From 350cdfeab5f9c250b156b257cf421153b29288ea Mon Sep 17 00:00:00 2001 From: clerie Date: Wed, 20 Jul 2022 17:52:09 +0200 Subject: [PATCH] router, dns: add net-ikt-toys --- hosts/dns/zones/db.bula22.de | 2 ++ hosts/router/152-net-ikt-toys.nix | 56 ++++++++++++++++++++++++++++++ hosts/router/configuration.nix | 1 + hosts/router/prefix-delegation.nix | 2 +- 4 files changed, 60 insertions(+), 1 deletion(-) create mode 100644 hosts/router/152-net-ikt-toys.nix diff --git a/hosts/dns/zones/db.bula22.de b/hosts/dns/zones/db.bula22.de index ef2d7df..768f07e 100644 --- a/hosts/dns/zones/db.bula22.de +++ b/hosts/dns/zones/db.bula22.de @@ -75,6 +75,8 @@ gw.services.net.bula22.de. IN A 10.42.10.1 gw.management.net.bula22.de. IN A 10.42.42.1 gw.technik-iot.net.bula22.de. IN A 10.42.151.1 IN AAAA fd00:10:42:151::1 +gw.ikt-toys.net.bula22.de. IN A 10.42.152.1 + IN AAAA fd00:10:42:152::1 gw.ikt.net.bula22.de. IN A 10.42.201.1 IN AAAA fd00:10:42:201::1 gw.technik.net.bula22.de. IN A 10.42.202.1 diff --git a/hosts/router/152-net-ikt-toys.nix b/hosts/router/152-net-ikt-toys.nix new file mode 100644 index 0000000..fa1ea50 --- /dev/null +++ b/hosts/router/152-net-ikt-toys.nix @@ -0,0 +1,56 @@ +{ config, pkgs, ...}: + +{ + networking.vlans."net-ikt-toys" = { + id = 152; + interface = "ens18"; + }; + + networking.interfaces.net-ikt-toys.ipv6.addresses = [ + { address = "fe80::1"; prefixLength = 64; } + { address = "fd00:10:42:152::1"; prefixLength = 64; } + ]; + networking.interfaces.net-ikt-toys.ipv4.addresses = [ + { address = "10.42.152.1"; prefixLength = 24; } + ]; + + services.radvd.config = '' + interface net-ikt-toys { + AdvSendAdvert on; + prefix ::/64 {}; + RDNSS 2a01:4f8:1c0c:8221::8 {}; + DNSSL bula22.de {}; + }; + ''; + + services.kea.dhcp4 = { + settings = { + interfaces-config = { + interfaces = [ "net-ikt-toys" ]; + }; + subnet4 = [ + { + id = 152; + subnet = "10.42.152.1/24"; + pools = [ + { + pool = "10.42.152.100 - 10.42.152.240"; + } + ]; + option-data = [ + { + name = "routers"; + data = "10.42.152.1"; + } + ]; + } + ]; + }; + }; + + clerie.forward-filter.interfaces.net-ikt-toys.rules = [ + { incomingInterface = "net-ikt"; } + ]; + + clerie.uplink-selector.interfaces.net-ikt-toys.uplink = "uplink-b"; +} diff --git a/hosts/router/configuration.nix b/hosts/router/configuration.nix index c6214a2..c56cc67 100644 --- a/hosts/router/configuration.nix +++ b/hosts/router/configuration.nix @@ -15,6 +15,7 @@ ./101-net-uplink-a.nix ./102-net-uplink-b.nix ./151-net-technik-iot.nix + ./152-net-ikt-toys.nix ./201-net-ikt.nix ./202-net-technik.nix ./203-net-hospital.nix diff --git a/hosts/router/prefix-delegation.nix b/hosts/router/prefix-delegation.nix index 27c991b..2ce2354 100644 --- a/hosts/router/prefix-delegation.nix +++ b/hosts/router/prefix-delegation.nix @@ -28,7 +28,7 @@ ia_pd 1/::/56 net-hospital/203/64 net-zoll/204/64 net-leitstelle/205/64 net-verwaltung/206/64 interface ppp-uplink-b ipv6rs - ia_pd 1/::/56 net-technik-iot/151/64 net-ikt/201/64 net-technik/202/64 net-yolo/208/64 net-infojurte/209/64 net-internation/210/64 net-programmtre/211/64 net-open-office/212/64 + ia_pd 1/::/56 net-technik-iot/151/64 net-technik-iot/152/64 net-ikt/201/64 net-technik/202/64 net-yolo/208/64 net-infojurte/209/64 net-internation/210/64 net-programmtre/211/64 net-open-office/212/64 ''; }; }