blob: 91fc6bf457e0fb242ce9590739c1dcb52429d17c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
|
{
systemd.network = {
netdevs = {
"brlan".netdevConfig = {
Kind = "bridge";
Name = "brlan";
};
};
networks = {
"end2" = {
matchConfig.Name = "end2";
networkConfig = {
DHCP = "yes";
IPv6AcceptRA = "yes";
DHCPPrefixDelegation = "yes";
};
dhcpV6Config.PrefixDelegationHint = "::/56";
dhcpPrefixDelegationConfig = {
UplinkInterface = ":self";
SubnetId = 0;
Announce = "no";
};
linkConfig.RequiredForOnline = "routable";
};
"brlan" = {
matchConfig.Name = "brlan";
networkConfig = {
Address = "192.168.4.1/24";
IPForward = "yes";
DHCPServer = "yes";
DHCPPrefixDelegation = "yes";
IPv6SendRA = "yes";
IPv6AcceptRA = "no";
};
dhcpServerConfig = {
UplinkInterface = "end2";
PoolOffset = 100;
PoolSize = 100;
EmitDNS = "yes";
DNS = "192.168.4.1";
};
dhcpServerStaticLeases = [
{
dhcpServerStaticLeaseConfig = {
MACAddress = "a8:a1:59:10:32:c4";
Address = "192.168.4.20";
};
}
];
dhcpPrefixDelegationConfig = {
UplinkInterface = "end2";
Announce = "yes";
};
};
"lan-brlan" = {
matchConfig.Name = "lan*";
networkConfig.Bridge = "brlan";
};
};
wait-online.anyInterface = true;
};
services.resolved = {
enable = true;
fallbackDns = ["1.1.1.1" "8.8.8.8"];
extraConfig = ''
DNSStubListenerExtra=192.168.4.1
'';
};
networking = {
useNetworkd = true;
nftables.enable = true;
firewall = {
interfaces."brlan" = {allowedUDPPorts = [53 67 68];};
filterForward = true;
};
nat = {
enable = true;
externalInterface = "end2";
internalInterfaces = ["brlan"];
};
};
}
|
