Difference between revisions of "Resources/Network"

From Noisebridge
Jump to: navigation, search
(Proposed wireless networks: add VLANs)
 
(376 intermediate revisions by 87 users not shown)
Line 1: Line 1:
The network is up:
+
If you're reading this from another point in time, please note that the reality of the situation may be different. Please update this page to reflect reality as it changes.
  
<radii> we are fucking ONLINE
+
__TOC__
<radii> coming to you live from 83C
 
  
== Uplinks ('''24Mb/5Mb''' currently via Comcast) ==
+
== [[Network Troubleshooting]] ==
  
* Comcast Cable (Only internet, no voice or tv service)
+
Are you having issues with the internet or local network? Check out the [[Network Troubleshooting]] page for more information on what you can do to make things better or possibly seek help.
** Service is now live at 83C.
 
** $66.95 per month (After taxes COD at time of install is $169.21) - $3 modem rental per month
 
** No contract!
 
** Link speed is ~24Mbit down / ~5Mbit up. More testing during different times of the day would be useful.
 
** Wonderful quote from the service representative when asked about network filtering: "The network is filtered. Dynamic ips.'' Constantly flowing.'' Upgrading to static is possible through the business department."
 
** The direct line for the person who took the order is 1-925-349-3300 x644201
 
** Our confirmation number for this order is: 503691
 
  
* Speakeasy DSL (On a dry pair - Ordered for the (415) 864 area)
+
== Disclaimer ==
** Service has been delivered and installed at 83c
 
** Modem acts as a bridge straight into Speakeasy and comes with 1 static IP, 4 more for $20 per month.
 
*** Currently 66.92.8.180
 
** $105.95 per month - ($99.00 install fee, first month free, hardware included - Paid by Jake)
 
** Link speed: 6Mb down and 768k up
 
** 12 month contract (25 day trial period), $300 fee if canceled in contract but outside of stated trial period.
 
** 1 static ip included
 
** The direct line for the person (Michelle) who took the order is 1-877-240-4821
 
** In the future, we can upgrade the DSL to the following:
 
*** Kinda fast 8Mb down and 768k up. 149.95 per month. Hardware and inbstall waved.
 
*** Super fast 10Mb and 1Mb up. 179.95 per month. Hardware and install waved.
 
  
* Local wifi link (TBD - no current ETA on install)
+
''Please note that Noisebridge does not guarantee or provide a perfect secure experience in the space. Just like anywhere else in the world you're held responsible for your own safety and wellbeing. This also includes content you receive or transmit or provide through any mediums, such as through pen and paper, sound waves or any networks wired or wireless functioning in the space. Noisebridge is a volunteer run and operated space that provides you with infrastructure, which you use at your own risk.''
We need an antenna and a wifi access point that will uplink to our core switch (we need one of those too)
 
  
* Metro fiber
+
== Free Public Wireless Networks ==
Can someone research this? IP Networks is probably the company to call.
+
Noisebridge has two open wifi networks available for your use. In most cases if you connect to the network '''Noisebridge''' your laptop/phone/device will have the best luck getting crystal clear wifi and roam between radio channels according to which provides the most reliable and fastest connection.
  
* Sonic.net ADSL2
+
The wifi and internet provided is for public use. Like any public network, you should regard Noisebridge's as [[Visitor_advice#Hostile_network|potentially hostile]] and take appropriate precautions. In order to not give the impression of providing false security, Noisebridge does not run any encrypted wifi networks.
We're on the waiting list for 18Mb/1Mb ADSL2
 
  Sometime in the next year service will be available in San Francisco.
 
  
* WiMax
+
The following wireless networks (SSIDs) are active:
Currently this hasn't been very seriously researched
+
* '''Noisebridge Cap'''
 +
** No password
 +
** 802.11g/n/ac 2.4 and 5 gHz
 +
** This is a temporary SSID set up for use during the move until the long term equipment is set up.
  
* SFLan
 
We may have line of sight to a node if we can bounce off of a local building. This hasn't been seriously researched. We may want to try to get roof access for antennas and should talk to our very quiet neighbors.
 
  
== Hardware ==
+
== Wired network ==
 +
There are drops throughout the space. They are labeled with the corresponding number on the patch panel. Please don't destroy them (lol).
  
