Open main menu
Last edited 1 year ago by Macarak

Difference between revisions of "Network"
Macarak (Talk | contribs)
(Switch)
 
(82 intermediate revisions by 9 users not shown)
Line 1: Line 1:
 
[[Category:Ongoing_Projects]]
 
[[Category:Ongoing_Projects]]
  
We have three network zones. Internet access is provided by a long range Wifi access point, the [http://www.ubnt.com/nanostation Ubiquity Nanostation].
+
We have three network zones. Internet access is provided by a long range Wifi access point, formely a [http://www.ubnt.com/nanostation Ubiquity Nanostation] and later an [https://www.ui.com/airfiber/airfiber/ Ubiquity AirFiber]
  
[[File:antenna_rc1.jpg|thumb|right|||3rd fixation attempt. More or less the definitive version.]]
 
  
 
== Public IP network ==
 
== Public IP network ==
 +
 +
* [[Personal Firewall]] • Secure your machine on FIXME network
  
 
=== IPv4 ===
 
=== IPv4 ===
Line 11: Line 12:
 
* Network: 62.220.135.192
 
* Network: 62.220.135.192
 
* Netmask: 255.255.255.192 CIDR: /26
 
* Netmask: 255.255.255.192 CIDR: /26
* DHCP range: 62.220.135.193-244
+
* DHCP range: 62.220.135.194-244
 
* WiFi: FIXME 5GHz
 
* WiFi: FIXME 5GHz
 
* DNS1: 62.220.128.14
 
* DNS1: 62.220.128.14
Line 23: Line 24:
 
! scope=col | Description
 
! scope=col | Description
 
|-
 
|-
| 62.220.135.193-244
+
| 62.220.135.195
 +
| [http://control.fixme.ch control.fixme.ch]
 +
| LEDs control: [[LED_Retrofit]], [http://62.220.135.195/ Control], temp sensors for [https://fixme.ch/cgi-bin/spaceapi.py SpaceAPI]
 +
|-
 +
| 62.220.135.196
 +
|
 +
| Flukso, see [[Power]]
 +
|-
 +
| 62.220.135.197
 +
| chia.fixme.ch
 +
|
 +
|-
 +
| 62.220.135.198
 +
| plt-link.fixme.ch
 +
| Temporary VM for PTL
 +
|-
 +
| 62.220.135.199
 +
| noise.fixme.ch
 +
| Noise Raspi
 +
|-
 +
| 62.220.135.200
 +
|
 +
| Temporary VM for PTL, secondary IP
 +
|-
 +
| 62.220.135.201
 +
| bellatrix.fixme.ch
 +
| [[Bellatrix]]
 +
|-
 +
| 62.220.135.211
 +
| [[SDR|sdr1.fixme.ch]]
 +
| Raspberry PI running rtl-sdr on port tcp/1234
 +
|-
 +
| 62.220.135.212
 +
| [[Ultimaker#Webcam|webcam.fixme.ch]]
 +
| 3D printer network webcam
 +
|-
 +
| 62.220.135.214
 +
| ATLAS Probe
 +
| RIPE-Atlas-Probe-620, https://atlas.ripe.net/ https://atlas.ripe.net/probes/620/
 +
|-
 +
| 62.220.135.229
 +
| [[Telepresence|fixme.telepresence.fixme.ch]]
 +
| Raspi Telepresence device
 +
|-
 +
| 62.220.135.194-244
 
| 62-220-135-*.dhcp.fixme.ch
 
| 62-220-135-*.dhcp.fixme.ch
 
| WiFi DHCP pool
 
| WiFi DHCP pool
 +
|-
 +
| 62.220.135.245
 +
| hl-2150.fixme.ch
 +
| The fixme [[printer]] with a cups server
 
|-
 
|-
 
| 62.220.135.246
 
| 62.220.135.246
| guest1.fixme.ch
+
| git.fixme.ch
| Public PC 1 (Ubuntu), wakeonlan 00:08:02:ca:51:ce
+
| gitlab
 
|-
 
|-
 
| 62.220.135.247
 
| 62.220.135.247
| guest2.fixme.ch
+
| gitlab-runner.fixme.ch
| Public PC 2 (Debian)
+
| GitLab CI/CD
 +
|-
 +
| 62.220.135.248
 +
| [http://foo.fixme.ch foo.fixme.ch]
 +
| fixme [[Internal_Server|internal server]]
 +
|-
 +
| 62.220.135.249
 +
| k3s.fixme.ch
 +
| [[Kubernetes]]
 +
|-
 +
| 62.220.135.250
 +
| tun.fixme.ch
 +
| fixme [[Internal_Server|internal server]], second interface
 +
|-
 +
| 62.220.135.251
 +
| Fire
 +
|
 
|-
 
|-
 
| 62.220.135.252
 
| 62.220.135.252
| rtr02.fixme.ch
+
| [http://orbital.fixme.ch orbital.fixme.ch]
| NATed Access Point
+
| [https://fixme.ch/wiki/Orbital Play Orbital] (only possible at FIXME), Github Link: [https://github.com/Pecamo/orbital github.com/Pecamo/orbital]
 
