From 49278204a4a0c292083ef7daad8e1d0dfaa47806 Mon Sep 17 00:00:00 2001
From: Yuri Tatishchev <itatishch@gmail.com>
Date: Sat, 29 Mar 2025 23:01:40 -0700
Subject: [PATCH] router: ifconfig: disable linux arp proxy behavior by default

By default, Linux will respond to ARP requests that belong to other interfaces. Normally this isn't a problem, but it causes issues since my WAN and LAN20 are technically bridged.
---
 hosts/router/ifconfig.nix | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/hosts/router/ifconfig.nix b/hosts/router/ifconfig.nix
index 132b47e..63f3198 100644
--- a/hosts/router/ifconfig.nix
+++ b/hosts/router/ifconfig.nix
@@ -46,6 +46,12 @@ let
   };
 in
 {
+  # By default, Linux will respond to ARP requests that belong to other interfaces.
+  # Normally this isn't a problem, but it causes issues
+  # since my WAN and LAN20 are technically bridged.
+  # https://networkengineering.stackexchange.com/questions/83071/why-linux-answers-arp-requests-for-ips-that-belong-to-different-network-interfac
+  boot.kernel.sysctl."net.ipv4.conf.default.arp_filter" = 1;
+
   # It is impossible to do multiple prefix requests with networkd,
   # so I use dhcpcd for this
   # https://github.com/systemd/systemd/issues/22571