1 files changed, 21 insertions, 14 deletions

diff --git a/machines/lapin.nix b/machines/lapin.nix
index 7e4ef8b..ddeace0 100644
--- a/machines/lapin.nix
+++ b/machines/lapin.nix
@@ -2,22 +2,36 @@
 
 {
   networking = {
-    defaultGateway = "172.31.1.1";
-    nameservers = [ "2606:4700:4700::1111" "2606:4700:4700::1001" ];
+    useDHCP = false;
+    nameservers = [
+      "1.1.1.1" "1.0.0.1"
+      "2606:4700:4700::1111" "2606:4700:4700::1001"
+    ];
   };
 
   systemd.network.enable = true;
   systemd.network.networks."10-wan" = {
-    matchConfig.Name = "enp1s0";
-    networkConfig.DHCP = "ipv4";
-    address = [ "2a01:4f8:c012:9493::1" ];
-    routes = [ { routeConfig.Gateway = "fe80::1"; } ];
+    name = "enp1s0";
+    DHCP = "no";
+    address = [ 
+      "2a01:4f8:c012:9493::1"
+      "138.201.117.99"
+    ];
+    routes = [ 
+      { routeConfig.Gateway = "fe80::1"; }
+      { routeConfig.Destination = "172.31.1.1"; }
+      { routeConfig = { Gateway = "172.31.1.1"; GatewayOnLink = true; }; }
+    ];
   };
 
   services.resolved = {
+    # LLMNR and MulticastDNS both give DNS timeouts.
+    # MDNS specifically for some reason gives Docker bridge interfaces it's scope,
+    # which means every DNS request waits for an answer... from every interface... 
     llmnr = "false";
+    extraConfig = "MulticastDNS=no";
     dnssec = "false"; # DNSSEC breaks IPv6, for some reason :(
-  };  
+  };
   
   virtualisation.docker.daemon.settings = {
     "experimental" = true;
@@ -29,13 +43,6 @@
       { base = "172.17.0.0/16"; size = 24; }
       { base = "fc00:d0c::/32"; size = 48; }
     ];
-    # This is the default Tailscale MTU.
-    # Necessary since we proxy IPv4 requests through another node
-    # and the container does not differentiate the IPv6 (enp1s0) and
-    # IPv4 (tailscale0) interfaces like the host.
-    # Can be removed when I find a better method to support IPv4 on
-    # IPv6 only hosts.
-    "mtu" = 1280;
   };
 
   services.nginx.virtualHosts = {