From 9dfb1d205dbca9ecf0bdc9ce2b66c1eb5c64fdfc Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Sat, 17 Jul 2021 14:29:04 +0000 Subject: [PATCH] ops/nixos/lib/bgp: disable rp filtering on hosts running BGP --- ops/nixos/lib/bgp.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/ops/nixos/lib/bgp.nix b/ops/nixos/lib/bgp.nix index 052f1eb23c..e979a70edc 100644 --- a/ops/nixos/lib/bgp.nix +++ b/ops/nixos/lib/bgp.nix @@ -214,6 +214,7 @@ in { }; networking.firewall.allowedTCPPorts = lib.mkIf config.services.lukegbgp.enable (lib.mkAfter [ 179 ]); + networking.firewall.checkReversePath = false; boot.kernel.sysctl = { "net.ipv6.conf.default.accept_ra" = 0;