|-
 
|-
 
| 62.220.135.253
 
| 62.220.135.253
| ap1.fixme.ch
+
| communr.fixme.ch
| WiFi Access Point
+
| Air Quality Monitoring project
 
|-
 
|-
 
| 62.220.135.254
 
| 62.220.135.254
| lsn-fix-ubn-01.r.saitis.net
+
| [https://62.220.135.254/cgi-bin/luci lsn-fix-ubn-01.r.saitis.net]
| WiFi Gateway
+
| WiFi Gateway / Router
|-
+
| 62.220.135.248
+
| foo.fixme.ch
+
| fixme [[Internal_Server|internal server]]
+
|-
+
| 62.220.135.245
+
| hl-2150.fixme.ch
+
| The fixme printer with a cups server
+
 
|}
 
|}
  
 
=== IPv6 ===
 
=== IPv6 ===
  
[[IPv6|IPv6 Documentation]]
+
THE V6 NETWORK IS NOT WORKING ANYMORE AND THE DNS ENTRIES HAVE BEEN REMOVED //2017-01-12
 
+
<s>[[IPv6|IPv6 Documentation]]
 
* Network: 2001:788:dead::/48
 
* Network: 2001:788:dead::/48
 
* DNS1: 2001:788::14
 
* DNS1: 2001:788::14
 
* DNS2: 2001:788::15
 
* DNS2: 2001:788::15
 
+
</s>
 
==== LAN ====
 
==== LAN ====
 
+
<s>
 
2001:788:dead:beef::/64
 
2001:788:dead:beef::/64
 
 
{| class="wikitable"
 
{| class="wikitable"
 
|+  
 
|+  
Line 82: Line 138:
 
| guest1.fixme.ch
 
| guest1.fixme.ch
 
| Public PC 1 (Ubuntu), wakeonlan 00:08:02:ca:51:ce
 
| Public PC 1 (Ubuntu), wakeonlan 00:08:02:ca:51:ce
|-
 
| 2001:788:dead:beef::3
 
| guest2.fixme.ch
 
| Public PC 2 (Debian)
 
|-
 
| 2001:788:dead:beef::4
 
| rtr02.fixme.ch
 
| NATed Access Point
 
 
|-
 
|-
 
| 2001:788:dead:beef::5
 
| 2001:788:dead:beef::5
Line 95: Line 143:
 
| fixme [[Internal_Server|internal server]]
 
| fixme [[Internal_Server|internal server]]
 
|}
 
|}
 +
</s>
  
=== Wifi: FIXME IPv6 access for free ===
+
==== Wifi: FIXME IPv6 access for free ====
 +
* <s>2001:788:dead:bee::/64</s>
  
* 2001:788:dead:bee::/64
+
= Switch =
 +
[[SWITCH-mikrotik]]
 +
 
 +
= VLANs =
 +
see [[SWITCH-mikrotik]]
 +
<s>
 +
* 130: FIXME-NAT
 +
* 135: FIXME public (+ cloud)
 +
</s>
  
 
= LAN network (NAT)=
 
= LAN network (NAT)=
Line 105: Line 163:
  
 
* Network: 192.168.130.0
 
* Network: 192.168.130.0
* netask: 255.255.255.0 CIDR: /24
+
* Netmask: 255.255.255.0 CIDR: /24
 
* Router: 192.168.130.254
 
* Router: 192.168.130.254
 
* DHCP range: 192.168.130.100-200
 
* DHCP range: 192.168.130.100-200
Line 112: Line 170:
 
* DNS2: 62.220.128.15
 
* DNS2: 62.220.128.15
  
= DEV network (NAT)=
+
{| class="wikitable"
 +
|+
 +
|-
 +
! scope=col | IP
 +
! scope=col | Name
 +
! scope=col | Description
 +
|-
 +
| 192.168.130.210
 +
|
 +
| Fablab printer
 +
|}
  
Firewall rules to block LAN network
+
= Wi-Fi Networks =
  
* Network: 192.168.131.0
+
We are running the Unifi Controller application in a docker container on server [[Foo]].
* Netmask: 255.255.255.0 CIDR: /24
+
* Router: 192.168.131.254
+
* DHCP range : 192.168.131.100-200
+
* WiFi:  N/A
+
* DNS1: 62.220.128.14
+
* DNS2: 62.220.128.15
+
  
= Pictures =
+
* [https://foo.fixme.ch:8443/ Unifi Controller]
  
[[File:fixme-speedtest.png]]
+
We use a AirFiber to connect to our network provider, it's management IP is 192.168.253.105
[[File:antenna_beta1.jpg|300px|left|||1er test de fixation de l'antenne. A l'aide d'une Trotinette :-)]]
+
  
 
= Notes =
 
= Notes =
 
 
* [[Network/Installation|Installation sur le toit]]
 
