Resources/Network

From Noisebridge
< Resources(Difference between revisions)
Jump to: navigation, search
(Hardware)
(Hardware: whoops, forgot to sign. :()
Line 49: Line 49:
 
* Currently [[User:Matt|Matt]] has configured a Soekris net4801 with flashdist OpenBSD 4.4 build, no fancy GUI exists - just simple vi and a pf.conf config file.  The eventual plan is to ghetto load balance between the Comcast and Speakeasy circuits.
 
* Currently [[User:Matt|Matt]] has configured a Soekris net4801 with flashdist OpenBSD 4.4 build, no fancy GUI exists - just simple vi and a pf.conf config file.  The eventual plan is to ghetto load balance between the Comcast and Speakeasy circuits.
 
** Passwords to both devices are in an envelope in the closet in the fishbowl. Or if you are known within the group, ping [[User:Jof|jof]]
 
** Passwords to both devices are in an envelope in the closet in the fishbowl. Or if you are known within the group, ping [[User:Jof|jof]]
** I've done load balancing like this on Linux (and in fact on a Soekris net4801) if anyone's interested I could prep a CF card to do this.
+
** I've done load balancing like this on Linux (and in fact on a Soekris net4801) if anyone's interested I could prep a CF card to do this. [[User:Ryanc|Ryanc]] 18:34, 22 April 2009 (PDT)
 
* [[User:Ioerror|Jake]] has donated a FON [http://en.wikipedia.org/wiki/FON#La_Fonera_WiFi_Router La Fonera] router that has been liberated with a fresh DD-WRT install.
 
* [[User:Ioerror|Jake]] has donated a FON [http://en.wikipedia.org/wiki/FON#La_Fonera_WiFi_Router La Fonera] router that has been liberated with a fresh DD-WRT install.
 
* A Ruckus Wireless ZoneFlex 2942 access point.
 
* A Ruckus Wireless ZoneFlex 2942 access point.

Revision as of 18:34, 22 April 2009

Contents

Uplinks

24Mb/5Mb currently via Comcast

  • Comcast Cable (Only internet, no voice or tv service)
    • $66.95 per month (After taxes COD at time of install is $169.21) - $3 modem rental per month
    • No contract!
    • Link speed is ~24Mbit down / ~5Mbit up. More testing during different times of the day would be useful.
    • Wonderful quote from the service representative when asked about network filtering: "The network is filtered. Dynamic ips. Constantly flowing. Upgrading to static is possible through the business department."
    • The direct line for the person who took the order is 1-925-349-3300 x644201
    • Our confirmation number for this order is: 503691

Speakeasy DSL

  • Speakeasy DSL (On a dry pair - Ordered for the (415) 864 area)
    • Service has been delivered and installed at 83c
    • Modem acts as a bridge straight into Speakeasy and comes with 1 static IP, 4 more for $20 per month.
      • Currently 66.92.8.180
      • Additional IP added on Jan 26th (requires configuration on firewall) 66.92.8.123
    • $105.95 per month - ($99.00 install fee, first month free, hardware included - Paid by Jake)
    • Link speed: 6Mb down and 768k up
    • 12 month contract (25 day trial period), $300 fee if canceled in contract but outside of stated trial period.
    • 1 static ip included
    • The direct line for the person (Michelle) who took the order is 1-877-240-4821
    • In the future, we can upgrade the DSL to the following:
      • Kinda fast 8Mb down and 768k up. 149.95 per month. Hardware and install waved.
      • Super fast 10Mb and 1Mb up. 179.95 per month. Hardware and install waved.

Other uplink possibilities

  • Local wifi link (TBD - no current ETA on install)
We need an antenna and a wifi access point that will uplink to our core switch (we need one of those too)
  • Metro fiber
    • jof called IPN for a rough estimate for construction of fiber to 83c. The sales representative's estimate would be between 90,000USD - 100,000USD for the initial buildout.
  • Sonic.net ADSL2
We're on the waiting list for 18Mb/1Mb ADSL2
 Sometime in the next year service will be available in San Francisco.
  • WiMax
Currently this hasn't been very seriously researched 
  • SFLan

We may have line of sight to a node if we can bounce off of a local building. This hasn't been seriously researched. We may want to try to get roof access for antennas and should talk to our very quiet neighbors.

I was contacted by Matt Peterson about connecting. I would be happy to do a site survey to see if you can hit the SFLAN or City wirless deployment from the Valencia Gardens development. That could get you 40Mb/s up and down. - Tim Pozar

Hardware

  • Currently Matt has configured a Soekris net4801 with flashdist OpenBSD 4.4 build, no fancy GUI exists - just simple vi and a pf.conf config file. The eventual plan is to ghetto load balance between the Comcast and Speakeasy circuits.
    • Passwords to both devices are in an envelope in the closet in the fishbowl. Or if you are known within the group, ping jof
    • I've done load balancing like this on Linux (and in fact on a Soekris net4801) if anyone's interested I could prep a CF card to do this. Ryanc 18:34, 22 April 2009 (PDT)
  • Jake has donated a FON La Fonera router that has been liberated with a fresh DD-WRT install.
  • A Ruckus Wireless ZoneFlex 2942 access point.
    • Takes an 802.1q trunk (with POE!) over a single Cat5/6 cable, and can take up to 8 802.1q tags and broadcast an SSID for each tag. -- jof 00:51, 4 October 2008 (PDT)

Topology

Older topology, does not include cisco box or ruckus AP
  • External IP is assigned via DHCP from Comcast on the Soekris box.
    • Soekris is now updating a DynDNS domain for the WAN IP - comcast-sfo-noisebridge.dyndns.org -- jof 20:16, 3 October 2008 (PDT)
    • cable.noisebridge.net should CNAME here as well.
    • If modifying later, beware that Comcast will now only hand out a DHCP lease requested from 00:0A:E4:32:44:6E
  • Internal subnet is 172.30.0.0/23
    • Soekris box is at 172.30.0.1
    • Linksys AP is at 172.30.0.2
    • Cisco Router is at 172.30.0.3
    • Ruckus AP (on 12th Ethernet port PoE) 172.30.0.5
  • There are some existing Ethernet segments that you can patch into. If it has a number written in black marker on the outlet, this number corresponds to the outlet on the patch panel in the fishbowl closet.

DNS

Internal machines (with NAT addresses in 172.30.0.0/23) have names in the .noise pseudo-TLD. These names are managed on the Soekris in /etc/hosts (NOT in a zone file). After editing /etc/hosts, you can SIGHUP the dnsmasq process to trigger a reload.

The /etc/hosts file is persistent now (it wasn't back when we used pfSense) so it no longer needs to be maintained on the wiki; the copy on the soekris is canonical now.

Wireless networks

The following networks are active at 83c now:

  • noisebridge - insecure, NAT to Speakeasy via hardware described above.
  • noisebridge-dsl - insecure, NAT to Comcast via standalone WRT54G. No access to Noisebridge wired network.

The following networks are disabled in the Ruckus AP config:

  • nbsweden - insecure, NAT to Relakks. not yet functional. vlan 21.
  • nbgermany - insecure, NAT to Germany via CCC. not yet functional. vlan 31.
  • nbipv6 - insecure, IPv6 only. not yet functional. vlan 41.
  • nbanonymous - insecure, transparent Tor. not yet functional. vlan 51.
  • nbwpa - "secured" (so they say) using WPA. not yet functional. vlan 61.
  • nblocal - insecure, local-only. No Internet route. not yet functional. vlan 71.

Development

Network Devices & Services

Personal tools