<bbigras>
ah those are nice. I wanted one for a while to put OpenBSD on it. I only got an edge router lite and mips64 is a pita for the updates.
<hexa->
they have limitations
<hexa->
like 1 GigE only
<bbigras>
for OpenBSD it might not be a big deal since, I think, the bottleneck is the non-multi-core network stack (or firewall).
<bbigras>
in my case it would be fine. no fiber to the modem yet here... even if I'm 5 mins from the metropolis while a friend, 40 km north, in the woods, has it...
<hexa->
nixos on my router when?!
<hexa->
it works so well with debian
<hexa->
haven't needed to touch it since the buster upgrade
<hexa->
it just works, updates, reboots
<sphalerite>
bbigras: it's a lot easier to dig stuff up in the country than in the city :p
<sphalerite>
hexa-: as soon as you install it!
<sphalerite>
though I guess a router is the sort of thing where the configuration and state are small enough that they don't go out of control like a desktop system would
<sphalerite>
on debian
<hexa->
sphalerite: the immediate benefit is low
<lukegb>
I'm running nixos-unstable on my router, live fast etc.
<lukegb>
I run a few "extraneous" network services on it though, mostly the Unifi controller
<gchristensen>
I admit that every time I have to debug my router these days I consider just getting a unifi thing instead. debugging network isn't my idea of a super fun side project ,and that time is limited these days ;_;
<lukegb>
The Unifi things are alright I hear
<sphalerite>
gchristensen: personally I'd prefer a device from an open-source-friendlier manufacturer, with openwrt, out of principle. But can definitely understand how unifi is an attractive option too
<gchristensen>
me too
<sphalerite>
but? :p
<gchristensen>
I find myself needing to have fewer projects
<sphalerite>
openwrt isn't that much of a project :p
<sphalerite>
er, that is, using openwrt for a home network
<sphalerite>
certainly less than nixos
<gchristensen>
yeah, I used to use it :)
teto has joined #nixos-on-your-router
<andi->
I prefer debugging networking over debugging most other shit
<andi->
at least for networking you have multiple implementations, debugging tools and RFCs to refer to
<hexa->
true
<andi->
and hacking on the tech stack is generally low barrier in my experience. Compare this with debugging linker scripts...
teto has quit [Ping timeout: 272 seconds]
<betawaffle>
i _feel_ like i have lots of free time, but i end up not actually having much free time
<betawaffle>
but as far as routers go, i really like apu2d4 + nixos + nftables
<betawaffle>
i'm not completely happy with networkd, but it's working well enough
<betawaffle>
and i really want to switch my stuff over to flakes, but i haven't had the time yet
<andi->
betawaffle: what is missing? Did you open a issue yet? :D
<betawaffle>
i don't recall anything missing, but i may be forgetting something i gave up on
<betawaffle>
i mean, i would have liked better control over the dhcp v6 client parts, though i think i worked that out
<hexa->
and by that you mean being able to inspect the state and state changes?
<hexa->
or really "control"?
<hexa->
networkctl dhcpv6-release ppp0 *cough*
<andi->
o.O
<andi->
release doesn't make much sense. In that case configure DHPCd to not request one.
<andi->
renew would make sense
<hexa->
andi-: ipv6 isn't going to happen, accept it
<andi->
s/DHCPd/networkd/
<betawaffle>
oh right i remember. i couldn't tell it to not request the IA_NA address
<andi->
I don't think there are many imperative operations you want networkd to do
<betawaffle>
i had to hack around that
<hexa->
ah yeah, I noticed that as well
<hexa->
but it didn't appear to be an issue here
<andi->
does it hur in your secnario betawaffle?
<andi->
*hurt
<andi->
I mean if there is no reason not to request one why make it optional?
<betawaffle>
AT&T hands out a global ipv6 addr for IA_NA *that isn't routable!*
<andi->
Ah I remember that one
<hexa->
lovely
<andi->
the solution to that is probably not not requesting IA_NA. That is more of a hack. You probably want to treat that IP differently
<andi->
e.g. change when that IP is used for routing and/or if that IP is actually added to the interface
<betawaffle>
yeah, i understand why they are doing it, and my situation is the reason it causes a problem
<hexa->
betawaffle: why are they doing it?
<betawaffle>
the address is supposed to be assigned to their residential gateway, but i'm bypassing that and using my router in front
<betawaffle>
i'm sure it's for internal management purposes
<andi->
you could still run networkd in a nixos container and route all your traffic via that.. except for the issue that networkd doesn't do prefix delegation via DHCPv6 yet..
<andi->
That would be another nice feature. Cascading routers.
<betawaffle>
it does do prefix delegation
<betawaffle>
i was able to get it working, at least?
<andi->
well it requests a PD and assigns it to an interface
<betawaffle>
oh, via dhcp? i'm using ra
<andi->
it doesn't allow clients to request a prefix via PD
<andi->
Lets say you have one internet connection and you want to share it with 5 households where each of them runs their own residential router that should obtain a /56
<betawaffle>
sounds like a lot of fun
<betawaffle>
please go on
<andi->
Not much more to discuss :D
<betawaffle>
AT&T only hands out /60
<andi->
oh well..
<betawaffle>
but at least it never changes on you, i guess
<andi->
my /48 also doesn't change as long as my DUID doesn't change..
<andi->
so I guess they are just using the modems MAC or whatever
<betawaffle>
yeah, i have to spoof the residential gateway's mac
<andi->
Maybe we should have write-ups about the router setups we are running? I remember there not being a lot of tutorials for doing this with networkd while IMO it is superior.
<betawaffle>
yeah, we should.
<betawaffle>
i'm still trying to get my website/blog built
<betawaffle>
and i need to get the secrets out of my nix files
<andi->
maybe that allows you to do your imperative stuff
<andi->
makes you feel like home on NixOS (home = Debian)
<andi->
and it even gives you yaml for all that ansible feeling
<hexa->
oah, thank you ssahani
<hexa->
we certainly need another yaml networking solution
<andi->
Let me propose the final YAML networking spec. First off you are writing your YAML file against a very precise spec. The spec mandates the minimum and maximum permissible size of each line. For simplicity min=max=0 is true unless otherwise specified. The empty YAML file is the only valid configuration.