2 files changed, 67 insertions, 12 deletions
diff --git a/hosts/sif/default.nix b/hosts/sif/default.nix
index a2eca749..1a2748e9 100644
--- a/hosts/sif/default.nix
+++ b/hosts/sif/default.nix
@@ -182,7 +182,7 @@ in {
          netdevConfig = {
            Name = "wgrz";
            Kind = "wireguard";
-            MTUBytes = "1538";
+            MTUBytes = "1558";
          };
          wireguardConfig = {
            PrivateKeyFile = "/run/credentials/systemd-networkd.service/wgrz.priv";
@@ -204,22 +204,50 @@ in {
            MACAddress = "52:54:00:18:85:5b";
          };
        };
-        gre-0971 = {
+        rz-gre-1 = {
          netdevConfig = {
-            Name = "gre-0971";
+            Name = "rz-gre-1";
-            Kind = "bridge";
+            Kind = "gretap";
+            MTUBytes = "1520";
+          };
+          tunnelConfig = {
+            Local = "10.200.116.128";
+            Remote = "10.200.116.1";
+            Independent = true;
+          };
+        };
+        rz-gre-1-0971 = {
+          netdevConfig = {
+            Name = "rz-gre-1-0971";
+            Kind = "vlan";
            MTUBytes = "1500";
          };
+          vlanConfig = {
+            Id = 971;
+          };
        };
-        gre-0971-1 = {
+        rz-gre-1-2403 = {
          netdevConfig = {
-            Name = "gre-0971-1";
+            Name = "rz-gre-1-2403";
-            Kind = "gretap";
+            Kind = "vlan";
            MTUBytes = "1500";
          };
-          tunnelConfig = {
+          vlanConfig = {
-            Local = "10.116.200.128";
+            Id = 2403;
-            Remote = "10.116.200.1";
+          };
+        };
+        rz-0971 = {
+          netdevConfig = {
+            Name = "rz-0971";
+            Kind = "bridge";
+            MTUBytes = "1500";
+          };
+        };
+        rz-2403 = {
+          netdevConfig = {
+            Name = "rz-2403";
+            Kind = "bridge";
+            MTUBytes = "1500";
          };
        };
      };
@@ -265,7 +293,7 @@ in {
            LLMNR = false;
            MulticastDNS = false;
            DNS = ["10.153.88.9" "129.187.111.202" "10.156.33.53"];
-            Tunnel = "gre-0971-1";
+            # Tunnel = "rz-gre-1";
          };
        };
        virbr0 = {
@@ -280,6 +308,33 @@ in {
            MulticastDNS = false;
          };
        };
+        rz-gre-1 = {
+          name = "rz-gre-1";
+          matchConfig = {
+            Name = "rz-gre-1";
+          };
+          networkConfig = {
+            VLAN = [ "rz-gre-1-0971" "rz-gre-1-2403" ];
+          };
+        };
+        rz-gre-1-0971 = {
+          name = "rz-gre-1-0971";
+          matchConfig = {
+            Name = "rz-gre-1-0971";
+          };
+          networkConfig = {
+            Bridge = "rz-0971";
+          };
+        };
+        rz-gre-1-2403 = {
+          name = "rz-gre-1-2403";
+          matchConfig = {
+            Name = "rz-gre-1-2403";
+          };
+          networkConfig = {
+            Bridge = "rz-2403";
+          };
+        };
      };
      config.routeTables.wgrz = 1025;
    };
diff --git a/hosts/sif/libvirt/default.nix b/hosts/sif/libvirt/default.nix
index b42fa8fc..d0be7dff 100644
--- a/hosts/sif/libvirt/default.nix
+++ b/hosts/sif/libvirt/default.nix
@@ -6,7 +6,7 @@ with flakeInputs.nixVirt.lib;
  config = {
    virtualisation.libvirtd = {
      qemu.swtpm.enable = true;
-      allowedBridges = ["virbr0" "gre-0971"];
+      allowedBridges = ["virbr0" "rz-0971" "rz-2403"];
    };
    virtualisation.libvirt = {
      enable = true;

