blade-tuvok: add the forced-MAC's LL address

This commit is contained in:
Luke Granger-Brown 2022-01-30 17:54:59 +00:00
parent 947d959cfe
commit 1cd0963bf5

View file

@ -37,6 +37,11 @@ in {
ip -n wg-endpoint route add default via 2a09:a441::1 ip -n wg-endpoint route add default via 2a09:a441::1
ip netns exec wg-endpoint ${pkgs.procps}/bin/sysctl net.ipv4.ip_forward=1 net.ipv6.conf.all.forwarding=1 net.ipv6.conf.default.forwarding=1 ip netns exec wg-endpoint ${pkgs.procps}/bin/sysctl net.ipv4.ip_forward=1 net.ipv6.conf.all.forwarding=1 net.ipv6.conf.default.forwarding=1
) )
# We are forcing the MAC on vl-linx to be something particular,
# but we also need to add the corresponding LL address.
# This is cursed.
ip -6 addr add fe80::e611:5bff:feac:e400/64 dev vl-linx &>/dev/null || true
''; '';
nat.extraCommands = '' nat.extraCommands = ''
iptables -w -t nat -A nixos-nat-post -m mark --mark 0x1 -o vl-linx -j SNAT --to-source 92.118.28.1 iptables -w -t nat -A nixos-nat-post -m mark --mark 0x1 -o vl-linx -j SNAT --to-source 92.118.28.1