Primary IT Infrastructure: Difference between revisions

From HackRVA
Jump to navigation Jump to search
(Page needs updates.)
 
(105 intermediate revisions by 5 users not shown)
Line 1: Line 1:
Please check back with this page, as we are in the process of populating good information, relating to how to get the most out of your HackRVA data experience.
Hack.rva provides community wifi and lan drops in all rooms, as well as a few in house hosted services. All traffic is monitored by a snorby server that checks for illegal torrents, bots and other malware.




= The primary network architecture =
----
At HackRVA we utilize a switched network with vlans and VoIP support.
We have a dedicated smart-switch, a router and a Virtulization Server which runs our web services, and groupware.


== Network Devices ==
The HackRVA network is comprised of four primary network infrastructure devices.
===CPE devices===
====MOTOROLA Surfboard Cable Modem ====
The previously used DOCSIS 3.0 cable modem used at the space was a MOTOROLA SB6120.<br>
This device does not allow for provisioning of static IPv4 addresses, hence the use of the SMC Business Gateway for our current level of service. <br>
[[File:MOTOROLA-SB6120.jpg]] <br>


====SMC Business Gateway====
[[File:serverrack.jpg]]
HackRVA uses comcast business class service with static IPv4 provisioned<br>
The device provided for this service is the SMC Networks SMCD3GCCR business gateway.<br>
The device provides a four port switch, for easy integration into our network architecture.<br>
[[File:SMCD3GCCJR.JPG]]


===Cisco RV180 VPN Router===
The RV180 VLAN-enabled VPN SOHO router is the brains of the internal network architecture.<br>
This device provides dhcp to clients on the internal LAN as well as NAT functionlaty for accessing the internet from behind the cable modem.<br>
To understand what vlan capabilities are being used as the space, please reference the VLAN section, below.<br><br>
[[File:RV180VPN Front-REAR.jpg]]<br>


===Ubiquiti Wireless AP===
----
The wireless services are provided by a commerical-grade wireless access point.<br>
<blockquote><span style="color: red;">''Entire page needs to be updated''</span></blockquote>
The access point requires management software installed on a Windows computer, or Linux (with much more work).<br>
[[File:Ubiquiti UniFi-AP.jpg]]<br>


===NetGear 24-port smart-switch===
----
This device is referenced by Netgear as the GS724T-300 smart-switch.<br>
This device is capable of vlan tagged ports, as well as port trunking.<br>
[[File:NetGear-GS724Tv2.jpg]]


== Network Topology ==
==About==
===Layer 2 and Layer 3===
-more info coming-
==== VLANs (802.1q tags) ====
At HackRVA we have a segmented network using vlans for segregation of traffic.
*VLAN-1 is the management network, and houses the management end-points for primary services.
*VLAN-100 is the voip vlan, specifically intended to have all voip traffic.
*VLAN-200 is the vlan for hackrva-wireless, and is the vlan which you will be assigned to, if access the hackrva-wireless ssid.
*VLAN-300 is the vlan for all wired network infrastructure, and is also the vlan for network services such as email, and dns, as well as network printers.
===TCP/IP Layer and 802.1q label assignment===
====Address Space (IPv4)====
At HackRVA we have subneting that is assigned to specific vlans.
*VLAN-1 is on subnet 192.168.10.0/24
*VLAN-100 is on subnet 192.168.100.0/24
*VLAN-200 is on subnet 192.168.200.0/24
*VLAN-300 is on subnet 192.168.30.0/24


====Address Space (IPv6)====
(This page is somewhat out of date. The server has been upgraded.)
HackRVA does not currently utilize IPv6 address space.
----


==== Wireless SSID List====
==Topology==
At Hackrva, we utilize three ssids for specific access to services, which is relevant for different types of users.
*hackrva-wireless (vlan-200) <br>  -General access to internet services only
*hackrva-lan(vlan-300) <br>
:-This is used for member access to all services within Hackrva's internal network. <br>
:-If a peripheral device is connected to the Layer 3 network, and hence connected on vlan-300, then this device will only be accessible via wireless on hackrva-lan ssid.<br>
*hackrva-admin:(vlan-1) <br> -Used for management purposes, when connecting via the wireless network layer.


==Network Services==
A crude Network topology by John V.
===Domain Name Services (dns)===
HackRVA currently hosts its own domain name services, or "DNS."<br>
[[file:Net_diagram.png]]
Authoritative dns services are supplied to the following domains.
====hackrva.org====
*list
*mail
*www
*zmail
====hackrva.net====
====hackrva.us====
====hackrva.info====


===Dynamic Host Control Protocol (dhcp)===
----
The dhcp services are managed by the RV180 VPN router.
==Network Appliances==


===Network Time Protocol (ntp)===
*'''Modem''' - Motorola Surfboard 575186
*'''Firewall''' - custom PFSense box
*'''Switch''' - Netgear GS724T
*'''Wifi AP''' - Ubiquity Unifi AP


===File Transfer Protocol (ftp)===
----
==Networked Equipment==


===VoIP===
*'''[[Proxmox virtualization Node]]'''
===www===
-An in house solution to keep the number of physical machines running various services down to a minimum. Rocking dual 12 thread Xeons and 48gb of ram, this thing provides all of our virtualzation needs. Runs Proxmox 4.4
===EMail===
*'''Networked Attached Storage'''
===VPN===
-The NAS was built out of spare parts donated by several members and has 4 1tb WD greens in a zfs raid 5.
*'''[[Digital Design Workstation]]'''
-Donated by Michael, the Digital Design station is rocking a q6600, 6gb of ddr2, and a Radeon HD 5770, this machine is the work horse for all of our design and manufacturing equipment. This including the CNC router, 3D printers and laser cutter.
*'''Wall of monitors machine'''
-What started off as a separate dev machine, The wall of monitors machine was Aaron's Idea because he wanted to sit in front of a machine that drove 9 screens running off of one tower.
*'''TV PC'''
A Raspberry Pi model B 1st gen, hooked to the large plasma screen display good for digital signage or just a secondary screen
*'''Chromecast'''
- simple streaming stick that stays plugged in the HDMI switch for broadcasting things wirelessly to the projector, Works best with the Chrome browser.


