diff options
| -rw-r--r-- | arfnet2.html | 131 | ||||
| -rw-r--r-- | arfnet2.md | 70 | ||||
| -rw-r--r-- | arfnet2.pdf | bin | 149916 -> 152307 bytes |
3 files changed, 172 insertions, 29 deletions
diff --git a/arfnet2.html b/arfnet2.html index 4a8375d..93dcb8a 100644 --- a/arfnet2.html +++ b/arfnet2.html @@ -43,17 +43,25 @@ </ul> <p>Stage 3*: finally</p> <ul> - <li>Another VPS in unknown provider for - <ul> - <li>Tor</li> - <li>Reverse-proxying the media library</li> - </ul></li> <li>PHP on main site with more web services from scratch, hopefully secure</li> <li>More new services</li> </ul> - <p>Stage 4*: Site B (piso) - Mikrotik and DELL switch - Site to Site - wireguard - Establish telephony</p> + <p>Stage 4: DN42</p> + <ul> + <li>Make DN42 router VM with bird and wg</li> + <li>Peer with people</li> + <li>Bring up BGP sessions</li> + <li>Services</li> + </ul> + <p>Stage 5: Telephony - Asterisk - IP phones and ATAs - Trunks; SDF, + Tandmx, uwutel, PSTN</p> + <p>Stage 6*: Site B (piso)</p> + <ul> + <li>Firewall and switch</li> + <li>Site to Site wireguard</li> + <li>Establish telephony</li> + </ul> <h2 id="domain">Domain</h2> <p>arf20.com</p> <p>Registrar: namecheap</p> @@ -209,7 +217,7 @@ ISP ===| ONT |---| DELL switch |-----| TP-Link switch | <h3 id="public-ips">Public IPs</h3> <ul> <li>AVANZA_STATIC: 2.59.235.35</li> - <li>AVANZA_CGNAT: dynamic</li> + <li>AVANZA_CGNAT: dynamic 100.x.x.x</li> <li>HE prefixes <ul> <li>2001:470:1f21:125::/64</li> @@ -296,6 +304,12 @@ ISP ===| ONT |---| DELL switch |-----| TP-Link switch | <td>192.168.9.0/24</td> <td>VoIP</td> </tr> + <tr class="odd"> + <td>dn42</td> + <td>42</td> + <td>172.20.196.32/27 <br> fdfd:acab:caca::/48</td> + <td>DN42 ARFNET-MNT</td> + </tr> </tbody> </table> <h2 id="firewall">Firewall</h2> @@ -1001,8 +1015,12 @@ ISP ===| ONT |---| DELL switch |-----| TP-Link switch | <ul> <li>1xxx -> users</li> <li>2xxx -> services</li> - <li>xxxxxxx -> tandmx</li> + <li>8xxxxxxx -> tandmx</li> <li>733xxxx -> SDF</li> + <li>0119xxxxxxx -> uwutel</li> + <li>xxxxxx -> regional PSTN</li> + <li>xxxxxxxxx -> national PSTN</li> + <li>00x! -> international PSTN</li> </ul> <table> <thead> @@ -1029,15 +1047,15 @@ ISP ===| ONT |---| DELL switch |-----| TP-Link switch | <td>voicemail</td> </tr> <tr class="odd"> - <td>2222</td> + <td>2100</td> <td>test hello world</td> </tr> <tr class="even"> - <td>2223</td> + <td>2101</td> <td>test digits 10</td> </tr> <tr class="odd"> - <td>2101</td> + <td>2102</td> <td>test echo</td> </tr> <tr class="even"> @@ -1121,13 +1139,51 @@ ISP ===| ONT |---| DELL switch |-----| TP-Link switch | <h3 id="dn42-dmz.21">dn42 DMZ.21</h3> <ul> <li>(ip forward)</li> + <li>wireguard</li> <li>bird eBGP daemon</li> + <li>bind9 master arfnet.dn42</li> </ul> + <table> + <thead> + <tr class="header"> + <th style="text-align: left;">| peer | asn | bgp |</th> + </tr> + </thead> + <tbody> + <tr class="odd"> + <td style="text-align: left;">| prefixlabs | 4242421240 | fe80::1240 + |</td> + </tr> + <tr class="even"> + <td style="text-align: left;">| routedbits | 4242420207 | fe80::207 + |</td> + </tr> + <tr