diff --git a/hosts/sif/default.nix b/hosts/sif/default.nix index a2eca749..1a2748e9 100644 --- a/hosts/sif/default.nix +++ b/hosts/sif/default.nix
@@ -182,7 +182,7 @@ in {
182	netdevConfig = {	182	netdevConfig = {
183	Name = "wgrz";	183	Name = "wgrz";
184	Kind = "wireguard";	184	Kind = "wireguard";
185	MTUBytes = "1538";	185	MTUBytes = "1558";
186	};	186	};
187	wireguardConfig = {	187	wireguardConfig = {
188	PrivateKeyFile = "/run/credentials/systemd-networkd.service/wgrz.priv";	188	PrivateKeyFile = "/run/credentials/systemd-networkd.service/wgrz.priv";
@@ -204,22 +204,50 @@ in {
204	MACAddress = "52:54:00:18:85:5b";	204	MACAddress = "52:54:00:18:85:5b";
205	};	205	};
206	};	206	};
207	gre-0971 = {	207	rz-gre-1 = {
208	netdevConfig = {	208	netdevConfig = {
209	Name = "gre-0971";	209	Name = "rz-gre-1";
210	Kind = "bridge";	210	Kind = "gretap";
		211	MTUBytes = "1520";
		212	};
		213	tunnelConfig = {
		214	Local = "10.200.116.128";
		215	Remote = "10.200.116.1";
		216	Independent = true;
		217	};
		218	};
		219	rz-gre-1-0971 = {
		220	netdevConfig = {
		221	Name = "rz-gre-1-0971";
		222	Kind = "vlan";
211	MTUBytes = "1500";	223	MTUBytes = "1500";
212	};	224	};
		225	vlanConfig = {
		226	Id = 971;
		227	};
213	};	228	};
214	gre-0971-1 = {	229	rz-gre-1-2403 = {
215	netdevConfig = {	230	netdevConfig = {
216	Name = "gre-0971-1";	231	Name = "rz-gre-1-2403";
217	Kind = "gretap";	232	Kind = "vlan";
218	MTUBytes = "1500";	233	MTUBytes = "1500";
219	};	234	};
220	tunnelConfig = {	235	vlanConfig = {
221	Local = "10.116.200.128";	236	Id = 2403;
222	Remote = "10.116.200.1";	237	};
		238	};
		239	rz-0971 = {
		240	netdevConfig = {
		241	Name = "rz-0971";
		242	Kind = "bridge";
		243	MTUBytes = "1500";
		244	};
		245	};
		246	rz-2403 = {
		247	netdevConfig = {
		248	Name = "rz-2403";
		249	Kind = "bridge";
		250	MTUBytes = "1500";
223	};	251	};
224	};	252	};
225	};	253	};
@@ -265,7 +293,7 @@ in {
265	LLMNR = false;	293	LLMNR = false;
266	MulticastDNS = false;	294	MulticastDNS = false;
267	DNS = ["10.153.88.9" "129.187.111.202" "10.156.33.53"];	295	DNS = ["10.153.88.9" "129.187.111.202" "10.156.33.53"];
268	Tunnel = "gre-0971-1";	296	# Tunnel = "rz-gre-1";
269	};	297	};
270	};	298	};
271	virbr0 = {	299	virbr0 = {
@@ -280,6 +308,33 @@ in {
280	MulticastDNS = false;	308	MulticastDNS = false;
281	};	309	};
282	};	310	};
		311	rz-gre-1 = {
		312	name = "rz-gre-1";
		313	matchConfig = {
		314	Name = "rz-gre-1";
		315	};
		316	networkConfig = {
		317	VLAN = [ "rz-gre-1-0971" "rz-gre-1-2403" ];
		318	};
		319	};
		320	rz-gre-1-0971 = {
		321	name = "rz-gre-1-0971";
		322	matchConfig = {
		323	Name = "rz-gre-1-0971";
		324	};
		325	networkConfig = {
		326	Bridge = "rz-0971";
		327	};
		328	};
		329	rz-gre-1-2403 = {
		330	name = "rz-gre-1-2403";
		331	matchConfig = {
		332	Name = "rz-gre-1-2403";
		333	};
		334	networkConfig = {
		335	Bridge = "rz-2403";
		336	};
		337	};
283	};	338	};
284	config.routeTables.wgrz = 1025;	339	config.routeTables.wgrz = 1025;
285	};	340	};


diff --git a/hosts/sif/libvirt/default.nix b/hosts/sif/libvirt/default.nix index b42fa8fc..d0be7dff 100644 --- a/hosts/sif/libvirt/default.nix +++ b/hosts/sif/libvirt/default.nix
@@ -6,7 +6,7 @@ with flakeInputs.nixVirt.lib;
6	config = {	6	config = {
7	virtualisation.libvirtd = {	7	virtualisation.libvirtd = {
8	qemu.swtpm.enable = true;	8	qemu.swtpm.enable = true;
9	allowedBridges = ["virbr0" "gre-0971"];	9	allowedBridges = ["virbr0" "rz-0971" "rz-2403"];
10	};	10	};
11	virtualisation.libvirt = {	11	virtualisation.libvirt = {
12	enable = true;	12	enable = true;