So, I have a server with a single /32 ipv4 and a /64 ipv6. And I want to use it as a hypervisor, and a vpn server.
Static external addresses
[Match] Name=enp41s0 [Network] Address=.../64 Gateway=fe80::1 Gateway=... IPForward=yes [Address] Address=... Peer=.../32
[NetDev] Name = wg0 Kind = wireguard [WireGuard] PrivateKey = ... # PublicKey = ... ListenPort = 51820 # peer1 [WireGuardPeer] PublicKey = ... AllowedIPs = .../24,.../80
IPForwardcontrols the same thing as the
sysctlsettings (which is in kernel stuff)
IPMasqueradeeverything leaving the system that originated from this interface gets masked
[Match] Name=wg0 [Network] Address=.../20 Address=.../72 IPForward=yes IPMasquerade=ipv4
A bridge with tap devices for vms...
[NetDev] Name=qemu0 Kind=bridge
IPv4ProxyARPis apparently important
[Match] Name=qemu0 [Network] Address=.../26 Address=.../88 IPForward=yes IPv4ProxyARP=yes
For the individual tap devices
[Match] Name=tapqemu* [Network] Bridge=qemu0
[NetDev] Name=tapqemu01 Kind=tap