shinobu/router: Fix IPv6 networking

Previously, I did not have IPv6 upstream, so even a wrong configuration
worked. Now it uses a different routing table for IPv4 and IPv6, so it
also works on dual-stack upstreams.

However, how it worked without IPv6 forwarding enabled, is still a
mystery to me.
nazuna
Simon Bruder 2023-09-11 08:15:33 +02:00
parent 09a9037f1c
commit aa85febe12
Signed by: simon
GPG Key ID: 8D3C82F9F309F8EC
1 changed files with 13 additions and 0 deletions

View File

@ -46,6 +46,7 @@ in
boot.kernel.sysctl = { boot.kernel.sysctl = {
"net.ipv4.conf.all.forwarding" = true; "net.ipv4.conf.all.forwarding" = true;
"net.ipv6.conf.all.forwarding" = true;
}; };
networking = { networking = {
@ -215,6 +216,7 @@ in
routingPolicyRules = [ routingPolicyRules = [
{ {
routingPolicyRuleConfig = { routingPolicyRuleConfig = {
Family = "both"; # default is only ipv4
FirewallMark = 51820; FirewallMark = 51820;
InvertRule = "yes"; InvertRule = "yes";
Table = 51820; Table = 51820;
@ -224,18 +226,28 @@ in
} }
# FIXME: those two shouldnt be necessary # FIXME: those two shouldnt be necessary
# It should automatically detect those routes existing and prioritise them # It should automatically detect those routes existing and prioritise them
# LAN (v4)
{ {
routingPolicyRuleConfig = { routingPolicyRuleConfig = {
To = "10.80.0.0/24"; To = "10.80.0.0/24";
Priority = 9; Priority = 9;
}; };
} }
# LAN (v6)
{
routingPolicyRuleConfig = {
To = "fd00:80:1::/64";
Priority = 9;
};
}
# wg-home
{ {
routingPolicyRuleConfig = { routingPolicyRuleConfig = {
To = "10.80.1.0/24"; To = "10.80.1.0/24";
Priority = 9; Priority = 9;
}; };
} }
# vueko (v4) for wg-home
{ {
routingPolicyRuleConfig = { routingPolicyRuleConfig = {
To = "168.119.176.53"; To = "168.119.176.53";
@ -262,6 +274,7 @@ in
{ {
routeConfig = { routeConfig = {
Gateway = "::"; Gateway = "::";
Table = 51820;
}; };
} }
]; ];