Difference between revisions of "Network information"

From Hackerspace ACKspace
Jump to: navigation, search
(added switch ref)
m (fixed wrong date)
 
(39 intermediate revisions by 4 users not shown)
Line 1: Line 1:
 +
<onlyinclude>{{#ifeq:{{{transcludesection|outage_and_maintenance}}}|outage_and_maintenance|
 +
{{InfoBox
 +
|Type=alert
 +
|Title=Intermittent/offline network due to planned power outage
 +
|Text=Due to planned power outage on November 14-16, all internal services will be shutdown and might come back partially. See [[Maintenance]] for more details.|Float=right
 +
|Clear=both
 +
|Width=24em
 +
|Background=#f7f7ff
 +
|Expire=1732492799
 +
}}
 +
}}</onlyinclude>
 +
 
== synopsis ==
 
== synopsis ==
I've ([[User:Xopr|xopr]]) created this network information page mainly because no-one knows the current setup by heart, and I'm preparing for [[Congress everywhere]] without breaking people's [https://duckduckgo.com/?q=kittens&ia=images precious downloads]..
+
<onlyinclude>{{#ifeq:{{{transcludesection|synopsis}}}|synopsis|
 +
I've ([[User:Xopr|xopr]]) started this network information page mainly because no-one knows the current setup by heart, and I was preparing for [[Congress everywhere]] without breaking people's [https://duckduckgo.com/?q=kittens&ia=images precious downloads]..
 +
}}</onlyinclude>
  
 
== current setup ==
 
== current setup ==
 +
=== Address Spaces ===
 +
==== VLAN 200 (LAN) ====
 +
*192.168.1.1-49: static IPs
 +
*192.168.1.50-199: standard DHCP scope
 +
*192.168.1.200-254: DHCP reservations
 +
 +
====== Static IPs used ======
 +
*192.168.1.1: stAckwall (PfSense firewall)
 +
*192.168.1.2: Linksys router
 +
*192.168.1.3: debbie-downer IPMI interface (kan je aanspreken via Linux package ipmitool)
 +
*192.168.1.4: TP-link router (openWRT)
 +
*192.168.1.10: Management IP hAckswitch
 +
*192.168.1.11: Management IP stAckswitch
 +
*192.168.1.12: Management IP slAckswitch
 +
*192.168.1.13: Management IP PoEswitch
 +
*192.168.1.42: [[Telephone_System|VoIP]]/MQTT VM
 +
 +
=== Management IPs ===
 +
* stAckwall: 192.168.1.1
 +
* Hackspace: 192.168.1.10
 +
* Stackspace: 192.168.1.11
 +
* Slackspace: 192.168.1.12
  
=== trunks ===
+
=== Network Schematic ===
# router and 'main switch'
+
[[File:Netlayout.png]]
# router and VoIP setup
 
# 'main switch' and 'media switch'
 
# 'main switch' and &laquo;unknown&raquo;2
 
# 'main switch' and stackspace (not connected)
 
# 'main switch' and entrance/webcam (not connected)
 
# 'main switch' and 3D printcorner (not connected)
 
  
=== special settings ===
+
=== connections ===
* Netgear router (DD-WRT), providing internet and wifi (spacenet, spacenet_5GHz, ACKspaceWifi)
+
==== slACKswitch ====
: has extra firewall rules (to prevent Wifi, VoIP and internet access from crumbling down on multicast streams)
+
Probably connected to fuse group [[Fuse group::A]].
: <code>insmod ebtables
+
{| class="wikitable switchtable"
: insmod ebtable_filter
+
| VLAN
: insmod ebt_pkttype
+
| style="background-color:lightblue" | 2u
: ebtables -F INPUT
+
| style="background-color:lightblue" | 2u
: ebtables -F FORWARD
+
| style="background-color:lightblue" | 2u
: ebtables -F OUTPUT
+
| style="background-color:lightblue" | 2u
:
+
| style="background-color:lightblue" | 2u
: ebtables -A INPUT --pkttype-type multicast -j DROP
+
| style="background-color:lightblue" | 2u
: ebtables -A FORWARD --pkttype-type multicast -j DROP
+
| style="background-color:lightblue" | 2u
: ebtables -A OUTPUT --pkttype-type multicast -j DROP
+
| style="background-color:lightblue" | 2u
</code>
+
|-
 +
| Port
 +
| style="background-color:lightblue" | '''1'''
 +
| style="background-color:lightblue" | '''3'''
 +
| style="background-color:lightblue" | '''5'''
 +
| style="background-color:lightblue" | '''7'''
 +
| style="background-color:lightblue" | '''9'''
 +
| style="background-color:lightblue" | '''11'''
 +
| style="background-color:lightblue" | '''13'''
 +
| style="background-color:lightblue" | '''15'''
  
