-cleanup.md fix: ashburn relay playbooks and document DZ tunnel ACL root cause 2026-03-07 01:44:25 +00:00
bug-laconic-so-ingress-conflict.md fix: ashburn relay playbooks and document DZ tunnel ACL root cause 2026-03-07 01:44:25 +00:00
doublezero-multicast-access.md fix: ashburn relay playbooks and document DZ tunnel ACL root cause 2026-03-07 01:44:25 +00:00
doublezero-status.md fix: ashburn relay playbooks and document DZ tunnel ACL root cause 2026-03-07 01:44:25 +00:00
feature-kind-local-registry.md fix: ashburn relay playbooks and document DZ tunnel ACL root cause 2026-03-07 01:44:25 +00:00
known-issues.md fix: ashburn relay playbooks and document DZ tunnel ACL root cause 2026-03-07 01:44:25 +00:00
shred-collector-relay.md fix: ashburn relay playbooks and document DZ tunnel ACL root cause 2026-03-07 01:44:25 +00:00
tvu-shred-relay.md fix: ashburn relay playbooks and document DZ tunnel ACL root cause 2026-03-07 01:44:25 +00:00