| 5 Jun 2021 |
 ElvishJerricco | I suppose the rpi cm4 has a pcie slot, and is still reasonably cheap. Is there a good cheap card for this? | 00:31:27 |
 hexa | personally I roll with openwrt | 00:31:28 |
| hexa | you'd probably want mpcie or m.2, there's lots of cards out there | 00:32:02 |
| hexa | I can recommend ath9k/ath10k/mt76 | 00:32:13 |
| hexa | everything else is messy and not well supported | 00:32:27 |
 Church | In reply to @antifuchs:asf.computer
hah, I've been wanting to set up a nice dedicated router for my home network with nix... it seems like a very good match The apu2e4 is a great machine for it. | 00:33:27 |
| hexa | but stuck with minipcie | 00:33:34 |
| hexa | and you'd need two radios for dualband wifi | 00:33:42 |
| hexa | and that sets you back like ~215 € | 00:33:55 |
| hexa | there is no nice case with enough external antenna slots | 00:34:35 |
| hexa | there is one, it isn't too nice :D | 00:34:42 |
| Church | Okay stupid question because my networking is weak.
Is there a manner to specify forwarding all traffic destinated for a port to/through an address first?
Have a wg peer connected to my router I want to forward all traffic destined for port 25 to from another machine.
So machine A -> router -> wg peer ip | 00:35:10 |
| hexa | (my home wifi is an apu2c4 with a compex wle600vx) | 00:35:14 |
| Church | Same except a unifi AP for wireless | 00:35:37 |
| Church | Nice little beast | 00:35:46 |
| hexa | flag it with fwmark in iptables, do policy routing based on that mark, add a route to the relvent table | 00:35:54 |
 Zhaofeng Li | Had an expressobin (2x Cortex A53) as the home router, wasn't able to saturate gigabit with the iptables rules and stuff that I had 🙁 | 00:36:10 |
| Church | Okay time to go look up how to do that | 00:36:19 |
| Zhaofeng Li | And then I stayed away from low-powered devices like that | 00:36:29 |
| hexa | not quite the A76 we're hoping for | 00:36:31 |
| Church | Wonder if I just bother danderson for it heh | 00:36:32 |
| Church | Okay seems simple from memory. Now to try it out heh | 00:37:55 |
| hexa | iptables -A prerouting -t mangle -i wg0 -p tcp --dport 25 --jump MARK --set-mark 1 | 00:38:18 |
| hexa | ip rule add priority 100 fwmark 0x1 lookup 100 | 00:38:50 |
| hexa | ip route add default via 192.0.2.1 table 100 | 00:39:06 |
| hexa | (in imperative speak) | 00:39:10 |
| hexa | my worst enemy is ia_pd in networkd, can never get it work the first try | 00:44:17 |
| ElvishJerricco | It'd be nice if there was a wireless card intended for DIY'ers who just want to build an access point :P Give me two radios and no bluetooth on one pcie card... | 00:45:55 |
| hexa | Upstream:
[Match]
Name=ppp0
[Link]
RequiredForOnline=routable
[Network]
DHCP=ipv6
IPv6AcceptRA=true
KeepConfiguration=true
[DHCPv6]
PrefixDelegationHint=::/56
[IPv6SendRA]
Managed=true
Downstream
[Match]
Name=vlan100
[Link]
RequiredForOnline=routable
[Network]
ConfigureWithoutCarrier=true
DHCPv6PrefixDelegation=true
IPv6AcceptRA=false
IPv6SendRA=true
Address=192.168.178.1/24
Address=fe80::1/64
[DHCPv6PrefixDelegation]
SubnetId=64
[IPv6SendRA]
DNS=fe80::1
EmitDNS=true
RouterLifetimeSec=300
| 00:46:29 |
| hexa | and networkd doesn't ask the upstream for a prefix delegation | 00:47:07 |
