aux: ipv6

2022-11-04 16:45:29 +08:00 · 2022-11-04 16:45:29 +08:00 · a7450362ce
parent fb745a11e3
commit a7450362ce
1 changed files with 29 additions and 0 deletions
--- a/aux-etc-nixos/configuration.nix
+++ b/aux-etc-nixos/configuration.nix
@ -4,6 +4,7 @@ let
  netifWan = "enp0s25";
  netifLan = "enp3s0";
  netifWifi = "wlp1s0";
+  netifSit = "henet0";
 in
 {
  imports =
@ -43,18 +44,43 @@ in
      address = "192.168.1.1";
      prefixLength = 24;
    }];
+    ipv6.addresses = [{
+      address = "2001:470:f891:1::";
+      prefixLength = 64;
+    }];
  };
  networking.interfaces."${netifWifi}" = {
    ipv4.addresses = [{
      address = "192.168.15.1";
      prefixLength = 24;
    }];
+    ipv6.addresses = [{
+      address = "2001:470:f891:2::";
+      prefixLength = 64;
+    }];
  };
+
+  networking.sits."${netifSit}" = {
+    dev = netifWan;
+    remote = "216.218.221.6";
+    local = "94.190.212.123";
+    ttl = 255;
+  };
+  networking.interfaces."${netifSit}".ipv6 = {
+    addresses = [{ address = "2001:470:18:390::2"; prefixLength = 64; }];
+    routes = [{ address = "::"; prefixLength = 0; }];
+  };
+  boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = "1";
+  boot.kernel.sysctl."net.ipv6.conf.default.forwarding" = "1";
+  boot.kernel.sysctl."net.ipv6.conf.${netifLan}.accept_dad" = "0";
+  boot.kernel.sysctl."net.ipv6.conf.${netifWifi}.accept_dad" = "0";
+
  networking.firewall = {
    allowedTCPPorts = [ 53 ];
    allowedUDPPorts = [ 53 67 ];
    trustedInterfaces = [ netifLan ];
  };
+
  services.bind = {
    enable = true;
    listenOn = [];
@ -72,6 +98,9 @@ in
      bind-interfaces
      dhcp-range=interface:${netifLan},192.168.1.81,192.168.1.254,24h
      dhcp-range=interface:${netifWifi},192.168.15.10,192.168.15.254,24h
+      enable-ra
+      dhcp-range=interface:${netifLan},::,constructor:${netifLan},ra-names
+      dhcp-range=interface:${netifWifi},::,constructor:${netifWifi},ra-only

      no-resolv