From 1cd0963bf5fb4a6af428324d1e11ff44fd9727f8 Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Sun, 30 Jan 2022 17:54:59 +0000 Subject: [PATCH] blade-tuvok: add the forced-MAC's LL address --- ops/nixos/blade-tuvok/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/ops/nixos/blade-tuvok/default.nix b/ops/nixos/blade-tuvok/default.nix index 29a2973f8c..0294c1649c 100644 --- a/ops/nixos/blade-tuvok/default.nix +++ b/ops/nixos/blade-tuvok/default.nix @@ -37,6 +37,11 @@ in { ip -n wg-endpoint route add default via 2a09:a441::1 ip netns exec wg-endpoint ${pkgs.procps}/bin/sysctl net.ipv4.ip_forward=1 net.ipv6.conf.all.forwarding=1 net.ipv6.conf.default.forwarding=1 ) + + # We are forcing the MAC on vl-linx to be something particular, + # but we also need to add the corresponding LL address. + # This is cursed. + ip -6 addr add fe80::e611:5bff:feac:e400/64 dev vl-linx &>/dev/null || true ''; nat.extraCommands = '' iptables -w -t nat -A nixos-nat-post -m mark --mark 0x1 -o vl-linx -j SNAT --to-source 92.118.28.1