nixbld: IPv6 on internal networks

This commit is contained in:
Sebastien Bourdeauducq 2019-10-16 13:48:13 +08:00
parent e89afabdfb
commit 68534d2ce2
1 changed files with 25 additions and 8 deletions

View File

@ -43,14 +43,26 @@ in
trustedInterfaces = [ netifLan ];
};
networkmanager.unmanaged = [ "interface-name:${netifLan}" "interface-name:${netifWifi}" ];
interfaces."${netifLan}".ipv4.addresses = [{
interfaces."${netifLan}" = {
ipv4.addresses = [{
address = "192.168.1.1";
prefixLength = 24;
}];
interfaces."${netifWifi}".ipv4.addresses = [{
ipv6.addresses = [{
address = "2001:470:f821:1::";
prefixLength = 64;
}];
};
interfaces."${netifWifi}" = {
ipv4.addresses = [{
address = "192.168.12.1";
prefixLength = 24;
}];
ipv6.addresses = [{
address = "2001:470:f821:2::";
prefixLength = 64;
}];
};
nat = {
enable = true;
externalInterface = netifWan;
@ -78,6 +90,8 @@ in
routes = [{ address = "::"; prefixLength = 0; }];
};
};
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = "1";
boot.kernel.sysctl."net.ipv6.conf.default.forwarding" = "1";
services.hostapd = {
enable = true;
@ -94,6 +108,9 @@ in
bind-interfaces
dhcp-range=interface:${netifLan},192.168.1.10,192.168.1.254,24h
dhcp-range=interface:${netifWifi},192.168.12.10,192.168.12.254,24h
enable-ra
dhcp-range=interface:${netifLan},::,constructor:${netifLan},ra-names
dhcp-range=interface:${netifWifi},::,constructor:${netifWifi},ra-only
'';
};