diff --git a/machines/loc1xe/setup.sh b/machines/loc1xe/setup.sh
index fe1359e..3d2e733 100755
--- a/machines/loc1xe/setup.sh
+++ b/machines/loc1xe/setup.sh
@@ -23,13 +23,15 @@ ip link add name wg-vms type wireguard
 wg setconf wg-vms ./machines/$mach/wg-vms.conf
 ip link set wg-vms netns "$vm_netns"
 nsenter --net="$vm_netns" ip link set wg-vms up
-# The netns has *no* means of participating in the traffic, because it has no address to use.
-# FIXME: Apart from possibly a link-local one :-/
 nsenter --net="$vm_netns" ip route add 2a01:4f8:c0c:36b8:ff01:8000:0:0001/128 dev wg-vms onlink
 nsenter --net="$vm_netns" ip route add default via 2a01:4f8:c0c:36b8:ff01:8000:0:0001 dev wg-vms
 nsenter --net="$vm_netns" sysctl net.ipv6.conf.all.forwarding=1
 
 tmux -N new-window -d -n vm1 socat stdio unix-listen:state/$mach/vm1.sock
 nsenter --net="$vm_netns" ./machines/$mach/vm1/start.sh
+# We *do* have an IPv6 address just because the VM simulates ethernet, which is broadcast and runs NDP and so we need to respond.
+# However, we should avoid *any* interaction with the packets, that is, probably just drop everything in input and output chains, TODO
+# FIXME: I think the correct range is fe80::/64, not fe80:whatever::/64… But this works…
+nsenter --net="$vm_netns" ip addr add fe80:ff01:8000::2/64 dev tap-vm1 scope link
 nsenter --net="$vm_netns" ip link set dev tap-vm1 up
 nsenter --net="$vm_netns" ip route add 2a01:4f8:c0c:36b8:ff01:8000:0:0003/128 dev tap-vm1 onlink
diff --git a/machines/loc1xe/vm1/init b/machines/loc1xe/vm1/init
index 2418c7d..71aa15d 100755
--- a/machines/loc1xe/vm1/init
+++ b/machines/loc1xe/vm1/init
@@ -6,7 +6,8 @@
 /busybox insmod /e1000.ko
 /busybox ip link set lo up
 /busybox ip addr add 2a01:4f8:c0c:36b8:ff01:8000:0:3/128 dev eth0
+/busybox ip addr add fe80:ff01:8000::3 dev eth0 scope link
 /busybox ip link set eth0 up
-/busybox ip route add default via 2a01:4f8:c0c:36b8:ff01:8000:0:1 dev eth0 onlink
+/busybox ip route add default via fe80:ff01:8000::2 dev eth0
 
 /busybox ash