Hackeriet

User Tools

Site Tools

You are here: start » infra » services » network » 2025-rewamp
infra:services:network:2025-rewamp

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
infra:services:network:2025-rewamp [2025/01/19 15:21] – created kfhinfra:services:network:2025-rewamp [2025/04/08 18:11] (current) marcusramberg
Line 1: Line 1:
-2025 network rewamp+====== 2025 network rewamp ====== 
 + 
 + 
 +===== The plan ===== 
  
-## The plan 
 <mermaid> <mermaid>
 raw raw
Line 13: Line 16:
  er-2[Edge-router 2]  er-2[Edge-router 2]
  udm[Unifi Dream Machine]  udm[Unifi Dream Machine]
- sw-core[Core switch] + sw-core["Core switch (layer 2 only)"
- net-haus("Hausmania network (NAT)"+ net-haus("Hausmania network (routing, NAT)"
- net-hack("Hackeriet network (NAT)")+ net-hack("Hackeriet network (routing, NAT)")
  srv1(Server)  srv1(Server)
  srv2(Server)  srv2(Server)
  srv3(Server)  srv3(Server)
 +        sw1(Switch)
 +        sw2(Switch)
 +        sw3(Switch)
  
  blix-- VRRP --> er-1  blix-- VRRP --> er-1
Line 32: Line 38:
  sw-core-->srv2  sw-core-->srv2
  sw-core-->srv3  sw-core-->srv3
 + sw-core-->sw1
 + sw-core-->sw2
 + sw-core-->sw3
 </mermaid> </mermaid>
  
-## Projects+===== Projects ===== 
 + 
 +==== Edgerouter for DMZ routing ====
  
-### Edgerouter for DMZ routing 
 Pad: https://pad.hackeriet.no/p/2025-network-dmz Pad: https://pad.hackeriet.no/p/2025-network-dmz
  
-Main points: +//Main points// 
-- Set up 2x Edgerouters behind Blix gw + 
-- Bind Hackeriet's linknet IP to one of the two ERs + 
-- Use VRRP with dedicated internal keepalive network to move VIP + - Set up 2x Edgerouters behind Blix gw 
-- Connect downstream core (pit-sw or UDM+sw-core, depending on the other project) to ERs with separate physical links + - Bind Hackeriet's linknet IP to one of the two ERs 
-  - Use (R)STP to only keep one downstream link active + - Use VRRP with dedicated internal keepalive network to move VIP 
-- Only route DMZ network + - Connect downstream core (pit-sw or UDM+sw-core, depending on the other project) to ERs with separate physical links 
-- Will not touch internal networks +   - Use (R)STP to only keep one downstream link active 
-- Separate link to each ER for sw management network+ - Only route DMZ network 
 + - Will not touch internal networks 
 + - Separate link to each ER for sw management network 
 + 
 + 
 +==== Unifi Dream Machine for NAT and internal routing ==== 
  
-### Unifi Dream Machine for NAT and internal routing 
 Pad: https://pad.hackeriet.no/p/2025-network-internal Pad: https://pad.hackeriet.no/p/2025-network-internal
 +
 +//Main points//
  
 - Put up Unifi Dream Machine and dedicated L2 core switch - Put up Unifi Dream Machine and dedicated L2 core switch
/srv/hackeriet-wiki/dokuwiki/data/attic/infra/services/network/2025-rewamp.1737300083.txt.gz · Last modified: 2025/01/19 15:21 by kfh