Resources/Network: Difference between revisions

From Noisebridge
Jump to navigation Jump to search
No edit summary
Line 29: Line 29:
== Wireless networks ==
== Wireless networks ==


The following networks are active at 83c now:
The following networks are active at 2169 now:
* '''noisebridge''' - insecure, NAT via Speakeasy and/or Comcast
* '''2169 Mission''' - No encryption, NATted via the speakeasy link.
 
The following networks are disabled in the Ruckus AP config:
* '''nbsweden''' - insecure, NAT to [https://www.relakks.com/?cid=gb Relakks]. '''not yet functional.''' vlan 21.
* '''nbgermany''' - insecure, NAT to Germany via CCC. '''not yet functional.''' vlan 31.
* '''nbipv6''' - insecure, IPv6 only. '''not yet functional.''' vlan 41.
* '''nbanonymous''' - insecure, transparent [[Tor]]. '''not yet functional.''' vlan 51.
* '''nbwpa''' - "secured" (so they say) using WPA. '''not yet functional.''' vlan 61.
* '''nblocal''' - insecure, local-only.  No Internet route. '''not yet functional.''' vlan 71.


== Development ==
== Development ==

Revision as of 19:30, 20 September 2009

Status

There is an external status monitor at status.noisebridge.net. If something is wrong with the network at 83c, you should contact an admin.

The Ops personnel can be reached by calling (650) 248-2445 24/7.

It's 2 AM And The Admins Are Asleep

If no admin responds within a reasonable period of time (say, an hour), take matters into your own hands and send mail to noisebridge-discuss with answers to the following questions:

  • Who are you?
  • What happened?
  • When did the problem begin? (If you were able to find out.)
  • When was the problem noticed?
  • When did it get fixed?
  • What did you do to fix it? Please err on the side of too much detail rather than not enough.

Please try to observe the guidelines for network maintenance, but use your Most Excellent Judgment if something there doesn't seem to apply.



DNS

Internal machines (with NAT addresses in 172.30.0.0/24) have names in the .noise pseudo-TLD. These names are managed on the Soekris in /etc/hosts (NOT in a zone file). After editing /etc/hosts, you can SIGHUP the dnsmasq process to trigger a reload.

The /etc/hosts file is persistent now (it wasn't back when we used pfSense) so it no longer needs to be maintained on the wiki; the copy on the soekris is canonical now.

Wireless networks

The following networks are active at 2169 now:

  • 2169 Mission - No encryption, NATted via the speakeasy link.

Development

Network Devices & Services

2169 Mission

Interim Configuration

There is a sonic.net Fusion ADSL2+ DSL connection in the building. The physical circuit comes in from the MPOE in the basement and runs across the roof of the basement and up the side of the building into the DJ booth. The CPE is a Motorola 2210 ADSL2+. The admin password is the serial number, written on the bottom.

The addressing configuration is a little unusual. It's 75.101.62.0/24 and we've been allocated a /29 within that block: 75.101.62.88-75.101.62.95. Note that we get to use all 8 addresses; the broadcast and network address are 75.101.62.255 and 75.101.62.0 respectively. The gateway is 75.101.62.1.

The default CPE settings are not correct for our circuit configuration. From a factory reset, do the following to configure the CPE:

  1. Configure a computer for 192.168.1.253/24.
  2. Connect the computer to the DSL CPE.
  3. Power cycle the DSL CPE.
  4. Connect to 192.168.1.254 using your web browser.
  5. You will be prompted to set a password, use the serial number on the bottom of the DSL CPE.
  6. Get into expert mode.
  7. Under configure->connections, set the following:
    1. VPI: 0
    2. VCI: 35
    3. Protocol: Bridged Ethernet LLC/SNAP
    4. Bridging: on
  8. Under configure->DHCP server, set the following:
    1. DHCP Server Enabled: unchecked
  9. Save and reboot.

Motorola 2210 User Guide

Router

The router is a WRT54G running OpenWRT. Its wireless interface is disabled. Its WAN address is 75.101.62.88/24 and its LAN address is 192.168.3.1.

DHCP and DNS services are being provided by the Volcano laptop.

Address Allocations

The reserved address allocations are:

75.101.62.88/29

  • .88 - WRT54G router
  • .89 - Unallocated
  • .90 - s1
  • .91 - Unallocated
  • .92 - Unallocated
  • .93 - Unallocated
  • .94 - Unallocated
  • .95 - Unallocated

192.168.3.0/24

  • .1 - WRT54G router
  • .2 - pony
  • .3 - volcano
  • .5 - AP1
  • .6 - AP2
  • .8 - Dell switch
  • .11 - s1

Other uplink possibilities

  • Local wifi link (TBD - no current ETA on install)
We need an antenna and a wifi access point that will uplink to our core switch (we need one of those too)
  • Metro fiber
    • jof called IPN for a rough estimate for construction of fiber to 83c. The sales representative's estimate would be between 90,000USD - 100,000USD for the initial buildout.
  • Sonic.net ADSL2
We're on the waiting list for 18Mb/1Mb ADSL2
 Sometime in the next year service will be available in San Francisco.
  • WiMax
Currently this hasn't been very seriously researched 
  • SFLan

We may have line of sight to a node if we can bounce off of a local building. This hasn't been seriously researched. We may want to try to get roof access for antennas and should talk to our very quiet neighbors.

I was contacted by Matt Peterson about connecting. I would be happy to do a site survey to see if you can hit the SFLAN or City wirless deployment from the Valencia Gardens development. That could get you 40Mb/s up and down. - Tim Pozar