Difference between revisions of "Network"

From Fixme.ch
Jump to: navigation, search
(IPv4)
(Switch)
 
(42 intermediate revisions by 7 users not shown)
Line 1: Line 1:
 
[[Category:Ongoing_Projects]]
 
[[Category:Ongoing_Projects]]
  
We have three network zones. Internet access is provided by a long range Wifi access point, the [http://www.ubnt.com/nanostation Ubiquity Nanostation].
+
We have three network zones. Internet access is provided by a long range Wifi access point, formely a [http://www.ubnt.com/nanostation Ubiquity Nanostation] and later an [https://www.ui.com/airfiber/airfiber/ Ubiquity AirFiber]
  
[[File:fixme-wifi-root.jpg|thumb|right|||4th and final fixation attempt: on the building roof!]]
 
  
 
== Public IP network ==
 
== Public IP network ==
Line 24: Line 23:
 
! scope=col | Name
 
! scope=col | Name
 
! scope=col | Description
 
! scope=col | Description
 +
|-
 +
| 62.220.135.195
 +
| [http://control.fixme.ch control.fixme.ch]
 +
| LEDs control: [[LED_Retrofit]], [http://62.220.135.195/ Control], temp sensors for [https://fixme.ch/cgi-bin/spaceapi.py SpaceAPI]
 +
|-
 +
| 62.220.135.196
 +
|
 +
| Flukso, see [[Power]]
 +
|-
 +
| 62.220.135.197
 +
| chia.fixme.ch
 +
|
 +
|-
 +
| 62.220.135.198
 +
| plt-link.fixme.ch
 +
| Temporary VM for PTL
 +
|-
 +
| 62.220.135.199
 +
| noise.fixme.ch
 +
| Noise Raspi
 +
|-
 +
| 62.220.135.200
 +
|
 +
| Temporary VM for PTL, secondary IP
 +
|-
 +
| 62.220.135.201
 +
| bellatrix.fixme.ch
 +
| [[Bellatrix]]
 +
|-
 +
| 62.220.135.211
 +
| [[SDR|sdr1.fixme.ch]]
 +
| Raspberry PI running rtl-sdr on port tcp/1234
 +
|-
 +
| 62.220.135.212
 +
| [[Ultimaker#Webcam|webcam.fixme.ch]]
 +
| 3D printer network webcam
 +
|-
 +
| 62.220.135.214
 +
| ATLAS Probe
 +
| RIPE-Atlas-Probe-620, https://atlas.ripe.net/ https://atlas.ripe.net/probes/620/
 +
|-
 +
| 62.220.135.229
 +
| [[Telepresence|fixme.telepresence.fixme.ch]]
 +
| Raspi Telepresence device
 
|-
 
|-
 
| 62.220.135.194-244
 
| 62.220.135.194-244
Line 34: Line 77:
 
|-
 
|-
 
| 62.220.135.246
 
| 62.220.135.246
| guest1.fixme.ch
+
| git.fixme.ch
| Public PC 1 (Ubuntu), wakeonlan 00:08:02:ca:51:ce
+
| gitlab
 
|-
 
|-
| <s>62.220.135.247</s>
+
| 62.220.135.247
| <s>guest2.fixme.ch</s>
+
| gitlab-runner.fixme.ch
| <s>Public PC 2 (Debian)</s>
+
| GitLab CI/CD
 
|-
 
|-
 
| 62.220.135.248
 
| 62.220.135.248
Line 45: Line 88:
 
| fixme [[Internal_Server|internal server]]
 
| fixme [[Internal_Server|internal server]]
 
|-
 
|-
| <s>62.220.135.249</s>
+
| 62.220.135.249
| <s>guest3.fixme.ch</s>
+
| k3s.fixme.ch
| <s>Public PC 3 (Debian)</s>
+
| [[Kubernetes]]
 
|-
 
|-
 
| 62.220.135.250
 
| 62.220.135.250
Line 54: Line 97:
 
|-
 
|-
 
| 62.220.135.251
 
| 62.220.135.251
| [http://led.fixme.ch/rgb led.fixme.ch]
+
| Fire
| LED Strip Controller
+
|  
 
|-
 
|-
 
| 62.220.135.252
 
| 62.220.135.252
| [https://rtr02.fixme.ch/ rtr02.fixme.ch]
+
| [http://orbital.fixme.ch orbital.fixme.ch]
| NATed Access Point (pfsense)
+
| [https://fixme.ch/wiki/Orbital Play Orbital] (only possible at FIXME), Github Link: [https://github.com/Pecamo/orbital github.com/Pecamo/orbital]
 
|-
 
|-
 
| 62.220.135.253
 
| 62.220.135.253
| ap1.fixme.ch
+
| communr.fixme.ch
| WiFi Access Point
+
| Air Quality Monitoring project
 
|-
 
|-
 
| 62.220.135.254
 
| 62.220.135.254
 
| [https://62.220.135.254/cgi-bin/luci lsn-fix-ubn-01.r.saitis.net]
 
