swann: use IPv6 endpoint for tuvok over EE

EE uses CGNAT on IPv4, which makes this... less than ideal. However, IPv6 is
IPv6 and works pretty reasonably.
This commit is contained in:
Luke Granger-Brown 2021-09-03 12:40:52 +00:00
parent edfc04551a
commit 4bb015ee0d

View file

@ -110,8 +110,17 @@ in {
{ priority = 10024; v6 = "to 2a09:a441::1:0/112 table main"; } { priority = 10024; v6 = "to 2a09:a441::1:0/112 table main"; }
{ priority = 10025; v6 = "to 2a09:a441::2:0/112 table main"; } { priority = 10025; v6 = "to 2a09:a441::2:0/112 table main"; }
# And the Google VIP I'm (ab)using for Stadia (see CoreDNS below).
{ priority = 10030; v4 = "to 216.239.38.120/32 table main"; }
# add-on.ee.co.uk goes via EE.
{ priority = 10031; v4 = "to 82.192.97.153/32 table 201"; }
# Anything originating from 192.168.200.0/24 should go via EE too.
{ priority = 10032; v4 = "from 192.168.200.0/24 table 201"; }
# Everything else over WG. # Everything else over WG.
{ priority = 10030; both = "table 150"; } { priority = 10099; both = "table 150"; }
]; ];
clearRules = map (x: '' clearRules = map (x: ''
ip -4 rule del priority ${toString x} >/dev/null 2>&1 || true ip -4 rule del priority ${toString x} >/dev/null 2>&1 || true
@ -159,6 +168,7 @@ in {
"net.ipv6.conf.default.forwarding" = "1"; "net.ipv6.conf.default.forwarding" = "1";
"net.ipv6.conf.all.forwarding" = "1"; "net.ipv6.conf.all.forwarding" = "1";
"net.ipv6.conf.en-virginmedia.accept_ra" = "2"; "net.ipv6.conf.en-virginmedia.accept_ra" = "2";
"net.ipv6.conf.en-ee.accept_ra" = "2";
}; };
networking.nat = { networking.nat = {
enable = true; enable = true;
@ -249,7 +259,7 @@ in {
listenPort = 51821; listenPort = 51821;
privateKey = secrets.wireguard.tuvok-swann.swann.privateKey; privateKey = secrets.wireguard.tuvok-swann.swann.privateKey;
peers = [(peerBase // { peers = [(peerBase // {
endpoint = "92.118.28.252:51821"; endpoint = "[2a09:a441::f00f]:51821";
publicKey = secrets.wireguard.tuvok-swann.tuvok.publicKey; publicKey = secrets.wireguard.tuvok-swann.tuvok.publicKey;
})]; })];
postSetup = '' postSetup = ''
@ -353,6 +363,7 @@ in {
block block
} }
hosts /dev/null { hosts /dev/null {
216.239.38.120 stadia.google.com stadia.com
fallthrough fallthrough
} }
loadbalance loadbalance