configure resolv-dns for public user network

systems/resolv-dns.noc.eh22.intern/system.nix

@@ -3,6 +3,17 @@
   lib,
   ...
 }:
+let
+  renameLink = macAddr: newName: {
+    matchConfig = {
+      MACAddress = macAddr;
+      Type = "ether";
+    };
+    linkConfig = {
+      Name = newName;
+    };
+  };
+in
 {
   imports = [ ];
 
@@ -10,15 +21,31 @@
   networking.useDHCP = false;
   systemd.network = {
     enable = true;
+    links = {
+      "10-ethMgmt" = renameLink "BC:24:11:61:E3:D9" "ethMgmt";
+      "10-ethPubUser" = renameLink "BC:24:11:AD:52:B1" "ethPubUsr";
+    };
     networks = {
       "10-mgmtNet" = {
-        matchConfig.MACAddress = "BC:24:11:61:E3:D9";
+        matchConfig.Name = "ethMgmt";
         address = [ "10.20.25.5/24" ];
         gateway = [ "10.20.25.2" ];
       };
+      "10-pubUsr" = {
+        matchConfig.Name = "ethPubUsr";
+        address = [ "10.0.0.2/24" ];
+        gateway = [ "10.0.0.1" ];
+      };
     };
   };
 
+  # configure remaining network to work
+  services.resolved.enable = false;
+  networking.firewall = {
+    allowedTCPPorts = [ 53 ];
+    allowedUDPPorts = [ 53 ];
+  };
+
   # enable knot resolv server
   # ref: https://search.nüschtos.de/?query=services.kresd
   #      https://www.knot-resolver.cz/documentation/stable/

systems/sketchy-router.noc.eh22.intern.nix

@@ -76,6 +76,7 @@ in
       authoritative = true;
       shared-networks = [
         {
+          # management network
           name = "mgmtNet";
           interface = "ethMgmt";
           option-data = [
@@ -102,6 +103,7 @@ in
         }
 
         {
+          # public user network (only temporary setup)
           name = "tempPublicUser";
           interface = "ethPubUsr";
           option-data = [