class="odd"> + <td style="text-align: left;">| lezi | 4242423377 | fe80::3377 |</td> + </tr> + <tr class="even"> + <td style="text-align: left;">| carlos | 4242420034 | 172.23.34.1 + |</td> + </tr> + <tr class="odd"> + <td style="text-align: left;">| exo | 4242421112 | fe80::dead |</td> + </tr> + </tbody> + </table> + <h3 id="dn42-services-dmz.23">dn42-services DMZ.23</h3> + <ul> + <li>bind9 slave</li> + <li>nginx reverse proxy</li> + </ul> + <h2 id="vhost-webrootproxy-comment">| vhost | webroot/proxy | + comment</h2> + <p>arfnet.dn42 | http://192.168.4.9 | ARFNET in DN42</p> <h3 id="open5gs-dmz.22">open5gs DMZ.22</h3> + <p>Remote gNodeB</p> <ul> <li>Open5GC</li> - <li>srsRAN?</li> - <li>OAI</li> + <li>Kamailio</li> + <li>OAI?</li> </ul> <hr /> <h3 id="mail-arfnet-ionos-vps-5.250.186.185-2001ba0210d6001">mail @@ -1341,21 +1397,26 @@ ISP ===| ONT |---| DELL switch |-----| TP-Link switch | <td>Open5GS 5G core</td> </tr> <tr class="even"> + <td>DMZ.23</td> + <td>dn42-services.lan</td> + <td>DN42 service machine</td> + </tr> + <tr class="odd"> <td></td> <td></td> <td></td> </tr> - <tr class="odd"> + <tr class="even"> <td>DMZ.192</td> <td>yero-debian</td> <td>yero.lan</td> </tr> - <tr class="even"> + <tr class="odd"> <td>DMZ.195</td> <td>exo-debian</td> <td>exo.lan</td> </tr> - <tr class="odd"> + <tr class="even"> <td>DMZ.196</td> <td>loofa-debian</td> <td>loofa.lan</td> @@ -1694,6 +1755,18 @@ ISP ===| ONT |---| DELL switch |-----| TP-Link switch | <td></td> </tr> <tr class="even"> + <td>tel.arf20.com</td> + <td>CNAME</td> + <td>comm.arf20.com</td> + <td></td> + </tr> + <tr class="odd"> + <td>netbox.arf20.com</td> + <td>CNAME</td> + <td>web.arf20.com</td> + <td></td> + </tr> + <tr class="even"> <td>dark.arf20.com</td> <td>CNAME</td> <td>web.arf20.com</td> @@ -1730,6 +1803,30 @@ ISP ===| ONT |---| DELL switch |-----| TP-Link switch | <td></td> </tr> <tr class="even"> + <td>status.arf20.com</td> + <td>CNAME</td> + <td>mail.arf20.com</td> + <td></td> + </tr> + <tr class="odd"> + <td>lists.arf20.com</td> + <td>CNAME</td> + <td>mail.arf20.com</td> + <td></td> + </tr> + <tr class="even"> + <td>mlmmj.arf20.com</td> + <td>CNAME</td> + <td>mail.arf20.com</td> + <td></td> + </tr> + <tr class="odd"> + <td></td> + <td></td> + <td></td> + <td></td> + </tr> + <tr class="even"> <td>lahomosexualidadde.arf20.com</td> <td>CNAME</td> <td>weonpollo.xyz</td> @@ -21,17 +21,29 @@ Stage 2: new services Stage 3\*: finally - - Another VPS in unknown provider for - - Tor - - Reverse-proxying the media library - PHP on main site with more web services from scratch, hopefully secure - More new services -Stage 4\*: Site B (piso) - - Mikrotik and DELL switch +Stage 4: DN42 + + - Make DN42 router VM with bird and wg + - Peer with people + - Bring up BGP sessions + - Services + +Stage 5: Telephony + - Asterisk + - IP phones and ATAs + - Trunks; SDF, Tandmx, uwutel, PSTN + +Stage 6\*: Site B (piso) + + - Firewall and switch - Site to Site wireguard - Establish telephony + + ## Domain arf20.com @@ -117,7 +129,7 @@ Management ### Public IPs - AVANZA_STATIC: 2.59.235.35 - - AVANZA_CGNAT: dynamic + - AVANZA_CGNAT: dynamic 100.x.x.x - HE prefixes - 2001:470:1f21:125::/64 - 2600:70ff:f039::/48 @@ -143,6 +155,7 @@ Management | B:PSN | un | 192.168.18.0/24 | Site-B:PisoNET | | B:SBN | | 192.168.8.0/24 | Site-B:SiteBNET | | voip | 9 | 192.168.9.0/24 | VoIP | +| dn42 | 42 | 172.20.196.32/27 <br> fdfd:acab:caca::/48 | DN42 ARFNET-MNT | ## Firewall @@ -380,8 +393,12 @@ RAID attached here (with the grey stuff) (local only) - 1xxx -> users - 2xxx -> services - - xxxxxxx -> tandmx + - 8xxxxxxx -> tandmx - 733xxxx -> SDF + - 0119xxxxxxx -> uwutel + - xxxxxx -> regional PSTN + - xxxxxxxxx -> national PSTN + - 00x! -> international PSTN | number | description | |--------|-------------| @@ -389,9 +406,9 @@ RAID attached here (with the grey stuff) (local only) | 2001 | conference | | 2002 | time | | 2003 | voicemail | -| 2222 | test hello world | -| 2223 | test digits 10 | -| 2101 | test echo | +| 2100 | test hello world | +| 2101 | test digits 10 | +| 2102 | test echo | | | 1000 | alias for operator | | 1001 | Site A ATA p1 | @@ -433,13 +450,34 @@ RAID attached here (with the grey stuff) (local only) ### dn42 DMZ.21 - (ip forward) + - wireguard - bird eBGP daemon + - bind9 master arfnet.dn42 + + | peer | asn | bgp | + --------------------- + | prefixlabs | 4242421240 | fe80::1240 | + | routedbits | 4242420207 | fe80::207 | + | lezi | 4242423377 | fe80::3377 | + | carlos | 4242420034 | 172.23.34.1 | + | exo | 4242421112 | fe80::dead | + +### dn42-services DMZ.23 + + - bind9 slave + - nginx reverse proxy + +| vhost | webroot/proxy | comment +----------------------------------- +arfnet.dn42 | http://192.168.4.9 | ARFNET in DN42 ### open5gs DMZ.22 +Remote gNodeB + - Open5GC - - srsRAN? - - OAI + - Kamailio + - OAI? --- @@ -521,6 +559,7 @@ DMZ IPv4s and IPv6 ends in the same way | DMZ.20 | callbox.lan | 5G gNodeB | | DMZ.21 | dn42.lan | DN42 edge router | | DMZ.22 | open5gs.lan | Open5GS 5G core | +| DMZ.23 | dn42-services.lan | DN42 service machine | | | | | | DMZ.192 | yero-debian | yero.lan | | DMZ.195 | exo-debian | exo.lan | @@ -589,11 +628,17 @@ Site-B:PiSoNet | photo.arf20.com | CNAME | web.arf20.com | | radio.arf20.com | CNAME | web.arf20.com | | os.arf20.com | CNAME | web.arf20.com | +| tel.arf20.com | CNAME | comm.arf20.com | +| netbox.arf20.com | CNAME | web.arf20.com | | dark.arf20.com | CNAME | web.arf20.com | | wiki.arf20.com | CNAME | web.arf20.com | | qbt.arf20.com | CNAME | web.arf20.com | | radarr.arf20.com | CNAME | web.arf20.com | | sonarr.arf20.com | CNAME | web.arf20.com | +| +| status.arf20.com | CNAME | mail.arf20.com | +| lists.arf20.com | CNAME | mail.arf20.com | +| mlmmj.arf20.com | CNAME | mail.arf20.com | | | lahomosexualidadde.arf20.com | CNAME | weonpollo.xyz | | panaland.arf20.com | CNAME | web.arf20.com | @@ -628,3 +673,4 @@ Site-B:PiSoNet - [cstims](https://cgit.arf20.com/arfnet2-cstims): client, service, ticket and invoice management system - [lists](https://cgit.arf20.com/arfnet2-lists): mailing list browser + diff --git a/arfnet2.pdf b/arfnet2.pdf Binary files differindex a5516d9..aa23b03 100644 --- a/arfnet2.pdf +++ b/arfnet2.pdf |