Difference between revisions of "Network/DMZ"
From Makers Local 256
< Network
(→Logical: migrate mail) |
(→Logical: correcting hostname) |
||
| (16 intermediate revisions by 4 users not shown) | |||
| Line 4: | Line 4: | ||
{| class="wikitable sortable" | {| class="wikitable sortable" | ||
|- | |- | ||
| − | ! IP !! Hostname !! VMHost !! Description | + | ! IP !! Hostname !! VMHost !! Description !! Notes |
|- | |- | ||
| 10.56.0.1 || router || N/A || Default router for machines in this network | | 10.56.0.1 || router || N/A || Default router for machines in this network | ||
| Line 10: | Line 10: | ||
| <s>10.56.0.2</s> || <s>kratos</s> || historical || <s>VM host (physical box)</s> | | <s>10.56.0.2</s> || <s>kratos</s> || historical || <s>VM host (physical box)</s> | ||
|- | |- | ||
| − | | 10.56.0.3 || webdev || web@''' | + | | 10.56.0.3 || webdev (web) || web@'''vm666''' || Testing and development Web server (the real Web server is hosted offsite) || home of donation system, tho not the home of donation DB |
|- | |- | ||
| 10.56.0.4 || mail || mail@'''vm666''' || Email (especially the mailing lists) | | 10.56.0.4 || mail || mail@'''vm666''' || Email (especially the mailing lists) | ||
| Line 28: | Line 28: | ||
| 10.56.0.11 || newldap || newldap@'''vm2''' || The LDAP server that replaced zimbra | | 10.56.0.11 || newldap || newldap@'''vm2''' || The LDAP server that replaced zimbra | ||
|- | |- | ||
| − | | 10.56.0.12 || dev || dev@''' | + | | 10.56.0.12 || dev || dev@'''vm666''' || [[Network/Services/dev|Software development and testing box]] / Docker server for iot |
|- | |- | ||
| 10.56.0.13 || newvpn || newvpn@'''vm2''' || [[Network/VPN|Maker VPN]] server and admin orchestration jump-off point | | 10.56.0.13 || newvpn || newvpn@'''vm2''' || [[Network/VPN|Maker VPN]] server and admin orchestration jump-off point | ||
|- | |- | ||
| − | | 10.56.0.14 || owncloud || owncloud@''' | + | | 10.56.0.14 || owncloud || owncloud@'''vm666''' || [[Network/Services/ownCloud|ownCloud]] server |
|- | |- | ||
| 10.56.0.15 || owncloud || N/A || Reserved for future use | | 10.56.0.15 || owncloud || N/A || Reserved for future use | ||
|- | |- | ||
| − | | 10.56.0.16 || reverseproxy || reverseproxy@'''vm666''' || Terminates TLS and proxies for on-site services that should be reachable off-site | + | | 10.56.0.16 || reverseproxy || reverseproxy@'''vm666''' || Terminates TLS and proxies for on-site services that should be reachable off-site using nginx || letsencrypt:stats.makerslocal.org |
|- | |- | ||
| 10.56.0.17 || newbackup || newbackup@'''vm4''' || [[Network/Backups|Borg-based backup]] box | | 10.56.0.17 || newbackup || newbackup@'''vm4''' || [[Network/Backups|Borg-based backup]] box | ||
| Line 42: | Line 42: | ||
| 10.56.0.18 || iot || iot@'''vm666''' || Internet of Things development VM / MQTT service | | 10.56.0.18 || iot || iot@'''vm666''' || Internet of Things development VM / MQTT service | ||
|- | |- | ||
| − | | 10.56.0.19 || zoneminder || OBE, DO NOT RUN || Webcam host box | + | | 10.56.0.19 || zoneminder || OBE, DO NOT RUN. Running bare metal with the same IP. || Webcam host box |
|- | |- | ||
| 10.56.0.20 || vm2 || HOST MACHINE || VM host (physical box) - Dell PowerEdge without hot-swap drive bays | | 10.56.0.20 || vm2 || HOST MACHINE || VM host (physical box) - Dell PowerEdge without hot-swap drive bays | ||
| + | |- | ||
| + | | 10.56.0.21 || openProject || pve6 || VM ID 100 - openProject VM | ||
|- | |- | ||
| <s>10.56.0.30</s> || <s>vm3</s> || <s>HOST MACHINE</s> || <s>VM host (physical box) - black Switchvox</s> | | <s>10.56.0.30</s> || <s>vm3</s> || <s>HOST MACHINE</s> || <s>VM host (physical box) - black Switchvox</s> | ||
| Line 53: | Line 55: | ||
|- | |- | ||
| 10.56.0.60 || vm666 || HOST MACHINE || VM host (physical box) - Digium SWVX 305 4U case with upgraded internals | | 10.56.0.60 || vm666 || HOST MACHINE || VM host (physical box) - Digium SWVX 305 4U case with upgraded internals | ||
| + | |- | ||
| + | | 10.56.0.61 || DEFCON || vm666 || VM ID 110 for Defcon 256 partner site - dcg256.org | ||
| + | |- | ||
| + | | 10.56.0.62 || mastodon || vm666 || VM ID 162 for omegix' mastodon instance | ||
| + | |- | ||
| + | | 10.56.0.122 || redmine || vm666 || Action Item Tracker Server | ||
| + | |- | ||
| + | | 10.56.0.123 || dockerHost || vm666 || Docker Host (Snipe-IT) | ||
|- | |- | ||
| 10.56.0.252 || server-sw || N/A || 8-port HP ProCurve switch in the rack | | 10.56.0.252 || server-sw || N/A || 8-port HP ProCurve switch in the rack | ||
| Line 68: | Line 78: | ||
! Device !! Location !! Description | ! Device !! Location !! Description | ||
|- | |- | ||
| − | | Ubiquiti ERL || Rack || The router for the network | + | | Ubiquiti ERL || Rack shelf || The router for the network |
|- | |- | ||
| HP ProCurve Smart Switch || Rack shelf || Handles VLAN distribution and management | | HP ProCurve Smart Switch || Rack shelf || Handles VLAN distribution and management | ||
| Line 74: | Line 84: | ||
| 100W Laser || Main Shop area || Hardware | | 100W Laser || Main Shop area || Hardware | ||
|- | |- | ||
| − | | Zoneminder || | + | | Zoneminder || Rack || Dedicated hardware for zoneminder instance |
|- | |- | ||
| VM2 || Rack || VM Host | | VM2 || Rack || VM Host | ||
|- | |- | ||
| − | | VM4 || Rack || VM Host | + | | VM4 || Rack || VM Host, Largely OBE, still runs backup for now |
|- | |- | ||
| VM666 || Rack || VM Host | | VM666 || Rack || VM Host | ||
Latest revision as of 11:26, 18 January 2023
This is the server network. There is no DHCP; all addresses must be statically set. It isn't really a DMZ as such. I just called it that so we would sound more impressive.
