Difference between revisions of "SubGroups/Network"

From Technologia Incognita
Jump to: navigation, search
(Physical Infra Network Team)
Line 101: Line 101:
 
|| Wireless Amsterdam || 192.168.94.1/24  || 172.17.92.0/24 || Spacenet VLAN, bridged to TechInc || 1500
 
|| Wireless Amsterdam || 192.168.94.1/24  || 172.17.92.0/24 || Spacenet VLAN, bridged to TechInc || 1500
  
 +
|}
 +
 +
== Public IP Addresses ==
 +
Currently we have 3 IPv4 addresses. The IPv6 comes through a tunnel via Hurricane Electric.
 +
 +
{|class="wikitable"
 +
! Address || Reverse DNS name || Purpose
 +
|-
 +
|| 195.169.146.32 || acta.techinc.nl || main public facing IP, currently not in use since migration from Nyancat to Mikrotik routerboard
 +
|-
 +
|| 195.169.146.33 || ur33.waag.org || Connected to Wireless Amsterdam
 +
|-
 +
|| 195.169.146.34 || ur34.waag.org || Currently our public facing ip, will be used for services
 +
|-
 +
|| 2001:470:1b15:162::/64 || N/A || Routed /64 subnet which comes with our tunnel
 +
|-
 +
|| 2001:470:7894::/48 || N/A || Routed /48 subnet assigned to us
 
|}
 
|}
  

Revision as of 12:37, 18 November 2014

This page is for the network and server infrastructure for the space.

Members

Features

  • Wireless Leiden
  • Virtual machines for members
  • Spacenet
  • Wifi (SSIDs: TechInc, Spacenet) on 2.4 Ghz ; Techinc-5Ghz for 5Ghz
  • spacenet using RADIUS, LDAP for members when authenticating at remote spacenet places.

Plans

Current items / TODO:

  • Get rid of redudant (and especially: noisy, power hungry) devices.
  • Re-enable public ipv6 for all devices.
  • Rebuild the virtual machine server as it is very unstable. > Neuromancer 2.0 > Mattronix/AndreasR
  • TODO: move uplink to cleanroom-port which will free up 'uplink1' cable (see below)


Network Cleanup

  • Label Cables
  • Replace old 10/100 access switches
  • Fix or replace wireless infra (random Drops, cannot promise stability)
  • Check Switch config and name all interfaces and vlans
  • Fix management IP of the switch in the urban resort rack.
  • confirm and fix documentation

Server Infra

  • Designate a location for the infra
  • Decide and discuss an OS for server operation


applications

decide on a possible Shell server
Space hosted services (Web? Mail? VMS?) Ticket System? or mailing list?

Support Roles

Who is maintaining what?

Responsibility

  • Oversee network infrastructure

Network Structure

Diagrams

New Infra Design effective as of 27-06-2014 Mattronix


NETWORK-map-full.svg

== VLANS == (Updated 27-06-2014 Mattronix)

VLAN ID VLAN Name Subnet Gateway Description MTU
1 TechInc 10.0.20.0/22 10.0.21.254 TechInc Public net 1500
2 Spacenet 10.0.20.0/24 10.0.21.254 Spacenet VLAN, bridged to TechInc 1500
4 Zandbak 10.0.4.0/24 10.0.4.1 TechInc Zandbak
5 UrbanStatic1  ?? Urban resort static subnet
6 UrbanStatic2  ?? Urban resort static subnet
7 UrbanStatic3  ?? Urban resort static subnet
8 WLeiden 172.17.92.0/24 172.17.92.1 Wireless Leiden network (gateway: 172.17.92.1) 1200
9 ChaosVPN 172.31.186.0/24 172.31.186.1 ChaosVPN subnet 1200
10 TI-PEERING 192.168.94.0/24 N/A Techinc Peering VLAN for EDGE switch TI-Urbanresort-sw001 1500
11 Storage 10.0.19.0/24 N/A Storage network for NFS shares between Netapp & Hypervisors 9000

PEERS

VLAN 10 Peers List (updated 27-06-2014 Mattronix)

Peer Name Peer IP Routes Behind Peer Description MTU
TechInc 192.168.94.1/24 10.0.20.1/22 TechInc Public net 1500
Wireless Amsterdam 192.168.94.1/24 172.17.92.0/24 Spacenet VLAN, bridged to TechInc 1500

Public IP Addresses

Currently we have 3 IPv4 addresses. The IPv6 comes through a tunnel via Hurricane Electric.

Address Reverse DNS name Purpose
195.169.146.32 acta.techinc.nl main public facing IP, currently not in use since migration from Nyancat to Mikrotik routerboard
195.169.146.33 ur33.waag.org Connected to Wireless Amsterdam
195.169.146.34 ur34.waag.org Currently our public facing ip, will be used for services
2001:470:1b15:162::/64 N/A Routed /64 subnet which comes with our tunnel
2001:470:7894::/48 N/A Routed /48 subnet assigned to us

Reserved IP Ranges

Ranges reserved for Techinc Services and may not be used without consent from the contact Person.

Range Start - Range End Range Name Range Description Contact Person
10.0.20.1 - 10.0.20.254 USERS Reserved for non infra clients N/A
10.0.20.50 - 10.0.20.250 DHCP Range for DHCP assignment N/A
10.0.21.1 - 10.0.21.254 PHYS-INFRA Reserved for physical infra machines N/A
10.0.21.16 - 10.0.21.49 RANGE-15 Reserved for new server deployment from FIFO Mattronix
10.0.22.1 - 10.0.22.254 VMS Reserved for VM's N/A
10.0.22.1 - 10.0.22.99  ?? Reserved for space infra VM's Mattronix
10.0.22.100 - 10.0.22.254  ?? Reserved for member VM's Mattronix

Switch ports

Updated and is now correct.

TI-Glassroom-sw001 [top] (Updated 12-11-2014 Piele)

Port Connected to Untagged VLAN Tagged VLANS Cable
1 Serial Server TechInc (1) N/A BLUE
2 HV1 Interface 1 TechInc (1) N/A B12 (Yellow)
3 RED Port 2 TechInc (1) N/A A12 (Yellow)
4 RED Port 3 TechInc (1) N/A A7 (Yellow)
5 RED Port 4 TechInc (1) N/A UNI-3 (Yellow)
6 RED Port 1 TechInc (1) N/A A9 (Yellow)
7 DEAD?? TechInc (1) N/A N/A
8 HV2 Interface 1 TechInc (1) N/A B9 (Yellow)
9 TI Filer2 E0 A TechInc (1) N/A A8 (Yellow)
10 TI Filer1 E0 A TechInc (1) N/A A6 (Yellow)
11 TI Filer2 E0 B Storage (11) N/A B4 (Yellow)
12 TI Filer1 E0 B Storage (11) N/A B7 (Yellow)
13 Core-Router WAN Urban-Static1 (5) 1 WHITE MIKROTIK ETH1
14 Core-Router LAN TechInc (1) 4 WHITE MIKROTIK ETH2
15 Patchpanel port 4 "uplink 1" TechInc (1) N/A 24 (Green)
16 HV1 Interface 2 Storage (11) N/A 20 (Green)
17 HV2 Interface 2 Storage (11) N/A B3 (Yellow)
18 LAN Nyancat ETH1 Urban-Static1 (5) N/A B1 (Yellow)
19 ADM Uplink via mikrotik Urban-Static1 (5) N/A A14 (Yellow)
20 UPLINK Urban Resort TechInc (1) N/A B15 (Yellow)
21 TP-Link AP via Patchpanel port 2 TechInc (1) 4 A5 (Yellow)
22 Glassroom switch 2 TechInc (1) N/A B11 (Yellow)
23 TI-Cleanroom-sw001-UPLINK A TechInc (1) N/A N/A
24 TI-Cleanroom-sw001-UPLINK B TechInc (1) N/A N/A

TI-Glassroom-sw002 [bottom] (former: TI-Cleanroom Switch): (Updated 12-11-2014 Piele) in the middle of updating

Port Connected to Untagged VLAN Tagged VLANS Cable
1 Glassroom switch 1 TechInc (1) N/A B11 (Yellow)
2 DOWN B10 (Yellow)
3 DOWN A13 (Yellow)
4 DOWN
5 HV2 iLO TechInc (1) N/A A1 (Yellow)
6 HV1 iLO TechInc (1) N/A A3 (Yellow)
7 DOWN
8 DOWN
9 DOWN
10 DOWN
11 DOWN
12 Doorbot TechInc (1) N/A B6 (Yellow)
13 Eastside Window TechInc (1)  ?? "Eastside-Window" (Grey)
14 Ripe Atlas TechInc (1)  ?? UNI-2 (Yellow)
15 Sheeva Plug TechInc (1)  ?? B13 (Yellow)
16 DOWN
17 DOWN
18 DOWN
19 Wireless Amsterdam?? TechInc (1)  ?? RED
20 Switch WestSide TechInc (1)  ?? "West-Space" (Grey)
21 DOWN
22 DOWN
23 DOWN
24 DOWN

