From 25b28a4ff56c0fc9561b559ad3c2c0b76cc0d4cf Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Mon, 18 Nov 2024 20:59:28 +0100 Subject: ... --- hosts/sif/default.nix | 77 ++++++++++++++++++++++++++++++++++++------- hosts/sif/libvirt/default.nix | 2 +- 2 files changed, 67 insertions(+), 12 deletions(-) (limited to 'hosts') diff --git a/hosts/sif/default.nix b/hosts/sif/default.nix index a2eca749..1a2748e9 100644 --- a/hosts/sif/default.nix +++ b/hosts/sif/default.nix @@ -182,7 +182,7 @@ in { netdevConfig = { Name = "wgrz"; Kind = "wireguard"; - MTUBytes = "1538"; + MTUBytes = "1558"; }; wireguardConfig = { PrivateKeyFile = "/run/credentials/systemd-networkd.service/wgrz.priv"; @@ -204,22 +204,50 @@ in { MACAddress = "52:54:00:18:85:5b"; }; }; - gre-0971 = { + rz-gre-1 = { netdevConfig = { - Name = "gre-0971"; - Kind = "bridge"; + Name = "rz-gre-1"; + Kind = "gretap"; + MTUBytes = "1520"; + }; + tunnelConfig = { + Local = "10.200.116.128"; + Remote = "10.200.116.1"; + Independent = true; + }; + }; + rz-gre-1-0971 = { + netdevConfig = { + Name = "rz-gre-1-0971"; + Kind = "vlan"; MTUBytes = "1500"; }; + vlanConfig = { + Id = 971; + }; }; - gre-0971-1 = { + rz-gre-1-2403 = { netdevConfig = { - Name = "gre-0971-1"; - Kind = "gretap"; + Name = "rz-gre-1-2403"; + Kind = "vlan"; MTUBytes = "1500"; }; - tunnelConfig = { - Local = "10.116.200.128"; - Remote = "10.116.200.1"; + vlanConfig = { + Id = 2403; + }; + }; + rz-0971 = { + netdevConfig = { + Name = "rz-0971"; + Kind = "bridge"; + MTUBytes = "1500"; + }; + }; + rz-2403 = { + netdevConfig = { + Name = "rz-2403"; + Kind = "bridge"; + MTUBytes = "1500"; }; }; }; @@ -265,7 +293,7 @@ in { LLMNR = false; MulticastDNS = false; DNS = ["10.153.88.9" "129.187.111.202" "10.156.33.53"]; - Tunnel = "gre-0971-1"; + # Tunnel = "rz-gre-1"; }; }; virbr0 = { @@ -280,6 +308,33 @@ in { MulticastDNS = false; }; }; + rz-gre-1 = { + name = "rz-gre-1"; + matchConfig = { + Name = "rz-gre-1"; + }; + networkConfig = { + VLAN = [ "rz-gre-1-0971" "rz-gre-1-2403" ]; + }; + }; + rz-gre-1-0971 = { + name = "rz-gre-1-0971"; + matchConfig = { + Name = "rz-gre-1-0971"; + }; + networkConfig = { + Bridge = "rz-0971"; + }; + }; + rz-gre-1-2403 = { + name = "rz-gre-1-2403"; + matchConfig = { + Name = "rz-gre-1-2403"; + }; + networkConfig = { + Bridge = "rz-2403"; + }; + }; }; config.routeTables.wgrz = 1025; }; diff --git a/hosts/sif/libvirt/default.nix b/hosts/sif/libvirt/default.nix index b42fa8fc..d0be7dff 100644 --- a/hosts/sif/libvirt/default.nix +++ b/hosts/sif/libvirt/default.nix @@ -6,7 +6,7 @@ with flakeInputs.nixVirt.lib; config = { virtualisation.libvirtd = { qemu.swtpm.enable = true; - allowedBridges = ["virbr0" "gre-0971"]; + allowedBridges = ["virbr0" "rz-0971" "rz-2403"]; }; virtualisation.libvirt = { enable = true; -- cgit v1.2.3