NetworkInfrastructure
The concept here is to organize the network infrastructure we already have in base.
Current status
(neighbornet) (upc)
| |eth1
+---------------+ +---------------+
|uplink(offline)| | carambola2 |--(wlan)
+---------------+ +---------------+
| |eth0
| Gi1|
+-----------+ +---------------+
| switch |------|Linksys SRW2024|
+-----------+ Gi24+---------------+
| |
| +------+
(lan)-/ |voyage|
+------+
LAN + WLAN
- essid dlink1337, channel 5, 802.11b/g (not working)
- essid dlink31337, channel 1, 802.11g
- essid base48, channel 11, 802.11ng
- 10.0.0.0/24, 2a01:8c00:ffc7:1337::/64
- 10.0.0.249 L2/3 Linksys SW, telnet, ssh, http, https (user admin)
- 10.0.0.250 voyage.lan dhcp, AP:dlink31337, ssh and http
- 10.0.0.251 carambola2 active gateway/nat, AP:base48(same key), ssh, https, openvpn, 6in4
- 10.0.0.252 uplink.lan inactive gateway/nat, ssh
We hope to have a better utilization of available internet connections, with load balancing when possible, strong wifi signal all over the base and as many services as possible.
carambola2 now serves as openvpn server. Offers IPs from 10.0.0.201 to 249. If anyone needs access can contact me or if he has access to carambola2 can create the keys at the /etc/easy-rsa/ folder. --Trendy (talk) 12:53, 26 May 2013 (CEST)
carambola2 now serves as 6in4 router to static tunnel to ignum pop, which replaces voyage's aiccu tunnel. Voyage still works, but no longer sends router advertisements. --Klubko (talk) 09:50, 1 June 2013 (CEST)
Linksys SW unfortunately only works as a single VLAN L2 switch.
Hot-swapped the Carambola with another one, running the latest Openwrt trunk r37892. We have new wan ip 89.103.8.24, need update in Sixxs. --Trendy (talk) 21:41, 5 September 2013 (CEST)
Updated script for SSH brute force protection in Carambola2. Firewall rules in /etc/firewall.user and script in /root/bin/dropBrute.sh . Leasefile with blocked IPs in /root/dropBrute.leases --Trendy (talk) 20:34, 21 October 2014 (CEST)
