447 Networking: Difference between revisions

From London Hackspace Wiki
(add new ap)
No edit summary
Line 104: Line 104:
* 37,38 - doorbot
* 37,38 - doorbot
* 39,40 - near door in office
* 39,40 - near door in office
* 41,42 - classroom roof, 42 used for ap2
* 41,42 - classroom roof, 42 used for ap2, 41 used for classroom camera
* 43 - behind the beast
* 43 - behind the beast
* 44 - in the cleaning cupboard.
* 44 - in the cleaning cupboard.

Revision as of 23:49, 8 February 2015

There is a 48 port patch panel in the cab in the office upstairs, of which 29 ports are used.

The Cab has 7 free U, we need 2 for the switches and 1 for Boole leaving 4...

N.B. new plans depend on working out what we need for new classrooms etc.

Our ISP

80/20 FTTC, 1Tb bandwidth/mo with Zen, see speedtest or [1]

We've got a native IPv6-only ADSL connection (150Gb/month) thanks to Andrews & Arnold!

IP's

We have a /29 : 82.69.229.0/29, all are aliased on lo on boole, see /etc/iptable/rules for forwarding details.

For v6 we've got 2001:8b0:856:1::/64, we also get 2001:8b0:1111:1111::617a on the ppp link to boole.

Internally, we're on the chaosvpn range 172.31.24.0/23 (172.31.24.1-172.31.25.255)

<graphviz> digraph network {

"Zen Interweb" -> Boole "A&A Interweb" -> Boole

Boole -> "Cisco1" "Cisco1" -> "Cisco2" "Cisco1" -> "Babbage" "Cisco2" -> "AP 1" "Cisco2" -> "AP 2" } </graphviz>

DNS

boole runs bind as a nameserver and unbound as a caching resolver, they run on different ip's, it has to be done this way to make DNSSEC work.

The dhcp server pokes hostnames that the dhcp clients send it into dns under dhcp.lan.london.hackspace.org.uk. The default search path is lan.london.hackspace.org.uk, so if you want to lookup a hostname for a machine that is a dhcp client, e.g. fish then you'd lookup fish.dhcp, this avoids problems with dhcp clients asking to be wpad etc...

machines with static ip's are just under lan.london.hackspace.org.uk, so you can go straight to babbage, tesla, etc...

to flush the unbound cache run (as root, on boole):

unbound-control flush_zone dhcp.lan.london.hackspace.org.uk
unbound-control flush_zone rev.lan.london.hackspace.org.uk
unbound-control flush_zone lan.london.hackspace.org.uk

WiFi

We have 6 Cisco 3502 Access points, current deployment:

  • AP1 - office/quiet room - now mounted properly, thanks User:Sully!
  • AP2 - classroom ceiling.
  • AP3 - Cabin
  • AP4 - Biohackers
  • AP5 - ?
  • AP6 - spare

Due to a new version of ios the accesspoints won't let you log in if you present them with loads of ssh pubkeys. To force ssh to use a password use:

ssh -o "PreferredAuthentications password" root@ap1

We also have a WNDR3700v2 running OpenWRT, it run the LondonHackspace2 SSID (same password as LondonHackspace), see Networking/WifiProblems for more details. It's on top of tesla or somewhere around the desk tesla is on.

Layer 2

For Zen (ipv4)

The phone line with FTTC on it comes into the basement by the BT DP boxes, there is a Huawei EchoLife HG612 there which presents it as a PPPOE session, that is patched by port 10 to eth1 (n.b. labeled ETH2 on boole's case) on boole.

For A&A (ipv6)

The phone line with FTTC on it comes into the basement by the BT DP boxes, there is a Huawei something there which presents it as a PPPOE session, that is patched by port 11 to eth2 (n.b. labeled ETH3 on boole's case) on boole.

Local Network

The rest of the network is connected to eth0 (labeled ETH1 on booles case) on boole via the cisco1 switch. There is a 2 port trunk configured on both the cisco switches to connect them.

