space_server: enable IPv6 on the free wifi

3 files changed, 30 insertions, 22 deletions

diff --git a/roles/space_server/files/networkd/network/10-lan13.network b/roles/space_server/files/networkd/network/10-lan13.network
index 6151c0e..3bb0e36 100644
--- a/roles/space_server/files/networkd/network/10-lan13.network
+++ b/roles/space_server/files/networkd/network/10-lan13.network
@@ -6,8 +6,14 @@ DHCP=no
 IPv6AcceptRA=no
 LinkLocalAddressing=no
 Address=10.42.3.1/24
+#Address=2a01:4260:1ab:d::1/64
+Address=fe80::1/64
 IPForward=yes
 LLMNR=yes
 MulticastDNS=yes
 LLDP=yes
 EmitLLDP=yes
+
+[Route]
+Destination=2a01:4260:1ab:d::/64
+PreferredSource=2a01:4260:1ab::
diff --git a/roles/space_server/files/nftables/nftables.conf b/roles/space_server/files/nftables/nftables.conf
index 30233b0..f038d60 100644
--- a/roles/space_server/files/nftables/nftables.conf
+++ b/roles/space_server/files/nftables/nftables.conf
@@ -102,15 +102,15 @@ table ip filter {
 		ct state established,related accept
 		ct state invalid drop
 
+		# accept all traffic to spacewand
+		ip daddr $spacewand4 accept
+
 		ip saddr $labitat udp dport 161 counter accept # traffic stats
 
 		# no traffic to admin net
 		ip daddr $adm_net4 ip saddr $int_net4 reject with icmp type net-prohibited
 		ip daddr $adm_net4 drop
 
-		# accept all traffic to spacewand
-		ip daddr $spacewand4 accept
-
 		# local traffic
 		iif $adm_if  ip saddr $adm_net4  accept
 		iif $wire_if ip saddr $wire_net4 accept
@@ -163,11 +163,12 @@ table ip6 filter {
 		ct state established,related accept
 		ct state invalid drop
 
+		# accept all traffic to spacewand
 		ip6 daddr $spacewand6 accept
 
 		iif $wire_if ip6 saddr $wire_net6 accept
 		iif $priv_if ip6 saddr $priv_net6 accept
-		#iif $free_if ip6 saddr $free_net6 ip6 daddr != $int_net6 accept
+		iif $free_if ip6 saddr $free_net6 ip6 daddr != $ext_net6 accept
 		iif $pass_if ip6 saddr $pass_net6 accept
 		iif $serv_if ip6 saddr $serv_net6 accept
 
diff --git a/roles/space_server/files/radvd/radvd.conf b/roles/space_server/files/radvd/radvd.conf
index 02749f3..7f259ae 100644
--- a/roles/space_server/files/radvd/radvd.conf
+++ b/roles/space_server/files/radvd/radvd.conf
@@ -6,7 +6,7 @@ interface lan11 {
 	AdvLinkMTU 1500;
 	RDNSS 2a01:4260:1ab:: {};
 
-	prefix 2a01:4260:1ab:b::1/64 {
+	prefix 2a01:4260:1ab:b::/64 {
 		#AdvValidLifetime 0;
 		#AdvPreferredLifetime 0;
 	};
@@ -20,27 +20,27 @@ interface lan12 {
 	AdvLinkMTU 1500;
 	RDNSS 2a01:4260:1ab:: {};
 
-	prefix 2a01:4260:1ab:c::1/64 {
+	prefix 2a01:4260:1ab:c::/64 {
 		#AdvValidLifetime 0;
 		#AdvPreferredLifetime 0;
 	};
 };
 
-## Free Wifi
-#interface lan13 {
-#	AdvSendAdvert on;
-#	MinRtrAdvInterval 3;
-#	MaxRtrAdvInterval 6;
-#	AdvLinkMTU 1500;
-#	RDNSS 2a01:4260:1ab:: {};
-#
-#	prefix 2a01:4260:1ab:d::1/64 {
-#		#AdvValidLifetime 0;
-#		#AdvPreferredLifetime 0;
-#	};
-#};
+# Free Wifi
+interface lan13 {
+	AdvSendAdvert on;
+	MinRtrAdvInterval 3;
+	MaxRtrAdvInterval 6;
+	AdvLinkMTU 1500;
+	RDNSS 2a01:4260:1ab:: {};
+
+	prefix 2a01:4260:1ab:d::/64 {
+		#AdvValidLifetime 0;
+		#AdvPreferredLifetime 0;
+	};
+};
 
-# Password protected wifi
+# Password Protected Wifi
 interface lan14 {
 	AdvSendAdvert on;
 	MinRtrAdvInterval 3;
@@ -48,12 +48,13 @@ interface lan14 {
 	AdvLinkMTU 1500;
 	RDNSS 2a01:4260:1ab:: {};
 
-	prefix 2a01:4260:1ab:e::1/64 {
+	prefix 2a01:4260:1ab:e::/64 {
 		#AdvValidLifetime 0;
 		#AdvPreferredLifetime 0;
 	};
 };
 
+# NAT64 Wifi
 interface lan15 {
 	AdvSendAdvert on;
 	MinRtrAdvInterval 3;
@@ -61,7 +62,7 @@ interface lan15 {
 	AdvLinkMTU 1500;
 	RDNSS 2a01:4260:1ab:: {};
 
-	prefix 2a01:4260:1ab:f::1/64 {
+	prefix 2a01:4260:1ab:f::/64 {
 		#AdvValidLifetime 0;
 		#AdvPreferredLifetime 0;
 	};