Logical
This IP space is 10.56.0.0/24 (10.56.0.*).
| IP | Hostname | VMHost | Description | Notes |
|---|---|---|---|---|
| 10.56.0.1 | router | N/A | Default router for machines in this network | |
| |
|
historical | | |
| 10.56.0.3 | webdev (web) | web@vm666 | Testing and development Web server (the real Web server is hosted offsite) | home of donation system, tho not the home of donation DB |
| 10.56.0.4 | mail@vm666 | Email (especially the mailing lists) | ||
| 10.56.0.5 | 100W Laser | N/A | big laser | |
| |
|
|
| |
| |
|
historical | | |
| 10.56.0.7 | backup | historical | (old) webcam setup and (old) backup for all of the servers | |
| |
|
historical | | |
| 10.56.0.9 | asterisk | asterisk@vm2 | VoIP server for phones on the floor | |
| 10.56.0.11 | newldap | newldap@vm2 | The LDAP server that replaced zimbra | |
| 10.56.0.12 | dev | dev@vm666 | Software development and testing box / Docker server for iot | |
| 10.56.0.13 | newvpn | newvpn@vm2 | Maker VPN server and admin orchestration jump-off point | |
| 10.56.0.14 | owncloud | owncloud@vm666 | ownCloud server | |
| 10.56.0.15 | owncloud | N/A | Reserved for future use | |
| 10.56.0.16 | reverseproxy | reverseproxy@vm666 | Terminates TLS and proxies for on-site services that should be reachable off-site using nginx | letsencrypt:stats.makerslocal.org |
| 10.56.0.17 | newbackup | newbackup@vm4 | Borg-based backup box | |
| 10.56.0.18 | iot | iot@vm666 | Internet of Things development VM / MQTT service | |
| 10.56.0.19 | zoneminder | OBE, DO NOT RUN. Running bare metal with the same IP. | Webcam host box | |
| 10.56.0.20 | vm2 | HOST MACHINE | VM host (physical box) - Dell PowerEdge without hot-swap drive bays | |
| 10.56.0.21 | openProject | pve6 | VM ID 100 - openProject VM | |
| |
|
|
| |
| 10.56.0.31 | bbs | bbs@vm2 - NORMALLY TURNED OFF | Jeff's bulletin board server | |
| 10.56.0.40 | vm4 | HOST MACHINE | VM host (physical box) - Dell PowerEdge with hot-swap drive bays | |
| 10.56.0.60 | vm666 | HOST MACHINE | VM host (physical box) - Digium SWVX 305 4U case with upgraded internals | |
| 10.56.0.61 | DEFCON | vm666 | VM ID 110 for Defcon 256 partner site - dcg256.org | |
| 10.56.0.62 | mastodon | vm666 | VM ID 162 for omegix' mastodon instance | |
| 10.56.0.122 | redmine | vm666 | Action Item Tracker Server | |
| 10.56.0.123 | dockerHost | vm666 | Docker Host (Snipe-IT) | |
| 10.56.0.252 | server-sw | N/A | 8-port HP ProCurve switch in the rack | |
| 10.56.0.253 | loft-sw | N/A | 48-port Cisco Catalyst PoE switch mounted vertically on the loft railing | |
| 10.56.0.254 | downstairs-sw | N/A | 48-port Dell PowerConnect switch mounted vertically below the south office window |
Physical
The thing about this network is, almost everything on it is a VM. The only physical boxes on this network are the VM hosts, the zoneminder machine, and the router. As such, it is unlikely that you would see this network anywhere else in the shop. This may change, however; it'd be a good place to put servers.
| Device | Location | Description |
|---|---|---|
| Ubiquiti ERL | Rack shelf | The router for the network |
| HP ProCurve Smart Switch | Rack shelf | Handles VLAN distribution and management |
| 100W Laser | Main Shop area | Hardware |
| Zoneminder | Rack | Dedicated hardware for zoneminder instance |
| VM2 | Rack | VM Host |
| VM4 | Rack | VM Host, Largely OBE, still runs backup for now |
| VM666 | Rack | VM Host |
| Cisco Catalyst Switch | mounted vertically in loft | Switch for Fablab, Sewing room, some cams, and loft |
| Dell PowerConnect switch | mounted vertically below the south office window | Switch for Office, Wifi, some cams, and Laser |
