Network: Difference between revisions

From CSCWiki
Jump to navigation Jump to search
(Added new public network in Science machine room)
 
(13 intermediate revisions by the same user not shown)
Line 1: Line 1:
Networks assigned to Math Student Org Net.
Networks assigned to Math Student Org Net.

== IPv4 / IPv6 ==

All of the CSC's public networks are fully dual-stack; this means all of our services are offered over both IPv4 and IPv6.

If you are interested in checking your IPv6 connection, visit [http://test-ipv6.csclub.uwaterloo.ca test-ipv6.csclub.uwaterloo.ca].


== Assigned Subnets ==
== Assigned Subnets ==


=== 129.97.134.0/24, 2620:101:f000:4901::/64 (VLAN: 134) ===
=== 129.97.134.0/24, 2620:101:f000:4901::/64 (MC VLAN: 134) ===


"Math Student Orgs Net" - Server network
"Math Student Orgs Net" - Server network
Line 19: Line 25:
(In the near future, this VLAN will not be available on the office switch. Use VLAN 427 instead.)
(In the near future, this VLAN will not be available on the office switch. Use VLAN 427 instead.)


=== 129.97.31.128/26, 2620:101:f000:4902::/64 (VLAN: 427) ===
=== 129.97.31.128/26, 2620:101:f000:4902::/64 (MC VLAN: 427) ===


"Math Student Orgs Net" - Client network
"Math Student Orgs Net" - Client network
Line 28: Line 34:
Accessible only on the offices switch.
Accessible only on the offices switch.


=== 129.97.18.16/28 (VLAN: 506) ===
=== 129.97.18.16/28, 2620:101:f000:7300::/64 (PHY VLAN: 506) ===


* Subnet for machines located in the Science machine room
* Subnet for machines located in the Science machine room
Line 34: Line 40:
Gateway: 129.97.18.17
Gateway: 129.97.18.17


=== 129.97.16.96/29 (VLAN: 505) ===
=== [Deprecated] 129.97.16.96/29 (PHY VLAN: 505) ===


* Historical VLAN - Removed from service on July 18, 2016 to allow CSCF to expand one of their networks
* Historical VLAN - Removed from service on July 18, 2016 to allow CSCF to expand one of their networks
Line 41: Line 47:
Gateway: 129.97.16.96
Gateway: 129.97.16.96


=== 172.19.134.0/24 (VLAN: ???) ===
=== 172.19.134.0/24, 2620:101:f000:4903::/64 (MC VLAN: 425) ===


* cloud.csclub user network
* General use
* Routing restricted to University of Waterloo campus
* Routing restricted to University of Waterloo campus
* NAT for IPv4: 172.19.134.254
* Incoming connections over IPv6 blocked at campus firewall


=== 172.19.5.21/29 (VLAN: 504) ===
=== 172.19.5.24/29 (PHY VLAN: 504) ===


* Subnet for machines located in the Science machine room
* Subnet for machines located in the Science machine room
Line 53: Line 61:
Gateway: 172.19.5.25
Gateway: 172.19.5.25


=== 10.15.134.0/24 (VLAN: 520) ===
=== 10.15.134.0/24 (MC VLAN: 520) ===


* Private network:
* Private network:
** Lights Out Management
** Lights Out Management
** Insecure devices (e.g. PDUs, KVMs, and PSUs)
** Insecure devices (e.g. PDUs, KVMs, and PSUs)
* Our expectation was for this to be internal traffic only, no routing to or from other subnets (this was the case up until Monday, Dec. 14 when VLAN was added to 10Gig switch for mirror transition)
** jxpryde: My personal expectation was that no router had a routing table entry for this subnet, you had to be link-local. Thus, no ACL's would be necessary.


