EH22/nox
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

use real event ip space

Browse source
This commit is contained in:
lilly 2025-03-18 17:50:44 +01:00
commit 712f0f4a17
Signed by: lilly
SSH key fingerprint: SHA256:y9T5GFw2A20WVklhetIxG1+kcg/Ce0shnQmbu1LQ37g
15 changed files with 222 additions and 167 deletions
Download patch file Download diff file Expand all files Collapse all files

124
systems/sketchy-router.noc.eh22.intern.nix
View file

@ -21,7 +21,6 @@ in
"net.ipv6.conf.all.forwarding" = "1";
};
networking.useDHCP = false;
networking.nftables.enable = true;
systemd.network = {
enable = true;
@ -38,13 +37,17 @@ in
};
"10-ethMgmt" = {
matchConfig.Name = "ethMgmt";
address = [ "10.20.25.2/24" ];
address = [
"94.45.255.2/24"
];
};
"10-ethPubUsr" = {
matchConfig.Name = "ethPubUsr";
address = [
"10.0.0.1/24"
"94.45.248.1/24"
"94.45.248.254/24"
"94.45.224.1/20" # wifi
"94.45.240.1/21" # wired
"94.45.254.1/24" # public services subnet
];
};
};
@ -54,9 +57,7 @@ in
enable = true;
externalInterface = "ethUpstream";
internalIPs = [
"10.20.25.0/24"
"10.0.0.0/24"
"94.45.248.0/24"
"94.45.224.0/19" # cccv event space, TODO: remove once we are at the event
];
};
@ -78,57 +79,112 @@ in
renew-timer = 1000;
valid-lifetime = 4000;
authoritative = true;
option-data = [
{
name = "domain-name-servers";
data = "94.45.254.2";
}
{
name = "cookie-servers";
data = "94.45.254.3";
always-send = true;
}
];
shared-networks = [
{
# management network
name = "mgmtNet";
interface = "ethMgmt";
option-data = [
{
name = "domain-name-servers";
data = "10.20.25.5";
}
{
name = "domain-search";
data = "noc.eh22.intern.";
}
{
name = "routers";
data = "10.20.25.2";
data = "94.45.255.2";
}
];
subnet4 = [
{
id = 300;
subnet = "10.20.25.0/24";
pools = [ { pool = "10.20.25.100 - 10.20.25.254"; } ];
id = 255;
subnet = "94.45.255.0/24";
pools = [ { pool = "94.45.255.200 - 94.45.255.254"; } ];
reservations = [
{
# auth-dns
hw-address = "BC:24:11:C1:8A:A4";
ip-address = "94.45.255.3";
}
{
# monitoring
hw-address = "BC:24:11:FC:C2:26";
ip-address = "94.45.255.4";
}
];
}
];
}
{
# public user network (only temporary setup)
name = "tempPublicUser";
# public network
name = "public";
interface = "ethPubUsr";
option-data = [
{
name = "routers";
data = "10.0.0.1";
}
{
name = "domain-name-servers";
data = "10.0.0.2";
}
{
name = "cookie-servers";
data = "10.0.0.3";
}
];
subnet4 = [
{
id = 999;
subnet = "10.0.0.0/24";
pools = [ { pool = "10.0.0.100 - 10.0.0.254"; } ];
# public services
id = 254;
subnet = "94.45.254.0/24";
pools = [ ];
option-data = [
{
name = "routers";
data = "94.45.254.1";
}
];
reservations = [
{
# resolv-dns
hw-address = "BC:24:11:AD:52:B1";
ip-address = "94.45.254.2";
}
{
# cookies
hw-address = "BC:24:11:41:E1:61";
ip-address = "94.45.254.3";
}
{
# nat64
hw-address = "BC:24:11:21:7F:AF";
ip-address = "94.45.254.4";
}
];
}
{
# wifi
id = 224;
subnet = "94.45.224.0/20";
pools = [ { pool = "94.45.224.10 - 94.45.239.254"; } ];
option-data = [
{
name = "routers";
data = "94.45.224.1";
}
];
}
{
# wired
id = 240;
subnet = "94.45.240.0/21";
pools = [ { pool = "94.45.240.10 - 94.45.240.254"; } ];
option-data = [
{
name = "routers";
data = "94.45.240.1";
}
];
}
];
}