!tCyGickeVqkHsYjWnh:nixos.org

NixOS Networking

919 Members
Declaratively manage your switching, routing, wireless, tunneling and more.274 Servers

Load older messages

SenderMessageTime
30 Apr 2026
@cadair:cadair.comCadair0.0.0.0/014:00:57
@k900:0upti.meK900That looks normal then14:01:21
@k900:0upti.meK900Are you doing NAT on the router?14:01:23
@k900:0upti.meK900It's possible that Mullvad won't NAT random packets14:01:33
@k900:0upti.meK900So you have to double NAT14:01:35
@cadair:cadair.comCadairI have a very very similar config running on another host but where I've made it my default route14:02:17
@cadair:cadair.comCadairand that works14:02:19
@k900:0upti.meK900That would imply no NAT14:02:35
@cadair:cadair.comCadairI've also tried making it the default route on this host and that didn't work either14:03:31
@k900:0upti.meK900Are you sending traffic directly from the router14:03:51
@k900:0upti.meK900Or from one of the hosts on the LAN14:03:56
@cadair:cadair.comCadairI'm at the point where I'm assuming something is messed up because of the extra networking complexity on this host14:03:56
@cadair:cadair.comCadairyes14:03:58
@k900:0upti.meK900Because you probably need to NAT14:03:59
@cadair:cadair.comCadairI can't ping out from the router across the tunnel14:04:11
@cadair:cadair.comCadair

I have this route:

185.254.79.30 dev mullvad proto static scope link metric 512

and I can't ping 185.254.79.30 from the router

14:05:00
@k900:0upti.meK900Uhh is 185.254.79.30 the internal address of the peer on the tunnel14:05:28
@k900:0upti.meK900Or is it the external endpoint14:05:32
@k900:0upti.meK900Cause it feels like the latter14:05:35
@cadair:cadair.comCadairyeah the latter14:05:39
@k900:0upti.meK900Then it should absolutely not have a route on the Mullvad interface14:06:01
@k900:0upti.meK900Because what you're saying is "to get to the endpoint of the tunnel, go through the tunnel"14:06:13
@k900:0upti.meK900Which makes no sense14:06:16
@cadair:cadair.comCadairoh it's neither sorry14:06:38
@cadair:cadair.comCadairit's the random IP on the wider internet I want to get to over the tunnel14:06:47
@cadair:cadair.comCadair* it's the "random" IP on the wider internet I want to get to over the tunnel14:07:09
@k900:0upti.meK900Can you ping the actual endpoint of the tunnel?14:07:33
@k900:0upti.meK900On the tunnel link14:07:38
* @cadair:cadair.comCadair can't get packets to his email host over his home internet without tunneling it over a VPN for some reason he can't get to the bottom on14:07:55
* @cadair:cadair.comCadair * can't get packets to his email host over his home internet without tunneling it over a VPN for some reason he can't get to the bottom of14:07:55

Show newer messages

Back to Room ListRoom Version: 6