Category:Network: Difference between revisions

From Nottinghack Wiki
Jump to navigation Jump to search
Line 406: Line 406:
| g1 || 1u || Management access
| g1 || 1u || Management access
|-
|-
| g2 || 1u, 2t, 3t, 4t , 5t, 6t, 7t, 8t || Uplink trunk (upstairs temporary)
| g2 || 1u, 2t, 3t, 4t , 5t, 6t, 7t, 8t || Uplink trunk
|-
|-
| g3-g17 || 2u || Main hackspace network
| g3 || 2u || Main hackspace network
|-
| g4 || 4u || Modem
|-
| g5-g7 || 2u || Main hackspace network
|-
| g8 || 3u || Instrumentation
|-
| g9 || 2u || Main hackspace network
|-
| g10 || 1u, 2t, 3t, 4t , 5t, 6t, 7t, 8t || Trunk
|-
| g11 || 2u || Main hackspace network
|-
| g12 || 1t, 2u || (dorian)
|-
| g13 || 1u, 2t || WiFi
|-
| g14 || 1u, 2t || WiFi
|-
| g15|| 1u, 2t, 3t, 4t, 5t || Server
|-
| g16|| 1u, 2t, 3t, 4t, 5t || Server
|-
| g17|| 1u, 2t, 3t, 4t, 5t || Server
|-
|-
| g18 || 6t || [[Collective#Unimatrix|Unimatrix]]<->[[Collective#Locutus|Locutus]] direct network
| g18 || 6t || [[Collective#Unimatrix|Unimatrix]]<->[[Collective#Locutus|Locutus]] direct network

Revision as of 22:01, 3 November 2018

The hackspace network and servers are look after by the Network and Servers group

Network Layout

This page will show the network topology & proposals for network expansion / modification.

A
Hackspace Network

Note: This diagram is very out of date and needs updating

External IP address 79.77.188.139.

External domain address lspace.nottinghack.org.uk (DNS record looked after by 'RepRap' Matt)

Static & Reserved IP's

There are a few VLANs:

VLAN Network Description
1 192.168.1.0/24 Default (management network)
2 10.0.0.0/24 Main Hackspace network
3 192.168.0.0/24 Instrumentation projects
4 - Able / ADSL Modem (PPPoE)
5 192.168.0.0/24 Instrumentation test (Rommie)
6 192.168.6.0/24 Unimatrix<->Locutus direct network
7 192.168.7.0/24 Queen<->Unimatrix direct network
8 192.168.8.0/24 Queen<->Locutus direct network

The following ranges are reserved for there given purpose:

Start End Purpose
10.0.0.1 10.0.0.1 kryten The Main Router
10.0.0.2 10.0.0.79 Static things
10.0.0.80 10.0.0.89 openVPN DHCP pool
10.0.0.90 10.0.0.99 Static Printers
10.0.0.100 10.0.0.254 DHCP Range
10.0.0.255 10.0.0.255 Broadcast
192.168.0.1 192.168.0.100 Static HackSpace Instrumentation


VLAN 1

These are all statically assigned.

VLAN IP DNS Name Notes
1 192.168.1.1 HollyVM Our primary server hosing hms and instrumentation things
1 192.168.1.2 ws-switch Workshop switch
1 192.168.1.3 Lore Workshop Wifi AP
1 192.168.1.4 st-switch Studio/BlueRoom switch
1 192.168.1.5 Data Studio/BlueRoom Wifi AP
1 192.168.1.6 Gibson Wifi RADIUS Server
1 192.168.1.7 studio-gbit Dell PowerConnect 2724 (24x gbit)
1 192.168.1.8 Queeg Hollys backup
1 192.168.1.9 Unimatrix
1 192.168.1.10 Locutus
1 192.168.1.11 Queen
1 192.168.1.12 Holly (on Unimatrix)
1 192.168.1.13 1of3 (APC UPS) Upstairs members storage
1 192.168.1.19 1of9 (HP 2824) Upstairs members storage (Core switch)
1 192.168.1.23 2of3 (APC UPS) Team storgare
1 192.168.1.29 2of9 (HP 2650-48) CNCRoom Switch
1 192.168.1.30 Dorian Raspberry Pi UniFi controller
1 192.168.1.33 3of3 (APC UPS) Downstairs members storage
1 192.168.1.39 3of9 (HP 2650-48) Upstairs members storage
1 192.168.1.49 4of9 (HP 2650-48) Downstairs members storage (Classroom Side)
1 192.168.1.59 5of9 (HP 2650-48) Downstairs members storage (Metalworking Side)