UrbanResort-Switch-001:

Port Connected to Untagged VLAN Tagged VLANS Where does it go?
1 DOWN
2 DOWN
3 DOWN
4 DOWN
5 DOWN
6 DOWN
7 DOWN
8 DOWN
9 DOWN
10 DOWN
11 DOWN
12 DOWN
13 132.16 TechInc (1) N/A Next to entrance door Aux room
14 DOWN
15 DOWN
16 132.C2 TechInc (1) N/A Where is this one?
17 DOWN
18 DOWN
19 132.24 TechInc (1) N/A Makerlane
20 132.5 TechInc (1) N/A Where is this one?
21 132.22 TechInc (1) Makerlane
22 132.21 TechInc (1) Makerlane
23 132.20 TechInc (1) Makerlane (connected to lasercutter)
24 132.19 TechInc (1) Makerlane
25 132.3 Urban-Static1 (5) 1 Next to entrance door Aux room (connected to Patchpanel, port 1 [uplink])
26 L1-05 / L1-06  ??  ?? Fiber input from Urban Resort

Cables & Sockets

There are three kinds of ethernet-cabling currently in the space.

The first kind are the ethernet data-bars provided by Urban Resort to facilitate providing each space in the building with an uplink for internet of some sort. In our space these can be found in the solder-area (below the window there), as well as one set of two ports in the 'dirty room' and a similar set in the 'dirty room'. Currently our uplink to UR-infra comes from a port in the cleanroom. The ports in the soldering area are patched into our switch at Urban Resort.

The second kind of cabling is the 'permanent' cabling as provided by ourselves that run from/to the clean-room and provide ethernet connectivity to different ports/devices in the space. The short-term goal is to have these cables all terminate on a patch-bay in the clean-room and dual-RJ45 ports on the walls or other places. All cables are to have the same label on both ends of the cable.

An inventory of currently provided ports is below:

port description
port 1 First port of two in the wall behind the presentation desk
port 2 Second port of two in the wall behind the presentation desk
door1 First of two cables that run to the corner of the ceiling at the door
door2 second of two cables that run to the corner of the ceiling at the door
middle1 First of two cables that run to the center of the space; above the ceiling just behind the beamer; runs to solder-space switch for now; planned for power-bar infra later
middle2 second of two cables that run to the center of the space; above the ceiling just behind the beamer; has AP connected
table runs to wall next to the arcade; reserved for connecting the table with ethernet
arcade runs to the wall next to the arcade; reserved for connecting the arcade machine with ethernet
uplink1 Cable running from soldering area to cleanroom, please use with care to prevent broadcast-storms.

The third kind of ethernet-cabling is the cabling found in the space, drawn from local switches on tables or walls to devices found in the space. Currently there is no overview of these devices or the amount of switches/there. It might be good to make a distinction between 'permanent infra' switches and 'user-purpose' switches later.

layer 2/3

  • Nyancat is the main router.
  • There is now a TP-Link WDR4300 connected directly to the switch, with three SSIDs:
 * TechInc and Spacenet. [Legacy and public, unfiltered IPv6]
 * TechInc-zandbak Legacy (and soon: firewalled IPv6)

