WIP: router: bring back lan10

hosts/router/ifconfig.nix

@@ -18,7 +18,7 @@ let
     matchConfig.Name = ifObj.name;
     networkConfig = {
       IPv4Forwarding = true;
-      IPv6SendRA = (ifObj.name != ifs.lan10.name);  # TODO: temporary test, remove
+      IPv6SendRA = true;
       Address = [ ifObj.addr4Sized ifObj.addr6Sized ifObj.ulaAddrSized ];
     };
     ipv6Prefixes = [
@@ -44,70 +44,54 @@ let
       DNS = [ ifObj.ulaAddr ];
     };
   };
-
 in
 {
   # It is impossible to do multiple prefix requests with networkd,
   # so I use dhcpcd for this
   # https://github.com/systemd/systemd/issues/22571
-  networking.dhcpcd.enable = true;
   # https://github.com/systemd/systemd/issues/22571#issuecomment-2094905496
   # https://gist.github.com/csamsel/0f8cca3b2e64d7e4cc47819ec5ba9396
+  networking.dhcpcd.enable = true;
+  networking.dhcpcd.allowInterfaces = [ ifs.wan.name ];
   networking.dhcpcd.extraConfig = ''
-    duid
-    ipv6only
-    nodhcp6
-    noipv6rs
     nohook resolv.conf, yp, hostname, ntp
-    option rapid_commit
 
     interface ${ifs.wan.name}
+      # IPv4 (Static)
+      nodhcp
+      noipv4ll
+      static ip_address=${ifs.wan.addr4Sized}
+      static routers=${ifs.wan.gw4}
+
+      # IPv6
+      duid
       ipv6rs
       dhcp6
-      duid
-      ipv6only
-      nohook resolv.conf, yp, hostname, ntp
-      nogateway
       option rapid_commit
 
-      # this doesn't play well with networkd
+      # DHCPv6 addr
-      # ia_na
+      ia_na
-      # ia_pd 1 ${ifs.lan.name}/0
+
-      # ia_pd 2 ${ifs.lan10.name}/0
+      # DHCPv6 Prefix Delegation
-      # ia_pd 3 ${ifs.lan20.name}/0
 
       # request the leases just for routing (so that the att box knows we're here)
       # actual ip assignments are static, based on $pdFromWan
       ia_pd 1/${ifs.lan.net6} -
-      # ia_pd 10/${ifs.lan10.net6} -
+      ia_pd 10/${ifs.lan10.net6} -
       # ia_pd 20/${pdFromWan}d::/64 -  # for opnsense (legacy services)
       ia_pd 30/${ifs.lan30.net6} -
       ia_pd 40/${ifs.lan40.net6} -
       ia_pd 50/${ifs.lan50.net6} -
       # ia_pd 7 -
       # ia_pd 8 -
+
+      # the leases can be assigned to the interfaces,
+      # but this doesn't play well with networkd
+      # ia_pd 1 ${ifs.lan.name}/0
+      # ia_pd 2 ${ifs.lan10.name}/0
+      # ia_pd 3 ${ifs.lan20.name}/0
   '';
 
-  systemd.timers."restart-networkd" = {
-    wantedBy = [ "timers.target" ];
-      timerConfig = {
-        OnBootSec = "1m";
-        OnUnitActiveSec = "1m";
-        Unit = "restart-networkd.service";
-      };
-  };
-
-  systemd.services."restart-networkd" = {
-    script = ''
-      set -eu
-      ${pkgs.systemd}/bin/systemctl restart systemd-networkd
-    '';
-    serviceConfig = {
-      Type = "oneshot";
-      User = "root";
-    };
-  };
-
   networking.useNetworkd = true;
   systemd.network.enable = true;
   systemd.network = {
@@ -132,7 +116,7 @@ in
     };
 
     netdevs = {
-      # "10-vlan10" = mkVlanDev { id = 10; name = ifs.lan10.name; };
+      "10-vlan10" = mkVlanDev { id = 10; name = ifs.lan10.name; };
       "10-vlan20" = mkVlanDev { id = 20; name = ifs.lan20.name; };
       "10-vlan30" = mkVlanDev { id = 30; name = ifs.lan30.name; };
       "10-vlan40" = mkVlanDev { id = 40; name = ifs.lan40.name; };
@@ -142,83 +126,50 @@ in
     networks = {
       "10-wan" = {
         matchConfig.Name = ifs.wan.name;
-        networkConfig = {
+        linkConfig = {
-          # start a DHCP Client for IPv4 Addressing/Routing
+          Unmanaged = true;
-          # DHCP = "ipv4";
+          RequiredForOnline = "routable";
-          # accept Router Advertisements for Stateless IPv6 Autoconfiguraton (SLAAC)
-          # let dhcpcd handle this
-          Address = [ ifs.wan.addr4Sized ];
-          IPv6AcceptRA = false;
         };
-        routes = [
-          { Gateway = ifs.wan.gw4; }
-          { Gateway = ifs.wan.gw6; }
-        ];
-        # make routing on this interface a dependency for network-online.target
-        linkConfig.RequiredForOnline = "routable";
       };
       "20-lan" = (mkLanConfig ifs.lan) // {
         vlan = [
-          # ifs.lan10.name
+          ifs.lan10.name
           ifs.lan20.name
           ifs.lan30.name
           ifs.lan40.name
           ifs.lan50.name
         ];
       };
-      # "30-vlan10" = mkLanConfig ifs.lan10;
+      "30-vlan10" = mkLanConfig ifs.lan10;
-      "30-vlan20" = mkLanConfig ifs.lan20 // {
+      "30-vlan20" = mkLanConfig ifs.lan20;
-        routes = [
-          {
-            # OPNsense subnet route
-            Destination = "${pdFromWan}d::/64";
-            Gateway = "fe80::1efd:8ff:fe71:954e";
-          }
-        ];
-      };
       "30-vlan30" = mkLanConfig ifs.lan30;
       "30-vlan40" = mkLanConfig ifs.lan40;
       "30-vlan50" = mkLanConfig ifs.lan50;
     };
   };
 
