Difference between revisions of "Projects:Network"

From 57North Hacklab

(ChaosVPN)
(Numbers)
Line 52: Line 52:
 
== Numbers ==
 
== Numbers ==
  
When considering new IP ranges, it is necessary to consider which ranges would already be in use in ChaosVPN, dn42 and Freifunk. The range 192.168.0.0/16 is available for local use and not routed outside the hackerspace.
+
When considering new IP ranges, it is necessary to consider which ranges would already be in use in ChaosVPN, dn42 and Freifunk. The range 192.168.0.0/16 is available for local use and not routed outside the hackerspace. For IPv6, the hackerspace has a global scope address block (2a01:348:2f6::/48) routed and a unique local addressing address block (fd6d:89f8:7728::/48) available and new ranges should be chosen from these.
 
 
=== IPv4 ===
 
 
 
{| class="wikitable" |
 
! VLAN
 
! Description
 
! Address Range
 
|-
 
| DMZ
 
| DMZ
 
| 89.104.228.104/29
 
|-
 
| 100
 
| Wired Network
 
| 172.31.4.0/24
 
|-
 
| 110
 
| Wireless Network
 
| 172.31.5.0/24
 
|-
 
| 120
 
| Spare Network (Reserved for future use)
 
| 172.31.6.0/24
 
|-
 
| 130
 
| Spare Network (Reserved for future use)
 
| 172.31.7.0/24
 
|-
 
| 140
 
| Door access
 
| 192.168.140.0/24
 
|}
 
 
 
=== IPv6 ===
 
  
 
{| class="wikitable" |
 
{| class="wikitable" |
Line 95: Line 61:
 
| rowspan="2" | DMZ
 
| rowspan="2" | DMZ
 
| rowspan="2" | DMZ
 
| rowspan="2" | DMZ
| 2a01:348:2f6::/64
+
| rowspan="2" | 89.104.228.104/29
 +
| 2a01:348:2f6:20::/64
 
|-
 
|-
 
| fd6d:89f8:7728::/64
 
| fd6d:89f8:7728::/64
 
|-
 
|-
 
| rowspan="2" | 100
 
| rowspan="2" | 100
| rowspan="2" | Wired Network
+
| rowspan="2" | [[Projects:Network/WiredLan|Wired LAN]]
| 2a01:348:2f6:100::/64
+
| rowspan="2" | 172.31.4.0/24
 +
| 2a01:348:2f6:4::/64
 
|-
 
|-
| fd6d:89f8:7728:100::/64
+
| fd6d:89f8:7728:4::/64
 
|-
 
|-
 
| rowspan="2" | 110
 
| rowspan="2" | 110
| rowspan="2" | Wireless Network
+
| rowspan="2" | [[Projects:Network/WirelessLan|Wireless LAN]]
| 2a01:348:2f6:110::/64
+
| rowspan="2" | 172.31.5.0/24
 +
| 2a01:348:2f6:5::/64
 
|-
 
|-
| fd6d:89f8:7728:110::/64
+
| fd6d:89f8:7728:5::/64
 
|-
 
|-
 
| rowspan="2" | 120
 
| rowspan="2" | 120
 
| rowspan="2" | Spare Network (Reserved for future use)
 
| rowspan="2" | Spare Network (Reserved for future use)
| 2a01:348:2f6:120::/64
+
| rowspan="2" | 172.31.6.0/24
 +
| 2a01:348:2f6:6::/64
 
|-
 
|-
| fd6d:89f8:7728:120::/64
+
| fd6d:89f8:7728:6::/64
 
|-
 
|-
 
| rowspan="2" | 130
 
| rowspan="2" | 130
 
| rowspan="2" | Spare Network (Reserved for future use)
 
| rowspan="2" | Spare Network (Reserved for future use)
| 2a01:348:2f6:130::/64
+
| rowspan="2" | 172.31.7.0/24
 +
| 2a01:348:2f6:7::/64
 