* Currently [[User:Jof|jof]] has configured a Soekris net4801 with pfSense (FreeBSD firewall distro) running NAT to several ports and a WRT54g
+
== Local Network Address Information ==
** Passwords to both devices are in an envelope in the closet in the fishbowl. Or if you are known within the group, ping [[User:Jof|jof]]
+
DHCP is offered automatically on the network. Currently the IP range is as follows:
* [[User:Ioerror|Jake]] has donated a FON [http://en.wikipedia.org/wiki/FON#La_Fonera_WiFi_Router La Fonera] router that has been liberated with a fresh DD-WRT install.
 
* A Ruckus Wireless ZoneFlex 2942 access point.
 
** Takes an 802.1q trunk (with POE!) over a single Cat5/6 cable, and can take up to 8 802.1q tags and broadcast an SSID for each tag. -- [[User:Jof|jof]] 00:51, 4 October 2008 (PDT)
 
  
== Topology ==
+
* IP Range: 10.21.0.1-10.21.1.254
 +
* Gateway: 10.21.0.1
 +
* Subnet: 255.255.'''254'''.0 (a "slash" /23)
 +
* DNS: 10.21.0.1, 1.1.1.1
  
[[Image:Noisebridge_net-2008-10-02.png|thumb|left|Older topology, does not include cisco box or ruckus AP]]
+
==Network Devices & Services==
 +
* [[Music]]
 +
* [[2D Paper Printer]]
 +
* [[Infrastructure]]
  
* External IP is assigned via DHCP from Comcast on the Soekris box.
 
** Soekris is now updating a DynDNS domain for the WAN IP - comcast-sfo-noisebridge.dyndns.org -- [[User:Jof|jof]] 20:16, 3 October 2008 (PDT)
 
** cable.noisebridge.net should CNAME here as well.
 
** If modifying later, beware that Comcast will now only hand out a DHCP lease requested from 00:0A:E4:32:44:6E
 
  
* Internal subnet is 172.30.0.0/23
+
== Uplinks ==
** Soekris box is at 172.30.0.1
+
=== Monkeybrains Wireless Link ===
** Linksys AP is at 172.30.0.2
+
We have a point-to-point wireless link to Monkeybrains on the roof, it's a microwave dish on the roof at the front of the building.
** Cisco Router is at 172.30.0.3
 
** Ruckus AP (on 12th Ethernet port PoE)
 
  
* There are some existing Ethernet segments that you can patch into. If it has a number written in black marker on the outlet, this number corresponds to the outlet on the patch panel in the fishbowl closet.
+
==I want to help!==
 +
Noisebridge is run by volunteers, you're welcome to help but should get to know those helping first before touching/hacking the network gear. Try introducing yourself on the #rack channel in the Noisebridge Slack.
  
== Proposed wireless networks ==
+
== Router ==
Currently, we have a single wireless network with the ESSID of "noisebridge" and it merely routes to the upstream NAT. For the future, I propose the following networks in addition to the aforementioned legacy network:
+
 
* noisebridge-sweden (All traffic on this network is routed through [https://www.relakks.com/?cid=gb Relakks] - ideal for people who accidentally share files)
+
Biketrailer is our humble router. It is an Ubiquiti Edgerouter (ER-4) box running EdgeOS, a fork of Vyatta (a Linux-based router distribution).
**Routed through 802.1q trunk on VLAN #21
+
 
* noisebridge-germany (All traffic on this network is routed through Germany thanks to our friends in the CCC!)
+
The machines currently provides
** On VLAN #31
+
  * NAT
* noisebridge-ipv6 (a pure ipv6 network, experience the net of the future, today in the past)
+
  * DHCPD
** On VLAN #41
+
  * DNS (dnsmasq) - <s>local TLD and</s> recursive proxy
* noisebridge-insecure (totally open - no crypto on the network, QoS, etc)
+
 
** On VLAN #11
+
Access is via SSH with keys and a https web interface.
* noisebridge-anonymous (An (fully transparent) anonymous wifi network using Tor)
+
 
** On VLAN #51
+
== Address Allocations ==
* noisebridge-crypto (Rotating keys or certs for paranoid users)
+
===WAN - Monkeybrains - 192.195.83.128/29 ===
** On VLAN #61
+
* Address range: 192.195.83.129-134
* noisebridge-local (a totally local wifi network that isn't routing to the net at all)
+
* Gateway: 192.195.83.129
** On VLAN #71
+
* DNS: 208.69.43.23, 208.69.40.4
:Easily possible with one AP (The Ruckus 2942 we had donated), a managed switch, and a little cleverness :) -- [[User:JSharp|JSharp]] 00:31, 5 October 2008 (PDT)
+
* Subnet Mask: 255.255.255.248
 +
 