VLAN 2

These are assigned via DHCP/MAC using Kryten or set statically on the device

VLAN IP DNS Name Notes
2 10.0.0.1 Kryten pfSense router on Collective
2 10.0.0.2 HollyVM Our primary server hosing hms and instrumentation things (Squeeze under KVM)
2 10.0.0.4 JARVIS Sandbox Debian VM open for all members
2 10.0.0.5 Rommie HMS Development VM
2 10.0.0.6 Workshop Workshop Wifi AP (channel 11)
2 10.0.0.7 Zyxel Additional Wifi AP (channel 1)
2 10.0.0.10 Collective ESXi Management Server
2 10.0.0.11 Samaritan Monitoring server
2 10.0.0.12 Queeg Hollys backup
2 10.0.0.14 Holly Our primary server hosing hms and instrumentation things (Jessie under KVM)
2 10.0.0.15 Gibson Wifi RADIUS Server
2 10.0.0.17 Unimatrix
2 10.0.0.18 Locutus
2 10.0.0.19 Queen
2 10.0.0.21 yoocnc YooCNC desktop
2 10.0.0.22 Quorra Quorra
2 10.0.0.23 Kiosk Kiosk PC (under 50" screen in blueroom). WIP.
2 10.0.0.24 Bishop Laptop for 3D printer
2 10.0.0.25 BarBot Pi in Project:BarBot
2 10.0.0.27 pbx Asterisk on bare metal
2 10.0.0.28 payphone RaspberryPi in the Payphone
2 10.0.0.29 Ziggy Git work shop vm
2 10.0.0.30 Dorian RaspberryPi based Unifi controller
2 10.0.0.40 studiocam Pan/Tilt Studio webcam
2 10.0.0.90 marvin A4 Laser Printer
2 10.0.0.91 Clank A3 Laser Printer
2 10.0.0.92 B4 A4 InkJet with Scanner
2 10.0.0.93 Vinyl Vinyl
2 10.0.0.94 Rosey Epson WF-7610DWF
2 10.0.0.95 Bender HP5550
2 10.0.0.96 Zebra_2844 Label printer
2 10.0.0.97 Plotter Plotter (HP DesignJet 600)

(coming soon...)

VLAN 3

These are all statically assigned.

VLAN IP DNS Name Notes
3 192.168.0.1 Holly Our primary server hosing hms and instrumentation things
3 192.168.0.6 HollyVM OLD server.
3 192.168.0.10 gatekeeper Access Control Arduino for upstairs inner (studio) door
3 192.168.0.11 MatrixMQTT BIG LED Matrix Display Arduino
3 192.168.0.12 Vending Machine RFID cashless payment nanode in snack vending machine
3 192.168.0.13 Mini-matrix Blue room mini-matrix display nanode
3 192.168.0.14 Wall of Faces Wall of members faces
3 192.168.0.15 Studio Controller Lighting Controller (Studio)
3 192.168.0.16 Workshop Controller Lighting Controller (Workshop)
3 192.168.0.17 Studio Switch Panel Lighting Switch's (Studio)
3 192.168.0.18 Workshop Switch Panel Lighting Switch's (Workshop)
3 192.168.0.19 WorkshopMQTT Workshop Bell and Temp Node
3 192.168.0.20 CoinAcceptor Coin acceptor for Snackspace / Vending Machine payments
3 192.168.0.21 NoteAcceptor Note acceptor for Snackspace / Vending Machine payments
3 192.168.0.22 laser Laser RFID
3 192.168.0.23 3D Printer 3D Printer RFID
3 192.168.0.24 Laser Display LED display near laser cutter
3 192.168.0.25 Queeg Hollys backup
3 192.168.0.26 Embroidery Machine Embroidery machine RIFD
3 192.168.0.27 CNCRoomController Lighting Controller (CNCRoomController)
3 192.168.0.28 Gatekeeper-4 CNC Corridor Access (1C:E3:0D:02:6A:4D)
3 192.168.0.29 Gatekeeper-6 Communal door (L) / blue room (1C:E3:0D:02:6A:4E)
3 192.168.0.30 Can machine Can vending machine in studio (DE:ED:BA:FE:FE:11)
3 192.168.0.31 Gatekeeper-3 Workshop (upstairs backdoor) (1C:E3:0D:02:6A:4F)
3 192.168.0.32 G5 Doorbell Doorbell/temperature node (DE:ED:BA:FE:62:12)
3 192.168.0.128/25 (129-254) Queen Docker instrumentation network pool

(coming soon...)

