Make IPv6 primary on the bridge

This commit is contained in:
Wojciech Kozlowski 2023-07-27 23:24:41 +02:00
parent 18ee9c7a24
commit bd66dc341e

View File

@ -1,13 +1,10 @@
auto br0
iface br0 inet static
iface br0 inet6 static
pre-up /usr/local/sbin/ip-link-add.sh $IFACE type bridge
post-up /usr/local/sbin/post-up-$IFACE-inet.nft
post-up /usr/local/sbin/post-up-$IFACE-ipv4.nft
post-up /usr/local/sbin/post-up-$IFACE-ipv6.nft
{% if vpn_bridge_routing_table is defined %}
post-up ip rule add dev $IFACE table {{ vpn_bridge_routing_table }}
post-up ip rule add dev $IFACE to {{ local_inet_network }} table main priority 1
post-up ip -6 rule add dev $IFACE table {{ vpn_bridge_routing_table }}
post-up ip -6 rule add dev $IFACE to {{ local_inet6_network }} table main priority 1
{% endif %}
@ -15,11 +12,8 @@ iface br0 inet static
{% if vpn_bridge_routing_table is defined %}
pre-down ip -6 rule del dev $IFACE to {{ local_inet6_network }} table main priority 1
pre-down ip -6 rule del dev $IFACE table {{ vpn_bridge_routing_table }}
pre-down ip rule del dev $IFACE to {{ local_inet_network }} table main priority 1
pre-down ip rule del dev $IFACE table {{ vpn_bridge_routing_table }}
{% endif %}
pre-down /usr/local/sbin/pre-down-$IFACE-ipv6.nft
pre-down /usr/local/sbin/pre-down-$IFACE-ipv4.nft
pre-down /usr/local/sbin/pre-down-$IFACE-inet.nft
bridge_stp off
@ -27,8 +21,20 @@ iface br0 inet static
bridge_fd 0
bridge_ports none
address {{ vpn_bridge_inet_address }}/{{ vpn_bridge_inet_prefixlen }}
iface br0 inet6 static
address {{ vpn_bridge_inet6_address }}/{{ vpn_bridge_inet6_prefixlen }}
dad-attempts 0
iface br0 inet static
post-up /usr/local/sbin/post-up-$IFACE-ipv4.nft
{% if vpn_bridge_routing_table is defined %}
post-up ip rule add dev $IFACE table {{ vpn_bridge_routing_table }}
post-up ip rule add dev $IFACE to {{ local_inet_network }} table main priority 1
{% endif %}
{% if vpn_bridge_routing_table is defined %}
pre-down ip rule del dev $IFACE to {{ local_inet_network }} table main priority 1
pre-down ip rule del dev $IFACE table {{ vpn_bridge_routing_table }}
{% endif %}
pre-down /usr/local/sbin/pre-down-$IFACE-ipv4.nft
address {{ vpn_bridge_inet_address }}/{{ vpn_bridge_inet_prefixlen }}