projects:network
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
projects:network [2020/04/18 18:45] – hibby | projects:network [2022/09/07 13:29] – hibby | ||
---|---|---|---|
Line 3: | Line 3: | ||
The 57North Hacklab Network will provide all the necessary components to connect our hackers to the public Internet using both IPv4 and IPv6 and also to the ChaosVPN, dn42 and Freifunk networks. | The 57North Hacklab Network will provide all the necessary components to connect our hackers to the public Internet using both IPv4 and IPv6 and also to the ChaosVPN, dn42 and Freifunk networks. | ||
- | ===== Component Overview | + | ===== Network Components |
+ | |||
+ | ==== Router ==== | ||
bennachie.57n.dn42 is an apu3c4 board running OpenBSD. It terminates the PPPoE tunnel from Converged and has a 2G LACP trunk into the core switch in the same rack. This trunk uses 802.1Q encapsulation to carry multiple VLANs as detailed below. | bennachie.57n.dn42 is an apu3c4 board running OpenBSD. It terminates the PPPoE tunnel from Converged and has a 2G LACP trunk into the core switch in the same rack. This trunk uses 802.1Q encapsulation to carry multiple VLANs as detailed below. | ||
+ | |||
+ | === Recovery / Reinstatement === | ||
In the event of a failure, the configuration for this box is backed up to an SD card. This card appears as `/dev/sd1i` and is mounted normally at `/sdcard`. This is FAT formatted, not FFS, so it is possible to just plug this into whatever to read the contents. On this SD card you'll find a readme and a tar file containing the contents of /etc. | In the event of a failure, the configuration for this box is backed up to an SD card. This card appears as `/dev/sd1i` and is mounted normally at `/sdcard`. This is FAT formatted, not FFS, so it is possible to just plug this into whatever to read the contents. On this SD card you'll find a readme and a tar file containing the contents of /etc. | ||
+ | < | ||
+ | Step 1: Network interfaces | ||
+ | -------------------------- | ||
+ | |||
+ | em0- Links to the VDSL modem | ||
+ | |||
+ | em1\ | ||
+ | > LACP trunk with vlans to the switch | ||
+ | em2/ | ||
+ | |||
+ | There are then a bunch of VLANs and tunnels. The descriptions | ||
+ | for these in the hostname.if(5) files will tell you what they | ||
+ | are, those files are the source of truth. | ||
+ | |||
+ | Step 2: Services | ||
+ | ---------------- | ||
+ | |||
+ | Look in / | ||
+ | services that are/were enabled. You'll find their config files and | ||
+ | do the right thing with them. | ||
+ | |||
+ | Step 3: Packages | ||
+ | ---------------- | ||
+ | |||
+ | Other than the base system, some packages are configured: | ||
+ | |||
+ | * MRTG | ||
+ | |||
+ | Packages are not critical to the operation of the router. As far | ||
+ | as possible we should use only the base system to make it easier | ||
+ | to keep track of things. Similarly, files in /var are considered | ||
+ | temporary. The only state really is in /etc. This means we don't | ||
+ | backup DHCP leases but we do backup the static assignments, | ||
+ | example. | ||
+ | </ | ||
+ | |||
+ | ==== Network Architecture ==== | ||
+ | |||
+ | |||
+ | < | ||
+ | _ __ | ||
+ | __( = =- _ | ||
+ | | ||
+ | / (_-= _( =- _=- | ||
+ | / | ||
+ | | | ||
+ | | | ||
+ | | /`(HE Tunnel Endpoint) | ||
+ | | | ||
+ | | | bennachie.57n.dn42 |----(Various dn42 peerings) | ||
+ | | ||
+ | | HG612 | ||
+ | | ||
+ | +--------|xx|--|xx|---+ | ||
+ | | Core Switch | ||
+ | | ||
+ | | OpenWRT | ||
+ | | ||
+ | </ | ||
+ | |||
===== Networks ===== | ===== Networks ===== | ||
Line 79: | Line 144: | ||
[[http:// | [[http:// | ||
- | {{tag>project | + | {{tag>active |
projects/network.txt · Last modified: 2023/04/14 11:13 by Q Misell