Equipment/Cisco1 is in the basement rack, Equipment/Cisco2 is in the quietroom rack

Also in the rack in the quiet room is a 12(?) port POE injector. Those first 5 ports are plugged into ports 1-5 of the poe injector, at the moment we are using ports 1 and 2 for ap1 and ap2, we also supply poe to backdoorbot, the main room camera, the classroom camera, and the socket in the cleaning cupboard. See Networking/POE

todo

See Networking Todo.

physical layer cat5e wireing

Ground Floor

double patch panel

  • 1 - 2 office near window
  • 3 - 4 office under cab
  • 5 office under cab - single socket
  • 6,7,8,9,10,11,12 - classroom
  • 13 - 14 pillar near shower
  • 15 - 16 left of roller door
  • 17 - 18 rear wall of lobby
  • 27 - 28 office under cab
  • 29 - office under cab
  • 30-36 - classroom
  • 37,38 - doorbot
  • 39,40 - near door in office
  • 41,42 - classroom roof, 42 used for ap2, 41 used for classroom camera
  • 43 - behind the beast
  • 44 - in the cleaning cupboard.
  • 45 - 'Q17' in the 3d printing area
  • 46 - 'Q18' in the 3d printing area
  • 47 - 48 corner of the electronics area on the west wall.

2nd, 1U patch panel

  • 1-4 to ports 1-4 on patch panel in the basement rack, 1&2 used as a 2 port trunk to the cisco1 in the basement rack. port 3 free, port 4 patches to port 17 upstairs, which is frontdoorbot.
  • 5,6 & 7,8: to double sockets above the lobby for doorbots and friends
  • 9,10: double socket on the south wall in the corner where the classroom wall meets the south wall (on the outside of the classroom)
  • 11,12,13,14: quad socket behind teslaish
  • 15,16: double socket behind the printers.
  • 17,18: double socket on middle pillar
  • 19,20: double socket opposite kitchen for vending machine.

basement

1U panel in basement rack

  1. to 1 on 1U panel upstairs, half of trunk to cisco1)
  2. to 2 on 1U panel upstairs, half of trunk to cisco1)
  3. to 3 on 1U panel upstairs, pppoe line to boole
  4. to 4 on 1U panel upstairs, pppoe line to boole
  5. Biolab
  6. Biolab
  7. Cable tray near door, unterminated, yellow cable.
  8. Cable tray near door, used by the PTZ workshop webcam
  9. Modem Area, Black - used for the phone
  10. Modem Area, Red - used for the link to Zen
  11. Modem Area, Yellow - used for the link to A&A
  12. Modem Area, Blue
  13. Machine Shop, unterminated, black
  14. Machine Shop, rj45 plug, red boot, used for the 3-in-1 acnode
  15. Machine Shop, rj45 plug, yellow boot
  16. Machine Shop, unterminated, blue
  17. Cable tray by Etch station/pcb work area, RJ45 plug, green boot.
  18. Brewbot/gimp closet (?)
  19. Brewbot/gimp closet (?)

To be added

Quiet room
  • 1 x double socket and a quad - maybe not if we put shelving up. no.
South Wall Outside the Classroom
  • quad socket by tesla
  • quad socket by the table next to tesla

Both above serve tesla + babbage + printers + other bits

  • dual socket on the east side of the electronics bench
  • and another on the west side - we didn't bother with another one.
  • dual socket somewhere by the door for future doorbot + other bits <- maybe a quad here? we did put a quad there.

All the above to go over new trunking, 14 cables.

Classroom
  • sockets on north and west walls done!
  • East wall: 4 x double socket - didn't bother in the end
  • South wall 3 double sockets - didn't bother in the end

all 7 double sockets above to be fed from the trunking on the south side of the horizontal pillar thing along the ceiling == 14 cables, maybe too much to fit?

Basement

  • 19 - 20 on far wall near hose reel and phone dist boards.
  • 21 - 22 on wall on outside of lift plant room
  • 23 - 24 biohack basement on far wall.
  • 25 - 26 near fire hose pumps hidden behind the desk/counter

To be added

  • 1 x double socket near biohackers door for ac node/doorbot
  • 2 x double socket in each workshop for acnode
  • 4 x double socket in CNC area (plz ta - artag)
  • ?

Total new sockets on the ground floor cabinet

4 between ground and basement 14 in the classroom 14 along south wall -- 32

= 28 new ports needed (4 spare on the existing panels).

_or_

5 doubles in the classroom 1 quad by tesla and babbage 1 double by tesla and babbage 1 quad by the door?

= 20 + 4 to the basement.