{ ... }: { boot.kernel.sysctl = { # if you use ipv4, this is all you need "net.ipv4.conf.all.forwarding" = true; # If you want to use it for ipv6 "net.ipv6.conf.all.forwarding" = false; }; systemd.network = { enable = true; wait-online.anyInterface = true; links = { "10-wan" = { matchConfig.PermanentMACAddress = "a8:b8:e0:00:43:c1"; linkConfig.Name = "wan"; }; "20-lan" = { matchConfig.PermanentMACAddress = "a8:b8:e0:00:43:c2"; linkConfig.Name = "lan"; }; }; netdevs = { "30-server".netdevConfig = { Kind = "bridge"; Name = "server"; }; }; networks = { "31-server" = { matchConfig.Name = [ "vserver" ]; # Attach to the bridge that was configured above networkConfig.Bridge = "server"; }; }; }; networking = { useDHCP = false; # Define VLANS nameservers = [ "10.42.97.1" ]; # resolvconf.enable = false; vlans = { infrastructure = { id = 101; interface = "enp5s0"; }; vserver = { id = 97; interface = "enp5s0"; }; multimedia = { id = 99; interface = "enp5s0"; }; smart = { id = 100; interface = "enp5s0"; }; guest = { id = 254; interface = "enp5s0"; }; }; # macvlans.server = { # interface = "vserver"; # mode = "bridge"; # }; # bridges = { # server = { # interfaces = [ "vserver" ]; # }; # }; interfaces = { # Don't request DHCP on the physical interfaces lan.useDHCP = false; enp4s0.useDHCP = false; enp5s0.useDHCP = false; # Handle the VLANs wan.useDHCP = true; lan = { ipv4.addresses = [{ address = "10.42.96.1"; prefixLength = 24; }]; }; server = { ipv4.addresses = [{ address = "10.42.97.1"; prefixLength = 24; }]; }; infrastructure = { ipv4.addresses = [{ address = "10.42.101.1"; prefixLength = 24; }]; }; multimedia = { ipv4.addresses = [{ address = "10.42.99.1"; prefixLength = 24; }]; }; smart = { ipv4.addresses = [{ address = "10.42.100.1"; prefixLength = 24; }]; }; guest = { ipv4.addresses = [{ address = "10.42.254.1"; prefixLength = 24; }]; }; }; }; }