interfaces { ethernet eth0 { vif 10 { description MGMT } vif 20 { description SERV } vif 40 { description TRUST } vif 60 { description SECURE } vif 70 { description IOT } vif 113 { address 172.31.255.1/29 description TRANSIT } vif 116 { address dhcp address dhcpv6 description WAN dhcpv6-options { duid 00:03:00:01:d4:86:60:x:x:x pd 0 { interface eth0.20 { address 1206 sla-id 2 } interface eth0.40 { address 1206 sla-id 4 } length 56 } rapid-commit temporary } ipv6 { address { autoconf } } mac d4:86:60:x:x:x } } ethernet eth1 { address dhcp address dhcpv6 description testing ipv6 { address { autoconf } } } } nat { source { rule 100 { outbound-interface eth0.116 source { address 172.16.0.0/16 } translation { address masquerade } } rule 101 { outbound-interface eth0.116 source { address 172.31.255.0/29 } translation { address masquerade } } } } protocols { static { route 172.16.0.0/16 { next-hop 172.31.255.2 { } } } } service { dhcp-server { listen-address 172.31.255.1 shared-network-name IOT { authoritative name-server 172.31.255.3 name-server 172.31.255.1 subnet 172.16.70.0/24 { range 0 { start 172.16.70.64 stop 172.16.70.253 } } } shared-network-name MGMT { authoritative name-server 172.31.255.3 name-server 172.31.255.1 subnet 172.16.10.0/24 { default-router 172.16.10.254 range 0 { start 172.16.10.192 stop 172.16.10.253 } } } shared-network-name SECURE { authoritative name-server 172.31.255.3 name-server 172.31.255.1 subnet 172.16.60.0/24 { default-router 172.16.60.254 range 0 { start 172.16.60.192 stop 172.16.60.253 } } } shared-network-name SERV { authoritative name-server 172.31.255.3 name-server 172.31.255.1 subnet 172.16.20.0/24 { default-router 172.16.20.254 range 0 { start 172.16.20.128 stop 172.16.20.253 } } } shared-network-name TRUST { authoritative name-server 172.31.255.1 name-server 172.31.255.3 subnet 172.16.40.0/24 { range 0 { start 172.16.40.64 stop 172.16.40.253 } } } } dns { forwarding { allow-from 172.16.0.0/16 cache-size 0 listen-address 172.31.255.1 name-server 9.9.9.9 { } name-server 149.112.112.112 { } } } ntp { allow-client { address 0.0.0.0/0 address ::/0 } server time1.vyos.net { } server time2.vyos.net { } server time3.vyos.net { } } router-advert { interface eth0.20 { prefix ::/64 { } } interface eth0.40 { prefix ::/64 { } } } ssh { port 22 } } system { config-management { commit-revisions 100 } conntrack { modules { ftp h323 nfs pptp sip sqlnet tftp } } console { device ttyS0 { speed 115200 } } host-name vyos login { user vyos { authentication { encrypted-password **************** plaintext-password **************** } } } name-server 9.9.9.9 name-server 149.112.112.112 syslog { global { facility all { level info } facility local7 { level debug } } } }