diff --git a/modules/system/proxmox/network.nix b/modules/system/proxmox/network.nix
index 8b61c442..6a4d6974 100644
--- a/modules/system/proxmox/network.nix
+++ b/modules/system/proxmox/network.nix
@@ -30,7 +30,7 @@
         default = null;
       };
       address4 = mkOption {
-        type = nullOr (either (enum [ "auto" ]) str);
+        type = nullOr (either (enum [ "dhcp" ]) str);
         default = null;
       };
       gateway4 = mkOption {
@@ -80,7 +80,7 @@
         ];
         slaac.postfix = mkOptionDefault (mapNullable eui64 config.macAddress);
         gateway4 = mkMerge [
-          (mkIf (system.proxmox.node.name == "reisen" && config.bridge == "vmbr0" && config.address4 != null && config.address4 != "auto") (mkAlmostOptionDefault "10.1.1.1"))
+          (mkIf (system.proxmox.node.name == "reisen" && config.bridge == "vmbr0" && config.address4 != null && config.address4 != "dhcp") (mkAlmostOptionDefault "10.1.1.1"))
         ];
         networkd.networkSettings = {
           name = mkAlmostOptionDefault config.name;
@@ -100,7 +100,7 @@
             })
           ];
           address = mkMerge [
-            (mkIf (! elem config.address4 [ null "auto" ]) [ config.address4 ])
+            (mkIf (! elem config.address4 [ null "dhcp" ]) [ config.address4 ])
             (mkIf (! elem config.address6 [ null "auto" "dhcp" ]) [ config.address6 ])
           ];
           gateway = mkMerge [
@@ -108,7 +108,7 @@
             (mkIf (config.gateway6 != null) [ config.gateway6 ])
           ];
           DHCP = mkAlmostOptionDefault (
-            if config.address4 == "auto" && config.address6 == "dhcp" then "yes"
+            if config.address4 == "dhcp" && config.address6 == "dhcp" then "yes"
             else if config.address6 == "dhcp" then "ipv6"
             else if config.address4 == "dhcp" then "ipv4"
             else "no"
diff --git a/systems/aya/proxmox.nix b/systems/aya/proxmox.nix
index 288c6c9b..c13d0466 100644
--- a/systems/aya/proxmox.nix
+++ b/systems/aya/proxmox.nix
@@ -15,6 +15,7 @@ _: {
         macAddress = "BC:24:11:C4:66:AA";
         networkd.networkSettings.linkConfig.RequiredForOnline = false;
       };
+      net2.internal.enable = true;
     };
   };
 }
diff --git a/systems/freeipa/default.nix b/systems/freeipa/default.nix
index 7b34b950..fd1281d6 100644
--- a/systems/freeipa/default.nix
+++ b/systems/freeipa/default.nix
@@ -10,6 +10,7 @@ _: {
         name = "ens18";
         macAddress = "BC:24:11:3D:39:91";
       };
+      net1.internal.enable = true;
     };
   };
 }
diff --git a/systems/hakurei/proxmox.nix b/systems/hakurei/proxmox.nix
index 7ee2644d..5eac392b 100644
--- a/systems/hakurei/proxmox.nix
+++ b/systems/hakurei/proxmox.nix
@@ -11,6 +11,7 @@ _: {
         address4 = "10.1.1.41/24";
