Difference between revisions of "Network/DMZ"
From Makers Local 256
< Network
Enabrintain (Talk | contribs) m (→Logical: typos) |
Enabrintain (Talk | contribs) m (→Logical: formatting) |
||
| Line 10: | Line 10: | ||
| <s>10.56.0.2</s> || <s>kratos</s> || historical || <s>VM host (physical box)</s> | | <s>10.56.0.2</s> || <s>kratos</s> || historical || <s>VM host (physical box)</s> | ||
|- | |- | ||
| − | | 10.56.0.3 || webdev || web@vm4 || Testing and development Web server (the real Web server is hosted offsite) | + | | 10.56.0.3 || webdev || web@'''vm4''' || Testing and development Web server (the real Web server is hosted offsite) |
|- | |- | ||
| − | | 10.56.0.4 || mail || mail@vm4 || Email (especially the mailing lists) | + | | 10.56.0.4 || mail || mail@'''vm4''' || Email (especially the mailing lists) |
|- | |- | ||
| 10.56.0.5 || 100W Laser || N/A || big laser | | 10.56.0.5 || 100W Laser || N/A || big laser | ||
|- | |- | ||
| − | | <s>10.56.0.5</s> || <s>liferay</s> || <s>liferay@vm4</s> ON HOLD - DO NOT RUN || <s>Enterprise portal for improved collaborative cloud synergy</s> | + | | <s>10.56.0.5</s> || <s>liferay</s> || <s>liferay@'''vm4'''</s> ON HOLD - DO NOT RUN || <s>Enterprise portal for improved collaborative cloud synergy</s> |
|- | |- | ||
| <s>10.56.0.6</s> || <s>fileserver</s> || historical || <s>file share</s> | | <s>10.56.0.6</s> || <s>fileserver</s> || historical || <s>file share</s> | ||
|- | |- | ||
| − | | 10.56.0.7 || backup || | + | | 10.56.0.7 || backup || historical || (old) webcam setup and (old) backup for all of the servers |
|- | |- | ||
| <s>10.56.0.8</s> || <s>zimbra</s> || historical || <s>Used to host our identity management and LDAP</s> | | <s>10.56.0.8</s> || <s>zimbra</s> || historical || <s>Used to host our identity management and LDAP</s> | ||
|- | |- | ||
| − | | 10.56.0.9 || asterisk || asterisk@vm2 || VoIP server for phones on the floor <s>and the main phone number</s> | + | | 10.56.0.9 || asterisk || asterisk@'''vm2''' || VoIP server for phones on the floor <s>and the main phone number</s> |
|- | |- | ||
| − | | 10.56.0.11 || newldap || newldap@vm2 || The LDAP server that replaced zimbra | + | | 10.56.0.11 || newldap || newldap@'''vm2''' || The LDAP server that replaced zimbra |
|- | |- | ||
| − | | 10.56.0.12 || dev || dev@vm4 || [[Network/Services/dev|Software development and testing box]] | + | | 10.56.0.12 || dev || dev@'''vm4''' || [[Network/Services/dev|Software development and testing box]] |
|- | |- | ||
| − | | 10.56.0.13 || newvpn || newvpn@vm2 || [[Network/VPN|Maker VPN]] server and admin orchestration jump-off point | + | | 10.56.0.13 || newvpn || newvpn@'''vm2''' || [[Network/VPN|Maker VPN]] server and admin orchestration jump-off point |
|- | |- | ||
| − | | 10.56.0.14 || owncloud || owncloud@vm4 || [[Network/Services/ownCloud|ownCloud]] server | + | | 10.56.0.14 || owncloud || owncloud@'''vm4''' || [[Network/Services/ownCloud|ownCloud]] server |
|- | |- | ||
| 10.56.0.15 || owncloud || N/A || Reserved for future use | | 10.56.0.15 || owncloud || N/A || Reserved for future use | ||
|- | |- | ||
| − | | 10.56.0.16 || reverseproxy || reverseproxy@vm4 || Terminates TLS and proxies for on-site services that should be reachable off-site | + | | 10.56.0.16 || reverseproxy || reverseproxy@'''vm4''' || Terminates TLS and proxies for on-site services that should be reachable off-site |
|- | |- | ||
| − | | 10.56.0.17 || newbackup || newbackup@vm4 || [[Network/Backups|Borg-based backup]] box | + | | 10.56.0.17 || newbackup || newbackup@'''vm4''' || [[Network/Backups|Borg-based backup]] box |
|- | |- | ||
| − | | 10.56.0.18 || iot || iot@vm4 | + | | 10.56.0.18 || iot || iot@'''vm4''' || Internet of Things development/bridge VM |
|- | |- | ||
| 10.56.0.19 || zoneminder || OBE, DO NOT RUN || Webcam host box | | 10.56.0.19 || zoneminder || OBE, DO NOT RUN || Webcam host box | ||
| Line 48: | Line 48: | ||
| <s>10.56.0.30</s> || <s>vm3</s> || <s>HOST MACHINE</s> || <s>VM host (physical box) - black Switchvox</s> | | <s>10.56.0.30</s> || <s>vm3</s> || <s>HOST MACHINE</s> || <s>VM host (physical box) - black Switchvox</s> | ||
|- | |- | ||
| − | | 10.56.0.31 || bbs || bbs@vm2 - NORMALLY TURNED OFF || Jeff's bulletin board server | + | | 10.56.0.31 || bbs || bbs@'''vm2''' - NORMALLY TURNED OFF || Jeff's bulletin board server |
|- | |- | ||
| 10.56.0.40 || vm4 || HOST MACHINE || VM host (physical box) - Dell PowerEdge with hot-swap drive bays | | 10.56.0.40 || vm4 || HOST MACHINE || VM host (physical box) - Dell PowerEdge with hot-swap drive bays | ||
Revision as of 09:46, 24 April 2019
This is the server network. There is no DHCP; all addresses must be statically set. It isn't really a DMZ as such. I just called it that so we would sound more impressive.
