Support forwarding IPv6 payloads

[qdii]

When using the helm chart to set up a server as an egress point, Wireguard clients will connect the endpoint in IPv4, but forward IPv6 payloads.

As forwarding is only configured for IPv4 by the init script, this result in a weird state for clients browsing the internet where certain resources on the internet work and other don't work.

[bryopsida]

Just as an additional note, the forwards can be setup for IPV6 but for it to function the kubernetes cluster CNI will also need to be configured to allocate IPV6 addresses for the pods.

For example

• https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/dual-stack-support/#prerequisite-ipv6-forwarding

[bryopsida]

Looking over the changes needed in the chart.

https://github.com/bryopsida/wireguard-chart/blob/60ceb2d21e245a046660523a20e2a162a52dc03e/helm/wireguard/templates/deployment.yaml#L137

Sysctl calls for IPv6 would need to be added.

Most likely IPV6 SNAT/DNAT would need to be added since most clusters allocate IPv6 addresses from a private range/prefix instead of a public prefix.

https://github.com/bryopsida/wireguard-chart/blob/60ceb2d21e245a046660523a20e2a162a52dc03e/helm/wireguard/templates/config.yaml#L7

https://linux.die.net/man/8/ip6tables-1.4.7

[qdii]

This may be relevant: https://kubernetes.io/docs/concepts/services-networking/dual-stack/#egress-traffic