Created
May 28, 2025 08:18
-
-
Save paigeadelethompson/11cfe185ed98cdfba834f3950ef16fd3 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| linux_enable=YES | |
| vm_dir="zfs:zroot/vm" | |
| vm_enable=YES | |
| hostname=zima.netcrave.local | |
| avahi_daemon_enable=NO | |
| dnsmasq_enable=NO | |
| dbus_enable=NO | |
| pf_enable=YES | |
| clear_tmp_enable=YES | |
| wpa_supplicant_enable=YES | |
| local_unbound_enable=YES | |
| sshd_enable=YES | |
| moused_enable=YES | |
| ntpd_enable=NO | |
| ntpd_sync_on_start=YES | |
| powerd_enable=YES | |
| dumpdev=AUTO | |
| zfs_enable=YES | |
| lldpd_enable=YES | |
| ipsec_enable=YES | |
| ipsec_program="/usr/local/sbin/setkey" | |
| ipsec_file="/usr/local/etc/racoon/setkey.conf" | |
| racoon_enable=YES | |
| named_enable=YES | |
| chronyd_enable=YES | |
| radiusd_enable=NO | |
| nfs_client_enable=YES | |
| nfs_client_flags="-n 4" | |
| rpc_lockd_enable=YES | |
| rpc_statd_enable=YES | |
| unbound_enable=NO | |
| local_unbound_enable=YES | |
| squid_enable=NO | |
| squid_fib=81 # This is broke it don't work right | |
| dhcpd_enable=YES | |
| dhcpd_flags="re1" | |
| wlans_rtwn0="wlan0" | |
| vlans_re0="16 18 30 81" | |
| cloned_interfaces="epair0 epair1 epair2 epair3 epair4 epair5 gif0 \ | |
| vxlan0 bridge0 bridge1 tap0 lo53 epair6 \ | |
| epair7 bridge2 tap1" | |
| # FIB 16: Dell optiplex (wave.netcrave.local management VRF) | |
| # FIB 18: Home network services | |
| # FIB 25: LAN network | |
| # FIB 30: Live servers (Tailscale) | |
| # FIB 53: DNS (unbound/named) | |
| # FIB 80: Squid backend cache servers | |
| # FIB 81: Squid frontend | |
| ifconfig_wlan0="WPA DHCP" | |
| ifconfig_re0="mtu 9000" | |
| ifconfig_re1="inet 10.1.0.1/18 mtu 9000 fib 25" | |
| ifconfig_re0_16="inet 192.168.32.254/31 alias mtu 9000 fib 16" | |
| ifconfig_re0_18="mtu 1480 fib 18" | |
| ifconfig_re0_30="fib 30" | |
| ifconfig_re0_81="inet 192.88.99.254/31 fib 81" | |
| ifconfig_epair0a="inet 192.0.0.10/31" | |
| ifconfig_epair0b="inet 192.0.0.11/31 fib 16" | |
| ifconfig_epair1a="inet 192.0.0.12/31" | |
| ifconfig_epair1b="inet 192.0.0.13/31 fib 18" | |
| ifconfig_epair2a="inet 192.0.0.14/31" | |
| ifconfig_epair2b="inet 192.0.0.15/31 fib 25" | |
| ifconfig_epair3a="inet 192.0.0.16/31" | |
| ifconfig_epair3b="inet 192.0.0.17/31 fib 30" | |
| ifconfig_epair4a="inet 192.0.0.18/31" | |
| ifconfig_epair4b="inet 192.0.0.19/31 fib 53" | |
| ifconfig_epair6a="inet 192.0.0.22/31" | |
| ifconfig_epair6b="inet 192.0.0.23/31 fib 81" | |
| ifconfig_lo53="inet 203.0.113.53/32 fib 53" | |
| ifconfig_tap0="fib 30" # Tailscale VM | |
| ifconfig_tap1="fib 81" # Squid frontend VM | |
| # ifconfig_gif0="inet 192.0.0.0 192.0.0.1 tunnel 192.168.1.156 192.168.1.128 \ | |
| # fib 20 tunnelfib 0 mtu 1480" | |
| # ifconfig_vxlan0="vxlanid 20 vxlanlocal 192.0.0.0 vxlanremote 192.0.0.1 \ | |
| # fib 18 tunnelfib 20" | |
| # ifconfig_bridge0="192.168.64.130/25 addm re0.18 addm vxlan0 fib 18" | |
| ifconfig_bridge0="192.168.64.130/25 addm re0.18 fib 18" | |
| ifconfig_bridge1="192.168.72.129/25 addm re0.30 addm tap0 fib 30" | |
| ifconfig_bridge2="192.88.99.1/31 addm tap1 fib 81" | |
| route_fib18_default="-fib 18 default 192.0.0.12" | |
| route_fib25_default="-fib 25 default 192.0.0.14" | |
| route_fib53_default="-fib 53 default 192.0.0.18" | |
| route_fib81_default="-fib 81 default 192.0.0.22" | |
| route_fib0_wave="192.168.32.254/31 192.0.0.11" | |
| route_fib0_home_services="192.168.64.128/25 192.0.0.13" | |
| route_fib0_paigelan="10.1.0.0/18 192.0.0.15" | |
| route_fib0_unbound="203.0.113.53/32 192.0.0.19" | |
| route_fib0_squid="192.88.99.0/32 192.0.0.23" | |
| route_fib0_tailscale="192.168.72.130/32 192.0.0.17" | |
| route_fib16_paigelan="10.1.0.0/18 192.0.0.10 -fib 16" | |
| route_fib18_paigelan="10.1.0.0/18 192.0.0.12 -fib 18" | |
| route_fib25_no_dmz="-fib 25 192.168.1.0/24 -reject" | |
| route_fib16_no_dmz="-fib 16 192.168.1.0/24 -reject" | |
| route_fib30_no_dmz="-fib 30 192.168.1.0/24 -reject" | |
| route_fib16_no_home_services="-fib 16 192.168.64.128/25 -reject" | |
| route_fib0_no_ll_forward="169.254.0.0/16 -reject" | |
| route_fib0_no_vgw_forward="192.0.0.0/24 -reject" | |
| route_fib0_no_squid_backend="192.88.99.254/31 -reject" | |
| route_fib0_no_live_servers="192.168.72.128/25 -reject" | |
| static_routes="fib18_default fib25_default fib53_default fib81_default \ | |
| fib0_wave fib0_home_services fib0_paigelan fib0_unbound \ | |
| fib0_squid fib0_tailscale fib16_paigelan fib18_paigelan \ | |
| fib81_squid_child fib80_squid_parent \ | |
| fib25_no_dmz fib16_no_dmz fib30_no_dmz \ | |
| fib16_no_home_services fib0_no_ll_forward \ | |
| fib0_no_vgw_forward fib0_no_squid_backend \ | |
| fib0_no_live_servers fib80_dns" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment