Enterprise Network In A Cabinet

Goals

scalable

Designed to grow as you grow with large IP address spacing, and multi-site multi-cabinet ability.

licence free

Built on Linux and BSD systems.

stability

Emphasis on Long Term Support and traditionally stable distributions

standards

Ease of access to documentation and certifications (LFCS)

repairable / replaceable

Export/import of configs, common hardware, rotating backups

secure

isolated by enterprise grade firewall

Addressing

172.s.c.x = dmz
10.s.c.x = lan
.1.x = routers
.2.x = switches
.3.x = WiFi
.4.x = Monitoring
.5.x = storage
.6.x = vms
.7.x = POS

s= site designation, c = category, x = device

s = separate by 30 so subnets can restrict access?

allows for 254 devices, within 254 categories per site, with 254 sites that don’t overlap. Also skipping 10.0.0.0 and 192.168 avoids conflicts with most default router configs.

Hardware

cabinet (18RU)- $600

Net gear Switch 24 port – $209

ups Eaton/apc remote control – $800

pfsense – $1000us

Seagate – external backups – one hourly, two daily, one weekly, one monthly.

Wifi

VM Server

Cables

Network Division

Classic 3 tier network separation – WAN, DMZ, LAN

Hardware OS Services / Notes VM LAN
10.0.0.0/8
DMZ
172.0.0.0/8
WAN
Modem     bridge mode       ⭐️
Router pfSense openVPN, dmz , proxy?, dns, dhcp, traffic shaping / monitoring, network bridge? 10.0.1.1/8 172.0.1.1/8 ⭐️
Switch header-gs724tv4-3-4lft-photo-large 24 port GS724T Netgear Fanless, Bonding 10.0.2.1/8
Wifi Linksys WRT1900ACS AC1900 DD-WRT 10.0.3.1/8
Monitoring Must be fanless, Solid State Slackware Nagios 10.0.4.1/8 172.0.4.1/8 ⭐️
Storage Intel NICs, 8GB ECC FreeNAS smb, backup scripts 10.0.5.1/8 172.0.5.1/8
VM Intel NICs CentOS 10.0.6.1/8
Auth CentOS openldap, radius?, active directory? ⭐️ 10.0.6.2/8
Email CentOS / ubuntu postfix, clamav, spam assassin ⭐️ 172.0.6.3/8
Groupware CentOS calendar, contacts, drupal openatrium (SharePoint) ⭐️ 10.0.6.4/8
Web CentOS / ubuntu Apache, PHP, Python ⭐️ 172.0.6.6/8
DB CentOS / ubuntu Mysql / Postgres ⭐️ 172.0.6.5/8

references

ip addressing – http://www.cisco.com/c/dam/en_us/about/ciscoitatwork/downloads/ciscoitatwork/pdf/Cisco_IT_IP_Addressing_Best_Practices.pdf

http://www.cisco.com/c/en/us/support/docs/availability/high-availability/15111-configmgmt.html#topic4