Add ifstated to home gw hosts

group_vars/gw.yml

@@ -18,3 +18,6 @@ network_ether_interfaces:
 
 # use custom firewall config
 firewall_src: pf.conf.gw_home
+
+# ifstated config
+ifstated_config: ifstated-home.conf.j2

playbooks/gw.yml

@@ -11,6 +11,7 @@
 
   roles:
     - base
+    - ifstated
 
   tasks:
     - name: use configured dns servers and domain name

roles/ifstated/templates/ifstated-home.conf.j2

@@ -0,0 +1,49 @@
+
+init-state auto
+
+if_carp_up="carp1.link.up"
+if_carp_down="carp1.link.down"
+
+state auto {
+    if $if_carp_up {
+        set-state master
+    }
+    if $if_carp_down {
+        set-state backup
+    }
+}
+
+state master {
+    init {
+        # spoof mac to keep dhcp lease in sync with both gw's
+        run "/sbin/ifconfig vio1 lladdr {{ gw_home_mac }} up"
+        # flush routes and run dhclient and dhcpcd
+        run "/sbin/route -qn flush"
+        run "/sbin/dhclient vio1"
+        #run "/sbin/rcctl restart dhcpcd > /dev/null"
+        # reset firewall rules
+        run "pfctl -f /etc/pf.conf"
+    }
+    if $if_carp_down {
+        set-state backup
+    }
+}
+
+state backup {
+    init {
+        # kill dhclient (TODO: better command for this)
+        run "pkill -9 dhclient"
+        # bring down interface and reset mac
+        run "/sbin/ifconfig vio1 delete lladdr {{ gw_home_mac }} down"
+        # flush routes and fix default route
+        run "/sbin/route -qn flush"
+{% if inventory_hostname == "gw01.home.foo.sh" %}
+        run "/sbin/route -qn add default 172.20.21.2"
+{% elif inventory_hostname == "gw02.home.foo.sh" %}
+        run "/sbin/route -qn add default 172.20.21.1"
+{% endif %}
+    }
+    if $if_carp_up {
+        set-state master
+    }
+}