From Noisebridge
< Resources(Redirected from Network)
Jump to: navigation, search


[edit] Network Troubleshooting

Are you having issues with the internet or local network? Check out the Network Troubleshooting page for more information on what you can do to make things better or possibly seek help.

[edit] Disclaimer

Please note that Noisebridge does not guarantee or provide a perfect secure experience in the space. Just like anywhere else in the world you're held responsible for your own safety and wellbeing. This also includes content you receive or transmit or provide through any mediums, such as through pen and paper, sound waves or any networks wired or wireless functioning in the space. Noisebridge is a volunteer run and operated space that provides you with infrastructure, which you use at your own risk.

[edit] Free Public Wireless Networks

Noisebridge has two open wifi networks available for your use. In most cases if you connect to the network Noisebridge your laptop/phone/device will have the best luck getting crystal clear wifi and roam between radio channels according to which provides the most reliable and fastest connection.

The wifi and internet provided is for public use. Like any public network, you should regard Noisebridge's as potentially hostile and take appropriate precautions. In order to not give the impression of providing false security, Noisebridge does not run any encrypted wifi networks.

The following networks are active:

  • Noisebridge
    • No password
    • Uplink through and Monkeybrains
    • 802.11gn 2.4 gHz and 802.11an 5 gHz, your wifi device decides which network is the best for it and roams accordingly
  • Noisebridge 5g
    • No password
    • Uplink through and Monkeybrains
    • 802.11an 5 gHz only

[edit] Wired network

There are drops throughout the space. They are labeled with the corresponding number on the patch panel. Please don't destroy them (lol).

[edit] DNS

Dynamic DNS is provided by the nat machine for DHCP clients on Resolution of machines with static addresses is done by ipv4 or ipv6 mDNS and dynamic DNS entries on the nat machine from the DHCP service.

[edit] Development

[edit] Network Devices & Services

[edit] 2169 Mission

[edit] Uplinks

[edit] DSL Circuit

There is a Fusion ADSL2+ DSL connection in the building. The physical circuit comes in from the MPOE in the basement and runs across the roof of the basement and up the side of the building into the DJ booth (Tea Room), then over to the Wall o' Tubes. The CPE is a Motorola 2210 ADSL2+. The admin password is the serial number, written on the bottom.

The addressing configuration is a little unusual. It's and we've been allocated a /29 within that block: - Note that we get to use all 8 addresses; the broadcast and network address are and respectively. The gateway is

The default CPE settings are not correct for our circuit configuration. From a factory reset, do the following to configure the CPE:

  1. Configure a computer for
  2. Connect the computer to the DSL CPE.
  3. Power cycle the DSL CPE.
  4. Connect to using your web browser.
  5. You will be prompted to set a password, use the serial number on the bottom of the DSL CPE.
  6. Get into expert mode.
  7. Under configure->connections, set the following:
    1. VPI: 0
    2. VCI: 35
    3. Protocol: Bridged Ethernet LLC/SNAP
    4. Bridging: on
  8. Under configure->DHCP server, set the following:
    1. DHCP Server Enabled: unchecked
  9. Save and reboot.

Motorola 2210 User Guide

[edit] Monkeybrains Wireless Link

We have a point-to-point wireless link to Monkeybrains on the roof. It comes down through the Dirty Shop skylight and runs in to the server closet.

[edit] SFBroadband / City of SF / Internet Archive

We have a wireless point-to-point path up to Twin Peaks that connects up to a city-owned and volunteer-run IP transit network. Currently, we're hitting the dish off of the side and have a pretty terrible connection. For now, this network path is mostly only usable as a backup path.

There is a router in our wireless CPE hardware (st01-noisebridge-sfo) that connects up to the Noisebridge network and terminates as on the "Inside / Internal" network. Set your default route via this IP to try the other path.

[edit] Access Control

Most hardware is set to use the most guessable logins and passwords possible. If you're interested in logging in, just make some guesses as to what the login can be. Use your favorite search engine. Poke around. Hack.

Experience the thrill of guessing a password that just works.

[edit] Router

Bikeshed is our humble router. It is a Soekris running Vyatta(a Linux-based router distribution).

The machines currently provides

  * dhcpd
  * DNS (dnsmasq) - .noise local TLD and recursive proxy
  * Automatic loadbalancing and ailover between Sonic DSL and monkeybrains

Access is via SSH with keys.

[edit] Salient configuration

  • It is configured to fail over between DSL and Monkeybrains as conditions warrant.
  • It is configured with traffic shaping to prevent individual users from sucking up all the tubes.

If you have questions about these particular points of configuration, email rack. Nothing is particularly complicated.

[edit] Address Allocations

The reserved address allocations are:

[edit] from

We have a range within the encompassing /24: 75.101.62.{88..95}

  • .88 - biketrailer
  • .89 -
  • .90 -
  • .91 - ChaosVPN la fonera eth0.1
  • .92 -
  • .93 - Unallocated
  • .94 - Unallocated
  • .95 - Mode-S Equipment (various port-NATings)

[edit] ("inside" network)

[edit] - 100 Statically-addressed things

Note: This is not a /24 subnet! The netmask is a /23.

  • .0.2 - biketrailer
  • .0.3 - pony
  • .0.4 - minotaur - console server and network troubleshooting/monitoring box
  • .0.5 - roof switch
  • .0.8 - Primary switch - Netgear GS724Tv2
  • .0.11 - West AP, DHCP mapped
  • .0.12 - Crutch AP, DHCP mapped
  • .0.22 - Pegasus
  • .0.52 - bunny (Bullion Mode-S receiver on the roof)
  • .0.53 - ronin (white Atom works with bunny, lives in Susan the Rack)
  • .0.54 - st01-noisebridge-sfo ( Ubiquiti Nanobridge M5 on the roof. Currently aimed at Twin Peaks.)

[edit] - 1.254

  • DHCP-assigned, user-access IP space

[edit] IPv6

Note: This is not currently implemented. The addresses are correct, though. Someday...

We have IPv6 support on the DSL circuit via a tunnel provided by The tunnel address is 2001:05a8:0:1::0ac6/127 , if it needs to be reconfigurated.

[edit] 2001:5a8:4:5630::/60

This is the IPv6 subnet assigned to us by sonic. We configure the first /64 in this /60 so that autoconfiguration works. biketrailer hands out IPv6 router advertisements for this subnet directly, and your machine will SLAAC its way to ipv6 goodness. They're directly routable, but unsolicited incoming traffic is blocked by the firewall to protect the users. This means you can't run an IPv6 server on our IPv6 subnet, but you can connect to other machines on the IPv6 Internet just fine.

[edit] Machine Rack

The rack of machines and switches is counted by U, from the top, starting from "1".

"U"/Unit Device
1-2 patch panel
3 Netgear G724Tv2 switch
5 Shelf with Bikeshed and POE injectors
7 Minotaur
Bottom APC UPS
Personal tools