Logical
This IP space is 10.56.0.0/24 (10.56.0.*).
| IP | Hostname | VMHost | Description |
|---|---|---|---|
| 10.56.0.1 | router | N/A | Default router for machines in this network |
| |
|
historical | |
| 10.56.0.3 | webdev | web@vm4 | Testing and development Web server (the real Web server is hosted offsite) |
| 10.56.0.4 | mail@vm4 | Email (especially the mailing lists) | |
| 10.56.0.5 | 100W Laser | N/A | big laser |
| |
|
|
|
| |
|
historical | |
| 10.56.0.7 | backup | historical | (old) webcam setup and (old) backup for all of the servers |
| |
|
historical | |
| 10.56.0.9 | asterisk | asterisk@vm2 | VoIP server for phones on the floor |
| 10.56.0.11 | newldap | newldap@vm2 | The LDAP server that replaced zimbra |
| 10.56.0.12 | dev | dev@vm4 | Software development and testing box |
| 10.56.0.13 | newvpn | newvpn@vm2 | Maker VPN server and admin orchestration jump-off point |
| 10.56.0.14 | owncloud | owncloud@vm4 | ownCloud server |
| 10.56.0.15 | owncloud | N/A | Reserved for future use |
| 10.56.0.16 | reverseproxy | reverseproxy@vm4 | Terminates TLS and proxies for on-site services that should be reachable off-site |
| 10.56.0.17 | newbackup | newbackup@vm4 | Borg-based backup box |
| 10.56.0.18 | iot | iot@vm4 | Internet of Things development/bridge VM |
| 10.56.0.19 | zoneminder | OBE, DO NOT RUN | Webcam host box |
| 10.56.0.20 | vm2 | HOST MACHINE | VM host (physical box) - Dell PowerEdge without hot-swap drive bays |
| |
|
|
|
| 10.56.0.31 | bbs | bbs@vm2 - NORMALLY TURNED OFF | Jeff's bulletin board server |
| 10.56.0.40 | vm4 | HOST MACHINE | VM host (physical box) - Dell PowerEdge with hot-swap drive bays |
| 10.56.0.252 | server-sw | N/A | 8-port HP ProCurve switch in the rack |
| 10.56.0.253 | loft-sw | N/A | 48-port Cisco Catalyst PoE switch mounted vertically on the loft railing |
| 10.56.0.254 | downstairs-sw | N/A | 48-port Dell PowerConnect switch mounted vertically below the south office window |
Physical
The thing about this network is, almost everything on it is a VM. The only physical boxes on this network are the VM hosts, the zoneminder machine, and the router. As such, it is unlikely that you would see this network anywhere else in the shop. This may change, however; it'd be a good place to put servers.
| Device | Location | Description |
|---|---|---|
| Ubiquiti ERL | Rack | The router for the network |
| HP ProCurve Smart Switch | Rack shelf | Handles VLAN distribution and management |
| 100W Laser | Main Shop area | Hardware |
| Zoneminder | Next to Rack | Dedicated hardware for zoneminder instance |
| VM2 | Rack | VM Host |
| VM4 | Rack | VM Host |
| Cisco Catalyst Switch | mounted vertically in loft | Switch for Fablab, Sewing room, some cams, and loft |
| Dell PowerConnect switch | mounted vertically below the south office window | Switch for Office, Wifi, some cams, and Laser |
