{ ... }: { boot.kernel.sysctl = { # if you use ipv4, this is all you need "net.ipv4.conf.all.forwarding" = true; # If you want to use it for ipv6 "net.ipv6.conf.all.forwarding" = false; }; systemd.network = { enable = true; wait-online.anyInterface = true; links = { "10-wan" = { matchConfig.PermanentMACAddress = "c0:74:2b:fd:9a:7f"; linkConfig.Name = "wan"; }; }; netdevs = { "30-server".netdevConfig = { Kind = "bridge"; Name = "server"; }; }; networks = { "31-server" = { matchConfig.Name = [ "vserver" ]; # Attach to the bridge that was configured above networkConfig.Bridge = "server"; }; }; }; networking = { useDHCP = false; # Define VLANS nameservers = [ "10.42.97.1" ]; # resolvconf.enable = false; vlans = { lan = { id = 96; interface = "enP3p49s0"; }; vserver = { id = 97; interface = "enP3p49s0"; }; multimedia = { id = 98; interface = "enP3p49s0"; }; smart = { id = 99; interface = "enP3p49s0"; }; infrastructure = { id = 100; interface = "enP3p49s0"; }; guest = { id = 111; interface = "enP3p49s0"; }; }; interfaces = { # Don't request DHCP on the physical interfaces lan.useDHCP = false; enP3p49s0.useDHCP = false; # Handle the VLANs wan.useDHCP = true; lan = { ipv4.addresses = [{ address = "10.42.96.1"; prefixLength = 24; }]; }; server = { ipv4.addresses = [{ address = "10.42.97.1"; prefixLength = 24; }]; }; multimedia = { ipv4.addresses = [{ address = "10.42.98.1"; prefixLength = 24; }]; }; smart = { ipv4.addresses = [{ address = "10.42.99.1"; prefixLength = 24; }]; }; infrastructure = { ipv4.addresses = [{ address = "10.42.100.1"; prefixLength = 24; }]; }; guest = { ipv4.addresses = [{ address = "10.42.111.1"; prefixLength = 24; }]; }; }; }; }