         address6 = "auto";
       };
+      net1.internal.enable = true;
     };
   };
 }
diff --git a/systems/keycloak/proxmox.nix b/systems/keycloak/proxmox.nix
index e845fc47..46a3a02f 100644
--- a/systems/keycloak/proxmox.nix
+++ b/systems/keycloak/proxmox.nix
@@ -11,6 +11,7 @@ _: {
         address4 = "10.1.1.48/24";
         address6 = "auto";
       };
+      net1.internal.enable = true;
     };
   };
 }
diff --git a/systems/litterbox/proxmox.nix b/systems/litterbox/proxmox.nix
index 91906789..ef28f1bc 100644
--- a/systems/litterbox/proxmox.nix
+++ b/systems/litterbox/proxmox.nix
@@ -9,9 +9,10 @@ _: {
       net0 = {
         mdns.enable = true;
         macAddress = "BC:24:11:C4:66:AB";
-        address4 = "auto";
+        address4 = "dhcp";
         address6 = "auto";
       };
+      net1.internal.enable = true;
     };
   };
 }
diff --git a/systems/reimu/proxmox.nix b/systems/reimu/proxmox.nix
index c4779d96..ca857f1a 100644
--- a/systems/reimu/proxmox.nix
+++ b/systems/reimu/proxmox.nix
@@ -12,6 +12,7 @@ _: {
         address4 = "10.1.1.45/24";
         address6 = "auto";
       };
+      net1.internal.enable = true;
     };
   };
 }
diff --git a/systems/tei/proxmox.nix b/systems/tei/proxmox.nix
index 84c083d4..9349a622 100644
--- a/systems/tei/proxmox.nix
+++ b/systems/tei/proxmox.nix
@@ -11,6 +11,7 @@ _: {
         address4 = "10.1.1.39/24";
         address6 = "auto";
       };
+      net1.internal.enable = true;
     };
   };
 }
diff --git a/systems/utsuho/proxmox.nix b/systems/utsuho/proxmox.nix
index 9f5b2acd..1e1077ea 100644
--- a/systems/utsuho/proxmox.nix
+++ b/systems/utsuho/proxmox.nix
@@ -11,6 +11,7 @@ _: {
         address4 = "10.1.1.38/24";
         address6 = "auto";
       };
+      net1.internal.enable = true;
     };
   };
 }
diff --git a/tf/proxmox_reisen.tf b/tf/proxmox_reisen.tf
index 6d37c056..7690d564 100644
--- a/tf/proxmox_reisen.tf
+++ b/tf/proxmox_reisen.tf
@@ -70,5 +70,5 @@ resource "proxmox_virtual_environment_network_linux_bridge" "internal" {
   name      = "vmbr9"
   address   = "${cidrhost(local.reisen_int_prefix4, 2)}/24"
   address6  = "${cidrhost(local.reisen_int_prefix6, 2)}/64"
-  comment = "internal private network"
+  comment   = "internal private network"
 }
diff --git a/tf/proxmox_vms.tf b/tf/proxmox_vms.tf
index dcdb77a5..6de6c856 100644
--- a/tf/proxmox_vms.tf
+++ b/tf/proxmox_vms.tf
@@ -70,6 +70,14 @@ EOT
         gateway = "10.1.1.1"
       }
     }
+    ip_config {
+      ipv6 {
+        address = "${cidrhost(local.reisen_int_prefix6, local.proxmox_tewi_vm_id - local.reisen_int_offset)}/64"
+      }
+      ipv4 {
+        address = "${cidrhost(local.reisen_int_prefix4, local.proxmox_tewi_vm_id - local.reisen_int_offset)}/24"
+      }
+    }
   }
 
