diff --git a/ops/nixos/blade-tuvok/default.nix b/ops/nixos/blade-tuvok/default.nix
index 29a2973f8c..0294c1649c 100644
--- a/ops/nixos/blade-tuvok/default.nix
+++ b/ops/nixos/blade-tuvok/default.nix
@@ -37,6 +37,11 @@ in {
         ip -n wg-endpoint route add default via 2a09:a441::1
         ip netns exec wg-endpoint ${pkgs.procps}/bin/sysctl net.ipv4.ip_forward=1 net.ipv6.conf.all.forwarding=1 net.ipv6.conf.default.forwarding=1
       )
+
+      # We are forcing the MAC on vl-linx to be something particular,
+      # but we also need to add the corresponding LL address.
+      # This is cursed.
+      ip -6 addr add fe80::e611:5bff:feac:e400/64 dev vl-linx &>/dev/null || true
     '';
     nat.extraCommands = ''
       iptables -w -t nat -A nixos-nat-post -m mark --mark 0x1 -o vl-linx -j SNAT --to-source 92.118.28.1