{ config, pkgs, ...}: { networking.vlans."net-services" = { id = 10; interface = "ens18"; }; networking.interfaces.net-services.ipv4.addresses = [ { address = "10.42.10.1"; prefixLength = 24; } { address = "10.42.10.2"; prefixLength = 24; } ]; networking.interfaces.net-services.ipv6.addresses = [ { address = "fe80::1"; prefixLength = 64; } { address = "fd00:10:42:10::1"; prefixLength = 64; } { address = "fd00:10:42:10::2"; prefixLength = 64; } { address = "2a01:4f8:1c0c:8221::1"; prefixLength = 64; } { address = "2a01:4f8:1c0c:8221::2"; prefixLength = 64; } ]; networking.interfaces.net-services.ipv4.routes = [ { address = "10.42.132.0"; prefixLength = 23; via = "10.42.10.6"; } ]; services.radvd.config = '' interface net-services { AdvSendAdvert on; MaxRtrAdvInterval 30; prefix ::/64 { AdvValidLifetime 60; AdvPreferredLifetime 30; }; RDNSS 2a01:4f8:1c0c:8221::8 {}; DNSSL bula22.de {}; }; ''; services.kea.dhcp4 = { settings = { interfaces-config = { interfaces = [ "net-services" ]; }; subnet4 = [ { id = 10; subnet = "10.42.10.1/24"; pools = [ { pool = "10.42.10.100 - 10.42.10.240"; } ]; option-data = [ { name = "routers"; data = "10.42.10.1"; } ]; } ]; }; }; # Everyone is allowed reaching this, no firewall therefore clerie.uplink-selector.interfaces.net-services.uplink = "uplink-a"; }