Difference between revisions of "BXadmin:Network"

From CCGB
Jump to: navigation, search
Line 1: Line 1:
 
= L3 =
 
= L3 =
== 128.118.200.0/23, 2610:8:7800:14::/64 ==
+
== 128.118.200.0 /23, 2610:8:7800:14:: /64 ==
 
* VLAN: 100 (BX-WIRED)
 
* VLAN: 100 (BX-WIRED)
 
* Netmask: 255.255.254.0
 
* Netmask: 255.255.254.0
Line 8: Line 8:
 
Centrally managed machines. Machines that we have root on and/or control with cfengine.
 
Centrally managed machines. Machines that we have root on and/or control with cfengine.
  
== 128.118.202.128/27 ==
+
== 128.118.202.128 /27 ==
 
* NAT pool
 
* NAT pool
 
* Usable IPs: .129 - .158 (with .159 being the broadcast, but not used for NAT)
 
* Usable IPs: .129 - .158 (with .159 being the broadcast, but not used for NAT)
Line 20: Line 20:
 
</pre>
 
</pre>
  
== 128.118.202.160/28 ==
+
== 128.118.202.160 /28 ==
 
* VLAN: 110 (GUEST)
 
* VLAN: 110 (GUEST)
 
* Netmask: 255.255.255.240
 
* Netmask: 255.255.255.240
Line 31: Line 31:
 
DHCP entries static in LDAP. Web authorization form to allow changing of the MAC address, restricted to PIs and other persons of repute. These entries will be periodically expired. Or, tie into EDUROAM somehow?
 
DHCP entries static in LDAP. Web authorization form to allow changing of the MAC address, restricted to PIs and other persons of repute. These entries will be periodically expired. Or, tie into EDUROAM somehow?
  
== 128.118.202.0/26 ==
+
== 128.118.202.0 /26 ==
 
* VLAN: 120 (DOT1X)
 
* VLAN: 120 (DOT1X)
 
* Netmask: 255.255.255.192
 
* Netmask: 255.255.255.192
Line 42: Line 42:
 
Dynamically assigned with DHCP. 802.1x EAP-TTLS-PAP username/password login.
 
Dynamically assigned with DHCP. 802.1x EAP-TTLS-PAP username/password login.
  
== 128.118.202.64/26 ==
+
== 128.118.202.64 /26 ==
 
* VLAN: 130 (UNMANAGED)
 
* VLAN: 130 (UNMANAGED)
 
* Netmask: 255.255.255.192
 
* Netmask: 255.255.255.192

Revision as of 15:46, 23 September 2010

L3

128.118.200.0 /23, 2610:8:7800:14:: /64

  • VLAN: 100 (BX-WIRED)
  • Netmask: 255.255.254.0
  • Broadcast: 128.118.201.255
  • Gateway: 128.118.200.1, 2610:8:7800:14::1

Centrally managed machines. Machines that we have root on and/or control with cfengine.

128.118.202.128 /27

  • NAT pool
  • Usable IPs: .129 - .158 (with .159 being the broadcast, but not used for NAT)
  • DNS: nat-128-118-202-N.bx.psu.edu

NAT config on ASA:

global (Outside) 1 128.118.202.1-128.118.202.30
nat (Bioinformatics) 1 192.168.2.0 255.255.255.0
nat (Bioinformatics) 1 192.168.4.0 255.255.255.0
nat (Bioinformatics) 1 10.1.0.0 255.255.0.0

128.118.202.160 /28

  • VLAN: 110 (GUEST)
  • Netmask: 255.255.255.240
  • Broadcast: 128.118.202.175
  • Gateway: 128.118.202.161
  • Usable IPs: .162 - .174
  • Client IPs: 13
  • DNS: guest-128-118-202-N.bx.psu.edu

DHCP entries static in LDAP. Web authorization form to allow changing of the MAC address, restricted to PIs and other persons of repute. These entries will be periodically expired. Or, tie into EDUROAM somehow?

128.118.202.0 /26

  • VLAN: 120 (DOT1X)
  • Netmask: 255.255.255.192
  • Broadcast: 128.118.202.63
  • Gateway: 128.118.202.1
  • Usable IPs: .1 - .62
  • Client IPs: 61
  • DNS: dot1x-128-118-202-N.bx.psu.edu

Dynamically assigned with DHCP. 802.1x EAP-TTLS-PAP username/password login.

128.118.202.64 /26

  • VLAN: 130 (UNMANAGED)
  • Netmask: 255.255.255.192
  • Broadcast: 128.118.202.127
  • Gateway: 128.118.202.65
  • Usable IPs: .65 - .126
  • Client IPs: 61
  • DNS: custom or 128-118-202-N.bx.psu.edu

Statically assgined with DHCP based on MAC. Radius attributes defined in LDAP for the DHCP host entry.

L2

Current network diagram in DIA format is located at /afs/bx.psu.edu/admin/documents/bx_network-l2-<DATE>.dia

When updating, be sure to work on a copy, and update the date in the box in the upper left-hand corner.

Bx network-l2-2010-26-02.png