blob: a3fd1edbf8286d19c110802e31451736f6fb5e29 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
|
{
systemd.network = {
netdevs = {
"brlan" = {
netdevConfig = {
Kind = "bridge";
Name = "brlan";
};
extraConfig = ''
[Bridge]
DefaultPVID=none
VLANFiltering=yes
'';
};
"home" = {
netdevConfig = {
Kind = "vlan";
Name = "home";
};
vlanConfig.Id = 1;
};
"guest" = {
netdevConfig = {
Kind = "vlan";
Name = "guest";
};
vlanConfig.Id = 2;
};
};
networks = {
"end2" = {
matchConfig.Name = "end2";
networkConfig = {
DHCP = "yes";
IPv6AcceptRA = "yes";
DHCPPrefixDelegation = "yes";
};
dhcpV6Config.PrefixDelegationHint = "::/56";
dhcpPrefixDelegationConfig = {
UplinkInterface = ":self";
SubnetId = 0;
Announce = "no";
};
linkConfig.RequiredForOnline = "routable";
};
"brlan" = {
matchConfig.Name = "brlan";
networkConfig.VLAN = ["home" "guest"];
bridgeVLANs = [
{bridgeVLANConfig.VLAN = 1;}
{bridgeVLANConfig.VLAN = 2;}
];
};
"lan-brlan" = {
matchConfig.Name = "lan*";
networkConfig.Bridge = "brlan";
bridgeVLANs = [
{
bridgeVLANConfig = {
EgressUntagged = 1;
PVID = 1;
};
}
{bridgeVLANConfig.VLAN = 2;}
];
};
"home" = {
matchConfig.Name = "home";
networkConfig = {
Address = "192.168.4.1/24";
IPForward = "yes";
DHCPServer = "yes";
DHCPPrefixDelegation = "yes";
IPv6SendRA = "yes";
IPv6AcceptRA = "no";
};
dhcpServerConfig = {
UplinkInterface = "end2";
PoolOffset = 100;
PoolSize = 100;
EmitDNS = "yes";
DNS = "192.168.4.1";
};
dhcpServerStaticLeases = [
{
dhcpServerStaticLeaseConfig = {
MACAddress = "a8:a1:59:10:32:c4";
Address = "192.168.4.20";
};
}
];
dhcpPrefixDelegationConfig = {
UplinkInterface = "end2";
Announce = "yes";
};
};
"guest" = {
matchConfig.Name = "guest";
networkConfig = {
Address = "192.168.5.1/24";
IPForward = "yes";
DHCPServer = "yes";
DHCPPrefixDelegation = "yes";
IPv6SendRA = "yes";
IPv6AcceptRA = "no";
};
dhcpServerConfig = {
UplinkInterface = "end2";
PoolOffset = 100;
PoolSize = 100;
EmitDNS = "yes";
DNS = "192.168.5.1";
};
dhcpPrefixDelegationConfig = {
UplinkInterface = "end2";
Announce = "yes";
};
};
};
wait-online.anyInterface = true;
};
services.resolved = {
enable = true;
fallbackDns = ["1.1.1.1" "8.8.8.8"];
extraConfig = ''
DNSStubListenerExtra=192.168.4.1
DNSStubListenerExtra=192.168.5.1
'';
};
networking = {
useNetworkd = true;
nftables.enable = true;
firewall = {
interfaces = {
"home" = {allowedUDPPorts = [53 67 68];};
"guest" = {allowedUDPPorts = [53 67 68];};
};
filterForward = true;
};
nat = {
enable = true;
externalInterface = "end2";
internalInterfaces = ["home" "guest"];
};
};
}
|
