fix(ringtail): explicitly enable net.ipv4.ip_forward
After the static IP change, k3s/flannel pod networking broke because ip_forward was 0. NixOS doesn't enable IP forwarding by default — it was previously being set implicitly somewhere in the NM-managed / scripted-DHCP path. With static networking we have to set it ourselves. Verified at runtime via sysctl -w before adding here; pod outbound came back immediately and Tailscale VIP services recovered without any pod restarts. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
parent
d0b5423135
commit
a4a30aad44
2 changed files with 7 additions and 1 deletions
|
|
@ -1 +1 @@
|
|||
Pin ringtail's wired IP to `192.168.1.21` via NixOS scripted networking; NetworkManager no longer manages `enp5s0`. Removes DHCP lease renewal as a failure mode after a silent lease teardown took ringtail offline.
|
||||
Pin ringtail's wired IP to `192.168.1.21` via NixOS scripted networking; NetworkManager no longer manages `enp5s0`. Removes DHCP lease renewal as a failure mode after a silent lease teardown took ringtail offline. Also explicitly enables `net.ipv4.ip_forward` (previously set implicitly by scripted-DHCP) so k3s pod networking and Tailscale routing continue to work with static networking.
|
||||
|
|
|
|||
|
|
@ -31,6 +31,12 @@ in
|
|||
networking.defaultGateway = "192.168.1.1";
|
||||
networking.nameservers = [ "192.168.1.1" "1.1.1.1" ];
|
||||
|
||||
# K3s pod networking and Tailscale tunnel routing require IP forwarding.
|
||||
# NixOS leaves this off by default; previously it was being enabled
|
||||
# implicitly by NM/scripted-DHCP setup, but with static networking we
|
||||
# have to set it explicitly.
|
||||
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
|
||||
|
||||
# Time zone
|
||||
time.timeZone = "America/Los_Angeles";
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue