From 8c89bce218aa544851b1f40ff1f3bac4c56fd6e8 Mon Sep 17 00:00:00 2001
From: Someone <someone@somenet.org>
Date: Thu, 27 Nov 2025 22:32:51 +0100
Subject: [PATCH] roles/base/network/files

---
 roles/base/network/files/default/nftables.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/base/network/files/default/nftables.conf b/roles/base/network/files/default/nftables.conf
index 279cefe..07bbbb5 100644
--- a/roles/base/network/files/default/nftables.conf
+++ b/roles/base/network/files/default/nftables.conf
@@ -39,6 +39,7 @@ table inet filter {
 
         # accept neighbour discovery otherwise IPv6 connectivity breaks.
         ip6 nexthdr icmpv6 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} counter accept
+        ip6 nexthdr udp udp dport 546 counter accept
         ip protocol icmp icmp type { echo-request} counter accept
 
         # accept connections to these services.
-- 
2.47.3