diff --git a/ansible/environments/laptop/host_vars/odofreebsd b/ansible/environments/laptop/host_vars/odofreebsd
index 613c1a0..4a755b6 100644
--- a/ansible/environments/laptop/host_vars/odofreebsd
+++ b/ansible/environments/laptop/host_vars/odofreebsd
@@ -39,6 +39,10 @@ users:
 devfs_rules: "odo_devfs.rules"
 jail_zfs_dataset: zroot/freebsd/release/jails
 jail_zfs_dataset_mountpoint: /jail/main
+jail_list:
+  - name: nat_dhcp
+    conf:
+      src: nat_dhcp
 bhyve_dataset: zroot/freebsd/release/vm
 bhyve_list: []
 efi_dev: /dev/gpt/EFI
diff --git a/ansible/roles/devfs/files/odo_devfs.rules b/ansible/roles/devfs/files/odo_devfs.rules
index d351b5b..b6ed32d 100644
--- a/ansible/roles/devfs/files/odo_devfs.rules
+++ b/ansible/roles/devfs/files/odo_devfs.rules
@@ -11,3 +11,9 @@ add path pf unhide
 add path pflog unhide
 add path pfsynv unhide
 add path 'tun*' unhide
+
+[tajaildhcp=14]
+add include $devfsrules_hide_all
+add include $devfsrules_unhide_basic
+add include $devfsrules_unhide_login
+add path 'bpf*' unhide
diff --git a/ansible/roles/jail/files/jails/nat_dhcp.conf b/ansible/roles/jail/files/jails/nat_dhcp.conf
new file mode 100644
index 0000000..c4f1ba6
--- /dev/null
+++ b/ansible/roles/jail/files/jails/nat_dhcp.conf
@@ -0,0 +1,11 @@
+nat_dhcp {
+    path = "/jail/main/jails/nat_dhcp";
+    vnet;
+    vnet.interface += "host_link3";
+    devfs_ruleset = 14;
+    mount.devfs; # To expose tun device
+
+    exec.start += "/bin/sh /etc/rc";
+    exec.stop = "/bin/sh /etc/rc.shutdown jail";
+    exec.consolelog = "/var/log/jail_${name}_console.log";
+}