| 1 Jul 2025 |
 xanderio | Hey, i'm currently hitting this issue (https://github.com/NixOS/nixpkgs/issues/380987) where systems using systemd-resolved resolve there FQDN to 127.0.0.2 which break services on that system trying to contact other services on the same host. This bug is included in 25.05.
I'm currently in the process on rebasing and trying to fix the outstanding issues with https://github.com/NixOS/nixpkgs/issues/132646. | 12:15:59 |
 hexa | I run babeld with tunnel type, which uses an RTT based metric https://bird.network.cz/?get_doc&v=20&f=bird.html#toc6.2 | 12:19:04 |
| hexa | as defined in https://datatracker.ietf.org/doc/rfc9616/ | 12:19:24 |
| hexa | congestion causes delay, which will deprioritize a path | 12:19:38 |
| hexa | i would suggest staying away from something as static as OSPF for private use | 12:19:50 |
 magic_rb | Related note, say i ran bird on top of wireguard. Bird adjusts routing tables so it will still end up using the inkernel wireguard implementation right | 12:23:57 |
| magic_rb | Yeah both babeld and bird just create a mesh on top of the existing wireguard network by adjusting routes | 12:26:25 |
| magic_rb | Interesting | 12:26:26 |
| hexa | wireguard just provides a transfer network, just make sure AllowedIPs= does not block the traffic you intend to send over it | 12:27:50 |
| magic_rb | Mhm yeah thats how i understood things too, cool, maybe one day | 12:28:58 |
 Zhaofeng Li | Yeah, AllowedIPs is a pain for dynamic routing... each edge in my mesh is on a separate interface with AllowedIPs=::/0 | 12:40:54 |
| hexa | yeah, same here | 12:41:08 |
| xanderio | Ok after looking deeper into this issue, I'm not convinced that this is the initial networking issue i've assumed. The more I look into this the more confused I get. | 12:58:52 |
| Zhaofeng Li | actually I was thinking of modifying the wireguard client to have a fake ethernet header that's solely used to select the peer 🙃 | 13:01:16 |
| Zhaofeng Li | but I never got to do it, and being able to see the peer name in bird (since it's the interface name) is a nice side-effect of having separate interfaces | 13:02:58 |
| xanderio | I thing the issue is that the nginx on that host is configured to listen on "localhost" and not on 0.0.0.0. This probably cases this issue. Fun times debugging this 🫠| 13:16:02 |
|  shx228 joined the room. | 19:17:09 |
| Zhaofeng Li | Is there a netbox alternative by any chance? Somehow every time I try to upgrade this thing, it ends up in disaster... 🙃 | 20:32:35 |
| hexa | sheets | 20:33:53 |
| Zhaofeng Li | like... literally google sheets? | 20:36:47 |
| hexa | the answer is … not really, no great solutions | 20:44:36 |
| hexa | so write your small number of things into a document with a structure that works for you | 20:44:53 |
| hexa | setting up a netbox for private use is usually overkill | 20:45:04 |
| magic_rb | In reply to @zhaofeng:zhaofeng.li
Is there a netbox alternative by any chance? Somehow every time I try to upgrade this thing, it ends up in disaster... 🙃 https://github.com/oddlama/nix-topology may work for you | 20:51:33 |
| Zhaofeng Li | interesting, might give it a try as an additional tool | 20:55:20 |
| Zhaofeng Li | but I'm specifically looking for a IP management tool | 20:55:42 |
| hexa | i use a plain text file for that 😄 | 20:56:20 |
| Zhaofeng Li | I don't really use many of netbox's features besides ipam | 20:56:20 |
| hexa | 172.23.42.0/28 fd42:23:42::/52
172.23.42.1 fd42:23:42:b100::/56 juno
172.23.42.2 fd42:23:42:b200::/56 snafu
172.23.42.3 fd42:23:42:b300::/56 ganymede
172.23.42.4 fd42:23:42:b400::/56 helios
172.23.42.5 fd42:23:42:b500::/56 eris
172.23.42.8 fd42:23:42:b800::/56 io
172.23.42.9 fd42:23:42:b900::/56 nyx
172.23.42.10 fd42:23:42:ba00::/56 helix
172.23.42.11 fd42:23:42:bb00::/56 titan
172.23.42.64/26 fd42:23:42:100::/64 io LAN
172.23.42.128/26 fd42:23:42:110::/64 io WLAN
172.23.42.224/31 fd23:42:ff00::/64
172.23.42.224 fd42:23:42:ff00::1 io
172.23.42.225 fd42:23:42:ff00::2 ganymede
172.23.42.226/31 fd42:23:42:ff01::/64
172.23.42.226 fd42:23:42:ff01::1 io
172.23.42.227 fd42:23:42:ff01::2 juno
172.23.42.228/31 fd42:23:42:ff02::/64
172.23.42.228 fd42:23:42:ff02::1 ganymede
172.23.42.229 fd42:23:42:ff02::2 pixel3a
172.23.42.230/31 fd42:23:42:ff03::/64
172.23.42.230 fd42:23:42:ff03::1 ganymede
172.23.42.231 fd42:23:42:ff03::2 juno
172.23.42.232/31 fd42:23:42:ff04::/64
172.23.42.232 fd42:23:42:ff04::1 ganymede
172.23.42.233 fd42:23:42:ff04::2 helios
172.23.42.234/31 fd42:23:42:ff05::/64
free
172.23.42.236/31 fd42:23:42:ff06::/64
172.23.42.236 fd42:23:42:ff06::1 ganymede
172.23.42.237 fd42:23:42:ff06::2 titan
172.23.42.238/31 fd42:23:42:ff07::/64
172.23.42.238 fd42:23:42:ff07::1 juno
172.23.42.239 fd42:23:42:ff07::2 helios
172.23.42.240/31 fd42:23:42:ff08::/64
172.23.42.240 fd42:23:42:ff08::1 juno
172.23.42.241 fd42:23:42:ff08::2 nyx
172.23.42.242/31 fd42:23:42:ff09::/64
free
172.23.42.244/31 fd42:23:42:ff0a::/64
free
172.23.42.246/31 fd42:23:42:ff0b::/64
172.23.42.246 fd42:23:42:ff0b::1 ganymede
172.23.42.247 fd42:23:42:ff0b::2 nyx
| 20:57:00 |
| hexa | well, this is wildly outdated | 20:57:18 |
