{
  config,
  lib,
  pkgs,
  ...
}:
{
  boot.kernel.sysctl."net.ipv4.ip_forward" = true;

  # networking.nat = {
  #   enable = true;
  #   internalInterfaces = [ "vlan-thurne" ];
  #   externalInterface = "enp1s0";
  # };
  # networking.interfaces.enp2s0 = {
  #   useDHCP = false;
  #   ipv4.addresses = [
  #     {
  #       address = "192.168.42.1";
  #       prefixLength = 24;
  #     }
  #   ];
  # };

  #  networking.useDHCP = false;
  networking.interfaces.enp3s0.useDHCP = lib.mkForce false;
  networking.interfaces.enp2s0.useDHCP = lib.mkForce false;
  networking.interfaces.enp1s0.useDHCP = lib.mkForce true;
  networking.useNetworkd = true;

  #  services.dnsmasq = {
  #    enable = true;
  #    settings = {
  #      interface = [ "vlan-admin" ];
  #      bind-dynamic = true;
  #      dhcp-option = "3,0.0.0.0";
  #      dhcp-range = "192.168.222.100,192.168.222.254,255.255.255.0,infinite";
  #    };
  #  };

  systemd.network = {
    enable = true;
    networks = {
      "10-enp3s0" = {
        name = "enp3s0";
        networkConfig = {
          VLAN = [
            "vlan-admin"
            "vlan-user-test"
          ];

          LinkLocalAddressing = false;
          LLDP = false;
          EmitLLDP = false;
          IPv6AcceptRA = false;
          IPv6SendRA = false;
        };
      };
      "10-vlan-admin" = {
        name = "vlan-admin";
        address = [
          "fd26:baf9:d250:8000::ffff/64"
          "192.168.222.1/24"
        ];
      };
      "10-vlan-user-test" = {
        name = "vlan-user-test";
        networkConfig.DHCP = "ipv4";
        dhcpV4Config.RouteMetric = 10000;
      };
    };
    netdevs = {
      "10-vlan-admin" = {
        netdevConfig = {
          Name = "vlan-admin";
          Kind = "vlan";
        };
        vlanConfig.Id = 3000;
      };
      "10-vlan-user-test" = {
        netdevConfig = {
          Name = "vlan-user-test";
          Kind = "vlan";
        };
        vlanConfig.Id = 4000;
      };
    };
  };
}