SL:Topology und Kategorie:Web:Browser: Unterschied zwischen den Seiten
(Unterschied zwischen Seiten)
Zur Navigation springen
Zur Suche springen
imported>Burghardt (→DNS) |
imported>Burghardt |
||
Zeile 1: | Zeile 1: | ||
+ | {| class="wikitable" |
||
− | The Sensor Lab has its own separate network. The idea is to have an isolated network with only a small chance to affect the "normal" LAN workstations while allowing all necessary connections (in and out) to work in a comfortable way. |
||
+ | |- style="vertical-align:top;" |
||
+ | | Im normalen Ubuntu-Repository |
||
+ | * [[Arora]] -- QT |
||
+ | * [[Chromium]] |
||
+ | * [[Epiphany]] -- Gnome |
||
+ | * [[Firefox]] |
||
+ | * [[Konqueror]] -- KDE |
||
+ | * [[Midori]] |
||
+ | * [[Qupzilla]] --QT |
||
+ | * [[Rekonq]] -- KDE |
||
+ | * [[Dillo]] |
||
+ | | CLI |
||
+ | * [[ELinks]] |
||
+ | * [[Links2]] |
||
+ | * [[Lynx]] |
||
+ | * [[W3m]] |
||
+ | | "Extern" |
||
+ | * [[Opera]] |
||
+ | * [[Vivaldi]] |
||
+ | * [[Iridium]] |
||
+ | * [[SRWare Iron]] |
||
+ | * [[Tor Browser]] |
||
+ | |} |
||
− | == Topology == |
||
− | A <strike>small computer</strike> '''Virtual Machine''' works as a router. The allowed traffic is limited in some ways. The rules are managed by [[User:Burghardt|Udo Burghardt]]. |
||
− | <pre>root@slgw:~# lsb_release -a; ip a | grep global |
||
− | No LSB modules are available. |
||
− | Distributor ID: Ubuntu |
||
− | Description: Ubuntu 11.10 |
||
− | Release: 11.10 |
||
− | Codename: oneiric |
||
− | inet 172.22.255.253/16 brd 172.22.255.255 scope global eth0 |
||
− | inet 192.168.22.254/24 brd 192.168.22.255 scope global eth1 |
||
− | </pre> |
||
+ | [[Kategorie:Web]] |
||
− | |||
− | === IP Ranges === |
||
− | We use a simple private address block of: |
||
− | <pre> |
||
− | ~# ipcalc 192.168.22.0/24 |
||
− | Address: 192.168.22.0 11000000.10101000.00010110. 00000000 |
||
− | Netmask: 255.255.255.0 = 24 11111111.11111111.11111111. 00000000 |
||
− | Wildcard: 0.0.0.255 00000000.00000000.00000000. 11111111 |
||
− | => |
||
− | Network: 192.168.22.0/24 11000000.10101000.00010110. 00000000 |
||
− | HostMin: 192.168.22.1 11000000.10101000.00010110. 00000001 |
||
− | HostMax: 192.168.22.254 11000000.10101000.00010110. 11111110 |
||
− | Broadcast: 192.168.22.255 11000000.10101000.00010110. 11111111 |
||
− | Hosts/Net: 254 Class C, Private Internet |
||
− | </pre> |
||
− | |||
− | === DNS === |
||
− | Dedicated ranges/naming convention: |
||
− | ;1... : former pool computers "wsxy" |
||
− | ;31... : "normal" computers "pcxy" |
||
− | ;60 : the server |
||
− | ;61... : virtual guests on the server |
||
− | ;101...: Raspberry Pis |
||
− | ;240...: infrastructure |
||
− | |||
− | ==== Zone file ==== |
||
− | Actual snapshot 07. Feb. 2013: |
||
− | <pre> |
||
− | dig tmg.loc axfr | grep -e .sl.tmg |
||
− | esxsl.tmg.loc. 86400 IN CNAME tmg94.tmg.loc. |
||
− | nst.tmg.loc. 86400 IN CNAME tmgsim2.sl.tmg.loc. |
||
− | gw.sl.tmg.loc. 86400 IN A 192.168.22.254 |
||
− | gw.sl.tmg.loc. 86400 IN TXT "Sensorlab Router eth1" |
||
− | pc01.sl.tmg.loc. 86400 IN A 192.168.22.31 |
||
− | pc02.sl.tmg.loc. 86400 IN A 192.168.22.32 |
||
− | pc03.sl.tmg.loc. 86400 IN A 192.168.22.33 |
||
− | pc04.sl.tmg.loc. 86400 IN A 192.168.22.34 |
||
− | ps1.sl.tmg.loc. 86400 IN A 192.168.22.241 |
||
− | ps2.sl.tmg.loc. 86400 IN A 192.168.22.242 |
||
− | rpi01.sl.tmg.loc. 86400 IN A 192.168.22.41 |
||
− | rpi02.sl.tmg.loc. 86400 IN A 192.168.22.42 |
||
− | sw.sl.tmg.loc. 86400 IN A 192.168.22.244 |
||
− | tmgsim1.sl.tmg.loc. 86400 IN A 192.168.22.61 |
||
− | tmgsim1.sl.tmg.loc. 86400 IN TXT "Windows 7" |
||
− | tmgsim2.sl.tmg.loc. 86400 IN A 192.168.22.62 |
||
− | tmgsim2.sl.tmg.loc. 86400 IN TXT "NST" |
||
− | tmgsim3.sl.tmg.loc. 86400 IN A 192.168.22.63 |
||
− | tmgsim3.sl.tmg.loc. 86400 IN TXT "Ubuntu" |
||
