From 77f7380a12fbe9361ba73ee46cf7295d2ccb7cad Mon Sep 17 00:00:00 2001 From: llnu Date: Thu, 11 Jun 2020 14:52:34 +0200 Subject: [PATCH 1/5] defined hw-s for p5 --- ungleich-infrastructure.dot | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/ungleich-infrastructure.dot b/ungleich-infrastructure.dot index d192a5e..1b6aa75 100644 --- a/ungleich-infrastructure.dot +++ b/ungleich-infrastructure.dot @@ -24,7 +24,10 @@ graph G { router1p5 [ label="router1+2\nfirewall\nrouter\nnetboot" ]; router2p5 [ label="router1+2\nfirewall\nrouter\nnetboot" ]; - + mikrotikcrs1 [ label="switch1\ncopper" ]; + mikrotikcrs2 [ label="switch2\ncopper" ]; + + apurouter2p5 [ label="dhcpv4\nnetboot\ncoworking ]; red1p5 [ label="red1\nceph monitor\nopennebula mysql" ]; red2p5 [ label="red2\nceph monitor\n" ]; @@ -67,8 +70,8 @@ graph G { red1p5 -- ups1small [ label="Power connection 24W" ] red1p5 -- ups1small [ label="Power connection 24W" ] red1p5 -- ups1small [ label="Power connection 24W" ] - mikrotikcrs3261 -- ups1small [ label="Power connection 24W" ] - mikrotikcrs3262 -- ups1small [ label="Power connection 24W" ] + mikrotikcrs1 -- ups1small [ label="Power connection 24W" ] + mikrotikcrs2 -- ups1small [ label="Power connection 24W" ] apurouter2p5 -- ups1small [ label="Power connection 24W"] From 08fedd3a6e1caa92f4ea44a6b392c793a4b21d18 Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Thu, 11 Jun 2020 15:31:57 +0200 Subject: [PATCH 2/5] Fix syntax error, update some nodes --- ungleich-infrastructure.dot | 95 +++++++++++++++++++++---------------- 1 file changed, 55 insertions(+), 40 deletions(-) diff --git a/ungleich-infrastructure.dot b/ungleich-infrastructure.dot index 1b6aa75..af17760 100644 --- a/ungleich-infrastructure.dot +++ b/ungleich-infrastructure.dot @@ -14,6 +14,7 @@ graph G { label="place4: Germany"; server1p4 [ label="server1\ndns backup\nmx backup" ]; } + subgraph cluster_place5 { label="place5: Schwanden"; server1p5 [ label="server1\nopennebula master\nceph osd" ]; @@ -21,61 +22,63 @@ graph G { server3p5 [ label="server3\nopennebula nodes\nceph osd" ]; server4p5 [ label="server4\nopennebula nodes\nceph osd" ]; - router1p5 [ label="router1+2\nfirewall\nrouter\nnetboot" ]; - router2p5 [ label="router1+2\nfirewall\nrouter\nnetboot" ]; + router1p5 [ label="router1\nfirewall\nrouter\nnetboot" ]; + router2p5 [ label="router2\nfirewall\nrouter\nnetboot" ]; - mikrotikcrs1 [ label="switch1\ncopper" ]; - mikrotikcrs2 [ label="switch2\ncopper" ]; + apurouter1p5 [ label="dhcpv4\nnetboot\ncoworking" ]; + apurouter2p5 [ label="dhcpv4\nnetboot\ncoworking" ]; - apurouter2p5 [ label="dhcpv4\nnetboot\ncoworking ]; - - red1p5 [ label="red1\nceph monitor\nopennebula mysql" ]; + red1p5 [ label="red1\nceph monitor\nopennebula mysql" ]; red2p5 [ label="red2\nceph monitor\n" ]; red3p5 [ label="red3\nceph monitor\n" ]; - + cephp5 [ label="ceph cluster" shape=oval ]; onep5 [ label="opennebula cluster" shape=oval ]; + uplinkp5 [ label="Sunrise Uplink Device" ]; - subgraph cluster_place5_switches { - label="Switches place5"; - switch1p5 [ label="switch1"]; - switch2p5 [ label="switch2"]; - switch1p5--switch2p5 [ label="20G\nLACP\nMLAG" ]; - } - {server1p5,server2p5,server3p5,server4p5,routersp5}--{switch1p5,switch2p5} [ label="20G\nLACP" ]; + {server1p5,server2p5,server3p5,server4p5,router1p5,router2p5}--{switch1p5,switch2p5} [ label="20G\nLACP" ]; server1p5--{server1p5,server2p5,server3p5,server4p5} [ label="Manage VMs" ]; cephp5--{server1p5,server2p5,server3p5,server4p5,red1p5,red2p5,red3p5} onep5--{server1p5,server2p5,server3p5,server4p5,red1p5} [ label="consists of" ]; - {server1p5,server2p5,server3p5,server4p5}--routersp5 [ label="Netboot" ]; + {server1p5,server2p5,server3p5,server4p5}--{apurouter1p5,apurouter2p5} [ label="Netboot" ]; - # This is the power connections - ups1 [ label="UPS1\n2200VA\n1320W" ] - ups2 [ label="UPS2\n2200VA\n1320W" ] - ups3 [ label="UPS3\n2200VA\n1320W" ] - ups4 [ label="UPS4\n2200VA\n1320W" ] - ups1small [ label="UPS1-Small\n1000VA\n550W" ] - noorunknownups [ label="No or unknown UPS" ] + subgraph cluster_place5_ups { + label="UPS place5" + + # This is the power connections + ups1 [ label="UPS1\n2200VA\n1320W" ] + ups2 [ label="UPS2\n2200VA\n1320W" ] + ups3 [ label="UPS3\n2200VA\n1320W" ] + ups4 [ label="UPS4\n2200VA\n1320W" ] + ups1small [ label="UPS1-Small\n1000VA\n550W" ] + noorunknownups [ label="No or unknown UPS" ] + } server1p5 -- ups1 [ label="Power connection 1100W" ] server2p5 -- ups3 [ label="Power connection 1100W" ] - router1p5 -- ups5 [ label="Power connection 1100W" ] - mdarrayserver2 -- ups2 [ label="Power connection 600W" ] - mdarrayserver3 -- ups4 [ label="Power connection 600W" ] - mdarrayserver4 -- ups5 [ label="Power connection 600W" ] - switch1p5 -- ups4 [ label="Power connection 460W" ] - switch2p5 -- ups2 [ label="Power connection 460W" ] - uplinkswitchp5 -- ups1small [ label="Power connection 350W" ] - red1p5 -- ups1small [ label="Power connection 24W" ] - red1p5 -- ups1small [ label="Power connection 24W" ] - red1p5 -- ups1small [ label="Power connection 24W" ] - mikrotikcrs1 -- ups1small [ label="Power connection 24W" ] - mikrotikcrs2 -- ups1small [ label="Power connection 24W" ] - apurouter2p5 -- ups1small [ label="Power connection 24W"] + router1p5 -- ups5 [ label="Power connection 1100W" ] - - {server3p5,server4p5,router2p5,} -- noorunknownups [ label="???" ] + mdarrayserver2 -- ups2 [ label="Power connection 600W" ] + mdarrayserver3 -- ups4 [ label="Power connection 600W" ] + mdarrayserver4 -- ups5 [ label="Power connection 600W" ] + + switch1p5 -- ups4 [ label="Power connection 460W" ] + switch2p5 -- ups2 [ label="Power connection 460W" ] + + uplinkp5 -- ups1small [ label="Power connection 350W" ] + + red1p5 -- ups1small [ label="Power connection 24W" ] + red1p5 -- ups1small [ label="Power connection 24W" ] + red1p5 -- ups1small [ label="Power connection 24W" ] + + mikrotikcrs1 -- ups1small [ label="Power connection 24W" ] + mikrotikcrs2 -- ups1small [ label="Power connection 24W" ] + apurouter2p5 -- ups1small [ label="Power connection 24W"] + + + {server3p5,server4p5,router2p5,apurouter1p5} -- noorunknownups [ label="???" ] # MDarray section mdarrayserver2 [ label="MDArray (server2)" ] @@ -84,6 +87,17 @@ graph G { server2p5 -- mdarrayserver2 [ label="via SAS" ] server3p5 -- mdarrayserver3 [ label="via SAS" ] server4p5 -- mdarrayserver4 [ label="via SAS" ] + + subgraph cluster_place5_switches { + label="Switches