Network Policies: Difference between revisions

From Noisebridge
Jump to navigation Jump to search
Line 13: Line 13:
For static addresses:
For static addresses:


# Update /etc/hosts on soekris.noise.
# Update the wiki to signal your intent to claim the address.
# Set the address and netmask.
# Update /etc/hosts on r00ter.noise. and gorilla.noise with the name of the host.
# Restart dhcpd on r00ter.
# Set the address and netmask (255.255.252.0) on the target device.
# Set the domain name on the device to noise.
# Set the domain name on the device to noise.
# Set the DNS server to 172.30.0.1
# Set the DNS server to 172.30.0.1 on the device.


== General Management Stuff ==
== General Management Stuff ==

Revision as of 15:55, 8 April 2011

The (desired, wished, dreamed, hoped for) Rules

  1. We have a wiki with which you can keep a record of changes. You should consider using it to keep a record of your changes.
  2. Unlabeled cables are fair game to be unplugged. There is a label maker available to prevent this. Remember that you may want to label both sides in some cases.
  3. Users monitor noisebridge-discuss and #noisebridge on IRC. Please notify both places if you anticipate an outage, and monitor both places to answer questions if you are aware of an outage.
  4. It is excellent to fix things, but only if you can't find the original owner first.
  5. Before making a change, make sure it worked in the first place and back up the config. After making a change, make sure it still works. Keep that backup around, you might need it someday. You might also want to implement the test as a shell script, since that's the first step towards adding the test to the regression testing system.

Baseline Management Checklist

Address Assignment

For static addresses:

  1. Update the wiki to signal your intent to claim the address.
  2. Update /etc/hosts on r00ter.noise. and gorilla.noise with the name of the host.
  3. Restart dhcpd on r00ter.
  4. Set the address and netmask (255.255.252.0) on the target device.
  5. Set the domain name on the device to noise.
  6. Set the DNS server to 172.30.0.1 on the device.

General Management Stuff

  • SNMP v2c, community name "noise" for readonly. v1 works too.
  • SNMP traps go to pony using the same community name.
  • NTP to clock.isc.org or a similarly close server.
  • Syslog to pony.
  • Set the timezone and turn on automatic summer time adjustment.
  • Save a copy of the manual somewhere. It might be handy to have if you want to look something up while the network is down.
  • Save a copy of the initial configuration somewhere.

Cisco Version

Cut and paste:

configure terminal
ip domain-name noise
ip domain-lookup
ip name-server 172.30.0.1 
snmp-server community noise
snmp-server host pony trap version 2c noise
ntp server clock.isc.org
logging 172.30.0.30
aaa new-model
aaa authentication login default local
aaa authentication enable default none
clock timezone PST -8
clock summer-time PDT recurring