Networking
From UGCS
(Difference between revisions)
(→UGCS hosted machines in Winnett netblock) |
|||
| (8 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
==Physical Equipment== | ==Physical Equipment== | ||
Our main switch (connected to the IMSS 1Gbit uplink) is a Juiper EX2200. This switch is brand-new as of April 2010 and <i>screams</i>. The core servers, shellservers, mortals, and lenin are connected to this switch. It provides a DHCP safe haven for demeter (and our servers through RADIUS on charon) while allowing Winnett DHCP for other machines. We have a Cisco 2970 connected via two LACP links to the Juniper switch for additional gigabit ports (currently filled with hosted machines). We will be setting up a Cisco 2950 with a similar gigabit trunk lines for the hosted racks once we move them to where we want them. | Our main switch (connected to the IMSS 1Gbit uplink) is a Juiper EX2200. This switch is brand-new as of April 2010 and <i>screams</i>. The core servers, shellservers, mortals, and lenin are connected to this switch. It provides a DHCP safe haven for demeter (and our servers through RADIUS on charon) while allowing Winnett DHCP for other machines. We have a Cisco 2970 connected via two LACP links to the Juniper switch for additional gigabit ports (currently filled with hosted machines). We will be setting up a Cisco 2950 with a similar gigabit trunk lines for the hosted racks once we move them to where we want them. | ||
| + | |||
| + | ===Juniper Switch=== | ||
| + | * Juniper EX2200 | ||
| + | * Name: mercury | ||
| + | * IP: 192.168.2.5, accessible from charon only | ||
==Static IPs in UGCS== | ==Static IPs in UGCS== | ||
| Line 8: | Line 13: | ||
netmask 255.255.255.0 | netmask 255.255.255.0 | ||
gateway 131.215.176.254 | gateway 131.215.176.254 | ||
| + | |||
| + | ==Firewall== | ||
| + | Each machine does its own firewall through iptables. Cfengine installs a series of scripts in /etc/networking/if.[up,down].d that loads/saves the iptables configuration, so you can make changes knowing they will be preserved across a reboot. | ||
| + | |||
==IPv4 Allocations== | ==IPv4 Allocations== | ||
kabta: 131.215.172.59 | kabta: 131.215.172.59 | ||
| − | * 64: | + | * 64: none |
* 65-75: Coreserver | * 65-75: Coreserver | ||
| − | + | ** 65 hermes | |
| − | ** 65 hermes | + | ** 66 demeter |
| − | ** 66 demeter | + | ** 67 apollo |
| − | ** 67 apollo | + | ** 68 athena |
| − | ** 68 athena | + | ** 69 persephone |
| − | ** 69 persephone | + | ** 70 hera |
| − | ** 70 hera | + | ** 71 poseidon |
| − | ** 71 poseidon | + | ** 72 zeus |
| − | ** 72 zeus | + | ** 73 hestia |
| − | ** 73 hestia | + | ** 74 hephaestus |
| − | ** 74 hephaestus | + | ** 75 dionysus |
| − | ** 75 dionysus | + | ** 76 nfs |
| − | ** 76 nfs | + | ** 77 ( currently unused ) |
| − | + | ** 78 fo ( testing IP for failover stuff ) | |
| − | ** 78 fo | + | ** 79 ( currently unused ) |
| − | ** 80 doldnut | + | ** 80 doldnut (owned by devteam/Jon Dama, this will be moved) |
| − | ** 81 | + | ** 81 afs-c ( AFS database server, currently hermes) |
| − | ** 82 | + | ** 82 afsmail ( AFS file server that houses mail partitions, currently hermes) |
| − | * 86-105: Hosted servers | + | |
| − | ** 86 averyfs | + | * 86-105: Hosted servers (future hosted machines should go in the Winnett netblock; email hostmaster@caltech.edu) |
| − | ** 87 bsi-la | + | ** 86 averyfs (owned by Avery IMSS) |
