diff options
-rw-r--r-- | nixos/doc/manual/from_md/release-notes/rl-2305.section.xml | 7 | ||||
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2305.section.md | 2 | ||||
-rw-r--r-- | nixos/modules/services/networking/dhcpcd.nix | 9 |
3 files changed, 18 insertions, 0 deletions
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml index 60c5fdaa5a88f..6977203788cca 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml @@ -532,6 +532,13 @@ </listitem> <listitem> <para> + <literal>services.dhcpcd</literal> service now don’t solicit + or accept IPv6 Router Advertisements on interfaces that use + static IPv6 addresses. + </para> + </listitem> + <listitem> + <para> The module <literal>services.headscale</literal> was refactored to be compliant with <link xlink:href="https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md">RFC diff --git a/nixos/doc/manual/release-notes/rl-2305.section.md b/nixos/doc/manual/release-notes/rl-2305.section.md index 0bf1ad38eb018..09f4343a159b2 100644 --- a/nixos/doc/manual/release-notes/rl-2305.section.md +++ b/nixos/doc/manual/release-notes/rl-2305.section.md @@ -134,6 +134,8 @@ In addition to numerous new and upgraded packages, this release has the followin - `services.chronyd` is now started with additional systemd sandbox/hardening options for better security. +- `services.dhcpcd` service now don't solicit or accept IPv6 Router Advertisements on interfaces that use static IPv6 addresses. + - The module `services.headscale` was refactored to be compliant with [RFC 0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md). To be precise, this means that the following things have changed: - Most settings has been migrated under [services.headscale.settings](#opt-services.headscale.settings) which is an attribute-set that diff --git a/nixos/modules/services/networking/dhcpcd.nix b/nixos/modules/services/networking/dhcpcd.nix index ac5d45a65e3b8..9a0b29fbe5a7f 100644 --- a/nixos/modules/services/networking/dhcpcd.nix +++ b/nixos/modules/services/networking/dhcpcd.nix @@ -33,6 +33,13 @@ let (if !config.networking.useDHCP && enableDHCP then map (i: i.name) (filter (i: i.useDHCP == true) interfaces) else null); + staticIPv6Addresses = map (i: i.name) (filter (i: i.ipv6.addresses != [ ]) interfaces); + + noIPv6rs = concatStringsSep "\n" (map (name: '' + interface ${name} + noipv6rs + '') staticIPv6Addresses); + # Config file adapted from the one that ships with dhcpcd. dhcpcdConf = pkgs.writeText "dhcpcd.conf" '' @@ -75,6 +82,8 @@ let ''} ${cfg.extraConfig} + + ${optionalString config.networking.enableIPv6 noIPv6rs} ''; exitHook = pkgs.writeText "dhcpcd.exit-hook" |