- data ports give 10.2.30.0/24 (sjat got .227), gw 10.2.30.1 - 10.2.30.0/24 and 10.0.0.0/24 inter-route via makerspace router - note mf04 IP drift: actual 10.0.0.183, host_vars says .184 Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
47 lines
2.8 KiB
Markdown
47 lines
2.8 KiB
Markdown
# Network map (thin)
|
||
|
||
Pointers, not the source of truth. Authoritative data is in the source repos —
|
||
links below. Confirm live values before acting.
|
||
|
||
## Subnets seen across the repos
|
||
|
||
| Subnet | Role | Source of truth |
|
||
|--------|------|-----------------|
|
||
| `10.2.30.0/24` | **CRS310 data VLAN 30** (the new switch). Uplink `ether1` → gateway `10.2.30.1`; access ports `ether2–7`. | `MakerFLOSS_Mikrotik/host_vars/crs310-maker.yml`, `docs/superpowers/specs/2026-06-09-crs310-flat-mgmtvlan-design.md` |
|
||
| `192.168.88.0/24` | **CRS310 mgmt VLAN 99** — isolated, switch at `192.168.88.1`, reachable only from `ether8`. DHCP `.10–.254`. | same |
|
||
| `172.17.3.0/24` | OrangeMakers LAN — `makerfloss1` at `.51`. | `AnsibleBaobabV4/host_vars/makerfloss1.yml` |
|
||
| `10.0.0.0/24` | Makerspace LAN — `mf04` at `.184`. | `AnsibleBaobabV4/host_vars/mf04.yml` |
|
||
| `10.13.0.0/24` | **makerfloss WireGuard plane (`wg1`)**. Hub `10.13.0.1` (VPS), `makerfloss1` `.2`, `mf04` `.3`, `sjat-roaming` `.5`. UDP `:51820`. | `AnsibleBaobabV4/host_vars/makerfloss.yml`, `specs/2026-05-12-makerfloss-wireguard-design.md` |
|
||
| `100.92.0.0/16` | **Netbird overlay** (`wt0`), control plane `nb.makerfloss.eu`. | `specs/2026-05-27-makerspace-vpn-design.md` |
|
||
| `10.8.0.0/24` | baobab (home) WireGuard plane. Hub **kuku** `10.8.0.1` (UDP `:51194`); mamba `10.8.0.4`. | `AnsibleBaobabV4` |
|
||
| `10.20.10.0/24` | homelab LAN — **fisi** `.17`, kuku `.118`, papa `.11`. | `AnsibleBaobabV4` |
|
||
|
||
## Makerspace addressing — mostly resolved (2026-06-09)
|
||
|
||
Confirmed on-site:
|
||
|
||
- A client on the new switch's **data ports** (`ether2–7`) gets a
|
||
`10.2.30.0/24` lease (sjat's laptop got `10.2.30.227`); gateway `10.2.30.1`.
|
||
- The data VLAN `10.2.30.0/24` and the existing makerspace `10.0.0.0/24`
|
||
**inter-route**: from `mf04` (`10.0.0.183`, gw `10.0.0.1`), both
|
||
`10.2.30.1` and `10.2.30.227` ping at <1ms. So the two subnets are different
|
||
segments joined by the makerspace router (`10.0.0.1` ↔ `10.2.30.1`), not
|
||
isolated from each other.
|
||
|
||
Still loose:
|
||
- `makerfloss1` is recorded as `172.17.3.51` — a *third* subnet. Not yet
|
||
confirmed whether it's still on `172.17.3.x` or has moved onto `10.0.0.x` /
|
||
`10.2.30.x`. Confirm when next on-site.
|
||
- **IP drift:** `mf04` is actually `10.0.0.183` (DHCP), but
|
||
`AnsibleBaobabV4/host_vars/mf04.yml` says `ansible_host: 10.0.0.184`. The
|
||
ProxyJump-via-mamba path there targets the stale `.184`. Either pin a DHCP
|
||
reservation or update host_vars. (Reaching mf04 over `wg1` `10.13.0.3` is
|
||
unaffected.)
|
||
|
||
## Public services (makerfloss VPS, `88.99.32.236`)
|
||
|
||
All TLS-terminated at the VPS via Traefik, certs via Gandi DNS-01:
|
||
`docs.makerfloss.eu`, `slides.makerfloss.eu`, `forgejo.makerfloss.eu` (git SSH
|
||
`:7577`), `mail.makerfloss.eu` (Poste.io), `discourse.makerfloss.eu`,
|
||
`snipeit.makerfloss.eu`, `nb.makerfloss.eu` (Netbird).
|
||
Source: `AnsibleBaobabV4/host_vars/makerfloss.yml`.
|