VLAN 6

Direct network between Unimatrix and Locutus used for HDD replication
These are all statically assigned.

VLAN IP DNS Name Notes
6 192.168.6.1 Unimatrix
6 192.168.6.2 Locutus

VLAN 7

Direct network between Unimatrix and Queen used for VM Backups
These are all statically assigned.

VLAN IP DNS Name Notes
7 192.168.7.1 Unimatrix
7 192.168.7.3 Queen

VLAN 8

Direct network between Locutus and Queen used for VM Backups
These are all statically assigned.

VLAN IP DNS Name Notes
8 192.168.8.2 Locutus
8 192.168.8.3 Queen

External Port Routing

Service External Port Internal Port Internal IP Notes
HTTP 80 80 10.0.0.14 Webserver on Holly
HTTPS 443 443 10.0.0.14 HMS SSL Webserver on Holly
SSH 1922 22 10.0.0.18 SSH on Unimatrix
SSH 3000 22 10.0.0.4 SSH on JARVIS
SSH 3045 22 10.0.0.5 SSH on Rommie
RTP 10000-20000 10000-20000 10.0.0.27 Asterisk/RTP on PBX
SIP 5060 5060 10.0.0.27 Asterisk/SIP on PBX

Switch port assignments

Netgear Prosafe FS728x

The switch in the members storage room is a Netgear FS728TP (24x 100mbit with POE + 4x gbit ports), the switch in the workshop is FS728TS (same, but with no POE). As far as possible, both switches should have identical configuration; I.e. if the studio switch fails, the workshop switch should be a drop in replacement.

Port VLAN Comments
e1-e6 3 Instrumentation projects
e7 4 Able (VDSL Modem)
e8 1,2,3 Data/Lore (WAP)
e9-e10 3 Instrumentation projects
e11 all Queeg
e12 2 Thomson ST2020 SIP phone in blue room
e13-e14 2 Main hackspace network
e15 N Do Not Use
e16-19 3 Instrumentation projects
e20 2u Main hackspace network
e21 1u UPS 1of3
e22 1u
e23 1u,2t,3t,5t
e24 2u
g1 all Collective
g2 2 Gigabit switch on Blue room table
g3 1,2,3,5 Dell PowerConnect 2724
g4 all other switch (FS728TP or FS728TS)

Dell PowerConnect 2724

The Dell switch is in the members storage room, just above collective. It is connected to the Netgear FS728TP and to most of the Studio network sockets.

Port VLAN Comments
e1-e23 2 Main hackspace network
e5 U1,2,3,5 Locutus/Queen
e9 U1,2,3,5 Locutus/Queen
e24 1,2,3,5 Netgear FS728TP

1of9 ProCurve 2824 (J4903A)

Located in the upstairs members storage, this is the core switch that all others connect to

Port VLAN Comments
g1 1u Management access
g2 1u, 2t, 3t, 4t , 5t, 6t, 7t, 8t Uplink trunk
g3 2u Main hackspace network
g4 4u Modem
g5-g7 2u Main hackspace network
g8 3u Instrumentation
g9 2u Main hackspace network
g10 1u, 2t, 3t, 4t , 5t, 6t, 7t, 8t Trunk
g11 2u Main hackspace network
g12 1t, 2u (dorian)
g13 1u, 2t WiFi
g14 1u, 2t WiFi
g15 1u, 2t, 3t, 4t, 5t Server
g16 1u, 2t, 3t, 4t, 5t Server
g17 1u, 2t, 3t, 4t, 5t Server
g18 6t Unimatrix<->Locutus direct network
g19 7t Queen<->Unimatrix direct network
g20 8t Queen<->Locutus direct network
g21 1u, 2t, 3t, 4t , 5t, 6t, 7t, 8t Downlink trunk (2of9)
g22 1u, 2t, 3t, 4t , 5t, 6t, 7t, 8t Downlink trunk (3of9)
g23 1u, 2t, 3t, 4t , 5t, 6t, 7t, 8t Downlink trunk (4of9)
g24 1u, 2t, 3t, 4t , 5t, 6t, 7t, 8t Downlink trunk (5of9)