   startup {
@@ -82,6 +90,11 @@ EOT
     name        = "eth0"
     mac_address = "BC:24:11:CC:66:57"
   }
+  network_interface {
+    name        = "eth9"
+    mac_address = "BC:24:19:CC:66:57"
+    bridge      = proxmox_virtual_environment_network_linux_bridge.internal.name
+  }
 
   operating_system {
     template_file_id = var.proxmox_container_template
@@ -225,6 +238,14 @@ EOT
         gateway = "10.1.1.1"
       }
     }
+    ip_config {
+      ipv6 {
+        address = "${cidrhost(local.reisen_int_prefix6, local.proxmox_reimu_vm_id - local.reisen_int_offset)}/64"
+      }
+      ipv4 {
+        address = "${cidrhost(local.reisen_int_prefix4, local.proxmox_reimu_vm_id - local.reisen_int_offset)}/24"
+      }
+    }
   }
 
   startup {
@@ -237,6 +258,11 @@ EOT
     name        = "eth0"
     mac_address = "BC:24:11:C4:66:A8"
   }
+  network_interface {
+    name        = "eth9"
+    mac_address = "BC:24:19:C4:66:A8"
+    bridge      = proxmox_virtual_environment_network_linux_bridge.internal.name
+  }
 
   operating_system {
     template_file_id = var.proxmox_container_template
@@ -300,7 +326,15 @@ EOT
       }
     }
     # empty block required if additional interfaces are added, but causes state sync issues
-    # ip_config {}
+    ip_config {}
+    ip_config {
+      ipv6 {
+        address = "${cidrhost(local.reisen_int_prefix6, local.proxmox_aya_vm_id - local.reisen_int_offset)}/64"
+      }
+      ipv4 {
+        address = "${cidrhost(local.reisen_int_prefix4, local.proxmox_aya_vm_id - local.reisen_int_offset)}/24"
+      }
+    }
   }
 
   startup {
@@ -317,6 +351,11 @@ EOT
     name        = "eth1"
     mac_address = "BC:24:11:C4:66:AA"
   }
+  network_interface {
+    name        = "eth9"
+    mac_address = "BC:24:19:C4:66:A9"
+    bridge      = proxmox_virtual_environment_network_linux_bridge.internal.name
+  }
 
   operating_system {
     template_file_id = var.proxmox_container_template
@@ -378,6 +417,14 @@ EOT
         gateway = "10.1.1.1"
       }
     }
+    ip_config {
+      ipv6 {
+        address = "${cidrhost(local.reisen_int_prefix6, local.proxmox_utsuho_vm_id - local.reisen_int_offset)}/64"
+      }
+      ipv4 {
+        address = "${cidrhost(local.reisen_int_prefix4, local.proxmox_utsuho_vm_id - local.reisen_int_offset)}/24"
+      }
+    }
   }
 
   startup {
@@ -390,6 +437,11 @@ EOT
     name        = "eth0"
     mac_address = "BC:24:11:C4:66:A6"
   }
+  network_interface {
+    name        = "eth9"
+    mac_address = "BC:24:19:C4:66:A6"
+    bridge      = proxmox_virtual_environment_network_linux_bridge.internal.name
+  }
 
   operating_system {
     template_file_id = var.proxmox_container_template
@@ -459,6 +511,10 @@ EOT
     bridge      = "vmbr0"
     mac_address = "BC:24:11:3D:39:91"
   }
+  network_device {
+    mac_address = "BC:24:19:3D:39:91"
+    bridge      = proxmox_virtual_environment_network_linux_bridge.internal.name
+  }
 
   operating_system {
     type = "l26"
@@ -504,6 +560,14 @@ EOT
         address = "dhcp"
       }
     }
+    ip_config {
+      ipv6 {
+        address = "${cidrhost(local.reisen_int_prefix6, local.proxmox_litterbox_vm_id - local.reisen_int_offset)}/64"
+      }
+      ipv4 {
+        address = "${cidrhost(local.reisen_int_prefix4, local.proxmox_litterbox_vm_id - local.reisen_int_offset)}/24"
+      }
+    }
   }
 
   startup {
@@ -516,6 +580,11 @@ EOT
     name        = "eth0"
     mac_address = "BC:24:11:C4:66:AB"
   }
+  network_interface {
+    name        = "eth9"
+    mac_address = "BC:24:19:C4:66:AB"
+    bridge      = proxmox_virtual_environment_network_linux_bridge.internal.name
+  }
 
   operating_system {
     template_file_id = var.proxmox_container_template
@@ -627,7 +696,16 @@ EOT
         address = "auto"
       }
       ipv4 {
-        address = "dhcp"
+        address = "10.1.1.48/24"
+        gateway = "10.1.1.1"
+      }
+    }
+    ip_config {
+      ipv6 {
+        address = "${cidrhost(local.reisen_int_prefix6, local.proxmox_keycloak_vm_id - local.reisen_int_offset)}/64"
+      }
+      ipv4 {
+        address = "${cidrhost(local.reisen_int_prefix4, local.proxmox_keycloak_vm_id - local.reisen_int_offset)}/24"
       }
     }
   }
@@ -642,6 +720,11 @@ EOT
     name        = "eth0"
     mac_address = "BC:24:11:C4:66:AC"
   }
+  network_interface {
+    name        = "eth9"
+    mac_address = "BC:24:19:C4:66:AC"
+    bridge      = proxmox_virtual_environment_network_linux_bridge.internal.name
+  }
 
   operating_system {
     template_file_id = var.proxmox_container_template