diff --git a/debian-devuan-netboot.sh b/debian-devuan-netboot.sh
index b703e60..eb0d381 100755
--- a/debian-devuan-netboot.sh
+++ b/debian-devuan-netboot.sh
@@ -33,7 +33,7 @@ debootstrap "${suite}" "${chroot_dir}"
 echo "deb http://pkgmaster.devuan.org/merged ${suite} main contrib non-free" > ${chroot_dir}/etc/apt/sources.list
 
 chroot ${chroot_dir} apt update
-chroot ${chroot_dir} apt install  -y openssh-server rdnssd linux-image-amd64 firmware-bnx2
+chroot ${chroot_dir} apt install  -y openssh-server rdnssd linux-image-amd64 firmware-bnx2 ifenslave vlan
 
 echo "unconfigured-host" > ${chroot_dir}/etc/hostname
 
@@ -53,30 +53,52 @@ chown -R root:root ${chroot_dir}/root/
 ################################################################################
 # networking
 
-# always lo
+# echo bonding
+
 cat > ${chroot_dir}/etc/network/interfaces << EOF
 auto lo
 iface lo inet loopback
 
-source-directory /etc/network/interfaces.d
+auto bond0
+iface bond0 inet manual
+  bond-miimon 500
+  bond-mode 4
+  post-up /sbin/ip link set \$IFACE mtu 9000
+  bond-slaves none
+
+auto eth0
+iface eth0 inet manual
+  bond-master bond0
+  post-up /sbin/ip link set \$IFACE mtu 9000
+
+auto eth1
+iface eth1 inet manual
+  bond-master bond0
+  post-up /sbin/ip link set \$IFACE mtu 9000
+
+# server network
+auto bond0.11
+iface bond0.11 inet6 auto
+  post-up /sbin/ip link set \$IFACE mtu 9000
+  vlan-raw-device bond0
 EOF
 
-# find the boot interfaces at boot
-cat > ${chroot_dir}/etc/rc.local <<EOF
-mac=\$(cat /proc/cmdline | tr ' ' '\n' | awk -F= '/bootdev/ { print \$2 }')
-dev=\$(ip -o link | awk -F: "/\$mac/ { print \\\$2 }" | sed 's/ *//g')
+# find the boot interfaces at boot - not needed, always eth0/eth1
+# cat > ${chroot_dir}/etc/rc.local <<EOF
+# mac=\$(cat /proc/cmdline | tr ' ' '\n' | awk -F= '/bootdev/ { print \$2 }')
+# dev=\$(ip -o link | awk -F: "/\$mac/ { print \\\$2 }" | sed 's/ *//g')
 
-cat > /etc/network/interfaces.d/bootinterface << eof
-auto \$dev
-iface \$dev inet6 auto
-eof
+# cat > /etc/network/interfaces.d/bootinterface << eof
+# auto \$dev
+# iface \$dev inet6 auto
+# eof
 
-ifup "\${dev}"
+# ifup "\${dev}"
 
-exit 0
-EOF
+# exit 0
+# EOF
 
-chmod a+rx "${chroot_dir}/etc/rc.local"
+# chmod a+rx "${chroot_dir}/etc/rc.local"
 
 # ensure there is /init in the initramfs -> otherwise there is a kernel panic
 # reason: initramfs is designed to be PRE regular os, so /init usually hands over to /sbin/init
diff --git a/setup-viirb.sh b/setup-viirb.sh
index e6e2638..b8e7ca6 100755
--- a/setup-viirb.sh
+++ b/setup-viirb.sh
@@ -226,6 +226,14 @@ uci set dhcp.wifi.interface='wifi'
 uci set dhcp.wifi.ra='server'
 uci set dhcp.wifi.dynamicdhcp='0'
 
+# Fix DNS: make dnsmasq NOT use a resolv.conf
+# so that it only reads from our servers with DNS64 enabled
+uci set dhcp.@dnsmasq[0].noresolv='1'
+
+# Fix DNS: make the OS use the locally provided DNS servers
+# otherwise the VPN tunnel cannot be established
+dhcp.@dnsmasq[0].localuse='0'
+
 
 # VPN / Wireguard
 uci set network.wg0=interface