== notes ==
+
|-
* All important connections have been labeled (trunks on both sides). Please keep the label on (and updated) at all times. You can find the label-tywraps in the network-connector box in the stackspace
+
| Port
* Multicast traffic cannot be filtered (IGMP snooping) by the Dell switches. The router filters them all; if you don't want multicast traffic, connect to the router for now.
+
| style="background-color:lightblue" | '''2'''
 +
| style="background-color:lightblue" | '''4'''
 +
| style="background-color:lightblue" | '''6'''
 +
| style="background-color:lightblue" | '''8'''
 +
| style="background-color:lightblue" | '''10'''
 +
| style="background-color:lightblue" | '''12'''
 +
| style="background-color:lightblue" | '''14'''
 +
| style="background-color:lightgreen" | '''16''': [[#trunks|Trunk 3]]
 +
|-
 +
| VLAN
 +
| style="background-color:lightblue" | 2u
 +
| style="background-color:lightblue" | 2u
 +
| style="background-color:lightblue" | 2u
 +
| style="background-color:lightblue" | 2u
 +
| style="background-color:lightblue" | 2u
 +
| style="background-color:lightblue" | 2u
 +
| style="background-color:lightblue" | 2u
 +
| style="background-color:lightgreen" | trunk
 +
|}
 +
 
 +
==== PoEswitch ====
 +
Probably connected to fuse group [[Fuse group::A]].
 +
{| class="wikitable switchtable"
 +
| VLAN
 +
| style="background-color:purple" | 200u
 +
| style="background-color:yellow" | 200u
 +
| style="background-color:yellow" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightgreen" | 200u
 +
|-
 +
| Port
 +
| style="background-color:purple" | '''1''': Event Accesspoint
 +
| style="background-color:yellow" | '''2''': [[Thomson_ST2030|VoIP]]
 +
| style="background-color:yellow" | '''3''': [[Polycom|VoIP]]
 +
| style="background-color:lightblue" | '''4'''
 +
| style="background-color:lightblue" | '''5'''
 +
| style="background-color:lightblue" | '''6'''
 +
| style="background-color:lightblue" | '''7'''
 +
| style="background-color:lightgreen" | '''8'''
 +
 
 +
|}
 +
Note that VLAN7 is used for [[User:Xopr|xopr]]'s Mesh node which should provide spacenet near [[barbecue's|bbq]].
 +
 
 +
==== hACKswitch ====
 +
Connected to fuse group [[Fuse group::A]].
 +
{| class="wikitable switchtable"
 +
| VLAN
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:yellow" | 200u
 +
| style="background-color:yellow" | 200u
 +
| style="background-color:lightgreen" | trunk
 +
| style="background-color:lightgreen" | trunk
 +
|-
 +
| Port
 +
| style="background-color:lightblue" | '''1'''
 +
| style="background-color:lightblue" | '''3'''
 +
| style="background-color:lightblue" | '''5'''
 +
| style="background-color:lightblue" | '''7'''
 +
| style="background-color:lightblue" | '''9'''
 +
| style="background-color:lightblue" | '''11'''
 +
| style="background-color:lightblue" | '''13'''
 +
| style="background-color:lightblue" | '''14'''
 +
| style="background-color:yellow" | '''17''': [[telephony|VoIP]]
 +
| style="background-color:yellow" | '''19''': [[Thomson_ST2030|VoIP]]
 +
| style="background-color:lightgreen" | '''21'''
 +
| style="background-color:lightgreen" | '''23''': stAkcswitch
 +
|-
 +
| Port
 +
| style="background-color:lightblue" | '''2'''
 +
| style="background-color:lightblue" | '''4'''
 +
| style="background-color:lightblue" | '''6'''
 +
| style="background-color:lightblue" | '''8'''
 +
| style="background-color:lightblue" | '''10'''
 +
| style="background-color:lightblue" | '''12'''
 +
| style="background-color:lightblue" | '''14'''
 +
| style="background-color:lightblue" | '''16'''
 +
| style="background-color:lightblue" | '''18'''
 +
| style="background-color:lightblue" | '''20'''
 +
| style="background-color:lightgreen" | '''22''': slAckswitch
 +
| style="background-color:red" | '''24''': WAN uplink
 +
|-
 +
| VLAN
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightgreen" | trunk
 +
| style="background-color:red" | 100u
 +
|}
 +
 
