diff options
| author | Kjetil Orbekk <kj@orbekk.com> | 2022-10-05 06:31:38 -0400 |
|---|---|---|
| committer | Kjetil Orbekk <kj@orbekk.com> | 2022-10-05 06:31:38 -0400 |
| commit | 72292aae023e20271a82bdb28fa79e0a43795f4c (patch) | |
| tree | f90cb6d4be80b0d48022575d2bfb7a2264956424 | |
| parent | 53d0aeb2cf3e8c9d1a534c0f95352282e6509100 (diff) | |
Undo native ipv6 as it is not reliable
| -rw-r--r-- | config/router.nix | 46 |
1 files changed, 22 insertions, 24 deletions
diff --git a/config/router.nix b/config/router.nix index f5c7174..6db1255 100644 --- a/config/router.nix +++ b/config/router.nix @@ -123,7 +123,7 @@ in { # proto udp dport (5353 1900) ACCEPT; # proto tcp dport (8008 8009) ACCEPT; - interface $DEV_LAN jump logdrop; + # interface $DEV_LAN jump logdrop; } } @@ -166,8 +166,8 @@ in { chain PREROUTING { interface ${lan-dev}.30 MARK set-mark ${toString mullvadMark}; # Route HE traffic via tunnel. - saddr $NET_HE MARK set-mark ${toString heMark}; - saddr 2001:470:1f06:1194::2/64 MARK set-mark ${toString heMark}; + # saddr $NET_HE MARK set-mark ${toString heMark}; + # saddr 2001:470:1f06:1194::2/64 MARK set-mark ${toString heMark}; } } ''; @@ -204,23 +204,22 @@ in { # Wait for v4 and v6 addresses. # wait = "both"; extraConfig = '' - debug noipv6rs nohook resolv.conf interface ${wan-dev} dhcp - ipv6rs - iaid 0 - ia_pd 0//56 ${lan-dev}.100/2/64 + # ipv6rs + # iaid 0 + # ia_pd 0//56 ${lan-dev}.100/2/64 ''; runHook = '' - if [[ $reason =~ BOUND6|REBIND6 ]]; then - ip=${pkgs.iproute}/bin/ip - $ip addr add dev $interface "''${new_dhcp6_ia_pd1_prefix1}/64" || true - if [[ $new_dhcp6_ia_pd1_prefix1 != $old_dhcp6_ia_pd1_prefix1 ]]; then - $ip addr delete dev $interface "''${old_dhcp6_ia_pd1_prefix1}/64" - fi - fi + # if [[ $reason =~ BOUND6|REBIND6 ]]; then + # ip=${pkgs.iproute}/bin/ip + # $ip addr add dev $interface "''${new_dhcp6_ia_pd1_prefix1}/64" || true + # if [[ $new_dhcp6_ia_pd1_prefix1 != $old_dhcp6_ia_pd1_prefix1 ]]; then + # $ip addr delete dev $interface "''${old_dhcp6_ia_pd1_prefix1}/64" + # fi + # fi systemctl restart update-dynamic-dns.service ''; }; @@ -302,7 +301,7 @@ in { wantedBy = [ "multi-user.target" ]; path = [ pkgs.iproute ]; script = '' - ip -6 rule add from 2001:470:8e2e::/48 lookup he prio 0 || true + #ip -6 rule add from 2001:470:8e2e::/48 lookup he prio 0 || true #ip -6 route replace default dev he0 src 2001:470:8e2e:20::d table he ip -6 route flush cache ip -6 rule add fwmark ${toString heMark} table he @@ -340,10 +339,10 @@ in { } ]; routes = [ - # { - # address = "::"; - # prefixLength = 0; - # } + { + address = "::"; + prefixLength = 0; + } { address = "::"; prefixLength = 0; @@ -369,11 +368,10 @@ in { address = "172.20.100.1"; prefixLength = 24; }]; - # Use verizon address. - # ipv6.addresses = [{ - # address = "2001:470:8e2e:100::1"; - # prefixLength = 64; - # }]; + ipv6.addresses = [{ + address = "2001:470:8e2e:100::1"; + prefixLength = 64; + }]; useDHCP = false; }; networking.interfaces."${lan-dev}.30" = { |