Differences

This shows you the differences between two versions of the page.

--- infrastructure:network [2019/04/06 22:44] – tyisi
+++ infrastructure:network [2020/12/11 07:35] (current) – tyisi
@@ Line 5: / Line 5: @@
 {{::vhs-network.jpg?200 |}}
-Summary description of the area and perhaps some misc notes about it's purpose!
+Summary description of the area and perhaps some misc notes about its purpose!
 ^ Status             | Operational as of Nov 20, 2013                               |
@@ Line 14: / Line 14: @@
 ^ Champion           | See [[tool:compendium_of_champions|Compendium of Champions]]|
+===== Current Network =====
-===== Current Setup ====
+==== Layer 1 (Physical) ====
+See Talk thread about ethernet wiring of the space here: [[https://talk.vanhack.ca/t/project-network-wiring-the-space/10544|Project: Network Wiring the Space!]]
+==== Layer 2 (Data Link) ====
+=== VLANs ===
+^ ID ^ Name ^ Type ^ In-Use ^
+| 1 | Default | Default | Yes |
+| 1 | Auto VoIP | Auto VoIP | No |
+| 3 | Auto Video | Auto Video | No |
+| 99 | Management | Configured | Yes |
+| 100 | Servers | Static | Yes |
+| 101 | Access | Static | Yes |
+| 102 | HVAC | Static | Yes |
+| 103 | IoT | Static | Yes |
+| 104 | IoT-Isolated | Static | Yes |
+| 201 | VoIP | Static | No |
+=== Switch Configuration ===
+^ Port ^ Description ^ Role ^
+| g1 | vhs-pfsense2-lan0 | Infrastructure (Trunks) |
+| g2 | vhs-ubnt1 | Infrastructure (Trunks) |
+| g3 | vhs-ubnt2 | Infrastructure (Trunks) |
+| g4 | vhs-vmware1 | Infrastructure (Trunks) |
+| g5 | vhs-pfsense2-lan1 | Infrastructure (Trunks) |
+| g6 | | Infrastructure (Trunks) |
+| g7 | vhs-toughswitch1-mgmt | Infrastructure (Trunks) |
+| g8 | vhs-toughswitch1-trunk | Infrastructure (Trunks) |
+| g9 | | Access |
+| g10 | | Access |
+| g11 | | Access |
+| g12 | | Access |
+| g13 | | Access |
+| g14 | | Access |
+| g15 | | Access |
+| g16 | | Access |
+| g17 | vhs-voip1| Access |
+| g18 | | Access |
+| g19 | SpaceTime| Access |
+| g20 | | Access |
+| g21  |switch-laser-cutter| Access |
+| g22 | | Access |
+| g23 | switch-3d-printers| Access |
+| g24 | | Access |
+| g25 | | Access |
+| g26 | | Access |
+| g27 | | Access |
+| g28 | | Access |
+| g29 | | Access |
+| g30 | | Access |
+| g31 | | Access |
+| g32 | | Access |
+| g33 | | Access |
+| g34 | | Access |
+| g35 | | Access |
+| g36 | | Access |
+| g37 | | Access |
+| g38 | | Access |
+| g39 | | Access |
+| g40 | | Access |
+| g41 | | Management |
+| g42 | | Management |
+| g43 | | Management |
+| g44 | | Management |
+| g45 | | Management |
+| g46 | | Management |
+| g47 | vhs-vmware1-mgmt | Management |
+| g48 | vhs-pfsense2-mgmt | Management |
+| g49 | | |
+| g50 | | |
+=== Trunks ===
+^ Interface ^ Default VLAN ^ Tagged VLAN(s) ^
+| g1 | 1 | 101,103 |
+| g2 | 99 | 99,101-104 |
+| g3 | 99 | 99,101-104 |
+| g4 | 1 | 99-102 |
+| g5 | 1 | 1,100,102 |
+| g6 | 99 | 99,101-104 |
+| g7 | 99 | 99 |
+| g8 | 99 | 99,101-104 |
+=== Wireless ===
+^ SSID ^ VLAN ^
+|Vancouver Hack Space|Access|
+|VanHack.ca|Access|
+|VHS-HVAC|HVAC|
+|VHS-IoTings|IoT|
+==== Layer 3 ====
+=== Internet ===
+^ Provider | Shaw |
+^ Netblock | 184.71.172.140/30 |
+^ Provider IP | 184.71.172.141 |
+^ Firewall IP | 184.71.172.142 |
+=== Networks ===
+^ IP ^ Role  ^
+| 10.99.0.0/16 | Management |
+| 10.100.0.0/16 | Servers |
+| 172.16.0.0/12 | Access |
+| 10.102.0.0/16 | HVAC |
+| 10.103.0.0/16 | IoT |
+=== Firewall ===
+^ Alias ^ Interface ^ VLAN ^ IP ^ Role  ^
+| WAN0 | em0 | No | 184.71.172.142/30 | Public |