| [https://62.220.135.254/cgi-bin/luci lsn-fix-ubn-01.r.saitis.net]
 
| WiFi Gateway / Router
 
| WiFi Gateway / Router
|-
 
| 62.220.135.211
 
| [[SDR|sdr1.fixme.ch]]
 
| Raspberry PI running rtl-sdr on port tcp/1234
 
|-
 
| 62.220.135.212
 
| [[Ultimaker#Webcam|webcam.fixme.ch]]
 
| 3D printer network webcam
 
|-
 
| 62.220.135.229
 
| [[Telepresence|fixme.telepresence.fixme.ch]]
 
| Raspi Telepresence device
 
|-
 
| 62.220.135.230
 
| [[Ultimaker|spm.fixme.ch]]
 
| Printing machine for the Ultimaker
 
|-
 
| 62.220.135.214
 
| ATLAS Probe
 
| RIPE-Atlas-Probe-620, https://atlas.ripe.net/ https://atlas.ripe.net/atlas/myprobes.html?prb_id=620
 
|-
 
| 62.220.135.197
 
| [[Projector_client|projector.fixme.ch]]
 
| Projector server on a raspi
 
|-
 
| 62.220.135.227
 
| [http://control.fixme.ch]
 
| LEDs control: [[LED_Retrofit]], [http://62.220.135.227/ Control]
 
 
|}
 
|}
  
 
=== IPv6 ===
 
=== IPv6 ===
  
[[IPv6|IPv6 Documentation]]
+
THE V6 NETWORK IS NOT WORKING ANYMORE AND THE DNS ENTRIES HAVE BEEN REMOVED //2017-01-12
 
+
<s>[[IPv6|IPv6 Documentation]]
 
* Network: 2001:788:dead::/48
 
* Network: 2001:788:dead::/48
 
* DNS1: 2001:788::14
 
* DNS1: 2001:788::14
 
* DNS2: 2001:788::15
 
* DNS2: 2001:788::15
 
+
</s>
 
==== LAN ====
 
==== LAN ====
 
+
<s>
 
2001:788:dead:beef::/64
 
2001:788:dead:beef::/64
 
 
{| class="wikitable"
 
{| class="wikitable"
 
|+  
 
|+  
Line 124: Line 138:
 
| guest1.fixme.ch
 
| guest1.fixme.ch
 
| Public PC 1 (Ubuntu), wakeonlan 00:08:02:ca:51:ce
 
| Public PC 1 (Ubuntu), wakeonlan 00:08:02:ca:51:ce
|-
 
| 2001:788:dead:beef::3
 
| guest2.fixme.ch
 
| Public PC 2 (Debian)
 
|-
 
| 2001:788:dead:beef::4
 
| rtr02.fixme.ch
 
| NATed Access Point
 
 
|-
 
|-
 
| 2001:788:dead:beef::5
 
| 2001:788:dead:beef::5
Line 137: Line 143:
 
| fixme [[Internal_Server|internal server]]
 
| fixme [[Internal_Server|internal server]]
 
|}
 
|}
 +
</s>
  
=== Wifi: FIXME IPv6 access for free ===
+
==== Wifi: FIXME IPv6 access for free ====
 +
* <s>2001:788:dead:bee::/64</s>
  
* 2001:788:dead:bee::/64
+
= Switch =
 +
[[SWITCH-mikrotik]]
 +
 
 +
= VLANs =
 +
see [[SWITCH-mikrotik]]
 +
<s>
 +
* 130: FIXME-NAT
 +
* 135: FIXME public (+ cloud)
 +
</s>
  
 
= LAN network (NAT)=
 
= LAN network (NAT)=
Line 154: Line 170:
 
* DNS2: 62.220.128.15
 
* DNS2: 62.220.128.15
  
= DEV network (NAT)=
+
{| class="wikitable"
 +
|+
 +
|-
 +
! scope=col | IP
 +
! scope=col | Name
 +
! scope=col | Description
 +
|-
 +
| 192.168.130.210
 +
|
 +
| Fablab printer
 +
|}
  
Firewall rules to block LAN network
+
= Wi-Fi Networks =
  
* Network: 192.168.131.0
+
We are running the Unifi Controller application in a docker container on server [[Foo]].
* Netmask: 255.255.255.0 CIDR: /24
+
 
* Router: 192.168.131.254
+
* [https://foo.fixme.ch:8443/ Unifi Controller]
* DHCP range : 192.168.131.100-200
+
 
* WiFi:  N/A
+
We use a AirFiber to connect to our network provider, it's management IP is 192.168.253.105
* DNS1: 62.220.128.14
+
* DNS2: 62.220.128.15
+
  
 
= Notes =
 
= Notes =
Line 170: Line 194:
 
* We have a RIPE Atlas probe: https://stat.ripe.net/AS6893
 
* We have a RIPE Atlas probe: https://stat.ripe.net/AS6893
  
= Project Leader =
+
= Netmaster doc =
[[User:francois|francois]]
+
 
 +
[[File:FIXME_network.odg]]
  
= Participant =
+
= VPN =
[[user:FreeStorm|FreeStorm]]
+
  
 +
* See [[WireGuard]] for new VPN
 +
* See [[OpenVPN]] for the old one
  
 +
= Project Leaders =
 +
* [[User:francois|francois]]
 +
* [[user:FreeStorm|FreeStorm]]
  
 
= Pictures =
 
= Pictures =
Line 184: Line 213:
 
[[File:antenna_beta1.jpg|x200px||||1er test de fixation de l'antenne. A l'aide d'une Trotinette :-)]]
 
[[File:antenna_beta1.jpg|x200px||||1er test de fixation de l'antenne. A l'aide d'une Trotinette :-)]]
 
[[File:antenna_rc1.jpg|x200px||||3rd fixation attempt. More or less the definitive version.]]
 
