From 07c49c3d37828222037cb9a94068a2052d5df078 Mon Sep 17 00:00:00 2001
From: Katherina Walshe-Grey <git@qenya.tel>
Date: Thu, 23 Jan 2025 14:24:39 +0000
Subject: [PATCH] elucredassa: Restrict WireGuard's MTU to fit through 6in4
 tunnel

Includes a workaround for https://github.com/NixOS/nixpkgs/issues/375960
---
 hosts/elucredassa/networking.nix | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/hosts/elucredassa/networking.nix b/hosts/elucredassa/networking.nix
index 4aa71c1..6e7ace7 100644
--- a/hosts/elucredassa/networking.nix
+++ b/hosts/elucredassa/networking.nix
@@ -19,6 +19,7 @@
       Name = "sit-he-ipv6";
       Kind = "sit";
       Description = "Hurricane Electric IPv6 Tunnel";
+      MTUBytes = 1480;
     };
 
     tunnelConfig = {
@@ -38,4 +39,10 @@
     privateKeyFile = "/etc/wireguard/privatekey";
     persistentKeepalive = 29;
   };
+
+  # restricted to fit within the 6in4 tunnel
+  systemd.network.netdevs."30-birdsong".netdevConfig.MTUBytes = 1280;
+  # these two lines work around this bug: https://github.com/NixOS/nixpkgs/issues/375960
+  systemd.network.netdevs."30-birdsong".netdevConfig.Kind = "wireguard";
+  systemd.network.netdevs."30-birdsong".netdevConfig.Name = "wg-birdsong";
 }