Network

From LVL1
Revision as of 18:57, 12 January 2019 by RJgleitz (talk | contribs)
Jump to navigation Jump to search


Lvl1 qr header.png
Network&.png
Network

Internet Service is graciously provided by http://bluegrass.net

Network Diagram

2018 - Network Refresh.jpg

Network Overview

  • We have standards now! Please do not add hodgepodge stuff to our network infrastructure. Please see parts list below.
  • The DHCP pool takes exactly 10.0.0.100 - 10.0.2.255 All devices in these ranges use a /23 subnet mask (255.255.254.0) and a default gateway of 10.0.0.1 .
  • What this means in layman's terms:
    • Any IP that starts with 10.0.0.1 - 10.0.0.99 is a static client (either hard coded or assigned via DHCP reservations).
    • Any IP that starts with 10.0.0.100 10.0.2.255 is a dynamic client.
  • The wireless access points come from the 24port gig switch there are 4 of them, Main room, Classroom, Boneyard, and Deadzone they are connected through POE injectors.

DHCP/Static IP Reservations

MAC Address IP Address Device Name Description
b8:97:5a:34:12:ae 10.0.0.10 FILES File Server
10.0.0.11 MAIN_SW Cisco 3570G Switch Stack
10.0.0.12 SPACE_SW01 Cisco 3560G Switch
10.0.0.13 SPACE_SW02 Cisco 3560G Switch
10.0.0.14 CLASS_SW03 Cisco 2960G Switch
10.0.0.19-30 PRINTER(S) Printers?
b8:27:eb:0e:1d:10 10.0.0.45 TOMVEND Vending Machine Controller
f0:9f:c2:d6:e7:08 10.0.0.60 DEADZONE Unifi AP-AC-Pro
00:27:22:f2:56:a7 10.0.0.61 BONEYARD Unifi AP-AC-LR
f0:9f:c2:d6:b1:5f 10.0.0.62 CLASSROOM Unifi AP-AC-Pro
f0:9f:c2:d6:e1:b7 10.0.0.63 MAINROOM Unifi AP-AC-PRO

Internet IPs

IP Network 216.135.94.120/29
Bluegrass.net Gateway 216.135.94.121
Usable Range 216.135.94.122 216.135.94.124
Public Address 216.135.94.123
DNS Servers 216.135.64.2 216.135.64.3

Parts

Network Rack

Router Details

  • Our router is a small unifi security appliance a white box on the shelf in the network rack.
  • It has four interfaces. We only use:
    • WAN - connects to POE injector by TARDIS
    • LAN - connects to Master switch
  • DHCP runs here.

Switch Details

  • Everything is layer 2, the switches have an IP address only for management purposes.
  • The Master Switch is managed via 10.0.0.11, 01 is 12, 02 is 13, 03 is 14.
  • Everything stays on default vlan (VLAN 1).
  • Master is a 48 port gig switch stack. All other switches have 24 gigabit copper ports and two gigabit sfp ports.
  • For each access switch, ports 23 & 24 are in a Port Channel to provide redundancy and increase bandwidth.
  • On the master switch three different Port Channels are created (Po12-Po14) to support the three access switches.
  • If none of that made any sense, please just remember this: The links between switches have special configurations. Please do not move those cables around.
  • Spanning tree is enabled (with portfast) and bpdu guard. If you create a loop the ports will get disabled. SSH into the appropriate switch to re-enable it. All ports are labeled.
    • For example: A7 = port 7 on switch A. If it is disabled:


I need a static IP

  • Instead of setting a static IP on your device, create a static lease in our router.

Why?

  • Your device can still use DHCP but will get the same IP every time
  • In some cases this can be much easier than manually setting a static IP
  • If you take your device somewhere else it can still use DHCP
  • You get a DNS entry
  • Visibility. We can track things better if they're in our router. Manually setting IPs makes conflicts more likely.

How?

  • Log into pfSense as admin at https://10.0.0.1/
    • I'm not listing the creds on the wiki, any lvl1 member should be able to figure out the login
  • On the top bar click Status, then DHCP Leases
  • Scroll to the bottom of the page to pick your new IP
    • For wired, you'll pick an IP that starts with 10.0.0 (within 10.0.0.0/24)
    • For wireless, pick an IP that starts with 10.0.2 (within 10.0.2.0/24)
    • The IPs listed are already taken. Pick something else and remember it or write it down for the next steps.
    • For good measure, do a quick ping test to make sure nothing else has taken that.
  • Scroll back up to the top of the page and find your device. You can use the MAC address, hostname (not reliable if we have multiple things called "raspberrypi") or your current IP. Newer leases are closer to the top.
  • Click the + on the right next to your device.
  • Enter the following
    • IP Address: the ip address you picked earlier
    • Hostname: what you want the hostname to be. This will also update DNS. Please be specific, bonus points for also using your name.
      • Being a good member: aaronv-pi
      • Being a bad member: raspberrypi
    • Everything else can be ignored
  • Click Save
  • Click Apply
  • Renew your DHCP lease or, if you're lazy, reboot


Back to Space