Basic interface and bridge config.

2025-07-21 11:55:13 -04:00 · 2025-07-21 11:55:13 -04:00 · dba72ebe37
commit dba72ebe37
parent 958e9bf84a
1 changed files with 38 additions and 17 deletions
--- a/hosts/router/default.nix
+++ b/hosts/router/default.nix
@ -22,34 +22,55 @@
    supportedFilesystems = [ "zfs" ];
  };

-  networking = {
-    hostName = "router";
-    hostId = "91312b0b";
-    # nat = {
-    #   enable = true;
-    #   internalInterfaces = [ "ve-+" ];
-    #   externalInterface = "enp5s0";
-    #   enableIPv6 = true;
-    # };
-    useNetworkd = true;
-  };
-
  time.timeZone = "America/Detroit";

  i18n.defaultLocale = "en_US.UTF-8";
  console.keyMap = "us";

+  networking = {
+    hostName = "router";
+    hostId = "91312b0b";
+    firewall.allowedTCPPorts = [
+      80
+      443
+    ];
+    useNetworkd = true;
+    bridges = {
+      lan = {
+        interfaces = [
+          "LAN0"
+          "LAN1"
+          "LAN2"
+          "LAN3"
+          "LAN4"
+        ];
+      };
+    };
+    nat = {
+      enable = true;
+      externalInterface = "WAN";
+      internalInterfaces = [ "lan" ];
+      internalIPs = [ "192.168.0.0/16" ];
+    };
+  };
+
+  services = {
+    udev.extraRules = ''
+      ACTION=="add", SUBSYSTEM=="net", ATTR{address}=="00:e2:69:96:fb:67", NAME="WAN"
+      ACTION=="add", SUBSYSTEM=="net", ATTR{address}=="00:e2:69:96:fb:68", NAME="LAN0"
+      ACTION=="add", SUBSYSTEM=="net", ATTR{address}=="00:e2:69:96:fb:69", NAME="LAN1"
+      ACTION=="add", SUBSYSTEM=="net", ATTR{address}=="00:e2:69:96:fb:6a", NAME="LAN2"
+      ACTION=="add", SUBSYSTEM=="net", ATTR{address}=="00:e2:69:96:fb:6b", NAME="LAN3"
+      ACTION=="add", SUBSYSTEM=="net", ATTR{address}=="00:e2:69:96:fb:6c", NAME="LAN4"
+    '';
+  };
+
  # Enable the Flakes feature and the accompanying new nix command-line tool
  nix.settings.experimental-features = [
    "nix-command"
    "flakes"
  ];

-  networking.firewall.allowedTCPPorts = [
-    80
-    443
-  ];
-
  # This option defines the first version of NixOS you have installed on this particular machine,
  # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
  #