= Servers and Workstations=
----
*[[Primary Servers]]
*[[Primary Workstations]]


= Enclosures =
==Services==
At HackRVA Labs, Inc. we have two racks, or "cabinets" in use.<br>
*'''LAN games'''
One is a 36U full depth data server cabinet.<br>
-We host our own Minecraft Server @ minecraft.hackrva.org:25565


And the other is a Norco 9U network cabinet.<br>
-Saturday nights tends to turn into Age Of Emipres 3 lan gaming
[[File:Norco-9u-enclosure.jpg]]


=Computer Lab Systems=
-Occasionally an Artemis game gets played though, not too often any more
*[[Computer Lab]]
*'''Community storage'''
-We have a 4tb NAS for community use, It holds  a fair amount of various Operating system ISOs and other wise is a hub for hackrva related files
*'''Virtualization'''
We have a in house hypervisor machine for public use after training.
*'''Cad software'''
The digital design station is full to the brim with different CAD software, the main suite being Auto desk products
 
==History==
 
 
<blockquote><span style="color: red;">''This section needs to be updated''</span></blockquote>
 
 
The network at hackrva started out as a just a WRT54GL named "robot king" and a fall back AP named "robot queen". They had to be rebooted almost weekly due to the constant traffic and numerous DHCP problems. These devices ran out of address space very quickly.
 
 
Thus a beefier network needed to be created. A more reliable network was created with enterprise grade gear and, in a lot of ways, this network became the model of what is currently in place.
 
 
Many hands are involved in maintaining the network, running network cabling throughout the space and ensuring minimal downtime. 
The equipment at the space is there to be used.  If you would like access to a VM or would like to contribute to the maintenance of the infrastructure, please email [email protected]

Latest revision as of 21:34, 4 August 2019

Hack.rva provides community wifi and lan drops in all rooms, as well as a few in house hosted services. All traffic is monitored by a snorby server that checks for illegal torrents, bots and other malware.



Serverrack.jpg


Entire page needs to be updated

About

-more info coming-

(This page is somewhat out of date. The server has been upgraded.)

Topology

A crude Network topology by John V.

Net diagram.png

Network Appliances

  • Modem - Motorola Surfboard 575186
  • Firewall - custom PFSense box
  • Switch - Netgear GS724T
  • Wifi AP - Ubiquity Unifi AP

Networked Equipment

-An in house solution to keep the number of physical machines running various services down to a minimum. Rocking dual 12 thread Xeons and 48gb of ram, this thing provides all of our virtualzation needs. Runs Proxmox 4.4

  • Networked Attached Storage

-The NAS was built out of spare parts donated by several members and has 4 1tb WD greens in a zfs raid 5.

-Donated by Michael, the Digital Design station is rocking a q6600, 6gb of ddr2, and a Radeon HD 5770, this machine is the work horse for all of our design and manufacturing equipment. This including the CNC router, 3D printers and laser cutter.

  • Wall of monitors machine

-What started off as a separate dev machine, The wall of monitors machine was Aaron's Idea because he wanted to sit in front of a machine that drove 9 screens running off of one tower.

  • TV PC

A Raspberry Pi model B 1st gen, hooked to the large plasma screen display good for digital signage or just a secondary screen

  • Chromecast

- simple streaming stick that stays plugged in the HDMI switch for broadcasting things wirelessly to the projector, Works best with the Chrome browser.

Services

  • LAN games

-We host our own Minecraft Server @ minecraft.hackrva.org:25565

-Saturday nights tends to turn into Age Of Emipres 3 lan gaming

-Occasionally an Artemis game gets played though, not too often any more

  • Community storage

-We have a 4tb NAS for community use, It holds a fair amount of various Operating system ISOs and other wise is a hub for hackrva related files

  • Virtualization

We have a in house hypervisor machine for public use after training.

  • Cad software

The digital design station is full to the brim with different CAD software, the main suite being Auto desk products

History

This section needs to be updated


The network at hackrva started out as a just a WRT54GL named "robot king" and a fall back AP named "robot queen". They had to be rebooted almost weekly due to the constant traffic and numerous DHCP problems. These devices ran out of address space very quickly.


Thus a beefier network needed to be created. A more reliable network was created with enterprise grade gear and, in a lot of ways, this network became the model of what is currently in place.


Many hands are involved in maintaining the network, running network cabling throughout the space and ensuring minimal downtime. The equipment at the space is there to be used. If you would like access to a VM or would like to contribute to the maintenance of the infrastructure, please email [email protected]

Retrieved from "https://wiki.hackrva.org/index.php?title=Primary_IT_Infrastructure&oldid=2388"