diff --git a/hosts/pre-router/configuration.nix b/hosts/pre-router/configuration.nix
index 0a4f850..2c28df9 100644
--- a/hosts/pre-router/configuration.nix
+++ b/hosts/pre-router/configuration.nix
@@ -4,8 +4,6 @@
   imports =
     [ # Include the results of the hardware scan.
       ./hardware-configuration.nix
-      ./router.nix
-      ./ipv6.nix
       ./nginx.nix
    ];
 
@@ -22,6 +20,63 @@
   #networking.interfaces.ens18.useDHCP = false;
   #networking.interfaces.ens19.useDHCP = false;
 
+  environment.systemPackages = with pkgs; [
+    ethtool             # manage NIC settings (offload, NIC feeatures, ...)
+    conntrack-tools     # view network connection states
+    wireguard-tools
+  ];
+
+  networking.nat = {
+    enable = true;
+    externalInterface = "ens18";
+    internalIPs = [
+      "10.42.0.0/16"
+    ];
+  };
+
+  boot.kernel.sysctl = {
+    "net.ipv6.conf.all.forwarding" = true;
+    "net.ipv6.conf.default.forwarding" = true;
+  };
+
+  networking.interfaces.ens18.useDHCP = true;
+  networking.interfaces.ens19.useDHCP = false;
+  networking.interfaces.ens19.ipv6.addresses = [
+    { address = "fd00:10:42:10::25"; prefixLength = 64; }
+    { address = "2a01:4f8:1c0c:8221::25"; prefixLength = 64; }
+  ];
+  networking.interfaces.ens19.ipv4.addresses = [
+    { address = "10.42.10.25"; prefixLength = 24; }
+  ];
+
+  networking.wireguard = {
+    enable = true;
+    interfaces = {
+      wg0 = {
+        ips = [ "fe80::42:10:1/64" ];
+        privateKeyFile = "/var/src/secrets/wireguard/wg0";
+        allowedIPsAsRoutes = false;
+        peers = [{
+          publicKey = "Y++eB9SfU17zB4mJ/6AaN761tngXAyTNoVaPNKmuvls=";
+          allowedIPs = [ "::/0"  ];
+          endpoint = "78.47.183.82:51876";
+          #endpoint = "gatekeeper.net.clerie.de:51876";
+          persistentKeepalive = 25;
+        }];
+      };
+    };
+  };
+
+  networking.localCommands = ''
+    ip -6 route add default dev wg0 table 100
+  '';
+
+  clerie.policyrouting.enable = true;
+  clerie.policyrouting.rules6 = [
+    { rule = "lookup main suppress_prefixlength 0"; prio = 10000; }
+    { rule = "from 2a01:4f8:1c0c:8221::/64 lookup 100"; prio = 19000; }
+  ];
+
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions
   # on your system were taken. It‘s perfectly fine and recommended to leave
diff --git a/hosts/pre-router/ipv6.nix b/hosts/pre-router/ipv6.nix
deleted file mode 100644
index 02c7736..0000000
--- a/hosts/pre-router/ipv6.nix
+++ /dev/null
@@ -1,41 +0,0 @@
-{ config, pkgs, ...}:
-
-{
-    environment.systemPackages = with pkgs; [
-        wireguard-tools
-    ];
-
-    networking = {
-        firewall.allowedUDPPorts = [ 51820 ];
-        firewall.trustedInterfaces = [ "ens19"];
-        iproute2.enable = true;
-        iproute2.rttablesExtraConfig = ''
-          100 PUBLIC6
-        '';
-        wireguard.enable = true;
-        wireguard.interfaces = {
-            wg0 = {
-                ips = [ "fe80::42:10:1/64" ];
-                privateKeyFile = "/var/src/secrets/wireguard/wg0";
-                listenPort = 51820;
-                allowedIPsAsRoutes = false;
-                postSetup = ''
-                    ip -6 rule add from 2a01:4f8:1c0c:8221::/64 lookup PUBLIC6
-                    ip -6 route add default via fe80::1 dev wg0 table PUBLIC6
-                '';
-                peers = [{
-                    publicKey = "Y++eB9SfU17zB4mJ/6AaN761tngXAyTNoVaPNKmuvls=";
-                    allowedIPs = [ "::/0"  ];
-                    endpoint = "78.47.183.82:51876";
-                    #endpoint = "gatekeeper.net.clerie.de:51876";
-                    persistentKeepalive = 25;
-                }];
-            };
-        };
-    };
-    boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
-    networking.interfaces.ens19.ipv6.addresses = [
-      { address = "fd00:10:42:10::25"; prefixLength = 64; }
-      { address = "2a01:4f8:1c0c:8221::25"; prefixLength = 64; }
-    ];
-}
diff --git a/hosts/pre-router/router.nix b/hosts/pre-router/router.nix
deleted file mode 100644
index bcd31bb..0000000
--- a/hosts/pre-router/router.nix
+++ /dev/null
@@ -1,29 +0,0 @@
-{ config, pkgs, ...}:
-
-{
-
-  environment.systemPackages = with pkgs; [
-    ethtool             # manage NIC settings (offload, NIC feeatures, ...)
-    conntrack-tools     # view network connection states
-  ];
-
-  networking.firewall.interfaces.ens19.allowedUDPPorts = [ 67 53 ];
-  networking = {
-    nameservers = [ "10.42.10.8" "2a01:4f8:1c0c:8221::8" ];
-    nat = {
-      enable = true;
-      externalInterface = "ens18";
-      internalInterfaces = [ "ens19" ];
-    };
-    interfaces = {
-      ens19.useDHCP = false;
-      ens18.useDHCP = true;
-      # Handle the VLANs
-      ens19 = {
-        ipv4.addresses = [
-          { address = "10.42.10.25"; prefixLength = 24; }
-        ];
-      };
-    };
-  };
-}