Networking: Difference between revisions
Mich181189 (talk | contribs) (updated port numbers of switches now I am in front of them again) |
Mich181189 (talk | contribs) No edit summary |
||
Line 83: | Line 83: | ||
Hopefully we'll have a consistent infrastructure - similar switches for both normal and PoE ethernet, etc. | Hopefully we'll have a consistent infrastructure - similar switches for both normal and PoE ethernet, etc. | ||
Very much '''still a work in progress'' | Very much '''still a work in progress'': | ||
* [[Equipment/CoreSwitch|Core Switch]] | |||
* [[Equipment/1F-Floorports|1st Floor, Floor Port Switches]] | |||
2960 PoE: 1-12: VLAN 20 (for APs for now), 13-22: VLAN 30 for cctv, 23: trunk 24: VLAN 20 (was used as uplink - will reconfigure as trunk) | 2960 PoE: 1-12: VLAN 20 (for APs for now), 13-22: VLAN 30 for cctv, 23: trunk 24: VLAN 20 (was used as uplink - will reconfigure as trunk) |
Revision as of 17:35, 29 July 2018
This is the networking page for Ujima House the 2018-era planned location for London Hackspace. An active IT infrastructure planning document is being worked on in Google Sheets.
We want your help! Please reach out on the LHS Infrastructure IRC channel or post on the London Hackspace Infrastructure Google Group if you'd like to get involved.
For historical comparison, please refer to 447 Networking.
Our ISP
- What is the broadband availability at the place? Is there fibre already?
According to the SamKnows broadband checker, we can get BT Openreach FTTC and FTTP service but not cable-based broadband.
An example check with BT using the address for "Honeypot Nursery, Ujima House, 388 High Road, Wembley, HA9 6AR" we see BT Infinity 2 (76Mbit/19Mbit up) is available. Honeypot Nursery formerly occupied the proposed LHS location and is about 350 feet from the LWWEM Wembley Exchange but seems to actually get service from LWNWEM instead.
- Where do the Ethernet cables pictured in photos 21 and 'ground floor cabinet' go?
Unknown at this time - we'll need to trace where they go in our next visit.
IP's
We have opted for a more flexible and expansive 10.W.X.Y IP range rather than the old ChaosVPN-compatible range we had before.
DNS
Currently running Unbound DNS on Boole
DHCP
IP Allocations
TBD -
TLS
Ideally we've migrated everything to LetsEncrypt unless we're doing internal network / infrastructure SSL trust/validation, but all TBD.
There is a list of our legacy certificates here Networking/TLSCerts
WiFi
We have 6 Cisco 3502 access points, being provisioned for Ujima House:
- ap-1-kitchen
- ap-1-openspace
- ap-1-crafts
- ap-g-metal
- ap-g-wood
- ap-g-lobby
We have 3 SSID's:
- LondonHackspace - 5ghz default network.
- LondonHackspace-24 - As above but 2.4ghz only
- spacenet - part of the SpaceFED Federated inter-hackerspace wifi network.
- Please setup your LDAP account to use this - this is the recommended way for members to get online. Username: yourusername@hack.rs Password: •••••••••
Layer 2
Managed Building Fibre Connection
There is a fibre provided internet connection managed by the landlord and included in our rent. The building is being serviced by a shared 300 megabit via Onega portioned out to various tenants in the building. The actual IP connectivity provider looks to be Exponential-E but we need to go through Onega / Landlord if there are any issues/questions.
Our core router connecting this connection is Boole.
Setting | IP Address Value | IPv6 |
---|---|---|
IP Address | 167.98.98.227 | 2a00:1d40:1843:100::2 |
Subnet | 255.255.255.248 | 2a00:1d40:1843:100::/59 |
Gateway | 167.98.98.226 | 2a00:1d40:1843:100:: |
DNS1 | 62.244.176.176 | 2a00:1d40:ee:176::176 |
DNS2 | 62.244.177.177 | 2a00:1d40:ee:177::177 |
VDSL2 Provider
There is potential to use the wiring in the 3rd floor server room for VDSL circuits. Details TBD.
Local Network
Hopefully we'll have a consistent infrastructure - similar switches for both normal and PoE ethernet, etc.
Very much 'still a work in progress:
2960 PoE: 1-12: VLAN 20 (for APs for now), 13-22: VLAN 30 for cctv, 23: trunk 24: VLAN 20 (was used as uplink - will reconfigure as trunk)
ToDo
See Networking Todo.
Layer 1 (Physical Wiring)
Please note that we adhere to the TIA-568B standard of wiring in the London Hackspace connectivity. This is consistent with the existing wiring as well as historic best practices of London Hackspace. Go with (568)B, because Bees are Better.
Ground Floor
In the woodworking room, there's a comms cabinet with patch panels for several wallports. The CNC room - former nursery - had almost no networking, and very few power outlets. A wallport has been installed on the ceiling, having re-routed two network sockets from the kitchen area above. The remainder of the sockets in the patch panels are fair game. We will need a network switch in that cabinet, because the existing one there is probably unsuitable due to it's use by Brent Council.
Two ports have been rerouted from the 1st floor kitchen where they're unlikely to be needed, to the ceiling in the corner of the ground floor CNC room - where we require some networking.
Patch Panel
The Ground floor patch panel in the woodworking room is shared responsibility. Due to one room on the ground floor being used by Brent Council - they have their own networking equipment and run from the 3rd floor comms room. Two new purple jacketed cat6 cables to 1st floor comms room.
First Floor
- The rack is a Dataracks 303 series variable depth cabinet. Accessories are available from Dataracks though this model is discontinued.
- Two new purple jacketed cat6 cables from the ground floor cabinet to the 1st floor server room, run in on 2018-07-10. They go up a riser in the north east corner and then run above the ceiling tiles into the server room, in cable tray for some of the way. See image.
- Two new purple jacketed cat6 cables from the 1st floor server room to the third floor server room, run in on 2018-07-14, to replace poorly installed series of cables by building ISP.
- There are a large number of network sockets spread around the 1st floor, many (all?) of which seem to be run back via bundles of grey cat5e (?) cable to the server room, also partially in cable trays above the false ceilings.
- A single grey jacketed Cat5e (?) uplink cable from the first to third floor server room. Deemed to be poor quality.
Server Room
A small room with some (?) ventilation. Area K on the floor plan.
Patch Panel
- Previous tenants had removed their patch panel from the 1st floor comms room, All 1st floor wallports have been re-termianted. Currently up to port 122 on wallports terminated and tested. Some cables are missing, some are damaged, these are labelled on the patch panels.
- Ceiling runs for WiFi access points and cameras on 1st floor are numbered 1/123 onwards. These will probably all require connecting to a PoE switch.
- Inter-floor links are terminated on a 1U patch panel at the top of the cabinet.
Third Floor
The third floor is not ours and we (London Hackspace) do not have easy access to it for many changes. The server room on the third floor is the external demarcation point for the building - the building's existing internet connection is available here along with BT NTE (s?) and krone frames. The uplink cable from the 1st floor appears here.