try some fw stuff

hosts/fw.cloonar.com/modules/networking.nix

@@ -2,34 +2,30 @@
   boot.kernel.sysctl = {
     # if you use ipv4, this is all you need
     "net.ipv4.conf.all.forwarding" = true;
-
     # If you want to use it for ipv6
-    "net.ipv6.conf.all.forwarding" = true;
-
-    # source: https://github.com/mdlayher/homelab/blob/master/nixos/routnerr-2/configuration.nix#L52
-    # By default, not automatically configure any IPv6 addresses.
-    "net.ipv6.conf.all.accept_ra" = 0;
-    "net.ipv6.conf.all.autoconf" = 0;
-    "net.ipv6.conf.all.use_tempaddr" = 0;
-
-    # On WAN, allow IPv6 autoconfiguration and tempory address use.
-    # "net.ipv6.conf.${name}.accept_ra" = 2;
-    # "net.ipv6.conf.${name}.autoconf" = 1;
+    "net.ipv6.conf.all.forwarding" = false;
   };
 
-  systemd.network.links."10-wan" = {
-    matchConfig.PermanentMACAddress = "a8:b8:e0:00:43:c1";
-    linkConfig.Name = "wan";
-  };
-  systemd.network.links."20-lan" = {
-    matchConfig.PermanentMACAddress = "a8:b8:e0:00:43:c2";
-    linkConfig.Name = "lan";
-  };
-  systemd.network.links."30-server" = {
-    matchConfig.PermanentMACAddress = "a8:b8:e0:00:43:c3";
-    linkConfig.Name = "server";
+  systemd.network = {
+    wait-online.anyInterface = true;
+    inks = {
+      "10-wan" = {
+        matchConfig.PermanentMACAddress = "a8:b8:e0:00:43:c1";
+        linkConfig.Name = "wan";
+        linkConfig.RequiredForOnline = "routable";
+      };
+      "20-lan" = {
+        matchConfig.PermanentMACAddress = "a8:b8:e0:00:43:c2";
+        linkConfig.Name = "lan";
+      };
+      "30-server" = {
+        matchConfig.PermanentMACAddress = "a8:b8:e0:00:43:c3";
+        linkConfig.Name = "server";
+      };
+    };
   };
 
+
   networking = {
     useDHCP = false;
     nameservers = [ "9.9.9.9" "149.112.112.112" ];