− | tmgsim4.sl.tmg.loc. 86400 IN A 192.168.22.64 |
||
− | tmgsim4.sl.tmg.loc. 86400 IN TXT "Win 7 english" |
||
− | tmgsim5.sl.tmg.loc. 86400 IN A 192.168.22.65 |
||
− | tmgsim5.sl.tmg.loc. 86400 IN TXT "Natty Roman Seibel" |
||
− | tmgsim6.sl.tmg.loc. 86400 IN A 192.168.22.66 |
||
− | tmgsim6.sl.tmg.loc. 86400 IN TXT "Natty Udo " |
||
− | tmgsim7.sl.tmg.loc. 86400 IN A 192.168.22.67 |
||
− | tmgsim7.sl.tmg.loc. 86400 IN TXT "Natty Ansgar Kellner" |
||
− | tmgsim8.sl.tmg.loc. 86400 IN A 192.168.22.68 |
||
− | tmgsim8.sl.tmg.loc. 86400 IN TXT "Oneiric Youssef" |
||
− | tmgsim9.sl.tmg.loc. 86400 IN A 192.168.22.69 |
||
− | tmgsim9.sl.tmg.loc. 86400 IN TXT "Oneiric Saleh" |
||
− | ws1.sl.tmg.loc. 86400 IN A 192.168.22.1 |
||
− | ws10.sl.tmg.loc. 86400 IN A 192.168.22.10 |
||
− | ws11.sl.tmg.loc. 86400 IN A 192.168.22.11 |
||
− | ws12.sl.tmg.loc. 86400 IN A 192.168.22.12 |
||
− | ws2.sl.tmg.loc. 86400 IN A 192.168.22.2 |
||
− | ws3.sl.tmg.loc. 86400 IN A 192.168.22.3 |
||
− | ws4.sl.tmg.loc. 86400 IN A 192.168.22.4 |
||
− | ws5.sl.tmg.loc. 86400 IN A 192.168.22.5 |
||
− | ws6.sl.tmg.loc. 86400 IN A 192.168.22.6 |
||
− | ws7.sl.tmg.loc. 86400 IN A 192.168.22.7 |
||
− | ws8.sl.tmg.loc. 86400 IN A 192.168.22.8 |
||
− | ws9.sl.tmg.loc. 86400 IN A 192.168.22.9 |
||
− | </pre> |
||
− | Nachtrag: 22.70 + 22.71 ist belegt |
||
− | |||
− | ;Example: the gateway is known as: |
||
− | ~# host gw.sl.tmg.loc |
||
− | gw.sl.tmg.loc has address 192.168.22.254 |
||
− | |||
− | ;Reverse Zone:...is ''not'' prepared as it is not required. |
||
− | |||
− | <small> |
||
− | ---- |
||
− | ''Important:'' This is the view from ''inside'' that network. From outside it looks this way: |
||
− | ~$ host slgw.tmg.loc |
||
− | slgw.tmg.loc has address 172.22.255.253 |
||
− | </small> |
||
− | |||
− | == Service Availability == |
||
− | === [[DHCP]] === |
||
− | The router offers dhcp services using <code>ISC dhcpd</code>. It will deliver the usual information to the clients: address, netmask, gateway, nameservers. Event though the protocol is "dynamic" the configuration is ''static'' to be able to know exactly "who is who". Each computer will always get the same address. |
||
− | |||
− | The system wide configuration includes: |
||
− | <pre> |
||
− | subnet 192.168.22.0 netmask 255.255.255.0 { |
||
− | # range 192.168.22.201 192.168.22.211; |
||
− | option domain-name-servers 134.76.81.212, 134.76.81.104; |
||
− | option domain-name "sl.tmg.loc"; |
||
− | option routers 192.168.22.254; |
||
− | option broadcast-address 192.168.22.255; |
||
− | }</pre> |
||
− | |||
− | Additionally for ''every single'' system which should benefit from dhcp we need an entry like this: |
||
− | |||
− | <pre> |
||
− | host ws1 { |
||
− | hardware ethernet 00:13:72:8a:bc:41; |
||
− | fixed-address ws1.sl.tmg.loc; |
||
− | } |
||
− | </pre> |
||
− | |||
− | |||
− | You might verify the actual host definitions via |
||
− | |||
− | * http://gw.sl.tmg.loc/sensorlab.conf |
||
− | |||
− | === [[OpenAFS]] / [[Kerberos]] / [[LDAP]] === |
||
− | Should work as expected. |
||
− | |||
− | === [[SSH]] === |
||
− | * enabled in all directions - especially also ''from outside into the lab'' |
||
− | |||
− | === [[ICMP]] === |
||
− | * all Types enabled |
||
− | |||
− | === Web === |
||
− | * Port 80 and 443 allowed |
||
− | |||
− | == See also == |
||
− | * [[SL:Introduction]] |
||
− | * Schematic: <br /><code>/afs/informatik.uni-goettingen.de/user/s/sensorlab/documents/Documentation/sensorlab-network.dia</code> <br />bzw. "falschrum:" <br /><code>\\afs\informatik.uni-goettingen.de\user\s\sensorlab\documents\Documentation\sensorlab-network.dia</code> <br />... which is accessible only for project members |
||
− | |||
− | == Links == |
||
− | * http://gw.sl.tmg.loc/sensorlab.conf -- configuration of the Hosts |
||
− | |||
− | [[Category:Sensorlab]] |