2of9 ProCurve 2650-48 (J4899B)

Located in the CNC room cabinet, this switch servers the Blue room, CNC room and Team storage

3of9 ProCurve 2650-48 (J4899B)

Located in upstairs members storage, this switch serves the Comfy area, Studio, Craft Room and Kitchen


Port VLAN Comments
e1-e32 2u Main hackspace network
e33-e40 3u Instrumentation
e41-e42 1u, 2t Wifi
e43 3u Instrumentation
e44 4u Modem
e45 5u Instrumentation test
e46 6t Unimatrix<->Locutus direct network
e47 7t Queen<->Unimatrix direct network
e48 8t Queen<->Locutus direct network
g49 1u, 2t, 3t, 4t , 5t, 6t, 7t, 8t Uplink trunk (1of9)
g50 1u, 2t, 3t, 4t , 5t, 6t, 7t, 8t Server trunk

4of9 ProCurve 2650-48 (J4899C)

5of9 ProCurve 2650-48 (J4899B)

Port VLAN Comments
e1-e32 2u Main hackspace network
e33-e40 3u Instrumentation
e41-e42 1u, 2t Wifi
e43 3u Instrumentation
e44 4u Modem
e45 5u Instrumentation test
e46 6t Unimatrix<->Locutus direct network
e47 7t Queen<->Unimatrix direct network
e48 8t Queen<->Locutus direct network
g49 1u, 2t, 3t, 4t , 5t, 6t, 7t, 8t Uplink trunk (1of9)
g50 1u, 2t, 3t, 4t , 5t, 6t, 7t, 8t Server trunk

Patch Panels

Name Location Area served
Network/Patch_Panel_A Upstairs Member Storage Upstairs: Comfy Area, Studio, Blue Room, Kitchen, Members Storage
Network/Patch_Panel_B CNC Room Cabinet Down stairs: Blue Room, CNC room, CNC corridor, Team Storage
Network/Patch_Panel_C Upstairs Member Storage Upstairs: Comfy Area, Studio, Blue Room, Kitchen, Members Storage

Patch cable colour coding

Colour Vlan Tagging Notes
Purple 2u Main hackspace network
Green 3u Instrumentation
Blue 1u, 2t Wifi
Red
Black
Pink 4u Modem
Yellow 5u Instrumentation test
White 1u, 2t, 3t, 4t , 5t, 6t, 7t, 8t Trunk
Orange

Server Naming

See here for our naming convention

UPS Power

The important infrastructure runs off 3 UPS's, each one is an APC Dell Smart UPS 5000 DL5000RMI5U.

Name Management IP Location Equipment served Notes
One of Three 192.168.1.13
00:C0:B7:74:D5:55
Upstairs Member Storage Unimatrix, Queen (temporary), Locutus (temporary), Queeg,
1of9, studio-gbit, st-switch, Data, Able,
HS2.0 Gatekeeper, MatrixMQTT, Mini-matrix, CoinAcceptor,
In service since ~03/13
Batteries replaced 4/12/14
Cacti Graphs
Two of Three 192.168.1.23
00:C0 B7:66:65:99
Team Storage Queen (Once relocated),
2of9, 3of9 (temporary), 4of9 (temporary), 1of9 (temporary),
CNCRoom lighting automation, CNC corridor Gatekeeper, Blue room Gatekeeper, Team storage Gatekeeper
In service since 24/11/17
New Batteries fitted 24/11/17
Cacti Graphs
Three of Three 192.168.1.33
00:C0:B7:D5:89:A3
Downstairs Members Storage Locutus (Once relocated),
3of9, 4of9,
Corridor lighting automation, Metalworking lighting automation, Corridor Gatekeeper, Front door Gatekeeper, Members storage Gatekeeper
Not yet in service
New Batteries fitted xx/xx/xx
ip until I can get the login details 10.102.217.1

Network Devices

Able

Able is Kryten's brother the BT Openreach VDSL modem that talks to the outside world.

Kryten

Kryten is VM on Collective running pfSense, it handles all our DHCP and routing from the external world.
It is connected to VLAN 4 for access to Able, and 2 for the main hackspace network.

The Nottinghack VLAN has access to local resources - e.g. a samba file-share on JARVIS, a future local dropbox server for projects & collaborations, a backup of all Web / Wiki files (to allow a remote restore in the event of moving hosts / outage of services) and anything else we don't want to be web facing.