| + | ** 87 bsi-la (owned by Bo Adler) | ||
** 88 lenin (owned by Dabney comptrollers) | ** 88 lenin (owned by Dabney comptrollers) | ||
** 89 donut (owned by Devteam) | ** 89 donut (owned by Devteam) | ||
** 90 metatron (owned by Matt Maurer) | ** 90 metatron (owned by Matt Maurer) | ||
| − | ** 91 white | + | ** 91 white (owned by Mike White) |
| − | ** 92 philemon | + | ** 92 philemon (owned by Jon Dama) |
| − | ** 93 daisy | + | ** 93 daisy (owned by Elizabeth Fong) |
| − | ** 94 ballroom (Ballroom dance club | + | ** 94 ballroom (Ballroom dance club) |
| − | ** 95 hiro | + | ** 95 hiro (owned by Silas Bennet) |
| − | ** 98 azkaban | + | ** 98 azkaban (owned by Eugeniu Plamadeala, username eugeniu) |
| − | ** 99 | + | ** 99 goose (owned by Suresh Sitaula, username suresh) |
| − | ** 100 kukulza | + | ** 100 kukulza (owned by Patrick Xia, username patrick) |
| − | ** 101 eternity | + | ** 101 eternity (owned by Alex Roper, username alexr) |
| − | ** 102 vitamin-s | + | ** 102 vitamin-s (owned by David DiCato) |
| − | ** 103 (name not known yet) ( owned by Pat Cahalan ) | + | ** 103 (name not known yet) (owned by Pat Cahalan) |
| − | ** 104 heartofgold | + | ** 104 heartofgold (owned by Alex Rasmussen, username adr) |
* 105-124: Shellserver | * 105-124: Shellserver | ||
** 105 lara.ugcs.caltech.edu. | ** 105 lara.ugcs.caltech.edu. | ||
** 106 styx.ugcs.caltech.edu. | ** 106 styx.ugcs.caltech.edu. | ||
| − | ** 107 minthe.ugcs.caltech.edu. | + | ** 107 minthe.ugcs.caltech.edu. (i5 machine) |
** 108 lethe.ugcs.caltech.edu. | ** 108 lethe.ugcs.caltech.edu. | ||
** 109 calliope.ugcs.caltech.edu. | ** 109 calliope.ugcs.caltech.edu. | ||
| Line 61: | Line 71: | ||
** 113 melpomene.ugcs.caltech.edu. | ** 113 melpomene.ugcs.caltech.edu. | ||
** 114 polyhymnia.ugcs.caltech.edu. | ** 114 polyhymnia.ugcs.caltech.edu. | ||
| − | ** 115 terpsichore.ugcs.caltech.edu. | + | ** 115 terpsichore.ugcs.caltech.edu. (i5 machine) |
** 116 thalia.ugcs.caltech.edu. | ** 116 thalia.ugcs.caltech.edu. | ||
** 117 urania.ugcs.caltech.edu. | ** 117 urania.ugcs.caltech.edu. | ||
| Line 70: | Line 80: | ||
* 125: printer | * 125: printer | ||
* 126: charon | * 126: charon | ||
| − | * | + | |
| + | ===UGCS hosted machines in Winnett netblock=== | ||
| + | * 60: beryllium (owned by Chris Kennelly, username ckennelly) | ||
| + | * 61: titanic (owned by Blacker IMSS) | ||
| + | * 3: durandal (owned by Chris Whelan, username whelan) | ||
==IPv6 Allocations== | ==IPv6 Allocations== | ||
| − | * | + | * Caltech may be rolling out IPv6 later in 2010. We've mentioned to them that we'd be interested in trying it. |
[[Category:Sysadmin_Documentation]] | [[Category:Sysadmin_Documentation]] | ||
Latest revision as of 14:21, 13 June 2011
Contents |
Physical Equipment
Our main switch (connected to the IMSS 1Gbit uplink) is a Juiper EX2200. This switch is brand-new as of April 2010 and screams. The core servers, shellservers, mortals, and lenin are connected to this switch. It provides a DHCP safe haven for demeter (and our servers through RADIUS on charon) while allowing Winnett DHCP for other machines. We have a Cisco 2970 connected via two LACP links to the Juniper switch for additional gigabit ports (currently filled with hosted machines). We will be setting up a Cisco 2950 with a similar gigabit trunk lines for the hosted racks once we move them to where we want them.
