| 28 Feb 2026 |
 ilsubyeega | 
Download image.png | 09:49:12 |
| ilsubyeega | * Hello, I want to configure my both desktop and laptop with topology from following image, really no clue about linux networking:
- What should i use for networking? looks like
systemd.networkd and networkmanager exists, but i was daily driving networkmanager while not knowing networkd, one of friend suggests to use networkd, looks like nixpkgs nixos module is quite decent than networkmanager. If networkd, should i scare about WIFI/wireless network usage there?
- the idea is:
- create
physical-named group, adding wlan0 and eth0 to group
- create
nordvpn nixos container(nspawnd, i believe) and network group, uses physical as upstream network, exposing to own network group
- create
cloudflare nixos container and network group, uses nordvpn as upstream network, exposing to own network group.
- create
tailscale nixos container and network group, uses physical as upstream network, exposing to own network group.
- create
main network group which does:
- uses
physical/nordvpn/cloudflare as network upstream. easily swappable
- merges tailscale's internal IP range
- all processes/userspace programs that didnt set explict network configuration should go towards here.
- while researching the article(as nested vpn) shows running custom systemd services which invoke
netns command, i believe there must be the another way to configure this; there are many raw resources on linux networking, not sure each things fit my specific use case, so I'm asking: what approach would be ideal?
| 09:50:05 |
 K900 | Why are you even doing any of this | 09:51:20 |
| K900 | This is SO overengineered and why | 09:51:29 |
| ilsubyeega | wanted to use nested vpn without extra concens by writing declartive configuration | 09:52:21 |
| ilsubyeega | going to daily drive this and serve some portion of this into my vps later | 09:53:04 |
| K900 | But why nested VPNs at all? | 09:53:09 |
| K900 | And why so many of them | 09:53:16 |
| ilsubyeega | its at 2 for this case, at this time cloudflare exposes your location without opt-out | 09:54:14 |
| ilsubyeega | for tailscale they dont have detailed linux setup docs for like this so pushing in container(also cloudflare is binary while nordvpn is not) | 09:55:16 |
 adamcstephens | if you don't trust cf, why use them at all? | 14:05:11 |
| ilsubyeega | cost | 14:06:17 |
| adamcstephens | what you don't pay in money costs you in other ways. | 14:08:28 |
| adamcstephens | especially when using an American service. | 14:09:48 |
| ilsubyeega | im on asia | 14:09:58 |
| adamcstephens | and cloudflare is... | 14:10:10 |
| ilsubyeega | multiple regioned | 14:10:18 |
| adamcstephens | mmhmm | 14:11:56 |
|  Myned joined the room. | 20:41:53 |
| 1 Mar 2026 |
|  @acidbong:envs.net removed their profile picture. | 03:23:26 |
| @acidbong:envs.net removed their display name Acid Bong. | 03:23:36 |
| @acidbong:envs.net left the room. | 03:23:48 |
|  @ajhalili2006:envs.net removed their profile picture. | 03:38:55 |
| @ajhalili2006:envs.net removed their display name ~ajhalili2006 [tildeverse / backup of @ajhalili2006:andreijiroh.dev]. | 03:39:55 |
| @ajhalili2006:envs.net left the room. | 03:41:14 |
|  @angryant:envs.net removed their profile picture. | 04:22:21 |
| @angryant:envs.net removed their display name AngryAnt. | 04:22:25 |
| @angryant:envs.net left the room. | 04:23:18 |
|  @astro:envs.net removed their profile picture. | 05:13:55 |
| @astro:envs.net left the room. | 05:16:10 |