ACL restrictions only allowing traffic from 129.97.134.0/24 (NOTE: should be restricted further) and from CSCF monitoring VLANs (for UPS and mirror.csclub monitoring)
=== 10.0.134.0/24 (VLAN: ???) ===

=== 172.19.4.96/28 (MC VLAN: 521) ===

* Private network for printers located in MathSoc or club offices
* Routing restricted to University of Waterloo campus

=== 172.19.168.0/27, fd74:6b6a:8eca:4902::/64 (MC VLAN: 529) ===

* CSC Cloud Management
* ACL restrictions preventing most of campus from accessing this network

=== 172.19.168.32/27, fd74:6b6a:8eca:4903::/64 (MC VLAN: 530) ===

* CSC Storage
* ACL restrictions preventing most of campus from accessing this network

== Networking Configuration ==

=== mc-rt-3015-mso-a ===

* 4 port 10Gbps SFP+ card
* 8 port 10Gbps SFP+ card (funded by CIF)
* 2x24 1Gbps Ethernet ports

Trunks:

* Trk1-9: Reserved for router/switch connections
* Trk10: fs00
* Trk11: reserved - fs01

=== dc-rt-3558-mso-a ===


* 8 port 10Gbps SFP+ card (funded by CIF)
A network we apparently have, that was supposed to be used for LOM.
* 1x24 1Gbps Ethernet ports
* 1x20 Ethernet + 4 SFP 1Gbps ports

Latest revision as of 16:05, 13 December 2017

Networks assigned to Math Student Org Net.

IPv4 / IPv6

All of the CSC's public networks are fully dual-stack; this means all of our services are offered over both IPv4 and IPv6.

If you are interested in checking your IPv6 connection, visit test-ipv6.csclub.uwaterloo.ca.

Assigned Subnets

129.97.134.0/24, 2620:101:f000:4901::/64 (MC VLAN: 134)

"Math Student Orgs Net" - Server network

  • General use
  • Internet accessible

IPv6 has been subdivided into:

  • CSC: 2620:101:f000:4901:c5c::/80
  • WiCS: 2620:101:f000:4901:31c5::/80
  • MathSoc: 2620:101:f000:4901:50c::/80


(In the near future, this VLAN will not be available on the office switch. Use VLAN 427 instead.)

129.97.31.128/26, 2620:101:f000:4902::/64 (MC VLAN: 427)

"Math Student Orgs Net" - Client network

  • General use
  • Internet accessible

Accessible only on the offices switch.

129.97.18.16/28, 2620:101:f000:7300::/64 (PHY VLAN: 506)

  • Subnet for machines located in the Science machine room

Gateway: 129.97.18.17

[Deprecated] 129.97.16.96/29 (PHY VLAN: 505)

  • Historical VLAN - Removed from service on July 18, 2016 to allow CSCF to expand one of their networks
  • Was the subnet for machines located in the Science machine room

Gateway: 129.97.16.96

172.19.134.0/24, 2620:101:f000:4903::/64 (MC VLAN: 425)

  • cloud.csclub user network
  • Routing restricted to University of Waterloo campus
  • NAT for IPv4: 172.19.134.254
  • Incoming connections over IPv6 blocked at campus firewall

172.19.5.24/29 (PHY VLAN: 504)

  • Subnet for machines located in the Science machine room
  • Routing restricted to University of Waterloo campus

Gateway: 172.19.5.25

10.15.134.0/24 (MC VLAN: 520)

  • Private network:
    • Lights Out Management
    • Insecure devices (e.g. PDUs, KVMs, and PSUs)

ACL restrictions only allowing traffic from 129.97.134.0/24 (NOTE: should be restricted further) and from CSCF monitoring VLANs (for UPS and mirror.csclub monitoring)

172.19.4.96/28 (MC VLAN: 521)

  • Private network for printers located in MathSoc or club offices
  • Routing restricted to University of Waterloo campus

172.19.168.0/27, fd74:6b6a:8eca:4902::/64 (MC VLAN: 529)

  • CSC Cloud Management
  • ACL restrictions preventing most of campus from accessing this network

172.19.168.32/27, fd74:6b6a:8eca:4903::/64 (MC VLAN: 530)

  • CSC Storage
  • ACL restrictions preventing most of campus from accessing this network

Networking Configuration

mc-rt-3015-mso-a

  • 4 port 10Gbps SFP+ card
  • 8 port 10Gbps SFP+ card (funded by CIF)
  • 2x24 1Gbps Ethernet ports

Trunks:

  • Trk1-9: Reserved for router/switch connections
  • Trk10: fs00
  • Trk11: reserved - fs01

dc-rt-3558-mso-a

  • 8 port 10Gbps SFP+ card (funded by CIF)
  • 1x24 1Gbps Ethernet ports
  • 1x20 Ethernet + 4 SFP 1Gbps ports