[[File:antenna_rc1.jpg|x200px||||3rd fixation attempt. More or less the definitive version.]]
 +
[[File:fixme-wifi-root.jpg|thumb|right|||4th fixation: on the building roof in Lausanne!]]

Latest revision as of 15:29, 1 January 2024


We have three network zones. Internet access is provided by a long range Wifi access point, formely a Ubiquity Nanostation and later an Ubiquity AirFiber


Public IP network

IPv4

  • Network: 62.220.135.192
  • Netmask: 255.255.255.192 CIDR: /26
  • DHCP range: 62.220.135.194-244
  • WiFi: FIXME 5GHz
  • DNS1: 62.220.128.14
  • DNS2: 62.220.128.15
IP Name Description
62.220.135.195 control.fixme.ch LEDs control: LED_Retrofit, Control, temp sensors for SpaceAPI
62.220.135.196 Flukso, see Power
62.220.135.197 chia.fixme.ch
62.220.135.198 plt-link.fixme.ch Temporary VM for PTL
62.220.135.199 noise.fixme.ch Noise Raspi
62.220.135.200 Temporary VM for PTL, secondary IP
62.220.135.201 bellatrix.fixme.ch Bellatrix
62.220.135.211 sdr1.fixme.ch Raspberry PI running rtl-sdr on port tcp/1234
62.220.135.212 webcam.fixme.ch 3D printer network webcam
62.220.135.214 ATLAS Probe RIPE-Atlas-Probe-620, https://atlas.ripe.net/ https://atlas.ripe.net/probes/620/
62.220.135.229 fixme.telepresence.fixme.ch Raspi Telepresence device
62.220.135.194-244 62-220-135-*.dhcp.fixme.ch WiFi DHCP pool
62.220.135.245 hl-2150.fixme.ch The fixme printer with a cups server
62.220.135.246 git.fixme.ch gitlab
62.220.135.247 gitlab-runner.fixme.ch GitLab CI/CD
62.220.135.248 foo.fixme.ch fixme internal server
62.220.135.249 k3s.fixme.ch Kubernetes
62.220.135.250 tun.fixme.ch fixme internal server, second interface
62.220.135.251 Fire
62.220.135.252 orbital.fixme.ch Play Orbital (only possible at FIXME), Github Link: github.com/Pecamo/orbital
62.220.135.253 communr.fixme.ch Air Quality Monitoring project
62.220.135.254 lsn-fix-ubn-01.r.saitis.net WiFi Gateway / Router

IPv6

THE V6 NETWORK IS NOT WORKING ANYMORE AND THE DNS ENTRIES HAVE BEEN REMOVED //2017-01-12 IPv6 Documentation

  • Network: 2001:788:dead::/48
  • DNS1: 2001:788::14
  • DNS2: 2001:788::15

LAN

2001:788:dead:beef::/64

IPv6 Name Description
2001:788:dead:beef::1 router Netgear AP/router
2001:788:dead:beef::2 guest1.fixme.ch Public PC 1 (Ubuntu), wakeonlan 00:08:02:ca:51:ce
2001:788:dead:beef::5 foo.fixme.ch fixme internal server

Wifi: FIXME IPv6 access for free

  • 2001:788:dead:bee::/64

Switch

SWITCH-mikrotik

VLANs

see SWITCH-mikrotik

  • 130: FIXME-NAT
  • 135: FIXME public (+ cloud)

LAN network (NAT)

No firewall rules to block WAN or DEV networks

  • Network: 192.168.130.0
  • Netmask: 255.255.255.0 CIDR: /24
  • Router: 192.168.130.254
  • DHCP range: 192.168.130.100-200
  • WiFi: FIXME_NAT
  • DNS1: 62.220.128.14
  • DNS2: 62.220.128.15
IP Name Description
192.168.130.210 Fablab printer

Wi-Fi Networks

We are running the Unifi Controller application in a docker container on server Foo.

We use a AirFiber to connect to our network provider, it's management IP is 192.168.253.105

Notes

Netmaster doc

File:FIXME network.odg

VPN

Project Leaders

Pictures

Speedtest.net is sluggish Swisscom's CNLab speed test 1er test de fixation de l'antenne. A l'aide d'une Trotinette :-) 3rd fixation attempt. More or less the definitive version.

4th fixation: on the building roof in Lausanne!