| 18 Nov 2025 |
|  jopejoe1 (4094@39c3) changed their display name from jopejoe1 to jopejoe1 (4049@39c3). | 20:16:43 |
| jopejoe1 (4094@39c3) changed their display name from jopejoe1 (4049@39c3) to jopejoe1 (4094@39c3). | 20:18:11 |
| 19 Nov 2025 |
 elisaado | oh fun, did it work well? | 02:02:39 |
 Nico | In reply to @autiboy:matrix.mautiweb.net
How do you all have it setup? Combination of IfState for interface configuration (supports network namespaces and vrf's), nftables and frr for dynamic routing
I also run it in a BPI-R4 similar to K900, but I haven't finished this project yet... Wifi not working yet | 08:05:20 |
 magic_rb | My flatmate flashed openwrt on my bpi-r4... | 08:06:21 |
| magic_rb | boring | 08:06:33 |
 jappie | it was good enough, wired worked fine, wifi was of course not the fastest and the signal didn't reach the shared accommodation, but it was a fun project and I didn't have any real outages / things going wrong | 08:22:53 |
 kraftnix | custom built 5600ge with lots of extra 10Gb NICs, systemd-networkd /w bridges, vlans, policy routing, nftables fw, coredns + blocky for dns, dnsmasq for dhcp, runs some extra/misc nspawn containers due to extra capacity, also a locked down caddy which fronts all the misc access point, managed switch etc. web interfaces so they are easier to access (including from my wireguard) | 15:21:50 |
|  josqu4red joined the room. | 22:29:08 |
| 20 Nov 2025 |
|  mocrate joined the room. | 01:12:35 |
|  John joined the room. | 04:51:19 |
|  Yevhen Zhyhalo joined the room. | 16:08:34 |
|  skorpy (she/her) changed their display name from skorpy (she/her or none) 🏳️⚧️ to skorpy (she/her). | 17:12:29 |
| 21 Nov 2025 |
|  isabel changed their profile picture. | 18:14:31 |
| 22 Nov 2025 |
|  raboof joined the room. | 12:54:10 |
| raboof | possibly not nixos-specific, but perhaps someone here recognizes this behaviour | 16:31:46 |
| raboof | I'm trying to configure a rpi to monitor the wlan and wired connections. both are on the same network (192.168.1.0/24). when both are enabled, I'm having a hard time using the wireless connection. For example, when I curl --interface enu1u1u1 http://2.18.244.76, tcpdump as expected goes:
17:27:41.606428 enu1u1u1 Out IP 192.168.1.101.45516 > 2.18.244.76.80: Flags [S], seq 3074758675, win 64240, options [mss 1460,sackOK,TS val 1422732498 ecr 0,nop,wscale 7], length 0
17:27:41.611238 enu1u1u1 In IP 2.18.244.76.80 > 192.168.1.101.45516: Flags [S.], seq 69448321, ack 3074758676, win 65160, options [mss 1452,sackOK,TS val 527341513 ecr 1422732498,nop,wscale 7], length 0
17:27:41.611400 enu1u1u1 Out IP 192.168.1.101.45516 > 2.18.244.76.80: Flags [.], ack 1, win 502, options [nop,nop,TS val 1422732503 ecr 527341513], length 0
17:27:41.611657 enu1u1u1 Out IP 192.168.1.101.45516 > 2.18.244.76.80: Flags [P.], seq 1:76, ack 1, win 502, options [nop,nop,TS val 1422732503 ecr 527341513], length 75: HTTP: GET / HTTP/1.1
17:27:41.616315 enu1u1u1 In IP 2.18.244.76.80 > 192.168.1.101.45516: Flags [.], ack 76, win 509, options [nop,nop,TS val 527341518 ecr 1422732503], length 0
17:27:41.632673 enu1u1u1 In IP 2.18.244.76.80 > 192.168.1.101.45516: Flags [FP.], seq 1:517, ack 76, win 509, options [nop,nop,TS val 527341518 ecr 1422732503], length 516: HTTP: HTTP/1.0 400 Bad Request
17:27:41.633322 enu1u1u1 Out IP 192.168.1.101.45516 > 2.18.244.76.80: Flags [F.], seq 76, ack 518, win 501, options [nop,nop,TS val 1422732524 ecr 527341518], length 0
| 16:33:08 |
| raboof | however, when I curl --interface wlan0 http://2.18.244.76:
17:27:54.743874 wlan0 Out IP 192.168.1.212.42430 > 2.18.244.76.80: Flags [S], seq 2483937156, win 64240, options [mss 1460,sackOK,TS val 227351562 ecr 0,nop,wscale 7], length 0
17:27:54.754041 wlan0 In IP 2.18.244.76.80 > 192.168.1.212.42430: Flags [S.], seq 1128095182, ack 2483937157, win 65160, options [mss 1452,sackOK,TS val 527354654 ecr 227351562,nop,wscale 7], length 0
17:27:54.761158 wlan0 In IP 2.18.244.76.80 > 192.168.1.212.42430: Flags [S.], seq 1128095182, ack 2483937157, win 65160, options [mss 1452,sackOK,TS val 527354662 ecr 227351562,nop,wscale 7], length 0
17:27:56.787444 wlan0 In IP 2.18.244.76.80 > 192.168.1.212.42430: Flags [S.], seq 1128095182, ack 2483937157, win 65160, options [mss 1452,sackOK,TS val 527356685 ecr 227351562,nop,wscale 7], length 0
17:28:00.933524 wlan0 In IP 2.18.244.76.80 > 192.168.1.212.42430: Flags [S.], seq 1128095182, ack 2483937157, win 65160, options [mss 1452,sackOK,TS val 527360717 ecr 227351562,nop,wscale 7], length 0
17:28:09.330484 wlan0 In IP 2.18.244.76.80 > 192.168.1.212.42430: Flags [S.], seq 1128095182, ack 2483937157, win 65160, options [mss 1452,sackOK,TS val 527369228 ecr 227351562,nop,wscale 7], length 0
it seems somehow the SYNACK does arrive at the network interface, but doesn't make it to curl? what could explain that?
| 16:33:58 |
 hexa (clat on linux when) | asymmetric pathing | 16:35:09 |
| hexa (clat on linux when) | disable rp_filter | 16:35:19 |
| raboof | hmm just set sysctl net.ipv4.conf.default.rp_filter to 0 (and also for the specific interfaces) but don't see a change in behavior yet | 16:41:06 |
| hexa (clat on linux when) | hrm | 16:42:17 |
| hexa (clat on linux when) | so you receive synack but curl doesn't notice | 16:42:50 |
| hexa (clat on linux when) | oops, you said that | 16:43:15 |
| hexa (clat on linux when) | I would still expect this to be related to asymmetry | 16:43:57 |
| hexa (clat on linux when) | maybe check net.ipv4.conf.{all,wlan0}.rp_filter | 16:44:18 |
| hexa (clat on linux when) | * check net.ipv4.conf.{all,wlan0}.rp_filter as well | 16:44:29 |
| hexa (clat on linux when) | * check net.ipv4.conf.{all,wlan0}.rp\_filter as well | 16:44:35 |
| hexa (clat on linux when) | * check net.ipv4.conf.{all,wlan0}.rp_filter as well | 16:44:38 |
| hexa (clat on linux when) | because the packets arrive from a link that the system would not use for outgoing traffic towards that src address | 16:45:13 |