 +
=== stAckswitch ===
 +
{| class="wikitable switchtable"
 +
| VLAN
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightgreen" | Trunk
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
|-
 +
| style="font-weight:normal;" | Port
 +
| style="background-color:lightblue" | '''1'''
 +
| style="background-color:lightblue" | '''3'''
 +
| style="background-color:lightblue" | '''5'''
 +
| style="background-color:lightblue" | '''7'''
 +
| style="background-color:lightblue" | '''9'''
 +
| style="background-color:lightblue" | '''11'''
 +
| style="background-color:lightblue" | '''13'''
 +
| style="background-color:lightblue" | '''15'''
 +
| style="background-color:lightblue" | '''17'''
 +
| style="background-color:lightblue" | '''19'''
 +
| style="background-color:lightblue" | '''21'''
 +
| style="background-color:lightblue" | '''23'''
 +
| style="background-color:lightblue" | '''25'''
 +
| style="background-color:lightblue" | '''27'''
 +
| style="background-color:lightblue" | '''29'''
 +
| style="background-color:lightblue" | '''31'''
 +
| style="background-color:lightblue" | '''33'''
 +
| style="background-color:lightblue" | '''35'''
 +
| style="background-color:lightgreen" | '''37''': stAckwall
 +
| style="background-color:lightblue" | '''39'''
 +
| style="background-color:lightblue" | '''41'''
 +
| style="background-color:lightblue" | '''43'''
 +
| style="background-color:lightblue" | '''45'''
 +
| style="background-color:lightblue" | '''47'''
 +
|-
 +
| style="font-weight:normal;" | Port
 +
| style="background-color:lightblue" | '''2'''
 +
| style="background-color:lightblue" | '''4'''
 +
| style="background-color:lightblue" | '''6'''
 +
| style="background-color:lightblue" | '''8'''
 +
| style="background-color:lightblue" | '''10'''
 +
| style="background-color:lightblue" | '''12'''
 +
| style="background-color:lightblue" | '''14'''
 +
| style="background-color:lightblue" | '''16'''
 +
| style="background-color:lightblue" | '''18'''
 +
| style="background-color:lightblue" | '''20'''
 +
| style="background-color:lightblue" | '''22'''
 +
| style="background-color:lightblue" | '''24'''
 +
| style="background-color:lightblue" | '''26'''
 +
| style="background-color:lightblue" | '''28'''
 +
| style="background-color:lightblue" | '''30'''
 +
| style="background-color:lightblue" | '''32'''
 +
| style="background-color:lightblue" | '''34'''
 +
| style="background-color:lightblue" | '''36'''
 +
| style="background-color:lightblue" | '''38'''
 +
| style="background-color:lightblue" | '''40'''
 +
| style="background-color:lightblue" | '''42'''
 +
| style="background-color:lightblue" | '''44'''
 +
| style="background-color:lightblue" | '''46'''
 +
| style="background-color:lightgreen" | '''48''': hAckswitch
 +
|-
 +
| VLAN
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightgreen" | Trunk
 +
|}
 +
 
 +
==== router ====
 +
The Linksys router is connected to both fuse groups [[Fuse group::A]] and [[Fuse group::B]] (via two adapters and a schottky diode splitter).
 +
 
 +
It is running stock firmware to ensure basic internet connectivity in the space. Config is kept KISS for this reason.
 +
{| class="wikitable switchtable"
 +
| VLAN
 +
| style="background-color:grey" | NC
 +
|
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
|-
 +
| Port
 +
| style="background-color:grey" | '''NC'''
 +
|
 +
| style="background-color:lightblue" | '''1'''
 +
| style="background-color:lightblue" |  '''2'''
 +
| style="background-color:lightblue" |  '''3'''
 +
| style="background-color:lightblue" |  '''4'''
 +
|}
 +
 
 +
==== Spacenet AP ====
 +
Configured all ports as a switch. DHCP disabled. At this point only used for spacenet and can be used for experiments. Runs OpenWRT.
 +
{| class="wikitable switchtable"
 +
| VLAN
 +
| style="background-color:lightblue" | 200u
 +
|
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
| style="background-color:lightblue" | 200u
 +
|-
 +
| Port
 +
| style="background-color:lightblue" | '''WAN'''
 +
|
 +
| style="background-color:lightblue" | '''1'''
 +
| style="background-color:lightblue" |  '''2'''
 +
| style="background-color:lightblue" |  '''3'''
 +
| style="background-color:lightblue" |  '''4'''
 +
|}
  
== todo ==
+
==== Legend ====
* create VLANs, do some descent trunking, provide 'standardized' ports for management, non-multicast, VM, VoIP and regular use.
+
{|
 +
|- style="background-color:red;color:white;border:none"
 +
| WAN / unsecured
 +
|- style="background-color:orange;color:white"
 +
| DMZ / VPN
 +
|- style="background-color:yellow"
 +
| VoIP / telephony
 +
|- style="background-color:lightgreen"
 +
| trunk / backbone
 +
|- style="background-color:lightblue"
 +
| LAN
 +
|- style="background-color:purple;color:white"
 +
| test / special
 +
|- style="background-color:lightgray"
 +
| servers / core infra
 +
|- style="background-color:black;color:white"
 +
| wireless / guest
 +
|}
  
