nixos-module/container/yggdrasil: enable NAT66
This commit is contained in:
parent
0e3921d126
commit
792426f22c
|
@ -10,8 +10,15 @@ lib.mkIf config.site.hosts.${hostName}.services.yggdrasil.enable {
|
|||
fi
|
||||
'';
|
||||
|
||||
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
|
||||
# Forward traffic under the prefix.
|
||||
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
|
||||
networking.nat = {
|
||||
enable = true;
|
||||
# Provide NAT66 for everyone with addresses foreign to Yggdrasil
|
||||
extraCommands = ''
|
||||
ip6tables -t nat -A POSTROUTING ! --src 200::/7 -o ygg -j MASQUERADE
|
||||
'';
|
||||
};
|
||||
|
||||
services.yggdrasil = {
|
||||
enable = true;
|
||||
|
|
Loading…
Reference in New Issue
Block a user