From ced81c2e89d986a6f2a9195b22d4c6ad02a4b3ac Mon Sep 17 00:00:00 2001
From: Dominik Polakovics <dominik.polakovics@cloonar.com>
Date: Thu, 30 Nov 2023 23:02:16 +0100
Subject: [PATCH] enable forwarding

---
 hosts/fw.cloonar.com/modules/networking.nix | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/hosts/fw.cloonar.com/modules/networking.nix b/hosts/fw.cloonar.com/modules/networking.nix
index 29c053a..17eaea9 100644
--- a/hosts/fw.cloonar.com/modules/networking.nix
+++ b/hosts/fw.cloonar.com/modules/networking.nix
@@ -1,4 +1,22 @@
 { ... }: {
+  boot.kernel.sysctl = {
+    # if you use ipv4, this is all you need
+    "net.ipv4.conf.all.forwarding" = true;
+
+    # If you want to use it for ipv6
+    "net.ipv6.conf.all.forwarding" = true;
+
+    # source: https://github.com/mdlayher/homelab/blob/master/nixos/routnerr-2/configuration.nix#L52
+    # By default, not automatically configure any IPv6 addresses.
+    "net.ipv6.conf.all.accept_ra" = 0;
+    "net.ipv6.conf.all.autoconf" = 0;
+    "net.ipv6.conf.all.use_tempaddr" = 0;
+
+    # On WAN, allow IPv6 autoconfiguration and tempory address use.
+    "net.ipv6.conf.${name}.accept_ra" = 2;
+    "net.ipv6.conf.${name}.autoconf" = 1;
+  };
+
   systemd.network.links."10-wan" = {
     matchConfig.PermanentMACAddress = "a8:b8:e0:00:43:c1";
     linkConfig.Name = "wan";