{ ... }: { boot.kernel.sysctl = { # if you use ipv4, this is all you need "net.ipv4.conf.all.forwarding" = true; # If you want to use it for ipv6 "net.ipv6.conf.all.forwarding" = false; }; systemd.network = { wait-online.anyInterface = true; links = { "10-wan" = { matchConfig.PermanentMACAddress = "a8:b8:e0:00:43:c1"; linkConfig.Name = "wan"; }; "20-lan" = { matchConfig.PermanentMACAddress = "a8:b8:e0:00:43:c2"; linkConfig.Name = "lan"; }; }; }; services.resolved = { enable = true; domains = [ "~." ]; fallbackDns = [ "10.42.97.10" ]; }; networking = { useDHCP = false; # Define VLANS nameservers = [ "10.42.97.10" ]; vlans = { infrastructure = { id = 101; interface = "enp5s0"; }; vserver = { id = 97; interface = "enp5s0"; }; multimedia = { id = 99; interface = "enp5s0"; }; smart = { id = 100; interface = "enp5s0"; }; guest = { id = 254; interface = "enp5s0"; }; }; macvlans.server = { interface = "vserver"; mode = "bridge"; }; # bridges = { # server = { # interfaces = [ "vserver" ]; # }; # }; interfaces = { # Don't request DHCP on the physical interfaces lan.useDHCP = false; enp4s0.useDHCP = false; enp5s0.useDHCP = false; # Handle the VLANs wan.useDHCP = true; lan = { ipv4.addresses = [{ address = "10.42.96.1"; prefixLength = 24; }]; }; server = { ipv4.addresses = [{ address = "10.42.97.1"; prefixLength = 24; }]; }; infrastructure = { ipv4.addresses = [{ address = "10.42.101.1"; prefixLength = 24; }]; }; multimedia = { ipv4.addresses = [{ address = "10.42.99.1"; prefixLength = 24; }]; }; smart = { ipv4.addresses = [{ address = "10.42.100.1"; prefixLength = 24; }]; }; guest = { ipv4.addresses = [{ address = "10.42.254.1"; prefixLength = 24; }]; }; }; }; }