{ config, pkgs, ...}: { networking.vlans."net-ikt" = { id = 201; interface = "ens18"; }; networking.interfaces.net-ikt.ipv6.addresses = [ { address = "fe80::1"; prefixLength = 64; } { address = "fd00:10:42:201::1"; prefixLength = 64; } ]; networking.interfaces.net-ikt.ipv4.addresses = [ { address = "10.42.201.1"; prefixLength = 24; } ]; services.radvd.config = '' interface net-ikt { AdvSendAdvert on; MaxRtrAdvInterval 30; prefix ::/64 { AdvValidLifetime 60; AdvPreferredLifetime 30; }; RDNSS 2a01:4f8:1c0c:8221::8 {}; DNSSL bula22.de {}; }; ''; services.kea.dhcp4 = { settings = { interfaces-config = { interfaces = [ "net-ikt" ]; }; subnet4 = [ { id = 201; subnet = "10.42.201.1/24"; pools = [ { pool = "10.42.201.100 - 10.42.201.240"; } ]; option-data = [ { name = "routers"; data = "10.42.201.1"; } ]; } ]; }; }; clerie.forward-filter.interfaces.net-ikt.rules = [ # Allow infrastructure devices to access ikt user devices for downloading software etc { incomingInterface = "net-management"; } ]; clerie.uplink-selector.interfaces.net-ikt.uplink = "uplink-b"; }