diff --git a/hosts/carbon/configuration.nix b/hosts/carbon/configuration.nix
index 8f25806..9829eb3 100644
--- a/hosts/carbon/configuration.nix
+++ b/hosts/carbon/configuration.nix
@@ -61,6 +61,7 @@
   };
   networking.interfaces."enp1s0.202".ipv6.addresses = [
     { address = "fd00:3214:9453:4920::1"; prefixLength = 64; }
+    { address = "2001:4cd8:100:1313::1"; prefixLength = 64; } # public IPs for local network
   ];
   networking.interfaces."enp1s0.202".ipv4.addresses = [
     { address = "192.168.32.1"; prefixLength = 24; }
@@ -93,6 +94,12 @@
       RDNSS fd00:152:152::1 {};
       DNSSL net.clerie.de {};
     };
+    interface enp1s0.202 {
+      AdvSendAdvert on;
+      prefix 2001:4cd8:100:1313::/64 {};
+      route ::/0 {};
+      RDNSS 2620:fe::fe {}; # Quad 9
+    };
   '';
 
   services.kea.dhcp4 = {
@@ -258,10 +265,10 @@
   networking.firewall.allowedTCPPorts = [ 53 ];
 
   networking.firewall.extraCommands = ''
-    iptables -A FORWARD -i enp1s0.202 -o ppp-ntvdsl -j ACCEPT
-    iptables -A FORWARD -i enp1s0.202 -j DROP
-    iptables -A FORWARD -i ppp-ntvdsl -o enp1s0.202 -j ACCEPT
-    iptables -A FORWARD -o enp1s0.202 -j DROP
+    ip46tables -A FORWARD -i enp1s0.202 -o ppp-ntvdsl -j ACCEPT
+    ip46tables -A FORWARD -i enp1s0.202 -j DROP
+    ip46tables -A FORWARD -i ppp-ntvdsl -o enp1s0.202 -j ACCEPT
+    ip46tables -A FORWARD -o enp1s0.202 -j DROP
   '';
 
   services.pppd = {