| 22 Nov 2025 |
 raboof | yeah sysctl net.ipv4.conf | grep filter is all zero's | 16:45:33 |
 hexa | the term here is martian | 16:45:55 |
| hexa | I would probably put both links into a distinct vrf | 16:46:12 |
| hexa | because when you ping 192.168.1.212 hat happens is that a lookup for the return path might short-circuit and go over the ethernet link | 16:46:50 |
| hexa | * because when you ping 192.168.1.212 what happens is that a lookup for the return path might short-circuit and go over the ethernet link | 16:47:00 |
| hexa | does the kernel still log martian packets to dmesg? 🤔 | 16:47:15 |
| raboof | not sure, dmesg is pretty quiet on this machine at least | 16:47:55 |
| raboof | ha, disabling networking.firewall.checkReversePath seems to have done the trick :). thanks for pointing in that general direction | 16:56:40 |
| hexa | yeah, same shit, different stack | 16:59:12 |
| raboof | 
Download out.png | 17:06:17 |
| raboof | yay | 17:06:20 |
| hexa | why aren't you buying into orb instead? https://orb.net/ | 17:37:02 |
| hexa | (anyway, I think they're a nice product to take inspiration from) | 17:37:33 |
| raboof | Neat, never seen it before. Yeah I thought "I'll just throw something together real fast". A blackbox-exporter patch, autossh conflicting with nixos-rebuilder-ng and this rp thing later it didn't quite turn out like that, but still enjoying the learning 😊 | 18:40:48 |
 elisaado | the topic mentions "do not rely on networking.*", why is that? networking. options are so comfy :( | 23:02:45 |
 Tom | From my understanding: networking.* (without the networking.useNetworkd Option which is problematic in itself) is a bunch of scripts and systemd services which try to configure networking. It's just not the way to do it and networkd and networkmanager will be more robust. | 23:27:26 |
| hexa | nobody really maintains those scripts | 23:28:51 |
| hexa | and they don't keep pace with the network management tools out there | 23:29:04 |
| hexa | and in fact no other reasonable distro does this | 23:30:26 |
| hexa | debian did this with ifupdown, but that's largely a legacy project | 23:30:33 |
| hexa | and ubuntu doubled down on another abstraction layer with netplan | 23:30:43 |
| hexa | for headless setups we have networkd and ifstate | 23:31:13 |
| hexa | and for headful ones the only reasonable contender is networkmanager | 23:31:31 |
| hexa | mellanox did develop ifupdown2, which provided ifreload for gradual migrations between old and new config, really neat | 23:32:03 |
| hexa | * cumulus did develop ifupdown2, which provided ifreload for gradual migrations between old and new config, really neat | 23:32:13 |
| hexa | not sure how well maintained it is these days, but it builds upon the config format established by ifupdown itself, which is … not so nice | 23:33:01 |
| hexa | https://github.com/CumulusNetworks/ifupdown2 | 23:33:02 |
| hexa | and of course there is ifupdown-ng (e.g. provided on alpine) in that ifupdown lineage https://github.com/ifupdown-ng/ifupdown-ng | 23:34:00 |
| hexa | I haven't seen anyone ask for the last two tbh | 23:34:12 |
| hexa | https://github.com/NixOS/nixpkgs/issues/238159 | 23:34:35 |