Juniper Switch
- Juniper EX2200
- Name: mercury
- IP: 192.168.2.5, accessible from charon only
Static IPs in UGCS
We don't actually have a netblock, we just have 64 ip's. So you configure your machine like any other in the Winnett netblock, with netmask 255.255.255.0 and gateway 131.215.176.254. A sample Debian interfaces file:
iface eth0 inet static
address 131.215.176.xxx
netmask 255.255.255.0
gateway 131.215.176.254
Firewall
Each machine does its own firewall through iptables. Cfengine installs a series of scripts in /etc/networking/if.[up,down].d that loads/saves the iptables configuration, so you can make changes knowing they will be preserved across a reboot.
IPv4 Allocations
kabta: 131.215.172.59
- 64: none
- 65-75: Coreserver
- 65 hermes
- 66 demeter
- 67 apollo
- 68 athena
- 69 persephone
- 70 hera
- 71 poseidon
- 72 zeus
- 73 hestia
- 74 hephaestus
- 75 dionysus
- 76 nfs
- 77 ( currently unused )
- 78 fo ( testing IP for failover stuff )
- 79 ( currently unused )
- 80 doldnut (owned by devteam/Jon Dama, this will be moved)
- 81 afs-c ( AFS database server, currently hermes)
- 82 afsmail ( AFS file server that houses mail partitions, currently hermes)
- 86-105: Hosted servers (future hosted machines should go in the Winnett netblock; email hostmaster@caltech.edu)
- 86 averyfs (owned by Avery IMSS)
- 87 bsi-la (owned by Bo Adler)
- 88 lenin (owned by Dabney comptrollers)
- 89 donut (owned by Devteam)
- 90 metatron (owned by Matt Maurer)
- 91 white (owned by Mike White)
- 92 philemon (owned by Jon Dama)
- 93 daisy (owned by Elizabeth Fong)
- 94 ballroom (Ballroom dance club)
- 95 hiro (owned by Silas Bennet)
- 98 azkaban (owned by Eugeniu Plamadeala, username eugeniu)
- 99 goose (owned by Suresh Sitaula, username suresh)
- 100 kukulza (owned by Patrick Xia, username patrick)
- 101 eternity (owned by Alex Roper, username alexr)
- 102 vitamin-s (owned by David DiCato)
- 103 (name not known yet) (owned by Pat Cahalan)
- 104 heartofgold (owned by Alex Rasmussen, username adr)
- 105-124: Shellserver
- 105 lara.ugcs.caltech.edu.
- 106 styx.ugcs.caltech.edu.
- 107 minthe.ugcs.caltech.edu. (i5 machine)
- 108 lethe.ugcs.caltech.edu.
- 109 calliope.ugcs.caltech.edu.
- 110 clio.ugcs.caltech.edu.
- 111 achilles.ugcs.caltech.edu (mortal)
- 112 helen.ugcs.caltech.edu (mortal)
- 113 melpomene.ugcs.caltech.edu.
- 114 polyhymnia.ugcs.caltech.edu.
- 115 terpsichore.ugcs.caltech.edu. (i5 machine)
- 116 thalia.ugcs.caltech.edu.
- 117 urania.ugcs.caltech.edu.
- 118 jason.ugcs.caltech.edu (mortal)
- 119 midas.ugcs.caltech.edu (mortal)
- 120 medusa.ugcs.caltech.edu (mortal)
- 121 dictys.ugcs.caltech.edu (mortal)
- 125: printer
- 126: charon
UGCS hosted machines in Winnett netblock
- 60: beryllium (owned by Chris Kennelly, username ckennelly)
- 61: titanic (owned by Blacker IMSS)
- 3: durandal (owned by Chris Whelan, username whelan)
IPv6 Allocations
- Caltech may be rolling out IPv6 later in 2010. We've mentioned to them that we'd be interested in trying it.
