networkd: IPv6: equivalent of 'default via fe80::1` with policy routing?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I may just be over-thinking this but I have a scenario that I can configure manually but have not been able to figure out how to amend the networkd configuration to match!

# echo "2 starlink" >> /etc/iproute2/rt-tables
# ip -6 rule add from 2001:0DB8:1:1::/64 table starlink priority 100
# ip -6 route add default via fe80::1 dev WAN table starlink

Note: 'via' required to prevent failed neighbour solicitations for external addresses.

The issue is I cannot see how to achieve both 'default' and 'via' in .network
 ROUTE section (when specifying a routing table).
I see recommendations to use `Gateway=::` as an alias for 'default' but that prevents
 setting the next-hop router address explicitly, which results in failure due to neighbour
 solicitation.

Scenario (current):
 IPv6 only local network
 gateway is host using systemd-networkd (systemd 252.12 on Debian 12)
 gateway is directly connected to Starlink terminal (the 'dish') on interface "WAN"
 "WAN" interface has only operated on IPv4 until now (CG-NAT)
 Wireguard IP tunnel to data-center server acting as public gateway
 Wireguard tunnel only carries IPv6
 data-center gateway delegates public IPv6 prefix to local gateway
 local hosts allocated public addresses by gateway

Scenario (new):
 Starlink terminal now advertises an IPv6 /64 prefix using RA
 allocate IPv6 from prefix (manually or automatically) to "WAN"
 use policy routing so replies go out on "WAN" when arriving on that interface

(this is to act as a back-up since the Wireguard tunnel will remain the primary routing)

/etc/systemd/networkd.conf:
[Network]
RouteTable=starlink:2

/etc/systemd/network/WAN.network:
# ... existing configuration# named tables must be added to /etc/systemd/networkd.conf as name:number pairs, space separated:
# [Network]
# RouteTable=starlink:2

[Address]
Address=2001:0DB8:1:1::dead:beef/64

[RoutingPolicyRule]
Table=starlink
From=2001:0DB8:1:1::/64
Priority=100

[Route]
# starlink terminal link-local address (gateway's should always use link-local address)
Gateway=fe80::1
# default route
# Gateway=::
GatewayOnLink=true
Table=starlink

Attachment: OpenPGP_0xEFEC37A429CD6080.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux