Network
(→DHCP Service on Kimball) |
m (Piet moved page OLD Network page to Network over redirect) |
| (One intermediate revision by one user not shown) | |
Latest revision as of 14:59, 6 November 2012
| Network |
|---|
|
| What: |
| Documenting network stuff at 0x20 |
| Participants: |
| cedric |
| Locations: |
| 0x20 |
|
Contents |
[edit] intro
This page was created for the sole purpose of creating clarity in the networking thingies at 0x20.
[edit] The schema
note: This schema accepts patches. You can find the .dia-file (sudo apt-get install dia) at http://members.0x20.be/cedric/Network_0x20.dia
[edit] Sites
[edit] Whitespace
Whitespace, our hackerspace, has a LAN which connects local machines in the network 172.22.32.0/24. We provide ethernet and Wifi access to connect to the network.
[edit] IBBT
Our friends from IBBT (http://www.ibbt.be) have provided us with a virtual server in their data center, which is awesome! It has a massive internet connection and that is why this server is often referred to as "Big Pipe"<ref>Big pipe server</ref>.
[edit] VPN
To link 2 locations you have 2 options:
- Provide your own infrastructure: connect the two sites with a physical cable
- Use existing infrastructure to connect the two sites: connect through the interwebs
For a whole bunch of reasons, option #1 is a bit impractical, so the way to go is through the interwebs. That is exactly what is done between 0x20 and IBBT, we've created a so called Virtual Private Network or VPN, which in this case is nothing more than a point-to-point tunnel over the internet connecting 0x20 and IBBT in the same private network. This setup is documented in project OpenVPN<ref>Project OpenVPN</ref>.
[edit] LAN @ 0x20
I'm currently in the process of creating a new intranet at 0x20 with server Kimball as the central server for DHCP, DNS and Routing.
[edit] Network interfaces on Kimball
Kimball has two network interfaces:
# The primary network interface # eth0 is the WAN-side of our router and takes an IP from the old 0x20 network over DHCP auto eth0 iface eth0 inet dhcp # eth1 is the LAN-side of our router. It has a static ip and currently it uses Soekris as DNS server auto eth1 iface eth1 inet static address 172.22.42.1 gateway 172.22.42.1 netmask 255.255.255.0 network 172.22.42.0 broadcast 172.22.42.255 nameserver 172.22.32.14
[edit] Routing Configuration on Kimball
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default soekris.0x20.be 0.0.0.0 UG 0 0 0 eth0 172.22.32.0 * 255.255.255.0 U 0 0 0 eth0 172.22.42.0 * 255.255.255.0 U 0 0 0 eth1
[edit] DHCP Service on Kimball
Kimball is configured to provide Dynamic Host Configuration to hosts on the eth1 (LAN) side of the network. The configuration can be found in /etc/dhcp/dhcpd.conf:
# The ddns-updates-style parameter controls whether or not the server will
# attempt to do a DNS update when a lease is confirmed. We default to the
# behavior of the version 2 packages ('none', since DHCP v2 didn't
# have support for DDNS.)
ddns-update-style none;
# option definitions common to all supported networks...
option domain-name "0x20.be";
option domain-name-servers 172.22.32.14;
default-lease-time 6000;
max-lease-time 7200;
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
#authoritative;
# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;
subnet 172.22.42.0 netmask 255.255.255.0 {
option routers 172.22.42.1;
option subnet-mask 255.255.255.0;
option ip-forwarding off;
range dynamic-bootp 172.22.42.100 172.22.42.200;
default-lease-time 21600;
max-lease-time 43200;
}
As you can see, Kimball hosts the 172.22.42.0/24 network and also acts as it's default gateway on 172.22.42.1 which is it's own static address on eth1. At the moment we provide the range 172.22.42.100-172.22.42.200 for DHCP.
I also had to tell dhcpd to listen for DHCP-requests on eth1 instead of on eth0. For this I updated the file /etc/default/isc-dhcp-server:
# Defaults for dhcp initscript # sourced by /etc/init.d/dhcp # installed at /etc/default/isc-dhcp-server by the maintainer scripts # # This is a POSIX shell fragment # # On what interfaces should the DHCP server (dhcpd) serve DHCP requests? # Separate multiple interfaces with spaces, e.g. "eth0 eth1". INTERFACES="eth1"
[edit] References
<references/>
