HoerupNet: Difference between revisions

← Older edit

Latest revision as of 20:19, 9 August 2018

The ImageMap extension is not installed.

@@ Line 1: / Line 1: @@
-Description of my personal network
-=Network diagram=
+{{#tag:graphviz|
-[[Image:hoerupnet.png]]
-=IP Address=
+graph network {
-The network uses the RFC1918 private IP range 192.168.10.0/24
+node [fontsize=12]
-All hosts get network information from the DHCP server, but some hosts get a fixed address based on MAC address.
+edge [fontsize = 12]
-The dynamic range is 192.168.10.30-100.
-=Host timon=
+hoerup [label="hoerup \n192.168.12.0/24"]
-Timon is the gateway and firewall for the network.
+hoerup_clients [label="hoerup clients \n192.168.20.0/24"]
+amstrup [label="amstrup \n192.168.2.0/24"]
+HSH [label="HSH \n192.168.8.0/24"]
+hoerup_microtik [label="hoerup/microtik\nlan=192.168.13.16\nsstp=dynamic" shape=box]
+hoerupit [label="hoerupit \n 192.168.23.0/24" ]
+it_microtik [label="it/microtik \n sstp=192.168.195.1\nlan=?" shape=box]
+it_mgmt [label="it/mgmt \n192.168.211.0/24"]
-Timon runs the following services
-* Firewall
-**Homebuild iptables script with source / destination nat and forward filtering
-**DNAT
-***http->rafiki
-***smtp->rafiki
-***openvpn->rafiki
-***(mldonkey ports)->rafiki
-***443->rafiki:22
-***<strike>VNC->pumba</strike>
-**outgoing traffic is SNAT'ed
-*Traffic shaping
-*Static route: route add -net 192.168.20.0/24 gw 192.168.10.5
-*ISC DHCP Server
-**Serves IP addresses as described above
-*bind9 DNS server
-**Caching DNS server, uses <strike>ISP DNS</strike> OpenDNS for lookups
-**reverse lookup for 192.168.10.x and 192.168.20.x
-**local override for t-hoerup.dk (primarily to bind www.t-hoerup.dk etc. to the internal webserver address)
-*SSH server
-**For remote admininistration (only available from internal network)
-*TFTP
-**Used For PXE installations.
-*SNMP
-*cron
-**chkrootkit / rkhunter / ntpdate / logrotate / logwatch (logwatch recipient torben@t-hoerup.dk)
-*nullmailer
-**forwarding local-generated mail to rafiki
-**/etc/mailname:timon.t-hoerup.dk
-**/etc/nullmailer/remotes:rafiki.t-hoerup.dk
-=Host Rafiki=
-Rafiki is the server
-(VPN access is regarded as internal network access)
-Unless specified otherwise the daemons listens on all network interfaces.
+hoerup -- amstrup [label="openvpn"]
+hoerup -- hoerup_clients [label="openvpn"]
+hoerup -- HSH [label="openvpn"]
+hoerup -- hoerupit [label="openvpn"]
-Rafiki runs
+amstrup -- HSH [label="openvpn"]
-*SSH server
+hoerup -- hoerup_microtik [label="lan/192.168.13 alias"]
-* Apache webserver
+hoerup_microtik -- it_microtik [label="sstp (masqeraded srcnat)"]
-** With mod_php5, mod_dav_svn, mod_python, mod_proxy
+it_microtik -- it_mgmt [label="lan"]
-** Hosts all vhosts listed in http://status.t-hoerup.dk/vhosts.php
-*** Hosts subversion repository
-***Wiki
-***Pastebin
-***SQL webfrontends
-***Is reverse proxy for those services that has their own http engine (such as mldonkey, and tomcat)
-*MySQL
-*PostgreSQL
-*Mldonkey for file download
-**bittorrent
-**donkey
-**overnet
-**basic HTTP
-*Squid http proxy
-**port 3128
-**Non caching
-**available to internal network only
-*Proftpd
-**File transfer - Only available to internal network (from outside scp/sftp should be used)
-*Postfix SMTP MTA
-*Dovecot IMAPd
-*OpenVPN
-** TUN / UDP based
-**Listens on port 1494
-**Uses subnet 192.168.20.0/24 for tunnels
-**Full access to 192.168.10.0/24 available via vpn
-*Smokeping
-*App server: Sun Glassfish 2.1
-*smsdaemon
-*MRTG
-*webalizer
-*cron
-**chkrootkit / rkhunter / ntpdate / logrotate / logwatch (logwatch recipient torben@t-hoerup.dk)
-**torben's crontab
-***05  */3    *   *   *   /home/torben/bin/getmail-silent
-***05  05     *   *   *  cp /var/spool/mail/torben /home/torben/Mail/inbox-backup
-=Access Point=
-*SSID: hoerup
-*Encryption: WPA2-PSK
-*Channel: 6
+ }|format="png"}}

HoerupNet: Difference between revisions

Latest revision as of 20:19, 9 August 2018

Navigation menu

Search