swann: use IPv6 endpoint for tuvok over EE
EE uses CGNAT on IPv4, which makes this... less than ideal. However, IPv6 is IPv6 and works pretty reasonably.
This commit is contained in:
parent
edfc04551a
commit
4bb015ee0d
1 changed files with 13 additions and 2 deletions
|
@ -110,8 +110,17 @@ in {
|
|||
{ priority = 10024; v6 = "to 2a09:a441::1:0/112 table main"; }
|
||||
{ priority = 10025; v6 = "to 2a09:a441::2:0/112 table main"; }
|
||||
|
||||
# And the Google VIP I'm (ab)using for Stadia (see CoreDNS below).
|
||||
{ priority = 10030; v4 = "to 216.239.38.120/32 table main"; }
|
||||
|
||||
# add-on.ee.co.uk goes via EE.
|
||||
{ priority = 10031; v4 = "to 82.192.97.153/32 table 201"; }
|
||||
|
||||
# Anything originating from 192.168.200.0/24 should go via EE too.
|
||||
{ priority = 10032; v4 = "from 192.168.200.0/24 table 201"; }
|
||||
|
||||
# Everything else over WG.
|
||||
{ priority = 10030; both = "table 150"; }
|
||||
{ priority = 10099; both = "table 150"; }
|
||||
];
|
||||
clearRules = map (x: ''
|
||||
ip -4 rule del priority ${toString x} >/dev/null 2>&1 || true
|
||||
|
@ -159,6 +168,7 @@ in {
|
|||
"net.ipv6.conf.default.forwarding" = "1";
|
||||
"net.ipv6.conf.all.forwarding" = "1";
|
||||
"net.ipv6.conf.en-virginmedia.accept_ra" = "2";
|
||||
"net.ipv6.conf.en-ee.accept_ra" = "2";
|
||||
};
|
||||
networking.nat = {
|
||||
enable = true;
|
||||
|
@ -249,7 +259,7 @@ in {
|
|||
listenPort = 51821;
|
||||
privateKey = secrets.wireguard.tuvok-swann.swann.privateKey;
|
||||
peers = [(peerBase // {
|
||||
endpoint = "92.118.28.252:51821";
|
||||
endpoint = "[2a09:a441::f00f]:51821";
|
||||
publicKey = secrets.wireguard.tuvok-swann.tuvok.publicKey;
|
||||
})];
|
||||
postSetup = ''
|
||||
|
@ -353,6 +363,7 @@ in {
|
|||
block
|
||||
}
|
||||
hosts /dev/null {
|
||||
216.239.38.120 stadia.google.com stadia.com
|
||||
fallthrough
|
||||
}
|
||||
loadbalance
|
||||
|
|
Loading…
Reference in a new issue