microvm-defaults: early load nf_conntrack kernel module for sysfs

2023-06-24 01:25:23 +02:00 · 2023-06-24 01:25:23 +02:00 · ea4b716c0a
parent 5851716114
commit ea4b716c0a
1 changed files with 4 additions and 0 deletions
--- a/modules/microvm-defaults.nix
+++ b/modules/microvm-defaults.nix
@ -18,6 +18,10 @@
        # nf_conntrack: nf_conntrack: table full, dropping packet
        "net.netfilter.nf_conntrack_max" = "65536";
      };
+    kernelModules = [
+      # required for net.netfilter.nf_conntrack_max appearing in sysfs early at boot
+      "nf_conntrack"
+    ];
    kernelParams = [
      "preempt=none"
      # No server/router runs any untrusted user code