diff --git a/modules/system/proxmox/network.nix b/modules/system/proxmox/network.nix
index b3e7580e..b2f3ff6e 100644
--- a/modules/system/proxmox/network.nix
+++ b/modules/system/proxmox/network.nix
@@ -108,6 +108,9 @@
         gateway4 = mkMerge [
           (mkIf (system.proxmox.node.name == "reisen" && config.bridge == "vmbr0" && config.address4 != null && config.address4 != "dhcp") (mkAlmostOptionDefault "10.1.1.1"))
         ];
+        networkd.name = mkIf config.local.enable (
+          mkDefault "_00-local"
+        );
         networkd.networkSettings = {
           name = mkAlmostOptionDefault config.name;
           ipv6AcceptRAConfig = mkIf config.local.enable {
@@ -155,6 +158,7 @@
         macAddress = mkIf (system.proxmox.network.interfaces.net0.macAddress or null != null && hasPrefix "BC:24:11:" system.proxmox.network.interfaces.net0.macAddress) (mkAlmostOptionDefault (
           replaceStrings [ "BC:24:11:" ] [ "BC:24:19:" ] system.proxmox.network.interfaces.net0.macAddress
         ));
+        networkd.name = mkDefault "_00-int";
         networkd.networkSettings = {
           domains = mkDefault [ ]; # int.${domain}?
           linkConfig.RequiredForOnline = false;
diff --git a/nixos/dnsmasq.nix b/nixos/dnsmasq.nix
index 837eded6..088db8c3 100644
--- a/nixos/dnsmasq.nix
+++ b/nixos/dnsmasq.nix
@@ -61,7 +61,7 @@ in {
     };
     dynamic.interface = mkOption {
       type = str;
-      default = "eth0";
+      default = config.systemd.network.networks._00-local.name or "eth0";
     };
   };
   config = {
diff --git a/nixos/int.nix b/nixos/int.nix
index 558beb7c..302803bf 100644
--- a/nixos/int.nix
+++ b/nixos/int.nix
@@ -2,7 +2,7 @@
   inherit (lib.modules) mkDefault;
 in {
   config = {
-    systemd.network.networks.eth9 = {config, ...}: {
+    systemd.network.networks._00-int = {config, ...}: {
       networkConfig = {
         IPv6SendRA = mkDefault true;
       };
diff --git a/nixos/k8s.nix b/nixos/k8s.nix
index a6ad6609..9cafd437 100644
--- a/nixos/k8s.nix
+++ b/nixos/k8s.nix
@@ -2,9 +2,10 @@
   config,
   pkgs,
   lib,
+  gensokyo-zone,
   ...
 }: let
-  inherit (inputs.self.lib.lib) domain;
+  inherit (gensokyo-zone.lib) domain;
   inherit (lib.modules) mkForce;
   inherit (lib.strings) escapeShellArgs;
   kubeMasterIP = "10.1.1.173";
diff --git a/nixos/reisen-ct/network.nix b/nixos/reisen-ct/network.nix
index c25c8c70..5b89c699 100644
--- a/nixos/reisen-ct/network.nix
+++ b/nixos/reisen-ct/network.nix
@@ -1,11 +1,13 @@
 {
   lib,
+  gensokyo-zone,
   config,
   options,
   meta,
   access,
   ...
 }: let
+  inherit (gensokyo-zone.lib) mkAlmostOptionDefault;
   inherit (lib.modules) mkIf mkBefore mkOrder;
   enableDns = !config.services.dnsmasq.enable && config.networking.hostName != "utsuho";
 in {
@@ -18,11 +20,11 @@ in {
   #services.resolved.enable = mkIf enableDns false;
   systemd.services.avahi-daemon = mkIf (options ? proxmoxLXC && config.services.avahi.enable) {
     serviceConfig.ExecStartPre = mkIf config.services.resolved.enable [
-      "+-${config.systemd.package}/bin/resolvectl mdns ${config.systemd.network.networks.eth0.name or "eth0"} yes"
+      "+-${config.systemd.package}/bin/resolvectl mdns ${config.systemd.network.networks._00-local.name or "eth0"} yes"
     ];
   };
-  systemd.network.networks.eth0 = mkIf (! options ? proxmoxLXC) {
-    name = "eth0";
+  systemd.network.networks._00-local = mkIf (! options ? proxmoxLXC) {
+    name = mkAlmostOptionDefault "ens18";
     linkConfig.Multicast = true;
     networkConfig.MulticastDNS = true;
   };
diff --git a/nixos/samba.nix b/nixos/samba.nix
index f08f937f..dab7606b 100644
--- a/nixos/samba.nix
+++ b/nixos/samba.nix
@@ -133,7 +133,7 @@ in {
 
   services.samba-wsdd = {
     enable = mkIf cfg.enable (mkDefault true);
-    interface = mkDefault config.systemd.network.networks.eth0.name;
+    interface = mkDefault config.systemd.network.networks._00-local.name;
   };
 
   sops.secrets = {
diff --git a/nixos/tailscale.nix b/nixos/tailscale.nix
index b6c81fda..d686ca49 100644
--- a/nixos/tailscale.nix
+++ b/nixos/tailscale.nix
@@ -48,7 +48,7 @@ in {
         '';
         # https://tailscale.com/kb/1320/performance-best-practices#ethtool-configuration
         exitNodeRouting = optionalString cfg.advertiseExitNode ''
-          netdev=$(${pkgs.iproute2}/bin/ip route show 0/0 | ${pkgs.coreutils}/bin/cut -f5 -d' ' || echo ${config.systemd.network.networks.eth0.name or "eth0"})
+          netdev=$(${pkgs.iproute2}/bin/ip route show 0/0 | ${pkgs.coreutils}/bin/cut -f5 -d' ' || echo ${config.systemd.network.networks._00-local.name or "eth0"})
           ${getExe pkgs.ethtool} -K "$netdev" rx-udp-gro-forwarding on rx-gro-list off || true
         '';
         advertiseExitNode = "--advertise-exit-node" + optionalString (!cfg.advertiseExitNode) "=false";
diff --git a/systems/kuwubernetes/nixos.nix b/systems/kuwubernetes/nixos.nix
index 0f0e8e87..5e4b0141 100644
--- a/systems/kuwubernetes/nixos.nix
+++ b/systems/kuwubernetes/nixos.nix
@@ -5,6 +5,7 @@
   modulesPath,
   ...
 }: let
+  inherit (lib.modules) mkIf;
   inherit (lib.attrsets) genAttrs nameValuePair;
   inherit (builtins) listToAttrs;
   dexFiles = [
@@ -44,7 +45,10 @@ in {
     {device = "/dev/disk/by-uuid/b374e454-7af5-46fc-b949-24e38a2216d5";}
   ];
 
-  networking.interfaces.ens18.useDHCP = true;
+  networking.interfaces.ens18 = mkIf (!config.systemd.network.enable) {
+    # TODO: stop using dhcp
+    useDHCP = true;
+  };
 
   sops.secrets = let
     dexCommon = {
@@ -75,7 +79,7 @@ in {
     };
   };
 
-  systemd.network.networks.ens18 = {
+  systemd.network.networks._00-local = {
     name = "ens18";
     matchConfig = {
       MACAddress = "BC:24:11:49:FE:DC";