diff --git a/modules/tasks/network-interfaces.nix b/modules/tasks/network-interfaces.nix
index 740c3b83cda..bbc357b1b29 100644
--- a/modules/tasks/network-interfaces.nix
+++ b/modules/tasks/network-interfaces.nix
@@ -5,10 +5,6 @@ with pkgs.lib;
 let
 
   cfg = config.networking;
-
-  windowSize = if cfg.defaultGatewayWindowSize != "" then 
-    "window ${cfg.defaultGatewayWindowSize}" else "";
-
   interfaces = attrValues cfg.interfaces;
   hasVirtuals = any (i: i.virtual) interfaces;
 
@@ -140,8 +136,9 @@ in
     };
 
     networking.defaultGatewayWindowSize = mkOption {
-      default = "";
-      example = "524288";
+      default = null;
+      example = 524288;
+      type = types.nullOr types.int;
       description = ''
         The window size of the default gateway. It limits maximal data bursts that TCP peers
         are allowed to send to us.
@@ -295,7 +292,9 @@ in
                 # Set the default gateway.
                 ${optionalString (cfg.defaultGateway != "") ''
                   # FIXME: get rid of "|| true" (necessary to make it idempotent).
-                  ip route add default via "${cfg.defaultGateway}" ${windowSize} || true
+                  ip route add default via "${cfg.defaultGateway}" ${
+                    optionalString (cfg.defaultGatewayWindowSize != null)
+                      "window ${cfg.defaultGatewayWindowSize}"} || true
                 ''}
 
                 # Turn on forwarding if any interface has enabled proxy_arp.