Networkยถ

Office networkยถ

For the network infrastructure at the office, weโ€™re using UniFi equipment:

  • UniFi Switches

  • UniFi Security Gateway

  • UniFi Access Points

UniFi Cloud Keyยถ

To manage the UniFi devices, use the dedicated UniFi controller, i.e. UniFi cloud key.

See also

Check out the Dashboard for the ยซUniFi cloud keyยป link.

LANยถ

Weโ€™re using 10.0.0.0/8 for our private network ranges.

Physical LAN networksยถ

All physical networks (clients & servers) use IPs from the 10.0.0.0/12 subnet.

To see the network subnets, check out the UniFi Cloud Key:

  • Settings โ†’ Networks (VLANs)

  • Settings โ†’ VPN โ†’ Site-to-Site VPN โ†’ {VPN} โ†’ Subnet

Docker LAN networksยถ

All Docker networks use IPs from the 10.16.0.0/12 subnet:

Subnet

Usage

10.16.0.0/16

Default Docker bridge

10.17.0.0/16

Proxy network

10.18.0.0/16

Compose project bridge networks

Other LAN networksยถ

All other LAN networks use IPs from the 10.32.0.0/12 subnet:

Subnet

Usage

10.32.0.0/24

cudy OTG mobile router

10.32.1.0/24

Netgear Nethawk mobile router

10.40.0.0/16

Reserved subnet for local networking

Hint

Try to use the 10.40.0.0/16 for your network subnets on your local machine.

Office LAN IPsยถ

The office LAN IPs are managed in the UniFi Cloud Key.

Server LAN IPsยถ

The server LAN IPs are managed in Ansible.

Hint

You can use the create_host_list.yml playbook to create a host_list.txt file containing all host IPs.

Firewallsยถ

To protect our network, weโ€™re using firewalls. Check out the Firewall chapter for more information.

VPNsยถ

To interconnect our networks and access them remotely, weโ€™re using VPNs. Check out the VPN chapter for more information.

WANยถ

Office WANยถ

At the office we have a fixed and native IPv4 address 84.254.96.223.

We also have a routed IPv4 subnet 217.71.252.24/29 over the native IP address.

IPv4 address

Usage

DNS PTR

217.71.252.24/29

n/a: network ID

217.71.252.25/29

Gateway

217.71.252.26/29

Management services

management.wan.confirm.ch

217.71.252.27/29

Eve server

eve.wan.confirm.ch

217.71.252.28/29

217.71.252.29/29

217.71.252.30/29

217.71.252.31/29

n/a: broadcast

Datacenter WANยถ

At the datacenter, we have a fixed and native IPv4 address 195.201.104.241. Itโ€™s assigned to the Proxmox.

We also have a routed IPv4 subnet 46.4.219.16/28 over the native IP address:

IPv4 address

Usage

DNS PTR

46.4.219.16/28

n/a: network ID

46.4.219.17/28

Proxmox (gateway)

proxmox.wan.confirm.ch

46.4.219.18/28

Live services

live.wan.confirm.ch

46.4.219.19/28

Customer services

customers.wan.confirm.ch

46.4.219.20/28

Test services

test.wan.confirm.ch

46.4.219.21/28

Development services

development.wan.confirm.ch

46.4.219.22/28

ERP services

erp.wan.confirm.ch

46.4.219.23/28

46.4.219.24/28

46.4.219.25/28

46.4.219.26/28

46.4.219.27/28

46.4.219.28/28

46.4.219.29/28

46.4.219.30/28

46.4.219.31/28

n/a: broadcast

Server WAN IPsยถ

The server WAN IPs are managed in Ansible.

Hint

You can use the create_host_list.yml playbook to create a host_list.txt file containing all host IPs.