{ ... }: { boot.kernel.sysctl = { # if you use ipv4, this is all you need "net.ipv4.conf.all.forwarding" = true; # If you want to use it for ipv6 "net.ipv6.conf.all.forwarding" = false; }; systemd.network = { wait-online.anyInterface = true; links = { "10-wan" = { matchConfig.PermanentMACAddress = "a8:b8:e0:00:43:c1"; linkConfig.Name = "wan"; }; "20-lan" = { matchConfig.PermanentMACAddress = "a8:b8:e0:00:43:c2"; linkConfig.Name = "lan"; }; }; }; networking = { useDHCP = false; # Define VLANS nameservers = [ "10.42.97.1" ]; # resolvconf.enable = false; vlans = { infrastructure = { id = 101; interface = "enp5s0"; }; vserver = { id = 97; interface = "enp5s0"; }; multimedia = { id = 99; interface = "enp5s0"; }; smart = { id = 100; interface = "enp5s0"; }; guest = { id = 254; interface = "enp5s0"; }; }; # macvlans.server = { # interface = "vserver"; # mode = "bridge"; # }; bridges = { server = { interfaces = [ "vserver" ]; }; }; interfaces = { # Don't request DHCP on the physical interfaces lan.useDHCP = false; enp4s0.useDHCP = false; enp5s0.useDHCP = false; # Handle the VLANs wan.useDHCP = true; lan = { ipv4.addresses = [{ address = "10.42.96.1"; prefixLength = 24; }]; }; server = { ipv4.addresses = [{ address = "10.42.97.1"; prefixLength = 24; }]; }; infrastructure = { ipv4.addresses = [{ address = "10.42.101.1"; prefixLength = 24; }]; }; multimedia = { ipv4.addresses = [{ address = "10.42.99.1"; prefixLength = 24; }]; }; smart = { ipv4.addresses = [{ address = "10.42.100.1"; prefixLength = 24; }]; }; guest = { ipv4.addresses = [{ address = "10.42.254.1"; prefixLength = 24; }]; }; }; }; }