Projects:Network

From 57North Hacklab

Revision as of 19:04, 14 April 2019 by Irl (talk | contribs)

Network
Description The 57North Hacklab Network
People User:User:Irl
Theme Infrastructure
Website
Status Active

The 57North Hacklab Network will provide all the necessary components to connect our hackers to the public Internet using both IPv4 and IPv6 and also to the ChaosVPN, dn42 and Freifunk networks.

Component Overview

                             _ __            
                          __( =  =- _        
             ----------  (-       -  )__- -_ 
            /          (_-= _(    =-    _=-  
           /              -=__(__  _-)-      
          |                     -=-          
          |                                  
          |                                  /`(HE Tunnel Endpoint)
          |           +--------------------+
          |           | bennachie.57n.dn42 |----(Various dn42 peerings)
     +-----------+    +---|0|--|1|---|2|---+
     | HG612     |________/     |          
     +-----------+              |            
                      +--------|xx|--|xx|---+
                      |  Core Switch        |
     +-----------+    +-|xx|-----------|xx|-+
     | OpenWRT   |______/
     +-----------+

bennachie.57n.dn42 is an apu3c4 board running OpenBSD. It terminates the PPPoE tunnel from Converged and has a 2G LACP trunk into the core switch in the same rack. This trunk uses 802.1Q encapsulation to carry multiple VLANs as detailed below.

Networks

When considering new IP ranges, it is necessary to consider which ranges would already be in use in ChaosVPN, dn42 and Freifunk. The range 192.168.0.0/16 is available for local use and not routed outside the hackerspace. For IPv6, the hackerspace has a global scope address block (2001:470:510b::/48), from Hurricane Electric, and this surfaces in Germany (who has the account for this?).

Some blocks in this table have been marked as legacy. This is because the addressing they use was from ChaosVPN, and we are now instead looking at dn42 for inter-hackerspace peering. ChaosVPN and dn42 co-ordinate on address space and also peer with each other and so we should not be losing any connectivity.

Our DN42 autonomous system number is AS4242421057.

VLAN Description Address Range IPv6
100 Legacy Wired LAN 172.31.4.0/24 2001:470:510b:4::/64
110 Legacy Wireless LAN 172.31.5.0/24 2001:470:510b:5::/64
120 Wired LAN 172.23.152.0/24 ?

IPX support is planned, but will need to happen later due to time constraints. Ideas include just routing IPX over our wired/wireless VLANs but then also between hackerspaces over ChaosVPN.

Network Rack

The network rack is the top, wall mounted rack.

It floats, as if by magic.

Rack Layout

U (from top) Hardware
1 Patch Panel
2 Mesh Blank Panel
3 Cable Tidy
4 Switch
5 Cable Tidy
6-7 NMS Panel


Patch Panel

The Patch Panel in the top rack is currently

Patch Panel Port Outlet
1 Back Desk, Left
2 Back Desk, Right
3 Back Desk, Right -1
4 Back Desk Left -1
5 Component Desk
6 Toolbench, Left
7 Printer Desk, Left
8 IP Phone, Right
9 Toolbench, Right
10 Printer Desk, Right
11 IP Phone Left
22 PPPoE Converged
23 Emergency Telephone (NOT TO BE PLUGGED INTO SWITCH)
24 WAN Port

ChaosVPN

ChaosVPN is a VPN to connect hackers and hackerspaces. The wired and wireless LANs are connected to ChaosVPN and, via ChaosVPN, dn42 and Freifunk's networks.