Table of Contents

VHS Network

NOTE: Currently under revision

Summary description of the area and perhaps some misc notes about its purpose!

Status Operational as of Nov 20, 2013
Training Recommended
Usage Restrictions Members Only
Creation Date VHS Epoch
Location Space is wired, main system is on top of server rack
Champion See Compendium of Champions

Current Network

Layer 1 (Physical)

See Talk thread about ethernet wiring of the space here: Project: Network Wiring the Space!

VLANs

ID Name Type In-Use
1 Default Default Yes
1 Auto VoIP Auto VoIP No
3 Auto Video Auto Video No
99 Management Configured Yes
100 Servers Static Yes
101 Access Static Yes
102 HVAC Static Yes
103 IoT Static Yes
104 IoT-Isolated Static Yes
201 VoIP Static No

Switch Configuration

Port Description Role
g1 vhs-pfsense2-lan0 Infrastructure (Trunks)
g2 vhs-ubnt1 Infrastructure (Trunks)
g3 vhs-ubnt2 Infrastructure (Trunks)
g4 vhs-vmware1 Infrastructure (Trunks)
g5 vhs-pfsense2-lan1 Infrastructure (Trunks)
g6 Infrastructure (Trunks)
g7 vhs-toughswitch1-mgmt Infrastructure (Trunks)
g8 vhs-toughswitch1-trunk Infrastructure (Trunks)
g9 Access
g10 Access
g11 Access
g12 Access
g13 Access
g14 Access
g15 Access
g16 Access
g17 vhs-voip1 Access
g18 Access
g19 SpaceTime Access
g20 Access
g21 switch-laser-cutter Access
g22 Access
g23 switch-3d-printers Access
g24 Access
g25 Access
g26 Access
g27 Access
g28 Access
g29 Access
g30 Access
g31 Access
g32 Access
g33 Access
g34 Access
g35 Access
g36 Access
g37 Access
g38 Access
g39 Access
g40 Access
g41 Management
g42 Management
g43 Management
g44 Management
g45 Management
g46 Management
g47 vhs-vmware1-mgmt Management
g48 vhs-pfsense2-mgmt Management
g49
g50

Trunks

Interface Default VLAN Tagged VLAN(s)
g1 1 101,103
g2 99 99,101-104
g3 99 99,101-104
g4 1 99-102
g5 1 1,100,102
g6 99 99,101-104
g7 99 99
g8 99 99,101-104

Wireless

SSID VLAN
Vancouver Hack SpaceAccess
VanHack.caAccess
VHS-HVACHVAC
VHS-IoTingsIoT

Layer 3

Internet

Provider Shaw
Netblock 184.71.172.140/30
Provider IP 184.71.172.141
Firewall IP 184.71.172.142

Networks

IP Role
10.99.0.0/16 Management
10.100.0.0/16 Servers
172.16.0.0/12 Access
10.102.0.0/16 HVAC
10.103.0.0/16 IoT

Firewall

Alias Interface VLAN IP Role
WAN0 em0 No 184.71.172.142/30 Public
LAN0ACCESS em1 101 172.16.0.1/12 Access
LAN0IoT em1 103 10.103.0.1/16 IoT
LAN1SERVERS em2 100 10.100.0.1/16 Servers
LAN1HVAC em2 102 10.102.0.1/16 HVAC
MGMT em3 Default 10.99.0.1/16 Management

Maintenance Log

Any maintenance, repairs, relocations, changes, etc to the area should be logged below with a note, date and who!

Note Date Who
Wiki entry created Nov 20, 2013 Thomas L.
Added current setup, current gear, future setup Early March Rob M
We are running out of dhcp leases Mar 14, 2016 Thomas H.

Legacy Information

Future Setup

Assuming we get a pfsense box, that can do router-on-a-stick kinda setup (or if one of our switches does routing, great)

ISP VDSL modem → pfsense→ vlans → core switch → [details below]

vlan 1
# General vlan for member devices
# General wireless
# Any untagged traffic

vlan 2
# Space infrastructure
# file servers
# phones
# printers
# isvhsopen box

vlan 3
# Other servers

vlan 101
# Playground. A network with a server (that can run VMware), a (managed) switch, and a wifi access point.

vlan 102
#iot network (possibly on it's own wireless device as well, right now served as a second ssid from cisco wap)

vlan 99
# management interface for network devices

Current Setup

ISP VDSL modem → ddwrt based router → dumb acting switch → 2 Wireless Access points / all the VHS computers

We have the ISP VDSL modem:

IP: 69.31.160.146
Mask: 255.255.255.252
Gateway: 69.31.160.145
ISP DNS: 69.31.170.249

Inside the NAT:

Router IP: 172.16.0.1
Netmask: 255.255.0.0
WAP1 (2.4 GHz) : 172.16.0.2 (cisco:cisco)
WAP2 (5 GHz) : 172.16.0.3 (cisco:cisco)
Dlink switch : 172.16.0.4 (admin:blank)
DHCP Range: 172.16.0.70 - 172.16.0.250

Available Gear

Dell PowerConnect 2716 - 16 Port gigabit managed switch. 802.1Q, 802.3ad

HP Procurve modular switch 5308xl (PDF link) - 48 100mbit ports, 32 1000mbit ports, 802.1Q, 802.3ad

Lanner mr-730 network device???

2x Cisco Catalyst 2950 Switch - 24 port 100mbit + 2 port 1000mbit, managed, 802.1Q, 802.3ad

Dlink DES-3828P - POE Layer 3 switch - Managed 24-Port 10/100 Stackable L3 PoE Switch, 4 Gigabit Copper Ports + 2 Combo SFP

Bin of dumb switches

3x Cisco firewall thingies - Likely useless

2x Cisco 2621-DC Multiservice Platform - one with 2 serial interfaces & 2 fxs modules (each fxs module has 2 ports) - one with 2 serial interfaces & 1 fxs module

2x Cisco 2600 Series Modular Access Router - one has one 100mbit ethernet module (2620 XM) - one has two 100mbit ethernet module and one T1 (2621)

Cisco 2509-RJ

Cisco 1760 -T1 and ISDN interface, 2 fxs, 100mbit ethernet port

2x WRT54G

5 Port 10Base T Hub