| 25 Feb 2026 |
 antifuchs | thank you! | 20:17:53 |
| antifuchs | sounds like I need to pull in the one managing the VF functionality, that makes sense | 20:18:17 |
|  isabel changed their profile picture. | 21:51:39 |
| 26 Feb 2026 |
 Sandro 🐧 | glad I could help | 14:27:17 |
| Sandro 🐧 | I couldn't find much about that online unfortunately, takes a bit of guessing | 14:27:39 |
| 27 Feb 2026 |
| antifuchs | systemd-networkd is being a bit weird. networkctl status says /etc/systemd/network/50-vnet.network: RequiredForOnline=yes and ActivationPolicy=manual, this may cause a delay at boot. but the file is:
:; cat /etc/systemd/network/50-vnet.network
[Match]
Name=vnet*
[Link]
ActivationPolicy=manual
RequiredForOnline=no-carrier
Unmanaged=true
[Network]
ConfigureWithoutCarrier=true
| 20:18:35 |
| antifuchs | RequiredForOnline is not yes? | 20:18:54 |
 Charles | shot in the dark: what does networkctl cat 50-vnet.network say? maybe there's some merging going on? iirc that's a thing with services, dunno about networks | 20:59:40 |
| 28 Feb 2026 |
|  ilsubyeega joined the room. | 09:24:53 |
| ilsubyeega | Hello, I want to configure my both desktop and laptop with topology from following image, really no clue about linux networking:
- What should i use for networking? looks like
systemd.networkd and networkmanager exists, but i was daily driving networkmanager while not knowing networkd, one of friend suggests to use networkd, looks like nixpkgs nixos module is quite decent than networkmanager. If networkd, should i scare about WIFI/wireless network usage there?
- the idea is:
- create
physical-named group, adding wlan0 and eth0 to group
- create
nordvpn nixos container(nspawnd, i believe) and network group, uses physical as upstream network, exposing to own network group
- create
cloudflare nixos container and network group, uses nordvpn as upstream network, exposing to own network group.
- create
tailscale nixos container and network group, uses physical as upstream network, exposing to own network group.
- create
main network group which does:
- uses
physical/nordvpn/cloudflare as network upstream. easily swappable
- merges tailscale's internal IP range
- while researching the article(as nested vpn) shows running custom systemd services which invoke
netns command, i believe there must be the another way to configure this; there are many raw resources on linux networking, not sure each things fit my specific use case, so I'm asking: what approach would be ideal?
| 09:48:54 |
| ilsubyeega | god thats a ton | 09:49:01 |
| ilsubyeega | 
Download image.png | 09:49:12 |
| ilsubyeega | * Hello, I want to configure my both desktop and laptop with topology from following image, really no clue about linux networking:
- What should i use for networking? looks like
systemd.networkd and networkmanager exists, but i was daily driving networkmanager while not knowing networkd, one of friend suggests to use networkd, looks like nixpkgs nixos module is quite decent than networkmanager. If networkd, should i scare about WIFI/wireless network usage there?
- the idea is:
- create
physical-named group, adding wlan0 and eth0 to group
- create
nordvpn nixos container(nspawnd, i believe) and network group, uses physical as upstream network, exposing to own network group
- create
cloudflare nixos container and network group, uses nordvpn as upstream network, exposing to own network group.
- create
tailscale nixos container and network group, uses physical as upstream network, exposing to own network group.
- create
main network group which does:
- uses
physical/nordvpn/cloudflare as network upstream. easily swappable
- merges tailscale's internal IP range
- all processes/userspace programs that didnt set explict network configuration should go towards here.
- while researching the article(as nested vpn) shows running custom systemd services which invoke
netns command, i believe there must be the another way to configure this; there are many raw resources on linux networking, not sure each things fit my specific use case, so I'm asking: what approach would be ideal?
| 09:50:05 |
 K900 | Why are you even doing any of this | 09:51:20 |
| K900 | This is SO overengineered and why | 09:51:29 |
| ilsubyeega | wanted to use nested vpn without extra concens by writing declartive configuration | 09:52:21 |
| ilsubyeega | going to daily drive this and serve some portion of this into my vps later | 09:53:04 |
| K900 | But why nested VPNs at all? | 09:53:09 |
| K900 | And why so many of them | 09:53:16 |
| ilsubyeega | its at 2 for this case, at this time cloudflare exposes your location without opt-out | 09:54:14 |
| ilsubyeega | for tailscale they dont have detailed linux setup docs for like this so pushing in container(also cloudflare is binary while nordvpn is not) | 09:55:16 |
 adamcstephens | if you don't trust cf, why use them at all? | 14:05:11 |
| ilsubyeega | cost | 14:06:17 |
| adamcstephens | what you don't pay in money costs you in other ways. | 14:08:28 |
| adamcstephens | especially when using an American service. | 14:09:48 |
| ilsubyeega | im on asia | 14:09:58 |
| adamcstephens | and cloudflare is... | 14:10:10 |
| ilsubyeega | multiple regioned | 14:10:18 |
| adamcstephens | mmhmm | 14:11:56 |
|  Myned joined the room. | 20:41:53 |