|-
 
|-
| fd6d:89f8:7728:130::/64
+
| fd6d:89f8:7728:7::/64
 
|-
 
|-
| rowspan="2" | 140
+
| 140
| rowspan="2" | Door access
+
| [[Projects:Doorbot|Door Access]]
| 2a01:348:2f6:140::/64
+
| 192.168.140.0/24
|-
+
| (none)
| fd6d:89f8:7728:140::/64
 
 
|}
 
|}
  
=== IPX ===
+
IPX support is planned, but will need to happen later due to time constraints. Ideas include just routing IPX over our wired/wireless VLANs but then also between hackerspaces over ChaosVPN.
 
 
This is planned, but will need to happen later due to time constraints. Ideas include just routing IPX over our wired/wireless VLANs but then also between hackerspaces over ChaosVPN.
 
  
 
== Wireless ==
 
== Wireless ==

Revision as of 00:27, 19 January 2015

Network
Description The 57North Hacklab Network
People User:Irl
Theme Infrastructure
Website
Status Idea

The 57North Hacklab Network will provide all the necessary components to connect our hackers to the public Internet using both IPv4 and IPv6 and also to the ChaosVPN, dn42 and Freifunk networks.

Component Overview

                             _ __            
                          __( =  =- _        
                         (-       -  )__- -_ 
                        (  -=  - )   -     _)
                       (_-= _(    =-    _=-  
                        -(     -    -  _)    
                          -=__(__  _-)-      
                                -=-          
                                 |           
                                 |           
                      +---------------------+
                      |  Cisco ADSL Modem   |
                      +---------------------+ 
                                 | (DMZ)
                      +---------------------+
                      |     Feed Switch     |
                      +---------------------+
                                 |           
                      +---------------------+
                      |      Cisco 3750     |
                      +---------------------+
                                 | (VLANS)
                      +---------------------+                                   
                      | Core Switch (Rack)  |                                   
                      +---------------------+                                   
                       /     |       |     \                                    
  +---------------------+    |       |    +---------------------+               
  | Network Playground  |    |       |    | Core Switch (Table) |               
  +---------------------+    |       |    +---------------------+               
                             |       |                                          
                   +-----------+  +----------+                                  
                   | Synology  |  | Doorbot  |                                  
                   |    NAS    |  |          |                                  
                   +-----------+  +----------+
                    (ChaosVPN)
                     (SixXS)

ChaosVPN

ChaosVPN is a VPN to connect hackers and hackerspaces. The wired and wireless LANs are connected to ChaosVPN and, via ChaosVPN, dn42 and Freifunk's networks.

Numbers

When considering new IP ranges, it is necessary to consider which ranges would already be in use in ChaosVPN, dn42 and Freifunk. The range 192.168.0.0/16 is available for local use and not routed outside the hackerspace. For IPv6, the hackerspace has a global scope address block (2a01:348:2f6::/48) routed and a unique local addressing address block (fd6d:89f8:7728::/48) available and new ranges should be chosen from these.

VLAN Description Address Range
DMZ DMZ 89.104.228.104/29 2a01:348:2f6:20::/64
fd6d:89f8:7728::/64
100 Wired LAN 172.31.4.0/24 2a01:348:2f6:4::/64
fd6d:89f8:7728:4::/64
110 Wireless LAN 172.31.5.0/24 2a01:348:2f6:5::/64
fd6d:89f8:7728:5::/64
120 Spare Network (Reserved for future use) 172.31.6.0/24 2a01:348:2f6:6::/64
fd6d:89f8:7728:6::/64
130 Spare Network (Reserved for future use) 172.31.7.0/24 2a01:348:2f6:7::/64
fd6d:89f8:7728:7::/64
140 Door Access 192.168.140.0/24 (none)

IPX support is planned, but will need to happen later due to time constraints. Ideas include just routing IPX over our wired/wireless VLANs but then also between hackerspaces over ChaosVPN.

Wireless