 +
====Addresses====
 +
 
 +
{| class="wikitable"
 +
|-
 +
! IP
 +
! DNS
 +
! Info
 +
|-
 +
| 192.195.83.130
 +
| cycletrailer.noisebridge.net/cycletrailer.noisebridge.io
 +
| EdgeRouter ER-4
 +
|-
 +
| 192.195.83.131
 +
| cia.noisebridge.io
 +
|
 +
|-
 +
| 192.195.83.132
 +
| jitsi.noisebridge.io
 +
|
 +
|-
 +
| 192.195.83.133
 +
| zeppelin.noisebridge.net/zeppelin.noisebridge.io
 +
|
 +
|-
 +
| 192.195.83.134
 +
| pegasus.noisebridge.net/pegasus.noisebridge.io
 +
|
 +
|}
 +
 
 +
 
 +
===LAN - 10.21.0.0/16===
 +
====10.21.1.0 - 1.254====
 +
* DHCP Pool - When connecting to the network, you will automatically receive an IP in this range.
 +
 
 +
=== IPv6 ===
 +
We would like to setup IPv6, some day.
 +
 
 +
== Machine Rack ==
 +
There are two racks in the space, the main one on the first floor near the rolling door, and the secondary one on the second floor directly above the main one. They are small and up high to discourage people from messing with them or installing things in them. The internet works, please leave the boxes alone.
 +
 
 +
===Can I install/setup boxes on Noisebridge's network?===
 +
====Short answer====
 +
'''No.'''
 +
 
 +
====Long answer====
 +
Noisebridge is here to provide infrastructure for creative projects. We're really good at some things. One thing we suck at is administrating boxes setup on our network. They eat power, internet, the attention span of volunteers, and people who set them up generally are bad at communicating later on down the line when something breaks or a machine magically appears.
 +
 
 +
Noisebridge network infrastructure policy is as such:
 +
* Critical infrastructure machines (like our access control system): Low power ok!
 +
* Machines for classes that cannot be hosted on the internet: Low power ok!
 +
* Personal machines: NO!
 +
* High power machines: NO!
 +
* Bitcoin miners: NO!
 +
* Torrent boxes: NO!
 +
* Everything else: NO!
 +
 
 +
Please discuss any proposed installations in #Rack, but in general, please don't host your box at Noisebridge. We can't afford it. Thanks for understanding.
 +
 
 +
===Rack setup===
 +
This is currently in flux and will be updated once things are more finalized.
 +
<s>
 +
[[File:rack-front.jpg|right]]
 +
 
 +
{| class="wikitable"
 +
|-
 +
! RU
 +
! Item
 +
|-
 +
| 1-2
 +
| Patch Panel
 +
|-
 +
| 3
 +
| TrendNet Unmanaged Switch
 +
|-
 +
| 4
 +
| Ubiquiti EdgeSwitch
 +
|-
 +
| 5
 +
| pegasus.noise
 +
|-
 +
| 6-7
 +
| Shelf with zepplin.noise
 +
|-
 +
| 7
 +
|
 +
|-
 +
| 8
 +
|
 +
|-
 +
| 9
 +
| EdgeRouter (biketrailer.noise)
 +
|-
 +
| 10
 +
| cloud.noise
 +
|-
 +
| 11
 +
| Power Strip
 +
|-
 +
| 12
 +
| UPS
 +
|}
 +
</s>
 +
 
 +
 
 +
====Cyberpower UPS (Uninterrupted Power Supply)====
 +
 
 +
All the rack infra in the primary rack is plugged into the UPS. If the power goes out, the UPS will provide battery power and also beep.
 +
 
 +
=====Administration=====
 +
Access the router UI over https at 10.21.0.1.

Latest revision as of 00:53, 19 October 2020

If you're reading this from another point in time, please note that the reality of the situation may be different. Please update this page to reflect reality as it changes.

Network Troubleshooting

Are you having issues with the internet or local network? Check out the Network Troubleshooting page for more information on what you can do to make things better or possibly seek help.

Disclaimer

Please note that Noisebridge does not guarantee or provide a perfect secure experience in the space. Just like anywhere else in the world you're held responsible for your own safety and wellbeing. This also includes content you receive or transmit or provide through any mediums, such as through pen and paper, sound waves or any networks wired or wireless functioning in the space. Noisebridge is a volunteer run and operated space that provides you with infrastructure, which you use at your own risk.