-  networking.interfaces = {
+  # For some reason, the interfaces stop receiving route solicitations after a while.
-#    ${ifs.lan10.name} = {
+  # Regular router adverts still get sent out at intervals, but this breaks dhcp6 clients.
-#      ipv4.addresses = [ { address = ifs.lan10.addr4; prefixLength = ifs.lan10.p4Size; } ];
+  # Restarting networkd makes it work again, I have no clue why.
-#      ipv6.addresses = [
+  # This is jank af, but I've tried a bunch of other stuff with no success
-#        {
+  # and I'm giving up (for now).
-#          address = ifs.lan10.addr6;
+  systemd.timers."restart-networkd" = {
-#          prefixLength = ifs.lan10.p6Size;
+    wantedBy = [ "timers.target" ];
-#        }
+      timerConfig = {
-#        {
+        OnBootSec = "1m";
-#          address = ifs.lan10.ulaAddr;
+        OnUnitActiveSec = "1m";
-#          prefixLength = ifs.lan10.ulaSize;
+        Unit = "restart-networkd.service";
-#        }
+      };
-#      ];
-#    };
   };
-  networking.dhcpcd.allowInterfaces = [ ifs.wan.name ];
 
-  services.radvd.enable = false;
+  systemd.services."restart-networkd" = {
-  services.radvd.config = ''
+    script = ''
-    interface ${ifs.lan10.name} {
+      set -eu
-      RDNSS ${ifs.lan.ulaAddr} {
+      ${pkgs.systemd}/bin/systemctl restart systemd-networkd
-      };
+    '';
-      AdvSendAdvert on;
+    serviceConfig = {
-      # MinRtrAdvInterval 3;
+      Type = "oneshot";
-      # MaxRtrAdvInterval 10;
+      User = "root";
-      AdvManagedFlag on;
-      # AdvOtherConfigFlag on;
-      prefix ${ifs.lan10.net6} {
-        AdvOnLink on;
-        AdvAutonomous on;
-      };
-      prefix ${ifs.lan10.ulaNet} {
-        AdvOnLink on;
-        AdvAutonomous on;
-      };
-      route ${ulaPrefix}::/48 {
-      };
     };
-  '';
+  };
 }

hosts/router/kea.nix

@@ -131,7 +131,7 @@ in
   services.kea.dhcp4.settings = {
     interfaces-config.interfaces = [
       ifs.lan.name
-      # ifs.lan10.name
+      ifs.lan10.name
       ifs.lan20.name
       ifs.lan30.name
       ifs.lan40.name
@@ -141,7 +141,7 @@ in
     ddns-qualifying-suffix = "4.default.${ldomain}";
     subnet4 = [
       ((mkDhcp4Subnet 1 ifs.lan) // reservations.lan.v4)
-      # (mkDhcp4Subnet 10 ifs.lan10)
+      (mkDhcp4Subnet 10 ifs.lan10)
       ((mkDhcp4Subnet 20 ifs.lan20) // reservations.lan20.v4)
       (mkDhcp4Subnet 30 ifs.lan30)
       (mkDhcp4Subnet 40 ifs.lan40)
@@ -153,7 +153,7 @@ in
   services.kea.dhcp6.settings = {
     interfaces-config.interfaces = [
       ifs.lan.name
-      # ifs.lan10.name
+      ifs.lan10.name
       # ifs.lan20.name  # Managed by Att box
       ifs.lan30.name
       ifs.lan40.name
@@ -164,7 +164,7 @@ in
     ddns-qualifying-suffix = "6.default.${ldomain}";
     subnet6 = [
       ((mkDhcp6Subnet 1 ifs.lan) // reservations.lan.v6)
-      # (mkDhcp6Subnet 10 ifs.lan10)
+      (mkDhcp6Subnet 10 ifs.lan10)
       (mkDhcp6Subnet 30 ifs.lan30)
       (mkDhcp6Subnet 40 ifs.lan40)
       (mkDhcp6Subnet 50 ifs.lan50)

hosts/router/vars.nix

@@ -50,7 +50,6 @@ rec {
       addr4 = "192.168.1.61";
       addr4Sized = "${addr4}/24";
       gw4 = "192.168.1.254";
-      gw6 = "fe80::e21f:2bff:fe96:e952";
     };
     lan = mkIfConfig {
       name_ = "lan";