Networking: Difference between revisions
m →Configuration: link to related pages |
|||
| (3 intermediate revisions by the same user not shown) | |||
| Line 118: | Line 118: | ||
}; | }; | ||
</syntaxhighlight> | </syntaxhighlight> | ||
=== Virtualization === | |||
Sometimes complex network configurations with VPNs or firewall rules you may need extra configurations in order for your VMs to have network access. It is recommended to use more granular control over the ports instead of simply allowing the entire interface.<syntaxhighlight lang="nix">networking = { | |||
firewall = { | |||
enable = true; | |||
# Allows the entire interface through the firewall. | |||
# trustedInterfaces = [ | |||
# "virbr0" | |||
# ]; | |||
# Allows individual ports through the firewall. | |||
interfaces = { | |||
virbr0 = { | |||
allowedUDPPorts = [ | |||
# DNS | |||
53 | |||
# DHCP | |||
67 | |||
# You may want to allow more ports such as ipv6 and other services here. | |||
]; | |||
}; | |||
}; | |||
}; | |||
nat = { | |||
enable = true; | |||
internalInterfaces = [ | |||
"virbr0" | |||
]; | |||
}; | |||
};</syntaxhighlight> | |||
== IPv6 == | == IPv6 == | ||