I am very much a newbie to nixos (read: I have no idea what I’m doing). I’m working on developing multi-target configs for my requirements (laptop, workstation, dedicated servers).
My first step is to get working systems with functional networking on the various platforms. The current biggest stumbling block is getting ipv6 networking functioning on my oneprovider (scaleway resold) dedicated server. I have used a debian install, and the rescue system, to successfully install nixos. The debian image boots with a working network stack (including ipv6), so I know the dedicated infrastructure can work, but I can’t get it working on nixos.
All configuration, at this point, is in configuration.nix
Each server has a SLAAC provided single static ipv6 address, as well as a (subsequently requested) /64 block. The provided debian image, from a fresh install, is configured for the single static ipv6 address, but not the block.
If I look at the ip on an identical working debian machine, it looks similar (but not the same) to a not working nixos server:
user@hostname:ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether ac:1f:6b:23:d0:f8 brd ff:ff:ff:ff:ff:ff
altname enp4s0f0
inet xx.yy.zz.69/24 brd xx.yy.zz.255 scope global dynamic eno1
valid_lft 405186311sec preferred_lft 405186311sec
inet6 [static ip prefix]:[local]/64 scope global dynamic mngtmpaddr
valid_lft 2591999sec preferred_lft 604799sec
inet6 fe80::[local]/64 scope link
valid_lft forever preferred_lft forever
user@hostname:ip -6 r
[static ip prefix]::/64 dev eno1 proto kernel metric 256 expires 2591999sec pref medium
fe80::/64 dev eno1 proto kernel metric 256 pref medium
default via fe80::[gateway] dev eno1 proto ra metric 1024 expires 14sec hoplimit 64 pref medium
I have tried various configurations. none have led to successful routing over ipv6 (ping fails, though DNS seems to find the target ipv6 address). currently I have:
let
# ipv6 details from hosting provider
clientid = "[DUID provided]";
interface = "eno1";
subnet = "64";
network = "[ip block prefix]::/${subnet}";
own_ip = "[ip block prefix]::1/${subnet}";
in
......
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
boot.kernel.sysctl."net.ipv6.conf.eno1.autoconf" = 0;
boot.kernel.sysctl."net.ipv6.conf.eno1.accept_ra" = 2;
......
networking = {
hostName = "AMS-685090";
nameservers = [ "51.158.139.25" "51.158.139.28" "2001:bc8:1408:1::f" "2001:bc8:1408:1::c" ];
search = [ "online.net"] ;
domain = "online.net";
enableIPv6 = true;
useDHCP = true;
dhcpcd.persistent = true;
dhcpcd.extraConfig = ''
clientid "${clientid}"
noipv6rs
ipv6rs
interface ${interface}
ia_pd 1/${network} ${interface}
static ip6_address=${own_ip}
'';
firewall = {
enable = true;
allowedTCPPorts = [ 53 ];
};
};
environment.etc."dhcpcd.duid".text = clientid;
......
I can ping the local static ipv6, and the assigned ipv6 from the /64 block (::1). I can’t ping anything else.
user@hostname:ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether ac:1f:6b:27:2f:a2 brd ff:ff:ff:ff:ff:ff
altname enp4s0f0
inet xx.yy.zz.18/24 brd xx.yy.zz.255 scope global dynamic noprefixroute eno1
valid_lft 405186535sec preferred_lft 354537802sec
inet6 [static ip prefix]:d967:82f:8453:e67b/64 scope global temporary dynamic
valid_lft 601468sec preferred_lft 83064sec
inet6 [static ip prefix]:[Single Static]/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 2591999sec preferred_lft 604799sec
inet6 [ip block prefix]::1/64 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::[Single Static]/64 scope link
valid_lft forever preferred_lft forever
user@hostname:ip -6 r
[ip block prefix]::/64 dev eno1 metric 1002 pref medium
[static ip prefix]::/64 dev eno1 proto ra metric 1002 mtu 1500 pref medium
fe80::/64 dev eno1 proto kernel metric 256 pref medium
default via fe80::[gateway] dev eno1 proto ra metric 1002 mtu 1500 pref medium
I’ve spent a month trying to understand where this needs to be, with research and various attempts to modify the config. I’ve completely bottomed out on lack of directly pertinent information and personal knowledge.
I would very much like to run these serves on nixos. If I can’t get this working, I might have to fall back to debian.
Any suggestions or pointers gratefully accepted. I know nothing.
(I have one server set up with a working debian setup, and one with nixos in this form. I can use the debian setup as a reference while attempting to get nixos working)
Thank you for your consideration.