{ ... }:
{
  networking = {
    hostName = "manatee";

    # Required for asymmetric routing (sending replies out a different interface
    # than the default route). Without this, the kernel drops the return traffic.
    firewall.checkReversePath = "loose";

    defaultGateway = "192.168.50.1";
    nameservers = [ "1.1.1.1" ];
    interfaces = {
      enp3s0 = {
        useDHCP = false;
        ipv4 = {
          addresses = [
            {
              address = "192.168.50.203";
              prefixLength = 24;
            }
          ];
        };

        ipv4.routes = [
          {
            address = "0.0.0.0";
            prefixLength = 0;
            via = "192.168.50.1"; # Router
            options = {
              table = "100";
            };
          }
        ];
      };
    };

    # Route packets from machines local IP back to router
    localCommands = ''
      # Add the rule only if it doesn't exist yet (idempotent)
      ip rule list | grep -q "from 192.168.50.203 lookup 100" || \
      ip rule add from 192.168.50.203 lookup 100 priority 5000
    '';
  };
}