+| LAN0ACCESS | em1 | 101 | 172.16.0.1/12 | Access |
+| LAN0IoT | em1 | 103 | 10.103.0.1/16 | IoT |
+| LAN1SERVERS | em2 | 100 | 10.100.0.1/16 | Servers |
+| LAN1HVAC | em2 | 102 | 10.102.0.1/16 | HVAC |
+| MGMT | em3 | Default | 10.99.0.1/16 | Management |
+===== Links =====
+^ Link               ^
+| https://vanhack.ca/doku.php?id=servers |
+| https://vanhack.ca/doku.php?id=tutorials:vhs_s_openvpn |
+| https://vanhack.ca/doku.php?id=tutorials:silc_server |
+| https://vanhack.ca/doku.php?id=tutorials:vhs_solidworks |
+| https://vanhack.ca/doku.php?id=servers |
+| https://vanhack.ca/doku.php?id=tool:server_rack |
+===== Maintenance Log ====
+Any maintenance, repairs, relocations, changes, etc to the area should be logged below with a note, date and who!
+^ Note               ^ Date         ^ Who       ^
+| Wiki entry created | Nov 20, 2013 | Thomas L. |
+| Added current setup, current gear, future setup | Early March | Rob M|
+| We are running out of dhcp leases | Mar 14, 2016 | Thomas H. |
+===== Legacy Information =====
+==== Future Setup ====
+Assuming we get a pfsense box, that can do router-on-a-stick kinda setup (or if one of our switches does routing, great)
+ISP VDSL modem -> pfsense-> vlans -> core switch -> [details below]
+<code>
+vlan 1
+# General vlan for member devices
+# General wireless
+# Any untagged traffic
+vlan 2
+# Space infrastructure
+# file servers
+# phones
+# printers
+# isvhsopen box
+vlan 3
+# Other servers
+vlan 101
+# Playground. A network with a server (that can run VMware), a (managed) switch, and a wifi access point.
+vlan 102
+#iot network (possibly on it's own wireless device as well, right now served as a second ssid from cisco wap)
+vlan 99
+# management interface for network devices
+</code>
+==== Current Setup ====
 ISP VDSL modem  -> ddwrt based router -> dumb acting switch -> 2 Wireless Access points / all the VHS computers
@@ Line 75: / Line 250: @@
 Port 10Base T Hub
-===== Future Setup =====
-Assuming we get a pfsense box, that can do router-on-a-stick kinda setup (or if one of our switches does routing, great)
-ISP VDSL modem -> pfsense-> vlans -> core switch -> [details below]
-<code>
-vlan 1
-# General vlan for member devices
-# General wireless
-# Any untagged traffic
-vlan 2
-# Space infrastructure
-# file servers
-# phones
-# printers
-# isvhsopen box
-vlan 3
-# Other servers
-vlan 101
-# Playground. A network with a server (that can run VMware), a (managed) switch, and a wifi access point.
-vlan 102
-#iot network (possibly on it's own wireless device as well, right now served as a second ssid from cisco wap)
-vlan 99
-# management interface for network devices
-</code>
-**SSIDs:**
-<code>
-Vancouver Hack Space
-VHS IOT Test
-VHS Protected
-</code>
-===== Links =====
-^ Link               ^
-| https://vanhack.ca/doku.php?id=servers |
-| https://vanhack.ca/doku.php?id=tutorials:vhs_s_openvpn |
-| https://vanhack.ca/doku.php?id=tutorials:silc_server |
-| https://vanhack.ca/doku.php?id=tutorials:vhs_solidworks |
-| https://vanhack.ca/doku.php?id=servers |
-| https://vanhack.ca/doku.php?id=tool:server_rack |
-===== Maintenance Log ====
-Any maintenance, repairs, relocations, changes, etc to the area should be logged below with a note, date and who!
-^ Note               ^ Date         ^ Who       ^
-| Wiki entry created | Nov 20, 2013 | Thomas L. |
-| Added current setup, current gear, future setup | Early March | Rob M|
-| We are running out of dhcp leases | Mar 14, 2016 | Thomas H. |