Laboratory 24/Network

From London Hackspace Wiki

Lab24 has a number of network points, wired across the false ceiling. These terminate in the quiet/class room cabinet.

See also Infrastructure and System_naming and Member_accounts.

Addressing

The space's dns zone is lan.hack.rs. NB if you change this you'll need to update SNMP in cacti. Our IP range (assigned in ChaosVPN) is 172.31.24.0/23.

Diagrams

Layer 1

NetworkLayer1.png

sw/n is switch port n

Layer 2

NetworkLayer2.png

Mac addresses without names where unknown at the time the diagram was generated.

Port 24 has the fonera on it, which is why it has so many things.

No, i don't know why babbage has 2 mac addresses.

Layer 3 (ipv4)

Hackspace-internet.png

Internet Routing

Our internet is the Be Pro service:

IP:      93.97.176.250
Netmask: 255.255.248.0
Gateway: 93.97.176.1
DNS 1:   87.194.255.154
DNS 2:   87.194.255.155

We use a Draytek Vigor 120 modem which simply bridges the ADSL to ethernet. You can access this at http://192.168.2.1 (no username/password). The Internet light doesn't come on, presumably because it's in bridge mode. NB it doesn't like the LAN port being disconnected: doing it twice in short succession will cause it to stop responding to traffic on that port (presumably some weird arp issue). Restart both the router and modem at the same time to prevent this.

Routing is handled by Church, and the wireless is currently handled by the Fonera.

In addition to the Fonera (and probably replaceing it?) we have a Netgear 3700v2 donated by Dave Täht of the bufferbloat project. It runs a custom build of OpenWRT called CeroWRT please see that page for builds and installation instructions.

IPv6

We also advertise and route IPv6 within the space. This is currently tunnelled to Hurricane Electric. The account is currently with Mark, but will be transferred whenever someone asks.

IP prefix: 2001:470:92f1::/48
Church/hack.rs: 2001:470:92f1::1

We do not use DHCP for IPv6 at the moment, so do not provide automatic rDNS. Servers are set up for DNS under hack.rs, which is also currently with Mark.

As an experiment, we block inbound IPv6 except for port 22 (ssh), on the assumption that most people don't even realise IPv6 is on. Please shout if you actually need inbound connections to the space. DNS isn't enabled yet.

Experimental Wifi

We've got a Cerowrt box to test. It's routing the subnets 172.31.25.0/24 and 2001:470:92f1:a::/60.

IP: 172.31.24.10
IPv6: 2001:470:92f1::3

Switches

3com (always on), in the space dns zone as 'switch'. The switch is a 3CR17501-91, and is at 172.31.24.2. Please don't play.

Replaced with a pair of HP ProCurve 2848's.

They are connected together via a 2 port trunk on ports 47 and 48.

They run different versions of the firmware, and should probably be upgraded sometime.

We also have 2 small unmanaged switches, one is under the laser cutter for coolbot and layz0rs, and one is by the smaller touchtable and was used for the stratasys. Both should be replaceable (or almost replaceable) by the new cabling.

Servers

  • Babbage monitoring, IRC, storage, general purpose server (always on)
  • Bell The door/building management controller (always on)
  • Flowers The door/building management controller (always on)

Workstations

  • Lovelace Makerbot
  • Flowers Media PC (currently unused)
  • Patel laser cutter (hackspaceremote/hackspace maps to password-less user hackspace)
  • Postel The SGI O2
  • Difference Desktop PC
  • Touch table PC

Outside Lab24: Turing Bitfolk VM

Working on the network

All members have access to the servers, and with that, the ability to make changes. It's crucial to remember that this is a shared network and any changes you make will affect others. In particular, please don't install updates or restart machines without a good reason and checking on IRC first.

Each piece of hardware will have its own logbook page on the wiki, where you should log significant changes and problems.

Some servers, such as Babbage, run services written for the space, typically running in a screen session. The code for these can be found on Github.


Bikeshed

A list of things that could be done to make the network better.

Problems

  1. Look into why there are speed and duplex issues between the modem and church
* Simple fix is to add a new VLAN on the switch, and stick two ports in it. Should prevent any issues with autoneg between devices.
* But would create other issues with having the internet side patched into the switch making it more liable to breakage through patching errors

Improvements

  1. Look into using QoS.