Network

Network

Internet Service is graciously provided by http://bluegrass.net

Network Diagram

Network Overview

• We have standards now! Please do not add hodgepodge stuff to our network infrastructure. Please see parts list below.
• The DHCP pool takes exactly 10.0.0.100 - 10.0.2.255 All devices in these ranges use a /23 subnet mask (255.255.254.0) and a default gateway of 10.0.0.1 .
• What this means in layman's terms:
  • Any IP that starts with 10.0.0.1 - 10.0.0.99 is a static client (either hard coded or assigned via DHCP reservations).
  • Any IP that starts with 10.0.0.100 10.0.2.255 is a dynamic client.

• The wireless access points come from the 24port gig switch there are 4 of them, Main room, Classroom, Boneyard, and Deadzone they are connected through POE injectors.

DHCP/Static IP Reservations

Internet IPs

Parts

Network Rack

• 2 Port Surface Mount Box
• Patch Panel for rack
• RJ-45 Jack (used in boxes and patch panel)
• Cable
• Patch Cable

Router Details

• Our router is a small unifi security appliance a white box on the shelf in the network rack.
• It has four interfaces. We only use:
  • WAN - connects to POE injector by TARDIS
  • LAN - connects to Master switch
• DHCP runs here.
  • controller is https://files:8443/

Switch Details

• Everything is layer 2, the switches have an IP address only for management purposes.
• The Master Switch is managed via 10.0.0.11, 01 is 12, 02 is 13, 03 is 14.
• Everything stays on default vlan (VLAN 1).
• Master is a 48 port gig switch stack. All other switches have 24 gigabit copper ports and two gigabit sfp ports.
• For each access switch, ports 23 & 24 are in a Port Channel to provide redundancy and increase bandwidth.
• On the master switch three different Port Channels are created (Po12-Po14) to support the three access switches.
• If none of that made any sense, please just remember this: The links between switches have special configurations. Please do not move those cables around.
• Spanning tree is enabled (with portfast) and bpdu guard. If you create a loop the ports will get disabled. SSH into the appropriate switch to re-enable it. All ports are labeled.
  • For example: A7 = port 7 on switch A. If it is disabled:

I need a static IP

• Instead of setting a static IP on your device, create a static lease in our router.

Why?

• Your device can still use DHCP but will get the same IP every time.
• In some cases this can be much easier than manually setting a static IP.
• If you take your device somewhere else it can still use DHCP.
• You get a DNS entry.
• Visibility. We can track things better if they're in our router. Manually setting IPs makes conflicts more likely.

How?

• Log into pfSense as admin at https://10.0.0.1/.
  • I'm not listing the creds on the wiki, any LVL1 member should be able to figure out the login.
• On the top bar click Status, then DHCP Leases.
• Scroll to the bottom of the page to pick your new IP.
  • For wired, you'll pick an IP that starts with 10.0.0 (within 10.0.0.0/24).
  • For wireless, pick an IP that starts with 10.0.2 (within 10.0.2.0/24).
  • The IPs listed are already taken. Pick something else and remember it or write it down for the next steps.
  • For good measure, do a quick ping test to make sure nothing else has taken that.
• Scroll back up to the top of the page and find your device. You can use the MAC address, hostname (not reliable if we have multiple things called "raspberrypi") or your current IP. Newer leases are closer to the top.
• Click the + on the right next to your device.
• Enter the following:
  • IP Address: the ip address you picked earlier.
  • Hostname: what you want the hostname to be. This will also update DNS. Please be specific, bonus points for also using your name.
    • Being a good member: aaronv-pi
    • Being a bad member: raspberrypi
  • Everything else can be ignored.
• Click Save.
• Click Apply.
• Renew your DHCP lease or, if you're lazy, reboot.

Back to Space