The VPN (when enabled) would allow remote management of the VLANS, which could come in handy in the event of issues with the client WiFi access point.

Router management username & password for Authorised members only. If there something you need changing ask on the google group or speak to 'RepRap' Matt or Daniel directly

Usual rules apply, as to any tool - if you don't know how to use it / don't do anything :)

OpenVPN

Not currently running and not for member access
Kryten runs our openVPN server for access to the hackspace network from the outside world.

For more details see the VPN page

WiFi

There are three WiFi networks:

HSNOTTS

WiFi for Hackspace SSID: HSNOTTS passcode uses WPA2 protocol AES encryption. Members only, passcode on request, changes to the passcode will be emailed to members only.

HSNOTTS_GUEST

WiFi for guests is setup as HSNOTTS_GUEST and passcode can be provided and this will (possibly at some point) run on a separate VLAN.

spacenet

Cross-hackspace wireless network, using WPA2 Enterprise. Login using:
Username: <HMS-username>@nottinghack.org.uk
Password: <HMS-password>

For more details, see spacenet.

Servers

Holly

See Holly

Collective

See Collective

Andromeda

See Andromeda

Joshua

Joshua loves to play games, Tic Tac Toe, Chess, Global Thermonuclear War... all the family favourites. We've co-opted him into running Quake II, Open Arena, Unreal Tournament & Counter Strike 1.5.
The aim is to have a games server running games suitable for clients running low powered netbooks & laptops. This allows us to run LAN parties & have more people join in, without having to bring gaming rigs from home. Also QII & Open Arena have open source install paths available, with Unreal & Counter Strike available at low cost.
Joshua is running Windows XP Pro on a 1GHz PIII with 512MB RAM & a RIVA TNT2 graphics card.
Impressive I know.

There are 2 user accounts -
"David" - not password protected, but limited access - suitable for web browsing / printing etc.
"Falken" - admin account - speak to Tony_S if you need the password.

Genral Use PC

Quorra

A workstation with dual heads, Quorra is available for all members to use.

Fey

General-use windows PC in the blue room,aimed at CAD work and anything else requiring a reasonably beefy GPU.

WOPR

Another general-use PC in the blue room, by the window

Printers

For more details, see Printers.

Bender

The HP Color Laserjet HP5550 is set up on 10.0.0.95 as Bender.
The printer feeds A4 paper from tray 2 and A3 paper from tray 3.
A duplexer is installed enabling double-sided printing.
Bender is shared on JARVIS, so should be auto-detected by Linux machines.

Rosey

An Epson WF-7610DWF printer/scanner set up on 10.0.0.94. The scanner/printer should be auto-detected by most Linux/Mac machines, and is known to work from Quorra using Xsane.

Plotter

HP DesignJet 600 Not networked, but connected via serial or parallel interface to quorra

Websites

DNS record looked after by 'RepRap' Matt

Nottinghack.org.uk

The main Nottinghack websites are run form Andromeda.

This hosts the Wordpress blog, this wiki, the Nottinghack Planet

The Twitterbot for @HSNOTTS is also hosted on on this server.

lspace.nottinghack.org.uk

Hosted locally at the space on Holly

Includes:

  • Graph showing connected network device count

Hackspace Management System

The Hackspace Management System
Hosted locally at the space on Holly
see HMS

cacti.nottinghack.org.uk

Also hosted locally on Holly this provides graphing of various stats and info (mostly temperature graphs) from the hackspace instrumentation

http://holly/

Our intranet, only accessible from the hackspace network

HackSpace Instrumentation

The Network and Holly provide the backbone to our HackSpace Instrumentation projects.

Other Info

ADSL Connection Reboot Procedure

If for some reason the internet connection is not responding!
Then Able is located on the Internet shelf on the Members Storage room
On Able check if the 'DSL' and 'Internet' lights are green
If not on then reboot Able by cycling power using the power switch on the back,
If two minutes after doing this the 'DSL' light does not come back on then you need to get in touch with either 'RepRap' Matt or Daniel who can check on Kryten
If there's still no look, it could well be an outside issue with talktalk.

Extra Equipment

See here for a list of our other network gear

Subcategories

This category has the following 3 subcategories, out of 3 total.

Media in category "Network"

The following 5 files are in this category, out of 5 total.