diff options
| author | Kjetil Orbekk <kj@orbekk.com> | 2022-10-02 19:48:26 -0400 |
|---|---|---|
| committer | Kjetil Orbekk <kj@orbekk.com> | 2022-10-02 19:48:26 -0400 |
| commit | c39c3ed112a8bb44b98c732d10ba653c5fa0f304 (patch) | |
| tree | ed38aa4df82b8f542bd7589f3005abb2795e64d4 | |
| parent | 7a8346d8f664808c7d4aaa344cf29d1ca3ed4686 (diff) | |
verizon ipv6
| -rw-r--r-- | config/router.nix | 43 |
1 files changed, 25 insertions, 18 deletions
diff --git a/config/router.nix b/config/router.nix index 52a7a44..92c2a5d 100644 --- a/config/router.nix +++ b/config/router.nix @@ -48,10 +48,6 @@ in { script = toString ../tools/update-dns.sh; }; - networking.dhcpcd.runHook = '' - systemctl restart update-dynamic-dns.service - ''; - networking.firewall = { enable = lib.mkForce false; allowedTCPPorts = lib.mkForce [ ]; @@ -142,7 +138,7 @@ in { interface $DEV_UNTRUSTED_LAN outerface $DEV_WAN ACCEPT; interface $DEV_LAN ACCEPT; - jump logdrop; + # jump logdrop; } } @@ -213,9 +209,19 @@ in { nohook resolv.conf interface ${wan-dev} dhcp - # ipv6rs - # iaid 0 - # ia_pd 0//56 ${lan-dev}.100/2/64 + ipv6rs + iaid 0 + ia_pd 0//56 ${lan-dev}.100/2/64 + ''; + runHook = '' + if [[ $reason =~ BOUND6|REBIND6 ]]; then + ip=${pkgs.iproute}/bin/ip + $ip addr add dev $interface "''${new_dhcp6_ia_pd1_prefix1}/64" || true + if [[ $new_dhcp6_ia_pd1_prefix1 != $old_dhcp6_ia_pd1_prefix1 ]]; then + $ip addr delete dev $interface "''${old_dhcp6_ia_pd1_prefix1}/64" + fi + fi + systemctl restart update-dynamic-dns.service ''; }; systemd.services.dhcpcd = { @@ -290,9 +296,9 @@ in { wantedBy = [ "multi-user.target" ]; path = [ pkgs.iproute ]; script = '' - #ip -6 rule add from 2001:470:8e2e::/48 lookup he prio 0 || true + ip -6 rule add from 2001:470:8e2e::/48 lookup he prio 0 || true #ip -6 route replace default dev he0 src 2001:470:8e2e:20::d table he - #ip -6 route flush cache + ip -6 route flush cache ip -6 rule add fwmark ${toString heMark} table he ''; }; @@ -328,10 +334,10 @@ in { } ]; routes = [ - { - address = "::"; - prefixLength = 0; - } + # { + # address = "::"; + # prefixLength = 0; + # } { address = "::"; prefixLength = 0; @@ -357,10 +363,11 @@ in { address = "172.20.100.1"; prefixLength = 24; }]; - ipv6.addresses = [{ - address = "2001:470:8e2e:100::1"; - prefixLength = 64; - }]; + # Use verizon address. + # ipv6.addresses = [{ + # address = "2001:470:8e2e:100::1"; + # prefixLength = 64; + # }]; useDHCP = false; }; networking.interfaces."${lan-dev}.30" = { |