{ config, pkgs, ...}: { networking.vlans."net-management" = { id = 42; interface = "ens18"; }; networking.interfaces.net-management.ipv4.addresses = [ { address = "10.42.42.1"; prefixLength = 24; } ]; clerie.forward-filter.interfaces.net-management.rules = [ { incomingInterface = "net-ikt"; } # Allow monitoring { incomingInterface = "net-services"; sourceAddress = "10.42.10.7"; } { incomingInterface = "net-services"; sourceAddress6 = "2a01:4f8:1c0c:8221::7"; } ]; }