Free Public Wireless Networks

Noisebridge has two open wifi networks available for your use. In most cases if you connect to the network Noisebridge your laptop/phone/device will have the best luck getting crystal clear wifi and roam between radio channels according to which provides the most reliable and fastest connection.

The wifi and internet provided is for public use. Like any public network, you should regard Noisebridge's as potentially hostile and take appropriate precautions. In order to not give the impression of providing false security, Noisebridge does not run any encrypted wifi networks.

The following wireless networks (SSIDs) are active:

  • Noisebridge Cap
    • No password
    • 802.11g/n/ac 2.4 and 5 gHz
    • This is a temporary SSID set up for use during the move until the long term equipment is set up.


Wired network

There are drops throughout the space. They are labeled with the corresponding number on the patch panel. Please don't destroy them (lol).

Local Network Address Information

DHCP is offered automatically on the network. Currently the IP range is as follows:

  • IP Range: 10.21.0.1-10.21.1.254
  • Gateway: 10.21.0.1
  • Subnet: 255.255.254.0 (a "slash" /23)
  • DNS: 10.21.0.1, 1.1.1.1

Network Devices & Services


Uplinks

Monkeybrains Wireless Link

We have a point-to-point wireless link to Monkeybrains on the roof, it's a microwave dish on the roof at the front of the building.

I want to help!

Noisebridge is run by volunteers, you're welcome to help but should get to know those helping first before touching/hacking the network gear. Try introducing yourself on the #rack channel in the Noisebridge Slack.

Router

Biketrailer is our humble router. It is an Ubiquiti Edgerouter (ER-4) box running EdgeOS, a fork of Vyatta (a Linux-based router distribution).

The machines currently provides

  * NAT
  * DHCPD
  * DNS (dnsmasq) - local TLD and recursive proxy

Access is via SSH with keys and a https web interface.

Address Allocations

WAN - Monkeybrains - 192.195.83.128/29

  • Address range: 192.195.83.129-134
  • Gateway: 192.195.83.129
  • DNS: 208.69.43.23, 208.69.40.4
  • Subnet Mask: 255.255.255.248

Addresses

IP DNS Info
192.195.83.130 cycletrailer.noisebridge.net/cycletrailer.noisebridge.io EdgeRouter ER-4
192.195.83.131 cia.noisebridge.io
192.195.83.132 jitsi.noisebridge.io
192.195.83.133 zeppelin.noisebridge.net/zeppelin.noisebridge.io
192.195.83.134 pegasus.noisebridge.net/pegasus.noisebridge.io


LAN - 10.21.0.0/16

10.21.1.0 - 1.254

  • DHCP Pool - When connecting to the network, you will automatically receive an IP in this range.

IPv6

We would like to setup IPv6, some day.

Machine Rack

There are two racks in the space, the main one on the first floor near the rolling door, and the secondary one on the second floor directly above the main one. They are small and up high to discourage people from messing with them or installing things in them. The internet works, please leave the boxes alone.

Can I install/setup boxes on Noisebridge's network?

Short answer

No.

Long answer

Noisebridge is here to provide infrastructure for creative projects. We're really good at some things. One thing we suck at is administrating boxes setup on our network. They eat power, internet, the attention span of volunteers, and people who set them up generally are bad at communicating later on down the line when something breaks or a machine magically appears.

Noisebridge network infrastructure policy is as such:

  • Critical infrastructure machines (like our access control system): Low power ok!
  • Machines for classes that cannot be hosted on the internet: Low power ok!
  • Personal machines: NO!
  • High power machines: NO!
  • Bitcoin miners: NO!
  • Torrent boxes: NO!
  • Everything else: NO!

Please discuss any proposed installations in #Rack, but in general, please don't host your box at Noisebridge. We can't afford it. Thanks for understanding.

Rack setup

This is currently in flux and will be updated once things are more finalized.

Rack-front.jpg
RU Item
1-2 Patch Panel
3 TrendNet Unmanaged Switch
4 Ubiquiti EdgeSwitch
5 pegasus.noise
6-7 Shelf with zepplin.noise
7
8
9 EdgeRouter (biketrailer.noise)
10 cloud.noise
11 Power Strip
12 UPS


Cyberpower UPS (Uninterrupted Power Supply)

All the rack infra in the primary rack is plugged into the UPS. If the power goes out, the UPS will provide battery power and also beep.

Administration

Access the router UI over https at 10.21.0.1.