* [[Network/Installation|Installation sur le toit]]
 +
* We have a RIPE Atlas probe: https://stat.ripe.net/AS6893
 +
 +
= Netmaster doc =
 +
 +
[[File:FIXME_network.odg]]
 +
 +
= VPN =
 +
 +
* See [[WireGuard]] for new VPN
 +
* See [[OpenVPN]] for the old one
 +
 +
= Project Leaders =
 +
* [[User:francois|francois]]
 +
* [[user:FreeStorm|FreeStorm]]
 +
 +
= Pictures =
 +
 +
[[File:fixme-speedtest.png|x200px||||Speedtest.net is sluggish]]
 +
[[File:fixme-cnlab.png|x200px||||Swisscom's CNLab speed test]]
 +
[[File:antenna_beta1.jpg|x200px||||1er test de fixation de l'antenne. A l'aide d'une Trotinette :-)]]
 +
[[File:antenna_rc1.jpg|x200px||||3rd fixation attempt. More or less the definitive version.]]
 +
[[File:fixme-wifi-root.jpg|thumb|right|||4th fixation: on the building roof in Lausanne!]]

Latest revision as of 17:29, 1 January 2024


We have three network zones. Internet access is provided by a long range Wifi access point, formely a Ubiquity Nanostation and later an Ubiquity AirFiber


Public IP network

IPv4

  • Network: 62.220.135.192
  • Netmask: 255.255.255.192 CIDR: /26
  • DHCP range: 62.220.135.194-244
  • WiFi: FIXME 5GHz
  • DNS1: 62.220.128.14
  • DNS2: 62.220.128.15
IP Name Description
62.220.135.195 control.fixme.ch LEDs control: LED_Retrofit, Control, temp sensors for SpaceAPI
62.220.135.196 Flukso, see Power
62.220.135.197 chia.fixme.ch
62.220.135.198 plt-link.fixme.ch Temporary VM for PTL
62.220.135.199 noise.fixme.ch Noise Raspi
62.220.135.200 Temporary VM for PTL, secondary IP
62.220.135.201 bellatrix.fixme.ch Bellatrix
62.220.135.211 sdr1.fixme.ch Raspberry PI running rtl-sdr on port tcp/1234
62.220.135.212 webcam.fixme.ch 3D printer network webcam
62.220.135.214 ATLAS Probe RIPE-Atlas-Probe-620, https://atlas.ripe.net/ https://atlas.ripe.net/probes/620/
62.220.135.229 fixme.telepresence.fixme.ch Raspi Telepresence device
62.220.135.194-244 62-220-135-*.dhcp.fixme.ch WiFi DHCP pool
62.220.135.245 hl-2150.fixme.ch The fixme printer with a cups server
62.220.135.246 git.fixme.ch gitlab
62.220.135.247 gitlab-runner.fixme.ch GitLab CI/CD
62.220.135.248 foo.fixme.ch fixme internal server
62.220.135.249 k3s.fixme.ch Kubernetes
62.220.135.250 tun.fixme.ch fixme internal server, second interface
62.220.135.251 Fire
62.220.135.252 orbital.fixme.ch Play Orbital (only possible at FIXME), Github Link: github.com/Pecamo/orbital
62.220.135.253 communr.fixme.ch Air Quality Monitoring project
62.220.135.254 lsn-fix-ubn-01.r.saitis.net WiFi Gateway / Router

IPv6

THE V6 NETWORK IS NOT WORKING ANYMORE AND THE DNS ENTRIES HAVE BEEN REMOVED //2017-01-12 IPv6 Documentation

  • Network: 2001:788:dead::/48
  • DNS1: 2001:788::14
  • DNS2: 2001:788::15

LAN

2001:788:dead:beef::/64

IPv6 Name Description
2001:788:dead:beef::1 router Netgear AP/router
2001:788:dead:beef::2 guest1.fixme.ch Public PC 1 (Ubuntu), wakeonlan 00:08:02:ca:51:ce
2001:788:dead:beef::5 foo.fixme.ch fixme internal server

Wifi: FIXME IPv6 access for free

  • 2001:788:dead:bee::/64

Contents

Switch

SWITCH-mikrotik

VLANs

see SWITCH-mikrotik

  • 130: FIXME-NAT
  • 135: FIXME public (+ cloud)

LAN network (NAT)

No firewall rules to block WAN or DEV networks

  • Network: 192.168.130.0
  • Netmask: 255.255.255.0 CIDR: /24
  • Router: 192.168.130.254
  • DHCP range: 192.168.130.100-200
  • WiFi: FIXME_NAT
  • DNS1: 62.220.128.14
  • DNS2: 62.220.128.15
IP Name Description
192.168.130.210 Fablab printer

Wi-Fi Networks

We are running the Unifi Controller application in a docker container on server Foo.

We use a AirFiber to connect to our network provider, it's management IP is 192.168.253.105

Notes

Netmaster doc

File:FIXME network.odg

VPN

Project Leaders

Pictures

Speedtest.net is sluggish Swisscom's CNLab speed test 1er test de fixation de l'antenne. A l'aide d'une Trotinette :-) 3rd fixation attempt. More or less the definitive version.

4th fixation: on the building roof in Lausanne!