| 2 Jun 2025 |
 hexa |
Defaults to true if IPMasquerade= is enabled for IPv6 or IPv6SendRA= is enabled
| 00:29:25 |
| hexa | so should be enabled on br-lan | 00:29:35 |
| hexa | but maybe not on wan | 00:29:44 |
| hexa | i tend to yolo this part | 00:30:24 |
| hexa | boot.kernel.sysctl = {
"net.ipv6.conf.all.forwarding" = lib.mkForce 1;
"net.ipv4.forward" = lib.mkForce 1;
};
| 00:30:28 |
 @saiko:knifepoint.net | systemd.network.config.networkConfig.IPv6Forwarding = true; | 00:31:26 |
 Charles | hmm i have boot.kernel.sysctl."net.ipv4.ip_forward" = "1"; lol | 00:31:52 |
| hexa | yeah, that would be the systemd-networkd equivalent | 00:31:59 |
| hexa | yeah, so feel free to grab the ipv6 one as well | 00:32:10 |
| hexa | or use the networkd knob | 00:32:14 |
| Charles | i feel like in the past when i try doing it the systemd-networkd way it doesn't work and you need both or something | 00:32:34 |
| Charles | do i need to reboot for that | 00:33:17 |
| hexa | I don't think so | 00:34:20 |
| hexa | sysctl's can be set at runtime | 00:34:29 |
| Charles | PING 2600:: (2600::) 56 data bytes
From 2601:1c1:8400:a440:10b8:f6ff:fef0:f963 icmp_seq=1 Destination unreachable: No route
| 00:34:47 |
| hexa | try something else, just to be safe 😄 | 00:35:23 |
| hexa |
Destination unreachable: No route
| 00:35:44 |
| @saiko:knifepoint.net | In reply to @charles:computer.surgery
i feel like in the past when i try doing it the systemd-networkd way it doesn't work and you need both or something there are two, you need the global option, not the one on the netdev, at least for IPv6 | 00:35:49 |
| hexa | given that you have a default route on your router | 00:35:57 |
 ElvishJerricco | IIRC ipv6 forwarding is weirder than ipv4 forwarding and you have to have both the per-interface and global settings enabled or something | 00:36:01 |
| @saiko:knifepoint.net | (same as you need to turn on conf.all.forwarding and not the interface one, or at least both) | 00:36:13 |
| @saiko:knifepoint.net | yeah | 00:36:17 |
| hexa | the reason why I just don't bother with networkd for forwarding options | 00:36:21 |
| @saiko:knifepoint.net | the global one turns all the interface ones on | 00:36:27 |
| @saiko:knifepoint.net | no, this is a kernel level thing, not networkd | 00:36:33 |
| hexa | fair | 00:36:44 |
| ElvishJerricco |
Note, unlike IPv4Forwarding=, enabling per-interface IPv6Forwarding= on two or more interfaces DOES NOT make IPv6 packets forwarded within the interfaces. This setting just controls the per-interface sysctl value, and the sysctl value is not directly correlated to whether packets are forwarded. To ensure IPv6 packets forwarded, the global setting in networkd.conf(5) needs to be enabled.
| 00:36:58 |
| ElvishJerricco | from man systemd.network | 00:37:06 |
| ElvishJerricco | but the global setting sounds like it applies by default to all interfaces | 00:37:42 |
| ElvishJerricco | so I dunno why you'd need the per-interface one too | 00:37:50 |