[[Category:Information]]
+
== notes ==
 +
* [[user:Da_Syntax|Da Syntax]] and [[User:Xopr|xopr]] redid ''all'' the cabling on February 13th 2016. All static cables are labeled on both sides, tucked away thoroughly, trimmed, and plugged in documented ports. '''Please keep the label on (and updated) at all times'''. You can find the label-tywraps in the network-connector box in the [[stACKspace]].
 +
* [[user:Adnub|Adnub]] redid the whole network topology on January 29th 2022. If you are uncertain about something, ask him first.
 +
*: Want to connect something? No problem; just pick any free (blue) port.
 +
*: Want a permanent connection? Should be no problem; make sure everyone is informed (via the {{discuss}}, for example, so we can reach consensus).
  
 
== also see ==
 
== also see ==
* [[Dell switches]]
+
* [[switches]]
 +
 
 +
[[Category:Information]][[Category:Network]]

Latest revision as of 20:10, 28 October 2024

Intermittent/offline network due to planned power outage
Due to planned power outage on November 14-16, all internal services will be shutdown and might come back partially. See Maintenance for more details.

synopsis

I've (xopr) started this network information page mainly because no-one knows the current setup by heart, and I was preparing for Congress everywhere without breaking people's precious downloads..

current setup

Address Spaces

VLAN 200 (LAN)

  • 192.168.1.1-49: static IPs
  • 192.168.1.50-199: standard DHCP scope
  • 192.168.1.200-254: DHCP reservations
Static IPs used
  • 192.168.1.1: stAckwall (PfSense firewall)
  • 192.168.1.2: Linksys router
  • 192.168.1.3: debbie-downer IPMI interface (kan je aanspreken via Linux package ipmitool)
  • 192.168.1.4: TP-link router (openWRT)
  • 192.168.1.10: Management IP hAckswitch
  • 192.168.1.11: Management IP stAckswitch
  • 192.168.1.12: Management IP slAckswitch
  • 192.168.1.13: Management IP PoEswitch
  • 192.168.1.42: VoIP/MQTT VM

Management IPs

  • stAckwall: 192.168.1.1
  • Hackspace: 192.168.1.10
  • Stackspace: 192.168.1.11
  • Slackspace: 192.168.1.12

Network Schematic

Netlayout.png

connections

slACKswitch

Probably connected to fuse group A.

VLAN 2u 2u 2u 2u 2u 2u 2u 2u
Port 1 3 5 7 9 11 13 15
Port 2 4 6 8 10 12 14 16: Trunk 3
VLAN 2u 2u 2u 2u 2u 2u 2u trunk

PoEswitch

Probably connected to fuse group A.

VLAN 200u 200u 200u 200u 200u 200u 200u 200u
Port 1: Event Accesspoint 2: VoIP 3: VoIP 4 5 6 7 8

Note that VLAN7 is used for xopr's Mesh node which should provide spacenet near bbq.

hACKswitch

Connected to fuse group A.

VLAN 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u trunk trunk
Port 1 3 5 7 9 11 13 14 17: VoIP 19: VoIP 21 23: stAkcswitch
Port 2 4 6 8 10 12 14 16 18 20 22: slAckswitch 24: WAN uplink
VLAN 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u trunk 100u

stAckswitch

VLAN 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u Trunk 200u 200u 200u 200u 200u
Port 1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31 33 35 37: stAckwall 39 41 43 45 47
Port 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 32 34 36 38 40 42 44 46 48: hAckswitch
VLAN 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u 200u Trunk

router

The Linksys router is connected to both fuse groups A and B (via two adapters and a schottky diode splitter).

It is running stock firmware to ensure basic internet connectivity in the space. Config is kept KISS for this reason.

VLAN NC 200u 200u 200u 200u
Port NC 1 2 3 4

Spacenet AP

Configured all ports as a switch. DHCP disabled. At this point only used for spacenet and can be used for experiments. Runs OpenWRT.

VLAN 200u 200u 200u 200u 200u
Port WAN 1 2 3 4

Legend

WAN / unsecured
DMZ / VPN
VoIP / telephony
trunk / backbone
LAN
test / special
servers / core infra
wireless / guest

notes

  • Da Syntax and xopr redid all the cabling on February 13th 2016. All static cables are labeled on both sides, tucked away thoroughly, trimmed, and plugged in documented ports. Please keep the label on (and updated) at all times. You can find the label-tywraps in the network-connector box in the stACKspace.
  • Adnub redid the whole network topology on January 29th 2022. If you are uncertain about something, ask him first.
    Want to connect something? No problem; just pick any free (blue) port.
    Want a permanent connection? Should be no problem; make sure everyone is informed (via the discussion page, for example, so we can reach consensus).

also see