| 2 Jun 2025 |
 hexa | well it means it terminates locally | 00:25:22 |
| hexa | it doesn't send traffic toward it over wAN | 00:25:28 |
| hexa | * it doesn't send traffic toward it over WAN | 00:25:30 |
 Charles | ah | 00:25:36 |
| hexa | and now you configure more specific routes and they'll get preferred | 00:25:51 |
| hexa | but the unreachable route is the fallback for all unrouted addresses in that /60 | 00:26:08 |
| hexa | and now you have a /64 on br-lan | 00:26:39 |
| hexa | and with IPv6SendRA, that should be everything needed to get started | 00:27:02 |
| Charles | yeah, i have this on my desktop now:
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether c8:7f:54:08:e0:65 brd ff:ff:ff:ff:ff:ff
altname enp10s0
altname enxc87f5408e065
inet 192.168.0.125/24 brd 192.168.0.255 scope global dynamic noprefixroute eno1
valid_lft 2837sec preferred_lft 2837sec
inet6 2601:1c1:8400:a440:9429:7b29:796:713c/64 scope global temporary dynamic
valid_lft 3182sec preferred_lft 1382sec
inet6 2601:1c1:8400:a440:5147:4347:6751:f7ca/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 3182sec preferred_lft 1382sec
inet6 fe80::b8a:6432:e26c:787c/64 scope link noprefixroute
valid_lft forever preferred_lft forever
| 00:27:17 |
| hexa | ping 2600:: | 00:27:31 |
| Charles | ┌─[~]
└─[charles@compy]$ dig AAAA google.com +short
2607:f8b0:400a:80a::200e
┌─[~]
└─[charles@compy]$ ip route get 2607:f8b0:400a:806::200e
2607:f8b0:400a:806::200e from :: via fe80::10b8:f6ff:fef0:f963 dev eno1 proto ra src 2601:1c1:8400:a440:9429:7b29:796:713c metric 100 pref medium
and curl -6 google.com hangs and then times out lol
| 00:27:44 |
| hexa | heh 😄 | 00:28:00 |
| hexa | the question is where does it hang | 00:28:10 |
| Charles | unsurprisingly, 100% packet loss | 00:28:15 |
| Charles | maybe i need to adjust my nftables rules | 00:28:37 |
| hexa | possibly | 00:28:43 |
| hexa | or enabled forward in sysctl | 00:28:49 |
| hexa | https://www.freedesktop.org/software/systemd/man/latest/systemd.network.html#IPv6Forwarding= | 00:29:06 |
| Charles | i assumed that that isn't necessary for ipv6 for some reason | 00:29:11 |
| hexa |
Defaults to true if IPMasquerade= is enabled for IPv6 or IPv6SendRA= is enabled
| 00:29:25 |
| hexa | so should be enabled on br-lan | 00:29:35 |
| hexa | but maybe not on wan | 00:29:44 |
| hexa | i tend to yolo this part | 00:30:24 |
| hexa | boot.kernel.sysctl = {
"net.ipv6.conf.all.forwarding" = lib.mkForce 1;
"net.ipv4.forward" = lib.mkForce 1;
};
| 00:30:28 |
 @saiko:knifepoint.net | systemd.network.config.networkConfig.IPv6Forwarding = true; | 00:31:26 |
| Charles | hmm i have boot.kernel.sysctl."net.ipv4.ip_forward" = "1"; lol | 00:31:52 |
| hexa | yeah, that would be the systemd-networkd equivalent | 00:31:59 |
| hexa | yeah, so feel free to grab the ipv6 one as well | 00:32:10 |
| hexa | or use the networkd knob | 00:32:14 |
| Charles | i feel like in the past when i try doing it the systemd-networkd way it doesn't work and you need both or something | 00:32:34 |