place5"; + + switch1p5 [ label="switch1"]; + switch2p5 [ label="switch2"]; + mikrotikcrs1 [ label="CRS326-1" ]; + mikrotikcrs2 [ label="CRS326-2" ]; + switch1p5--switch2p5 [ label="20G\nLACP\nMLAG" ]; + } + } subgraph cluster_place6 { @@ -169,9 +183,10 @@ graph G { switch3p6--switch1p8 [ label="Dark fiber" ]; switch1p10--switch3p6 [ label="Dark fiber"]; - server1p11--{routersp5,router1p6,router2p6} [ label="Place11 monitors" ]; + server1p11--{router1p5,router2p5,router1p6,router2p6} [ label="Place11 monitors" ]; server1p4--hetzner [ label="Default Route" ]; - routersp5--sunrise [ label="BGP Peering" ]; + {router1p5,router2p5}--sunrise [ label="BGP Peering" ]; + uplinkp5--sunrise [ label="Fiber" ]; {router1p6,router2p6}--netstream [ label="BGP Peering" ]; redp7--saltlte; server1p11--mythicbeasts [ label="Default Route" ]; From e21c3851bf242843333f95a2da01209819d98995 Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Sun, 14 Jun 2020 11:31:19 +0200 Subject: [PATCH 3/5] Begin to add dot for viirb --- ipv6-with-the-viirb.dot | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 ipv6-with-the-viirb.dot diff --git a/ipv6-with-the-viirb.dot b/ipv6-with-the-viirb.dot new file mode 100644 index 0000000..827f7e0 --- /dev/null +++ b/ipv6-with-the-viirb.dot @@ -0,0 +1,25 @@ +digraph G { + node [ shape=box, fontcolor="#ffffff", color="#40a9e3", style="filled" ] + + label="The VPN IPv6 IoT Router Box (VIIRB) in action" + node [ shape=box ] +# rankdir=LR; + + viirb [ label="The VIIRB" ]; + lan [ label="Your LAN" ]; + ipv6vpn [ label="IPv6VPN.ch cloud server" shape=oval ] + wifi [ label="IPv6 only wifi: 'IPv6 everywhere'" shape=oval ] + lanclients [ label="Other client is the lan" ] + ipv6internet [ label="The IPv6 Internet" shape=oval ] + + viirb->lan [ label="1. Gets IPv4 via cable" ] + viirb->ipv6vpn [ label="2. Connect VPN to IPv6VPN.ch" ] + ipv6vpn->viirb [ label="3. Route /48 IPv6 network to VIIRB" ] + viirb->lan [ label="4. Announce IPv6 availability" ] + lanclients->lan [ label="5. Assign themselves an IPv6 address" ] + lanclients->ipv6internet [ label="Can access" ] + viirb->wifi [ label="" ] + + ipv6vpn->ipv6internet [ label="Is connected to" ] + +} From 994e50bca879aec0b8fed35ad98d3d070feba5af Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Sun, 14 Jun 2020 12:00:06 +0200 Subject: [PATCH 4/5] Finish the first version of the viirb diagram --- ipv6-with-the-viirb.dot | 37 +++++++++++++++++++++++++++---------- 1 file changed, 27 insertions(+), 10 deletions(-) diff --git a/ipv6-with-the-viirb.dot b/ipv6-with-the-viirb.dot index 827f7e0..f17c7b5 100644 --- a/ipv6-with-the-viirb.dot +++ b/ipv6-with-the-viirb.dot @@ -3,22 +3,39 @@ digraph G { label="The VPN IPv6 IoT Router Box (VIIRB) in action" node [ shape=box ] -# rankdir=LR; + rankdir=LR; - viirb [ label="The VIIRB" ]; - lan [ label="Your LAN" ]; - ipv6vpn [ label="IPv6VPN.ch cloud server" shape=oval ] - wifi [ label="IPv6 only wifi: 'IPv6 everywhere'" shape=oval ] - lanclients [ label="Other client is the lan" ] - ipv6internet [ label="The IPv6 Internet" shape=oval ] +# subgraph cluster_internet { + ipv6internet [ label="The IPv6 Internet" shape=oval ] + ipv4internet [ label="The IPv4 Internet" shape=oval ] + ipv6vpn [ label="IPv6VPN.ch cloud server\nusing wireguard" shape=oval ] +# } + +# subgraph cluster_location { + viirb [ label="The VIIRB" ]; +# subgraph cluster_lan { + lan [ label="Your LAN" ]; + lanclients [ label="Other client is the lan" ] +# } +# subgraph cluster_wifi { + wificlients [ label="WiFi clients" ] + wifi [ label="IPv6 only wifi: 'IPv6 everywhere'" shape=oval ] +# } +# } + + viirb->ipv4internet [ label="Connected via LAN" ] + ipv4internet->ipv6vpn [ label="Connected to" ] viirb->lan [ label="1. Gets IPv4 via cable" ] - viirb->ipv6vpn [ label="2. Connect VPN to IPv6VPN.ch" ] + viirb->ipv6vpn [ label="2. Connect the VPN to IPv6VPN.ch" ] ipv6vpn->viirb [ label="3. Route /48 IPv6 network to VIIRB" ] viirb->lan [ label="4. Announce IPv6 availability" ] lanclients->lan [ label="5. Assign themselves an IPv6 address" ] - lanclients->ipv6internet [ label="Can access" ] - viirb->wifi [ label="" ] + lanclients->ipv6internet [ label="6. Connect via VIIRB to access" ] + + viirb->wifi [ label="A. Provides IPv6 only WiFi" ] + wificlients->wifi [ label="B. Assign IPv6 address themselves" ] + wificlients->ipv6internet [ label="C. Connect via VIIRB to access" ] ipv6vpn->ipv6internet [ label="Is connected to" ] From 9095ad23ba2b318bae1b739949a21423099e99ae Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Sun, 14 Jun 2020 12:08:34 +0200 Subject: [PATCH 5/5] ++ connections for the viirb --- ipv6-with-the-viirb.dot | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/ipv6-with-the-viirb.dot b/ipv6-with-the-viirb.dot index f17c7b5..f53aef4 100644 --- a/ipv6-with-the-viirb.dot +++ b/ipv6-with-the-viirb.dot @@ -3,19 +3,19 @@ digraph G { label="The VPN IPv6 IoT Router Box (VIIRB) in action" node [ shape=box ] - rankdir=LR; +# rankdir=LR; # subgraph cluster_internet { ipv6internet [ label="The IPv6 Internet" shape=oval ] ipv4internet [ label="The IPv4 Internet" shape=oval ] - ipv6vpn [ label="IPv6VPN.ch cloud server\nusing wireguard" shape=oval ] + ipv6vpn [ label="IPv6VPN.ch\nIPv6 via wireguard" shape=oval ] # } # subgraph cluster_location { - viirb [ label="The VIIRB" ]; + viirb [ label="The VIIRB" color="#ee1100" ]; # subgraph cluster_lan { lan [ label="Your LAN" ]; - lanclients [ label="Other client is the lan" ] + lanclients [ label="Clients in the lan" ] # } # subgraph cluster_wifi { wificlients [ label="WiFi clients" ] @@ -28,7 +28,7 @@ digraph G { viirb->lan [ label="1. Gets IPv4 via cable" ] viirb->ipv6vpn [ label="2. Connect the VPN to IPv6VPN.ch" ] - ipv6vpn->viirb [ label="3. Route /48 IPv6 network to VIIRB" ] + ipv6vpn->viirb [ label="3. Routes /48 IPv6 network to VIIRB" ] viirb->lan [ label="4. Announce IPv6 availability" ] lanclients->lan [ label="5. Assign themselves an IPv6 address" ] lanclients->ipv6internet [ label="6. Connect via VIIRB to access" ] @@ -36,7 +36,10 @@ digraph G { viirb->wifi [ label="A. Provides IPv6 only WiFi" ] wificlients->wifi [ label="B. Assign IPv6 address themselves" ] wificlients->ipv6internet [ label="C. Connect via VIIRB to access" ] + wificlients->ipv4internet [ label="D. Use DNS64/NAT64 to access" ] ipv6vpn->ipv6internet [ label="Is connected to" ] + ipv6internet->{wificlients,lanclients} [ + label="SSH, HTTP, HTTPS\nports are open" ] }