-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
18 additions
and
21 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,40 +1,37 @@ | ||
| # Servers Intranet | ||
|
|
||
| Servers Intranet connect all the servers together, including physics servers and virtual machines. | ||
| Servers Intranet connects all the servers together, including physical servers and virtual machines. | ||
|
|
||
| ## Network Topology | ||
|
|
||
| <iframe frameborder="0" style="width:100%;height:500px;" src="https://viewer.diagrams.net/?lightbox=1&highlight=0000ff&edit=_blank&layers=1&nav=1&title=LUG%20Network#Uhttps%3A%2F%2Fdocs.ustclug.org%2Finfrastructure%2Fintranet%2Fimg%2Fnetwork.html"></iframe> | ||
|
|
||
| 以上架构图由 iBug 在 2023 年 11 月更新。以下信息是过时的,不过有参考价值。 | ||
| 以上架构图由 iBug 在 2023 年 11 月更新。 | ||
|
|
||
| The network contains three parts: | ||
| ??? warning "以下是一些过时的信息,也许还有点参考价值" | ||
|
|
||
| - Physical Switch in East Library Data Center | ||
| - Virtual Switch on vSphere host machine | ||
| - tincVPN | ||
| The network contains three parts: | ||
|
|
||
| tincVPN is a mesh VPN, which can be abstracted as a virtual Switch. | ||
| - Physical Switch in East Library Data Center | ||
| - Virtual Switch on vSphere host machine | ||
| - tincVPN | ||
|
|
||
| vm-nfs.s.ustclug.org runs a layer 2 bridge, connecting tincVPN and SRW2024(physical switch). | ||
| tincVPN is a mesh VPN, which can be abstracted as a virtual Switch. | ||
|
|
||
| It is obvious that vm-nfs is a single point of failure of communicating between tinc host and vSphere virtual machine. I had tried to add another bridge node, but resulted in a broadcast storm. Maybe we can fix it by MPLS (merged in mainland kernel 4.3). But it isn't a right timing at this time. | ||
| vm-nfs.s.ustclug.org runs a layer 2 bridge, connecting tincVPN and SRW2024 (physical switch). | ||
|
|
||
| ## Network information | ||
|
|
||
| The network contains two subnets: | ||
| It is obvious that vm-nfs is a single point of failure of communicating between tinc host and vSphere virtual machine. I had tried to add another bridge node, but resulted in a broadcast storm. Maybe we can fix it by MPLS (merged in mainline kernel 4.3). But it isn't a right timing at this time. | ||
|
|
||
| * 10.254.0.0/21 | ||
| * 10.254.10.0/24 | ||
| ## Network information | ||
|
|
||
| Every server binds one and only one IP address in 10.254.0.0/21, used to communicate with each other. | ||
| The network contains one single subnet: 10.254.0.0/21 | ||
|
|
||
| 10.254.10.0/24 is used for 1to1 IP mapping. At this time, it just used between linode(10.254.10.2) and blog(10.254.10.1). | ||
| Every server and service binds to one and only one IP address, used to communicate with each other. | ||
|
|
||
| ### Address planning | ||
|
|
||
| * 10.254.0.0/24: physical server and virtual machine | ||
| * 10.254.1.0/24: docker container | ||
| * 10.254.6.0/24: LUGi emergency entrypoint (managed by yzf) | ||
| * 10.254.7.0/24: LUGi entrypoint (via board.s) | ||
| * other address: not used yet. | ||
| - 10.254.0.0/24: Physical servers and virtual machines | ||
| - 10.254.1.0/24: Docker containers | ||
| - 10.254.6.0/24: LUGi emergency entrypoint (via vpnstv.s, managed by yzf) | ||
| - 10.254.7.0/24: LUGi entrypoint (via board.s) | ||
| - Others: not used yet. |