| 15 Jul 2021 |
 Leon | Hm, very interesting. | 15:45:31 |
 Alex Zero | Only thing that works is downgrading the kernel to 5.2,which is not ideal at all | 15:45:54 |
| Alex Zero | I've had to force it on all the router VMs | 15:46:03 |
| Alex Zero | For lack of a better solution | 15:46:09 |
 Mic92 | Alex Zero: Did you cc'ed the original authors? | 15:56:53 |
| Mic92 | also the merge and post it on netdev | 15:57:26 |
| Mic92 | Also include tcpdump dumps from netlink | 15:58:06 |
| Alex Zero | I'll do that, thanks 👍 | 16:12:22 |
| Mic92 | *merger | 16:14:48 |
 Amanda (she/her) | So, somehow my co-admin is able to assign IPs to his proxmox VMs using his router's networking stack. He said something about bridging the interface or similar -- is this something I could set up myself to do with lxd/nixos containers? I'm not very versed in networking stuff, so any clarification is appreciated | 17:02:58 |
| Amanda (she/her) | ( He doesn't seem to understand how it works either, I tried asking ) | 17:03:26 |
 Linux Hackerman | Amanda (she/her): yep, if you create a bridge and put both your physical interface and one side of a veth pair on that bridge, the containers will be on the network as if they were additional physical machines attached via a switch. | 17:08:43 |
| Amanda (she/her) | Huh, It's just putting it on the bridge? For some reason I thought bridges were what was used for the host-local stuff | 17:09:37 |
| Linux Hackerman | Not sure how to do that with lxd, but you can use systemd-nspawn's `--network-bridge` to put an nspawn container on it | 17:10:02 |
| Linux Hackerman | The trick is to bridge the physical interface as well. | 17:10:13 |
| Amanda (she/her) | So I assume I'd want something like networking.bridges.<bridge>.interfaces = ["eth0"] | 17:10:58 |
| Linux Hackerman | Bridge = switch, pretty much. You can have a bridge where only the containers are — that way the containers can only talk to each other and the host, and the host needs to do forwarding for them to reach any further | 17:11:19 |
| Linux Hackerman | By adding the physical interface, their traffic can go straight to your router | 17:11:37 |
| Linux Hackerman | In reply to @amanda:camnet.site
So I assume I'd want something like networking.bridges.<bridge>.interfaces = ["eth0"] Yep | 17:11:39 |
| Amanda (she/her) | That's not going to kick off other devices off the bridge on a apply is it? | 17:12:15 |
| Linux Hackerman | In reply to @amanda:camnet.site
That's not going to kick off other devices off the bridge on a apply is it? Aahhh that definitely is a problem I've had. I'm not sure if it still exists. I think it's fine if you're using networkd and not scripted networking (which I'd recommend regardless) | 17:14:14 |
| Amanda (she/her) | I'm actually not even sure what I am using, to be honest, lemme dig and see what networking stuff I have enabled. | 17:14:46 |
| Linux Hackerman | In reply to @amanda:camnet.site
So I assume I'd want something like networking.bridges.<bridge>.interfaces = ["eth0"] You also then need to set the host's network config on the bridge instead of the physical interface | 17:14:58 |
| Amanda (she/her) | Hrm, seems I'm not doing anything special for networking? Whatever nixos defaults to, I only set networking.{hostName,fiewall.*,nameservers} | 17:16:47 |
| Amanda (she/her) | ah, I guess I'm using scripted then, networking.useNetworkd is still defaulting to false | 17:18:56 |
| Linux Hackerman | yep | 17:20:55 |
| Linux Hackerman | it's likely to be a trivial switch though, I'd suggest giving it a shot if you're in a position to roll back (i.e. not from 100km away or something ;) ) | 17:21:25 |
| Linux Hackerman | and I've had a lot less pain with networkd than with scripted networking. | 17:22:01 |
| Amanda (she/her) | nah, hardest part would be finding a usb keyboard to plug in to it. :P | 17:22:14 |
| Linux Hackerman | 😱 | 17:22:29 |
