Disable IPv6 on Debian
Edit /etc/sysctl.conf.
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1Apply the changes.
sudo sysctl -pDisable IPv6 on Fedora
sudo grubby --args=ipv6.disable=1 --update-kernel=ALL
sudo grub2-mkconfig -o /boot/grub2/grub.cfgRename network interface when using systemd-networkd
Create a udev rule at /etc/udev/rules.d/70-my-net-names.rules.
SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="your-mac-address", NAME="wlan0"Using 70-my-net-names.rules as the filename ensures the rule is ordered /usr/lib/udev/rules.d/80-net-setup-link.rules.
Connecting to WiFi network using systemd-networkd and wpa_supplicant
Create a file at /etc/wpa_supplicant/wpa_supplicant-wlan0.conf. Use wpa_passphrase to hash the passphrase.
wpa_passphrase your-ssid your-ssid-passphrase | sudo tee -a /etc/wpa_supplicant/wpa_supplicant-wlan0.confEdit /etc/wpa_supplicant/wpa_supplicant-wlan0.conf.
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
update_config=1
network={
ssid="your-ssid"
psk="your-hashed-ssid-passphrase"
key_mgmt=WPA-PSK
proto=WPA2
scan_ssid=1
}Create a file at /etc/systemd/network/25-wlan.network.
[Match]
Name=wlan0
[Network]
DHCP=ipv4Enable and start the network services.
sudo systemctl enable --now wpa_supplicant@wlan0.service
sudo systemctl restart systemd-networkd.service
sudo systemctl restart wpa_supplicant@wlan0.serviceCheck the interface status with ip a.
Use tailnet DNS and prevent DNS leaks
After the above WiFi interface is setup, disable IPv6 as per the above sections, and enable the Tailscale service.
sudo systemctl enable --now tailscaled.service
sudo tailscale upEdit /etc/systemd/networkd/25-wlan.network again, and add the following contents.
[Match]
Name=wlan0
[Network]
DHCP=ipv4
DNS=100.100.100.100
DNSSEC=allow-downgrade
[DHCPv4]
UseDNS=noThis will tell the wlan0 interface to use Tailscale’s MagicDNS, along with DNSSEC if it is available, and not to get the nameservers from the DHCPv4 connection.