diff --git a/flake.lock b/flake.lock
index 3ebc633..2114771 100644
--- a/flake.lock
+++ b/flake.lock
@@ -288,11 +288,11 @@
     },
     "nixpkgs_3": {
       "locked": {
-        "lastModified": 1723362943,
-        "narHash": "sha256-dFZRVSgmJkyM0bkPpaYRtG/kRMRTorUIDj8BxoOt1T4=",
+        "lastModified": 1723637854,
+        "narHash": "sha256-med8+5DSWa2UnOqtdICndjDAEjxr5D7zaIiK4pn0Q7c=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "a58bc8ad779655e790115244571758e8de055e3d",
+        "rev": "c3aa7b8938b17aebd2deecf7be0636000d62a2b9",
         "type": "github"
       },
       "original": {
diff --git a/hosts/carbon/configuration.nix b/hosts/carbon/configuration.nix
index 0a352e0..0841856 100644
--- a/hosts/carbon/configuration.nix
+++ b/hosts/carbon/configuration.nix
@@ -55,6 +55,15 @@
     };
   };
 
+  systemd.services.kea-dhcp4-server = {
+    after = [
+      "network-setup.service"
+    ];
+    requires = [
+      "network-setup.service"
+    ];
+  };
+
   clerie.firewall.enable = true;
 
   clerie.monitoring = {
diff --git a/hosts/carbon/net-gastnetz.nix b/hosts/carbon/net-gastnetz.nix
index 932c374..361cc46 100644
--- a/hosts/carbon/net-gastnetz.nix
+++ b/hosts/carbon/net-gastnetz.nix
@@ -7,18 +7,23 @@
     id = 202;
     interface = "enp1s0";
   };
-  networking.interfaces."enp1s0.202".ipv6.addresses = [
-    { address = "fd00:3214:9453:4920::1"; prefixLength = 64; }
-    { address = "2001:4cd8:100:1313::1"; prefixLength = 64; } # public IPs for local network
+  networking.bridges."net-gastnetz".interfaces = [
+    "enp1s0.202"
   ];
-  networking.interfaces."enp1s0.202".ipv4.addresses = [
+  networking.interfaces."net-gastnetz".ipv6.addresses = [
+    { address = "fd00:3214:9453:4920::1"; prefixLength = 64; }
+  ];
+  networking.interfaces."net-gastnetz".ipv4.addresses = [
     { address = "192.168.32.1"; prefixLength = 24; }
   ];
 
   services.radvd.config = ''
-    interface enp1s0.202 {
+    interface net-gastnetz {
       AdvSendAdvert on;
-      prefix 2001:4cd8:100:1313::/64 {};
+      prefix ::/64 {
+        AdvValidLifetime 60;
+        AdvPreferredLifetime 30;
+      };
       RDNSS 2620:fe::fe 2620:fe::9 {}; # Quad 9
     };
   '';
@@ -26,7 +31,7 @@
   services.kea.dhcp4 = {
     settings = {
       interfaces-config = {
-        interfaces = [ "enp1s0.202" ];
+        interfaces = [ "net-gastnetz" ];
       };
       subnet4 = [
         # Gastnetz
@@ -55,9 +60,9 @@
 
   # net-gastnetz can only access internet
   clerie.firewall.extraForwardFilterCommands = ''
-    ip46tables -A forward-filter -i enp1s0.202 -o ppp-dtagdsl -j ACCEPT
-    ip46tables -A forward-filter -i enp1s0.202 -j DROP
-    ip46tables -A forward-filter -o enp1s0.202 -j DROP
+    ip46tables -A forward-filter -i net-gastnetz -o ppp-dtagdsl -j ACCEPT
+    ip46tables -A forward-filter -i net-gastnetz -j DROP
+    ip46tables -A forward-filter -o net-gastnetz -j DROP
   '';
 
 }
diff --git a/hosts/carbon/net-heimnetz.nix b/hosts/carbon/net-heimnetz.nix
index 60e0bc6..36e42dd 100644
--- a/hosts/carbon/net-heimnetz.nix
+++ b/hosts/carbon/net-heimnetz.nix
@@ -14,7 +14,6 @@
   networking.interfaces."net-heimnetz".ipv6.addresses = [
     { address = "fe80::1"; prefixLength = 64; }
     { address = "fd00:152:152:4::1"; prefixLength = 64; }
-    { address = "2001:4cd8:100:1337::1"; prefixLength = 64; } # public IPs for local network
   ];
   networking.interfaces."net-heimnetz".ipv4.addresses = [
     { address = "10.152.4.1"; prefixLength = 24; }
@@ -23,7 +22,10 @@
   services.radvd.config = ''
     interface net-heimnetz {
       AdvSendAdvert on;
-      prefix 2001:4cd8:100:1337::/64 {};
+      prefix ::/64 {
+        AdvValidLifetime 60;
+        AdvPreferredLifetime 30;
+      };
       RDNSS fd00:152:152::1 {};
       DNSSL net.clerie.de {};
     };
diff --git a/hosts/carbon/net-iot.nix b/hosts/carbon/net-iot.nix
index 43e3c57..96da523 100644
--- a/hosts/carbon/net-iot.nix
+++ b/hosts/carbon/net-iot.nix
@@ -23,7 +23,10 @@
   services.radvd.config = ''
     interface net-iot {
       AdvSendAdvert on;
-      prefix fd00:152:152:205::/64 {};
+      prefix ::/64 {
+        AdvValidLifetime 60;
+        AdvPreferredLifetime 30;
+      };
       RDNSS fd00:152:152::1 {};
       DNSSL iot.clerie.de {};
     };
diff --git a/hosts/carbon/ppp.nix b/hosts/carbon/ppp.nix
index 8a22cf6..55c1e93 100644
--- a/hosts/carbon/ppp.nix
+++ b/hosts/carbon/ppp.nix
@@ -57,4 +57,32 @@
     ip46tables -t mangle -A forward-mangle -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1416
   '';
 
+  networking.interfaces.net-heimnetz.useDHCP = true;
+  networking.interfaces.ppp-dtagdsl.useDHCP = true;
+
+  networking.dhcpcd = {
+    enable = true;
+    allowInterfaces = [
+      "net-heimnetz"
+      "ppp-dtagdsl"
+    ];
+    wait = "ipv6";
+    extraConfig = ''
+      ipv6only
+      noipv6rs
+      interface ppp-dtagdsl
+        ipv6rs
+        ia_pd 1/::/56 net-heimnetz/201/64
+    '';
+  };
+
+  environment.etc."ppp/ipv6-up" = {
+    text = ''
+      #!${pkgs.runtimeShell}
+
+      set -euo pipefail
+
+      ${pkgs.dhcpcd}/bin/dhcpcd --renew $1
+    '';
+  };
 }