Machines

HostnameIPv4IPv6FunctionLocationContact
TI-HP-UrbanResort10.0.20.2SwitchUrban Resort Patchroom
Indicio10.0.20.3MPD ServerBelow the mixer
TI-HP-CleanRoom10.0.20.4SwitchCleanRoom
Case10.0.20.62001:470:7894::6PlaygroundNeuromancerWebmind
Peter Riviera10.0.20.102001:470:7894::10ShardikNeuromancerDreamer
Hideo10.0.20.112001:470:7894::11NeuromancerUltratux
Wintermute10.0.20.122001:470:7894::12Lorea testingNeuromancerWebmind
Dixie Flatline10.0.20.132001:470:7894::13asteriskNeuromancerRealitygaps
Replicator10.0.20.173D printer, powerbar-serverNext to 3D printerNathan7
Arda Xi
Lady 3Jane Marie-France Tessier-Ashpool10.0.20.182001:470:7894::18playgroundNeuromancerAmx109
MikroTik10.0.20.22routingRoof
Finn10.0.20.232001:470:7894::23monitoring/alertingNeuromancer
RIPE324810.0.20.24BackdoorNSAWebmind
Maelcum10.0.20.25testingneuromancer
C6410.0.20.26A/VBelow the A/V desk
SIPphone10.0.20.27It's a phoneUnder mixerArda Xi
Deane10.0.20.282001:470:7894::28diasporaNeuromancer?
Cerberupsvoertuig10.0.20.303D printingmakerlaneUltratux
Control-k
Wizzup
TP-Link10.0.20.312001:470:7894::31WAPIn spaceWizzup
Huelights10.0.20.32control lights on the tabletableThe JinX
Four10.0.20.34WorkstationNext to the ArcadeArda Xi
Neuromancer v310.0.20.35HypervisorTBAArda Xi
HP Laserjet 4050TN10.0.20.36PrintingAux roomJusta
Ltsp-laptop010.0.20.37Fat-client laptopMuse
Ltsp-laptop110.0.20.38Fat-client laptopMuse
Ltsp-laptop210.0.20.39Fat-client laptopMuse
Ltsp-laptop310.0.20.40Fat-client laptopMuse
Powerbar210.0.20.412001:470:7894::41PowerbarsAuxWizzup
Gencore10.0.20.422001:470:7894::42LDAP/RADIUSWizzup
LaosLaser10.0.20.43laser cuttertechincDaan
Voodoo110.0.20.442001:470:7894::44Dual SLI workstationDual screen desktop under the logo wheelElves

refresh

Add

Physical Infra Network Team

This is an initial setup, by Mattronix on 15-11-2014 This is a table of physical devices that maintain the spaces core services. TODO: change all physical infra to the 10.0.21.0 range, see reserved ip ranges above

Hostname IPv4 IPv6 Function Contact
hv1.ti 10.0.21.72/10.0.21.3 N/A KVM Hypervisor 1 + LXC Piele
hv2.ti 10.0.21.73/10.0.19.4 N/A KVM Hypervisor 2 + LXC Piele
TI-Filer1 10.0.21.68/10.0.19.1 N/A Storage SAN/NAS Controller 1 Mattronix
TI-Filer2 10.0.21.69/10.0.19.2 N/A Storage SAN/NAS Controller 2 Mattronix
RED 10.0.21.11 N/A SmartOS Hypervisor Mattronix
Glassroom-Switch-001 10.0.21.9 N/A Glassroom Top Switch in rack used for Servers, Uplink to Urban Resort Switch and Downlink to the Glassroom Switch 2 Mattronix
Glassroom-Switch-002 10.0.21.76 N/A Glassroom Bottem Switch in the rack used for client access and as an uplink for all the user switches in the space Mattronix
UrbanResort-Switch-001 10.0.21.57 N/A Used to connect to the Fiber Uplink from our ISP and for multiple patches across the space Mattronix
router.ti 10.0.21.254 2001:470:7894::1 Core Router for the space, all internet traffic goes though this device. Mattronix

Virtual Machines

This is an initial setup, by Piele on 12-11-2014

Hostname IPv4 IPv6 Function Contact
techinc-srv1.ti 10.0.22.1 N/A ISPConfig Mattronix
monitoring.ti 10.0.22.2 N/A Monitoring server Andreasr
techinc-backup.ti 10.0.22.3 N/A Backup Server Mattronix
techinc-quessel.ti 10.0.22.4 N/A Quessel Server Mattronix
techinc-vpn.ti 10.0.22.5 N/A Openvpn Server Piele
techinc-cloud.ti 10.0.22.7 N/A Owncloud Mattronix
techinc-ldap.ti 10.0.22.8 N/A LDAP server Mattronix
techinc-radius.ti 10.0.22.9 N/A Radius server Mattronix
techinc-ampache.ti 10.0.22.10 N/A Ampache server Mattronix
codeasm-minecraft 10.0.22.11 N/A codeasm-minecraft-server CodeAsm

Services

List of services, each with a small guide/article on how to use / tweak it said service:

  • Neuromancer, VPS host and IPv6 router, managed by Webmind and Wizzup Does not excist anymore, 13-11-2014
  • Molly, VPS guest, runs Hypatia, managed by Webmind
  • (Armitage, VPS guest on neuromancer, spacenet, run by DrWax) (Spacenet runs on gencore, and is managed by Wizzup)
  • physical infra (cables/ports/etc) can be inquired about Justa
  • Remove pulseaudio sink on indicio. PULSE_SERVER=indicio.ti mplayer <foo> (Questions ask Wizzup)
  • Indicio, MPD Server, managed by Wizzup & others